SUMMARY:

• Cisco certified professional with over 5+ years of experience in network design, execution, and support.
• Knowledge in troubleshooting of routing, switching, firewall network, and complex network systems.
• Expert knowledge and experience in designing LAN, WAN and Wireless access services securely as well as installing, configuring and supporting Large/Medium - scale enterprise networks.
• Worked on network topologies and configurations such as TCP/IP, UDP, Frame Relay, ATM, bridges, routers, hubs, and switches.
• Worked with Routing protocols such as BGP, OSPF, EIGRP, RIPv1&v2, switching architecture and protocols (STP, RSTP, PVST, RPVST, VLANs, VLAN trunking 802.1q and Spanning Tree).
• Experience with Nexus models like 7K, 5K, 2K series, Cisco router models like 7600, 7200, 3800, 3600, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3750, 3500, 2900 series switches.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MST.
• Hands-on experience in Azure Cloud Services (PaaS & IaaS), Storage, Web Apps, Active Directory, USQLS, Application Insights, and Logic Apps.
• Experience in supporting Global Avaya VoIP S8720 Communications Manager Server MPLS Platform consisting of International Call Centers and PBX's.
• Hands on experience with Infoblox Grid and hardware.
• Proficient in configuring and troubleshooting Cisco Site-to-site and Remote Access VPN (Cisco Any connect VPN 4.2) solutions on Cisco ASA firewalls 5520,5550,5585.
• Expertise in installing, configuring, and troubleshooting Juniper EX Switches (EX2500, EX3300, EX4200, EX4500, EX8200 series).
• Experience with Cisco UCS on VMware, Installation, Upgrades and Patching.
• Proficient in using SolarWinds and Network Performance Monitor (NPM).
• Performed Tier 3 level troubleshooting and support to new and existing customers on Cisco Call Manager 10.5.
• Implemented VPN solutions for site-to-site connectivity using Juniper SRX services gateway and remote access VPN solutions using Juniper Pulse secure access.
• Familiar with Checkpoint 23000/15000, Next-gen firewalls security gateways, Security management server and configuring them through Smart console.
• Installation, configuration and maintenance of Checkpoint, Cisco, Palo Alto, Juniper, Fortinet Firewalls.
• Worked on Multi-vendor platform with checkpoint, Fortinet and Cisco firewalls requesting net flow for security compliance, coding, and pushing firewall rules after approval and troubleshoot incidents as required.
• Extensive understanding in working with Wireless LAN controllers using standard 802.11 a/b/g/n/ac protocols and knowledge on WI-FI security protocols (WPA, WPA2).
• Experience with F5 load balancer monitoring, configurations, and testing (both LTM and ASM modules).
• Implemented various Switching Technologies STP, RSTP, VLAN and VLAN Trunking Protocol (VTP), Inter-VLAN routing, Ether channel using LACP along with Failover Mechanisms such as HSRP and GLBP.
• Support the Websense web filter product. Assist customers with installing, integrating, configuring, and troubleshooting the product on customer network.
• Knowledge on Cisco load balancers (CSM, ACE and GSS).
• Proficiency with Cisco Wireless Controllers and Access points.
• Adequate knowledge in sniffers and network management tools such as Wireshark, TCP dump, Ettercap, Xplico, Microsoft Network Monitor, NMAP, NetShark.
• Expert in installing and configuring Splunk forwarders on Linux, UNIX, and Windows.
• Implemented proxy configurations in the network using Cisco Iron Port and Blu-coat proxy servers.
• Worked with migration of firewall rules from Cisco ASA to Palo Alto networks firewalls manually as part of migration project.
• Knowledge of JUNOS platform and worked with IOS upgrade of Juniper devices.
• Efficient at use of Microsoft VISIO/Office for technical documentation and presentation tools.
• Have good exposure with NetScaler and A10 Load balancers and deploying them into the network.
• Experience with installing and managing IT services such as Active directory, Site replication, DNS, SSH, DHCP, NAT and Terminal service.
• Expert knowledge in Cisco Security: Telnet, SDM, NAT/ACLs, AAA, Layer 2 Security, Layer 3 Security, IPS/IDS, Cisco (ASA, PIX), Cryptography, VPN, IPsec.

TECHNICAL SKILLS:

Cisco: 1800, 2500, 2600, 3900, 4000, 7200, 7600 Series

Juniper: J2320, J2350, J4350, M10i and M7i.

Cisco: Catalyst 6500, 6300, 2960 Series and Nexus 2K, 3K, 5K, 7K Series.

Juniper: EX2500, Ex3300, Ex4200, Ex4500, Ex8200.

