Sr Network Engineer Resume
Dublin, OH
PROFESSIONAL SUMMARY:
- Over 8+ years of experience in Networking and Security, including hands - on experience in providing network support, installation and analysis for a broad range of LAN/WAN/MAN communication systems.
- Hands-on experience in TierII ISP Routing Policies, Network Architecture, IP Subnetting, VLSM, TCP/IP.
- Worked on Cisco IOS for configuration & troubleshooting of routing protocols: OSPF, EIGRP, RIP, BGP, and BGPv4.
- Configuring BGPv4, BGP Path Attributes, and Route Reflectors for an ISP transit network.
- Hands on experience in configuring Cisco Catalyst 2960, 3750, 4500, 6500 and Nexus 3000, 5000, 6000, 7000 series switches and Cisco 2600, 2800, 3600, 7600, 7200series routers.
- Configuring BGP/OSPF routing policies and designs, worked on implementation strategies for the expansion of the MPLS VPN networks.
- Implemented VDC, VPC, VSS, VRF and OTV on the Nexus 5505, 6500 and 7009 switches.
- Level-1 Support for Juniper.
- Networks customers and partners related to Juniper's M/T/MX series products deployed in the largest and most advanced IP networks in the world.
- Good experience in Juniper series of devices like SRX201, SRX240,Juniper MX-480, MX-960, Juniper QFX, EX series of switches and JUNOS space.
- IOS/JUNOS upgrade for Cisco & Juniper routers cum switches.
- Hands on experience with F5 & A10 Load balancers on client network.
- Responsible for Check Point, Palo Alto and Cisco ASA firewall administration across global networks and worked on security routers like Fortinet Routers implementing IDS, IPS.
- Working with ITS networking teams to install an Avaya VoIP phone system and tested the phone system connectivity and functionality.
- Performing URL filtering and content filtering by adding URL's in Bluecoat Proxy SG's.
- Knowledge on automation tools such as Ansible, Chef and Puppet.
- Experience in writing scripts with Python to perform task automation.
- Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS) and deploying GRE Tunnel.
- DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.
- Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
- Hands on experience on Power over Ethernet (POE) and Ether Channel.
- Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST,.STP features: Port Fast, Backbone fast, Uplink fast, BPDU Guard.
- Implementation of HSRP, VRRP,GLBP for Default Gateway Redundancy.
- Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
- Good knowledge and experience in Installation, Configuration and Administration of Windows Servers 2000/2003, Active Directory, FTP, DNS, DHCP, TFTP, Linux OS under various LAN and WAN environments.
- Familiar with bluecoat proxy servers and blue coat web sense
- Experience in Network Management Tools and sniffers like SNMP, Wire shark and Cisco works to support 24 x 7 Network Operation Center.
- Proficient in managing and implementing Enterprise Linux systems.
- Experience in adding and modifying headers on HTTP requests and responses using different valid types like req.http.Fastly-Client-IP,sever.identity, req.url, req.http, resp.http.
- Some familiarity with Zabbix, AWS, Git, Nginx, Ansible.
- Good knowledge and experience in Security Key Management and Public Key Infrastructure (PKI) in managing, protecting and storing keys.
- Good knowledge in Amazon Web Services like Amazon EC2, Amazon EC2 Key Pairs(SSH Key Exchange), Elastic Load Balancing, Amazon Cloud Watch and Recovery of data using Digital Forensics tools like AccessData FTK Imager, AccessData Registry Viewer, KarensHasher, Volatility, Prefetch Viewer.
TECHNICAL SKILLS:
Operating systems: Windows2008,2008R2,2012r2, Linux, UNIX, Solaris, Centos, Ubuntu
Virtualization tools: VMware vSphere, Oracle Virtual Box, Packer
Network Services: LDAP, DNS, NIS, DHCP, NFS, Web, mail, FTP
Build tools: ANT, MAVEN, Gradle
Network Topologies: LAN, WAN, VPN and Firewalls
Versioning Tools: GIT, Perforce, Subversion and CA Harvest
Scripting shells: Python, PL/SQL, Java AWT/Swing, C#, ASP.Net, XML, HTML, Groovy, Ruby and Perl.
Continuous Integration Tools: Jenkins, Bamboo, Hudson, Build Master
Analytics & Monitoring: Log stash, Elastic search, Kibana, Splunk, NagiOs, Graphite
Management/Bug Tracking Tools: Code Commit, JIRA, BugZilla, Remedy, HP Quality Center, IBM Clear Quest, Mingle
Scripting: Python, Ruby, Java Script, Power shell, Perl
Cloud: AWS, (EC2, EMR, S3, EBS, ELB, Cloud Formation, Code Deploy, VMware, Code Pipeline Elastic Beanstalk, SNS, OPSWORK, RDS, Dynamo DB, Cloud Front, Route 53, VPC, IAM, SQS, SWF, Cloud Watch, Cloud Trail and Redshift) Azure, Rackspace
PROFESSIONAL EXPERIENCE:
Sr Network Engineer
Confidential - Dublin, OH
Responsibilities:
- Built and managed a large deployment of RedHat Linux instances systems with Chef Automation and provision virtual servers using vagrant and kitchen in Oracle VM virtual box, provisioned servers in Amazon EC2.
