SUMMARY

• Cisco certified network engineer with 8+ years of experience in the industry. CCNA and CCNP Certified Professional with experience in routing and switching technologies, system design, implementation and troubleshooting of complex network systems including high - end routers: CISCO GSR, ASR1K, ASR9K, 2600, 2800, 3600, 7200, 12000 Series Routers, and Catalyst 4500, 6500, and 7600 switches.
• Skilled in layer-3 Routing and layer-2 Switching. Dealt with Nexus models like 7K, 5K, 2K series, Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3750, 3850, 3500, 2900 series switches
• Worked with Wireless LAN Controller (WLC) and Light Weight Access Point (LWAP).
• Experienced on WAN technologies frame relay, MPLS, HDLC, PPP AND T1/T3.
• Hands on experience in network monitoring tools like, SOLAR WINDS, CISCO works, Spirent, IXIA, Wireshark and Splunk.
• Expert level knowledge of troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as RIP, EIGRP, OSPF, BGP ability to interpret and configure routing table.
• Responsible for Check Point and Cisco ASA firewall configuration and administration across global networks.
• Reduced management costs and data center footprint by using VMWare, NSX and HP Blade servers with back-end SAN, consolidating physical hardware, as well as retaining server redundancy and integrity of environments.
• Experienced with F5 Product suite andCiscoload balancers (CSM, ACE and GSS).
• Basic and advance F5 load balancer configurations, including migrating configurations fromCiscoACEto F5 and general troubleshooting of the F5 load balancers.
• Configuring, testing, troubleshooting multiple vendor device platforms like Cisco routing and switching: Cisco ASR9010, ASR901, ASR903, Catalyst Cisco 7609, 2960, and Juniper routing and switching devices: MX960, MX 480 and SRX5200, ACX2200, ALU service aggregation router: 7705 Ser 8 and 7750 service routers.
• Expert Level Knowledge about TCP/IP, Spanning-tree, and OSI models.
• Knowledge on complex Checkpoint, Cisco ASA & Palo Alto Firewalls Environment.
• Expert knowledge in implementing filters on routes using Standard and Extended access-list.
• Experienced in site-to-site and remote access VPN solutions.
• Highly motivated with the ability to work independently or as an integral part of a team and committed to highest levels of professional.
• Experienced with Change management process and Project documentation tools like Excel and VISIO.
• Good knowledge in WAN Technologies like ACL, NAT and PAT, IPsec and VPNs.
• Working experience with REMEDY for ticket change management process.
• Skilled in Physical cabling, IP addressing, configuring and supporting TCP/IP.
• Implementation of HSRP, VRRP and GLBP for Default Gateway Redundancy and troubleshooting.
• In-depth knowledge and experience in WAN technologies including OC3, E3/T3, E1/T1, Point to Point, MPLS and Frame Relay
• Experience securing and managing remote access using various VPN technologies like IPSec, SSL, GRE.
• Experience through Hand-on Experience with configuring T1.5, Gigabit Ethernet, Channelized T3 and full T3, OCX, ATM, Frame-Relay and VOIP (Voice-Over Internet Protocol).
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4.
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4.

TECHNICAL SKILLS

Cisco platforms: Nexus 7K, 5K, 2K & 1K, Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500,4900, 3750, 3500, 4500, 2900 series

Cisco Switch platforms: 2900XL, 2950, 2960, 3560, 3750, 4500, and 6500.

Firewalls & Load Balancers: C Cisco ASA 5585, 5550, 5540, Juniper SRX5400, 5600, 5800, Juniper Net screen 6500, 6000, 5400. Juniper SSG Firewalls, Checkpoint Gaia R76, R77, R77.10 &R77.20 Palo Alto PA-3060/2050, F-5 BIG-IP LTM (3900 and 8900), Blue Coat SG8100, AV 510, Av810, Digital Guardian.

Routers: Cisco routers (1900, 2600, 2800, 2900, 3800, 3900, 7200, 7600), Cisco L2 & L3, Juniper routers (M7i, M10i, M320)

Switches: Cisco switches (3560, 3750, 4500, 4900 & 6500), Nexus (2248, 5548 &7010), Cisco ACI, Juniper EX, Nexus 7K, 5K, 2K & 1K

Routing: RIP, EIGRP, OSPF & BGP, Route Filtering, Redistribution, Summarization, Static routing

WAN Technologies & Wireless: FRAME RELAY, ISDN T1/E1, PPP, ATM, MPLS, leased lines, DSL modems, Bluetooth

LAN Technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, NAT/PAT, FDDI. Cisco

Secure Access Control Server: (ACS) for TACACS+/Radius.