Operating Systems: Windows XP/Vista/7/8/10, Cisco IOS/CATOS/IOS-NX, JUNOS, LINUX, Unix.

Routing Protocols: TCP/IP, UDP, IPv4/IPv6, RIP, IGRP, EIGRP, HSRP, OSPF, BGP, MPLS.

Security Protocols: WPA, WPA2, IKE, IPsec, SSL, AAA, Access-lists, prefix-lists.

HSRP, F5 BIG: IP LTM/GTM, CSM, ACE, GSS, AX10.

Network Security: Cisco ASA Firewall, Palo Alto Firewall, Checkpoint Firewall, Juniper SRX, SonicWall.

Servers: Domain servers, WINS servers, FTP servers, DNS servers, Proxy servers, Application servers.

Management Tools and Sniffers: Cisco Security Device Manager, SNMP, Cisco CTM, Wireshark, SolarWinds, NetProfiler, NetFlow, NetShark, Splunk, Xplico.

Microsoft office: Excel, PowerPoint, Word, Visio, office 365

WORK EXPERIENCE:

Confidential, Atlanta, GA

Sr. Network Engineer / Network Security Engineer

Responsibilities:

• Implemented VTP and trunking protocols (802.1q and ISL) on 6500 and 6300 series Cisco Catalyst switches.
• Configured IP routing in Cisco routers including static and dynamic Routing.
• Performed Router configurations and troubleshoot LAN inter-networking problems.
• Troubleshooting complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF and BGP.
• Configured HA for Cisco 5520 Wireless controllers (WLC’s).
• Installed and configured new cisco 2110 firepower firewalls and configured HA.
• Worked on Cisco DNA Center and Cisco ISE.
• Revitalized, established, maintained and ensured adherence to security, and remote access policies (CISCO ASA, Fortinet Firewall).
• Knowledge of 802.11 protocol both at the physical and MAC layer. Familiar with wireless network security features 802.11i (WEP, WPA/WPA2, WPA/WPA2-PSK and WPA/WPA2-Enterprise) & Authentication protocols like EAP, PEAP, 802.1x.
• Performed Network Administration duties for LAN/WLAN/WAN/SAN including Windows Server stand up and support.
• Provided VPN services to site-to-site and, Remote access VPNs using IPsec tunneling along with ensuring of high availability.
• Configured Cisco VOIP sets; 7975, 7940, 7941, 7960, 7937/8831 polycom and 8841 SIP Devices.
• Build, configure, and maintain VMware ESXi hosts and Virtual Machines to include Windows SolarWinds.
• Troubleshooting WAN, LAN issues and provide speedy resolution within SLA.
• Configure new switches/routers and places into the network via Emergency and standard change controls.
• Fortinet Firewall administration, configuration of FortiGate 3000, 3815 series as per network diagram.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP and RSTP, MSTP, LACP.
• Work closely with ISP and 3rd party vendors to maintain network uptime based on SLA requirements.
• Switching related tasks included implementing VLANS, VTP, RSTP and Port security.
• Configure Client VPN technologies including Cisco's VPN client via IPSEC.
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
• Troubleshoot the Network Issues onsite and remotely depending on the severity of the issues.
• Designed and implemented IT security policies and networked backup systems.
• Preparing technical documentation (design, configurations, and production check-outs) using Microsoft VISIO.
• Worked collaboratively with the team in revising company policies, technical reports, related documents,
• Providing comprehensive networking support leveraging VMware, Active Directory, SolarWinds Orion, with Cisco Catalyst and Nexus switches.

Confidential, Plano, TX

Network Security Engineer

Responsibilities:

