SUMMARY:

• Around 10 years of experience in network data/security design, implementation and troubleshooting of network protocols on IP and frame - relay networks.
• Experience in networking, routing, switching and firewall administration in LAN/WAN.
• Working experience in network products include CISCO and Juniper.
• ISP experience with vendors listed: AT&T, Verizon, Sprint, Atlas/IGNISIS, Megapath,Comcast, BT.
• Implementation and troubleshooting of VPN between end-to-end sites using CISCO ASA and CISCO Routers.
• Implemented security & traffic filters using Standard and Extended access-lists, Route Maps.
• Network migrations, IOS and bandwidth upgradations in coordination with multiple ISP vendors.
• IP addressing and subnetting, Routing concepts, Bridging and switching concepts and LAN technologies.
• Implementation of policies on checkpoint firewall for providing user control access.
• Installation and Migration of Palo Alto Networks, Check-point and ASA.
• Expertise in administration of different firewall vendors like Checkpoint, PaloAlto
• Configuration of Rules, Objects, Groups, and Policies for web filtering and NAT filtering.
• IDS/IPS security audit for vulnerability check in network.
• Hold knowledge on Fortinet firewall.
• Maintenance of cfr standards in implementing security policies.
• CISCO Wireless controller4400/5500 network configuration.
• Experience in working with web application like Citrix.
• Build and maintain Visio/Opnet documentation database of network topology.
• Documentation of work done on daily basis in spreadsheets for management supervision.
• Perform security audit scan on network data and security devices of multi-vendor equipment.
• Hands-on expertise on audit tools like Nipper Scan, Nessus Scan for IPS and IDS vulnerabilities check in network and for maintaining HIPPA protocol standards.
• Remote Desktop Connection Manager v2.7
• Failover Cluster Manager.
• VMware/Hyper-V Manager.
• Users/Group Administration- Active Directory Services.(Users & Computers)

TECHNICAL SKILLS:

Routing protocols: RIPV1 & V2, EIGRP, OSPF, and BGP.

Switching Protocols: SNMP, SMTP, HSRP, VTP, STP

Routers: Cisco 4431,ASR/ISR 1000

Switches: Nexus 7000,5000,9000,6500,3850,2960 & more.

LAN/WAN Technologies: Ethernet, Frame Relay, X.25, VLAN, VTP, QoS.

Network Automation: NSX,ACI.

Network Administration: CCNA, CCNP, RHCE administration

Network Technologies: MPLS, Frame-relay, and QoS.

Wireless Tech: Cisco WLC 4400/5500(802.11a/b/g).

Firewall/Security: ASA 55XX, Checkpoint R75/77, Palo Alto, Fortinet.

Email security appliance: CISCO Ironport C170.

IDS/IPS/Audit Tools: Nipper Studio (Titania), Nessus Scan, EventSentry.

Virtualization: VM Ware,Hyper-V

SFTP/FTP Interface: WINSCP, FileZilla server, FileZilla client.

Load Balancer: F5 (LTM/GTM/APM),Citrix Netscaler,CISCO ACE.

Scripting/Coding: CISCO TCL, Perl.

N/W Monitoring Tools: Nagios, Whatsup Gold, SMARTS, Netwatcher.

WAN Tools: Solar Winds, VNE, CACTI, Bluecoat proxy, Riverbed.

Documentation: Opnet, MS Visio.

Packet Capture: Wireshark,Riverbed ARX.

EMPLOYMENT HISTORY:

Confidential

Firewall/Network Eingeer

Responsibilities:

• Implement, configure & upgrade Cisco ISE.
• Implement & configure & Migrate PaloAlto, Cisco/Firepower Firewalls.
• Implement & configure cloud based networks on OCI(Oracle),AWS(Amazon).
• Implement & configure Cisco routers, Data center Switches and Catalyst 9k and stack switches using BGP, OSPF.
• Implement & configure Citrix Netscaler and F5 load balancer with iAPP templates.
• Implement & configure WLC 5520.
• Work with Design team and lead built team.

