SUMMARY

• 8+ years of experience in the field of network engineering, managing & migration of large - scale enterprise network
• Extensive knowledge and Experience in configuring and deploying Next Generation Firewalls including Palo Alto, Cisco ASA and Checkpoint Firewalls.
• Strong working knowledge in complex configurations, troubleshooting network connectivity and Cisco IOS version integration issues.
• Hands on experience in configuring Cisco routers, switches, ASA Firewalls, Wireless Networks, VoIP Networks.
• Configure all Fortinet Networks Firewall models (100E, 200E, 600D, 900D, 1500D, 3980E, 5001E etc.) as well as a FortiManager to manage large scale firewall deployments and FortiAnalyzer to collect logs from all FortiGate firewalls.
• Experience in Network engineering including hands-on experience in providing network support, installation and analysis for a broad range of LAN /WAN/MAN communication systems.
• Well Experienced in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP, PAP, CHAP, and SNMP.
• Good experience on CISCO IOS, IOS XE and IOS XR, NXOS, Fortinet FortIOS.
• Collaborating with application owners, network team, DNS team, firewall team, to migrate application from legacy met NetScaler load balancer to new F5 BIG-IP local traffic manager.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST. Implementation of HSRP, VRRP for Default Gateway Redundancy.
• Experience with virtualized ISE deployment across two network enclaves.
• Experience with Enterprise Data Center: Cisco ACI, Virtualization, SDN. Software Defined Network (SDN) experience (Cisco ACI).
• Responsible for Check Point and CISCO ACI and Palo AltoNetworks Firewall models (PA-2k, PA-3kand PA-5 k) firewall administration across global networks.
• Experience working on Cisco ASR 9001&ASR 1006.
• Prepare HLD and LLD for the new integration in the network
• Knowledge & Experience on complex Cisco ASA & Palo Alto firewalls Environment
• Good experience on working with CISCO ACI
• Expert in Switching, routing, Network Security, Application Delivery, Wireless, VOIP, Virtualization and SDN.
• Experience with deploying Fabric Path using Nexus 7000 Devices.
• F5 BIG-IP application load balancing subject matter expert with concentration on layer 7 load balancing using I-Rule scripting in TCL.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Define system Landscape and Identify Gaps. Leverage Openstack/Openflow in a virtualized network.
• Hands on experience with load balancers (F5 & Cisco Content Switch), VPN (Cisco, Netscaler, RSA, Deo Security, Entrust & F5)
• Worked on F5 VIPRION, LTM and GTM systems
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
• Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.
• Experience working with Nexus 7K, 5K, 2K devices.
• Experience in testing Cisco routers and switches in laboratory and deploy them on site production.
• In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Sub-netting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 SONET POS OCX / Gig circuits, Firewalls.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.
• Hands on experience in configuring and supporting site-to-site and remote access Cisco, IPsec, VPN solutions using ASA/PIX firewalls, Cisco ACI and VPN client.
• Experience in Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions for ASA.
• Hands on experience in configuring Cisco Catalyst 2960, 3750, 4500, 6500 and Nexus 3000, 5000, 6000, 7000 series switches and Cisco 2600, 2800, 3600, 3800, 7200, 7600 series routers, load balancers and Cisco firewalls.
• Configuring BGP/OSPF routing policies and designs, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Expertise in creating groups and pruning traffic flow using VLAN, VTP, ISL, 802.11Q.
• Excellent in documentation and updating client's network documentation using VISIO.
• Implement a wireless network infrastructure providing access to wired LANs to increase mobility and productivity utilizing the following network elements: Cisco Wireless LAN Controller (WLC) 2106, a Cisco 3550 switch, a Cisco 1130AG series Access Point, and a Cisco 1121G series Access Point. Create wireless LANs and configure interface association, security parameters, and radios used. Utilize the Wireless LAN Controllers web GUI to configure and manage the wireless network. Configure internal DHCP scopes for WLANs.
• Extensive knowledge of deploying & troubleshooting L2/L3 TCP/IP, Multilayer Switching, IPsec, UDP, Ethernet, Voice & Data Integration & IP Routing Protocols RIP, EIGRP & OSPF
• Expertise in deployment of Routers, Switches, Hubs, Firewalls, IDS, load balancers, VPN Concentrators.
• Worked extensively on firewalls and VPN gateways Checkpoint, CISCO, Juniper, Fortigate GUI and Shell.
• Expertise in installing, configuring and troubleshooting of Cisco routers (7600, 7200, Nexus 7000, ASR 12000, 9000) and Cisco switches (Nexus 7000, 5000, Catalyst 6500, 6800).
• Profound working knowledge of administration and management of Palo Alto firewalls using centralized Panorama M-100 and M-500 devices.
• Expert level knowledge on configuring and troubleshooting IPSec VPN and SSL VPN tunnels for connectivity between site-site and remote location users by using IKE and PKI.
• Experience in maintaining network environment using network management tools such as SNMP, anti-virus, change management
• Experience in managing & migration of large scale enterprise network
• Excellent communication skills with the ability to interface at all levels. A team player who also can work well independently
• Experienced in load balancing with F5 LTM and GTM products and implementation of iRules and High availability of F5.
• Design, planning, coordination and implementation of high traffic enterprise/industrial Routing & Switching using Cisco/Juniper/ devices, cisco VoIP, Aruba wireless, Cisco ASA/Juniper SRX firewalls, Riverbed WAN optimization.
• Troubleshooting operational Incidents related to data center/campus/industrial switches & F5 BIG - IP LTM
• Strong Working experience and understanding of OSI and TCP/IP model
• Successful in resolving Routing, Switching and WAN connectivity escalation issues using various ticketing tools
• Experience in managing routers such as Juniper, Cisco, HP and load balancers such as F5, NetScaler etc.
• Expertise in configuring RIP, IGRP, EIGRP, OSPF, BGP and MPLS protocols.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Experience in Deploying and decommissioningCisco switches,Cisco MerakiProducts and their respective software upgrades.
• Expertise in designing, implementing and troubleshootingCisco3750, 3550, 3560, 2924, 6509 - V-E, 6513, 6504, 6503, 6506, 6500 series switchesandARISTA (7100, 7500) Seriesswitches.
• Manage implementation complex LB design server farms, firewalls, IDP & IPS devices using Cisco ACE
• Expertise in TCP/IP, Subnetting, Network Diagrams, Documentation and troubleshooting L2, L3 connectivity issues.
• Design and implement an SDWAN solution for a medium sized company maintaining 468 locations throughout the United States
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Experience as a Data Network & Security Engineer with expertise in design, development, implementation, troubleshooting and maintenance of Network & security environments with mixed vendors Routers, Switches Firewalls, Proxy, VPN's, IPsec, NAT, Load Balancer's, and Nexus Switches.
• Expertise in design, configuring, supporting and administrating Data Centers, Cisco routers, switches, Nexus switches, Load balancers (F5) and firewalls.
• Strong hands on experiences Cisco Routers 4300, 4400, 4500, 2900, 3800, Switches 3850, 4500, 9300, 9400, 9500, 6500, 6800 series.

