SUMMARY:

• 8.3 years of IT experience in design, development, implementation, troubleshooting and maintenance of complex Network & Security devices, Network Security, Linux Kernel Programming.
• In - depth Cisco technology experience/knowledge in design, implementation, administration and support.
• Strong hands on experience in installing, configuring, and troubleshooting of Cisco 7600, 7200, 3800, 3600, 2800, 2600, 2500 and 1800 series Routers, Cisco Catalyst 6500, 4500, 3750, 2950 and 3500XL series switches.
• Expertise in installing, configuring and troubleshooting Juniper Routers ( E,J,M and T-series)
• Experience with design and implementation of Virtual Switching System (VSS)
• Implementing 3750 Stackable switches using Cisco Stack Wise technology. Experience to review and evaluate current and future design issues as required maintaining network integrity, efficient data flow.
• Excellent Verbal, written communication skills and Interpersonal skills with ability to work with large teams as well as independently with minimum supervision & Team Player
• In-depth knowledge of Linux Kernel Programming (Module Programming)
• Hands-on experience in configuring Cisco routers to perform functions at the Access, Distribution, and Core layers.
• Proficient with Cisco ASA 5500 series firewall.
• Hands on experience on Zone Based firewall and Proventia MX 1004 firewalls.
• Good domain knowledge in Linux source code 2.6x & Shell scripting
• Network security including NAT/PAT, ACL, VPN Concentrator.
• Well experienced in configuring gateway redundancy protocols like HSRP, GLBP, PPP and SNMP.
• Juniper: EX-2200,EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240
• Strong Hands on experience in installing, configuring and troubleshooting of Cisco 12404,12406,7600, 7200, 3800, 3600, 2800, 2600, 2500 and 1800 series Routers, Cisco Catalyst 6500, 4500, 3750, 2950 and 3500XL series switches.
• Worked on Load Balancer F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
• Well Experienced in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP, HDLC, PAP, CHAP, and SNMP.
• Designing, Implementing and Troubleshooting Cisco Routers (2800,2900,3900,3800,7600) using Static, RIP, IGRP, OSPF, EIGRP & experience with Checkpoint, Cisco PIX & ASA devices
• Primary responsibility is to design and deploy various network security & High Availability products like Cisco ASA and other security products.
• Advanced knowledge of OSI model, TCP/IP, Internet technologies, system security, firewall infrastructure, network architecture and Cisco network routing / switching (Layer 2 and 3) experience, including LAN and WAN, design and implementation which includes Layer 1 to Layer 7 experience
• Expertise in network protocols, Firewalls and Communication Network design.
• Experience with Troubleshooting tools for example protocol analyzers, load generators & network traces
• Working knowledge of frame relay, MPLS services, OSPF, BGP and EIGRP routing protocols, NATing, sub-netting, also including DNS, WINS, LDAP, DHCP, http, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, STP (Spanning tree Protocol), RTSP & Multicasting protocols
• Corporate trainer for certification like CCNA, CCNP, Hardware & Networking.
• Designing, Implementing and Troubleshooting Cisco 3750, 3550, 3560, 2924, 6509-V-E, 6513, 6504, 6503, 6506, 6500 series switches
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for a datacenter access architecture Expertise in installing, configuring and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 series
• Enterprise Routing experience using protocols EIGRP, OSPF and BGP

TECHNICAL SKILLS:

Programming: Linux Kernel Module Programming, TCL/TK, Perl, Network Processors (Programmable Chips), Redhat Linux

WAN: Leased lines 64k - 155Mb (PPP / HDLC), Channelized links (E1/T1/E3/T3), Fiber Optic Circuits, Frame Relay, ISDN, and Load Balancing.

