SUMMARY:

• 9+ years of experience in designing, performing Network analysis, troubleshooting, maintaining and supporting complex network systems.
• Experience with BIG - IP F5 load balancers, version 9.x, 10.x, 11.x.
• Performed F5 appliance (LTM, GTM, APM, and ASM) maintenance and system upgrades including hot fixes and security configurations.
• Worked with F5 based profiles, Virtual IP's, iRules for virtual IP's, monitors and pool members.
• Dealt with F5 load balancing of web traffic and data center environment failover for HA servers, Fabricpath.
• Deploying and decommission of VLANs on core ASR 4300, 1K, 2K, 3K, 7K 9K, Nexus 7K and 5K and its devices and Migrating MPLS L2, L3 VPN in brocade firewalls.
• Performed Ospf, BGP, EIGRP profile, IPV6, Bundle Ethernet implementation on ASR 4300, 1K, 2K, 3K, 7K 9k, Cisco 6500 Series and Juniper routers
• Extensive experience in wireless larlution with IEEE 802.11 standards, encryption, WIDS, rogue detection, 802.1x,Aruba I/AP, Aruba Airwave, Aruba ClearPass, and Splunk
• Implemented ServiceNow ITSM applications utilizing ITIL V3 benefits best practice processes, methods, testing, and training projects for multiple, diverse organizations.
• Providing support for voice communications technology and VoIP Protocols.
• Configuring and troubleshooting Site to Site VPN, Remote accessVPN, IPSec VPN, SSL VPN, DMVPN.
• Supports multiple business lines and a network of global data centers through the administration of SSL certificates.
• Extensive development in ServiceNow including Implementation, Customization and Maintenance of ITIL modules such as Incident, Change, Problem, Knowledge, Service Catalog, CMDB in ServiceNow.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution, migration with both Checkpoint and Cisco ASA VPN experience.
• Deploying, implementing and providing support for Cisco 1800, 2500, 2600, 2800, 3600, 3750, 3800, 7200, ASR 1K, 9K routers, Cisco 2900, 3500, 3700, 4000, 4500, 4900, 5000, 5800, 6500, 7600, Cisco Nexus and catalyst, Arista Switches JuniperE series, J series and M series. Juniper SRX & VPN, T -Series, MX-Series Routers. Checkpoint (NGX R65, R70 and R71), Juniper Firewalls (SRX5400, SRX5600, and SRX5800), Cisco los (ASA 5505, 5506-X, 5585), Palo Alto Networks Firewall models (5060, 7060)
• Deploying and migrating complex layer 2 technologies such as VLAN Trunks, VTP Ether channel(LACP), Port channels(PagP), STP(PVST+), RSTP and MST from Cisco to Arista switches
• Configuring and troubleshooting Cisco Wireless Networks: LWAPP, WLC, WCS, Standalone APs, Roaming, Wireless Security Basics, IEEE 802.11 a/b/g, RF spectrum characteristics.
• Implementation of DHCP, DNS, FTP, TFTP, HTTPS, web security architecture, Frame Relay, MPLS, ATM, software Defined Networking (SDN).
• Installed and configured databases on Unix/Linux platforms, managing swap configurations, virtualization (VMware ESXi 5, 5.5 and Oracle Virtual Box).
• Responsible for the secure development lifecycle for Cisco's Nexus line of products, including Application Centric Infrastructure (ACI), Application Policy Infrastructure Controller (APIC) - Cisco's Software Defined Network (SDN) solution, as well as the Cisco Nexus 9k, 7k, 6k, 5k, 4k, & 2k.
• Expertise in Virtualization with vSphere, VMware ESXi 5/4.1/4 and 3.x hosts and Virtual Center server.
• In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Subnetting, IPAM, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 Sonet POS OCX / GigE circuits, Firewalls.
• Experience through Hand-on Experience with configuring T1.5, Gigabit Ethernet, Channelized T3 and full T3, OCX, ATM, Frame-Relay and VOIP (Voice-Over Internet Protocol).
• Experienced working on network monitoring and analysis tools like, Solar Winds, Cisco Works, River Bed, Cisco Prime, NETQOS, EMAN.
• Up-grading and degrading the OS (IOS, NX-OS, JUNOS) for switches and routers as per requirement.
• Involved in analysis of end user requirements and business rules based on given documentation and worked closely with tech leads and Business analysts in understanding the current ServiceNow system.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.
• Used tools such as HP Arc Sight, Bluecoat Reporter 9 web proxy, Network Security Manager (NSM, NMN) and Palo Alto to correlate network events/alerts to get a more in-depth analysis of network traffic.
• Extended the support to all unified communications components including troubleshooting, configuration, optimization and design of a multi-cluster environment.
• Knowledge of large-scale Cisco Communication Manager, Messaging, presence and conferencing solution Architecture, Design and installation.
• Reviewing and validating existing telecom services and solutions.
• Experiences with using Virtualization tools like Citrix, VMware, Hyper V.
• A highly-organized individual who adopts a systematic approach to problem solving, effectively analyzes results, and implements solutions.
• Worked with ticketing tools like ServiceNow, Remedy tool.
• Worked on security products such as Cisco ISE
• Strong Knowledge on SDN (software defined network).
• Ability to manage all phases of network installation and administration.
• Excellent customer management/resolution, problem solving and debugging skills with good verbal/written communications and presentation skills.
• Adding and removing checkpoint firewall policies based on the service requests from different user
• Experience with Net screen Firewall, Sidewinder Firewall, McAfee Web/Email Gateway, Net scout, Blue Coat or Cisco ASA, IPS/IDS.
• Experience in technical documentation of Change management process and Project documentation using Excel and VISIO.
• Well organized, Self-starter, Quick learner, Self-motivated, Team player with analytical, technical and communication skills.

