SUMMARY

• Experienced, collaborative - minded, and enthusiastic Network Engineer professional with Around 7 years of technical and organizational experience in network engineering, network administration, customer service and logistics management.
• I readily accept new responsibilities and maintain a focus on customer satisfaction while fostering a collaborative productive environment in a continually changing and growing industry.
• Looking for challenging duties in an expert environment that makes use of my analytical, problem-solving abilities, expertise and specialized information, for the mutual development of my career and the business.
• Expert level knowledge of troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as EIGRP, OSPF, BGP ability to interpret and resolve complex route table problems.
• Experience working with Nexus 7K, 5K, 2K devices also configuring Nexus 2000 Fabric Extender (FEX), which acts as a remote line card (module) for the Nexus 5000.
• Experience in network performance testing. Administration and Maintenance in multi-vendor platform environments (Cisco, Juniper, Checkpoint, F5, Palo Alto)
• Worked extensively on firewalls and VPN gateways Checkpoint, CISCO, Juniper, FortiGate GUI and Arista equipments.
• Manage administration ofJuniperFirewall, connecting offices worldwide through VPN tunnels to two HAJuniperSSG520's. The VPN provides 24/7/365 connectivity for corporate needs of all remote offices.
• Sound knowledge of virtual firewalls like checkpoint VSX, IDS, IPS as well as encryption techniques.
• Configured policies on F5 ASM Created rules and scripts for the automation of the environment. Reengineered Firewall policies onJuniperSSG320 and SSG140 Firewalls
• Experience configuring and troubleshooting on Citrix NetScalar Load Balancer.
• Migrated firewall rules from Cisco ASA to Palo Alto and Checkpoint Firewalls. Designing and Configuring of OSPF, BGP on Juniper Routers (MX960, MX480) and SRX Firewalls (SRX240, SRX550).
• Advanced knowledge in installation and configuration of Juniper Netscreen Firewall.
• Migration from Cisco firewalls to Palo Alto firewalls platforms PA 4000 and PA 500 and PA- 200 firewalls.
• Design, Build, and Implement various solutions on Check Point Firewalls, Blue Coat Proxies, F5 Load balancers and F5 Global Traffic Managers.
• Hands on experience in configuring and supporting site-to-site and remote access Cisco, IPsec, VPN solutions using ASA/PIX firewalls, Cisco, B2B VPN client in addition to providing TACACS+ and RADIUS services.
• Experience in working with Cisco Nexus 9k, 7k, 5k, 2k Switches and Virtual Port Channel configuration.
• Deployed Cisco FireSight,ISEusing certificate authority signed certs with pxGrid remediation module.
• Strong hands-on experience onCheckpointFirewalls, ASA (5550) Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
• Good Understanding of Python scripts for system automation, monitoring and security reporting. Maintain existingPerlscripts and migration existingPerlscripts to Python.
• Configure all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale Firewall deployments.
• Implement changes on switches, routers, load balancers (F5 LTM and CSS), Wireless devices as per Design engineers.
• Checkpoint level 3 operations support with hardware operation and fixed all problems.
• Excellent communication skills with ability to interact effectively with employees at all level of the organization.
• Cisco Security: Telnet, NAT/ACLs, AAA, Layer 2 Security, Layer 3 Security, IPS/IDS, Cisco (ASA, PIX) 5510, Cryptography, VPN, IPsec.
• Firewalltechnologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point R65, R70, R75, R77 and Cisco ASA.
• Supporting and troubleshooting Checkpoint/Cisco site-to-site VPN/IP Sec functionality.
• Experience on working, implementing, configuration and managing Juniper SA 2500/4500/6500 SA devices with secure access services 7.1/8.0.
• Performing theJuniperSRX 5800 deployments to replace the Crossbeam/Checkpoint firewalls.
• Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).

TECHNICAL SKILLS

Cisco Platforms: Nexus 7K, 5K, 2K, 1K

Cisco Routers: 1700,1800,2500,2600,2800,3600,3800,3900,7200,7600

Cisco L2 & L3 Switches: 2900,3500,3560,3750,4500,4900,6500

Juniper Platforms: SRX, MX, EX Series Router and Switches

Networking Concepts: Access-lists, Routing, Switching, Sub netting, Designing, CSU/DSU, IPsec, VLAN, VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi

Firewall: ASA Firewall (5505/5510), Checkpoint, Cisco ASA

Network Tools: Solar Winds, SNMP, Cisco Works, Wireshark

Load Balancers: Cisco CSM, F5 Networks (Big-IP)

Wan Technologies: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3,0C3, T1 /T3 & SONET

Lan Technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channelVLANS, VTP, STP, RSTP, 802.1Q

Security Protocols: IKE, IPSEC, SSL-VPN

Networking Protocols: RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA, IPv4 and IPv6

Operating System: Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix

Wireless: Ciscowirelessaccess points: AIR-CAP3702, AIR-CAP3502, AIR-CAP2602, AIR-CAP2702, WLC 5508, 4404 and WLC 4402wireless

