SUMMARY

• Excellent communication skills and team - oriented. Dedicated to give the best effort and deliver the product with ease on time.
• Ability to work in a cross-functional team. Strong analytical, problem solving, interpersonal, adapting to new environments, and leadership skills. Ability to meet deadlines, eagerness to learn, and adapt to new management.
• Have 7+ years of experience in Network and Security engineering, designing, deploying, migrating and supporting critical multi-site redundant Network environments
• Experience in installing, configuring and troubleshooting of Checkpoint Firewall and Juniper SSG series.
• 5+ years working with and migration checkpoint Juniper, and Palo Alto Firewalls
• Experience in adding Rules and Monitoring Checkpoint Firewall traffic through Smart Dashboard and Smart View Tracker applications.
• Configured Client-to-Site VPN using SSL Client on Cisco ASA 5520 ver8.2.
• Configured ASA 5520 Firewall to support Cisco VPN Client on Windows 7/XP/Vista.
• Expertise in installing, configuring, and maintaining Cisco Switches (2900, 3500, 7600, 3700 series, 6K, 7K and 9K)Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800)
• Expertise in installing, configuring and troubleshooting Juniper Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 series) Juniper Routers (E, J, M and T-series)
• Administration and diagnostics of LAN and WAN with in-depth knowledge of TCP/IP, NAT, PPP, ISDN and associates network protocols and services.
• Expert Level Knowledge about TCP/IP and OSI models.
• Extensive experience with Cisco IOS, Windows client/server operating systems and Linux
• Enhanced level of knowledge with PPP, ATM, T1/T3 Frame-Relay.
• Experience with Putty, Exceed and Secure CRT.
• Experience with Shell Scripting and Perl
• 5+ years working experience in datacenter migrations.
• Implementation of Juniper Firewall, SSG Series, Net screen Series ISG 1000, SRX Series.
• Worked on Juniper Net Screen Firewalls like, NS50, SSG 550M, SSG520M, ISG 1000, ISG 200.
• Expert knowledge of cable connectors and replacement as RJ-11, RJ-45, V.35, RS-449.
• Knowledgeable in understanding of the ITIL framework
• Excellent communication skills to interact with team members and support personnel, acting as a mentor to less experienced personnel.
• Demonstrated success record in: Managing multiple tasks with proven ability to meet deadlines and proactively identifying the problem to solve complex technical issues.
• Highly enthusiastic, creative team player, project implementation, analytical, interpersonal and communication skills.
• Experience with F5 load balancers andCiscoload balancers (CSM, ACE and GSS).
• Experience on load balancing strategies/techniques, expertise in application switching/traffic management, knowledge of persistence and SSL certificates.
• Basic and advance F5 load balancer configurations, including migrating configurations fromCiscoACEto F5 and general troubleshooting of the F5 load balancers.
• Experience with Cisco ASR’s, Catalyst 6500 series switches, 2800 series, 3800 series. 2900 series, and 3900 series routers.
• Thorough understanding of alarm correlation, route cause orchestration and platform scaling metrics for different platforms.
• Strong hands on experience in installing, configuring, and troubleshooting of Cisco ACI, Nexus 7k, 5k, 2k, Cisco 7600, 7200, 3800, 3900, 2800, 2900 series Routers, Cisco Catalyst 6500, 4500, 2960 and 3750 Stack Switches.
• Experience in design, Deploying & Troubleshooting F5 Load Balancer Includes BIGIP Series 5050V, 10000V, 8900, 6900, and 3900.
• Hands on Experience in configuring F5 objects, components and provisioning various modules like LTM.
• Provides technical leadership for problem escalation and resolution.
• Highly motivated with the ability to work independently or as an integral part of a team and Committed to highest levels of professional.
• Implemented traffic filters using Standard and extended access-lists, Distribute-Lists, prefix lists and Route Maps.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
• Basic knowledge on configuration of Cisco IP Phones using Call Manager Express. Also Auto/Manual registration of IP Phones using CUCM Admin GUI, managing Services, Phones and users in CUCM.
• Basic Knowledge of deploying including configure and troubleshooting of Cisco Wireless LAN Controller (WLCs) based APs, Standalone APs, and WLAN Security using WPA/WPA2

TECHNICAL SKILLS

LAN Technologies: VLAN, VTP, Inter-Vlan routing, STP, Workgroup, Domain, HSRP, DHCPStatic, VLAN, STP, VTP, Ether Channel, Trunks.

