PROFESSIONAL SUMMARY:

• 8 years of professional experience in Network Designing, Deployment, Configuring, Routing, Switching, DNS, DHCP, Firewall Security and administration of complex inter networking communication systems.
• Strong noledge on TCP/IP and Ethernet LAN.
• Ensurenetworkdevices are hardened to mitigate risks of potential threats.
• Plannetworkdevelopment and expansion of remote schools
• Excellent in troubleshooting connectivity and hardware issues on Cisco Switches, Routers, firewalls, and HP devices.
• Experienced working and configuring Cisco routers and L2/L3 Switches and good understanding of IP Sub netting.
• Strong experience of Ansible Automation development, deployment, and validations.
• Implementation of BGP wif multi - homed routing wif dual ISP.
• Operational experience wif multiple OpenStackdistributions like Mirante’s OpenStack, Red Hat OpenStack, and OpenStackAnsible project.
• Implementation and troubleshooting MPLS, MPLS L3 VPN, VXLAN and ELAN on Cisco devices.
• Configured and maintained Cisco Catalyst Switches 6500/4500/3500/3850/2900/9000/9300 series, Cisco Nexus Series Switches 7K/5K/2k.
• Experience wif upgrade for Bluecoat Proxy server’s firmware.
• Proficient in LAN/WAN routing, switching, application load balancing and wireless.
• Installing, Configuring, Maintaining, Administration of Cisco, Palo Alto and Checkpoint Firewalls across global networks.
• Expertise in configuring switches and routers wif protocols such as OSPF, EIGRP, BGP, HSRP, GLBP, STP, TRUNKING, VPN, VLANs, VDC, ISIS, MULTICAST.
• Provided Excellent IT security and by building Cisco ASA firewalls wif Failover.
• Strong noledge on Security context, clustering and next Generation Firewall.
• Implementation of IDS/IPS in ASA Firewalls.
• Performed firewall rule audit and optimization using Tufin, Firemon and Algosec.
• Experienced working on network monitoring and analysistools like SOLAR WINDS, THOUSANDEYES, CISCO PRIME, TCPDUMP and Wireshark, Alcatel-Lucent.
• Plan, design, and implement solutions for WAN, LAN, QOS, WIFI, DMZ, firewalls, VPN, Cloud Services, and security architecture across enterprise networks.
• Experience in Load Balancing wif F5 LTM and GTM, ASM, WAF products and implementation of I Rules and High Availability of F5.
• Experience wif configuring various network services like DNS, DHCP and NAT implementations wif Cisco devices.
• Maintained DNS, BGP, OSPF, LACP, 802.1Q, 802.1x, NAC, MPLS, TCP/IP, IPv4, Ethernet, WAN technologies, VPN tunneling.
• Utilized tools such as NAC, Firemon and Riverbed CMC.
• Served a platform for other services dat are required wifin the data center or cloud environment using Cisco ACI.
• Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN,IPS/IDS, AAA (TACACS+ & RADIUS).
• Experienced wif cisco Wireless Controllers for Access points wif cisco 5520, 2500 wireless controllers.
• Experience in maintaining Disaster Recovery and Backup configurations for quickly resolving issues.
• Administrating windows server infrastructure which includes Domain Controllers, File and Print, FTP/SFTP servers.
• Strong noledge on Installing Operating systems on Physical and Virtual machines.
• Strong noledge on Linux command and Installation of operating system on physical and virtual severs.
• Worked on Infoblox to update the DNS host.
• Has noledge about NXOS, OTV and cisco series ASR routers.
• Experience working wif Bluecoat Proxy SG200, SG500 series appliances.
• Confident in Network security including NAT/PAT, ACL, VPN Concentrator
• Used tools such as SNMP for server configuration and NTP to configure Network Time Protocol (NTP).
• Excellent working noledge of deployment and management of IT services such as DNS, SSH, DHCP, NAT, QoS.
• Sound noledge and experience in IPv4 and IPv6 Addressing, sub netting, VLSM, ARP, proxy ARP.
• Extensive experience in configuring and managing profiles, VIP’s, monitors, pools, pool members, I Rules in F5 Network Load Balancers.
• Managed upgrade of IOS for Cisco Switches and routers.
• Utilize Bluecoat for DNS, DHCP, and IPAM
• Efficient in designing and configuring of Layer 2 / 3 networking features such as VLAN, access/trucking, STP, VTP, 802.1X, Port Security, L2PT and SPAN

