SUMMARY

• Dedicated Network Security Professional with 10+ years. Excellent and effective at working independently or as part of a group. Strong work ethic and desire to contribute to an organization’s success.
• 10+years of experience in networking, including hands - on experience in routing, switching, security and cloud technologies.
• Experience in Checkpoint firewalls, Palo Alto Firewalls, Juniper Firewalls, Cisco WSA/CWS, Cisco ASA, SSL VPN, Cisco Nexus, Cisco ACS, Cisco ISE, IPS, and Microsoft TMG.
• Cisco Certified Network Engineer Around 10 years of experience withrouting, switching and Data center environment and Configuring, Troubleshooting of networking system on both Cisco and Juniper Networks.
• Worked onCisco 7200, 3800, 3600, 2800, 2600, 1800 series Routers and Cisco 2900, 3500, 4500, 5500 Switches
• Worked onMX - 80, MX-480, SRX-100, SRX-110, SRX-550 and EX-4200 Juniper devices
• Extensive hands-on experience with complex routedLAN and WAN networks, routers and switches
• Experience in working withCisco Nexus SwitchesandVirtual Port Channelconfiguration
• Helped design and build out a very large 100G Layer3 Leaf & Spine architecture (eBGP) using Arista switches to support the network consolidation in the new data center.
• Proficiency in configuration ofVLAN setup on various Cisco Routers and Switches
• Experienced introuble-shootingboth connectivity issues and hardware problems on Cisco based networks
• Worked on escalations and activates new turn up for new clients and advance troubleshooting for thesdwan deployment in both ISP and network infrastructure on both versa and cisco viptela SDWAN Solution
• Experience with designing, deploying and troubleshooting LAN, WAN, Frame-Relay, Ether-channel, IP Routing Protocols- (RIPV2, OSPF, EIGRP & BGP), ACL's, NAT, VLAN, STP, VTP, HSRP & GLBP.
• Worked extensively inConfiguring, Monitoring and Troubleshooting Juniper and Palo alto Security appliances
• Extensive knowledge and experience with hostingSSL certificates on F5 platforms.
• Deployed a newMeraki cloud base Guest and Corporate Wireless system. Personally, built, installed and maintained Meraki MR42 Access point and cloud system. Maintained the Aruba Wirelesscloud systems in the branches. Confer with network users to resolve wireless issues
• Good understanding ofSNMP, IP SLA and Network Monitoring with experience in tools like SolarWinds, Infoblox, WhatsupGold, Cisco Prime.
• Installed and implemented & troubleshoot the Network Virtualization through VM Ware and NSX .
• Configure, Manage, Analyze, and Optimize Network Performance, Traffic, SDWAN, VPNs, Security, Firewalls, & Policies.
• Build out, configure and install access layer switches and distribution layer switches and routers. Examples of the equipment configured and maintained areCisco, Nexus, Extreme, Juniper, ASRandArista .These upgrades or new build outs would include bothlayer 2 and layer 3 switches and routers.
• Understanding ofSDN/ NFV ecosystem SDN controller, ONF, ETSI NFV, Open daylight, Open stack .
• Good knowledge ofCISCO NEXUS data center infrastructure with 5000 and 7000seriesswitches includes (5548, 7010) including CISCO NEXUS Fabric Extender (223, 2248)
• Configuration automation of the network stack from system to access to core services and Test validate existing network state usingAnsible
• Strong knowledge of API design such asNetconf, RESTful APIas well as configuration management tools such asCHEF, Ansible
• Hands-on Experience withCISCO Nexus 9000,7000, Nexus 5000,andNexus 2000platforms
• Knowledge of virtual firewalls like checkpoint VSX, IDS, IPS as well as encryption techniques
• Good knowledge on)VLAN Trunk Protocol (VTP)
• Design, configure, and implementLAN/WAN networkingsolutions for mid-sized to enterprise-level client
• Conduct Wireless RF Surveys and document results
• Develop comprehensive project-based System Designs, Network Diagrams, Migration Plans, and Test plan
• Hands-on experience in using network stimulator tools like OPNET, Solarwinds Orion

