We provide IT Staff Augmentation Services!

Network Infrastructure & Security Operations Engineer Resume

Dallas, TX

SUMMARY

  • Network, Systems and Security Engineer with a proven track record in performance monitoring, reliability, enhancement, and security management. I bring exceptional problem - solving skills with the ability to quickly identify issues and implement solutions. Along with master’s degree in computer science, I am a Cisco and Paloalto Certified Network Professional.
  • Around 9+ years of Network design, deployment Engineer and operations of Cisco Network & Security Professional with experience in Designing and troubleshooting LAN, WAN, MPLS in Branch, Campus and Data Center environments.
  • Practical experience in the IT field as a network engineer, with proficient hands-on experience in the areas of Wi-Fi portfolio, Routing, Switching and Troubleshooting.
  • Routing, switching, firewall technologies, system design, implementation and troubleshooting of complex network systems.
  • Experience working with Nexus 7K, 5K and 2K.
  • Experience in site-to-site and remote access VPN solutions.
  • Configured Cisco Catalyst 6500, 4500, 3850, 3750, 2960 switches and Cisco 3600, 7200& ASR 1K & 9k, Nokia/ALU 7750 Routers for an enterprise network.
  • Worked on Juniper Net Screen Firewalls like, NS50, SSG 550M, SSG520M, ISG 1000, and ISG 200
  • Knowledge of implementing and troubleshooting complex L2/L3 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP, MPLS and MST.
  • Implementation of Juniper Firewall, SSG Series, Net screen Series ISG 1000, SRX Series.
  • In-depth knowledge and experience in WAN technologies including OC3, E3/T3, E1/T1, Point to Point, MPLS and Frame Relay.
  • Experience in Configuring and implementing VLAN, VTP domains, LAN switching and STP/RSTP
  • Experience in QOS on multicast VPN.
  • Experience in Cisco: Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay & MPLS), Routing protocol configurations (RIP, EIGRP, OSPF, and BGP).
  • Proficiency in configuration of VLAN setup on various CISCO Routers and Switches.
  • Defining and implementing access rules in PAN, NSX
  • Hands-on configuration and experience in setting up Cisco routers to perform functions at the Access, Distribution, and Core layers.
  • Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MST.
  • Extensive hand on experience with complex routed LAN networks, CISCO Routers and Switches.
  • Experience working in Cloud infrastructure with VMware ESXi Server platforms for application servers. Network Configuration for server apps and app migrations support.
  • Experience with Change management process and Project documentation tools like Excel and VISIO.
  • Extensive experience in configuring and troubleshooting of protocols RIP v1/v2, EIGRP, OSPF, BGP and MPLS.
  • Well experienced in configuring HSRP, GLBP, ICMP, PPP, PAP, CHAP and SNMP.
  • Excellent communication skills, enthusiastic, motivated and a team player.
  • Experience in installing and configuring DNS, DHCP server.
  • Proficient in Python for Networking and Server Automation.

TECHNICAL SKILLS

Routers: Cisco ASR 1000 Series, Cisco ISR 4000 Series. Arista 7280R Series HP Aruba 5400R Switch Series Data Sheet

Switches: Cisco Catalyst 9000 Series, Cisco Nexus 9000 Series. Arista 7160 series

Firewalls: Paloalto Firewalls PA-220, PA-800, PA-3260, PA-5260, PA-7050 Cisco ASA 5508-X with FirePOWER Services, Firepower 4100 Series

Paloalto Networks Products: Firewalls, Panorama M-200, M-600, Global Protect, Prisma Access, Cortex Datalake, Cortex XDR, Zingbox

SD-WAN: Paloalto Networks, Cloud Genix ION3k/7k

Load Balancer: F5 Networks, AVI Networks

Routing: OSPF, EIGRP, BGP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static Routing.

Switching: VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switching, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging.

AAA Architecture: TACACS+, RADIUS, Cisco ACS, ISE, Aruba Clear Pass

Security / Firewalls: Cisco ASA Firewalls 55XX, IPSEC & SSL VPNs, IPS/IDS, DMZ Cisco NAC, ACL

Wireless: Cisco 5500 Series WLC, Aruba 7200 Series Mobility Controllers

Cloud Platforms: Google Cloud Platform, Amazon Web Services

Logging Reports: Splunk and Devo.

