We provide IT Staff Augmentation Services!

Cisco Asa/sr. Network Engineer Resume

4.00/5 (Submit Your Rating)

Huntington Beach, CA

SUMMARY

  • Over 5 years of experience in Network Engineer, including hands - on experience in providing network support, installation and analysis for a broad range of LAN /WAN/MAN communication systems.
  • Well Experienced in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP, PAP, CHAP, and SNMP.
  • Good experience on CISCO IOS, IOS XE and IOS XR, NXOS, Fortinet FortIOS.
  • Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST. Implementation of HSRP, VRRP for Default Gateway Redundancy.
  • Responsible for Check Point andCISCO ASAfirewall administration across global networks.
  • Experience working onCiscoASR 9001&ASR 1006.
  • Good experience on working with CISCONX-OS.
  • Upgraded Operating Systems for different devices like JUNOS (Juniper), IOS (Cisco) and EOS (Arista)
  • Configure and troubleshoot Juniper EX series switches and routers.
  • Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers.
  • Implemented various EX, SRX & J series Juniper devices.
  • Experience with deploying Fabric Path using Nexus 7000 Devices.
  • F5 BIG-IP application load balancing subject matter expert with concentration on layer 7 load balancing using I-Rule scripting in TCL.
  • Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
  • Hands on experience with load balancers (F5 &CiscoContent Switch), VPN (Cisco, Netscaler, RSA, Deo Security, Entrust & F5)
  • Worked on F5 VIPRION, LTM and GTM systems
  • Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
  • Experience in working withCiscoNexus Switches and Virtual Port Channel configuration.
  • Experience working with Nexus 7K, 5K, 2K devices.
  • Experience in testingCiscorouters and switches in laboratory and deploy them on site production.
  • In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Sub-netting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 SONET POS OCX / Gig circuits, Firewalls.
  • Worked extensively in Configuring, Monitoring and Troubleshooting Cisco'sASA5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.
  • Hands on experience in configuring and supporting site-to-site and remote accessCisco, IPsec, VPN solutions usingASA/PIX firewalls,Ciscoand VPN client.
  • Experience in Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions forASA.
  • Strong experience on security levels with RADIUS, TACACS+.
  • Hands on experience in configuringCiscoCatalyst 2960, 3750, 4500, 6500 and Nexus 3000, 5000, 6000, 7000 series switches andCisco2600, 2800, 3600, 3800, 7200, 7600 series routers, load balancers and Cisco firewalls.
  • Configuring BGP/OSPF routing policies and designs, worked on implementation strategies for the expansion of the MPLS VPN networks.
  • Hands-on experience and knowledge about VoIP technologies such as SIP, SIP Trucking,Cisco Call Manager, Asterisk
  • Expertise in creating groups and pruning traffic flow using VLAN, VTP, ISL, 802.1Q.
  • Excellent in documentation and updating client's network documentation using VISIO.
  • Performed switching technology administration including VLANs, inter-VLAN routing, Trunking, port aggregation and link negotiation.

TECHNICAL SKILLS

Network Products: CiscoRouters CRS-1, CRS-3, CRS-X, ASR 9K, ASR1K, ASR 1002, GSR 12000, 7600, 7200, 7500, 7300 (SSG), 7200, 3945, 3800, 3900, 3845, 3745, 2800, 2600, 2900, 2500, 1800, 1700, 1600, &ERX 500CiscoswitchesCiscoNexus 7010, 5596, 5020, 5010, Nexus 00v),Cisco6500, 4900M, 4500, 4000, 3700, 3750, 3550, 3560, 2960, 2950, 2800, HP 2910, Dell Brocade chassis & FWS switches.

Network securities: NAT/PAT, VPN, Filtering, Juniper Netscreen Firewall, Checkpoint 4.1, WEP, WPA2, IDS/IPS, IPSec, ACL, FWSM, and F-5 load balancers.

LAN Technologies: Workgroup, Domain, HSRP, DHCP, Static, VLAN, STP, VTP, Ether Channel, Trunks, PVST, RSTP.

