SUMMARY

• Having around 8 years of experience in Routing - Switching technologies, System design, Configuration and Troubleshooting of complex network System-Security Devices, Documentation of LAN/WAN networking system.
• Experience with network hardware and technologies including firewalls, routers, switches, Gateway technologies, Ethernet, Fast Ethernet, Gigabit Ethernet, Wireless technologies
• Expertise in Routing protocol such as EIGRP, OSPF, BGP, MPLS, LDP.
• Working experience with installing, implementing, maintaining and troubleshooting Cisco Switches, Cisco Routers, Juniper EX Switches, Juniper Routers and Cisco Nexus Switches
• Profound knowledge of implementing and maintaining Check-Point R75/76 and Cisco ASA Firewall/PIX.
• Installation of Checkpoint OS R80.10 Gaia on checkpoint appliances 4400 and Smart 1 for testing before upgrading the production firewalls.
• In-depth knowledge of TACACS+, RADIUS implementation in Access Control Network
• Hands-on experience on Cisco Catalyst (series 3850, 3560, 4500, 6500), Cisco Nexus (series 2K, 5K, 7K), Cisco Routers (series 7300, 4000, 3800, ASR 9000), ASA Firewall (5505/5550-X)
• Security policy review and configuration in Palo Alto and DMZ configuration
• Working with installation, configuration and troubleshooting of Juniper Switches (series EX3300, EX4200, EX4600), Juniper Routers (series J, M and T) and Juniper series SRX junos Firewalls
• Hands on knowledge/experience on F5 load balancers, its methods, implementation and troubleshooting on LTMs
• Working experience with off-shore teams, NOC and SOC to resolve elevated issues immediately
• Configured and implemented VDC, VPC, and OTV on Nexus 7K and 5K
• Implementation and maintained Source fire intrusion detection/ prevention (IDS/IPS) system to protect enterprise network and sensitive corporate data.
• Configuring and managing VoIP call manager, Wireless (802.11/wi-fi) and wire IP phones and VoIP protocols.
• Strong understanding in WAN technologies including HDLC, E1, E3, T1, T3, ISDN, MPLS.
• Working on IP Addressing schemes, Subnetting, VLSM, LAN/WAN protocol and provide IP services to fulfill network requirement in different environment Experience in layer 2 and 3 Routing and Switching.
• Experienced with implementation, configuration and troubleshooting of compound layer 2 technologies such as VLAN, VLAN trunk and 802.1q, VTP, VTP pruning, Ether-channel, STP, RSTP, MSTP
• Experience in installing and configuring DNS, DHCP server and install DNS through Infoblox for highly scalability
• In-depth knowledge of implementing redundancy with HSRP, VRRP, default gateway and Ether-channel technologies
• Update software for data center in cloud environment
• Proficient knowledge and hands-on experience of wireless 802.11, Cisco Meraki, Aruba, Access Point
• Experience in troubleshooting, maintaining and integrating on F5 Big-IP LTM load balancing
• Deployed, Managed, monitored and supported Bluecoat Proxy for content filtering, internet access between sites and VPN client users, forward proxy scenario and reverse proxy scenario for security and also worked on adding URL's in Bluecoat Proxy SG's for URL filtering.
• Experience with Putty, Exceed, Secure CRT, GNS 3 and Cisco Packet Tracer
• Configured security policies including NAT, PAT and VPN, IPSec, Route-maps, Prefix lists and Access Control Lists on different router.
• Hands on experience in deployment of GRE tunneling, SSL, Site-Site IPSEC VPN and DMVPN
• Experienced working on network monitoring and analysis tools like, SOLAR WINDS, CISCO works and RIVER BED and Wireshark.

TECHNICAL SKILLS

LAN Technologies: VLAN, VTP, Inter-Vlan routing, STP, RSTP, PVST, IGMP, 802.1x

WAN Technologies: Frame Relay, ISDN, PPP, ATM, MPLS, Channel & Leased lines, SES

Network Securities: NAT/PAT, VPN, Filtering, Load Balancing, IDS/IPS, IPSec, ACL

Routing Protocols: RIP, EIGRP, OSPF, BGP, HSRP, PIM, IPv6

Routed Protocols: TCP/IP, IPX/SPX

Infrastructure Services: DHCP, DNS, SMTP, POP3, FTP, TFTPNetwork Managements SNMP, SSH, Telnet, ICMP

IP Telephony: VOIP, FXO/FXS/E&M/T1/ISDN/ PRI, Call manager Express.

