PROFESSIONAL SUMMARY:

• Experinced Senior Network and Security Engineer with 10+ years of experience, with a sound understanding of network topologies & technologies and multiple s in relevant specialties, seeking to contribute and grow with a dynamic, progressive and innovative organization.
• With several years of experience as a Senior Network Engineer, I have demonstrated the ability to fulfill business goals through network solutions, maintain excellent client relationships, and make bold decisions to achieve corporate and client objectives on critical projects. I have also worked extensively with business analysts and project managers in order to correctly scope and forecast project activities. The forecasts have proven to be accurate within the tolerance margins in all cases and I am confident I can reuse this experience with the same results on future projects.
• Effectively interface with cross - functional senior management to establish requirements, identify internal and external resources, and deliver projects on time and budget across multiple divisions.
• Proven successes in the administration of multi-site WAN/LAN networks.
• Effectively interface with cross-functional senior management to establish requirements, identify internal and external resources, and deliver projects on time and budget across multiple divisions.
• A strong relationship builder, able to effectively interface with all levels of staff, management, and customers to achieve corporate customer service, retention, and revenue objectives.
• Expert in setting up VPN site to site for multiple clients and Cisco AnyConnect using Cisco ASA, Router and Palo Alto firewall (8.1.3)
• Provide strong leadership in coordinating cohesive interaction and collaboration of user groups, technical personnel, customers, sales organizations, and regional/divisional personnel.
• Ability to provide configuration and troubleshooting skills for data networks including LAN, WAN, WLAN and Cisco routers, switches, firewalls, wireless access controllers, and others
• Anyconnect and Global Protect setup for remote users
• Expert in configuring and maintaining Cisco routers, switches, NEXUS, and firewalls (IOS and NX-OS)
• Highly flexible, adapting easily to new environments, technologies, and corporate cultures.

TECHNICAL SKILLS SUMMARY:

Network Hardware: Routers (Cisco GSR, 7500, 7000, 5300, 4000, 3000, 2600, 2500, and Cisco Switches (6500, 5000, 3500, 2900,3750, Nexus 7009, Nexus 5000& Fabric Extenders), F5 LTM and GTM(1600 ver 10.2.3, 10.2.4, C112 ver 11.2.1, ), Radware, Riverbed, Cisco Wireless router (AP1262,AP1441), Palo Alto firewal (PA-3020), PA-5260, PA-5250, PA-5220, PA-3220

Security: Cisco Pix Firewalls (525, 520, 515, 506), ASA 5510, 5580, 5555-X VPN, Cisco IOS Firewall feature set (IOS 12.X), Access Lists, SSH, IPSEC, 3DES, RAIDIUS/TACACS VPN site-to-site, GRE Tunnel, Cisco AnyConnect, PA-5260, PA-5250, PA-5220, PA-3220 and Panorama, Installation, deployment, Analysis and troubleshooting of Firewall Technologies i.e. Fortinet, Palo - alto, Cisco ASA, Firepower and FMC,Migrate, Upgrade and Patch Management of Cisco ASA, Palo alto and Fortinet Firewalls,Setup site-to-site IPSEC VPN tunnel and Remote VPN (SSL) within and across platforms like Cisco ASA, Palo alto and Fortigate Firewalls and Cisco Router devices, Hands on experience on Cisco Application Centric Infrastructure (ACI) and Application Policy Infratructure Controler (APIC) fabric networks

Worked Experience on: Cisco Nexus 9K series switches, Data Center Spine-and- Leaf Architecture (Nexus 9508 Spine and Nexus 9396 Leaf), Cisco Application Centric Infrastructure(ACI) operating mode with 3 components Spine, Leaf and Cisco Application Policy Infrastructure Controller (APIC)

Hands on experience on: the Palo Alto firewall platforms PA-5260, PA-5250, PA-5220, PA-3220 and Panorama.

Hands-on Experience in: configuration of Network architecture on AWS with VPC, Subnets, Internet gateway, NAT, Route table.

