We provide IT Staff Augmentation Services!

Sr. Network Security Engineer Resume

4.00/5 (Submit Your Rating)

Thomasville, GA

SUMMARY:

  • CCNA, CCNP certified Dynamic and versatile Network/Security Administrator/ Engineer with 7+ years of outstanding knowledge, skills and expertise, dedicated and committed to providing excellent interconnectivity and networking services, network security and solving networking problems.
  • In - depth knowledge of Network Designing, Deployment, Configuring, Troubleshooting and testing of networking system, protocols, security vulnerabilities, network security and networking administering.
  • Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.
  • Extensive experience working on Cisco and Juniper routers/switches in complex environments with multiple ISPs.
  • Management and configuration of FortiGate 500D & ASA5525 firewall / Switching / Routing
  • Hands on experience in SDN/ACI virtualization, VXLAN, Cloud technologies AWS .
  • Hands on experience of data center environment and implementation of VPC, VDC and Fabric path on Nexus 7K, 5K, & 2K Switches.
  • Experience deploying, configuring, and troubleshooting of wide array of Juniper devices which include Routers (M, MX series), Switches (EX series) and Firewalls (SRX series)
  • Experience in deploying and supporting SD-WAN module in the production network environment
  • Configuring and implementing F5 BIG-IP LTM/GTM/ASM load balancers to maintain local traffic
  • Expert in dealing with Networking Protocols and Standards such as TCP/IP, OSI, UDP, Layer 2 (VLANs, STP, VTP), Routing Protocols (RIP, EIGRP, OSPF, BGP).
  • Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
  • Experienced firewall engineer with advanced knowledge of Checkpoint, Fortinet, Cisco ASA 5500 series, JUNOS and Palo Alto.
  • Hands on experience on FortiGate 200E,400E,800D,2500E and 3300 E .
  • Experience in implementing, maintaining and troubleshooting L2 switching tasks such as
  • VLANs, VTP, VLAN Trunking using ISL and 802.1Q, STP, RSTP, PVST+, Ether channel using LACP and PAgP, Inter-Vlan routing, CEF and DCEF.
  • Firmware upgrade for Meraki MS, Meraki MR, Meraki MV, Meraki MX for the better performance.
  • Implemented redundancy with HSRP, VRRP, GLBP, Ether channel technology (LACP, PAgP).
  • Proficient hands on experience in configuration & troubleshooting of routing protocols and deployment of OSPF, EIGRP, BGP and Policy routing on Cisco Routers.
  • Handle the day to day FortiGate 500D & ASA 5525 firewalls operational issues
  • Good knowledge in configuring and troubleshooting Exterior Gateway protocols such as BGPv4 including internal BGP (iBGP) and external BGP (eBGP).
  • Deploying and operating complex DMVPN with High availability, scalability and security.
  • Strong hands on experience on ASA (5540/5550) Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
  • Configuring, Monitoring and Troubleshooting Cisco's ASA 5500, with creating object groups and network-based rules for implementation, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
  • Hands-on on configuration and setup of firewalls from vendors like Cisco, Fortinet, Cyberoam.
  • Installed and maintained Citrix Web Interface and Storefront servers for XenDesktop and XenApp sites.
  • Experience with Cisco, Juniper, F5, Arista, Dell, HP, Palo Alto, Checkpoint, Aruba hardware and software platforms. Experience in Design, troubleshoot and high-level view of Access, Distribution and Core Model and Spine Leaf Model.
  • Troubleshooting the FortiGate 60d firewall and FortiGate 124d switches in live environment.
  • Hands-on experience with Routers, Firewalls, Cisco ASR9K and Meraki Devices.
  • Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall
  • Hands on experience in full stack deployment of networking issues, securing the router and troubleshooting them.
  • Experience in layer-3 Routing and layer-2 Switching. Dealt with Nexus models like 9K,7K, 5K, 2K series, Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3750, 3500, 2900,9300,9500 series switches.
  • Worked on Nexus platform 7010, 5K series (5548, 5020 and 5010) and FEX (2248, and 2232) and deployed VPC, VDC and Fabric Path and successfully implemented Virtual Stack Switching on the Cisco catalyst switches.
  • Review templates documents for new VoIP Projects.
  • Design, implement and maintain java application phases.
  • Utilized the Blue Coat Proxy, SIEM, SOC, IPS/IDS.
  • Responsible for managing FORTIGATE firewall 310B.
  • Configured and handled IPSEC Site to Site VPN in Fortinet Firewall as well as Cisco RV042 VPN Router, Dax-1821 IRW Router.
  • Experience with tools used for Security (ArcSight, Tuffin, Provider1)
  • Provided Load Balancing towards access layer from core layer using F5 Network Load Balancers.
  • Experience in Configuring F5 Load Balancers: Adding virtual IPs, nodes, pools and health monitoring.
  • Hands on experience on F5 BIGIP LTM 11.2, F5 BIGIP GTM, F5 BIGIP APM.
  • Implement Identity and security requirements on AWS.
  • Support of Palo Alto Networks PA-Series Firewalls/ PAN-OS Platform.
  • Configured and optimization settings of Riverbed Steelhead.
  • Plenty of Hands on implementation IWAN technology.
  • Helping the customers migrate towards IWAN.
  • Experience with tools used for Security (ArcSight, Tuffin, Provider1).
  • Experience with migration tool in PA and migration experience from ASA to PA also from CISCO to JUNIPER.
  • Knowledgeable in the Microsoft Office Suite, to include creating network/layout diagrams in Visio and detailed data analysis using Excel.
  • Hands and in depth understanding of LINUX commands and experience with Cisco IOS, NX-OS.
  • Working with Cisco for opening TAC Case and resolving issues to meet project deadlines.
  • Working knowledge with monitoring tools like Solar Winds & network packet capture tools like Wire-shark.
  • Well versed with scripting like Python, Bash and SHELL and hands on experience in Linux OS.
  • Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tools

