PROFILE:

• 7+ year of professional experience in routing, switching, Wireless, firewall technologies, implementation and troubleshooting of complex network systems
• Strong knowledge in HSRP, VRRP redundancy protocols
• Experienced in working with CiscoNX - OSand IOS.
• Strong production experience in managing F5 BIG-IP APM and LTM.
• Experience with the escalation problems for Routing, Switching and WAN connectivity issues using ticketing system remedy.
• Managed the security infrastructure of the service provider which includes ASA 5585, 5540, 5520, 5505.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls.
• Cisco ASA Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Experience in layer-3 Routing and layer-2 Switching. Dealt with Nexus models like 9K,7K, 5K, 2K series, Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3750, 3500, 2900 series switches.
• Configure IP-SEC VPN, and SSL-VPN (Mobile Access) on Check Point Gaia based on user traffics that needs to be encrypted usingCheckpoint.
• Experience in reviewing and re of rule sets and involved in creation, validation and maintenance of enterprise check point (R77.30) firewall policies.
• Used load balance applications based on F5 LTM 5250v.
• Possess knowledge/ability to map key data points into ACL or SQL scripts
• Expert level Knowledge on working withWirelessLAN Controller's, Cisco Meraki, Cisco NCS, Cisco AP's, LWAPS, Standalone AP's and Mesh AP's.
• Hands on Experience in Cisco Wireless Controllers 5508,CiscoMerakiAppliance MX (400, 80, 60) andMerakiwireless Access points (MR66, MR18),CiscoMerakiAP's and Aruba Access points IAP-92, IAP-93.
• Experience in reviewing and re of rule sets and involved in creation, validation and maintenance of enterprise check point (R77.30) firewall policies.
• Product knowledge of Cisco Meraki cloud product line up, complete edge and branch portfolio includes wireless.
• Network Access Controls on L2 devices using Identity Service Engine (ISE).
• Migration of ACS product line onto ISE.
• Supported InfoBlox appliances grid environment for DNS, DHCP and IP Address Management tools (IPv4)
• MonitoringCheckpointFirewall traffic through Smart Dashboard and Smart View Tracker applications.
• Experienced in Migration fromCheckpointand Cisco ASA Firewalls to Palo Alto.
• Experience in layer-3 Routing and layer-2 Switching. Dealt with Nexus models like 9K,7K, 5K, 2K series, Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3750, 3500, 2900 series switches and Aruba Wireless Controllers.
• Troubleshot Aruba Wireless networking issues, configured whitelist, and AP meshing.
• Working configuration of new VLANs and extension of existing VLANs on/to the necessary equipment to have connectivity between two different data centers.
• Manage administration ofJuniperFirewall, connecting offices worldwide through VPN tunnels to two HAJuniperSSG520's. The VPN provides 24/7/365 connectivity for corporate needs of all remote offices.
• Well experienced in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP, HDLC, PAP, CHAP, and SNMP.
• Transport Technologies - VRF, VRF-Lite, MPLS.
• Deployed Cisco FireSight,ISEusing authority signed certs with pxGrid remediation module
• Proven experience in deploying, configuring, and troubleshooting network security solutions and related tools, including L2/L3 devices, Cisco ACS, CiscoISE, Cisco ASA, 802.1x, WLC and VPN deployment strategies
• Configured CiscoQOSfeatures like Classification, Congestion Management, Policing and Shaping.
• Hands on Knowledge/experience on F5 load balancers, its methods, implementation and troubleshooting on LTMs and GTMs.
• Working experience withLoadBalancersF5 LTM like 3900, 6900, 4200V over various environments
• Hands on experience in configuring Cisco Catalyst 2960,3750, 4500, 6500 and Nexus 3000, 5000, 6000, 7000 series switches and Cisco 2600, 2800, 3600 series routers, Load Balancers & Cisco Firewalls.
• Working knowledge in BGP, OSPF, EIGRP, RIP, IS-IS, HSRP, L2/3 VPNs inIOS,IOSXE, andIOSXR platforms.
• Worked extensively on Juniper MX series Router and EX series Switches
• Good understanding of NAT & Firewall on Aruba Controllers
• Excellent leadership with good written and oral communication
• Hands-on experience with Cisco Nexus 7000, Nexus 5000 and Nexus 2000 platforms
• Expert in administration of F5 Load Balancer

TECHNICAL SKILLS:

Operating Systems: Cisco IOS, Windows NT 4.0 (Desktop/Server), Windows 2000/2003/2008 Server, Windows XP/Windows 7/8, LINUX, UNIX, MS Exchange server, Solaris, Active Directory.

