Sr. Network Engineer/ Security Resume
Washington, DC
SUMMARY
- Network Engineer with 8+ years of experience in IP network design, network integration, deployment, testing, and troubleshooting.
- Good noledge of WAN technologies such as T1, T3, DS3, OCx, SDH, SONET, LTE, Fiber and Frame relay.
- In - depth noledge and hands on experience in configuring and troubleshooting Layer 3 Interior Gateway Routing protocols like Distance Vector routing protocols (RIPv1, RIPv2 and EIGRP) and Link-State routing protocols (OSPF and IS-IS).
- Substantial noledge in configuring and troubleshooting Exterior Gateway protocols such as BGPv4 including internal BGP (iBGP) and external BGP (eBGP).
- Hands on experience in configuring, and troubleshooting of high end Cisco routers like GSR 12000 series, 7500, 3800, 3600, 2800, 1800 series.
- Experience in configuring, and managing Catalyst Switches like 7600, 6500, 4500, 3700, 2900 series.
- Thorough experience in upgrading, backup and password recovery of Cisco IOS.
- Experience in Designing and implementingCiscoUCS
- Worked on Cisco Firewalls Cisco ASA 5500(5510/5540) Series and Checkpoint R75, 76 Firewalls.
- Designed, configured and installed new Cisco ASA 5515. Configured all teh security protocols by implementing strict enforced access via ACLs, NAT, Class Maps, Policy Maps, VPN access to business resources.
- Configured Port based security, implemented 802.1x port based autantication.
- Proficient in design, implementation, management and troubleshooting of Checkpointfirewalls, Cisco PIX, NetscreenFirewalls, Check Point Provider-1 / VSX, VPN, Palo Alto IDS, Foundry / F5 Load Balancers, and Blue Coat.
- Advanced noledge, design, installation, configuration, maintenance and administration of CheckpointFirewallR55 up to R77
- Experience in tools like SNMP, AAA, RADIUS and designed VPN with IPSEC security layer.
- Experience working with Cisco Nexus Switches like 5000 and 7000 series and Virtual Port-Channel configuration.
- Good experience in configuring teh Nexus 5K Aggregation Switch and Nexus 2K Fabric Extenders.
- Implemented VDC, VPC, VRF and OTV on teh Nexus 5505 and 7009 switches.
- Knowledge and configuration of redundant router protocols like HSRP, VRRP and GLBP.
- Thorough noledge, including teh configuration, of Spanning Tree Protocol (STP), Per VLAN Spanning Tree (PVST), Rapid STP (RSTP) and Rapid per VLAN Spanning Tree (PVST+).
- Extensive experience in configuring Virtual Local Area Networks (VLAN) with IEEE 802.1Q, VLAN trunking protocol (VTP), VLAN Cross Connect (CC), Multiple VLAN Registration Protocol, and shortest path bridging.
- Experience in troubleshooting both connectivity issues and hardware problems on Cisco based networks.
- Extensive noledge in testing Cisco routers and switches in lab scenarios and deploy on site for production.
- Knowledge of IPv4 and IPv6 Addressing, Fixed Length and Variable Length Subnet Masking (VLSM), OSI and TCP/IP models.
- Experience in migration of IPv4 addresses to IPv6 addresses using mechanisms like Transport Relay Translation (TRT), Tunnel Broker, NAT64, DS-Lite and DNS64.
- Experience in installing and configuring NAT, DHCP server and DNS in large networks.
- Hands on experience on LAN/WAN setup, installation, configuration and commissioning of network devices.
- Experience in configuration of LAN protocols such as Ethernet and Fiber Distributed Data Interface (FDDI) on Cisco Switches.
- Experience in teh setup of Access-Lists, and RIP, EIGRP, and tunnel installations.
- Implemented traffic filters using standard and extended access-lists, distribute-lists and route maps.
- Experience in provided support dat included resolving day-to-day operational issues with tickets generated by a server.
- Deep noledge on implementing F5 BIG-IP load balancer.
- Experience in implementation of F5 GTM based on topology load balancing methods
- Good experience in deploying BIG-IP F5LTM Load Balancers for load balancing and traffic management of business application.
- Experience in documenting and preparing teh process related operational manuals.
- Knowledge of SNMP, IP SLA and Network Monitoring with experience in tools like PRTG.
- Hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Sub netting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3, SONET POS OCX/ GigE circuits, Firewalls.
- Extensive experience with F5 load balancers - LTM, GTM series like 6400, 6800, 5000 and 2000 for teh corporate applications and their availability.
