PROFESSIONAL SUMMARY:

• Network Engineer with 9+ years of professional experience in testing, troubleshooting, implementing, optimizing and maintaining and migrating enterprise data network and service provider systems.
• Sound knowledge of Routing and Switching concepts and MPLS design.
• Substantial knowledge in configuring and troubleshooting routing protocols: MP - BGP, OSPF, LDP, EIGRP, RIP and BGP v4.
• Knowledge in configuration of Gateway redundant protocols like HSRP, VRRP and GLBP.
• Ample knowledge of WAN technologies such as: T1, T3, ISDN, HDLC, P2P, ATM, DS3, OCx, SDH, SONET, LTE, Fiber and Frame Relay.
• Substantial knowledge with expertise in implementing, maintaining and troubleshooting L2 switching tasks such as VLANs, VTP, VLAN Trunking using ISL and 802.1Q, Port Security, STP, RSTP, PVST+, Ether Channel using LACP and PAgP, Inter-VLAN routing.
• Extensive knowledge and troubleshooting experience in different networking protocols including DHCP, DNS, FTP, TFTP, SNMP, Quality of Service (QOS), PAP, CHAP, HTTPS, SSH, Telnet and ICMP.
• Implemented IPv4 migration to IPv6 (NAT-PT, Tunnelling, etc.)
• Experience working with ticketing tools such as Remedy and ServiceNow.
• Experience inSolarWindsNetwork Performance Monitor, Network Configuration Manager, Network Traffic Analyzer (Netflow) and IP Address Manager.
• Proficient in using SolarWinds Network Management tools like Network Performance Monitor (NPM), Netflow Traffic Analyzer, Network Configuration Manager (NCM), Server and Application Monitor (SAM), SolarWinds Web Performance Monitor and SolarWinds Virtualization Manager.
• Expert in performing deep packet analysis to troubleshoot network and application issues using Wireshark.
• Vast experience with Cisco SDM, NAT/ACLs, AAA, IPS/IDS, Cryptography, VPN and IPsec.
• Extensively worked on Juniper models EX 2200, EX 4200, EX 4500, MX-480 and M Series.
• Proficient experience in managing security policies with CSM, integrated with ASA 5500 devices
• Implementation, Configuration and Support of Checkpoint (NGX R65, R70 and R71), Juniper Firewalls (SRX5400, SRX5600, and SRX5800), Cisco Firewalls (ASA 5505, 5506-X, 5585), Palo AltoNetworks Firewall models (PA-2k, PA-3k, and PA-5k)
• In depth understanding of Using FortiGate firewalls and FortiWeb firewalls for IPS and other virtual web applications. Also expertise working with the DMS software for history tracking.
• Hands-on experience with Firewall migrations from PIX firewall to Cisco ASA and Juniper SRX firewall and vast experience in policy development on firewalls.
• Experience working withCisco Nexus 2148 Fabric Extenderand Nexus5000 and 7000 series DC Switches and Virtual Port Channel configuration to provide a Flexible Access Solution for a Data Center Access.
• Implemented VDC, VPC, VRF and OTV on the Nexus 5505 and 7009 switches.
• Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 5000 and 2000.
• Extensive Knowledge in configuring and troubleshooting as well as creating Virtual Servers, Nodes, Pools and iRules on BIG-IP F5 load balancer LTM for load balancing and traffic management in DC environment.
• Experience in installing and configuring DNS, DHCP and Bluecoat Proxy servers.
• Administration of production Windows Servers infrastructure that includes Domain Controllers, IIS Web Servers, SharePoint, FTP/SFTP and Blue Coat Proxy servers.
• Efficient in use of Microsoft VISIO as technical documentation and presentation tools.
• Troubleshoot the network issues onsite and remotely depending on the severity of the issues.
• Highly experienced in troubleshooting a variety of problems. Streamlined and improved process to be quicker to market, ensured compliance and optimized operational efficiency. Identified opportunities for continued improvements of process to ensure maximum output.