TECHNICAL SKILLS:

Routers: 7200, 3800, 3600, 2800, 2600, 2500, 1800

Cisco Switches: 2900, 3500, 4000, 4500, 5000, 6500, 9300,9500, N2K,5K,7K and 9K

Routing Protocols: Understanding of RIP, OSPF, EIGRP, and BGP, IS-IS, Redistribution, Static Routing, Route Filtering.

Network Security: Understanding of VPN, RADIUS, 802.1x, Port Security, and Firewalls, Standard and Extended ACLs, IPsec, VPN, Port-security, Imperva (Web Application Firewall) SSH, SSL, IKE, AAA, Prefix-lists, Zone-Based Firewalls, NAT/PAT, HIPAA standards, Ingress & Egress Firewall Design, Content Filtering, Load Balancing, IDS/IPS, URL Filtering, L2F, IDS, TCP Intercept, Router Security.

VLAN, VTP, Inter: vlan routing, VxLAN, ISL, dot1q, STP, RSTP, PVST, HSRP, GLBP, Ethernet, Port security.

WAN Technologies: Frame Relay, MPLS, PPP, HDLC, X.25, E1/T1/DS1/DS3, Optimizers, Riverbed

Wireless: Access points and controllers

Firewalls: Cisco ASA 5500,5540, Palo Alto (PA-2k, PA-3k, PA-5k)

Tools: Cisco ACI, Cisco ACE and Cisco Tetration Analytics

Load Balancers: F5 (BIG-IP) LTM 2000, 3900, 6400, 6800.

