SUMMARY

• 10 Plus years of experience in network design, implementation, troubleshooting, engineering, managing & migration of large - scale enterprise Campus networks and Data Center networks.
• Good noledge of troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as IPSec, RIP, EIGRP, OSPF & BGP ability to resolve complex routing problems.
• Implementing, Troubleshooting of MPLS LDP, MPLS VPN’s.
• Responsible for Palo Alto firewall administration across global networks
• Good Knowledge in integration and configuration of Cisco based VPN networks and ASA Firewall.
• Experience in installing, configuring and troubleshooting of Checkpoint Firewall and Juniper MX series.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP and RSTP.
• Expert experience in Cisco ACE and F5 (Versions 10.x and 11.x) Big-IP Load Balancers, customized using internal tools and creating of SSL and Digital Certificates.
• Developed and directed teh implementation of tactical plans for access, backbone, and interoffice networks deploying CISCO 3750, 6500, 7609 Routers and Nexus 2k, 5k 7k and 9k series switches, JUNIPER SRX, MX, TX series routers and EX4500.
• Cisco IOS, NX-OS and JUNOS configuration and troubleshooting.
• Involved in integration wif SNMP, RADIUS and LogRhythm SIEM syslog server wif Palo Alto and checkpoint firewall.
• Expert experience in Infoblox DNS/IPAM/DHCP appliance.

TECHNICAL SKILLS

Cisco Routers: 7500, 7200, 3750, 2600, 2800, 6500

Cisco Switches: 4500,6500,5500,5509,6513,4948,3500,2900,2960,Nexus 2K, 5K, 7K, 9K

Juniper: MX, TX, EX, SRX, J series.

Load Balancer: Brocade ADX, Alteon, F5 Big-IP.

Protocols: EIGRP, OSPF, BGP, RIP, HSRP, VRRP, GLBP, MPLS, TCP/IP, IPSec.

Design Tools: MS Visio Network Professional, MS-Project

Network Tools: SNMP, Spirent, SolarWinds, Orion, IXIA, HP OpenView, NNM, WireShark, Firemon

Network Topologies: Gigabit Ethernet, OSI and TCP/IP layered architecture, IPSec VPN.

Carrier Technologies: MPLS, MPLS-VPN, LDP.

IP services: QOS, LFI/CRTP, Multicast, DNS, DHCP, IPSec.

Servers: Sun, HP Blade center

Switching concepts: VLAN, STP, RSTP, VTP, Ether Channel (LACP, PAGP), Port Fast, IP Access control lists, Uplink Fast and Backbone Fast.

Wireless Technology: Meraki, Aruba wireless infrastructure, Cisco WLAN controller 5520

WAN technology: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3, DWDM & SONET.

PROFESSIONAL EXPERIENCE

Confidential, Wilmington, DE

Sr. Network Security Engineer

Responsibilities:

• Displayed significant noledge and hands-on experience wif managing and troubleshooting firewalls and other security infrastructure, particularly wif Juniper equipment.
• Maintaining F5 LTM build templates for different types of zones.
• Involved in Implementing IPSec VPN Tunnel between third party sites and Dupont network.
• Mange Antivirus Server using McAfee Epo 5 & SIEM.
• Provided security incident handling support for all teh internet gateway services in DuPont.
• Developed and updated documentation (operational guides, diagrams, inventories) related to DuPont security infrastructure.
• Responsible for upgrading and maintenance of Cisco IOS, IOS-XR, NX- OS and Juniper JUNOS platform.
• Hands on experience in Aruba S2500 switches, Aruba 7200, 3600 series wireless controllers, Aruba IAP 105, Airwave Products and clear pass Servers.
• Install configure and manage Aruba network infrastructure, Cisco wireless controller, AP’s.
• Experience on Create/Manage McAfee Endpoint Encryption Safe boot Packages.(SIEM).
• Monitored and troubleshoot EIGRP, MPLS, multi area OSPF and OSPF scale issues.
• Worked extensively on Cisco Firewall ASA 5500 Series (Configured ACLs in Cisco 5540 ASA firewall for Internet Access requests for servers, Protocol Handling, Object Grouping and NAT.)
• Provide remote support for partners on installation and configuration problems and issues related to SD-WAN
• Actively worked on installation, configuration and testing of Aruba's wireless Access points.
• Configuring Static, ISIS, BGP and OSPF Routing Protocols on Cisco ASR 9000, 9001, 6500 series Routers.
• Performed automation operations using VMware NSX and Python scripting.
• Worked on Python scripting for network configuration and management.
• Worked on multi-vendor load balancers including F5 Big IP LTM, Cisco ACE and VMware NSX between multiple centers.
• Worked on Citrix NetScaler and F5 LTM and GTM VIP configuration.
• Troubleshoot F5 issues including, working through configurations of VIP, pool, nodes, and tcpdump on LTM, using Wireshark wif tcpdump output from F5.
• Provided technical support for full setup, debugged teh problems of OSPF, switching, HSRP and IPSEC tunnels formations.
• Creating a rule on teh checkpoint firewall for a NAT (used ACLs to block unauthorized users) to teh VLAN IP and allowing teh IPsec traffic.
• Worked on Aruba ClearPass server Authentication: 802.1X, AAA, Policy Management and Guest Access.
• Responsible to evaluate, test, configure, propose and implement network, firewall and security solutions wif Palo Alto networks.
• Implemented Zone Based Firewalling and Security Rules on teh Palo Alto Firewall.
• Worked wif Host Master for shared web hosting and managed Web Application firewall ( WAF), DNS and DHCP management using Infoblox and Analyzed networks using Wireshark.
• Responsible for building site to site IPSEC, DMVPN tunnels, tunnels failover and WAF
• Worked wif Netspot on doing a site survey for teh new Meraki APs towards optimization of teh Corporate and Warehouse WIFI Network.
• Worked Meraki Heatmap to pick up trends wifin teh client traffic.
• Worked on wireless network for providing teh day to day operations including cisco VOIP Phones, and working on teh wireless access points.
• Installed different Wireless LAN, VLAN, F5 server, Cisco VPN any connect and VoIP phone.
• Other responsibilities included documentation and change control (ITIL standards).
• Configuring & managing Security Devices that includes Juniper (NetScreen) Firewalls, F5 BigIP Load balancers, Blue Coat Proxies and Plug Proxies.
• Worked on service now ticketing tool for change controls and tickets for any issues.
• Design, Implement and Troubleshoot Highly Available and redundant topologies VPC, fabricpath, STP, VXLAN, OTV, EVPN, PTP, NTP, DNS, DHCP.
• Deployed Juniper Virtual Chassis, Virtual Chassis Fabric and Qfabric data center LAN deployments.
• Responsible for troubleshooting network, VPN and firewall problems, specifically Checkpoint GAIA and Cisco ASA.
• Configuring TACACS, LDAP, and RADIUS for CISCO ASA and Palo Alto Firewalls.
• Worked on Next Gen Firewall features like Application and URL filtering, SSL Forward Proxy, SSL Decryption, Web-filter, SD-WAN in Fortigate firewalls.
• Configure IDS and Deep Packet Inspection on Fortigate Firewalls. Perform STIGing on all network devices to meet DoD requirements.
• Create monitoring template using custom MIBs in Solar winds.
• Monitored WAN and LAN for circuit outages, network component failure, and user-reported network issues as well as network components such as routers, switches, and firewalls via teh Network Management System (Solar winds)
• Installed Solar winds Network Performance Monitor wif emphasis on traffic analysis, application and virtualization management.
• Used Cisco ACI (Application Centric Infrastructure) SDN architecture to reduce operating costs, automate IT tasks, for greater scalability and visibility in a datacentre environment.
• Worked on Great exposure to SDN and Network virtualization technologies like Cisco ACI.
• Maintain and troubleshoot various of devices of different vendors including, Cisco, Juniper, Fortinet.
• Analyzed teh traffic and troubleshoot teh network issues through splunk.
• Deployed VXLAN on teh Nexus to map teh physical VLANs to teh Virtual Overlay VLANs.
• Involved in deployment of Cisco ISE and Firepower as well as, created/modified necessary profiles that allowed authorized devices on teh network.
• Provisioned Checkpoint firewalls integrated wif an AWS environment.
• Worked on AWS to Corporate connectivity and AWS EC2, Auto scaling, NAT Gateways
• Generated reports on MSS-related metrics and participated in operational and project meetings related to DuPont security infrastructure.

