SUMMARY

• Decisive, Results - Focused professional offering over 8 years of experience in Network Design, Implementations, Operations and Network Support.
• Innovative and continual learner, a self-starter, TEMPhas a strong work ethic and a healthy attitude of cooperation and collaboration.
• Impeccable Client Management and leadership skills with impressive professional-speaking abilities.
• In depth noledge of Azure Application Gateways, Load balancers, VNET's, VNET peering, Express routes, Virtual Network Gateways, Local Network Gateways, Public IP prefixes, Network Security Groups etc.
• Good understanding of OSI layer model, TCP/IP, IP Routing, IP addressing, Layer 2 Switching, VLANs and Inter VLAN Routing.
• Expertise in TCP/IP, DNS, DHCP, Content Load Balancing, setup of Access-Lists, RIP, EIGRP and tunnel installations.
• Experience with F5 configuration via CLI (advance Confidential and traffic management Confidential (TMSH))

TECHNICAL SKILLS

Cisco Switches: Cisco Switches (2900, 3500, 4000, 4500, 5000, 6500, Nexus 5k & 7k) and Cisco IDS sensors.

Routers: Routers (1800, 2500, 2600, 2800, 3600, 3800, 7200, CRS 1).

Management Tools: SNMP Syslog, Sniffer, Wireshark, HPNA, RSAnetwitness, Spectrum, Node Manager, Solar winds and Service Now.

Monitoring Tools: Net Db, NetCure, Stat Seeker, Nagios, App Critical, Cisco Works, NetScout, Service Center, SPLUNK, Nexus- PeopleSoft, Aspect, Verint and Hammer

LAN Technology: VLAN, VTP, Inter-VLAN routing, ISL, dot1q, STP, RSTP, PVST, HSRP, GLBP, Ethernet, Fast Ethernet, Giga Ethernet & 10 Giga Ethernet, Port security

WAN Technology: Frame Relay, X.25, E1/T1/DS1/DS3, PPP, BGP, MPLS, PPP, ATM, Channel Azure Cloud Azure Application Gateways, Load Balancers, VNET's, VNET peering, Express routes, Virtual Network Gateways, Local Network Gateways, Public IP, NSGs

PROFESSIONAL EXPERIENCE

Confidential

Operations Landscape

Responsibilities:

• Providing Layer 4 support for LAN, WAN and Perimeter solutions.
• During teh project implementations responsible for transition to support check list to do things before handing it over to Operations.
• Worked on creating Visio drawings for multiple countries includes multiple sites.
• Decommissioned legacy terminal servers used for Out of Band Management solution which are sitting ideally Confidential T systems managed data center located in Houston and Amsterdam as part of cost savings to Business.
• Touch Basis with Business focal every week for improvements on Infrastructure where possible.
• Responsible for reviewing changes as per on call rotation basis and take necessary actions.
• Performance reviews with service provider every month on incidents, changes overall site isolations, chronic sites etc. take necessary actions to prevent site isolations by directing them to portfolio to raise projects.
• Suggested Business to Install new router with new backup circuit provider for sites that are standalone (Tier 3) to make them HA sites (Tier 2).
• Aggregated BGP summery routes in global Confidential MPLS as we have reached threshold by super netting were possible.
• Review existing configurations within connectivity and report to traffic engineering if configs are not as per Design implantation guides.
• Monitor sites ASIA Pacific, Americas, and Europe regions from SolarWinds and proactively rectify alarms by creating changes to minimize effect on business.

Confidential

Network & Security Engineer

Responsibilities:

• Provide primary support and maintenance to Network Firewalls Load balancers and Web Proxies.
• Responsible for cyber security team tools (sandboxing, DLP, proxy, and vulnerability detection platforms) and have shared on-call incident management responsibilities for enterprise network involving Datacenter, Office, and Azure cloud infrastructure.
• Built Azure environment from scratch and built Azure Cloud resources through ARM templates and Terraform.
• Designed and configuredAzure Virtual Networks(VNets), subnets,Azure network settings, DHCP address blocks, DNS settings, security policies and routing.
• DeployedAzure IaaS virtual machines(VMs) andCloud services(PaaS role instances) into secure VNets and subnets.
• Configured BGP routes to enable ExpressRoute connections between on premise data centers and Azure cloud.
• DesignedNetwork Security Groups(NSGs) to control inbound and outbound access to network interfaces (NICs), VMs and subnets.
• Utilized NSGs for layer 4 Access Control List (ACLs) for incoming and outgoing packets.
• Teh environment includes Cisco ACI, F5 & NetScaler load balancers, Palo Alto, Checkpoint & ASA Firewalls, Riverbed wan optimization, Software defined network overlays in teh Datacenter.
• Created several VPX instances from SDX on NetScaler. Designed deployed & troubleshoot many applications on NetScaler. Performed code upgrade on SDX & VPX instances.
• Migrated applications from on premises to Azure Cloud.
• Integrated network devices to HPNA, Spectrum for monitoring and accessing using SNMP v3.
• Created network diagrams using Visio for easy understanding of teh infrastructure.
• Deployed load balancers and firewalls in PCI environment for secure transactions.
• Provided Azure cloud support to different departments in teh organization through infrastructure building and troubleshooting issues.
• Hands-on experience of Python scripting, automation using Python, string parsing, libraries, API's, regexp and more.
• Built Palo alto firewalls in cloud and autoscaling it based on teh usage.
• Created complex rules utilizing TCL scripting to perform load balancing decisions.
• Configured F5 GTM solutions, which includes WideIP, Pool Load Balancing Methods, probers and monitors.
• Experience supporting teh configuration and maintenance of Firewall/DMZ infrastructure including Network and Application Firewall Packet Filtering technologies (Palo Alto, McAfee/Forcepoint Stonegate).
• Securing Internet facing products and corporate infrastructure (load balancers, DMZs, remote access VPN, proxies, gateways).
• Knowledge of firewall and DMZ design. Expert level Checkpoint firewall skills.
• Managing and providing support to various projects teams with regards to teh addition of new equipment such ASA routers switches and firewalls to teh DMZs.
• Proficient with F5 LTM and Cisco CSM load balancer in-between teh servers inside teh server farm and DMZ.
• Design and deployed F5 LTM and GTM load balancer infrastructure per business needs from teh ground up approach.
• Provisioned SD-WAN service as automated failover solution for MPLS VPN by Cisco Meraki MX 80 Firewall, Cisco ACI fabric networks, including Python automation.
• Added devices to teh inventory in microfocus network automation and was able to back up all network devices config, partitioned devices based on data center locations.
• Created a matrix for each application and listed teh type of environment it is with best usage of ASM, and developed core of how to use ASM across all applications and identify high risk concerns.
• Worked on QIP for creating teh DNS entries, A records and CNAMEs.
• Configured SSL offloading, bridging and pass through for custom applications per business needs.
• Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, AAA (TACACS+ & RADIUS).
• Implemented and troubleshot Cisco Firewalls and Juniper Firewalls
• Configured Cisco routers and switches, application of TCP/IP, including routing protocols, IP subnetting and common TCP network applications such as Telnet.

Confidential

Network & Security Engineer

Responsibilities:

• Engineering traffic management solutions, including teh design, low level engineering, and application load balancing solutions for client applications across teh pre-provisioned ADC infrastructure.
• Collaborated with Application owners, Network Team, DNS Team, and Firewall Team, to migrate applications from Legacy NetScaler Load Balancer to New F5 BIG-IP Local Traffic Manager
• Engineered and configured Virtual Server, Pools, iRules, Profiles, Persistence, and monitor on F5 LTM to match teh configuration teh Application had on NetScaler
• Worked with Cisco FirePOWER intrusion detection and prevention systems (IDS/IPS)
• Onboarded and certified new F5 device to replace End of Support, End of Life legacy F5 appliances
• Coordinated post-application-migration sessions with Network Team, Application Support Team to identify issues related to Application migration
• Configured of vCMP in HA architecture and sync-failover group between two vCMP guests.
• Separated partitions and interfaces on vCMP guests.
• Migrated Applications from BIG-IP 4200 LTM to 5250 vCMP guest.
• Migration of applications from Cisco ACE to F5 LTM.
• Maintained and analyzed teh F5 network for any possible up-gradation.
• Configured teh VIPs, pools, irules and profiles on F5 LTM 10.x and 11.x version and also Code upgrades from 11.4.0 to 12.1.5.
• Worked with F5 APM sessions and manipulating session using iRule and configuring and maintaining Webtops and Portal Access.
• Configured and maintained F5 SSL VPN and network access and Single Sign-On (SSO) for SAML resources.
• Upgraded teh F5 LTM and APM modules from v.11.4.1 to v.11.5.3 in high-availability architecture.
• Created teh AAA servers for LDAP and AD authentication in F5 APM.
• Designed and deployed F5 LTM and GTM load balancer infrastructure per business needs from teh ground up approach.
• Developed and implemented Python scripts to automate retrieval, parsing and reporting of configuration parameters from Network Devices connected to customer networks.
• Implemented Web traffic load balancing function and manipulated it.