- Worked with Cisco Layer 3 switches 3750,4500,6500; Cisco Nexus 5596 and 7010 in multi VLAN environment with the use of inter-VLAN routing, 802.1Q trunk, ether channel
- Configuring objects such as Load Balancer pools for local traffic management on F5 Load Balancers.
- Handling network incidents of both wired & wireless infrastructure.
- Taking escalations and involved in handling major incidents towards resolution.
- Knowledge of encryption, MPLS/VPN and GRE tunnels implementations using Cisco IOS with DMVPN and IPSEC.
- Design and configure various Azure Networking resources like Azure Virtual Network (VNET), IP addressing scheme, DDoS protection, Subnets, Address Spaces, BGP.
- Managed IP addressing and implemented IP Access Lists. Worked with NetScreen Firewall and nitro security devices.
- Experience with Firewall Administration, Rule Analysis, Rule Modification.
- Experience with administering, troubleshooting and configuring / implementation (Cisco and Checkpoint) firewalls.
- Worked on Disaster Recovery (DR) test plan and build anIPSEC tunnel site to site.
- Configured PVSTP+ for loop prevention and VTP for Inter-VLAN Routing.
- Set up VSS cluster, ether channel, VLAN trunking, VTP and inter-VLAN routing on 6506.
- BlueCoat ProxySG experience through the installation of WebPulse Collaborative Defense.
- Experience in troubleshoot network issues including boundary protection devices, Cisco Nortel /Avaya and Bluecoat Proxy Servers.
- Configure VDC and VPC on Nexus 7010 and Nexus 5596.
- Configures and managed Nexus 2248 and 2400 series of wireless controller.
- Implemented port aggregation & link negotiation using LACP and PAGP.
- Configured site to site VPN technologies using IPSEC.
- Experience with working on juniper switches like EX2200, EX2500, QFX switch with Spanning tree and AE(aggregated Ethernet) virtual chassis
- Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
- Worked with networking teams to install an Avaya VoIP phone system and test phone system connectivity and functionality.
- Responsible for Checkpoint and Cisco ASA firewall administration across global networks.
- Technology support for: Cisco ACI, NSX, Open Source solutions, AWS/Azure VPC, ATT Netbond, Arista VTEP & VxLAN, Hitachi UCP, and many more.
- Multicasting, Route redistribution, Route Filtering using Distribute list
- IP Allocation for all applications and servers with high availability throughout the company
- Configured ASA 5540 to ensure high-end security on the network with ACLs and Firewall.
- Provided application level redundancy and availability by deploying F5 6500 series LTM load balancers.
- Involved in designing WAN infrastructure for redundancy in case of link failure.
Environment: Cisco 2948/3560/4500/3560/3750/3550/3500/2960/6500 switches and Cisco 3640/ / 00 / 2800 routers, Cisco Nexus 7K/5K, Palo Alto, Cisco ASA 500, Checkpoint, SolarWinds, Windows server, RIP, OSPF, BGP, EIGRP, LAN, WAN, VPN, HSRP, WAP 561, WAP 571, 1850i, 2800i, 3800e.
Sr Network Engineer
Confidential, Franklin Lakes, NJ
Responsibilities:
- Configuring, Maintaining the Routers and Switches and Implementation of Static, EIGRP, OSPF, BGP routing protocols and troubleshooting Remote infrastructure management of offices in different locations nationwide.
- Responsible for Cisco ASA firewall administration across our global networks.
- Migration of existing IPSEC VPN tunnels from one Data Center to another Data Center, due to decommissioning of existing Data Center, which involved working with Partner Companies.
- Working with High performance data center switch like Nexus 7000 series.
- Working extensively with Nexus 7000, 5000, 2000, Cisco 6500 series multilayer switches, Cisco 2960s series switches and Cisco 3560/3750s switches.
- Working with migration from 6500 series devices to 4500 Series switches in Campus deployments at Core, Distribution and Access Layers.
- Responsible for providing Network Diagram using Visio, Word and Excel.
- Involved in design and configuring Overlay Transport Virtualization (OTV) on Cisco NX-OS devices like Nexus 7000.
- Working on Layer 2 protocols such as STP, VTP, RSTP, PVSTP+, MST and other VLAN
- Configure various BGP attributes such as Local Preference, as prepend, Next-hop, Community, Extended community using route-map.