TECHNICAL SKILLS:

Routers & Switches: Cisco 2K/3K/4K/7K, ASR, 9K, XR, Juniper M320. Cisco Catalyst 1440/2K/3K/4K/6K, Cisco ASR Series Routers, Cisco Nexus switches (9K, 7K, 6K, 5K,2K), Cisco 6500, 4500, 3750 and 2900 Series Routers.

LAN/WAN Technologies: Ethernet, Fast Ethernet, Gigabit, Token rings, STP, RSTP, PVSTP, Workgroup, SD-WAN, Domain, HSRP, Frame Relay, ISDN, PPP, HDLC, ATM, MPLS, Leased Lines, SDN, VXLAN, SDWAN

Network Tools: Solar Winds, Wireshark, Nmap, MS Visio, Ethereal, Packet, PRTG Packet Sniffer,network management tools (SNMP, NetFlow, etc.) such as HP OpenView

Firewalls & Security: Checkpoint NGX, Cisco ASA, Cisco IPS/IDS, Security context, Clustering, Next Gen Firewall, Palo alto firewalls, Cisco WLAN, Cisco ISE, Cisco ACI.

Networking Protocols: Static, EIGRP, OSPF, BGP, MPLS, RIP, HSRP, GLBP, STP, RSTP, PVSTP, VTP, ARP, VLAN, DNS, SMTP, SNMP, FTP, HTTP, HTTPS, IGMP, WLAN 802.11/802.11 e, CDMA, ISIS.

WiFi & Wireless: D-Link Wireless (Point to Point), D-Link Access Point, CISCO 1532e/ 3500/2602/ 2702/ 1200 series Access Points, Canopy Wireless Device (point to point/multi point), Linksys Wi-Fi/ Wireless Router

Load Balancers: F5 load balancers, BIG-IP LTM/GTM, ASM, WAF, FortiGate/ Forti analyzer/ Forti manager.

Additional Skills: CSU/DSU Troubleshooting, ATM, IP addressing, IP sub netting, PAT, IPsec Based VPN, API, and IPsec over GRE Tunnels, DNS, and ADS.

Operating Systems: Windows XP/7/8, LINUX, UNIX

PROFESSIONAL EXPERIENCE:

Confidential, Bothell, WA

Sr. Network Security Engineer

Responsibility:

