PROFESSIONAL SUMMARY

• CCNA CCNP certified professional with 8+ years of experience in routing, switching, firewall technologies, systems design, and administration and troubleshooting.
• Expertise in configuring and troubleshooting of PIX, ASA, Palo Alto, Juniper Net Screen, Fortinet & SRX Firewalls and their implementation
• Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Implemented security policies using Palo Alto PA-500, PA-2020, Check Point Firewalls R75, R77.20 GAIA, ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS), VTP.
• Worked with Cisco, Palo Alto, Juniper,Splunk, Force point, Nessus, Stealth watch, Checkpoint, Zscaler and other vendors to provide a stable, high-speed, securenetwork.
• Experience with tunneling methods like GRE/mGRE, DMVPN, IPsec, L2TP, ezvpn, IKE v1 and v2 remote vpns.
• Hands-on experience of various layer 2 transport protocols including ATM & Frame Relay and MPLS, 2547bis VPN, RFC 4364, VPLS.
• Hands on experience in configuring Cisco Catalyst and Cisco Switches series, Cisco Routers, Nexus series switches, Load Balancers & Cisco Firewalls, ASA Firewalls and Cisco ACE load balancers
• Moderate knowledge in configuring and troubleshooting Wireless Network: Net gear, Wireless Security Basics, IEEE 802.11 a/b/g, RF spectrum characteristics as well as WAN testing.
• Good knowledge in scripting languages like TCL/TK, Perl and Python.
• Experience in configuring and troubleshooting BIG-IP F5 load balancer LTM creating virtual servers, nodes, pools and iRules on BIG-IP F5 in LTM module.
• Knowledge on F5’s BIG-IP Application security management and Edge Gateway Solution.
• Hands on experience in configuring Cisco Nexus 7K, 5K,2K,1K and worked on nexus protocols VPC, VRF, VDC and FEX Links.
• Experience with various LAN and WAN technologies and protocols like: - TCP/IP, VLAN, VTP, RIP, STP, EIGRP, OSPF, BGP, IKE/IPSec VPNs, NAT, PAT, DNS, MPLS, SONET, deployment of DWDM and access list.
• Well experienced in configuring HSRP, GLBP, ICMP, UDP, PPP, PAP, CHAP and SNMP.
• Good knowledge of VMware Networking concepts like creation of vSwitches, VMware ESX/ESXi, VMware vCenter, VMware vCSA and Windows 2008 R2 Hyper-V, vCenter 6.0 server.
• Experience with virtualized ISE deployment across two network enclaves.
• Extensive knowledge with VLAN’s, Trunking, RSTP, Ether Channels, HSRP, Port Security, ACL’s, QoS, Traffic Policing, NX-OS, IOS/XE, VMware NSX, DHCP, Infoblox, Wireshark etc.

TECHNICAL SKILLS

Networking Concepts: Access-lists, Routing, Switching, Subnetting, Designing, CSU/DSU, IPSec, VLAN, VPN, WEP, WAP, MPLS, Bluetooth, Wi-Fi

Cisco Platforms/Other platforms: Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series), SRX, MX, EX Series Routers and Switches, Nexus 7K, 5K, 2K & 1K

Networking Protocols: RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, VoIP, SIP, CDP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA, Cisco ACS.

WAN technologies: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET

LAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channel, VLANS, VTP, STP, RSTP, 802.1Q

Firewall: PIX Firewall, ASA Firewall, Palo Alto, Checkpoint, Juniper SRX

Network Tools: Solar Winds, SDM, Infoblox, WiresharkLoad Balancers: A10 Networks(AX2500), Cisco CSM, F5 Networks (Big-IP)

Security Protocols: IKE Version 1 and 2, IPSEC, SSL-VPN

Operating System: Windows 10,8,7/XP, MAC OS X, Windows Server 2008/2003, Linux

PROFESSIONAL EXPERIENCE

Confidential, Minneapolis, MN

Network Security Engineer

Responsibilities:

• Experienced in installation, configuration and maintenance of Cisco Router, Catalyst Switches and Firewalls.
• Planning, Designing &implementing various solutions in distributed environment using Checkpoint, Cisco PIX & ASA, Juniper NetScreen and Palo Alto NGFW.
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering). Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.
• Successfully installed Palo Alto PA-3060 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• Experience working with Juniper devices like EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX650, SRX240
• Worked on Check Point Firewalls NG, NGX, R61, R65, R70, R75, R77, R77.20 GAIA and Palo Alto PA-500, PA-2020
• Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, ISA, AAA (TACACS+ & RADIUS).
• Troubleshoot and worked with security issues related to Cisco ASA/PIX, Checkpoint, IDS/IPS and Palo Alto firewalls.
• Addition and removal of services from virtual server configuration on citrix netscalar load-balancer
• Configured Access-Control Lists (ACL’s) to Allow or block users to access different applications.
• Configuring rules and Maintaining ASA Firewalls & Analysis of firewall logs using various tools
• Planning and executing changes and upgrades to the operating systems of servers directly supporting firewall components and functionality.
• Experience in Rule analysis, Rule modification on firewalls.
• Responsible for configuring firewall rules in between DMZ’s, from external vendors to the systems in DMZ’s for TDQ (Test, Development & Quality Analysis) as well as production Environments.
• Planning, designing and implementation of moving multiple DMZ’s on FWSM’s to ASA’s by creating Multi-Context Environments on the ASA.
• Troubleshooting on various vendor devices like A10 Load Balancers, F5 LTM & GTM, Cisco ACS.
• Implementing VPN connections using Checkpoint, ASA, Cisco PIX, and Cisco Routers using site-to-site VPN’s.
• Create S2S VPN with our own offices and various clients using Juniper SRX firewalls or Cisco ASA.
• Maintained BIG IP F5 APM VPN and provided solutions for intricate issues and configured WIDE IP and WIDE IP pool on F5 GTM’s to support load balancing between data centers.
• Implemented and managed remote access programs including Cisco Any Connect, Site-to-Site VPNs for business partners, IPSEC for remote management.
• Configuring IPSEC VPN on SRX series firewalls and site-to-site VPN connection between Cisco VPN 3000 Concentrator and Cisco 3800
• Configured F5 Big IPs with VIPs, Pool, IRules and SSL certificates to ensure traffic was load balanced. Tested end to end connectivity via firewalls, routers and switches.
• Deploying ISE Wired and Wireless Authentication, Authorization and Accounting.
• Responsible to provide design, consulting and implementation documents to support ISE security services to the client.
• Provided technical support for full setup, debugged the problems of OSPF, switching and HSRP.
• Switching related tasks included implementing VLANs, VTP and configuring and maintaining multi VLAN environment and inter-VLAN routing on Fast-Ethernet channel.
• Worked through Aruba and Cisco WLAN and Controller config files to help Admin with WLAN troubleshooting.
• Managed Cisco call manager, Cisco Voice Mail Unity servers. Worked with in Cisco Routing and switching background w/QOS.
• Designing and developing IPAM solution based on client requirements in InfoBlox deployed space.
• Developed and implemented Infoblox blox tools techniques to augment service delivery.
• Migrated physical machines to virtual machines (P2V) and virtual machines to virtual machines (V2V) using VMware converter and vCenter guided consolidation.
• Configuring and modifying the KVM (Kernel-based Virtual Machine) environment in the LINUX OS and setting up a shared drive for the KVM users to share resources with the LINUX platform.
• Configuration the access-list rules, network object-service group based on well-known port the port i.e. FTP/SFTP, SSH, HTTPS/HTTPS (SSL).
• Maintaining and updating inventory using Network Management Application layer software’s like SNMP, Wireshark, NTP, and Syslog.
• Created DHCP configurations and converted subnets in preparation for split of environment.
• Provided DNS engineering support to DNS Architect and DNS team.
• Configured and managed Networking and Network Security by performing system administration / analysis that includes installing/configuring proxies, DNS, IP addressing scheme & IP subnetting with VLSM, configuring VLANs & Trunks.
• Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network.
• Production environment experience consisting of Global load balancing, local load balancing, SSL acceleration, HTTP compression/caching, and DNS.
• Monitoring Python scripts run as daemons in the UNIX/Linux system background to collect trigger and feed arrival information. Helped calculating SLA misses.
• Installation and maintenance of Windows NT and 2000/2003/2008 DNS, DDNS, DHCP and WINS Servers for the DOMAIN.

Environment: Cisco Routers (4451, 3845, 3900, 2800, 2600, 2900, 1800, 1700, 800),Netscreen SSG5, Netscreen 204, Netscreen SSG 320, switches (6500/3750/3550 4500/2950), F5 Load balancing (LTM, GTM, APM, AFM, ASM), EIGRP, RIP, OSPF, BGP, VPN, MPLS, Ether Channels, Cisco Catalyst Switches, Firewalls (5585, Palo Alto), Cisco Voice (CCM, UCCE), Shell Scripting.

