SUMMARY

• Network Engineer & Security Analystwith 7 years of working experience in Network Infrastructure, Security which includes designing, deployment and providing network support, installation and analysis for a broad range ofLAN/WANprotocols,routing,switching,configuring, implementation, troubleshooting of complex networking system.
• Working experiences withRouters,Switches,Load Balancers, Firewalls and Proxies.
• Excellent hands on experience in configuringCiscoNexus2248T, 2224T, 5548P, 5596T, 6000, 7010, 7018, 7710switches.Also implementedVDCandVPCon the Nexus5505,7010, 7710switches.
• Hands on experience in performing various configurations on Access, Distribution and Core layerswitcheslikeCiscoCatalyst2960,3750,4507,4010,6506,6509switches.
• Hands - on experience in implementing and troubleshootingSwitchtechnologies such asSTP, VTP, 802.1q,VLANand MPLS.
• Experienced in configuring, deploying, maintaining, and troubleshooting ofroutingprotocols likeRIP,OSPF,EIGRPandBGPonCisco1800, 2600, 3600, 7200and7600routers.And also performed Policy basedrouting.
• Proficient in configuring and troubleshootingrouteRe-distributionbetweenStatic, RIP, EIGRP,OSPF,andBGPprotocols and also inRouteManipulation.
• Expert level knowledge onIP Addressing, Subnetting, VLSM, OSI model,TCP/IPmodel.
• Using IP Address Manager (IPAM) provides a centralized management of the IP address space, including IPv4 andIPv6Address Management.
• Experience in migratingCheck point to theCiscoASA Devices. Also migrating fromCiscoto Palo Alto.
• Strong hands-on experience onCiscoCatalyst (series 3850, 3560, 4500, 6500),CiscoNexus(series 2K, 5K, 7K),CiscoRouters(series 7300, 4000, 3800,ASR9000),Firepower(4100),Load Balancers(citrix NetScaler,CiscoACE,F5 BIG-IPLTM/GTM ADC), IDS/IPS (HIDS, NIDS, NIPS, HIPS), Fire eye, Splunk,Palo AltoNetworks Firewalls (PA-820, series PA-3K, 5K),CheckpointIP Appliances (NXG R60, R70, 3100, 5900).
• Good knowledge in configuring and troubleshooting Exterior Gateway protocols such asBGPv4including internalBGP(iBGP)and externalBGP(eBGP).
• Extensive knowledge ofWANtechnologiessuch as T1, T3, DS3, OCx, SDH, SONET, LTE, Fiber,andFrameRelay, Firewalls,Switches,Routers,load balancers,VoIPand wireless technologies of different vendors.
• Configuring and troubleshooting Layer 3 Interior GatewayRoutingprotocols such as Link-Stateroutingprotocols(OSPFandIS-IS) and Distance Vectorroutingprotocols (RIPv1, RIPv2,andEIGRP).Wide exposure toLAN/WANsetup, installation, configuration and commissioning of network device.

TECHNICAL SKILLS

CiscoSwitches: Nexus 7K, 5K, 2K & 1K,Ciscorouters(7200, 3800, 3600, 2800, 2600, 2500, 1800 series) &CiscoCatalystswitches(6500, 4900, 3750, 3500, 2900series).

Routers: Cisco2600, 2900, 3600, 3900, 7200 and 7600 series

Infrastructureservices: DHCP,DNS, SMTP, FTP, TFTP

LANtechnologies: Ethernet,FastEthernet,GigabitEthernet,& 10 GigabitEthernet,Port- Channel,VLANS, VTP, STP, RSTP, 802.1Q, SVI

RoutingProtocols: RIP, IGRP, EIGRP,OSPF,BGP,HSRP, VRRP, & GLBP.

WANtechnologies: Frame Relay, ATM, MPLS, leased lines &exposure to PPP,T1 /T3 & SONET.

Firewall Technologies: CiscoASA 5580 series,PANOOS 2020,JuniperSRX,Palo Alto,Checkpoint.

Network Security: NAT/PAT,Ingress & Egress Firewall Design,VPNConfiguration, Internet Content Filtering, Load Balancing, IDS/IPS,SSL, IPSEC, IKE, Static, Dynamic, Reflexive ACL, and authentication AAA (TACACS+ &RADIUS)

Network Management: SNMP & knowledge onCiscoWorks,Ethereal.