PROFESSIONAL EXPERIENCE

Confidential, Dallas, TX

Network Infrastructure & Security Operations Engineer

Responsibilities:

  • As a part of Network operations team, I was responsible for handling client’s Global network infrastructure with multiple platform products. Providing network security consulting, new implementation/planning and designing of network security solution; auditing and performance improvement plans and security network transformation.
  • Hands on experience with Paloalto Firewalls PA-220, PA-800, PA-3260, PA-5260, PA-7050
  • Designed and Implemented the security policies on firewall as per the needs of internal customers and Infosec
  • Implemented firewall change in the context of incident resolution, problem management, service requests, and project completion
  • Responsible for analyzing and remediating the high-risk applications on all the firewalls around the PANW Network
  • Implemented the MFA authentication policies and Host information Profile policies on Global Egress Rules to Restrict and Harden the policies for internal Engineering resources and restricting internal developers accessing the resources with a user profile through highly secured gateways
  • Analyzed Paloalto firewalls and Splunk/Devo logs to perform rule usage analysis and identify unused rules, for rule cleanup and hardening the firewall policies
  • Analyzed high risk applications in the security policies using Splunk and devo and remediated the threats and vulnerability by hardening the firewall policies and providing a secure design to allow traffic
  • Designed and implemented the security policies for the Business apps migration to GCP cloud
  • Analyze, design and implement the security policies allowing the internal servers traffic to unitrust
  • Create new URL category.
  • Configured security group profile threat and antivirus for the firewall policies.
  • To create new objects for Application, Service etc.
  • To create new Policy like Security rule, NAT rule, QOS, PBF, URL Whitelisting
  • Threat, vulnerably and spyware monitoring and remediation
  • Implemented the Security policies using python script Jenkins and Git pull request with the help of playbooks
  • Worked on Whitelisting Vendor Public IP’s
  • As a part of Infosec audit project worked on configuring all the firewalls to send threat, traffic and system logs to our syslog server devo and make it in compliance.
  • Configured all the firewalls to send logs to our cloud based Paloalto syslog server Cortex data lake
  • Experience using Cortex XDR for malware end endpoint Protection.
  • Experience with application security code review practices, methods, and guidelines such as OWASP Top Ten.
  • Responsible to work on all Network and Security Operations related Incidents and Service Request on day to day as part of Operations team providing 24/7 support to internal customers around the Globe.
  • Responsible for maintaining and managing the SD-WAN Cloud Genix platform ION3K/7k,
  • Troubleshooting and analyzing the traffic and policies on the cloud Genix environment
  • Identified bugs related to the software versions on Firewalls and Panorama and worked with PAN-W TAC and Engineering teams to remediate it.
  • Provided support on the Client VPN Prisma Access and legacy Global Protect on Prem. VPN Issues
  • Responsible for implementing new policies in the Google cloud Platform firewalls and AWS Firewall
  • Responsible to whitelist the IP’s on GCP native firewalls
  • Responsible for providing support for network core and LAN infrastructure platforms, systems, and tools and providing documentation and guidance to tier 1 and tier 2 support teams
  • Developing REST APIs using Python and JSON scripting languages and automation for the network services based on “Application Centric Infrastructure”
  • Deployment of new technologies which includes the Spine-Leaf Architecture (Cisco ACI), Endpoint Groups, Switch Profiles, Interface Profiles and Fabric Wide Configurations for stabilizing the Network Infrastructure
  • Design, plan & configure complex routing environments, both EGP (BGP) & IGP (OSPF, EIGRP, etc).
  • Data center networking using virtualized Nexus switches, ASR Routers and ASA Firewall so LAN/WAN using unified 3900 series routers and enterprise 4500/3800/2600 switching solutions, OSPF, BGP, MPLS, EIGRP, OTV, FCOE, LACP, LAG

Environment: PANW PA-5200,PA-7000, Arista7500R3/7020R/7500, Cisco 3560/2950/2924/6509/6513/5500 switches, Cisco 1800/2800/2500/2600/ /3800/3900/7204/7606 routers, VPN, BGP, OSPF, RIP, EIGRP, F5 BIG-IP, LTM, GTM, Nexus Switches 5K/7K, VLAN, VTP, Checkpoint, Cisco ASA, Arista 7500R3, 7020R, 7500

Confidential

Systems & Design Engineer

Responsibilities:

  • Configured and deployment of routing protocols OSPF, EIGRP & BGP over Cisco Routers in Production environment (ACI).
  • Performance and throughput testing on New IOS releases Cisco ISRs, ASRs, Catalyst 6K and Nexus platforms for any new caveats.
  • Performing Testing/Configurations on MP-BGP, VPN’s, NX-OS VDC, FEX’s, MVR, and NAT
  • Sound understanding of OpenFlow, OpenStack, Virtualization and Application Centric Infrastructure
  • Hands on experience with at least one SDN controller architecture (ex. POX, Open Daylight, Cisco APIC).
  • Performed LAN operations and troubleshooting which involves working on VLANs, inter-VLAN routing, Trunking, STP, RSTP, port aggregation & link negotiation.
  • Implemented redundancy with HSRP, Ether channel technology (LACP, PAgP) etc.
  • Worked on Cisco Firewall ASA 5500(5510/5540) Series. Performed Security operations in terms of pushing new policies and deploying new rules. Performing security troubleshooting in terms of checking ACLs and ACEs and traffic flow analysis using packet capture features.
  • Worked with enterprise level Wi-Fi configuration, troubleshooting, IP routing, network design, architecture and protocols and topologies
  • Troubleshooting issues related to Layer 1/2/3 skills like switching / routing, WAN /Hardware and critical network links by coordinating with the vendor.
  • Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate Authority for purpose of scaling.

