SUMMARY:

• Over 7+ years of experience as a Data Network & Security Engineer with expertise in design, development, implementation, troubleshooting and maintenance of Network & security environments with mixed vendors Routers, Switches Firewalls, Proxy, VPN's, IPsec, NAT, Load Balancer's, and Nexus Switches.
• Expertise in design, configuring, supporting and administrating Data Centers, Cisco routers, switches, Nexus switches, Load balancers (F5) and firewalls.
• Strong hands on experiences Cisco Routers 4300, 4400, 4500, 2900, 3800, Switches 3850, 4500, 9300, 9400, 9500, 6500, 6800 series.
• Hands on experience in installing, configuring and administration of Firewalls including Cisco PIX, Cisco ASA, Checkpoint, Palo Alto and Load Balancers like Big - IP F5 (LTM and GTM).
• Knowledge on Juniper SRX220, SRX240 and SRX550, Fortinet 200D series firewalls.
• Expertise in installing, configuring and troubleshooting Juniper Routers (MX-480, MX960) and Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200) series.
• Experience with design and implementation of Virtual Switching System (VSS) for both User segment and server segment using 6509 catalyst switches.
• Proficient in Cisco IOS installation, upgradation and Configuring, Troubleshooting routing protocols like RIP, EIGRP, OSPF, BGP (E-BGP, I-BGP).
• Good knowledge and experience in Installation, Configuration and Administration of Windows Servers 2000/2003, Active Directory, FTP, DNS, DHCP, TFTP, Linux OS under various LAN and WAN environments.
• Integrating Symantec DCS with NSX, providing server hardening.
• Expertise in configuring and troubleshooting complex layer 2 technologies such as VLANs, VTP, Ether Channels, Spanning Tree Protocol STP, RSTP and MST and redundancy protocols like HSRP, VRRP, GLBP.
• Good knowledge in configuration of Voice VLAN’s (VOIP), prioritizing the voice traffic over the data traffic.
• Hands-on experience with SD WAN (MPLS/Frame Relay), routers, switches, TCP/IP, routing Protocols (BGP/OSPF), and IP addressing.
• In depth knowledge and experience working with other protocols like TCP/IP, OSI model, DHCP, DNS, SMTP, IMAP, FTP, WAN, LAN, NAT, PAT, ACL, VLANs, Trunking using 802.1Q, IPv4, IPv6, LDAP, HTTP, HTTPS, UDP, VOIP, QOS.
• Expertise with IP subnetting, VLSM, CIDR.
• Proficient in implementing and troubleshooting LAN/WAN technologies.
• Worked on the migration to new Checkpoint R7x firewalls from Cisco ASA firewalls.
• Experience configuring SDH and SONET in the WAN environment
• Strong hands on experience withlayer - 2 and layer - 3 configurations, troubleshooting and dealt with Nexus models like 7k, 5k and 2k series in data centers.
• Configuration and Maintenance of ASA 5580, 5540, 5520, 5510, PIX 535, FWSM Firewalls.
• Vast experience working with configuring and maintaining security firewalls like ASA, Checkpoint, Palo Alto, Blue coat and expertise in VPN's, SSL etc.
• Worked in data centers and proficient with configuring and supporting Nexus switches, Fabric Extenders (FEX), VPC and OTV.
• Excellent knowledge and experience on multi-vendor platforms like Cisco, Juniper, Checkpoint, F5 Big-ip LTM load balancers, Bluecoat, Riverbed, Citrix, and VMware.
• Experience in Implementing, Maintaining, and Troubleshooting L2 Switching tasks: VLANs, VTP, VLAN Trunking (ISL/802.1Q), STP, RSTP, PVST, PVST+, CST, CEF and DCEF.
• Experience in T1/E1/T3 technologies and different LAN & WAN technologies.
• Managed F5 BigIP GTM/LTM load balancer appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
• Planned and worked on design with Network team to Re-architect F5 load-balancers to load-balance traffic anywhere in the company network.
• A good knowledge on operational aspects load balancing & WAF devices.
• Actively participated in upgrading Fast Ethernet, Layer 3 switched/routed LAN Infrastructure from Cisco 3640 to Cisco 2811 ISR Routers and Switches at access level to 2950, 3550.
• Well understanding of Cisco UCS and M-Series Modular servers to enable centralized management of highly scalable system and to Speed-up IT operations.
• Worked extensively in Configuring, Monitoring and Troubleshooting Checkpoint security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls per design.
• Hands on Experience on security devices and firewall infrastructure under enterprise level network.
• Extensive hands on Experience with Complex routed LAN networks, CISCO Routers and Switches.
• In-depth expertise in the Analysis, Implementation, Troubleshooting & Documentation of LAN/WAN architecture and good experience on IP services.
• Basic Experience with configuring and Managing on Snort and Suricata detection systems.
• Experience through Hands-on Experience with Configuring T1.5, Gigabit Ethernet, Channelized T3 and full T3, OCX, ATM, Frame-Relay.
• Experienced working on network monitoring and analysis tools like, SOLAR WINDS, CISCO works and RIVER BED and Wireshark.
• Configured SolarWinds Orion NPM and used it to monitor traffic on a network.
• Extensive experience in Configuring and troubleshooting of protocols RIP v1/v2, EIGRP, OSPF, BGP and MPLS.
• Well experienced in Configuring HSRP, GLBP, ICMP, PPP, PAP, CHAP and SNMP.
• Experience in Installing and Configuring DNS, DHCP server.
• Experience with Infoblox DNS, DHCP, IPAM and reporting server.
• Extensive experience in configuring and troubleshooting of protocols RIP v1/v2, EIGRP, OSPF, BGP and MPLS.
• Well experienced in configuring HSRP, GLBP, ICMP, PPP, PAP, CHAP and SNMP.
• Excellent communication skills, enthusiastic, motivated and a team player.
• Experience in installing and configuring DNS, DHCP server.
• Experience with Change management process and Project documentation tools like Excel and VISIO.

