SUMMARY

• Experience in Cisco Routing, Switching and Security with strong Cisco hardware/software experiences with Cisco Routers such as 1900, 2900, 3900, Cisco ASR - 1k/9k, Cisco Multilayer Switches 4500, 6500, Cisco Nexus 2k/5k/7k and Juniper: M320, MX80, MX480, MX960 and EX4200, EX8200 switches.
• Worked with a team of network engineers to design and implement industry leading SD-WAN infrastructure to provide secure, carrier-independent WAN connectivity across the enterprise.
• Hands-on experience in defining test bed readiness around the NFV/SD-WAN based solutions.
• Working experience on Requirement analysis, Test case preparation, test conditions, pre-requisites, and execution around the NFV/SD-WAN based deployed network transformation solutions.
• Completed project to evaluate Cisco Next-Generation Firepower 4100 Series security appliances for both the virtual Firepower Threat Detection (FTD) and Virtual ASA modules to increase security in a production environment
• Setup and build various AWS infrastructure services which include VPC, EC2, S3, IAM, Security groups.
• Experience with managing and supporting Cloud Computing (AWS/Google/Azure) required.
• Implementing D/R (Disaster Recovery) strategies for the built AWS environment if there is an AWS region failover.
• Integrated with the existing BGP environment to redistribute routes seamlessly from Viptela into traditional MPLS WAN.
• Configured and supported routing protocols such as EIGRP and BGP based network and troubleshoot layer 2 and 3 related issues of internal teams & external customers of all locations.
• Extensive knowledge and hands-on experience of LAN, WAN, and telecommunication equipment, understanding of all OSI layers from application to physical, knowledge of RIP, OSPF and BGP and experience with bandwidth utilization monitoring required.
• Optimized and maintained Cisco, Palo Alto, Checkpoint firewalls.
• Professional level of familiarity implementing and troubleshooting ScreenOS and JUNOS based Juniper firewalls (e.g. SRX, SSG, ISG)
• Configured F5 load balancers, Cisco ISR/ASR routers, switches, and firewalls.
• Wrote and applied ACLs on Cisco and Checkpoints firewalls and Cisco routers.
• Progressive experience in networking and network security including VoIP, VPN's, enterprise routing, L3-7 switching, and Cisco IOS.
• Designed new WAN architecture scalable for VOIP using MPLS technology and Cisco 7200, 800,2900 series routers, Catalyst 6500, 3560, and 3750 series switches, develop documentation set for each site using Microsoft Office Suite.
• Can quickly resolve all IP network issues to reduce waste and downtime while also ensuring client Service Level Agreements.
• Professional level understanding of TCP and UDP including the ability to identify root cause of illusive problems through packet capture analysis
• Demonstrated Network administration experience including configuring L2/L3 devices, TFTP, FTP, CISCO IOS, NX-OS and comprehensive troubleshooting skills
• Experienced with Juniper Junos device configuration like juniper router & switches.
• Setup VLANs and configured ISL trunk on the fast-ethernet channel between switches.
• Installed and configured routers, terminal servers and CSU/DSU's to support WAN links.
• Responsible for the maintenance and troubleshooting of connectivity problems using Ping, traceroute.
• Professional level understanding of Ethernet and the surrounding technology such as Spanning Tree Protocol (802.1w, 802.1d)
• Professional level understanding of OSPF and BGP routing protocols.
• Prepared documentation for various VLANs and voice sub-networks.
• Troubleshooted ISDN lines, TCP/IP and IPX problems and connectivity issues in multi-protocol Ethernet, token ring, and FDDI networks.
• Create Low Level and High-Level design documents in Visio in accordance with customer standards
• Profound knowledge of Root Cause Analysis and Problem Management.

