SUMMARY

• Over 8+ years of practical experience in the IT field as a network engineer, with proficient hands - on experience in the areas of Wi-Fi portfolio, Routing, Switching and Troubleshooting Strong knowledge in configuring and troubleshooting routing protocols like RIP, OSPF, VOIP, IS-IS, SNMP, EIGRP and BGP
• Installing and Configuring Cisco switches 2960, 3560, 4500, 6500, 4900, 2900, 3750, Nexus 5000, Nexus 7000, WS-C4948, Juniper EX, QFX and Alcatel 7705 SAR series
• Installation & configuration of Cisco VPN concentrator 3060 for VPN tunnel with Cisco VPN hardware & software client and PIX firewall
• Hands-on expertise with routers 2600, 2900, 3600, 3900, 7200, 7600, ASR-901, ASR-903, ASR 5500, ASR-9010 and Juniper ACX, E, M, MX960 series
• Working Knowledge on Devices like Juniper SRX240, Alcatel5620 SAM, 9500 MPR and Omni switch 6400
• Responsible for the design and deployment of a Yellowpages.com Internet Services Data Center in consisting of Juniper MX80 Edge Routers, Juniper SRX3600 Firewalls in a High Availability Cluster, Juniper 8216 Layer 3 Switches for Data Center Core, Juniper EX4500 Switches for Distribution, Juniper EX2200 for Access, Cisco ASA VPN Firewalls, Cisco Out-of-Band Terminal Servers, and F5 VIPRION Load Balancers (Including iRules, pools, SNAT, SSL Interceptions, VIPs, ASM and LB Configurations).
• Implementation, working analysis, troubleshooting and documentation of LAN, WAN & WLAN architecture with excellent work experience on IP series
• Administration of Meraki MDM for organizational cell phones and tablets.
• Working knowledge with Load Balancers F5 LTM like 3900, 6900 for various application
• Working knowledge of Firewall, LDAP, AAA, TACACS/RADIUS, and IPSEC
• Proficient with TCP/IP and relative OSI models
• Security policy configuration including NAT, PAT, VPN, SSL-VPN, Route-maps and Access Control Lists
• Strong practical experience in IP addressing, Sub-netting, VLSM and ARP, proxy ARP, and ping concepts
• Expertise in troubleshooting and configuring DNS, DHCP, TFTP, TELNET, SSH, FTP and NFS
• Excellent hands-on experience in designing and implementing IP addressing that includes both IPV4 and IPV6
• Strong fundamental knowledge in implementing Layer-2 level technologies including VLAN's, VTP, STP, RSTP and Trunking
• Troubleshoot Wi-Fi devices using Cisco ISE and Cisco PRIME
• Provided technical expertise and consultation in network administration, security prevention with Akamai and secure works, Cisco WCS (Wireless Control System) for Wi-Fi and Fore Scout for wired breaches
• Technical support for improvement, up-gradation & expansion of the network architecture
• Experience in the AWS cloud networking like VPC, Direct Connect, etc
• Working experience on tools and devices like Source Fire, Fire eye, Aruba, Cisco ASA, Cisco ISE
• Good understanding and working knowledge of Protocols like IEEE 802.1, IEEE 802.3& IEEE 802.11, 802.1x, EAP, PEAP & EAP-TLS
• Exposure to MS Office 365 & provisioning Microsoft Azure Express Route circuits
• Hands-on experience of Python scripting, automation using Python, string parsing, libraries, API's, regexp and more
• Expertise on various Operating Systems and software's like Win8, Win7, Win 2008, Win Vista, Ubuntu, Kali Linux, Red Hat Linux, Asterisk and MS Office Suite, Adobe Photoshop
• Working Experience in SONET, DWDM & ATM Networks
• Working Experience in VMware ESX 5.x, VMware Workstation, VMware vCenter Server, Microsoft SharePoint, System Center 2012 R2, C++
• VoIP Installation and troubleshooting, configuring Digium Phones and setting up VoIP over VLAN
• Good understanding and working knowledge of ITIL standards
• Hands on experience on several Ticketing Tools like JIRA, Change Management, Service Catalog, ePCR, SR, Remedy, IP center, etc.
• Working Experience on web content filter and gateways like Blue Coat, Websense
• Working Experience on Network Scanning, Management, Alerting & Logging tools like Solar Winds, Net cool, Science Logic, Log Logic, EM7, Indeni, nCircle, PRTG, Wire shark
• Comprehensive understanding of OSI Model, TCP/IP protocol suite (IP, ARP, ICMP, TCP, UDP, SNMP, FTP, TFTP)
• Planning, Designing, Implementation of small, medium organizations including LAN, VLAN, WLAN and WAN on wired and wireless networks
• Working experience on different connection medium like Fiber and Copper Connectivity
• Having vast experience in designing and configuring of Switches for VLANS and inter-switch communications