TECHNICAL SKILLS
Routers: Cisco routers (ASR9k, GSR 12000, 7600, 7500, 7200 VXR, 3800, 3700, 2800, 2600, 2500), Cisco L2 & L3, Juniper routers (M7i, M10i, M320)
Switches: Cisco Switches (6500, 4000, 3750, 3560, 2960), Nexus (2248, 5548 &7010)
Firewalls: Cisco ASA 5500, Cisco PIX 500, checkpoint r60, checkpoint r65, Juniper SSG Firewalls.
Load Balancing: Cisco ACE 4700 series, F-5 BIG-IP LTM (3900 and 8900), Blue Coat SG8100, AV 510, AV810.
IP Routing Protocols: RIP, EIGRP, IGRP, OSPF & BGP, Route Filtering, Redistribution, Summarization, Static routing, IS-IS.
WAN Technologies: FRAME RELAY, ISDN T1/E1, PPP, ATM, MPLS, leased lines, DSL modems.
LAN Technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, NAT/PAT, FDDI. Cisco
Optical infrastructure: SONET OC3-OC192, SDH, POS, PDH
VoIP Devices: Cisco IP phones, Cisco 5500, 6500 series controller, Avaya 3000, 6000, 7200 series Controllers
Routing Protocols: BGP, OSPF, EIGRP, IGRP, RIP v1 & v2, IS-IS.
Switching Protocols: STP, IEEE 802.1Q, VTP, VLAN & Inter-VLAN routing, QoS, MSTP, RSTP, and LACP.
Network management: SNMP, Cisco Works LMS, HP Openview, Solar winds, Etheiral.
Layer 3 Switching: CEF, Multi-Layer Switching, Ether Channel.
Carrier Technologies: MPLS, MPLS-VPN.
Redundancy protocols: HSRP, VRRP, GLBP.
Security Protocols: IKE, IPsec, SSL, AAA, Access-lists, prefix-lists
Wireless Technology: Cisco AP, LWAP, Access Points, WCS
Ticketing software: Connect Wise, Remedy system, ServiceNow.
Operating Systems: Windows Server/8/7/Vista/XP, Nexus OS, Cisco IOS-XR, Linux, Unix (Mac OS).
Language: Unix, Turbo C / C++, basics in Perl and Shell scripting.
Cabling: CAT 5, CAT 5e, CAT 6, CAT 6a002E
PROFESSIONAL EXPERIENCE
Confidential, Washington, DC
Sr. Network Engineer/ Security
Responsibilities:
- Configured Routing protocols such as RIP, OSPF, EIGRP, static routing and policy based routing.
- Team member of Configuration of Cisco 7206 router with VPN and Configuration of Catalyst switches.
- Configuration 7500, 7200 with OSPF and catalyst 6505, 4500, 3550 switches with various VLAN.
- Create and test Cisco router and switching operations using OSPF routing protocol, ASA 5500 Firewalls, and MPLS switching for stable VPNs.
- Troubleshooting theNetworkRouting protocols (BGP, EIGRP and RIP) during teh Migrations and new client connections.
- Implement changes on switches, routers,loadbalancers(F5and Brocade), wireless devices as per engineersinstructions and troubleshooting any related issues
- Implementation and configuration of GLBP/HSRP on multilayer switches for first-hop redundancy
- Hands on experience testing iRules using browser (IE), HTTP watch onF5loadbalancers.
- Configuration and troubleshooting link state protocols like OSPF in single area and multiple areas.
- Redesign of Internet connectivity infrastructure for meeting bandwidth requirements.
- Configured and managed VLANs, 802.1Q Trunk, RPVST+, Inter-VLAN routing, HSRP and LAN securityfor Layer-2 and Layer-3 switching domains as per teh organization's requirement plan.
- Optimized performance of teh WANnetworkconsisting of Cisco 3550/4500/6500 switches by configuring VLANs.
- Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
- Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
- Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers.
- Strong working noledge of Nexus 5K/7K /2K.
- Experience working with Nexus 7010, 5020, 2148, 2248 switches.
- Configuring, Administering and troubleshooting theCheckpointand ASAfirewall
- Implementation and configuration ofF5Big-IP LTM 6400loadbalancers.
- Provide Tier IILoadBalancerexpertise onF5BigIP Local Traffic Managers (LTM). DesigningF5solutions/support for migration work of applications and websites from Cisco CSSLoadBalancersto theF5BigIPLoadBalancers.
- Installation and administration ofCheckpointR 75.40 Firewall.
- ImplementedCheckpointfirewallrules according to business requirements and verifications
- Implemented new device of Cisco & Juniper MX - series as per policy reviewed bynetwork architect.
- Implemented firewall policy change on theCheckpointclusters.