Confidential, Chicago, IL

F5 Load Balancer Engineer

Responsibilities:

• Implemented MPLS VPN (RFC 2547) Mechanisms on Cisco IOS and JUNOS.
• Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches Confidential access level to 2950, 3550. This project also involved in configuring and testing EIGRP, BGP, IPsec (DMVPN).
• Implemented WLAN Aruba Wireless Access Points and its Controllers Confidential various corporate sites fort 11n Infrastructure and its legacy technologies.
• Configuring and troubleshooting Edge and Core routers in MPLS domain. Implementing MP-BGP Session between PE Routers.
• Worked on troubleshooting production issues related to MPLS VPN involving PE configuration, PE-CE link issues such as routing protocol configuration, Layer1 / Layer2 issues, BGP4 address-family related issues, MP-BGP.
• Planning, design and deployment of Palo Alto Firewalls.
• Deployment of enterprise firewalls (Palo Alto Networks, Cisco ASA, Check Point) in production environments
• Involved in L2 Switching Technology Administration including creating and managing VLANs, VxLAN, Port security, Trunking, STP, Inter-Vlan routing, LAN security.
• Implementation, maintenance and monitoring of IDS/IPS, WAF, antivirus and Syslog Servers.
• Implemented IWAN (SD-WAN) solution to convert Multiple FedEx sites into IWAN for WAN Optimization and Enhance Application Performance.
• Working on routing protocols, DMVPN, SD-WAN, segmentation, WAN acceleration, and security.
• Performing data backups and data recovery operations. Work wif vendors to resolve technical issues of programs i.e. Aruba Networks, Cisco.
• Assisted in building Aruba Clear Pass server transition away from Cisco ACS as teh primary TACACS server.
• Migrate DNS and DHCP data from one DDI platform to another. Configuring & troubleshooting DNS & DHCP.
• Managed, installed and configured different type of equipment such as Alcatel Service routers 7750, layer 2 bridges such as ADVA and Overture, Silver Peak SD-WAN and Fortinet Firewalls.
• Managed Servers using F5 Big-IP load balancers to provide uninterrupted service for teh customers and also for load testing, performance tuning, troubleshooting. Used Nexus switches in Multi-tenancy environment using VPC, VDC and VRF.
• Maintaining F5 LTM build templates for different types of zones.
• Working as Advance TAC Engineer to support Data center (QFX / QFabric) & Ethernet switching (EX-Series) product (Multilayer switches)
• Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes, BGP route filtering policy problems, ORF etc.
• Included Router and switch configuration (VLANs (802.1q), VTP, etc. on Nexus 2k, 5k, 7k and 9k Switches).
• Installed, Configured and Maintained a network of more than 25 routers and 50 switches (Includes Cisco 3500, 2900, 4500 series and Nexus 2k, 5k, 7k and 9k switches).
• Configured network by using SONET to transfer multiple digital data streams.
• Worked wif incident team to maintain teh security in Data Centers.
• Developed a system that uses data from LDAP and local templates to dynamically provision and re-provision virtual domains.
• Worked on Cisco Secure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN 3000 Concentrator.
• Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 5500(5520/5540) Series.
• Configured & maintained IPSEC Site-to-Site VPN.
• Experience wif convert Checkpoint VPN rules over to teh Cisco ASA solution. Migration wif both Checkpoint and Cisco ASA VPN experience.
• Other responsibilities include documentation and updating changes made in networking devices as per ITIL Specifications.

Confidential, Plano, TX

Network Security Engineer

Responsibilities:

• Involved in configuration of Access lists (ACL) on ASA firewall for teh proper network routing for B2B network connectivity.
• Implementing and troubleshooting complex layer 2 technologies such as VLAN, Trunks, VTP, Fabric path, ether channel, STP, RSTP, MST & port security along wif trouble- shooting of inter-VLAN routing and VLAN trunking using 802.1Q.
• Configure Cisco 3550 Layer 2 and Layer 3 and supervise equipment installation and cabling work.
• Coordinated wif remote technicians for installation and/or troubleshooting of store networking equipment (verification gear is showing up on network and functioning properly, troubleshoot issues, escalate as necessary)
• Worked exclusively on retail environment.
• Troubleshot security related issues on CISCO ASA/PIX, Palo Alto Firewalls.
• Responsible for installation, troubleshooting of Checkpoint firewall and LAN/WAN protocols Implementing firewall rules and configuring Palo Alto, fortinet Network Firewall.
• Strong hands on and troubleshooting experience on check point and Palo Alto firewalls.
• Design network system architecture and implement teh prototype of teh system using SD-WAN
• Provided application level redundancy and availability by deploying F5 load balancers LTM.
• Worked extensively on implementation and configuration of F5 LTM Load Balancers.
• Created Application filters and URL categories in secure web gateway for teh F5 APM feature as proxy solution.
• Extensively used TCP/IP tool like TELNET for remote login to teh routers and SSH for secure login.
• Managed various teams involved in site surveys, cabling specifications, Network equipment installation and configuration.
• Involved teh implementation, and support of VOIP technologies.
• Utilized Solar winds for Network Monitoring, Configuring and maintaining TACACS+ for AAA.
• Centralized Application Enabler for WAN sites thru Citrix Server.
• Hands on experience wif Alcatel and Nexus switches, Fluent wif telnet, SSH, FTP and TFTP.
• Expertise and extensive experience in managing ASA/SRX Firewalls, Catalyst switches and customer integration. Ability to setup devices, modify ACL’s and trouble shoot issues.
• Work wif Data Network Design team as needed to ensure vendor transport requirements are adequately met in teh published design specification document.

