SUMMARY

• Certified network engineer with Eight years of experience in network administration includes expertise in the areas of Routing, Switching, Firewalls, Load balancers, VPN’s, SDN, SDWAN.
• Experienced in installing, configuring, troubleshooting, managing and supporting production platforms such as Nexus Data Center switches, ASR/ISR routers, ASA Firepower, Checkpoint, Palo alto, Juniper and Load balancers.
• In - depth expertise in the analysis, implementation, troubleshooting & documentation of LAN/WAN architecture and good experience on IP services. Experience in working with public sector agencies and familiar with the security and compliance standards followed by the public.
• Responsible for ensuring end users are able to access applications through remote access
• Responsible for installation and troubleshooting of VPN connectivity, firewalls Cisco ASA, Imperva Web App Firewalls (WAF), Checkpoint firewalls and Juniper firewalls
• Experienced in working on Virtual Private Network (VPN) for operating Network and Data Center
• Hands on experience in installing, troubleshooting, configuring:
• Cisco Nexus 9K, 7K, 5K & 2K Switches and APIC-EM SDN
• Cisco Edge ASR 9000, 1000, Branch ISR4000 Series Routers
• Cisco Catalyst 6500, 4948, 3560, 4500 series switches
• Expert level knowledge of troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as EIGRP, OSPF, BGP ability
• Expert Level Knowledge about TCP/IP and OSI models
• In-depth knowledge and hands-on experience on IP Addressing, Sub netting, VLSM and ARP, reverse & proxy ARP, Ping Concepts
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MST
• Implementation traffic filters on Cisco routes using Standard, extended Access list
• Experienced in leading team and working in a cross functional environment

TECHNICAL SKILLS

Networking Technologies: LAN/WAN Architecture, TCP/IP, Frame Relay, VPN, VLAN, VTP, NAT, PAT, STP, RSTP, PVST, MSTP

Networking Hardware: Cisco Switches, Cisco Routers, ASA firewalls

Routing Protocols: OSPF, IGRP, EIGRP, RIP, MPLS, IS-IS, BGP, Multicasting

Security Technologies: PAP, CHAP, Cisco PIX, Blue Coat

Network Monitoring: Cisco Works 2000, Wire Shark, HRPing

Operating Systems: Windows, LINUX, Unix, Unbuntu, Centos, Cisco IOS, IOS XR, IOS XE, Nexus OS

Routers: 3945E-SEC/K9, ISR4451-X/K9

Switches: CISCO 2900, 3500, 4948E/E-F, 4500, 6500, Nexus 7k, 5k, 2k

Programming Languages: Python, Ansible

Firewalls: ASA (5520/5550/5580 ), Firepower, Checkpoint, Palo Alto, Juniper, WAF

AAA Architecture: TACACS+, RADIUS, Cisco ACS

Features & Services: IOS and Features, HSRP, GLBP, IPAM IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP and FTP Management

PROFESSIONAL EXPERIENCE

Confidential

Senior Network Engineer

Responsibilities:

• Responsible for Crossroads rollout LAN/WAN problem determination and diagnosis, provide project leadership (onsite, offsite). Working with local IT personnel on troubleshooting, problem determination, diagnosis of performance issues, bandwidth issues, throughput traffic prioritization to improve overall application response time across WAN.
• Responsible for executing planned network infrastructure installations and configurations associated with the relocation of the network platforms into a new building
• Responsible for directing service managers, DC managers, and telecom technicians on the to ensure end users can access applications through remote access
• Responsible for URL filtering rules migration from ZScaler Cloud Proxy Servers to PANDB URL filtering profile rules
• Performed regular upgrade and maintenance of Infrastructure by installing, configuring, and maintaining Cisco Switches (2900, 3500, 7600, 3700 series, 6500 series) Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800), Juniper Routers and Firewalls and other devices
• Created SSL Certificate Private Key Infrastructure (PKI) in the SSL Certificate and KEY management and rollover process using Cisco ASA Firewall
• Responsible for installation and troubleshooting of firewalls Cisco ASA, Imperva Web App Firewalls and Palo alto firewalls
• Utilized MS Visio to design each network change update showing old to new devices, uplinks, firewalls, management connections, OOB etc
• Deployed, configured and implemented Imperva Secure Sphere WAF and DAM, Web Inspect, Appscan, OWASP for Web-based application vulnerability analysis and code review process
• Performed IMPERVA support WAF Management Servers (MX) configuration exports/imports ensuring seamless upgrades
• Designed a migration plan to migrate L2 and L3 connections from Nexus 7010 single sided vPC to Nexus 9508 dual sided vPC enabling peer gateway routing with zero downtime
• Experience in Managing, deploying and operation of f5 Load balancer platforms
• Completed Nexus upgrade Project, Moving from 7.0.3 Version to 9.2.3 with EPLD
• Configured various Routing protocols such as OSPF, EIGRP, static routing.
• Experience working on Aruba wireless controllers. Configuring, Debugging and Testing of AP (802.11n/ac) andWLAN stations.
• Worked on Cisco SDN ACI/APIC for data center and cisco APIC-EM Campus and Branch Offices, deployed three-server cluster, configured and provisioned policies for endpoint groups and application network profiles, Hands-on with ACI Fabric, APIC and EPG’s, Implemented VXLAN technology
• Worked on NFV with SDN Controller based Architectures
• Worked with F5, CISCO ACE 4710 Load balancers, GSS and Wireless networks.
• Experience working with Cisco ASA 5525 firewalls with current and demonstrated expertise with ACL security in a multi-VLAN environment, worked with Firewall DMZ zones and configuring them.
• Expertise with Infloblox for secure DNS, DHCP and IPAM
• Worked independently, meted deadlines, Proactive monitoring, provided detailed written status reports, documentation, work on multiple simultaneous projects and track status and progress on each.

