SUMMARY

• Network Engineer with 8 years of Experience in Designing, Deployment and Operations of complex enterprise and service provider networks supporting their Network, Security, Data Centre Infrastructure
• Hands - On Experience in Implementation, configuration & troubleshooting various Routing Protocols like RIP, EIGRP, OSPF, BGP
• Experienced in working on Confidential Catalyst switches 6500, 4500,3750, 2900 series
• Involve in deployment for Confidential ASA (5505, 5520, and 5585).
• Experience on site to site vpn, ssl vpn & Dmvpn.
• Strong experience with Confidential ASA firewalls, ISE, Aruba Clear Pass
• Extensive knowledge and hands-on experience with Brocade DSX and VDX
• Strong experience with F5 and Brocade ADX series load-balancer and Nexus series switches
• Experience with Network Automation using Python, shell scripting
• Strong Experience with Linux scripting - Python, Shell for Unit/Load/Performance/Regression/Integration testing.
• Strong experience in creating execution of automation frameworks using Python, Shell
• Deep knowledge and hands on experience with CyberArc- Privileged Identity Management
• Experience in layer-3 Routing with, ASR 9K, ASR 1K, Confidential 7600, 7200, 3810, and 3925 series.
• Experienced in working on Amazon AWS Cloud Services.
• Experience in Confidential Wireless Access points Confidential 3500’s, 3600’s, 5508.
• Experience in VPC, VDC, Fabric path and OTV configurations.
• Experience in information security with capabilities to support Trend Micro OfficeScan (or comparable Enterprise AV system)
• Responsible for defending the network against malware, viruses and all threats that negatively impact confidentiality, integrity and availability.
• Hands on Experience in Configuring and Maintaining Forescout CounterACT NAC and Confidential ISE Identity Service Engine(ISE) NAC Technologies
• Experience in design, installation, configuration, maintenance, migration and administration of Check Point Firewall R55 up to R77
• Experience in Brocade SLX and MLX Ethernet router(CLI, RESTful, NETCONF, RESTCONF)
• Infoblox DNS IPAM for Microsoft DNS/DHCP setup and management.
• Extensive work experience in designing with Confidential Routers, Confidential Switches, F5 LTM/GTM and A10 SLB/GSLB Load Balancers, Confidential ASA, Checkpoint Firewalls and Blue coat Proxy Servers.
• Migrate and convert all traffic from end of life proxy platforms Solaris/Checkpoint, Solaris/Sun proxy and Net Cache to multiple Blue Coat Proxy SG units separating the traffic to point to specificlines of business designated proxies. This is also known as One-to- Many proxy migration.
• Experience in Utilizing Access-lists, Prefix-lists, Route Policies, and Route Filtering.
• Extensive working experience of various Switching Technologies STP,RSTP,MST, VLAN& VLAN Trunking Protocol (VTP) along with Failover Mechanisms such as HSRP, VRRP&GLBP on Layer 2 Setup, Inter-VLAN routing, Ether channel using LACP, PAGP.
• Experience in installation and configuration of the Confidential NSX Appliance for setup including Confidential vSphere.
• Worked on Nexus FEX-2K (2248, 2232), 3K (3064), 5K (5548, 5020, 5010), 7K (7018, 7010) andNX-9K (9300) series switches.
• Worked extensively on Juniper MX Series Routers and EX series switches.
• Worked on Configuration and support of Juniper QFX3500, QFX3600, QFX5100, QFX5200 series switches and SRX3400, SRX3600 series firewalls.
• Hands on experience in configuring and supporting site-to-site and remote access Confidential, IPsec, VPN solutions using ASA/PIX firewalls, Confidential, VPN client in addition to providing TACACS+ and RADIUS services.
• Experience in implementation of Confidential ACS Servers & configuration of TACACS protocols.
• Enabled Authentications such asWPA2, PAP/CHAP, and AAA. Extensively used Route Reflectors, Route Influence by Attributes, Local Preference, Multi homing and Optimization of BGP.
• Experienced in dealing with the Enterprise level architecture for all network related issues.
• Experience in T1/E1/T3 technologies and different LAN&WAN technologies.
• Experience on Infoblox and windows server for DNS/DHCP IP management.
• Experience on creating Visio diagrams, LLD, HLD and run books for datacenter and branch networks.
• Maintaining and updating inventory of all network hardware, Management and Monitoring by use of SSH, Syslog, SNMP, NTP,
• Expertise in installing, configuring and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200) series.
• Expertise in installing, configuring and troubleshooting Juniper Routers ( E,J,M and T-series)
• Implementation of Juniper Router and Switches SRX, J, MX, EX Series
• Implementation of Juniper Firewall, SSG Series, Net screen Series ISG 1000, SRX Series
• Implementation of HA-JSRP in JUNOS devices, SRX Series Router/Firewall in both A/A and A/P mod.
• Experience on conducting Change Management on weekly/daily basis without any DOWNTIME/OUTAGE in LIVE NETWORK and managing Business Continuity Plans (BCP).