TECHNICAL SKILLS

Routers: Cisco, Juniper, Huawei Switches, Bridges, Hubs Cisco, Juniper, Dell, HP

Networking Protocols: RIPv1, RIPv2, IGRP, EIGRP, OSPF, BGPv4, MP-BGP, TCP-IP, UDP, HTTP

Cisco Routers: 2500,2600,3200,3600,3800,4000,7200,7600, ASR9000, ASR 1000 Series, Cisco IOS and IOS XE platforms; Cisco 2500, 2600, 2800, 3600, 3800, 5300, 7200, ASR

Cisco Switches: Catalyst 6500, Nexus 7k/5k/2k, Cisco IOS and CatOS platforms; Cisco 2950, 2960, 3500, 3700, 4500, 6500. Cisco Data Center platforms; Nexus 1000, 5000, 7000, UCS 6000. Cisco SDN platforms; Nexus 1000v, ASA 1000v, CSR 1000v

Automation & Scripting: Ansible, Python.

WAN Technologies: Frame Relay, HDLC, PPP, MLPPP, ISDN, ATM.

LAN Technologies: VLAN, Spanning tree, VTP, VMPS, ISL, Dot1q, DTP,PVST

Load Balancer: F5 BIG IP LTM/GTM/ASM/APM, A10, RADWARE, Citrix

Firewall: Checkpoint R65/R70/R75/R77.30 GAIA/Firewall-1, Palo Alto, Cisco ASA, FortiGate, Panorama, Wildfire, Radware WAF VSX, IDS, IPS, Palo Alto PA 500, PA-2k, PA-3k, PA-5k & PA-7050Checkpoint R65/R70/R75/R76/R77/R80, Cisco ASA, Firepower 4100.

Tools: SNMP,Firemon,Tufin,HP-Opsware, Wireshark, Solar WindsSplunk, IBM/QRadar,Nagios,Netflow,OpenDNS,Azure Sentinel.

Wireless Technologies: Cisco WLC 2504, 4404,5508.

Routed Protocols: TCP/IP, IPX/SPX

Languages/Tools: C, C++, VB script,Ansible,Python, Perl, Shell.

Operating System: Windows XP, Vista, Windows 7, Unix, Linux, MS VisioTECHNICAL SKILLS

Security Tools: Wireshark, MBSA, MS Visio, Apache, VMWare ESXi 3.5, VMware Server, Encase,, Cisco Firepower, Cisco Umbrella

PROFESSIONAL EXPERIENCE

Confidential, Dallas TX

Network Security Specialist

Responsibilities:

• Provided Tier 3 network engineering support for Network Operations and Security Center, performing the design, implementation, configurations and troubleshooting Cisco routing/ switching, Cisco Wireless, Cisco UCCM, Cisco ASA-Firepower, Checkpoint, Juniper SRX/NX, Palo Alto 6x/7x, F5 Load balancing, IPS/IDS, DLP, and SEIM solutions.
• Installed in Few Types of firewalls Checkpoint (Standalone & Distributed), Cisco ASA with Firepower, Sophos XG, Cyberoam. In corporate Cisco Nexus 9000 NXOS to ACI fabric to work in concert with existing Nexus 7000s and ASRs for Multi-protocol Label Switching (MPLS)
• Deploying and managing SD-WAN solutions(Viptela, Citrix) for large-scale enterprises.
• Assisted with migration from Iron port proxies to Zscalers with local Pzens and Cloud Pzens. Configured whitelists, policies, blocklists in DMZ Pzens.
• Worked with Automation script with Python module like Chef & Ansible.
• Proficient in AWS services like VPC, EC2, S3, ELB, Auto Scaling Groups(ASG), EBS, RDS, IAM, Cloud Formation, Route 53, Cloud Watch, Cloud Front, Cloud Trail
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/Juniper security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
• Performed all maintenance tasks on the Nexus Switches, ASR Routers, Checkpoint Firewalls, F5 Load balancers Infoblox DNS and Cisco ACI.
• Supported the Data center network infrastructure consisted of multiple Nexus 9Ks, 7Ks, 5Ks, 2Ks, FWs,Security systems, F5, and VMware environment by maintaining and deploying new technologies.
• Experienced with event-driven and scheduled AWS Lambda functions to trigger various AWS resources
• Involved in IEEE 802.11n standardisation and wireless chipset development for GSM, UMTS and LTE.
• Deploying and troubleshooting internetworking such as eBGP/iBGP, OSPF, EIGRP, VPC, OTV, Cisco Fabric Extender (FEX), STP, VLAN, MPLS - VPN, DMVPN.
• Experience QFX 5100, SRX 1500, 5400, MX 480, EX 4300 Series Routers and Switches, Aruba wireless 7200 series and more.
• Expert knowledge of Cisco ACI, NxOS and IOS, other SDN products Tiered Domains, QoS, data center network design, cloud infrastructure design and management, OSPF, BGP, VLAN Trunking
• Worked on F5 Enterprise Manager 3.1 version to manage multiple F5 LTM devices from single-pane view.
• Worked with Blue coat and handled the Trouble Tickets on F5 Load Balancers.
• Resolved networking trouble tickets using various monitoring tools, Wireshark and TCPdump.
• Integrating Symantec DCS with NSX, providing server hardening.
• Experience working on Cloud Computing Virtualization using VMware Six 4.0 and Windows Hyper-V.
• Configured, installed, & managed DHCP,IP Subnetting, DNS, & WINS servers
• Used Network monitoring tool Solarwinds to detect and block security threats, manage device configurations and track changes, automate software updates to server and workstations and perform endpoint device tracking and switch port usage.
• Provide ISE deployment services for migration of users from Cisco NAC to Cisco ISE platform for the following locations.
• Performed site refreshes on Cisco switching and Aruba wireless infrastructure at several locations. Configurations, implementation and troubleshooting issues on Checkpoint R77.10 Gaia, R75, Cisco ASA 5540, 5000 series firewalls for the client environment.
