PROFESSIONAL SUMMARY:

• Having 8+ years of experience in the Network Designing, Security and Implementation of Routing, Switching, Firewall technologies and troubleshooting of Complex Network systems.
• Experience in configuring protocols HSRP, VRRP, GLBP, ICMP, HDLC, & SNMP, configuring & troubleshooting routing protocols RIP v1/v2, EIGRP, OSPF, IS - IS, VRF, BGP & MPLS and installing & configuring DNS, DHCP server.
• Security experience in deploying VPN Solutions like IPsec (site-site and client-site) & SSL VPN implemented across multiple vendors
• In-depth knowledge and hands-on experience in ISP Routing Policies, Network Architecture, IP Addressing, Subnetting, ARP, VLSM, TCP/IP, MPLS, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits.
• Experience in authentication protocols PAP, CHAP, 802.1x and Port Security and Configuring Security policies including NAT, PAT, VPN (DMVPN, GRE), Route-maps, prefix lists and Access Control Lists
• Implemented IT network projects consisting of installation, configuration along with maintaining Network services, hardware systems and peripheral equipment/devices
• Administered servers and server clusters which demanded managing system back-up, database and restoring protocols
• Support customer with the configuration and maintenance of ASA 5585-X firewall systems and Checkpoint firewalls.
• Hands on experience in configuring Cisco Catalyst 2960, 3750, 4500, 6500 and Nexus 3000, 5000, 6000, 7000 series switches and Cisco 2600, 2800, 3600 series routers, Load Balancers & Cisco Firewalls.
• Worked on F5 LTM/GTM, BIG-IP, load balancing, iRules, and WAN acceleration.
• Worked on Cisco ACE load balancers. Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
• Basic and advance F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 and general troubleshooting of the F5 load balancers
• Experience securing and managing remote access using various VPN technologies like IPsec, SSL, and GRE Experienced in handling and installing Palo Alto Firewalls.
• Monitored the network performance regularly to improve performance and functionality
• Monitored network/software security, controlled access to the IT network and updated security programs as a part of the security procedure
• Configured Remote Desktop connectivity to various devices in Local Area Network.
• Experience in installing & maintaining network monitoring tool IBM Tivoli & network analyzers - Wire shark tool
• Troubleshooting Layer 2 issues, Spanning Tree protocol, RSTP, MST, VTP, VLAN on Cisco - 6500 series switches.
• VPN - Responsible for creating site-site VPN tunnels and providing technical support for IPSEC VPN tunnels.
• Experience in testing Cisco routers and switches in laboratory and deploy them on site production.
• DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.
• Implemented security policies using ACL, Firewall, IPsec, VPN, AAA Security TACACS+, and Radius on different series of routers.
• Exposure to Blue coat Proxy
• Working knowledge of security products such as Cisco ISE
• Experience with convert PIX rules over to the Cisco ASA solution.
• Responsible for Cisco ASA firewall administration across our global networks
• Handled multi-Vendor / platform Security technologies including Firewall, IDS-IPS, VPN, Proxies
• Configuring BGP/OSPF routing policies and designs, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Worked on INFLOBOX for Network Device Monitoring. Setting up Infoblox for local DNS and DHCP Configurations.
• Proactively used monitoring tools (Netcool Solar Winds trending graphs) to determine production issues

TECHNICAL SKILLS:

Network Configuration: Advanced switch/router configuration (Cisco IOS access list, Route redistribution/propagation).

Routing Protocols: RIP, IGRP, EIGRP, OSPF, IS-IS, BGP v4, MP-BGP

Routing/ Switching: Cisco routers (7206 VXR, 4431, 4331, 3945, 3925, 3845, 2901, 1900, 1800, 800) Cisco catalyst switches (6800, 6509, 6506, 6513, 3750, Catalyst 37xx stack, 3550, 2960, 2800, 1900 series), Cisco CSR 1000V,Cisco ASR 1000, 9000, Cisco Nexus (7000 series 10- slot switch, 5548P, 5548 UP, 2248TP. 2248TP-E, 2232PP), Juniper MX960 VPC, VDC, OTV, AS4.

WAN Protocols: HDLC, PPP

Circuit switched WAN: T1/E1 - T3/E3/OCX (Channelized, Fractional & full).

Packet Switched WAN: ATM, FRAME RELAY

Security Technologies: Cisco FWSM/PIX/ASDM, Checkpoint, F5 Load Balancer, Blue coat proxy server

Cisco Routers: Cisco 3640, Cisco 3600

Redundancy & management: HSRP, VRRP, GLBP, RPR, NSF/NSR, Wireshark, Solarwinds, SNMP, Firemon.

