We provide IT Staff Augmentation Services!

Senior Network Engineer / Security Engineer Resume

Memphis, TN

PROFESSIONAL SUMMARY:

  • Around 9 years of experience in IP Network Design, Network Integration, deployment and troubleshooting.
  • Configuring and troubleshooting Layer 3 Interior Gateway Routing protocols such as Link - State routing protocols (OSPF and IS-IS) and Distance Vector routing protocols (RIPv1, RIPv2 and EIGRP). Wide exposure to LAN/WAN setup, installation, configuration and commissioning of network devices.
  • Configuring and troubleshooting Exterior Gateway protocols such as BGPv4 including internal BGP (iBGP) and external BGP (eBGP).
  • Strong hands-on experience on Cisco Catalyst (series 3850, 3560, 4500, 6500), Cisco Nexus (series 2K, 5K, 7K), Cisco Routers (series 7300, 4000, 3800, ASR 9000), Firepower (4100), Load Balancers (Citrix NetScaler, Cisco ACE, F5 BIG-IP LTM/GTM ADC), IDS/IPS (HIDS, NIDS, NIPS, HIPS), Fire eye, Splunk, Palo Alto Networks Firewalls (PA-820, series PA-3K, 5K), Checkpoint IP Appliances (NXG R60, R70, 3100, 5900),Fortinet Firewalls.
  • Hands on Experience on FortiGate firewalls (7040/7030) by implementing security policies and firewall rules.
  • Hands on experience in configuring high end routers like GSR 12000 series, 7500 series and Catalyst Switches like 7600, 6500, 4500 series. Extensive experience in upgrade, backup and password recovery of Cisco IOS.
  • Experience in working with Cisco Nexus Switches like 5000 and 7000 series and Virtual Port-Channel configuration. Implemented VDC, VPC, VRF and OTV on the Nexus 5505 and 7009 switches and 9K series.
  • Expertise in installing, configuring and troubleshooting Juniper Switches (series EX3300, EX4200, EX4600), Juniper Routers (series J, M and T) and Juniper series SRX Firewalls, Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/VPN-1. Experience deploying ACI in Network-Centric model.
  • Proficient in monitoring and managing networks using SolarWinds Netflow Traffic Analyzer, Network Performance Monitor (NPM), Network Configuration Manager (NCM); Cisco Prime, Arista, Security Device Manager (SDM), Cisco Works; Infoblox, HP OpenView and Wireshark. writing shell scripts.
  • Experience with Cisco IOS, Cisco ACI, F5. Strong understanding in cloud, managing systems and networks in an AWS and Azure environment. Primary support for all Blue Coat Proxy activities on the network security team.
  • Knowledge and configuration of redundant router protocols like HSRP, VRRP and GLBP.
  • Substantial knowledge, including the configuration, of Spanning Tree Protocol (STP), Per VLAN Spanning Tree (PVST), Rapid STP (RSTP) and Rapid per VLAN Spanning Tree (PVST+).
  • Thorough experience in configuring Virtual Local Area Networks (VLAN) with IEEE 802.1Q, VLAN trunking protocol (VTP), shortest path bridging, Multiple VLAN Registration Protocol and VLAN Cross Connect (CC).
  • Experience with F5 LTM, GTM and APM modules for application load balancing. Worked on migration from cisco ACE to F5. Worked on SSL off loading, Virtual servers, Monitoring, Profiles, iRules, SNAT.
  • Experience in troubleshooting both connectivity issues and hardware problems on Cisco based networks. Work with TAC on IOS bugs and high level issues.
  • Experience in testing Cisco routers and switches in lab scenarios and deploy on site for production.
  • Good knowledge of IPv4 and IPv6 Addressing, IP Subnetting, Fixed Length and Variable Length Subnet Masking (VLSM), OSI and TCP/IP models. Experience in migration of IPv4 addresses to IPv6 addresses using mechanisms like Tunnel Broker, Transport Relay Translation (TRT), In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3, SONET POS OCX/ GigE circuits.
  • In-Depth Knowledge and experience of various wireless 802.11 standards, controllers, Access Points, Wi-Fi analytics from various vendors (Cisco Meraki, HPE /Aruba, D-Link and Netgear), SD-WAN (MX 65, MX100, MX400).
  • Good understanding of SNMP, IP SLA and Network Monitoring with experience in tools like PRTG.
  • Experience in troubleshooting a variety of problems. Streamlined and improved process to be quicker to market, ensured compliance and optimized operational efficiency. Identified opportunities for continued improvements of process to ensure maximum output in focus to deadlines.