Services: Done configuration for AWS, VLANs, STP, SNMP, DMZ and redundancy protocol (HSRP & VRRP)

Scripting: Microsoft Active directory, Python, PowerShell, BASH Wireshark, Net flow Analyzer, HP Open View, Cisco Works, Ethereal, OPNET, Solar winds, Cisco Meraki

PROFESSIONAL EXPERIENCE:

Confidential, Thomasville, GA

Sr. Network Security Engineer

Responsibilities:

  • Experience with Network Redesign for campus type sites. Local sites and connected these sites to the MPLS and data center.
  • Experience with design and configure Fiber Channel over Ethernet (FCoE) on Cisco Nexus devices.
  • Cisco Application Centric Infrastructure (ACI), SD-WAN (Viptela), VXLAN using BGP EVPN,
  • Cisco AnyConnect and Cisco Meraki experience.
  • Assist in configuration and troubleshooting of Cisco Routers/Switches, Cisco ASA, Juniper Router/Switches, Juniper SRX Firewall, Riverbed, Checkpoint, Aruba Controllers, Aruba Access Points, Aruba ClearPass, ISE2.0, ACS and MPLS network. Lead network capacity planning, monitoring, reconfiguring and tuning of network hardware.
  • SDWAN experience (Cisco Meraki, Cisco Viptela, OMP, DMVPN, SDWAN Controllers, Templates and Policies, Scripting/programming).
  • Configure and troubleshoot HA cluster, backup, upgrade FortiGate firewall,
  • Created and managed site VPN{IPSEC} and client VPN {IPSEC, SSL} on FortiGate wire walls.
  • Configure VDOM, build policy as per requirement.
  • FortiGate Firewall 200D/60 E, FortiGate Access point, Cyberoam CR50ing and basic knowledge Cisco Meraki MX64 Firewall.
  • Implemented Checkpoint NG on DL380 and Nokia appliances and object-oriented rule sets with Tuffin to validate rule utilization.
  • Data Center Design/install/Configure on Cisco Nexus 9k, 7K, 5K & 2K Switches (Nexus Switches Nexus5548, 5596, 7009) for Implemented feature like ACI, VDC, VPC, fabric path and OTV. Worked on configuring Nexus 2K Fabric Extenders. ISSU software upgrade in Nexus switches.
  • Migrated a Cisco ASA firewall to FortiGate using Forti Converter.
  • Checkpoint NGX firewalls, FortiGate 1500D Firewall, & Basic of Cisco ASA 5500X Series.
  • Implement code upgrades on the DDoS environment using A10 and Radware. Detect and take appropriate action to mitigate DDoS attacks with a wide level of independence
  • Successfully implemented iWAN technology more then 1000+ site. Played a key role in Implementing QoS in Cisco and Juniper hardware based on user traffic.
  • Deployed ACI data center lab facilities and supported with Open stack and VMware ESX
  • Expert for our Cortex portfolio, including Advanced Endpoint Protection (Traps), Cortex XDR - Investigations and Response, and Analytics, plus Autofocus, Data Lake and Demisto (security orchestration, automation & response).
  • Hands on experience in implementing Security Orchestration and Automation Solutions such as Phantom, Demisto.
  • Utilized the Blue Coat Proxy Web Security, SIEM, SOC, Malware Tracking, Rapid7-NeXpose, and Tuffin, IPS/IDS, Nessus Tenable, Retina, Solaris OS for addressing the PCI DSS and Compliance and Cryptographic Services.
  • Configure Forti Manager 300F/400E/2000E in Data Center to centralized manage the Fortigate across branches.
  • Troubleshooting DMVPN and Meraki auto-VPN, addressing Wireless issues on Flex Controller 7500.
  • Experience supporting enterprise wireless (Cisco / Meraki)
  • Experience working with migration from 6500 series devices to 4500 Series switches in Campus deployments at Core, Distribution and Access Layers.
  • Configured Forti Analyzer in DC models 300F/400E/800F for logs.
  • Optimize and virtualize SD-Wan service providers using via Silver peak, Riverbed, Viptela, Citrix.
  • Experience with LAN protocols like STP, RSTP, MST, VTP, VLAN and Port Channel Protocols like LACP, PAGP.
  • Supervised network admin, Blue Coat Proxy, Tuffin, Check Point Firewall.
