We provide IT Staff Augmentation Services!

Sr. Network Security Engineer Resume

Dallas, TX

PROFESSIONAL SUMMARY:

  • 8 years of experience in Network design, Security, Tier support of Networks in various environments.
  • Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.
  • Extensive experience working on Cisco and Juniper routers/switches in complex environments with multiple ISPs.
  • Experience working on Cisco Catalyst Series 3750, 4500, 4900, 6500; Nexus 2000, 5000, 6000 and 7000 series switches.
  • Worked on Cisco 7200, 3800, 3600, 2800, 2600, 1800 series Routers and Cisco 2900, 3500, 4500, 5500, 6500 and Nexus 5K series switches and Sound knowledge of Routing and Switching concepts and MPLS design.
  • Expert in dealing with Networking Protocols and Standards such as TCP/IP, OSI, UDP, Layer 2 (VLANs, STP, VTP), Routing Protocols (RIP, EIGRP, OSPF, BGP), WAN technologies (Frame relay, IPSec, VPNs, MPLS), QoS.
  • Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
  • Experience in troubleshooting NAT configurations, Access - Lists (ACL), and DNS/DHCP related issues within the LAN network.
  • In-depth expertise in the analysis, implementation, troubleshooting & documentation of LAN/WAN architecture and good experience on IP servers.
  • Worked on automation of test environment using python and shell scripting
  • Foundationally solid Confidential developing and delivering technologies, services and solutions for business and manufacturing industrial process automation control systems. Data gathering and analyses from plant
  • Experience in installing and configuring DNS, DHCP server.
  • Configure VRRP & GLBP and VLAN Trunking 802.1Q & ISL, STP, Port Security on Catalyst 6500 switches.
  • Experience working on Cloud Computing Virtualization using VM ware ESXi 4.0 and Windows Hyper-V.
  • Installed and implemented & troubleshoot the Network Virtualization through VM Ware and NSX.
  • Experience on Network Monitoring & Testing tools such as Wireshark/Ethereal, Cisco Works, and IXIA.
  • Troubleshoot end-to-end call flow issues in enterprise market involving various VoIP elements.
  • Intensive applications of Network automation tools and testing for network automation and configuration management using Ansible, Python scripting.
  • Scripting in python for updating and configuring of devices and networks
  • Experience in using Python scripting Language.
  • Working Experience on web content filter and gateways like Blue Coat, Websense
  • Extensive working experience in AAA protocols such as RADIUS, TACACS+ and Cisco ACS. Implemented VSS on Cisco catalyst 6509 and 6513 switches.
  • Experience on Monitoring and Management tools such as HP Open view, Splunk, TCP dump, Solar Winds and Wireshark, Cisco Prime, NetFlow, Riverbed.
  • Extensively used TCP/IP tool like TELNET for remote login to the routers and SSH for secure login.
  • Working experience performing Incident, change management using ticketing tools such as ServiceNow, Remedy.
  • Experience with Restful Web Service API development using spring framework for providing a common interface to the system for exchanging/producing/consuming XML and JSON representations across applications and system.
  • Utilize Remedy ticket system to update network status. Exposure to Cisco WAAS, WCS.
  • Implemented RESTFUL WEB SERVICES to get the data from client to server in JSON format.
  • Installed and configured Cisco Unified Communications Manage (UC).
  • Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.
  • Responsible for Configuration and administration of firewalls, which includes Checkpoint, Juniper, and Cisco ASA firewalls.
  • Experience in risk analysis, security policy, rules creation and modification of Cisco ASA networks.
  • Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
  • Replaced aging Checkpoint firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection.
  • Designed security policies on Palo Alto network firewall for controlling what traffic needs to be allowed or blocked based on customer requirements.
  • Configure and implementing Fortinet Security systems Firewall. Assisted in managing global Fortinet FortiGate firewall infrastructure.
  • Experience in configuration of Juniper security appliances SRX 220, SRX 240, SRX 550, NS 50, SSG 550M, SSG 520M.
  • Established VPN tunnels between Cisco routers and Cisco Firewalls and Palo Alto Firewalls.
  • Familiar with products such as Cisco ISE, Cisco ASA 5500 series firewalls and Cisco ACE 4710 Load balancers.
  • Performed IOS Software upgrades on switches 6509, 4510, 3750 and Cisco ASR for compatibility with Cisco ISE.
  • Implemented Cisco Application Centric Infrastructure (ACI) as a solution for data centers using a Spine and Leaf architecture.
  • Used Cisco ACI Fabric which is based on Cisco Nexus 9000 series switches and Cisco Application Virtual Switch (AVS).
  • Knowledge of JUNOS platform and worked with JUNOS upgrade of Juniper devices.
  • Cisco ASA and FWSM, Fortinet Fort iGATE; F5 AFM, A10 WAF, IDS/IPS systems, and general knowledge of security features and protocols.
  • Experience in F5 Load balancers such a BIG-IP LTM and GTM modules.
  • Mapped, Network Diagrams and physical identification in MS Visio.
  • Provide hands on management of Data Center services, including rack and cable management.
  • Great team player with an ability to work under pressure on a 24x7 duty rotation