LAN/WAN Technologies: OC-12, OC-3, DS3, Confidential -1, and ISDN PRI’s and BRI’s, Ethernet (Gigabit Ethernet, Fast Ethernet) FDDI, Token Ring, VLAN, Frame Relay, HSRP, VRRP, VSS, Multicast (PIM & IGMP ) and MPLS

Routing Protocol: (BGP4, OSPF, EIGRP, IGRP, RIP), Routed Protocol (TCP/IP, IPX/SPX).

Experience working with: Nexus 7K, 5K, 2K devices.

Network Management: SNMP, Nagios, Cacti, Solarwinds Orion (IPAM), Wireshark WAN optimization with Riverbed

Cloud Platform: Amazon Web Services (AWS), Azure.

OS: Cisco IOS, Win 95/98, Win-NT 4.0, Win 2000 Prof., Win 2000 Server, Win 2003 server, MS Office, MS Access

PROFESSIONAL EXPERIENCE:

Confidential, Temple, TX

Senior Network & Security Engineer

Responsibilities:

• Designed and Configuring the WAN infrastructure consisting of dedicated Internet connectivity 500 MB (burstable to 1Gig) to San Jose office, Cisco 2800 series router, Cisco switches 3750, 4500, 6500, Nexus 7000 ASA firewalls(5510,5520,5580, 5555-X with image version 9.5(2)203
• Support for Confidential network infrastructure all over North America.
• Designed and Configuring the WAN infrastructure, consisting of multiple T1 and T3 lines, Cisco routers, Cisco switches and ASA firewall(5510,5520,5580), Radware and Riverbed, Cisco Wireless router (AP1262,AP1441)
• Designed and implemented Cisco Application Centric Infrastructure (ACI) as a solution for data centers using a Spine and Leaf architecture and switch policies, interface policies, AEPs, Physical and External Domains
• Configure and administer security rules and policies to permit and/or deny user traffics based on company. security policy with F5 BIGIP, Fortigate 1500D, Cisco ASA, Firepower and Palo alto firewalls
• Designed and support Data Center Networks utilizing industry best practices and Cisco Application Centric Infrastructure and Nexus 9k platforms.
• Integrated services appliances to Cisco ACI deployments to include Application Delivery Controllers and Firewalls.
• Supported Spine/leaf architecture with nexus 9508 and 9372s utilizing Cisco Application Policy Infrastructure Controllers
• Designed and built the new Data Center in Allen, TX with multi-homing strategies
• Troubleshoot and Worked with Security issues related to Cisco ASA/PIX, Checkpoint, IDS/IPS and Palo Alto firewalls.
• Implemented traffic filters using Standard and Extended access-lists, Distribute-Lists, Filter-List and Route Maps
• Converted outdated IPSEC VPN technology to global MPLS network and DM-VPN topologies
• Migration and implementation of Palo Alto Next-Generation Firewall seriesPA-5060, PA-3060, PA-3020, PA-5280, PA5260 and PA-3220
• Troubleshot and configured PAN firewall for Security Policies, Site to Site IPsec VPN, Zones protection profiles, URL Filtering, PAN upgrade, Vulnerability and Spyware Protection, File Blocking and as well pushing configuration from Panorama
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Utilized application groups, SSL decryption, IPS, antivirus, anti-spyware, URL filtering, NAT, VPN, and the Reporting features of Palo Alto.
• Responsible for the planning, design, implementation, organization and operation of Palo Alto Firewalls based perimeter security network and network security devices including but not limited to 7000, 5000 and 3000 series FW’s. The job also involves simultaneously working on the successful engineering, testing and deployment of multiple projects.
• Designed and configured Firepower IPS deployment for three data centers: three virtual sensors, and a Fire Power Management Center (version 6.0.1.3).
• Configured and implemented Cisco AnyConnect VPN with Microsoft AD username/password for authentication using Cisco ASA firewalls with AnyConnect clients. Designed, tested, and implemented Cisco AnyConnect for remote workers using ASA 5555-Xs.
• Firewall Migration of different Vendors in Production environment
• Designing F5 solutions/support for migration work of applications and websites from Riverbed Balancers to the F5 BigIP Load Balancers.
• Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
• Performed load balancing and application level redundancy by deploying F5 BIG-IP LTM 5050