  • Use features like SD-WAN in the FortiGate firewall.
  • Experience in working with Python, Perl, Unix, Linux.
  • Configured and maintained IPSEC on PA 5050 Palo Alto Firewalls.
  • Experience in deploying OSPF/EIGRP/BGP redistribution and the changing the metrics for the primary and backup.
  • Successfully migrated IPsec site to site VPN from Cisco ASA to FortiGate firewall.
  • Experience with design and implementation of Data center migration.
  • Supports and maintains enterprise wireless network infrastructure consisting of multiple controllers, and 4000+ light-weight AP’s, across 150+ locations
  • Experience with Cisco, Meraki experience with data center technologies like (servers, server OS, hypervisors, storage)
  • Configuring and troubleshooting of Fortinet Firewall (FortiGate 100D, 110C, 200D, 200E).
  • Prepares new club network equipment for installation and field service network deployment
  • Designs and reviews construction plans of new sites, remodels, acquisitions, for wireless services
  • Experience as a Cisco ISE Engineer creating design documentation, building ISE rules, implementing ISE solutions across a variety of environments.
  • Experience with Tuffin Orchestration Suite supports next-generation firewalls, network layer firewalls, routers, network switches, load balancers, web proxies, private and public cloud platforms and microservices.
  • Perform on-premises implementations (Cisco IOS, ASA, Nexus, Meraki, Palo Alto, FortiGate, Juniper, Nokia/Alcatel-Lucent) and configuration associated with Layer 2 switching (VLANs, STP, vPC, LACP), Layer 3 routing (OSPF, EIGRP, BGP), Network Security (ACLs, NATs, IPsec VPNs, SSL remote access VPNs), and QoS.
  • Configured VDOM on FortiGate Firewall.
  • Extensive design and operational experience with; Enterprise/carrier-class routers and switches (Cisco Viptela SD-WAN, Meraki.
  • Assisted lead engineer in implementation of the IWAN (Intelligent WAN - Cisco SD-WAN) and VPN (Secure Transport) for enterprise networks.
  • Envision and drove Cisco's SD-WAN (IWAN) and VPN for Enterprise and MSP networks
  • Experience utilizing WIFI analyzers, Wi-Fi survey software tools (i.e. Air Magnet, Ekahau, etc.) and test equipment
  • Deployment of SRX series (SRX-100, 210,220,240 and 550), Fortinet (1000c and 1500 models) Ex series switches and troubleshooting all technical issues
  • Configuring Apache Web Server.
  • Designing and implementing routing/switching protocols in complex environments including BGP, OSPF, and EIGRP.
  • Setup and Monitor the networking devices using tools like SolarWinds, Cattools, Syslog, Scrutinizer and Meraki Dashboard etc.
  • Perform root cause analysis on the problems coming across Project execution.
  • Experience with the one or more of the following vendors and products: Cisco ASA, Cisco CSM, Palo Alto Firewalls, Palo Alto Wildfire, Palo Alto Panorama, Netwitness, Gigamon, Symantec Secure Mail Gateway, Symantec Proxy SG, Symantec CAS, FireEye (EX,NX), Check Point Firewalls
  • Maintained a BGP/MPLS infrastructure.
  • Installed, Configuration and managed Cisco Meraki Switch Series MS LP, MS LP, MS FP and Meraki AP
  • Identify, design and implement flexible, responsive, and secure technology services.
  • Implemented Positive Enforcement Model with the help of Palo Alto Networks.
  • Responsible for maintenance of F5 LTM and GTM load balancers including upgrades, patches and creation of complex VIP and WIP configurations.
  • Security policy review and configuration in Palo Alto and Juniper SRX Firewall in US offices and Datacenter.
  • Troubleshooting on regular issues reported on Juniper SRX, Fortinet firewalls.
  • Performing the basic configurations & installations of Cisco Meraki firewall, Access point, Switches & Anti-Virus.
  • Worked on F5 BIG-IP Load balancer LTM/GTM for application redundancy and high availability.