TECHNICAL SKILLS:

Router and VoIP Platforms: Cisco Routers series 7300, 4000, 3800, 2000, 1900; Juniper T4000, MX10, MX40, ACX2200, ACX5000; OnSIP, Avaya products, cisco IP phones

Routing Fundamentals and Protocols: Routed and Routing protocols RIP, EIGRP, IS-IS, OSPF, BGP, IPX; MPLS, IPv4 and IPv6 addressing, subnetting, VLSM, Static routing, ICMP, ARP, HSRP, VRRP, Route Filtering, Multicast, 802.11, Policy Based Routing, Redistribution, Port forwarding, Arista.

Switch Platforms: Cisco Catalyst series 2960, series 3560, 3850, 4500, 6500, 7000; Nexus series 2K, Netgear switches,5K, 7K; Nortel/Avaya 5510, 5520; Juniper EX3300, EX4600, EX4300, EX3400

Switching Fundamentals and Protocols: Ethernet technologies, LAN networks, MAC, VLAN and VTP, STP, PVST+, Multicast, RSTP, Multi-Layer Switching, 802.1Q, EtherChannel, PAgP, LACP, CDP, HDLC, RARP

Firewall Platforms: Juniper Net screen 6500, 6000, 5400, Juniper SSG, SRX5600, SRX5800, Checkpoint (NGX R65, 3100, 5100, 5900), Cisco Firewalls (ASA 5505, 5506-X, 5585), Netgear Firewall, Fortinet, Palo Alto Networks (PA series 2K, 3K and 5K), WAF, ACI.

Security Protocols: Standard and Extended ACLs, IPsec, VPN, Port-security, SSH, SSL, IKE, AAA, Prefix-lists, Zone-Based Firewalls, NAT/PAT, HIPAA standards, Ingress & Egress Firewall Design, Content Filtering, Load Balancing, IDS/IPS, Blue Coat URL Filtering, L2F, IDS, TCP Intercept, Router Security, SNMP trap

Network Management and Monitoring: Wireshark, Infoblox, HP OpenView, Cisco Prime, Security Device Manager (SDM), CiscoWorks; TCP Dump and Sniffer; SolarWinds NetFlow Traffic Analyzer, Network Performance Monitor (NPM), Network Configuration Manager (NCM), SevOne, SiteScope.

Load Balancers: F5 (BIG-IP) LTM 2000, 3900, 6400, 6800, AV 510, ASM, Citrix NetScaler, APM

WAN technologies: Frame-Relay, ISDN, ATM, MPLS, PPP, DS1, DS3, OC3, T1 /T3 lines, SONET OC3-OC192, SDH, POS, PDH

Cloud Computing and Automation: AWS, Microsoft Azure, Cisco Meraki, C, Python scripting, Shell, Cloud Migration

Other Networking Protocols and Fundamentals: DHCP and DNS server, Shell, Active Directory Management, NTP, NDP, TCP, UDP, FCP, Network Implementation, Troubleshooting techniques, NHRP, NetBIOS, NFS, FTP, TFTP, HTTP, PAP, PPTP, SIP Trunking, SNMP logging, BitTorrent, SMTP, RADIUS and TACAS+, PBX servers, SDN, SAN

