SUMMARY

• 8 years of experience in network design, implementation, and support. Routing, switching, firewall technologies, system design, implementation and troubleshooting of complex network systems.
• Extensive knowledge with VLAN’s, Trunking, RSTP, SNMP, Ether Channels, HSRP, Port Security, ACL’s, QoS, Traffic Policing, Shaping, EIGRP, OSPF, NAT, PAT, Inspections, VPN’s, DHCP, WireShark etc.
• Expertise in installing, configuring, and maintaining Cisco Switches (2900, 3500, 7600, 3700 series, 6500 series) Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800)
• Hands on experience in configuring Cisco 2800, 2900, 3800, 3900, 4300 and 7200 Series routers.
• Working Knowledge of Cisco IOS, Junos & basic Nexus (7K, 5K&2K).
• Extensive experience in configuring and troubleshooting of protocols EIGRP, OSPF, BGP and MPLS.
• Experience in testing Cisco routers and switches in laboratory and deploy them on site production.
• Strong hands - on experience on PIX (506, 515, 525, 535), ASA (5505/5510) Firewalls. Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
• Responsible for Check Point and Cisco ASA firewall administration across global networks.
• Hands of experience on AWS (Amazon Web Services).
• Expertise on complex Checkpoint, Cisco ASA & Palo Alto firewalls Environment.
• Has experience in working on cloudAWScloud EC2, S3, RDS, Load Balancer, Auto Scaling withAWScommand line interface andAWSpython SDK.
• Experience with convertCheckpointVPN rules over to theCiscoASAsolution. Migration with bothCheckpointandCiscoASAVPN experience.
• Experience in physical cabling, IP addressing and subnetting with VLSM, configuring and supporting TCP/IP, DNS, installing and configuring proxies.
• Expertise in configuring and troubleshooting of Palo Alto, Juniper NetScreen & SRX Firewalls and their implementation
• Expertise in installing, configuring and troubleshooting Juniper Routers (J, M and MX-series)
• Experience in site-to-site and remote access VPN solutions.
• Experience working with Nexus 9k, 7K, 5K and 2K.
• Experience on F5 load balancers, its methods, implementation and troubleshooting on LTMs and GTMs.
• Worked extensively on Palo Alto, Juniper Net screen and SRX Firewalls.
• Experience working with Cisco IOS-XR on the ASR9000 devices for MPLS deployments
• IOS/JUNOS upgrade for Cisco & Juniper routers cum switches.
• Experience with Change management process and Project documentation tools like Excel and VISIO.

TECHNICAL SKILLS

Protocols & Standards: WAN, WLAN,VRF, VDC, TCP/IP, NAT, PAT, MPLS, GETVPN, GDOI, DMVPN, IPv 4, IPv6, VPN,L2TP, IPsec / ISAKMP, IKE, VoIP, VSS, OSPF, OSPFv3, EIGRP, BGPv4, VANs, ACLs, Layer 3, Switching, HSRP, GLBP, AWS, LAN,VRRP, QoS, TACACS+, RADIUS, 80 2.1X, PKI, LDAP, POE

Cisco Platforms: Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series) Huawei AR Series Routers, Nexus7K, 5K, 2K & 1K

Juniper Platforms: M, J and MX Series Routers

Firewall: Cisco ASA/PIX/FWSM, Checkpoint (IP Series/NGX R65/IPSO), Palo Alto, Juniper NetScreen and Juniper SRX.

Load Balancers: F5 Networks (Big-IP/IQ)

Networking Protocols: OSPF, EIGRP, MULTICAST, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA Security

Protocols: IKE, IPSEC, SSL-VPN

Operating System: Windows 7/XP, Windows Server 2008/2003, Linux, Unix

PROFESSIONAL EXPERIENCE

Confidential

Network Security Engineer

Responsibilities:

• Work on Change Management for migration from Cisco ASA to Palo Alto
• Designed and implemented a secure instant messaging system in Python providing interface state changes on the devices to support team.
• Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
• Upgrading code onPaloaltofirewalls PA 5050 Version 9.0 to meet company security policy
• Involved in configuring Palo Alto PA 7020 firewall from the scratch
• Installed and configured Palo alto images in AWS cloud.
• Established BGP peering between onsite datacenter in California and AWS cloud.
• Configured and implemented routing protocols like BGP, OSPF and STATIC on Cisco 7200, 6500 Series routers and used WCCP for interactions between routers.
• Participated in planning and implementation of Cisco systems and SD- WAN solutions in direct support of targeted objectives.
• Worked on Meraki wireless, security and SD- WAN deployment and administration
• Worked on Python scripting for network configuration and management.
• Telnet into Cisco router to configure and update interface, and subnet TCP/IPv4.
• Configured and installed Bluecoat Proxy SGs to a newly designed network scheme, from an inline perspective to a WCCP load balanced network layout.
• Configured F5 GTM solutions, which includes Wide IP, Pool Load Balancing Methods, probers and monitors.
• Evaluated Cloud Environment for AWS and enhanced availability and function for Dev teams by implementing VPN connectivity, which improved security and access to cloud resources.
• Worked on AWS to Corporate connectivity and AWS EC2, Auto scaling, NAT Gateways
• Used Visio diagram to support the verification of switches and servers in the DMZ.
• Manage the firewall deployment, rules migrations, and firewall administration.
• Migrated network from EIGRP to OSPF.
• Used Cisco ACI fabric networks, including python automation. Worked on Great exposure to SDN
• Demonstrated experience with IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols.
• Management of proxies, firewalls and F5 load balancers.
• Configuring IRules on F5 Load balancers.
• Participated in planning and implementation of Cisco systems and SD- WAN solutions in direct support of targeted objectives.
• Meraki wireless, security and SD- WAN deployment and administration
• Used KIWI monitoring tool to troubleshoot network issues.
• Configure, update software, troubleshoot routing issues and maintain various enterprise network devices such as Cisco Nexus 9k's,7k', 6k's, 5k's and 2k's, Cisco Catalyst switches, Dell switches and Fortigate Firewalls.
• Worked on Next Gen Firewall features like Application and URL filtering, SSL Forward Proxy, SSL Decryption, Web-filter.
• Implemented VLAN, VTP domain, Trunking and Ether Channel on Cisco 5500 switches.
• Provided extensive Hardware/Software support for entire EX series/QFX/QFabric series of switching platforms
• Involved in deployment of Cisco ISE and Firepower as well as, created/modified necessary profiles that allowed authorized devices on the network.
• Configured and performed software upgrades on Cisco Wireless LAN Controllers 5508 for Wireless Network Access Control (NAC) integration with Cisco ISE.
• Build out and manage the Windows/VMware Virtual and Cloud Infrastructures and integrate them with Cisco ACI.
• Worked on multi-vendor load balancers including F5 Big IP LTM, Cisco ACE and VMware NSX between multiple centers.
• Focused on working with Cisco Channel partners to build practices around Cisco ACI.
• Implemented Cisco Application Centric Infrastructure ( Cisco ACI) as a solution for data centers using a Spine and Leaf architecture
• Deployed SDN networks such as Cisco Meraki SDN solution using MX and MS routers and switches technologies.
• Monitoring and Troubleshooting the Meraki AP and Meraki Switches through Meraki Port al, Checking the configuration through Solarwinds, checking device utilization through Vital suite, and updating the tickets on ticketing tool Remedy.
• Upgraded with Nexus 9k, 7k and 5k switches to deal with the vulnerability issues.
• Coordinated with cloud team for working with OpenShift platform in managing Docker containers and Kubernates Clusters.
• Performed all maintenance tasks on the Nexus Switches, ASR Routers, F5 Load balancers Infoblox DNS and Cisco ACI.
• Worked on F5 BIG-IP Application Security Manager (ASM) web application firewall ( WAF), deployed in more data centers enterprise WAF with advanced firewall capabilities.

Confidential, MiddleTown,NJ

Network Security Engineer

Responsibilities:

• Responsible in Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Configuring, testing, troubleshooting multiple vendor device platforms like Cisco routing and switching: Cisco ASR9010, ASR901, ASR903, Catalyst Cisco 7609, 2960, and Juniper routing and switching devices: MX960, MX 480 and SRX5200, ACX2200, ALU service aggregation router 7705 and 7750 service router.
• Manages Citrix NetScaler VPX load balancing, virtual servers, service groups, redirects, and URL filters.
• Administered Citrix NetScaler load balancers for Radius and web traffic.
• Install, Configure and Upgrade Palo Alto appliances in the network and build high availability using ClusterXL on Palo Alto, Active/Standby on Cisco.
• Troubleshooting complex LAN/WAN infrastructure that include routing protocols OSPF & BGP.
• Designed and implemented a secure instant messaging system in Python providing interface state changes on the devices to support team.
• Responsible for installation, troubleshooting of Palo Alto Network Firewall wall and LAN/WAN protocols Implementing firewall rules and configuring Palo Alto Network Firewall
• Worked on Multi-vendor platform with Palo Alto and Cisco firewalls requesting net flow for security compliance, coding, and pushing firewall rules after approval and troubleshoot incidents.
• Implemented Contracts, Multi-tenants between Endpoint groups using SDWAN in ACI.
• Security policy review and configuration in Palo Alto and Juniper SRX Firewall in Datacenter.
• Troubleshooting of CISCO routers like ping, trace route and basic issues.
• Configured Splunk onAWSVPC that collects and indexes log messages, analyses them to deliver real time operational intelligence anywhere across the organization
• Ensuring connectivity and communication among networks, servers and clients inside and outside department.
• Implementation, Configuration and Support of Checkpoint (NGX R65, R70, R71, R75 and R77), Juniper Firewalls (SRX5400, SRX5600and SRX5800), Cisco Firewalls (ASA 5505, 5506-X, 5585), Palo AltoNetworks Firewall models (PA-2k, PA-3kand PA-5 k).
• Experience in creating multiple policies and pushing them into Checkpoint Firewall (Gateways) and hands-on experience in managing the Checkpoint Management Server and Gaia operating system
• Coordinated with cloud team to work with building Kubernates run time environment of the CI/CD system to build, test and deploy in an open source platform.
• Upgraded and updated Cisco IOS and SD- WAN device OS.
• Worked on Next Gen Firewall features like Application and URL filtering, SSL Forward Proxy, SSL Decryption, Web-filter, SD- WAN in Palo Alto firewalls.
• This global role helped expand my expertise into other areas such as Cisco UCS, Cisco ASA, and VMware NSX.
• Migration from Checkpoint firewall to Palo Alto firewall
• Automated network implementations and tasks and designed monitoring tools using Python scripting.
• Designed, Installed and configuredArubaWirelessnetworkin an HA environment using AGN 125 accesspoints with 802.1X authentication.
• Responsible for distributed applications across hybrid AWS and physical data centers.
• Configuredmulticastgroups and QoS.
• Dealt with Infoblox traffic control products to simplify DNS load balancing operations.
• Experience in performing wireless site surveys using Airmagnet software.
• Upgraded multiple Meraki Firewalls, Switches and Access points to their latest stable version.
• Implemented site to site VPN in Juniper SRX as per customer.
• Configuring & managing around 500+ Network &Security Devices that includes Cisco Routers & Switches, Nexus Switches, Juniper and Palo Alto Firewalls, F5 Big IP Load balancers, Blue Coat Proxies and Riverbed WAN Optimizers.
• Implementing Security Solutions using PaloAltoPA-5000/3000, Cisco 5580/5540/5520 , Checkpoint firewalls R70, R75, R77.20Gaia and Provider-1/MDM.
• Configuration and administration of firewalls, which includes Checkpoint firewalls.
• Operations and management of company LAN, WAN, and wireless networks, including routers, switches, Access Points, Firewalls and other network i.e. Riverbed, Bluecoat, F5 LTM/GTM.
• CManaged firewall using fortigate to allow or block IPs, created policies added different interfaces and VLANs.

