SUMMARY:

• 8+ years of practical experience in the IT field as a network engineer, with proficient hands - on experience in the areas of Wi-Fi portfolio, Routing, Switching and Troubleshooting
• Strong knowledge in configuring and troubleshooting routing protocols like OSPF, VOIP, IPT, IS-IS, SNMP, EIGRP and BGP.
• Experience in deploying applications through Microsoft azure.
• Installing and Configuring Cisco switches 2960, 3560, 4500, 6500, 4900, 2900, 3750, Nexus 5000, Nexus 7000,Nexus 9000 WS-C4948, Juniper EX, QFX and MX series.
• Hands-on expertise with routers 2800, 2900, 3800, 3900, 7200, 7600, ASR9010, ASR1002 and Juniper ACX, EX 4300, MX 480, MX960 series.
• Working Knowledge on Devices like Juniper SRX 210, 240 and 550.
• Implementation, working analysis, troubleshooting and documentation of LAN, WAN & WLAN architecture with excellent work experience on IP series.
• Working knowledge with Load Balancers F5 LTM like 2200, 4200v, 7050 for various applications.
• Knowledge of troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as EIGRP, OSPF, BGP ability to interpret and resolve complex route table problems.
• Experience in Design, configuration, and support of Cisco Nexus Platforms (Nexus 2000/5000/7000/9000 ).
• Worked on Cisco Routers 2800, 2900, 3800, 3900, 3750, 4500, 7600, (6500- sup720), ASR9K and ASR1002.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MST.
• Strong practical experience in IP addressing, Sub-netting, VLSM and ARP, proxy ARP, and ping concepts
• Expertise in troubleshooting and configuring DNS, DHCP, TFTP, TELNET, SSH, FTP and NFS.
• Excellent hands-on experience in designing and implementing IP addressing that includes both IPV4 and IPV6
• Implementation of Access lists, route maps, and distribute lists.
• Strong fundamental knowledge in implementing Layer-2 level technologies including VLAN's, VTP, STP, RSTP and Trunking.
• Working knowledge of Firewall, AAA, TACACS/RADIUS, and IPSEC.
• Proficient with TCP/IP, OSI models and Cisco IOS.
• Experience with Security policy configuration including NAT, PAT, VPN, SSLVPN, Route-maps and Access Control Lists.
• Strong experience on Juniper SSG series Firewalls and Checkpoint R75, 76 Firewalls, Juniper SRX 240 Firewalls.
• Working Experience in SONET, DWDM & ATM Networks.
• Working Knowledge of SD-WAN technologies Such as Meraki, OpenStack and Silverpeak.
• Technical support for improvement, up-gradation & expansion of the network architecture.
• Good understanding and working knowledge of Protocols like IEEE 802.1, IEEE 802.3& IEEE 802.11, 802.1x, EAP, PEAP & EAP-TLS.
• Hands-on experience of Python scripting, automation using Python, string parsing, libraries, API's, regexp and more.
• Familiar with security products such as Cisco ISE
• Expertise on various Operating Systems and software's like Win8, Win7, Win 2008, Win Vista, Ubuntu, Kali Linux, Red Hat Linux, Asterisk and MS Office Suite.
• Working Experience in VMware ESX 5.x, VMware Workstation, VMware vCenter Server, Microsoft SharePoint, System Center 2012 R2, C++.
• Worked on security products such as Cisco ISE
• VoIP Installation and troubleshooting, configuring Cisco Phones and setting up VoIP, IPT over VLAN.
• Comprehensive understanding of OSI Model, TCP/IP protocol suite (IP, ARP, ICMP, TCP, UDP, SNMP, FTP, TFTP).
• Planning, Designing, Implementation of small, medium organizations including LAN, VLAN, WLAN and WAN on wired and wireless networks
• Working Experience on web content filter and gateways like Blue Coat, Websense.
• Working Experience on Network Scanning, Management, Alerting &Logging tools like Solar Winds, PRTG, and Wireshark.
• Adept in preparing technical documentation and presentations using Microsoft Visio/ Office.
• Moderate knowledge in implementing and configuring F5 Big-IP LTM-6400 load balancers.

TECHNICAL SKILLS:

Cisco Platforms: Nexus 9K 7K, 5K, 2K and 1K, Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900, 6807 series)

Juniper Platforms: SRX, MX, EX Series Routers and Switches

Access: lists, Routing, Switching, Subnetting, Designing, CSU/DSU, IPSec, VLAN, VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi

Firewall: ASA Firewall (5505/5510/5520 ), Checkpoint (R75/R76), Palo Alto (2k, 3k, 5k), Juniper SRX (240).