Confidential

Data Center Security Engineer

Responsibilities:

• Migrated Palo Alto firewalls from Cisco ASA 5585 Multiple-Context based firewalls and Juniper SRX 3600/5400/5800 & NetScreen 5400. PANDB migration and code upgrades for Palo Alto Firewalls
• Responsible for installation and troubleshooting of firewalls Cisco ASA, Imperva Web App Firewalls and Palo alto firewalls
• Installed and monitored application traffic using network protocol monitoring tools such as NTOP or wireshark to analyze network usage and bandwidth and run diagnostic programs to resolve problems
• Upgraded 5K, 9Ks to latest approved NXOS and rebuilding DMZs, Legacy 4948/2248/55 xx to nexus 9508/9336/93240/93108 and 3945E-SEC/K9 to ISR4451-X/K9. Coordinated efforts with Engineer’s to ensure all network devices conformed to defined network standards
• Designed and planned aspects of the network infrastructure that installed in the new building.
• Responsible for installation and troubleshooting of Azure VPN connectivity, firewalls Cisco ASA, Imperva Web App Firewalls (WAF), Checkpoint firewalls and Juniper firewalls
• Supported ZScaler network access from multiple sites
• Worked with F5, CISCO ACE 4710 Load balancers, GSS and Wireless networks
• Also worked with Extreme networks wireless devices like Access points AP3705, AP3610.
• Experienced working with Nexus OS, IOS, CATOS and Nexus 7K, 5K & 2K Switches
• Have experience and worked with configuring session persistence and web services.
• Deployed Juniper switches EX4500 and EX4200, routers M7i and M10i and Junos OS
• Worked and performed troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as EIGRP, OSPF, BGP
• Worked with Security- Firewalls, NAT/PAT, IPSEC, S2S
• Documented network configuration for all new equipment and creating equipment configuration backups and monitoring to work with existing network systems

Confidential

Network Engineer

Responsibilities:

• Plan, design, implement new cisco network infrastructure for voice and data services from scratch on every single site part of multiple government agency across Orange County, evaluating and interacting with third party power, cable and circuit vendors to meet client requirements according to the migration project.
• Troubleshoot/Implement WAN Connectivity in an enterprise MPLS environment: PE / P / CE Routers.
• Worked on MPLS to improvequality of service (QoS) by defining LSPs that can meet specificservice level agreements (SLAs) on trafficlatency, jitter, packet loss anddowntime .
• Update the IOS, VLAN changes, Port configurations, Test Fiber connections, Install UPS’s, Update all databases (CMDB), work trouble tickets.
• Configured RSTP, MST and used VTP with 802.1q trunk encapsulation. Provided port binding and port security wherever required. Provided router redundancy through HSRP.
• Experience with configuring OTV between the data centers as a layer 2 extension.
• Worked with InfoBlox (a DNS, DHCP, IPAM appliance) updating DNS & DHCP configurations within multiple network views through InfoBlox and MS DNS/DHCP consoles.
• Worked with voice team for transformation of sites and providedNetworkcut-over fromATOSData Center.
• Handled SRST and implemented and configured the Gateways, Voice Gateways.
• Troubleshoot/Maintained/Implemented Routing in an MP-BGP enterprise environment.
• Perform troubleshooting and monitoring of incidents queues and executing network changes as required.
• Analysis of current system configuration and use to provide recommendations for future project planning, improved efficiency, and capacity planning.
• Opening and Managing Cisco TAC Cases.
• Participate on the On-call network support schedule.