Firewall: - Cisco 55XX, MX Proventia, Zone Based Firewall

Juniper: EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240

Security: Anomaly Detection in attack prevention system, IPS/IDS, Penetration Testing and Web application testing, Buffer Overflows, Cross Site Scripting, Session Management, Cisco PIX, and Security attacks like DoS, DDoS, Spoofing, Nessus & Cisco IOS, Cisco Works IOS features, HSRP, VRRP, GLBP, NAT, SNMP, SYSLOG, DHCP, CDP, DNS, HTTP, TFTP, FTP, Embedded Packet Capture (EPC), Load Balancing, Server Load Balancing (SLB), SSH and Telnet

Network Security: NAT/PAT, Ingress & Egress Firewall Design, VPN Configuration, Internet Content Filtering, Load Balancing, IDS/IPS, URL Filtering -Web-sense, Kiwi Syslog Server Logging, SSL, IPSEC, IKE, Static, Dynamic, Reflexive ACL, and authentication AAA (TACACS+ &RADIUS)

Protocols & Standards:: TCP/IP Protocol Suite, Ethernet, Token Ring, FDDI, OSPF, EIGRP, Rip, BGP, HSRP, L2/L3/L4/L7 Switching, VLAN s, VTP, IPv4, IPv6, ATM, VoIP, LAN, SSL, SNMP V1, V2. T1, DS3.

Networking: Network Design & Engineering, Operations Research, Cisco Routers (800, 2600, 2800, 3800, 4500), Switches (2950, 3560, 6500), Snort network intrusion detection systems (IDS). Network penetration testing tools like NMAP, Net filter, IP Tables, Ethereal, SONNET, MPLS, DSU/CSU

PROFESSIONAL EXPERIENCE:

Confidential, Malvern, PA

Data Center Network Engineer

Responsibilities:

• Data center migration was involved in Access, Distribution and Core layers.
• Experience with design and implementation of Virtual Switching System (VSS) for both User segment and server segment using 6509-V-E catalyst switches
• Implementing 3750 Rack/Stack switches using Cisco Stack Wise technology
• Experience with migration Hybrid based Cisco CatOS and Native Cisco IOS on 6500 catalyst switches.
• Involved in migration of WLAN segment on the LAN Core. Also, involved in configuring wireless VLANS
• Converting access-lists to Firewall rule sets on FWSM module with 6509-E Catalyst switches

Confidential, Alpharetta, GA

Network Engineer

Responsibilities:

• Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment
• Involved in designing and implementing QOS and policy map to 2800 series routers for all the branches
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000
• Automated network implementations and tasks and designed monitoring tools using python scripting
• Implementing and Maintaining Network Management tools (OPAS, Solar Winds, Cisco Works)
• Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls.
• Replace branch hardware with new 2851 routers and 2960 switches.
• Write python scripts to perform the configuration push, erase existing configs and reload the devices.
• Designed, validated and implemented LAN, WLAN & WAN solution to suite client’s needs.
• Configured and designed LAN networks with Access layer switches such as Cisco 4510, 4948, 4507 switches.
• Support Panorama Centralized Management for Palo alto firewall PA-500, PA-200 and PA3060, to central manage the console, configure, maintain, monitor, and update firewall core, as well as back up configuration
• Designed and implemented DMZ for Web servers, Mail servers &FTP Servers using Cisco ASA5500 Firewalls.
• Configure all Palo alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments
• Monitor and respond to network intrusions and vulnerability alerts raised by automated detection systems, internal and external reports and manual investigation, using tools such as: Solar Winds Network Monitoring, Source Fire IDS, and Palo Alto Firewall Administration.
• Establish AWS technical credibility with customers and external parties
• Help customers build scalable, resilient, and high-performance applications and services on AWS
• Develop/capture/document architectural best practices for building systems on AWS
• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
• Experience with configuring Virtual Server and Configuring Load balancing methods in F5 LTM
• Experience with Firewall Administration, Rule Analysis, Rule Modification
• Experience with Network Redesign of branch and Campus Networks. This includes changes to both the voice and data environment.
• Implemented Load Balancing between Cisco L3 Switch by HSRP and GLBP
• Configuring OSPF and Static routing on Juniper M and MX series Routers
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed
• Experience in configuring vdc, fex pinning, fex port-channel, port-channel, peer keep alive, peer link.
• Experience in working and designing configurations for VPC, VPC domian, Vpc peer-gateway, VPC peer-switch, auto-discovery, and VPC single sided, VPC double sided, NX-OS, VFR, Otv, fabric path.
• Experience with migrating the Partner IPSEC VPN tunnels from one data center to another data center.
• Replace Campus Cisco 6509 End of Life hardware with new 4507/4510 devices.
• IOS upgrade in Nexus 7010 through ISSU (In service software upgrade)
• Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tuning AS-path.
• Worked on Juniper J series j230, M 320 routers and EX 3200 series switch.
• Experience in working with Nexus 7010, 5548, 5020, 2148, 2248 devices.
• Designed and configured the commands for QoS and Access Lists for Nexus 7K and 5K.
• Configuring Virtual Chassis for Juniper switches EX-4200,Firewalls SRX-210
• Design and implementation of GET VPN architecture used for multicast and unicast communication on an existing IP VPN.
• Modified automation scripts using python coding languages for pre and post checks, SNMP to improve efficiencies, enable scale and reduce costs over time.
• Worked extensively on Cisco ASA 10/5540) Series
• Responsible for working on the vendor DMZ migration project to migrate various vendors on SRX/SSG firewalls to a unified Cisco ASA device in our primary/redunadant datacenters
• Experience on designing and troubleshooting of complex BGP and OSPF routing problems,
• Involved in configuring IP Quality of service (QoS)

