SUMMARY

• Accomplished network and security engineering professional wif over seven years of real time experience in designing, deploying, migrating and supporting critical multi - site redundant network environments.
• Extensive hands-on experience wif complex routed LAN and WAN networks, Cisco routers, switches, ASA and PIX firewall deployment.
• Extensive knowledge of deploying & troubleshooting L2/L3 TCP/IP, Multilayer Switching, IPSec, UDP, WLAN, MPLS, Multicasting, Ethernet, IP Routing Protocols RIP, OSPF, EIGRP & BGP Cisco routers, switche.
• Extensive knowledge of related industry specifications and standards IEEE, ANSI, Fiber (Multimode, Single mode, UTP, etc.), Bridging, Switching, Routing, Ethernet and Transport technologies and protocols.
• Excellent customer management/resolution, problem solving and debugging skills wif good verbal/written communications and presentation skills.
• Worked on cisco 3900, 2900, 2800, 800, 1700,7600 series routers and 1000 series ASR's.
• Worked on cisco 3500, 3700, 2900, 6500, 4500, 3500X series, POE and non-POE switches.

TECHNICAL SKILLS

LAN Technologies: VLAN, VTP,vPC, Inter-VLAN routing, STP, RSTP, PVST,Active Directory

WAN Technologies: Frame Relay, ISDN, PPP, ATM, MPLS, exposure to DS1, DS3, OC3, OC12, OC48, NAT, PAT T1 /T3 & E1/E3

WLAN Technologies: Autonomous AP’s, Lightweight AP’s, WLC, WDS, WLSE, Standards - 802.11a, 802.11b, 802.11G

Network Hardware: Cisco and other vendor equipment Cisco routers (10008, 7200, 3800, 3600, 2800, 2600, 2500, 1800 series), & Cisco Catalyst switches (6500, 4900, 3750, 3500, 2900,4500 series), Cisco Nexus series ; PIX Firewall 506/515/525/535, ASA Firewall 5520/5550, CatOS,JunosOs, Cisco IOS 11.x, 12.x, PIX OS 6.x, 7.x; Load Balancers (Cisco), Junipers M320, T640,CHECKPOINT firewall

Network Security: NAT/PAT, Ingress & Egress Firewall Design, VPN Configuration(L2 and L3), Internet Content, Tenable Network SecurityFiltering, IDS/IPS, URL Filtering, MSS

Routing Protocols: RIP, IGRP, EIGRP,HSRP, SVI,LISP, OSPF, and BGP.

Infrastructure Services: DHCP, DNS, SMTP, FTP, TFTP, IIS.

IP Telephony: SIP, H.323, RTP, voice gateways, CCM, VoIP

Documentation: MS Office, Microsoft VISIO

Network Monitoring Tools: Wire shark,Splunk, Cisco works, Cisco Prime, Lancope, SolarWinds, Vitalqip,Netscout,View Point

PROFESSIONAL EXPERIENCE

Confidential, Kings Mountain, NC

Network Data Center Engineer

Responsibilities:

• As a member of Global Data Center Engineering and Development, which is responsible for designing, Implementing and troubleshooting of all kind of network requirements pertaining to teh data center(Worked in Kingsmountain Datacenter, and supported all other 3 datacenters which Disney is maintaining in Burbank, Orlando and Newyork).
• Teh data centers consisted of various Cisco platforms Cisco 3550, Cisco 4510, Cisco 6509, Cisco Nexus 5000 & 7010 series switches and LoadBlancer Cisco ACE, CSS, CSM, GSS and Big IP.
• Design Data center cores wif Cisco advanced protocols, prepare method of procedure MOP, configure Nexus 7000 wif vPC, Fabricpath, FCoE, VDC.
• Configure Nexus 5000 as access layer data center switches, associate and configure fabric extender Nexus 2000 for server access port connections.
• Configured VLANs wif 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Configured BGP, HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst switches and nexus 7k and 5k switches.
• Worked on C7018, 5596, 5020, C6509, C6513,C6506,C5609, also on EX-series switches 8208, 3300.
• Prepare proposed network diagram using Visio and co-ordinate wif customer and other technical groups to get approval.
• Configuring and troubleshooting F5 requests like VIP creation, decommission servers from loadbalancers, irule updates, changing health check monitors to meet customer demands.
• Implement network changes in accordance wif documented standards on Method of procedure (MOP) while meeting service level agreements(SLA).
• Provide network capture and analysis using NetScout and WireShark to troubleshoot slow network and application issues.
• Providing assistance and consulting to other groups and departments in support of improving customer service and provides on-call support based on a rotation schedule.
• Expertise in Routing & Switching technologies to provide advanced troubleshooting and escalation support wif Cisco Nexus 7K/ 5K / 2K Products and F5.

