SUMMARY

• Network & Security Professional with 10 years of experience in Designing and troubleshooting LAN, WAN, MPLS in Branch, Campus and Data Center environments.
• Experience in Wireless LAN (IEEE 802.11) and deployment of light weight access point.
• Extensively exposed to troubleshooting, maintaining devices and migration of technology.
• Efficient use of Microsoft VISIO/Office for technical documentation and presentation tools.
• Exposure to LAN/WAN setup, installation, configuration and troubleshooting
• Experience with routing protocols like EIGRP, OSPF, RIP, BGP and IP addressing,
• Experience in Troubleshooting connectivity and hardware issues on Cisco Networks.
• Experience in L2/L3 protocols like VLAN, STP, ISL, MPLS and Trunking protocols.
• Proficiency in Cisco Routing, Switching and Security with strong Cisco hardware/software experiences with Cisco Routers such as 1900, 2900, 3900, Cisco ASR - 1k/9k, Cisco ISR 2900, 3900, 4000 series, Cisco Multilayer Switches 4500, 6500, Cisco CRS 4/8 CRSx, Cisco Nexus 2k/5k/7k/9k, Cisco/Meraki Wireless, Confidential 2920, 3500, A5000 Series and Juniper: M320, MX80, MX480, MX960 and EX4200, EX8200 switches, F5 Networks. Palo alto Networks.
• Experience in set up, configuration and management of Cisco ASA Firewall in various domain such as Internet, DMZ, Business-Partner, Remote-Access VPN etc.
• Experience in creating DAP Policies on Cisco ASA for Remote-access users and Creating IPSEC tunnel on ASA with Business Partner Firewall.
• Multicast: PIM-DM,-SM,-BIDIR,-SSM, MSDP
• QoS: Policing, Shaping, H-QoS, LLQ, SRR, WRR, CBWFQ
• MTA Security Fundamentals, MTA Server Fundamentals, MTA Operating System Fundamentals, MTA Networking Fundamentals.
• Experience in configuring and Troubleshooting BIG-IP F5 load balancer LTM,GTM
• Have Experience in Global ITIL Network Support.
• Good knowledge in F5 and Cisco ACE, Citrix Netscaler 10, load Balancing.
• Creating Virtual Servers, Nodes, Pools and iRules on BIG-IP F5 in LTM module.
• Experience in Layer 3 Routing protocol configurations: RIP, EIGRP, OSPF, BGP, & MPLS.
• Experience in Layer 2 Routing protocol configurations: ATM/FRAME RELAY, IP services such as QoS and VPN technologies: IPSec & SSL.
• Implemented MPLS/VPN services for various customers
• Experience in configuring and troubleshooting vPC on Cisco Nexus-5k for downstream FEX and Servers.
• Experience in configuring VLANs, STP, VTP, PVST and 802.x authentication in access layer switches.
• Strong knowledge of HSRP, VRRP Redundancy Protocols in high availability environment.
• Experience with different Network Management Tools and Sniffers like SNMP, Confidential -Open view, and Cisco works to support 24 x 7 Network Operation Center.
• Worked extensively in Designing, Implementing & Managing LAN, WLAN & WAN solutions for different client setups. In-depth knowledge and experience in WAN technologies including T1, T3, ISDN, HDLC, Point to Point, ATM & Frame Relay.
• Experience in Physical cabling, IP addressing & subnetting with VLSM, configuring and supporting TCP/IP, DNS, installing and configuring proxies.
• Access Control Server configuration for RADIUS & TACACS+.
• Ability to Install, Manage & Troubleshoot Large Networks & Systems Administration on Windows & Linux platforms in Development, Staging, Lab & Production Environments.
• Strong Experience in using various tools for management, analyzing, troubleshooting, monitoring & process automation in Lab & Production environment.
• Highly valuable Project Management and Operations Planning skills.
• Good knowledge in WAN Technologies, ACL, NAT/ PAT, Ether Channel, IPSEC and VPNs.
• Enhanced level of knowledge in PPP, ATM, T1 /T3 Frame-Relay.
• Expertise in implementation and troubleshooting of protocols such HSRP, VRRP, GLBP, RSVP ACL.
• Extensive knowledge in different networking protocols DHCP, DNS, FTP, VOIP (SIP, H.323, MGCP),
• Knowledge of Terminal Server, Firewalls, Standard/ Extended ACL, Distribute-Lists.
• Work closely with Customers in determining the business needs for a Project and build Detail design which includes Data Flow diagram, Logical and Physical Diagram
• Perform Design, Implementation & Change Control Script review across organization
• Continually update understanding of business and technology status and objectives and respond to strategic design requests as the business evolves
• Constantly Monitor & Analyze Network Performance to detect problems and find ways to improve the Network
• Perform analysis and diagnosis of highly complex networking problems in the Data Center Environment
• Build simulated networks in test labs to resolve highly complex problems and compatibility issues
• Involved in various POC to test drive new Products/Technologies that would Value add to our Data Center Operation
• Implementing security policies using ASA 55XX Firewall as well as Fortinet firewall,IPS/IDS, AAA Security (TACACS+, RADIUS) on different series of routers
• Extensive experience with Cisco IOS, NX-OS, IOS-XR, JunOS, Windows client/server operating systems, Linux, Networking technologies, Firewalls.
• Maintenance of existing network for day to day activities like link utilization and traffic monitoring.
• Experience in implementation, support and trouble shooting of VLAN’s including operational knowledge of spanning tree protocol (STP),VLAN trunking, inter VLAN routing and ISL/802.1q.
• Working experience with Natting techniques on firewalls such as Cisco ASA, Juniper SRX.
• Understanding of Python scripts for system automation, monitoring and security reporting. Maintain existing Perl scripts and migration existing Perl scripts to Python.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500 with ACL, NAT, Object Groups, Failover, Multi-Contexts
• Experience with Cisco IOS, Cat OS, Cisco IOS XR and JUNOS
• Planning, Designing, Installing, Configuring of Cisco 6500, 4500, 2900, 3500, 3750 XL series switches, Cisco 1800, 2500, 2600, 2800, 3600, 3800, 7200 series Routers.
• Expertise on JUNOS OS, J Series, M Series, MX Series.
• Strong experience in configuration and troubleshooting of routing protocols PPP, RIP, EIGRP, BGP, OSPF, HSRP, IPX, IP, IGMP, QoS, 802.1q and SNMP with excellent documentation skills.
• Extensive working experience of VLANs, Ether channels, Spanning tree protocol and HSRP.

