PROFESSIONAL SUMMARY:

• 8+ years of experience in the area of Networking, Security and System Engineering.
• Hands on experience in providing network support, installation and analysis for a broad range of LAN/WAN/MAN communication systems.
• Professional experience in Network engineering, performing Network analysis, design, implementing, capacity planning with a focus on performance tuning and support of large Networks.
• Experience in implementation, support and troubleshooting of VLAN’s , Spanning Tree Protocol (STP), and RSTP, VTP, VLAN trunking, inter - VLAN routing and ISL/802.1q .
• Experience configuring and troubleshooting IP Routing Protocols - RIP, OSPF, EIGRP and BGP.
• Experience setting up IPSEC VPN between ASA Firewall and Router 3800.
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for a data center access architecture.
• Experience with converting Cisco 6500 IOS to Cisco Nexus NX-OS in the data center environment.
• Strong hands on experience on Cisco Routing, Switching and Security devices such as Cisco Catalyst 6500, 4500, 2900, 3500, 3750 XL series switches, Cisco 1800, 2500, 2600, 2800, 3600, 3800, 7200 series routers.
• Strong knowledge on TACACS+, RADIUS implementation in Access Control Network.
• Experience in configuring and troubleshooting of static and dynamic routing protocols such as RIP v1/v2, EIGRP, OSPF, IS-IS BGP and MPLS.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST.
• Extensive and in-depth knowledge of Security, including ACL -Standard and Extended, SSL, IPSEC VPN and GRE Tunneling.
• Worked on Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering)
• Configured rules and maintained Palo Alto Firewalls & analysis of firewall logs using various tools.
• Advanced knowledge installation, configuration , maintenance and administration of Palo Alto firewalls, Panorama, Checkpoint, and Fortinet Firewalls.
• Configuration and troubleshooting of EIGRP, OSPF, BGP, CSM , integration with ASA devices
• Implemented Zone-Based Firewalling and Security Rules on the Palo Alto and Exposure to wildfire feature of Palo Alto.
• Configure Palo Alto Networks Firewall models (PA-2K, PA-3K, PA-5K etc.) as well as a centralized
• Hands on experience configuring and testing F5 iRules using Browser (IE), HTTP watch.
• Configured F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Worked on migrating the F5 LTM 5100 version 9.2 to 5100 LTM version 9.4 and F5 GTM configurations.
• Deploy and support network load balancers, such as F5 LTM/GTM and configuration (Profiles, I Rules) of F5 Big-IP LTM-6400 load balancers
• Extensive knowledge of services such as DHCP, NAT/ PAT and DNS.
• Implemented gateway redundancy protocols - HSRP, VRRP and GLBP.
• Have knowledge on various advanced technologies like VOIP, SIP, QOS, IPv6, Wireless, Multicasting and MPLS.
• In-depth knowledge about OSI Layer model and TCP/ IP protocol.
• Create new or update existing documents - MS Visio, spreadsheets and IP manager.
• Experience with converting PIX and Checkpoin t firewalls over to the Cisco ASA solution.
• Implement SSL VPN solutions including Palo Alto Networks Global Protect with single and multiple gateway solutions including integration of PKI certificates. Integrate multiple vendor IPSEC site to site VPNs, including Palo Alto Networks, Cisco ASA, and Juniper SRX firewalls.
• Strong work experience with the following technologies MPLS, QoS, L2VPN, Multicast, and IPv6.
• Expertise in Windows NT/2000/2003 Server administration. Experience working with Nexus 7010, 5020, 2148, 2248 devices.
• Experience configuring VPC (Virtual Port Channel), VDC (Virtual Device Context) in Nexus 7010/7018, FCOE using Cisco nexus 5548.
• Designed 10-gigabit networks using Cisco Nexus 7000 series switches, Cisco 3800 series routers.
• Extensive knowledge and troubleshooting in data communication protocols and standards including IEEE802.3, Token Ring, TCP/IP, Cable Modem, ADSL, PPPOE, Multilayer Switching, DoD Standards, Voice & Data Integration techniques & standards.
• Experience in monitoring and analyzing the load balancing of network traffic using KIWI Solar Winds.
• Good at providing technical leadership for problem escalation and resolution.
• Strong interpersonal, organizational communication, customer service & presentation skills.