  • Responsible for Checkpoint and Cisco ASA firewall administration across global networks.
  • Configuration of Site to Site VPN in FortiGate and ASA.
  • Responsible for managing FORTIGATE firewall 310B
  • Configuring and Troubleshooting Site to Site IPsec tunnels on Fortinet FortiGate Firewalls
  • Provided proactive threat defense with ASA that stops attacks before they spread through the network .
  • Installing and configuring Cloud computing services like SaaS and PaaS.
  • Experience with design and configure Fiber Channel over Ethernet (FCoE) on Cisco Nexus 5548 devices
  • Experience with converting WAN routing from EIGRP/OSPF to BGP (OSPF is used for local routing only) which also involved converting from Point to point circuits to MPLS circuits.
  • Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN
  • Configuration and Troubleshooting of Firewalls such as Cisco ASA and FortiGate (1000D, 800D, 200D, 51D)
  • Current and thorough knowledge of Cisco, Meraki and Aruba technologies
  • Worked on juniper EX & QFX series switches & CISCO switches., SRX firewall environment, Worked in JUNOS 15.1x49.
  • Troubleshooting VoIP issue like, installing and configuring VoIP devices voice break, one ways audio, trunk down, etc.
  • Experience on deploying Wi-Fi access points and configuring, and Troubleshooting Wi-Fi controller
  • Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500 with ACL, NAT, Object Groups, Failover, Multi-Contexts.
  • Plan and execute routine, scheduled maintenance and health check tasks of leveraged and dedicated SIEM Environment.
  • Experience supporting secure enterprise wireless networks; including Meraki knowledge and experience
  • Configuration and Troubleshooting of Cisco ASA, and Palo Alto and ZBFW, Imperva encapsula.
  • Experience with migrating from Cisco ASA 8.2 version to Cisco ASA 8.4 Version.
  • Implement and configured VRRP/GLBP (on distro/core switching), HSRP on different location of office on the switched network and managing the entire multilayer switched network
  • Develop application code for java programs.
  • Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for a datacenter access architecture
  • Experience configuring VPC, VDC and ISSU software upgrade in Nexus 7010
  • Experience in Configuring, upgrading and verifying NX-OS operation system with OSPF, BGP
  • Responsible for managing activities, Upgrading IOS - Upgrading hardware and installing new devices, Tuning (Configuration), make standardization for the topology
  • Expert knowledge in BGP, iWAN, DMVPN, EIGRP, MPLS, VRF, QoS, PBR, VSS, HSRP, STP, CISCO Meraki stack, WAN Optimization technologies and have Cisco Nexus Strong written and verbal communication skills.
  • Provide front end on-call network support 24x7x365 for all network infrastructures in the co-operation.
  • Migration of existing IPSEC VPN tunnels from one Data Center to another Data Center, due to decom of existing Data Center, which involved working with Partner Companies.
  • Experience in Wireless technologies across multiple vendors included but not limited to Cisco Meraki, Mist.
  • Implemented Site-to-Site VPNs over the internet utilizing 3DES, AES/AES-256 with ASA Firewalls.
  • F5 LTM: Configuration, Solution Designing and Managing F5 BIG IP LTM Load Balancer,
  • Worked on troubleshooting VPN (site-to-site) and Extranet connectivity in juniper SRX firewalls.
  • Creating VIPs, Creating Pools, and Associating Pools with VIPs, Creating Persistence Profile, SSL Profile, SSL Offloading, creating I Rules, designing with High Availability solution with Network Failover.
  • Strong hands on experience in installing, configuring, and troubleshooting of Cisco Routers, Cisco Catalyst Switches, ASA, Fortinet & Palo Alto Firewall.
  • Proficient use of scripting to maintain integrity by using SHELL, BASH commands.
  • Experience of MS OF and Infoblox and wrote projects

