SUMMARY

• With 8+ years of professional experience in Network Planning, Implementing, Configuring, Troubleshooting and Testing of networking system on both Cisco and Juniper Networks.
• Experience with the escalation problems for Routing, Switching and WAN connectivity issues using ticketing system remedy.
• Experience of routing protocols like EIGRP, OSPF, RIP, and BGP.
• Worked on Cisco 7200, 6500, 3800, 3600, 2800, 2600, 1800,810 series Router and Cisco 2900, 3500, 4500, 5500, 6500 series switches.
• Extensive hands - on experience with complex routed LAN and WAN networks, routers and switches.
• Trained new RF, WiFi Engineers & Testers on various Network Tools including M. Planet (Design).
• Hands-on configuration and experience in setting up Cisco routers to perform functions at the Access, Distribution, and Core layers.
• Experience in the setup of Access-Lists, and OSPF, EIGRP, and tunnel installations.
• Proficiency in configuration of VLAN setup on various Cisco Routers and Switches.
• Implemented and support Vblock in various Environment and Production.
• Experienced in trouble-shooting both connectivity issues and hardware problems on Cisco based networks.
• Latest projects - DocAve implementation, SharePoint 2016 POC, SharePoint 2013 dedicated Search Farm, OpenText AGA integration, colo facility relocation, hybrid O365/on prem re-architecture
• Good Experience on WHQL certification of wifi devices.
• PoE, 802.11a/b/g/n/ac, 2.4GHz, 5GHz, wireless network technologies
• Experience in configuring and Installation of Cisco ASA 5500 series Firewalls.
• Experience in configuring and Installation Palo Alto Firewalls and Panorama Network Security Management on Palo Alto series 7000, 5000,3200.,3000,800,200, M-100.
• Migrating firewalls from Cisco ASA to Palo Alto, Check point to Palo Alto.
• Experience in WatchGuard firewalls M-4600, M-270.
• Multi hop wifi connectivity 11a, b, g,n 2x2.
• Experience in Managing multiple WatchGuard firewalls using WSM.
• Worked with F5 Load balancing, IDS/IPS, Bluecoat proxy servers and Administrating. Experience with Load Balancers for administrating and monitoring global & local traffic using F5 BIG IP LTM, IP/MPLS & GTM.
• Enterprise Wireless (design/implementation, maintenance and support) Self - starter, accustomed to working in a SLA environments
• Experience with Bluecoat Proxy servers, LAN & WAN management.
• Black listing and White listing of web URL on Bluecoat Proxy Servers.
• Enhanced level of experience with OSPF, BGP, IP/MPLS and TCP/IP.
• Strong knowledge in HSRP, VRRP redundancy Protocols.
• Experience in Network Management Tools and sniffers like SNMP, HP-Open view, Wireshark and Cisco works to support 24 x 7 Network Operation Center.
• Experience in physical cabling, IP addressing and sub-netting with VLSM, configuring and supporting TCP/IP, DNS, installing and configuring proxies.
• Access control server configuration for RADIUS & TACAS+.
• Experience with 802.11x wireless technology.
• Ability to Install, Manage & Troubleshoot Large Networks & Systems Administration on Windows & Linux platforms in Development, Lab & Production Environments.
• Good knowledge of CISCO NEXUS data center infrastructure with 5000 and 7000 series switches includes (5548, 7010) including CISCO NEXUS Fabric Extender (223, 2248).
• Sound knowledge of virtual firewalls like ASA/PIX, checkpoint VSX, IDS, IPS as well as encryption techniques.

