SUMMARY:

• Over 6+ years of Experience in Designing, Security, Deployment and Operations of complex enterprise and service provider networks. Adept in managing service functions & streamlining the working standards operating system for project rollout, design and development of Telecom solutions.
• Strong hands - on experience on Palo Alto (5060, 3060), Checkpoint Firewall R77, juniper and Cisco ASA 5585 firewall.
• Designed and configured the commands for QoS and Access lists for Nexus 7K and 5K.
• Expert working knowledge (including the ability to setup, configure, upgrade, manage and troubleshoot Cisco routers, switches, VPN concentrators, firewalls, 802.11 wireless access points and load balancers).
• Migrated firewall rules from Cisco ASA to Palo alto and Check point Firewalls. Designing and Configuring of OSPF, BGP on Juniper Routers (MX960, MX480) and SRX Firewalls (SRX240, SRX550).
• Configuring Multiprotocol Label Switch-Traffic Engineering (MPLS-TE) on a Cisco ASR 9K Series route.
• Well versed with AAA configuration using TACACS+ & RADIUS server.
• Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+& RADIUS)
• Worked on Load balancer F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Working knowledge in BGP, OSPF, EIGRP, RIP, IS-IS, HSRP, L2/3 VPNs in IOS, IOSXE, and IOS XR platforms.
• Strong experience on Juniper SSG series Firewalls and checkpoint R75,76 Firewalls
• Experience in configuration of Juniper security appliances SRX 220, SRX 240, SRX 550, NS 50, SSG 550M, SSG 520M.
• Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point R65, R70, R75, R77 and Cisco ASA.
• Experience working with OTV & FCOE on the nexus between the datacenters. Experience working with OTV & FCOE on the nexus between the datacenters
• Expert in design, configuration and deployment of F5 Solutions with extensive experience working with APM and ASM technologies.
• In the process of replacing the Cisco NAC with the new Cisco Identity Service Engine (ISE).
• Experience Palo Alto, Network Security, Juniper Firewalls, SSL VPN, Checkpoint, RSA, Cisco Nexus, Cisco ACE, Cisco Wireless.
• Experience configuring and troubleshooting on Citrix Net Scalar Load Balancer.
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS.
• WAN circuit systems design, configuration, implementation, troubleshooting and support.
• Had worked on cisco ASA firewall where we upgraded ASA5550,5520 etc. and changed from version 8.2 to 8.4 or 9.
• Worked on Load Balancer F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
• Deployed Cisco 2500 and 5800 Series Wireless Controllers and 1xxx and 2xxx series Access Point.
• Had configured the F5 LTM 8950, 6900, 3900etc. And also, did configuring nodes, virtual servers, load balancing pools etc.

TECHNICAL SKILLS:

LAN Technologies: VLAN, VTP, Inter-VLAN routing, STP, RSTP, PVST, 802.1x

WAN Technologies: Frame Relay, ISDN, PPP, ATM, MPLS, Leased lines

Network Security: NAT/PAT, VPN, Filtering, IDS/IPS, IPsec, ACL

Routing Protocols: RIP, IGRP, EIGRP, OSPF, BGP, IS-IS, HSRP

Routed Protocols: TCP/IP, IPX/SPX

Infrastructure Services: DHCP, DNS, SMTP,MIBs,Syslog, POP3, FTP, TFTP

Network Management: SNMP, SSH, Telnet, ICMP

IP Telephony: VOIP,FXO/FXS/E&M/T1/ISDN/PRI, Call manager Express

Operating Systems: Windows Vista/XP/NT/2003, MS DOS, UNIX, Linux

Comm. Protocols: Wi-Fi, WiMAX, CDMA, 3G

Protocol Analyzers: OPNET, Wireshark.