Physical interfaces: Fast Ethernet, Gigabit Ethernet, Serial, HSSI, Sonet (POS)

Layer 2 technology: VLAN, HSRP, VRRP, GLBP, STP, RSTP, PVST+, MST, PVLAN, Optimizing STP (Port Fast, Uplink Fast, Backbone Fast, Root Guard, BPDU Guard)Layer 3 Switching: CEF, MLS, Ether channel (PAGP & LACP, Load Balancing)

Switches: Catalyst 6500, 3700, 3500

Operating Systems: Microsoft XP/Vista/7, Windows Servers MS-Office. Microsoft project server 2013

Programming Language: Perl, Python.

PROFESSIONAL EXPERIENCE:

Confidential, Collegeville, PA

Sr. Network Security Engineer

Responsibilities:

• Troubleshoot and Worked with Security issues related to Cisco ASA, Checkpoint, and IDS/IPS.
• Assisting in identifying security risks and exposures by participating in security reviews, evaluations, and risk assessments
• Providing expert level research and analysis for planning, organizing, and managing divisional security functions
• Participating in day-to-day information security activities such as questions, problems, exceptions, etc.
• Provides expert level research and analysis for planning, organizing, and managing divisional security functions
• Implementation of name resolution using WINS & DNS in TCP/IP environment
• Monitoring Network infrastructure using SNMP tools HP NNM, Solar-winds.
• Installed, configured and set security policies on cisco and checkpoint firewalls.
• Knowledge of F5 Best Practices, used iHealth, SSL offloading, Route Domains, GTM Sync Group.
• Configured VLANs, Private VLANs, VTP, Dot1.Q trunking on switches Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, InterVlan routing, LAN security.
• Worked extensively in configuring, Monitoring and Troubleshooting CheckPoint R77.XX security appliance, Failover DMZ zoning & configuring VLANs / Routing / NATing with the firewalls as per the design.
• Supporting EIGRP and BGP based company network by resolving level 2 &3 problems of internal teams & external customers of all locations.
• Implemented Zone Based Firewalling and Security Rules on the Checkpoint Firewall.
• Installed checkpoint and F5 load balancers in VMware workstation and VSphere.
• Involved in troubleshooting software, hardware and network problems.
• Responsible for Cisco ASA firewall administration across our global networks.
• Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 5500(5510/5540) Series
• Worked in implementing and upgrading Defender One/One identity radius services.
• Configured L2/L3 Ether-Channels to increase bandwidth on core and distribution switches.
• IOS Upgrade in CISCO 6500 switch and 2800, 3845, 3945 routers.
• Primary responsibility is to design and deploy various network security & High Availability products lick Cisco ASA other security products.
• Support customer with the configuration and maintenance of ASA firewall systems.
• Worked on Cisco Firewalls, Cisco ASA 5500(5510/5540) Series.
• Experience with Firewall Administration, Rule Analysis, Rule Modification.
• Predominantly set up, configured and maintained a Windows server and Network Equipment on a TCP/IP network.
• Working knowledge of configuring routing protocols such as RIPv2, EIGRP, OSPF and BGP.
• Worked on INFLOBOX for Network Device Monitoring. Setting up Infoblox for local DNS and DHCP Configurations.
• Worked with Firemon policy manager to configure and monitor the firewall changes.

Environment: Cisco 2948/3560/4500/3560/ 3750/3550/3500/2960 6500 switches and Cisco 3640/12000/7200/ 3845/3600/2800 routers, Cisco Nexus 7K/5K, Cisco ASA, Checkpoint 77.xx, windows server 2003/2008: F5 BIGIP LTM, RIP, OSPF, BGP, EIGRP, LAN, WAN, VPN, HSRP.

Confidential, East Hanover, NJ

Network Security Engineer

Responsibilities:

• Worked extensively in configuring, Monitoring and Troubleshooting Check Point R77.XX security appliance, Failover DMZ zoning & configuring VLANs / Routing / NATing with the firewalls as per the design.
• Configured and played with various BGP attributes such as Local Preferences, MED, Extended Communities, AS path manipulations, Route-Reflector clusters, Route-maps and route policy implementations.
• VRF lite Implementation: Research and implementation of VRF lite on all customer ingress routers
• Configuration of VLAN's, VRF's for logical separation of high bandwidth interfaces and LACP for increasing the bandwidth.
• Cisco Secure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN 3000 Concentrator.
• Experience with using F5 Load balancer in providing worldwide data and file sharing, continuous internet connectivity, optimized web performance.
• Configuring and implementing F5 BIG-IP Load balancer.
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000.
• Knowledge on multiplex techniques such as DWDM.
• Knowledge of F5 Best Practices, used iHealth, SSL offloading, Route Domains, GTM Sync Group.
• Troubleshoot and Worked with Security issues related to Cisco ASA/PIX, Checkpoint, IDS/IPS and Juniper Netscreen firewalls.
• Implemented first hop redundancy protocols (FHRP) i.e., GLBP and VRRP.
• Enabled OSPF between Access routers and Core routers and used area-range command to summarize the prefixes.
• Implementation of name resolution using WINS & DNS in TCP/IP environment
• Monitoring Network infrastructure using SNMP tools HP NNM, Solar-winds and OpNet.
• Configured FTP server for inside/outside users & vendors
• Installed, configured and set security policies on cisco and checkpoint firewalls, VPN
• Configured VLANs, Private VLANs, VTP, Dot1.Q trunking on switches Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, InterVlan routing, LAN security.
• Worked extensively in configuring, Monitoring and Troubleshooting Check Point R77.XX security appliance, Failover DMZ zoning & configuring VLANs / Routing / NATing with the firewalls as per the design.
• Supporting EIGRP and BGP based company network by resolving level 2 &3 problems of internal teams & external customers of all locations.
• Install, Configure and Troubleshoot issues that arise in replacing cisco 7200VXR with ASR1002X or ASR1004
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Installed checkpoint and F5 load balancers in VMware workstation and VSphere.
• Involved in troubleshooting software, hardware and network problems.
• Responsible for Cisco ASA firewall administration across our global networks.
• Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 5500(5510/5540) Series
• Configured GLBP load sharing between VLANs.
• Configured L2/L3 Ether-Channels to increase bandwidth on core and distribution switches.
• IOS Upgrade in CISCO 6500 switch and 2800, 3845, 3945 routers.
• Primary responsibility is to design and deploy various network security & High Availability products lick Cisco ASA other security products.
• Support customer with the configuration and maintenance of ASA firewall systems.
• Worked on Cisco Firewalls, Cisco ASA 5500(5510/5540) Series.
• Experience with Firewall Administration, Rule Analysis, Rule Modification.
• Predominantly set up, configured and maintained a Windows server and Network Equipment on a TCP/IP network.
• Working knowledge of configuring routing protocols such as RIPv2, EIGRP, OSPF and BGP.
• Extensive network troubleshooting experience and understanding of quality of service from LAN through WAN.
• Configured and maintained Secure Shell (SSH) on routers using RSA.
• Provided immediate resolution of issues such as application of ACL's for anti-spoofing, route re-distribution and blocking of known Cisco IOS vulnerabilities.
• Arranged RMA's for faulty hardware and liaise with AT&T Labs for permanent network design changes.
• Provided direction to System Engineering on migrating Backhaul DS3 circuits from one Location to another Location

Environment: Cisco 2948/3560/4500/3560/ 3750/3550/3500/2960 6500 switches and Cisco 3640/12000/7200/ 3845/3600/2800 routers, Cisco Nexus 7K/5K, Cisco ASA 500, Checkpoint, windows server 2003/2008: F5 BIGIP LTM, RIP, OSPF, BGP, EIGRP, LAN, WAN, VPN, HSRP

Confidential, Raleigh, NC

Network Security Engineer

Responsibilities:

• Migrating NetScaler infrastructure from Rack space to a new data center and integrating it with their Palo alto firewalls.
• Hands on experience of Nexus 7k, 5k and 2K FEXs and Cisco switch 3560.
• Configured datacenter technologies like VPC, VDC on Nexus 7010 Core Switches.
• Designing, Implementing and Troubleshooting Cisco 3750, 3550, 3560, 2924, 6509-V-E, 6513, 6504, 6503, 6506, 6500 series switches, GSR, ASR routers with Cisco IOS and IOS-XR
• Worked on F5 LTM/GTM, Big-IP, load balancing, iRules, and WAN acceleration.
• Managed VPN, IPsec, Endpoint-Security, status policy, Application control, IPS, Monitoring, Anti-Spam, Smart Provisioning, DLP using Checkpoint Firewalls
• Knowledge of F5 Best Practices, used iHealth, SSL offloading, Route Domains, GTM Sync Group.
• Worked on private DMVPN WAN to provide fast local SAN based backups/restores including remote offsite backups to our local Datacenter.
• Provide local software and hardware support requiring complex integrated configurations in the areas of high-speed Wan Routing including MPLS VRF technologies
• Configure/setup NetScaler SDX pair for data center.
• Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links
• Worked extensively on Juniper MX Series Routers and EX series Switches
• Worked with Juniper MX480, 240 series.
• Working on Arista 7050T switch to explore security options using it programmability capability.
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, Spanning Tree, 802.1q. Configured IP access filter policies.
• Performing troubleshooting on slow network connectivity issues, routing issues that involves OSPF, BGP and identifying the root cause of the issues.
• ERP Implementation, Setup & Support - Core member for setting up new ERP systems- EPICOR
• Controller based High density Wi-Fi network. Models of experience, 6000, 470x, 7200. Master/
• Local controllers with redundancy. Extensive knowledge of Aruba technology.
• Prevented unauthorized access by monitoring port traffic, monitored and maintained over 900 Cisco network devices, and maintain WAN OSPF& BGP network and VPN LAN to LAN connections.
• Upgrading and downgrading Nexus and Arista devices to meet other devices and new codes (images) requirements.
• Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
• Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPsec/GRE to GetVPN.
• As part of Data Center fabric remediation/refresh project, deployed Cisco Nexus switches and implemented features like FEX Links, VPC and VDC.
• Lead Engineer for Network refresh project for Multinational insurance company. Providing remote assistance for replacing exiting switches with new Cisco switches.
• Build Logical design and Implementation of Wireless Solution.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
• Design and Implement DMZ for FTP, Web and Mail Servers with CISCO PIX 506, PIX515
• Building the VPN tunnel and VPN encryption.
• Involved in Configuration of Access lists (ACL) on ASA firewall for the proper network routing for the B2B network connectivity.
• To secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures.
• Created Visio Dean / Visio Documentation to give complete picture of network design for each building.

Environment: Cisco 2948/3560/4500/3560/3750/3550/3500/2960/6500 switches and Cisco 3640/12000 /7200/3845/3600/2800 routers, Cisco Nexus 7K/5K/2K, Cisco ASA5510, Checkpoint, windows server 2003/2008: F5 BIGIP, LTM, OSPF, EIGRP, RIP, BGP, VLAN, VPN, Checkpoint, Juniper SRX

Confidential, Phoenix, AZ

Network Engineer

Responsibilities:

• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.
• Supporting EIGRP and BGP based PwC network by resolving level 2 &3 problems of internal teams & external customers of all locations.
• Installed and configured Cisco 2600, 2800, 3600, 3800 routers and 2950, 3700, 6500 switches.
• Maintained and managed networks running OSPF and BGP routing protocols.
• Configured route redistribution between OSPF and EIGRP in a multi-area OSPF network.
• Daily monitoring of network traffic using sniffers (Wireshark) and access logs to troubleshoot and identify network issues.
• Troubleshoot issues related to VLAN, VLAN Trunking, HSRP failovers, related issues.
• Implemented Positive Enforcement Model with the help of Palo Alto Networks.
• Implementing security policy configurations and nodes via Juniper SRX-3400 FW and NetScreen 5500.
• Configure, monitor and trouble-shoot Juniper Netscreen firewall.
• Design and Implementation of F5 GTM based on topology load balancing methods.
• Implemented F5 ASM for Internet Facing LTM virtual servers providing applications layer 7 firewall protection, configuring and managing F5 Web Accelerator module and Application Security Module (ASM) technology or with similar/competing ADC and Security product solutions
• Installed high availability Big IP F5 LTM and GTM load balancers to provide uninterrupted service to customers.
• Worked on configuring and troubleshooting Nodes, Pools, Profiles, Virtual Servers, SSL Certificates, iRules, and SNATs on the F5 Big IPs using the Web GUI and CLI.
• Planned, designed and executed ground up new multi-domain Active Directory forest including Exchange and migration of employees with zero downtime in the process. This included having a team that executed the migration while business.
• Worked in Primary Environment: SRX220, SRX650, SRX3600 and Checkpoint R77.
• Designing, Implementing and Troubleshooting Cisco 3750, 3550, 3560, 2924, 6509-V- E, 6513, 6504, 6503, 6506,6500 series switches, GSR, ASR routers with Cisco IOS and IOS-XR.
• Interact directly with the Avaya's IT organization to plan, implement and deploy application updates into our corporate production environment.
• Senior platform engineer for the configuration, deployment and migration of the production VM-ware infrastructure from existing Dell platform to UCS blade center.
• Handled SRST and implemented and configured the Gateways, Voice Gateways.
• Configuring HSRP between the 3845 router pairs for Gateway redundancy for the client desktops.
• Configuring STP for switching loop prevention and VLANs for data and voice along with Configuring port security for users connecting to the switches.
• Knowledge of implementing and troubleshooting complex L2/L3 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP, MPLS and MST.
• Troubleshoot and Worked with Security issues related to Cisco ASA/PIX, Checkpoint, IDS/IPS and Juniper Netscreen firewalls.
• Implementing IPsec and GRE tunnels in VPN technology.
• Created Visio Dean / Visio Documentation to give complete picture of network design for each building.
• Experience in Configuring, upgrading and verifying the NX-OS operation system.
• Worked with engineering team to resolve tickets and troubleshoot L3/L2 problems efficiently.

