SUMMARY

• CCNA and CCNP certified Network Engineer around 7 Years of experience in design, implementation, configuration of Cisco Routers, Switches and Firewalls, troubleshooting & fine - tuning of Firewalls, VPN configuration, troubleshooting network related problems in Enterprise& Data Center Networks.
• Experience in implementing and configuring protocols such as HSRP, GLBP, VRRP, ICMP, IGMP, PPP, HDLC, PAP, CHAP, and SNMP.
• Experience in working with Cisco routers and switches implementing protocols such as EIGRP, OSPF, IS-IS BGP and MPLS on edge routers and so.
• Experience in handling Network Monitoring tools and Packet capture tools (NAM, New Relic, OPNET, NetFlow, Wireshark, Sniffer) .
• Design expertise for the SD-WAN (Versa), SD-LAN and WAN optimization technologies for efficient delivery of the application data across LAN and WAN.
• Experience in working with Cisco/Checkpoint/Juniper/F5/Riverbed Products.
• Hands-on experience configuring and troubleshooting of routing protocols RIP v1/v2,
• Worked with Red Hat Enterprise Linux with virtual servers using VMware.
• Experience with Windows server products and Linux server products.
• Adept understanding of the JUNOS platform and worked with IOS upgrade of Juniper devices.
• Worked on network topologies and configurations, TCP/IP, UDP, Frame Relay, bridges, routers, hubs and switches.
• Responsible for testing and integration of multiple vendor products into Confidential ´s HFC network for the development and deployment of DOCSIS CPE devices.
• Support vendors with product and service requirements based on Confidential business needs and internal customer requests and working knowledge of DOCSIS Specifications including the following technologies: DOCSIS 3.0, DOCSIS 3.1, Packet Cable 1.0 and Packet Cable 1.5.
• Responsible for switching tasks such as VTP, ISL/ 802.1Q, IPsec and GRE Tunneling, VLAN, Ether Channel, STP RSTP, PVST+.
• Working knowledge of sniffer analysis, WAN optimization appliances, and network monitoring tools/suites such as SolarWinds Orion and Wireshark
• Experience in IBM WebSphere application server
• Managed all network and devices to include Cisco routers, switches, VPNs, SSL, Check Point, Cisco PIX, Cisco ASA, Cisco FWSM as well as content delivery networks (CSS, Citrix Netscaler and F5 BigIP LTM and GTM 1600load and 3400 load balancers) enterprise environment.
• Implementing Citrix NetScaler 10 for Networking and Traffic Optimization (CCA) (BETA ).
• Strong hands on experience in installing, configuring, and troubleshooting of Cisco 7600, 7200, 3800, 3600, 2800, 2600, 2500, and 1800 series routers, Cisco Catalyst 6500, 4500, 3750, 2950, and 3500XL series switches.
• Worked on Cisco UCM administration and Cisco UCCX call system.
• Hands on experience in Confidential Web Services (AWS) provisioning and good knowledge of AWS services like EC2, S3, Glacier, ELB (Load Balancers), RDS etc.
• Expertise in AWS Identity and Access Management (IAM) components, including user, groups, roles, policies and password policies and provide the same to end user.
• Experience in Performance Monitoring tools like CA APM, App, Gomez, Sitescope, and HP Diagnostics
• Designed and implemented F5 load balanced environment at the data center.
• Worked on a plan for a new datacenter build using Viprion/vCMP to consolidate F5 infrastructure.
• Installed, Configuration and managed Cisco Meraki Switch Series MS220-48LP, MS225-48LP, MS250-48FP and Meraki AP.
• Experience working with networking tools like Solarwinds, Infoblox, BlueCat(IPAM), Proteus, Wireshark, MS Network Monitor, Splunk, Aruba Airwave, Aruba ClearPass
• Firmware upgrade for Meraki MS, Meraki MR, Meraki MV, Meraki MX for the better performance.
• Hands on experience in configuring and supporting site-to-site and remote access Cisco, IPsec, VPN solutions using ASA/PIX firewalls, Cisco, VPN client in addition to providing TACACS+ and RADIUS services.
• Expertise in implementation of IP addressing schemes (includes VLSM) and IP services to meet medium level enterprise level network requirement
• Experience working with Nexus 7K, 5K, 2K devices.
• Experience with configuration of Nexus 2000 Fabric Extender (FEX), which acts as a remote line card (module) for the Nexus 5000.
• Knowledge of WIDS or WIPS technologies, VPNs, firewall theory, and packet analysis principles and techniques applied in securing operating systems and LAN or WAN networks
• Implemented traffic filters using Standard and Extended access-lists, Distribute-Lists, and Route Maps.
• Experience on migration and troubleshooting problems with level 2, level 3 and level 4 and applications as well.
• Experience in installing and configuring DNS, DHCP server.
• Designing experience with MS Visio, Whiteboard, etc.,
• Experience with packet analysis, Splunk, and OSINT reconnaissance a plus
• Perform network traffic analysis of web services to analyze raw packet data and verify that the system has no abnormal behaviors
• Working on configuration build outs including creating network provisioning automation using Python and tools such as Chef or Ansible
• Used Cisco Identity Services Engine (ISE) to simplify identity management across diverse devices and applications.
• Worked on Perl, Python, Scripting for creating network automation is highly desired
• Nazomi Intrusion detection system Guardian and CMC.
• In Depth background of Wireless Networking Cisco Updated Skill Nazomi Guardian CMC.
• Strong knowledge of Nozomi Intrusion detection system Guardian CMC
• Moderate knowledge in configuring and troubleshooting Cisco Wireless Networks LWAPP, WLC, WCS, Standalone Aps, Roaming, Wireless Security Basics, IEEE 802.11 a/b/g, RF spectrum characteristics.
• Cisco (ISE) to simplify identity management across diverse devices and applications.
• Experience working with Microsoft, VMware, Citrix, SolarWinds, Active Directory, Share point, SAN/NAS and related technology
• Adept Knowledge on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Good knowledge and experience in installation, configuration, and Administration of Windows 2000/2003, HTTP, FTP, DNS, NTP, DHCP servers under various LAN and WAN environments.
• Adept knowledge in preparing technical documentation and presentations using Microsoft Visio/ Office.
• Provides technical leadership for problem escalation and resolution.
• Highly motivated with the ability to work independently or as an integral part of a team and committed to highest levels of professionalism.