VOIP Devices: Cisco IP phones, Avaya.

Routing Protocols: RIP, OSPF, EIGRP, and BGP.

Switching Protocols: VTP, STP, RSTP, MSTP, VLANS, PAgP and LACP.

Network management: SNMP, Cisco Works LMS, HP Open view, Solar winds, Ethereal.

Layer 3 Switching: CEF, Multi-Layer Switching, Ether Channel.

Carrier Technologies: MPLS, MPLS-VPN.

Redundancy protocols: HSRP, VRRP, GLBP.

Security Protocols: IKE, IPsec, SSL, AAA, Access-lists, prefix-lists.

Software & Other: Microsoft Office Suite, MS SQL Server 2008, HTML, VMware, AWS, Cisco ISE

Ticketing software: Service-now, Remedy system

Network services: NTP, NAT, DNS, DHCP, DHP snooping and Subnetting, DMZ for FTP, Web and Mail Servers.

PROFESSIONAL EXPERIENCE

Confidential, San Antonio, TX

Sr. Network Engineer

Responsibilities:

• Experienced with Datacenter Migration, from 6500 based data center to Nexus based data center
• Responsible for Configuring SITE TO SITE VPN on Cisco ASA 5500 series firewall between Head office and Branch office.
• Installation and Configuration of Cisco Catalyst switches 6500, 3750 & 3550 series and implementation of routing protocols OSPF, EIGRP, BGP with Access Control lists as per Network Design Document while following the change process as per IT policy, It also includes the configuration of a port channel between core switches and server distribution switches.
• Skilled with Nexus 7010, 5020, 2148, 2248 devices.
• Project Lead of corporate upgrade to Cisco VoIP; Call Manager 10.x, 9.x andUnity10.x,9.x systems and Call Manager Express.
• Experienced with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000.
• Involved setting up the TFTP server for backing up the IOS images and configuration files of Cisco Routers and Switches and troubleshooting the file servers.
• Upgraded, installed, configured and administered security and monitored tools on Linux.
• Excellent in patches and packages installation on Linux/Unix Environment.
• Responsible for network evaluations, troubleshooting a variety of network problems, and implementing various software and hardware upgrades efficient performance.
• Generated RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems
• Provided redundancy to the network, implemented hot standby routing protocol (HSRP) and Load sharing for effusion of routers.
• Configuring, implementing and troubleshooting VLAN’s, VTP, STP, Trunking, Ether channels.
• Configuring and maintenance of layer2 switching tasks which advocate VLAN, VTP, STP, RSTP, PVST, RPVST, configuring of ether channel with LACP and PAGP along with troubleshooting of inter-VLAN routing.
• Packet capturing, troubleshooting on network problems with Wireshark, identifying and fixing problems
• Implementing, configuring, and troubleshooting various routing protocols like RIP, EIGRP, OSPF, and BGP etc.
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN
• Configured, installed VRRP/GLBP, & managed DHCP and DNS Servers.
• Skilled in Configuring, upgrading and verifying NX-OS operation system with OSPF, BGP
• Key contributions include troubleshooting of complex LAN/WAN infrastructure that includes routing protocols EIGRP, OSPF & BGP
• Innovated with support of Palo Alto for remote and mobile users and for analyzing files for malware in a separate (cloud-based) process that does not impact stream processing.
• Creating and modifying Firewall RemediationSecurity Rule Bases, VMWare NSX, IPS/IDS, next gen, Cisco Fire Power, Palo Alto, blue coat security, ForeScout NAC, Symantec DLP to support and secure the existing network infrastructure. Monitoring network traffic to detect, mitigate and prevent network security threats.
• Have been involved in migrating policies from Checkpoint to Palo Alto
• Hands on experience working with security issue like applying ACL’s, configuring NAT and VPN
• Black listing and White listing of web URL on Blue Coat Proxy Servers.

Environment: Nexus 2000, Palo Alto, VRRP/GLBP, OSPF, BGP, EIGRP, RAP, VLAN, VTP, STP, RSTP, PVST, RPVST, VTP, Spirent, IXIA, Juniper-Routers/switches, QIP, DNS and DHCP.