Confidential, Dallas, TX

Network Engineer

Responsibilities:

• Worked as a part of network team where my daily tasks included configuring, monitoring and troubleshooting of TCP/ IP networks.
• Responsible for configuration, maintenance, and troubleshooting of dynamic routing protocols: BGP, OSPF & EIGRP (route redistribution, distribute lists, route-maps, offset-lists, prefix lists, route summarization, route-feedback, BGP attributes) on Cisco Routers 7613, 7201, and 3945E.
• Working knowledge of frame relay, MPLS services, OSPF, BGP and EIGRP routing protocols, NAT, NAC product sub-netting, also including DNS, LDAP, DHCP, http, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, STP (Spanning tree Protocol), RTSP & Multicasting protocols.
• Create, assign and provide IP and DNS records for server and application teams using Microsoft DNS server and Infoblox Grid Manager.
• Configured DHCP scope into Infoblox for new sites which includes subnets for wireless, voice, security and data and use to fix the ip address with particular Mac address
• Applied current licenses and performed software upgrades for Infoblox Switch Port Manager.
• Designed, Implemented and Troubleshot Cisco 3750, 3550, 3560, 2924, 6509-V-E, 6513, 6504, 6503, 6506, 6500 series switches.
• Installed, configured and managed Cisco routers such as 7200 series, 3800 series, 3700 series, 2800 series and Cisco Catalyst switch series 6500, 4500, 3500, and 2900.
• Performed support, configuration, testing and documentation for ISE rollout which includes making configuration changes in access and distribution layer switches, wireless controllers and ISE nodes.
• Provide ISE deployment services for migration of users from Cisco NAC to Cisco ISE platform.
• Upgraded the data center network environment with Cisco ASA 5520. Configured ACL's on Cisco Switches as well as configured routers as terminal servers.
• Experience working with Juniper devices like EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX650, SRX240 and Juniper J series j230, M 320 and MX960 routers
• Experience in design, implementation, and support of F5’s Big-IP Access Policy Manager (APM) software component in a complex enterprise environment
• Experienced on working with Palo Alto Next Generation firewall with security, networking, and management features such as URL filtering, Anti-virus, IPsec VPN, SSL VPN, IPS, Log Management etc.
• Adding and removing checkpoint firewall policies based on the requirements of various project requirements.
• Implementing 3750 Stackable switches using Cisco Stack Wise technology. Experience to review, evaluate current and future design issues as required maintaining network integrity, efficient data flow.
• Worked on Layer 2 protocols such as STP, VTP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment
• Involved in designing and implementing QOS and policy map to 2800 series routers for all the branches
• Experience with Branch Relocation: Connect workstation, servers, etc. Rack and stack Pre-configured new hardware and connect the circuits
• Exported data to facilitate creating separate DNS database and contributed in the design of structured DNS naming and IP addressing standards.
• Performed IP address planning, designing, installation, configuration, testing, maintenance, and troubleshooting in complete LAN, WAN development.
• DNS name resolution Moves, Adds, Changes and Deletions (MACD) and updating of DNS ISP infrastructure through zone transfers.
• Performance monitoring and tuning for ESX Servers, Virtual Center Server and Virtual machines.
• Local and remote KVM management for the servers.
• Extensively worked in backend development using Python.
• Performing network monitoring, providing analysis using various tools like WireShark, Solarwinds etc.
• Involved in operations and administration of WAN consisting Ethernet Handoffs, T1, DS3, and Optic Fiber Handoffs.
• Supported EIGRP and BGP based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations.

Environment: In Corporate office architecture with highly reliable & secured network including Cisco routers (7200, 3800, 2800) and Cisco switches (6500, 3700, 4900, 2900), Nexus (7K, 5K & 2K) Routing Protocols (EIGRP, OSPF, BGP), Switching protocols (VTP, STP, GLBP, HSRP), Cisco PIX (525, 535), ASA (5505, 5510), F5 Load balancing (LTM, GTM, APM, AFM, ASM), Checkpoint, Palo Alto, Load balancers.

