SUMMARY

• CCNA, CCNP, Palo Alto ACE certified professional with 8 Years of experience in design, deployment and troubleshooting of routing, switching, Firewall networks.
• Experience in layer - 3 Routing and layer-2 Switching. Dealt with Nexus 7K, 5K, 2K series and Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3750, 3500, 2900 series switches.
• Expertise in configuration of routing protocols and deployment of OSPF, EIGRP, BGP and policy routing over Cisco routers.
• Experience with designing, deploying and troubleshooting LAN, WAN, Frame-Relay, Ether-channel, HSRP, Port Security, IP Routing Protocols - (RIPV2, OSPF, EIGRP and BGP), ACL's, NAT, PAT, VLAN, STP, VTP, QoS, Traffic Policing, Shaping.
• Proficient in Configuring Virtual Local Area Networks (VLANS) using Cisco routers and multi-layer Switches and supporting STP, RSTP, PVST, RPVST along with trouble shooting of inter-VLAN routing and VLAN Trunking using 802.1Q.
• Involved in Data center migration including subnet, VPNs migration, network and security device configurations.
• Experience working with Cisco IOS-XR on the ASR9000 devices for MPLS deployments. Installation, configuration and maintenance of Cisco ASR 9K, 7k, 3900, 2800, 2600, 2500 and 1800 series Router.
• Experience with design and deployment of MPLS Layer3 VPN, MPLS Traffic Engineering.
• Configured Security policies including NAT, PAT, VPN's and Access Control Lists.
• Implemented redundancy with HSRP, VRRP, GLBP, Ether channel technology (LACP, PAGP) etc.
• Implemented Security Policies using ACL, IPSEC, SSL, VPN, IPS/IDS.
• Worked on F5 LTM 8900,CitrixNetScalerconfigured profiles, provided and ensured high availability.
• Worked on Load Balancer F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Experience working on Palo Alto Firewalls, Check Point and Cisco ASA Firewallsenvironments.
• Experienced with Juniper: EX-2200, EX-4200, EX-4500, MX-480, and M Series, SRX210, SRX240.
• Strong hands on experience on PIX Firewalls, ASA (5540/5550) Firewalls.
• Implemented Security Policies using ACL, IPSEC, SSL, VPN, IPS/IDS.
• Configured ASA 5520 Firewall to support Cisco VPN Client on Windows 7/XP/Vista. Hands on in deployment of GRE tunneling, SSL, Site-Site IPSEC VPN and DMVPN.
• Experience in adding Rules and Monitoring Checkpoint Firewall traffic through Smart Dashboard and Smart View Tracker applications.
• In-depth knowledge on Amazon EC2, S3, Simple DB, RDS, Elastic Load Balancing, SQS, and other services in theAWScloud infrastructure such as IAAS, PAAS and SAAS.
• ConfiguredAWSIAM and Security Groups in Public and Private Subnets in VPC.
• Worked on deployment of complex infrastructure usingAWSCLI andAWSConsole.
• Created cloud front for delivery of websites, APIs and content by routing traffic using Route 53.
• Experience in configuring and implementing variousAWScomponents such as Elastic IPs, EBS, ElastiCache, Elastic Beanstalk, DynamoDB, Redshift and Cloud Formation.
• Excellent technical and project management skills combined with strong communication skills.

TECHNICAL SKILLS

Operating Systems: DOS, Windows 95/98, Windows NT/2000/XP/Vista/7/8/10

IP Routing: RIPv1, RIPv2, BGP, OSPF, IGRP, EIGRP, TACACS+, Radius, AAA

Communication Protocols: TCP/IP, UDP, DHCP, DNS, ICMP, SNMP, ARP, RARP, PPP, HDLC and ISDN

Layer 2 technology: VLAN, VTP, VMPS, ISL, dot1q, DTP, Spanning-tree, PVST,SPAN

Layer 3 Switching: CEF, MLS, Port Channel.

Topologies: Frame Relay, ATM, T1, T2, T3, OC3, OC12, OC48, Ethernet, Cable Modem, xDSL and Wireless

Network Peripherals: Hubs, Cisco switches (2900, 2924, 2950, 3550, 3560, 4000, 5500, 6500, 6509, 6513,), Cisco routers (1921,2600, 2800,2911, 3640, 3700, 3825, 7200, 7204, 7206), Cisco PIX500 series, Cisco ASA 5500 series, Cisco 1200 Aironet Access Points, CSU/DSUs, network cards and Modems

Network Management Tools: Solarwinds, MRTG, HP Open view, Cisco WAN manager, Cisco works 2000

Sniffers: Ethereal (Wireshark)

Software: Microsoft Office 97/2000, MS Visio

Firewall Security: Cisco ASA, Juniper SRX, Checkpoint, Palo Alto, Fortinet.