TECHNICAL SKILLS

Routing: ISIS, OSPF, EIGRP, BGP, RIP, PBR, Route Filtering, Redistribution, Summarization, Static Routing, GSR, CRS1 and CRS3

Switching: LAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing &Multi-Layer Switch, MPLS

Transparent Bridging Routers: Juniper MX80, MX240, MX 480, MX960, ACX 1000, M120, Cisco 2620, 2901, 3925, 3945E, 7201, 7613

Switches: Juniper EX2200, EX2500 Cisco Catalyst 2232, 2960, 3560, 5596, 6509-E, 9300, 9500. Nexus 2232, 5596, 7009.

Network Security: Cisco ASA 5540, ASA 5525x, ACL, IPSEC.

Load Balancer: F5 Networks (Big-IP) LTM 6400, 1600.

LAN: Ethernet, Fast Ethernet, Gigabit Ethernet

WAN: PPP, HDLC, Channelized links (E1/T1/E3/T3), Fiber Optic Circuits, Frame Relay

Gateway Redundancy: HSRP, VRRP, GLBP.

Various Features: IOS and Features, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP, FTP& services

AAA Architecture: TACACS+, RADIUS, Cisco AC

Network Management: Wireshark, SNMP, Ethereal, EMC Smarts

Operating Systems: Windows (98, ME, 2000, XP, Server 2003/2008, Vista, Windows 7)

PROFESSIONAL EXPERIENCE

Confidential, Bethpage, NY

Network Engineer

Responsibilities:

• Testing, certifying and planning the implementation of all video infrastructure hardware, software and architecture as it pertains to existing and new components for provisioning linear video architecture and device including QAMs, DCMs, Encoders, EAS, Antennas, STB, CPEs, WIFI, cable modems, etc.
• Testing and troubleshooting cable modems based on DOCSIS upstream and downstream specifications to ensure proper network functionality.
• Testing and troubleshooting modems, switches, routers and gateways based on Network protocols, TCP/IP protocol, UDP protocol, TR-69 etc, IP telephony etc.
• Testing and troubleshooting various issues related to Customer Premises Equipment (CPE), WIFI and Set-top boxes to optimize network performance.
• Troubleshooting software development and quality assurance issues to make sure the network is functional and optimal.
• Troubleshooting with automated testing tools, scripting, Agile/Scrum development processes to fix network and performance issues.
• Plan, test and troubleshoot security measures to protect data, software and hardware to ensure network security.
• Code new development and maintain existing systems to maintain data security, monitor data files, regulate access, perform backups and recovery operations.
• Provide oversight and resolution of network connectivity and software issues for local and remote users.
• Diagnose, troubleshoot and resolve hardware, software and other network & systems problems, replace defective components as necessary.
• LAN/WAN administration, performance of hardware builds, set up offsite backup and testing systems, set up security measures and ensure compliance.
• Automate Router certification process using open source tools like Python, Ansible and Dockers.
• Automation of WiFi performance tests using Python and REST API’s.
• Developing backend applications for Cable modem certification using Python Flask Framework.
• Involved in troubleshooting large scale enterprise IP telephony, VOIP networks.
• Experience working on Riverbed Netplanner.

Confidential, Atlanta, GA

Network Engineer

Responsibilities:

• Worked as a point of contact for the build team to help them build the servers and address the concerns they had about network connectivity, troubleshooting, maintenance and design. Designed and deployed new switches to accommodate the expanding network, upgraded existing switches, updated IOS images to accommodate the new capacities and made necessary configurations.
• Worked on analyzing various packet captures to determine network performance issues, congestion, latency and Qos issues using wireshark tool.