TECHNICAL SKILLS:

Routing Technology: RIP, RIPV2, IGRP, EIGRP, OSPF, BGP, TCP/IP, Static and Dynamic Routing.

Network Products: CISCO Routers 1700, 1800, 2500, 2600, 2800. CISCO High End Routers 3600, 3800, 7200, 12010, 12404. CISCO Switches 1900, 2950, 2950, 2960G. CISCO Campus Switches 3550XL, 4948 Core Catalyst 4503, 4507 RE, Catalyst 6500/6503/6507, Nexus 5000 series

Antivirus & Endpoint protection: Cisco CSA, Symantec Enterprise Edition, MacAfee Enterprise Edition.

Security & VPN: PIX 500 Firewall, ASA 5505 Firewall, AIP SSM, CSC SSM, FWSM, Fortigate, Cisco CSM, ACL-Access Control List, IPS/IDS, NAT, PAT, Cisco ACS, Juniper NetScreen firewall, PaloAlto Firewalls, Windows Patch Management (WSUS).

LAN Technology: Workgroup, Domain, HSRP, DNS, DHCP, Static, VLAN, STP, VTP, Ether Channel, Trunks.

Leased Line, ISDN/Dial: Up, Frame Relay circuits, Metro Ethernet.

WAN Technologies: HDLC, PPP, ATM, SONET, MPLS, VPN, IPSec-VPN.

Wireless & WiFi: Canopy Wireless Device (point to point/point to multipoint), DLink Wireless (point to point), DLink Access Point, CISCO 1200 series Access Point, and Linksys Wireless/Wi-Fi Router.

Operating Systems & Tools: Cisco IOS, Open IDM, Windows NT 4.0 (Desktop/Server), Windows 2000/2003/2008 Server, Outlook 365 administration Windows XP/Windows 7/8, LINUX, Solaris, Active Directory, Apache Server, MS Exchange server, Tufin, AlgoSec, Skybox, Identity Access Management, GRC, veritas Volume Manager, Amazon EC2, Rackspace, Microsoft Azure.

PROFESSIONAL EXPERIENCE:

Confidential - Houston, TX

Sr. Network Security Engineer

Responsibilities:

• Works with client engineering groups to create, document, implement, validate and manage policies, procedures and standards that ensure confidentiality, availability, integrity and privacy of information.
• Researched, designed and replaced aging Cisco ASA firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection.
• Performed site refreshes on Cisco switching and Aruba wireless infrastructure at several locations.
• Configured, implemented and troubleshooting issues on Checkpoint R77.10 Gaia, R75, Cisco ASA 5540, 5000 series firewalls for the client environment.
• Contribute to the development and overall strategy of the penetration testing program.
• Manage project task to migrate from Cisco ASA firewalls to Check Point firewalls.
• Worked on VPN configuration, routing, NAT, access-list, security contexts and failover in ASA firewalls.
• Oversaw tuning and performance monitoring for UNIX/Linux workstations, servers, and peripherals.
• Experienced provisioning SD-WAN service as automated failover solution for MPLS VPN by Cisco Meraki MX 80 Firewall.
• Balancers, redundant Internet ISPs and dual MPLS clouds. Supported virtual cloud environment consisting of UCS and Vblock 10k/40k platforms
• Provide NSX Micro-Segmentation Security for ASW Data Center.
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Configured and maintained IPSEC and SSL VPN's on Palo Alto, Cisco ASA Firewalls.
• Configuring, Administering and troubleshooting the Checkpoint, Palo Alto and ASA firewall.
• Configured IPSec VPN (Site-Site to Remote Access) on Cisco ASA (5200) series firewalls.
• Working with the rule base and its configuration in Cisco ASA, Palo Alto, Juniper and Checkpoint firewalls.
• Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tuning AS-path.
• Rule consolidation and rule lockdown process in the ASA firewalls.
• Supported 200 Cisco ASA firewalls in configuring and maintenance.
• Deployment of Cisco ASA firewalls and migration of end of life ASA firewalls to New ASA firewalls.
• Cisco Firewalls include ASA 5585x, 5580, 5550 Series Hardware managed through CLI, ASDM as well as CSM.
• Most of my time at this position was spent fixing and re-writing scripts within Jenkins and Puppet Modules
• Worked with VMWare and Flex team for Configuring and installing Dell Power Connect switch 5548 and increasing their Bandwidth Usage.
• Responsible for maintaining availability, reporting and communication of the SIEM between it, its event-sources and the endpoints.
• Configuring & Administration of the Checkpoint Firewall that includes creating Hosts, Nodes, Networks, Static & Hide NAT's.
• Experience in creating multiple policies and pushing them into Checkpoint Firewall (Gateways) and hands-on experience in managing the Checkpoint Management Server and Gaia operating system.
• Experience working with Palo Alto firewalls managed through Panorama management platform.
• Configure High Availability on Palo Alto firewalls.
• Defining, tracking and maintaining the standard baselines and configuration sets of security devices and implementing industry best practices with regards to Firewall, IDS/IPS, IPsec VPN, SSL VPN.
• Applied security enhancement by implementing certificates and RSA keys for authentication.
• Installed and administered RSA Secure ID token authentication servers.
• Support Citrix NetScaler F5 platform, configuring, implementing, & troubleshooting Citrix NetScaler VIP configuration with health check, policy configurations Access Gateway, & content switching configuration solutions.
• Configure and troubleshoot Routing protocols such as OSPF and EIGRP for routing internally and BGP for external routing.
• Involved in F5 LTM GTM and ASM planning, designing and implementation. Actively involved in F5 ASM policy configuration and deployment. Troubleshoot and Worked with Security issues related to Cisco ASA/PIX, Checkpoint, IDS/IPS and Juniper Net screen firewalls.
• Configured High availability, User ID on Palo Alto firewall.
• Configured and utilized many different protocols such as OSPF, ISIS, BGP/MP-BGP, OER, MPLS, LDP, Multicast, IPv4/IPv6 protocols.
• Implementing a VoIP and hoc network with SIP Proxy Server and multiple Clients, capturing the Installed and maintained Wireless Access Points throughout the building.
• Utilized knowledge of Spanning Tree Protocol, BGP, MPLS, OSI model layers 1-2 to create network layouts.
• Hands on experience and demonstrated knowledge on Software-Defined Networking (SDN) and SD-WAN.
• Stateful firewall, VLAN to VLAN routing, Link bonding / failover, 3G / 4G failover, Traffic shaping / prioritization, WAN optimization, Site-to-site VPN, Client VPN, MPLS to VPN Failover, Active Directory and LDAP integration.
• Responsible for investigating Data Loss Prevention using Symantec DLP.
• Configured EIGRP routing and BGP route maps to allow traffic from subnets out to the core to Datacenter on the ASR 1002 devices.
• Implementation and configuration of Cisco L3 switches 3750, 4500, 6500 in multi VLAN environment with the use of inter-VLAN routing, dot1Q trunk, ether channel.
• Configure and troubleshoot Routing protocols such as OSPF and EIGRP for routing internally and BGP for external routing.
• Developed PowerShell scripts for Production Ready QA/QC for Windows and Linux servers.
• Use BGP attributes such as AS-PATH prepending and communities to influence routing amongst different paths.
• Provide remote support for partners on installation and configuration problems and issues related to SDA or SD-WAN, DNAC.
• Worked and maintained various network, application monitoring tools like Solar Winds, Cisco Prime, ForeScout, Wireshark, TCP Dump.
• ForeScout CounterACT- NAC, endpoint compliance, real-time intelligence and policy-based control.
• Experience with Monitoring wireless networks and performing site surveys.
• Involved in Troubleshooting IP Addressing Issues and Updating IOS Images using TFTP.
• Used BMC Remedy tool for ticketing purpose.
• Cisco ISE implementation for Guest access with Cisco Wireless Controllers using EOIP guest wireless services.