TECHNICAL SKILLS:

Load Balancer: ACE Module, F5 Networks (Big-IP) LTM 8900 and 6400, F5 APM, Citrix Net scalar

LAN Technology: Workgroup, Domain, HSRP, DNS, DHCP, IPAM, Static, VLAN, STP, VTP, Ether Channel, Trunks.

WAN technology: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET.

Various Features &Services: HSRP, VRRP, GLBP, NAT, SNMP, SYSLOG, NTP, CDP, DNS, TFTP, FTP, IOS and Features, Management. Salt, Wireshark, TCPDump, IXIA chariot, Packet Sniffer, Packet Analyzer and SolarWinds Breaking Point.

Wireless & WiFi: Canopy Wireless Device (point to point/point to multipoint), D-Link Wireless (point to point), VMware, Cloud Computing, D-Link Access Point, CISCO 1200 series Access Point, and Linksys Wireless/Wi-Fi Router.

AAA Architecture: TACACS+, RADIUS, Diameter, Cisco ACS.

Nodes: 4 node, 10 node, 40 node, 50 node, mobile node

PROGRAMING LANGUAGES: C, C++, JavaScript, python, shell scripting (BASH) and HTML

Operating Systems: Cisco IOS, Windows NT 4.0 (Desktop/Server), Windows 2000/2003/2008/2012 Server, Windows XP/Windows 7/8, LINUX (Red Hat, Solaris, Fedora), UNIX, MS Exchange server, Solaris, Active Directory.

Equipment s (Switches, Routers): Cisco routers (7600, 7200, 3900, 3600, 2800, 2600, 2500, 1800 series, ASR 9K (9922) and ASR 1K) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series, juniper SRX, MX480, 240, 80 series, EX, QFX Series Routers and HP (7000) series Switches.

Routing: OSPF, EIGRP, ISIS, BGP (EBGP/IBGP), RIP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static Routing, IPV4, IPV6.

Switching: VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing &Multi-Layer Switching, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging.

Firewalls: ASA 5500 series, Check Point Nokia Firewalls IP350, IP550 & IP750, Juniper Net screen, Firewalls ISG, Cisco PIX & ASA 5500 Series, Checkpoint Firewall NG, NGX, NG R55, NGX 60, NGX R65, R70, R75, UTM.