• Implementing, and support the F5 BIG-IP infrastructure included LTM, GTM, APM, ASM
• Implemented l4/l7 services and network Micro segmentation using ASA, Palo alto virtual firewalls and integration with ACI fabric and Arista VXLAN fabric.
• Created various EC2 instances in the AWS VPC and managed S3 data.
• Design and Install UCP Select for VMWare vSphere with Cisco UCS and Cisco Unified Fabric Switching. Experience in creating multiple policies and pushing them into Checkpoint Firewall (Gateways) and hands-on experience in managing the Checkpoint Management Server and Gaia operating system.
• Creating ACLs as per user's requirement to getting access for different servers like internal firewalls, DMZ firewalls and Internet firewalls and also worked on Splunk for troubleshooting.
• Worked with VM segmentation ( VMware NSX, Illumio, vArmour, GuardiCore), Firewall management and auditing (FireMon, Tufin, AlgoSec, RedSeal, Skybox, etc.) Sandboxing and Analytics (FireEye, Damballa, Check Point, Fortinet, Palo Alto) Network packet brokers (Gigamon, IXIA, NetScout)
• Configuring HA pair for two Palo VM-300 series AWS instance firewalls and testing the failover activity as well as ENI migration.
• Experienced with Aruba Wireless platform (Aruba ClearPass and Aruba AirWave), Aruba Mobility controllers providing centralized internet management and also intra network access
• Experience with configuring FCOE using Cisco nexus 5548
• Part of the New Product development team and responsible for User Acceptance Testing (UAT), SDWAN, Viptela, Versa, Meraki.
• Used packet analysis tools such as Wireshark and Tcpdump in order to troubleshoot and solve network connectivity issues
• Intensive applications of Network automation tools and testing for network automation and configuration management using Ansible, Python scripting.
• Installed and configured RSA two factor authentication systems, Digital Guardian DLP solutions and Zscaler on customer environment to make it more secure.
• Understanding of IPSEC, Understanding and troubleshooting of VPN (Site to Site, Remote SSL). Zscaler Cloud proxy basics (Authentication, Authentication bypass, Zscaler root certificate)
• Exposure to native cloud security solutions such Zscaler cloud FW, Illumio ASP, AVI Network
• Deployed Arista network equipment's like 7508, 7304,spine switches 7280, VXLAN, LANZ
• Worked on Palo Alto PA-5050 design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Worked on Jira Ticketing system to help clients resolve issues related to RSA two factor authentication, Zscaler and DLPadd this in responsibilies two bullets
• Designed ACLs, VLANs, troubleshooting IP addressing issues and taking back up of the configurations on switches and routers.
• By using OSS I helped the integration team that can ensure the software works with network infrastructure to pass on important information about the fulfillment and delivery of services.
• Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network.
• Installation of new firewalls as well as perform in place upgrades. Hardening the Fortinet and Check Point firewalls before moving them to Production