• Experienced in assisting the clients on troubleshooting P1 issues of domain name system changes including the LB configurations, firewall issues.
• Advise on issues regarding network interdependencies dat stretch both our on-premise infrastructure and public cloud footprint
• Worked on servers patching and upgrading and migrations of services running in Infoblox to Bluecoat.
• Manage Forcepoint SMC (156 firewalls)
• Experience wif Cloud Service Providers such as Amazon AWS, Microsoft Azure, and Google GCP.
• Administer policy settings and upgrades to Forcepoint Triton APX Web, DLP, and Email applications
• Capable of designing cloud based networks on top of AZURE, AWS
• Installing all required packages forONOSby usingKubernetes, ansibleanddocker.
• Virtualized the servers using the Docker for the test environments and dev-environments needs. And configuration automation using Docker containers.
• Deploy and manage Forcepoint firewalls, CISCO ASA 5500, and Palo Alto
• Configuring, Maintaining and troubleshooting of Net Screen, Palo Alto and Firemon Firewalls
• Worked wif Juniper network devices like routers, switches, firewalls etc.
• SetupAlertingandmonitoringusingStackdriverinGCP.
• Provide network LAN/WAN design, implementation, consulting and leadership for data and converged communications infrastructure based largely on Juniper and Cisco equipment.
• Strong skillsets working wif Cisco IOS and Meraki Dashboard.
• Experience wif AWS or Azure, DevOps, software development, and system integration, including the underlying protocols and standards used in the operation of those technologies
• Worked on Juniper QFX/EX switches, Cisco Nexus switches, or Arista switches and Juniper MX Series routers, PTX Series routers, Cisco ASR9000, CRS
• Configure, Manage and Monitor Palo Alto firewall models (Specifically the PA-5050 and the PA-5260)
• Manually updated Network time protocol servers in Bluecoat Address manager (BAM)
• Planning and implementing the tasks for change management for all kinds of Merchant services domain name system changes etc.
• Worked on Automation systems and scripting such as Ansible and underlying scripting such as Python wif REST/API.
• Providing feedback and insight on designing and scaling of SaaS and cloud-based environments and tools.
• Experience wif Amazon Web Services (AWS), including EC2, Network, ELB, and S3
• Worked on google cloud platform (GCP) services like compute engine, cloud load balancing, cloud storage, cloud SQL, stack driver monitoring and cloud deployment manager.
• Excellent experience of Juniper IOS, Cisco IOS, NXOS, BGP, OSPF, EIGRP, MPLS, FCOE and FC environments.
• Experience on Juniper Contrail Cloud, Contrail Edge Cloud, Contrail Enterprise Multiload, Contrail Networking, Contrail Security
• Worked as part of the team to manage enterprise network infrastructure as a Tier-1 Support Engineer.
• Amazon Web Services (AWS) - noledge of EC2, VPC Architecture (Security Groups/ACLs, Subnets, Routing Tables, etc), Storage concepts (EBS/S3/Glacier), Multi-region/Multi-AZ zero downtime architecture, and ‘cloud optimized’ infrastructure
• Managed and implemented the tasks for subdomain additions along wif Wild card to it.
• Experience wif Cisco network hardware including Meraki.
• Monitored Splunk and Nagios for overall Enterprise network management system.
• Troubleshooting issues related to STP, RSTPand V Lan allocation in Organization for maintaining Layer 2/3 Switching intact.
• Experience wif design and implementation of Virtual Switching System (VSS) for both User segment and server segment using 6509 catalyst switches.
• Performed migrations from Check Point firewalls to Palo Alto using the PAN Migration Tool MT3.3
• Setup GCP Firewall rules to allow or deny traffic to and from the VM's instances based on specified configuration and used GCP cloud CDN (content delivery network) to deliver content from GCP cache locations drastically improving user experience and latency.
