SUMMARY

• 9+ years of professional experience as Network engineer and Architect with Cisco Certified Network Engineer, performing Network analysis, design, Implementing, capacity planning with a focus on performance tuning and support of large Networks. Strong knowledge in Cisco Routing, Switching and Security with Cisco hardware/software (heavy Cisco shop) experience.
• Strong knowledge in Cisco Routing, Switching and Security with Cisco hardware/software (heavy Cisco shop) experience.
• Experience working on Cisco Catalyst Series 3750, 4500, 6800, 6500, 9300, 9400, 9500; Nexus 2000, 5000, 6000 and 7000 series switches.
• Extensive work experience with Cisco Routers, Cisco Switches, Load Balancers and Firewalls.
• Experience in layer - 3 Routing and layer-2 Switching. Dealt with Nexus models like 9K, 7K, 5K, 2K series, Cisco router models like 7200, 3800, 2800, 2600, 2500, 1800, 4300, 4400, 4500, ASR 1000 series.
• Responsible for Palo Alto and Cisco ASA firewall administration across global networks.
• Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Design and configuring of OSPF, BGP on Juniper Routers (MX960, MX480) and SRX Firewalls (SRX240, SRX550)
• Strong knowledge of TACACS+, RADIUS implementation in Access Control Network.
• Proficient and high-level expertise using the F5 based profiles, monitors,VIP’s, pools, SNAT, SSL offload, I Rules, virtual Servers, I APPs. Migration experience fromACE to F5/ old F5 to New F5. Expert in TMSH.
• Experience in Designing and assisting in deploying enterprise-wide Network Security and High Availability Solutions for ASA.
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for a datacenter access architecture Expertise in installing, configuring, and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 series
• Experience with Cloud Networks and migration projects in AWS and Azure. Automation using Ansible.
• Experience with different Network Management Tools and Sniffers like Wireshark (ethereal), HP-Open view, RSA envision, and Cisco works to support 24 x 7 Network Operation Center.
• Experience with F5 load balancers andCiscoload balancers (CSM, ACE and GSS).
• Basic and advance F5 load balancer configurations, including migrating configurations fromCiscoACEto F5 and general troubleshooting of the F5 load balancers
• Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tools.
• Coordinated with senior level engineering group and site contacts for resolving all technical issues.
• Deployed BIG IP Enterprise manager to cluster all the F5 LTM, GTM.
• Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Configured Palo-Alto 7050 firewalls in vwire mode. Also configured Palo-Alto 3050 firewalls

TECHNICAL SKILLS

Cisco Platforms: Nexus 7K, 5K, 2K & 1K, Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800, 1900,2900,3900, ISR4321, ISR4331, ISR4351, ISR4431, ISR4451 - x series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900, 3650, 3850 series), CSR/ASR, IOS-XR, ISR, IOS-XE

Juniper Platforms: SRX, MX, EX Series Routers and Switches

Firewall Security: ASA Firewall (5505/5510/5500- X series),Checkpoint, Cisco ASA, Illumio adaptive segmentation usage.

Network Tools: Solar Winds, SNMP, Cisco Works, Wireshark, Netflow, eHealth

Load Balancers: Cisco CSM, F5 Networks (Big-IP)

Network Security: Firewalls, Palo Alto Firewalls, ASA, ACI, IPsec, IPS/IDS, & VPN, Juniper SRX, Juniper VSRX, ACE Module and F5 Load Balancers

Security Protocols: IKE, IPSEC, SSL-VPN

Networking Protocols: RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA

Operating System: MAC OS X, Linux, Unix, Cisco CATOS, IOS, IOS-XR, NX-OS, JUNOS, MS Windows 2007/08/10.