• F5 Load Balancer setup Adding web servers, LTM Nodes, Pools and members, static and dynamic Load Balancing, destination NAT, iRules, exporting QKView files for troubleshooting.
• Design and implement F5 BigIP Load Balancers for use with web and database applications with Team
• Performed filtering based on user identity, URL and device.
• Deploying and troubleshooting internetworking such as eBGP/iBGP, OSPF, EIGRP, VPC+, Cisco Fabric Extender (FEX), STP, VLAN, HSRP, MPLS - VPN, DMVPN, Site-to-Site VPN, AnyConnect VPN.
• Designed and configured VPN site- to- site more than 20 locations with Cisco ASA (5555-Xs)
• Redesigned, configured and deployed of 6500 catalyst (6509-E) with VSS features as core switch to Datacenter in North Soux city.
• Worked on migration of existing PIX firewall to ASA firewall, PIX OS upgrade from 6.3 to 7.0, also configured on BIG IP (F5) Load balancers and monitored the Packet Flow in the load balancers.
• Created vPC's between core Switches (Nexus 7K) and Aggregation Switches 3800 &3750
• Designed and implemented migration cutovers of MPLS-VPN and DMVPN for newly acquired offices
• Redesign of Internet connectivity infrastructure for meeting bandwidth requirements. This involved negotiating with ISPs, switching from T1 to Flexible T3 lines and configuring/replacing existing Cisco 1605 series routers with Cisco 3925 and 2821 routers.
• Configured, deployed and support F5 LTM and GTM (1600 ver 10.2.3, 10.2.4, C112 ver 11.2.1, )
• Installed different Network Architecture: VLAN, Frame Relay. Designed and Configured LAN and WAN using RIP, IGRP, EIGRP, OSPF, BGP, MPLS and DMVPN.
• Troubleshoot LAN/WAN networks, servers, routers and switches.
• Experienced in configuring and deploying instances on AWS, Azure environments and Data centers, also familiar with EC2, Cloud watch, Cloud Formation and managing security groups on AWS.
• Hands-on Experience in configuration of Network architecture on AWS with VPC, Subnets, Internet gateway, NAT, Route table.
• Built a VPC, established the site-to- site VPN connection between Data Center and AWS.
• Management and Administration of AWS Services CLI, EC2, VPC, S3, ELB Glacier, Route 53, Cloud IAM
• Configured VRF's on the routers to create a separate environment.
• Configured, deployed and support Palo Alto firewall platforms PA-5260, PA-5250, PA-3220 series
• Design, implementation and support of global network device authentication using AAA.
• Enabled remote users to access corporate LAN with VPN connectivity.
• Built DMVPN tunnels between HQ Datacenter and branches to enable connectivity and serve as back for MPLS VPN
• Configured and maintaining of Riverbed Steelheads for WAN Optimization
• Configuring various advanced features (Profiles, monitors, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital s, executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
• Enterprise wireless design, implementation and support using Cisco Wireless router (AP1262, AP1441) with multiple SSIDs.
• Designed, tested, and implemented TACACS+ role-based authentication using ACS. Converted all network devices from local authentication to AAA.
• Implemented QoS using FIFO, Weighted Fair Queuing, Priority Queuing, Custom Queuing, RSVP, RED, and CA Hands on experience in deployment of GRE tunneling, SSL, Site-Site IPSEC VPN and DMVPNR.
• Amazon IAM service enabled to grant permissions and resources to users. Managed roles and permissions of users with the help of AWS IAM
• Configured security groups, network ACLs, Internet Gateways, and Elastic IP's to ensure a safe area for organization in AWS public cloud.
• Worked on Cisco ISE to support authentication for the Wi-Fi users
• Network Access Controls on L2 devices using Identity Service Engine (ISE).
• Migration of ACS product line onto ISE(2.2).
• Optimized performance of the WAN network using Riverbed
• Configured, deployed and support of Nexus 09) and Fabric Extender.
• Support for Confidential network infrastructure all over North America.
• Monitor Wide Area Network using Nagios/Cacti. Work with circuit providers to resolve outages.
• Documentation of all the work done using Visio, Excel and MS word.