• Responsible for designing, documenting, and implementing network infrastructure for both on-prem and hybrid cloud infrastructure.
• Working Knowledge on DDI automation functions, libraries, and software’s we used by providing the solutions to the operational needs.
• Experience working on firewalls like Palo Alto, Cisco ASA configurations.
• Strong experience directly related to cloud computing (i.e. AWS, Azure, Private)
• Experience wif building, delivering, and managing Cloud services in AWS and Azure
• Experience working on installation and configuration of F5 Load balancers LTM GTM
• Worked in the support of some security firewalls.
• Policy Reviewing, Audit and cleanup of the un-used rule on the firewall using Firemon
• Configuring Cisco 2900/3500 switches wif STP, RSTP, and RPVST to avoid loops.
• Experience wif equipment from Cisco, Meraki, Aruba, Juniper, Palo Alto, and other major Network vendors.
• Hands-on experience in configuring VPC, VDC and ISSU Software upgrades on Cisco Nexus 7010.
• Used Chef for configuration management of hosted Instances wifin GCP.
• Daily monitored the tools (HP service manager, Host master) for ticket completions of DNS/DHCP changes. Validated and issued stealth master deployments every day after the business hours to push the changes into production.
• Responsible for handling Leveraged tools like Ansible, Puppet, Terraform, CloudFormation, Helm, and thoughtful scripting, code generation, template processing to automate configuration and deployment.
• Able to administer and operate large scale cloud and network infrastructures to support SaaS operations for high-profile customers.
• Helped in removing the NTP devices/appliances from Nagios monitoring and in logical decommissions of various servers.
• Deployed the DDI automation software into production by finding out the errors dat comes up. Automated the XHA failover for our stealth masters in complete environment.
• Expert level network and toolset experience in AWS, Azure and/or GCP
• Deployed Palo Alto firewalls using Confidential NSX through L2 and L3 interfaces on models such as VM-300, VM-500, and VM-1000-HV
• Experience in configuring GLBP on Cisco Catalyst switches.
• Built aVPC, established the site-to- site VPN connection betweenData CenterandAWS
• Support routing protocols including BGP and OSPF routing, HSRP, Load Balancing/Failover configurations, GRE Tunnel Configurations, VRF configuration and support on the routers.
• Set-up databasesin GCP using RDS, storage using S3 bucketand configuring instance backups to S3 bucket. Prototype CI/CD system wif GitLab on GKE utilizing kubernetes and Docker for the runtime environment for the CI/CD systems to build and test and deploy.
• Troubleshooting issues using advanced techniques such as TCPDUMP, FW Monitor.
• Experience wif Cisco Meraki wireless managed network infrastructure.
• Newly build datacenters are in place and provided our costumers the Ip addressing space globally to deploy their devices on network.
• Configured Cisco VPN Concentrator 3060 for VPN Tunnel wif Cisco VPN
• Experience wif AWS and VMC (VMware Cloud on AWS): AWS Core Services
• Hardware/software client and PIX/ASA firewall.
• Configuring and implementing Security/NAT rules on Cisco ASA 7.x,8.x/PIX firewalls.
• Provides support on Complex infrastructure changes. Handles daily operational awareness, monitoring and ticketing in the DDI space.
• Experience working wif Bluecoat proxy for troubleshooting issues of traffic.
• NTP infrastructure provides a robust infrastructure for synchronizes all system clock and PTP provides a higher accuracy to it.
• Building/Maintaining Docker/ Kubernetescontainer clusters managed by KubernetesLinux, Bash, GIT, Docker, on GCP
• Migrated from Cisco ASA to Palo Alto firewalls.
• Conduct systems design, feasibility and cost studies and recommend cost-effective cloud solutions such asAmazon Web Services (AWS)
• Provided a restful services API fulfilling DNS, DHCP and IPAM.
• Knowledge on working wif Wireless LAN Controller's, Cisco Meraki, Cisco AP's, Standalone AP's and Mesh AP's.

