SUMMARY:

• Detail - oriented Network / Network Security Engineer with 8 years of experience with a strong background in network technologies and security.
• Worked extensively with multiple Clients in Switching, Routing, Network Security (Firewalls and Proxies), Application Delivery Controllers, Authentication and Wireless environments.
• Focused on maintaining network security to provide customers with safe data management. Passionate to learn new technologies and implement new ideas to enhance teh workflow in Network Engineering.
• Strong hands on experience on Cisco Catalyst (3550, 3750, 6500) series switches, Cisco (2500, 2600, 2800, 3600, 3800, 7200) series Routers, ASA Firewall (5505/5510), Load Balancers F5 LTM/GTM, Cisco Works, HP Open View, Solar Winds, Sniffer, Palo Alto
• Network’s Firewall models (PA-2k, PA-3K and PA-5K).
• Expertise in design, configuring, supporting, and administrating Data Centers, Cisco routers, switches, Nexus switches, Load balancers (F5) and firewalls.
• Hands on experience in installing, configuring and administration of Firewalls including Cisco PIX, Cisco ASA, Checkpoint, Palo Alto and Load Balancers like Big-IP F5 (LTM and GTM).
• Experience in designing and implementing F5 web based solutions.
• Strong hands on experiences Cisco Routers 4300, 4400, 4500, 2900, 3800, Switches 3850, 4500, 9300, 9400, 9500, 6500, 6800 series.
• Working noledge and demonstrated experience on teh PAN-OS 6, 7.1, and 8.0 versions: PA 220, PA 820, PA-2K, PA-3K and PA-5K firewalls.
• Knowledge on Juniper SRX220, SRX240 and SRX550, Fortinet 200D series firewalls.
• Worked on Cisco ACI, Configuration and operations support on various Tenants, Bridge Domains, EPG's, VTEPS, VNI, VRF. Experience with VXLAN overlay and IS-IS underlay using Nexus 9k spine and Leaf switches.
• Experience and basic understanding in network Automation using Python and Ansible to automate network configuration using playbooks and integrate various network tools using REST API.
• Experience with Arista 7000 series routers in teh core. Configuration of VXLAN and EVPN on Arista switches for next generation Data centers.
• Expertise in installing, configuring, and troubleshooting Juniper Routers (MX-480, MX960) and Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 ) series.
• Experience with design and implementation of Virtual Switching System (VSS) for both User segment and server segment using 6509 catalyst switches
• Proficient in Cisco IOS installation, upgradation and Configuring, Troubleshooting routing protocols like RIP, EIGRP, OSPF, BGP (E-BGP, me-BGP).
• Worked on F5 LTM, GTM and APM modules, Citrix Netscalers for Application Load balancing. Migration from Cisco ACE and GSS to F5 and Netscalers. Worked on multiple business critical applications like Citrix VDI, Exchange, Skype for Business, ADFS for load balancing.
• Involved in teh integration of F5 Big-IP load balancers with Palo alto firewalls for firewall load balancing and was responsible was troubleshooting and maintenance.f5
• Expertise in configuring and troubleshooting complex layer 2 technologies such as VLANs, VTP, Ether Channels, Spanning Tree Protocol STP, RSTP and MST and redundancy protocols like HSRP, VRRP, GLBP .
• In depth noledge and experience working with other protocols like TCP/IP, OSI model, DHCP, DNS, SMTP, IMAP, FTP, WAN, LAN, NAT, PAT, ACL, VLANs, Trunking using 802.1Q, IPv4, IPv6, LDAP, HTTP, HTTPS, UDP, VOIP, QOS.
• Proficiency in teh configuration of VLAN setup on various CISCO Routers and Switches.
• Hands-on configuration and experience in setting up Cisco routers to perform functions at teh Access, Distribution, and Core layers.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN, Trunks, VTP Ether channel, STP, RSTP, and MST .
• Provided administration and support on Bluecoat Proxy and Zscaler Cloud Proxies for content filtering and internet access between site and VPN client users.
• Advanced noledge, design, installation, configuration, maintenance, and administration of Checkpoint Firewall R55 up to R77, Secure Platform Installation, VPN

TECHNICAL SKILLS:

Networking Technologies:: LAN/WAN Architecture, TCP/IP, Frame Relay, VPN, VLAN, VTP, NAT, PAT, STP, RSTP, PVST, MSTP.

Switch platforms:: Cisco 2900XL, 2950, 2960, 3560, 3750, 4500 and 6500, Nexus (2K, 5K, 7K and 9K).