Languages/ Tools: C, C++

PROFESSIONAL EXPERIENCE:

Confidential, Mountainview, CA

Sr. Network security Engineer

Responsibilities:

• Set up maintained a source fire IDS/IPS system to control network security.
• Troubleshooting firewall rules in Cisco ASA, Checkpoint, Zscaler.
• Perform installs, configure and troubleshooting on stateful inspection firewalls and inline/passive IPS/IDS sensors.
• Subject Matter Expert in network security, Cloud computing security and SDN security applications.
• Specialized in Network Security technologies (Firewall, IPS/IDS, Content Filtering, Proxy and Cisco network products).
• Mutual redistribution of OSPF and BGP routes using route maps.
• Involved in upgrades to the WAN network from existing 1001x with ASR1004 and ISR 2800/4331 routers.
• Strong experience Working with the following routing/switching protocols: BGP, OSPF, EIGRP, LDP, HSRP, VRRP, GLBP, VTP, 802.1d, and 802.1q, ISL, VLAN’s and Port-Channels.
• Worked on F5 BIG-IP LTM, configured profiles provided and ensured high availability.
• Hands on Experience testing iRules using Browser (IE), HTTP watch on f5 load balancers.
• Administer and Troubleshoot Cisco ISE and Cisco TACACS
• Configuring IPSEC VPN on SRX series & Palo alto firewalls.
• Integrate Splunk with AWS deployment using puppet to collect data from all EC2 systems into Splunk.
• Convert Campus WAN links from point to point to MPLS and to convert encryption from IPsec/GRE to DMVPN.
• Configuring IPAM on DNS Infoblox like adding the already existing networks and
• Performed security audit of perimeter routers, identifying missing ACL’s, writing, and applying ACL’s
• Configured and Established Express route and VPN connectivity to Microsoft Azure Cloud.
• Worked with Microsoft support and Deployed HUB and Spoke topology in Azure Cloud.
• Responsible for Cisco ASA firewall administration across our global networks
• VMware vSphere security firewall, leveraging AD, configure network security policy
• Planning and installing VMware ESX and ESXi.
• Installed, configured, and set security policies on Cisco and checkpoint firewalls, VPN.
• Monitored and tested network protocols TCP/IP using Wire shark tool.
• Worked with Aruba/Cisco wireless AP 205 series supporting 802.11 ac.
• Assisted developers with creating and securing Azure API connections.
• Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate Authority for purpose of scaling.
• Implemented Zone Based Firewalling and security rules on the Palo Alto Firewall.
• Experience working with Nexus 9508, 9504, 7018/7010, 5020, 5548, 2148, 2248 devices
• Implementation of BGP to optimize WAN routing on the core and edge routers.
• Troubleshooting and installing of ISR, GSR, ASR9000 and Nexus devices. Managed rules on Checkpoint NGX firewall.
• Managed VPN, IPsec, Endpoint-Security, status policy, Application control, IPS, Monitoring, Anti-Spam and Smart Provisioning.
• Support over two hundred Cisco Firewalls Cisco ASA 5500, Series 5500 - X, and Cisco Next-Generation Firepower 4100 Series security appliances in standalone and high availability configurations
• Level 3 support Firewall Engineer (Cisco ASA and Palo alto)
• Configured site-to-site and client VPNs and identify and resolve firewall and VPN connectivity issues.
• Configured and troubleshoot VPN's on infrastructure VPN devices. Provided support for infrastructure FW/IPS platforms.
• Worked on checkpoint &Palo Alto design and installation of Application and URL filtering, thereat prevention, Data Filtering.
• Good experience in Checkpoint Firewall Operations and implementations across a diverse network with many levels of required security configurations.
• Created Azure Virtual Firewalls, VPNs, VLANs, Load Balancers and Route Tables. Implemented Checkpoint firewall rules according to business requirements and verifications.
• Migrated firewalls from ASA to Checkpoint.
• Designing and directing system configuration and installation to accommodate network needs of client.
• Involved in migration of switches from catalyst 6500 E to catalyst 4500-X, 9500 and Nexus 9k, 7k & 9k
• Good hands on experience in data center migration from legacy to new Cisco ACI fabric infrastructure.
• Configuring and managing VMware vSphere access controls.
• Network security administrator for all user and B2B VPN configuration standards and implementations on production Cisco ASA 5520 and Cisco 5540 appliances Advise management of options, risk vs. cost, benefits, and other impacts of infrastructure solutions
• Assisted field technician over the phone to install and connect the LAN & WAN connections.
• Raise & Implement Break Fix Changes that come from incidents.
• Participating in troubleshooting the F5 LTM and APM and provided level 2 and 3 support.
• Configuring networks using routing protocols such as RIP, OSPF, EIGRP and BGP and manipulated routing updates using route-map, distribute list and administrative distance for on-demand Infrastructure.
• Configuration of IP-Sec VPN tunnels to remote sites using IKEv2.Using tools like cisco works, we can monitor the remote sites connectivity
• Experience on Zscaler cloud security.
• Conduct network modeling and analysis to construct a reliable, high-performance integrated network and recommend new solutions to improve the resilience of network operation.