TECHNICAL SKILLS

Routers & Switches: Cisco Routers (1921,1750,1921,2921,3845,3945,4331,7200,7209,7500,7609), Cisco Switches (2960,3560,3750,4500,6500), Nexus (7k,5k,9K), ISR (1800,2800,3800, 4000), ASR (1000,5000,9000)

Protocols: TCP/IP, RIP V1&V2, EIGRP, IGRP, OSPF, BGP, MP-BGP, HSRP, SSL, IPSec, HDLC, PPP, MLPPP, VPN, DMVPN, DHCP, LAN/WAN, SNMP, DNS, ARP, SMTP, FTP, HTTP, SDN, Telnet, IGMP

Cisco ISE Devices: Cisco Identity Service Engine 3300s Appliances with software release of 1.0.3/1.0.4 ,2.1 Cisco Identity Service Engine on VMware ESX 5.0 with software release of 1.0.3/1.0.4 MR,1.2.x

Cisco ACS: Cisco ACS 4.2, Cisco ACS 5.0/5.3/5.4

AAA Architecture: TACACS+, RADIUS, Cisco ACS

VMWare: ESXi 5.1/4.2, VMware VSphere, VMware Workstation 8, VMware view, Virtual Desktop Interface

Applications: MS Office 2003/2007- Word, Excel, Power Point, MS Outlook, Outlook Express, Windows Live Mail, VNC PC Anywhere, Team Viewer, LAN Guard Network Scanner, Real VNC, Wireshark, MS Visio, GNS3, MATLAB

Operating Systems: Windows XP/Vista, Windows 7, Windows 2003/2008/2012 Servers, Linux, Unix

Programming languages: C, Python, bash, Java (Oracle certified), HTML, CSS, .NET

PROFESSIONAL EXPERIENCE

Confidential

Sr. NETWORK ENGINEER

Responsibilities:

• Installing, Configuring, and troubleshooting Cisco Routers (ASR1002-X, 3945) and Switches to perform functions at the Access, Distribution, and Core layers.
• To improve network control by enabling enterprises and service providers to respond quickly to changing business requirements by reaching the goal of the SDN solution in Cisco.
• Capacity planning of the cloud infrastructure in AWS.
• Developed virtual firewall ACL rules and policies in Counteract NAC Appliances for Network Access Controls.
• Configured and troubleshoot Network security including NAT/PAT, ACL, IPSEC, site-to-site and remote VPNs in ASA/Palo Alto/ Fortinet Firewalls.
• Sales support experience with SDN solutions and working with implementing high and low-level designs, developing use cases, and deploying SDN solutions to multiple clients across CISCO ACI.
• Implemented site to site VPN in Juniper SRX as per customer and various EX, SRX & J series Juniper devices.
• Deploying Bluecoat Unified agent on client laptops to protect client Internet browsing once they are off client’s network, by maintaining Bluecoat Cloud solution portal.
• Troubleshooting issues post migration of internet traffic via Bluecoat proxy by tracing traffic on Bluecoat or by capturing traffic.
• Design expertise for the SD-WAN (Versa & Viptela), SD-LAN and WAN optimization technologies for efficient delivery of the application data across LAN and WAN.
• Responsible for Juniper SRX firewall management and operations across our corporate networks.
• Experience configuring Cisco Firepower IPS or Sourcefire IPS, HP Tipping Point, Arbor, FireEye, Carbon Black, Juniper (IDP), RSA, Tufin, AlgoSec.
• Configure, maintain, and design network security solutions including Firewalls (CheckPoint and CISCO ASA), IDS/IPS (CheckPoint and SourceFire), VPN, ACLs, Web Proxy, etc.
• Engaging with any pre- sales by identifying any customer requirements for any SDN strategies.
• ForeScout CounterACT- NAC, endpoint compliance, real-time intelligence, and policy-based control.
• Worked securing, maintaining, configuring Cisco Aironet & Meraki Access points, Sonicwall access points
• Worked with Netspot on doing a site survey for the new Meraki APs towards optimization of the Corporate and Warehouse WIFI Network.
• Using SDN solutions to maximize the efficiency of routing protocols and optimizing them.
• Tested Cisco routers, Cisco switches, Wi-Fi controllers, Cisco Prime, and port channel migrations, L2TPv3 X-connect.
• Implementing firewall rules and configuring Palo Alto, Fortinet, ASA firewalls.
• Design, and configuring of OSPF, BGP on Juniper EX2300 Routers and Palo alto Firewalls
• Configure and deploy Cisco ASA Meraki MX84 firewalls with site-to-site IPsec VPN tunnels to connect smaller branch sites back to the data center
• Configured Site to Site IPsec VPN tunnels to peer with different clients and each client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.
• Involved in configuring VPC (Virtual Port Channel), VDC (Virtual Device Context) in Nexus 7010/7018 devices.
• Configure Routers/Switches (Cisco 7000, 6500E, Nexus 5000, Nexus 2000, Provided technical support services for DNS and IPAM services
• Configure, update software, troubleshoot routing issues and maintain various enterprise network devices such as Cisco Nexus 9k's,7k', 6k's, 5k's and 2k's, Cisco Catalyst switches, Dell switches and Fortigate Firewalls.
• Experienced in configuration of routing protocols and deployment of OSPF, EIGRP, BGP and Policy routing over Cisco Routers, Switches (Nexus 7Ks, Catalyst 6500).
• Configure network devices F5 load balancing for GTM/LTM traffic monitoring. Add/modify/delete VIPS/WIPS.
• Configured and deployed BIG-IP LTM 8900 for providing application redundancy and load balancing.
• Configured and administered Load balancers F5 Big-IP LTM and GTM Load Balancer.
• Helping team for DMVPN migration plans for 200+ spokes to new Hubs
• Running migration cutovers of MPLS-VPN and DMVPN for newly acquired offices, including travelling to country-wide offices.
• Built DMVPN tunnels between HQ Datacenter and branches to enable connectivity or redundancy.
• Configuring various routing protocols and designing it to meet the traffic requirements using QOS. Providing support to more than 100 sites for the LAN, WAN design, Configuration and troubleshooting. Modifying a script for the LAN, WAN migration of the network.