Equipments (Switches&Routers): Cisco routers (7600, 7200, 3900, 3600, 2800, 2600,2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series, juniper SRX, MX, EX Series Routers and Switches.

Routing: OSPF, EIGRP, BGP, RIP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static Routing.

Switching: VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing &Multi-Layer Switching, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging.

Firewalls: ASA 5500 series, checkpoint, Juniper Netscreen Firewall ISG100, 2000, SSG, SRX.

Load Balancer: ACE Module, GSS & F5 LTM

LAN Technology: Workgroup, Domain, HSRP, DNS, DHCP, Static, VLAN, STP, VTP, Ether Channel, Trunks.

WAN technology: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET.

Various Features &Services: HSRP, VRRP, GLBP, NAT, SNMP, SYSLOG, NTP, ACL, CDP, DNS, TFTP, FTP, IOS and Features, InfoBlox, Mereaki Aruba, Management. Wireshark, IXIA chariot, Packet Sniffer, Packet Analyzer and Solar Winds Breaking Point, TCPDump, Python.

Wireless & Wi-Fi: Canopy Wireless Device (point to point/point to multipoint), DLink Wireless (point to point), DLink Access Point, CISCO 1200 series Access Point, and Linksys Wireless/Wi-Fi Router.

PROFESSIONAL EXPERIENCE:

Confidential, CA

Sr. Network Engineer

Responsibilities:

• Designing and deploying various network security & High availability products like Cisco ASA and Checkpoint Firewall products
• Monitor and Manage Network activities from Network Management tool HPOpen view.
• Designed, implemented and maintained WAN technologies like DWDM, MPLS, VPLS and tunneling technologies like L2VPN, Psuedowire, IPSec, SSL, AnyConnect.
• SupportCUCMand Unity in a multisite WAN environment.
• Deployment and integration of Unified Communications includingCUCM, Cisco Unity Connection, Presence and Cisco Jabber via Cisco Expressway Gateways.
• Hands on in deployment of GRE tunneling, SSL, Site-Site IPSEC VPN andDMVPN.
• SetupWirelessNetwork includingCiscoWirelessLAN Controller (4402, 5508),CiscoAIR-LAP1242G,CiscoPrime
• Installation and maintenance ofCiscoMerakiZ1, DLP andCisco Layer 3 switches3750, 4500X 6500inmulti VLANenvironment.
• Implemented enterprise-grade wireless and wired network for different regions of NYSDOT using Cisco Merakicloud-controlled devices
• Installed and configuredCiscoMeraki(MX80, MX60) Appliance viaCiscoMerakiMX400 Cloud
• Allocation and designing appropriate virtual IP for F5 ADC through IPAM InfoBlox
• Troubleshooting issues specific to DNS, DHCP, IPAM, TFTP, FTP, HTTP, Anycast DNS, VRRP, and maintenance of InfoBlox Grid.
• Juniper ContrailSDNCloud Computing Open Networking Openflow/ODL
• Configured Cisco ASA 5510 for VPN Network Access Control integration with CiscoISE(Inline PEPs).
• Extensive work with IPv4 andIPv6protocols (configuration, BGP sessions announcements, assignment to clients and more)
• Integration ofOpen Contrailwith OpenStack.
• Good exposure of troubleshooting inOpen Contrail.
• Integration ofOpen ContrailController with OpenStack Controller andOpen Contrailv Router with Compute Node
• Possess ability to develop technical working knowledge of data analysis tools including ACL, Excel, Access and SQL
• Worked extensively on policy design and implementation forISEsolution various Network
• Configured Cisco ASA 5510 for VPN Network Access Control integration with CiscoISE(Inline PEPs). implemented and supported Cisco PIX, Cisco ASA, Cisco ACS/ISEwith AD/LDAP
• Performed Network Address Translation on Cisco ASA 8.2 and 8.3
• Responsible for Cisco ASA firewall administration across the network.
• Experience configuring Virtual Device Context in Nexus 7010.
• Implemented firewall rules in Palo Alto firewalls using Panorama for one of the environment.
• Deploying the policies on firewall using the Checkpoint’s Smart Console Manager and Smart Dashboard.
• Monitoring and troubleshooting traffic on Palo Alto 5020 firewall.
• Designation and Implementation of Aruba Wireless solution including Aruba S3500 mobility switch.
• Deploy 802.1x authentication (both Wireless and Wired network) for office users using Aruba Clear pass access management system
• Troubleshoot the FW related issues by using the Checkpoint’s client software SmartLog & Smartview Tracker.
• Experience with F5 load balancers and Cisco load balancers (CSM, ACE and GSS).
• 24x7 on-call escalation support as part of the security operations team.
• Experience with migrating the partner IPSEC VPN tunnels from one datacenter to another datacenter
• Perform automate network management tasks, real-time bandwidth monitor, TFTP &SFTP/SCP servers, Netflow analysis, IP address tracking and configuration network functions.
• Management of applicationloadbalancing using Citrix NetScalerloadbalancer.
• Configuring & managing around 500+ Network &Security Devices that includesJuniperSRX Firewalls, F5 BigIP Load balancers and Nexus Devices.
• Implementation of Site-to-Site VPNs andDMVPNover the internet using IKE Phase 1 and IKE Phase 2 based on traffic with ASA 5500 series Firewalls.
• Designing, Provisioning and Installation of the customer sites in IPSA for MPLS Backbone.
• Experience with convertCheckpointVPN rules over to the Cisco ASA solution
• Implementing and configuring F5 LTM's for VIP's and Virtual servers as per application and business requirements.
• DidJUNOSand NAT migrations on Juniper SRX firewalls
• Implementation and testing of ISDN BRI/PRI circuits
• Configure Intrusion Detection and Prevention onJuniperSRX firewalls.
• Working with application teams to Deploy services by adding them intoloadbalancer.
• Set up DNS Reverse Delegation according to RIPE rules in RIPE Database
• Migrating of existing IPSEC VPN tunnels from Pre-Shared key to Authority for purpose of scaling.

