SUMMARY

• 7+ years of practical experience in the IT field as a Network Engineer, Network Security Engineer and Application Security Engineer with proficient hands - on experience in the areas of Routing, Switching and Troubleshooting.
• Strong knowledge of scripting like JavaScript and Python.
• Strong knowledge in configuring and troubleshooting routing protocols like RIP, OSPF, EIGRP and BGP
• Configuring Cisco switches 2960, 3560, 4500, 6500, 4900, 2900, 3750 series and Nexus 5000 and 7000 series
• Hands-on expertise with routers 2600, 2900, 3600, 3900, 7200 and 7600 series
• Implementation, working analysis, troubleshooting and documentation of LAN/WAN architecture with excellent work experience on IP series.
• Hands-on experience on Checkpoints, ASA, Cisco PIX (501, 506E and 515E) and Palo Alto firewalls. Working knowledge of Lucent Brick Firewalls.
• Hands-on experience with Juniper SRX firewalls.
• Knowledge of Nessus Security Tools.
• Working Knowledge of McAfee NSM for managing all intrusion prevention system sensors and network access control appliance
• Hands-on experience with McAfee NSM installation and upgrades.
• Knowledge and hands-on experience of BlueCoat.
• Proficient with SIEM tools like QRadar and RSA Envision. Also, Nexpose and Critical Watch for vulnerability scanning.
• Working knowledge with Load Balancers F5 LTM like 3900, 6900 for various applications
• Knowledge of SNMP, MIBS, TRAPS and alarm correlation.
• Working knowledge of Firewall, TACACS/RADIUS, ACL, IPSEC
• Proficient with TCP/IP and relative OSI models
• Security policy configuration including NAT, PAT, VPN, Route-maps and Access Control Lists.
• Strong practical experience in IP addressing, Sub-netting, VLSM and ARP, proxy ARP and ping concepts
• Expertise in troubleshooting and configuring DNS, DHCP,TFTP,SSH, FTP and NFS
• Excellent hands-on experience in designing and implementing IP addressing that includes both IPV4 and IPV6
• Implementation of Access lists, route maps, and distribute lists.
• Strong fundamental knowledge in implementing Layer-2 level technologies including VLAN’s, VTP, STP, RSTP and Trunking.
• Troubleshooting TDM, SONET and WDM devices.
• Technical support for improvement, up-gradation & expansion of the network architecture
• Capable enough to work independently with minimal supervision and multitasking
• Equally capable of working as a team member or a team leader as per the situation and its demands
• Proven capabilities in learning and working with emerging new technologies

TECHNICAL SKILLS

Routers: Cisco 7600, 7200, 3800, 3600, 2900, 2800, 2600

Switches: Cisco Catalyst 6500, 4500, 3560, 3750, 2960, Nexus 5K/7K.

Routing: OSPF, EIGRP, BGP, RIP v1/v2, PBR, Route Filtering, Redistribution, Summarization, and Static Routing.

Switching: LAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switch, Ether channels, Transparent Bridging.

Network Security: Cisco ASA 5540, ACL, IPSEC

Load Balancer: F5 Networks (Big-IP) LTM 8900 and 6400.

LAN: Ethernet (IEEE 802.3), Fast Ethernet, Gigabit Ethernet

WAN: PPP, HDLC, Channelized links (E1/T1/E3/T3), Fiber Optic Circuits, Frame Relay.

Gateway Redundancy: HSRP, GLBP

Various Features & Services: IOS and Features, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP,FTP.

AAA Architecture: TACACS+, RADIUS, Cisco ACS.

Network Management: Wireshark, SNMP, Ethereal

Operating Systems: Windows (98, ME, 2000, XP, Server 2003/2008, Vista, Windows 7), Linux.

PROFESSIONAL EXPERIENCE

Confidential, Richmond, VA

Application Security Engineer

Responsibilities:

• Working with Nexpose and Critical Watch tool and actively involved in Quarterly and Annual PCI scans and their remediation and making sure they are compliant.
• Installing and Upgrading QRadar and McAfee NSM.
• Working with SIEM tools like QRadar and RSA Envision to find security violation events and validate IDS findings to negate False Alarms.
• Used QRadar analyzing log, flow, vulnerability, user and asset data.
• Closely working with the Network and Firewall team to resolve the client network issues.
• Python scripting to keep a check on the configuration changes for router as well as firewall for the client network.
• Used proxy technologies like Bluecoat, ProxySG/AV
• Processing of weekly Governance and Anti-virus reports (checking on the DAT version) for the complete client network entities (workstations and servers)
• Maintenance of Active Directory. Also, Investigate and Resolve account lock-out issues.
• Extensive use of Windows PowerShell and scripting knowledge.
• Experience with Hyena tool for keeping up-to-date with the inventory (network devices, users and groups) concerning the company network.
• Promptly resolving issues related to mal-functioning of applications to maintain customer needs.
• Actively involved in major projects of migration of OS for workstations and servers and optimization of resource availability for users in the network.
• Experience with Citrix XenApp and ensuring resource availability.
• Actively participating in Change Advisory Board (CAB) weekly meetings to be aware of the network changes.
• Updating project managers on the tickets (Service requests and Work orders) of the client through daily meetings and avoiding SLA violations on the tickets.

Confidential

Network/ Application Security Engineer

Responsibilities:

• Develop IT roadmaps for security
• Collaborate with NW Engineering team and Design team to understand TE needs and thereon design Security Protocol for the client network
• Conduct expert level R&A for corporate wide security
• Develop lab scenarios to act as test beds for testing custom security solutions designed
• Implement firewall changes
• Deploy VPN’ s with other partner companies, IPsec, GRE
• AAA Administrations, TACACS
• Administering DNS Records
• Monitor Networks through SolarWinds and WireShark
• Work with Nessus Vulnerability scanner for patch and configuration auditing.
• Implementing CISCO IDS/IPS
• Setting MIBS and TRAP variables
• Designing and deploying internal and external security edges for the company: DMZ and Extranet based security
• Consistently monitor unusual changes to the traffic patterns and hence identify a threat and troubleshoot its removal
• Basic Fault and Inventory Management and documentation of network.
• Designing, implementing and administering Checkpoint Firewalls
• Working with Checkpoint NG (for VPNs), ASA’s (Other Remote sites), Palo Alto’s and some extent of Juniper Netscreen and SRX.
• Work with Cisco ISE for NAC
• Work with Lancope and FireEye for Cyber security
• Work with BlueCoat Proxy for WAN optimization and M86 for Web security
• Work with Symantec DLP for data leakage prevention
• Work with FlowMatrix for NBAD
• Mitigation of DDOS using DNS INFOBLOX
• Designing, deploying and managing F5 devices for an enterprise size data center
• Configuring Load Balancer viz. F5 LTM
• Document designs and configurations
• Perform preventative maintenance along with installation of hot fixes and version upgrades.
• F5 and DNS traffic Management
• Monitor resource usage and make required adjustments.

Confidential

Network Engineer

Responsibilities:

• Related Network layer tasks included configuration of IP Addressing using FLSM, VLSM for all applications and servers throughout the company.
• Assisted in planning and implementing strategies for the company's future needs.
• Attend day-to-day desk operations and involved in troubleshooting problems concerned to connectivity to network, printers, desktop and other system applications.
• Involved in deploying RIP, OSPF and EIGRP on 2900 and 3560 Cisco routers.
• Commissioning of Internet setups like DNS and DHCP for High Availability.
• Responsible for providing level 1 support for all system and network related issues.
• Implemented Layer-2 switching features STP, Dot1Q, ISL trunk and port security on switches.
• Responsible for Cisco IOS upgrade on routers and switches from FTP server.
• Responsible for updating the anti-virus, spam blockers and other security software to have secured user machines.
• Performed identification of connectivity issues through PING and Traceroute.

Environment: Cisco 2600, 2900 and 3600 series Routers. Cisco 2900 and 3560 switches. Windows Server 2008, DNS, DHCP, FTP.

Confidential

Jr. Network Support Engineer

Responsibilities:

• Provided technical assistance in upgrading IOS on Cisco Routers and Switches.
• Configured Access Control Lists to allow only authorized users to access certain applications and block others.
• Involved in switching related tasks implementing VLANs.
• Assisting senior engineers in troubleshooting TCP/IP issues and connectivity issues in multi-protocol environment.
• Configured and installed software applications, anti-viruses, drivers and security software on user devices.
• Provided support to user's software, hardware & wireless issues and escalate to second level.
• Prepared the Technical specifications in operation manuals.
• Involved in installing and configuring DNS, DHCP and other services on Windows Server 2003.

Environment: Cisco 2800, 2600 Routers. Cisco Catalyst 3750, 2960 switches. DNS, DHCP and Windows Server 2003.