SUMMARY

• Over 6+ years of experience in Networking and Security, including hands - on experience in providing network support, installation and analysis for a broad range of LAN / WAN/MAN communication systems.
• Cisco Certified engineer with Expert level knowledge in troubleshooting, implementing and testing of static and dynamic routing protocols such as EIGRP, OSPF, RIP and BGP
• In-depth knowledge and hands-on experience on IP Addressing, Sub netting, VLSM and ARP, reverse and proxy ARP, Ping concept.
• Monitoring of equipment capacity/utilization and evaluate the need for upgrades; develop methods for gathering data needed to monitor hardware, software, and communications network performance
• Working on Cisco Routers and Switches and Wireless networks … at Enterprise level.
• Cisco's Application Centric Infrastructure (ACI) implementation (Nexus 9K, APIC).
• Configuring Cisco switches including Nexus9K, Nexus7K, Nexus5K and Nexus2K
• Hands on experience in configuring Cisco Catalyst 2960, 3750, 4500, 6500 and Nexus 3000, 5000, 6000, 7000 series switches and Cisco 2600, 2800, 3600, 3800, 7200, 7600 series routers, Load Balancers & Cisco Firewalls.
• Worked on Juniper devices like EX-2200, EX-4200, EX-4300, MX-80, MX-480, M Series, SRX210 and SRX240.
• Worked on Implementation of MPLS based VPN for various Enterprise Customer
• Configured/troubleshooted OSPF, BGP, MPLS-VPNS on Juniper platform
• Experience in creating, debugging, diagnosing and troubleshooting, build scripts written in Linux platform.
• Deployment and maintenance of Arista Networks using 7100 and 7150 switches. working as Cloud Administrator on Microsoft Azure, involved in configuring virtual machines, storage accounts, resource groups.
• Good at Manage hosting plans for Azure Infrastructure, implementing & deploying workloads on Azure virtual machines (VMs).
• Configured Arista 7500 7020, and 7050 series switches within legacy network environment.
• Experience in managing Active Directory Domain Controllers, DNS and DHCP Servers.
• Hands on experience with Checkpoint Firewalls. Hands on experience with configuring firewalls and managing issues.
• Familiarity with Websense, nCircle, Imperva, DAM, SourceFire and WAF devices and services.
• Provide in-depth analysis for complex troubleshooting for Checkpoint, Fortinet, and Cisco ASA Firewalls .
• Utilized Various SNMP Tools: Solar Winds, utilized Windows, Linux, Unix base software and tools.
• Managed network performance, including providing network monitoring and reporting
• Troubleshot and resolved complex problems to ensure quality transmission service on the network

PROFESSIONAL EXPERIENCE

Confidential - Atlanta, GA

Sr. Network Engineer

Responsibilities:

• Planning and perform hardware and software upgrades, preventative maintenance, high availability, disaster recovery failover and deployments (firewall, router, switches, load balancers). Coordinate with vendors, development, business partners and escalation support teams as needed, all to follow the approval and change management processes.
• Designed and configured Azure Virtual Networks (VNets), subnets, Azure network settings, DHCP address blocks, DNS settings, security policies and routing.
• Deployed Azure IaaS virtual machines (VMs) and Cloud services (PaaS role instances) into secure VNets and subnets.
• Designed VNets and subscriptions to confirm to Azure Network Limits.
• Exposed Virtual machines and cloud services in the VNets to the Internet using Azure External Load Balancer .
• Provided high availability for IaaS VMs and PaaS role instances for access from other services in the VNet with Azure Internal Load Balancer.
• Implemented high availability with Azure Classic and Azure Resource Manager deployment models.
• Designed Network Security Groups (NSGs) to control inbound and outbound access to network interfaces (NICs), VMs and subnets.
• Setup Azure Virtual Appliances (VMs) to meet security requirements as software based appliance functions (firewall, WAN optimization and intrusion detections).
• Utilized NSGs for layer 4 Access Control List (ACLs) for incoming and outgoing packets.
• Used firewall appliance where requirements call for layer 7 security models.
• Leveraged VNET system routes and underlying route table that holds Local VNet Rules, On-premise Rules, Internet Rules and IP Forwarding as design basis.
• Designed User Defined Routes with custom route tables for specific cases to force tunnelling to the Internet via On-premise network and control use of virtual appliances in the customer's Azure environment.
• Installed and configured Juniper MX480- 960 Routers, EX2200, 4300 Switches, PTX3000 routers, QFX5100, 3500 and QFabric platforms, SRX200 Branch platforms
• Expirence of routing protocols, including RIP, EIGRP, MPLS, BGP, OSPF, and Multicast
• Responsible for OSPF route engineering to ensure network stability to also include MPLS /LDP configuration for traffic engineering. Used features such as OSPF Summarization and SPF/LSA throttling
• Maintain regular backup of firewall and network devices and perform recovery operations as needed.
• Hands-on technical knowledge of Cisco ASA firewalls, routers and switches
• Working with Cisco enterprise grade products to include: Nexus 7k, 5k, 2k, Catalyst 6500, 4900, ASA, ASR.
• Working with network capacity planning, network security principles, and general network management best practices.
• Implementation, configuration, tuning and customization of Aruba ClearPass for RBAC
• Created effective network security by migrating from Check Point FW-1 NG to ASA 5510 Firewalls
• Designed and configured of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Experience on designing, deploying, and operating F5 LTM/GTM products.
• Manage and operate network and firewall devices that consist of: Cisco ACI, F5 BIG IP, Checkpoint and palo alto firewall, Tufin FW mgmt and so on