TECHNICAL SKILLS

Routing: RIPV1, RIPV2, IGRP, EGIRP, OSPF, BGP, Route Filtering, Redistribution, Summarization, and Static Routing

Switching: VLANs, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switch, Ether channels, Transparent Bridging, CEF, DECF, Port Security, VSS Cisco 2960, 3560, 4500, 6500, 4900, 2900, 3750, Nexus 5000, Nexus 7000, WS-C4948, Juniper EX, QFX and Alcatel 7705 SAR

Router: Cisco 7600, 7606, 7609, 7613, 7200, 4400, 3900, 3800, 2900, 1900, ASR-901, ASR- 903, ASR 5500, ASR-9010, 7206 VX, MWR 2941, Alcatel 7705 SAR, Juniper ACX, E, M, MX960 and SRX 240 series

Switches: Cisco Catalyst 6500, 4500, 3560, 3750, 2960, Nexus 7000, Nexus 6000, Nexus 5000, Juniper EX, QFX and Alcatel 7705 SAR series

Network Security: Cisco ASA5550/ 5540, NetScreen, Juniper SRX, Palo Alto, Checkpoints, AAA, Firemon, FREE RADIUS, CADA, LDAP, IPsec VPN, SSL VPN, IDS, IPS, Source Fire, Fire Eye, Cisco NAC (4.9.3), Cisco ISE, Aruba, RSA, RSA 2 Factor, SIEM, Qradar, Tripwire

Network Management: Wire shark, SNMP, Ethereal, Solar Winds, Net cool, Science Logic, Log Logic, EM7, Indeni, nCircle, PRTG, Blue Coat, Websense, Cisco NAC, ISE, Active Directory

Operating Systems: Windows (98, ME, 2000, XP, Sv2003, Sv2008, Sv2012, Vista, 7, 8), Ubuntu, Linux, Kali Linux, CentOS, FreeBSD, Red Hat

Software’s: VMware ESX 5.x, VMware Workstation, vCenter Server, System Center 2012 R2, MS SharePoint, C++

PROFESSIONAL EXPERIENCE

Confidential, Morristown, NJ

Sr. Network Security Engineer

Responsibilities:

• Deeply involved in Cybersecurity frame work, Threat analysis, Vulnerability assessment and Penetration testing and perform risk analysis
• Implemented NIST and ISO technical controls on Network and Security devices by following the security standards provided by DOD guidelines
• Experience configuring multiple models of Cisco ASA, 3750, 3800, 3900, 6500, 7600 and ISR platforms
• Configured complex ISE implementation involving 6 agencies with GETVPN, DMVPN, SSL VPNs
• Acted on juniper Netscreen Firewalls like, NS50, SSG 550M, SSG520M, ISG 1000, ISG 200
• Execution of juniper Firewall, SSG Series, Netscreen arrangement ISG 1000, SRX arrangement
• Manage Also backing juniper Firewalls utilizing NSM (NetScreen Also ISG firewalls)
• Cisco Router (2800,2900 and 3800 models, IOS ver 12.4) - Configuration of ACLs, Routing Protocols (OSPF, BGP, EIGRP and RIPv2)
• Efficient in configuring and implementing load balancers like Cisco ACE, and A10
• Basic and advance F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 and general troubleshooting of the F5 load balancers
• Integrated ISE with an MDM solution for mobile devices including onboarding using EAP- TLS .
• Load Balancing using Cisco ACE, Kemp, ADC, F5, Security Device Manager (SDM)
• Hands-on knowledge on Cisco ACE, Brocade and F5 Big-IP Load balancing (LTM & GTM) method implementation and troubleshooting
• Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst 6500 switches
• Configuration and troubleshooting of Cisco 6500, 7500, 7200 Series routers
• Knowledge in design and deploy of F5 LTM, GTM, APM, ASM solutions.
• Cisco Switch (6500 series, 3560 Models, IOS ver 12.2) - Configuration of VLAN, Cisco Redundancy Protocol HSRP, Configuration of Static ACLs
• Experience in implementing Security Incident and Event Management System (SIEM) using HP ArcSight, Splunk
• Provide monitoring and alerting of critical applications using the Riverbed SteelCentral NetProfiler, Transaction analyzer, and NetSensor
• Configuring the PCI Palo Alto Firewall to The Tufin Monitoring Tool for The Log Analysis as The Syslog Server
• Responsible for the secure development lifecycle for Cisco's Nexus line of products, including Application Centric Infrastructure (ACI), Application Policy Infrastructure Controller (APIC) - Cisco's Software Defined Network (SDN) solution, as well as the Cisco Nexus 9k, 7k, 6k, 5k, 4k, & 2k.
• Open stack SME and worked closely with developers on APIC ML2 Plugin integration with ACI
• Supporting follow on project that will provide our customers with a single user experience when deploying and operating different Cisco controllers (APIC, APIC-EM) as well as workflow simplification
• Firewall Audit and Compliance Check Using Tufin And Generation of Reports Based on The Analysis
• Configured Tufin Secure Track for checkpoint firewall to analyze the firewall rules
• Developed correlation rules for Security Incident and Event Management (SIEM) system. Reviewed the solution implemented for "log forwarding" from various network devices to HP ArcSight central logging for alerting and security monitoring
• Cisco ASA (5510 and 5520, IOS ver 8.1) - Configuration of zone-based policy firewall
• Administered Palo Alto Firewalls to allow and deny specific traffic and to monitor user usage for malicious activity and future QoS
• Experience with the quality department Cisco QoS and maintenance teams
• Configured and deployed QoS and defined Class of Service (COS) WRED and WFQ for bandwidth management
• Strong experience in creating firewall policies as per the requirements on Checkpoint, Palo Alto, Cisco ASA, Juniper and Fortinet firewalls. Solid understanding of OSI and TCP/IP model
• Configure and implementing Fortinet Security systems Firewall. Assisted in managing global Fortinet FortiGate firewall infrastructure
• Responsible for maintaining multi-vendor network environment including Cisco ASA, Juniper JUNOS, MX, QFX and Fortinet firewall. Aided in troubleshooting potential network issues in rolling out ISE
• Strong experience in defining and testing Wi-Fi technologies and enhanced features
• Responsible for implementing QoS prioritizing voice traffic over a data
• Spanning Tree (PVST), Rapid STP (RSTP) and Rapid per VLAN Spanning Tree Protocol (PVST+)
• Proficient in operation of Cisco Nexus 5K switches with Fabric Extender using VPC, VLAN, STP and LACP
• Configured TCP idle timeout settings for Azure Load Balancer, Configured the distribution mode for Azure load balancer, and configured multiple VIPs for a cloud service. Configured Site-to-Site connection in the Azure portal
• Integrated AWS Network with our existing production and corporate network
• Configuring various advanced features (Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIG-IP appliances SSL termination and initiation, Persistence, Digital Certificates). Overall firewall onboarding to FireMon - firewall change orders, system implementation, setup of accounts on firewall and FireMon system, set-up of requestors and approvers