TECHNICAL SKILLS:

Operating Systems: Windows (Server 2003/2008, Vista, Windows 7), Linux OS

Routers: Cisco GSR12016, ASR1001, 2900, 3900, 7200, 7600 & ASR9000

Switches: Cisco 3750, 3850, 4507, 4510 & 6500 series switches, Nexus 5010, 7010, 5548

Routing: MPLS, OSPF, EIGRP, BGP, RIP-2, PBR, IS-IS, Route Filtering, Redistribution, Summarization, Static Routing

Switching: LAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switch, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging.

Network security: Cisco (ASA, PIX) 5510, Palo Alto, juniper SRX, ACL, IPSEC VPN, GRE VPN, NAT/PAT, Filtering, Load Balancing, IDS/IPS Load Balancer: F5 Networks (Big-IP) LTM Module, Cisco ACE 30 load balancer

LAN: Ethernet (IEEE 802.3), Fast Ethernet, Gigabit Ethernet.

WAN: Leased lines 128k - 155Mb (PPP / HDLC), Channelized links (T1/DS3/OC3/OC12), Fiber Optic Circuits, Frame Relay, ISDN, and Load Balancing.

Various Features & Services: IOS and Features, HSRP, GLBP, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP and FTP Management

AAA Architecture: TACACS+, RADIUS, Cisco ACS

Network Management: SNMP, Solar Winds, HP open view, and Wire shark

Reports and Network Diagrams: Microsoft (Visio pro.)

Languages: JAVA (Rest API, spring boot, Spring MVC), Python.

PROFESSIONAL EXPERIENCE:

Confidential, Dallas, TX

Sr. Network Security Engineer

Responsibilities:

  • Installing and configuring new Cisco equipment including Cisco catalyst switches 3850, 3750, Nexus 5548 and Nexus 2k as per the requirement of the Organization.
  • Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel on CISCO Catalyst Switches 3500, 3650, 7600.
  • Configuring, Monitoring and Troubleshooting Cisco’s ASA 5500 security appliance, Failover DMZ zoning and configuring VLANs/routing/NAT with the firewalls as per the design.
  • Established IPSEC VPN tunnels with ASA 5500 series Firewall between some branch offices & headquarters.
  • Successfully Design and installed Palo Alto PA-3060 firewalls to protect Data Center and provided L3 support for routers/ switches/ firewalls.
  • Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
  • Experience with working on Palo Alto Next-Generation Firewalls Security profiles
  • Worked with the installation of Palo Alto firewall, migrated with a team from predominantly checkpoint environment to Palo Alto global solution.
  • Modified and reconfigured two factor authentication BIG-IP APM authentication.
  • Created Access policies on APM module using AD and LDAP authentication for external clients.
  • Worked on F5 Enterprise Manager 3.1 version to manage multiple F5 LTM devices from single-pane view.
  • Hands on Experience configuring and testing F5 I Rules using Browser (IE), HTTP watch.
  • Worked on F5 LTM series like 1600, 6400 and Viprions for the corporate applications and their availability.
  • Installing and configuring F5 Load balancers and firewalls with LAN/WAN configuration. Worked on F5 LTMs & GTMs to improve web application delivery speed and replication through and between distributed global data centers.
  • Involved in testing the networks with the help of some Automation tools.
  • Used Java for developing some tools that help in Automating the Security.
  • Involved in iRule management like loading rules, writing iRule syntax using TCL language.
  • Worked with Blue coat and handled the Trouble Tickets on F5 Load Balancers.
  • Configuring Virtual servers (standard and performance layer 4), pools and nodes on Viprions.
  • Configured Local & Central Bypass list for blue coat proxy server.
  • Experience working with Juniper devices like EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX650, SRX240 and Juniper J series j230, M 320 and MX960 routers. Worked on Juniper EX4200 & EX4550 switches.
  • Responsible for installing and configuring Juniper QFX3500 switch. Rebuilt old HQ with core and distribution with new Juniper QFX core switches and EX 4300 distribution switches.
  • Worked on Juniper SRX 5800 firewalls to create policies using J-Web User Interface.
  • Develop and coach team of automation controls, networking & data center engineers to build out converged plant floor networks, plant floor virtual, and video, mobility & security solutions.
  • Dealt with implementation of Cisco ASA 5585 devices and Juniper SRX 550 devices to apply security policies on it.
  • Experience with Restful Web Service API development using spring framework for providing a common interface to the system for exchanging/producing/consuming XML and JSON representations across applications and system.
  • Created a Python process hosted on Elastic Beanstalk to load the Redshift database daily from several source systems, including FTP and SFTP servers and an Oracle database.
  • Worked with the installation of Palo Alto firewall, migrated with a team from predominantly checkpoint environment to Palo Alto global solution.
  • Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
  • Migration from Cisco firewalls to Palo Alto firewalls platforms PA 4000 and PA 500 and PA- 200 firewalls network technologies including Optical VoIP VPN SAN switching and routing.
  • Manage Cisco VOIP Networks using Cisco Unified Call Manager (Version 11.x, 10.x, 9.x, 8.x), Cisco Telepresence, Voice Gateways, and UCCX.
  • I Upgraded ASA 5505S to 5525X with Firepower. Setup high availability ASA pair with Firepower.
  • Assisting with the design and deployment of a Cisco Firepower cluster in the core.
  • Implemented Cisco Application Centric Infrastructure (Cisco ACI) as a solution for data centers using a Spine and Leaf architecture
  • Troubleshot complex routing and switching issues in a HSRP and GLBP environment.
  • Performed Troubleshooting and monitored routing protocols such RIP, OSPF, EIGRP & BGP.
  • Configuration and Monitoring of Citrix NetScaler (Both MPX and VPX).
  • Worked on VM Ware migration from physical servers to virtual servers.
  • Worked on Python, shell scripting and automation Rest APIs integrations
  • Used Python scripting for network sniffing and managed parameters for pool of servers and updated, automated and migrated different services and software by means of Ansible.
  • Coordinate with multiple vendors (Cisco, Juniper, etc.) to troubleshoot network outages and issues
  • Configuration and troubleshooting of CSM, integration with ASA devices.
  • Working on security levels with RADIUS, TACACS+.
  • Create a Virtual Network on Windows Azure to connect all the servers.
  • Configured inside ACL, outside ACL, inside, outside interfaces.
  • Configuring Static, BGP and OSPF Routing Protocols on Cisco Routers