Environment: CISCO Catalyst 4500/6500/9500 switches, Cisco 2800/4331 ISR routers, Cisco ASA 5500/ 5520/ 5540 , Nexus 9508, 9504, 7018/ 7010, 5020, 5548, 2148, 2248, routing protocols RIP, OSPF, BGP, EIGRP, Zscaler, Azure, VMware, AWS, F5 Load Balancer, Ansible, Palo Alto, checkpoint firewall.

Confidential, Sacramento, CA

Sr. Cloud Network Engineer

Responsibilities:

• Experience of routing protocols like EIGRP, OSPF, RIP, and BGP, MPLS/VPN.
• Worked on Cisco 6500, 7200VXR, 12000 series Router and Cisco 4500, 6509, 7613 series switches.
• Proficiency in configuration of VLAN setup on various Cisco Routers and Switches.
• Experienced in trouble-shooting both connectivity issues and hardware problems on Cisco based networks.
• Enhanced level of experience with QoS, OSPF, BGP, ATM, T1-T3 Frame-Relay.
• Network analysis and capacity planning experience using tools like Sniffer, Ethereal, and Top dump.
• Experience configuring Virtual Device Context in Nexus 7k,5k and 2k
• Extensive hands-on experience with complex routed LAN and WAN networks.
• Hands-on configuration and experience in setting up Cisco routers to perform functions at the Access, Distribution, and Core layers.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution.
• Worked on F5 Load Balancers Configuring iRules, Profiles, NAT’s/SNAT’s, And Load Balancing.
• Excellent Verbal, written communication skills and Interpersonal skills with ability to work with large teams as well as independently with minimum supervision Team Player.
• Experience with Project documentation tools implementing and maintaining network monitoring systems and experience with developing network design documentation and presentations using VISIO.
• Installed, configured and maintained Cisco Routers 2800,3800, 3900, Cisco ASR 1000 Series
• Built LAN/WAN TCP/IP network comprised of Cisco Switches 6500, 6509, 7613, 3550, 4900, 2960, 2950, 2900XL, Nexus 2k/5k/7k.
• Responsible to coordinate with Vendors and ISP.
• Troubleshooting the wireless data core networks, architecture, protocols, interfaces and wireless operator's end-end network.
• Working on deployment/configuration of LWAPs, WLC, WDS and 802.11 wireless devices.
• Managed the load balancers F5 V9 BIG-IP 1500, 3400, F5 networks GTM Platform.
• Utilize Wire Shark and Ethereal as protocol analyzers.
• Configured and installed Cisco ASA Firewalls 5505, 5510, 5520, 5550, 5585 series.