Load Balancer: Cisco CSS, F5 Networks, Security with Checkpoint and ASA’s

WiFi Elements: Cisco Access Points/RuckusZoneDirector, Cisco WLC.

PROFESSIONAL EXPERIENCE

Confidential, Centennial, CO

Sr. Network Engineer

Responsibilities:

• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems. Mutual redistribution of OSPF and BGP routes using route maps. Troubleshoot connectivity issues involving VLAN's, OSPF, QoS etc.
• Worked in turning up the Enterprise network which included Corp network and console network, generating the configs and configuring the QFX5100 junipers and turning up BGP and OSPF from parent to child DC’s with the CM’s.
• Implemented various OSPF scenarios on networks consisting of 7600 routers. Configuration 7609, 7606 with OSPF and catalyst 6505, 4500, 3550 switches with various VLAN.
• Creating private VLANs & preventing VLAN hopping attacks and mitigating spoofing with snooping & IP source guard.
• Working on BGP configuration and turn up, adding the networks to the prefix list.
• Worked on Cisco 4506 E, 6509, 3650, 3850, Nexus 7k switches, adding them to the management and making sure they are in compliance with all the rules.
• Complex troubleshooting to include network protocol and log analysis, raw data captures, and the correlation of disparate events spanning multiple devices and platforms.
• Involved in troubleshooting IP addressing issues and Updating IOS images using TFTP.
• Worked on Migration of Cisco routers to new Amazon hardware in the core team.
• Running the CM’s and worked on improving the process of Change Management.
• Part of the Network Engineering and Implementation team, deploying the network devices.
• Used Infoblox to create and manage newly created DHCP scopes.
• Responsible for the deployment, implementation, and stability ofMerakiinfrastructure.
• Performed on staging of devices onMerakidashboard before deployment.
• Utilized multiple Network monitoring tools such as Cisco Prime, CA, cacti, SolarWinds, ForeScout Counter ACT NAC, Cisco WSA, Netflow, CA Spectrum to handle & troubleshoot network issues.
• Incident logging, change and problem management using Service Now tool.
• Extensive experience with the Palo Alto Panorama management console. Packet analysis with Wireshark. Configuration of Palo Alto firewalls, access policies, Application & URL filtering, Security Profiles, Global Protect VPN, Data filtering and file blocking.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall. Executed changes on various Firewalls proxies and scripts over entire network infrastructure using Service Now ticketing tool.
• Troubleshooting the VPN tunnels by analyzing the debug logs and packet captures. Advanced knowledge in Design, Installation & configuration of Palo Alto.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls. Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewalls. Integrated Panorama with Palo Alto firewalls, for managing multiple Palo Alto firewallswith single tool.
• Configured SNMP on Palo Alto firewalls 3060, 5060, 7050 for receiving incident alerts and notification and wrote SSL decryption policies for decryption of traffic to provide Anti-virus, Malware protection.
• Configuration of policies, objects and applying NAT & Web Filtering on Palo Alto. Troubleshooting of protocol based policies on Palo Alto firewalls and changing the policies as per the requirement and as per traffic flow.
• Integrating Panorama with Palo Alto Firewalls, managing multiple Palo Alto Firewallusing Panorama. Provides updates and upgrades to the Palo Alto Firewall and Panorama devices. Involved in upgrade of Panorama to version 7.1.5.
• Worked on FortiGate 5000-series security appliance to maintain SSL Inspection, Application control, Firewall and VPN management.
• Extensive use of NSM (Network and Security Manager), FortiOS 5 and CSM (Cisco Security Manager) for adding or modifying firewall policies for the firewalls in use.
• Configuring and troubleshooting as well as creating Virtual Servers, Nodes, Pools and iRules on BIG-IP F5 load balancer LTM for load balancing and traffic management in DC environment. Tests security measures to reduce and mitigate risk. Actively probes the network for new threats and risks.
• Creating Virtual IP address, Pools and Persistence profiles on F5 LTMs. Configured F5 GTM solutions, which includes WideIP’s, Pool Load Balancing Methods, probers and monitors recreating Http and https redirect VIP's to provide secure resources to client from data servers.
• Implementation and Configuration (Profiles, I Rules) of F5 Big-IP LTM-6400 load balancer. Installed high availability Big IP F5 LTM and GTM load balancers to provide uninterrupted service to customers.
• Configured Citrix NetScaler responder policy and to maximize the performance and availability of all applications and data, and also provide secure remote access to any application from any device.
• Configured Citrix NetScaler ADC for load balancing and assigned virtual server IP (VIP) address to virtual servers.
• Responsible for supporting the Citrix NetScaler F5 platform, configuring, implementing and troubleshooting Citrix NetScaler VIP configuration with health check, policy configurations Access Gateway, and content switching configuration solutions.
• Troubleshoot remote access services like Citrix NetScaler, Cisco VPN clients and for the users to access their enterprise network.
• Efficient use of Microsoft VISIO/Office as technical documentation and presentation tools.