Environment: Cisco ASA 5580/5540/5520, CheckpointR70, R75, R77.20 Gaia, Palo AltoPA-5000/3000, Juniper SSG, SRX, Big IP F5 LTM/GTM, Nexus switches, Routers, TCP/IP, VPN, Bluecoat Proxy servers, IDS/IPS. SIEM and monitoring, BMC Remedy, Cisco Prime, ForeScout CounterACT, Tufin.

Sr. Network Engineer

Confidential - Milwaukee, WI

Responsibilities:

• Configured Checkpoint and Cisco ASA firewalls to secure the infrastructure for the Data Center.
• Configured VDC (Virtual Device Context) for Nexus 7010 Switch.
• Experience with industry recognized SIEM solutions such as ArcSight, Splunk, LogRhythm, AlienVault, etc
• Participated in the design and implementation of the next generation NS X SD-WANproduct portfolio.
• Citrix Netscaler Architecture and implemented Infrastructure Redundancy of Federal Home Loan Bank in addition to completing the SANS Top 20 Controls within a Scrum Agile Team.
• Configured Nexus 7K, 5k, 2k switches in data center for hosting various servers.
• Install or decommission of Nexus switches and servers in the data center.
• Monitor and responsible for access control to the Data Center to prevent unauthorized access.
• Accountable for ensuring the data center operations meet the functionality and reliability to meet customer Service Level Agreements and expectations.
• Monitors data center devices, equipment's (HVAC, Servers, other devices) local & remote sites.
• Provide visibility and support to the Facilities team when monitoring the Data Center requests.
• Responsible for enabling BGP peering and customer sessions and debugging BGP routing problems.
• Configured VRF on the routers in the network to maintain different routing instances.
• Expertise with Cisco ASA firewall-based devices, configuring VPNs, IPS and IPsec.
• Experience in Designing and assisting in deploying enterprise Wide Network Security and High Availability Solutions for ASA.
• Hands-on experience with SD WAN (MPLS/Frame Relay), routers, switches, TCP/IP, routing Protocols (BGP/OSPF), and IP addressing.
• Extensive exposure to Configuration Management policies and practices with regards to SDLC along with automation of scripting using BASH/Shell, Ruby and Python scripting.
• Used load balance applications based on F5 LTM 6900.
• I Was a part of a team that Implemented iRules on the VIPs based on application.
• Knowledge about wild fire feature of Palo Alto.
• Configuring, Administering and troubleshooting the Checkpoint.
• Drafted and installed Checkpoint Firewall rules and policies.
• Worked on F5 GTM, configuring Wide IPs and pools to load balance the client traffic between the two data centers.
• Additional SD-WAN configuration and implementation.
• SSL offloading on F5 LTM's, worked on both the server SSL profiles and client SSL profiles.
• Troubleshooted VIPs and SSL certificates issues that were encountered at the time of deployment or in production.
• Configured the F5 LTM both by the GUI and tmsh scripts.
• Configuring and troubleshooting perimeter security devices such as Checkpoint R77 Gaia, Secure Platform, Palo Alto and ASA Firewalls.
• Knowledge with following Citrix infrastructure components: Web interfaces, PNAServer, NetScaler setup and administration, License Server management, Edgesight. Management and configuration of RSA SecurID Server.
• Designed, installed, configured, and troubleshot Citrix NetScaler devices in the support of NetScaler Gateway, Clientless VPN and SSLVPN implementations.
• Vendor certification in a SIEM technology.
• Some familiarity with Zabbix, AWS, Git, Nginx, Ansible.
• Implemented traffic filters by using standard/extended access lists, distribute lists, & route maps.
• Familiarity managing workload in Remedy Ticket System.
• Used Bluecoat ProxySG Appliances to effectively secure Web communications and accelerate delivery of business applications.
• Adding Websites to blocked list on the bluecoat proxies based upon business requirements.
• Support Blue Coat Proxy in explicit mode for users trying to access Internet from Corp Network.
• Linux System Administration (RHEL/CentOS/Scientific Linux 6).
• Worked extensively on Fortigate Firewalls.
• Configured Fortigate 60D.
• Implemented the policy rules and DMZ for multiple clients of the state on the Fortigate firewall.
• Member of a 5-person team responsible for systems and policy changes to firewall infrastructure. The Firewall mesh consists of approximately 35 Fortigate firewalls and the infrastructure to maintain them. All firewalls are configured as high availability clusters.
• Physical to Virtual, Virtual to Virtual and Virtual to Physical migrations of Linux servers from and to VMware, VirtualBox, Hyper -V and other legacy hardware.
• Includes installation, testing, upgrading, loading patches, troubleshooting both physical and virtual environments.
• Installed and monitored extreme networks S-series, 7100 stackable switches and E4G-400, 1800 router to support VMware machines in NCFAST.
• Construct DellEMC EHC Private Cloud with VMware NSX SDN globally in four regions; integrate into current DC environment .
• Monitoring of data flow and troubleshooting in wireless systems for multiple clients using the cisco ISE platform and also configuring a small wireless system for VOIP and wireless activity.
• Upgraded distribution switches 6509 to Nexus 7010 with Sup1.
• Involved in Data Center migrations and handled proper management, maintenance, configuration, and altered management of firewall structure.
• Configured dynamic routing protocols such as EIGRP, OSPF, BGP and switch management on Cisco 6500, 2800, 2900, 3750, 3900 series.
• Monitored Linux server for CPU Utilization, Memory Utilization, and Disk Utilization for performance monitoring.
• Remote implementation of Palo Alto firewalls PA-500 and PA 200 firewalls.
• Provided L2 & L3 network support.
• Hands On experience in push Policy from Panorama to Firewall in Palo Alto.
• Excellent experience with FTP, TFTP, DHCP configuration and its setup.
• Hands on experience with issues related to security like NAT, IP sec, ACLs.
• Used Net scalar for quality of service (QOS), offloading.
• Used Network analysis tools like Packet Sniffer and Wireshark for troubleshooting the network.