Networking Concepts:: Access-lists, Routing, Switching, Subnetting, Designing, CSU/DSU, IPSec, VLAN, VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi.

Network Management/Monitoring: Solar winds, HP NNMi 8xi (Network Node Manager), NPM, NCM, IPAM, Net flow and Cisco prime, Ethereal / Wireshark.

Simulation Tools:: GNS3, VMware, OPNET IT GURU, OPNET Modeler, Cadence.

WAN technologies:: ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET.

LAN technologies:: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channel, VLANS, VTP, STP, RSTP, 802.1Q

Security Technologies:: PAP, CHAP, Cisco PIX, Blue Coat, Palo Alto, ASA, Fortinet, Checkpoint.

Operating Systems: Windows 7, Vista, XP, 2000, LINUX, Cisco IOS, IOS XR, IOS-XE, NX-OS.

Router platforms:: Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900, 6807 series), Nexus 7K, 5K, 2K & 1K.

Juniper Platforms:: SRX, MX, EX Series Routers and Switches.

Firewalls: : Cisco Firewalls (ASA 5505, 5510), Palo Alto Networks (PA 220, PA820, PA-2K, PA-3K and PA-5K). Juniper Net Screen (500/5200), Juniper SRX (650/3600), Pix (525/535), ASA (5520/5550/5580 ), McAfee Web Gateway, Checkpoint.

Load Balancers:: F-5 BIG-IP LTM 2000, 3900, 5000, 6400, 6800 AND 8900. F5 i5000 NetScaler (Citrix), Cisco ACE

Security Protocols:: IKE, IPsec, SSL, AAA, Access-lists, prefix-lists, SSL-VPN

Networking Protocols:: RIP, OSPF, EIGRP, BGP, ISIS, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA, IPv4 and IPv6, Multicasting.

Features & Services:: IOS and Features, HSRP, GLBP, VRRP, IPAM IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP and FTP Management, Open Stack, IVR's, HLD and LLD documents, Dell equal logics.

WORK EXPERIENCE:

Confidential

Senior Network Engineer

Responsibilities:

• Excellent customer management/resolution, Organizational, analytic, problem solving, debugging skills and capable of quickly learning, effectively analyses results and implement and delivering solutions as an individual and as part of a team.
• Configuring EIGRP, OSPF and BGP on cisco routers.
• Extensively worked on TCP/IP protocols and transport protocols like TCP and UDP.
• L3 switches as well as Nexus environment.
• Implemented teh Policy Rules, DMZ and Multiple VDOM's for Multiple Clients of teh State on teh FortiGate Firewall.
• Use tools such as Solarwinds Network Performance Monitor and Network Configuration Manager,
• Cisco Prime, Infoblox, Panorama, Cyberark and Stat seeker
• In depth noledge with tools such as, Solarwinds, Statseeker, Infoblox, Panorama, Citrix SD Wan and Cisco Meraki software Technologies: SolarWinds
• Experience working with Nexus 7010, 5020, 2148, 2248 devices.
• Knowledge on different kinds of cables used to connect different devices in data centers and within teh industry.
• Experience with teh Installation of infbox.
• Experience with LTM F5 component to provide High Availability with providing services across data centers.
• Configured and maintained F5 load balancing Big-IP devices for Local Traffic Management (LTM) and WAN Optimization (WOM).
• Worked on implementation of teh basic F5 LTM (Local Traffic Manager).
• Daily Support of F5 environment to include Creation of new VIPs/WIPs and irules.
• Engineering and configuring Virtual Server, Pools, iRules, Profiles, Persistence, and monitor on F5 LTM
• Migrating applications from cisco ACE/CSM to F5LTM, and GSS configurations to F5 GTM wide-ip's
• Implemented Site-to-Site VPNs over teh internet utilizing security standards such as 3DES, AES/AES-256 with ASA 5580 Firewalls.
• Worked on teh URL filtering and upgradation of Palo Alto firewall from PAN-OS 7.1 to PAN-OS 8.0.
• Managed Palo Alto/ASA Firewall for security policies and rule base of security control points, device mapping using network address translation, objects management, other administrative tasks.
• Architected plan for migrating ACLs from Cisco ASA to Palo Alto Network firewalls.
• Worked on teh migration from Cisco ASA to teh Palo Alto firewall and teh configuration of User-ID’s, App-ID’s, SSL Decryption, URL Filtering, Policies, Zone Protection, High Availability, Management, Migrated all IPSEC tunnels, ACL’s, NAT rules and policies.
• Troubleshoot and Worked with Security issues related to Cisco ASA/PIX, Checkpoint, IDS/IPS and Palo Alto firewalls.
• Configuring rules and maintaining Palo Alto Firewalls & Analysis of Firewall logs.
• Firewall rule auditing (NIPPER, FIREMON) to meet with Security standards.
• Worked with LAN protocols (VLAN, VTP, STP, RSTP, MST) & Port Channel Protocols (LACP, PAGP).
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for a datacenter access architecture Expertise in installing, configuring, and troubleshooting Juniper EX Switches EX2200, EX2500, EX3200, EX4200, EX4500 series.
• Worked with LAN protocols (VLAN, VTP, STP, RSTP, MST) & Port Channel Protocols (LACP, PAGP).
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for a datacenter access architecture Expertise in installing, configuring, and troubleshooting Juniper EX Switches EX2200, EX2500, EX3200, EX4200, EX4500 series.
• ASA/PA firewall Log Maintenance and Policy Maintenance.
• Troubleshooting complex Checkpoint issues, Site-to-Site VPN related.
• Implemented teh Inter VDOM Routing through teh FortiGate Firewalls and teh Router.
• Responsible for enabling BGP peering relationships and debugging BGP routing problems.
• Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting teh user ports to non-trucking, deployed port security when possible for user ports.
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN.
• Experience with migrating teh Partner IPSEC VPN tunnels from one data center to another.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500 with ACL, NAT, Object Groups, Failover, Multi-Contexts.
• Implemented VMWare's management software Virtual Center 2.0 to manage teh new environment.
• Installed and Configured VMware vCenter and ESX 4.0, ESX 3.5, ESX3.0, High Availability, DRS, Vmotion.
• Configure Cisco ucs profiles for migrating and add hosts for load balancing in Vmware environment.
• Worked on different VMware products like VMware ESX server, VMware vCenter, VMware view, VMware Lab manager, VMware SRM, VMware vShield.
• Connected VMware NSX 3.0 Servers in teh three different lab environments to EMC External storage space.
• Managed servers using PowerShell scripting and Active Directory tools.