Confidential

Network/Security Engineer, PA

Responsibilities:

• Configuration of cisco routers,switches, ASA firewalls.
• Designed and implemented Remote offices and Vendor locations with three tier architecture.
• Worked with peer in integrting ISE for anyconnect VPN for both wireless and wired connectivity.
• Switch Configuration & Migration from existing 6509 to Nexus 9k's.
• Work with Design teams in building DR data center and involved in DR activity for 48 hour DR activity.
• Configuration of multi-context mode in ASA 5555.
• Designing wireless AP's for campus wide deployment, installing and configuring AP's in remote offices using flex connect in cisco WLC.
• Involved in migrating from CISCO ACE to Citrix Netscaler load balancer.
• ACE/Netscaler Load balancer configuration by configuring reals and assigning them to VIP. Nat'ing of internal VIP to external IP and allowing ACL's on ASA's on a regular basis.
• Configuration of ACL's in cisco Nexus 7k's, ASA.
• Implemented Scrutinizer Network Monitoring tool and configured SNMP flex flow on entire Network gear which solved real time traffic issues and helped in defining QoS levels in architecture.
• Configured DMVPN pointing to DR hub and removing route on other Hub.
• Configuration of policy-sets,Authorization & Authentication policy in ISE.
• Configuration of DACL's in ISE to permit or deny traffic flow based on member/group profile.
• Implementation of client's virtual network using NSX and routing traffic into external network.
• Troubleshoot cisco anyconnect VPN related issues in ISE.
• User/Mac based authentication's/permits in cisco ISE.
• Implemented NSX in lab environment along with SME.
• Work with Operations team in troubleshooting and configuring routers & switches and resolve user related issues on a regular basis.
• Troubleshoot load balancer related issues in ANM.
• Troubleshoot server related issues using packet captures in ARX and wireshark.
• Perform DR activities with clients/vendors.
• Schedule/Regulate/Automate any network/firewall related changes in cisco prime LMS.
• Installation/configuration of 3850 stack switch to enhance core layer performace as part of network refresh.
• IOS upgrades/configuration clean-up of cisco gear as part of Network refresh.
• Building and scheduling client/Network reports from cisco prime LMS or scrutinizer for management purpose.
• Applying filters to obtain abstract reports from scrutinizer and cisco prime LMS.
• Re-designing entire network Monitoring topology.
• Ample level monitoring on cisco Ironport.
• Work as Network on-call.(Rotational)

Confidential

Sr.Network/Security Engineer. Philadelphia, PA

Responsibilities:

• Configuration of ACL's for permitting and blocking traffic on CISCO ASA 5540.
• Configuration of ASDM for central administration and monitoring of ASA's running in network.
• Configuration of Active standby failover between ASA's.
• Traffic capture and analysis using OPT viewer and wireshark traffic analyzer.
• Configuration and troubleshooting of IP sec point to point VPN in ASA.
• Configuration and defying NAT rules in ASA.
• Configuration of object group and object ID's in cisco ASA.
• Troubleshooting ACL related issues by checking hit count on particular ACL.
• Defining group policies and AAA/Radius servers in cisco ISE.
• Configured user roles and defined policies in cisco ISE
• IOS upgrade on cisco ASA from 8.x to 9.x.
• Ensured proper implementation of policies and procedures developed for county healthcare information to meet HIPPA protocols.
• Assisted Security Officer with the development and implementation of an information infrastructure.
• Maintained cfr regulations based on audit reports from scanner tool.
• Proposed and explained importance of Security Audit in network infrastructure.
• Configuration of vpc and vdc on Nexus 7k and Nexus IOS upgrade.
• Upgrade and configuration of 6509 IDF Switches and was solely responsible for switch migration/refresh.
• Configurations of LTM in F5 load balancer.
• Configured 4431 edge routers and deployed in client locations and installed them during change window.
• Configured QoS on 5500 wireless controller and mapped SSID’s to profiles based on traffic types.
• Designed template for switch migrations using TCL/python automation tool.
• Designed SNMP v3 template and deployed in all existing network devices by replacing SNMP v2c.
• Installed Cisco Prime on VM and configured client network infrastructure for monitoring purpose
• Trained team members on CISCO Prime by creating document.