Confidential

NETWORK SECURITY ANALYST

Responsibilities:

• Implement network, mainframe, distributed systems, collaboration, conference, voice, and security changes Execute or implement automated and scripted changes or infrastructure request
• Work directly with the Network Core Infrastructure Services (NCIS) Team to coordinate the completion of all automated scripts.
• Provided Network Support on Routing protocols such as EIGRP and OSPF
• Designed and implemented Cisco/ Meraki Enterprise Cloud Wireless Bridge/Repeater to extend the LAN for multiple buildings
• Installed and configured Meraki (MX80, MX60) Appliance via Meraki MX400 Cloud.
• Responsible for NAT traffic flow in the Juniper SRX 3600 and support Juniper Space.
• Design, and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls
• Used Splunk for Application Log, Security Log and Performance monitoring.
• Maintained a technical lead position for DNS and DHCP services during the transition from UNIX to Windows-based services, including overseeing the introduction of an IPAM system to collectively manage operations.
• Good experience on Microsoft Azure and Create a Virtual Network on Windows Azure to connect all the servers.
• Perform device migrations and work with the migration team to ensure that all manageability checks have been properly performed during device acceptance.
• Creating and managing endpoints using Azure Traffic Manager.
• Assist with coordination and implementation of monthly projects.
• Maintained accurate records of all Data Center equipment move, add, change, repair, upgrade, and decommissioning via Remedy web based CMDB
• Create a monitoring template using custom MIBs in Solarwind.
• Involvement in configuring Solarwind tools for regular activities as well for proactive monitoring of specific routers to record behavioral statistics.
• Provided firewall policy configuration and services with Juniper SRX 240 650 series.
• Configuring, maintaining and troubleshooting with Fortinet firewall and security
• Administer Lucent Vital QIP, including group policy, creation and deletion of user accounts, managing access controls, and domain structure configuration.
• Extensive experience in implementing and managing boundary defense technologies to include firewalls, IDS/IPS, DLP and other. Specific knowledge of Checkpoint, Palo Alto, Cisco and Fortinet firewall appliances.
• Implemented virtual firewalls (VSX) and cluster on different checkpoint environments.
• Responsible for installation, troubleshooting of Checkpoint firewall and LAN/WAN protocols
• Experience with next-gen firewalls, including Palo Alto and VMware NSX.
• Strong hands on experience with Cisco ISR routers, Cisco 6500/4500 switches, Cisco ASA 55xx security devices, and Cisco Nexus platform.
• Administrate rules in Checkpoint firewall.
• Integrating, Configuring Cisco ASA Firewalls with ISE to the Posture policy compliance perform CoA for remote VPN IPSec, SSL AnyConnect users.
• Worked on ASA (5540/5550) Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
• Configure Routing protocols such as RIP, OSPF, EIGRP, static routing and policy-based routing.
• Troubleshooting Network Routing protocols (BGP, EIGRP and RIP) during the Migrations and new client connections.
• Implemented and configured BGP WAN routing, converting OSPF routes to BGP (OSPF in local routing).
• Used VMware vMotion to eliminate application downtime from planned server maintenance by migrating running virtual machines between hosts.
• Provide technical guidance to other VMware administrators
• Delivered the value proposition of new and updated products such as NSX, VSAN, vCloud Air and AirWatch to achieve customer outcomes.
• Worked on planning a strategy for moving from vShield to NSX - including introducing NSX into a VDI designed around vSphere 6.5 and Citrix
• Configured and maintained High Availability Checkpoint firewalls in a Provider-1 environment.
• Work experience with Palo Alto Firewalls & Checkpoint Firewalls
• Managed DHCP, DNS and IP address thru Infoblox, and Admin for Internet sites access thru Zscaler.
• Experience with Juniper (Netscreen/SRX), Proofpoint (Email), Iron Port (Web, Email Proxy), Bluecoat (Proxy/Reverse Proxy), Zscaler, Barracuda would be advantageous
• Good knowledge and experience in Installation, Configuration and Administration of Windows Servers 2000/2003, Active Directory, FTP, DNS, DHCP, TFTP, DMVPN, Linux OS under various LAN and WAN environments
• Designed and implemented WAN failover solution to reduce network downtime in stores and Head office using DMVPN tunnels/ VRRP
• Implemented DMVPN across all the regions (NA, EMEA & APAC)
• Delivered high quality technical collateral for the Aruba WLAN product line for customer, partner and SEs.
• Was responsible for preparing and maintaining multi-system demo environments, which is used by sales team to demonstrate Aruba’s product and features to customers.