LAN controllers: Catalyst 6513, 6509, 4006, 4003, 3750, 3560, 3550, 2950G switches

PROFESSIONAL EXPERIENCE

Confidential, Santa Clara, CA

Sr. Network Engineer

Responsibilities:

• Designing MPLS VPN and QoS for architecture using Cisco multi-layer switches.
• Provide Tier II Load Balancer expertise on F5 BigIP Local Traffic Managers (LTM). Designing F5 solutions/support for migration work of applications and websites from Cisco CSS Load Balancers to the F5 BigIP Load Balancers.
• Configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures.
• Configured Cisco routers for MPLS VPN connectivity and VRF tables on edge routers for customer usage of the MPLS network.
• Configured Cisco ASA 5510 for VPN Network Access Control integration with CiscoISE(Inline PEPs).
• Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS switching for stable VPNs.
• Knowledge in new technologies like SDN,Openflowprotocol and NOX controller Python based.
• Worked extensively on lab build for POC comprising of Cisco Catalyst Switch 6500s, 4500s, 3750, Nexus 7000s, and CiscoISE3300 Appliances and 1.0.4 CiscoISEsoftware on VMware's.
• Good knowledge of CISCO firewalls, CISCO PIX and ASA 5500 series, Palo Alto Firewalls.
• Configuring virtual chassis for Juniper switches EX- 4200 and firewalls NS 5200.
• Configuration of VLAN, BFD, LAG Port Channel, HSRP, VRRP on Cisco/Juniperdevices.
• Deploying BIG-IP F5LTMLoadBalancersforloadbalancing and traffic management of business application.
• Configure allPaloAltoNetworksFirewallmodels (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scalefirewalldeployments.
• Configuring VPN, clustering and ISP redundancy in Check Point Firewall.
• Asset management, keeping inventory of every device in the data center.
• Migrated Firewall infrastructure from Checkpoint R65 to Netscreen ISG2000.
• Hands on experience with new next generation Palo Alto appliances serving as firewalls and URL and application inspection.
• NX-OS upgrade in Nexus 7010 through ISSU (In service software upgrade)
• Configured and performed software upgrades on Cisco Wireless LAN Controllers 5508 for Wireless Network Access Control integration with CiscoISE
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for a datacenter access architecture
• Implementing security Solutions using Palo alto PA 5000, Check PointFirewallsR75, R77.20 Gaia and Provider-1/MDM.
• Migrating Cisco ASA firewalls policy to new Checkpoint appliance with support of vendor specific tool.
• Experience with Network Redesign of branch and Campus Networks. This includes changes to both the voice and data environment.
• Maintained, upgraded, configured, and installed Cisco ASA 5510, 5520, & 5505Firewallsfrom the CLI and ASDM.

Environment: Cisco 3750/3550/3500/2960 switches, Cisco 3640/12000/ 7200/3845/3600/2800 routers, Cisco ASA5510, Checkpoint, Cisco Nexus 7K/5K, 2248/3560/5020/6509 , ASA, Checkpoint, LAN, OSPF, BGP, RIP, EIGRP.

Confidential, Westborough, MA

Network Security Engineer

Responsibilities:

• Designed, implemented and maintained WAN technologies like DWDM, MPLS, VPLS and tunneling technologies.
• Configured and performed software upgrades on Cisco Wireless LAN Controllers 5508 for Wireless Network Access Control integration with CiscoISE.
• BGP/OSPF/EIGRP Automation of Flows NFV/SDNAT&T Open stack.
• Working with VPN tunnels, DS1, DS3 & T1 links.
• Experience with designing and deployment of MPLS Traffic Engineering.
• Worked extensively on policy design and implementation forISEsolution various Network.
• SDN/ODL Controllers MPLSSDN-WAN Anisbile.
• Implemented Cisco site to site VPN for partnering with different partners around the world.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs.
• Experience in Next Generation Firewalls (Fire POWER) design and implementation.
• Installation ofPaloAlto(Web Application and URL filtering, Threat Prevention, Data Filtering).
• Performed IOS Software upgrades on switches Cisco 6509, 3750 and Cisco ASR for compatibility with Cisco ISE.
• Upgrade and Configure Cisco ASA to manage it with Firepower.
• Upgrade and Configure Cisco ISE, IOS Based firewalls, Cisco FIREPOWER, Cisco Prime Infrastructure, Cisco Security Manager.
• Responsible for Checkpoint and Cisco ASA firewall administration across global networks.
• Implemented Site-to-Site VPNs over the internet utilizing 3DES, AES/AES-256 with PIX Firewalls
• Experience with configuring BGP in the data center and using BGP as a WAN protocol and manipulating BGP attributes. implemented and supported Cisco PIX, Cisco ASA, Cisco ACS/ISEwith AD/LDAP.
• Configure allPalo altoNetworksFirewallmodels (PA-2k, PA-3k, PA-5k etc.) as well as a centralized
• Installation and configuration of Cisco Nexus 9k, 7k, 5k, 2k, ASRs, 6500s, 4510s, 3800s, 2900s.
• Deploying and decommission of VLANs on core ASR 9K, Nexus 9k, 7K, 5K and its downstream devices.
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for datacenter access architecture.
• Implementing security Solutions using Palo Alto PA 5000, Check PointFirewallsR75, R77.20 Gaia and Provider-1/MDM.
• Hands on Experience with blocking of IPs onCheckpointwhich are suspicious.
• Configure allPaloAltoNetworksFirewall models and Panorama to manage large scale Firewall deployments.
• Implemented the network segmentation for PCI network which utilizes MPLS VPN andVRFLite.
• Providing daily network support for national wide area network consisting of MPLS, VPN and point-to point site.

