SUMMARY

• 10 Plus years of experience in network design, implementation, troubleshooting, engineering, managing & migration of large - scale enterprise Campus networks and Data Center networks.
• Good knowledge of troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as IPSec, RIP, EIGRP, OSPF & BGP ability to resolve complex routing problems.
• Implementing, Troubleshooting of MPLS LDP, MPLS VPN’s.
• Responsible for Palo Alto firewall administration across global networks
• Good Knowledge in integration and configuration of Cisco based VPN networks and ASA Firewall.
• Experience in installing, configuring and troubleshooting of Checkpoint Firewall and Juniper MX series.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP and RSTP.
• Expert experience in Cisco ACE and F5 (Versions 10.x and 11.x) Big-IP Load Balancers, customized using internal tools and creating of SSL and Digital Certificates.
• Developed and directed the implementation of tactical plans for access, backbone, and interoffice networks deploying CISCO 3750, 6500, 7609 Routers and Nexus 2k, 5k 7k and 9k series switches, JUNIPER SRX, MX, TX series routers and EX4500.
• Cisco IOS, NX-OS and JUNOS configuration and troubleshooting.
• Involved in integration with SNMP, RADIUS and LogRhythm SIEM syslog server with Palo Alto and checkpoint firewall.
• Expert experience in Infoblox DNS/IPAM/DHCP appliance.

TECHNICAL SKILLS

Cisco Routers: 7500, 7200, 3750, 2600, 2800, 6500

Cisco Switches: 4500,6500,5500,5509,6513,4948,3500,2900,2960,Nexus 2K, 5K, 7K, 9K

Juniper: MX, TX, EX, SRX, J series.

Load Balancer: Brocade ADX, Alteon, F5 Big-IP.

Protocols: EIGRP, OSPF, BGP, RIP, HSRP, VRRP, GLBP, MPLS, TCP/IP, IPSec.

Design Tools: MS Visio Network Professional, MS-Project

Network Tools: SNMP, Spirent, SolarWinds, Orion, IXIA, HP OpenView, NNM, WireShark, Firemon

Network Topologies: Gigabit Ethernet, OSI and TCP/IP layered architecture, IPSec VPN.

Carrier Technologies: MPLS, MPLS-VPN, LDP.

IP services: QOS, LFI/CRTP, Multicast, DNS, DHCP, IPSec.

Servers: Sun, HP Blade center

Switching concepts: VLAN, STP, RSTP, VTP, Ether Channel (LACP, PAGP), Port Fast, IP Access control lists, Uplink Fast and Backbone Fast.

Wireless Technology: Meraki, Aruba wireless infrastructure, Cisco WLAN controller 5520

WAN technology: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3, DWDM & SONET.

PROFESSIONAL EXPERIENCE

Confidential, Wilmington, DE

Sr. Network Security Engineer

Responsibilities:

• Displayed significant knowledge and hands-on experience with managing and troubleshooting firewalls and other security infrastructure, particularly with Juniper equipment.
• Maintaining F5 LTM build templates for different types of zones.
• Involved in Implementing IPSec VPN Tunnel between third party sites and Dupont network.
• Mange Antivirus Server using McAfee Epo 5 & SIEM.
• Provided security incident handling support for all the internet gateway services in DuPont.
• Developed and updated documentation (operational guides, diagrams, inventories) related to DuPont security infrastructure.
• Responsible for upgrading and maintenance of Cisco IOS, IOS-XR, NX- OS and Juniper JUNOS platform.
• Hands on experience in Aruba S2500 switches, Aruba 7200, 3600 series wireless controllers, Aruba IAP 105, Airwave Products and clear pass Servers.
• Install configure and manage Aruba network infrastructure, Cisco wireless controller, AP’s.
• Experience on Create/Manage McAfee Endpoint Encryption Safe boot Packages.(SIEM).
• Monitored and troubleshoot EIGRP, MPLS, multi area OSPF and OSPF scale issues.
• Worked extensively on Cisco Firewall ASA 5500 Series (Configured ACLs in Cisco 5540 ASA firewall for Internet Access requests for servers, Protocol Handling, Object Grouping and NAT.)
• Provide remote support for partners on installation and configuration problems and issues related to SD-WAN
• Actively worked on installation, configuration and testing of Aruba's wireless Access points.
• Configuring Static, ISIS, BGP and OSPF Routing Protocols on Cisco ASR 9000, 9001, 6500 series Routers.
• Performed automation operations using VMware NSX and Python scripting.
• Worked on Python scripting for network configuration and management.
• Worked on multi-vendor load balancers including F5 Big IP LTM, Cisco ACE and VMware NSX between multiple centers.
• Worked on Citrix NetScaler and F5 LTM and GTM VIP configuration.
• Troubleshoot F5 issues including, working through configurations of VIP, pool, nodes, and tcpdump on LTM, using Wireshark with tcpdump output from F5.
• Provided technical support for full setup, debugged the problems of OSPF, switching, HSRP and IPSEC tunnels formations.
• Creating a rule on the checkpoint firewall for a NAT (used ACLs to block unauthorized users) to the VLAN IP and allowing the IPsec traffic.
• Worked on Aruba ClearPass server Authentication: 802.1X, AAA, Policy Management and Guest Access.
• Responsible to evaluate, test, configure, propose and implement network, firewall and security solutions with Palo Alto networks.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Worked with Host Master for shared web hosting and managed Web Application firewall ( WAF), DNS and DHCP management using Infoblox and Analyzed networks using Wireshark.
• Responsible for building site to site IPSEC, DMVPN tunnels, tunnels failover and WAF
• Worked with Netspot on doing a site survey for the new Meraki APs towards optimization of the Corporate and Warehouse WIFI Network.
• Worked Meraki Heatmap to pick up trends within the client traffic.
• Worked on wireless network for providing the day to day operations including cisco VOIP Phones, and working on the wireless access points.
• Installed different Wireless LAN, VLAN, F5 server, Cisco VPN any connect and VoIP phone.
• Other responsibilities included documentation and change control (ITIL standards).
• Configuring & managing Security Devices dat includes Juniper (NetScreen) Firewalls, F5 BigIP Load balancers, Blue Coat Proxies and Plug Proxies.
• Worked on service now ticketing tool for change controls and tickets for any issues.
• Design, Implement and Troubleshoot Highly Available and redundant topologies VPC, fabricpath, STP, VXLAN, OTV, EVPN, PTP, NTP, DNS, DHCP.
• Deployed Juniper Virtual Chassis, Virtual Chassis Fabric and Qfabric data center LAN deployments.
• Responsible for troubleshooting network, VPN and firewall problems, specifically Checkpoint GAIA and Cisco ASA.
• Configuring TACACS, LDAP, and RADIUS for CISCO ASA and Palo Alto Firewalls.
• Worked on Next Gen Firewall features like Application and URL filtering, SSL Forward Proxy, SSL Decryption, Web-filter, SD-WAN in Fortigate firewalls.
• Configure IDS and Deep Packet Inspection on Fortigate Firewalls. Perform STIGing on all network devices to meet DoD requirements.
• Create monitoring template using custom MIBs in Solar winds.
• Monitored WAN and LAN for circuit outages, network component failure, and user-reported network issues as well as network components such as routers, switches, and firewalls via the Network Management System (Solar winds)
• Installed Solar winds Network Performance Monitor with emphasis on traffic analysis, application and virtualization management.
• Used Cisco ACI (Application Centric Infrastructure) SDN architecture to reduce operating costs, automate IT tasks, for greater scalability and visibility in a datacentre environment.
• Worked on Great exposure to SDN and Network virtualization technologies like Cisco ACI.
• Maintain and troubleshoot various of devices of different vendors including, Cisco, Juniper, Fortinet.
• Analyzed the traffic and troubleshoot the network issues through splunk.
• Deployed VXLAN on the Nexus to map the physical VLANs to the Virtual Overlay VLANs.
• Involved in deployment of Cisco ISE and Firepower as well as, created/modified necessary profiles dat allowed authorized devices on the network.
• Provisioned Checkpoint firewalls integrated with an AWS environment.
• Worked on AWS to Corporate connectivity and AWS EC2, Auto scaling, NAT Gateways
• Generated reports on MSS-related metrics and participated in operational and project meetings related to DuPont security infrastructure.