Confidential, Chelmsford, MA

Sr. Network Engineer

Responsibilities:

• Design and engineering of low latency HFT network
• Implementation of Cisco Nexus 3000/5000/7000, 4900M/4500 SUP 7E as low latency networking switches.
• Design and engineering of Market data multicast network with NYSE, NSDQ, CME, CBOE, BATS.
• Implementation and Configuration of various MD feeds.
• Supporting various MD related issues such as microburst analysis, gap detection, packet loss.
• . Configuring vPC domain, vPC peer-keep alive, priority, vPC peer-link, and single and dual home fex on the Nexus Core switches for each POD
• Worked on ASA 5520 firewall to enable ports https and HTTP to allow imaging servers to access internet connection, and implement security policies using ACLs
• Creating new network subnets per development team requirements, and assigning IP addresses using phpIPAM address management application tool
• Performed IOS upgrade on network equipment, and take routine backups of device configuration files
• Setup Access list and configured Firewalls - Check Point, Blue Coat, ASA, SIEM, Juniper SRX100, SRX240 (Net Screen NS-5GT, ISG-550, ForeScout NAC, Symantec DLP, Palo Alto Firewall and Cyber security tools like CyberArk PIM.
• Performed wireless site survey and validation Confidential customer sites to determine Wi-Fi gap analysis and documented them
• Configuring and troubleshooting Motorola RFS6000 controller switches along with 650/7131/7161 series access points
• Worked as an NOC engineer taking remote calls and assisting field technicians in further troubleshooting of client network
• Assisted in the configuration of access layer switches for ISE implementation testing
• Used PRTG monitoring tool to monitor and measure network traffic for LANs, WANs, and servers
• Involved in setting up Voice VLANs on distribution switches, and configuring access switches ports for AVAYA IP PHONES
• Configured EIBGP load balancing and ensured the stability of BGP peering interfaces.
• Upgraded IOS on 2960 and used 2960 switch as a PAGP between VSS
• Working knowledge of PPP Protocol with Enhanced Flex WAN module on 6500 catalyst switch
• Involved configuring PPP multilink group, dialer group, PPP authentication protocols like PAP, CHAP
• Working knowledge of Terminal server and the configuration.
• Involved in configuring Cisco pix, Palo Alto firewall, Juniper SRX100, SRX240 (Net Screen NS-5GT, ISG-550, VMWare NSX, IPS/IDS, next gen, Cisco Fire Power, Fore Scout NAC, SIEM, Symantec DLP, Cyber security tools like CyberArk PIM
• Configuring Net Screen Firewall to allow site to site VPN access and configuring authentication, encryption, compression, ACL to ensure better security.
• Strong knowledge in Juniper JUNOS platform including SRX Firewalls, Network & Security Manager (NSM), Juniper Space and, STRM, Juniper UAC, Juniper Pulse
• Implementation and Maintenance of Juniper EX 2200, M120 devices.
• Worked on Blue Coat Proxy SG to safeguard web applications in extremely untrusted environments such as guest Wi-Fi zones.

Environment: Cisco Nexus 3000/5000/7000, 4900M/4500, AVAYA IP PHONES, WAN, IOS, Cisco pix, Palo Alto firewall, Juniper SRX100, SRX240 (Net Screen NS-5GT, ISG-550, VMWare NSX, IPS/IDS, next gen, Cisco Fire Power, Fore Scout NAC, SIEM, Symantec DLP.

Confidential, Middletown, NJ

Network Engineer

Responsibilities:

• Installation and Configuration of Cisco Catalyst switches 6500, 3750, 3850 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy It also includes the configuration of port channel between core switches and server distribution switches
• Router/ Microsoft VPN Server to access certain limited network resources from customer locations
• Involved in the redistribution into OSPF on the core ASA firewall.
• Experienced on HSRP for load balancing.
• Involved in the removal of EIGRP from all devices and making OSPF the primary routing protocol.
• Performed RIP and OSPF routing protocol administration.
• Supporting EIGRP and BGP based company network by resolving level 2 & 3 problems of internal teams and external customers of all locations.
• Cisco Secure Access Control Server (ACS) for Windows to authenticate users that connect to a VPN 3000 Concentrator.
• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
• Coordinated with project managers, application teams, and stake holders to roll out new f5 LTM vips during after-hours change windows.
• Worked with vCenter, BigFixOrchestrator, Linux, Solaris, AWS, SaaS, UNIX, Perl, HPNA, NNMi, PowerShell, and PowerCLI and have written several scripts to automate tasks.
• Worked on Visio network Diagram, SCSM updates to new Standard Configuration Details.
• Worked on Change Management tool to work several implementation activities over the nightly change window.
• Configured and maintained routing protocols like OSPF and BGP.
• Configured HSRP for gateway load balancing.
• L2/L3 VPNSupport
• Worked extensively with Cisco TAC engineers to resolve the issues related to Data center environment

