SUMMARY

• Over 7 years of experience as Network Engineer (Security) in testing, troubleshooting, designing, implementing, optimizing and maintaining enterprise data network and Service Provider systems.
• Installation from ground up, configuration, troubleshooting, upgrades and migrations on all Security Platforms.
• Extensively worked on TCP/IP networks, LAN/WAN Technology, messaging services and Internet Services (DNS, SMTP, POP3/IMAP4, Send mail, Web, Proxy, Radius).
• Expertise in design, configuring, supporting and administrating Data Centers, Cisco routers, switches, Nexus switches, Load balancers and F5 Suite, Firewalls, Proxy, VPN’s, IPsec, NAT.
• Experience working with high performance data center switches such as Nexus 7010, 7018, 5020, 2148, 2248 devices.
• Strong proficiency with administration and support including handling change requests, Tier 2 and 3 escalated tickets based on service level agreements (SLA) and documentation administration.
• Ensure optimal network performance by conducting performance monitoring by using SolarWinds NPM, Splunk. Perform network capacity analysis and planning.
• Hands on experience in installing, configuring and administration of Firewalls including Cisco ASA, Checkpoint, Palo Alto and Load Balancers like Big - IP F5 (LTM and GTM).
• Expert Knowledge of implementing and troubleshooting complex L2/L3 technologies such as VLAN Trunks, VTP Ether channel, STP (Spanning Tree), RSTP, MPLS and MST.
• Implemented and managed Network Automation and configuration using SolarWinds Installed and configured Cisco ACS for TACACS and RADIUS authentication.
• Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network.

TECHNICAL SKILLS

Firewalls & Load Balancers: F-5 BIG-IP LTM/GTM, Bluecoat Proxy. Cisco ASA 5500 series, IPSEC and SSL VPN, IOS Firewall features, DMZ setup, Cisco PIX, Checkpoint, Palo Alto.

Routers: Cisco routers (1900, 2600, 2800, 2900, 3600, 3800, 3900, 7200, 7600), Cisco L2 & L3, Juniper routers.

Routing/Routers: OSPF, EIGRP, BGP, PBR, Route Filtering, Redistribution, Summarization, Static Routing, Cisco Routers ASR 1002 / 7606 / 7304 / 7206 / 3945 / 2951 / 2600

Switching: VLAN, VTP, STP (Spanning Tree), Inter VLAN routing & Multi-Layer Switching, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging

Switches: Cisco switches (3560, 3750, 4500, 4900 & 6500), Nexus (2248, 5548 &7010), CISCO Meraki

VOIP Devices: Cisco IP phones, Unified Communications

Network Security: IPsec VPN, AAA Architecture, TACACS+, RADIUS, IKE, SSL, Access-lists, prefix-lists

Cloud Technologies: AWS, GCP (Google Cloud Platform), Azure

PROFESSIONAL EXPERIENCE

Network Engineer

Confidential

Responsibilities:

• Design, implement and administer IPv4/IPv6 enterprise network infrastructure utilizing Juniper routers. worked on Juniper MX 480, MX960 and Juniper Layer 3 EX4200 & EX3200 switches.
• Configuring rules and maintainingPaloAltoFirewall & Analysis of firewall logs, Configured TCP/IP Ethernet interface, Created Virtual Router and Verify Network Connectivity.
• Responsible for Check Point to Palo Alto Migration and Palo Alto and Checkpoint firewalls configuration and administration across global networks.
• Monitoring traffic through firewall, utilized Splunk to see the traffic flow and Wireshark for packet analysis.
• Advanced Knowledge in IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and decryption protocols.
• Extensive experience with Cisco IOS, IOS-XR, NX-OS Windows client/server operating systems, Linux, Networking technologies, Firewalls.
• Experience in designing and assisting in deploying enterprise wide network security and high availability solutions for Palo Alto and Cisco ASA.
• Worked towards the key areas of the project to meet SLA's and to ensure business continuity.
• Research, recommend and leverage new features supported by Palo Alto networks, including User-ID, Autofocus and Global protect.
• Actively responsible for upgrades and network refresh projects and Troubleshooting, IOS Security Configurations, IPsec VPN Implementation on Checkpoint firewalls.
• Infrastructure configuration and troubleshooting for Windows Azure environments.
• Experience in analysis of migrating the application servers from Existing data Center to New Data Center.
• Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP (Spanning Tree), Inter-Vlan routing, LAN security.
• Tested JUNOS images on juniper MX router platforms covering various protocols and technologies like OSPF, BGP, LDP, MPLS, Layer3 VPNs and Cisco IOS and NXOS configuration for routers, switches, ASAs etc.
• Installation and troubleshooting of company's WIFI network with added security and Cisco VOIP.
• Expertise with Installation, configuration and troubleshooting of Cisco Routers (ASR 9K,1K, CISCO ISR 4K,1K 7600, 7200, 3800, 3600, 2800, 2500, 1800 series). and Juniper Routers (MX, PTX, ACX, CTP, T4000-series).
• Extensive Knowledge in configuring and troubleshooting as well as creating Virtual Servers, Nodes, Pools and I Rules on BIG-IP F5 (VIPRION - ASM) load balancer LTM for load balancing and traffic management in DC environment.
• Responsible for monitoring the Network performance based on company's Service Level Agreement (SLA).
• Interact with the vendor teams through TAC, JTAC cases, to understand and resolve the issues related to hardware and software bugs.
• Helping Team members to build a new cloud platform for existing legacy application using Azure technologies. Part of Designing the new architecture.
• Working on security devices ASA, juniper, Palo Alto firewalls, Arista routers and switches.
• Regular upgrade and maintenance of Infrastructure, Installing, configuring, and maintaining Cisco Switches (2960, 3500, 7600, 3750, 3850 series, 6500 series) Cisco Routers (4800, ASR 9K, 800), Juniper Routers and Firewalls, Nexus.
• Worked on Cisco ISE for user Authentication, Security Group Tags, MAC based authentication for Wireless and Wired users, 802.1X, EAP, PEAP etc.
• Knowledge and experience of Cloud Computing Engineering, concepts and service models including IaaS-Open stack, PaaS-Cloud Foundry and SaaS-VMware.
• Experience in Tier- 2 support, BMC Remedy tool, NMS ticketing system, network troubleshooting, handling escalation, Root cause analysis (RCA) and SLA's.
• Experience in managing a team and the resources during Server InfrastructureMigrations and platform upgrades.

Network Engineer

Confidential, Des Moines, IA

Responsibilities:

• Responsible for the Global engineering and support of existing network technologies / services and the integration of new network technologies / services.
• Configure NAT, Security Policies for Checkpoint Firewall Management. Establish custom corporate policy on Firewalls.
• Worked on redesigning the network drawings to provide detailed information about the logical and physical connectivity of newly built Data Center. With extensive use of Firemon reports for network flows to secure the Gateways.
• Experience in Configuring, upgrading and verifying NX-OS operation system with OSPF, BGP.
• Responsible for network maintenance, support, trouble resolution, root cause analysis and SLA maintenance using Cisco-based enterprise LAN and wireless networks.
• Configure Cisco routers and switches to bring new location on location online within the current network for VOIP communication.
• Monitor performance of network appliances and WAN utilizing using network analyzer like Riverbed, Wireshark, Solar Wind.
• Expertise in Virtualization with vSphere, VMware ESXi and hosts and Virtual Center server.
• Designed, configured, and implemented (WiFi) 802.11a, b, g, n, ac wave1 and wave 2 access points (Aruba Networks, Cisco, etc.).
• Configured and troubleshooting the F5 LTM and APM and providing level 2 support for the customers.
• Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate Authority for purpose of scaling.
• Worked on Application traffic security with WAF, F5 ASM, F5 APM for Authentication, Citrix NetScaler's for ICA proxy, Citrix VDI, Microsoft Office 365, Azure AD, AWS, Zscalar Cloud based proxies and Blue Coat.
• Cisco ASA5510 firewall appliances appliance for securing network access, Cisco Access Control Server 5.3 for TACACS, RADIUS and Active Directory
• Configuration and management of network routers (Cisco 6500, 7K; Juniper MX) and switches (Cisco 5500,3850, 3750X, 3750, 3550,2500; Juniper EX).
• Hands-on expertise with routers 2600, 2900, 3600, 3900, 7200, 7600, ASR-901, ASR-903, ASR 5500, ASR-9010 and Juniper ACX, E, M, MX960 series.
• Performed IOS Software upgrades on switches Cisco 6509, 4510, 3750 and Cisco ASR for compatibility with Cisco ISE.
• Experience with configuring Load Balancing methods in F5 LTM and configured the virtual server, Good knowledge in systems integration, software hardware emulation experience.
• Experience in building both physical and virtual servers, configuration of DNS, DHCP, NFS, LDAP, CIFS, RDP and so forth.
• Worked with protocols such as Frame Relay, IEEE 802.11 and VLAN, OSPF and BGP, DNS, DHCP, FTP, NTP, SNMP, SMTP and TELNET.
• Reviewed and updated Cisco Smartnet and leasing agreements with hardware vendors by creating and working open Cisco TAC cases.
• Deploy 802.1x authentication (both Wireless and Wired network) for office users using Aruba Clear pass access management system.
• Configuring VM's on ESX Server and installing hosts and Migrating Virtual Machines across various VMware’s Server, Workstation and VMware servers.
• DMZ Network infrastructure knowledge including topology, security policies, firewalls and the L2/L3 switch and router infrastructure is required.
• Experience in Cisco ASA Firewall deployment, maintenance and troubleshooting including implementing adding, removing and editing firewall policies and rules as per requirement.
• Experienced with manipulating various BGP attributes such as Local Preference, MED, Extended Communities, Configuring IP SLA monitor to track the different IP route when disaster occurs.
• Installing, Maintaining and Troubleshooting of Cisco ASR 1K, 7200, 3925E and 2951E Routers and Cisco 6500, 4510, 4500-X, 4948, 3560X, 3750X and 2960S Switches for deployment on production.
• Configured wireless security by implementing Cisco ISE and Aruba Clear Pass at the data center.
• Exposure to VPNs, WAN Accelerators, Intrusion Prevention Systems (IPS), Virtual Private Networks.
• Worked with several network engineers for the understanding of Juniper SRX firewalls along with the changeover to Palo Alto.
• Configure Zscalar to protect user and company devices based on security policies.
• Configured ASA 5520/5500 to ensures high-end security on the network with ACLs and Firewall.
• Day to day responsibilities include tasks like configuring and troubleshooting Wireless Access Points, Switches and Routers.

Network Engineer

Confidential

Responsibilities:

• Implemented VTP and Trunking protocols (802.1q and ISL) on 3560, 3750 and 4500 series Cisco Catalyst switches
• Server maintenance, VM Ware, VOIP Cisco Phone Systems, Imaging, Data recovery, OS upgrades, and various other facets of IT Support.
• Mitigated security risk from within Azure Cloud. Ensured the secure transfer of data from on-premises to Azure.
• Experience in VMware, Microsoft Active Directory, Puppet, security settings, group policies.
• Actively involved in Switching Technology Administration including creating and managing VLANS, Port Security-802.1x, Trucking 802.1Q, RPVST+, Inter-VLAN routing and LAN security on Cisco Catalyst Switches and Cisco Nexus Switches 2K,5K,7K.
• Performed a major role in ensuring the security, stability and overall usability of Aruba Wireless network for the two campuses and providing an excellent wireless network experience to our staff, faculty, students, university guests and visitors.
• Experience with Interior and Exterior routing protocols that includes RIP, OSPF, EIGRP, IS-IS and BGP. Worked on Cisco, Juniper.
• Reporting and tracking identified failure data weekly to a panel of Cisco Quality, TAC, and Hardware Engineers.
• Advance Design and Support of CatOS, IOS, NXOS hardware and Software.
• Performing network monitoring, providing analysis and network topologies using various tools like NS3, Wireshark, SolarWinds etc.
• Redundancy &Management HSRP, VRRP, Wireshark, SolarWinds, SNMP, CISCO Works, GNS3, Riverbed.
• Conduct site surveys and install wifi to give the latest and greatest to the agents so that they have cutting edge technology.
• Providing technical assistance and support to Cisco customerson 7200, 3925, 3800,2500 routers.
• Provided systems, administration and user support for Google Apps Mail application.
• Setting up a VPN using Cisco AnyConnect Secure Mobility Client to allow employees to have secure access to the network enterprise from any device, at any time, in any location.
• Knowledge and experience of 802.11 a/b/g/n Ethernet standard for wireless Technology.
• Experience in L2/L3 protocols like VLAN, STP (Spanning Tree), VTP, ISL, MPLS, 802.1q and Trunking protocols.
• Deployed the Cisco 3500 Access Points using Cisco Wireless controllers 5500 and 2500 and WCS System.
• Implementation and configuration of all network equipment details, Visio network diagrams, SNMP, monitoring, licensing, documentation, and troubleshooting environment from end to end.
• Implement and maintain Checkpoint, Cisco ASA Firewalls and Bluecoat proxy systems
• Aruba Clear Pass Policy Manager configuration and installation for VMWare appliance and hardware appliance.
• Created Access policies on APM module using AD and LDAP authentication for external clients.
• Configured SSL offloading, bridging and pass through for custom applications per business needs.
• Responsible for High and low-level design as it pertains to load balancing infrastructure and changes.
• Configuration, maintenance, and support of the enterprise network consisting of Cisco routers and switches, Aruba switches, Cisco and Aruba wireless.
• Responsible for Cisco routers in configuring routing protocols OSPF, and EIGRP for clients.
• Detailed design documentation also had the estimated effort and timelines for implementation.
• Design and deployed F5 LTM and GTM load balancer infrastructure per business needs from the ground upon approach.
• Implementing, deploying and troubleshooting OSPF, BGP, VLANs, Backbone Fast authentication for VTP, disabling all unused ports by putting them in unused VLAN and ensuring DHCP attack prevention wherever needed.
• Worked on large scale implementation and maintenance for SSH (Secure Shell), PKI/SSH, VPN, IPSEC Satan, ISS, TCP/IP Monitoring.
• Configured network using routing protocols such as BGP, EIGRP, OSPF and troubleshooting L2/L3 issues. Configuring Switches with: VLANs, Trunking, VTP, TCP/IP, SNMP.
• Provide full coverage and support (24/7) in the migration of sites to ensure branch connectivity with the Data centers with successful migration of all hosts.
• Performed the maintenance of Active Directory and replication scheme, DNS/DHCP services and time services; wrote step-by-step procedures for implementing upgrades.
• Designed ASA firewalls and Firewall Rules in Multi-tier DMZ in the Server Farm to provide security and controlled restricted access.