• Responsible in providing Network Design, Installation, Analysis, Troubleshooting and support for wireless technologies like LAN, WAN and WLAN Services.
• Planning, designing, Installing and Configuring of Cisco Routers (1800, 2500, 2600, 3200, 3600, 3700, 3800 and 7200, 7609) & Cisco L2 & L3 Switches (2900, 3650, 4500 & 6500).
• Configuring and implementing Routed and Routing protocols including TCP/IP, IPX/SPX, RIP, RIP2, OSPF, EIGRP, IS-IS, BGP.
• Providing comprehensive networking support leveraging VMware, Active Directory, SolarWinds Orion, with Cisco Catalyst and Nexus switches.
• Worked on Net scalar and A10 Load balancers and deploying them into the network.
• Provided test and evaluation recommendations for SAM and NCM modules for future SolarWinds platform expansion
• SolarWinds administration of NPM v10.4, UDTv2.5.1, NCM v7.1, WPM v2.0.0, VNQM v4.0 and SAM v5.2 including onboarding, configuration & administration for 500+ devices and 70,000+ interfaces
• Establishing VPN tunnels using IPsec encryption standards, configured, and implemented site-to-site VPN, Remote VPN.
• Upgraded Wireless controllers (8540 to latest code 8.2.130.0).
• Executing traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).
• Expert in IKEv1 and IKEv2 IPsec site-to-site VPN tunnel creation and troubleshooting, remote-access (client-to-site) IPsec and Any Connect SSL VPNs and integration with RADIUS or LDAP servers for 2 factor authentications.
• Configuration of client-side network monitoring IDS/IPS, Tipping Point and Deep Discovery Sandboxes.
• Deployed, configured, managed, and troubleshot JUNOS-based enterprise routing and switching platforms, including EX2200, EX4200, EX4500, SRX240, and SRX650 devices.
• Performed migration project involving migration of edge routers cisco 7600 to Juniper MX 240 and MX 480 as a part of data center edge routers migration.
• Worked in configuring and troubleshooting switching and routing protocols on Juniper EX series switches.
• Experience in global implementation of Infoblox DNS/ IPAM management tool.
• Manage multiple Infoblox devices both physical and virtual for IPAM, DNS, and DHCP services.
• Resolved ticket escalations for Call Manager, Call Manager Express, Unity Connection& Unity Express
• Creating Security policies and rules in Fortinet firewalls used as egress filtering firewall in the enterprise network environment.
• Auditing and review of the rules in security policies in multi-vendor firewall environment like Checkpoint, Fortinet and Palo Alto.
• Corporate firewall management and support including site-to-site IPsec VPN and remote SSL VPN architecture design and implementation on Fortinet systems.
• Design, implement, and manage highly available network and systems architecture solutions according to established SLA requirements.
• Revitalized, established, maintained and ensured adherence to security, and remote access policies (CISCO ASA, Fortinet Firewall).
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Remediation of firewall rules from Cisco ASA firewalls to F5 and their implementation.
• Experience in working with Splunk authentication and permissions and having significant experience in supporting large-scale Splunk deployments.
• Managed firewall using fortigate to allow or block IPs, created policies added different interfaces and VLANs.

Confidential, Charlotte, NC

Sr. Network Engineer

Responsibilities:

• Configuring Routing protocols such as RIP, OSPF, EIGRP, static routing on Juniper M and MX series Routers.
• Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Provided VPN services to site-to-site and, Remote access VPNs using IPsec tunneling along with ensuring of high availability.
• Troubleshoot Fortinet Firewall issues, edited policies and created rules.
• Managing enterprise BGP setup by configuring and troubleshooting BGP related issues. My responsibility was also to add new BGP peers for remote branch offices and business partners.
• Configuring and deploying new Cisco 8540 controllers for upgrades.
• Provided expert knowledge of Riverbed SD-WAN.
• Fortinet Firewall administration, configuration of FortiGate 3000, 3815 series as per network diagram.
• Created and maintained Cisco TAC cases until closure of VOIP network issues.
• Monitored Global Support Service desk for tickets that were opened dealing with VOIP troubles or changes.
• Maintained Cisco VOIP infrastructure over Dell Servers running via VMware vSphere Client 5.0 virtual network.
• Recommend and design equipment configurations for LAN/WAN/VOIP deployment on Cisco, ADTRAN, Fortinet, F5, and Bluecoat.
• Implemented a robust Cisco Unified WAN that includes Riverbed technology, as well as QoS for both Cisco Routers and Riverbed Optimization Technology.
• Responsible for managing partnership with number of security vendor such Cisco, F5 load balancer and web application firewall, FortiGate, FireEye, Bluecoat, Symantec, Splunk Enterprise.
• Monitor and configure performance tools within SolarWinds
• SolarWinds NPM 10.2 including IPSLA 3.5.1, NCM 6.1 and NTA 3.7 installation, configuration & administration
• Manage and assign nodes and windows credentials to templates in SolarWinds.
• Assisted in MPLS migrations, implemented a backup for the existing WAN connection using site-to-site IP sec VPN tunnels.
• Troubleshooting WAN, LAN issues and provide speedy resolution within SLA.
• Troubleshooting of protocol-based policies on Palo Alto Firewalls and changing the policies as per the requirement and as per traffic flow.
• Design highly available, cost effective and fault tolerant systems using multiple EC2 instances, Auto Scaling, Elastic Load Balancer and AMIs.
• Involved in Configuration of Access lists (ACL) on Juniper and Palo Alto firewall for the proper network routing for the B2Bnetwork connectivity.
• Experience with Firewall Administration, Rule Analysis, Rule Modification.
• Experience in Configuring, upgrading, and verifying the NX-OS operation system.
• Supporting EIGRP and BGP based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations.
• Management of ASA fireballs in the DMZ and FWSM in the Server Farm to provide security and controlled/restricted access.
• Experience in configuring network Security access control on switch infrastructure and apply policies like User Authentication.
• Worked on network monitoring tools such as NMAP, SolarWinds, Wireshark, Turin Secure Track and Splunk.

