Data Center Tech/network Engineer Resume
Northlake, IL
SUMMARY:
- An effective communicator with excellent analytical & problem - solving skills.
- With over 8 years’ experience in Networking & Security Technical Support, with expertise in working with Cisco and Checkpoint products.
- Insightful experience in planning, design, installation and configuration of networks and Security configurations of various network devices.
- Configure and manage firewalls.
- Established secure internet access for multiple private networks using NAT on PIX firewalls & Checkpoint
- VPN establishment using IPSEC, GRE tunnels on Firewalls
- Installing and configuring of check point firewalls.
- Troubleshoot Data Center Automation using methods such as REST API implemented by scripting Python.
- Multi-protocol network experience including MPLS, ExtraHop, Azure, ALTRIA, WSU,palo alto, TLS, EGP (BGP) and IGP (OSPF, EIGRP), TCP/IP,SSL, UDP, SSH, DHCP, RIP, VRRP, HSRP, VLAN, STP, SolarWinds, VxLAN, SCCM, Port Security, ORACLE, Unix/Linux, 802.1q and SNMP, Kafka, Identity Federation services, wireless (802.11), NAT/PAT.
- Deploy and manage with advanced security and network management tools like Aruba ClearPass Policy Manager, Aruba Airwave, and cloud-based Aruba Central.
- Work performed involves SME input and support on F5 and Cisco ACE load balancer, Virtualization, day in and day out work on the F5 Application Delivery Controllers ( LTM's, GTM's, Azure, SCCM, Port Security, ASM's, SolarWinds, WSUS,Cisco ACE modules and 4710 appliances).
- Configuration of URL Filtering on ASA & Checkpoint Firewalls.
- Configuration of Site to Site VPN on Cisco Firewalls & Checkpoint.
- Failover configuration on Cisco ASA &Checkpoint Firewalls.
- Configuration of F5 Load Balancers (LTM Module).
- VPN: Remote access VPN, Site to Site VPN in Checkpoint, Fortigate and ASA.
- T/S Tools: TCP dump, ORACLE, Azure, SCCM, Fw-monitor Wireshark.
- Cluster: Active-Active, Active- Standby concepts.
AREAS OF EXPERTISE:
- Knowledge on troubleshooting Leased Lines & ISDN Circuits.
- Configuration & troubleshooting of switches &Routers and firewalls
- Router hands on experience in configuration & trouble shooting
- Configuration & troubleshooting Routing protocols like RIP, ELK,EIGRP, OSPF
- Knowledge on switches, VMARE,VLAN, Azure, ALTRIA,SCCM, SolarWinds, Port Security, Extrahop,
- Virtualization, Trunking etc.
- Hardware replacement & spare management during the device failure. Ability to work in a team & interact with 3rd party suppliers & vendors
- Testing of hardware & software and ensure correct configuration changes.
- To upgrade the IOS in different routers & switches with TFTP server.
SKILL:
Switches: Cisco (1900, 2900,3500 and 6500)
Routers: Cisco (1750, 1800, 2800, 3700,3800,7200 series)
Pix Firewall: PIX 501,506E,515E, ASA 5510,5520,5540,5580
Checkpoint: NG R65, R72, R75, R7, 2200 (SPLAT, IPSO and Gaia)
Protocols: RIP, IGRP, EIGRP, OSPF, BGP and IPSec
Load Balancers: Kemp, A10, F5 (LTM) 11.x IOS
Network Monitoring Tools: HP Open View. OP Manager & Remedy, viz, HP Open NMS Ticketing Tool
Security Monitoring Tools: Sentinel Check Point Provider (R65), Nessus, SQL, SCCM, palo alto, Port Security, Elk, Virtualization, Check Point Smart View Tracker Designing addressing scheme to customer specific LAN/WAN environment.
Firewalls: Checkpoint R21, R75, R77.20, Cisco ASA 8.2
PROFESSIONAL EXPERIENCE:
Confidential, Northlake, IL
Data Center Tech/Network Engineer
Responsibilities:
- Experience in Networking, Network Security, Administration, Design, Project Implementation, Handling Customer connectivity, Troubleshooting Network issues, ExtraHop, ALTRIA, Azure, SolarWinds, Adhering to Security Policy, SME, Adhering to the committed Service Metrics.
- Implementing changes on Checkpoint Firewalls R65, R70 and R75.