Network Tools: Solarwinds, SNMP, Cisco Works, Wireshark, Netcool, Netbrain

Load Balancers: Cisco CSM, F5 Networks (Big-IP)

WAN technologies: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1,DS3,OC3, T1 /T3 & SONET

LAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channel, VLANS, VTP, STP, RSTP, 802.1Q

IKE, IPSEC, SSL: VPN

Networking Protocols: RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA, IPv4 and IPv6

Operating System: Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix

PROFESSIONAL EXPERIENCE:

Confidential, Lancaster, PA

Sr. Network Engineer

Responsibilities:

• Worked on providing management connectivity, HA configuration, setting up RSA for MFA, license and updates management, VSYS support, L3, aggregate Ethernet and sub interfaces configuration, configuration of BGP on both Nexus and Palo Alto, moved SVI (server VLAN) interfaces from ASA core to Palo Alto.
• Worked on data center segmentation project to create segmentation between the user and server traffic by deploying Palo Alto firewalls (5250s) in the datacenter including cabling to the Nexus 9K, 7K VDCs and HA.
• Validated routing throughout the environment and created test plans for failover including using link monitoring and path monitoring.
• Experienced provisioning SD-WAN service as automated failover solution for MPLS VPN by Cisco Meraki MX 80 Firewall.
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
• Handling Checkpoint and Checkpoint firewalls appliances, Checkpoint Provider-1/Multi-Domain-Mgmt. the, Check point Smart Console R70.20 & R75.40, R77.10, R77.20.
• Provided day-to-day support in the maintenance and troubleshooting of OSPF at the core layer
• Working on Cisco ISE to authorize users based on protocols PEAP and EAP-TLS, also manage and monitor user's access privileges.
• Configured and Created wireless sites using the Cisco Meraki System dashboard.
• Implemented site to site VPN on Cisco Meraki MX64, MX65, MC84, and MX400.
• Implementing Cisco Meraki Wireless network.
• Experience with LAN protocols like VSS, STP, RSTP, MST, VTP, VLAN.
• Administrated LAN and WAN with of TCP/IP, NAT, PPP, ISDN and associates network protocols and services.
• Configured Cisco ISE for Domain Integration and Active Directory Integration.
• Configured Cisco ISE for Wireless and Wired 802.1x Authentication on Cisco Wireless LAN Controllers, Catalyst Switches, and Cisco ASA Firewalls.
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
• Configured and troubleshooting Aruba Wireless products like Access Points and Mobility Access Switches.
• Performed site refreshes on Cisco switching and Aruba wireless infrastructure.
• Hands on experience in Aruba S2500 switches, Aruba 7200, 3600 series wireless controllers.
• Migrated from Cisco 3650 switches to Aruba 3810 series switches.
• Experience with SDN/NFV technologies including Open Stack Neutron, VM ware NSX, Open flow, Open daylight, Open v Switch, Open Contrail, or Cisco ACI.
• Configure EPG, update APIC, implement access and fabric policies in Cisco ACI environment.
• Provisioning ports in Cisco ACI to support SAN, VoIP, and hypervisors.
• Implementation of Juniper Firewall, SSG Series, Net screen Series ISG 1000, SRX Series.
• Upgraded the existing Panorama to V8. Integrating the new firewalls to Panorama and responsible for working on change tickets for existing 3250 Palo Firewalls in the environment.
• Collected data to determine which permit rules to create between the user and server VLANs based on the logs.
• Configuration and installation of LAN switches and wireless network infrastructure equipment and cabling all uplink and user network connections.
• Developed and implemented Python scripts to automate retrieval, parsing and reporting of configuration parameters from Network Devices connected to customer networks.
• Experience using Source fire IPS and Firesight management console.
• Deployed Nexus switches 2248, 5548, 7018 and implemented features like FEX Links, VPC, VRF, VDC, and OTV, Fabric Path.
• Created VSYS Builds from Checkpoint to Palo Alto Panorama Database Zone, Access Zone.
• Performed Routing protocol migration from EIGRP to OSPF to allow for optimal performance inside a 100% cisco environment.
• Determined the VPN connectivity requirement for users, VPN pool and gateway information, integration of RSA for VPN authentication, defined rules for non-console administrative access, implemented and tested non-console admin rules for firewalls.
• Used routing protocols (OSPF) internal and BGP to connect to ISP.
• Created script in python for calling REST APIs.
• Review and analyze events from logs and Source Fire IDS/IPS
• Experience working with Nexus 7018/7010, 5020, 5548, 2148, 2248 devices.
• Experience working with OTV & FCOE on the nexus between the datacenters.
• Worked on creating SNMP, Syslog, Email profiles, log forwarding, data filtering profiles according to the client’s requirement.
• Worked with the Info security team to closely monitor threats, incident handling, working with the network administration team to provide them with the remediation steps.
• Updated configuration standards to meet the PCI DSS compliance requirement. Made config changes to the existing firewalls in the CDE to the configure standards to make them PCI compliant.

