SUMMARY

• 7 plus years of professional experience as a Network & Security Engineer, including hands - on experience in providing network design, deployment, support, installation and analysis.
• Experience in providing a wide range Network Infrastructure and Security Solutions for LAN / WAN, Enterprise and Data Center Environments.
• Experience Working on equipment from multiple vendors such as Cisco, Juniper, F5, Palo Alto.
• Expertise in working with Cisco Nexus 7k, 5k, 2k, Cisco Catalyst 6500’s, 4500’s & VPC, VDC, VRF configuration.
• Expertise in installing, configuring and troubleshooting Juniper EX Switches & Mx Routers.
• Experience working with Cisco IOS, IOS-XR, NX-OS, JunOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, EIGRP, BGP v4, MPLS.
• Intensive applications of Network automation tools and testing for network automation and configuration management using Ansible, Python scripting.
• Knowledge of implementing and troubleshooting, complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST.
• Experience in Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions for Cisco ASA, Palo Alto and Checkpoint.
• Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, and MPLS QOS.
• Worked with team to implement NAC solution on Aruba wireless and LAN.
• Worked on F5 Load Balancers Configuring Irules, Profiles, Nats/Snats, And Load Balancing.
• Install, Configure, Deploy and Maintain Firewalls (Palo Alto, Cisco ASA), Cisco Routers and Switches, Citrix SD-WAN, autonomous Cisco WAPs and Meraki Networks
• Hands on Knowledge/experience on F5 load balancers, its methods, implementation and troubleshooting on LTMs and GTMs. Experienced in working on Cloud Computing Virtualization using VMware NSX and Windows Hyper-V.
• Expertise in configuring and troubleshooting of Palo Alto, Juniper NetScreen & SRX Firewalls and their implementation
• Strong hands on experience on PIX (506, 515, 525, 535), ASA (5505/5510) Firewalls.
• Having experience in Migration from Cisco ASA's to Fortinet’ s Fortigate firewalls.
• Provided 24x7 availability and on-call support as required by the project.

TECHNICAL SKILLS

Cisco Platforms: Nexus 7K, 5K, 2K & 1K, Cisco routers (7600, 7200, 3900, 3600, 2800, 2600, 2500, 1900,1800 series) & Cisco Catalyst switches (6500, 4900, 3850, 3750, 3500, 4500, 2900 series), CSR/ASR, IOS-XR

Juniper Platforms: MX960, MX480, MX240, MX104, MX80 routers, QFX5100, QFX3500, EX4300, EX4200, EX2200 Switches, SRX1500, SRX550, SRX240, SRX210, SRX100 Firewalls.

Management tools: SNMP, Syslog, Sniffer, and Wireshark.

Routing Protocols: BGP, OSPF, EIGRP, IGRP, RIP, Routed Protocol TCP/IP, Multicast, HSRP, VRRP, GLBP.

LAN Protocols: VLAN, VTP, Inter-vlan routing, ISL, dot1q, STP, RSTP, PVST, HSRP, GLBP, Ethernet, Port security.

WAN Technology: MPLS, MPLS VPNs, LDP, L3VPN

Network Management: SNMP v2, Cisco Works, Network Analyzer, MRTG, Solar winds, TACACS, Net flow, Riverbed, Nagios, Datadog and Sumologic.

Network Security: Firewalls, Palo Alto Firewalls, ASA, ACI, IPsec, IPS/IDS, & VPN, Juniper SRX, Juniper VSRX, ACE Module and F5 Load Balancers

Application Protocols: DHCP, DNS, IPV6, FTP, TFTP.

Documentation: Microsoft Office

Design Tools: HP NA, MS Visio

Programming: Python, Shell Scripting, Ansible

Operating Systems: Cisco CATOS, IOS, IOS-XR, NX-OS, JUNOS, MS Windows 2007/08, Windows Vista, Windows 8, Windows 10.