Confidential, Atlanta,GA

SR Network Engineer

Responsibilities:

• Provided Level 2/3 escalation solutions for routing, switching and WAN connectivity issues using ticketing system Remedy.
• Install, upgrade and configure Next-Gen Palo Alto Firewall series PA-200, PA-500
• Designed and configured IPSEC VPN tunnels on PA firewalls to establish remote site connectivity
• Install, manage and monitored Palo Alto Firewalls in Panaroma nvolved in designing and deploying a multitude applications utilizing almost all of the AWS stack (Including EC2, Route53, S3, RDS, Dynamo DB, SNS, SQS, IAM) focusing on high-availability, fault tolerance, and auto-scaling.
• Experience in troubleshooting VLAN, STP (Spanning tree protocol), & Switch Trunk and IP subnet issues.
• Responsible for support of existing network policies and procedures, as well as creation and implementation of new security procedures. Risk assessment for partners. Presented options to management for the enhancement of DNS, firewall, modernization of firewalls, and inbound Confidential -mail security and robustness.
• Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning and configuring VLANs/routing/NATing with the firewalls as per the design.
• Implemented High-availability (Failover) Configuration For Security Management

Confidential, Jacksonville, FL

Network security engineer

Responsibilities:

• Experience on Configuring IOS-XE and assisted in NX-OS configurations for all local sites and remote sites
• Layer 2 switch and Layer 3 routing for access, distribution, and core networking for remote, local, and data center sites
• Upgrade outdated hardware and upgrade IOS codes for switches, routers, and firewalls to meet standard practice
• Configuring basic OSPF and RIPv2 networking commands
• In-depth knowledge of WAN technologies including MPLS, circuiting, and commodity peering
• Designed User Defined Routes with custom route tables for specific cases to force tunnelling to the Internet via On-premise network and control use of virtual appliances in the customer's Azure environment.
• Hands-on field experience with Cisco data center networking technologies using Cisco IOS and NX-OS routing and switching including Cisco Nexus 2000 (2K), 5000 (5K), and 7000 (7K)-series and 9000 (9K)-series platforms, Cisco Catalyst 6500, 4500, 3850 IOS and IOS XE switches, with a variety of WAN technologies including BGP, MPLS, Verizon 4G Wireless, Frame Relay, and ATM OC-3, including network security technologies such as Cisco FWSM, ASA, and PIX firewall and Cisco Clean Access NAC (Network Access Control), AAA, RADIUS, TACACS+, 802.1x.
• Designed and installed new branch network systems. Resolving network issues, running test scripts and preparing network documentation.
• Setting up and Managing Virtual Machines on AWS Cloud including working on EC2, Route53,RDS,Lambda.
• Deployed applications and host websites on AWS cloud involving blackboard.
• Migrated Virtual Machines and applications from on premises cloud to AWS.
• Worked on Cisco Layer 2 switches (spanning tree, VLAN).
• Understanding of networking concepts, (IE. Configuration of networks, router configuration and wireless security, TCP/IP, VPN, Content Filtering, VLANs and routing in LAN/WAN, Ethernet Port, Patch Panel and wireless networks.)