Environment: In Corporate office architecture with highly reliable & secured network including Cisco routers (7200, 4330, 3800, and 2800) and Cisco switches (6500, 3700, 4900, 2900,9300,9500), Nexus (7K, 5K & 2K,9K) Routing Protocols (EIGRP, OSPF, BGP), Switching protocols (VTP, STP, GLBP, HSRP, VSS), ASA (5505, 5510), Load Balancers(F5), Palo Alto Networks, IWAN

Confidential, Columbus, OH

Network Security Engineer

Responsibilities:

  • Experience with Network Redesign for Company Campus Locations and Moving from 6500 based Data Center to Nexus based Data Center.
  • Experience working with design and deployment of MPLS Layer 3 VPN cloud, involving VRF, Route Distinguisher (RD), Route Target (RT), Label Distribution Protocol (LDP) & MP-BGP.
  • Experience with design and configure Fiber Channel over Ethernet (FCoE) on Cisco Nexus 5548 devices.
  • Experience working with migration from 6500 series devices to 4500 Series switches in Campus deployments at Core, Distribution and Access Layers.
  • Experience with LAN protocols like STP, RSTP, MST, VTP, VLAN and Port Channel Protocols like LACP, PAGP.
  • Experience in implementation, configurations and management of network security tools like web application firewalls (F5 ASM, Imperva), IDS/IPS (Cisco Firepower) in the network, Firewall Analyzer (algosec, tuffin), DDoS
  • Hands-on on configuration and setup of firewalls from vendors like Cisco, Fortinet, Cyberoam.
  • Hands on experience on FortiGate firewall, Cyberoam configuration and modification as per the client requirement.
  • Configuring new client connectivity via Site2Site/Remote/SSL VPN on FortiGate
  • Analyze and troubleshoot internal and external VOIP issues
  • Conducted SD-WAN Proof of Concept (POC) preparation (coordinated logical default route change and re-direction of Internet destined traffic to Fortinet 100D firewalls) for future adoption (Viptela, Silver Peak, Riverbed/Ocedo)
  • Management and configuration of FortiGate 500D & ASA5525 firewall / Switching / Routing
  • Implemented and maintained the monitoring and alerting of corporate servers/storage using AWS CloudWatch to ensure reliability of applications, developed and deployed stacks using AWS Cloud Formation templates
  • Strong experience working with Cisco Meraki Wireless (critical).
  • Implemented & monitoring Mod Security & Imperva WAF Solutions.
  • Experience in deploying EIGRP/BGP redistribution and the changing the metrics for the primary and backup.
  • Published Application in Citrix farm
  • Experienced in deploying and troubleshooting Cisco ASA, Checkpoint Firewall, FortiGate Firewall, Palo Alto Firewall.
  • Exposure to Meraki Network Technologies.
  • Designing and implementing routing/switching protocols in complex environments including BGP, OSPF, and EIGRP.
  • Intelligent WAN, team delivering IWAN solutions for enterprise customers to reduce OPEX. Enterprise customers are adopting IWAN and it is getting a lot of traction. Played a Challenging role to get the solution out to cisco customers as oppose to features and Interacted with several customers and helping them migrate to IWAN.
  • Experience on Software-Defined technology (SD-WAN & SD-LAN) vendor products like VIPTELA, Versa, Velo Cloud, Aryaka, Cisco Meraki and etc.
  • Configure virtual interfaces and run multiple website on single host, configure apache on standard and non-standard TCP ports.
  • Created scripts that backed up a Linux server to a Windows 2003 Server and administration menu.
  • IOS upgradation of Cisco catalyst switches, ASA, Access points and routers & NXOS upgradation on Nexus switches
  • Development and configuration of SIEM systems tools like Solar winds, Splunk.
  • Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500 with ACL, NAT, Object Groups, Failover, Multi-Contexts.
  • Configured Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000 to connect servers and storage devices and configured Juniper EX-series switches in new data center.
  • Experience with migrating from Cisco ASA 8.2 version to Cisco ASA 8.4 Version.
  • Responsible for Cisco ASA firewall administration with classifying different security zones, Creating policies and Object groups for better administering across our global networks.
  • Experience with converting WAN routing from EIGRP/OSPF to BGP (OSPF is used for local routing only) which also involved converting from Point to point circuits to MPLS circuits.
  • Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN
  • Implement and configured VRRP/GLBP (on distro/core switching), HSRP on different location of office on the switched network and managing the entire multilayer switched network
  • Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for a datacenter access architecture
  • Configure various firewall (Fortinet, ASA, Meraki, Palo Alto) and breakdown firewall policies for successful migration. Install, operate and maintain network equipment on various client networks.
  • Configuring and troubleshooting of FXO & FXS VOIP Gateways for inter site telephonic communication.
  • Experience configuring VPC, VDC and ISSU software upgrade in Nexus 7010
  • Experience in Configuring, upgrading and verifying NX-OS operation system with OSPF, BGP
  • Responsible for managing activities, Upgrading IOS - Upgrading hardware and installing new devices, Tuning (Configuration), make standardization for the topology
  • Provide front end on-call network support 24x7x365 for all network infrastructures in the co-operation.
  • Migration of existing IPSEC VPN tunnels from one Data Center to another Data Center, due to decom of existing Data Center, which involved working with Partner Companies.
  • Implemented Site-to-Site VPNs over the internet utilizing 3DES, AES/AES-256 with ASA Firewalls.
  • F5 LTM: Configuration, Solution Designing and Managing F5 BIG IP LTM Load Balancer,
  • Creating VIPs, Creating Pools, and Associating Pools with VIPs, Creating Persistence Profile, SSL Profile, SSL Offloading, Creating I Rules, designing with High Availability solution with Network Failover.
  • Proficient use of scripting to maintain integrity by using SHELL, BASH commands.
  • Virtualization