- Cloud design: Participate in Amazon AWS / Microsoft Azure network design and implementation.
- Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems.
- Deploying Layer 2 security in Server Farms by configuring switch for 802.1x port based authentication.
- Actively involved in switching technology Administration including creating and managing VLANS, Port security - 802.1x, Trunking 802.1Q, RPVST+, Inter-VLAN routing, and LAN security on Cisco Catalyst Switches 4507R+E, 6509-E and Cisco Nexus Switches 2232, 5596, 7009.
- Responsible for designing and configuring Intrusion Prevention Signatures.
- Prepared proposal documentation and information to meet customer requirements when required.
- A strong, deep understanding of the dynamic and evolving threat landscape is required to diagnose and solve complex technical issues related to threat mitigation and response.
- Technical resource for all threat related products and features of the Palo Alto Networks product line.
- Collaborate with engineering and product management to resolve product defect issues in a timely manner.
- Initialize familiarization with the management of Palo Alto Next Generation Firewalls as well as F5 load balancers.
- Administered security and NAT policies, fulfilling project requirements on Palo Alto 3050 & 5050 next-generation firewalls using PAN-OS 6.1. Set up VLANs and access ports connecting virtual machines using the NX-OS CLI on a Cisco Nexus 1000v virtual machine and VMWare vSphere Client networking.
- Configure HSRP & GLBP and VLAN Trunking 802.1Q, STP, Port Security on Catalyst 6500 switches.
- Experience in troubleshoot network issues including boundary protection devices, Cisco Nortel /Avaya and Bluecoat Proxy Servers.
- Technology support for: Cisco ACI, NSX, Open Source solutions, AWS/Azure VPC, ATT Netbond, Arista VTEP & VxLAN, Hitachi UCP, and many more.
- Managed support cases to ensure issues are recorded, tracked, resolved, and follow ups are done in a timely manner.
Environment: Cisco Routers: 7600,7200,3800,3700,2800,2500.Cisco Catalyst Switches 6500,4500,3500,3750,3850.Nexus Switches:2240, 2248,5596,7010.Palo Alto 200.Cisco ASA 5500, Cisco PIX 535,525.Fortinet Routers, Suricata IDS, Juniper routers M series. Routing protocols: OSPF, BGP. Switching: VTP, VLAN, PVSTP+ and 802.1Q trunking. VOIP protocols: SIP and MGCP .Sniffer tools: Ethereal and sniffer pro.Load Balancer: F5, BIG-IP;Wire shark, MS Visio.
Network Security Engineer
Confidential, Sacramento, CA
Responsibilities:
- Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000. Worked on Migrating of PIX firewalls to ASA next generation firewall rules over to the Cisco ASA solution.
- Configured F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability. Remediation of firewall rules from checkpoint firewalls to Cisco ASA firewalls, installing and configuring new juniper EX, MX, SRX series firewalls to meet day to day work, Implemented cisco 3750, 3650 and 3850 stack switches in data center environment.
- Deploying Cisco ASA and Bluecoat ProxySG (Web Security Appliance) S170 for URL Filtering Policies.
- Hands on experience on VIPRION 2200 Chassis (chs405262s,405190s, f5-Irpj-pkfg) for maintaining High-performance interconnection between Ethernet ports and processors, L4 offload and Hardware-accelerated SYN flood protection.
- Hands-on experience on Checkpoint Firewall R77, Palo Alto and Cisco ASA 5520 firewalls. Server load-balancing utilizing F5 LTM-Big IP, including APM, ASM and Viprion device modules.
- Worked on creating the rules, objects in Checkpoint firewalls to allow the traffic flow to the new Layer3 VIPs such that the traffic can flow through the A10, Migrated firewall rules from Cisco ASA to Palo Alto and Checkpoint Firewalls.
- Deployment of Palo Alto firewall into the network. Configured and wrote Access-list policies on protocol based services. Configured network access servers and routers for AAA security (RADIUS/ TACACS+).
- Establish AWS technical credibility with customers and external parties.
- Troubleshooting of protocol-based policies on Palo Alto firewalls and changing the policies as per the requirement and as per traffic flow.
- Configure policies on the Bluecoat VPM, local database and PAC files to filter the traffic flow by creating custom rules, URL categories and routing policies.
- Completed VPN project by migrating 1000 users from Juniper VPN to Pulse Secure VPNsystem.
- Responsible for user SSL VPN creation on Pulse Secure Junos MAG2600.
- Worked on DNS server involving configuration and resolving DNS related issues, writing rules for NAC servers as per the authentication and authorization of systems within the company.
- Implementing and troubleshooting (on-call) IPsec VPNs for various business lines and making sure everything is in place IPv6 is implemented at a larger scale using cisco ASR 7200 and 9000 series routers delivering flexible service.