PROFESSIONAL EXPERIENCE:

Confidential, San Jose, CA

Sr. Security Network Engineer

Responsibilities:

• Responsible for maintaining the design and integrity of EvergreenHealth’s internal/external network, including customer-facing environments.
• Provide expert technical assistance to IT team members with high-level system and networking requests andresponsible for designing, testing, implementing and supporting complex infrastructure aligned with the requirements of business
• Involved in the Configuration and Administration of Cisco, Aruba and Meraki environments.
• Experience working with Nexus 7010, 5548, 5596, 2148, 2248 devices.
• Implemented Site-to-Site VPNs over the internet utilizing 3DES, AES/AES-256 with ASA and JUNIPER SRX Firewalls
• Configure and troubleshoot Juniper EX series switches and routers at branches/back offices.
• Experience with moving data center from one location to another location, from 6500 based data center to Nexus based data center
• Upgrading code on Palo alto firewalls PA5050/3020 to meet company security policy
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall
• Created documents for various platforms including Nexus 7k, ASR9k, and ASR1k enabling successful deployment of new devices on the network.
• Managing and supporting large scale MPLS & Frame relay on Cisco environment for more than 5000 Retail sites, 100 Distribution centers, 100 offices and 3 datacenters.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Manage SolarWinds WPM, NPM and monitoring services and nodes.
• Involved in Implementation and Configuration (Profiles, I Rules) of F5 Big-IP C-4400 load balancers.
• Network Redesign for Small Office/Campus Locations. This includes changes to both the voice and data environment
• Python scripting for automation of difficult tasks.
• Salt and open source automation software, used to orchestrate cloud platform and communicate with tens of thousands for servers in a matter of seconds.
• Provided guidelines to setup VOIP, IP PBX, made documentation for licensing requirements for CRTC.
• Establish AWS technical credibility with customers and external parties
• Worked on a broad range of topics such as proactive monitoring and maintenance, disaster recovery exercises, and core network repairs
• Advanced expertise and hands-on on Cisco IOS-XR software platform on Cisco 12000 series routers
• Experience working with ASR 9000 series switches with IOS-XR
• Advanced expertise and hands-on on Cisco IOS, IOS-XR 4.1.2 and 4.3.31 software platform on 12000 series routers
• Well Experienced in configuring protocols HSRP, GLBP, ICMP, IGMP, PPP, PAP, CHAP, and SNMP.
• Experience with communicating with different with different customers/Vendors, IT teams in gathering the details for the project
• Switching tasks include VTP, ISL/ 802.1q, IPSec and GRE Tunneling, VLANs, Ether Channel, Trunking, Port Security, STP and RSTP.
• Experience in installing and configuring DNS, DHCP servers.
• Replace branch hardware with new 3900 routers and 3750 POE Switches.
• Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trunking, deployed port security when possible for user ports
• Involved in configuring Juniper SRX 550, Cisco ASA 5585 firewall and PALOALTO 5050 firewall
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed

Environment: Cisco 2800, 2900, 3900, 7200, 7600, ASR 4300, 1K, 2K, 3K, 7K, 9K, Arista routers Cisco Catalyst Switch 6500, 4500, 4900, 3500, 3700, 3700, Nexus 9k and 5k, Aruba 3810, 5412 switches, Arista switches, Cisco ASA 5510, Cisco ACE Load Balancer, Fiber and Ethernet cabling, Ixia XR 2000, Cisco LAN Wireless Controller and Access Points, Remedy Ticketing System.

Confidential, San Jose, CA

Sr. Wireless Network Engineer

Responsibilities:

• Primary responsibility is development of Confidential wireless connectivity, networking business unit,design and deploy various network security & High Availability productslikeCisco ASA other security products
• Worked on Layer 2 andLayer3protocols such as ICMP,IGMP,PSec,SNMP,EGP,STP, VTP, STP, RSTP,PVSTP+, MST and otherVLANtroubleshootingissues and configuring switches from scratch and deployment
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Coordinated OSPF, EIGRP Microsoft Powerpoint, Routing Protocols, DHCP, Microsoft Office Juniper, Splunk, BGP, Load Balancing and designed CCIE Visio Solarwinds, QoS, CCNP
• Troubleshoot wan related problems including OSPF, EIGRP, BGP routing and design
• ExperienceSupporting EIGRP, OSPF and BGP based network by resolving level 2 & 3 problems of internal teams & external customers of all locations
• Experience with configuring BGP, OSPF in Juniper M and MX series routers for branch/Back office locations.
• Convert Branch WAN links from point to point circuits to MPLS and to convert encryption from IPSec/GRE to Get VPN.
• Configured, implemented, and troubleshoot routers and switches with various account settings permissions, and parameters including security firewalls.
• Plan Design and assist in deploying enterprise wide Network Security and High Availability Solutions for ASA and SRX Firewalls
• Monitoring and alert management of all components related to the ISE solution (VNOC)
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
• Working on Cisco ISE to authorize users based on protocols PEAP and EAP-TLS, also manage and monitor user's access privileges.
• Designing large scale MPLS & Frame relay on Cisco environment for more than 5000 Retail sites, 100 Distribution centers, 100 offices and 3 datacenters.
• About 50 sites with Tellabs 8660/8630/8605. MPLS-TE, L2/L3 VPN services for 2G/3G base stations, 588v2 synchronization.
• Work as a part of the DMZ migration and consolidation for external vendors into a new environment on ASA 5585 devices.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/Juniper security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
• Experience working with data center deployment where we converted from Cisco 6500 to Nexus.
• Working on splunk dashboards, like exploring data source types, creating reports and charts, and also creating, changing and giving permissions on dashboard.
• Working as a splunk admin depending on the requirements and allowing permissions on dashboard as an integral part.
• Involved in configuring IP Quality of service (QOS)
• Data center migration was involved in Access, Distribution and Core layers.
• Created MOPS and get approval from peers to perform configuration add/ remove changes.
• Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550.
• Configuration and extension of VLAN from one network segment to other segment between Different vendor switches (Cisco, Juniper).
• Configuring Vlan’s, VTP’s, enabling trunks between switches.
• Performed Configuration on ASR 9K Pairs includes HSRP, Bundle Ethernet Config, Assigning DHCP profiles.
• Experience working with Juniper devices like EX 2200,EX 4200, EX 4500, MX 480, M Series, SRX650, SRX240
• Configured and troubleshoot Autonomous and Cisco Meraki and Access Points
• Experience with setting up IPSEC VPN on Cisco 5585 Firewalls towards the multiple vendors
• Experience working with Nexus 7010/Nexus 7018, 5020, 2148, 2248 devices
• Experience configuring VPC, VDC and ISSU software upgrade in Nexus 7010
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000
• Working as a SME (Subject Matter Expert) for Customer Experience manager APM solutions in order to resolve customer related issues.
• Experience in using APM solutions to identify solutions and working around common problems to ensure optimal performance.
• Experience in configuring all Palo alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments
• Support Panorama Centralized Management for Palo alto firewall PA-500, PA-200 and PA3060, to central manage the console, configure, maintain, monitor, and update firewall core, as well as back up configuration
• Helped team to deploy 100 APs with 15 Switches, Cisco Nexus, Cisco Meraki and 2 Wireless controllers.
• Experience working with F5 LTM 3600/6400 and GTM 2200/4200 in data center
• Experienced in Customer VOIP infrastructure with the focus on stability, capacity and organizational productivity.
• Configured Virtual Servers, Configure Nodes, and configuring the load balancing Pools and also used towork with configuring load balancing algorithms.
• Help customers build scalable, resilient, and high-performance applications and services on AWS
• Develop/capture/document architectural best practices for building systems on AWS
• Experience configuring session based persistence and I have leant configuring writing i Rules for specific redirection purpose @and also i rules for persistence.
• Dealt with creating VIP(virtual servers), pools, nodes and applying I Rules for the virtual servers like cookie persistency, redirection of the URL
• Audit existing Solarwinds by implementing and suggesting areas for improvements and configuring, managing and use of SAM and NTA.
• Experience with python scripting during automation testing.
• Working under Unix environment in development of applications by using Python commands.
• Provided Load Balancing towards access layer from core layer using F5 Network Load Balancers.
• Supplied documentation, escalation, training and standard operating procedures as needed to allow for a smooth transition within the NOC.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing
• Designed and installed new Branch network systems. Resolved network issues, ran test scripts and prepared network documentation.
• Experience in troubleshooting the Splunk Server, identifying problems and implementing solutions.
• Performed switching technology administration including VLANs, interVLAN routing, Trunking, STP, RSTP, port aggregation & link negotiation.
• Configuration of Access List ACL (STD, Ext, Named) to allow users all over the company to access different applications and blocking others.
• Troubleshooting / problem solving complex technical problems while installing, configuring, upgrading local and regional VOIP network infrastructure.

