SUMMARY

• Network Engineer with 15 years of IT experience and administration with technical expertise in the operations and support functions of mission - critical business solutions. With 3 years of experience in the Financial Domain supporting Market Data Systems.
• Comprehensive understanding of networking concepts pertaining to LAN, WAN, security, IT communication, WAN protocols, Networking devices administration and maintenance in multi-vendor environments.
• Adept in analysing information system needs and evaluating end-user requirements.
• An effective communicator with exceptional relationship management skills with the ability to relate to people at any level of business.
• Team player and A Quick learner.
• Designed/Built the lab infrastructure, using VMWARE ESXi for creating test machines. Automate the config backups using scripts for all the lab gear which includes Cisco Routers/Switches, Cisco ASA 5515-X, Meraki Switches/Firewalls.
• Configured VPC’s, Port-Channels, STP, NAT, Security Policies, Site-to-Site VPN Tunnels, Remote Access VPN’s, DMVPN, OSPF, and BGP in Data Center Environments.
• Performed Supervisor engine upgrades, firmware upgrades on Routers, Switches, Firewalls, Load Balancers, and Infoblox DNS. Fine-tuned High Availability configurations on Firewalls, Tested FailOver.
• Created Standard Operating Procedure documents for operation teams.
• Created and Maintained forward/reverse lookup zones, NTP on Infoblox DNS Grid, troubleshooted DNS resolution issues.
• Configured vip’s, setup iRules on F5 Load Balancers

TECHNICAL SKILLS

Hardware: Fortigate UTM Firewalls, Cisco ASR 1000, Cisco Nexus 5548, 5596,PIX 515, ASA 5510, 5520, FWSM, VPN Concentrator 3005, IPS 4215, Cisco 7206, Catalyst 6500,4900,4500,3745,2611 XM, 1760, 1751-V Routers, 2950 Series Catalyst Switches, Juniper SRX 3400, Juniper ISG 2000, SSG 50, SSG 550, Tavve ZR-50, Dell Power Connect M6220 IO Modules & Catalyst 3130 IO Modules for Dell M1000e Chassis.

SD-WAN: Versa FlexVNF, Director, Velo Edge, Orchestrator and Gateways

Load Balancers: F5 LTM .2.4, Cisco ACE

DNS: Infoblox

Web Filtering: FortiGate, Forcepoint Cloud Solution

OS: Red Hat Enterprise Linux, Windows 2000

Scripting: Bash Language, Perl, Python

Tools: Glue Networks, Cisco Security Manager 4.0, Men and Mice Suite 6.1, ACS 5.2, Zabbix, Solarwinds Orion

PROFESSIONAL EXPERIENCE

Confidential, Portland, OR

Principal Consultant

Responsibilities:

• Document Testing/Evaluation methodologies and results
• Develop Evaluation matrix for all the platforms tested
• Automate the Install/deployment process using PROTON ( in-house tool)
• Train the Install teams
• Evaluating FortiSIEM, FortiManager & FortiAnalyzer for reporting
• Evaluating FortiGate for User Authentication, Deep Packet Inspection
• Compiled the Inventory list and designed the Lab Network for R&D and NIS install teams in Hyderabad.
• Conducted Functional & Feature Testing on SD-WAN Solutions from Versa Networks and VeloCloud.
• Conducted Functional Testing on Force Point Cloud Only Web Filtering & Threat Detection Solutions.
• Scripting using Perl Compatible Regular Expression language in Glue Networks for listing the EIGRP AS’s and Neighbors on Client Premise Equipment.
• Develop User Interface, Config Template and Blue Print in Proton to generate configuration for ASA 5500-X platforms based on values (ex: ip addresses, vlan id, EIGRP AS, VPN Pool, etc) input by Implementation Engineers.

Environment: VMWARE ESXi, ISR4000, FortiGate Appliances, Websense i500, Catalyst switches, Meraki MS switches, Cisco ASA, FortiManager, FortiAnalyzer, FortiSIEM, FortiCloud, VeloCloud SD-WAN Edge and Gateways, Versa SD-WAN.

Confidential

Principal Consultant

Responsibilities:

• Perform security remediation work to fix software vulnerabilities in networking equipment
• Participate in Day-to-Day operational activities for SF, Chicago Datacenters and Remote Branch offices
• Manage ITC Corporate infrastructure (Cisco Routers, VPN Concentrators and Wireless AP’s)
• Install routers/switches at new ITC Office Locations
• Participate in design meetings for onboarding new clients into ITC Hosted Infrastructure.
• Setup vpn, nat and routing configurations.
• Setup VIP’s on F5, configure iRules
• Plan changes/upgrades for stabilizing, optimizing the network infrastructure.
• Configure config backup schedule for all the network devices
• Identify action items/tasks for the team ex: IP Address reclamation, Automation of F5 config backup
• Came up with a new design to accommodate Heartbeat VLAN Traffic for Oracle RAC Servers when Dell M6220 switches are configured in Stacking Mode.
• Reconfigured switch ports and Dell M1000e CMC ports to accommodate iDRAC ip assignments from Multiple Vlan’s.
• Performed F5 LTM upgrade from 9.x to 10.x
• Performed NIOS upgrade on Infoblox from 6.5.8 to 7.2.0
• Conduct product/technology evaluation.
• Successfully conducted the POC for integrating Fortigate 300D into ITC Corp Infrastructure to provide remote vpn solution for mobile users.
• Prepared the test cases for the POC, coordinated with the vendor on a regular basis for resolution of various issues encountered during the product evaluation.
• Prepared the Standard Operating Procedure documents for day-to-day activities prior to Go-Live.
• Successfully configured and tested dot1x authentication for wired and wireless in Chicago Office which served as the POC site for this project. Provided guidance to Internal IT Admins on the policy configuration and testing using Windows Network Policy Server
• Implemented the Peplink Balance solution for internet traffic load balancing across 2 circuits.
• Setup VPN tunnels to BaaS POC customers and came up nat setup guidelines for use with these customers

