SUMMARY

• 6 years of experience in network design, implementation, and support. Routing, switching, firewall technologies, system design, implementation and troubleshooting of complex network systems.
• Extensive knowledge with VLAN’s, Trunking, RSTP, SNMP, Ether Channels, HSRP, Port Security, ACL’s, QoS, Traffic Policing, Shaping, EIGRP, OSPF, NAT, PAT, Inspections, VPN’s, DHCP, WireShark etc.
• Expertise in installing, configuring, and maintaining Cisco Switches (2900, 3500, 7600, 3700 series, 6500 series) Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800)
• Hands on experience in configuring Cisco 2800, 2900, 3800, 3900, 4300 and 7200 Series routers.
• Working Knowledge of Cisco IOS, Junos & basic Nexus (7K, 5K&2K).
• Extensive experience in configuring and troubleshooting of protocols RIP v1/v2, EIGRP, OSPF, BGP and MPLS.
• Experience in testing Cisco routers and switches in laboratory and deploy them on site production.
• Strong hands - on experience on PIX (506, 515, 525, 535), ASA (5505/5510) Firewalls. Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
• Proficient in setting up IT infrastructure including wide area networks (WAN) local area networks (LAN), security management systems network device administration.
• Responsible for Check Point and Cisco ASA firewall administration across global networks.
• Hands of experience on AWS (Amazon Web Services).
• Expertise on complex Checkpoint, Cisco ASA & Palo Alto firewalls Environment.
• Has experience in working on cloud AWS cloud EC2, S3, RDS, Load Balancer, Auto Scaling with AWS command line interface and AWS python SDK.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Experience in physical cabling, IP addressing and subnetting with VLSM, configuring and supporting TCP/IP, DNS, installing and configuring proxies.
• Experienced in Cisco and Juniper design and implementation projects. Specific tasks include Integrated, Integrations, configurations, support and maintenance of routers and switches.
• Expertise in configuring and troubleshooting of Palo Alto, Juniper NetScreen & SRX Firewalls and their implementation
• Expertise in installing, configuring and troubleshooting Juniper Routers (J, M and MX-series)
• Experience in site-to-site and remote access VPN solutions.
• Experience working with Nexus 9k, 7K, 5K and 2K.
• Experience on F5 load balancers, its methods, implementation and troubleshooting on LTMs and GTMs.
• Worked extensively on Palo Alto, Juniper Net screen and SRX Firewalls.
• Experience working with Cisco IOS-XR on the ASR9000 devices for MPLS deployments
• IOS/JUNOS upgrade for Cisco & Juniper routers cum switches.
• Experience with Change management process and Project documentation tools like Excel and VISIO.

TECHNICAL SKILLS

Protocols & Standards: WAN, WLAN,VRF, VDC, TCP/IP, NAT, PAT, MPLS, GETVPN, GDOI, DMVPN, IPv 4, IPv6, VPN,L2TP, IPsec / ISAKMP, IKE, VoIP, VSS, OSPF, OSPFv3, EIGRP, BGPv4, VANs, ACLs, Layer 3, Switching, HSRP, GLBP, AWSLAN,VRRP, QoS, TACACS+, RADIUS, 80 2.1X, PKI, LDAP, POE

Cisco Platforms: Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series) Huawei AR Series Routers, Nexus7K, 5K, 2K & 1K

Juniper Platforms: M, J and MX Series Routers

Firewall: Cisco ASA/PIX/FWSM, Checkpoint (IP Series/NGX R65/IPSO), Palo Alto, Juniper NetScreen and Juniper SRX.