Confidential, Weston, FL

Sr. Network Engineer

Responsibilities:

• Configuration and troubleshooting on HSRP, VRRP, GLBP, RSTP, and MST related issues coming in network environment.
• Plan, Design and assist in deploying network devices in Enterprise wide Network.
• Worked on different networking concepts and routing protocols like BGP, EIGRP, OSPF, DNS and other LAN/WAN technologies. NAT and PAT configuration and troubleshooting.
• Performed redistribution with OSPF, EIGRP, RIP version 1 and 2 to enable communication with backbone.
• Worked on migration, deployment, and break fix activities as and when required and worked on migration of LABS and Dev rooms and VLAN migration and installing new switches. Worked on Cisco 9k (9006) routers and its prefix lists.
• Experience in Cisco/Juniper Networking, Security that includes Designing, Deployment and providing network support, installation and analysis for a broad range of LAN / WAN protocols.
• Successfully Installed Cisco 4506 E Switches and adding them to the management and making sure they comply with all the rules in HPNA.
• Part of the Network Design and Deployment Services (NDDS) team, deploying the network devices and contributed my best.
• Worked on infoblox to assign IP addresses to applications.
• Worked on MPLS for QoS, and to reduce traffic latency, jitter, down time and packet loss.
• Decommissioning the devices and removing them from monitoring tools and DHCP store and IP manager. Worked on TCP/UDP protocols, OSI layers, and access lists. Worked on code upgrades on Cisco 9006 and 9001 routers using ftp servers in MDF’s.
• Worked on DHCP store and DNS servers and worked on the DHCP lease times of the AP’s when we were swapping/upgrading the Aruba models and worked on WLANS and Aruba and cisco LAN controllers, provisioning the AP’s.
• Performing network monitoring, providing analysis using various tools like WireShark, Solarwinds etc.
• Assist in layer 2 issues with the senior engineer as well as monitor the status of the network with Solarwinds for the LAN/WAN andCiscoPrimefor the wireless APs.
• Fixing the Wi-Fi and Access Point issues and troubleshooting the AP’s on the Wireless Controllers (WLC’s), Cisco Prime. Hard resetting the AP’s.
• Worked with Palo Alto FirewallsPA250, PA4050, PA3020 using Panorama, performing changes to monitor/block/allow the traffic on the Firewall.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Executed changes on various Firewalls proxies and scripts over entire network infrastructure using Service Now ticketing tool.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls and Checkpoint. Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewalls.
• Integrated Panaroma with Palo Alto firewalls, for managing multiple Palo Alto firewallswith single tool.
• Managed rules on Cisco checkpoint NGX firewall.
• Troubleshoot remote access services like Citrix NetScaler, Cisco VPN clients and for the users to access their enterprise network. Monitoring and analyzing traffic on Check-Point and Fortigate Firewall.
• Experience in installation and troubleshooting Fortinet Firewall. Worked extensively on Palo Alto, Fortinet. Responsible for planning, documenting and implementation of complex Firewalland VPN solutions, VMware, Fortinet.
• Managed VPN, IPSec, Endpoint-Security, status policy, Application control, IPS, Monitoring, Anti-Spam, Smart Provisioning, DLP using Checkpoint Firewalls.
• Installed, configured and set security policies on cisco and checkpoint firewalls, VPN.
• Hands on Experience with blocking of IP's on Checkpoint that are suspicious. Responsible for Checkpoint firewall management and operations across our global networks.
• Extensive Packet level debugging and troubleshooting on Checkpoint Firewalls to resolve numerous network issues.Analyzed the Policy rules, monitor logs and documented the Network/Traffic flow Diagram of the Checkpoint Firewallsplaced in the Data Center with MS Visio.
• Worked on adding the switch management IP and static IP’s reservation in DHCP store and add a new scope on appropriate DHCP server (give the name, starting and ending ip's) and configuring for fail over and activating the scope and replicating them on to the redundant servers.
• Worked on IPsec VPN tunneling, configuring the tunnel on both the end routers, Hub routers and event routers during Hackathon Events.
• Opening the change requests (CR) and working on the assigned tickets in the SNOW requests and following up with the appropriate teams and have meetings with them to solve the tickets.
• Worked on Subnet move successfully and subnet decommissioning and assisting in network lab/dev moves and merging the subnets when needed in IP Manager.
• Installing the Bluetooth beacons in the Aruba WAP’s at major MS buildings for the location services successfully as per the schedule.
• Worked on Cisco ASA writing the ACL’s, Cisco IOS XS, and XR. ConfiguringCiscoASA and DeployingAnyConnectVPN client
• Checking for compliance on HPNA, taking the snapshots whenever a new device added to the network and update the SNMP strings when possible.