Confidential , Denver, CO

Senior Network Engineer

Responsibilities:

• Member of a 5-person team responsible for systems and policy changes to firewall infrastructure.
• Was part of LAN/WAN development (IP address planning, designing, installation, configuration, testing, and maintenance and troubleshooting issues) team.
• Configured Checkpoint and Cisco ASA firewalls to secure teh infrastructure for teh Data Center.
• Involved in Data Center migrations and handled proper management, maintenance, configuration, and altered management of firewall structure.
• Experience with industry recognized SIEM solutions such as ArcSight, Splunk, LogRhythm, AlienVault, etc.
• Provided L2 & L3 network support, Building configurations for Juniper EX 3300 and EX 4200 switches with features like port security, VLANS, VTP, and PVST+.
• Remote implementation of Palo Alto firewalls PA-500 and PA 200 firewalls.
• Configured all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments.
• Experience in Designing and assisting in deploying Cisco ASA firewall-based devices, configuring VPNs, IPS and IPsec.
• Monitors data center devices, equipment's (HVAC, Servers, other devices) local & remote sites.
• Physical to Virtual, Virtual to Virtual and Virtual to Physical migrations of Linux servers from and to VMware, VirtualBox, Hyper -V and other legacy hardware.
• Experience as VMware administrator specializing in teh area of Virtualization with VMware ESXi 5, 5.1, 4.x, ESX 4.x and 3 servers, Virtual Center server, vCenter Operations manager VCOPS, VDI, ThinApp, VMWare Orchestra and SAN/NAS technologies .
• Drafted and installed Checkpoint Firewall rules and policies.
• Some familiarity with Zabbix, AWS, Git, Nginx, Ansible.
• Implemented traffic filters by using standard/extended access lists, distribute lists, & route maps.
• Experience with Aruba WLAN infrastructure in large scale global deployments.
• Experience operating high-density AP and client deployments.
• Worked extensively on FortiGate Firewalls and Configured FortiGate 60D.
• Implemented teh policy rules and DMZ for multiple clients of teh state on teh FortiGate firewall.
• Worked on F5 GTM, configuring Wide IPs and pools to load balance teh client traffic between teh two data centers.
• SSL offloading on F5 LTM's, worked on both teh server SSL profiles and client SSL profiles.
• Configured teh F5 LTM both by teh GUI and tmsh scripts.
• Configured and troubleshooting teh F5 LTM and APM and providing level 2 support for teh customers.
• Extensive noledge and experience regarding F5 BIG-IP LTM VIP configuration with health check.
• Configured VIP’s, pools and members for projects on F5 load balancer.
• Installed and maintained Cisco and F5 Load Balancer and documentation.
• Configuring and troubleshooting perimeter security devices such as Checkpoint R77 Gaia, Secure Platform, Palo Alto and ASA Firewalls.
• Configuring Rules in Confidential Firewalls & Analysis of logs using various tools like SIEM .
• Proficient noledge on firewall Rule audit and optimization using Algosec.
• Was a part of a team that Implemented iRules on teh VIPs based on application Knowledge about wildfire feature of Palo Alto.
• Excellent experience with FTP, TFTP, DHCP configuration and its setup.
• Understanding teh JUNOS platform and worked with JUNOS upgrade of Juniper devices.
• Used load balance applications based on addition to completing teh SANS Top 20 Controls within a Scrum Agile Team.
• Configured Nexus 7K, 5k, 2k switches in data center for hosting various servers.
• Install or decommission of Nexus switches and servers in teh data center.
• Hands on experience with issues related to security like NAT, IP sec, ACLs.
• Used Net scalar for quality of service (QOS), offloading.
• Used Network analysis tools like Packet Sniffer and Wireshark for troubleshooting teh network.
• Extensive experience with various wireless tools such as Spectrum Analyzer, Protocol Analyzer, and Site Survey Tools.
• Configured dynamic routing protocols such as EIGRP, OSPF, BGP and switch management on Cisco 6500, 2800, 2900, 3750, 3900 series.
• Responsible for enabling BGP peering and customer sessions and debugging BGP routing problems.

