SUMMARY

• CCNA and CCNP certified Network Engineer with 6+ Years of experience in design, implementation, configuration of Cisco Routers, Switches and Firewalls, troubleshooting & fine - tuning of Firewalls, VPN configuration, troubleshooting network related problems in Enterprise& Data Center Networks.
• Experience in implementing and configuring protocols such as HSRP, GLBP, VRRP, ICMP, IGMP, PPP, HDLC, PAP, CHAP, and SNMP.
• Experience in working with Cisco routers and switches implementing protocols such as EIGRP, OSPF, IS-IS BGP and MPLS on edge routers.
• Experience in handling Network Monitoring tools and Packet capture tools (NAM, New Relic, OPNET, NetFlow, Wireshark, and Sniffer).
• Experience on configuringPaloAltoNext Generation firewall PA-5260 5050, 5020, 3020 Series.
• Experience in working with Cisco/Checkpoint/Juniper/F5/Riverbed Products.
• Hands-on experience configuring and troubleshooting of routing protocols RIP v1/v2,
• Worked with Red Hat Enterprise Linux with virtual servers using VMware.
• Experience with Windows server products and Linux server products.
• Adept understanding of the JUNOS platform and worked with IOS upgrade of Juniper devices.
• Experience withJuniperSRX 240 Firewalls,QFX,MX, EX SERIES
• Worked on network topologies and configurations, TCP/IP, UDP, Frame Relay, bridges, routers, hubs and switches.
• Experience onAWSservices, VPC creation, Security rule configuration, DR,AWSDWH platforms.
• Responsible for switching tasks such as VTP, ISL/ 802.1Q, IPsec and GRE Tunneling, VLAN, Ether Channel, STP RSTP, PVST+.
• Implemented Architectural design and guidelines forPaloAltoFirewalls in the Green Field deployments.
• Strong hands on experience in installing, configuring, and troubleshooting of Cisco 7600, 7200, 3800, 3600, 2800, 2600, 2500, and 1800 series routers, Cisco Catalyst 6500, 4500, 3750, 2950, and 3500XL series switches.
• Experience inAWSNetworking - Direct connect/VPC NACLs, security groups etc.
• Experience with Cisco IOS XR on ASR9000, 12000 series routers.
• Worked on Cisco UCM administration and Cisco UCCX call system
• Designed and implemented F5 load balanced environment at the data center.
• Well Versed on configuring and implementing Firewall migrations from Cisco ASA toPaloAltoFirewalls.
• Worked on a plan for a new datacenter build using Viprion/vCMP to consolidate F5 infrastructure.
• Installed, Configuration and managed Cisco Meraki Switch Series MS220-48LP, MS225-48LP, MS250-48FP and Meraki AP.
• Able to Design and implementcloudinfrastructure services to support rapid application deployment
• Firmware upgrade for Meraki MS, Meraki MR, Meraki MV, Meraki MX for the better performance.
• Hands on experience in configuring and supporting site-to-site and remote access Cisco, IPsec, VPN solutions using ASA/PIX firewalls, Cisco, VPN client in addition to providing TACACS+ and RADIUS services.
• Experience in build and configure ofPalo Altofirewalls.
• Ability to implementCloudSolutions onAWSutilizing EC2, S3, IAM, ECS, RDS
• Expertise in implementation of IP addressing schemes (includes VLSM) and IP services to meet medium level enterprise level network requirement
• Experience working with Nexus 7K, 5K, 2K devices.
• Strong Knowledge of Amazon Kinesis,AWSlambda, Amazon simple Queue Services
• Experience with configuration of Nexus 2000 Fabric Extender (FEX), which acts as a remote line card (module) for the Nexus 5000.
• Implemented traffic filters using Standard and Extended access-lists, Distribute-Lists, and Route Maps.
• Configured DNS Sinkhole in Anti-Spyware profile ofPaloAltoFirewall to identify infected hosts on the protected network and forge a response for DNS query.
• Experience on migration and troubleshooting problems with level 2, level 3 and level 4 and applications as well.
• Deep Expertise in Design/Usage of the coreAWSproduct.
• Experience in installing and configuring DNS, DHCP server.
• Designing experience with MS Visio, Whiteboard, etc.
• Moderate knowledge in configuring and troubleshooting Cisco Wireless Networks LWAPP, WLC, WCS, Standalone Aps, Roaming, Wireless Security Basics, IEEE 802.11 a/b/g, RF spectrum characteristics.
• Support for all otherAWSproducts such as RDS, Route53 (DNS),CloudTrail, Elastic cache, Lambda and Amazon Kinesis.
• Trouble shot networking issues as they came in when it related to thePaloAltoFirewall.
• Cisco (ISE) to simplify identity management across diverse devices and applications.
• Experience working with Microsoft, VMware, Citrix, SolarWinds, Active Directory, Share point, SAN/NAS and related technology
• Adept Knowledge on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Good knowledge and experience in installation, configuration, and Administration of Windows 2000/2003, HTTP, FTP, DNS, NTP, DHCP servers under various LAN and WAN environments.
• Adept knowledge in preparing technical documentation and presentations using Microsoft Visio/ Office.
• I troubleshot issues with PA-200 through to PA-5000 seriesPaloAltoNetwork Firewalls through software versions of 6.0.0 through 8.1.0
• Developed continuous integration pipeline using Jenkins and developed various python scripts for deploying the applications on theAWScloudand on-premises VMware Infrastructure.
• Provides technical leadership forproblem escalation and resolution.
• Assist with network administrators over the phone, thePaloAltoNetwork firewalls and BGP as well as OSPF issues
• Highly motivated with the ability to work independently or as an integral part of a team and committed to highest levels of professionalism.

