SUMMARY

• Around 8 years of experience in design, implementation, trouble shooting, development and maintaining enterprise data network systems by dealing with Network Security, Cisco routers and Cisco Catalyst Switches
• Solid Experience in Firewall technologies include general configuration, risk analysis, security policy, rules creation on Fortinet
• Solid experience in Network security using ASA/PIX Firewall, Cisco IDS/IPS, AAA, and IPSEC/SSL VPN
• Implemented security policies using ACL, Firewall, IP Sec, VPN, AAA Security TACACS+, and Radius on different series of routers.
• Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 5500(5510/5540) Series.
• Extensive knowledge and experience of routing protocols RIP, OSPF, EIGRP and BGP.
• Thorough understanding of LAN Switching (L2 /L3) including VLANs, Private VLANs, Trunking, Ether Channel, VTP and Spanning Tree.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools
• Experience in configuring and troubleshoot of Wireless LAN Controller and Access Points
• Updated Fortinet firewall with option 150 scripts to allow DHCP and configurations for the Cicso IP Phones.
• Strong hands on experience in installing, configuring, and troubleshooting of Cisco 7600, 7200, 3800, 3600, 2800, 2600, 2500 and 1800 series Routers, Cisco Catalyst 6500, 4500, 3750, 2950 and 3500XL series switches.
• In depth knowledge in TUFIN Orchestration Suite that includes securetrack,secure change, and secure app.
• Worked on Data center using Cisco Nexus 7000, 5000, 2000 data center switches.
• Strong experience in Server Load Balancing technologies which includes Cisco and F5.
• Strong understanding and experience in wireless LAN.
• Experience in installing, configuring and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 series
• Experience working with Palo Alto Firewalls.
• Expertise in installing, configuring and troubleshooting Juniper Routers ( E,J,M and T - series)
• Ability to handle multi-vendor network equipment’s.

TECHNICAL SKILLS

Cisco routers: Cisco 7200, 2800,2600,3800,3600(ISO -Version 12.0, 12.2)

Cisco Switches: Cisco Catalyst 6509,6513,3500,5500,5000,2900(IOS- Version 12.4)

Cisco nexus data center switches: 7000, 5000 (NX- OS version 5.1,5.2)

Load Balancer: Cisco CSS, F5 Networks (Big-IP)

WAN Optimization: Cisco WAAS, PPP Multilink

Routing: OSPF, EIGRP, BGP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static Routing

Switching: VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switching, Multicast Operations, Layer 3 Switches, Ether channels, Transparent Bridging

Juniper: EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240

Firewalls: Checkpoint, Cisco ASA, Cisco PIX, Juniper SRX,Fortinet, TUFIN

Network Management tools: Solar winds (Network Configuration Manager, Network PerformanceMonitor)

PROFESSIONAL EXPERIENCE

Confidential, Rockville, MD

Firewall Engineer

Responsibilities:

• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience
• Managed 2 "Hub" 1500D firewalls that handled URL/App filtering for the entirety of our customer-base being rolled out with Fortinet firewalls and APs.
• Configuring various advanced features (Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital Certificates, Executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
• Firewall policy provisioning on Fortinet Fort iGATE appliances using FortiManager.
• Experience working in Cloud infrastructure with VMware ESXi Server platforms for application servers. Network Configuration for server apps and app migrations support.
• Implementation, configuration and support of Checkpoint and ASA firewalls for multiple clients
• Implemented and troubleshooting the Virtual firewalls (Contexts) solutions in ASA
• Analyze rule usage and shadow reports using Tufin and recommended best course of action to optimize rules
• Regular upgrade and maintenance of Infrastructure, Installing, configuring, and maintaining Cisco Switches (2900, 3500, 7600, 3700 series, 6500 series) Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800) Cisco Router and Switches, Juniper Routers and Firewalls, Nexus 7k,5k & 2k, f5 BIG IP, Palo Alto Firewalls
• Migrated, created, and managed pools and clusters in F5 BigIP GTM 3DNS load balancers across multiple Datacenters.
• Involved in Configuration of Access lists (ACL) on Juniper and Palo ALto firewall for the proper network routing for the B2Bnetwork connectivity.
• Switching technologies like VLAN, Inter-VLAN Routing, Ether-channel, VTP, MLS, HSRP, VRRP,
• Worked extensively in Configuring, Monitoring and Troubleshooting Juniper security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
• Troubleshooting and management of NetScreen and SRX Firewalls.