TECHNICAL SKILLS

Confidential Platforms: Nexus 9k,7K,5K,2K&1K, Confidential routers (7600, 7200, 3900,3600, 2800,2600,2500,1800 series & Confidential Catalyst switches (6500,4900,3750,3850, 3500, 4500,2900 series) ASR1001,2900,3900,7200,7600 & ASR9000 series

Juniper Platforms: MX, EX series Routers and Switches

LAN Technologies: SMTP, VLAN, Inter-VLAN Routing, VTP, STP, RSTP, Light weight access point, WLC.

WAN Technologies: MPLS, VPLS, Frame Relay, PPP, HDLC, (E1/T1/E3T3), DS3, OC192

Network Security: Confidential ASA, Juniper SRX.

OS products/Services: DNS, DHCP, Windows (2000/2003/2008, XP), UNIX, LINUX

Routing: RIPv2, OSPF, EIGRP, IS-IS, BGP, PBR, Route Filtering, Redistribution, Summarization, and Static Routing

Gateway Load Balancing: HSRP, VRRP, GLBP

Various Features / Services: IOS and Features, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP and FTP.

Network Management Tools: Wire shark, Net flow Analyzer Net Scout, SNMP, Confidential Prime, Ethereal, HP open view

Load Balancers: F5 Networks (Big-IP) LTM 6400

Operating Systems: Windows (98, ME, 2000, XP, Server 2003/2008, Vista, 7, 10), Linux

Firewall & Security: Checkpoint (NGX R65, R77-80), Confidential ASA, Palo Alto, ASA 5505 Firewall, Juniper Net Screen firewall

Languages: Perl, C, C++, SQL, HTML/DHTML, Python scripting

PROFESSIONAL EXPERIENCE

Confidential, New York, NY

Senior Network Engineer

Responsibilities:

• Responsible for providing connectivity between AWS Cloud and all MFG and DMZ’s as per requirement.
• Experienced in configuring the routers Confidential 7600 (7609), ASR 9K(9922), ASR 1K and CSR 1000V series
• Experience with Installing and configuring the Nexus SwitchesNX-9K (9300) NX-7K (7010) andNX-3K (3064) series.
• Created Sub-interfaces on 10G interfaces, utilized encapsulation Dot1Q and established BGP peering with AWS Virtual private clouds (VPCs)
• Configured and Maintained Confidential Wireless Access Points ( Confidential - 3500's, 3600's), using Confidential Wireless Controllers at the Data-Centre.
• Configured and performed software upgrades on Confidential Wireless LAN Controllers 5508 for Wireless Network Access Control integration with Confidential ISE.
• Worked on Brocade SLX and MLX Ethernet router (CLI, Restful, NETCONF, RESTCONF)
• Designed and implemented the NTP support for MLX.
• Involved in enhancing the SNMP engine and implementing the SNMP agent code for various SNMP mibs,
• Involved enhancing the license infrastructure and syslog infrastructure
• Configured Multiprotocol Label Switching (MPLS) VPN with Routing Information Protocol (RIP) on customer's site.
• Expertise and extensive experience in managing ASA Firewalls, Catalyst switches and customer integration. Ability to setup devices, modify ACL’s and trouble shoot issues.
• Implementation of HA-JSRP in JUNOS devices, SRX Series Router/Firewall in both A/A and A/P mode
• IP addressing and design schemas for a variety of IP Pools using DHCP scope or local IP pools for NAC Controls.
• Configured and Trouble shouted BGP, OSPF, MPLS for Enterprise level network
• Creating and Implementing VRFs, Site to Site (S2S) VPNs between Delphi and its Multiple Vendors.
• Migrated the S2S VPN connectivity on to the direct connect (10G WAN Links)
• Utilised Smart Domain Manager, Smart Dash Board and Smart view tracker on Checkpoint Firewalls for Updating /modifying the Policies and NAT rules
• Worked on Adding, removing, modifying the Policies in Checkpoint FWs (DDOS, IDS) to provide access for various vendors to DMZ’s and internal MFG applications.
• Implemented IPS, DLP and UTM features on the firewall for added security purposes.
• Worked on Adding/modifying NAT rules using Hide NAT and Static NAT in Checkpoint Firewall.
• Thorough knowledge of F5 implementations including interfaces, high-availability, monitors, load-balancing algorithms, failover mechanisms, device management, upgrade and downgrade processes (11.x), volumes, partitions, out-of-band.
• Advanced skills of designing, coding, and troubleshooting IRules.
• Strong understanding of the different load balancing options & features to include One Connect, Persistence, and SSL offload functions, HTTP profiles.
• Strong understanding of the Global Traffic Manager and iQuery functionality between LTM & GTM for a HA design.
• Performed the Application Failover test between regions of AWS West and East by disabling the Pools on F5 GTMs.
• Working on Adding new SNAT pools, Virtual IPs (VIP), Pool members, Server groups on A10 and F5 load balancers
• Worked on BGP Path manipulation attributes Local preference, multi path, and multi homing for having a proper Failover connectivity.
• Extensively worked on Juniper models EX-2200, EX-4200, EX-4500
• Performed a Failover Test to AWS connectivity by coordinating with Deployment, sustainment, Application and cloud teams successfully without an outage.