• Worked on deploying Gigamon as an alternative to the network traffic aggregation tool ANUE.
• Worked on migrating the maps, connections and the traffic flow from ANUE to the gigamons.
• Worked on the administration, troubleshooting, updating and maintaining the Gigamon applicances.
• Responsible for the administration of the Sophos Reverse proxy appliances by performing troubleshooting, maintenance, updating and upgrading and HR redundancy testing. Responsible for defining network traffic policy and user access to Sophos appliances.
• Acted as the subject matter expert for Sophos and implemented it as a reverse proxy solution for HTTP, HTTPS traffic for Office 365 migration.
• Worked on designing, rebuilding and deploying Cisco ISE (version 2.1) compliant to Cisco production standards and according to the requirements of the expanding network.
• Responsible for the administration of Cisco ISE authentication appliances by performing troubleshooting, maintenance, updating and upgrading the firmware. Responsible for adding network devices and network users to ISE for authentication purposes. Performed DR (Disaster Recovery) testing for determining the proper working of the ISE appliances in case of a disaster scenario involving data loss.
• Responsible for adding backup/ repository servers to ISE according to audit compliances.
• Working on a project to update Cisco ISE to version 2.3 from 2.1.
• Responsible for the administration of RSA authentication manager engine by performing troubleshooting, maintenance, updating and upgrading the firmware. Responsible for adding network users and devices to RSA for authentication purposes via RSA tokens and keys.
• Worked on implementing Cisco Anyconnect VPN client to enable certificate based authentication (in addition to the two factor authentication) to access the existing corporate VPN using Cisco ASA 5525x series firewalls.
• Worked as a point of contact for Atlanta Embassy Row and concourse datacenters for installing, troubleshooting, upgrading and maintaining various customer equipment, cabling, servers etc.
• Worked on deploying two new MDFs in a Campus network. Was involved in deploying Cisco Catalyst 9300 and 9500 switches in stack configurations to accommodate data connections, wifi and audio.
• Worked on routing/switching, switch replacement, configuration changes and other general routing/switching.
• Installed, configured and updated various Confidential owned Cisco devices to facilitate LAN and WAN connection.
• Provided On Call support to troubleshoot network connectivity to resolve issues that happen off hours.
• Worked with Load Balancing team in a project to migrate from Citrix Netscalers to F5s by providing network support, troubleshooting, configuring and deploying new switches to accommodate their new builds.
• Replaced aging Cisco ASA firewall architecture with next gen Palo Alto appliances serving as firewalls and URL/ application inspection; configured and troubleshot issues on Checkpoint R77.10 Gaia, Cisco ASA 5540 and Checkpoint environments.
• Experience working with Arista networking devices such as 7150 series switches, 7300X series modular switches in datacenter setting. Experience with Arista Cloudvision.
• Experience working as part of a team in setting up Bluecoat proxy SG server for office and remote users, integrating it to existing solutions and deploying it.
• Experience with Ansible and its networking modules.
• Experience implementing Cisco ACI in datacenters.
• Worked on migrating data center from network centric model to application policy model infrastructure.
• Worked on migration from classic architecture to Spine/leaf for ACI support.
• Experience working with Riverbed for network performance monitoring and WAN optimization.