Confidential, KANSAS CITY, MO

NETWORK ENGINEER/WIRELESS ENGINEER

Responsibilities:

• Migrate the older devices at branches to Juniper EX 4200, EX4300, QFX devices as a part of the tech refresh project with higher port density.
• Experience with Network Automation using Python.
• Configuring Virtual Chassis for Juniper switches EX-4200, Firewalls SRX-210
• Design for Guest Network and Mobile Access Network for NAC Solution, comprising a Wireless LAN Controller solution in DMZs/Internet Gateways with ForeScout CounterAct NAC Appliances for NAC.
• Involved in finalizing the design for Corporate Wireless Network Access for NAC Solution, comprising ForeScout CounterAct NAC Appliances in all WAN Consolidation Points, and Data Centers.
• Involved in Migration of Cisco firewalls to Cisco NX-G firewalls.
• Maintained and managed assigned systems, Splunk related issues and administrators
• Implemented site to site VPN in Juniper SRX as per customer.
• Installed, tested and deployed monitoring solutions with Splunk services.
• Configured and administered Load balancers F5 Big-IP LTM and GTM Load Balancer.
• Monitored WAN and LAN for circuit outages, network component failure, and user-reported network issues as well as network components such as routers, switches, and firewalls via the Network Management System (Solarwind).
• Monitoring of devices using SolarWinds and analyze packet captures using Wireshark
• Maintained and manage CMDB is updated regularly
• Configured Cisco Prime, Cisco Works, ServiceNow, HPNA, IBM Remedy, SolarWinds, PRTG
• Configured VLANs, Private VLANs.
• Experience and Certifications with Fortinet, SonicWALL and HP Networking Switches.
• Configuration, maintenance, and support of the enterprise network consisting of Cisco routers and switches, Aruba switches, Cisco and Aruba wireless, and FortiGate firewall.
• Extensive use of NSM (Network and Security Manager) and NetScout CSM (Cisco Security Manager) for adding or modifying firewall policies for the firewalls in use.
• Configure various LAN switches such as CISCO CAT 2900, 3550, 4500, 6509 switches and Access layer switches such as Cisco 4510, 4948, 4507 switches for VLAN, Fast EtherChannel configuration.
• Implemented and configured Fortinet Firewall FortiGate 600, 800 series.
• Expert-level understanding of fiber optic cabling as well as internal network system components.
• Familiar with component testing software programs and their reporting functions.
• Recognized for speed and precision in cutting, splicing, and installing cable while still staying within the limits of safety protocols.
• Tested controllers from Cisco, Motorola, Aruba, Meru, Trapeze, Xirrus.