Environment: Cisco routers (7200, 3800, 2800) and Cisco switches (6500, 3700, 4900, 2900), Nexus (7K, 5K & 2K), Data Centers, LAN/WAN, Routing Protocols (EIGRP, OSPF, BGP), ASA, Fortingate, Palo Alto F5 load balancing, VRF, VPN, IPSec, Citrix, NetScaler.

Network Engineer

Confidential - Irvine, CA

Responsibilities:

• Responsible for turning up new sites this includes designing, configuring, and coordinating in turning up the new circuits on Routers and switches.
• Using Tanium and other automation tools we were able to significantly reduce response time and man hours spent on network vulnerability's.
• Managed fast L3 switched/routed LAN/ SD WAN infrastructure as a part of Network team Configured RIPv2, BGP and OSPF routing.
• Built custom Tanium sensors to fill the gaps that where left by our other data collection tools.
• Provided accreditation support for a new Tanium installation on a large Core network.
• Experiences in creating vision, defining technology strategy, and creating innovative products and solutions for SDN, NFV, cloud, and virtualization for enterprises and service providers.
• Monitor and respond to alarms for all network and security infrastructure including Cisco 2800, 2900, 3000, and Nexus 7k series routers and equivalent switches, Aruba wireless networking devices, Riverbed load balancers, firewalls.
• Design and Build Software-Defined Data Center environment, including Vmware, VCenter,NSX and Cisco ACI.
• Troubleshoot and track offline node in Tripwire.
• Validated changes downloaded by Tripwire Logger and analyzed changes for adds, removed, and timestamp changes.
• Developed requirements for Cisco SD-WAN relaunch plan.
• Analyzed customer requirements, process, and challenges to develop and enhance Tanium capabilities.
• Installing the F5 TMOS upgrades, Hot-fix installations depending on Business need.
• Experience working with Nexus 9k, 7K, 5K and 2K.
• Deploying and maintaining ACI data centers lab utilized by the global support team.
• Exhibited knowledge of Wireshark to capture and analyze packet information, NMAP and TCP dump to assist in network connectivity issues and analysis, Check Point Firewall logs and rule base to analyze network behavior and isolate potential threats, and handle virus and OS updates.
• Troubleshoot and document infrastructure changes that support AV and VTC systems to include CAD drawings.
• Utilize Firemon to run traffic analysis and other reports from the firewall.
• Provide design and SDN/NFV networking support using Cisco ACI, Cisco wireless controllers, Open-Stack, Juniper Contrail and Big Switch Networks LABs and using Apple Configurator.
• Migrate Open stack underlay network from Standalone Nexus to ACI.
• Hands on Experience on Riverbed 250, 555, 570, 5050.
• Designed and configured Local Area Networks consisting of Cisco Catalyst Switches 6509E, 4500s, 3750, 3560 Wired Switches, Wide Area Networks consisting of Cisco Routers 3900s, 2951s, and Wireless LAN Networks using controllers of Cisco 5508s with Cisco APs 3502Es.
• Performed Pilot Test on Cisco Nexus Data Center Switches 7000s for compatibility issues, Cisco Carrier Routing System (CRS), Cisco Aggregation Service Routers, and Cisco 12000 GSR.