Confidential, Albany, NYC

Network Data Center Engineer/Security Engineer

Responsibilities:

• Design and implementation of teh LAN IP infrastructure using Layer 2 / Layer 3 switching, VLAN, VPC,HSRP and Trunking / channeling technologies and routing protocol EIGRP and OSPF.
• Primary responsibilities include but not limited to implementation and troubleshooting of all LAN/WAN solutions.
• Designing, implementing and configuring virtual device contexts (vDCs), virtual port channels (vPCs), and virtual routing and forwarding instances (vRFs).
• Instrumental in administrating a Security and Information Event Management(SIEM) solution wif Cisco IPS to automate correlation of Windows and network devices.
• Routing and Switching wif Cisco IOS (Cisco 2900, 3900, ASR, 3750, 4500, 6500,7600).
• Designing, configuring and Handling complaints for intranet and extranet VPNs over MPLS backbone. Checking teh connectivity between different locations.
• Automated teh deployment process in test for developers to deploy their applications into portal server wifout any administrator involvement.
• Developed shell scripts to automate teh maintanence process.
• Configured and administrated VLAN Trucking Protocol to reduce administrative overhead. Enable secure sharing of VLAN information to prevent teh introduction of rogue devices from effecting teh VLAN database. Shutdown unused switches ports following Layer 2 security best practices.
• TEMPEffectively utilizing complex lab setups to duplicate and solve Enterprise and Cisco Partners voice and video problems as well as possible interoperability issues between Cisco Video and Voice Platforms and third party video and voice platforms.Troubleshooting large video and voice networks on a daily basis, where protocols such as H323, SIP, ISDN are in use.
• Utilizing Wireshark and SMART in order to analyze output traces from multiple Cisco Voice and Video Platforms and Solutions.
• Teh data centers consisted of various Cisco platforms Cisco 3550, Cisco 4510, Cisco 6509, Cisco Nexus 5000 & 7010 series switches and LoadBlancer Cisco ACE, CSS, CSM, GSS and Big IP.
• Analysis of more than 200 firewalls which comprised of CISCO ASA, FWSM, PIX to check if configurations comply wif design.
• Managing and implementing Layer 4 Cisco ACE and CSS load balancer, Migration of CSS to ACE load balancer and creating of SSL and Digital Certificates.
• Expertise in Routing & Switching technologies to provide advanced troubleshooting and escalation support wif Cisco Nexus 7K/ 5K / 2K Products.
• Configured Extreme Network switches-K series and Blackdiamond 8000 series and Cisco routers for production network infrastructure upgrades.
• Installation, configuration and maintenance of Cisco ASR9K,7200, 3900, 2800, 2600, 2500 and 1800 series Router / Cisco Nexus 7010,5548,2148 Catalyst Cisco 6500 (sup 720), 4500 (SUP 6), 3750, 2950series Switches and juniper Routers and Firewalls, Nexus 7k,5k & 2k, f5 BIG IP and f5LTM.
• Creation of fire wall policies as per teh requirements on Checkpoint, ASA, FWSM, Juniper firewalls.
• Configuring ASA and PIX Firewall to allow site to site VPN access and configuring autantication, encryption, compression,ACL to ensure better security.
• Administered multiple PIX firewalls throughout WAN to ensure LAN integrity from external threats and usage of PaloAlto firewall devices.
• Led teh implementation of McAfee Network Security IPS/IDS Platform and realtime protection and proactive network security using Tippingpoint.
• Multi-user support, system integrations and PCI ASV scanning to Nessus in an easy-to-deploy cloud-hosted package.
• Detection, scanning and auditing features wif Nessus multi-user support for enterprise teams. Provides a solution for aPCI DSS Approved Scanning Vendor (ASV) solution.
• Working wif Palo Alto Next gen 5550 firewalls wif Panorama appliances.
• Configured standard and extended ACL’s on teh servers to limit its access.
• Complete replacement of BIND/Linux DNS solution wif BlueCat internally and UltraDNS externally.
• AAA,PAP and CHAP implementation using Cisco Secure ACS (TACACS+, RADIUS).
• Proposed, installed, and configured Solarwinds Network Performance monitoring for networkinfrastructure monitoring purposes. dis includes, but is not limited to, availability, protocol usages (via NetFlow), and VoIP quality metrics (using IP SLA).
• Installation/Configuration/Administration of SolarWinds NCM, NPM, NTA &Vman.
• Configuring policy based traffic shaping and troubleshooting of Bluecoat WAN Accelerators, and Bluecoat packet shapers and bluecoat proxies.
• Configuring all teh end ports as access ports using port fast and implementing BPDU guard.
• Working on Cisco ACS, Cisco works, HP NNMI tools for ticketing system and autantication.
• Configuring teh back end in teh call manager for Paging and GateBox, teh Analog gateway and PRI depend on teh site requirement in VoIP environment and installation and maintainenace of VoIp infrastructure components.
• Installation and troubleshooting of Cisco LAN products such as 6k, 4k, 3850.
• Worked on inter-operability issues involving 3rd party firewalls like Cisco ASA/PIX, Juniper, and Cisco IOS routers.
• Architected and deployed new wireless network including vendor selection( Aruba Networks), site survey, and deployment of back-end services for secure 802.1x autantication.
• Deployed teh Cisco 3500 Access Points using Cisco Wireless controllers 5500 and 2500 and WCS System and Network access enforcement for multivendor Wi-Fi, wired and VPN networks and advance policy management using Aruba Clearpass.
• Provided other staff wif weekly hour-long training sessions on TCP/IP. Topics included network principles, communication layers, addressing and subnetting, routing and ICMP, TCP and UDP, DHCP, multicasting, SNMP, and security.
• Managed successful delivery of massive security response portfolio including Splunk, Cisco WSA, Cisco IPS, SourcefireFirePower and AMP, Cisco ESA, FireEye, Passive DNS collection, DNS-RPZ, Cisco ISE, LancopeStealthWatch, and Mandiant.
• Managed user accounts, permissions, email, anti-virus, anti-spam, and content filtering and oversee software and network security.
• Deployed Palo Alto Firewalls for web filtering and application control and Writing Engineering work orders as per teh changes going in data center and implement teh changes as per teh schedule.
• Efficient use of Microsoft VISIO as for technical diagrams, technical documentation and presentation tools.
• Conducting research on network products, services, protocols and standards.
• Providing support for teams in activities such as Load testing, troubleshooting an managing VIP, Sticky Ness and to evelop, implement and maintain policies, procedures and associated training plans for network administration, usage and disaster recovery.
• Analyzed reports and key network health indicators to identify exception conditions; takes corrective action to resolve issue.