PROFESSIONAL EXPERIENCE

Confidential, Plano, TX

Senior Cloud Network Security Engineer

Responsibilities:

• Worked with Palo Alto firewalls PA250, PA4050, PA3020 using Panorama servers, performing changes to monitor/block/allow the traffic on the firewall. Technical assistance for LAN/WAN management and complex customer issues.
• Responsible to evaluate, test, configure, propose and implement network, firewall andsecurity solutions withPaloAltonetworks.
• Migration of physical data center into AWS cloud platform. Making VPC configuration, Gateway and VPN Connectivity with physical Data center.
• Created the AWS EC2 Instances thru Command Line.
• Direct link deployment to connect on-perm infrastructure with AWS cloud for a hybrid solution.
• Involved in Switching Technology Administration including creating and managing VLANS’s, Port security, Trunking, STP, Inter VLan routing, LAN security etc.
• Implemented with Cisco Layer 3 switches 3750, 4500, 6500 in multi VLAN environment with the use of inter-VLAN routing, HSRP, ISL trunk, ether channel.
• Configuring & managing around 500+ Network &Security Devices that includes Cisco Routers & Switches, Nexus Switches, Juniper and Palo Alto Firewalls, F5 Big IP Load balancers, Blue Coat Proxies and Riverbed WAN Optimizers.
• Knowledgeable in building a strong secure network with expertise in implementing the organizations IDS/IPS, ISE, VPN's, ACE and Firewall solutions. Including the auditing and event management
• Establishing a baseline ISE security rules/policy working with other service lane members
• Support network security infrastructure and controls, including, but not limited to Security Incident and Event Management (SIEM), firewalls, VPN, intrusion detection/prevention, Network Behavior Anomaly Detection, Network Level Advanced Malware Protection, TACACS, NetFlow based tools, URL filtering, NAC etc.
• Worked on Bluecoat Proxy SG, SG400 and CAS appliance implementation for client’s internet traffic.
• Assist with the maintenance of Firewalls, Routers, Switches, Virtual Switches, VPN configuration, Wireless Controllers, Servers, and Security appliances for access to vital business applications in our private cloud and hosted.
• Hands-On experience in the configuration, management, maintenance and support of wireless device like Clear Pass and ArubaWireless.
• Implementing the necessary changes such as adding, moving and changing as per the requirements of business lines in a data center environment.
• Configuring HA pair for two Palo VM-300 series AWS instance firewalls and testing the failover activity as well as ENI migration.
• Improve scalability and ease of deployments of theOpenStackunderlaynetworkby migrating from Standalone Nexus to Cisco ACI platform.
• Involved in designing L2VPN services and VPN-IPSEC authentication & encryption system.
• Worked on cleanup of several legacy rules of ASA and created a migration path to Palo Altos, configured for Global protect VPN, User ID, Wildfire set up, SSL decryption, license and policy management on Palo Alto appliances.

Confidential, Framingham, MA

Senior Network Security Engineer

Responsibilities:

• Design of Cisco Catalyst switches 4500, 6500, 3650 & 3850 series, Cisco routers ISR 1900, 2900, 3900 and ISR4K routers including 4321, 4331, 4351, 4431 and routing protocol OSPF, EIGRP, BGP with Access Control lists implemented on as per Network Design Document and followed the change process as per IT policy It also includes the configuration of port channel between core switches and server distribution switches using peering interconnections.
• URL filtering, SSL Decryption, Forward Proxy on Palo Alto Firewalls.
• Moved Palo Alto Firewalls from On premise to Azure cloud
• Implementation of F5 includes configuration/creation of Network Element, Pool, pool members and virtual servers.
• Experience with Cisco ACI (Application Centric Integration) technology implementation
• Coached and Mentored junior team members.
• Global network WAN utilization reporting using SolarWinds, capacity management and L4 WAN / LAN / WIFI Support escalations.
• Design experience in the network management of circuits using TDM and Frame Relay network, fault management and performance monitoring
• Experience working with Cisco IOS-XR on the ASR9000 devices for MPLS deployments
• Maintenance of tools and utilities to install, monitor, and troubleshoot a network. Reporting layer- 2 network behaviors, which can help network administrators monitor them with Aruba switches.
• Worked in firewall deployment and management in Azure such as Palo Alto Firewall.
• Awareness on Cloud Computing, Software Defined Networking (SDN), Cisco ACI and Illumio.
• Supported centralized DNS & DHCP Administration using Infoblox
• Support design and planning of Company Telco grade high-end Routers & Switches (Cisco ASR 9K, c7609,7200, ISR3900,2900, 1900 and 4K series Router / Cisco Nexus 7/6/5/2k, Catalyst Cisco 6500, 4500, 3750, 2950 50 series Switches, ASA 5585-X & Juniper MX/M/E series
• Optimized performance of the WAN network consisting of Cisco 3550/4500/6500 switches by using VLANs.
• Design VDCs in 7018 switches, maintained VRFs in those separate VDCs. Operated in OTV to extend L2 VLANs amongst data centers over IP on Nexus 7018 switches
• Palo Alto Firewalls for web filtering and application control
• Scripting for automation of processes for Windows Servers. Familiarity with main script languages like Python.
• Migrated legacy F5 LTM and GTM appliance to newer version appliances
• In-depth knowledge in designing, implementing, configuring with best practices on NextGen IDS/IPS Firewalls such as Palo Alto, Cisco Firepower (Sourcefire).
• Serve as the customer’s go-to resource for all matters related to the Palo Alto next-generation firewall.
• Additional tasks include assisting with the day to day operations and management of othernetworkdevices such as Cisco ISE, Infoblox, Palo Alto firewalls andPanorama.
• Migrated Palo Alto Next-Generation Firewall series PA-500, PA-3060, PA-5060, PA-7050, PA-7080 from Cisco PIX and ASA and Source of knowledge for SD-WAN and routing trends and technologies
• Designed architecture solutions for the various project for the LAN/WAN/VoIP, DMVPN, SDWAN, Viptela SD-WAN infrastructure including Data Center, HQ and remote branches.
• Lead product life cycle management activities across the Network portfolio

Confidential, Overland Park, KS

Network Security Engineer

Responsibilities:

• Worked with Palo Alto firewalls PA3020, PA5020 using Panorama servers, performing changes to monitor/block/allow the traffic on the firewall.
• Regular upgrade and maintenance of Infrastructure, Installing, configuring, and maintaining Cisco Switches (2900, 3500, 7600, 3700 series, 6500 series) Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800) Cisco Router and Switches, Juniper Routers and Firewalls, Nexus 7k,5k & 2k, f5 BIG IP, Palo Alto Firewalls, Bluecoat Proxy and Riverbed Steelhead appliances
• Providing support to networks containing more than 2000 Cisco devices.
• Worked as a part of data center deployment where we converted from Cisco 6500 to Nexus.
• Experience configuring VPC(Virtual Port Channel), VDC(Virtual Device Context) in Nexus 7010/7018
• Experience with configuring FCOE using Cisco nexus 5548
• Configured Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus5000 to connect servers and storage devices.
• Configuring & managing around 500+ Network &Security Devices that includes Juniper SRX Firewalls, F5 BigIP Load balancers and Nexus Devices.
• Experience with Firewall Administration, Rule Analysis, Rule Modification
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Responsible for Cisco ASA firewall administration across the network.
• Palo Alto/ASA Firewalltroubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Upgraded the existing Panorama to V8.0.6. Integrating the new firewalls to Panorama and responsible for working on change tickets for existing 3250 Palo Firewalls in the environment
• Designed and configured OSPF, BGP on Juniper Routers and SRX Firewalls
• Performed processes of optimization, backup, configuration and updating of Cisco IOS and IOS XR.
• Configured IP-SEC VPN for user traffics that need to be encrypted using Palo Alto, Cisco ASA, and Azure cloud.
• Experience in migration of VLANS & Configured VLANs with 802.1q tagging, Ether channels, and Spanning tree for creating Access/distribution and core layer switching