Operating Systems: Windows 10/7/XP, MAC OS, Windows Server, Nexus OS, Cisco IOS-XR, Linux, UNIX

Wireless Technologies: Canopy Wireless Devices, D-Link Point-to-point Wireless, D-Link APs, CISCO 1200 series APs, Aruba wireless and APs, Cisco Meraki, Linksys Wireless/Wi-Fi Routers

Microsoft Office: Visio, Excel, PowerPoint, Word

Change Management: ServiceNow

PROFESSIONAL EXPERIENCE:

Confidential, Memphis, TN

Senior Network Engineer / Security Engineer

Responsibilities:

  • Performing the ACL requests change for various clients by source and destination information provided and researched by detailed discovery process. Providing Technical Support and solutions for Network Problems.
  • Maintained complex LAN/WAN networks with several VLANS and provided support for routing protocols and providing secure sessions over internet using IPSec and SSL encryption.
  • Configured Bluecoat Proxy SG Web Application Reverse Proxy for securing and accelerate public web applications.
  • Worked extensively on Cisco ASA 5500 (5510/5540) Series and migrated to PA 5000 series firewall. experience in configuring and supporting site-to-site and remote access Cisco, IPsec, VPN solutions using ASA firewalls, Cisco and VPN client
  • Supporting EIGRP and BGP based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations.
  • Working with Palo Alto/ ASA/Fortinet Firewall Administration, Rule Analysis, Rule Modification. URl filtering, SSL decrytption, SSL forward proxy etc. on PA firewalls.
  • Worked on configuration of policies on Zscaler Proxy servers. Worked on configuring Pzens in Cloud and in internet DMZ in each data center.
  • Provided Layer-3 redundancy by implementing HSRP and GLBP for High availability.
  • Implementation and Configuration (Profiles, iRules) of F5 Big-IP LTM-6400 load balancers.
  • Configured ultra-high NGFW threat protection performance and SSL inspection
  • Performed single-pane-of-glass management, threat analytics and actionable reports to enforce policies, understand targeted threats and meet compliance on a FortiGate
  • Implemented FortiADC (Fortinet) with Cisco ACI and upgraded it to 5.2.0 version.
  • Performing troubleshooting on slow network connectivity issues, routing issues that involves OSPF, BGP, static routing and policy-based routing and identifying the root cause of the issues. Configuration 7609, 7606 with OSPF and catalyst 6505, 4500, 3550 switches with various VLAN.
  • Configured routers and coordinated with LD Carriers and LECs to turn-up new WAN circuits. Configuring, Maintaining the Routers and Switches and Implementation of RIP, EIGRP, OSPF, BGP routing protocols and trouble shooting.
  • Providing both secure site-to-site tunnels and legacy support for client-based remote access on net gear firewalls.
  • Working on Providing Network connectivity between company application servers to different client servers using company applications and third-party data centers, company networks relying in to different countries. Performed troubleshooting on site-site VPN connectivity to allow access to application server subnets in encryption domain.
  • Installed, configured Cisco Meraki equipment and web-based monitoring platform for MR32 wireless access points.
  • Creating change in ServiceNow in timely manner with consideration of matching lead period time, change type, and scheduling changes in appropriate time windows without any conflicts.
  • Performing Peer review and providing approvals to changes, creating and soling service catalogue requests (RITM) in ServiceNow.
  • As a change implantation team member, worked on change management lifecycle from creating a change in draft state to planning, assessment, designing work instructions, getting approvals from respective groups, implementing successful changes and closing in timely manner in ServiceNow.
  • Worked on Network monitoring tools like SiteScope, Sevone, sun Solaris. Adding Configuration items (CI) records in ServiceNow, creating and up-gradating new SSL certificates, creating DNS A-record requests. performing OAT of devices, active directory database.

