OBJECTIVE:

• Seeking a challenging position of network engineer which will give me an opportunity to prove potential in me and educate me more in the field of networking and to help reach the goal of the organization and its growth.

SUMMARY

• 7 years of experience in Network infrastructure planning, designing, deploying, troubleshooting and analysis.
• In - depth understanding on implementation of LAN/WAN network routing environments
• Strong working knowledge in complex configurations, troubleshooting network connectivity and Cisco IOS version integration issues
• Successful in resolving Routing, Switching and WAN connectivity escalation issues using various ticketing tools
• Extensive work experience with Cisco Routers, Cisco Switches, Juniper routers, Nexus routers, HP switches, Load Balancers, Zone Based firewalls and implementing different failover mechanisms on Palo Alto (PA 5020), Juniper, ASA 55XX & Checkpoint R80 firewalls.
• Thorough experience in OSI model, TCP/IP, UDP, IPv4/IPv6 sub netting, NAT concepts
• Expertise in configuring IGRP, EIGRP, OSPF, BGP and MPLS protocols
• Ample knowledge in configuring networking protocols including VM s, DHCP, DNS, NTP, FTP, VOIP (SIP, H.323, MGCP) and Quality of Service (QoS)
• Configurations and issue detection of HSRP, VRRP, GLBP redundancy protocols
• Proficient in configuring WLAN, VLAN, VLAN Trunking Protocol (VTP), Dynamic Trunking Protocol (DTP), Spanning Tree Protocol (STP), RSTP, and PVST
• Worked on configuring ISR 4300 and ASR 1K & 9K Cisco Routers and Nexus 9K, 7K,5K& 2KI have also worked on Catalyst switches 4510, 6500, 9300 & 9500 Cisco series
• Exposure in working on Layer 2 Routing Protocol Configurations as ARP, RARP, and deployment of VPN's over IP Sec tunnel
• Strong basics with x86/x64 Intel, HP, IBM and Dell server models like rack-mounted and tower series
• Good knowledge of CISCO NEXUS data center infrastructure with 5000 and 7000 series switches includes (5548, 7010) including CISCO NEXUS Fabric Extender ( 2248).
• Experience in Network Management Tools and sniffers like SNMP, HP-Open view,Wireshark and Cisco works to support 24 x 7 Network Operation Center.
• Configured Cisco Routers using EIGRP routing Protocol
• Assist in building QRadar rules in order to tune out false positives that produce noise in the SIEM environment Review & decode packet capture via Wireshark in order to get a better understanding of what a source/destination IP is attempting
• Worked as a System Administration on Windows and Linux platforms under production, migration, patching and change environments
• Experience with Design, code, and debug operations, reporting, data analysis and web applications utilizing Python.
• Expert in Network management operations including network monitoring and reporting using SNMP, Tivoli, HP Open View and WebTop in 24/7 Command Center environment
• Troubleshoot and fix issues related to IP Helpers by verifying running configuration of port, Vlan and DHCP, Develop the change control, configuration management, automation, and
• Citrix Patching, Security & Citrix Capacity and performance management
• Collaborate with service
• Excellent skills in Network security installation, configuration and managing Firewalls including Fortinet, and Checkpoint VSX, IDS and IPS
• Ability to configure, monitor and troubleshoot Cisco ASA firewall series 5505, 5510, 5500 security appliance as per the infrastructure requirement
• Investigate and fix issues related to the rules configured under Firewall ASA modules installed under different L3 boxes
• Knowledge about setting up Python REST API Frame work using Django.
• Experience in working with Python ORM Libraries including Django ORM.
• Experience in load balancing using F5 LTM/GTM networks
• Adhesive nature in understanding organizational needs and proactive in resolving complex technical tasks within the given SLA
• Performed different Types of Testing like Black Box, Build Acceptance, Functionality, Integration, Database, System, Boundary, Regression, Security, Positive, Negative and Cross Browser Testing.
• Experience in reporting the defects in Quality Center and JIRA.

TECHNICAL SKILLS

Routing Protocols: EIGRP, OSPF, BGP.

Windows Server: Windows Server, 2012 R2, 2016, Active Directory.

WAN Technologies: SD-WAN

Security Technologies: ISE (Identity Service Engine), FortiGate 300E, Forti Mail, Forti authenticator, Forti Analyzer Palo alto PA-3020, PA-500

CABLING: Fiber Optic Cables, CAT 5, CAT 6, CAT 3, Voice and Data Cabling, Crimping, installing and design.

Cisco Routers: Cisco 2500,2600,2800,3600,3945,7200,7600

Redundancy and management: HSRP, VRRP, GLBP

Layer 2 technology: VLAN, STP, RSTP, PVST+, MST, PVLAN, Optimizing STP (Port Fast, Uplink Fast, Backbone Fast, Root Guard, BPDU Guard)

Layer 3 Switching: CEF, MLS, Ether channel (PAGP & LACP, Load Balancing)

Scripting Languages: Python, Bash-shell.