• Performed configuration and maintenance of LAN/WAN technologies such as Ethernet and Fast Ethernet. Securing the network with access lists applied on interfaces.
• Knowledge of modifying and maintaining the Bluecoat Proxy Pac file.
• Managed LAN & WAN and Bluecoat proxy servers.
• Recently refreshed data center access layer with Nexus 9k's to prepare the infrastructure for future SDA or SD WAN requirements
• Black listing and White listing of web URL on BlueCoat Proxy servers.
• Adding Websites to the URL filtering blocklist in Bluecoat Proxies and upgrading firmware on the bluecoat proxies.
• Worked directly with SD-WAN provider (Talari) to design the Talari as a Router (TaaR) solution - this was done to replace the end-of-life 1841 cisco routers that we had at our remote locations.
• Implemented IP Routing protocols EIGRP, OSPF, BGP on Cisco Routers 7600, 3600, 2800.
• Produce shell and Perl scripts to automate tasks wherever possible.
• Configured and managed Windows Firewalls, Cisco PIX, and Checkpoint firewalls.
• Generate a wide variety of reports on firewall and IDS activity notifying the end customer concerning suspicious traffic.
• Monitor IDS logs filtering potentially threatening activity from normal network traffic.
• Planned, designed, and configured ASA 5580 Firewalls with software version 8.0, Cisco Load balancers, VPN concentrators, and implemented QoS and performing traffic engineering.
• Responsible for daily administration of Windows servers including creation/deletion of new user accounts, print services, and backups.
• Installed and Maintained software license agreements: administering patch management and operating system deployment with SCCM and SCOM.
• VPC to Arista MLAG migration - Designed 3-tier leaf spine network with L3 switches, configured IP subnets, MLAG Peers, VLANs, routing (OSPF, BGP peering with ISP) and VARP for router redundancy and tested for traffic loss.
• Configuring and troubleshooting Layer 2 Ethernet switch and router interfaces for Arista, Cisco, and Juniper.
• PowerCLI/ PowerShell/Bash/Shell Scripts, C, C++, Fortran, Pascal, Visual Basic
• System level monitoring on Linux and Infoblox Appliances to watch process and service statuses, like Performance Monitoring & Tuning - iostat, vmstat & netstat, nfsstat, etc.
• Configuring and troubleshooting Layer 4 VPN on Cisco, Juniper, and Arista.
• Configured Arista switches out of the box and installed PDUs in the Datacenter.
• Key player in deployment of nationwide corporate upgrade: migrating from legacy equipment to Cisco Meraki indoor/outdoor wide area mesh networks (Cisco's largest Meraki rollout to date).
• Experience with Cisco's Guest Wi-Fi solution using ISE and Meraki Firewall.
• Designed and Implemented DMZ for FTP, Web and Mail Servers with CISCO PIX 506, PIX515.
• Built VPN tunnel and VPN encryption.
• Involved in Configuration of Access lists (ACL) on ASA firewall for the proper network routing for the B2B network connectivity.
• To secure configurations of load balancing in F5, SSL/VPN connections, troubleshooting CISCO ASA firewalls, and related network security measures.
• Working experience with Load Balancers F5 LTM like 3900, 6900, 4200V over various environments.
• Configuration, migrations, upgrades of F5 Big IP LTM 3400, 6400, 8900 running v4.x to 10.2.x, Active/Standby.