• Dealt with creating VIP pools, nodes and created custom iRules for the virtual servers like cookie persistency and redirection of URL on F5 ASM cookies issues and configures ASM policies
• Configuring F5 Load Balancers: Adding virtual IPs, nodes, pools and health observation
• Configure F5 Load balancers for SSL handling, Design and Implemented Virtual Server Farm for Web site load balancing in DMZ
• Optimized performance of the WAN network consisting of Cisco 3550/4500/6500 switches by configuring VLANs
• Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K and downstream devices
• Configure VDC on Nexus 7k. Virtual Port Channel (VPC) between 5K and 2k. Configure VRF, VRF- Lite
• Configure Nexus 2K (FEX) which acts as a remote line card (module) for the Nexus 5K for the Nexus 5000 to connect servers and storage devices
• Strong experience on DevOps essential tools like Chef, Puppet, Ansible, Docker, Kubernetes
• Implemented a production ready, load balanced, highly available, fault tolerant Kubernetes infrastructure
• Wi-Fi roaming testing with 802.11 a/b/g/n modes using different AP vendors
• Experience working with Nexus 7010 and 5020 switches
• Worked on Datacenter Fleet Migration project to migrate the existing 6509, 4509 devices to a Nexus 7010, 5010
• Convey 802. 1x Confirmation (both remote What's more Wired network) for office clients using Aruba Clear pass right administration framework
• Designation usage of Aruba Wireless result including Aruba S3500 versatility switch, Aruba 105, 175, 225 camp us AP, Aruba 7210 & 7220 AP controller
• Send 802. 1x Confirmation (both remote and Wired network) to office clients using ArubaClear pas s right administration framework
• Delivered multi -tier web applications using IaaS, PaaS setup and support, Setup data analytics lake on Azure IaaS service
• Migrated moderate workloads from on premise to Azure IaaS
• Published web services APIs using Azure API management service
• Generated test plans and scripts detailing network related configuration on Arista
• Performed installation and configuration of Cisco, Arista and juniper devices
• Good knowledge of Arista products and EOS and 7500E,7300 and 7200 series
• Experience in planning, designing, building and implementing network systems LAN and WAN using Cisco (Nexus/NX-OS, ASR), Arista, Juniper switches and routers
• Implement, support, and evaluate security-focused tools and services
• Identify security issues and risks, and develop mitigation plans
• Checking and configuring access lists
• Headed a team and managed the NSX-SDN and produced catalogue of potential technologies/vendors for Network Functions
• Physical installation, staging and basic configuration as per the implementation/LLD and integration testing: Cisco ASR 9K, Cisco Nexus 7000 and 5000 switches, Cisco 3750 switch stacks, Foundry EdgeIron, NetIron, BigIron, and ServerIron switches, F5 VIPRION, 11050, 8900 and 6900
• Responsible for the security of the SDN data centre environment
• SDN Network and Controller Optimization (NEU)
• Assisted the customer to develop SDN Operating and Equipment Operating Procedures
• Evaluate and recommend new and emerging security products and technologies
• Customize the signature policy and configuring Alerts on reaching the attack threshold for the signature in the ISS (Intrusion Detection / Prevention System)
• Designing and Consulting Security Engineering, Information Security Solution Architecture, Security Product Management, F5 ASM, F5 APM etc.
• Configure Crypto maps in Cisco VPN concentrator between branch locations and data centre
• Configure and implement firewalls like Cisco ASA Firewall/FWSM, VPN Client
• Participate in IOS upgradations for firewalls, routers and other network and security devices
• Perform NATing rules & access lists in firewalls, routers in order to establish the connectivity between internal and external network
• Configure and troubleshooting Site-Site VPN's, in Cisco routers/firewalls
• Handling Network management and HTTP intelligence and protocol assessment in Splunk Enterprise Security
• Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tools
• Worked on change management documentation of Network infrastructure design using Microsoft Visio, SYSLOG
• Presented to upper management the many issues we were faced with that lead to the 1 1/2-year upgrade of our entire Network Security infrastructure. Introduced and made production Network Security Virtualization with the F5 Viprion and Checkpoint VSX technologies
• Point of contact for Network Security operations for various divisions, departments
• Worked on automation of test environment using python and shell scripting
• Scripting in python for updating and configuring of devices and networks
• Moving files to linux servers using RSync. Monitor and Troubleshoot OS (Linux) and performance related issue
• Knowledge of UNIX and LINUX administration