Environment: Cisco 3560/2950/2924/6509/6513/5500 switches,Cisco 1800/2800/2500/2600/2800 , 3600/3800/3900/7204/7606 routers, VPN, BGP, OSPF, RIP, EIGRP, F5 BIG-IP, LTM, GTM, Nexus Switches 5K/7K, VLAN, VTP, Checkpoint, Cisco ASA

Confidential, WA

Network Engineer (Data Center)

Responsibilities:

  • Configured and deployment of routing protocols OSPF, EIGRP & BGP over Cisco Routers in Production environment (ACI).
  • Performance and throughput testing on New IOS releases Cisco ISRs, ASRs, Catalyst 6K and Nexus platforms for any new caveats.
  • Performing Testing/Configurations on MP-BGP, VPN’s, NX-OS VDC, FEX’s, MVR, and NAT
  • Sound understanding of OpenFlow, OpenStack, Virtualization and Application Centric Infrastructure
  • Performance and throughput testing on New IOS releases Cisco ISRs, ASRs, Catalyst 6K and Nexus platforms for any new caveats.
  • Work with Cisco Development Team on the software bug fixes, and verify the fix in lab environment.
  • Experienced working knowledge with 1800, 2800, 2500, 2600, 2800, 3600, 3800, 3900, 7204, 7606 series Routers.
  • Worked on Cisco 6509, 6513 and 4510 switches for LAN requirements that include managing VLANs, Port Security and troubleshooting LAN issues.
  • Perform analysis and diagnosis of highly complex networking problems
  • Act as a technical expert with other team members, as well as with other worldwide teams
  • Build simulated networks to resolve problems and compatibility issues, and perform an analysis of network designs
  • Good hands on experience in configuring and troubleshooting IOS-XR software.
  • Provide improvement opportunities and recommendations in products and IOS
  • Keep up-to-date with the latest technology products, to provide high-quality support in current and future services
  • Sets strategic and technical direction for Advanced Services best practices and functional roles
  • Acts as the technical specialist for the most complex deployments and provide highest level crisis management
  • Experienced with ASR 1000 series routers 1002, 1004 and troubleshooting the issues as per customer requirements.
  • Collaborating proactively with other NCEs to ensure optimal use of resources to meet customer needs
  • Performed LAN operations and troubleshooting which involves working on VLANs, inter-VLAN routing, Trunking, STP, RSTP, port aggregation & link negotiation.
  • Implemented redundancy with HSRP, Ether channel technology (LACP, PAgP) etc.
  • Worked on Cisco Firewall ASA 5500(5510/5540) Series. Performed Security operations in terms of pushing new policies and deploying new rules. Performing security troubleshooting in terms of checking ACLs and ACEs and traffic flow analysis using packet capture features.
  • Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate Authority for purpose of scaling.
  • Troubleshoot the Network Issues onsite and remotely depending on the severity of the issues.
  • Design, implementation and operational support of routing/switching protocols in complex environments including BGP, OSPF, EIGRP, Spanning Tree, 802.1q, etc.

Environment: Cisco 3560/2950/2924/6509/6513/5500 switches, Cisco 1800/2800/2500/2600/ /3800/3900/7204/7606 routers, VPN, BGP, OSPF, RIP, EIGRP, F5 BIG-IP, LTM, GTM, Nexus Switches 5K/7K, VLAN, VTP, Checkpoint, Cisco ASA

Confidential, CA

Network Specialist Infrastructure & Operations

Responsibilities:

  • Configuring, Maintaining the Routers and Switches and Implementation of RIP, EIGRP, OSPF, BGP routing protocols and troubleshooting Remote infrastructure management of offices in different locations nationwide.
  • Installing, Configuring and troubleshooting Cisco Routers (ASR1002X, 1006, 3945, 3845, 2800, 3600, 9001) and Switches to perform functions at the Access, Distribution, and Core layers.
  • Troubleshooting and escalation management of day-to-day issues for offices. Managing Co-location and Datacenter infrastructure in North America.
  • Identify and resolve problems on high end Switches, Routers (Cisco & Juniper), FWSM, ASA & Checkpoint firewalls
  • New build support for the build activities in data centers LAN/WAN
  • Administration, troubleshooting & new implementations on Cisco 6500 series switches, Nexus switches, Cisco Routers, Juniper devices, checkpoint & ASA firewalls.
  • Implementation & trouble shooting of complex wan, LAN, VLANS, private VLANS, high availability solutions like HSRP, ether channels, site to site VPN, access control lists, NAT, PAT, routing solutions etc.
  • Managing Security, tier 3 support.
  • Creation of fire wall policies as per the requirements on Checkpoint, ASA, FWSM, and Juniper firewalls.
  • Managing Cisco Layer 2, Layer 3 switches & Routers on the network.
  • Resolving routing and switching related real time performance issues
  • Implementation & trouble shooting of VLANS, high availability solutions like HSRP, ether channels, SSL VPNS, access control lists, NAT, PAT, routing solutions etc.
  • Configuration & Management of VLANs, 802.1q trunks, VTP, Security policies
  • Installation and configuration of new devices on LAN
  • Configured various Routing protocols such as RIP, OSPF, EIGRP, static routing.
  • Maintaining Core Switches, creating VLANs and configuring VTP.
  • Optimized performance of the WANnetworkconsisting of Cisco 3550/4500/6500 switches by configuring VLANs.
  • Performed redistribution with OSPF, EIGRP, RIP version 1 and 2 to enable communication with backbone.
  • Troubleshooting of Cisco 2900, 3900, 6500, 7500, 7200 Series routers.
  • Configured static NAT, dynamic NAT, dynamic NAT overloading.
  • Involved in F5 BIG IP LTM administration, familiar with enterprise level traffic managers like 6800, 3600, 1600,3400 series
  • Involved in updating the VIP’s for pools and pool members, updating iRules for the URL created in the new DNS entry
  • Performing network monitoring, providing analysis using various tools like WireShark, Solarwinds etc.
  • Implementation and configuration of F5 Big-IP LTM-6400 load balancers

Environment: Cisco 3550/4500/6500 switches, Cisco 2900/3900/6500/7500/7200 routers, F5 Load Balancer, ASA, VOIP, IP Phone, OSPF, BGP, RIP, EIGRP, LAN, WAN, CISCO IOS.

Confidential, Middletown, NJ

Networking Support Engineer

Responsibilities:

  • Identify and resolve problems on high end Switches, Routers (Cisco & Juniper), FWSM, ASA & Checkpoint firewalls
  • New build support for the build activities in data centers LAN/WAN
  • Administration, troubleshooting & new implementations on Cisco 6500 series switches, Nexus switches, Cisco Routers, Juniper devices, checkpoint & ASA firewalls.
  • Administration of network devices holding more than 5000 servers of Windows, UNIX &Linux platforms (physical & virtual servers).
  • Trouble shooting incidents of different levels of severity by working with the OS, Customer and application teams.
  • Implementation & trouble shooting of complex wan, LAN, VLANS, private VLANS, high availability solutions like HSRP, ether channels, site to site VPN, access control lists, NAT, PAT, routing solutions etc.
  • Plan and implement complex network changes as per ITIL specifications.
  • Managing Security, tier 3 support.
  • Creation of fire wall policies as per the requirements on Checkpoint, ASA, FWSM, and Juniper firewalls.
  • Managing Cisco Layer 2, Layer 3 switches & Routers on the network.
  • Resolving routing and switching related real time performance issues
  • Implementation & trouble shooting of VLANS, high availability solutions like HSRP, ether channels, SSL VPNS, access control lists, NAT, PAT, routing solutions etc.
  • Configuration & Management of VLANs, 802.1q trunks, VTP, Security policies
  • Installation and configuration of new devices on LAN

Environment: Net Flow, TACACS, EIGRP, RIP, OSPF, BGP, VPN, MPLS, CSM, SUP720, Ether Channels, Cisco 7200/3845/3600/2800 routers, Fluke and Sniffer, Cisco 6509/ 3750/3550/3500/2950 switches, Checkpoint firewalls(SPLAT).

Confidential

Network Engineer

Responsibilities:

  • Installation and configuration of new devices on LAN
  • Planning, Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions for ASA.
  • Experience working in Cloud infrastructure with VMware ESXi Server platforms for application servers. Network Configuration for server apps and app migrations support.
  • Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience.
  • Implementation, configuration and support of Panorama and ASA firewalls for multiple clients.
  • Hands on Experience in Configuring L2 and L3 security features on devices.
  • Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
  • Involved in Configuration of Access lists (ACL) on Juniper and Palo Alto firewall for the proper network routing for the B2Bnetwork connectivity.
  • Switching technologies like VLAN, Inter-VLAN Routing, Ether-channel, VTP, MLS, HSRP, VRRP.
  • Planning, Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions for ASA.
  • Spanning Tree Protocol 802.1d, 802.1s and 802.1w.
  • Worked extensively in Configuring, Monitoring and Troubleshooting Juniper security appliance, Failover DMZ zoning & configuring VLANs/routing/NATING with the firewalls as per the design.

Hire Now