TECHNICAL SKILLS

Routers & Switches: Routers (1700, 1800, 2500, 2600, 3200, 3600, 3700, 3800, and 7200), Cisco L2 & L3 Switches (2900, 3560, 4500, 5000 & 6500), ASA, PIX, FWSM, Juniper EX4200 & EX3200, MX480, MX960, PTX1000, SRX1500, Net screen

LAN Technologies: Ethernet, Fast Ethernet, and Gigabit Ethernet, VLAN, Inter-VLAN Routing, VTP, STP, RSTP

WAN Technologies: Frame Relay, ATM, ISDN, PPP, HDLC

Firewalls: Firewalls/VPNs ASA, PIX, Cisco VPN 3000 Series Concentrator, SonicWALL

Protocols/Services: Routing Protocols (RIP v1 & v2, IGRP, OSPF, EIGRP, BGP), QoS, HSRP,VRRP, TCP/IP, load balancer, Proxy servers, IPSec, MPLS, PPP, VoIP, SIP, H.323

Security Server Protocols: TACACS+, RADIUS

Network Management Tools: Wireshark, Net flow Analyzer, HP Open View, Cisco Works, Ethereal, OPNET, Solar winds, Cisco Meraki

OS products/Services: Windows (2000/2003, XP), UNIX, LINUX

PROFESSIONAL EXPERIENCE

Confidential

Network Engineer III

Responsibilities:

• Working as part of a team to manage Enterprise Technology Group as a Network Engineer III.
• Configured routing protocols such as OSPF, EIGRP, and BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy. It also includes the configuration of the port channel between core switches and server distribution switches.
• Contributed in troubleshooting of complex LAN/WAN infrastructure that includes routing protocols EIGRP, OSPF and BGP.
• Wrote Ansible playbooks with Python SSH as a wrapper to manage configurations and the test playbooks onAWSinstances using Python.
• Working on firewallengineerwith advanced knowledge of Checkpoint, Fortinet, Cisco ASA 5500 series, JUNOS andPaloAltoPA-200.
• Worked on Migration ofJuniperSRX firewalls for isolation of network segments and VPN's, ISIS, Point to point.
• Collaborate with senior engineers and customers on the design, configuration and deployment of WAN and site-to-site connection.
• Provided 24/7 network support for troubleshooting and resolving network related incidents.
• Designed, tested, and implemented global Next Generation MPLS network (150 sites) using Cisco 4300, 3800, 2800, 2600, and 1721 Cisco routers and 800 Series VPN routers using BGP and EIGRP protocols.
• Deployment ofPaloAltofirewall into the network. Configured and wrote Access-list policies on protocol-based services.
• Hands on experience with configuration and troubleshooting of junipervirtual chasses, ip ranges onjuniperswitches solved issues through Jira tickets system.
• Automated theclouddeployments using Python andAwscloudformation templates.
• Design, deployment and maintenance of security/network devices and datacenters of enterprise.
• Assisted in MPLS migrations, implemented a backup for the existing WAN connection using site-to-site IP sec VPN tunnels.
• Provided support for 2Tier and 3Tier firewall architecture, which includes various Check Point, Cisco ASA firewalls andPalo-Altofirewalls.
• Supported EIGRP and BGP based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations.
• Automated theclouddeployments using Python andAwscloudformation templates.
• Working on migration of Frame Relay based branches to MPLS based VPN for customer’s WAN infrastructure.
• Configured and maintained IPSEC and SSL VPN's onPaloAltofirewalls (5050).
• Assist internal project teams by determining rules that need to be added to the firewalls and identifying the proper routing and addressing for new devices in managed DMZ.
• Working on conversions to BGP WAN routing, which will be to convert WAN routing from EGRP to BGP (EIGRP is used for local routing only) that involves new wan links.
• Managing incidents through to resolution to include: coordinate and test with vendors and customers, internal communication and escalation, and follow-up/documentation of the troubleshooting performed.
• Converted existingAWSinfrastructure to server less architecture withAWS(Lambda, Kinesis) deployed via Terraform andAWSCloudFormation.
• Assisted in Configuration of Cisco Routing protocols BGP, EIGRP, OSPF Installed LANs, WANs and established intranet and internet access.
• Responsible for maintaining multi-vendor network environment including Cisco ASA, Juniper JUNOS, Fortinet firewalls,PaloAltoPA-200 and configuring different policies to provide connectivity
• Implementing Citrix NetScaler 10 for Networking and Traffic Optimization (CCA) (BETA).
• Configuring of checkpoint Security gateway & management server and Worked on Checkpoint Firewalls Clusters of both High-Availability and Load-Sharing
• Planned, designed and configuredAWSInfrastructure including EC2, ELB, S3, SQS, SNS, IAM Users & Policies, Security Groups, VPC/Sub-nets, ACL, VPC and Route 53.
• Configured Security policies including NAT, PAT, VPN, Route-maps and Access Control Lists.
• Planned and installed Frame Relay WAN links to the branch offices
• Working on Cisco 2950, 2960, 4506, 6509 series switches for LAN requirements, that includes managing VLANs, Inter-VLAN Routing, VTP, STP, RSTP, Port-Securities and troubleshooting LAN issues.
• Configuring rules and maintainingPaloAltofirewalls and analysis of firewall logs using various tools.
• Performed data migration from on premises environments intoAWS
• Assisted in MPLS migrations, implemented a backup for the existing WAN connection using site-to-site IP sec VPN tunnels.
• MX Security Application Setup, Setting up Security Policies on MZ, Auto VPN, and Redundancy, Security and shaping guest wireless Access, configure SD-WAN (Software defined WAN).
• Hands-on experience with WAN technologies like T1/T3, DS3, STM1 and STM4 circuit types.
• Used Cisco ISE to grant authenticated users with access to specific segments of the network, or specific applications and services, or both, based on authentication results
• Configuring rules and MaintainingPaloAltoFirewalls & Analysis of firewall logs using various tools.
• Proficient in writingCloudFormation Templates (CFT) in YAML and JSON format to build theAWSservices with the paradigm of Infrastructure as a Code.
• Manages the Cisco Identity Services Engine (ISE) for access to network devices, manage authentication for users and endpoints.
• Configured Nexus 5000 switches to integrate with Cisco ISE features for device control and 802.1x
• Working with event-driven and scheduledAWSLambda functions to trigger variousAWSresources
• Assisted in the architecture, evaluation and recommendations related to purchasing and installing hardware, software related to IP Networking.
• Implementing firewall rules and configuringPaloAltoNetwork Firewall
• Documented workflow process, managing and implementing standard policy and procedures.