Environment: Cisco ASA 5580/5540/5520 , Aruba Wireless, CheckpointR70, R75, R77.20 Gaia, Palo AltoPA-5000/3000, Juniper SSG, SRX, RMA,CAN,SD-WAN, Big IP F5 LTM/GTM, SPE, Python, JNCIA, Nexus switches, Routers, TCP/IP, VPN, Bluecoat Proxy servers, IDS/IPS. SIEM and monitoring, Netscalar,BMC Remedy, Cisco Prime, ForescoutCounterACT, Tufin.

Confidential, Seattle, WA

Network Security Engineer

Responsibilities:

• Installation of new firewalls as well as perform in place upgrades. Hardening the Fortinet and Check Point firewalls before moving them to Production
• Building Automation tools for Nexus9K, 3K and Juniper QFX5100 using netconf, pyez, and Ansible module.
• Enterprise experience with Cisco 6500, 3750, Nexus 9K, 7K, 5K and 2K, F5 LTM design and implementation.
• Migration from Cisco firewalls to Palo Alto firewalls platforms PA 4000 and PA 500 and PA- 200 firewalls network technologies including Optical VoIP VPN SAN switching and routing.
• Designed and implemented a POC of Cisco ISE vs Aruba ClearPass NAC solution for the corporate network wired.
• Improve scalability and ease of deployments of the Open stack underlay network by migrating from Standalone Nexus to Cisco ACI platform.
• Involved in Configuration of various Cisco Routers & L2/L3 Switches and implementing OSPF and BGP on the routers
• Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 8800 for the corporate
• Configuring, upgrading and deployment of Nexus 7010, 5596 and 2248.
• Configure, add and deploy Cisco Meraki MX appliances. Pushed firmware updates for switches, appliances, and access points.
• Managing Firewall products - Checkpoint Appliance 2200 Gateways, Provider-1 and VSX environment. (R77.10 and 77.20) and ASA environments. Responsible for Check Point and Cisco ASA and Cisco UCCX firewall administration across global networks.
• Build out, configure and install access layer switches and distribution layer switches and routers. Examples of the equipment configured and maintained are Cisco, Nexus, Extreme, Juniper, ASR and Arista . These upgrades or new build outs would include both layer 2 and layer 3 switches and routers.
• Performed IOS Software upgrades on switches 6509, 4510, 3750 and Cisco ASR for compatibility with Cisco ISE.
• Worked with VM segmentation ( VMware NSX, Illumio, vArmour, GuardiCore), Firewall management and auditing (FireMon, Tufin, AlgoSec, RedSeal, Skybox, etc.) Sandboxing and Analytics (FireEye, Damballa, Check Point, Fortinet, Palo Alto) Network packet brokers (Gigamon, IXIA, NetScout)
• Involved in Implementation and Configuration (Profiles, I Rules) of F5 Big-IP C-4400 load balancers.
• Deploy Azure IaaS VMs and Cloud services PaaS with high availability by designing availability sets, VMSS
• Performed Configuration changes on BIG IP (F5) Load balancers and also monitored the Packet Flow in the load balancers.
• Experience in developing cloud strategies, roadmaps, architecting (hands-on) new cloud solutions end to end or enterprise level AWS/Azure migrations
• Worked on SDN/NFV technologies including Open Stack Neutron, VM ware NSX, Open flow, Open daylight, Open v Switch, Open Contrail, or Cisco ACI.
• Implementation and troubleshoot on Brocade VDX (VDX6720, 6730, 6740, & 8770) devices.
• Used Splunk Search Processing Language (SPL) and Regular expressions to filter Firewall logs AIX TCP/IP DCT team works on Security Vulnerability issues, customer reported PMRs, internal defects and features on TCP components. Work on new enhancements includes FRS, Design Doc and coding
• Worked on F5 LTMs & GTMs to improve web application delivery speed and replication through and between distributed global data centers.
• Provided connectivity to On-premise devices to Azure VNET by using Azure VPN, Express Routes and Virtual Network peering.
• Proficiency in Cisco ASAs, ISRs, Catalyst/Nexus, HP Switches, Cisco Meraki, Aruba, EIGRP, OSPF, BGP.
• Check routing and ports, WAF configuration, Azure Firewall, NSG, NVA, Load Balancer configuration.
• Design, configuration, and support of Cisco Catalyst Switches and Nexus Switches, Cisco ISR/ASR/CRS Platforms, Cisco ACI, Brocade VDX, Nortel/Avaya/HP Switches, Cisco Routers and Load Balancers like F5, ACE.
• Configured Nexus 7010 including NX-OS Virtual Port Channels, Nexus port profiles, Nexus Version 4.2 and 5.0, Nexus VPC peer links.
• Firewall Policy Provisioning and troubleshooting firewall connectivity related issues using Fortinet Manager.
• Experienced in WMI(Windows Management Instrumentation), Development in wireless technology (Wi-Fi) IEEE 802.11X standards.
• Request for proposal also includes guidance to bidders on how to prepare a proposal. This section will provide the details on the proposal format, as well as instructions on how the RFP response is to be constructed and organized.
• Working on Deploying and migrating customer to Zscaler Cloud Proxy.
• Extensive experience working on proxies like Cisco Iron Port, Bluecoat, Zscaler cloud proxy
• Responsible for operating and maintaining Illumio endpoint security solutions
• Develop/capture/document architectural best practices for building systems on AWS.
• Experience with converting WAN routing from EIGRP/OSPF to BGP (OSPF is used for local routing only) which also involved converting from Point to point circuits to MPLS circuits.
• Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP
• Designing and Deploying dynamically scalable, Highly available, fault tolerant and reliable applications on AWS
• Utilized McAfee SIEM, McAfee Antivirus Fore scout and Zscaler. ( Add this point in summary )
• Supported Deployment of Zscalers and Bluecoat from scartch .
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.