PROFESSIONAL EXPERIENCE

Confidential, Fort Lauderdale, FL

Network Security Engineer

Responsibilities:

• Designed and implement security strategies with Cisco and Palo Alto firewalls.
• Managed firewalls using Palo Alto's Panorama Central Management Software and Upgrade PAN-OS from 6.1 to 7.0 in Palo Alto firewalls.
• Used tools including Tufin and Splunk to monitor firewall traffic and troubleshoot network access.
• Configuration, implementation, and problem determination across the major firewall platforms and understanding each customer environment at a detailed level.
• Implement URL filtering on Palo Alto Firewall and control access to restricted sites.
• Configuring and troubleshoot Global protect SSL VPN for Work from Home Users on Palo Alto.
• Configuring Security Policies for Access control, inter zone connectivity, External Access on Palo Alto Firewall.
• Operated and maintained the Aruba ClearPass Policy Server and the Aruba AirWave Wireless Intrusion Detection System.
• Managed and completed over 100 projects installing/upgrading client's wireless infrastructure to Aruba and Supported wireless networking team working on Aruba wireless.
• Additional tasks include assisting with the day to day operations and management of other network devices such as Cisco ISE, Palo Alto firewalls and Panorama.
• Strong hands on experience on Palo Alto Firewalls, ASA Firewalls and implemented Security Policies using Panorama, ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
• Day to Day activities include Incident Resolution and Service Request for creating new WIP and VIP are on the F5 LTM/GTM.
• Upgrade projects across F5 Upgrade of Big-IP from 11.6 to 13.0
• Troubleshoot issues related to Application slowness by Analyzing nodes, Health monitors, and Server pools.
• Configuration and troubleshooting of Issues related to VIP’s, Server pools, Redundancy, Persistence, and SSL offloading to improve application performance.
• Configure NAT polices on Palo firewalls as per requirements.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Worked on Panorama firewall management tool to administer Palo Alto 5050, & 5250 device groups.
• Configured GCP Virtual Private Cloud (VPC) network services and deployed via CI/CD using concourse.
• Experience in creating dashboards in Stackdriver and can setup alerting and create custom metrics using google API developer tools.
• Configured AWS and GCP application logs in Sumologic and datadog for events.
• In depth Knowledge of AWS cloud service like Compute, Network, Storage and Identity & access management.
• Hands-on Experience in configuration of Network architecture on AWS with VPC, Subnets, Internet gateway, NAT, Route table.

Confidential, Moline, IL

Network Engineer

Responsibilities:

• Assisted with the configuration, installation and maintenance of network equipment such as routers, switches, firewalls, and wireless access points.
• Configuring OSPF and Static routing on Juniper M and MX series Routers in data center environment.
• Converting networks with multiple routing protocols IGRP, EIGRP into a single OSPF domain, thus providing for future network scalability.
• Worked on configuring and troubleshooting juniper SRX firewalls.
• Configuring Layer 2 switching protocols and deployment of Juniper EX sand QFX series switches in data center environment.
• Performed configuration verification and cleanup for LAN/WAN environments to achieve standardizations and good practices.
• Configured and troubleshoot Infoblox DNS and DHCP servers.
• Management of Infoblox Grid Manager to manage DNS Forward and Revers Lookup Zones.
• Monitored and Created traffic Pattern on Arista 7250 switches using Open flow.
• Worked to help clean up legacy FW policies and create migration path from current ASA to next gen Palo Alto firewall.
• Troubleshooting issues with application access, network access across the firewall.
• Experience on Virtual Private Network (VPN) for operating Network and Data Center.
• Deploy Azure IaaS VMs and Cloud services PaaS with high availability by designing availability sets, VMSS.
• Configured the Okta MFA VPN portals on Palo Alto Firewall by using various server Profiles like SAML, RADIUS, TACACS+, LDAP authentication.
• Configuring Syslog, flow setting, radius, TACACS and SNMP for Juniper, Aruba and Palo Alto devices.
• Troubleshooting network performance deeply through packet capture analysis by using Riverbed NetSharks and application performance through Riverbed Net profiler.
• Monitored system capacity to determine its effect on performance and recommend enhancements to meet new or changing network demands through Nagios tool.