United Airlines

Sr. Network Engineer, Denver, Co

Responsibilities:

• Designed as-built of multiple airports across globe which includes USA, Canada, Asia, and UK.
• Configuration of IPSEC point to point VPN in checkpoint firewall R77.20.
• NAT and policy Configuration on checkpoint firewall R77.20.
• Monitoring and troubleshoot VPN related issues at the time IPSEC tunnel configuration.
• Worked with design documentation and network management tools like HPNA, Infoblox.
• Writing scripts for deploying configuration on distribution switches and core routers which includes 3750/3800/4500/6500 and ASR 1000 routers.
• Implementation of router and switch deployment in coordination with AT&T.
• Working with change management teams and opening SRP requests and completion of changes during scheduled window size.
• Implementation of route redistribution between distribution and core layer by changing/adjusting routing and defining new security policies and rules in checkpoint firewall.

Confidential

Sr.Network/Security Engineer, NYC

Responsibilities:

• Responsible for the overall delivery of technical infrastructure solutions within the scope of Infrastructure Engineering (IE) in order to meet project and client/sponsor requirements.
• Planning, requirements gathering and analysis (working closely with the CTO/CEO, BA, Tech Lead as appropriate), design and implementation.
• Proposed New design which Helped in saving company's budget.
• Respond to general technical questions from Production specialists on the project.
• Microsoft VISIO documentation of DC’s.
• Configuration and establishment of Redundant network with cisco routers using different network protocols like BGP, EIGRP, and HSRP.
• Configuration of Routing between different clients and make sure that traffic/data will not over flow and restricted access.
• Configured and implementation of Cyberoam web proxy for web and URL filtering for user and technical departments.
• Configuration switch stacking on cisco 3850 series.
• Configuration of SVI and routing using BGP, EIGRP in coordination with ISP vendors.
• Configuration of NAT policy by defining rules and application filtering on check point firewall.
• Configuration of IP sec VPN on DMZ’s which include check point firewall and Cisco ASA 5510 using CLI and ASDM.
• Configuration and enabling of IPS (Intrusion Prevention System) in checkpoint firewall and cisco ASA for client security and isolated traffic with DMZ from VPN.
• IME (IPS Manager Express) configuration for ASA IPS modules access for accessing and updating Signature updates, Global Correlation and Sensor Health check.
• IDM ( IPS Device Manager) installation of ASA IPS modules.
• ASDM installation of CISCO ASA-5510.
• Upgrading MCAfee antivirus on all user PC's for audit purpose.
• Firmware upgrade of cisco C170 Ironport.
• Providing RSA access to users in RSA secure ID(130) appliance and explaining them how to connect VPN using anyconnect VPN software.
• Allowing/Denying ports for client access of SFTP/FTP file transfer and connection establishments.
• Perform Audit to check vulnerabilities and loops in network and isolate those using tools like Nipper and Nessus Scan.
• Working with TAC’s of cisco, checkpoint and Juniper for module changes of network/security equipment.
• Generated python template for switch & router migration.
• Implementation of new Windows Server 2008 R2 standard edition right from racking to deploy into production.
• IOS/Firmware upgrade of network devices of different vendors like CISCO, Juniper etc.
• Troubleshooting user/system related issues as part of day to day activities.
• Configuration of switch zoning on Cisco MDS 9000 series switch using CLI.
• Configuration of all network devices and servers in Eventsentry light log management tool for monitoring purposes.
• Troubleshooting of user and desktop related issues in LAN.
• Working experience with JIRA - Issue Tracking Software tool where incidents are reported/opened and closed.
• Documenting Work done and reporting it to respective Managers.