- Verified and Validated teh Firewall policy onCheckpointR75 clusters for unused rule and halped consolidating rule
- Implemented, configured BGP WAN routing, converting OSPF routes to BGP (OSPF in local routing)
- Technical assistance for LAN/WAN management and complex customer issues.
- Provided support for troubleshooting and resolving Customer and user reported issues.
- Worked withNetworkEngineer's in teh installation and configuration of firewalls.
- Involved setting up teh TFTP server for backing up teh IOS images and configuration files of Cisco Routers and Switches and troubleshooting teh file servers.
- Upgrades, installs, configuration and administrationsecurityand monitoring tools on Linux.
- Experience withSecurity- Firewalls, NAT / PAT, IPSEC, S2S.
- Experience with ALG (RTP, RTSP and FTP, DNS, HTTP), DHCP.
- Responsible fornetworkevaluations, troubleshooting a variety ofnetworkproblems, and implementing various software and hardware upgrades efficient performance.
- Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls.
- Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems.
- Provided redundancy to tanetwork, implemented hot standby routing protocol (HSRP) andLoad sharing for TEMPeffective utilization of routers.
- Configuring, implementing and troubleshooting VLAN's, VTP, STP, Trunking, Ether channels.
- Packet capturing, troubleshooting onnetworkproblems with Wireshark, identifying and fixing problems
- Implementing, configuring, and troubleshooting various routing protocols like RIP, EIGRP, OSPF, and BGP etc.
- Performingnetworkmonitoring, providing analysis using various tools like Wireshark, Solarwinds etc.
- Cisco ASA/CheckpointFirewall troubleshooting and policy change requests for new IP segments dat either come on line or dat may have been altered during various plannednetworkchanges on teh network.
- Responsible for Cisco ASA 5500 firewall administration, Rule Analysis, Rule Modification.
Environment: Cisco 3500/ 3550/4500/6500 switches and Cisco 2500/2600/3000/6500/7500/7200 routers, Cisco ASA,Checkpoint, Cisco Nexus7K/5K/2K, LAN, OSPF, BGP, RIP, EIGRP
Confidential, Newark, NJ
Sr. Network Engineer
Responsibilities:
- Responsible for service request tickets generated by teh halpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.
- Responsible for supporting EIGRP and BGP based PwC network by resolving level 2 &3 problems of internal teams & external customers of all locations.
- Upgraded Cisco Routers, Switches and Firewall (PIX) IOS using TFTP
- Performed L2/L3 Switching Technology Administration which included creating and managing of VLANs, Port security, Trunking, STP, Inter-Vlan routing, LAN security.
- Responsible for configuring switches with port security and 802.1x for enhancing customer’s security.
- Worked on teh security levels with RADIUS, TACACS+.
- Configuring Big-IP F5 LTMs (virtual servers, pools, SNATs, health monitors, iRules) for managing teh traffic and tuning teh load on teh network servers.
- Updated teh HP open view map to reflect and changes made to any existing node/object.
- Responsible for Handling SRST and implementing and configuring teh Gateways, Voice Gateways.
- Configuring HSRP between teh 3845 router pairs for Gateway redundancy for teh client desktops.
- Configuring STP for switching loop prevention and VLANs for data and voice along with Configuring port security for users connecting to teh switches.
- Ensure Network, system and data availability and integrity through preventive maintenance and upgrade.
- Handled Tech Support as it relates to LAN & WAN systems
- Implementation and Configuration (Profiles, me Rules) of F5 Big-IP C2400 load balancers
- Experience in completing service requests (me.e. - IP readdressing, bandwidth upgrades, IOS/platform upgrades, etc.)
- Identify, design and implement flexible, responsive, and secure technology services
- Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
- Performed load balancing and application level redundancy by deploying F5 BIG-IP LTM 3900.
- Monitored network for optimum traffic distribution and load balancing using Solar winds.
- Validate existing infrastructure and recommend new network designs.
- Created scripts to monitor CPU/Memory on various low end routers in teh network.
- Installed and maintained local printer as well as network printers.
- Handled installation of Windows NT Server and Windows NT Workstations.
- Responsible for designing and implementing Cisco VoIP infrastructure for a large enterprise and multi-unit office environment.
- Gave my best to meet challenging schedule to ensure a Multi-office reconfiguration project which was successfully delivered within given time frame.
Environment: Net Flow, TACACS, EIGRP, RIP, OSPF, BGP, VPN, MPLS, CSM, SUP720, Ether Channels, Cisco 7200/3845/3600/2800 routers, Fluke and Sniffer, Cisco 6509/ 3750/3550/3500/2950 switches, Checkpoint firewalls(SPLAT).
Confidential, Farmington Hills, IL
Network Engineer
Responsibilities:
- Responsible for configuring Switches with proper spanning tree controls and BGP routing using community and as path prepending attributes.