Confidential, Charlotte, NC

Sr. Network Engineer

Responsibilities:

• Design and implement campus switch network with Cisco Layer 3 switches (3750, 4500 and 6500) in multi VLANs environment and inter-VLAN routing, HSRP, ISL trunk, ether channel.
• Hands on experience installing Sup720 for Cisco 6509-E series and its Gigabit Ethernet port deployment in the Core network
• Experience in working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a flexible Access Solution for datacenter access architecture.
• Configuring HSRP between VLANs, Configuring Ether-Channels, Port Channel on 6500 catalyst switches
• Configuring PAGP and LACP protocol along with BFD link detection protocol
• Experience with hybrid CatOS to Native Cisco IOS code migration involving Catalyst 6503 to Catalyst 6504 switches
• Worked on network automation using python
• Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Configured EIBGP load balancing and ensured stability of BGP peering interfaces.
• Worked on network automation using python
• Upgrading IOS on 2960 and using 2960 switch as a PAGP between VSS
• Involved configuring ppp multilink group, dialer group, PPP authentication protocols like PAP, CHAP
• Working knowledge of Terminal server and the configurations
• Experience in configuring routing protocols like EIGRP,RIP v2, OSPF & BGP and Cisco ACS protocols like RADIUS and TACACS
• Configuring various advanced features (Profiles, monitors, I Rules, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital Certificates, executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
• Worked on F5 LTM series like 7050, 5050, 2200 for several applications and their availability.
• Responsible for the configuration of Virtual Servers, Nodes, and load balancing Pools and configuring load balancing algorithms.
• Work on multiple Port open requests for multiple business units in the organization on ASA and SRX firewalls
• Administrating Palo Alto Network Firewalls using Panorama Centralized Management System and troubleshooting firewall rules to prevent system problems.
• Migration and implementation of Palo Alto Next-Generation Firewall seriesPA-500, PA-3060, PA-5060, PA-7050, PA-7080.
• Involved in configuring Juniper and Cisco ASA firewalls and applying rules to pass servers and switches through firewall.
• Experience with setting up IPSEC VPN on Juniper SRX 3600 Firewalls towards the multiple Customer sites as backup path to the datacenter.
• Configured Cisco ASA 5510 for VPN Network Access Control integration with Cisco ISE (Inline PEPs)
• Troubleshoot traffic passing managed firewalls via logs and packet captures
• Configuring, Monitoring and Troubleshooting Cisco’s ASA 5585 security appliance, Failover DMZ zoning and configuring VLANs/routing/NATing with the firewalls as per the design
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Cisco IOS experience on 3600/7200 class hardware in complex WAN environment and experience on Cisco OS and IOS on CAT6500 in a complex data center environment
• Data center migration was involved in Access, Distribution and Core layers.
• Experience with design and implementation of Virtual Switching System (VSS) for both User segment and server segment using 6509-V-E catalyst switches
• Implementing 3750 Rack/Stack switches using Cisco Stack Wise technology
• Experience with migration Hybrid based Cisco CatOS and Native Cisco IOS on 6500 catalyst switches.
• Involved in migration of WLAN segment on the LAN Core. Also, involved in configuring wireless VLANS
• Converting access-lists to Firewall rule sets on FWSM module with 6509-E Catalyst switches
• Converting CatOS to Cisco IOS Config Conversion on distribution layer switches