Confidential, Baltimore, MD

Network Security Engineer

Responsibilities:

• Primary responsibility is to design, Test and deploy various Network Infrastructure and Network Security
• Products in High Availability Configuration from Vendors such Cisco, Juniper, and Palo Alto.
• Migration of Cisco Catalyst, IOS Platforms to Cisco Nexus, Juniper Platform Conversion on Core, distribution
• Experience with Aruba Wireless Controllers, Access Points.
• Implement Aruba Wireless infrastructure using Aruba controllers & Access Points and Configured Aruba access points troubleshoot connectivity issues with Aruba access points.
• Worked on Configuration of VLAN, VRF, VX-LAN, VTEP, VPC, on Nexus devices.
• Configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, BGP v4.
• Experience in configuration and troubleshooting MPLS, L2VPN, L3VPN tunnels.
• Design, implementation and operational support of routing/switching protocols in complex environments including BGP, OSPF, EIGRP, Spanning Tree, 802.1q, etc.
• Performing troubleshooting on slow network connectivity issues, routing issues that involves OSPF, BGP and identifying the Root Cause Analysis of the issues.
• Experience with manipulating various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
• Deploying and decommissioning of Cisco Routers, Cisco switches and their respective software upgrades.
• Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
• Hands on Experience working on NextGen Firewalls such as Cisco ASA with Firepower (5585) and Palo Alto (5050).
• Cisco Firesight management tool to manage Cisco ASA with firepower, (Sourcefire) appliances
• Perform firewall administration adding, updating and troubleshooting as per requirement rules/policies on Palo Alto 5050 & Cisco ASA 5555, 5585.
• Configure Security Profiles on Palo Alto / ASA for URL filtering, Anti-Virus, Anti-Spyware, Vulnerability Protection, Threat Prevention, File Blocking.
• Configure Clientless/AnyConnect SSL VPN on Cisco ASA for Work from Home Users
• Configuration and Troubleshooting of IPSEC VPN tunnel On Palo Alto/ Cisco ASA and Cisco ASA as peer.
• Implement DMZ for multiple clients of the state on the Palo Alto/ ASA firewall.
• Analyze of firewall logs, Provide administrational and Monitoring Support, Dynamic Updates for Palo Alto 5050 Firewall & Cisco ASA 5555, 5585.
• Responsible for Migration from Legacy Cisco ASA firewall to Palo Alto firewall.
• Experience with Splunk Security Infrastructure and Event Management. (SIEM). Correlate, review, rank, and coordinate work efforts for sites to follow up on high-priority events.
• Work with Level 2 / Level 3 Engineering on software bugs and solutions involving software upgrades and feature enhancements.

Confidential, Thousand oaks, CA

Network Engineer

Responsibilities:

• Installation and Configuration of Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document.
• Configured Cisco ASA 5510 for VPN Network Access Control integration with Cisco ISE (Inline PEPs).
• Configured and performed software upgrades on Cisco Wireless LAN Controllers 5508 for Wireless Network Access Control integration with Cisco ISE.
• Provided connectivity to On-premise devices to Azure VNET by using Azure VPN, Express Routes and Virtual Network peering.
• Worked on F5 LTMs & GTMs to improve web application delivery speed and replication through and between distributed global data centers.
• Implement SSL VPN solutions including Palo Alto Networks Global Protect with single and multiple gateway solutions including integration of PKI certificates
• Worked on wild fire advanced malware detection using IPS feature of Palo Alto.
• Provided comprehensive guest access management for Cisco ISE administrators, sanctioned sponsor administrators using BYOD & Guest Management Portal Configuration.
• Responsible for day to day management of Cisco Devices, Traffic management and monitoring.
• Managing health check of Network devices this is involves upgrading IOS on every quarter after checking the vulnerability of IOS and reviewing the configuration
• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
• Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel.
• Involved in the redistribution into OSPF on the core ASA firewall.
• Involved in the removal of EIGRP from all devices and making OSPF the primary routing protocol.
• Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network.