Confidential, Glen Allen, VA

Network Security Engineer

Responsibilities:

• Experience with designing, implementing and troubleshooting Cisco routers and switches using different routing protocols like OSPF, EIGRP, BGP, ISIS and MPLS L3 VPN, VRF
• Installing and Configuring Cisco switches 2960, 4500, 6500, 4900, 2900, 3750, NEXUS 5000, WS-C4948, JUNIPER EX, QFX AND ALCATEL 7705 SAR SERIES
• Hands-on expertise with routers 2600, 3600, 3900, 7200,7600, ASR-901 and ASR-903 series
• Designing, implementing LAN/WAN configurations on Cisco 5K, catalyst 6500 switches
• Configuring and deploying Cisco ISE in monitor mode in different sites
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE
• Used Cisco ACE load balancer between the servers inside the network and in the DMZ
• Worked with migrations off Cisco CSS and Cisco ACE/GSS onto F5 LTM active/passive pair and deploy F5 GTM for site redundancy across two data centers connected via two diverse service providers
• Experience in working with load balancer for converting CSS to ACE
• Used load balancers ACE and load balancing technique with multiple components for efficient performance and to increase reliability through redundancy
• Troubleshoot network connectivity by utilizing Netscout Infinistream and Riverbed
• Responsible for implementing of lean initiatives, training and supervision of new IE Techs for riverbed
• Experience configuring VPC, VDC and ISSU Software upgrades on Cisco Nexus 7010
• Experience in Configuring, upgrading and verifying the NX-OS operating system
• Performed installation, configuring, and maintenance of Arista series routers and switches along with other Cisco devices
• Administering different firewall from claiming juniper / NetScreen, Previously, a figured out how conveyed nature's domain
• Migrating to Cisco APIC-EM with dynamic QoS templates serving 5 high-volume Call Centers with Call Center as a Service. Resulting in enhanced flexibility at more cost-effective price-points, and elevated customer care capabilities
• Closely worked with HW and SW engineers to resolve functional issues and fine tune performance to make best-in-class Wi-Fi/Communication products
• Cisco APIC-EM (IWAN) Deployment using CSR1000v Switch and VMware
• Experienced attempting for security issues identified with cisc ASR 9K, checkpoint What's more juniper Netscreen firewalls
• Install and configure Tufin orchestration suite and manage the Tufin tool from the scratch
• Deployed Tufin in a distributed architecture with central server and remote collectors
• Policy Reviewing, Audit and cleanup of the un-used rule on the firewall using Tufin and Splunk
• Satisfying schedule progress solicitations for net screen os firewall Furthermore determining inconvenience tickets, uphold and observing firewalls
• Trained staff on effective use of Jenkins, Docker, GitLab and Kubernetes
• Trained staff on Kubernetes administration
• Responsible for the secure development lifecycle for Cisco's Nexus line of products, including Application Centric Infrastructure (ACI), Application Policy Infrastructure Controller (APIC) - Cisco's Software Defined Network (SDN) solution, as well as the Cisco Nexus 9k, 7k, 6k, 5k, 4k, & 2k
• Implemented Cisco Application Centric Infrastructure (ACI) as a solution for data centers using a Spine and Leaf architecture
• Scheduled, deployed and managed container replicas onto a node cluster using Kubernetes
• Monitored the security and VPN for multiple sites with Cisco Pix 501, 506e, 515R and Fortinet fire walls
• Troubleshoot and Worked with Security issues related to Cisco ASA, and IDS/IPS firewalls. Large scale Deployment and installation of Juniper SSG5, Cisco ASA, and Fortinet firewalls
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA 5500 Firewalls, Fortinet. Troubleshoot and hands on experience on security related issues on checkpoint, IDS/IPS, Palo Alto and Juniper Net screen firewalls
• Design and deployment of Azure UDR using Barracuda NextGen FW
• Configuration of Azure API gateway service
• Site to Site VPN setup between multi Vnet Azure subscription
• Analyze, monitor, troubleshoot, and investigate security-related anomalies with various tools such as AlienVault SIEM, Imperva Securesphere Web Application Firewall, Barracuda WAF and SCCM
• Open stack SME and worked closely with developers on APIC ML2 Plugin integration with ACI
• Performed the review of a newly implemented Security Incident and Event Management (SIEM) system. Reviewed technical specifications for SIEM, logging and proposed recommendations to improve the overall deployment of the solution
• Configuring various advanced features (Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIG-IP appliances SSL termination and initiation, Persistence, Digital Certificates). Overall firewall onboarding to FireMon - firewall change orders, system implementation, setup of accounts on firewall and FireMon system, set-up of requestors and approvers
• Configuring various advanced features (Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIG-IP appliances SSL termination and initiation, Persistence, Digital Certificates). Overall firewall onboarding to FireMon - firewall change orders, system implementation, setup of accounts on firewall and FireMon system, set-up of requestors and approvers