Environment: Cisco 3750/3550/3500/2960 switches and Cisco 3640/12000 /7200/3845/3600/2800 routers, Cisco ASA5510, Checkpoint, F5 Load Balancer Cisco Nexus7K/5K, Checkpoint, Cisco ASA

Confidential

Network Engineer

Responsibilities:

• Dealt with implementation of deployment related to Cisco devices and applying security policies on it.
• Troubleshoot issues related to VLAN, VLAN Trunking, HSRP failovers, related issues.
• Involved in configuring and implementing of Composite Network models consists of Cisco 3750, 2620 and, 1900 series routers and Cisco 2950, 3500 Series switches.
• Implemented various Switch Port Security features as per the company's policy
• Configured RIP, and EIGRP on 2901 and 3925 Cisco routers.
• Configured VLANS to isolate different departments
• Co-ordinated with global Security Management teams and support teams as required and completed Palo Alto and Checkpoint Firewall rule add, modification, and delete.
• Troubleshoot issues related to VLAN, VLAN Trunking, HSRP failovers, related issues.
• Configured IPSEC VPN on SRX series firewalls
• Responsible for Internal and external accounts and, managing LAN/WAN and checking for Security Settings of the networking devices (Cisco Router, switches) co-coordinating with the system/Network administrator during any major changes and implementation.
• Design, installation and troubleshooting networks with hand-on experience with OSPF, ISIS, BGP, VPLS, Multicast, VPN, MPLS, & Traffic engineering.
• Involved in implementation of trunking using Dot1Q, and ISL on Cisco Catalyst Switches
• Worked with snipping tools like Ethereal (Wireshark) to analyze the network problems.
• Maintenance and troubleshooting of network connectivity problems using PING, Trace Route.
• Performed replacements of failed hardware and upgraded software
• Performed scheduled Virus Checks & Updates on all Servers & Desktops.
• Implementing Routing and Switching using the following protocols; IS-ISOSPG, BGP on Juniper M series routers.
• Involved in Local Area Network (LAN) design, troubleshooting, and maintenance as per company's requirements.

Environment: TCP/IP networks, Cisco Works 2000, VLAN, VTP, STP, Trunks H/W, network drives, DSL, T1 Lines LAN, WAN, VLANs, IP Access List, Cisco 2620, 3750, 2950 and Link sys

Confidential

Network Engineer

Responsibilities:

• Worked on installation, maintenance, and troubleshooting of LAN/WAN (ISDN, Frame relay, NAT, DHCP, TCP/IP)
• Hands on experience with Cisco based L2/L3 Ethernet Switches and Routers
• Performed network QA test, executed system analysis and troubleshooting in order to resolve problems on servers, workstations and other network devices
• Planned & executed 802.11 Wireless LAN adapter testing to model customer setups and deploy wireless solutions
• Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst 6500 switches
• Responsible for Internal and external accounts and, managing LAN/WAN and checking for security
• Configured Trunk groups, ether channels, and Spanning tree to create Access/distribution and core layer switching
• Configuring, administering and troubleshooting the Check Point, Palo Alto and ASA Firewalls.
• Provided Technical support for improvement, upgradation, and expansion of the existing network architecture
• Hands-on experience in Open Flow, which is a combination of Ethernet and TCP/IP
• Done troubleshooting of TCP/IP problems and connectivity issues in multi-protocol Ethernet environment
• Monitored the network performance regularly to improve performance and functionality
• Configured static routes, default routes, Frame Relay and provided security by using ACL, NAT
• Implemented VLANS between different departments and connected them using trunk by keeping one VLAN under server mode and rest falling under client modes
• Configured site-to-site IPsec VPN to provide communication between the branch office and headquarters

Environment: Cisco 3550/4500/6500 switches and Cisco 2500, 2600, 3000, 6500, 7500, 7200 routers, Checkpoint.