PROFESSIONAL EXPERIENCE

Confidential, Sandy, UT

Sr. Network Security Engineer

Responsibilities:

• Designed, configured and implemented Remote access Client VPN (Global protect) with multifactor authentication (Gemalto) for users according to the business requirements.
• Configured and implemented new Palo Alto Networks devices, integrating with the network and to Panorama Centralized Management.
• Configured a pair of firewalls in an active/passive deployment.
• Worked with IT Security and configured PAN Security Profiles - Antivirus, Anti-Spyware, Vulnerability Protection, URL filtering, Threat Prevention, Data Filtering, Wildfire Analysis to stay current with industry best practices.
• Investigate security incidents and recommend actions needed to resolve situations.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Successfully installed Palo Alto PA-7050, PA-5020, PA300 series and 800 and 200 series firewalls to protects Data Center and provided L3 support for routers/switches/firewalls.
• Managed firewall policy lifecycle process from review, approval, implementation, publishing, verification and testing.
• Palo Alto user-identification implementation with KIWI server's user Palo Alto user-id agents.
• Helped migrated multiple COLO facilities various internet circuits to MPLS network.
• Palo Alto integration with VMware Virtual Desktop infrastructure.
• Palo Alto upgradation and degradation.
• Implementing Site to Site VPN from Palo Alto to Cisco ASA, WatchGuard FW, Juniper, Checkpoint
• F5 configuration, installation, Managing Big IP, GTM/LTM, IAPP, IP/MPLS.
• Security Device - Palo Alto/ASA Firewalls, Sourcefire IPS/IDS, Cisco Identity Services Engine (ISE), VPN.
• Configured VLAN Trucking with Palo Alto interface.
• Responsible for maintaining availability, reporting and communication of the Confidential between it, its event-sources and the endpoints.
• Utilized Security Information and Event Management, Intrusion Detection & Prevention (IDS / IPS)
• Using Symantec End Point Protection for threat analysis.
• Creating object, groups, updating access-lists on Palo Alto, apply static, hide NAT using smart dashboard.
• Troubleshooting connectivity issues on the firewall. Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Worked on Cisco ASA 5580 and 5585 VPN Firewall for site to site VPN's from Cisco Asa to Palo Alto, Microsoft Azure
• Worked on implementing polices for Cisco ASA from Interface point and object group as well as NAT.
• Experience in working with designing, installing and troubleshooting of Palo Alto firewalls.
• Configuring Checkpoint, ASA, Palo Alto for NAT (Static PAT/Manual NAT) to enable remote.
• Experience in working with checkpoint, Palo Alto Next-generation firewall, Cisco ASA and Panorama M-100.
• Experience on working with IPsec VPN, IDS/IPS, IP/MPLS, DLP, Application and URL filtering on checkpoint firewall module
• Experience on working with IPsec VPN, Security profiles and SSL decryption on Palo Alto firewall
• Worked on integration with SNMP, RADIUS and LogRhythm Confidential syslog server with Palo Alto and checkpoint firewall
• Experience in working on the Quarterly maintenance windows for failover, reboot of Checkpoint next-generation firewalls and Palo Alto firewalls, as well as other security devices
• Worked on troubleshoot and packet capture analysis on Palo alto firewall and checkpoint firewall
• Worked on Cisco ASA IPsec VPN tunnel and building security policies and packet analysis
• Worked on checkpoint firewall SMART Event Intro module for generating monthly IPS reports
• Experience on working with Confidential tool LogRhythm on adding the newly build windows and Linux log servers and creating policies for different alerts
• Worked on 24x7 on call shift with the proprietary STIMv2 ticketing management tool
• Deployment of Palo Alto, 7000, 5000,3000 series firewall and checkpoint 12000 series firewall.
• Successfully designed and implemented, as the Firewall Lead Engineer, the PIX to ASA migration strategy for OCC Confidential, DO and Satellite/COLO Offices. Implementation is ongoing.
• Perform troubleshooting by packet capture analysis using TCP Dump, FW Monitor, Wireshark and analyzing the PCAP
• Worked on Aruba Clearpass AAA technologies (Radius, TACACS, 802.1X, MAC authentication, and Web authentication)
• Experience in Network access control technology and platforms for wireless environments (Aruba Clearpass, Cisco ISE, etc.)