TECHNICAL SKILLS:

Router platforms: Cisco routers (7600, 7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900, 6807 series), Nexus 9k, 7K, 5K, 2K & 1K.

Switch platforms: Cisco 2900XL, 2950, 2960, 3560, 3750, 4500 and 6500, Nexus (2K, 5K, 7K and 9K)

Juniper Platforms: SRX, MX, EX Series Routers and Switches

Networking Concepts: Access-lists, Routing, Switching, Subnetting, Designing, CSU/DSU, IPSec, VLAN, VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi

Firewall: Juniper Netscreen 6500, 6000, 5400, Juniper SSG, SRX5600, SRX5800, Checkpoint (NGX, R65, R70 and R71), Cisco Firewalls (ASA 5505, 5506-X, 5585), Palo Alto Networks (PA-2K, PA-3K and PA-5K).

Network Management/Monitoring: Solar winds, HP NNMi 8xi (Network Node Manager), Net flow and Cisco prime, Ethereal / Wireshark, TCP Dump.

Load Balancers: F-5 BIG-IP LTM 2000, 3900, 5000, 6400, 6800 AND 8900, Bluecoat SG8100, AV 510.

WAN technologies: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET

LAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channel, VLANS, VTP, STP, RSTP, 802.1Q

Security Protocols: IKE, IPsec, SSL, AAA, Access-lists, prefix-lists, SSL-VPN

Networking Protocols: RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA, IPv4 and IPv6

Operating System: Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix

PROFESSIONAL EXPERIENCE:

Confidential, May field, OH

Sr. Network Security Engineer

Responsibilities:

• Performed network engineering, design, planning (WAN & LAN) & implementation. Studied single point failures & designed WAN structure in such a way that there are no failures in network in case of any device or link failure.
• Configured and designed LAN networks with Access layer switches such as Cisco 4510, 4948, 4507 switches.
• Configured Cisco ASR routers such as ASR 1013, 1009-X, 1006, 1006-X, 1004, 1002-HX, 1002-X, 1001-X routers.
• Actively involved in Switching technology Administration including creating and managing VLANS, PortSecurity-802.1x, Trucking 802.1Q, RPVST+, Inter-VLAN routing and LAN security on Cisco Catalyst Switches 4507R+E, 6509-E and Cisco Nexus Switches 2232,5596,7009
• Configure SIEM tool performance and event data quality to maximize SIEM system efficiency.
• Hands on experience in building Cisco ACI fabric (policy groups, switch profiles, etc.), tenants - VRFs, Endpoint Groups, Contracts
• Provided top-level support to customers for ACI including support of implementation, configuration, and troubleshooting via GUI, and command-line interface of Nexus 9K spine/leaf and APIC controller
• Performed all maintenance tasks on the Nexus Switches, ASR Routers, Checkpoint Firewalls, F5 Load balancers Infoblox DNS and Cisco ACI.
• Configured routing policy for BGP. Switching related tasks included implementing VLANs and configuring ISL trunk and 802.1Q on Fast-Ethernet channel between switches
• Primary roles include SIEM monitoring and investigation of any alerts using tools such as Arcsight ESM, Arcsight Logger, HBSS, NetScout, Site Protector IDS, and Wireshark Protocol Analyzer.
• Configuring and installation Windows Server 2003,2008,2012,2016.
• Creating active directory and domain for user.
• Network-wide implementation of F5 Traffic steering nodes with TCP acceleration,
• Migration of traditional Palo Alto email security products to Cisco Ironport email servers.
• Deployed a large-scale HSRP solution to improve the uptime of collocation customers, in the event a core router became unreachable.
• Deploying and decommissioning the VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices.
• Cisco ISE 1.3 Deployment and Profiling Policies
• Strong experience with Cisco ASA firewalls, ISE, Aruba Clear Pass
• Integrating Configuring Cisco ASA Firewalls with ISE to the Posture policy compliance perform CoA for remote users.
• Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Configured Arista 7500E and 7150 Series switches.
• Juniper, Checkpoint Cisco ASA, Cisco PIX and Palo Alto Firewalls Administration
• Performed ISE Change administration, writing and implementing client sponsored or required changes
• Checkpoint Firewall Deployment, Upgrade and Administration
• Design and Implement Catalyst/ASA Firewall Service Module for various LAN’s.
• Experience in Adding Rules and Monitoring Checkpoint Firewall traffic through smart dashboard and smart view Tracker applications.
• Experienced on working with Checkpoint firewalls R75/R77 such as installing/deleting and troubleshooting the networks.
• Created Virtual Servers on F5 Load balancer.
• Deployment of enterprise firewalls (Palo Alto Networks, Cisco ASA, Check Point) in production environments.
• Worked with network services like DNS, DHCP, DDNS, IP4, IP6, IPSec, VPN etc
• Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS AAA(TACACS+ & RADIUS)
• Configured Multiprotocol Label Switching (MPLS) VPN with Routing Information Protocol (RIP) on the customer’s stages.
• Involved in designing and implementation of AWS network and connectivity b/w physical and AWS DC
• Developed a python script, which will parse all trace files and calculate throughput, latency and drop rate.
• Developed and implemented a web crawler program in Python that gathers data from social networking site.
• Distributed system and infrastructure. Clustered distributed controller for Cisco Application Centric Infrastructure (ACI), SDN. Model-based ACI/SDN controller. Network orchestration.
• Application Centric Infrastructure (ACI) L4-L7 services deployment: Develop L4 to L7 service chaining and traffic steering for ACI controller. Develop ACI model and implement resource management for service deployment
• Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches.
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000.
• Responsible in troubleshooting on Cisco ISE added new devices on network based policies on ISE
• Worked on integrating existing Layer 2 and Layer-3 networks with ACI
• Used Cisco ACI (Application Centric Infrastructure) for fabric implementation, operations, and integration with external bridged networks and Cisco Unified Communication Systems.
• Writing i-Rules and i-Apps on the F5 load Balancer and Renewing the Certificates.
• Implementation of F5 includes configuration/creation of Network Element, Pool, pool members and virtual servers.
• Understand the JUNOS platform and worked with IOS upgrade of Juniper devices
• Assist with IPS deployments and perform any necessary build configurations.
• Worked extensively on Cisco Firewalls, Cisco (506E/515E/525/) & ASA 5500(5510/5540) Series
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Worked extensively on Controlling the Traffic, creating the groups SSL of load and SSL certification on F5 load balancer
• Configuring and implementation of Juniper Firewall, SSG Series, Netscreen Series ISG 1000, SRX Series.
• Implemented Cisco IOS Firewall IDS using 2600 series router.
• Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers and Cisco ASR 9K routers
• Provided application level redundancy and availability by deploying F5 load balancers LTM.
• Troubleshooting on network problems with Wire shark, identify problem and fix.
• Dealt with creating VIP (virtual servers), pools, nodes and applying iRules for the virtual servers like cookie persistency, redirection of the URL.
• Designed and implemented security policies using ACL, firewall. Configured and maintained 26 NOS network security team devices including IDS, Palo Alto firewalls, Bluecoat web proxies, and load-balancers.
• Also worked with the physical server migration to AWS data center
• Configuring and troubleshooting type of routing to route traffic flow per customer requirement as primary, backup/F5 load balanced and load splitting.
• Operation and troubleshooting of Juniper routers, HP/H3C network switches and Riverbed accelerators.
• Performed the maintenance of Active Directory and replication scheme, DNS/DHCP services and time services; wrote step-by-step procedures for implementing upgrades.