- Establishing Site to Site Tunnel from Checkpoint Firewall & Cisco Routers.
- Establish Site to Site Tunnel between Cisco routers.
- Troubleshooting client connectivity issues related to firewalls and routers
- Trouble shooting Site to Site VPN/direct/remote access connectivity issues with clients.
- Installation of new firewalls.
- Installing Updates / Hotfix for checkpoint firewalls.
- Monitoring health of firewalls.
- Configuring and Managing Firewall Clusters.
- Providing Level 3 support in handling Client Connectivity issues.
- Adhering to the committed SLA with Customers & OLA with internal Peer Groups.
- Designed and implementation for Cisco Catalyst and Nexus, ORACLE, Azure, Cisco ACI, ALTRIA,SCCM, ExtraHop, Port Security, Unix/Linux, WSUS,Cisco ASA,TLS, Identity Federation services, SME, Kafka, Palo Alto Firewall, Checkpoint
- Hands-on experience in Catalyst Switches C6500, C4000, SolarWinds, C3000, C2900, and Nexus 4k, 5k, 9k.
- Experience with Networking Software Systems IOS, WSUS, IOS XR, Nessus, IOS XE, Virtualization, VMARE, NX-OS and core technologies Cisco ACI, VxLAN, Azure, SCCM, SolarWinds, ALTRIA,SME, ExtraHop, ORACLE, Port Security, VMARE, FCoE, LISP, Tripwire,SSL, Clusters,Cisco ONE.
- VXLAN Implementation on Cisco Nexus 9000 Series Switches
- Preparing new connectivity proposals and implementing new connectivity.
- Preparation & Implementation of Network Proposals based on the Project needs.
- Coordination with various peer groups & customer for implementation of new connectivity.
- Working with Delivery team to prepare the Questionnaire related to Network Security & Client Connectivity.
- Participating in Conference calls with customers for issues related to client connectivity
- Performing Back-up/failover test for different connectivity models.
- Supporting L1 and L2 team for troubleshooting client connectivity issues.
- Other experiences.
- Windows server administration.
- Managing Active directory, DNS server, Virtualization, SolarWinds,Tripwire,ALTRIA,SME, Elk,DHCP server, palo alto, ExtraHop, Kafka, VMARE, Nessus, SSL,File server, SCCM, Cisco ACI, Print server, Web servers, and Database servers.
- Managing the network infrastructures, Clusters, switches and Routers, link and firewall for ODC's.
Confidential, Sterling, VA
Network and Security Associate
Responsibilities:
- Planning, Controlling Infra Management System of NOC.
- Monitoring and securing Global NOC of all branches of Franklin branches in entire world.
- Troubleshooting and new installation of Router, ORACLE, SolarWinds, SME, SCCM, ExtraHop, Switch & ASA Firewalls.
- Maintaining weekly report of Commissioned, Upgraded, Downgraded and Terminated leased lines.
- Responsible for Level 2 activities.
- Effective Security Monitoring requires knowledge of data classification, systems vulnerability to threat, intent of threat, user authorization, existing security exception, policy, function of sensor.
- Design, Implement and Troubleshoot Highly Available and redundant topologies vPC, ALTRIA, SME, palo alto, WSUS,fabric path, STP, VXLAN, OTV, EVPN, PTP, NTP, DNS, DHCP, VLAN.
- Troubleshooted and configured VLAN, VTP, ORACLE, Azure, ALTRIA, Cisco ACI,, SCCM, nessus, ELK, Port Security, Virtualization, dot1Q, Clusters, Unix/Linux, LACP, VMARE, PVST+/RPVST+/MST, SSL, SME, SPAN, RSPAN,
- Deployed and Troubleshoot Complex Layer 3 Technologies, ExtraHop, Port Security, Azure, OSPF, ISIS, BGP, IBGP, PBR, BFD, OTV, Kafka, LISP, PIM, IGMP, RP, BSR, ACL's, DAI, IP source guard, Netflow
- Deployed OSPFv2 and OSPFv3 for IPv4 address-family, IPv6 address-family for large-scale data center
- Monitor Sentinel Console for unusual traffic and Understanding of Suspicious Vs Malicious Events. Configured and troubleshoot IPv4, Static NAT, dynamic NAT, SME,SCCM, Azure, SolarWinds,Tripwire,policy-based NAT, PAT, NAT ALG consolidate Unix/Linux systems into minimal hardware to reduce maintenance and cooling costs. Manage the incidents, Requests, Tasks, IT assets and Configuration Items using JIRA.