• Troubleshoot layer 2 issues, routing, HTTP, FTP, SSL Certificates and IPSec VPN tunnels
• Strong hands on experience on PIX, Firewalls, ASA 5500 series firewalls. Implemented Security Policies using ACL, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS)
• Implementation and troubleshooting of Arista 7100, 7150, 7050 series devices and EOS
• Installation of low latency cut-through Arista switches, including the 7124SX for improved network performances
• Level II help to 3000 ARUBA switches utilized within VPN for home shored workers
• ARUBA 7000 series WLAN controller
• Batch firmware upgradation of ARUBA RAP 3WNP
• Figured out management and furthermore troubleshoot NET Cloud, Cradle Point and Aruba access point's remote units looking into Centrix also Airwave
• Bluecoat Proxy and F5 LTM/ASM/GTM/APM, Cisco Routing/Switching, BGP, OSPF & MPLS.
• Actively involved in Switching Technology Administration including creating and managing VLANS, Port security- 802.1x, Trunking 802.1Q, RPVST+, Inter-VLAN routing, and LAN security on Cisco Catalyst 4507R+E, 6509-E and Nexus 2232, 5596, 7009 switches
• Expertise in installing, configuring and troubleshooting Juniper EX Switches and Mx Routers
• Experience working with Cisco IOS, IOS-XR, NX-OS, JunOS for configuration and troubleshooting of routing protocols: MP-BGP, BGP v4, MPLS
• Troubleshooting connectivity issues involving VLAN’s, OSPF, and QoS
• Configured and troubleshooting HSRP, WAN and QoS and Route Maps
• Experience in QoS in multicast VPN
• Knowledge of advanced technologies like VOIP, H.323, SIP, QoS, Multicasting, MPLS and MPLS-VPN
• Worked on implementing lab for SDN using Cumulus Linux for test-driving part of DC migration to SDN
• Oversees the activities that involve design/build/support of ACI Hosting and Operations network environments, to include Greenfield build of 2 data centers in Europe from Cisco ACI SDN Network to NX-OS SDN network
• Upgrade PAN-OS from 6.1 to 7.0 in Palo Alto firewalls
• Panorama firewall management tool to administrator Palo Alto 5050 and 5250 device groups
• Worked on Datacenter Fleet Migration project to migrate the existing 6509, 4509 devices to a Nexus 7010 and 5010
• Infoblox DNS IPAM for Microsoft DNS/DHCP setup and management.
• Worked on configuration of VLAN, VRF, VX-LAN, VTEP, VPC on Nexus devices
• Design nextgen data centers with nexus 9500/9300 ACI, openstack, DCI, EPGs/bridge domains, OTV, and VXLAN
• Configured OSPF and Static routing on Juniper M and MX series Routers in Data Center Environment
• Strong experience in 802.11, ECDN, WEP, WAP, ATM, Frame Relay, IPv6, Ipsec
• Responsible for the design, configuration and implementation of Cisco Wireless LAN Networking
• Configuring IPSEC VPN on SRX series firewalls
• Used Cisco ACI (Application Centric Infrastructure) SDN architecture to reduce operating costs, automate IT tasks, for greater scalability and visibility in a data center environment
• Hands on experience in Cisco ASA, Checkpoint and Palo Alto firewalls.
• Experience in configuring and maintaining Palo Alto firewalls.
• Implementation of Palo Alto firewalls (URL Filtering, IPS, DPI, VPN)
• Experience working Juniper T-Series, M-Series, ERX 1400, M320, MX960, J-Series Routers
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500 security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
• Provided Load Balancing towards access layer from core layer using F5 Network Load Balancers
• Configured NAT and SNAT in F5 12.0 LTM. Managed virtual servers in F5 12.0 LTM.
• Experience working with BGP attributes such as Weight, Local-Preference, MED and AS-PATH to influence inbound and out bound traffic.
• Involved in Disaster Recovery activity, like diverting all the traffic from production data center to Disaster Recovery data center.
• Managed successful delivery of massive security response portfolio including Splunk, Cisco WSA, Cisco IPS, Sourcefire FirePower and AMP.
• Built OpenvSwitch enabled SDN environment
• Monitoring real-time traffic in SDN environment
• Participated in architectural design of SDDC, reform scheme of OpenFlow based SDN data
• SDN, NFV, OpenStack, VM and Docker Containers deployments and manage such kubernetes and and docker swarm
• Deployed a large-scale HSRP solution to improve the uptime of collocation customers, in the event of core router becoming unreachable.
• Configured authentication of routing protocols like OSPF, EIGRP, using MD5 hash encryption.
• Configured and designed LAN networks with Access layer switches such as Cisco 4510, 4948, 4507 switches.
• F5 GTM, LTM, ASM, Viprion, 4200, 3600, 1600.
• Developed multi-threaded standalone app to view circuit parameters and performance in python and perl.
• Worked on server-side applications using python programming
• Monitoring and notification tools using python
• Installing, configuring and maintaining redundant Linux based network monitoring solutions
• Installation and configuration of Linux servers for billing Project