TECHNICAL SKILLS:

Router platforms: MX960, MX480, MX80, T640, T1600, PTX series,Cisco 2500, 26002800, 3600, 3700, 3800, 7200, 7609, Juniper M7i, M10i, M320.

Switch platforms: Cisco 2900XL, 2950, 2960, 3560, 3750, 4500, and 6500, Nexus (2K5K, 7K and 9K).

Firewalls: Juniper NetScreen 6500, 6000, 5400, Juniper SSG, SRX5400SRX5600, SRX5800, Checkpoint (NGX R65, R70 and R71), Cisco Firewalls (ASA 5505, 5506-X, 5585), Palo AltoNetworks (PA-2k, PA-3k and PA-5k)

Load Balancers: F-5 BIG-IP LTM 2000, 3900, 5000, 6400, 6800 and 8900, Blue Coat SG8100, AV 510.

Routing: RIP, EIGRP, OSPF & BGP, Route Filtering, RedistributionSummarization, Static routing

Switching: VTP, STP, RSTP, MSTP, PVSTP+, VLANs, PAgP, LACP, CEF, Multi- Layer Switching and Ether Channel.

WAN Technologies: FRAME RELAY, ISDN T1/E1, PPP, ATM, MPLS, Leased Lines, DSL Modems.

LAN Technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, NAT/PAT, FDDI.

VOIP Devices: Cisco IP phones, Avaya.

Network Mngt/ Monitoring: Solar Winds Orion NPM, SNMP, Cisco Works LMS, NetflowNCM, Cisco Prime and Wireshark.

Carrier Technologies: MPLS, MPLS-VPN.

Redundancy protocols: HSRP, VRRP, GLBP.

Security Protocols: IKE, IPsec, SSL, AAA, Access-lists, prefix-lists.

Software: Microsoft Visio, Remedy, Service Now, MS SQL Server 2008, HTML.

Programing Language: UNIX, Turbo C / C++, Java, Perl scripting.

PROFESSIONAL EXPERIENCE:

Confidential, Plymouth, MN

Senior Security Consultant

Responsibilities:

• Provides supports for day to day global operational activities for Acquired Entities including Change Implementation, handling Work Order Access Requests, High Priority Incident Handling and troubleshooting for Security Devices (Firewalls, Proxies, IPS, SSL, VPN Devices etc.)
• Configuration of Palo Alto Next-Generation Firewall mainly creating security profiles and VSYS per client topology and requirements.
• Successfully installed Palo Alto PA-3060 firewall then configured and troubleshot using CLI and worked with Panorama management tool to manage all PAN firewalls from central location.
• Worked primarily as a part of the security team and daily tasks included firewall rule analysis, rule modification and administration.
• Administer Palo Alto Firewalls to allow and deny specific traffic and to monitor user usage for malicious activity and future QoS.
• Firewall deployment, rules migrations, firewall administration and converting existing rule based onto new Palo Alto Next-Generation Firewall platforms.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs.
• Expertise in Palo Alto design and installation for Application, URL filtering, Threat Prevention and Data Filtering. Maintained and updated Active Directory for authentication purposes.
• Troubleshooting of protocol based policies on Palo Alto firewalls and changing the policies as per the requirement and as per traffic flow.
• Researched, designed and replaced aging firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection.
• Worked on Multi-vendor platform with Check Point, Sonic Wall and Palo Alto firewalls requesting net flow for security compliance, coding, and pushing firewall rules after approval and troubleshoot incidents.
• Maintaining security policies including NAT, VPN and Secure Remote access, Configuring IPSEC VPN (Site-Site to Remote Access) on 3K and 5K series Palo Alto firewalls.
• Involved in the Team of Data Center Operations to perform duties like administration and monitoring of security infrastructure per the organization requirements.
• Administration and support of security devices Confidential datacenters of the Acquired Entities for United Health Group and integrated the AE’s network into the Confidential standards.
• Experience designing and implementing security solutions for large enterprises working on Mergers and Acquisitions space.
• Worked on Blue Coat proxy SG (900, 810 and SG9000 series) and Proxy AV (510,810 and 1400series) in Datacenter environment with hands on experience on inspection, data loss prevention, content caching and bandwidth management using Blue Coat proxy.
• Designed, Configured and maintained Blue Coat reporter 10. Also, configured policies on the Blue Coat VPM, local database and PAC files to filter the traffic flow by creating custom rules, URL categories and routing policies.
• Monitor the network traffic through SevOne and responding to the alerts generated by the monitoring solution as per the severity level of the incident.
• Gained experience on working with migration to Check Point and Palo Alto next generation firewalls.
• Troubleshooting connectivity issues through Blue Coat as well writing and editing web policies and worked on Bluecoat Proxy SG to safeguard web applications in extremely untrusted environments.