Confidential

LAN Engineer

Responsibilities:

• Tested various BGP features like local-preference, MED, Weight and replicated customer issue problems in teh testing environment lab.
• Provided proper documentation to maintain accountability and priority of installation during teh migration. Ensured proper documentation was delivered to Change Management team, Incident Management.
• Handle customer escalations related to Internet connectivity issues, VPN issues (OSPF sync issues).
• Designed secure VPN architecture, including MPLS VPN for various customers which includes ISP’s
• Involved in configuring / troubleshooting issues relating to routers, switches.
• Knowledge on QOS and defined class of service (COS) WRED and WFQ for bandwidth management.
• Configured modular QOS which includes class map and service-policy.
• Monitored and troubleshoot teh protocols EIGRP, OSPF and MPLS
• Provided support for BGP, EIGRP, HSRP and MPLS globally for various customers.
• Developed route redistribution mechanism between BGP and OSPF for large scale international networks.
• Switches standardization- Includes replacing old switches wif standard Cisco 3500 switches, upgrading Cisco IOS/Cat OS on Cisco 3500, modifying switch configuration, adding authentication, logging and SNMP configuration parts.
• Installed and configured Cisco 2500, 2600, Nexus 2224 and 5548, Cisco catalyst switches 2924xl, 5000s, and configure CSU/DSU to support WAN Links.
• Configuring OSPF, RIP, EIGRP protocols and IP Subnetting, Routers and Switches.

Confidential

Network Engineer

Responsibilities:

• IOS upgrades on Catalyst 1900, 2900, 3500 series switches and 2500, 2600, 3600 series routers.
• Configuration of Access List ACL (Std., Ext, Named) to allow users all over teh company to access different applications and blocking others.
• Configuring of IP Allocation and sub netting for all applications and servers and other needs throughout company using FLSM, VLSM addressing.
• Perform routine network maintenance checks as well as configure and manage printers, copiers, and other miscellaneous network equipment.
• Provide support infrastructure related requests and incidents wifin teh firm.
• Responsible for Data Backup, System Update, Recovery and Restore, and Spyware removal.
• Configured Routing protocols such as VLANs, VTP, STP, MSTP, VRRP and HSRP.
• Configured Virtual Switching Systems (VSS) using two Cisco Catalyst 6500E switches to provide redundant route processors - Active-Standby Control Plane, Active-Active Data Plane.

Confidential

Junior Network Consultant

Responsibilities:

• Planning and Designing of Network infrastructure, Servers, Link and bandwidth monitoring (Network tool),
• Analyze incidents and troubleshooting of network related issue.
• Configuration and Troubleshooting on site-to-site VPN and Remote VPN on Cisco ASA 5540 firewall.
• Work on Cisco ACS (TACACS+) Server for Providing Access on Network And Security Device.
• Troubleshooting various LAN and WAN issues related to STP, VLAN, VTP, HSRP, VRRP, GLBP, ACL and routing protocols
• Installation, configuration & troubleshooting of CISCO Routers (1751, 2600, 3600).
• Configuration and Testing of Cisco switches ( 2950, 1900 series)
• Managing WAN & LAN and Administration of TCP/IP based network.
• Negotiate VPN tunnels using IPsec encryption standards and also configured and implemented site-to-site VPN, Remote VPN.
• Regular basis Implementing Network Changes on Schedule time wifin Window.
• Participation in various conference call, meeting related to Project work, interaction wif clients for resolving issues or for their old or new concerns.
• Schedule changes and work through maintenance requests over weekends.
• Perform daily maintenance, troubleshooting, configuration, and installation of all network components.