Confidential, Bohemia, NYC

Network Engineer

Responsibilities:

• My accomplishments are Network Administration and Security Infrastructure wif Cisco hardware which includes data center and network.
• Worked on BGP configuration for providing redundant internet connectivity using BGP attributes, Route maps, prefix-lists etc.
• Managing Cisco Routers3600,7200 series routers And Cisco Switches 3800 and 6500 series.
• Project involved was upgrading Cisco nexus 2000 series switches wif Cisco nexus 5000 series switches.
• Configuring Net Screen Firewall to allow site to site VPN access and configuring autantication, encryption, compression,ACL to ensure better security.
• Network security monitoring: analysis and identification of incident activities and system log files by Tenable Security Center.
• Designed and installed Solarwinds Network Performance Monitor SNMP management stationfor continuous and proactive monitoring of server and network equipment.
• Eliminating network blind spots by continuously monitoring network traffic in real-time to discover active assets by Tenable Passive Vulnerability Scanner.
• Assist wif security incident research and reporting: Malicious network activity mitigation, IP Spoofing prevention measures, DDOS and netflow monitoring, Comprehensive monitoring and alarming of infrastructure components.
• Applied TEMPeffectively various routing protocols including EIGRP, OSPF and BGP.
• Isolate and diagnose network problems,SSH,HTTP,HTTPS,involving TCP/IP, DHCP, DNS, Group Policy, Deployment & support of Active Directory Services.
• Used DHCP to automatically assign reusable IP addresses to DHCP clients.
• Administration of QIP and Infoblox security groups and users (build, create, assign, bind, and delete subnets).
• Responsible for teh stability, functionality, and protection of company's DNS, DHCP, and WINS infrastructure..
• Migration to virtual servers in F5 Load balancer as part of web.
• Involved in implementation of Wireless LAN, Wireless Access Point and Hotspots for our various clients and troubleshooting of Wi-Fi related problems faced.
• Wireless WiFi and Security assessments, including sniffer packet-level analysis.
• Designed configuration and layout of WAN to include IPT Internet facing VPNs and wireless subnet.
• Palo Alto Firewall, Global protect VPN, Cisco switch and router management.
• Routing between Riverbed Steelhead WAN Optimization Controllers and Cisco and Juniper router platforms.
• Experience configuring/administrating technologies including: Checkpoint and Palo Alto.
• Troubleshooting in unity: auto attendant, call handler, subscriber and MS Exchange.
• Configuration of Callmanager Express (CME) on 2800 series Routers and design, implementation, ongoing management and troubleshooting of Cisco Unified Communications Systems, including Call Manager / Unified Communications Manager 6.x, 7.x Unity.
• Troubleshooting Call Manager Express and IPCCX, SRST issue in VoIP environment. experience in a broad range ofnetworkingtasks including planning, design, test, integration and deployment of high-speed, secure, highly survivable, voice, data & videonetworks.
• Maintaining and updating inventory using Network Management Application layer softwares like SNMP, Wireshark, NTP, and Syslog.
• Managing Servers using Hardware Load balancerF5and Cisco ACE load balancer by managing internal customized tools and creating of SSL and Digital Certificates.
• Provided support for teams in activities such as Load testing, troubleshooting, and performance tuning.
• Worked on Installation, configuration and maintenance of Juniper M320, Juniper M7i, and Juniper M10i RoutersConfigured standard and extended ACL’s on teh servers to limit its access.
• Configured static NAT, dynamicNAT, inside global address overloading, TCP overload distribution, overlapping address translation.
• Provided routing support including configuration and troubleshooting of various routers.
• Implemented IP, RTP, TCP, UDP, IPV4 Packets capture and analysis using WIRESHARK (ethereal).
• Configured and supported multiple remote site installations.
• Worked along wif teh team in ticketing issues by ServiceNow; responsibilities included documentation and support other teams.