Environment: Palo Alto PA-3050, 3060, 5050, 5060 and 7050. Panorama M-100 and M-500, NGX R55 and R65, Blue Coat, Cisco Network Devices, BGP, VPLS, OSPF, EIGRP, QOS, B2B VPN, IPSEC VPN Panorama, SevOne.

Confidential, Austin, TX

Senior Network Engineer

Responsibilities:

• Provides 24/7 support for day to day global operational activities including change Implementation, handling Work Order Access Request, High Priority Incident Handling/Troubleshooting for Security Devices (Firewalls, Proxies, IPS, SSL, VPN Devices etc.) and deploying F5 Load Balancers for load balancing and traffic management of business application.
• Worked on Multi-vendor platform with Check Point, Fortinet and Cisco firewalls requesting net flow for security compliance, coding, and pushing firewall rules after approval and troubleshoot incidents.
• ImplementedSNMPon Cisco routers to allow network management. Completed the installation and Configuration of CSU/DSU, T1, T3 & OC3 circuits.
• Created Standard and extended access lists on Firewalls and Cisco ISR’s to allowSNMP, NTP and logging servers traffic.
• Automate task for system performance,networkingmonitoring, and configuration management using Perl,Python, and Shell Scripting.
• Unix/Linux Shell scripting skills, as well asPythonautomation, and analyzing logs using Perl.
• Working as Senior Network Engineer involving complete Support and supervision for the Junior engineers in the team and be a point of escalation for work on the F5 load balancers LTMs, GTMs, EMs, ASM, APM and Firepass in Datacenter and remote functions.
• Administration and L3 support of our Infoblox DDI deployment and F5 GTM's and configuring various advanced features (Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, and HA) on F5 BIG IP appliances.
• Experience designing and implementing load balancing solutions for large enterprises working on F5 load balancers and Cisco load balancers.
• Executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
• Administration Big IP F5 LTM 8900 for all Local Load balancing and configured profiles, provided and ensured high availability.
• Configuring GTM Communications between BIG-IP GTM and Other Systems for load balancing across Data Centers deploying many load balancing techniques with multiple components for efficient performance.
• Design & Installations from ground up of the F5 appliances and the solution delivery.
• Take care of the Logging issues of the F5 load balancer and how it works with the syslog servers making sure the communications through the switches and routers and firewall hops work as expected.
• Install and upgrade Blue Coat proxy SG (900, 810 and SG9000 series) and Proxy AV (510,810 and 1400series) in Datacenter environment with hands on experience on inspection, data loss prevention, content caching and bandwidth management using Blue Coat proxy.
• Performed configuration of Fabric path and connectivity between Nexus 5K and Nexus 7k and configuration and installation of Nexus 5k, 7k and 9k along with upgrading Nexus OS and performed substantial lab testing & validation prior to implementation of Nexus 7K, 5K & 2K
• Experience configuring Virtual Device Context in Nexus 7010 and worked on F series module on Nexus 7010 and implemented L3 SVI's and L2 VLANs, Inter VLAN Routing and HSRP configuration in Nexus on F series module.
• Monitor the network traffic through Orion Solarwinds and Spectrum syslog server.