Environment: Net Flow, TACACS, EIGRP, RIP, OSPF, BGP, VPN, MPLS, CSM, SUP720, Ether Channels, Cisco 7200/3845/3600/2800 routers, Fluke and Sniffer, Cisco 6509/ 3750/3550/3500/2950 switches, Checkpoint firewalls (SPLAT)

Network Engineer

Confidential - Montgomery, AL

Responsibilities:

• Installation & Configuring of Cisco 6500, 4500, 2800, 1800 and 1700 series router.
• Installed and configured DNS, DHCP Client/Server.
• Worked on Extensively on Cisco Firewalls, Cisco ASA 5500(5510/5540) Series.
• Gathering application information which are using Splunk tool and analyze their bandwidth traffic.
• Standardized Splunk agent deployment, configuration and maintenance across a variety of UNIX and Windows platforms.
• Responsible for developing and deploying Solar Winds which includes WAN/LAN and server monitoring.
• Reporting, and alerting and Configure Orion alerts.
• Implemented inter-VLAN routing (on Juniper EX 3300 and EX 3400 switches) among the VLANs to allow.
• Projects on Network design, Installation, troubleshooting and suggesting them suitable backup system.
• Worked on Juniper J series j230, M 320 routers and EX 3200 series switch.
• Building configurations for Juniper EX 3300 and EX 4200 switches with features like port security, VLANS, VTP, and PVST+.
• Accountable for ensuring the data center operations meet the functionality and reliability to meet customer Service Level Agreements and expectations.
• Configuring STP for switching loop prevention and VLANs for data and voice along with configuring port security for users connecting to the switches.
• Worked on installation, maintenance, and troubleshooting of LAN/WAN (ISDN, Frame relay, NAT, DHCP, TCP/IP).
• As a Network Engineer I worked on the Viptela SD-WAN, designed the test automation infrastructure for the entire suite of SD-WAN features.
• Expertise with Installation, configuration and troubleshooting of Cisco Routers (ASR 9K, NSX 5K, Meraki MX84, CISCO ISR 1K, 7600, 3800, 2800, 2600, 1800 series). and Juniper Routers (MX, PTX, T4000-series)
• Configured Access List (Standard, Extended, and Named) to allow users all over the company to access different applications and blocking others.
• Monitors data center devices, equipment's (HVAC, Servers, other devices) local & remote sites
• Provide visibility and support to the Facilities team when monitoring the Data Center requests.
• Configured Checkpoint and Cisco ASA firewalls to secure the infrastructure for the Data Center.
• Configured VDC (Virtual Device Context) for Nexus 7010 Switch.
• Experience with industry recognized SIEM solutions such as ArcSight, Splunk, LogRhythm, AlienVault, etc.
• Perform monitoring and support of internal network security.
• Provide support to internal users and external clients on various hardware and software issues.
• Implemented rules on Juniper SRX 550 at the server farm.
• Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls (160+ firewalls) - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
• Provided firewall policy configuration and services with Juniper SRX 240 & 650 service gateways.
• Configuring various advanced features (Profiles, monitors, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital Certificates, executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
• Worked on physical and virtual networks to provide functionality on additional layers on VMware NSX.
• Monitoring servers like domain controllers, exchange servers and connectivity.
• Managed network connectivity and network SSL Security, between Head offices and Branch office.
• Responsible for Internal and external accounts and, managing LAN/WAN and checking for SSL Security Settings of the networking 3750 devices (Cisco Router, switches) co-coordinating with the system.
• Understanding the JUNOS platform and worked with JUNOS upgrade of Juniper devices.
• Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
• Used load balancers ACE and load balancing technique with multiple components for efficient performance and to increase reliability through redundancy.
• Performed migration of Cisco ACE/GSS onto F5 LTM active/passive pair.
• Troubleshoot on security related issues on JUNIPER SRX/PIX, Checkpoint and IDS/IPS.
• Environment: Router series (2800, 3800, 7200) and switch series (3750, 3550, 4509E, 6509E), SRX 550firewall, Palo Alto (PA-4000/PA-2000), Juniper EX, Routing Protocols (EIGRP, OSPF, ISIS, BGP), Switching protocols (VTP, STP), Site to Site VPN, Remote Access VPN.
• Performed IOS upgrades/Password recover on 2900, 3500 series Cisco Catalyst switches and 1800, 2600, 3600 series Cisco routers using TFTP.
• Implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, and Ether channel, STP, RSTP and MST.

Environment: Cisco routers Series 7200/7600/3800, ASR 7000/9000; Cisco catalyst switches 6500/5000/3500/2950 and Nexus 7K; Juno OS, Cisco PIX Firewalls 535, 525 Routing Protocols OSPF, BGP; VPN, MPLS, HSRP, GLBP, Big-IP F5 LTM Load Balancer, ACE 4400, Ansible, Python scripting, Wireshark, PowerShell, Cisco Works, MS Visio, Cisco ASA and Palo Alto firewalls, Blue Coat Proxy.