Confidential, Chicago, IL

F5 Load Balancer Engineer

Responsibilities:

• Implemented MPLS VPN (RFC 2547) Mechanisms on Cisco IOS and JUNOS.
• Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches Confidential access level to 2950, 3550. dis project also involved in configuring and testing EIGRP, BGP, IPsec (DMVPN).
• Implemented WLAN Aruba Wireless Access Points and its Controllers Confidential various corporate sites fort 11n Infrastructure and its legacy technologies.
• Configuring and troubleshooting Edge and Core routers in MPLS domain. Implementing MP-BGP Session between PE Routers.
• Worked on troubleshooting production issues related to MPLS VPN involving PE configuration, PE-CE link issues such as routing protocol configuration, Layer1 / Layer2 issues, BGP4 address-family related issues, MP-BGP.
• Planning, design and deployment of Palo Alto Firewalls.
• Deployment of enterprise firewalls (Palo Alto Networks, Cisco ASA, Check Point) in production environments
• Involved in L2 Switching Technology Administration including creating and managing VLANs, VxLAN, Port security, Trunking, STP, Inter-Vlan routing, LAN security.
• Implementation, maintenance and monitoring of IDS/IPS, WAF, antivirus and Syslog Servers.
• Implemented IWAN (SD-WAN) solution to convert Multiple FedEx sites into IWAN for WAN Optimization and Enhance Application Performance.
• Working on routing protocols, DMVPN, SD-WAN, segmentation, WAN acceleration, and security.
• Performing data backups and data recovery operations. Work with vendors to resolve technical issues of programs me.e. Aruba Networks, Cisco.
• Assisted in building Aruba Clear Pass server transition away from Cisco ACS as the primary TACACS server.
• Migrate DNS and DHCP data from one DDI platform to another. Configuring & troubleshooting DNS & DHCP.
• Managed, installed and configured different type of equipment such as Alcatel Service routers 7750, layer 2 bridges such as ADVA and Overture, Silver Peak SD-WAN and Fortinet Firewalls.
• Managed Servers using F5 Big-IP load balancers to provide uninterrupted service for the customers and also for load testing, performance tuning, troubleshooting. Used Nexus switches in Multi-tenancy environment using VPC, VDC and VRF.
• Maintaining F5 LTM build templates for different types of zones.
• Working as Advance TAC Engineer to support Data center (QFX / QFabric) & Ethernet switching (EX-Series) product (Multilayer switches)
• Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes, BGP route filtering policy problems, ORF etc.
• Included Router and switch configuration (VLANs (802.1q), VTP, etc. on Nexus 2k, 5k, 7k and 9k Switches).
• Installed, Configured and Maintained a network of more TEMPthan 25 routers and 50 switches (Includes Cisco 3500, 2900, 4500 series and Nexus 2k, 5k, 7k and 9k switches).
• Configured network by using SONET to transfer multiple digital data streams.
• Worked with incident team to maintain the security in Data Centers.
• Developed a system dat uses data from LDAP and local templates to dynamically provision and re-provision virtual domains.
• Worked on Cisco Secure Access Control Server (ACS) for Windows to authenticate users dat connects to a VPN 3000 Concentrator.
• Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 5500(5520/5540) Series.
• Configured & maintained IPSEC Site-to-Site VPN.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Other responsibilities include documentation and updating changes made in networking devices as per ITIL Specifications.

Confidential, Plano, TX

Network Security Engineer

Responsibilities:

• Involved in configuration of Access lists (ACL) on ASA firewall for the proper network routing for B2B network connectivity.
• Implementing and troubleshooting complex layer 2 technologies such as VLAN, Trunks, VTP, Fabric path, ether channel, STP, RSTP, MST & port security along with trouble- shooting of inter-VLAN routing and VLAN trunking using 802.1Q.
• Configure Cisco 3550 Layer 2 and Layer 3 and supervise equipment installation and cabling work.
• Coordinated with remote technicians for installation and/or troubleshooting of store networking equipment (verification gear is showing up on network and functioning properly, troubleshoot issues, escalate as necessary)
• Worked exclusively on retail environment.
• Troubleshot security related issues on CISCO ASA/PIX, Palo Alto Firewalls.
• Responsible for installation, troubleshooting of Checkpoint firewall and LAN/WAN protocols Implementing firewall rules and configuring Palo Alto, fortinet Network Firewall.
• Strong hands on and troubleshooting experience on check point and Palo Alto firewalls.
• Design network system architecture and implement the prototype of the system using SD-WAN
• Provided application level redundancy and availability by deploying F5 load balancers LTM.
• Worked extensively on implementation and configuration of F5 LTM Load Balancers.
• Created Application filters and URL categories in secure web gateway for the F5 APM feature as proxy solution.
• Extensively used TCP/IP tool like TELNET for remote login to the routers and SSH for secure login.
• Managed various teams involved in site surveys, cabling specifications, Network equipment installation and configuration.
• Involved the implementation, and support of VOIP technologies.
• Utilized Solar winds for Network Monitoring, Configuring and maintaining TACACS+ for AAA.
• Centralized Application Enabler for WAN sites thru Citrix Server.
• Hands on experience with Alcatel and Nexus switches, Fluent with telnet, SSH, FTP and TFTP.
• Expertise and extensive experience in managing ASA/SRX Firewalls, Catalyst switches and customer integration. Ability to setup devices, modify ACL’s and trouble shoot issues.
• Work with Data Network Design team as needed to ensure vendor transport requirements are adequately met in the published design specification document.

