PROFESSIONAL SUMMARY:

• Senior Network Engineer with 10+ years of experience with architecture, design, deployment and support of network infrastructure in a multi - vendor environment.
• Experience assisting in business continuity planning and providing full redundancy for L2/L3 networks.
• Experience assisting in development of security management policies and creation of security policies and procedures pertaining to access control.
• Strong hands on experience with Cisco Catalyst and Nexus switches, Cisco Routers, PIX/ASA Firewalls, FWSM Module, Security Device Manager (SDM), Cisco ACE/CSS, F5 Infoblox, IPAM, Cisco Works, HP Open View, HPNA
• Expert level knowledge of Checkpoint NG/VSX, Palo Alto and Juniper firewalls
• Expertise dealing with various Networking related Protocols and Standards: TCP/IP, UDP, Switching (VLANs, STP, VTP, VPC, OTV), Routing Protocols (BGP, OSPF, EIGRP, RIP), VDC/VSS/VRF
• Redistribution of routing protocols, Route-maps, Policy Based Routing
• Experience with IP Multicast and related protocols such as IGMP, IP-PIM and Anycast RP
• Possess excellent troubleshooting skills
• Familiar with ITILv3 standards
• Admirable interpersonal, organizational, and communication skills facilitating to work independently and collaboratively, as required, in a fast-paced team environment consisting of internal and external team members
• Possess enthusiasm for work, strong desire to succeed and commitment to continuous skill development that help build confidence and high-level motivation to achieve desired results

TECHINICAL EXPERTISE:

Routers: Cisco ASR/ 7200/4400/4300/3900/3800/2900/2800

Switches: Cisco Nexus 9K/7K/5K/3K, IOS 6500/4900/4500/3850/3750

Firewalls: CheckPoint, Cisco ASA/PIX, PaloAlto, Juniper Netscreen

Load Balancer: F5 LTM, GTM, Cisco ACE, CSS

Proxy: Bluecoat, Squid

AAA: Cisco ACS/Tacacs server Gigamon, GigaTap

Protocols: BGP, OSPF, EIGRP, RIP, QoS, Spanning Tree, IP multicast, IGMP, PIM, VPN, IPSec Tunnel, HSRP, VRRP

Tools: SevOne, Splunk, HPNA, Infoblox IPAM, Jira, ServiceNow, HP Service Manager, Solarwinds Orion, Wireshark, Visio Python(netmiko) scripting for device scrubbing, config push, pings sweep, pre/post checks

PROFESSIONAL EXPERIENCE:

Confidential, Hoboken, NJ

Sr. Network Engineer

Environment: Intercontinental Datacenter architecture with Cisco 7200, 7600 series Routers, Cisco Catalyst 6500, 4900, 2900 series Switches, Nexus 9k/7k/5k/2k, Palo Alto/Checkpoint/ASA/Juniper Firewalls, F5 LTM/GTM, Cisco ACE (ACE20) Load Balancers, Routing Protocols (BGP/OSPF/RIP), DNS Infoblox, IPAM, HPNA, SevOne, Spluk, Gigamon

Responsibilities:

• Responsible for implementation, service delivery, and support of products, systems, and networks in enterprise infrastructure across major eight global Data Centers
• Responsible for configuration and support of Confidential core infrastructure that includes Cisco IOS and Nexus routers, L2/L3 switches, CSS, ACE and F5 LTM/GTM Load Balancers
• Implemented Nexus Infrastructure, 9K/7K/5K/2K, with LAN, SAN, FCOE, VPC while migrating systems from cell-based infrastructure (6500) to POD/Spine-Leaf infrastructure (Nexus)
• Designed and implemented OTV between Data Centers while working on Data Center remediation projects
• Re-designed Data Center Network and migrated routing from 6500 to Nexus 7k/9k switches
• Implemented various changes with BGP and configured various BGP metrics to achieve design goals for new Datacenters routing design
• Routinely worked on configuring unicast/multicast routing, RP, new handoffs while on-boarding new financial feeds/circuits
• Designed and Implemented New F5 Viprion (vCMP hosts) Load Balancers and migrated Finance Applications from ACE to F5.
• Completed successful migration of all Americas based network and security devices into new management tool suite, including HPNA, SevOne, Splunk, and ITNM using HPNA scripts
• Extensively utilized SevOne/Splunk while working on troubleshooting of bandwidth utilization, performance and congestion issues
• Used SevOne FlowFalcon reports trying to find top-talkers while troubleshooting bandwidth overutilization issues
• Responsible for implementation, configuration, and support of security network that includes Palo Alto, Check Point, Juniper Firewall appliances and SuperProxy servers
• Designed and implemented various Rule Base Policies, NAT, and Antispoofing for Checkpoint, Palo Alto and Netscreen Firewalls adhering to company security standards
• Migrated older ASA firewalls to newer CheckPoint as well as to Palo Alto firewalls while working on different remediation/upgrade projects
• Upgraded various Network Gears; e.g. CheckPoint, Palo Alto, F5, Nexus switches, Routers, Various NXOS/IOS switches
• Experience using Python scripted automated Palo Alto/Nexus/F5 configuration tasks, Parsing logs/configurations
• Utilized working knowledge of SmartView Monitor, SmartView Tracker, Smart Dashboard and Audit tools of Checkpoint Firewalls along with CLI tools such as TCPDUMP, FW monitor, packet-tracer while troubleshooting connectivity issues and RCA for incidents
• Participated in meetings with business units and solution architect to gather information for new projects
• Managed DNS and IP address allocations using Infoblox Grid Manager, IPAM, and Active Perl scripts
• Worked at design level for various migration/upgrade projects as a lead engineer
• Worked with team to specify security infrastructure standards, while developing security configuration details in line with company security policies
• Responsible for analysis, review, and design of firewall architecture and policies based on project initiatives created by internal business units
• Prepared/updated HLD/LLD runbook diagram for support as well as helped different groups to update BU specific runbooks
• Helped new team members to understand existing infrastructure as well as to bring them up to speed
• Actively Participated in Change Control meetings to present high impact changes to the ISM/CAB
• Exhibited strong Project Management skills, conducted network baselines and made necessary recommendations
• Provided 24X7 production supports during handover of projects to SBU and provided L2/L3 on-call support on routinely basis while part of SUPPORT team

Confidential, Louisville, KY

Network Engineer (Consultant)

Responsibilities:

• Responsible for physical and logical design for various LAN, WAN projects need
• Implemented & supported network infrastructure at company’s corporate office
• Worked on design & implementation for data networking, routing & switching, subnetting and network segmenting within large scale enterprise network
• Managed Cisco switches, routers, and firewalls
• Commissioned Checkpoint Firewalls: Virtual as well as SPLAT firewalls
• Upgraded various devices, such as ASA, Chekpoint, Routers, Switches
• Involved in firewall policy cleanup standardization as per customer needs
• Configured BGP and configured Local Preference to choose best route
• Integrated VoIP with PSTN and setup voice Gateway ensuring QOS for Cisco based Voice over IP and CDR for voice call Accounting
• Worked with WAN team for migration of Frame-Relay/ATM network to MPLS-based VPN for customer’s WAN infrastructure
• Designed and implemented site-to-site IPSec VPN back up tunnels
• Troubleshooting of various application performance issues using Wireshark
• Involved in installing and configuring a Cisco secure ACS server for AAA authentication (RADIUS/TACACS+)
• Configured Bluecoat Proxy
• Skilled in tracking details, communicating deadlines, and following up with key personnel resulting in many medium to large scale projects being completed on time or ahead of schedule
• Created and maintained detailed network documentation, Physical and Logical network maps, Hardware and Software configurations, cabling layouts and floor plans to assist with troubleshooting

Confidential

Jr Network Engineer

Responsibilities:

• Monitors, analyzes, troubleshoots and/or evaluates hardware, software, and other network related problems, provides technical expertise for performance and/or configuration of the global networks and systems Desktop responsibilities included software & hardware installation & configuration
• Replace outdated Cisco switches & routers in existing data centers & installing new Cisco switches & routers
• Responsible for layer 2 security which was implemented using a dedicated VLAN ID for all trunk ports, setting user ports to non-trunking, deployed port security when possible for user ports
• Implement, monitor, and troubleshoot Juniper firewall filters, Cisco access lists, TACACS+, and other network security features
• Involve in the firewall rule cleaning process
• Used various scanning & sniffing tools like packet sniffer
• Performed data backups/disaster recovery operations
• Monitor, evaluate & report on health of both Wide & Local Area (WAN/LAN) Networks

Confidential

Network Administrator Trainee

Responsibilities:

• Provided network security administration functions including hardware access, software access, passwords, user privileges and related tasks
• Implementation of NAT with a pool of public IP addresses
• Configuration of VLANS and securing access
• Troubleshooting, diagnosing, isolating and resolving network connectivity issues
• Maintaining checklist of all the network devices which includes Health report, Bandwidth report and Network uptime reports· Installed and configured Cisco 1700 series Routers (2x1721) Routers with Leased Line and ISDN as backup line
• Coordinating with Network service providers for new link & breakdowns
• Provided network security administration functions including hardware access, software access, passwords, user privileges and related tasks