Environment: Cisco 3850/3750/3500/3650/6500/7600 switches, SÁ 5500 firewall, Palo Alto PA-3060 firewall, ASR router 1002/1006, juniper EX-2200, EX-4200, M-320 router, juniper SRX 5800 Fire wall, F5 LTM 1600/6400, OSPF, BGP, EIGRP, VLANS, LAN, WAN

Confidential, Plano, TX

Sr. Network Operations Engineer

Responsibilities:

  • Maintain, upgrade and commission of branch and campus sites connectivity into data centers and create a seamless network hardware standard across all North American branches.
  • Installing, Configuring and troubleshooting Cisco Routers (ASR1002X, 3945, 3845, 2800, 3600) and Switches to perform functions Confidential the Access, Distribution, and Core layers.
  • Installing, Maintaining and Troubleshooting of Cisco ASR 1K, 7200, 3925E and 2951E Routers and Cisco 6500, 4510, 4500-X, 4948, 3560X, 3750X and 2960S Switches for deployment on production.
  • Responsibilities include software upgrade, license activation, configuring/installing new ASR router 1002, 1006, Nexus switch 9000, 5000,3000, 9504, 9300, 3200, 2308, F5-5050 and maintaining network documentation.
  • Experience working with High performance data center switch like nexus 9000, 7000 series.
  • Wrote python modules to extract/load asset data from the MySQL source database.
  • Experience in configuring VPC (Virtual Port Channel), VDC (Virtual Device Context) in Nexus 7010/7018.
  • Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500.
  • Contributed to the DevOps to automate the build and deployment process using Jenkins, shell scripting, chef, Python, AWS Lambda, Cloud Formation Template, Terraform
  • Designed and implemented DMZ for Web, Mail & FTP Servers using Cisco ASA5500 Firewalls.
  • Configured Nexus 2000 Fabric Extender (FEX), which acts as a remote line card (module) for the Nexus 5000 to connect servers and storage devices.
  • Used RESFUL API WEB SERVICES to connect backend data to exchange data between Client and Server.
  • Configuration of Fabric path and connectivity between Nexus 5K and Nexus 7k.
  • Worked as a part of data center deployment where we converted from Cisco 6500 to Nexus.
  • Worked extensively on Cisco ASA 5500(5510/5540) and experience with deploying rules to the Cisco ASA solution.
  • Experience with configuring FCOE using Cisco nexus 5548.
  • Hands-on experience of Python scripting, automation using Python, string parsing, libraries, API's, regexp
  • Hands-on Experience with CISCO Nexus 7000, Nexus 5000, and Nexus 2000 platforms.
  • Experience configuring VPC (Virtual Port Channel), VDC (Virtual Device Context) in Nexus 7010/7018.
  • Automated network implementations and tasks and designed monitoring tools using python scripting
  • Worked on F5 BIG IP LTM 3600 load balancers to configure Nodes, Pools and VIP’s on a need basis.
  • Involved in troubleshooting of DNS, DHCP and other IP conflict problems
  • Configured DNS and DHCP for servers using Infoblox.
  • Used Python as the major Scripting language to develop the network security automation tools.
  • Created Typescript reusable components and services to consume REST API using Component-based architecture provided by Angular 2.
  • Worked extensively on consuming REST API using $http service and building the model for AngularJS.
  • Used F5 GTM for external DNS resolutions configured all listeners and created all zone files, a record and Names.
  • Completed basic configurations on the F5 Big-IP LTMs and GTM load balancer on existing network to split traffic on web-servers.
  • Server load-balancing utilizing F5 LTM-Big IP, including APM, ASM and Vipiron device modules.
  • Configured one-time password for BIG-IP APM to add more security Confidential the time of initialization of the application