Environment: In Corporate office architecture with highly reliable & secured network including Cisco routers (7200, 3800, 2800) and Cisco switches (6500, 3700, 4900, 2900,9300,9500), Nexus (7K, 5K & 2K,9K) Routing Protocols (EIGRP, OSPF, BGP), Switching protocols (VTP, STP, GLBP, HSRP,VSS), ASA(5505, 5510), Load Balancers(F5), Palo Alto Networks, IWAN,VIPTELA

Confidential, Windsor, CT

Network Engineer

Responsibilities:

  • Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks
  • Extracting the policies and contracts in an ACI fabric.
  • Worked on ACI fabric node process crash troubleshooting.
  • Configuration of Site to Site VPN in FortiGate and ASA.
  • Experience in deploying EIGRP/BGP redistribution and the changing the metrics for the primary and backup.
  • Cisco, Meraki, Aruba APs and WLCs.
  • Design and implementing secure networks, network monitoring using uptime tool, by configure SNMP for all Fortinet devices, NOC management: Managing network operations, L2 & L3 technical Support
  • Worked extensively on LINUX(Ubuntu) platforms.
  • Paths for the packet prioritization and EIGRP tuning.
  • Creating and monitoring the WIFI captive portal login credential using Fortinet firewall.
  • Experience on a mesh 6500 and 5500 series routers and switches to support the core trading system. Involved.
  • Daily monitoring of network usage and creating a DHCP IP address using MAC address for client side in Fortinet firewall.
  • Current and thorough knowledge of Cisco, Meraki and Aruba technologies.
  • Performed ACL and NAT configuration changes in Checkpoint, FortiGate and Cisco firewalls based on customer requirements.
  • Developed CloudFormation scripts, deployed AWS resources and automated EC2 instances
  • Implementing and troubleshooting (on-call) IPsec VPNs for various business lines (site-t-site and remote) and making sure everything is in place for both Palo alto firewalls and Juniper SRX firewalls
  • Managing firewalls like Sophos 450XG, Fortinet 500E, handling their configuration for network policies, failover, QOS policy, PBR, load balancing and web filtering.
  • Managed multiple security devices to protect the Enterprise's network - Vulnerability Scanners, Malware Detection, and Intrusion Detection; Host based Firewalls, SIEM, Web Application Firewall, and Cisco UCS.
  • Work on Next Generation Devices ASR Cisco 4451/4351/4451 , Cisco ASA 5516/5525/5555- X with Fire power configuration and implementation.
  • Installations, configuration and troubleshooting Cisco Router, Switches, Firewalls, Bluecoat and Wireless Controller.
  • This unique position has allowed me to Deploy, Implement and configure Nexus 7000, 5000 and 200 series switches, 2148T fabric extenders, Cisco 4500 modular switches with SUP6-E supervisors, Cisco 4948 switches, Cisco Wireless device and HP Pure Cure Switches and Wireless device Aironet.
  • In designing data communications and networks utilizing that utilize a mixture of frame relay, point to point
  • Designed MPLS VPN and QoS for the architecture using Cisco multi-layer switches
  • Cisco IOS experience on 3600/7200 class hardware in complex WAN environment and experience on Cisco OS and IOS on CAT6500 in a complex data center environment