Confidential, Greensboro, NC

Sr.Network Engineer

Responsibilities:

• Providing level-3 network Engineering/Administration which includes Installation, configuration, Migrations, Upgradations and troubleshooting of network devices (Routers, Switches, ASA’s).
• Site to Site VPN, DMVPN configurations in coordination with ISP AT&T and Sprint.
• MPLS configuration in coordination with ISP vendors like Sprint, AT&T, Comcast..etc
• Implementation of IOS & Bandwidth upgrades.
• Port and Bandwidth upgrades.
• Designing and implementing DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA 5500 Firewalls.
• Migration of sites from OSPF Network to EIGRP routing environment.
• Implementation of F5 includes configuration/creation of Network Element, Pool, pool members and virtual server.
• Configuration of VPC, VDC on nexus 2k/3k/5k/7k.
• Configuring/Creating Virtual hosts on VM Ware environment using ESX server.
• Configuration of policies and objects and applying NAT & Web Filtering on firewalls like Checkpoint, Palo Alto.
• Implementation of QoS on 6500 and 4500.
• Implementation of OSPF with BGP during migrations and new connectivity.
• Implementing Citrix NetScaler 10 for Networking and Traffic Optimization (CCA)
• Implementing Citrix Access Gateway 9.0, Enterprise Edition (CCA)
• Knowledge on configuration of iApps (BIG-IP) application service in implementing F5 load balancer.
• Configuring HSRP on Cisco switch 6500 and 3500 to provide redundant network.
• Used CISCO TCL script in generating configurations and implementing them on to network devices.
• Fabric path configuration on Nexus 7k.
• Generated python template for switch migration.
• Configuration of vPC+ and switch ID on nexus 7k.
• Physical cabling, Rack Shifting and patching of network infrastructure in patch panel which also includes arranging of multiplexer's vendors likeAlcatel,Fibcom,Tejas,WRI.
• Performing Incident Management responsibilities which includes troubleshooting and restoration of services by joining in SRT and working with vendors and documenting troubleshoot steps and RFO.
• Configuration of nexus interfaces and mapping to fabricpath on nexus 7k.
• Configuration of AAA authentication on nexus 7k.
• Implementation of QoS policy on Voice links on L3 switches.
• Implementing bluecoat proxy for network connectivity in retail networks.
• Cisco proactive device diagnostics with Smartnet service.
• Working with ISP's like AT&T, Sprint, Ignisis for new circuit installations and provisioning and outages.
• Network security involves web filtering on internet sites (User's restriction) using Palo Alto and checkpoint Firewalls.
• Diagnosing layer-2 and layer-3 loop back tests in coordination with SP's and filed technician.
• Implementing routing, ACL’s with ISP using OSPF and BGP.
• Configuration of checkpoint Rules and Policies which includes AD accounts/Groups access control.
• Configuration of MPLS using BGP and OSPF which includes configuration of VRF (rd,rt), Redistribution. Between ISP to different sites and DC.
• Addition, modification and Deletion of MAC addresses in CAM server and by using CLI in individual devices.
• Using F5 load balancer for traffic filtering and network optimization.
• Implementation of LTM/GTM for load balancing using F5.
• Documenting F5 logs and sending to weekly report to management.
• Configuration of CISCO routers and switches shipping them to respective locations.
• Configuration of MAC address, VLAN’s on switches and registers as per client’s request.
• Configuring Cisco WLC for the sake of customer mobility.
• Checking the WAN performance and utilization in SOLAR WINDS and also packet path using wire shark.
• VPN configuration and security access on ASA, Checkpoint and Palo Alto.
• Participating in network migrations with change management teams.
• Monitoring of all clients N/w Infrastructure using tool SMARTS.
• Participating in DSR, SRT, and RCA calls to resolve the n/w outages.
• Advising clients to improve their network performance.
• Designing and maintenance of client’s network architecture using VISIO and in asset center data management.
• Documentation of all the work done in MS Excel and word.
• Train new joiners and to attend training’s as per company and client’s requirements.

