SUMMARY

• Senior Network/Network Security/Application Delivery Engineer/Wireless Engineer with overall experience of almost 8 years in Healthcare, Financial, Retail and Product Clients.
• Experience with various Network Topologies, LAN, MAN, WAN, Campus, Data Center, ISP Connectivity, WLAN, VOIP environments. Worked in Global environments with network spanned across globe in multiple regions.
• Worked on Next generation Network Engineering trends and have hands on experience in migration projects from legacy to latest technologies and equipment. Very flexible and enthusiastic to learn new technologies and work on any new vendor equipment.
• Team player and has experience working with various teams like server, Project Management, Virtualization, Storage, Cabling (SM/MM), Application etc.
• Thorough with Documentation Skills from end to end Project implementation, VISIO Diagramming, O365, MS Project, MS Team, MS word and Presentations wherever necessary.
• Switching experience which includes campus and Data Center Switching, Worked on Cisco, Juniper, Arista, Aruba and Dell Switching gear.
• Experience with IDF/MDF Architecture, remote sites switching with access and Distribution layers, Data Center Top of the Rack switching, Distribution and core in DC.
• Campus Switching and Routing Hardware includes - Cisco 3750, 3850, Cat 9K, 4500, cisco ISR routers, 2300, 7200 series routers Juniper EX 4300, 3400 in access and EX 4600 in Distribution. Aruba 2530, 2540, 3810 and 5400R switches. Cisco Layer 2/3 networking knowledge.
• Data Center Switching and Routing Hardware Includes Cisco Nexus 2K, 5K, 3K and 7K modules. ASR 1K, 9K, Cisco Juniper QFX Series, MX series routers, Arista 7000 series.
• High Level understanding and implementation experience in VLAN, STP, RSTP, MST, 802.1X, DHCP, DNS, HSRP, VRRP, GLBP, IPv4, IPv6, OSPF, EIGRP, IS-IS, BGP, RIP, Static Routing, VSS, MLAG- VPC, MEC, VDC, VXLAN, EVPN Protocols.
• Extensive experience working with Network Firewalls. Worked on Cisco ASA, Cisco Firepower, Palo Alto Next Gen Firewalls, Checkpoint, Fortigate and Sonic Firewalls.
• Experience with Perimeter Firewalls, VPN firewalls, Server Farm Firewalls using Standard and Extended ACL, All types of NAT, URL Filtering, SSL Forward Proxy, SSL Decryption, Threat ID, User ID and APP ID based Security policies.
• Implementation of Firewalls from Scratch and migration from Legacy to Next Generation firewalls with Layer 7 security features.
• Worked on Internet Web Security Proxies which includes Cisco Iron Ports, Bluecoat Proxies, Zscaler Cloud Proxies. Worked on PAC files, Whitelist and Blacklist policies, AD group-based policies, User based, location-based Policies on proxies.
• Experience with Application delivery controllers which include Cisco ACE, F5 LTM, GTM, APM, ASM modules, Citrix Netscalers. Worked on Virtual servers, Pools, SNAT, persistence, Profiles, iRule Scripting, DNS, Topology based load balancing on F5. Migration experience from ACE to F5.
• Worked on all major vendor-based application load balancing which includes Microsoft Office 365, Secure email Gateways, Citrix VDI, ICA proxy, tenant restrictions etc.
• Experience with Overlay and Underlay networks which includes VXLAN tunneling, OTV. Software defined networks using Cisco ACI and Arista Cloud Vision. Experience configuring Bridge Domains, Application templates, VNI, VTEPS, Symmetric and Asymmetric IRB in Spine and Leaf Architecture. Worked on Nexus 9K in ACI and non ACI modes.
• Experience with remote site connectivity to Data centers using SD-WAN in MPLS WAN. Worked on Versa, Viptella and Meraki SD WAN solutions. Experience with vSmart, vBond, vEdge and vManage components in SD-WAN.
• Experience with Cloud Networks and migration projects in AWS and Azure. Automation using Ansible for Network Automation and API integrations.
• Worked on Cisco, Meraki and Aruba Wireless solutions. Worked on configuration of WLAN controllers, AP groups, SSID, RF parameters, Anchor controllers, BYOD policies, Integration with RADIUS servers for Authentication. Experience with Cisco Prime, Aruba Airwave.
• Worked on Cisco ISE, Aruba ClearPass for RADIUS and TACACS Authentication. Integration with WLAN controllers. Wired and Wireless Authentication using Cert based and MAB.
• Enhanced level of knowledge with, PPP, PAP, CHAP, ATM, T1 /T3 Frame-Relay, MPLS.
• Experience with DNS and DHCP servers which Include Infoblox, Windows DNS and DHCP, BlueCat DNS. DHCP scopes, IPAM, DNS Zones, Forwarders, Delegations to F5 GTM for WideIP, sub Domains, External, Internal and Cache grids for DNS.
• Worked with Automation script with Python module like Chef & Ansible.
• Worked on SNMP for network monitoring which includes SolarWinds, Netbrain, Whatsup Gold.
• Experience with Microsoft Suite and Office 365.
• Experience with Cisco and Avaya VOIP environment. Worked on Configuration of Call Managers, H.323, SIP trunks, QOS policies, VOICE VLANS, CUCM, VOIP gateways etc. Very good understanding in 802.1X.