PROFESSIONAL EXPERIENCE

Confidential

Senior Network Engineer

Responsibilities:

• Design, deployment and maintenance of security/network devices and datacenters of enterprise.
• Worked on configuration, maintenance and administration of Palo Alto PA 5020, PA 7050 Firewalls and migrating from Cisco ASA 5050 to Palo Alto 5020 in HA network.
• Have migrated more than 100 firewalls from PA to Cisco ASA.
• Experience with Palo Alto Migration Expedition tool to migrate cisco ASA, Juniper SRX, FortiGate, check point firewall to Palo Alto Firewall.
• Delivering high quality technical collateral for the aruba WLAN product line for customer, partner and Ses,
• Responsible for preparing and multi-system demo environments which is used by sales teams to demonstrate Aruba product and features for customers .
• Configuring Administrating Cisco ACS5.3 for Dot1x RADIUS authentication for Wireless users and TACACS for Device Administration.
• Having advanced knowledge in Cisco ASA 5000 series and PIX installation, configuration and maintenance
• Cisco MeetingPlace, Presence, Unity Connection, Emergency Responder, CUCM, UCCX, Enterprise Instant Messaging (Cisco Jabber)
• Install and configure Cisco Meraki (MR66, MR18) wireless Access points in the warehouses.
• Experience with Cisco Meraki wireless managed network infrastructure.
• Designed and Implemented Cisco Firewall (Firepower) Threat Defense System.
• Cisco 2600/2800/3600 Cisco 2950/2960 series switches, Cisco Routers 7000, 5300, 4000,2500, 3000, 2600, NAT, PAT, DHCP, DNS, OSPF, EIGRP, ASR, TCP/IP, LAN, WAN
• Knowledge of IP security implementation, multi-vendor IPS, URL filtering
• Deep technical troubleshooting on customer SD-WAN Edge connect device, Firewall Cisco ASA, Palo Alto
• Managing, configuring and upgrading CUCM 8.6 or higher, Unity Connections and Cisco Unified Enterprise Attendant Console
• Configure and setup the new Palo alto firewall from scratch level.
• Create and maintain overall system and support documentation within CUCM
• Configure User ID and User ID group mapping with using windows user id agent and create the policy to control flow of traffic with user name instead of IP.
• Experience with create custom APP ID using pattern signature with using Wireshark packet capture and create application override policy to control the unknown application traffic.
• Experience of managing different security profiles and Content ID which includes antivirus, anti-spyware, URL filtering with PAN DB, file blocking, Vulnerability, Dos Protection and Zone base protection profile.
• Citrix Patching, Security & Citrix Capacity and performance management Collaborate with service
• Expert knowledge of Contact Center design and implementation, integration/engineering of UCCX
• Tracking and documenting the server information connected to Cisco Catalyst, Nexus Switches, Cisco ACE load-balancers and BIG IP F5LTM. managers to provide client-facing support on IT diagnose and troubleshoot wireless, security, switching and other various network related issues reported by cisco meraki customers stay up to date on meraki features and technology by attending lunch and learns, participating in engineering and product team communication, and keeping up with enterprise and cloud networking trends.
• Hands on experience with Cisco ASA, Juniper, fortinet, meraki,. Work on technical problem identification and resolution, including responding
• Experience and knowledge of service provider solutions, SD-WAN and the demands of enterprise markets for services and connectivity.
• Configure site to site IPsec VPN Tunnel and large-scale VPN in Palo Alto firewall.
• Supporting, upgrading, and trouble-shooting Cisco Unified Communications Manager infrastructure
• Configure Global Protect VPN in Palo Alto using duel multifactor authentication.
• Testing for all phases like Unit, Integration, IOT, Feature, Performance and Services Experience with SSL Decryption including for SSL forward proxy (Outbound) and Inbound traffic.
• Configure Panorama M 500 from scratch and manage 700+ firewalls.
• Configured security rules and NAT rule to control the traffic flow.
• Experience with wildfire configuration
• Configuring Vlans, Self IP's& Routes on F5 load balancers.
• Worked with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Worked extensively on Cisco Firewalls, Cisco ASA 5500 (5510/5540) Series.
• Experience with converting PIX rules over to the Cisco ASA solution.
• Experience with autofocus for analyzing of threat and vulnerabilities in network.
• Configure Mine Meld to update externally for URL dynamic list.
• Deeply understanding framework of Palo alto firewall.
• Understand of call control and other voice related concepts
• High level experience of trouble shooting for Palo Alto firewall.
• Experience with Service Now Ticketing tool.
• Worked exclusively with several internal teams to help Launch the SD-WAN product.
• Experience with Tufin network security management tool to manage firewalls.
• Quality of Service (QOS) prioritized networking
• Worked on configuration and administration of cisco ASA 5050 firewall.
• Fluent is various versions of Cisco Voice products (Unity, Call Manager, UCCX, CER, Presence)
• Configure routes using OSPF and BGP on Palo Alto firewall as well as cisco ASA firewall.
• Have experience with Python Scripting to integrate with firewalls.
• Create different python script to create custom object and rules integrating with firewall API.
• Developed a python script, which will parse all trace files and calculate throughput, latency and drop rate.
• Well understanding and implementation experience on SDN technology, including PANW NSX and Cisco ACI.
• Experience in working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a flexible Access Solution for datacenter access architecture.
• Design and implement campus switch network with Cisco Layer 3 switches (3750, 4500, and 6500) in multi VLANs environment and inter-VLAN routing, HSRP, ISL trunk, ether channel.
• Design and implement Cisco ACI in datacenters, create a strategy that allows use of containers, cloud orchestration tools for end users and developers
• Day to day hands on VMware vRealize ESX 6.5 Administration like vMotion, Storage vMotion, Hyper-V and Maintenance of VM's include monitoring of ESX systems for Performance.
• Managed the F5 Big IP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
• Implement Cisco Works 2000 device to manage Cisco routers, switches, ASA firewall, Access Points, Concentrators.

Environment: App ID, User ID, Content ID, cisco ASA 5050, IOT,Global Protect, Expedition, Autofocus, MineMeld, SSL Decryption, Large scale VPN, security profiles, panorama, Tufin, ServiceNow, Python Script, PA 7K and 5K, Expedition, Gigamon.