Confidential, Marlborough, MA

Senior Network Security Engineer

Responsibilities:

• Configured, administered and documented firewall infrastructure, working with Check Point, Firewall deployment, rules migration and firewall administration and Converting existing rule based onto new platforms
• Implemented Zone-Based Firewalling and Security Rules on the Palo Alto Firewall.
• Worked extensively in Configuring, Monitoring and Troubleshooting Confidential 's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design
• Gained experience on working with migration to Check Point and Palo Alto next-generation firewalls.
• Provided tier I, II and III technical change supports for installation, integration, and maintenance on global technology infrastructure to business clients, vendors, colleagues and technology teams in timely manner
• Experience with firewall architecture, design, testing, development, migration, and integration
• Proficient in design, implementation, management and troubleshooting of Check Point firewalls, Check Point Provider-1 / VSX, Palo Alto IDS/IPS modules, Data Center Migration, F5 Load Balancers, Cyber Security and Bluecoat URL filtering & Packet Shaper systems
• Deploy Confidential Nexus 1000V to Confidential Infrastructure.
• Experienced in configuring Guest access using Aruba Clear Pass and Web Authentication.
• Experience with Aruba/Ruckus Wireless Controllers, Access Points and IAP. Implement Aruba Wireless infrastructure using Aruba controllers & Access Points. Configured Aruba access points troubleshoot connectivity issues with Aruba access points
• Lead network engineer on a project to build out a software defined data center based on Confidential ACI, Confidential NSX and F5 load balancers.
• Responsible for the engineering, design, test, and implementation of secure and reliable network connectivity using the Zscaler suite of products (ZPA, ZIA, to include the Client Connector - formerly ZApp) leveraging the current network environment to facilitate secure access to applications and services in the cloud.
• Vulnerability assessment using tools such as Nessus and Qualys, and implementation of Security Policies. Knowledge in design and deploy of F5 LTM, GTM, APM, ASM solutions.
• Responsible for creation, review, and update of current security policies, process, and procedures and migrate them to Confidential ASA policies with centralized Policy automation & control through Confidential ASA Policy Manager
• Daily responsibilities included design, implementation, support and administration of multiple security products running Check Point Provider-1 and VSX, Source Fire, and ISS Real secure
• Provided best practice security consulting for multiple compliance initiatives, with a focus on highly resilient solutions
• Performed all maintenance tasks on the Nexus Switches, ASR Routers, Checkpoint Firewalls, F5 Load balancers Infoblox DNS and Confidential ACI.
• Worked on Check Point Platform including Provider Smart Domain Manager
• Worked on configuring, managing and supporting Check Point Gateways and Managed Check Point Firewalls from the command line (cpconfig and Sysco fig)
• Expertise in Palo Alto design and installation for Application, URL filtering, Threat Prevention and Data Filtering.
• Experienced in using Smart Update, User Identity Management and Authentication in Check Point Firewall.
• White-listing of SaaS applications according to compliance requirement on Palo Alto firewall, Configured, Administered and troubleshoot the Juniper SRX, Palo Alto, Imperva and ASA firewall
• Analyzed logs and make necessary network report using smart reporter console application
• Configure Check Point firewall to authenticate users based on user identity, user group, user sessions and monitored all users/Firewall traffics using smart view-tracker, and smart view-monitor smart consoles
• Design and implementation of new datacenter core with Confidential 6500's and ASA's in context mode as well as responsible for firewall rule set migration from Confidential ASA to newly implemented Palo Alto as well as experience working with Palo Alto firewalls PA5050, PA5060, Confidential ASA 5500 Firepower 9100, 4100
• Implemented the Policy Rules, DMZ and Multiple VDOM's for Multiple Clients of the State on the FortiGate Firewall
• Configure policies on the Bluecoat VPM, local database and PAC files to filter the traffic flow by creating custom rules, URL filters (PAN-DB) and routing policies
• Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point R65, R70 & R77, Palo Alto and Confidential ASA.