Confidential

Network Engineer

Responsibilities:

• Involved in the implementation of Data Center Migration from the Warrenton site to Ashburn site and assisted with the consolidation of multiple data centers
• Conducted planning, network design and implementation to meet network requirements for the design and build of the data center and national wide networks
• Configured and deployed various Cisco routers, Cisco Nexus Switches, Juniper SRX and Cisco ASA firewalls in the data center environment
• Installed, configured and troubleshot various Cisco routers and switches including Cisco Nexus (9k, 7k, 2k and 5k) and Catalyst switches (3750, 3850)
• Designed and implemented MP-BGP and MPLS LDP
• Installed and configured VPN backup routers in several sites to create WAN redundancy
• Implemented DMVPN phase 2 as part of WAN backup
• Providing support for network connectivity or related network issues
• Analyzing network activity and network problems to discover and prevent systematic errors, recommending and performing network design changes/ enhancements for improved systems availability and performance
• Enabled STP attack mitigation (BPDU guard, Root guard) using MD5 authentication for VTP
• Troubleshooting, escalation management and resolving of the network issues
• Analyzing, recommending and performing implementation of software or hardware changes/ enhancements to rectify network deficiencies and to enhance network performance
• Ensuring planned testing activities are performed and technical criteria are met
• Deploying of VLANs, port and IP allocations and planning on ASR 9k, Nexus 7k, 5k, 2k and its downstream devices
• Experience with Load Balancing on Cisco ACE and F5
• Administration of ASA firewalls in the DMZ and FWSM in the Server Farm to provide Security and Controlled/ restricted access
• Designed, maintained and troubleshot ACL rules to fit the need of the customer
• Worked on the Configuration on BIG IP (F5) Load balancers and also monitored the Packet
• Flow in the Load balancers
• Created Virtual Servers, Nodes, Pools and iRules on BIG-IP F5 in LTM module
• Implementation and Configuration (Profiles, iRules) of F5 Big-IP LTM-6400 load balancers
• Configuring, upgrading and verifying the NX-OS system
• Design and configuration of OSPF, BGP and static routing on routers and firewalls
• Experience in set up, configuration and management of Cisco ASA Firewall in various domain such as Internet, DMZ, Business-Partner, Remote-Access VPN etc.
• Experience in creating DAP Policies on Cisco ASA for Remote-access users and Creating IPSEC tunnel on ASA with Business Partner Firewall
• Experience working with Cisco Firepower 4120 and FirePOWER 7030 as a Next Gen IPS (NGIPS) with integrated URL filtering and Malware protection
• Designed, deployed and maintained Cisco Sourcefire Next gen Firewall and IPS with 10 firepower sensors and fire sight management console
• Found vulnerabilities in the network using Cisco NIDS and created security policies to avoid and detect network intrusions
• Extensively used Imperva SecureSphere tool extension to comply HIPAA audits
• Experience working on Cisco IDS Device Manager and IPS Device Manager (IPS 7.1)
• Experience working on IDS for traffic monitoring and evaluation
• Experience working on Intrusion Prevention systems such as NIPS and HIPS for traffic evaluation
• Configured, maintained rules on Palo Alto firewalls such as PA-3060 for Application and URL filtering, IPS; implemented zone based firewalling and security rules.
• Experience with Red Hat Enterprise Linux 7.2 (RHEL)
• Supported global customers with customized RHEL configurations and troubleshooting through our global queue system
• Worked on Checkpoint software blades