Confidential, Deerfield, IL

Sr. Network Engineer

Responsibilities:

• Worked on Cisco Layer 2 switches (spanning tree, VLAN).
• Validate xfinity wifi service flow on multi-vendor wireless Home Devices and Outdoor Units.
• Re-IP’d the Production and COLO sites and deployed them on VLANs with vACLs.
• Implemented Site-to-Site VPNs over the internet utilizing 3DES, AES/AES-256 with PIX Firewalls
• Network Redesign for Small Office/Campus Locations. This includes changes to both the voice and data environment
• Plan, build, deploy, and maintain ACI data center lab utilized by internal parties.
• Create and deliver ACI training to HTTS engineers globally
• Configure, enhance and operate the enterprise wireless network infrastructure, diagnose tools, automation, and recovery systems using standard or proprietary scripting and utilities.
• Implemented OSPF to local, remote and COLO facilities.
• Interact with Business Services team and explore the suitable public-wifi solutions
• Involved in complete LAN, WAN, Extranet redesign (including IP address planning, designing, installation, pre-configuration of network equipment, testing, and maintenance) in both Campus and Branch networks.
• Worked on configuring, upgrading and verifying the NX-OS operation system.
• Experience working with Nexus 7010, 5020, 2148, 2248 devices.
• Worked as a part of data center deployment where we converted from Cisco 6500 to Nexus.
• Upgrading Sysco Foods networks with new Confidential routers, switches and 5508 Confidential mesh wireless networks.
• Troubleshooting connectivity issues through Palo Alto firewalls as well writing and editing policies.
• Worked Knowledge on Palo Alto like blocking URLs Etc.
• Experienced with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000.
• Validate xfinitywifi service flow on multi-vendor wireless Home Devices and Outdoor Units.F
• Proficient in design, implementation, management and troubleshooting of Check Point Provider-1 / VSX, Palo Alto IDS, Foundry / F5 Load Balancers, and Blue Coat Packet Shaper systems.
• Experience configuring high availability for XenServers, Presentation Servers using NetScaler.
• Experienced configuring VPC, VDC and ISSU Software upgrades on Cisco Nexus 7010.
• Experience working with BGP attributes such as Weight, Local-Preference, MED and AS-PATH to influence inbound and out bound traffic.
• Implementing security Solutions using Palo Alto Pa-5000/3000, Cisco ASA, Checkpoint firewalls R75, R77.20 Gaia and Provider-1/MDM.
• Involved in Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, InterVlan routing and LAN security.
• Site-to-Site IPSec Tunnel, Site-to-Site IPSec GRE tunnel, DMVPN.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance.
• Design the Fail over and redundancy path for Lear network to Eagle ottawa network design the Colo at netlink for Lear network.
• Use and maintain routing protocols EIGRP, OSPF and BGP on the Routers in the network & also worked on BGP Route Reflectors, Confederations.
• Deployed a large-scale HSRP solution to improve the uptime of collocation customers, in the event a core router became unreachable.
• Installed and configured the Cisco routers in two different customer locations. It includes coordinating with Verizon and AT&T in order to bring the serial interface up for T1 link. Also, configuration includes frame relay, BGP and VPN tunnel on GRE
• Configured and designed LAN networks with Access layer switches such as Cisco 4510, 4948, 4507 switches.
• Configuring IPSEC VPN on SRX series firewalls.
• Implemented HSRP on the Cisco 2948G Layer 3 switches and EIGRP, OSPF on 2 Cisco 2610 routers, the Layer 3 switch, 3 Cisco 350XL Switches, Cisco 3524XL switches for load balancing and fail over.
• Configuring ASA Firewall and accept/reject rules for network traffic.
• Extensive knowledge and troubleshooting in data communication protocols and standards including TCP/IP, UDP, IEEE 802.3, Token Ring, Cable Modem, PPPOE, ADSL, Multilayer Switching, DoD standards.
• Provided Load Balancing towards access layer from core layer using F5 Network Load Balancers.
• Knowledge and experience with management utilities (e.g. Cisco Prime, SolarWinds, SNMP, Syslog).
• Other responsibilities included documentation and supporting other teams.