Confidential

Sr. Network Security Engineer

Responsibilities:

• Responsible for configuration, maintenance, and troubleshooting of dynamic routing protocols BGP, OSPF & EIGRP (route redistribution, distribute lists, route-maps, offset-lists, prefix lists, route summarization, route-feedback, BGP attributes) on Cisco Routers 7613, 7201, and 3945E.
• Experienced with installation ofAWSCLI to control variousAWSservices through SHELL/BASH scripting.
• Experience in frame relay, MPLS services, OSPF, BGP and EIGRP routing protocols, NAT’ing, NAC product sub-netting, also including DNS, LDAP, DHCP, HTTP, HTML, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, STP (Spanning tree Protocol), RTSP & Multicasting protocols
• Experience with design and implementation of Virtual Switching System (VSS) for both User segment and server segment using 6509-V-E catalyst switches
• Deployment ofPaloAltofirewall into the network. Configured and wrote Access-list policies on protocol based services
• Experience with managing the completed end to end site solutions
• Troubleshooting DMVPN and Meraki auto-VPN, addressing Wireless issues on Flex Controller 7500
• Experience with design and implementation of Data center migration.
• Designed, Implemented and Troubleshot Cisco 3750, 3550, 3560, 2924, 6509-V-E, 6513, 6504, 6503, 6506, 6500 series switches, GSR, ASR routers with Cisco IOS and IOS-XR and NX
• Installed, configured and managed Cisco routers such as 7200 series, 3800 series, 3700 series, 2800 series and Cisco Catalyst switch series 6500, 4500, 3500, and 2900.
• Extensively worked usingAWSservices along with wide and in depth understanding of each one of them.
• Upgraded the data center network environment with Cisco ASA 5520. Configured ACL’s on Cisco Switches as well as configured routers as terminal servers.
• Implementing 3750 Stackable switches using Cisco Stack Wise technology. Experience to review, evaluate current and future design issues as required maintaining network integrity, efficient data flow.
• Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment
• Involved in designing and implementing QOS and policy map to 2800 series routers for all the branches
• Configuring rules and maintainingPaloAltofirewalls and analysis of firewall logs using various tools.
• ConfiguredJuniper EX4200 & EX3200 switches and Worked onJuniperMX 480, MX960 network infrastructure.
• Used security groups, network ACL's, internet gateways and route tables to ensure a secure zone for organization inAWSpubliccloud.
• Experience with Branch Relocation: Connect workstation, servers, etc. Rack and stack Pre-configured new hardware and connect the circuits. Worked with Carrier to test and turn-up circuits.
• Performed IP address planning, designing, installation, configuration, testing, maintenance, and troubleshooting in complete LAN, WAN development.
• Involved in operations and administration of WAN consisting Ethernet Handoffs, T1, DS3, and Optic Fiber Handoffs.
• Implementing firewall rules and configuringPaloAltoNetwork Firewall
• Installed and configured an SD-WAN solution between the company's three international sites
• Experience with Racking, Stacking, configuring, Nexus 5K and 2K and 7K.
• Installed wireless access points (WAP) at various locations in the company.
• Actively involved in switching technology Administration including creating and managing VLANS, Port security - 802.1x, Trucking 802.1Q, RPVST+, Inter-VLAN routing, and LAN security on Cisco Catalyst Switches 4507R+E, 6509-E and Cisco Nexus Switches 2232, 5596, 7009.
• Create roles and policies usingAWSIAM tools
• Created dedicated VLANs for Voice & Data with QOS for prioritizing VOICE over DATA.
• Configured Voice ports and Dial peers on the call manager for the VOIP call to reach remote destination.
• Worked on configuration and commissioning of the MPLS circuits for various branch offices.
• Provided Daily network support for national wide area network consisting of MPLS, VPN and point-to-point site.
• Configured and installed Cisco ASA 55xx series andPaloAltofirewalls. UsedPaloAltoPanorama to manage multiple firewalls
• Performed Network Security Assessment and implemented security improvements such as network filtering, SSH, AAA, SNMP access lists, VTY access lists, EIGRP MD5 authentication, and HSRP authentication.
• Handled Network capacity planning, modeling, and traffic optimization and experience in using tools (OPNET, Netflow, etc.).
• Configured ACL’s in Cisco 5520 ASA firewall for internet Access requests for servers, Protocol Handling, Object Grouping and NAT
• Provide system administration support of instances hosted inAWSCommercialcloud.
• Responsible for Data Center Migrations and its operations including the change from 6500 switches to nexus series switches, configured VPC/VDC on nexus 2k, 5k and 7k.
• Implemented antivirus and web filtering on Juniper SRX 240 at the web server as well as configuration of F5 Big-IP LTM-6400 load balancers and experience working with F5 technologies (LTM, GTM, APM, V9, V10, V11)
• Implementing firewall rules and configuringPaloAltoNetwork Firewall
• Experience in deploying, configuring & maintaining F5 3DNS (Global traffic Manager) Controller and BigIP -LTM (local traffic manager) for wide area load balancing and global redirection using VPN and Proxy load balancing techniques.
• Configure Virtual PrivateCloud(VPC) with both public and private subnets, NAT instances, and Elastic Load Balancers.
• Worked in an Agile Scrum environment and with HPSM Change Control System