AAA Architecture: TACACS+, RADIUS,CiscoACS.

WAN Technologies: Frame Relay, VPN (L2F, PPTP, L2TP, GRE), ISDN, PPP, ATM, MPLS, IPv6

Network Management: SNMP, Solarwinds,CiscoWorks, HP Open view, Ethereal Sniffer, NXOS, Telnet.

Load baLANcers: CSS, ACE, F5, A10

Monitoring Tools: Wireshark, N-map, Nessus, OpManager, PRTG Packet Sniffer, and Infoblox, Smarbits, Spirent Test Center, Agilent Router Tester (N2X Series) and Netflow.

Routing Protocols: VTP, STP, RSTP, MST, VLANs, ISL, 802.1q, Ether Channel, PAgP and LACP

PROFESSIONAL EXPERIENCE

Cisco ASA/Sr. Network Engineer

Confidential, Huntington Beach, CA

Responsibilities:

  • Integrating new locations with existing MPLSNetworkand enabling standard corporate application access.
  • Designing and implementing LAN/WAN solutions across locations
  • Managing the LAN/WAN devices across locations for day-to-day operations
  • Managing location specificCISCO ASAFirewalls and also data center internet gateway firewalls.
  • Handling new application load balancing requirements through F5 LTM devices.
  • Experience with design and implementation of Data center migration
  • Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices.
  • Configured CIDR IP RIP, PPP, BGP, MPLS and OSPF routing.
  • Assisted in MPLS migrations, implemented a backup for the existing WAN connection using site-to-site IP sec VPN tunnels.
  • Experience with WCS predictive maps and RF Engineering Planning.
  • Done Site Surveys and installed wireless access devices at various locations like army, navy, airforce bases.
  • Configured Aruba WAP and Wireless controller 66xx/57xx on Cisco Prime, VMWare NSX for proper access of Boingo wireless internet.
  • Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
  • Configuring routing protocols OSPF, EIGRP, RIP, MPBGP, LDP and BGPV4
  • Configuring HSRP between VLANs, Configuring Ether-Channels, Port Channel on 6500 catalyst
  • Configured remote users to access corporate LAN with VPN connectivity
  • Experience with Cisco ACI (Application Centric Infrastructure) solutions.
  • Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
  • Maintained complex LAN/WANnetworkswith several VLANS and provided support for routing protocols and also providing secure sessions over internet using IPSec and SSL encryption.
  • Worked extensively onCISCO ASA 10/5540) Series, experience with convert PIX rules over to theCISCO ASAsolution.
  • Supporting EIGRP and BGP based on thenetworkby resolving level 2 & 3 problems of internal teams & external customers of all locations
  • Worked on migration of existing PIX firewall toASAfirewall, PIX OS upgrade from 6.3 to 7.0.
  • Design and Implement DMZ for FTP, Web and Mail Servers withCISCOPIX 506, PIX515
  • Building the VPN tunnel and VPN encryption.
  • Involved in Configuration of Access lists (ACL) onASAfirewall for the propernetworkrouting for the B2Bnetwork connectivity.
  • To secure configurations of load balancing in F5, SSL/VPN connections.
  • CiscoSecure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN 3000 Concentrator.
  • Designed and implemented DMZ for Web servers, Mail servers & FTP Servers usingCisco ASA 5500 Firewalls.

Environment: Cisco 2948/3560/4500/3560/3750/3550/3500/ switches andCisco 3640/ 0/3845/3600/2800 routers,CiscoNexus 7K/5K,CISCO ASA500, Checkpoint, windows server 2003/2008: F5 BIGIP LTM, RIP, OSPF, BGP, EIGRP, LAN, WAN, VPN, HSRP

Cisco ASA/Network Engineer

Confidential, Dallas, TX

Responsibilities:

  • Worked on Juniper NetScreen ISG1000, Palo Alto Networks, Infoblox Grid Manager.
  • Configuring Big-IP F5 LTMs (virtual servers, pools, SNATs, health monitors, irules) and GTM's for managing the traffic and tuning the load on the network servers.
  • Experienced with convert Checkpoint VPN rules over to theCISCO ASAsolution. Migration withCISCO ASAVPN experience.
  • Installed and managed of overall administration of LAN, WAN, systems involving design of network layouts, configuration and maintenance, Commissioning Routers &Switches, firewalls, IPS and ensuring maximum uptime during site deployment to VoIP.
  • Worked on Configuring Management Interface IP, Creating Trust Zones, DMZ's, ACL, SSL on Juniper Net-screen ISG100.
  • Turn up and optimize property WiFi and layer 2 delivery network on centralized wireless controllers (Ruckus)
  • Configure and stage Cisco wireless controllers
  • Worked configuration of new VLANs and extension of existing VLANs on/to the necessary equipment to have connectivity between two different data centers
  • Responsible for entire LAN and WAN/WLAN maintenance and troubleshooting of the company network. Involved in the Team of Data Center Operations to perform duties like administration and deployment ofCiscoRouters and Switches according to the organization requirements.
  • Performed network administration tasks such as creation and management of VLANS, Port security, Trunking, RPVST+, Inter-VLAN routing, and LAN security.
  • Configured Hyper-V LAN which decouples virtual networks from the physical network infrastructure, removing the constraints of VLAN and hierarchical IP address assignment from virtual machine provisioning.
  • Configured FWSM onCisco7600 routers to reduce costs and operational complexity while enabling organization to manage multiple firewalls from the same management platform.
  • ConfiguredASA5520/5500 to ensure high-end security on the network with ACLs and Firewall.
  • Experienced with Firewall Administration, Rule Analysis and Rule Modification onCISCO ASA5540, 5585.
  • Responsible forCISCO ASAfirewall administration across our networks.
  • Co-ordinate with the Data Network and Security team and come up with possible solutions.
  • Configuring and resolving various OSPF issues in an OSPF multi area environment,
  • Implemented, configured BGP WAN routing, converting OSPF routes to BGP (OSPF in local routing)
  • Expertise in maintenance of layer2 switching tasks which advocate VLAN, VTP, STP, RSTP, PVST, RPVST, configuring of ether channel with LACP and PAGP along with troubleshooting of inter-VLAN routing.
  • Configured PVSTP+ for loop prevention and VTP for Inter-VLAN Routing.

Environment: Cisco7200, 7204, and 7206 Routers, Switches:CiscoDistribution layer switches such as 4510, 4948, 4507, 7k, 5k and 2k series. Firewalls 5GT, 208, EIGRP, RIP, OSPF,CISCO ASA, DHCP, DNS, SAN, Spanning tree, Windows Server, Windows NT.

Network Engineer

Confidential

Responsibilities:

  • Involved in Configuring and implementing of Composite Network models consists of Cisco7600, 7200, 3800 series routers andCisco2950, 3500, 5000, CAT, Series and Nexus switches.
  • Configured networks using routing protocols such as RIP, OSPF, BGP and manipulated routing updates using route-map, distribute list and administrative distance for on-demand Infrastructure.
  • Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/VPN-1
  • Configured OSPF over frame relay networks for NBMA and point to multipoint strategies.
  • Configured and maintainedCISCO ASAfirewalls,CiscoACE load balancers andCiscoPIX (506E/515E/525/)
  • Installed high availability Big IP F5 LTM and GTM load balancers to provide uninterrupted service to customers.
  • Implementing traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF)
  • Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tunings AS-path.
  • Configured policy based routing for BGP for complex network systems.
  • Configured Multiprotocol Label Switching (MPLS) VPN with Routing Information Protocol (RIP) on the customer's Site.
  • CiscoSecure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN 3000 Concentrator.
  • Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network.
  • Responsible for day to day management ofCiscoDevices, Traffic management and monitoring.

Environment: Ciscoswitches 2950, 3500, 5000,Ciscofirewalls, Load balancers andCiscopix (506E/515E/525/) Big IP F5 LTM and GTM load balancers.