Confidential, Strongsville, OH

Network Engineer

Responsibilities:

• Configured Cisco 7204 routers which were also connected to Cisco ASA Firewall (5505) security appliances providing perimeter based firewall security.
• Implemented Site-to-Site VPNs over the Internet utilizing 3DES, AES/AES-256 with ASA Firewall 5505.
• Configured Protocol Handling, Object Grouping and NAT on ASA Firewalls (5505).
• Designed perimeter security policy; Implemented Firewall ACL’s; Allowed access to specified services; Enabled IDS/IPS signatures in Firewall & fine-tuned TCP & UDP.
• Upgraded load balancers from Radware to F5 BigIP v9 which improved functionality and scalability in the enterprise.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools
• Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
• Provide Tier II Level Load Balancer expertise on F5 BigIP Local Traffic Managers (LTM). Designing F5 solutions/supportfor migration work of applications and websites from Cisco CSS Load Balancers to the F5 BigIP Load Balancers
• Involved in Installing and Configuring a Cisco secure ACS server for AAA authentication (RADIUS/TACACS+).
• Used load balancers ACE and load balancing technique with multiple components for efficient performance and to increase reliability through redundancy.
• Troubleshoot latency and throughput issues on MPLS and Dedicated Internet Access circuits.
• Configured Client VPN technologies including Cisco’s VPN client via IPSEC.
• Supported the telephony specialist in the phased migration from PBX based systems to VOIP. Configured separate VLAN for VOIP to implement QoS and security for VOIP.
• Configured and Maintained the Local Network using 2900, 6500 series Switches and 2800 series Routers. Configured and installed the 3600 series Router.
• Implemented and Maintained Routing Protocols EIGRP and OSPF in the Network.
• Handled switching related tasks included implementing VLANS, VTP and configuring Fast-Ethernet channel between switches.
• Achieved proficient in Adaptive Security Device Manager (SDM) and used it while performing security audit on routers.
• Created effective network security by migrating from Check Point FW-1 NG to ASA 5510 Firewalls

Confidential, Bellevue, WA

Network Engineer

Responsibilities:

• Troubleshooting latency and throughput issues on MLPS and Dedicated Internet Access circuits.
• Installed, configured and troubleshot Cisco wireless network, Wireless LAN controllers
• Built an accruing network via MPLS circuits to split the trusted and un-trusted traffic via a Cisco ASR Router.
• Has a good experience working with the Trouble Tickets on F5 Load balancers and ASA Firewalls
• Involved in installation of 3845 series Routers at branch office edge and 7604 series router at the Zonal office Edge. These were the CE equipment for MPLS, configured BGP on CE for route advertisement To PE.
• Performed network troubleshooting, second level technical support, and tape backup operations.
• Served as a main escalation point of contact for level II personnel.
• Configured the Cisco ASR to use the VRF routing functions to completely split the traffic through the network.
• Configured Wireless Access Points in order to control them with RADIUS server
• Coordinated with higher-level support and external vendors for resolution.
• Configured VLAN's on Switches for Wireless Access Points.
• Monitored Network Management System and responded to events, alarms and trouble tickets.
• Included network services such as DNS, email, web, Servers, VPN and Firewall. .
• Migrated from Frame-Relay/ATM network to MPLS-based VPN for customer’s WAN infrastructure.

Confidential

Technical Network Engineer

Responsibilities:

• Configured Cisco Routers for OSPF, RIP, IGRP RIPv2, EIGRP, Static and default route.
• Performed troubleshooting, while maintaining trouble ticket tracking, following internal/external escalation procedures and customer notifications.
• Supporting Development team for the access to corporate network and outside world. Providing access to specific IP, Port filter and port access. implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.
• Installing new equipment to RADIUS and worked with MPLS-VPN and TACACS configurations.
• Working on creating new load balancing policies by employing BGP attributes including Local Preference, AS-Path, and Community,Providing technical support to LAN & WAN systems.
• Provided technical support on hardware and software related issues to remote production sites.
• Performed administrative support for RIP, OSPF routing protocol.
• Maintained redundancy on Cisco 2600, 2800 and 3600 router with HSRP.

Confidential

Jr Network Engineer

Responsibilities:

• Installed and supported LANs, WANs, network segments, and Internet, and also maintained network hardware such as Cisco routers 2600 series, 2800 series, 3600 series, 3800 series and Cisco switches
• Configuration and troubleshooting issues related to access lists and DNS/DHCP issues within the LAN network.
• Worked with senior network engineers for multiple site Upgrades for data and VOIP equipment’s and also in re-configuring the new device and making sure projects are done under defined project timelines.
• Monitored networks to ensure security and availability to specific users and modified system's performance based on the network and system requirements and to maintain integrity of the network, server deployment, and security.
• Maintained and provided Level 1 technical supports for all network related issues and providing the requirements of the customer by interacting with the customer on daily basis via email and phone.