Environment: Cisco ASR 1000, Cisco ISR Routers, Cisco Nexus 5k, 9k, Cisco FEX, Catalyst 6K, 4K, Cisco ASA, Dell Power Connect M220 switches, Cisco AP, Meraki AP, FortiGate 300D, FortiAuthenticator, Juniper SSG 550M, F5 LTM, Infoblox DNS, OSPF, BGP, DMVPN, DOT1X.

Confidential

Principal Consultant- Network Specialist

Responsibilities:

• Conducted functional tests on Netscreen code 11.3R11 certification on SSG550
• Conducted functional tests on Juniper SRX 240 running version 11.1 R6.4
• Automated monitoring of Juniper SRX 240 using Perl scripts and Zabbix.
• Managed the Zone Ranger Proxy Gear, which is part of the Secure OOB solution.
• Participate in Hardware / Software certification process, prepare technical guides for operations team.
• Test new products integration with the ACS infrastructure for compliance with the organization’s security policies.
• Compiled a Feasibility Document for centralizing and consolidating the Engineering functions and labs.
• Conducted training on ACS 5.2 infrastructure for the NMCS (Network Management & Configuration Services Team)

Environment: Juniper SRX, Cisco ACS 5.2, Tavve ZR-50.

Confidential

Lead Operations Engineer

Responsibilities:

• As part of my day-to-day job, I configure Access Control Lists on the Firewalls (ASA/PIX/FWSM) across Confidential ’s network.
• As part of the Policy Boundary Management Team, I undertake internal projects to assess the existing access control lists on the firewalls and secure Confidential ’s network.
• Formulate Security Policy Templates for various environments in Confidential .
• Implement & Update Security Policies on Firewall/Routers.
• Maintain SLA for ACL Implementations.
• Synchronize the ACL configuration between the firewalls and Cisco Security Manager Server.
• Manage & Allocate IPV4 & V6 address space in Confidential .
• Participate in Network Design Review meetings
• Participated in the pilot for CSM 4.1 beta program and Men and Mice IPAM for IPv6.
• Designed new firewall security policies for the Order Management Network, AgentDesktop & XBOX Vlan. supporting MS Retail Infrastructure during the Store Launch Period. resolving connectivity issues to Singapore and Dublin FTP servers. resolving major incident in Order Management Network resolving ACL issues on RSM Servers during the critical AQR release.

Environment: Cisco Security Manager, Cisco PIX, Cisco ASA, Cisco FWSM, Catalyst 6500.

Confidential

Sr. Engineer- Networking

Responsibilities:

• Involved in the establishment of Feed Handler workstations at the “Dubai Financial Market “in a Live / Standby Mode (Feed Handler Application is used to take the real-time trades feed from the stock exchanges).
• Pivotal in setting up the Workstations with various Confidential applications for the “BrightSpot (Showcasing Confidential applications to prospect clients and financial institutions) “Event, which happened for the first time in the Gulf Region.
• Worked on the “ Confidential Technical Helpdesk “which caters to the whole of Gulf

Environment: HP DL360, 380, IBM x345 Servers, WindowsNT/2003, Cisco 1720 Routers, Cisco 2950 Switches, Digital Machines, Redhat Linux.

Confidential

Network Engineer

Responsibilities:

• Involved in planning & implementing WAN links, reporting daily, weekly or monthly as required of equipment status, breakdown and utilization thereof.
• Change management for improving efficiency of existing network, planning and execution of extensions, expansions and configuration, Link Monitoring, tracking and monitoring the projects as per the plans.
• Administration of Windows 2000 Servers and Win 2000/XP/98 Machines, Tunnel Implementation using IPSEC Encryption and GRE, Configuration of Routers.

Environment: Checkpoint NG, Cisco Routers - 3660, Switches - Catalyst 2950Windows 2000 Advanced server, Exchange 2000, Red Hat Linux 9, Win 2kprofessional, Servers - HP Proliant DL380 Dell Power edge (2650/1650), andWorkstations - Precision 360, Optiplex GX260/60 & Compaq D220MT

Confidential 

Network Engineer

Responsibilities:

• Involved in configuration changes on the Packet Data Serving Node Card. monitoring the Packet Control Functions connectivity across the country.
• Monitoring Sun Servers which run load balancing and monitoring applications, maintenance of the user database and Client site for implementation.

Environment: iPlanet Directory Services, Sun Solaris, 3COM Packet Data Serving Node Cards.