WAN Technologies: Frame Relay, ISDN, PPP, ATM, MPLS, Channel & Leased lines

Routing Protocols: RIP, IGRP, EIGRP, OSPF, BGP, IS-IS, HSRP, IPv6, VRRP, GLBP, LACP, PAGP, DNS, SMTP, SNMP, FTP, TFTP, LPD/TDP, WLAN, 802.11/802.11 e.

Routed Protocols: TCP/IP, IPX/SPX

Network firewall & VPN: NAT/PAT, VPN, Filtering, Load Balancing, IDS/IPS, IPSec, ACL

Infrastructure Services: DHCP, DNS, SMTP, POP3, FTP, TFTPNetwork ManagementsSNMP, SSH, Telnet, ICMP

IP Telephony: VOIP, FXO/FXS/E&M/T1/ISDN/ PRI, Call manager Express.

Comm. Protocols: ARP, Wi-Fi, WiMAX, CDMA, 3G

Operating Systems: Windows Vista/XP/NT/2003, MS DOS, UNIX, Linux

Languages/ Tools: C, C++, PERL Assembly 8085 and 8951/2, MIPS.

Firewall & Security: Cisco ASA, Checkpoint, Palo Alto

PROFESSIONAL EXPERIENCE

Confidential, Winsor, CT

Sr. Network Engineer

Responsibilities:

• Configured Routing protocols such as RIP, OSPF, EIGRP, static routing and policy-based routing.
• Team member of Configuration of Cisco 7206 router with VPN and Configuration of Catalyst switches.
• Configuration 7500, 7200 with OSPF and catalyst 6505, 4500, 3550 switches with various VLAN.
• Create and test Cisco router and switching operations using OSPF routing protocol, ASA 5500 Firewalls, and MPLS switching for stable VPNs.
• Daily use of Remedy ITSM Incident Management for managing outages and incidents.
• Troubleshooting the Network Routing protocols (BGP, EIGRP and RIP) during the Migrations and new client connections.
• Performing regular minor and major changes in FortiGate 1500D cluster firewalls using Forti Manager 200D and in ASA using ASDM and Checkpoint Using R77 and R80 management servers.
• Knowledge of SCCM client installation, software distribution, remote control, and other SCCM issues.
• Resolving and troubleshooting Break fix and Incident tickets In Fortinet 1500D firewalls the process also includes Analyzing the traffic and logs in Forti Analyzer 1000D and ASDM and Checkpoint R80 servers.
• Involved in peer to peer to meetings and built IPsec tunnels according to the costumer business requirements in Fortinet Firewalls and troubleshooting the IPsec tunnels.
• Implemented migration from ASA to Fortinet firewalls.
• In corporate network security recommendations into the design of the network using Cisco Meraki MX400
• Worked with Cisco Meraki wireless access points.
• Install system wide Enterprise Software and Updates via KACE Server reducing desk side visits.
• Configuration and troubleshooting link state protocols like OSPF in single area and multiple areas.
• Redesign of Internet connectivity infrastructure for meeting bandwidth requirements.
• Configured and managed VLANs, 802.1Q Trunk, RPVST+, Inter-VLAN routing, HSRP and LAN security for Layer-2 andLayer-3 switching domains as per the organization's requirement plan.
• Optimized performance of the WAN network consisting of Cisco 3550/4500/6500 switches by configuring VLANs.
• Providing support to create Virtual Private Cloud (VPCs) and gateways in AWS console.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Automated desktop image creation using scripts and custom task sequences with MDT 2013 and SCCM 2012R2.
• Migrations from Hypervisor environments to VMware virtual environment.
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
• Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers.
• Troubleshooting, configuring, monitoring, and maintaining networking equipment that includes: Cisco 6500 Series Switches, Cisco Nexus 5k Series Switches, Cisco 3800 series routers, Cisco 2600 Aironet 1562 and 1572 Series Wireless Access Points, and Cisco 5520 ASAs Experience working with Nexus 7010, 5020, 2148, 2248 switches.
• Implementation and configuration of F5 Big-IP LTM-6400 load balancers.
• Installation and administration of Checkpoint R 75.40 Firewall.
• Implemented firewall policy change on the Checkpoint clusters.
• Verified and Validated the Firewall policy on Checkpoint R75 clusters for unused rule and helped consolidating rule.
• Worked on Amazon AWS could network services.
• Validate 802.1X Secure Authentication Methods on MAC OS and Android OS clients.
• Configure a Site-To-Site IP sec VPN to the Amazon AWS VPN Gateway with other vendor security appliances devices.
• Deploying Layer 2 security in Server Farms by configuring switch for 802.1x port-based authentication.
• Technical assistance for LAN/WAN management and complex customer issues.
• Provided support for troubleshooting and resolving Customer and user reported issues.
• Worked with Network Engineer's in the installation and configuration of firewalls.
• Involved setting up the TFTP server for backing up the IOS images and configuration files of Cisco Routers and Switches and troubleshooting the file servers.
• Upgrades, installs, configuration and administration security and monitoring tools on Linux.
• Experience with Security- Firewalls, NAT / PAT, IPSEC, S2S.
• Configured Cisco ISE to interact with third-party Switches. Created SSL certificate requests for client branded websites and maintained all domain registrations. Configured captive guest portal options in Cisco ISE.
• Experience with ALG (RTP, RTSP and FTP, DNS, HTTP), DHCP.
• Responsible for network evaluations, troubleshooting a variety of network problems, and implementing various software and hardware upgrades efficient performance.
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls.
• Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems.
• Provided redundancy to the network, implemented hot standby routing protocol (HSRP) and Load sharing for effective utilization of routers.
• Experience with Cisco UCS, Virtual Infra on VMware, Installation, Upgrades and Patching.
• Configuring, implementing and troubleshooting VLAN's, VTP, STP, Trunking, Ether channels.
• Expertise in maintenance of layer2 switching tasks which advocate VLAN, VTP, STP, RSTP, PVST, RPVST, configuring of ether channel with LACP and PAGP.
• Packet capturing, troubleshooting on network problems with Wireshark, identifying and fixing problems
• Implementing, configuring, and troubleshooting various routing protocols like RIP, EIGRP, OSPF, and BGP etc.
• Performing network monitoring, providing analysis using various tools like Wireshark, SolarWinds etc.
• Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come online or that may have been altered during various planned network changes on the network. • Responsible for Cisco ASA 5500 firewall administration, Rule Analysis, Rule Modification.
• Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems

Environment: Cisco 3500/ 3550/4500/6500 switches and Cisco 2500/2600/3000/6500/7500/7200 routers, Cisco ASA, Checkpoint, Cisco Nexus7K/5K/2K, LAN, OSPF, BGP, RIP, EIGRP.

Confidential, South Winsor, CT

Network Engineer

Responsibilities:

• Setup and configuring complex switching environment by supporting Data center cores with Cisco advanced protocols, configure Nexus 7000 with vPC, Fabricpath, VDC.Configure Nexus 5000 as access layer data center switches, associate and configure fabric extender Nexus 2000 for server access port connections for enterprise build.
• Configure Cisco Nexus 7k,5k and 2k in a Spine and Leaf network. VPC/Portchannel configuration, OTV/FabricPath between data Centers Vlans.
• Validate 802.1X Secure Authentication Methods on MAC OS and Android OS clients.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Configured BGP, HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst switches and Nexus 7k and 5k switches for network infrastructure growth.
• Implement RFCs within change guidelines and windows using Remedy ITSM Change management.
• Maximize network performance by Providing network capture and analysis using NetScout and Wireshark to troubleshoot slow network and application issues. Also, coordinate with facilities team to identify and replace the faulty components and installation of the equipment.
• Configuring F5 load balancerrequests like VIP creation, decommission servers from load balancers, irule updates, changing health check monitors to meet customer demands and making IP instances available to public through NAT over internet for applications support in network.
• Updating SSL certificates on F5 load balancers timely to meet the applications working in regarding to SHA-2 requirement.
• Worked on operating system migration like windows XP, windows vista to Windows 7 using WDS and SCCM.
• Dealt with creating VIP pools, nodes and created custom iRules for the virtual servers like cookie persistency and redirection of URL on F5 ASM cookies issues and configures ASM policies.
• Worked on BIG-IP Access Policy Manager (APM) contextually secures, simplifies, and protects user access to apps and data, while delivering the most scalable access gateway.
• Migrating applications from cisco ACE/CSM to F5 LTM, and GSS configurations to F5 GTM wide- IPs.
• Created and managed A-records/DNS entries, CNAME, ALIAS, URL record in IPAM Infoblox.
• Configuring ASA and PIX Firewall to allow site to site VPN access and configuring authentication, encryption, compression, ACL to ensure better security.
• Administered multiple PIX firewalls throughout WAN to ensure LAN integrity from external threats and usage of PaloAlto firewall devices.
• Implemented McAfee Network Security IPS/IDS Platform and realtime protection and proactive network security using Tipping point.
• Creating and maintaining Windows 7, and Windows 10 desktop/laptop images using MDT and SCCM.
• Multi-user support, system integrations and PCI ASV scanning to Nessus in an easy-to-deploy cloud-hosted package.
• Assisted in building Aruba Clear Pass server transition away from Cisco ACS as the primary TACACS server.
• Working with Palo Alto Next gen 5550 firewalls with Panorama appliances.
• Configured standard and extended ACL’s on the servers to limit its access.
• AAA,PAP and CHAP implementation using Cisco Secure ACS (TACACS+, RADIUS).
• Proposed, installed, and configured Solarwinds Network Performance monitoring for network infrastructure monitoring purposes. This includes, but is not limited to, availability, protocol usages (via NetFlow), and VoIP quality metrics (using IP SLA).
• Installation/Configuration/Administration of SolarWinds NCM, NPM, NTA &Vman.
• Configuring all the end ports as access ports using port fast and implementing BPDU guard.
• Worked on inter-operability issues involving 3rd party firewalls like Cisco ASA/PIX, Juniper, and Cisco IOS routers.
• Configuring Static, ISIS, BGP and OSPF Routing Protocols on Cisco ASR 9000, 9001, 6500 series Routers.
• Troubleshoot F5 issues including, working through configurations of VIP, pool, nodes, and tcpdump on LTM, using Wireshark with tcpdump output from F5.
• Provided technical support for full setup, debugged the problems of OSPF, switching, HSRP and IPSEC tunnels formations.
• Creating a rule on the checkpoint firewall for a NAT (used ACLs to block unauthorized users) to the VLAN IP and allowing the IPsec traffic
• Architected and deployed new wireless network including vendor selection( Aruba Networks), site survey, and deployment of back-end services for secure 802.1x authentication.
• Provided other staff with weekly hour-long training sessions on TCP/IP. Topics included network principles, communication layers, addressing and subnetting, routing and ICMP, TCP and UDP, DHCP, multicasting, SNMP, and security.
• Managed successful delivery of massive security response portfolio including Splunk, Cisco WSA, Cisco IPS, SourcefireFirePower and AMP, Cisco ESA, FireEye, Passive DNS collection, DNS-RPZ, Cisco ISE, LancopeStealthWatch, and Mandiant.
• Managed user accounts, permissions, email, anti-virus, anti-spam, and content filtering and oversee software and network security.
• Implement network changes in accordance with documented standards on Method of procedure (MOP) while meeting service level agreements(SLA). Prepare proposed network diagram using Visio and co-ordinate with customer and other technical groups to get approval.
• Maximize network performance by doing software upgrades on network devicesF5 devices- code upgrade to 11.5.4, Juniper EX3300 devices - code upgrade to 14.x53 version, Nexus upgrade to 7.0.8 N 1 to eliminate memory leaks, possible threats and security issues and provide high throughput.
• Providing assistance and consulting to other engineering groups and departments in support of improving customer service and provides on-call support based on a rotation schedule.