Confidential, Richardson, TX

Network Engineer

Responsibilities:

• Designed and Configuring the WAN infrastructure consisting of dedicated Internet connectivity 200 MB to Chicago office, Cisco 2800 series router, Cisco 3750 and 4500 Switches, ASA firewalls(5510,5520,5580)
• Designed and Configuring the WAN infrastructure, consisting of multiple T1 and T3 lines, Cisco routers, switches, ASA firewall (5520,5550 &5580)
• Manage Palo alto, Cisco ASA and Fortinet policy and network
• Configuring various advanced features (Profiles, monitors, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital s, executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall
• Collaborating with Application Team to migrate applications from Legacy NetScaler Load Balancer to New F5 BIG-IP Local Traffic Manager
• Redesign of Internet connectivity infrastructure for meeting bandwidth requirements. This involved negotiating with ISPs, switching from T1 to Flexible T3 lines and configuring/replacing existing Cisco 1605 series routers with Cisco 3640, 3925 and 2821 routers.
• Installed different Network Architecture: VLAN, Frame Relay and designed and Configured LAN and WAN using RIP, IGRP, EIGRP, OSPF, BGP, MPLS and DMVPN.
• Troubleshoot and Worked with Security issues related to Cisco ASA/PIX, Checkpoint, IDS/IPS and Palo Alto firewalls.
• Network Access Controls on L2 devices using Identity Service Engine (ISE).
• Migration of ACS product line onto ISE.
• Enabled remote users to access corporate LAN with VPN connectivity.
• Configuring rules and maintaining Palo Alto Firewalls & Analysis of Firewall logs.
• Provisioned, tested and troubleshot SIP, MGCP, H.323, VOIP and T1/T3 and Call Manager 4.2 and 7.0
• Created and managing the VLAN on the switches and VPN on Firewall.
• Configured PIX-TO-PIX and Router -to- PIX VPN tunnel between our offices (Richardson, Seattle, Chicago, Atlanta) throughout USA.
• Optimized performance of the WAN network consisting of Cisco devices such as 2800,3900, 4500,5500 and 3750 using Riverbed
• Documentation of all the work done using Visio, Excel and MS word.

Confidential, Dallas, TX

Network Engineer

Responsibilities:

• Upgraded Cisco CRS-1 from IOS-XR 3.8.3 to 3.9.2
• Experience in Planning, Installing and troubleshooting the Edge routers.
• Configured MPLS TE, MPLS L2VPN on CRS-1.
• Involved in configuration of various PE routers such as Cisco GSR 12416, 7613.
• Involved in Replacement of FPCs, PICs on Juniper M320 and T640 routers.
• Configuring MX 960 on Core Back Bone replacing the GSR routers in California POP.
• MOP review for the Core routers regarding the Upgrade process and Line card replacement.
• Provide essential Capacity Management support for all Layer 3 services including MIS, VoIP, Network Management Devices, Core Routers, Fiber Drawers, and Wi-Fi.
• Developed and directed the implementation of tactical plans for access, backbone, and interoffice networks deploying CISCO CRS, GSR and OSR routers.
• Responsible for project plan development to support ongoing capacity demand for all types of access services.
• Configured and deployed VOIP, QOS and defined class of service (COS), WRED and WFQ for bandwidth management.
• Configuring OSPF as the Routing Protocol between PE and CE routers. Worked on MPLS enabled Backbone.
• Troubleshoot CISCO CRS on the core and 6500 in the Customer network.
• Responsible for design and implementation of the Voice over IP backbone network involving Customer Edge as (6509, 6513) with SUP 720 processors and PFC cards.
• Decommissioning 7600 routers in various POPS and SNRC’s.
• Worked on circuit speeds ranging from OC-3, OC-12, OC-192 and OC-768.
• Wrote upgrade procedures and Pre/Post checks for customer production upgrades.
• Deployed Project plans for VOIP and Central Back Bone CRS Routers and capacity managed them for network Survivability and VAN 3.0 Upgrades.
• Deployed CISCO 12416, CRS, 6500, 7613and Network Management devices in various SNRC’s to meet Edge capacity demand.