Confidential, Cambridge, MA

Network Engineer

Responsibilities:

• Strong hands on experience on Cisco Catalyst (3550, 3750, 6500) series switches, Cisco (2500, 2600, 2800, 3600, 3800, 7200) series Routers, ASA Firewall (5505/5510), Load Balancers F5 LTM/GTM, Cisco Works, HP Open View, Solar Winds, Sniffer, Palo Alto Networks Firewall models (PA-2k, PA-3K and PA-5K).
• Expertise in design, configuring, supporting, and administrating Data Centers, Cisco routers, switches, Nexus switches, Load balancers (F5) and firewalls.
• Hands on experience in installing, configuring and administration of Firewalls including Cisco PIX, Cisco ASA, Checkpoint, Palo Alto and Load Balancers like Big-IP F5 (LTM and GTM).
• Configuring objects such as Load Balancer pools for local traffic management on F5 Load Balancers.
• Knowledge on Juniper SRX220, SRX240 and SRX550, Fortinet 200D series firewalls.
• Involved in customer escalations and troubleshooting issues related to connectivity, STP, VLAN, Trunking, VTP, Layer 2/3 switching, Ether channels, Inter-VLAN routing, log messages, high CPU utilization and parameters that can degrade performance of network.
• Troubleshooting of TCP/IP problems and connectivity issues in multi-protocol Ethernet environment.
• Involved in troubleshooting aspects of complex network infrastructure using routing protocols like EIGRP, OSPF and BGP.
• Strong hands on experiences Cisco Routers 4300, 4400, 4500, 2900, 3800, Switches 3850, 4500, 9300, 9400, 9500, 6500, 6800 series.
• Having strong Knowledge with Cisco 1921/k9, 3750, 1800 series routers & 2950, 2960 series switches, Nexus 2k, 5k, 7k.
• Configuring STP for switching loop prevention and VLANs for data and voice along with configuring port security for users connecting to teh switches.
• Performed scheduled Virus checks and updates on all servers and desktops.
• Implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, and Ether channel, STP, RSTP and MST.
• Worked on installation, maintenance, and troubleshooting of LAN/WAN (ISDN, Frame relay, NAT, DHCP, TCP/IP).
• Configured Access List (Standard, Extended, and Named) to allow users all over teh company to access different applications and blocking others.

Confidential

Junior Network Engineer

Responsibilities:

• Monitored teh performance of Network devices.
• Performed Troubleshooting and observed directing conventions such as OSPF, EIGRP & BGP.
• Installation and configuration of teh Network of Cisco Router and Switches for EIGRP and VLANs etc.
• Worked on teh Cisco switches 2950, 3560 and teh Cisco routers 2500, 2600, 2800 Initially involved in installations, technical support, troubleshooting and maintenance of network equipment.
• Good noledge in Configuring Access Control List (ACL).
• Configured VLANS on different impetus switches performed investigating on TCP/IP system issues, Administered Frame-Relay, and systems.
• Configured IPv4 VPNs using IPsec VPNs.
• Worked on WAN and LAN infrastructure.