Environment: McAfee EPO, F5 Load Balancers LTM and GTM modules, NGX R55 and R65, Cisco ASR 9K, Fortinet, Forti Analyzer, Blue Coat, Nexus 9396, 7010,5548, 5520, 2248, VPC, VDC, VRF, VSS, Alcatel 7750, Cisco ASA, BGP, VPLS, OSPF, EIGRP, QOS, VPM, Solarwinds Orion NPM.

Confidential, Wilson, NC

Network Security Engineer

Responsibilities:

• Security infrastructure engineering experience as well as a Microsoft Windows, UNIX, Juniper firewalls, Palo Alto firewalls, Bluecoat Proxies, Juniper Intrusion Prevention devices, and wireless switch security management.
• Installed SolarWinds Network Performance Monitor with emphasis on traffic analysis, application and virtualization management.
• Added, Removed and Updated custom properties within SolarWinds Orion in line with applicable Configuration Management processes & procedures.
• Management of SolarWinds Orion Suite - Network Performance Monitor, Network Configuration Manager.
• Testing JUNOS images onJuniperMX& Confidential series router platforms covering various protocols and technologies like OSPF, BGP, LDP, MPLS, Layer3 VPNs, VPLS.
• ConfiguredJuniperMX480s, EX8200s, EX4500s, EX4200s, and SRX5800s from scratch to match design.
• Upgrade testbed Hardware to add and support new RLIs. Created 2 new test beds which has maximum coverage ofMXseries router.
• Configuring, upgrading and managingJuniperdevices like M& Confidential series routers, EX,MXand SRX.
• Understanding ofJuniperEX/MX/SRX series architectures and JUNOS platform including hands on configuration.
• Migrated the entire testing environment to Virtual MX supported testing.
• Configuration of Cisco unified computing system (UCS) and using UCS manager perform operation such as device discovery, inventory, configuration, diagnostics, monitoring, fault detection, auditing, and statistics collection.
• Administering and evaluating firewall access control requests to ensure that these requests are compliant with client's security standards and policies.
• Configuration and support of Juniper NetScreen firewalls and Palo Alto firewalls.
• Maintaining Checkpoint security policies including NAT, VPN and Secure Remote access, Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls.
• Configuring Juniper NetScreen Firewall Policies between secure zones using Network Security Manager (NSM).
• Configuration and troubleshooting F5 LTM, GTM series like 6600, 6800 for different applications and monitoring the availability.
• Used FireEye to detect attacks through common attack vectors such as emails and webs.
• Gained experience on working with migration to Check Point and Palo Alto next generation firewalls
• Managed successful delivery of massive security response portfolio including Splunk and Cisco ISE.
• Implemented and administered Websense Web Security Gateway for web content filtering and DLP.
• Improved network and system security through setup and ongoing maintenance of Riverbed IPS and FireEye.
• Firewall deployment, rules migrations, firewall administration and converting existing rule based onto new Checkpoint and Palo Alto Next-Generation Firewall platforms.
• Worked primarily as a part of the security team and daily tasks included firewall rule analysis, rule modification and administration.

Environment: Juniper EX-2200, EX-4200, EX-4500,MX-480, M Series, Juniper SRX5400, SRX5600 and SRX5800, Bluecoat Proxies, Juniper IPD, Juniper NSM, Panorama, F5 LTM, GTM 6600, 6800, Splunk, Cisco ISE, Websense, SolarWinds NPM.