Confidential, St. Louis, MO

Network Engineer

Responsibilities:

• Provide high-level technical support to backbone network infrastructure, which consists of Confidential 72xx, 39xx Series Routers, ACS terminal servers, 2950, 3750, 3800 and 65xx Cat switches.
• Installed, Configured and maintained 2600, 3600, 7613 Confidential Routers and 3750, 4500 and 6500 series Confidential Switches.
• Designed & Deployed Confidential ISE 1.2/1.3 for Enterprise RADIUS Authentication with Active Directory, RSA Secur ID, Proxy Radius Services to Confidential ACS and Radiator Radius.
• Configured of ACL’s in Confidential 5550 ASA firewall for internet Access requests for servers, Protocol Handling, Object Grouping and NAT.
• Extensively worked on Juniper models EX-2200, EX-4200, EX-4500.
• Redesign customer’s office copper and fiber cable plant for scalability
• Configured Juniper MX480, 240, 80 series and worked on Juniper models EX-2200, EX-4200, EX-4500, SRX
• Implemented antivirus and web filtering on Juniper SRX 240 at the web server as well as configuration of F5 Big-IP LTM-6400 load balancers.
• Install and configure various manufacturers Wireless access points. Manufacturers include Netgear, Beldin, Linksys, Confidential, Brocade, and Juniper
• Configuration of Confidential IP phones (7900s, 6961s, 9900s) for device profiling and Confidential Call Manager phone registration via Confidential ISE, Printer Profiling, Mobile device profiling etc.
• Worked on Adding, removing, modifying the DMZ and Firewall Policies in Checkpoint FWs (DDOS, IDS).
• Created static routers in Firewall and applied security levels to DMZ as per requirement.
• Performed Network Security Assessment and implemented security improvements such as network filtering, SSH, AAA, SNMP access lists, VTY access lists, EIGRP MD5 authentication, and HSRP authentication.
• Planned, Designed and Installed the NAC Appliances for VPN Users, Wired (LAN, WAN) and Wireless Networks (WLAN).
• Installed and Configured the Confidential NAC Appliances in Virtual Gateway mode - Central Deployment Mode with Clean Access Manager 3355 and Clean Access Server 3355-3500, Clean Access Server 3315-500 of release 4.7.0 and 4.7.2
• Configured and managed Confidential access layer routers and switches & carried out route redistribution & manipulated route updates using distribute lists, route-maps & administrative distance, and offset-lists.
• Configured routing protocols like EIGRP, OSPF & BGP and troubleshooting layer3 issues.
• Learned and Tested various BGP attributes like local preference, MED, Weight and replicated customer issues in the testing environment lab.
• Configured Confidential standard vSwitch, distributed vSwitch, virtual machines using templates, hot clone, cold clone and cold migration.
• Created and deployed of virtual machines from templates and creating snapshots, clones of virtual machines for future deployments.
• Handled the Confidential solutions to support multiple storage connectivity options such as FC-SAN, iSCSI, NFS (NAS) and provided system administration and technical support for Windows 2003, 2008 and 2012 Servers.
• Configured PVSTP+ for loop prevention and VTP for Inter-VLAN Routing.
• Implemented port aggregation & link negotiation using LACPandPAGP.
• Involved in design, implementation and configuration of HSRP for load balancing on L3 switches on different location of office on the switched network.
• Configured and deployed BIG-IP LTM 6900 for providing application redundancy and load balancing.
• Configured Client VPN technologies including Confidential ’s VPN client via IPSEC.
• Troubleshot issues and outages on Trunks and Router interfaces and firewalls extensively.
• Involved in operations and administration of WAN consisting Ethernet Handoffs, T1, DS3, and Optic Fiber Handoffs.
• Provided technical assistance for LAN/WAN management & troubleshooting and complex customer issues using Network monitoring tools such as Solar winds.
• Worked Extensively on Access Control Policies consisting of VLAN switching through SNMP, Applying downloadable ACLs through Confidential ISE, and Configuring Standard and Extended ACLs locally and on the upstream switch's for Confidential NAC & Forescout NAC Solution.