Jr. Network Engineer

Confidential

Responsibilities:

  • Design, implementation and operational support of routing/switching protocols in complex environments including BGP, OSPF, EIGRP, Spanning Tree, 802.1q, etc.
  • Understanding and implementation of IPSEC &GRE tunnels in VPN technologies
  • Troubleshoot issues and outages on Trunks and Router interfaces and firewalls extensively
  • Configured and resolved various OSPF issues in an OSPF multi area environment
  • Configured RIP, OSPF and Static routing on Juniper M and MX series Routers
  • Configured VLAN, Spanning tree, VSTP, SNMP on Juniper EX series switches
  • Configured Cisco IOS Feature Set, NAT and SimpleNetworkManagement Protocol (SNMP) forNetworkSecurity implementation
  • Part ofNetworkOperation Center NOC offshore support team from India supporting Data Center 24x7. L2 support for Cisco PIX and ASA Firewalls.
  • Created load balancing policies using BGP attributes such as Local Preference, AS-Path, MED, Community etc.
  • Hands-on experience with WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, and IP addressing
  • Configured HSRP between the 3845 router pairs for Gateway redundancy for the client desktops
  • Ability to use NAT and Firewall security policies in Checkpoint
  • Troubleshoot traffic passing managed firewalls via logs and packet captures
  • Maintenance of all servers &networkequipment with current stable firmware, IOS images & access control lists
  • According to priority, worked on multiple service request tickets as a part ofNetworkOperation
  • Maintenance of CISCO ASA 5500 firewall for DCA site, adding new rules or changing existing access lists if necessary
  • Implementation of security improvements such asnetworkfiltering, SSH, AAA, SNMP access lists, EIGRP MD5 authentication, HSRP authentication and security enhancements
  • Designed and Developed Internet Security policy for the company in order to build a secure and robustnetworkInfrastructure.
  • Involved in Layer2/3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-VLAN routing, LAN security
  • Provided technical assistance to LAN & WAN systems
  • Installing and maintainingNetworkprinters

Environment: Cisco 6509/3750/3550/3500/2950 switches and Cisco 7200/3845/3640/3600/2800 routers, EIGRP, RIP, OSPF, BGP, VPN, MPLS, STP, SNMP

Jr. Network Engineer

Confidential

Responsibilities:

  • Regular upgrade and maintenance of Infrastructure, Installing, configuring, and maintaining Cisco Switches (2900, 3500, 3700 series, 6500 series) Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800) Cisco Router and Switches,f5BIG IP, Palo Alto Firewalls, Bluecoat Proxy and Riverbed Steelhead appliances.
  • Supported core network consisting of Cisco 3900 series routers running multi area OSPF Configuration of EIGRP and OSPF as interior gateway protocol with route filtering and route redistribution.
  • Worked with JUNOS OS on Juniper Routers and Switches. Has an understanding of TCP/IP, IPX/SPX, RIP, VLAN, IGRP, BGP, HSRP, OSPF, IGRP, RMON, EGRP, and BGP4.
  • Configuring RIP, OSPF and Static routing on Juniper M and MX series Configuration of esoteric security applications for IT Security (AAA, SSL, PKI, RADIUS, TACACS+, EAP, EAP-Fast, PEAP, LEAP, CHAP, MS-CHAP) and multi-factor authentication.
  • Supporting EIGRP and BGP for problems of L2/L3 in internal teams & external customers. Providing daily network support for national wide area network consisting of MPLS, VPN and point-to point site.
  • Perform technical audits of SCADA devices and networks, and any other connected.
  • Performed administrative support for RIP, OSPF routing protocol.
  • Upgrading Used DHCP to automatically assign reusable IP addresses to DHCP clients.
  • Configured and installed multi-protocol (IP, IPX) multi-interface.
  • Cisco routers. Design, WAN link using PPP Multilink and by implementing Cisco WAAS. Configuring STP for switching loop prevention and VLANs for data and voice along with.

We'd love your feedback!