Confidential

Network Engineer

Responsibilities:

• Provided Layer-3 support in network implementation and troubleshooting.
• Configured CISCO routers (1800, 2500, 2600, and 2800).
• Configuration of EIGRP from SP to internal/Local network.
• BGP configuration to advertise and communicate both internal (Allowed) and external route communication.
• Expertise in configuration of ibgp and ebgp with physical and loopback interfaces and also using BGP communities.
• Configuration of MPLS using BGP and OSPF which includes configuration of VRF (rd,rt), Redistribution between ISP to different sites and DC.
• Network bandwidth monitoring using SOLAR WIND, CACTI.
• Implementation of branch-wise network by configuring VLANS, VTP.
• Migrated STP to PVSTP+ on existing LAN architecture.
• Switch Trunk configurations for giving access to depended departments communication and uplink access.
• Network Bandwidth optimization using Riverbed and F5 Load balancer
• Created iRules on F5 for virtual machines and users.
• Troubleshooting network optimization issues by creating iRules on F5.
• Monitored packet and network flow and bandwidth fluctuations on F5.
• Maintained F5 statistics and documenting by informing to higher level management.
• Concatenation of Ethernet ports for higher bandwidth.
• Configuration of policies and objects and applying NAT & Web Filtering on firewalls like Checkpoint, Palo Alto.
• VPN configuration and security access on ASA, Checkpoint and Palo Alto.
• Configured/Created Virtual hosts on VM Ware environment using ESX server.
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
• Implemented HSRP on Cisco core switches (3560) for providing uninterrupted services to end clients.
• Trained in CISCO TCL scripting for generating router and switch configurations.
• Restricted access level permissions to users and blocking/filtering network using checkpoint/CISCO ASA firewall.
• Implementation of TCP/IP & related Service's-DHCP/DNS/WINS
• Build and maintain Visio documentation database of network topology
• Implementation of Network Technologies Frame-Relay, MPLS, SDH.
• Implementation of MPLS VPN networks for individual clients and within site to site and also implementing MPLS TE(Traffic Engineering).
• Internal Cabling and patching of patch panel from end to end via multiplexers.
• Installation of wireless and RF as redundancy link in case of severe outages.
• Troubleshoot customers LAN, WAN, RF connectivity issues by remote access or via phones.
• Trouble tickets opening with Cisco TAC center.
• Configuration and maintenance of server operating system-2003/2008(windows).
• Configured & Monitored the Network using network tools like Whatsup Gold & Net Watcher 1.6.1, Nagios.
• Monitored and checked the utilization using MRTG Server (cacti) of all region customers.
• O& Confidential of LAN, WAN (Copper/RF), Internet Protocol and fiber transmission n/w of SDH/PDH.
• Prepared log reports, weekly reports, Daily digest and Monthly outages and efficiency reports.

Confidential

Network Administrator, DC

Responsibilities:

• Configured L2 switches(2950,2960),Routers(1841,2811)
• Designing branch wise networks and configuring VLAN’s.
• Configured TRUNK between VLAN’s.
• Implementation of OSPF and BGP on Juniper routers.
• Restricted access level permissions to users and blocking/filtering network using checkpoint firewall.
• Has experience in installation, troubleshooting, configuration and maintenance of server operating system (windows).
• Monitoring and configuration of LAN and WAN.
• Installed and configured network devices like NIC cards, Switches, Hubs, Modems.
• Installed and Upgraded Antivirus software’s like AVAST, NORTON, MACFEE etc.
• Discussed and resolved issues directly with clients on a need basis.

Confidential

Network Engineer

Responsibilities:

• Installed Windows XP for clients, setting up the Outlook user account.
• Monitored and configuration of LAN and WAN.
• Configured/Created Virtual hosts on VM Ware environment using ESX server.
• Configured L2 switches(2950,2960),Routers(1841,2811)
• Designed branch wise networks and configuring VLAN’s.
• Collected logs of checkpoint firewall, documenting and reporting to higher level management them weekly.
• Configured TRUNK between VLAN’s.
• Hardware set up.
• Modem & Printer Installations.
• Installation of Antivirus.
• Configured and Dialed Internal & External Modems in windows.