Confidential

Sr. Network Engineer

Responsibilities:

• Installed and configured Cisco 7200 series router and Cisco 2950, 4500, 6500 Series switches.
• Configured networks using routing protocols such as RIP, OSPF, and BGP and troubleshooting L2/L3 issues.
• Provided estimated bandwidth requirements for data replication, to best determine adequate timing for migration service levels
• Configuration of Cisco 6500 (sup 720), 4500 (SUP 6) & 3750 Catalyst Switches for network access.
• Worked extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.
• Configured RIP, OSPF and Static routing on Juniper M and MX series Routers
• Configured VLAN, Spanning tree, VSTP, SNMP on EX series switches and Helped with time-to-time upgrade network connectivity between branch office and regional office with multiple link paths and routers running HRSRP, EIGRP in unequal cost load balancing to build resilient network.
• Designed and implemented Catalyst/ASA Firewall Service Module for various LAN’s.
• Key contribution includes troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF, & BGP.
• ManagedPaloAltoFirewalls from the command line interface.
• Used security groups, network ACL's, internet gateways and route tables to ensure a secure zone for organization inAWSpubliccloud.
• Configured Client VPN technologies including Cisco’s VPN client via IPSEC.
• Configuring ACL to allow only authorized users to access the servers.
• Participated in on call support in troubleshooting the configuration and installation issues.
• Installation, maintenance, troubleshooting local and Wide Areas Network (ISDN, Frame relay, DDR, NAT, DHCP, TCP/IP).
• Performed Network Security Assessment and implemented security improvements such as network filtering, SSH, AAA, SNMP access lists, VTY access lists, EIGRP MD5 authentication, and HSRP authentication
• Created S3 buckets in theAWSenvironment to store files, sometimes which are required to serve static content for a web application.
• Extensive Packet level debugging and troubleshooting onPaloAltoFirewalls to resolve numerous network issues.
• Provided technical support in terms of upgrading, improving and expanding the network.
• Providing technical security proposals, detailed RFP responses, and security presentation, installing and configuring ASA firewalls, VPN networks and redesigning customer security architectures.