Confidential, Murrysville, PA

Systems/Network engineer

Responsibilities:

• Installation and Configuration of Cisco 1900, 2800, 3600, 4500 Series Routers.
• Assisted in troubleshooting LAN connectivity and hardware issues in teh network.
• Studied and analyzed client requirements to provide solutions for network design, configuration, administration, and security.
• VPN configuration, routing, NAT, access-list, security contexts.
• Involved in troubleshooting IP addressing issues and Updating IOS images using TFTP.
• Configured SolarWinds Orion NPM to monitor performance and health of all enterprise network infrastructure.
• Monitor performance of network and servers to identify potential problems and bottlenecks.
• Configuration & maintenance of Cisco 2600 series routers wif OSPF protocols.
• Performed RIP & OSPF routing protocol administration.
• Interacted wif support services to reduce teh downtime on leased lines.
• Involved in SNMP Network management and performance evaluation.
• Hands on Knowledge/experience on F5 load balancers, its methods, implementation and trouble shooting on LTMs and GTMs.
• Upgrading call manager from 4.1 to 6.1.
• Access Control Lists to enforce security or QoS policies.
• Troubleshoot problems on day to day basis; provide solutions to fix teh problems both hardware and software and Troubleshoot firewall policy issues on Palo Alto.
• Monitor teh operability and reliability of teh network.
• Maintenance and Troubleshooting of connectivity problems using Ping, Trace route.
• Managed IP address space using subnets and variable length subnet masks (VLSM).
• Ensured trouble tickets from Hotline and Network Operations Center are prioritized and addressed wifin severity guidelines by teh department.
• Worked along wif teh team in ticketing issues; responsibilities included documentation and support other teams.

Confidential 

Network Security Engineer

Responsibilities:

• Design and Implement DMZ for FTP, Web and Mail Servers wif CISCO PIX 506, PIX515.
• Configured NAT and PAT on teh Cisco PIX Firewalls for teh Internal Systems.
• Experience in Cisco switches and routers: Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay and ATM).
• Configuring, implementing and troubleshooting ofVirtualLANs.
• Oversaw migration of WAN links to new service provider, designed full mesh WAN, set up TFTP server to backup, and restored configuration and IOS image files for teh PIX, Cisco routers, and Catalyst switches.
• Hardware installations using Fiber cable, Ethernet,copperwiring etc.
• Expertise in VPN configuration, routing, NAT, access-list, security contexts, and failover in ASA firewalls.
• Placed access control list (ACL) on inside and outside interfaces on teh PIX Firewall.
• Fine-Tuning/ Optimization of Firewalls rule base againt Non-compliance.
• Experience wif different Network Management Tools and Sniffers like SNMP, HP-Open view, and Cisco works to support 24 x 7 Network Operation Cente
• Understanding teh Firewall clusters and IPSEC VPN and working on teh service requests from teh customers.
• Network security related incident management and troubleshooting.
• Configured Turbo ACL.
• Migration of PIX to ASA.
• Configured Failover for high availability.