Confidential, Cleveland, OH

Network Operations Engineer

Responsibilities:

• Configured, implemented, and troubleshoot routers and switches.
• Installed, configured, maintained, and worked on troubleshooting issues of Data center.
• Configuring HSRP between VLANs, Configuring Ether-Channels, port channel on catalyst 6500 switch.
• Worked on Extensively on Cisco ASA Firewalls 5500(5510/5540) Series.
• Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550.
• Configured and performed software upgrades on Cisco Wireless LAN Controllers 5508 for Wireless Network Access Control integration with Cisco ISE.
• Aided Tipping Point's network migration from public to private management space.
• Configured Wireless Access Points, Controllers using Cisco Prime.
• Expert in Cisco Clean access manager and servers, Cisco NAC.
• Monitoring the routing traffic using Cisco 2000 and Wireshark.
• Provided administrative support to Tipping Point's full array of network security products including IPS/IDS, Next-Gen Firewalls, databases, and storage systems.
• Configuration and maintenance in a 24x7x365 SLA production environment.
• Configured Network Security policies to ensure that all the network is segmented in the way that no data leak happens from one zone to another.
• Configuration and extension of VLAN from one network segment to their segment between different vendor switches (Cisco, Juniper).
• Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non - trunking, deployed port security when possible for user ports.
• Monitored all equipment using SolarWinds.
• Proficient in handling high availability solutions on all kinds of firewalls, configuring them in cluster and troubleshooting failover issues.
• Worked with Load Balancing team to build connectivity to production and disaster recovery servers through F5 Big IP LTM load balancers.
• Maintaining SSL on Citrix net scalar load balancer and managing the virtual servers.
• Proficiency in handling High Availability solutions on all kinds of firewalls, configuring them in cluster and troubleshooting failover issues.
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where required.

Confidential

Network Support Engineer

Responsibilities:

• Configured and installed CISCO Routers 1800, 2500 in networks.
• Implemented VTP and trunking protocols (802.1q and ISL) on 2560, 2570 and 4500 series Cisco Catalyst switches.
• Configured IP routing in Cisco routers including static and dynamic Routing.
• Performed Router configurations and troubleshoot LAN inter-networking problems.
• Troubleshooting complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF and BGP.
• Knowledge of 802.11 protocol both at the physical and MAC layer. Familiar with wireless network security features 802.11i (WEP, WPA/WPA2, WPA/WPA2-PSK and WPA/WPA2-Enterprise) & Authentication protocols like EAP, PEAP, 802.1x.
• Performed Network Administration duties for LAN/WLAN/WAN/SAN including Windows Server stand up and support.
• Experienced in wireless/RF communications with knowledge and experience in technology integration of Wireless Broadband/Convergence (IEEE 802.11, WiMAX, BYOD, etc.)
• Extensively worked on implementation of Firewall ACL's, designing perimeter security policy, allowing access to specified services, enabling IDS/IPS signatures in Firewall and fine-tuning of TCP and UDP.
• Monitoring and maintaining compliance standards on Company’s Endpoints.
• Deploying, Configuring, Upgrading and Monitoring Security Compliance Management products and policies (Endpoint Security, Web Gateway).
• Troubleshooting WAN, LAN issues and provide speedy resolution within SLA.
• Configure new switches/routers and places into the network via Emergency and standard change controls.
• Configured Cisco Catalyst Switches 1800, 2900 and 3650 Series.
• Sustaining proper documentation of the network setup and change control.
• Configure Client VPN technologies including Cisco's VPN client via IPSEC.
• Managing IP address and VLANs.
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
• Troubleshoot the Network Issues onsite and remotely depending on the severity of the issues.
• Designed and implemented IT security policies and networked backup systems.
• Set up and troubleshoot secured wireless access points (WAP) and wireless LAN controller (WLC) for broadband internet.
• Preparing technical documentation (Equipment Selection, design, configurations, and production check-outs) using Microsoft VISIO.
• Worked collaboratively with the team in revising company policies, technical reports, related documents, and materials, as well as in troubleshooting network and major incidents within the company.