Confidential, Dallas, TX

Network Engineer

Responsibilities:

• Experienced in Integration, configuration and maintenance of Cisco Router, Catalyst Switches and Firewalls.
• Configuring OSPF and Static routing on Juniper M and MX series Routers.
• Datacenter upgraded from C6500s to Nexus 7k/5k/2k, double-VPC between distribution and access, single-VPC to servers
• Responsible for all routing, switching, VPN, network security, and server load balancing.
• Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Carried out Route-redistribution between different routing protocols like OSPF, BGP, and EIGRP for increased efficiency.
• Monitored regular tasks like traffic, applications, routers, switches, firewall, attacks, protocols, QoS and other reports and activities onNetflowAnalyzer.
• Very good Experience in using and maintaining various network monitoring tools like Solarwinds, Fluke, Splunk.
• Researched, designed and replaced Checkpoint firewall architecture with new next generation Palo Alto PA3000 and PA5000 appliances serving as firewalls and URL and application inspection.
• Configuring various advanced features (Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital Certificates, executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
• Implemented Python scripts for pre and post checks and in configuring the devices involved in the events.
• Configure and maintain VPC and VXLAN infrastructure design including structured
• Configured Juniper MX480s, EX8200s, EX4500s, EX4200s, from scratch to match design.
• Responsible in troubleshooting on Cisco ISE added new devices on network-based policies on ISE.
• Provided technical support for full setup, debugged the problems of OSPF, switching and HSRP.
• Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls for stable VPNs.
• Monitored and troubleshoot WLAN, LAN infrastructure.
• Configured Object Grouping, Protocol Handling and Code up gradation on ASA Firewalls.
• Implementation and maintained intrusion detection/ prevention (IDS/IPS) system to protect enterprise network and sensitive corporate data. For Fine-tuning of TCP and UDP enabled IDS/IPS signatures in Firewall.
• Troubleshooting Firewall Connectivity related issues using Smart view tracker on Checkpoint, NSM Log viewer for Juniper Firewalls.
• Made a Couple of Cleanup Configurations on the Cisco ASR.
• Implemented, reviewed and approved the MOP's of every task created.
• Created a L2L tunnel for the Billing Access between Cisco ASA's.
• Worked with different vendors and implement Site-to-Site VPNs over the Internet.
• Negotiate VPN tunnels using IPSec encryption standards and also configured and implemented site-to-site VPN, Remote VPN.
• Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for stateful replication of traffic between active and standby member.
• Installed and configured a variety of Cisco devices like Cisco Routers (1841, 1900, 2600, 2800, 3800, ASRs and more), Cisco switches (3560, 3750, 4507 catalysts, 6500 catalyst Switch and more) and Nexus 7000 series, Nexus 5000 series, Nexus 2K Fabric Extenders and F5 appliances.
• Creating object, groups, updating access-lists on Check Point Firewall, apply static, hide NAT using smart dashboard.
• Installed and configured high availability Big IP F5 LTM and GTM load balancers like 6600, 6800 to provide uninterrupted service to customer applications and monitoring the availability.