Confidential, Spring, TX

Network Engineer Consultant

Responsibilities:

• Deploying and decommissioning Cisco switches and their respective software upgrades
• Experience with design and implementation of Data center migration
• Worked on migration of existing PIX firewall to ASA firewall, PIX OS upgrade from 6.3 to 7.0
• Worked extensively on Cisco ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution
• Deploying and decommission of VLANs on core Nexus 7000 and its downstream devices
• Assisted in MPLS migrations, implemented a backup for the existing WAN connection using site-to-site IP sec VPN tunnels
• Involved in the deployment of content delivery networks (CDN)
• Switches Replace branch hardware with new 2851 routers and 2960 switches
• Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links
• Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPsec/GRE to GetVPN
• Write Test Cases for testing Wi-Fi/ WLAN Devices Wi-Fi 802.11 connectivity testing on different Intel platforms
• Strong knowledge in DNS, QIP, DHCP, IPAM, Infoblox
• Configuring HSRP between VLANs, Configuring Ether-Channels, and Port Channel on 6500 catalyst
• To secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, Spanning Tree, 802.1q. Configured IP access filter policies
• Involved in configuring and implementing Checkpoint VSX firewalls
• Performing the ACL requests change by collecting source and destination information from them
• Supported wireless networking team working on Aruba wireless
• Maintained complex LAN/WAN networks with several VLANS and provided support for routing protocols and provided secure sessions over internet using IPsec and SSL encryption
• Performing troubleshooting on slow network connectivity issues, routing issues that involves OSPF, BGP and identifying the root cause of the issues
• Supporting EIGRP and BGP based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations
• Design and Implement DMZ for FTP, Web and Mail Servers with CISCO PIX 506, PIX515
• Building the VPN tunnel and VPN encryption
• Involved in Configuration of Access lists (ACL) on ASA firewall for the proper network routing for the B2B network connectivity