Confidential

Network Engineer

Responsibilities:

• Implementing the necessary changes such as adding, moving and changing as per the requirements of business lines in a data center environment.
• I was involved in migration work in this project.
• Deploying Cisco ACI (Spine and leaf)
• Configured ACI Policies, Tenants, Bridge Domain, Private Networks, Contracts and Filters
• Configured ACI integration with VMware
• Worked on integrating existing Layer 2 and Layer-3 networks with ACI.
• Integrated of layer 4 - 7 services(ASA) with ACI
• Involved in Switching Technology Administration including creating and managing VLANS’s, Port security, Trunking, STP, Inter-VLAN routing, LAN security etc. Deploying Layer 2 security in Server Farms by configuring switch for 802.1x port-based authentication.
• Monitoring the network traffic with the help of Qradar and Cisco IPS event viewer.
• Remediation of firewall rules from checkpoint firewalls to Cisco ASA firewalls and their implementation.
• Worked on Aruba Wireless LAN Implementation for 11n Infrastructure Across the Corporate Network.
• Managing and implementation of PORs (port open requests) based on the requirements of various departments and business lines.
• Implementing and troubleshooting (on-call) IPsec VPNs for various business lines and making sure everything is in place.
• Installing and configuring new cisco equipment including Cisco catalyst switches 6500, Nexus 7010, Nexus 5548 and Nexus 2k as per the requirement of the company.
• Experience with F5 load balancers andCiscoload balancers (CSM, ACE and GSS).
• Implement the firewall rules using Net screen manager (NSM).
• Implementation of UTM and IDP in SRX, SSG and ISG Firewall.
• 24x7 on-call escalation support as part of the security operations team.
• Working configuration of new VLANs and extension of existing VLANs on/to the necessary equipment to have connectivity between two different data centers.
• Managing and providing support to various project teams with regards to the addition of new equipment such as routers switches and firewalls to the DMZs.
• Adding and removing checkpoint firewall policies based on the requirements of various project requirements.
• Implementing IPsec and GRE tunnels in VPN technology.
• Supporting project test teams in analyzing the bandwidth utilization.
• Managing and upgrading IOS image files and taking configuration back-up.
• Handling enterprise outages effectively and driving towards the resolution. Coordination of fault escalations in conjunction with the 1st high-level technical management of high priority or technically complex calls.
• Working with Capacity management on network bandwidth utilization reporting of the sites WAN link and vendor co-ordination for new site turnovers / WAN links.
• Preparing Metrics report detailing on SLA performance of tickets and process quality report to analyze team performance & discussion on the improvement areas (By monthly).
• Providing training to new comers and effectively working towards a process quality improvement in the Team.
• Excellent Troubleshooting Skills and Customer Centric approach.
• Strong Knowledge in working with F5 Load Balancers and their Implementation in various Networks.

Environment: Cisco 2948/3560/4500/3560/3750/3550/3500/2960 6500 , 7K and 9K switches and Cisco 3640/12000 /7200/3845/3600/2800 routers, Cisco Nexus 7K/5K/2K, Cisco ASA5510, Checkpoint, Aruba Controllers 6000, 3600, 3400,650: windows server 2003/2008: F5 BIGIP LTM,Linux.