Confidential, Greenwood Village, CO

Network Engineer/Admin

Responsibilities:

• Installation and Troubleshooting all type of Operating Systems Like (XP, Windows 7, Linux,
• Ubuntu, CentOS, Fedora)
• Configuring as well as troubleshooting of MS-Outlook, Printers, remotely.
• Managing Domain user‘s, ID creation, Roaming profile, Maintaining ADS.
• Creations of AD accounts and managing roles to desired user or Groups.
• Troubleshoot all desktop level call of the user.
• Installing, configuring, administering, and performance tuning Microsoft SQL Server 2000 familiar with Database Creation, Database Security, Database Replication/ Migration, Database Performance Monitoring, User Management, Database Backup/Restoration.
• Worked on VB Scripting for automation of processes for Windows Servers. Familiar with other script languages like ASP, Power Shell, PHP, Shell, Python.
• Installing, configuring, administering, troubleshooting VMware server on ESX platform and VMware client, workstation.
• Installation and Configuration of networks, router/switches configuration and wireless access point/router with security, TCP/IP, VPN, Content Filtering, Access Control Lists on router/switches, VLANs (port mapping, naming etc.), and routing IP address in both LAN/WAN and wireless networks.
• LAN Cabling, RJ-45 crimping, Labelling, Patch Panel, PC Junction boxes, Phone Switches and Rack set-up.
• Assist staff with the installation, configuration, and ongoing usability of desktop computers, peripheral equipment and software within established standards and guidelines.
• Managed deployment and growth of 20TB cross-platform fibre-channel based enterprise storage solution.
• Database administrator for a MySQL. The total allocated capacity of the database was 538 gigabytes. The system was used to track customer account information and as an inquiry system for customer telephoning for account information. Responsible for both logical design and physical design
• Completed design and implementation of a Kiosk System for customer interaction with the computer system.
• Rewrote Dbase/Clipper software to operate remotely.
• Upgraded Legacy systems to meet mobile requirements.
• Centralized all operations, enabling remote control of entire computer system.
• Generated reduction in service calls and immediate problem solving capabilities of a central administrator.
• Trained users in software and the system.
• Network Client/Server support for over 500 Windows NT and Novell NetWare users, creating and managing
• Crimp & punching network cables & troubleshooting network problem.
• Wireless Networking. & Data card Installation.
• Installing, managing, maintaining & configuring various type of services such as DHCP, DNS,
• Active Directory, Remote Desktop, and VNC.

Confidential

Network Engineer/ Admin

Responsibilities:

• Network Administrator for a medium-sized company with an environment that consists of Cisco, Juniper, and Palo Alto equipment.
• Managed day to day operational aspects of LAN, WAN, wireless, data center, and network security.
• Troubleshot network hardware and software issues in a fast-paced environment to avoid customer impact.
• Configured and supported new enterprise wireless infrastructure.
• Installed Viptela SD-WAN solution at remote branches to better utilize carrier circuits and mitigate packet loss and latency.
• Created zone-based firewall and security rules rules for Cisco ASA and Palo Alto equipment, as well as managed the hardware and their centralized management systems.
• Maintained and performed upkeep on network servers that served such purposes as AAA, NMS, and wireless performance/troubleshooting, as well creating new policy when needed.

Confidential

Network Admin

Responsibilities:

• Oversaw the purchase of additional servers, installation and configuration of these servers and the securing and placement of additional hardware and software.
• Wrote scripts in Korn shell, Perl and Python to facilitate automation of system administration tasks
• Developed web pages and CGI scripts in Korn Shell, Perl and Python.
• Created new scripts for reporting and maintenance (Including recursive "tree-reports").
• Engaged in data quality monitoring. Multiple reports and scripts created to identify and correct the problems.
• Oversaw the installation of additional workstations, upgrading of software, hardware and peripherals. All servers were Red Hat Linux, built into clusters, enabling maximum availability.
• Trained users in software and the system.
• Created a customized security model, which encompassed a virtual private network, systems with heavy Packet Filtering.