- Installing and configuring new cisco equipment including Cisco 1900, 2900, 3900 series routers, Cisco catalyst switches 6807, Nexus 7010, Nexus 5500 and Nexus 2k as per the requirement of the company.
- Worked on regular troubleshooting of BGP, EIGRP routing protocols, working closely with Data center management to analyze the data center sites for cabling requirements of various network equipment, worked on server side to implement the capture the packets. Unit testing and bug fixing.
- Environment: Routers (Cisco 1900, 2900, 3900, 4300 ASR 7200, 9000), Switches (2960, Nexus 7010, Nexus 5500 and Nexus 2k), Firewalls (Juniper EX, MX, SRX, Cisco ASA, Palo Alto, AAA), F5 Load balancer, Avaya, Cisco Voice (H323/MGCP/SIP, CUCME, CUE), protocols BGP, EIGRP, OSPF and DNS server and C programming.
Network Engineer
Confidential
Responsibilities:
- Configuring/Troubleshoot issues with the following types of routers Cisco (7200, 6500, 4500, 1700, 2600 and 3500 series), to include: bridging, switching, routing, Ethernet, NAT, and DHCP, as well as assisting with customer LAN /MAN, router/firewalls.
- Wrote IOS and CAT OS upgrade procedures and Pre/Post checks for customer production upgrades.
- Excellent Troubleshooting Skills and Customer Centric approach.
- Switches Replace branch hardware with new 2851 routers and 2960 switches.
- Implemented Cisco Wireless Access Points and WLC's at various corporate sites fort 11n Infrastructure and its legacy technologies.
- Experience in working with Cisco Nexus 5000 series switches for data center.
- Provided estimated bandwidth requirements for data replication, to best determine adequate timing for migration service levels.
- Configuring HSRP between VLANs, Configuring Ether-Channels, Port Channel on 6500 catalyst.
- Configuring, managing and troubleshooting networks using routing protocols like RIP, EIGRP and OSPF (Single Area and Multi Area).
- Configured OSPF on CISCO devices with multiple routing processes and redistributed them. Tested and hands on experience in multi area OSPF topologies.
- Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
- Assisted in network engineering efforts consistent with the infrastructure of an Internet Service Provider and support of such network services. Helped in designing and implementation of VLAN for the new users.
- Installation and Configuration of various types of Personal Computers and Printers. Installation of different operating systems on Intel based PC's.
- Installed Hard disks, Floppy drives, CD Drives, Sound Blaster cards, CPU, Memory, Power supply unit, Network card, Video graphics card, Hard disk controller card on PC systems.
- Troubleshooting of personal computers. On line Support to customers concerning their computer problems.
- Assisted with troubleshooting all network issues with routers and switches when necessary and consulted with on call tech as needed for client.
- Monitor, troubleshoot, test and resolve Frame Relay, ATM, MLPPP, PPP, and Dial-up.
- Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550.
- Configuring Vlan's, VTP's, enabling trunks between switches.
Environment: Cisco 2950 switches and Cisco 3825 Routers, EIGRP, BGP, MPLS, VLAN, QOS, DHCP, Trunk protocols, DNS, Spanning tree.
Network Admin
Confidential
Responsibilities:
- Installation and Configuration of Cisco routers 2500 series, 2600 series, 2800 series, 3600 series.
- Installation and Configuration of Cisco Switches 4500, 3500, 2900, 2950 and Nortel Switches.
- Design, manage and troubleshoot OSPF, BGP and HSRP routing environment comprised of multiple areas.
- Making sure the NAT is applied appropriately on the firewall for all the third party and DMZ traffic.
- Responsible for Cisco routers in configuring routing protocols OSPF, and EIGRP for clients.
- Detailed design documentation also had the estimated effort and timelines for implementation.
- Configure and troubleshoot VPN's on Firewalls and Routers.
- Establish custom corporate policy on Firewalls.
- Implement Authentication and Authorization using Tacacs+ Server.
- 1 Worked on Layer 2 protocols such as STP, VTP and other VLAN troubleshooting issues and configuring switches from scratch and deployment.
- Creating VLANs and Inter-VLAN routing with Multi-Layer Switching (MLS).
- Cisco IOS Architecture for Cisco routers and switches.
- Maintenance the General Networking objectives of System/Network Operations.
- Installation of wan circuit and routing network traffic on the new available paths.
- Configuring and troubleshooting network problems and coordinating with vendors for installation of routers, switches and VPN concentrators.
- Responsible for Cisco routers in configuring routing protocols OSPF, and EIGRP for clients. Configuration of various routing protocols like BGP, OSPF and HSRP.
Environment: OSPF, RIPv2, BGP, IGRP, LAN, WAN, RADIUS, TACACS, VLAN, Cisco Works, HSRP, CISCO 2600, 2800, 3600, NAT, Static route, Switching.