Operating Systems: Windows 8.1/ 7 /Vista/XP/NT/2003, MS DOS, IOS, UNIX, Linux

Languages/ Tools: C, C++, VBScript, Visual Studio 2008, MATLAB, Dream weaver, Python

PROFESSIONAL EXPERIENCE

Confidential, Westlake, OH

Sr. Network Security Engineer

Responsibilities:

• In corporate Cisco Nexus 9000 NXOS to ACI fabric to work in concert with existing Nexus 7000s and ASRs for Multi-protocol Label Switching (MPLS).
• Experience working on CISCO NEXUS data center infrastructure with 2000, 5000 and 7000 series switches by enabling networked devices to communicate effectively
• Working knowledge of frame relay, MPLS services, OSPF, BGP and EIGRP routing protocols, NATing, sub-netting, also including DNS, LDAP, DHCP, http, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, IPSEC, PPTP, VLAN, WISM, STP (Spanning tree Protocol), RTSP & Multicasting protocols
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
• Apply Cisco ISE configuration to switches Provide level 2/3 support for ISE related issues, including off-shift and weekend support functions.
• System implementer for Windows 2012/2008/2008 R2/2003/2003R2 and VMware ESX hosts customer installations, configuration, testing and troubleshooting based on documented customer requirements
• Configured Checkpoint Firewall in distributed deployment and also maintaining Site-to-Site VPN Connection through the Firewalls.
• Upgrading Checkpoint Gaia and Security management from R 76 and R 7 .30 and R77.30 respectively with the latest hotfix take 216.
• Monitor, operate and support network security devices such as cisco ASA
• Responsible for configuration, maintenance, and troubleshooting of dynamic routing protocols: BGP, OSPF & EIGRP (route redistribution, distribute lists, route-maps, offset-lists, prefix lists, route summarization, route-feedback, BGP attributes) on Cisco Routers 7613, 7201, and 3945E.
• Upgrading code on Palo alto firewalls PA5050/3020 to meet company security policy
• Configure all Palo alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments.
• Designing and Deploying dynamically scalable, highly available, fault tolerant and reliable applications on AWS.
• Configured VMware HA, DRS in acquiring higher efficiency for VMware infrastructure
• Migrated complex, multi-tier applications on AWS. Defined and deployed monitoring, metrics and logging systems on AWS.
• Migrated existing on-premises applications to AWS
• Establish AWS technical credibility with customers and external parties.
• Selecting appropriate AWS service to design and deploy an application based on given requirements.
• Experience in F5 load balancers, its methods, implementation and troubleshooting on LTMs and GTMs.
• Configured networks using routing protocols such as OSPF, BGP and manipulated routing updates using route-map, distribute list and administrative distance for on-demand Infrastructure
• Innovated with support of Palo Alto for remote and mobile users and for analyzing files for malware in a separate (cloud-based) process that does not impact stream processing.
• Automated network implementations and tasks and designed monitoring tools using python scripting.
• Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls.
• Managing data center and network by using solar winds, NPM, NTA, NCM and F5 load balancer
• Working on troubleshooting, implementing and configuring new devices and helping them to build new data center and moving devices from one data center to another by moving all devices.
• Experience configuring VPC, VDC and ISSU software upgrade in Nexus 7010.
• Configured Cisco 2911, 2921, 2951 routers, Cisco switches, Cisco 5520 Firewalls, Cisco Wireless LAN controllers and Access Points, BrocadeVDXand ICX switches, Force 10 C300 switch, Fortinet F600 firewall, Windows 2008 & 2012 servers. Installed and created Vlans and VPCs for Nexus 5K.
• Deployed VXLAN on the Nexus 9000 to map the physical VLANs to the Virtual Overlay VLANs.
• Deployed the Nexus 9000 Application Virtual switch to support network telemetry applications and 9000 Core with VPC and 3172 TOR
• Documenting workflow process, managing and implementing standard policy and procedures.