- Implemented VLAN, Spanning Tree and support using PVST, R-PVST and MSTP to avoid loops in teh network.
- Work in an enterprise network environment with dynamic routing using OSPF and BGP for external connectivity.
- Responsible for working with BGP routing protocol for communication with business partners and influence routing decision based on AS Path Prepend and other attributes.
- Responsible for configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation.
- Involved in teh LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems) .
- Responsible for Firewall upgrades as well as Troubleshooting, Security Configurations, IPSec VPN Implementation and Troubleshooting, DMZ Implementation and Troubleshooting.
- me was also responsible for PIX 7.x/8.x & ASA 8.x Firewall migration and in place hardware upgrades and Troubleshooting, IOS Security Configurations, IPSec VPN Implementation and Troubleshooting, DMZ Implementation and Troubleshooting.
- Configured Firewall logging, DMZs and related security policies and monitoring.
- me did IOS Upgrades from 7.x to 8.x as well as backup and recovery of configurations.
- Installed Windows Server 2003, configure IP addresses, network printers and configure Client Access for PCs.
- Deployed a Syslog server to allow proactive network monitoring.
- Implemented VLANS between different departments and connected them using trunk by keeping one Vlan under server mode and rest falling under client modes.
- Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.
- Administered and supported Cisco based Routing and switching environment.
- Responsible for Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay).
- Configured Client VPN technologies including Cisco’s VPN client via IPSEC.
Environment: PIX, CISCO routers and switches, Access Control Server, VLAN, Trunk Protocols, CISCO ASA, DHCP, DNS, SAN, Spanning tree, Nimsoft, Windows Server, Windows NT.
Confidential
Network Engineer
Responsibilities:
- Responsible for configuring access layer switches such as Cisco 4510, 4948, 4507 switches for VLAN, Fast Ether Channel configuration.
- Configure various LAN switches such as CISCO CAT 2900, 3550, 4500, 6509 switches.
- Responsible for configuring Static, IGRP, EIGRP, and OSPF Routing Protocols on Cisco 1600, 2600, 2800, 3600, 7300 series Routers.
- Configuration and troubleshooting of EIGRP, OSPF, BGP.
- Configured, installed software applications, anti-viruses, drivers and security software on user devices, maintained and troubleshoot desktop, laptop and peripheral equipment.
- Configured inside ACL and interfaces, outside ACL and interfaces.
- Responsible for configuring Site-to-Site IPsec VPN tunnels to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.
- Perform hardware and software diagnostics, fault isolation and coordinate repairs and/or replacement of faulty equipment.
- Maintain logs of network and bandwidth utilization of servers and network devices and create utilization report based on teh logs
- Design network and create physical and logical network layout diagrams
- Write and maintain technical documents describing implemented technologies and architecture
- Configured VLAN’s, Private VLAN’s.
- Configured NAT and PAT policies.
- Design OSPF areas for reliable Access Distribution and for Core IP Routing.
- Extensively used TCP/IP tool like TELNET for remote login to teh routers and SSH for secure login.
- TEMPHas expertise in LAN/WAN technologies (fast Ethernet, Layer2 & 3 switched/routed LAN, and Frame Relay).
- Responsible for providing consultation services to clients for installing and configuring Cisco routers and switches.
Environment: Cisco Routers ASR1002X/ 3945/3845/2800/3600, Load Balancer (BIG-IP), Cisco ASA Firewalls, STP, VLAN, VTP, VPN, NAT, OSPF, BGP, EIGRP
Confidential
Network Engineer
Responsibilities:
- Responsible for providing high level technical support, including identifying and resolving problems on Cisco supported products for e-Commerce infrastructure. This included external routing and internal/intranet routing for DMZ servers.
- Configured EIGRP, BGP, and MPLS.
- Configured Firewall, QOS by SDM and provide security by Prefix list, Access- List and By Distribution List.
- Good experience in implementing new ultra-secure networks in multiple data centers dat included Cisco, Juniper security devices.
- Implemented cable multi-service operator (MSO) to capture traditional Telco subscribers with IP telephony and provide relevant QOS.
- Scheduled preventive maintenance for fire-protection systems, including new protocols. Utilize MS Windows, Word, and Excel for reporting/documenting process.
- Designed VLAN’s and set up both L2 and L3 logical to have it communicate to teh Enterprise network.
- Satisfactorily Resolved Problems in timely manner with focus on providing a high level of support for all customers.
- Moved Core switches and several non-Cisco devices under strict deadlines to maintain network functionality.
Environment: Cisco 2950 switches and Cisco 3825 Routers, EIGRP, BGP, MPLS, VLAN, QOS.