- Experience with 802.11a/g/n/ac Cisco WLC,nessus, Azure, Cisco ACI, Clusters, Port Security, CAPWAP, Unix/Linux, LWAPP, Cat3, be able to use tools such as Cisco Prime Infrastructure, Air Magnet suite to design and support WLANS.
- Experience with L2/L3 and wireless security features including Access-lists, WPA/WPA2,Elk, VMARE, Kafka, CCKM, TLSDSSL,,AES-CCMP, CCKM, 802.1X/EAP, PEAP, Cisco ACI, SME, SolarWinds, RADIUS and TACACS.
- Hands-on experience and well versed in utilizing networking tools and applications, such as Cisco Works, SolarWinds.
- Troubleshoot Network monitoring SNMP traps, NetFlow and MPLS OAM and Ethernet OAM
- Responsible for Cisco ASA, Palo Alto Firewall and Checkpoint firewall administration across our networks.
- Configured HA features on Cisco ASA and Cisco Firepower Threat Defense (FTD)
- Proper utilization of the core functionalities and utilities of Sentinel console to detect threats. This is ensured by use of appropriate active views (e.g.; Black list IP addresses) to for quick detection and response.
- Implement Network Security policies such as URL Filtering, Counters and Logs.
- Design and maintain Firewall and VPN infrastructure.
- Implementation of Network Address Translation (NAT), SCCM, Azure,Tripwire,VMARE, palo alto, ORACLE, Virtualization, Port Address Translation (PAT) using NAT Src, NAT-Dst, Elk, Port Security, MIP and VIP.
Environment: Cisco firewalls PIX (515E / 525), ASA ( 20), Switches like 6513, 6509, 3700, 3750, 3560E, Routers like 1800,3800, 7200 Series Checkpoint Firewalls R75 (SPLAT), Azure, Unix/Linux, SME, HP Open NMS, Sentinel are monitoring tools and Infra is ticketing Tool.
Confidential
Security Engineer
Responsibilities:
- Installing and Configuring of Cisco Routers (1800, 2800, 3800, 7200.) using RIP, EIGRP, and knowledge on OSPF.
- VPN establishment using IPSEC, GRE tunnels in Cisco routers.
- HSRP, VRRP implementation on routers.
- Troubleshooting of Enterprise application response problems & connectivity issues.
- Installing and configuring of Cisco L2 & L3 Switches (2900, 3560, and 3750).
- Configuring STP, VLAN, SCCM, TLS,nessuis, Azure, Cisco ACI, VMARE, ORACLE, SolarWinds, WSUS, palo alto, Elk,Unix/Linux, VTP and troubleshooting.
- Inter VLAN routing and per VLAN for block, architecture to reduce broadcast affects.
- Installing & configuring firewalls like ASA, Cisco Pix, ExtraHop, Port Security, Clusters and Check point.
- Troubleshoot and repair of network outages using Fluke Opti view, Sniffer, Telnet, SSH,SSL, ping, traceroute.
- Acted as the liaison between the customer and Tier3 UNIX Support to schedule system downtime for HP boxes that require hardware repair
- Coordination and migration of approximately 700 servers and applications to new network infrastructure
- Assisting in Network Security issues relating to Internet or network hacking and misuse
- Experience with Cisco ASA firewall Cisco security Manager (CSM) and migration from Cisco to Palo Alto
- Verifying & configuring the rule-sets on firewalls. (Firewall Change Request processing).
- Cisco ASA Firewall with Firepower Installation, Tripwire, Azure, SME, SolarWinds, SCCM, Extrahop, Virtualization, Firepower Management Center, AMP and IPS with FMC
- Verifying & Configuring the Rules in firewalls. (Firewall Change Request processing.
- Configuring Network Address Translation (NAT) according to the connectivity requirements.
- Upgrading the Firewall Versions to the Latest versions / IOS.
- Troubleshooting problems related to WAN and firewalls, Clusters Different desktop VPN connectivity issues.
- Installing and configuring of check point firewalls and pushing the policies.