  • Experience with Using GTM, APM & LTM F5 component to provide 24"7 access to applications.
  • Experience with SDN/NFV technologies including Open Stack Neutron, VM ware NSX, Open flow, Open daylight, Open v Switch, Open Contrail, or Cisco ACI.
  • Configure EPG, update APIC, implement access and fabric policies in Cisco ACI environment.
  • Provisioning ports in Cisco ACI to support SAN, VoIP, and hypervisors.
  • Configured Voice ports and dial peers on the call manager for the VoIP call to reach remote destination.
  • Experience with UCCX scripting, Cisco collaboration and Unified Communication portfolio.
  • Provided proactive threat defense with ASA that stops attacks before they spread through the network.
  • Configured and created wireless sites using the Cisco Meraki System dashboard.
  • Worked exclusively on making applications more scalable and highly available system in AWS (load balancing) with full automation
  • Implemented site to site VPN on Cisco Meraki MX64, MX65, MC84, and MX400.
  • Implementing Cisco Meraki Wireless network.
  • Experience with LAN protocols like VSS, STP, RSTP, MST, VTP, and VLAN.
  • Administrated LAN and WAN with of TCP/IP, NAT, PPP, ISDN and associates network protocols and services.
  • Configured Cisco ISE for Domain Integration and Active Directory Integration.
  • Configured Cisco ISE for Wireless and Wired 802.1x Authentication on Cisco Wireless LAN Controllers, Catalyst Switches, and Cisco ASA Firewalls.
  • Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
  • Configured and troubleshooting Aruba Wireless products like Access Points and Mobility Access Switches.
  • Performed site refreshes on Cisco switching and Aruba wireless infrastructure.
  • Hands on experience in Aruba S2500 switches, Aruba 7200, 3600 series wireless controllers.
  • Migrated from Cisco 3650 switches to Aruba 3810 series switches.
  • Experience with Virtualization technologies like installing, configuring, VMWare vSphere. Creation, management, administration and maintenance of virtual servers and clients
  • Experience with deployment of Palo Alto firewalls for different NAT, video conferencing traffic.
  • Integrating Panorama with Palo Alto Firewalls, managing multiple Palo Alto Firewall using Panorama.
  • Extensive Packet level debugging and troubleshooting on Palo Alto Firewalls to resolve numerous network issues.
  • Implementation of L3 MPLS-VPN and Migration of branches to the new MPLS cloud4.
  • Building the VPN tunnel and VPN encryption.
  • Configured Site to Site IPsec VPN tunnels to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.
  • Configured Easy VPN server and SSL VPN to facilitate various employees’ access internal servers and resources with access restrictions
  • Coordinating with Vendors for creating and modifying firewall and NAT rules and Maintaining Site to Site and SSL VPN.
  • Configured EBGP load balancing and Ensured stability of BGP peering interfaces
  • Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering using Route-maps.
  • Implemented site to site VPN in Juniper SRX as per customer.
  • Configured Policies on Juniper Net screen and SRX firewalls and Palo Alto as well.
  • Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
  • Managed deployment and integration with Microsoft Lync of skype for business (sfb).
  • Maintain and configure L2 and L3 services in MPLS. Configured RT, RD and VRF for L3 MPLS services.
  • Administration, Configuration and support for Microsoft windows Azure IAAS for us clients for migration.
  • Worked with engineering team to resolve tickets and troubleshoot L3/L2 problems efficiently.
  • Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.