Confidential, Norfolk, VA

Network Engineer

Responsibilities:

• Install, upgrade and configure Next-Gen Palo Alto Firewall series PA-200, PA-500
• Daily technical hands on experience in the configuration, troubleshooting of Juniper SRX firewalls as well as experience working directly with customer in a service/support environment.
• Troubleshooting Firewall Connectivity related issues using Smart view tracker on Checkpoint, NSM Log viewer for Juniper Firewalls.
• Experience troubleshooting and configuring IP networks using at least one of the following routing methods: BGP, ISIS, OSPF, MPLS, or Static routing
• Automate the defined test cases and perform automated test for VMware vSphere and NSX products series
• Deployed Next-Generation Firewall ASA-X, SonicWALL, Palo Alto and Fortinet.
• Creating and provisioning Juniper SRX firewall policies.
• Configure and administer Cisco ASA Firewalls (5585, 5550 and 5540) and use command line CLI, Cisco CSM, ASDM for day-to-day administration.
• Active/Standby and Active/Active HA configuration on Cisco ASA Firewalls.
• Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for stateful replication of traffic between active and standby member.
• Worked on a project to help clean up legacy FW policies and create migration path from current ASA’s to Palo Alto. Cleaned up around 50000 rules based on activity within 3 months prior to the migration project.
• Configuring rules and maintaining Palo Alto firewalls and analysis of firewall logs using various tools.
• Experience on ASA firewall upgrades to 9.x.
• Solved problems on case-by-case basis with deep understanding of networking/firewall concepts, particularly with Fortinet devices.
• Support routing protocols including BGP and OSPF routing, HSRP, load balancing/failover configurations, GRE Tunnel Configurations, VRF configuration and support on the routers.
• Conducted a thorough technology analysis as a complete upgrade of existing network, which was required by the company
• Maintained a Network with more than 600 Network devices, some 25,000-end hosts, and the other Network devices like DHCP, DNS servers, and Firewall servers
• Configured routers including 3925, 3845, 2811, 2600 series along with Cisco switches including 2960,3750
• Performed OSPF and BGP protocol administration and used redundancy protocols like HSRP, VRRP
• Configured VLANs, VTP, RSTP, STP (Spanning Tree Protocol), and Ether channel and port security at switching
• Configured WAP and performed troubleshooting of WAP and WLC using Cisco NCS Monitoring Tool.
• Extensively used Infoblox for IP address management. Created and added IPv4 Network, Reserved IP addresses for various devices, Defined DHCP Scope as per the requirements, Created DHCP scope options for setting up Voice VLANs and PXE Clients etc.

Confidential

Network Engineer

Responsibilities:

• Responsible for PIX 7.x/8.x & ASA 8.x Firewall migration and in place hardware upgrades and Troubleshooting, IOS Security Configurations, IPsec VPN Implementation and Troubleshooting, DMZ Implementation and Troubleshooting.
• Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation.
• As part of Security and network operations team I was actively involved in the LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems)
• VLAN implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to avoid loops in the network. Trunking and port channels creation.
• Responsible for Firewall upgrades as well as Troubleshooting, Security Configurations, IPsec VPN Implementation and Troubleshooting, DMZ Implementation and Troubleshooting.
• IOS Upgrades from 7.x to 8.x as well as backup and recovery of configurations.
• Work in an enterprise network environment with dynamic routing using OSPF and BGP for external connectivity.
• Configured Switches with proper spanning tree controls and BGP routing using community and as path prepending attributes.
• Install Windows Server 2003, configure IP addresses, network printers and configure Client Access for PCs.
• Work with BGP routing protocol for communication with business partners and influence routing decision based on AS Path Prepend and other attributes.
• Administer and support Cisco based Routing and switching environment.
• Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay).
• Deployed a Syslog server to allow proactive network monitoring.
• Implemented VLANS between different departments and connected them using trunk by keeping one Vlan under server mode and rest falling under client modes.
• Configured Client VPN technologies including Cisco’s VPN client via IPSEC.
• Configured Firewall logging, DMZs and related security policies and monitoring.
• Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.