  • Configuring IP, RIP, EIGRP, OSPF and BGP in routers.
  • Experience in migration of Frame-relay based branches to MPLS based technology using multi-layer stackable switch like 6500 series and 2800 series router
  • Configured OSPF redistribution and authentication with type 3 LSA filtering and to prevent LSA flooding.
  • Configured OSPF over frame relay networks for NBMA and point to multipoint strategies.
  • Handled Corporate and Review Audits from the perspective of IT Security for Network Devices and Servers under our control.
  • Configuring, maintaining and securing of Apache, Tomcat, I IS and Nginx Web Server and SSL.
  • Implementing traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).
  • Upgrades and backups of Cisco router configuration files to a TFTP server
  • Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers
  • Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
  • Involved in I Rule management like loading rules, writing I Rule syntax using TCL language
  • Hands on Experience testing I Rules using Browser (IE), HTTP watch
  • Created engineering configuration, Security Standards, documenting processes and Network documentation using Microsoft Visio.
  • Implemented the concept of Route Redistribution between different routing protocols
  • Switching related tasks included implementing VLANS, VTP, STP and configuring on Fast Ethernet
  • Involved in SNMP Network management. Worked on various scanning and Sniffing tools like Ethereal
  • Implementing and maintaining backup schedules as per the company policy
  • Experience working with Nexus 7010,7018, 5020, 2148, 2248 devices
  • Experience working with High performance data center switch like nexus 7000 series
  • Managing a TACACS server for VPN user authentication and network devices authentication
  • Installed and configured the Cisco routers 2800 in two different customer locations. It includes coordinating with Verizon and AT&T in order to bring the serial interface up for T3 link. Also, configuration includes frame relay, BGP and VPN tunnel on GRE
  • Expert knowledge; BGP, iWAN, DMVPN, EIGRP, MPLS, VRF, QoS, PBR, VSS, HSRP, STP, CISCO Meraki stack, WAN Optimization technologies and Cisco Nexus Strong written and verbal communication skills.
  • VLAN Configurations, troubleshooting and Firewall ACLs and Object-Groups configuration and support
  • Configured IPsec site-to-site VPN connection between Cisco VPN 3000 Concentrator and Cisco 3800
  • Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tunings AS-path.
  • Manage Cisco Routers and troubleshoot layer1, layer2 and layer3 technologies for customer escalations
  • Taking Regular backups & testing the backups by restoring in test lab frequently.

Environment: Router series (2800, 3800, 7200) and switch series (3750, 3550, 4509E, 6509E), Cisco ASA (5505, 5510) firewall, Routing Protocols (EIGRP, OSPF, BGP), Switching protocols (VTP, STP, VSS), Site to Site VPN, Remote Access VPN, Cisco VPN 3000 Concentrator, Cisco ACS 4.x, Load Balancers(F5), Palo Alto Networks.

We'd love your feedback!