Environment: Cisco 6500/4510/4500 X/4948/3560X switches, Nexus 9000, 5000,3000, 9504, 9300, 3200, 2308,Cisco ASR 1k/7200/3925E/2951E Routers, Cisco ISE, Aruba 7200/3600 wireless controller, Nexus 2k/5k/9k, Cisco Nexus 7000, ASA 5500/5510/5540 fire walls, Windows 2000/2003/2008/ R2/2012, Juniper SRX firewall, juniper SRX, MX routers, Juniper gate way, SSLVPN, F5 load balancer LTM >M, BGP, EGBP, VPC, VDC, OSPF

Confidential, Malvern, PA

Network Operations Engineer

Responsibilities:

  • Installed and configured Juniper MX Routers, EX2200, 4300 Switches, PTX3000 routers, QFX5100, 3500 and QFabric platforms, SRX200 Branch platforms
  • Configured OSPF, BGP protocols on Juniper routers (MX960, MX480) and troubleshooting them.
  • Responsible for configuring and troubleshooting the Juniper SRX100 and 110 series, Juniper Net Screen Firewalls like NS50, SSG 550M, SSG520M, ISG 1000, and ISG 2000 with Site-Site VPN for client companies.
  • Upgraded existing network to Juniper QFX5100 and QFX10k switches, as well as Juniper PTX routers also Provide support installing, configuring, and troubleshooting hardware and software.
  • Implementing Juniper MX240, 480, and 960 routers into the IP/MPLS core network, along with EX4200 switches.
  • Configuring switches (Cisco 3650) and routers (Cisco ASR1002-x) that will replace the old devices so that they are compliant with PCI DSS.
  • Developing RESTful web services using Node JS and Express JS, used Node JS server to interact with the Rest services and database, hosted on multiple load balanced cloud instances.
  • Worked on AWS, High Availability Practices and deploying backup/restore infrastructure.
  • Management of Infoblox Grid Manager to manage DNS Forward and Revers Lookup Zones
  • Provide informal and assistance as necessary to Clemson network engineers in the operation, configuration and troubleshooting of Juniper routers and switches.
  • Developed entire module in Java and Python using web Frameworks as Apache struts and Django
  • Performed Remote Install of Juniper Firewall.
  • Configuration 7609, 7606 with OSPF and juniper (EX, QFX, and QFabric) switches with various VLAN.
  • Day to Day task when on Jobs has included Network monitoring with Solarwinds, using Solarwinds/Infoblox IPAM, utilizing Solarwinds, NCM for configuration and Solarwinds NetFlow to view TCP traffic
  • Revitalized project management processes using ITIL and PMP standards through automation and/or .
  • Hardware/Software platforms in production: Cisco, F5, Palo Alto, Infoblox, NetOptics and Solarwinds
  • Implementation of Access Lists for allowing/blocking desired traffic.
  • Responsible for Cisco ASA firewall administration, Rule Analysis, Rule Modification
  • Experience working in Datacenter environment, configuration changes as per the needs of company
  • Manage project task to migrate from Cisco ASA firewalls to Check Point firewalls
  • Configured and performed troubleshooting on link state protocols like OSPF in single area and multiple areas
  • Design and configuring of OSPF, BGP on Juniper Routers.
  • Configuring, implementing and troubleshooting VLAN's, VTP, STP, Trunking, Ether channels
  • Designing, implementing LAN/WAN configurations on Cisco 5K, catalyst 6500 switches
  • Configuring and testing Multicast for both IPv4 and IPv6 routing in Data Center Environment
  • Extensive knowledge in implementing and configuring F5 Big-IP Local Traffic Manager 3900, and 6900 Load balancers.
  • Configuring Juniper Net Screen Firewall Policies between secure zones exploitation NSM
  • Configure, manage, and troubleshoot Palo Alto firewalls to for remote deployment.
  • Configure, manage, and troubleshoot Palo Alto firewalls IPSec VPN's.
  • Migrated Juniper SRX firewalls to Palo Alto Network firewalls.
  • Migration of existing IPSEC VPN tunnels from Pre-Shared key to Authority (PKI) for purpose of scaling
  • Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls per design.
  • Troubleshoot issues with network connectivity and issues related to neighbor relationship and peers.
  • Experience configuring Virtual Device Context in Nexus 5k series switch.
  • Designed and configured the commands for QoS and Access Lists for Nexus 3K and 5K.
  • Implemented, configured redundancy protocols HSRP, VRRP, GLBP for Default Gateway Redundancy
  • Working with Juniper Junos operating system and working on M and MX series routers.
  • Worked and automated BigIQ High Availability cluster feature.
  • Maintenance and trouble-shooting of LAN, WAN, IP Routing, Multilayers Switching
  • Configuration and troubleshooting of many link types i.e. SONET Controllers for sub E1/T1, E3/T3 and POS controllers for STM1 links
  • Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches, fixes, and all around technical support of 24*7
  • Configuration the access-list rules, network object-service group based on well-known port the port i.e. FTP/ SFTP, SSH, HTTPS/HTTPS (SSL) and etc.
  • Performing network monitoring, providing analysis using various tools like Wire Shark, Solar winds, TAPs etc.
  • Worked on change management documentation of Network infrastructure design using Microsoft Visio.