Environment: Cisco ASA 5505/5510/5520 , Cisco Routers 2900 series, Cisco Switches 2950/2960/3750 HSRP, Ether channel, OSPF, EIGRP, BGP, STP, RSTP, PVST, VTP, MPLS, ATM, PPP, HDLC, SNMP, DNS, DHCP, MS exchange 2010, Xen server 6.0, xcenter, Hyper-V 2008/2012

Confidential, Richmond, VA

Network Engineer

Responsibilities:

• Implemented and configured BGP,BGPv6, using policy route-maps, prefix list to regulate advertise routes from specified Autonomous Systems. Verified BGP neighbor establishment and prefix received and converged with transit providers.
• Worked on migrating the F5 LTM 5100 version 9.2 to 5100 LTM version 9.4 and F5 GTM configurations
• Maintaining Checkpoint security policies including NAT, VPN and Secure Remote access
• Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls.
• Worked as a part of data center deployment where we converted from Cisco 6500 to Nexus.
• Adding Websites to the URL filtering blocklist in Bluecoat Proxies and upgrading firmware on the bluecoat proxies.
• Configured ACI for remote Authentication in the respective organization, manage project task to migrate from Cisco ASA firewalls to Checkpoint firewalls.
• Deployed Nexus switches 2248, 5548, 7018 and implemented features like FEX Links, VPC, VRF, VDC, and OTV, Fabric Path.
• Experienced in Network Security and Virtualization in NSX environment.
• Monitored and worked on alert management for components related to ISE solutions (VNOC).
• Provided technical assistance for LAN/WAN management & troubleshooting and complex customer issues using Network monitoring tools such as Solar winds.
• Creation of Firewall policies as per the requirements on Check point, ASA, FWSM, and Juniper Firewalls.
• Review the existing process and recommend changes to increase productivity and efficiency such asSDN, Deep packet analysis.
• Assisted installing cisco ISR 2900 series routers, Cisco 5520 ASA appliance, Wireless LAN upgrade project. Assisted infrastructure team with the installation of 60 cisco 3700 series AP, around the building.
• Configured and then racked 3 Cisco 2911 voice gateways with H323 to the carrier.
• Leading and supporting role regarding technical topics and solutions within a network implementation organization.
• Configured Security policies including NAT, PAT, VPN's and Access Control Lists.
• Configured VDC's on nexus 7K for creating multiple logical switches and HSRP and VLAN trunking 802.1Q, VLAN Routing on Catalyst 6500 switches.

Environment: EIGRP, RIP, OSPF, BGP, VPN, CSM, SUP720, Ether Channels, Cisco 7200/3845/3600/2800 routers, Fluke and Sniffer, Cisco 6509/ 3750/3550/3500/2950 switches, Checkpoint firewalls (SPLAT).

Confidential

Network Engineer

Responsibilities:

• Work on different networking concepts and routing protocols like BGP, EIGRP, OSPF and other LAN/WAN technologies.
• Configured Cisco Catalyst 6500, 4500, 3850, 3750, 2960 switches and Cisco 3600, 7200 &ASR1K & 9k Routers for an enterprisenetwork.
• Upgrading and managing Linux Kernel on Red Hat Linux 5 &6 & ESX Reboots.
• Configured routers and modems, troubleshot issues related to broadband technologies for Residential and Business Customers.
• Efficient in cabling as per co-location contracts with loop-back testing, including all DS1, DS3, T1, T3, CAT 6 and CAT 5 connections as per defined cabling procedures.
• Configured and managed networks using L3 protocols like RIPv2.
• Configured VLANs, Private VLANs, VTP and Trunking on switches.
• Support remote office WAN, PFR & DMVPN technologies.
• Configured L2 and L3 security features on devices.
• Maintained copper and fiber opticnetworkinfrastructure performing maintenance and installations where necessary.
• Specializing in voice and datanetworkadministration and troubleshooting. Experienced problem solver competent in customer service and team management.
• Involved in a project for a re-design of the LAN network (Cisco Catalyst 2960 and Nexus 5000 switches) and the virtualization of some systems.