Environment: s: Cisco switches (Catalyst 3k,4k,6k and Nexus 5k, 7k), Shell, Cisco routers (ASR, ISR), Cisco CSS Load balancers, BIGIP F5 LTM, GTM, Palo alto, Cisco ASA, Checkpoint firewall, Juniper SRX, Netgear Firewall, ServiceNow, Chang management, IPSec VPN, site-site VPN,C programming, Fortinet, Netgear switches, Infoblox, sevone, Sun Solaris, IP Subnetting, RoyalTS, Putty, SecureCRT.

Confidential, Atlanta, GA

Senior Network Security Engineer / Firewall Engineer

Responsibilities:

  • Worked primarily as a part of the security team and daily tasks included firewall rule analysis, rule modification and administration. Experience in working with designing, installing and troubleshooting of Palo Alto firewalls.
  • Adding and removing checkpoint firewall policies based on the requirements of various project requirements.
  • Experience with Firewall Administration, Rule Analysis, Rule Modification.
  • Configure all Checkpoint, Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale Firewall deployments.
  • Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
  • Design and Architecture of F5 LTM, GTM, APM, ASM and application delivery network.
  • Responsible for Cisco ASA firewall administration across the network.
  • Installing & rebuilding IP appliances, checkpoint appliances. Configuring & troubleshooting Checkpoint Cluster XL& VRRP
  • Monitored and managed networks using Cisco Works tools and Wireshark
  • Configured Aruba access points, troubleshoot connectivity issues with Aruba access points. Prepared wireless survey reports, reports documenting completed projects and AP placement maps.
  • Providing secure remote access for offsite employees to the network by offering multiple types of virtual private network (VPN) tunnels on netgear firewall.
  • Configure Amazon Web Services (AWS) F5 ASM to protect block chain cloud applications.
  • Experience performing phased migrations of traditional data centers to ACI model.
  • Monitoring the network traffic with the help of Q radar and Cisco IPS event viewer.
  • Configured Juniper MX480s, EX8200s, EX4500s, EX4200s, and SRX5800s from scratch to match design
  • Implementing network services such as DNS, IP address, firewall and routing as a Infrastructure as a Service (IAAS) in Public Cloud. Experience implementing Blue Coat web proxies.
  • Installing and configuring new Cisco equipment including Cisco catalyst switches 6500, Nexus 7010, Nexus 5548 and Nexus 2k as per the requirement of the Organization.
  • Advanced implementation and consultation on all F5 Networks ADC BIGIP platform network modules (incl. LTM, GTM, AFM, ASM, APM).
  • Knowledge of ACI Integration with VMware, firewalls & load balancers and application gateways.
  • Worked primarily as a part of the security team and daily tasks included firewall rule analysis, rule modification and administration. Experience in working with designing, installing and troubleshooting of Palo Alto firewalls.
  • Configuring & managing around 500+ Network &Security Devices that includes Juniper SRX Firewalls, F5 BigIP Load balancers and Nexus Devices. Experience working with JUNOS OS on Juniper Routers and Switches.
  • Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
  • Managing and providing support to various project teams with regards to the addition of new equipment such as routers switches and firewalls to the DMZs.

Environment: Cisco 2948/3560/4500/3560/ 3750/3550/3500/2960 6500 switches and Cisco 3640/12000/7200/ 3845/3600/2800 routers, shell, C programming, Cisco Nexus 7K/5K, Cisco ASA 500, Infoblox, Checkpoint, Netgear Firewall, Aruba, Cisco Works tools, Wireshark Netgear switches, Bluecoat, windows server 2003/2008: F5 BIGIP LTM,ASM,APM, RIP, OSPF, BGP, EIGRP, LAN, WAN, VPN, HSRP.