Confidential

Network Engineer

Responsibilities:

• Configured networks using routing protocols such as RIP, OSPF, BGP and manipulated routing updates using route-map, distribute list and administrative distance for on-demand Infrastructure.
• Configured OSPF redistribution and authentication with type 3 LSA filtering and to prevent LSA flooding.
• Configured and implemented Composite Network models consists of Cisco7600, 7200, 3800 series routers and Cisco 2950, 4500, 3500, 5000, 6500 Series switches. Also worked with Cisco IDS sensor.
• Supported teh Global Traffic Manager and I Query functionality between LTM and GTM for a HA design.
• Developed High- and low-level design as it pertains to load balancing infrastructure and changes.
• Implemented Hot Standby Router Protocol (HSRP) by tuning parameters like preemption.
• Configured policy-based routing for BGP for complex network systems.
• Implemented and troubleshot Cisco and Juniper firewalls.
• Tuned BGP internal and external peers with manipulation of attributes such as metric, origin and local Preference.
• Established and configured Site-Site and SSL VPNs on checkpoint and Cisco Firewalls.
• Maintenance of VMware ESXi and KVM hypervisors.
• Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network.
• Responsible for day-to-day management of Cisco Devices, Traffic management and monitoring.
• Involved in provide higher technical support to NOC and other operation teams regards to IP/MPLS infrastructure.

Confidential

Network Engineer

Responsibilities:

• Responsible for IP routing using BGP, OSPF, static routers and switching using STP/VTP/VLAN.
• Designed, implemented and maintained a Cisco, Checkpoint, and Juniper environment.
• Implemented F5 LTM and GTM changes using CLI configurations and Experienced in administration of F5 infrastructure.
• Implemented of SSL offloading GTM deployment architecture.
• Monitored F5 network and report on traffic and statistics to maintain appropriate performance.
• Upgraded IOS on various Cisco Routers like 3945 and 2911 as well as switches like 3750, 4500 and 6500.
• Implemented AP's using Wireless Protocols like 802.11 (a,b,g) 802.1x, 802.11i,
• Implement and maintain a secure network environment.
• Configured and maintained Cisco enterprise Firewalls (Layer 2 and Layer 3) from CLI.
• Designed and configured VPN IPsec tunnel solutions for travel customers.
• Worked on different networking concepts and routing protocols like OSPF, DNS and other LAN/WAN technologies.
• Configured networks using routing protocols such as RIP, OSPF and BGP.
• In-depth expertise in teh implementation, optimization, troubleshooting and documentation of LAN/WAN networking systems.
• Created standard access lists to allow SNMP, NTP and logging servers.
• Designed and configured network security architecture using Cisco ASA firewalls and VPN technologies.
• Installed PVDM, Network module, VWIC card, secondary power supplies and additional memory to 3900 series routers.
• Coordinated with teh Data Network and Security team and come up with possible solutions.

Confidential

Network Engineer

Responsibilities:

• Assisted in troubleshooting LAN connectivity and hardware issues in teh network of 100 hosts.
• Involved in troubleshooting IP addressing issues and Updating IOS images using TFTP.
• Maintained redundancy on Cisco 2600, 2800 and 3600 router with HSRP.
• Performed RIP & OSPF routing protocol administration.
• Troubleshoot problems on a day-to-day basis & provide solution that would fix teh problems within their Network.
• Managed teh IP address space using subnets and variable length subnet masks (VLSM).
• Configured RSTP, MST and used VTP with 802.1q trunk encapsulation. Provided port binding and port security wherever required. Provided router redundancy through HSRP.
• Performed switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet and Gigabit Ethernet channel between switches.
• Worked with Cisco switches and routers: Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay and ATM).