Confidential, Sandy Springs, GA

Network Engineer

Responsibilities:

• Configuring BGP/OSPF routing policies and designs, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Worked on the cisco 2900 series router and upgrading the software on it.
• Standard documentation of procedure, raised multiple change request, followed up for approval -technically (TCAB) and by management (DCAB) during change meetings.
• Implement LAN/WAN technologies in support of a data center implementation.
• WAN optimization techniques Deduplication, bandwidth throttling, bandwidth compression, web caching and redundancy.
• Worked on InfoBlox to change and create Secure DNS, DHCP and IPAM.
• Provide fault isolation and root cause analysis for technical issues and document them accordingly, troubleshooting issues related to DHCP, DNS, Multicast, and SNMP.
• Configuring, troubleshooting and maintaining Cradle point devices for backup.
• Worked on Riverbed WAN Optimization techniques for efficient transfer of data in hybrid WAN, thus reducing the bandwidth consumption.
• Worked on QoS, Intelligent WAN and Riverbed devices and latency issues.
• Participate in the meetings to discuss analysis of how new technology changes business and organizational relationships.
• Experience on the tools that deliver on a virtualized architecture giving the freedom to support collaboration services with no compromising in security, flexibility and management, or application functionality.
• Supported the deployment, testing and acceptance of Ruckus and Cisco Access Point as essential part of the Wi-Fi infrastructure to support wireless products and services to be delivered via Wi-Fi.
• Designed and configured Core IP infrastructure to test the new Access Points, which included qualification of Wi-Fi Core network elements comprising the AAA, LDAP, Load Balancers (A10), and Cisco, based routers, aggregators and ISGs.
• Migrated application specific firewall rule while moving server from one Data Center to another.
• Plan Design and assist in deploying enterprise wide Network Security and High Availability Solutions for ASA successfully.
• Worked on CISCO ASA 5500 series Firewalls (5510, 5550, and 5585) for various application accesses for Application Vendors and Offshore implementation teams.
• Monitoring Traffic and Connections in Check Point and ASA Firewall.
• Manage project task to migrate from Cisco ASA Firewalls to Check Point Firewalls.
• Experience in adding Rules and Monitoring Checkpoint Firewall traffic through Smart Dashboard and Smart View Tracker applications.
• Creating and implementing security policies based on network traffic analysis for internet firewall.
• Performing the ACL requests change for various clients by collecting source and destination information from them.
• Experience with SNMP, Syslog, network alarming and performance monitoring protocols, Wireshark, NetScout.
• Regularly performed Firewall audits around Check Point Firewall-1 solutions.
• Using Smart Update, user management and authentication in Check Point Firewall.
• Migrations included and not limited to Cisco to Cisco and Cisco to Checkpoint and Checkpoint to Checkpoint.
• Adding security rules and pushing the security policies on Check Point.
• Hands on experience and good working knowledge with Check Point Firewall policy provisioning. Worked on VPN tunneling, adding rules, VPN domain and gateway.
• Monitor and troubleshoot issues related to Checkpoint Firewall (R75.40), F5 and A10 Load balancers, McAfee IDS.
• Backup and restore of Check Point and Cisco ASA Firewall policies. Security & Network Performance Monitoring like Net QoS and worked on Bluecoat proxy boxes.
• Implementing and troubleshooting firewall rules in Cisco ASA 5540, 5580
• Expertise in VPN configuration, routing, NAT, access-list, security contexts, and failover in ASA firewalls.
• Installed and configured Cisco ASA G Firewall at Database & App Server Layer
• Installed and configured Checkpoint Firewall in Internet Edge and Firepower Series using Cisco ASA.
• Firepower Series using Cisco ASA for additional vulnerability scanning.
• Licensing, Provisioning and installing of F5 devices, RMA of F5 and F5 software upgrade- version 11.5.1.
• Worked on F5 devices, health monitoring of servers and load balance solutions.