Environment: Juniper EX, QFX series Switches, Juniper ACX, PTX, MX Series routers and Nexus 2k,3k,5k, Checkpoint firewall, Cisco ASA 5500, BGP, EIGRP, OSPF, MPLS, VPN, F5 load balancer, HSRP, QoS, VPN, Wire Shark, Solar Winds.

Confidential, Deerfield, IL

Network Engineer

Responsibilities:

  • Datacenter Support Assisted agency with best practice related to the network transition and integration for planning, designing, and configuring new network infrastructure systems including Internet, Security, MPLS/WAN, and Cisco NEXUS technologies.
  • Supported the Data center network infrastructure consisted of multiple Nexus 9Ks, 7Ks, 5Ks, 2Ks, FWs, Security systems, F5, and VMware environment by maintaining and deploying new technologies.
  • Worked with F5 Balancers and their Implementation in various Networks.
  • Providing Level 3 support to customers, resolving issues by attending to conference calls.
  • Translating Cisco IOS Route maps to Cisco IOS XR routing policies.
  • Working with Cisco Nexus 2148 Fabric Extender and Nexus 5500 series to provide a Flexible Access Solution for datacenter access architecture.
  • Evaluate, Plan, Test, and Deploy migration of DNS and DHCP to Infoblox Appliances.
  • Rewriting existing Java and JavaScript applications in Python
  • Installation of Palo Alto (Application and URL filtering, Threat Prevention, Data Filtering).
  • Successfully installed Palo Alto PA-3060 firewalls to protects Data Center
  • Implemented Positive Enforcement Model with the help of Palo Alto Networks
  • Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers
  • Providing Level 3 Engineering and Support to other internal network engineers and contractors.
  • Designing and installing new branch network systems, resolving network issues, running test scripts and preparing network documentation.
  • Setup Inflobox for local DHCP & DNS configuration.
  • Implemented Positive Enforcement Model with the help of Palo Alto Networks.
  • Deployed Palo Alto Networks PAN-5050.
  • Working with Cisco Nexus 7000, Nexus 5000, and Nexus 2000 platforms.
  • Working with BGP, OSPF, EIGRP protocols in MPLS Cloud.
  • Hands-on experience with iBGP & EBGP.
  • Replace branch Cisco routers with new Juniper MX-80, MX-104 routers as a part of branch network refresh.
  • Worked with network services like DNS, DHCP, DDNS, IP4, IP6, IPsec, VPN etc.
  • Assisted in a global firewall software upgrade project for 100+ Cisco ASA firewalls
  • Used VLAN Trunk Protocol (VTP) while configure a new VLAN on one VTP server
  • Establishing VPN Tunnels using IPSec encryption standards and also configuring and implementing site-to-site VPN, Remote VPN.
  • Performing OTV to extend L2 VLANs between data centers over IP on Nexus7018 switches.
  • Worked extensively on BGP4 routing protocol, and configuring BGP, route maps.
  • Support third party technologies within the ACI ecosystem such as VMware ESX, OpenStack.
  • Integration of Cisco Identity Services Engine (Cisco ISE) within Greenfield environments, or with limited production.
  • Configuration of routing protocols EIGRP and BGP4 for little to medium sized branches supported company branch standards, together with distribution and route maps. Migration of ACS product line onto ISE.
  • Integration of Cisco ISE with client AD, LDAP, RSA, and Token Servers.
  • Providing documentation including but not limited to High Level Design (HLD) and Low Level Design (LLD).
  • Tested and automated Device licensing feature of BigIQ.
  • Providing daily network support for national wide area network consisting of MPLS, VPN and point-to-point site
  • Configuring GLBP, VLAN, VTP's, Trunking 802.1Q, STP, Port security on Catalyst 6500 switches.
  • Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support
  • Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning and configuring VLANs/routing/NATing with the firewalls as per the design
  • Converting Cisco IOS to Cisco IOS XR configurations. Configuring BGP4, MPLS in Cisco IOS XR.
  • Involved in L2/L3 Switching technology administration including creating and maintaining VLANs, Port security, Trunking, STP, Inter VLAN Routing, LAN security.
  • Working on security levels with RADIUS, TACACS+. Configuring multiple route reflectors within a cluster.
  • Gained a high level understanding and operated a multitude of different software, such as (but not limited to): Solarwinds NPM, Solarwinds TFTP Server, Cisco Prime Infrastructure, VSphere client, VMWare Client, Wire Shark, Secure CRT, and FileZilla FTP Client.
  • Working on HP open view map for Network Management System and Ticketing.
  • Working experience with CITRIX NetScaler MPX 17500 & 7500 devices
  • Experienced working with Cisco Virtual Switching System (VSS)