Environment: Cisco firewalls PIX (515E / 525), ASA ( 20), ExtraHop, Azure, SolarWinds, Cisco ACI, SCCM, ORACLE, WSUS, Switches like 6513, 6509, 3700, 3750, 3560E, Routers like 1800, 3800, 7206 Cisco Secure ACS (AAA server), Elk,Unix/Linux, Tripwire, Open NMS, MRTG, monitoring tool and Remedy & AOTS ticketing Tool.
Confidential
Network Engineer
Responsibilities:
- Provided Technical support in terms of upgrading, improving and expanding the network.
- Providingtechnicalproposals, detailed RFP responses, and presentation, installing and configuring ASA firewalls, VPN networks and redesigning customerarchitectures.
- Maintain effective communications with vendors, peers and clients in resolution of trouble-tickets, equipment.
- Troubleshoot Hardware, Cisco IOS, and install/configure Cisco routers and switches.
- Manage and coordinate all infrastructures related to moves,adds, and changes.
- Configuring ACL to allow only authorized users to access the servers.
- Participated in on call support in troubleshooting the configuration and installation issues.
- Installation, Maintenance, Troubleshooting Local and Wide Areas Network by usingISDN, VMARE, Clusters,Frame relay, Kafka, DDR, NAT, ExtraHop, SolarWinds, Cisco ACI, Azure, SCCM, DHCP, Port Security, Virtualization, WSUS,Unix/Linux and TCP/IP.
- Provided 1st level UNIX support to the design community and PC support to the corporate community
- Provided licenses in the UNIX environment to Rational Rose users
- Used DHCP to automatically assign reusable IP addresses to DHCP clients
- Taking network devices backup & restoring when required
- Troubleshooting LAN and Cabling. Installing Network printers
- Troubleshooting the latency issues in the WAN network.
- Providing 24x7 technical supports to complete team. Management of NetOps server for providing uninterrupted services to customers.
- Configured SNMP on all the network devices and added them to SolarWinds for
- Web ServersLoad Balancing with F5 BIG-IP.
- Implement and maintain Local/Wide Area Network over 13 branches.
- Configured RIP, OSPF and Static routing on Juniper M and MX series Routers.
- Worked in Configuration and extension of VLAN from one network segment to other segment between different vendor switches (Cisco, Juniper).
- Design and implement Catalyst/ASA Firewall Service Module for various LAN’s.
- Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP.
- Configured Client VPN technologies including Cisco’s VPN client via IPSEC.
- Configure switch VLANs and inter-switch communication. Build and setup network Laboratory.
- Actively involved in troubleshooting on network problems with Wire shark, identifying and fixing problems.
Confidential
Network Engineer
Responsibilities:
- Worked primarily as a part of the security team and daily tasks included firewall rule analysis, rule modification and administration
- Remediation of firewall rules from checkpoint firewalls to Cisco ASA firewalls, installing and configuring new juniper EX, MX, Unix/Linux, SRX (Next-Generation Firewall) series firewalls to meet day to day work.
- Adding and removing checkpoint firewall policies based on the requirements of various project requirements.
- Also involved in Configuration of Nexus 7010 including NX-OS Virtual Port Channels, Nexus port profiles, Nexus Version 4.2 and 5.0, Nexus VPC peer links.
- 5. Worked on load balancers like F5 10050s, 10250v, GTM 2000s, 2200s to troubleshoot and monitor DNS issues and traffic related to DNS and avoid DDoS.
- Deployment of Palo Alto firewall into the network. Configured and wrote Access-list policies on protocol-based services.
- Extensive experience in configuring and implementing OSPF and BGP.
- Supported core network consisting of Cisco 7200 series routers running multi area OSPF.
- Configuration of EIGRP and OSPF as interior gateway protocol with route filtering and route redistribution, installed and maintained Cisco 3600, 2600 and 7200 backbone routes with HSRP
- Implement Cisco Secure Access Control Server (ACS 3.0) for TACACS+/ RADIUS
- Implementation of TCP/ IP and related Services-DHCP/ DNS/ WINS
- Maintain and configure Cisco ACS devices to support AAA security for both external remote access and internal wireless connectivity.
- Maintained and provided support for LAN/WAN infrastructure as needed. This included working on specific hardware such as switches, routers, PIX, wireless APs, ExtraHop, SolarWinds, SCCM, VPN Concentrators, frame relay, ORACLE, Elk,IPsec VPN and other entities.
- User admin on the firewalls, adding and deleting users as they come and go.
- Installed and configured workstations for IP based LAN.
- Installed and configured DHCP Client/Server.