Confidential

Network Engineer

Responsibilities:

• Configuring/Troubleshoot issues with the following types of routers Cisco (7200, 6500, 4500, 1700, 2600 and 3500 series), to include: bridging, switching, routing, Ethernet, NAT, and DHCP, as well as assisting with customer LAN /MAN, router/firewalls.
• Wrote IOS and CAT OS upgrade procedures and Pre/Post checks for customer production upgrades.
• Excellent Troubleshooting Skills and Customer Centric approach.
• Switches Replace branch hardware with new 2851 routers and 2960 switches.
• Implemented Cisco Wireless Access Points and WLC’s at various corporate sites fort 11n Infrastructure and its legacy technologies.
• Experience in working with Cisco Nexus 5000 series switches for data center.
• Provided estimated bandwidth requirements for data replication, to best determine adequate timing for migration service levels
• Configuring HSRP between VLANs, Configuring Ether-Channels, Port Channel on 6500 catalyst
• Configuring, managing and troubleshooting networks using routing protocols like RIP, EIGRP and OSPF (Single Area and Multi Area).
• Configured OSPF on CISCO devices with multiple routing processes and redistributed them. Tested and hands on experience in multi area OSPF topologies.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Assisted in network engineering efforts consistent with the infrastructure of an Internet Service Provider and support of such network services. Helped in designing and implementation of VLAN for the new users.
• Installation and Configuration of various types of Personal Computers and Printers. Installation of different operating systems on Intel based PC's.
• Installed Hard disks, Floppy drives, CD Drives, Sound Blaster cards, CPU, Memory, Power supply unit, Network card, Video graphics card, Hard disk controller card on PC systems.
• Troubleshooting of personal computers. On line Support to customers concerning their computer problems.
• Assisted with troubleshooting all network issues with routers and switches when necessary and consulted with on call tech as needed for client.
• Monitor, troubleshoot, test and resolve Frame Relay, ATM, MLPPP, PPP, and Dial-up.
• Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550.
• Configuring Vlan’s, VTP’s, enabling trunks between switches.

Environment: ASA Firewall, VLAN, HSRP, VTP, OSPF, EIGRP, BGP, Juniper, MPLS, CISCO 3750, 4500, 6500, DMZ.

Network Engineer/Intern

Confidential

Responsibilities:

• Connected switches using trunk links and Ether Channel.
• Converted network with multiple routing protocols RIP, IGRP, EIGRP into a single OSPF domain, thus SDproviding for future network scalability.
• Configuring of IP Allocation and sub netting for all applications and servers and other needs throughout company using FLSM, VLSM addressing.
• Configuration changes automation with Ansible.
• Implemented redundant Load balancing technique with Internet applications for switches and routers.
• Configured Cisco IOS Feature Set, NAT and Simple Network Management Protocol (SNMP) for Network Security implementation.
• Addition and removal of services from virtual server configuration on Citrix Netscalar load-balancer.
• Maintaining SSL certificate on Citrix Netscalar load balancer and managing the virtual servers.
• SIEM monitoring and investigation of any alerts using tools like Arcsight ESM, Arcsight Logger, HBSS, NetScout, Site Protector IDS, and Wireshark Protocol Analyzer.
• Evaluate and build proof of concept of HPE Cloud with Nuage SDN and EMC EHC platform with VMware NSX based SDN
• Functional Management of the Azure Network in customer as well as production perspective.
• Cloud design: Participate in Amazon AWS / Microsoft Azure network design and implementation.
• Documenting and Log analyzing the Cisco ASA 5500 series firewalls.
• Used Network Monitoring tool to manage, monitor and troubleshoot the network.
• Experience in HSRP standby troubleshooting & Experience in configuring & upgrading of Cisco IOS.
• Received inbound calls of technical nature, independently resolved customer complaints, concerns and inquiries regarding their Internet connection.
• Troubleshoot a wide range of technical support issues and connectivity problems such as authentication, connection speed, e-mail configuration, and loss of synchronization.
• Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network.
• Experience in new employee mentoring, training and coaching.

Environment: Net Flow, EIGRP, RIP, OSPF, BGP, VPN, MPLS, CSM, SUP720, Anisible, Ether Channels, Cisco 7200/3845/3600/2800 routers, Cisco 6509/ 3750/3550/3500/2950 switches, Github.