Confidential, Washington DC

Network Security Engineer

Responsibilities:

• Participated in the installation, configuration, post installation, daily operational tasks and configuration and deployment of Cisco Nexus equipment 7010, 5596 and 2248.
• Installing and configuring TACACS/RADIUS, Performed ISSU to upgrade to the core Nexus 7k switches.
• Prepared Documentation to upgrade Cisco IOS, CAT OS and NX-OS in High availability production environments pre/post checks for customer production upgrades.
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support
• Performed IOS Software upgrades on switches Cisco 6509, 4510, 3750 and Cisco ASR for compatibility with Cisco ISE.
• Implemented VMware design, performing P2P, P2V, P2I, I2P, and V2P. Migrated Physical Machines to Virtual Machines (P2V).
• Troubleshoot network access problems, Strong TCP/IP understanding, Debugging checkpoint firewall.
• Hands on experience with Cisco Nexus 7K, 5K and 2K series equipment including configuration of protocols.
• Monitored and resolved network device issues identified by Solar winds in a timely manner
• Worked on assessment and the finalization of the detailed designs and provided a design document for the Implementation of Cisco ISE and the Migration of Wireless and TACACs to ISE.
• Configured network access servers and routers for AAA Security (RADIUS/ TACACS+).
• Provided engineering support and technical assistance by ensuring the Cisco ISE server is correctly installed and licenses are applied.
• Design the firewalls changes using various NAT types in Checkpoint firewalls like, static and dynamic.
• Worked with different vendors and service providers like BT, AT&T and Verizon to TTU our circuit.
• Managing Bluecoat and adding LDAP groups and users and give access right to groups.
• Creating and adding and reserving new subnets and IP address in Bluecoat.
• Reclaiming IP address in Bluecoat.
• Managed inventory of all network hardware, Management and Monitoring by use of SSH, Syslog, SNMP.
• Implemented and configured SNMP, Syslog and traps on Cisco routes to allow for network management
• Experience with SSL offloading, TLS security, and cipher management on the F5.
• Designed application mapping and application delivery using F5 BIG IP LTM. Configured Virtual IPs and servers on F5 and associated pool and pool members to it
• Provided application level redundancy and availability by deploying F5 load balancers LTM
• Worked on F5 LTM configuring different Load balancing methods Round Robin/Ratio based Etc.
• Implemented changes on existing configurations for the applications on F5 load balancer
• Configured Site-to-Site IPsec VPN tunnels to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5505 series firewall.

Environment: Cisco Routers, Cisco Nexus 9k,7k,5k, 3k and 2k, Cisco Switches, BIG IP F5 LTM, GTM, Checkpoint and ASA Firewalls, IT Security Policies, OSPF, EIGRP, HSRP, BGP, Sniffers, Service Now, Service Desk, Catalog, Jira, Solar winds, spectrum, Gigamon, Anue, LAN and WAN networks

Confidential - Kenilworth, NJ

Network Engineer

Responsibilities:

• Responsibilities included installation, configuration, maintenance and troubleshooting of the corporate network, monitoring network performance using various network tools to ensure the availability, integrity and confidentiality of application and equipment and to provide support for Cisco network.
• Integrated HP SIM and Solar Winds Orion to monitor VMware host and virtual servers
• Responsible for the design, engineering, and level 2/3 support of existing network technologies services and the integration of new network technologies / services.
• Key contributions include troubleshooting of complex LAN /WAN infrastructure that includes routing protocols EIGRP, OSPF & BGP.
• Worked on checkpoint UTM1, VPN1 and activating blade licenses to be used as Intrusion prevention and antivirus appliance.
• Automated network implementations and tasks and designed monitoring tools using python scripting.
• Provided versatile, supportable TCP/IP security arrangements alongside TCP/IP.
• Created documents for various platforms including Nexus 7k, ASR1k enabling successful deployment of new devices on the network
• Experience configuring Virtual Device Context in Nexus 7k series switch.
• Experience with configuring Nexus 5000, Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 7000.
• Configuration, Testing, Planning and Design of Cisco Routers, Cisco Catalyst 2900, 3570 and 6500 Switches.
• Set up and configured a Cisco ASA 5506-X and Cisco Fire POWER network security services.
• Configured multiple SPAN sessions to monitor the traffic for troubleshooting purposes.
• Worked on Migrating from Checkpoint firewalls to ASA 5540.
• Experience in Configuring VPN, clustering and ISP redundancy in Checkpoint firewalls.
• Configuring failover for redundancy purposes for the security devices. Implemented the state full failover for ASA and Checkpoint firewall.
• Created Virtual Contexts, VLANs, and Interfaces in ASA 5585.
• Configured Cisco 7204 and ISR routers which were also connected to Cisco ASA security appliances providing perimeter based firewall security.
• Worked on F5 BIG-IP LTM 8900, configured profiles, provided and ensured high availability
• Worked on F5 and CSM load balancers deploying many load balancing techniques with multiple components for efficient performance.
• Upgrade Cisco Routers, Switches and Firewall (ASA) IOS using TFTP
• Configuring failover and working on SSL-VPN when in active/standby failover on ASA.
• Resource management through deployment of network based monitoring applications to keep bandwidth & activity alongside each other.
• Installed and Configured a Cisco secure ACS server for AAA authentication (RADIUS)
• Configuring cisco Secure Access Control Server (ACS) to offer authentication, accounting, and authorization services to network devices.
• Manage a very large DNS environment using Lucent QIP and manual management of DNS for DMZ/External servers.
• Manage Cisco Routers, switches and troubleshoot layer1, layer2 and layer3 technologies for customer escalations.
• Performed switching technology administration including Vlans, inter-Vlan routing, trunking, port aggregation and link negotiation.

Confidential

Network Engineer

Responsibilities:

• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problem.
• Worked on network topologies and configurations, TCP/IP, UDP, Frame Relay, ATM, bridges, routers, hubs and switches.
• Managing enterprise BGP setup by configuring and troubleshooting BGP related issues.
• Worked as part of a team to manage Enterprise Network Infrastructure as a Tier 3 Support Engineer.
• Troubleshoot issues related to VLAN, VLAN Trunking, HSRP failovers, related issues.
• Configuring and Upgrading Junos Space Virtual Appliance.
• Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel.
• Administration of ASA firewalls in the DMZ and FWSM in the Server Farm to provide security and controlled/restricted access.
• Configured networks using routing protocols such as RIP, OSPF, BGP and manipulated routing updates using route-map, distribute list and administrative distance for on-demand Infrastructure.
• Experienced with Juniper: EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240.
• Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers.
• Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches.
• Responsible for maintaining the entire Routing and switching domain across the campus / Branch to Head Office and the Layer-2 campus network across the remote branches, which included configuring VLANs and Trunks, Spanning Tree protocol, Port-Security, VLAN-MAPs and DOT1X for switches and Wireless.

Confidential

Network admin

Responsibilities:

• Provided system support for the end client.
• Installed and verified that all AIX/Linux patches or updates are applied to the servers.
• Troubleshooting Linux network, security related issues, capturing packets using tools such as IPtables, firewall, TCP wrappers, NMAP.
• Worked on UTB and Wireless Networks Configuration, maintenance, management and Data Backup.
• Developed and configured the network to connect the company different branches together, monitored the network usage.
• Installed and maintained new server hardware and software infrastructure diagnoses and resolved network problems and related devices.
• Installs and configures client and server network software, and performs software upgrades as needed Pcs Maintenances and Devices Programming
• Configures, manages and provides technical support for the firewalls, IPS, and other network security systems.
• Remote access technologies Vpn, dial-up
• Performs routine preventative maintenance on network hardware and software applications.
• Worked on the automation System Project to, Maintenance, Resolved the Complexities and Development.
• Lookout Program Project Development and Configuration.
• Camera System Network and Device, Implementation, Configuration, and Backup Data & fingers print program Monitoring & manipulation.
• Configuration Implementation Documentation for the Automation Program
• Oracle database manipulating and Merge.

Environment: TCP/IP, PPP, DSL, NAT Cisco Router configuration, Firewalls.