Confidential

LAN Engineer

Responsibilities:

• Tested various BGP features like local-preference, MED, Weight and replicated customer issue problems in the testing environment lab.
• Provided proper documentation to maintain accountability and priority of installation during the migration. Ensured proper documentation was delivered to Change Management team, Incident Management.
• Handle customer escalations related to Internet connectivity issues, VPN issues (OSPF sync issues).
• Designed secure VPN architecture, including MPLS VPN for various customers which includes ISP’s
• Involved in configuring / troubleshooting issues relating to routers, switches.
• Knowledge on QOS and defined class of service (COS) WRED and WFQ for bandwidth management.
• Configured modular QOS which includes class map and service-policy.
• Monitored and troubleshoot the protocols EIGRP, OSPF and MPLS
• Provided support for BGP, EIGRP, HSRP and MPLS globally for various customers.
• Developed route redistribution mechanism between BGP and OSPF for large scale international networks.
• Switches standardization- Includes replacing old switches with standard Cisco 3500 switches, upgrading Cisco IOS/Cat OS on Cisco 3500, modifying switch configuration, adding authentication, logging and SNMP configuration parts.
• Installed and configured Cisco 2500, 2600, Nexus 2224 and 5548, Cisco catalyst switches 2924xl, 5000s, and configure CSU/DSU to support WAN Links.
• Configuring OSPF, RIP, EIGRP protocols and IP Subnetting, Routers and Switches.

Confidential

Network Engineer

Responsibilities:

• IOS upgrades on Catalyst 1900, 2900, 3500 series switches and 2500, 2600, 3600 series routers.
• Configuration of Access List ACL (Std., Ext, Named) to allow users all over the company to access different applications and blocking others.
• Configuring of IP Allocation and sub netting for all applications and servers and other needs throughout company using FLSM, VLSM addressing.
• Perform routine network maintenance checks as well as configure and manage printers, copiers, and other miscellaneous network equipment.
• Provide support infrastructure related requests and incidents within the firm.
• Responsible for Data Backup, System Update, Recovery and Restore, and Spyware removal.
• Configured Routing protocols such as VLANs, VTP, STP, MSTP, VRRP and HSRP.
• Configured Virtual Switching Systems (VSS) using two Cisco Catalyst 6500E switches to provide redundant route processors - Active-Standby Control Plane, Active-Active Data Plane.

Confidential

Junior Network Consultant

Responsibilities:

• Planning and Designing of Network infrastructure, Servers, Link and bandwidth monitoring (Network tool),
• Analyze incidents and troubleshooting of network related issue.
• Configuration and Troubleshooting on site-to-site VPN and Remote VPN on Cisco ASA 5540 firewall.
• Work on Cisco ACS (TACACS+) Server for Providing Access on Network And Security Device.
• Troubleshooting various LAN and WAN issues related to STP, VLAN, VTP, HSRP, VRRP, GLBP, ACL and routing protocols
• Installation, configuration & troubleshooting of CISCO Routers (1751, 2600, 3600).
• Configuration and Testing of Cisco switches ( 2950, 1900 series)
• Managing WAN & LAN and Administration of TCP/IP based network.
• Negotiate VPN tunnels using IPsec encryption standards and also configured and implemented site-to-site VPN, Remote VPN.
• Regular basis Implementing Network Changes on Schedule time within Window.
• Participation in various conference call, meeting related to Project work, interaction with clients for resolving issues or for their old or new concerns.
• Schedule changes and work through maintenance requests over weekends.
• Perform daily maintenance, troubleshooting, configuration, and installation of all network components.