Confidential, Elk Grove, CA

Sr. Network Engineer

Responsibilities:

• Responsible for design & management of Juniper Net screen Firewalls, Juniper Switches, and Cisco Switches.
• Advanced knowledge in installation and configuration of Juniper Net screen Firewall.
• Experienced working with security issues related to Cisco ASR 9K, Checkpoint and Juniper Net screen firewalls.
• Experience of working with F5 Load balancers and building VIP, SNAT and Migrating applications from one Data Center to another data Center.
• Troubleshoot and configured the Juniper Net Screen firewalls (SRX).
• Design, install, configure, troubleshoot and maintain varies load balancers including Citrix net scalar, Riverbed STM.
• Designed and configured the commands for QoS and Access Lists for Nexus 7K, 2Kand 5K.
• Created and Designed Cisco ISE policy for iPad, tablet and mobile phone. Making sure the business and guest devices where working within Company’s wireless network.
• Integrating Panorama with Palo Alto fireballs, managing multiple Palo Alto fireballs using Panorama.
• Implementing and configuring F5 LTM's for VIP's and Virtual sewers as per application and business requirements. F5 configuration, installation, and monitoring with F5 APM.
• Configuration and troubleshooting on HSRP, VRRP, GLBP, RSTP, MST related issues coming in network environment
• Design, configure, and administer Juniper MX routers, SRX Firewalls, Cisco routers & switches.
• Responsible for all routing, switching, VPN, network security, and server load balancing.
• Using PBR with Route Maps for route manipulation/filtering. Troubleshooting routing issues like suboptimal routing and asymmetric routing
• Juniper Contrail SDN deployment assistance to the senior engineering team
• Configure all Palo alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments.
• Built an accruing network via MPLS circuits to split the trusted and un-trusted traffic via a Cisco ASR Router.
• Implemented antivirus and web filtering on Juniper SRX 240 at the web server
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for a datacenter access architecture
• Implemented MPLS/VPLS, QOS, BGP, OSPF, VRF, IPSEC, L3VPN/ASA firewall configuration changes into Cisco 6500, 2800, switches/routers
• Firewall filtering and NAT, Adding and modifying the policies in juniper SRX.
• Configuration and Administration of Palo Alto Networks Firewall to manage large scale Firewall deployments.
• Configured VSS, VPC and HSRP on Cisco Switches.
• Successfully installed Palo Alto PA-3060 firewalls to protects Data Center and provided L3 support for routers/switches/firewalls.
• Provide support and for 2Tier and 3Tier firewall architecture, which includes various Checkpoint, Cisco ASA firewalls and Palo-Alto firewalls.
• Provides updates and upgrades to the Palo Alto Firewall and Panorama devices.
• Administration of Checkpoint, Palo Alto and Juniper Firewalls at multiple properties.
• Monitoring and troubleshooting traffic on Palo Alto firewall through Panorama.
• Palo Alto user-identification implementation with KIWI server’s user Palo Alto user-id agents.
• Involved in the modification and removal (wherever necessary) of BGP from the MPLS routers.
• Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls.
• Troubleshoot, configure, and administer various technologies: BGP, OSPF, DMVPN, VDC, VPC, STP, IPv4, IPv6, unicast/multicast.
• Backup and restore of Check Point and Cisco ASA Firewall policies.
• Configuring F5 Load Balancers: Adding virtual IPs, nodes, pools and health monitoring.
• Upgraded load balancers from Radware to F5 BIG-IP v9 which improved functionality and scalability in the enterprise. Managed the F5 BIG-IP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
• Managing enterprise BGP setup by configuring and troubleshooting BGP related issues. My responsibility was also to add new BGP peers for remote branch offices and business partners.

Environment: Cisco catalyst 6500, 4510, 4948, 4507 switches, Cisco ASA 5585/5500, Nexus 9K,7K,5K switch, Palo Alto firewall, MPLs.

Confidential

Network Security Engineer

Responsibilities:

• Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
• Technically supported in configuring, troubleshooting and analysis of customers networks related to Cisco Identity Services Engineer (ISE)
• Installed high availability Big IP F5 LTM and GTM load balancers to provide uninterrupted service to customers.
• Configuring, upgrading and verifying the NX-OS operation system.
• Integration of Open Contrail Controller with OpenStack Controller and Open Contrail vRouter with Compute Node
• Worked extensively in Configuring, Monitoring and Troubleshooting Juniper security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
• Experience in configuring, upgrading and verifying the NX-OS operating system.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Performed troubleshooting and management of OSPF and BGP protocols on routers.
• Conducted network Packet Analysis using a variety of tools such as Wireshark, Net witness Investigator, Splunk, Bro, FireEye, McAfee, Mandiant MIR, and ArcSight.
• Deployed Nexus switches 2248, 5548, 7018 and implemented features like FEX Links, VPC, VRF, VDC, and OTV, Fabric Path
• Supporting customers with the configuration and maintenance of PIX and ASA firewall systems.
• Used F-5Load balancers to increase capacity (concurrent users) and reliability of applications.
• Deployed and maintained routing protocols such as OSPF, EIGRP, BGP, GRE, MPLS/VPN, HSRP and static routes on Cisco routers and switches and Juniper routers
• Networking R&S, ISE platform, Wireless, VPN, Firewall services, etc.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Managed the F5 BIG-IIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
• Configured and deployed Cisco Fire SIGHT/Firepower/FTD products to harden customers Network Security posture.
• Upgrading system images on Nexus 5 and 7 multi-layers switches using kick start and FTP server.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Worked on the migration project of Juniper SSG to Juniper SRX firewalls.
• Migrate studies from the Cisco ACE Load Balancer appliance to the Citrix NetScaler Load Balancer appliance.
• Provided Load Balancing towards access layer from core layer using F5 Network Load Balancers.
• Storage VDC with FCoE to Nexus 5548UP switch.
• Experience with working on Palo Alto Next-Generation firewalls security profiles and Cisco ASA VPN.
• Deploying, configuring, and administering Checkpoint Endpoint firewalls and hands on experience with network protocols.

Confidential

Network Engineer

Responsibilities:

• WAN circuit systems design, configuration, implementation, troubleshooting and support.
• Worked on Riverbed devices for WAN bandwidth Optimization in the data centers for the sensitive
• Worked as a part of data center deployment where we converted from Cisco 6500 to Nexus.
• Configuration, Installation and troubleshooting of Juniper Net screen.
• Configuration and maintenance of routers, firewalls, and load-balancers. Included configuration of Juniper ISG 2000, Juniper EX4200, F5 BIG-IP 3600, and Cisco 6500. Includes protocols such as MPLS, BGP, OSPF, and VRRP.
• Developed design and testing of EIGRP to OSPF migration. Extensive knowledge implementing and supporting 8021.x, PKI, SNMP, RADIUS, SYSLOG and Cisco ISE, Cisco Routers, Catalyst switches 3650, 4500, 6500 and the Nexus 7000 product line
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience.
• Configuring, maintaining and troubleshooting with Fortinet firewall and security.
• Designed firewall solutions to include zones, policies, NAT & PAT, address-groups, and network objects.
• Performed security audits to ensure optimal network functionality and hardening.
• Created and design network layout and documented the network system design with detail information.
• Responsible for creating, modifying, removing VLAN configs as per the need.
• Configuring standard and extended access-lists for security purpose.
• Provide timely and accurate progress status on all ongoing support issues, with an emphasis on problems, issues, and concerns.
• Proficient with F5 LTM and Cisco CSM load balancer in-between the servers inside the server farm and DMZ. Dealt with F5 load balancing of web traffic and data center environment failover for HA servers.
• Hands on experience with new next generation Palo alto appliances serving as firewalls and URL and application inspection.
• Troubleshoots Different technologies problems involving to Cisco routers, Firewalls, APs, Switches, Fortinet and Meraki.
• Firewall filtering and NAT, Adding and modifying the policies in juniper SRX.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Maintaining Checkpoint security policies including NAT, VPN and Secure Remote access
• Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls.
• Adding Websites to the URL filtering block list in Bluecoat Proxies and upgrading firmware on the bluecoat proxies.
• Managing F-5 LTM, GTM, APM, ASM Administration, creating virtual servers, mapping pools, iRules and Profiles. SSL traffic offloading, also managed PCI Security Audit with F5 ASM.
• Implemented cable multi-service operator (MSO) to capture traditional Telco subscribers with IP telephony and provide relevant QOS.