Confidential, Jamaica, NY

Network Support Engineer

Responsibilities:

• Configured, implemented, and troubleshoot routers and switches with various account settings, permissions, and parameters.
• Working closely with Data center management to analyze the data center sites for cabling requirements of various network equipment
• 24x7 on-call escalation support as part of the security operations team
• Working configuration of new VLANs and extension of existing VLANs on/to the necessary equipment to have connectivity between two different data centers
• Responsible for entire LAN and WAN/WLAN maintenance and troubleshooting of the company network. Involved in the Team of Data Center Operations to perform duties like administration and deployment of Confidential Routers and Switches according to the organization requirements.
• Performed network administration tasks such as creation and management of VLANS, Port security, Trunking, RPVST+, Inter-VLAN routing, and LAN security.
• Configured Hyper-V LAN which decouples virtual networks from the physical network infrastructure, removing the constraints of VLAN and hierarchical IP address assignment from virtual machine provisioning.
• Worked with ASA Firewall configuration and Participated in Migration of PIX to ASA for hardware devices.
• Configured FWSM on Confidential 7600 router to reduce costs and operational complexity while enabling organization to manage multiple firewalls from the same management platform.
• Knowledge in implementing and configuring F5 Big-IP LTM-6400 load balancers.
• Configured ASA 5520/5500to ensures high-end security on the network with ACLs and Firewall.
• Worked with Confidential Catalyst 4500, 4900 switches and Confidential 2800, 3600, 3800, 7200&7600 series Routers.
• Deployed Nexus 2000, 5000 and 7000 series switches.
• Involved in Network Designing, Routing, DNS, IP Subnetting, TCP/IP protocol.
• Worked with Routing Protocols of EIGRP and BGP.
• Installed Confidential WAAS device 4451-X for acceleration of TCP-based applications, and Confidential 's Wide Area File Services (WAFS) in a single appliance and to preserve and strengthening branch security
• Configured PVSTP+ for loop prevention and VTP for Inter-VLAN Routing.
• Worked on commissioning and decommissioning of the MPLS circuits for various field offices & POPs.
• GRE tunnelling&Site-to Site VPN configuration between other two sites in USA.
• Implemented redundancy for Routers, Switches and Firewalls.
• Manage Confidential Routers and troubleshoot layer1, layer2 and layer3 technologies for customer escalations
• Creating automated scripts using Python language and also manual testing to enhance hardware performance.
• IP Allocation & Maintenance for users and other needs throughout company.
• Configured and managed OSPF redistribution and authentication with type 3 LSA filtering and to prevent LSA flooding and also configured OSPF over frame relay networks for NBMA and point to multipoint strategies.
• Designing, configuring, implementing and troubleshooting (LAN) VLAN’s, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel.
• Implementing and managing traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).
• Configuring and implementing F5 BIG-IP, LTM, GTM load balancers to maintain global and local traffic.
• Implementing and troubleshooting (on-call) IPsec VPNs for various business lines and making sure everything is in place
• Implementing the necessary changes such as adding, moving and changing as per the requirements of business lines in a data center environment
• Implementation and configuration of F5 Big-IP LTM-6400 load balancers
• Worked in projects converting P2P circuits into MPLS circuits, commissioning and decommissioning of the MPLS circuits for branch offices.
• Configuring and resolving various OSPF issues in an OSPF multi area.

Confidential

Junior Network Support

Responsibilities:

• Racking, Stacking, Cabling and labeling of devices.
• Managing tickets to perform certain Networking Configuration and Troubleshooting of Networking equipment.
• Configure Routers/Switches with Vlan's, NAT/PAT and Access Lists
• Configured, implemented, and troubleshoot routers and switches with various account settings, permissions, and parameters Switching (Ethernet) related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.
• Maintaining QoS and providing Quality Assurance for Network Hardware such as Fiber Optic cables and Ethernet cables. Also maintaining connectivity of cables between Racks.
• Racking, Stacking, Cabling and labeling of devices
• Troubleshoot TCP/IP problems, troubleshoot connectivity issues
• Environment: Confidential 3650,Catalyst 2960x, Confidential router 2900, ISR4301, OSPF, EIGRP,, VLANS & ISL, ASA 5510, VPN, SNMP
• Configuring and troubleshooting issues related to STP, RSTP and VLAN's allocation in Organization for maintaining Layer 2/3 Switching intact.