Confidential, Portland, OR

Network Security Engineer

Responsibilities:

• Working as Network Security engineer supporting Cisco routers, switches, Net screen Firewalls, Bluecoat proxy servers and BIGIP load balancers.
• Remediation of firewall rules from checkpoint firewalls to Cisco ASA firewalls, installing and configuring new juniper EX, MX, SRX series firewalls to meet day to day work.
• Deployed Palo Alto Firewalls for web filtering and application control.
• Provide post breach firewall analysis on checkpoint R77.10 gain, Palo Alto firewalls to recommend two-factor authentication solution.
• Designed and Deployed F5 LTM, GTM, APM, AFM, ASM Solutions.
• Installed and configured SSH (Secure Shell) encryption to access securely on Ubuntu and Red hat Linux.
• Monitoring the network access points with the help of IBM Q Radar and Cisco prime infrastructure.
• Configuration of ACLs in Cisco 5540 series ASA firewall for Internet Access requests for servers in LAN and DMZ and also for special user requests as authorized by management.
• Secondary Engineer to create a new solution including new construction and installation of a full mesh wireless and wired network with a full ISE installation an ISE deployment for posture validation and profiling.
• Implementation and maintained intrusion detection/ prevention (IDS/IPS) system to protect enterprise network and sensitive corporate data. For Fine-tuning of TCP and UDP enabled IDS/IPS signatures in Firewall.
• Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Performed Network Security Assessment and implemented security features such as network filtering, SSH, AAA, SNMP access lists, VTY access lists and HSRP authentication.
• Utilized SNMP-based network monitoring tools such as Nagios and Solarwinds to manage networks.
• Configured and managed updated Cisco Network Systems with routers for MPLS Client VPN, Site-to-Site VPN and Dynamic VPM (DMVPN).
• Understanding of IPSEC & GRE tunnels in VPN technology implementation using Cisco IOS and have checkpoint firewall /VPN.
• Integrating Configuring RSA Secure ID with ISE for Token based authentications using RSA Native method RSA RADIUS method for user's remote VPN users.
• Assisted in the creation and migration of an Infoblox solution for XTO.
• Worked with Infoblox Sales team to design refresh of equipment and lower costs.
• Performed attribute manipulation in BGP multi-homed scenario using attributes like AS-Path, MED, Local Preference and weight.
• Implementation of HSRP, IPSec, Static Route, IPSEC over GRE, Dynamic routing, DHCP, DNS, FTP, TFTP, RAS.
• Planning, designing, Installing and Configuring of Cisco Routers (1700, 1800, 2500, 2600, 3200, 3600, 3700, 3800 and 7200, 7609) & Cisco L2 & L3 Switches (2900, 3560, 4500 & 6500).
• Administration and diagnostics of LAN and WAN with in-depth knowledge of TCP/IP, NAT, PPP, ISDN and associates network protocols and services and static routing using Nexus, Cat6k, ISR, ASR
• Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, VTP, STP, Inter VLAN routing, LAN security.
• Also performed Dual-homing on nexus-based platforms using the feature VPC and also managed to do Virtualization on the nexus platforms using the feature VDC and also maintained VRF’s in those VDC’s.
• Implementing changes to the network routing tables and ACLs.
• Handling DNS, Subnet and IP requests expeditiously but carefully from work intake buckets (various).
• Technical consultation of global multi-tier DNS architecture.
• Key team member converting DNS and DHCP to HSBC IP schema for entire legacy network.
• Managed conversion of various subnets to appropriate DHCP servers based on separation strategy.
• Implementing, Monitoring, Troubleshooting and Convergence in Frame-Mode MPLS inside the core.
• Configured and installed new IP addresses for new users by using IP Addressing and Subnetting Scheme, and work on CITRIX applications.
• Performed troubleshooting, fixed and deployed many Python bug fixes of the two main applications that were a main source of data for both customers and internal customer service team.

Environment: Cisco Routers (1700, 1800, 2500, 2600, 3200, 3600, 3700, 3945, 4451, 7200, 7609) & Cisco L2 & L3 Switches (2900, 3560, 4500 & 6500), F5 and CSM load balancers, Juniper SRX Firewalls, Cisco catalyst 6509, 7613, Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550.

Confidential

Network Engineer

Responsibilities:

• Reviewing, analyzing, approving and executing all changes in the network. All Configurations of Cisco Routers and Switches. Participated in a rotating 24x7 support schedule for the Network Operation Center.
• Worked with Network Operations Center (NOC) to troubleshoot various network issues like TCP/IP, VLAN, MPLS, routing issues like RIP, OSPF and BGP.
• Implemented WAN network technologies like MPLS, switching technologies like STP, VTP, Port Channels and VLAN security on L2 and L3 layer switches.
• Configuring AAA Services onthe CiscoASR9000 Series Routermodule ofCiscoASR9000 Series Aggregation Services Router System Security Configuration Guide.
• Configured trunk and access ports and implemented granular control of VLANs and VXLANs using NX-OS to ensure virtual and flexible subnets that can extend further across the network infrastructure than with previous generation of switches.
• Build and configure monitoring systems and other network related tools such as Introscope, Splunk, MRTG, Solarwinds, and RANCID on a Linux/Windows 2003 platform.
• Team player in a data analytics environment, maintaining network capacity, integrity, and performance of client connectivity and datacenter leveraging Device42, Solarwinds as the primary toolset and VPLS as the key technology.
• Implementation and Maintenance of Juniper EX 2200, M120 devices.
• Net screen firewall setup, upgrade and configuring IPSEC VPNs and NSM (Net screen security manager) management.
• Worked on troubleshooting customer issues related to MPLS VPN related issues involving PE configuration issues, PE-CE link issues such as routing protocol configuration, Layer1 / Layer2 issues, BGP4 address-family related issues, MP-BGP.
• Innovated with support of Palo Alto for remote and mobile users and for analyzing files for malware in a separate (cloud-based) process that does not impact stream processing.
• Performed IOS, IOS-XR and Junos upgrades and production network maintenance.
• Deploying new technologies to data center and branch offices including firewall, NAC, wireless and switching technologies.
• Monitoring traffic at many different points, and provide visibility into the security posture of the network using IDS/IPS tools
• Signature UpdatesDeployment on the Management Componentsand all the Individual IPS/IDS devices.
• Troubleshooting client and business partner VPN connectivity issues. Responsible for VPN access support for Executive team and data security. Password resets, granting share access and permissions to Enterprise folders for different team, e.g. Finance, HR, Ops Planning.

Environment: Palo Alto firewalls, R77.10 gain, Linux/Windows 2003, monitoring tools Nagios, solarwinds, introscope, splunk, MRTG, Citrix Netscale, Sonicwall, Cisco WAAS, Cisco IPS.

Confidential

Network Support Engineer

Responsibilities:

• Configured and installed Cisco 2500, 3640, 7200, and 7940 Routers.
• Troubleshot network bandwidth performance, mismatched framing and line coding.
• Coordinated with LAN/WAN engineers the development and implements security policy.
• Monitored usage of network resources with Cisco works and using sidewinder in PIX Firewall.
• Defined policies, NAT and anti-spoofing for internal, external networks as well as Internet gateways.
• Configured remote users to access corporate LAN with VPN connectivity.
• Configured Frame-Relay, ISDN, ATM, Protocols, & load balancing switches.
• Configured IPX/SPX, HDLC, PPP, TCP/IP, BGP, EIGRP, RIP, & HSRP.
• Configured STP for loop prevention and VTP for Inter-VLAN Routing.
• Coordinated the routing of data for Internet access via diversity, load balancing on MPLS.
• Versed in proxy servers, web servers, and VPN networks on Windows and Unix OS.
• Configuration of IP and routing technologies for various protocols such as EIGRP, OSPF, and BGP for MPLS Network.
• Troubleshooting network issue for production and disaster recovery using various diagnostic techniques,
• Troubleshooting equipment, and service providers for successful completion.
• Created Network documents, tickets and network Visio diagram for various customers.

Environment: Cisco 2500, 3640, 7200, and 7940 Routers, EIGRP, OSPF, and BGP for MPLS Network, IPX/SPX, HDLC, PPP, TCP/IP, BGP, EIGRP, RIP, & VTP, HSRP, T1, DSL, ATM/IMA, Frame Relay and ISDN.

Confidential

Network Technician

Responsibilities:

• Assisted in troubleshooting LAN connectivity and hardware issues in the network.
• Studied and analyzed client requirements to provide solutions for network design, configuration, administration, and security.
• Designed and implemented Layer 2 and Layer 3 LAN infrastructure redundancy and availability services like STP, RSTP, VTP, HSRP and VRRP.
• Involved in troubleshooting IP addressing issues and Updating IOS images using TFTP.
• Monitor performance of network and servers to identify potential problems and bottleneck.
• Performed RIP & OSPF routing protocol administration.
• Interacted with support services to reduce the downtime on leased lines.
• Troubleshoot problems on a day to day basis; provide solutions to fix the problems.
• Designed a test manual and automated test cases are perform the over Network testing tool IXIA and Spirent.
• Automate test cases for carrier grade, provider Edge and Core Routers. Validate the IP/MPLS features are consistent with client’s design and behave as expected in a multi-vendor, scaled environment
• Configure the access-list and patch on the Juniper router and Firewall for customer support.
• Maintenance and Troubleshooting of connectivity problems using Ping, Trace route.
• Managed the IP address space using subnets and variable length subnet masks (VLSM).
• Worked along with the team in ticketing issues; responsibilities included documentation and support other teams.

Environment: TFTP, RIP, OSPF, IP/MPLS, VLSM