Confidential, Hamilton, NJ

Network Security Engineer

Responsibilities:

• Maintained the LAN/WAN hardware and software using the latest technology, including routers, servers, and Cisco wireless device Controller.
• Designed and implemented security systems including various Cisco IOS ACLs, Context-Based Access Control, PIX Firewall (PIX 506, 515), Network Intrusion Detection Systems, AAA Cisco Secure Access Control Server (Radius/TACACS+) and Linux Syslog servers.
• Planned, configured and operated IPsec VPNs.
• Involved in installing Hardware network devices such as Cisco switches, routers and Wireless access points at MBUSA location sites.
• Create an Air magnet heat map of the LAN using wireless access points and even worked on CISCO Redundancy Wireless Infrastructures - RAS (Remote Access Servers using WAPs), Troubleshoot VLAN, Spanning tree.
• Managing intrusion detection system (IDS) and intrusion prevention system such as NSM, Tipping point.
• Worked on configuring and supporting Cisco ASA, Checkpoint, Juniper firewalls.
• Implement and manage load balancing using F5 GTM load balancers. Provide consulting services to customers recommending best practices for their security posture and their environments.
• Understand JUNOS platform and worked with IOS upgrade of Juniper devices and routers.
• Basic and advance F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 and general troubleshooting of the F5 load balancers.
• Citric NetScaler 9.3 to 10.1 firmware upgrade experience in Citrix NetScaler application delivery controller.
• Demonstrated experience with Check Point, Cisco, and Palo Alto Networks solutions.
• Coordinated installations and followed up with project managers and end users to ensure acceptable system/network performance once changes were completed.
• Setup and configured Citrix NetScaler for use with mobile devices, and configured ICA Proxy, virtual servers, SNIP, VIP, etc.
• Knowledge and experience with Citrix NetScaler content switching configurations.
• Troubleshooting on the network issues using firewall logs, Running TCP DUMP.
• Coordinated with global Security Management teams and support teams as required and completed Palo Alto and Checkpoint Firewall rule add , modification, and delete.
• Configuring rules and Maintaining Palo Alto security firewall & Analysis of security firewall logs.
• Installed ESX devices on Nexus cluster and creating port-profiles for the VMWARE platform.
• Worked on Hardware replacement (EOL devices), Upgrading IOS images according to company standards.
• Worked on Daimler tools like CISM (ITIL ticket system), Monitoring portal, QIP (reserving IP addresses).
• Responsible for infrastructure documentation being updated and accurate when infrastructure changes were made as per requests, initiatives, and projects.
• Provided on-call support 24/7 and worked in NOC (Network operations center).

Confidential, Pasadena, CA

Network Engineer

Responsibilities:

• Working with Cisco Nexus 2248 Fabric Extender and Nexus 5500 series to provide a Flexible Access Solution for datacenter access architecture
• Configuring, upgrading and deployment of Nexus 7010, 5596 and 2248.
• Worked on upgrading Cisco ISE 3300 Appliances and 1.0.4 Cisco ISE software on VM ware's.
• Worked with Cisco ISE to identify threats in the network for rapid containment and remediation.
• Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525) & ASA 5500(5510/5540) Series.
• Experience with converting PIX rules over to the Cisco ASA solution.
• Configuring VPN, clustering and ISP redundancy in Checkpoint firewall.
• Worked on Checkpoint Platform including Provider Smart Domain Manager.
• Worked on configuring, managing and supporting Checkpoint Gateways
• Experienced with Checkpoint VPN rules over Cisco ASA VPN. Which filters traffic by inspecting the application layer.
• Implementation configuration and troubleshooting of Checkpoint Firewall R 77.
• Involved in Configuration of Access lists (ACL) on checkpoint firewall for the proper network routing for the B2B network connectivity.
• Worked with Host Master for shared web hosting and managed Web Application firewall (WAF), DNS and DHCP management using Infoblox and Analyzed networks using Wireshark.
• Provided level 2 phone and email support and troubleshooting of networking and VoIP issue.
• Configured the automatic policy builder using the deployment wizard tool in ASM.
• Dealt with creating VIP pools, nodes and created custom iRules for the virtual servers like cookie persistency and redirection of URL on F5 ASM cookies issues and configures ASM policies.
• Experience in Deploying and decommissioning Cisco switches, Cisco Meraki Products and their respective software upgrades.
• Implemented site to site VPN on Cisco Meraki MX64, MX65, MC84, and MX400.
• Deployed and managed Cisco Meraki products SD-WAN including Cisco Meraki Security Appliances (MX25, MX450, MX400, MX600 and MX100), Cisco Meraki switches and Cisco Meraki Wireless Aps (MR84, MR74, MR52).
• Working with BGP, OSPF protocols in MPLS Cloud.
• Establishing VPN Tunnels using IPSec encryption standards and configuring and implementing site-to-site VPN, Remote VPN.
• Experience in white listing webpages and blocking webpages with Blue Coat Proxy SG and Blue Coat reporter.
• Configured and resolved various OSPF issues in an OSPF multi area environment between multiple branch routers.
• Providing daily network support for national wide area network consisting of MPLS, VPN and point-to-point site.
• Configuring BGP, MPLS in Cisco IOS XR.
• Working on HP open view map for Network Management System and Ticketing.
• Involved in L2/L3 Switching technology administration including creating and maintaining VLANs, Port security, Trunking, STP, Inter VLANS Routing, LAN security.