Environment: Firewall migration, Rule cleanup, Firewall remediation, F5 Cisco ISE, Ticketing change management

Confidential, Atlanta, GA

Sr. Network Security Engineer

Responsibilities:

• Worked on cleanup of several legacy rules of ASA and created a migration path to Palo Altos, configured for Global protect VPN, User ID, Wildfire set up, SSL decryption, license and policy management on Palo Alto appliances.
• Reviewed and optimized firewall rules using Netscout firewall monitoring tool by creating customized firewall audit reports. Migrated datacenter firewall rules based on Zenoss Analysis/query and Reports.
• Staged, planned and deployed Palo Alto 5060 within Data Centres. Worked with Palo Alto firewalls using Panorama performing changes to monitor/block/allow the traffic on the firewall.
• Configure High Availability Checkpoint ClusterXL on VSX as well as perform Upgrades
• Experience working in Provider-1 Environment with Multiple CMA’s and dozens of gateways.
• Optimizing Firewall Policy, grouping objects, verify NAT and clean-up of unused firewall rules.
• Building of New Check Point Security Gateways and performing in place upgrades.
• Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for stateful replication of traffic between active and standby member.
• Understand the flow of traffic through the Check Point Security gateway cluster and troubleshoot connectivity issues using advanced troubleshooting from Command Line Utilities.
• Cisco Meraki Appliance MX (400, 80, 60) and Meraki wireless Access points (MR66,MR18),
• Installed and configured Meraki (MX80,MX60) Appliance via Meraki MX400 Cloud.
• Troubleshooting Cisco APs and Meraki appliances.
• Responsible to evaluate, test, configure, propose and implement network, firewall and security solutions with Palo Alto networks.
• Installed and configured Cisco Meraki (MR66,MR18) wireless Access points in the warehouses.
• Instituted a vulnerability management program to scan and report on all machines for vulnerabilities on the network using various vulnerability management tools on a weekly schedule to meet external audit requirements.
• Provided in depth analysis using but not limited to Vitalnet, NetQoS, Net screen Manager (NSM), Wireshark, Netcool Monitoring and Infinistream Management Console.
• Installed and configured Cisco Nexus 9k/7k/5k/3k switches for VPC, Vlans, MST and 802.1q for Top of the Rack switches and Distribution layer switches.
• Configuring HP procurve switches and Microtik routers by providing VPN access and setting pools for dedicated tunnel for internal customers. Worked on Palo-alto configuration for L2, L3 deployment on Vendor-list firewall. Experience on configuring fiber-optic between 2 data centers with 10GB of bandwidth availability. Configured active directory domain, DNS and DHCP on Windows 2012 R2 standard.
• Experience with products such as Cisco ISE, Cisco ASA 5500 series firewalls and Cisco ACE 4710 Load balancers.
• Palo Alto/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Extensive work with MPLS, configuring BGP, policy-based routing, redistribution, VPN etc.
• Worked on troubleshooting of tickets in complex LAN/WAN infrastructure using packet captures, protocol analyzers, syslog servers etc. Worked on CA spectrum network monitoring tool.
• Configure and maintain site to site VPN using Netscreen firewalls.
• Configuration of Arista DCS7300, 7010, MX960s to replace end-of-life devices.
• Manage Arista core and distribution environment.
• Installed Arista core and distribution solution to replace current Cisco environment.
• Working experience on tools and devices like Source Fire, Cisco ASA, Cisco ISE.
• Corrected configuration issues and implemented best practices for configuration of VDC, VPC, VRF, FEX

Environment: Architectural layout, Firemon, Unused rule and policies, Qos, Monitoring, VOIP, PBX, HP procurve switches.