Load Balancers: F5 Networks (Big-IP/IQ)

Networking Protocols: OSPF, EIGRP, MULTICAST, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA

Security Protocols: IKE, IPSEC, SSL-VPN

Operating System: Windows 7/XP, Windows Server 2008/2003, Linux, Unix

PROFESSIONAL EXPERIENCE

Confidential, Alpheratta, GA

Network Security Engineer

Responsibilities:

• Work on Change Management for migration from Cisco ASA to Palo Alto
• Designed and implemented a secure instant messaging system in Python providing interface state changes on the devices to support team.
• Upgrading code on Palo alto firewalls PA 5050 Version 9.0 to meet company security policy
• Involved in configuring Palo Alto PA 7020 firewall from the scratch
• Installed and configured Palo alto images in AWS cloud
• Worked on Python scripting for network configuration and management.
• Telnet into Cisco router to configure and update interface, and subnet TCP/IPv4.
• Configured and installed Bluecoat Proxy SGs to a newly designed network scheme, from an inline perspective to a WCCP load balanced network layout.
• Configured F5 GTM solutions, which includes Wide IP, Pool Load Balancing Methods, probers and monitors.
• Evaluated Cloud Environment for AWS and enhanced availability and function for Dev teams by implementing VPN connectivity, which improved security and access to cloud resources.
• Worked on AWS to Corporate connectivity and AWS EC2, Auto scaling, NAT Gateways
• Used Visio diagram to support the verification of switches and servers in the DMZ.
• Manage the firewall deployment, rules migrations, and firewall administration.
• Migrated network from EIGRP to OSPF.
• Performed Level 3-4 troubleshooting and analysis of disaster recovery issues, security implementations, firewall configurations, vulnerability assessments, and intrusion detection and analyze, customer consultation.
• Demonstrated experience with IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols.
• Management of proxies, firewalls and F5 load balancers.
• Configuring IRules on F5 Load balancers.
• Meraki wireless, security and SD- WAN deployment and administration
• Used KIWI monitoring tool to troubleshoot network issues.
• Configure, update software, troubleshoot routing issues and maintain various enterprise network devices such as Cisco Nexus 9k's,7k', 6k's, 5k's and 2k's, Cisco Catalyst switches, Dell switches and Fortigate Firewalls.
• Worked on Next Gen Firewall features like Application and URL filtering, SSL Forward Proxy, SSL Decryption, Web-filter.
• Implemented VLAN, VTP domain, Trunking and Ether Channel on Cisco 5500 switches.
• Provided extensive Hardware/Software support for entire EX series/QFX/QFabric series of switching platforms
• Involved in deployment of Cisco ISE and Firepower as well as, created/modified necessary profiles that allowed authorized devices on the network.
• Configured and performed software upgrades on Cisco Wireless LAN Controllers 5508 for Wireless Network Access Control (NAC) integration with Cisco ISE.
• Build out and manage the Windows/VMware Virtual and Cloud Infrastructures and integrate them with Cisco ACI.
• Worked on multi-vendor load balancers including F5 Big IP LTM, Cisco ACE and VMware NSX between multiple centers.
• Focused on working with Cisco Channel partners to build practices around Cisco ACI.
• Implemented Cisco Application Centric Infrastructure ( Cisco ACI) as a solution for data centers using a Spine and Leaf architecture
• Worked with IPSEC VPN and B2B VPN design connection and protocols, IPSEC tunnel.
• Deployed SDN networks such as Cisco Meraki SDN solution using MX and MS routers and switches technologies.
• Monitoring and Troubleshooting the Meraki AP and Meraki Switches through Meraki Port al, Checking the configuration through Solarwinds, checking device utilization through Vital suite, and updating the tickets on ticketing tool Remedy.
• Upgraded with Nexus 9k, 7k and 5k switches to deal with the vulnerability issues.
• Coordinated with cloud team for working with OpenShift platform in managing Docker containers and Kubernates Clusters.
• Performed all maintenance tasks on the Nexus Switches, ASR Routers, F5 Load balancers Infoblox DNS and Cisco ACI.
• Worked on F5 BIG-IP Application Security Manager (ASM) web application firewall ( WAF), deployed in more data centers enterprise WAF with advanced firewall capabilities.