Confidential, San Antonio, TX

Network Engineer

Responsibilities:

• Responsible for designing and implementation of customer's network security infrastructure and provided support for Firewall Engineering and Operations team.
• Juniper Networks Service Provider Routing and Switching.
• Maintain and support WAN connectivity from the service provider to our customer edge.
• Trouble shooting network issues (Latency, Link Down, Packet loss, etc.) on a global Internet Service Provider (ISP) network.
• Key contributions include troubleshooting of complex LAN /WAN infrastructure that include routing protocols EIGRP, OSPF & BGP.
• Responsible for deploying Layer-2/Layer-3 network configurations on various models of Juniper, Cisco
• IOS, IOS-XR, IOS-XE and Nexus NX-OS based routers & switches.
• Configuring BGP/OSPF routing policies and designs, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Tested various BGP attributes like local preference, MED, Weight and replicated customer issues in the testing environment lab.
• Secured network access with Cisco Secure (RADIUS/ TACACS+) and Configured network access servers for AAA Security as well as Cisco UCS.
• Configured Remote User VPN, Site to Site VPN, and Remote Access VPN, Easy VPN, SSL VPN for Client based and Clientless applications.
• Involve in creating a Fortinet firewall policy, Secure Email Gateway and Web Application Firewall.
• Worked on bluecoat web application firewall to improve application performance and to perform health checks on HTTP, HTTPS, TCP, ICAP and ICMP in order to monitor web content servers.
• Installing, Configuring, Administering and supporting the Windows 2003 Server, Windows 2003 Server,
• Windows 2000 Server, Windows 2000 Advanced Server, IDS server, SQL Server and Active Directory.
• Worked with Cisco Layer 3 switches 3750, 4500, 6500; Cisco Nexus 5000 and 7000 in multi VLAN environment with the use of inter-VLAN routing, 802.1Q trunk, ether channel.
• Involved in Network Access Management, operational management and engineering Support of Cisco series ASAs, All PIX and FWSM models.
• Configuring failover for redundancy purposes for the security devices. Implemented the stateful & serial failover for PIX/ASA firewalls.
• Worked on Check Point Firewalls NG, NGX, NGX, R61, R65, R70, R75, R77.
• Gained experience in creating multiple policies and pushing them in to Checkpoint Firewall (Gateways) and hands on experience in managing the Checkpoint Management Server.
• Expertise in configuration of Checkpoint firewall rules, NATing, Site-to-Site VPN connections, IPS, Active-Active and Active-Passive failover and Smart View Tracker.
• Collecting data into central repository for analysis and creating compliance reports as well as centralized reporting using SIEM System.
• Represent the changes Confidential the weekly change review and application migration meetings.

Environment: Solar winds NPM, Juniper ACX series routers, Juniper Ex switches, EIGRP, OSPF, BGP, JUNOS, IOS, IOS-XR, IOS-XE, NX-OS, RADIUS, TACACS+, VPN, Fortinet, Cisco ASA 5500, Checkpoint NG, NGX, NGX, R61, R65, R70, R75, R77.

Confidential

Network Engineer

Responsibilities:

• Configuring/Troubleshoot issues with the following types of routers Cisco (7200, 6500, 4500, 1700, 2600 and 3500 series), to include: bridging, switching, routing, Ethernet, NAT, and DHCP, as well as assisting with customer LAN /WAN.
• Configured and troubleshoot Juniper Ex 4500 and series switches and Juniper ACX series routers.
• Involved in the deployment of Content Delivery Networks (CDN).
• Experience with SQL for extracting the data from SQL database, related to network issues.
• Experience working with Network-attached storage (NAS) to provide Local Area Network (LAN) nodes with file-based shared storage through a standard Ethernet connection.
• Configuring HSRP between VLANs, Configuring Ether-Channels and Port Channel on Cisco6500 catalyst switches.
• Cisco Secure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN 3000 Concentrator.
• Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPsec/GRE to GET VPN.
• Assisted in MPLS migrations, implemented a backup for the existing WAN connection using site-to-site IPsec VPN tunnels.
• Worked on migration of existing PIX firewall to ASA firewall and with converting PIX rules over to the Cisco ASA solution.
• Worked extensively on Cisco ASA 10/5540) Series.
• Involved in Configuration of Access lists (ACL) on ASA firewall for the proper network routing for the B2B network connectivity.
• Experienced in securing configurations of SSL/VPN connections, troubleshooting Cisco ASA firewalls and related network security measures.
• Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation.
• Experience working with Active Directory (as a centralized system) to automate network security management and user data.
• Worked with Aruba Access point as a Public Wi-Fi and successfully implemented Wireless Access Point (WAP).
• Experienced in working with Session Initiation Protocol (SIP) trunking for voice over IP (VoIP) to facilitate the connection of a Private Branch Exchange (PBX) to the Internet.