Confidential, Sterling, VA

Network Engineer

Responsibilities:

• Was involved in the implementation of Data Center Migration in the Sterling site and assisted with the consolidation of multiple data centers
• Acted as the point of contact for the Sterling site, handled all installations, ISP connections, helped with configuration, setup and testing of all devices such as Cisco Catalyst switches (3750, 3850), Cisco routers (4800, 3800, 3600 etc.), Cisco switches (2900, 6500, 3700), Cisco Nexus 7k, 5k, 2k & ASR 1k, 9k, Juniper SRX and Cisco ASA firewalls
• Configured, maintained the Routers and Switches and implemented BGP, OSPF, EIGRP routing protocols and troubleshot remote infrastructure management offices in different locations nationwide
• Troubleshot and escalation management of day-to-day issues for offices; managed co-location and Datacenter infrastructure in North America
• Analyzed customer application and bandwidth requirements, ordered hardware and circuits, and built cost effective network solutions to accommodate customer requirements and project scope
• Configured Client VPN technologies including Cisco’s VPN client via IPSEC
• Built site-to-site IPSec VPNs over Frame-relay & MPLS circuits on various models for Cisco routers to facilitate adding new business partners to new and existing infrastructure
• Experience with design and implementation of Data Center migration
• Administered multiple Firewall of Juniper SRX in a managed distributed environment
• Experience working with design and deployment of MPLS Layer 3 VPN cloud, involving VRF, Route Distinguisher (RD), Route Target (RT), Label Distribution Protocol (LDP) and MP-BGP
• Designed and deployed MPLS traffic engineering and was involved in devising strategies for the expansion of the MPLS VPN network and the implementation of it
• Designed and deployed MPLS QOS and MPLS multicasting to suit company requirements
• Configured BGP in the data center environment to be used as part of the WAN environment by manipulating the BGP attributes
• Performed IOS upgrades on various Cisco routers and Catalyst switches (3750, 3850)
• Deployed and distinguished VLANs on core ASR 9k, Nexus 7k, 5k, 2k and its downstream devices
• Worked on RHEL 7
• Configured, upgraded and verified the NX-OS operating system
• Configured Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000
• Worked on Juniper environment including SRX/Junos Space
• Configured OSPF, Static routing and BGP on Juniper routers and integrated them with the core infrastructure
• Configured VLAN, Spanning tree, VSTP, SNMP on EX series switches
• Designed and configured OSPF, BGP on Juniper routers and SRX firewalls
• Configured and implemented Access lists (ACL) on Cisco ASA and Juniper SRX (210, 550) series firewalls
• Hands on experience on all software blades of checkpoint firewall.
• Hands on experience on Palo Alto firewalls.
• Moderate knowledge in configuring and troubleshooting Aruba and Cisco Wireless Networks: LWAPP, WLC, Standalone APs, Roaming, Wireless Security Basics, IEEE 802.11 a/b/g, RF spectrum characteristics
• Experience working on Cisco Sourcefire IPS and IDS Device manager IDS 4.0
• Experience working on Cisco ASA IPS module