Confidential, Norman, OK

Network Security Engineer

Responsibilities:

• Design and configuring of OSPF, BGP onJuniperRouters (MX960, MX480) andSRXFirewalls (SRX240, SRX550).
• Installing new equipment to RADIUS and worked with MPLS-VPN and TACACS configurations
• Installation and management of overall administration of LAN, WAN, systems involving design of network layouts, configuration and maintenance, Commissioning Routers & Switches, firewalls, IPS and ensuring maximum uptime during site deployment toVoIP.
• Troubleshooting and installing of CRS, ISR, GSR, ASR9000, and Nexus devices.
• Experience working withNexus7K, 5K,2Kdevices.
• Troubleshoot and Worked with Security issues related to Cisco ASA/PIX, Checkpoint, IDS/IPS and PaloAltofirewalls.
• Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches
• Implemented 802.1X port Authentication Solution using Cisco ISE and Microsoft Active Directory.
• Responsible for service request tickets generated by the helpdesk such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support
• Troubleshoot connectivity issues involving VLAN's, OSPF, andQoS
• Experience withQAMethodology andQAValidations to ensure the Quality Assurance Control and identifying the Test Requirements based on User Requirements and Design Specifications
• Implemented security policies using ACL, Firewall, IPSEC, SSL,VPN, IPS/IDS, AAA (TACACS+ & RADIUS)
• Working experience with Load Balancers F5 LTM like 3900, 6900, 4200V over various environments.
• Installation and configuration of Citrix NetScaler MPX 8200.
• Designing, configuring and troubleshooting ASA failover for the customer network.
• Enabled STP attack mitigation (BPDU Guard, Root Guard), disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed
• Checking and configuring Cisco 7600 and 7200 routers at data center for remote sites’ issues.
• Working on Cisco 6509 and 4507 series switches for LAN requirements that include Upgraded and updated Cisco IOS from 12.3T to 12.4. Used to DHCP to automatically assign reusable IP addresses to DHCP clients.
• Provided firewall policy configuration and services withJuniperSRX 240 & 650 series.
• Hosted weekly RTB status meeting with support technical teams to identify root cause of existing issues and determine resolution.
• Administered and managed Cisco routers, switches, ASA appliances and F5loadbalancers.
• Configure and investigate Juniper EX arrangement routers and switches.
• Configuring Site to Site to VPN integration.
• Experience working with Arista 7050s, 7150s in data center.