Confidential, Memphis, TN

Network Engineer

Responsibilities:

• Working with Cisco Nexus 2248 Fabric Extender and Nexus 5500 series to provide a Flexible Access Solution for datacenter access architecture
• Configuring, upgrading and deployment of Nexus 7010, 5596 and 2248.
• Worked on upgrading Cisco ISE 3300 Appliances and 1.0.4 Cisco ISE software on VM ware's.
• Worked with Cisco ISE to identify threats in the network for rapid containment and remediation.
• Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525) & ASA 5500(5510/5540) Series.
• Experience with converting PIX rules over to the Cisco ASA solution.
• Configuring VPN, clustering and ISP redundancy in Checkpoint firewall.
• Worked on Checkpoint Platform including Provider Smart Domain Manager.
• Worked on configuring, managing and supporting Checkpoint Gateways
• Experienced with Checkpoint VPN rules over Cisco ASA VPN. Which filters traffic by inspecting the application layer.
• Implementation configuration and troubleshooting of Checkpoint Firewall R 77.
• Involved in Configuration of Access lists (ACL) on checkpoint firewall for the proper network routing for the B2B network connectivity.
• Worked with Host Master for shared web hosting and managed Web Application firewall (WAF), DNS and DHCP management using Infoblox and Analyzed networks using Wireshark.
• Provided level 2 phone and email support and troubleshooting of networking and VoIP issue.
• Configured the automatic policy builder using the deployment wizard tool in ASM.
• Dealt with creating VIP pools, nodes and created custom iRules for the virtual servers like cookie persistency and redirection of URL on F5 ASM cookies issues and configures ASM policies.
• Experience in Deploying and decommissioning Cisco switches, Cisco Meraki Products and their respective software upgrades.
• Implemented site to site VPN on Cisco Meraki MX64, MX65, MC84, and MX400.
• Deployed and managed Cisco Meraki products SD-WAN including Cisco Meraki Security Appliances (MX25, MX450, MX400, MX600 and MX100), Cisco Meraki switches and Cisco Meraki Wireless Aps (MR84, MR74, and MR52).
• Working with BGP, OSPF protocols in MPLS Cloud.
• Establishing VPN Tunnels using IPSec encryption standards and configuring and implementing site-to-site VPN, Remote VPN.
• Experience in white listing webpages and blocking webpages with Blue Coat Proxy SG and Blue Coat reporter.
• Configured and resolved various OSPF issues in an OSPF multi area environment between multiple branch routers.
• Providing daily network support for national wide area network consisting of MPLS, VPN and point-to-point site.
• Configuring BGP, MPLS in Cisco IOS XR.
• Working on HP open view map for Network Management System and Ticketing.
• Involved in L2/L3 Switching technology administration including creating and maintaining VLANs, Port security, Trunking, STP, Inter VLANS Routing, LAN security

Environment: Cisco ASR 1002X/ 3945/3845/2800/3600 Routers, Cisco ISE, Nexus 7010/5596/2248, ASA 5500/5510/5540, checkpoint fire wall R77, Juniper JUNOUS M & MX routers, VLAN, LAN, STP, BGP, MPLS, OSPF.

Confidential, Seattle, WA

Network Engineer

Responsibilities:

• Created effective network security by migrating from Check Point FW-1 NG to ASA 5510 Firewalls.
• Working with CISCO Nexus 7000, Nexus 5000, and Nexus 2000 platforms
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience
• Involved in configuring Juniper SSG-140 and Check point firewall
• Has a good experience working with the Trouble Tickets on F5 Load balancers and ASA Firewalls
• Working with Cisco Nexus 2148 Fabric Extender and Nexus 5500 series to provide a Flexible Access Solution for datacenter access architecture
• Performed network troubleshooting, second level technical support, and tape backup operations.
• Served as a main escalation point of contact for level II personnel.
• Configured Wireless Access Points in order to control them with RADIUS server
• Coordinated with higher-level support and external vendors for resolution.
• Configured VLAN's on Switches for Wireless Access Points.
• Monitored Network Management System and responded to events, alarms and trouble tickets.
• Included network services such as DNS, email, web, Servers, VPN and Firewall. .

Confidential

Jr. Network Engineer

Responsibilities:

• Troubleshooting network issues like by pinging the host or by pinging the default gateway. Contacting ISP (PerunaNet) for assistance.
• Check the condition of the physical connection i.e. the network cable. Setting up Cisco wireless router and setting up access points. Check the IP address, default gateway and subnet mask are all correct.
• Setting up VOIP network in the engineering building. Check for DNS issues by pinging the server’s name. Experience with Wireshark, TestTCP& OPNET. Managing &Troubleshooting DHCP issues.

Environment: Troubleshooting L1, L2 issues, Managing phones and Desktop systems for call center.