Environment: Cisco Nexus 9Ks,7Ks, 5Ks, 2Ks, Cisco and Juniper Routers, Switches, BGP, OSPF, EIGRP, Application Visibility and Control (AVC), NetFlow, Access Control Server (ACS), DMVPN, VPN, MPLS, LAN, WAN, Solarwinds, Cisco Prime, VMware, Cisco ISE, Inflobox.

Confidential

Network Engineer

Responsibilities:

  • Firewall Policy Provisioning and troubleshoot connectivity issues through the firewall.
  • Worked on Check Point Security Gateways and Cisco ASA Firewall.
  • Firewall Clustering and High Availability Services using Cluster XL on Check Point.
  • Configuring and tweaking Core XL and Secure XL acceleration on Check Point gateways.
  • Troubleshoot User connectivity issues on Checkpoint and Cisco ASA using CLI utilities.
  • Packet capture on firewalls and analyzing the traffic using Wire shark utilities.
  • Troubleshot Clustering issues on Check Point and Sync issues monitoring and fix.
  • Upgrade of Checkpoint Gateways in Cluster with Minimal downtime.
  • Implemented Active/ Standby HA configuration on Cisco ASA Firewalls.
  • Configuring Cisco ASA firewalls in Single and Multiple Context Mode firewalls.
  • Generated property list for every application dynamically using Python
  • Skilled in using collections in python for manipulating and looping through different user defined objects
  • Upgrade of Cisco ASA Firewall in Active/Standby mode with no down time.
  • Designed and built SOAP and RESTful Web service interfaces implemented in Java.
  • Configuring VPN both B2B and remote access SSL and centralized policy administration using FortiManager, building Fort iGATE High Availability using Fort iGATE Clustering Protocol (FGCP).
  • Firewall Compliance and Rule remediation for compliance such as SAS 70 Audit.
  • LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems)
  • VLAN design and implementation, Spanning Tree Implementation and support using PVST, R-PVST, and MSTP to avoid loops in the network. Trunking and port channels creation.
  • Working with OSPF as the internal routing protocol and BGP as exterior gateway routing protocol.
  • Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation on Cisco ASA Firewalls.
  • Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay).
  • Deployed a Syslog server to allow proactive network monitoring.
  • Configured Firewall logging, DMZs and related security policies and monitoring.
  • Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.
  • Documentation and Project Management along with drawing network diagrams using MSVISIO.

Environment: CISCO routers and switches, Access Control Server, VLAN, Trunk Protocols, CISCO ASA, DHCP, DNS, Spanning tree, Nimsoft.

Hire Now