Confidential

Sr. Network Security Engineer

Responsibilities:

• Configuring rules and maintaining checkpoint VSX, Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Working in high availability Nexus Environment and provide Level 3 Network Support.
• Configuring, upgrading and verifying the NX-OS.
• Basic and advanced F5 load balancer configurations, general troubleshooting of the F5 load balancers.
• Configure IPSEC and SSL VPN with Palo-alto, Cisco ASA, Fortinet, Checkpoint and Router.
• Worked on Source Fire and Palo Alto IPS/IDS Systems, Splunk log monitoring tool, Qualys vulnerability assessment tool.
• Analyzed customer application and bandwidth requirements, ordered hardware and circuits, and built cost effective network solutions to accommodate customer requirements and project scope.
• Configured routers and coordinated with LD Carriers and LECs to turn-up new WAN circuits.
• Work on Change Management for migration from Cisco ASA to Palo Alto.
• Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550.
• Manage Palo alto, Checkpoint, Cisco ASA and Fortinet policy and network
• Migrated from Cisco ASA to Palo Alto.
• Configuring & managing around 500+ Network &Security Devices that includes Cisco Routers & Switches, Nexus Switches, Juniper and Palo Alto Firewalls, F5 Big IP Load balancers, Blue Coat Proxies and Riverbed WAN Optimizers.
• Upgraded Panorama version 7.0 to 8.0 on Palo Alto Firewalls.
• Configuring Virtual Device Context in Nexus 7010.
• Involved in Configuration of Access lists (ACL) on ASA firewall for the proper network routing for the B2Bnetwork connectivity.
• To secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures.

Confidential

Network Security Engineer

Responsibilities:

• Configuring rules and maintaining checkpoint VSX, Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Working in high availability Nexus Environment and provide Level 3 Network Support.
• Configuring, upgrading and verifying the NX-OS.
• Basic and advanced F5 load balancer configurations, general troubleshooting of the F5 load balancers.
• Configure IPSEC and SSL VPN with Palo-alto, Cisco ASA, Fortinet, Checkpoint and Router.
• Worked on Source Fire and Palo Alto IPS/IDS Systems, Splunk log monitoring tool, Qualys vulnerability assessment tool.
• Analyzed customer application and bandwidth requirements, ordered hardware and circuits, and built cost effective network solutions to accommodate customer requirements and project scope.
• Configured routers and coordinated with LD Carriers and LECs to turn-up new WAN circuits.
• Work on Change Management for migration from Cisco ASA to Palo Alto.
• Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550.
• Manage Palo alto, Checkpoint, Cisco ASA and Fortinet policy and network
• Migrated from Cisco ASA to Palo Alto.
• Configuring & managing around 500+ Network &Security Devices that includes Cisco Routers & Switches, Nexus Switches, Juniper and Palo Alto Firewalls, F5 Big IP Load balancers, Blue Coat Proxies and Riverbed WAN Optimizers.
• Upgraded Panorama version 7.0 to 8.0 on Palo Alto Firewalls.
• Configuring Virtual Device Context in Nexus 7010.
• Involved in Configuration of Access lists (ACL) on ASA firewall for the proper network routing for the B2Bnetwork connectivity.
• To secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures.

Confidential

Network Engineer

Responsibilities:

• Configuring HSRP between VLANs, Configuring Ether-Channels, Port Channel on 6500 catalyst
• Switches Replace branch hardware with new 2851 routers and 2960 switches.
• Implemented Cisco Wireless Access Points and WLC’s at various corporate sites fort 11n Infrastructure and its legacy technologies.
• Operation and Maintenance of Linux networks (LAN/WAN) and provided reliable connectivity for the enterprise customers.
• Troubleshooting customer tickets and provided up time of 99.999
• Proactively monitored network and resolved the issue in maintenance window, Designed and setting up VLAN and port assignments for servers.