Environment: Cisco Catalyst 2960/3750/4500/6500 Series Switches, Cisco 2800/2900/3000 Series ISR's and Cisco 3640/12000 / 7200/3845/3600/2800 routers, Cisco Nexus 7K, Cisco ASA 5500, Checkpoint, windows server 2003/2008, F5 BIG-IP LTM/GTM, ACL, RIP, OSPF, BGP, EIGRP, LAN, WAN, VPN, HSRP

Confidential

Network/Infrastructure Engineer

Responsibilities:

• Configured Cisco Routers for OSPF, IGRP, RIPv2, EIGRP, Static and default route
• Worked on HSRP for hop redundancy and load balancing in F5 load balancers
• Configured the Cisco router as IP Firewall and for NATing Configured RSTP, MST and used VTP with 802.1q trunk encapsulation
• Provided port binding, port security and router redundancy through HSRP
• Designed ACLs, VLANs, troubleshooting IP addressing issues and taking back up of the configurations on switches and routers
• Provided testing for network connectivity before and after install/upgrade
• Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet and Gigabit Ethernet channel between switches
• Experience in Cisco switches and routers: Physical cabling, IP addressing, Wide Area Network configurations
• Responsible for Internal and external accounts and, managing LAN/WAN and checking for Security
• Settings of the networking devices (Cisco Router, switches) co-coordinating with the system/Network administrator during any major changes and implementation
• Routing protocols OSPF, RIP & BGP
• Implementation of name resolution using WINS & DNS in TCP/IP environment
• Configured FTP server for inside/outside users & vendors

Environment: Cisco 7200/3845/3600/2800 routers, TACACS, EIGRP, RIP, Vulnerability Assessment tools like Nessus, Red Hat, Solaris, Juniper VPN's, SSL

Confidential

Network Administrator

Responsibilities:

• Configuring routing protocols OSPF, EIGRP, RIP, MPBGP, LDP and BGPV4
• Configuring HSRP between VLANs, Configuring Ether-Channels, Port Channel on 6500 catalyst
• Configured OSPF on CISCO devices with multiple routing processes and redistributed them. Tested and hands on experience in multi area OSPF topologies
• Wrote IOS and CAT OS upgrade procedures and Pre/Post checks for customer production upgrades
• Conducted a thorough technology analysis as a complete upgrade of existing network which was required by the company
• Involved in complete LAN, WAN development (installation, configuration, testing, monitoring etc.)
• Performed OSPF and BGP protocol administration and used redundancy protocols like HSRP, VRRP
• Maintaining Network Documents, updating timely bases
• Monthly basis of site upgrades, maintenance, Planned and implemented future installations of network equipment
• Configured various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation
• Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550
• Provided 24/7 rotational on call supports for branch offices
• Generated RCA (Root Cause Analysis) for critical layer2/layer3 problems
• Other responsibilities included support other teams, documentation and change control
• Converting CatOS to Cisco IOS Configure Conversion on distribution layer switches
• Configuring Vlans, VTPs, enabling trunks between switches
• Switching related tasks included implementing VLANS, VTP, RSTP and Port security

Environment: RIP, OSPF, BGP, EIGRP, VLANS, RSTP, LAN, WAN, VPN, HSRP