Environment: Cisco 2948/3560/4500 , 4900/3560/3750/3550/3500 , 3700/ switches, Aruba 3810, 5412 switches. Enclosures Switches and Cisco / 7200/3845/3600/2800 , ASR 4300routers, Arista routers Cisco Nexus 7K/5K, Cisco ASA 500, F5 BIGIP LTM, RIP, OSPF, BGP, EIGRP, LAN, WAN, VPN, HSRP, Fabricpath, Software Defined Networking (SDN)

Confidential, Atlanta, GA

Sr. Network analyst

Responsibilities:

• Troubleshoot and Worked with Security issues related to Cisco ASA/PIX, Checkpoint, IDS/IPS and Juniper Net screen firewalls.
• Provided Tier 2 support as part of the network engineering team for one of the largest privately held WAN environments in the state of Texas incorporating T1, T3, OC3, Gigabit Ethernet, 10Gig, ATM, and MPLS technologies. Maintenance, upgrade, troubleshooting, and reporting of 2500+ Cisco
• Implementing traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).
• Tuned BGP internal and external peers with manipulation of attributes such as metric, origin and local Preference.
• Node network with approximately 30, 0000 users across 4 states and 3 countries.
• Provide support for a 40-node Frame Relay network and 4-node ATM OC-3 Campus Backbone network.
• Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tunings AS-path.
• Worked on Juniper J series j230, M 320 routers and EX 3200 series switch.
• Implemented Hot Standby Router Protocol (HSRP) by tuning parameters like pre-emption.
• Cisco Secure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN 3000 Concentrator.
• Implemented various OSPF scenarios on networks consisting of 7600 routers.
• Configured OSPF over frame relay networks for NBMA and point to multipoint strategies.
• Configured Multiprotocol Label Switching (MPLS) VPN with Routing Information Protocol (RIP) on the customer's Site and policy based routing for BGP for complex network systems.
• Use to be a cross functional and coordinated within a team of java and .NET developing applications team.
• Experience with Synchronous Optical Networking (SONET) over optical fiber.
• Configuring, Installing and troubleshooting on Check Point Devices.
• Involved in Configuring and implementing of Composite Network models consists of Cisco7600, 7200, 3800 series and ASR 9k, GSR 12K routers and Cisco 2950, 3500, 5000, 6500 Series switches.
• Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network.
• Configured networks using routing protocols such as RIP, OSPF, BGP and manipulated routing updates using route-map, distribute list and administrative distance for on-demand Infrastructure.
• Configured OSPF redistribution and authentication with type 3 LSA filtering and to prevent LSA flooding.
• Responsible for day to day management of Cisco Devices, Traffic management and monitoring.
• Provided software and hardware recommendations for VOIP telephony.

Environment: Worked on Cisco switches 6500, 4500, 4900, 4000, 4300, 3900, 2900, 5500 series, arista switches Aruba 3810, 5412 switches, Cisco Catalyst 6509 series with SUP 720, IP routes BGP, OSPF, Cisco LAN switches, Proxy server, Troubleshooting DHC.

Confidential, TX

Network Engineer

Responsibilities:

• Configured routers, switches, and firewalls for deployments.
• Created and updated network designs (LAN and WAN) and rack elevations using Microsoft Visio.
• Procured Internet lines (T1, Metro Ethernet, Fast Ethernet) and IP subnet blocks.
• Conducted site surveys to determine and document network requirements.
• Configured network equipment's (routers, firewalls, & switches) and installed network cable drops; terminated straight-through and crossover Ethernet connections and installation of fiber optics.
• Completed 10 independent, remote deployments of network hardware to client sites nationwide.
• Troubleshoot remedy tickets to resolve network issues and maintain Clients operational capability.
• Conducted site surveys to determine and document requirements for security requirements, wiring, network, and specialized equipment. Procured network services and rack space to support customer requirements.
• Involved in Network Performance Analysis, Capacity Management and assisted help desk resolution of trouble tickets.
• Worked on Catalyst 6509 series with SUP 720, Sup Engine II Plus, processors with various line cards such as 24 port Gig E SFP, 48 port Gig E copper cards.
• Product testing and support for a wide range of products like routers, Layer2/layer3 switches, 802.11 wireless access points (Aruba - 105, 125) etc.
• Provided quick resolutions System and Network issues.
• Worked with IP routes BGP, OSPF and Cisco LAN Switches.
• Updated Microsoft Access database to maintain records of network information (rack spaces, IP blocks, POCs, etc.).

Environment: Worked on Cisco switches 6500, 4500, 4900, 4000, 4300, 3900, 2900, 5500 series, Catalyst 6509 series with SUP 720, IP routes BGP, OSPF, Cisco LAN switches, Proxy server, Troubleshooting DHCP