Network Admin

Confidential

Responsibilities:

• Configured Routing protocols such as RIP, OSPF, EIGRP, static routing and policy-based routing.
• Created dynamic access policies on the ASA’s for the offshore vendors to be able to VPN in and access the resources they needed for their testing purposes.
• Configured Client VPN technologies including Cisco's VPN client via IPSEC.
• Deployed a Syslog server to allow proactive network monitoring. Responsible for managing network & security at the Data center.
• Solving issues related to applications raised by costumer as per SLA.
• Configuration 7500, 7200 with OSPF and catalyst 6505, 4500, 3550,3700, switches with various VLAN.
• Involved in troubleshooting IP addressing issues and Updating IOS images using TFTP. Router memory & IOS upgrade with TFTP.
• Experience in the setup of Access-lists, RIP, EIGRP and tunnel installations.
• Creating and updated network shares, adding permissions software and groups for users through Active Directory.
• Oversee Cisco troubleshooting, PC repair and imaging, WiFi installation and management, A\V troubleshooting and repair, and all end user support.
• Knowledge of VMware vSphere administration within Cisco Unified Computing System environment.
• Install and maintain Network operations involving VOIP and IP. Troubleshooting and repairing communications equipment to include satellites, UHF, and VHF equipment
• Architecture and Operation of all VOIP functions within Customer Service and Corporate network. Other Duties include the testing of new technologies within the telecom group
• Have experience in Intrusion Detection, DMZ, encryption, IPsec, proxy services, Site to Site VPN tunnels.
• Security infrastructure engineering experience as well as a Microsoft Windows, UNIX, Checkpoint Firewalls, Juniper firewalls, PIX firewalls, Bluecoat Proxies, Juniper Intrusion Prevention devices, and wireless switch Security Management.
• Switching related tasks included implementing VLANs, STP (Spanning Tree), and configuring on fast Ethernet.
• Key contributions include troubleshooting of complex LAN/WAN infrastructure that include configured Firewall logging, DMZs& related security policies & monitoring.
• Excellent communication and documentation skills and able to work individually and as a team member.
• Create and test Cisco router and switching operations using OSPF routing protocol, ASA 5500 Firewalls, and MPLS switching for stable VPNs.