Confidential, Washington, DC

Network Engineer

Responsibilities:

• Responsible for Firewall Administration, Rule Analysis, Rule Modification on ASA 5585, SRX550 devices.
• Experience on working with the Trouble Tickets on F5 Load balancers on LTM module.
• Involved in configuring IP Quality of service (QoS)
• Experienced in WAN environments, installing and troubleshooting data circuit problems (MPLS, T1)
• Involved in designing and applying QOS and policy map to 2800 series routers for all the branches
• Involved in designing GRE tunnels for encryption of data flow from source to destination
• Hands on experience with Cisco 3500, 3750, 4500, 6500 series equipment and configuring and deploying and fixing them with various modules like Gig card, VPN SPA card, WIC card.
• Experience in migration of Frame-relay based branches to MPLS based technology using multi-layer stackable switch like 6500 series and 2800 series router
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks
• Experience in configuring routing protocols like EIGRP, RIP v2, OSPF & BGP and Cisco ACS protocols like RADIUS and TACACS
• Configuring STP for switching loop prevention and VLANs for data and voice along with Configuring port security for users connecting to the switches.
• Understanding & Implementation of IPSEC & GRE tunnels in VPN technology
• Involved in designing L2VPN services and VPN-IPSEC authentication & encryption system.
• Experience in HSRP standby troubleshooting & Experience in configuring & upgrading of Cisco IOS
• Implementing & Troubleshooting of T1, MUXES and CSU/DSU and data circuits.
• Have experience with Cisco Works LAN Management Solution
• Created effective network security by migrating from Check Point FW-1 NG to ASA 5510 Firewalls
• Applying crypto maps and security keys for the branches, ISAKMP (Internet security association key management protocol) for establishing Security associations (SA) cryptographic keys.
• Experience with Project documentation tools & implementing and maintaining network monitoring systems (Cisco works & Net info, Info man Virtual Change) and experience with developing network design documentation and presentations using VISIO
• Experience on designing and troubleshooting of complex BGP and OSPF routing problems,

Confidential

Sr. Network Engineer

Responsibilities:

• Performed switching technology administration including VLANs, inter-VLAN routing, Trunking, STP, RSTP, port aggregation & link negotiation.
• Experience in Cisco switches and routers: Physical cabling, IP addressing, Wide Area Network configurations.
• Managed IP addressing and implemented IP Access Lists.
• Documented the design, implementation and troubleshooting procedures.
• Involved in network monitoring, alarm notification and acknowledgement.
• Worked on Cisco ASA Firewalls and F5 load balancers
• Maintained complex LAN/WAN networks with several VLANS and provided support for routing protocols.
• Maintaining Network Integrity on LAN and WAN Networks.
• Configuring and Troubleshooting Routing protocols OSPF, RIP, EIGRP & BGP.
• Have sound knowledge of Firewall architecture, routing and VPN.

Confidential

Sr. Network Engineer

Responsibilities:

• Involved in all technical aspects of LAN and WAN projects including, short and long term planning, implementation, project management and operations support as required
• Implemented Checkpoint firewall and configured rules.
• Conduct through analysis, problem solving, and infrastructure planning
• Upgrade Cisco 7200, 3600 Router IOS Software, backup Routers and Catalyst 3560, 4500 switch configurations
• Support 24x7 operations and answer calls from the customers on network emergencies and resolve issues
• Install and manage Cisco Catalyst 3500XL, & 2960 series Switches and Cisco 1800, 3900 series routers
• Hands on Experience in Inter-Vlan routing, redistribution, access-lists and dynamic Natting
• Experience in installing, configuring and troubleshooting of Checkpoint Firewall
• Experience in adding Rules and Monitoring Checkpoint Firewall traffic through Smart Dashboard and Smart View Tracker applications
• Log messages using Syslog server and analyze the issues related to high CPU utilization and parameters that can degrade performance of the network
• Provide assistance to Network Manager and serve as Secondary Network support.
• Troubleshoot and fix any backup and monitoring systems related issues in conjunction with Systems team and external vendors