Confidential, San Francisco, CA

Network Engineer

Responsibilities:

• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problem
• Managing enterprise BGP setup by configuring and troubleshooting BGP related issues. My responsibility
• Worked as part of a team to manage Enterprise Network Infrastructure as a Tier 3 Support Engineer.
• Troubleshoot issues related to VLAN, VLAN Trunking, HSRP failovers, related issues.
• Configuring and Upgrading Junos Space Virtual Appliance.
• Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel.
• Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
• Experience in converting PIX rules over to the Cisco ASA solution.
• Administration of ASA firewalls in the DMZ and FWSM in the Server Farm to provide security and controlled/restricted access.
• Configured networks using routing protocols such as RIP, OSPF, BGP and manipulated routing updates using route-map, distribute list and administrative distance for on-demand Infrastructure.
• Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers
• Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches
• Responsible for maintaining the entire Routing and switching domain across the campus / Branch to
• Head Office and also the Layer-2 campus network across the remote branches, which included configuring VLANs and Trunks, Spanning Tree protocol, Port-Security, VLAN-MAPs and DOT1X for switches and Wireless.

Confidential

Network Engineer

Responsibilities:

• Maintained 70+ Branches Data Connectivity for Fiber Link, Radio Link & VSAT
• Installed & maintained Active Directory using Windows Server 2008, DNS, DHCP, FTP Server
• Worked with Network team for implementation of Data Center & Branch Network
• Design, installation and troubleshooting networks with hands-on experience with OSPF, IS-IS, BGP, VPLS, Multicast VPN, and Traffic engineering.
• Configured STP for loop prevention on Cisco Catalyst Switches.
• Configured VTP to manage VLAN database throughout the network for Inter-VLAN Routing.
• Worked in setting up Inter-VLAN routing, redistribution, access-lists and dynamic routing.
• Involved in configuring and implementing of Composite Network models consists of Cisco 3750, 2620 and 1900 series routers and Cisco 2950, 3500 series switches.
• Implemented various Switch Port Security features as per the company's policy.
• Configured RIP and EIGRP on Cisco 2901 and 3925 routers.
• Configured Cisco Routers, Switch & Firewalls; installed/supported for Desktop Computers, Laptop & Network Printer; prepared documentation for new project, office note for purchasing of IT devices.

Confidential

Jr. Network Engineer

Responsibilities:

• Migration of RIP V2 to OSPF, BGP routing protocols.
• Configured EIGRP for Lab Environment.
• Implemented ISL and 802.1Q for communicating through VTP.
• Working with Client teams to find out requirements for their Network Requirements.
• Designing solutions for frozen requirements using Cisco Routers and Switches.
• Deploying the network infrastructure to meet the requirements.
• Created VLAN and Inter-Vlan routing with Multilayer Switching.
• Documenting and Log analyzing the Cisco ASA 5500 series firewall.
• Monitor performance of network and servers to identify potential problems and bottleneck.
• Performed administrative support for RIP, OSPF routing protocol.
• Maintained redundancy on Cisco 2600, 2800 and 3600 routers with HSRP.
• Real time monitoring and network management using Cisco Works LMS.
• Provided technical support on hardware and software related issues to remote production sites.