Confidential, VA

Network Admin

Responsibilities:

• Experience in working with Nexus 7010, 5548, 2148, 2248 devices
• Configured Policies onJuniperNetscreen andSRXfirewalls and Palo Alto as well.
• Installed high availability Big IP F5 LTM and GTMloadbalancersto provide uninterrupted service to customers. troubleshooting of Cisco, Juniper and Arista equipment
• Regularly performed firewall audits aroundCheckpointFirewall-1 solutions for customers.
• Planning and Implementing New Infrastructure in the Data Center.
• Involved in migrating Cisco ACE load balancers to F5 load balancers.
• Upgrading and investigating Cisco IOS to the Cisco router and switches.
• Worked on updating the SSL s to the application URL using the F5 LTM and F5 GTM.
• Proficient hands on experience in configuring Cisco Catalyst 2900,2960, 3560, 3750, 4500, 4900, 6500series and Nexus 2248, 5548 and 7010 switches.
• Create, document, and organize system configuration and cabling of datacenter infrastructure for Palo Alto Firewalls to support internet tools and tenant networks.
• Configured Cisco ACS 5.x for user authentication with External Database as Active Directory.
• Implemented End to End Quality of Service though out the network infrastructure and was responsible for policy routing.
• Worked on Juniper J series j2330, M320 routers and EX 3200 switches
• Configuring ISIS in L3 switches to support MPLS configuring & management of VLANS, 802.1q trunks, VTP, security policies
• Involved in configuring IP Quality of Service(QoS)

Confidential

Network Engineer

Responsibilities:

• Worked on commissioning the STM 4 links on GSR Router 12404 and 12406
• Design and execution of installation and configuration of VPN/IVPN, LAN/WAN as per organizational requirements.
• Performed switching technology administration including VLANs, inter-VLAN routing, Trunking, STP, RSTP, port aggregation & link negotiation.
• Responsibilities also include technical documentation of all upgrades done
• Maintaining Core Switches, creating VLANs and configuring VTP.
• Optimized performance of the WAN network consisting of Cisco 3550/4500/6500 switches by configuring VLANs.
• Work on different networking concepts and routing protocols like BGP, EIGRP, OSPF and other LAN/WAN technologies.
• Checkpoint Level3 operations support with hardware operations - fixed all problems & RMA’s, taking any escalations that dealt with the equipment and its connection: interfaces,VLAN’s, routes, etc.
• Installed and managed multiple instances of a Routing table usingVRFandVRFLite.
• Installation and Configuration of Cisco Wireless LAN Controllers on Branch ISR G2 Service Ready Engines (SRE) and Virtual Wireless LAN Controllers for Central Office Infrastructure.
• Developed an addressing scheme and deployed these subnets across two carriers/routers usingBGPv6
• Implemented and configured BGP,BGPv6, using policy route-maps, prefix list to regulate advertise routes from specified Autonomous Systems. Verified BGP neighbor establishment and prefix received and converged with transit providers
• Configuring Site-SiteVPNon Checkpoint Firewall with R77 GAIA
• Specializing in voice and datanetworkadministration and troubleshooting. Experienced problem solver competent in customer service and team management.
• Support remote office WAN, PFR & DMVPN technologies

Confidential

Network Support Engineer

Responsibilities:

• Configured static NAT, dynamic NAT, dynamic NAT overloading.
• Back up a Cisco IOS to a TFTP server and Upgraded and restored a Cisco IOS from TFTP server.
• In-depth expertise in the implementation, optimization, troubleshooting and documentation of LAN/WAN networking systems.
• Migration of RIP V2 to OSPF, BGP routing protocols.
• Implemented ISL and 802.1Q for communicating through VTP.
• IOS Upgrades from 7.x to 8.x as well as backup and recovery of configurations.
• Involved in F5 BIG IP LTM administration, familiar with enterprise level traffic managers like 6800, 3600, 1600,3400 series
• Involved in updating the VIP’s for pools and pool members, updating iRules for the URL created in the new DNS entry
• Working with Client teams to find out requirements for their Network Requirements.
• Network Cabling, dressing, labeling and troubleshooting various network drops onsite.
• Troubleshoot of Leased Lines like STM4, DS3, E1 Links, Metro, NLD ILD Services and RF links
• Responsible for Capacity planning, Contingency planning & disaster recovery
• Troubleshooting on the devices by remote login to determine the RFO (Reason for outage) and RCA (Root cause analysis) to minimize the consequences of malfunctions.
• Equipment Installation /Removal in the NOC.
• Experienced in Planning and Organizing Change Managements.