Confidential, Plano, TX

Network Engineer / Administrator

Responsibilities:

• Monitor and provided technical support for the Global Network
• Configured and Setup Cisco Routers and Catalyst 5000, 5500, 3550, 4550, 6500 Switch(5000, 3524, and 2900)
• Troubleshoot and Implemented traffic filters on Cisco routes using Standard and Extended access-list.
• Provided technical support to more than 200,000 users of NT 3.51, NT 4.0, 2000 and 2003 server, FBSD and Linux
• Provided input and support for troubleshooting of Layer 2 LAN technologies including but not limited to Ethernet (Switched, FastE and GigE), Spanning-Tree, VLANs, VTP, and trunking (802.1q and ISL).
• Installed different Network Architecture: VLAN, Frame Relay. Designed and Configured LAN and WAN using RIP, IGRP, EIGRP, OSPF and BGP.
• Performed maintenance and troubleshooting and setup and large IP Ethernet networks (200,000 hosts )
• Maintain, modify and expand primarily Cisco based networking environment consisting of multiple routers, switches, PIX firewalls, and Cisco VPN site-to-site and remote access
• Provided input and support for troubleshooting of IP technologies, including but not limited to Network connectivity, IP addressing (CIDR and VLSM), Routing Protocols (BGP, OSPF, EIGRP)
• Designed and implemented security policies using ACL, PIX firewall (515, 520) and ASA (5505,5510 etc)

Confidential, Plano, TX

Network Engineer

Responsibilities:

• Implemented network solutions for Confidential customers. Deliverables include a formal written proposal, detailed price quote, and network diagrams of the proposed solutions. Design and coordinate implementation for customer access to a large-scale predominately Cisco-based router network.
• Functions include determining hardware/circuit requirements, completing design and equipment documentation, developing IP addressing schemes, writing/implementing router configurations and coordinating installations.
• Part of team that designed network infrastructure in over 50 metro-areas utilizing WAN connectivity, wireless technologies, and dark fiber to provide Internet connectivity to partner ISP’s and customers. Responsible for global routing policy utilizing BGP4 and OSPF, IP Addressing strategy, capacity planning & developing/testing new services.
• Performed configuration and troubleshooting of Frame Relay on routers (2500, 2600, 3600, 4000, 7200 and 7500); which involves LAN/WAN topologies and routing protocols (EIGRP, OSPF, BGP) and security such as ACL, QoS, SNMP, ISDN, NAT, PAT, CISCO FIREWALL Ethernet, Spanning Tree, VLANs, Frame-Relay, MPLS, TCP/IP, IPSec PIX.
• Provided input and support for troubleshooting of IP technologies, including but not limited to Network connectivity, IP addressing (CIDR and VLSM), Routing Protocols (BGP, OSPF, HSRP, static routes), VPNs, Firewalls and QOS.
• Provided trunking on switches ( Cisco 6500, 3500, 4500, 5500 ) and allowed Vlans on the trunks and spanning tree
• Supported and provided troubleshooting and redistributed for EIGRP and OSPF routing on Cisco 7500, 7200, and 3600 equipment.
• Re-engineered BGP routing (Route Maps, AS-Path prepend, MED, Local P) to load balance traffic across multiple ISP’s links.