Confidential

Network Engineer

Responsibilities:

• Network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols, etc.)
• Switching related tasks included implementing VLANS, VTP and configuring ISL trunk on Fast Ethernet channel between switches.
• Used Cisco Identity service engine to provide secure and guest access.
• Maintained redundancy on Cisco 2600, 2800 and 3600 router with HSRP with VRF.
• Maintaining Network Integrity on LAN and WAN Networks.
• Settings of the networking devices (Cisco Router, switches) co-coordinating with the system/Network administrator during any major changes and implementation.
• Worked on QoS, Intelligent WAN and Riverbed devices.
• Experience working on Cisco routers 2800 and 2921 series routers and cisco switches and WAN technologies.
• Upgrading Cisco IOS and adding AAA authentication commands in various Cisco Routers and Switches using TFTPD. Experience working with IDS/IPS.
• Experience establishing and configuring Enterprise Active Directory including firewall settings, group policies, and user/device accounts.
• Responsible for day-to-day management of Cisco Devices, Traffic management and monitoring.
• Proficient in technical writing Used DHCP to define TCP/IP configurations from a central location.
• Troubleshooting all network devices like Routers and Switches across the enterprise.
• Handling Trouble Ticket management, Incident management. Direct Customer interaction that involves the processes like changes in the configuration as per their requirements.
• Experience with Advanced Persistent Threats (APT), phishing and social engineering, network access controllers (NAC), gateway anti-malware and enhanced authentication.
• Worked on hardening systems in compliance with various C&A requirements.
• Experience in administration of access control systems such as checkpoint firewall and VPNs.
• Experience in writing rules and troubleshooting Issues related to checkpoint firewall, and has worked on R75, R75.20, R75.40
• Responsible for Checkpoint firewall management and operations across global networks. Worked with Checkpoint Support for resolving escalated issues.
• Designed, built, and implemented Checkpoint R71 Firewall-1 VSX, with Provider-1 running on a Crossbeam X 45.
• Monitor and troubleshoot issues related to Checkpoint Firewall (R75.40), F5 and A10 Load balancers, McAfee IDS, and Secure 64.
• Worked with packet sniffer like Wire shark to trace data flow and troubleshoot network issues.
• Licensing, Provisioning and installing of F5 devices, RMA of F5 and F5 software upgrade.
• Worked on F5 devices, health monitoring of servers and load balance solutions.
• Expertise with failover and load balancing configuration of networking devices.

Confidential

Network Engineer

Responsibilities:

• Experience in Cisco/Juniper Networking, Security that includes Designing, Deployment and providing network support, installation and analysis for a broad range of LAN / WAN protocols.
• Hands On experience Cisco IOS, for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Voice/data circuits, routers/switches, and cellular technologies.
• Responsible to run different kind of Network test this includes MPLS, BGP, and SNMP.
• Configured Multiprotocol Label Switching (MPLS) VPN with Routing Information Protocol (RIP) on the customer’s Site.
• Experience on Trafficking of TCP/UDP through NAT and know the role of port preservation for TCP.
• Experience in VPN Tunneling.
• Upgraded IOS on various Cisco Routers like 3945 and 2921 as well as switches like 3750, 4500 and 6500.
• Upgrades and backups of Cisco router configuration files to a TFTP server.
• In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Subnetting, VLSM, TCP/IP, NAT, DHCP, DNS, Firewalls.
• Configured OSPF redistribution and authentication with type 3 LSA filtering to prevent LSA flooding.
• Experience establishing and configuring Enterprise Active Directory including firewall settings, group policies, and user/device accounts.
• Expertise implementing security protocols like IPSEC, DNSSEC, and 802.1 x.
• Co-ordinate with the Data Network and Security team and come up with possible solutions.
• Cisco Secure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN 3000 Concentrator.
• Knowledge on WPA encryption, WLAN, IEEE 802.11 standards and SSID setup.
• Responsible for day-to-day management of Cisco Devices, Traffic management and monitoring.
• Experience managing IDS or IPS networking technologies.
• Responsible for Manual testing, reporting defects and working closely with development in narrowing down issues.
• Provide support 24x7 on and as needed.