Environment: OSPF, EIGRP, BGP, ACS, Wireless L2/L3/VPN Fast Roaming, WLAN Security ("WEP", WPA / 802.1x, EAP).

Confidential

Network Engineer

Responsibilities:

• Understanding of IPSEC & GRE tunnels in VPN technology implementation using Cisco IOS and have checkpoint firewall /VPN
• Hands on experience on Windows server installation components like DNS, DHCP, Active directory and ISA application for load balancing on the servers
• Installation of windows active directory for the creation of users and groups and Assigning policies based user’s application
• Experienced in Configuration of ADSL (PPPoE, PPPoA), ISDN, leased lines and frame relay connections
• Used Local Management Interface (LMI) involved in monitoring VC’s (Virtual circuits) status and network
• Congestion using FECN and BECN for Frame rely upon topology
• Closely monitored VPN service functionality based on two Cisco PIX 525 Firewalls and VPN accelerator card For high speed services
• Responsible for managing the TFTP logs for the VPN and firewall services and the VPN Tunnel issues like SA, RSA, ISAKMP encryption and cleared/refresh VPN
• Familiar with Remedy trouble ticketing system and the escalation of issues from level 1 through level 3
• Deployment of OSPF dynamic routing NOC engineering network routers, previous.
• Trouble Shoot routers, Testing Data Circuits E1, ISDN lines,
• Provided Technical support to end-user either through remote management or onsiteBased on the requirement.
• Involved in designing VPN architecture with IPSEC, VPN-Services, RADIUS-Servers, IP-addressing
• Setup sniffer traces for the error ports on switches and monitor the issues by mapping Them onto sniffer ports and logs on the sniffer
• Skilled on configuration of routing protocols like EIGRP, OSPF multiple areas
• Network monitoring of LAN/WAN using tools like snort, snortsnarf and ping tools.
• Maintained Cisco AAA server database and deployed AAA authentication, Authorization and accounting to all Cisco devices
• Worked on the Cisco devices like 6509, 6513, 7200, 2811, 5500 and worked on all line Cards and port Configuration for the VLAN.
• Worked on PIX firewalls for building the ACL rules for the extranet connectivity and implementation of the Rules on the corporate firewalls and monitored logs for the issues
• Used Cisco-Works/solar winds for the tracing of IP address, mac-address, ports, servers attached to the various switches
• Troubleshoot the BGP neighbor flapping issues and configures RIP/BGP redistribution, implemented OSPF
• Metric tuning for the internal routing of the vanguard

Environment: VPN, LAN/WAN, RIP, BGP, OSPF, IPsec, Static Route, IPSEC over GRE, Dynamic routing, LMI, RADIUS-servers, Cisco PIX.

Confidential

Jr. Network Engineer

Responsibilities:

• Implemented, installed, tested & debugged the Access Path Manager Test Bed for NSMBU Group's ISP Simulated Lab network.
• Configured Teleos Switch, Modem Bus & DTE's to simulate call generation for the Analog & Digital calls over CT1/CT3, ISDN PRI/BRI & T1 lines allowing remotes users to dial into the backbone network using remote authentication dial in user service (RADIUS) such as CHAP/PAP.
• Configured and troubleshot RIP, RIP-2, IGRP, EIGRP and OSPF routing protocols.
• Configured X.25, FR, PPP and ISDN network for the WAN links.
• Installed, Planned & Commissioned Network Control Center (Hub) to implement & monitor all the remote clients.
• Designed & configured VSAT (Very Small Aperture Terminal) communication network involving multiple remote geographically sites establishing end-to-end connectivity by means of a satellite link.

Environment: RIP, RIP-2, IGRP, EIGRP, OSPF, ISDN, PPP, VSAT.