Confidential, Cary, NC

Senior Network Engineer

Responsibilities:

  • Recommended Security considerations for the Intranet data center, integrating security, providing solution design details and configuration details Developed Automated reports from shell script as per Client requirement.
  • Manage a very large DNS environment using Lucent QIP and manual management of DNS for DMZ/External servers broad Hands on Experience in Inter-VLAN routing, redistribution, access-lists and dynamic NAT
  • Defining the application security class in the associate that to the local traffic pool in ASM, APM.
  • Experience deploying ACI in Network-Centric model, Data center Architecture; SDN/ACI.
  • Installation, configuration and OS upgrade of Sun Solaris 8, 9, 10 and Red hat Linux.
  • Configured VLAN, Spanning tree, VSTP, SNMP on Juniper EX series switches.
  • Designed and implemented remote dial up solution for clients. Blue Coat Admin Experience.
  • Increasing business speed, agility, and efficiency by taking charge of core network and security using Infoblox.
  • Created many security policies depends on the requirement using Deployment wizard in ASM.
  • Worked on implementing 802.1X through cisco ACS and ISE. Migrated policies from ACS to ISE. Implemented end point security for wired and wireless users using certificate based and MAC bases authentication.
  • Worked with Juniper SRX550 and Palo-alto Next-Gen PA-5000 Firewalls implementing and managing NAT, IPsec, site-to-site and remote VPNs, advanced inspection, anti-spoofing and AAA policies.
  • Implemented VoIP solutions using SIP & H.323 for Cisco routers 2851 and practiced sound knowledge of Avaya VoIP products. Design and Architecture of F5 LTM, GTM, APM, ASM and application delivery network.
  • Securing the applications from threats by offloading the SSL in ASM.
  • Designed and implemented Aruba wireless infrastructure to ensure full connectivity and continuous service.
  • Configured and managed with Aruba/cisco wireless access points 205 series supporting 802.11 ac.
  • Set Aruba Access to link distribution switch system and then to WLAN controller. Configured AP groups, Authentication roles, SSID, 802.1X, RF parameters, 2.4 and 5 GHZ bands, provision Aps etc.
  • Worked hand-in-hand with different vendors for company products, solutions and performance.
  • Configuring Virtual Device Context in Nexus 7010 and Worked on Network support, implementation related internal projects for establishing connectivity between the various field offices and data centers.
  • Coordinated with a team to upgrade network by changing primary routing protocol to OSPF from EIGRP and Participated in the modification of BGP from multiple MPLS powered routers
  • Implementation Route redundancy protocols like HSRP, VRRP, GLBP.
  • Efficient in cabling as per co-location contracts with loop-back testing, including all DS1, DS3, T1, T3, CAT 6 and CAT 5 connections as per defined cabling procedures.

Environment: VSS, DNS, NAT, Cisco ASA, VPN, Checkpoint, Cisco Firewalls, C programming, Cisco PIX, F5 (LTM),ASM,APM, Load balancers, RIP, OSPF, Juniper, Shell, VSTP, SNMP, Infoblox, VLANs, Port Security, VDC, VPC, OTV, Nexus 5k, 7k, Netgear switches, Juniper SRX550, Palo-alto, Netgear Firewall, IPsec, Wireshark, SolarWinds, VoIP, Aruba, 802.11, WLAN, EIGRP, BGP, DHCP, Blue coat, HSRP,VRRP,GLBP, VTP, ACL,WAN, DS1, DS3, T1, T3, CAT 6 and CAT 5 connections, Aruba.

Confidential, Tarrytown, NY

Network Engineer

Responsibilities:

  • Creating change tickets according to the scheduled network changes and implementing the changes.
  • Assisted in troubleshooting LAN connectivity and hardware issues in the network of 500 hosts.
  • Performed client requirements to provide solutions for network design, configuration, administration, and security.
  • Involved in troubleshooting IP addressing issues and Updating IOS images using TFTP.
  • Maintained redundancy on Cisco 2600, 2800 and 3600 routers with HSRP.
  • Writing and assisted in designing a Shell script in automations tasks.
  • Created a backup and recovery policy for software application and verified peripherals are working properly.
  • Monitor performance of network and servers to identify potential problems and bottleneck.
  • Performed RIP & OSPF routing protocol administration. Support services to reduce the downtime on leased lines.
  • Troubleshoot problems day to day basis & provide solutions that would fix the problems within their Network.
  • Maintenance and Troubleshooting of connectivity problems using Ping, Trace route.
  • Daily responsibilities included monitoring remote site using network management tools, assisted in design guidance for infrastructure upgrade & help LAN administrator with backbone connection and connectivity issue Other responsibilities included documentation and support other teams
  • Supported and executed migration to F5 BIG-IP LTM/GTM ADC, ASM, APM Appliances from Citrix NetScaler
  • Participated in the installation, configuration, and post installation routine operational tasks and configuration of the Cisco Nexus Switches. Worked with JunOS maintaining Juniper EX4600, EX3400, EX4300 series switches and ACX1000 router to maintain some sites and stations
  • Worked with Nagios for monitoring of network services (SMTP, POP3, HTTP, NNTP, ICMP, SNMP, FTP, SSH)
  • Provided full visibility and notification of authorized and unauthorized network access with integration of CISCO ASA and NAC solutions.
  • Performed Load balancing F5 BIG-IP LTM ADC 6400, ASM, APM, Cisco ACE 4710.
  • Implementing traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).
  • Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tunings AS-path
  • Involved in Design and Implementation of complex networks related to extranet clients.
  • Troubleshooting the N/W Routing protocols (BGP, EIGRP and OSPF) in Migrations and new client connections.
  • Manage operational monitoring of equipment capacity/utilization and evaluate the need for upgrades; develop methods for gathering data needed to monitor hardware, software, and communications network performance.
  • Worked towards the key areas of the project to meet SLA’s and to ensure business continuity. Involved in meetings with engineering teams to prepare the configurations according to the requirement.

Environment: Cisco 3750/3550/3500/2960 switches and Cisco 3640/12000 /7200/3845/3600/2800 routers, Cisco ASA5510, Checkpoint, F5 Load Balancer Cisco Nexus7K/5K,Checkpoint,Cisco ASA, Nexus 5k and 7k, NX-OS, Meraki, BIG-IP, LTM/GTM, ADC, ASM, APM Citrix NetScaler, C Programming, Juniper EX4600, EX3400, EX4300, ACX1000, JunOS, Infoblox, DNS, DHCP, Web Application firewall (WAF), POP3, HTTP, NNTP, ICMP, SNMP, Shell, FTP, SSH, Wireshark, NAC, Cisco ACE 4710, OSPF, Frame Relay, MPLS, BGP,VLAN, IPSec, QOS,RIP.

Confidential

Network Support Engineer

Responsibilities:

  • Worked with the Help Desk for circuit troubleshooting to give Support to the Tech persons at the site.
  • Configuring routers and sending it to Technical Consultants for new site activations and giving online support at the time of activation.
  • Supporting Development team for the access to corporate network and outside world. Providing access to specific IP, Port filter and port access.
  • Experience in Cisco 7200, 7600 routers, Cisco 2800 3700 series switches: Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay and ATM).
  • Performed troubleshooting, while maintaining trouble ticket tracking, following internal/external escalation procedures and customer notifications. Configured Cisco Routers for OSPF, RIP, IGRP RIPv2, EIGRP, Static and default route.
  • Configured the Cisco router as IP Firewall and for NATting.
  • Switching (Ethernet) related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.
  • Installed and configured PIX 520, 525, 535 series firewalls, configured standard and extended access-lists and policy- based filters.
  • Configured ASA 5510 appliance and VPN.
  • Responsible for implementing Qos prioritizing voice traffic over a data.
  • Implemented SNMP on Cisco routes to allow for network management. Completed the installation and configuration of T1, T3 & OC3 circuits.
  • Troubleshoot TCP/IP problems, troubleshoot connectivity issues

Hire Now