Platforms: CiscoIOS (11.x, 12.x), LINUX,Nexus OS,Windows XP.

Documentation: MS Office, MS Visio

Load-Balancer Technologies: F5 BIG-IP LTM.

PROFESSIONAL EXPERIENCE

Confidential, Piscataway, NJ

Network Security Engineer

Responsibilities:

• Experience with high endCiscorouters,Aristaswitches,HP/Arubaswitches,Aruba wireless controllers and access points, Solar Winds, Intermapper, Wireshark, NetBrain and ServiceNow
• Experience with high endCiscorouters,Aristaswitches,HP/Arubaswitches,Aruba wireless controllers and access points, Solar Winds, Intermapper, Wireshark, NetBrain and ServiceNow
• Successfully installed Palo Alto PA-3000/PA-5000 firewalls to protect Data Center and provided L3 support forrouters/switches/firewalls.
• Configured and maintained IPSEC and SSLVPN's on Palo Alto Firewalls and also implemented Zone-Based Firewall and Security Rules on the Palo Alto Firewall
• Configuration and Maintenance ofCiscoASA 5580-20, ASA 5540, ASA 5520, ASA 5510 series firewalls.
• Experience withCisco,SonicWALL,WatchGuardand Fortinet firewalls
• Hands on Experience withCiscoWireless Controllers 5500's and 2500's and coming to access points, worked on 3700's, 3500's and 1142 access points.
• Configured and installedCiscorouters2500, 2600, 3601 and 4000 series. 2950Switches& Link sys wireless access points.
• Provided tier 3 support forCheckpointandCiscoASA Firewalls to support customers, Backup and restore of Checkpoint andCiscoASA Firewall policies.
• Knowledge ofCiscoASA firewall,VPN,GRE over IPSec tunnel configuration andRoute-maps.
• Extensive knowledge of and experience configuring and troubleshooting layer 3routingprotocols (EIGRP,OSPF,RIP,BGP)and High Availability onCiscodevices.
• Configuring and troubleshooting site-to-site IPSECVPNtunnels usingCiscoASA 5540 for third-party connectivity.
• Installed and configured a variety ofCiscodevices likeCiscoRouters(1841, 1900, 2600, 2800, 3800, ASRs and more),Ciscoswitches(3560, 3750, 4507 catalyst, 6500catalystSwitchand more) and Nexus 7000 series, Nexus 5000 series, Nexus 2K Fabric Extenders and F5 appliances.
• Applied knowledge ofEthernetswitchandrouterconfiguration to configuration/design MPLS connections.
• Understanding of Layer2/3VPN's, MPLS, MetroEthernetandLANswitching.

Environment: CiscoASA5580/5540/5520, CheckpointR70, R75, R77.20 Gaia, Palo AltoPA-5000/3000, Big IP F5 LTM/GTM, Nexusswitches,TCP/IP,VPN,Bluecoat Proxy servers, IDS/IPS. SIEM and Monitoring, Service Now

Confidential, Wayne,Pennsylvania

Network Engineer

Responsibilities:

• Worked on2600, 3500, 7613CiscoRoutersand4500and6500 seriesCiscoSwitches.
• Performed VSS onciscocatalyst 6500 seriesswitchesand experience with VMware virtualization, fortinetFirewall,CiscoUCS. Experienced inVMWareESX/ESXiservers.
• Configured and managedCiscoaccess layerroutersandswitches& carriedoutrouteredistribution & manipulatedrouteupdates usingdistribute lists,route-maps & administrative distance, and offset-lists.
• Worked on upgradingCiscoISE 3300 Appliances and 1.0.4CiscoISE software onVMware's.
• Experience in troubleshooting NAT configurations, Access - Lists (ACL) andDNS/DHCPrelated issues within theLANnetwork.
• Experrience with troubleshooting, configuring and applying hotfixes on Palo Alto Firewall.
• Tested variousBGPattributeslike local preference, MED, Weight and replicated customer issues in the testing environment lab.
• Experience in designing and deployingAWSSolutions using EC2, S3, EBS, Elastic Load balancer (ELB), auto scaling groups.
• Designed sites to have just MPLS or just Internet whereDMVPNis established.Cradlepointsare designed to work alongside MPLS or Internet connections to provide offload.
• Worked on configuring L3VPN’s in an MPLS environment.
• Experienced inF5LTM and GTM series 6400, 6800, 8800, 7250 (VIPRION) for corporate applications and their availability.
• CreatedSDNroutersand subnets among the projects and designedWANstructureto prevent single point of failure in case of link failure.
• ConfiguredPVSTP+for loop prevention andVTP for Inter-VLANRouting.
• Configured of ACL's inCisco5550ASAfirewall for internet Access requests for servers, Protocol Handling, Object Grouping and NAT. Experienced in implementing and configuring Fortinet Firewall FortiGate 600, 800 series.
• Implemented port aggregation & link negotiation usingLACPandPAGP.
• Involved in design, implementation and configuration ofHSRPfor load balancing on L3switcheson different location of office on theswitchednetwork.
• Design roles and groups for users and resources usingAWSIdentity Access Management (IAM) and also managed network security using Security Groups, and IAM.
• Configured and deployedBIG-IP LTM 6900for providing application redundancy and load balancing.
• Worked onF5BIG-IP LTM 8900, configured profiles, provided and ensured high availability
• Experience in troubleshooting Palo Alto firewall configurations remotely supporting allMicrosoft managed firewall solutions East-Coast, West-Coast, UK and Customer remotelymanaged Firewalls).
• Develop, implement and update Palo Alto security principles supporting customermigrations, configurations and implementations.
• Installed and implemented & troubleshoot the Network Virtualization throughVMWareand NSX
• Experience in testing different platforms on different IOS codes and configured ClientVPNtechnologies includingCisco’sVPNclient via IPSEC.
• Configuringswitchfor802.1xport based authentication and troubleshot issues and outageson Trunks andRouterinterfaces and firewalls extensively.
• Experience working with network monitoring applications. (Solarwinds).
• Involved in operations and administration ofWANconsistingEthernetHandoffs, T1, DS3, and OpticFiberHandoffs.
• Experience with SDN/NFV technologies including Open Stack Neutron,VMware, NSX, Open flow, Open daylight, Open vSwitch,Open Contrail, orCiscoACI.
• Provided technical assistanceforLAN/WANmanagement & troubleshooting and complex customer issues.
• UsedCiscoACI (Application Centric Infrastructure)SDNarchitecture to reduce operating costs, automate IT tasks, for greater scalability and visibility in a datacenterenvironment.
• Assisted Network Engineer in the installation and configuration of firewalls.

Environment: 2600,3500,7613CiscoRoutersand4500and6500seriesCiscoSwitches,cisco catalyst 6500 seriesswitches,F5LTM and GTM series 6400, 6800, 8800, 7250 (VIPRION),CiscoISE 3300

Confidential, Bridgewater, NJ

Network Support Engineer

Responsibilities:

• Troubleshoot User connectivity issues on Checkpoint andCiscoASA using CLI utilities.
• Packet capture on firewalls and analyzing the traffic using Wire shark utilities.
• Troubleshot Clustering issues on Check Point and Sync issues monitoring and fix.
• Upgrade of Checkpoint Gateways in Cluster with Minimal downtime.
• Vlandesign and implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to avoid loops in the network. Trunking and Port channels creation.
• Working withOSPFas internalroutingprotocol andBGPas exterior gatewayroutingprotocol.
• Configuring static NAT, dynamic NAT, Inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation onCiscoASA Firewalls.
• Knowledge and experience with F5 ASMModule
• Strong knowledge of F5 BIG-IP Load Balancing solutions including LTM, GTM, and ASM solutions
• Understandingof Coreroutingandswitchingdesign, configuration, and troubleshooting. Knowledge and experience withCiscoCatalyst and Nexusswitches,Ciscorouters.
• Experience in implementing and troubleshooting variousCiscoNexusswitches.
• Implemented Active/ Standby HA configuration onCiscoASA Firewalls.
• ConfiguringCiscoASA firewalls in Single and Multiple Context Mode firewalls.
• Upgrade ofCiscoASA Firewall in Active/Standby mode with no down time.
• Experience working with a variety of network monitoring tools such as: Solar winds NPM, SAM, NCM.
• ConfiguringVPNboth B2B and remote access SSL and centralized policy administration using FortiManager, building FortiGate High Availability using FortiGate Clustering Protocol (FGCP).
• Firewall Compliance and Rule remediation for compliance such as SAS 70 Audit.
• Firewall Policy Provisioning and troubleshoot connectivity issues through firewall.
• Performed penetration testing internally for our clients.
• Worked on F5 BIG-IP LTM 8900, configured profiles, provided and ensured high availability.
• Worked on F5 and CSM load balancers deploying many load balancing techniques with multiple components for efficient performance.
• Strong knowledge onF5 BIG-IP Load Balancing solutions includingF5 ASM, LTMandGTMsolutions
• I worked on Check Point SecurityGateways andCiscoASA Firewall and firewall Clustering and High Availability Services using Cluster XL on Check Point.
• Configuring and tweaking Core XL and Secure XL acceleration on Check Point gateways.
• LAN/WANlevel 3 support (diagnose and troubleshoot layer 1, 2, 3 problems)
• Deployed a Syslog server to allow proactive network monitoring.
• Implemented VLANS between different departments and connected them using trunk by keeping oneVLANunder server mode and rest falling under client modes.
• Configured Firewall logging, DMZs and related security policies and monitoring.
• Switchingrelated tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernetchannel betweenswitches.
• Documentation and Project Management along with drawing network diagrams using MSVISIO.

Environment: CISCOroutersandswitches,Access Control Server, RIP V2,OSPF,EIGRP,VLAN,Trunk Protocols,CISCOASA,DHCP,DNS, Spanning tree, Nimsoft,F5 BIGIP LTM, GTM, RIP,OSPF,BGP,EIGRP,LAN,WAN,VPN,HSRP.

Confidential

Jr. Network Engineer

Responsibilities:

• Worked on Configuration ofroutingprotocols onCiscorouters.Maintained Enterprise network from End to end.
• Worked onDHCP,DNS, IPAM, Cabling, Installation of access, distribution and Core layerswitchesandrouters.
• Configuring and troubleshooting multi-customer network environment.
• Involved in network monitoring, alarm notification,andacknowledgment.
• Implementing new/changing existing data networks for various projects as per the requirement.
• Troubleshooting complex networks layer 1, 2to layer 3(routingwith MPLS,BGP,EIGRP,OSPFprotocols) technical issues.
• Providing support to networks containing more than 2000Ciscodevices.
• Performing troubleshooting for IOS related bugs by analyzing past history and related notes.
• Carrying outthedocumentationfor tracking network issue symptoms andlarge-scaletechnical escalations.
• Managing the service request tickets within the phases of troubleshooting, maintenance, upgrades, fixes, patches and providingall-aroundtechnical support.
• Monitor the traffic of the network via NTA and IPAM
• Provided Technical Support to customers and partnerson Palo Altosecurity appliances
• Commissioning and Decommissioning of the MPLS circuits for various field offices.
• Preparing feasibility report for various upgrades and installations.
• Ensure Network, system and data availability and integrity through preventive maintenance and upgrade.
• Involved in L2/L3SwitchingTechnology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-VLANrouting,LANsecurity.
• Worked on the security levels with RADIUS, TACACS+.
• Completed service requests (i.e. - IP readdressing, bandwidth upgrades, IOS/platform upgrades, etc.)
• Identify, design and implement flexible, responsive, and secure technology services
• Modified internal infrastructure by addingswitchesto support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Configuredswitcheswith port security and 802.1 xs for enhancing customer’s security.
• Monitored network for optimum traffic distribution and load balancing using Solar winds.
• Validate existing infrastructure and recommend new network designs.
• Created scripts to monitor CPU/Memory on variouslow-endroutersin the network.
• Installed and maintained local printer as well as network printers.
• Handled installation of Windows NT Server and Windows NT Workstations.
• Handled Tech Support as it relates toLAN&WANsystems

Environment: Cisco2990/3550/6550switches,Cisco7200/3845/3600/2800routers,EIGRP, RIP,OSPF,BGP,VPN,EtherChannels, and Sniffer.