Confidential

Network Security Engineer

Responsibilities:

• Responsible in Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Configuring, testing, troubleshooting multiple vendor device platforms like Cisco routing and switching: Cisco ASR9010, ASR901, ASR903, Catalyst Cisco 7609, 2960, and Juniper routing and switching devices: MX960, MX 480 and SRX5200, ACX2200, ALU service aggregation router 7705 and 7750 service router.
• Manages Citrix NetScaler VPX load balancing, virtual servers, service groups, redirects, and URL filters.
• Administered Citrix NetScaler load balancers for Radius and web traffic.
• Networking includes rebuilding existing multicast network infrastructures. Technologies included Cisco Routers, Nexus switches, Juniper FWs, BGP, EIGRP, sparse mode multicasting, MSDP and IP PIM Anycast.
• Install, Configure and Upgrade Palo Alto appliances in the network and build high availability using ClusterXL on Palo Alto, Active/Standby on Cisco
• Responsible for installation, troubleshooting of Palo Alto Network Firewall wall and LAN/WAN protocols Implementing firewall rules and configuring Palo Alto Network Firewall
• Worked on Multi-vendor platform with Palo Alto and Cisco firewalls requesting net flow for security compliance, coding, and pushing firewall rules after approval and troubleshoot incidents.
• Implemented Contracts, Multi-tenants between Endpoint groups using SDWAN in ACI.
• Security policy review and configuration in Palo Alto and Juniper SRX Firewall in Datacenter.
• Troubleshooting of CISCO routers like ping, trace route and basic issues.
• Configured Splunk on AWS VPC that collects and indexes log messages, analyses them to deliver real time operational intelligence anywhere across the organization
• Ensuring connectivity and communication among networks, servers and clients inside and outside department.
• Implementation, Configuration and Support of Checkpoint (NGX R65, R70, R71, R75 and R77), Juniper Firewalls (SRX5400, SRX5600and SRX5800), Cisco Firewalls (ASA 5505, 5506-X, 5585), Palo Alto Networks Firewall models (PA-2k, PA-3kand PA-5 k).
• Experience in creating multiple policies and pushing them into Checkpoint Firewall (Gateways) and hands-on experience in managing the Checkpoint Management Server and Gaia operating system
• Coordinated with cloud team to work with building Kubernates run time environment of the CI/CD system to build, test and deploy in an open source platform.
• Upgraded and updated Cisco IOS and SD- WAN device OS.
• Worked on Next Gen Firewall features like Application and URL filtering, SSL Forward Proxy, SSL Decryption, Web-filter, SD- WAN in Palo Alto firewalls.
• This global role helped expand my expertise into other areas such as Cisco UCS, Cisco ASA, and VMware NSX.
• Migration from Checkpoint firewall to Palo Alto firewall
• Troubleshoot of LAN, WAN networking issues using Wireshark, Netflow and other advanced tools and methodologies.
• Automated network implementations and tasks and designed monitoring tools using Python scripting.
• Designed, Installed and configured Aruba Wireless network in an HA environment using AGN 125 access points with 802.1X authentication.
• Responsible for distributed applications across hybrid AWS and physical data centers.
• Configured multicast groups and QoS.
• Dealt with Infoblox traffic control products to simplify DNS load balancing operations.
• Worked extensively with Infoblox, QIP, Cisco Prime Infostructure, Spectrum, Cmdb, Telnet, modem access, Putty/Super Putty.
• Experience in performing wireless site surveys using Airmagnet software.
• Upgraded multiple Meraki Firewalls, Switches and Access points to their latest stable version.
• Implemented site to site VPN in Juniper SRX as per customer.
• Configuring & managing around 500+ Network &Security Devices that includes Cisco Routers & Switches, Nexus Switches, Juniper and Palo Alto Firewalls, F5 Big IP Load balancers, Blue Coat Proxies and Riverbed WAN Optimizers.
• Implementing Security Solutions using PaloAltoPA-5000/3000, Cisco 5580/5540/5520 , Checkpoint firewalls R70, R75, R77.20Gaia and Provider-1/MDM.
• Configuration and administration of firewalls, which includes Checkpoint firewalls.
• Operations and management of company LAN, WAN, and wireless networks, including routers, switches, Access Points, Firewalls and other network i.e. Riverbed, Bluecoat, F5 LTM/GTM.
• CManaged firewall using fortigate to allow or block IPs, created policies added different interfaces and VLANs.