TECHNICAL SKILLS

Firewall: Cisco ASA 5520,5540,5585

Routing Protocols: OSPF, EIGRP, BGP, ISIS, VRF, PBR, Cisco 2600, 3600, 3800, 7200, 7600, Meraki series MX series, Route Filtering, Redistribution, Summarization, Static Route

Switches: Cisco 2960, 3750, 4500, and 6500 and Nexus 2K/3K/5K/7K series, Meraki MS 250, Meraki MS 225

Network Security: Cisco ASA, ACL, IPSEC, SSL, Ixia Breaking Point, Fortigate Firewalls(30D,60D),ACL, checkpoint, Meraki firewall 2.5 version

Protocols: TCP/IP, IPSEC, IKE, SSL, SSH, UDP, DHCP, DNS.

Juniper Devices: Juniper EX Series 2200, 2300, 3300, 2400, 4200, 4300, 4550, 4600, 8200, 9200 QFX Series 5100, 5200, 10000, ACX Series ACX 500, 1000, 1100, 2100, 2200.

LAN: Ethernet, Fast Ethernet, Gigabit Ethernet

WAN: VPN, IPSEC-VPN, MPLS, ATM, Frame Relay

Redundancy protocol: HSRP, VRRP, GLBP, EBGP

Network Management Tools: Wireshark, Net flow Analyzer, SNMP, HP open view.

Load Balancers: F5 Networks (BIG-IP) LTM 5050

Operating Systems: Windows Vista, Windows 7/8, Linux

PROFESSIONAL EXPERIENCE

Confidential, Boston MA

Sr. Network Engineer

Responsibilities:

• Implemented, supported, and maintained 24x7 network services serving as one of the highest levels of escalation for network and security issues. Made ongoing recommendations of network policies and standards. Acted as lead network architect responsible for capacity planning and configuration assessments for our routers, switches, network appliances, host, and other communication devices.
• Working asNetworkSecurityEngineeronNetworkInfrastructure delivery team focused onnetworksecurityinfrastructure includingPaloAlto,Check Point and Cisco ASAfirewalls, LTMs, GTMs and Cloud infrastructure based on AWS.
• Configuring, Managing and Troubleshooting Static, default, RIP V1 and V2, EIGRP, OSPF and BGP.
• Configuring managing and troubleshooting Access-list Nat (Network address translator)
• Configuring managing and troubleshooting Zone Base Firewall and router & switch security, IPS/IDS
• Design and MaintainNetworksecuritypolicies and B2B VPN tunnels for IAM infrastructure over Checkpoint,PaloAltoand Cisco ASA infrastructure implemented across multiplesecuritycontrol domains.
• Design and Maintain multi domain, cross datacenter, globally load-balanced infrastructure with traffic management and optimization over F5 BigIP LTM and GTM.
• Created iRules on F5 BigIP LTMs for manipulating traffic, custom protocol profiles based on the need of application, custom monitors to for monitoring services on pool members. Created custom SSL profiles for SSL offload and managed certificates and keys on the device.
• Hands-on experience with Bluecoat Proxy Secure Web Gateways for content filtering, Data loss prevention and prevent Zero-Day exploits.
• Implement security measures to resolve data loss vulnerabilities, mitigate risk and recommend security changes or system components as needed.
• Managed multiple large scale projects in a fast paced environment and provide leadership to other members of the team. Quickly turned business problems into technical solutions. Manage configurations and the deployment of equipment in compliance with established technology policies. Recommend technical solutions that will enhance performance, increase redundancy, and add flexibility to the existing infrastructure. Troubleshot and report of network performance issues.
• Implemented the MPLS VPN Cable Services which uses a shared Hybrid Fiber Coaxial (HFC) networks and IP infrastructure in a shared multiple service operator (MSO) and the ISP which allows the MSOs to deliver added value services through an ISP.
• Proposed Virtualization technologies for the Wireless Router bit test using VMware- VDI
• Network design consolidation,virtualizationand automation of complex data center functions.
• Maintained system and network availability and monitoring of services.
• Designing, installing, configuring, and maintaining various Cisco switches
• Firewalls, Aruba Switches and Wireless APs.
• Directly responsible for helping architect and implement new solutions into the customer environment

Confidential, Houston TX

Sr. Network Engineer

Responsibilities:

• Integrating new locations with existing MPLSNetworkand enabling standard corporate application access.
• Designing and implementing LAN/WAN solutions across locations
• Managing the LAN/WAN devices across locations for day-to-day operations
• Managing location specificCISCO ASAFirewalls and also data center internet gateway firewalls. implementation and configuringF5Big-IP LTM and GTMloadbalancers
• Handling new application load balancing requirements through F5 LTM devices.
• Experience with design and implementation of Data center migration
• Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices.
• Configured CIDR IP RIP, PPP, BGP, MPLS and OSPF routing.
• Create Technical documents like HLD, LLD based on the business requirements.
• Experience with WLAN management (Apogee, Meraki, Aruba)
• Experience working with teams responsible for HLD, LLD & BoM
• Assisted in MPLS migrations, implemented a backup for the existing WAN connection using site-to-site IP sec VPN tunnels.
• Researched, designed and replaced aging Cisco ASA firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection
• Primary responsibility is to design and deploy various network security & High availability products like Cisco ACI Palo Alto and other security products
• Experience with WCS predictive maps and RF Engineering Planning.
• Currently working on migration to Cisco ACI and Nexus 9K, 7K, 6K, 5K switching in a fully fault-tolerant design model.
• Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
• Configuring routing protocols OSPF, EIGRP, RIP, MPBGP, LDP and BGPV4
• Configuring HSRP between VLANs, Configuring Ether-Channels, Port Channel on 6500 catalyst
• All applications utilizing theF5BIG-IP LTM, GTM, and ASM were responsibility when anF5solution was required or requested.
• Configured remote users to access corporate LAN with VPN connectivity
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Configured and maintained IPSEC and SSL VPN's on Palo Alto, Cisco ACI Firewalls.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
• Maintained complex LAN/WANnetworkswith several VLANS and provided support for routing protocols and also providing secure sessions over internet using IPSec and SSL encryption.
• Work with IT Security to design the SSL VPN through different network tunnels by leveragingF5ASM
• Worked extensively onCISCO ASA5500 (5510/5540) Series, experience with convert PIX rules over to theCISCO ASAsolution.
• Experience working with Palo Alto firewalls managed through Panorama management platform.
• Configure High Availability on Palo Alto firewalls.
• Supporting EIGRP and BGP based on thenetworkby resolving level 2 & 3 problems of internal teams & external customers of all locations
• Worked on migration of existing PIX firewall toASAfirewall, PIX OS upgrade from 6.3 to 7.0.
• Setup and configure network communication, partitions, Vlans onF5load-balancerand implemented into production environment.
• Design and Implement DMZ for FTP, Web and Mail Servers withCISCOPIX 506, PIX515
• Building the VPN tunnel and VPN encryption.
• Involved in Configuration of Access lists (ACL) onASAfirewall for the propernetworkrouting for the B2Bnetwork connectivity.
• To secure configurations of load balancing in F5, SSL/VPN connections.
• CiscoSecure Access Control Intergration (ACI) for Windows to authenticate users that connects to a VPN 3000 Concentrator.
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers usingCisco ASA 5500 Firewalls.

Confidential

Network Engineer

Responsibilities:

• Cisco configuration and maintenance, Fortinet FortiGate firewall Installation
• Provide on-site and remote troubleshooting and diagnosis of various computer and networking systems
• Performed single-pane-of-glass management, threat analytics and actionable reports to enforce policies, understand targeted threats and meet compliance on a FortiGate.
• Configured WAN connections with Meraki and FortiGate SD-WAN.
• Perform upgrades, branch configuration and maintenance, and repairs of system hardware and software