Environment: Cisco ASA 5580/5540/5520 , AWS,CheckpointR70, R75, R77.20 Gaia, Palo Alto PA-5000/3000, Big IP F5 LTM/GTM, Nexus switches(9k,7k,5K), TCP/IP, VPN, Bluecoat Proxy servers, IDS/IPS. SIEM and Monitoring, Service Now,Azure, Cisco ACI.

Confidential, Plano TX

Firewall Engineer

Responsibilities:

• Worked on devices Cisco IOS switches, Nexus(5K), Palo alto firewall (500,3020), Juniper SRX, MX,EX and Netscreen firewalls, ASA firewall, check point firewall,SSL VPN Pulse secure, F5 load balancer and Net Screen.
• Upgraded load balancers from Radware to F5 BigIP v9 which improved functionality and scalability in the enterprise. Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs
• Install and support various MPLS/BGP, Metro Ethernet deployments and configure routing and switching platforms and Aruba Wireless Solutions.
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.
• Develop/capture/document architectural best practices for building systems on AWS.
• Worked on data center segmentation project to create segmentation between the user and server traffic by deploying Palo Alto firewalls (5250s) in the datacenter including cabling to the Nexus 9K,7K VDCs and HA.
• Implemented Cisco and Aruba Wireless Controllers, Aruba Wireless Access Points at corporate site as a part of WLAN Infrastructure.
• Maintain effective communications with vendors, peers and clients in resolution of trouble-tickets, equipment.
• Design and implement Cisco ACI fabric networks with Nexus 9000 switches and APIC controller in a VMware envy using Cisco network and data center routers/switches Nexus 9000, 7000, 5000, 2000, and 1000v switches in VMware
• Install and support various MPLS/BGP, Metro Ethernet deployments and configure routing and switching platforms and Aruba Wireless Solutions.
• Monitors Rogue/Suspected Rogue devices using Aruba Airwave & sends Dearth packets to devices who are broadcasting its wireless network inside our facility.
• Implemented l4/l7 services and network Micro segmentation using ASA, Palo alto virtual firewalls and integration with ACI fabric and Arista VXLAN fabric.
• Implementation and configuration of F5 2400 Viprion series using Brocade devices in a multipath network environment.
• Creating or Modifying Firewall rules on Cisco 5555, 5520, Juniper SRX and Palo alto VM-300 devices
• Develop python/bash scripts to aid in the network monitoring, information gathering and expedited resolution of network issues.
• Configuration of overlay VXLAN VTEPs with EVPN control-plane on Nexus switches.
• Worked on data center segmentation project to create segmentation between the user and server traffic by deploying Palo Alto firewalls (5250s) in the datacenter including cabling to the Nexus 7K VDCs and HA. Hands on Experience testing iRules using Browser (IE), HTTP watch, curl, Scripts (shell/batch file/Perl) and host files.
• Experience in working with Splunk authentication and permissions and having significant experience in supporting large-scale Splunk deployments.
• Implemented Cisco ISE 1.2 for Wireless 802.1x Authentication and Authorization with Flex Connect.
• Checkpoint Firewalls, Firemon, VPN, Datacenter, Cisco, Nexus, ACS, WAN Optimization, Riverbed Cascade, Riverbed Profiler, Net flow, Planning, Budgeting, Supervising, Setting Standards, Documenting MOP, Managing Multiple Projects
• Monitor, support and implement virtualized environments and disaster recovery procedures for hosted applications and on premises infrastructure-based VMware, utilizing resources such as Nimble, Netapp, Cisco Nexus and SDwan devices.
• Performed all maintenance tasks on the Nexus Switches, ASR Routers, Checkpoint Firewalls, F5 Load balancers Infoblox DNS and Cisco ACI
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
• Installed and configured Cisco Meraki (MR66,MR18) wireless Access points in the warehouses.
• Extensive experience in cloud management systems and integrated with Azure for AD.
• Deployed and configured Cisco DNA Center 1.1.7 into the Data Center.
• Troubleshooting Cisco APs and Meraki appliances.
• Installed in Few Types of firewalls Checkpoint (Standalone & Distributed), Cisco ASA with Firepower, Sophos XG, Cyberoam.In corporate Cisco Nexus 9000 NXOS to ACI fabric to work in concert with existing Nexus 7000s and ASRs for Multi-protocol Label Switching (MPLS)

Environment: Checkpoint, Nexus, Cisco 3500, 1400, 1500, 5400, ASA firewall -- ASA5545, ASA5585-SSP-20, firewall PIX-525, VPN concentrator -- Cisco 3060, check point firewall -- r77, F5 Local Traffic Managers (LTM) 5000, 7000 series, (ISE) 2.3, VLANs, STP, DNS/DHCP issues, Palo Alto firewalls, Cradle Point, FortiGate TACACs, BGP,MPLS, Firewall analyser, Wireless LAN, service desk, Cisco ISE, Cisco Prime, JUNOS.

Confidential, Irving, TX

Network Support Engineer

Responsibilities:

• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.
• Experience in Designs and implements Cisco Firepower and Palo Alto firewalls
• Experienced setup, create test beds on Cisco LAP/WLC and Aruba IAP/Airwave/ClearPass
• Experience in designing cloud based networks on top of AZURE, AWS, and Alibaba framework.
• Worked on Cisco Nexus 9K family of switches whose hardware is based on Cisco ACI
• Worked on data center segmentation project to create segmentation between the user and server traffic by deploying Palo Alto firewalls (5250s) in the datacenter including cabling to the Nexus 9K,7K VDCs and HA.
• Experienced in Configuring and troubleshooting multivendor devices like Cisco ASA 5585, 5550, 5540, Juniper SRX series for Branch/Datacenter Setup
• Technical responsibilities include troubleshoot Cisco endpoint VoIP IP Phones, CUCM Cisco Unified Communications Manager, Cisco WebEx Connect, Cisco AnyConnect, Cisco ARC, ISI, Meetingplace.
• Used Cisco ACI (Application Centric Infrastructure) for fabric implementation, operations, and integration with external bridged networks and Cisco Unified Communication Systems.
• Worked on configuration of security policies on F5 ASM, Zscaler Proxies for application level security and internet traffic security respectively.
• Configuration and administration of firewalls, which includes Checkpoint, Juniper, and Cisco ASA firewalls
• Worked with SolarWinds monitoring tools and Service Now Ticketing system
• Used request for proposal (RFP) to document that an organization,posts to elicit a response a formal bid from potential vendors for a desired IT solution.
• Spearheaded the project to replace cisco wireless environment with Aerohive, Aruba and Meraki wireless access points throughout the company locations.
• Implemented Contracts, Multi-tenants between Endpoint groups using SDWAN in ACI.
• Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Experienced with Juniper: EX-2200, EX-4200, EX-4500, MX-480 and M Series, SRX210 and SRX240.
• Install, Configure and Upgrade Checkpoint, Cisco, Palo Alto appliances in the network and build high availability using ClusterXL on checkpoint, Active/Standby on Cisco
• Manage and implement Cisco ISE security and NAC security products, configure NAC appliance and NACprofiler to restrict endpoints based on identity or security postures, enforce policies on BYOD (mobile) devices.
• Created wireless environment to support the facility to include using the Cisco 3750 wireless controllers (2) and Aruba Wireless AP's to support wireless network throughout facility.
• Used OSS to enable service provider to monitor, control, analyze, and manage the services on its network.
• Used RFP in organization to boost competition to drive down the cost of a solution.
• Configuring user's roles and policies for authentication using Cisco NAC and monitoring the status of logged users in network using Cisco ISE.
• Used OSS typically provide the operator team to perform Fault Management, Performance Management and Security Management by focusing on maintenance of the network.
• Experience in proactively monitoring network health for customers and corp. Network via SIEM ( Security Information and event management) tools such as Solarwinds, Infoblox, Netflow, Thousand Eyes, Wireshark .
• Working on Cisco NAC & Cisco ISE to authorize users based on protocols PEAP and EAP-TLS, also manage and monitor user's access privileges.
• Configure, Manage, Analyze, and Optimize Network Performance, Traffic, SDWAN, VPNs, Security, Firewalls, & Policies.

Environment: CISCO routers and switches, Access Control Server, RIP V2, OSPF, EIGRP, VLAN, Palo Alto, Trunk Protocols, CISCO ASA, DHCP, DNS, Spanning tree, Nimsoft.

Confidential

Network Admin

Responsibilities:

• Configuring user's roles and policies for authentication using Cisco NAC and monitoring the status of logged users in network using Cisco ISE.
• Responsible for the configuration, implementation and operation of Cisco 3745 routers Cisco 6509 and 3560 L2/L3 switches
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience
• Working on Cisco ISE to authorize users based on protocols PEAP and EAP-TLS, also manage and monitor user's access privileges.
• Experience on dealing with Cisco ISE Secure Network Server 3515 and other network security products.
• Removed Cisco 3600 and 2600 series routers and Cisco 2900 series switches from the current infrastructure and replaced them with the Cisco 6509 or 3560 L2/L3 switches.
• Served a platform for other services that are required within the data center or cloud environment using Cisco ACI.
• Configuration of BGP on both Nexus and Palo Alto, moved SVI (server VLAN) interfaces from ASA core to Palo Alto.
• Install and maintain customer software including Office 365
• Deployed a new Meraki cloud base Guest and Corporate Wireless system. Personally, built, installed and maintained Meraki MR42 Access point and cloud system. Maintained the Aruba Wireless cloud systems in the branches. Confer with network users to resolve wireless issues
• Worked on Cisco Routers, Active /Passive Hubs, Switches, Cisco ASA Firewalls, NAT and Juniper SRX firewall.
• Configured RSTP, MST and used VTP with 802.1q trunk encapsulation. Provided port binding and port security wherever required. Provided router redundancy through HSRP.
• Installed over 700 new Meraki Access points in all Fidelity Investment Centers.
• Configured ether channels using PAgP and LACP.
• Designed ACLs, VLANs, troubleshooting IP addressing issues and taking back up of the configurations on switches and routers.
• Designed SD-WAN (Viptela& Versa) technologies to optimize efficiency and scalability across Enterprise LAN and WAN environments.

Environment: CISCO routers and switches, Access Control Server, RIP V2, OSPF, EIGRP, VLAN, Trunk Protocols, CISCO ASA, DHCP, DNS, Spanning tree, Nimsoft,LAN, WAN