TECHNICAL SKILLS

Networking Technologies: LAN/WAN Architecture, TCP/IP, Frame Relay, VPN, VLAN, VTP, NAT, PAT, STP, RSTP, PVST, MSTP

Networking Hardware: Cisco Switches, Cisco Routers, ASA/Pix/Palo Alto/Fortinet/Juniper firewalls.

Routing Protocols: OSPF, ISIS, EIGRP, RIP, MPLS, IS-IS, BGP, Multicasting

Security Technologies: PAP, CHAP, Cisco PIX, Blue Coat, Palo Alto, ASA, Fortinet, Checkpoint

Network Monitoring: Solarwinds, Wireshark, HRping, Whatsupgold, Infoblox

Operating Systems: Windows 7, Vista, XP, 2000, LINUX, Cisco IOS, IOS XR, IOS-XE, NX-OS

Routers: CISCO 4300, 4400, 4500,2600, 2800,3800,7200, Juniper M & T Series, ASR 1000

Load Balancers: F5 Networks (BIG-IP), Netscaler (Citrix)

Capacity & performance: Cascade Riverbed (Flow Monitor), WAN Killer

Switches: CISCO 2960,3750,3850, CAT 9300, CAT9400, CAT 9500,4500,6500,6800 Nexus 7k,5k,2k

Firewalls: Juniper Net Screen (500/5200), Juniper SRX (650/3600), Pix (525/535), ASA (5520/5550/5580 ), McAfee Web Gateway, Checkpoint, Palo Alto firewalls.

AAA Architecture: TACACS+, RADIUS, Cisco ACS

Features & Services: IOS and Features, HSRP, GLBP, VRRP, IPAM IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP and FTP Management, Open Stack, IVR’s, HLD and LLD documents.

PROFESSIONAL EXPERIENCE

Confidential, Farmington CT

Sr. Network Engineer

Responsibilities:

• Configuration and Administration of Cisco and Juniper Routers, Switches and mixed vendor Firewalls.
• Experience working with Nexus 7010, 5548, 5596, 2148, 2248 devices. Worked on 40 gig and 100 gig switching chassis with QSFP. Worked on Cumulus Switching POC on Mellanox devices.
• Deploying and decommission of VLANs on core ASR 9K, Nexus 9K, 7K, 5K and its downstream devices also configure 2k, 3k, 7k series Routers
• Experience configuring VPC (Virtual Port Channel), VDC (Virtual Device Context) in Nexus 7010/7018
• Experience with configuring FCOE using Cisco nexus 5548
• Created documents for various platforms including Nexus 7k, ASR9k, and ASR1k enabling successful deployment of new devices on the network.
• Installation and Configuration of Cisco Catalyst switches 6500, 3850 & 2960, 9300 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy it also includes the configuration of port channel between core switches and server distribution switches
• Migrated to Juniper EX series switches from Cisco 3500 series and 6500 series switches
• Experience with moving data center from one location to another location, from 6500 based data centers to Nexus based data center.
• Designed and configured Azure Virtual Networks (VNets), subnets, Azure network settings, DHCP address blocks, DNS settings, security policies and routing.
• Designed VNets and subscriptions to confirm to Azure Network Limits.
• Used Azure Kubernetes Service (AKS) to deploy Kubernetes cluster in Azure. Created an AKS cluster in the Azure portal, with the Azure CLI and also used template driven deployment options such as Resource.
• Worked on Zscaler Cloud proxies, Implementation of Policies, PZen Configuration, GRE tunnels to Cloud, PAC file configuration, DLP policies.
• Worked with HP switches, Extra hop, F5 Load Balancer.
• Implement changes on switches, routers, load balancers (F5 and CSS), wireless devices per engineer’s instructions and troubleshooting any related issues.
• Configured Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000 to connect servers and storage devices.
• Experience with setting up MPLS Layer 3 VPN cloud in data center and working with BGP WAN towards customer.
• Experience with configuring Cisco 6500, 6800, 4500 VSS in Distribution layer. Configuring and managing F5 LTM (Local Traffic manager) in large scale environment.
• Configure and troubleshoot Juniper EX/SRX series switches.
• Network security including NAT/PAT, ACL, and ASA/SRX/Palo Alto/Fortinet Firewalls.
• Good knowledge with the technologies Site to Site VPN, DMVPN, SSL VPN, WLAN and Multicast.
• Well Experienced in configuring protocols HSRP, GLBP, PPP, PAP, CHAP, and SNMP.
• Work with Load Balancing team to build connectivity to production and disaster recovery servers through F5 Big IP LTM load balancers
• Install, manage and monitored Large scale Palo Alto Firewalls through Panorama.
• Experience with communicating with different customers, IT teams in gathering the details for the project
• Experience in installing and configuring DNS, DHCP servers.
• Convert WAN links from TDM circuits to MPLS and to convert encryption from IP Sec/GRE to Get VPN.
• Worked with Palo Alto firewalls PA250, PA4050, PA3020 using Panorama servers, performing changes to monitor/block/allow the traffic on the firewall. Technical assistance for LAN/WAN management and complex customer issues.
• Remediation of firewall rules from checkpoint firewalls to Cisco ASA firewalls and their implementation.
• Adding and removing checkpoint firewall policies based on the requirements of various project requirements.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience
• Worked on Python scripting for generation the firewall security policy through web visualization tool in checkpoint firewall.
• Strong hands on experience on, ASA Firewalls, Palo Alto Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
• Implemented Zone Based Firewalls and Security Rules on the Palo Alto Firewall. Exposure to wildfire feature of Palo Alto. Supported Blue Coat Proxy in explicit mode for users trying to access Internet from Corp Network.
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering). Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.
• Worked with the Python 2 & 3 version
• Dealt with Aruba wireless access points 200,300 series supporting 802.11 ac.
• Setting Aruba Access to link distribution switch system and then to WLAN controller.
• Installed and configured Meraki (MX80, MX60) Appliance via Meraki MX400 Cloud.
• Installed and configured Cisco Meraki (MR66, MR74, MR84) wireless Access points in the warehouses.
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, prevention where needed.

Environment: Cisco ASA Firewalls, F5 ADC, Cisco 3900,4300,4400,4500 Routers, Cisco Catalyst switches 6500, 3750, 3550, 2960,4500,6500,6800,9300,9400 Switches, Juniper SSG-140, Palo Alto Wildfire, Juniper EX series switches, Nexus 9k, 7k, 5k, ASR 9k, ASR 1k, Nexus 2000 FEX, Juniper SRX, Routing Protocols: BGP, OSPF, AAA (TACACS+ & RADIUS), TCL Scripting, ACL Configuration.

Confidential, Dayton, OH

Sr. Network Engineer

Responsibilities:

• Installed and configured LAN/WAN Networks, Hardware, Software, and Telecommunication services- Cisco Routers and Switches. Implemented IPv4 and IPv6 on PTX platforms.
• Worked on Cisco wireless LAN technologies, Integration with Cisco ISE. Worked on WLAN AP profiles, Authentication roles, RF properties, AP configuration, WLAN upgrades, Anchor controllers, Cisco prime.
• Working as Kubernetes Administrator, involved in configuration for web apps, Azure App services, Azure Application insights, Azure Application gateway, Azure DNS, Azure traffic manager, App services.
• Used Kubernetes to manage containerized applications using its node, Config Maps, selector, services and deployed application container as Pods.
• Implementation and administration of PKI to include Enterprise Root CA and Subordinate CA design.
• Worked on SD-WAN implementation for remote site connectivity using Viptella. Configuration of Application policies, vEdge, vManage, vSmart and vBond in Viptella.
• Install, configure, administrate, manage, and support Azure compute instances, Azure Backup, Azure Storage Monitor, Azure Storage, VNet, Load Balancers and RBAC.
• Performed Server and data migration to azure via Azure Migrate.
• Routing protocol configuration such as OSPF, IS-IS, EIGRP and BGP, Router redundancy configuration (HSRP, VRRP and GLBP) and Wireless LAN (Access point, LWAPP).
• Experience with network management protocols/tools (TACACS, NTP, SNMP, SYSLOG, etc.) Working experience on complex Checkpoint, Cisco ASA & Palo Alto Firewalls Environment.
• Experienced on working with Palo Alto Next Generation firewall with security, networking, and management features such as URL filtering, Anti-virus, IPsec VPN, SSL VPN, IPS, Log Management.
• Experience working with Juniper devices like EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX650, SRX240 and Juniper J series j230, M 320 and MX960 routers.
• Resolved Customers request to create firewall policies for Cisco ASA, juniper SRX, Fortinet and NX-OS.
• Infrastructure configuration and troubleshooting for Windows Azure environments.
• Monitoring and troubleshooting traffic on PaloAlto firewall through Panoroma. Creating and modifying rules and objects on PaloAlto firewall through Panoroma.
• Riverbed Steelhead 550H WAN optimization installation and configuration
• Strong experience in Networking, including hands-on experience in providing network support, installation and analysis for a broad range of LAN/WAN communication systems.
• Involved in the Team of Data Center Operations to perform duties like administration and monitoring of Cisco Routers and Switches according to the organization requirements.
• Configuring and implementing Remote Access Solution: IPsec VPN, AnyConnect, SSL VPN.
• Provided technical support services for DNS and IPAM services.
• Implemented Quality of Service throughout the network infrastructure, was responsible for policy routing and provided SDN architecture.
• Integrate services appliances to Cisco ACI deployments to include Application Delivery Controllers and Firewalls
• Involved in Network Designing, Routing, DNS, IP Subnetting, TCP/IP protocol.
• Worked with Cisco Catalyst 6500, 4500, 3750, 3500, 2960 switches and Cisco 2800, 3600, 3800, 7200, 7600 and ASR 1000, 2000.3000,7000,9000 series Routers.
• Installed and maintained routers and switches in various network configurations supported VLANs, QoS, VoIP, Call Manager and advanced access-lists.
• Designed and implemented a set of tools to provide fully automated configuration of F5
• Networks BIGIP load balancing systems.
• Strong hands on experience on PIX Firewalls, ASA (5540/5550) Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL.
• Configured & maintained IPSEC Site-to-Site VPN using cisco IOS.
• Experienced in Configuring/Troubleshooting Routing Protocols EIGRP/OSPF/BGP/RIP.
• Installed and Configured A10 (AX2500) load balancer as SLB for various application in backend.
• Troubleshoot layer1, layer2 and layer3 technologies for customer escalations.
• IP Allocation & Maintenance for users and other needs throughout company.
• Designed perimeter security policy, Implemented Firewall ACL's, allowed access to specified services, Configured Client VPN technologies including Cisco's VPN client via IPSEC
• Experience with converting Cisco 6500 IOS to Cisco Nexus NX-OS in the data center environment.
• Install and maintain the wireless infrastructure (Aruba, HP controllers) Configuration of SSID, VLAN binding, security management
• Assigning RADIUS and TACACS for new deployments in production environment. AAA for users to implement changes on production devices. Most of these devices are cisco propriety. Developed/Modified/Enhanced existing and new Perl Packages, Perl frameworks and tools
• Built alert & monitoring scripts for applications & servers using Python & Shell Script

Environment: Cisco 12000, 7500, 3800 series routers and Cisco 3560 series switches, Juniper EX4200, EX3200 Switches, Juniper MX80, MX480, MX960 Routers, F5 ADC, FHRP: HSRP, GLBP, ASR 9000, Juniper SSG-140, Cisco Nexus Switches 2232, 5596, 7009, Checkpoint Firewall, VLAN, 802.1Q Trunking.