TECHNICAL SKILLS

Routers: Routers (1700, 1800, 2500, 2600, 3200, 3600, 3700, 3800, and 7200)

Switches: Cisco L2 & L3 Switches (2900, 3560, 4500, 5000 & 6500), ASA, PIX, FWSM, Juniper, Net screen

LAN Technologies: Ethernet, Fast Ethernet, and Gigabit Ethernet, VLAN, Inter-VLAN Routing, VTP, STP, RSTP

WAN Technologies: Frame Relay, ATM, ISDN, PPP, HDLC

Firewalls: Firewalls/VPNs ASA, Cisco Checkpoint, Cisco VPN 3000 Series Concentrator, SonicWALL

OS products/Services: DNS, DHCP, Windows (2000/2003, XP), UNIX, LINUX, Microsoft SQL Server 2000 and 2005, VMware.

Protocols/Services: Routing Protocols (RIP v1 & v2, IGRP, OSPF, EIGRP, BGP), QoS, HSRP, VRRP, TCP/IP, load balancer, Proxy servers, IPSec, MPLS, PPP, VoIP, SIP, H.323

Network Management Tools: Wireshark, Net flow Analyzer, HP Open View, Cisco Works, Ethereal, OPNET, Solar winds, Cisco Meraki, Cisco ISE

Network TAP/SPAN aggregators: Cisco Nexus with Data Broker, Gigamon, Ixia

Security Server Protocols: TACACS+, RADIUS

PROFESSIONAL EXPERIENCE

Confidential, Bridgewater, NJ

Network Engineer

Responsibilities:

• Network Engineer with experience in large corporations with global operational support proficiency.
• Responsible to support and implement complex end-to-end solutions on a global scale.
• Responsible for ensuring the maximum possible service availability and performance for Client’s Global network infrastructure. Sitting within the Americas division of Global Service Delivery.
• Responsible for managing and maintaining the network including, but not limited to incident, problem, and proactive maintenance activities.
• Contributing to troubleshooting of complex LAN/WAN infrastructure that includes routing protocols EIGRP, OSPF and BGP.
• Perform IP testing of Docsis over IP, Docsis 3.1 and Security features over STB products.
• Collaborate with senior engineers to perform network test cases from existing docsis test data to improve stb/cpe performance.
• Testing tools and tools such as JIRA, HP Application Lifecycle Management and Averna docsis packet capture.
• Experience in configuring, implementing, and troubleshooting F5 and Citrix Load Balancer in a large environment with sensitive applications
• Collaborate with senior engineers and customers on the design, configuration and deployment of WAN and site-to-site connection.
• Standardize and implement Splunk Universal Forwarder deployment, configuration and maintenance in Linux and Windows platforms
• Hands on working experience on networking tools viz. Infoblox, Solarwinds, BlueCat, Proteus, Wireshark, Splunk, Aruba Airwave, Aruba ClearPass
• Analyze network traffic PCAP and Tcpdump with Wireshark.
• Narrow down anomaly traffic with Wireshark for hostile string or Domain.
• Installing wireless access points (WAP) at various locations in the company.
• Providing ongoing support of network systems of high complexity in commercial and corporate environments to fulfill business requirements and ensure stable and reliable network services.
• Work with third party application, hosting and CDN providers to integrate data feeds to a centralized Splunk platform
• Implementation of the IWAN (Intelligent WAN - Cisco SD-WAN) and VPN (Secure Transport) for enterprise networks
• MX Security Application Setup, Setting up Security Policies on MZ, Auto VPN, and Redundancy, Security and shaping guest wireless Access, configure SD-WAN (Software defined WAN).
• Troubleshoot IPSEC overlay connectivity from SD-WAN appliance to Versa SD-WAN controllers via Internet, MPLS and WBS transports.
• Provide overall management of the SPLUNK platform
• Remotely identify, troubleshoot and resolve all video network issue within the team’s purview.
• Solid understanding of video network architecture, data networking, telecom and HFC cable systems
• Familiarity with video monitoring tools, and video delivery architecture required
• Basic knowledge and operational use of video surveillance systems and resolution implementation, following established operations procedures
• Hands on experience of configuration and deployment of voice and Networking systems including routers, switches, and Contact Center
• Proactively identify, troubleshoot and resolve recurring problems
• Responsible for switching tasks such as VTP, ISL/ 802.1Q, IPsec and GRE Tunneling, VLAN, Ether Channel, STP RSTP.
• Elevated to knowledge expert for problem management which helped reduce repeat and cause by change incidents.
• Used Cisco ISE to grant authenticated users with access to specific segments of the network, or specific applications and services, or both, based on authentication results
• Tools being used Splunk, Entuity EOS, Service Now, Riverbed SteelCentral, AppResponse, Transaction Analyzer and Aruba Airwave, Infloblox.
• Assisted with weekly adds, moves, and changes for WAN OBS vendor.
• Maintaining Cisco Catalyst 6500,3850,3750, 2950 and 2300 series switches, Cisco 7600,3800,2600, 2500, and 1800 series routers.
• Experience with open source environments, including automation/development building blocks such as Python, Git, Ansible and others
• Experience in VMWare, CentoOS v7, Syslog, SSH, BASH Scripting, Realm some ansible
• Configured AWS Identity and Access Management (IAM) Groups and Users for improved login authentication. Also handled federated identity access using IAM to enable access to our AWS account.
• Created and managed cloud VMs with AWS EC2 command line clients and AWS management console.
• Development on Linux platforms via Docker on the AWS instances.
• Day-to-day network performance monitoring, fault analysis, hardware troubleshooting, etc.
• Supporting the implementation of new network solutions and services through the installation of network hardware and software.
• Attending the on-call rotation schedule.
• Responsible to maintain, implementation and administration of Aruba wireless.
• Implemented VLAN, VTP domain, Trucking and Ether Channel on Cisco 3850 switches.
• Used Visio diagram to support the verification of switches and servers in the DMZ

Confidential - Seattle - WA

Network Engineer

Responsibilities:

• Working as part of a team to manage Enterprise Technology Group as a Network Engineer III.
• Configured routing protocols such as OSPF, EIGRP, and BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy. It also includes the configuration of the port channel between core switches and server distribution switches.
• Contributed in troubleshooting of complex LAN/WAN infrastructure that includes routing protocols EIGRP, OSPF and BGP.
• Collaborate with senior engineers and customers on the design, configuration and deployment of WAN and site-to-site connection.
• Provided 24/7 network support for troubleshooting and resolving network related incidents.
• Designed, tested, and implemented global Next Generation MPLS network (150 sites) using Cisco 4300, 3800, 2800, 2600, and 1721 Cisco routers and 800 Series VPN routers using BGP and EIGRP protocols.
• Design, deployment and maintenance of security/network devices and datacenters of enterprise.
• Assisted in MPLS migrations, implemented a backup for the existing WAN connection using site-to-site IP sec VPN tunnels.
• Supported EIGRP and BGP based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations.
• Working on migration of Frame Relay based branches to MPLS based VPN for customer’s WAN infrastructure.
• Assist internal project teams by determining rules that need to be added to the firewalls and identifying the proper routing and addressing for new devices in managed DMZ.
• Working on conversions to BGP WAN routing, which will be to convert WAN routing from EGRP to BGP (EIGRP is used for local routing only) that involves new wan links.
• Managing incidents through to resolution to include coordinate and test with vendors and customers, internal communication and escalation, and follow-up/documentation of the troubleshooting performed.
• Assisted in Configuration of Cisco Routing protocols BGP, EIGRP, OSPF Installed LANs, WANs and established intranet and internet access.
• Configuring of checkpoint Security gateway & management server and Worked on Checkpoint Firewalls Clusters of both High-Availability and Load-Sharing.
• Worked on Load Balancers F5 Networks (BIG-IP), Netscaler (Citrix)
• Configuring, maintaining, and managing network security features for LAN/WAN with the use of Checkpoint, Palo Alto and Cisco ASA Firewalls.
• Filtering traffic based on object groups and URLs in Checkpoint, updating creation of Firewall/ACL/https Inspection policies for Checkpoint firewall with access control to NAT and object grouping functions
• Configured Security policies including NAT, PAT, VPN, Route-maps and Access Control Lists.
• Planned and installed Frame Relay WAN links to the branch offices
• Worked on Cisco 2950, 2960, 4506, 6509 series switches for LAN requirements, that includes managing VLANs , Inter-VLAN Routing , VTP, STP, RSTP , Port-Securities and troubleshooting LAN issues.
• Assisted in MPLS migrations, implemented a backup for the existing WAN connection using site-to-site IP sec VPN tunnels.
• MX Security Application Setup, Setting up Security Policies on MZ, Auto VPN, and Redundancy, Security and shaping guest wireless Access, configure SD-WAN (Software defined WAN).
• Hands-on experience with WAN technologies like T1/T3, DS3, STM1 and STM4 circuit types.
• Used Cisco ISE to grant authenticated users with access to specific segments of the network, or specific applications and services, or both, based on authentication results
• Manages the Cisco Identity Services Engine (ISE) for access to network devices, manage authentication for users and endpoints.
• Configured Nexus 5000 switches to integrate with Cisco ISE features for device control and 802.1x
• Assisted in the architecture, evaluation and recommendations related to purchasing and installing hardware, software related to IP Networking.
• Documented workflow process, managing and implementing standard policy and procedures.

Confidential

Network Security Engineer

Responsibilities:

• Responsible for configuration, maintenance, and troubleshooting of dynamic routing protocols BGP, OSPF & EIGRP (route redistribution, distribute lists, route-maps, offset-lists, prefix lists, route summarization, route-feedback, BGP attributes) on Cisco Routers 7613, 7201, and 3945E.
• Working knowledge of frame relay, MPLS services, OSPF, BGP and EIGRP routing protocols, NAT’ing, NAC product sub-netting, also including DNS, LDAP, DHCP, HTTP, HTML, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, STP (Spanning tree Protocol), RTSP & Multicasting protocols
• Experience with design and implementation of Virtual Switching System (VSS) for both User segment and server segment using 6509-V-E catalyst switches
• Experience with managing the completed end to end site solutions
• Troubleshooting DMVPN and Meraki auto-VPN, addressing Wireless issues on Flex Controller 7500
• Experience with design and implementation of Data center migration.
• Designed, Implemented and Troubleshot Cisco 3750, 3550, 3560, 2924, 6509-V-E, 6513, 6504, 6503, 6506, 6500 series switches, GSR routers with Cisco IOS and IOS-XR and NX
• Installed, configured, and managed Cisco routers such as 7200 series, 3800 series, 3700 series, 2800 series and Cisco Catalyst switch series 6500, 4500, 3500, and 2900.
• Configured Nexus 5000 switches to integrate with Cisco ISE features for device control and 802.1x
• Continuous industry knowledge upgrade per the SD-WAN products, Cloud resources and firewall for enterprise and service provider to ensure SD-WAN clients/ISP expectations are met.
• SD-WAN technical assistance consultant with hands own on enterprise and ISP environment.
• Hands on experience of NPBs optimize packet traffic in several additional ways such as conditional packet slicing and time stamping enabling security and monitoring tools to function more efficiently and effectively.
• Assist with design of core scripts to automate SPLUNK maintenance and alerting tasks. Support SPLUNK on UNIX, Linux, and Windows-based platforms. Assist with automation of processes and procedures
• Provide a robust service for monitoring products deploying onto the platform. Utilize this service to validate all expected KPIs, events, alerts, action, documentation, and trend analysis graphs are fit for purpose for the product and infrastructure. Work with development and operations teams to ensure alert thresholds are fit for purpose and do not generate false positives or spam alerts / events
• Organized and tested company authorized DDoS attack to check the integrity of the DefensePro against the Smart SSL attack, DDos attack protection and Behavioral based DDos detection Configured Netscaler Load balancers .
• Hands on experience with automation tools including Ansible and Supervisor
• Working experience with Python and Ansible
• Deploy and integrate ISD Sensors/taps, packet capturing, and port spanning in a Cisco ASA environment
• Upgraded the data center network environment with Cisco ASA 5520. Configured ACL’s on Cisco Switches as well as configured routers as terminal servers.
• Responsible installing upgrading CA APM environment from 10.3 to 10.5 versions.
• Responsible creating various applications as well database monitor using CA APM.
• Responsible creating Alerts and Maintenance time using CA APM
• Analyze Packet captures using Wireshark and NetScout.
• Hands on experience in troubleshooting Network Connectivity issues in Local Area Networks (LAN) using Packet Capturing Methods (Wire Shark). Superior troubleshooting and technical support abilities with migrations and network connectivity
• Worked for Data Services Team, leading on the Disaster recovery planning, implementation, and testing. Replaced Checkpoint NG Firewalls with Cisco FWSM .
• Implementing 3750 Stackable switches using Cisco Stack Wise technology. Experience to review, evaluate current and future design issues as required maintaining network integrity, efficient data flow.
• Experienced in Proxy servers, SolarWinds network installation and monitoring billing network performance
• Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment
• Involved in designing and implementing QOS and policy map to 2800 series routers for all the branches
• Experience with Branch Relocation: Connect workstation, servers, etc. Rack and stack Pre-configured new hardware and connect the circuits. Worked with Carrier to test and turn-up circuits.
• Performed IP address planning, designing, installation, configuration, testing, maintenance, and troubleshooting in complete LAN, WAN development.
• Involved in operations and administration of WAN consisting Ethernet Handoffs, T1, DS3, and Optic Fiber Handoffs.
• Installed and configured an SD-WAN solution between the company's three international sites
• Experience with Racking, Stacking, configuring, Nexus 5K and 2K and 7K.
• Installed wireless access points (WAP) at various locations in the company.
• Actively involved in switching technology Administration including creating and managing VLANS, Port security - 802.1x, Trucking 802.1Q, RPVST+, Inter-VLAN routing, and LAN security on Cisco Catalyst Switches 4507R+E, 6509-E and Cisco Nexus Switches 2232, 5596, 7009.
• Created dedicated VLANs for Voice & Data with QOS for prioritizing VOICE over DATA.
• Configured Voice ports and Dial peers on the call manager for the VOIP call to reach remote destination.
• Provide VoIP and network incident and problem management
• Worked on configuration and commissioning of the MPLS circuits for various branch offices.
• Provided Daily network support for national WAN consisting of MPLS, VPN and point-to-point site.
• Performed Network Security Assessment and implemented security improvements such as network filtering, SSH, AAA, SNMP access lists, VTY access lists, EIGRP MD5 authentication, and HSRP authentication.
• Handled Network capacity planning, modeling, and traffic optimization & experience in using tools OPNET, Netflow
• Configured ACL’s in Cisco 5520 ASA firewall for internet Access requests for servers, Protocol Handling, Object Grouping and NAT
• Responsible for Data Center Migrations and its operations including the change from 6500 switches to nexus series switches, configured VPC/VDC on nexus 2k, 5k and 7k.
• Implemented antivirus and web filtering on Juniper SRX 240 at the web server as well as configuration of F5 Big-IP LTM-6400 load balancers and experience working with F5 technologies ( LTM , GTM , APM , V9 , V10 )
• Experience in deploying, configuring & maintaining F5 3 DNS (Global traffic Manager) Controller and BigIP -LTM (local traffic manager) for wide area load balancing and global redirection using VPN and Proxy load balancing techniques.
• Worked in an Agile Scrum environment and with HPSM Change Control System