Environment: Cisco Catalyst 2960/3750/4500/6500 Series Switches, Linux, Cisco 2800/2900/3000 Series ISR's and Cisco 3640/ 0/3845/3600/2800 routers, SQL, Cisco ASA 5500, Juniper Ex switches, Active Directory, Juniper ACX series routers, Windows Server 2003/2008, ACL, SIP, RIP, OSPF, MPLS, BGP, EIGRP, Wi-Fi, LAN, MacAfee, WAN, WAP, IDS, IPS, Aruba WLAN, VPN, HSRP.

Confidential

Network Administrator

Responsibilities:

• Preparing Client Machines for users with Operating Systems, Software, Antivirus and required utilities.
• Perform daily maintenance, troubleshooting, configuration, and installation of all associated hubs, routers, bridges and switches along with traffic management.
• Monitoring the network, troubleshooting network problems, implementing changes, communicating and working closely with vendors, customers and system administrators.
• Develop, plan and maintain documentation necessary for operation in support of LAN to WAN connectivity using Microsoft Visio.
• Validate existing infrastructure and recommend new network designs.
• Handled installation of Windows NT Server and Windows NT Workstations as well as network printers.
• Worked with Remedy ticketing tool in maintaining and keep a track of logs/monitor.
• Conducted online meetings with remote site with Cisco WebEx. Also administered and provided support for data storage system and Storage Area Network (SAN).
• Debugging abilities Confidential L1, L2, L3, and L4 protocols in an Internet-centric environment.
• TCP/IP network planning, implementation and management with subnets.
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems and worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired VLANs.
• Implemented VTP along with 802.1q and ISL trunking on catalyst 3560, 3750 and 4500 switches.
• Configured STP for loop prevention in catalyst switches.
• Provided redundancy in a multi-homed Border Gateway Protocol (BGP) network by tuning AS-path.
• Implementing traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).
• Configured OSPF redistribution and authentication with type 3 LSA filtering and to prevent LSA flooding.
• Configured TACACS+ server authentication on Cisco catalyst switches.
• Configuration of Access List ACL (Std., Ext, Named) to allow users all over the company to access different applications and blocking others.
• Creating user accounts, local and global groups and assigning groups appropriate rights and managing accounts and security policies.
• Built IPsec based Site-to- Site VPN tunnels between various client locations.
• Documenting and Log analyzing the Cisco PIX series firewall.
• Gained scripting experience in Perl.
• Involved in Configuring and implementing of Composite Network models consists of Cisco7600, 7200, 3800 series and ASR 9k, GSR 12K routers and Cisco 3500, 3560, 3750, 4500, 5000 and 6500 switches.
• Faster Cisco IOS version upgrades using In-Service Software Upgrade (ISSU) within a VSS environment ensuring that customers experience no downtimes and able to provide continuous access to applications, data and content from anywhere and anytime.
• Using Event Viewer, Performance Monitor, and Wireshark Network analyzer to find and troubleshoot bottlenecks in the network.

Environment: Cisco Catalyst 2960/3500/3560/3750/4500/6500 Switches, Cisco 3640/12000/7200/3845/ 3600/2800 routers, PIX Firewall, TACACS+, ACL, RIP, OSPF, MS Windows NT, FTP, HTTP, DNS, DHCP, MPLS, BGP, EIGRP, LAN, WAN, VLAN, VTP, VPN, HSRP, WebEx, Perl and Wireshark.