Confidential, Omaha NE

Network Engineer

Responsibilities:

• Network Engineer responsible for Firewall, Load Balancing and Wireless Infrastructure.
• Worked for Data Services Team, leading on the Disaster recovery planning, implementation and testing. Replaced Checkpoint NG Firewalls with Cisco FWSM.
• Part of multiple acquisition teams requiring migration to Compass data center.
• Replaced Nortel Connectivity IPSEC VPN with Cisco ASA SSL Client and Clientless VPN.
• Designed and Implemented Wireless Infrastructure with Secure Intranet and Guest Access.
• Implemented Cisco Optimized Edge Routing (OER) to utilize multiple ISPs with single public-address Space.
• Designed and Implemented Cisco GSS. DNS based load balancing with health checking and proximity detection.
• Experience in Checkpoint firewalls andPaloAltoFirewalls.
• Used to load outbound vendor connections across multiple paths.
• Deploying and decommission of VLANs on core ASR 9K, MIX routers, Nexus 7K, 5K, HP switches and its downstream devices.
• Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
• Configured CIDR, RIP, PPP, BGP, MPLS and OSPF routing on Cisco routers and Juniper routers.
• Assisted in MPLS migrations, implemented a backup for the existing WAN connection using site-to-site IP sec VPN tunnels.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Experience on designing and troubleshooting of OSPF routing problems.
• Experienced in Proxy servers, SolarWinds network installation and monitoring billing system (200 work station to single Linux server) network performance for one-year time.
• Managing and administering User accounts, assigning Group policies for computers and users.
• Managing disk space, user profile creation and user rights management. Configuring and maintaining web server and mail server.
• Managed multiplePaloAltoFirewalls using Panorama.
• Handled Procurement of B/W, Servers, Microsoft License, renewal AMC like, Servers and Desktop Maintenance, Recording Machine, Firewall, MPLS and Lease line, Routers and Switches.

Confidential

Network Engineer

Responsibilities:

• Responsible for the configuration of Cisco Routers 7000, 5300, 4000, 2500, 3000, 2600) using RIP, IGRP, OSPF, EIGRP, BGP
• Implemented Cisco IOS Firewall IDS using 2600 series router
• Configured and installed multi-protocol (IP, IPX) multi-interface Cisco routers
• Managed office network with Cisco devices with network devices including 2500 and 3600 series routers and 3500, 2900, 1900 series switches
• Analyzed and resolved a high percentage of initial customer contact in the areas of PC/LAN.
• Dealt with customer problems to management and support groups utilizing standard escalation model.
• Extensive experience in configuring and implementing OSPF and BGP.
• Supported core network consisting of Cisco 7200 series routers running multi area OSPF.
• Configured EIGRP and OSPF as interior gateway protocol with route filtering and route redistribution, installed and maintained Cisco 3600, 2600 and 7200 backbone routes with HSRP
• Implemented stub/Totally stub areas and various OSPF features like route-summarization and SPF throttling.
• Experience in creating alarms and notifications for EC2 instances usingCloudWatch.
• Hands-on experience with WAN technologies like T1/T3, DS3, STM1 and STM4 circuit types
• Configured Security policies including NAT, PAT, VPN, Route-maps and Access Control Lists.
• Implemented Cisco Secure Access Control Server (ACS 3.0) for TACACS+/RADIUS
• Knowledge with redistribution of routing protocols and Frame-Relay configuration
• Handled Network Migration from RIP to OSPF.
• Implementation of TCP/IP and related Services-DHCP/ DNS/ WINS
• Configured, maintained and troubleshot routing protocols such as OSPF, EIGRP and BGP.
• Engaged in office moves, helped in identifying network requirements of new building, installed new networking hardware, and coordinated with vendors for cabling/wiring
• Performed troubleshooting, while maintaining trouble ticket tracking, following both internal/external routes.
• Assisted with escalation procedures and customer notifications.
• Configured Cisco Routers for OSPF, IGRP, RIPv2, EIGRP, Static and default route.
• Upgraded Cisco Routers, Switches and Firewall (PIX) IOS using TFTP
• Acted as Tier 3 support for connectivity, failures, configuration, implementation, and troubleshooting.
• Provided project management for data center cabling, documented all network drawings using Visio