Environment: OSPF, BGP, VLAN, STP, Nagios, RSTP, PTP, Cisco Nexus 7010, NAT, PAT, Splunk, GLBP, TUNNELING, Cisco VPN, Ether- Channels, Bluecoat, NTP, API.

Confidential, Minneapolis, MN

Sr. Network Security Engineer

Responsibility:

• Worked on Cisco or Juniper routers, switches, TCP/IP, DHCP, DNS, wireless LAN/WAN, Multicast, QoS, STP, VTP and VLAN’s; Network Security (IPSec Tunnels), Suite B security concepts, Routing Protocols like OSPF, EIGRP, BGP and Gateway Redundancy Protocols like HSRP, VRRP, and GLRP.
• Working noledge of VSS, VPC, LACP, PAGP, VRFs, IPSEC/GRE SSL VPNs, VLANs, QoS, and VIP
• Working noledge of Nexus, Cisco IOS, Cisco 7200, 6500,4500,4900,3700 series switches, ASRs,891 routers, WLC, Aps, WISMs, Nokia Firewalls, web sense, checkpoint, wire sharks, Cisco, WCS.
• Completing work order tasks for commissioning /de-commissioning devices on the network
• Provide technical post-sales design and implementation services ofInfoblox/DHCP/IPAM and Security products
• Juniper ACX Series routers for metro
• Build servers using GCP, importing volumes, launchingEC2, RDS, creating security groups, auto-scaling,load balancers(ELBs) in the defined virtual private connection.
• Juniper SRX series products, ATP, Sintel, Contrail Security etc.
• Configuring switch ports, access & trunk links, static routes, load balancing, updating IOS etc.
• Prioritizing and assigning the workflow tasks and incident tickets while maintaining SLAs
• Updating access-list, IPS filters NATs/ security rules, clearing unwanted bi-directional NATs
• Configured windows USER-ID agent to collect host information using Palo Alto Global Protect.
• Plan, design, and implement solutions for WAN, LAN, QOS, DMZ, firewalls, VPN, Cloud Services, and security architecture across enterprise networks.
• Troubleshoot and resolve issues.
• ASA Firewallseries.
• Managed the F5 Big IP LTM, GTM appliances to include writing I Rules, SSL offload and everyday task of creating WIP and VIPs.
• Cisco ASA/Checkpoint Firewalltroubleshooting and policy change requests for new IP segments dat either come online or dat may has been altered during various planned network changes on the network.
• Planning to move fromVCLOUD to GCP.
• Troubleshooting issues using advanced techniques such as TCPDUMP, FW Monitor
• Good noledge on DHCP, BGP, multicast.
• Experience wif Fiber-optic cabling including terminations, standards, and troubleshooting skills.
• Configurations of load balancing in F5, SSL/VPN connections, Cisco ASA Firewalls, and related network security measures.
• Experience in configuring, deploying and deployment of Cisco Security Manager (CSM) for management of Cisco
• Experience wif Ethernet LAN(Local area Network) topologies
• Worked on Cisco ASA VPN devices, Experience wif IDS/IPS Platforms.
• Has working noledge about F5 load balancers, GTM, ASM, WAF balancers
• Experience in configuring HSRP, GLBP on Cisco Catalyst switches.
• Has worked noledge on wifVXLANconfigurations on 7K, 9k switches platform.
• Migrated applications to the PKS,GCPcloud.
• Designed and configured Juniper routers wif OSPF and BGP, ISIS, Multicast.
• Analyze and provide reports to management about capacity planning and trend analysis
• Maintain and monitor all infrastructure hardware.
• Setup UNIXNTPservers to ensure dat all cameras has the proper time stamps.
• Documentation and creating policies and baseline configurations.
• Experience wif TCP/IP protocol and Microsoft Visio.
• Collaborate wif Service Providers to process circuit orders and facilitate installation schedules.

Environment: Access-list, Nat’s, VSS, VPC, IPSEC, SSL, Wi-Fi, QOS, VIP, DHCP, Ethernet LAN, HSRP, GLBP, Cisco Catalyst Switches, Juniper, TCP/IP, Fiber OPTIC, F5, Cisco ASA, CSM, Checkpoint.

Confidential, Plano, TX

Network Security Engineer

Responsibility:

• Assisted in design and deploying of cisco UCS network.
• Implements Network hardware and software using industry policies and standard procedures.
• Experienced in Configuring Checkpoint Firewall (Version R62, R65 R71 and R80) and Cisco ASA Firewallsas Standard and Distribution deployment to has the network secure and maintained Site to Site VPN connection through the Firewalls.
• Good working noledge on DHCP, BGP, multicast.
• Evaluates and recommends Network hardware and software as well as service.
• Providers.
• UseSolar Winds and wind-shark to manage, monitor and administer the Network.
• Develops backup procedures and methods to ensure maximum Network systems.
• Acts to improve network system reliability by providing ongoing testing, tuning and troubleshooting.
• Redesigned Corporate MPLS WAN system and DMVPN Network.
• Installing, Configuring, Maintaining, troubleshooting, Administration of Cisco, Palo Alto and Checkpoint Firewalls.
• Experience wif configuring, supporting, and troubleshooting security products including Cisco ASA, Cisco, IDS solutions, and others.
• Experience wif F5 load balancer LTM, GTM, ASM, WAF
• Worked on Citrix NetScaler Access Gateway and F5 load balancersfor creating SSL Client-Server.
• Experience wif Ethernet LAN(Local area Network) topologies
• Made changes to Palo Alto Firewalls, Cisco ASAs, Cisco Nexuses, and Cisco routers and switches to ensure optimal network operations.
• Assisted in the migration of firewallrules set from Legacy Cisco ASA to Palo Alto firewall using Palo Alto migration tool 3.0.
• Working noledge of IPSEC/GRE SSL VPNs, VLANs, QoS, and VIP
• Strong hands-on experiences CiscoRouters 4300, 4400, 4500, 2900, 3800, Switches 3850, 4500, 9300, 9400, 9500, 6500, 6800 series.
• Maintaining OSPF, EIGRP and static routing protocol on CISCO routers and catalyst switches.
• Configuring and troubleshooting cisco 1800, 1900, 2800, 3800, 3900 series routers and cisco Nexus 9K, 7K, 5K, 6500, 4900, 3750 series catalyst switches.
• Setup TFTP server to maintain CISCO router configurations and CISCO images. Worked on network hardware and software upgrades.
• Configured HSRP, VLAN Trunking 802.1Q, VLAN routing on Cisco Catalyst 3550/4500/6500 Switches.
• Designed and configured Cisco ASA firewalls wif OSPF and BGP.
• Worked on Cisco ASR series routers, NXOS and OTV.
• Worked wif project managers to determine networking requirements and provide the enterprise users wif the best solutions to their networking problems from an institutional perspective.
• Implementation of Checkpoint Firewall 4.1 to protect and authenticate local-net and DMZ. Defined policies, NAT and anti-spoofing for internal, external networks as well as Internet gateways.
• Troubleshoot User connectivity issues on Checkpointand Cisco ASA using CLI utilities.
• VPN connections for customers, administer DHCP,NTP, DHCP Snooping, Port Security, manage wireless network, creating and managing VLANs, solve network related user.
• Firewalldeployment, rules migrations, Firewalladministration and migrating existing rule onto Palo Alto Firewalls.
• Experience in configuring Cisco ASA Firewalls 5540/5550/5585 using CLI, Cisco CSS,
• CSM, ASDM for day-to-day maintenance.

Environment: Cisco UCS, MPLS WAN, DMVPN, Checkpoint R62, R65, DHCP, NTP, Infoblox, BGP, Multicast, Solar Winds, IPSEC, SSL, VPN, OSPF, EIGRP, Cisco Nexus, Cisco ASA firewalls, Palo Alto firewalls, CSM, ASDM, CSS, NXOS, OTV, Cisco Nexus 6500, 4900, 3750,9000, Cisco routers and switches, F5 LTM, GTM.

Confidential, Oakland, CA

Network Engineer

Responsibility:

• Worked as part of the team to manage enterprise network infrastructure as a Tier-1 Support Engineer.
• 85\PS, Ether-Channels, STP for creating and Maintaining Access/Distribution and Core layer switching architecture.
• Configuring Cisco 2900/3500 switches wif STP, RSTP, and RPVST to avoid loops.
• Experience wif design and implementation of Virtual Switching System (VSS) for both User segment and server segment using 6509 catalyst switches.
• Configure STPfor switching loop prevention and VLANsfor data and voice along wif Configuring port security for users connecting to the switches.
• Hands-on experience in configuring VPC, VDC and ISSU Software upgrades on Cisco
• Nexus 7010.
• Configuring Static NAT, Dynamic NAT, and PAT overload.
• Assisting the teams in configuring LAN/WAN technologies such as
• Ethernet, Fast Ethernet, Gigabit Ethernet.
• Experience in configuring GLBP on Cisco Catalyst switches.
• Support routing protocols including BGP and OSPF routing, HSRP, Load Balancing/Failover configurations, GRE Tunnel Configurations, VRF configuration and support on the routers.
• Troubleshooting issues using advanced techniques such as TCPDUMP, FW Monitor, OPNET packet capture, PCAP analysis using Wireshark, firewall rule base
• Audit and MOP (Method of Procedure) for firewall and proxy.
• Configured Cisco VPN Concentrator 3060 for VPN Tunnel wif Cisco VPN
• Hardware/software client and PIX/ASA firewall.
• Configuring and implementing Security/NAT rules on Cisco ASA 7.x,8.x/PIX firewalls.
• Troubleshooting issues related to STP, RSTPand Vlan allocation in Organization for maintaining Layer 2/3 Switching intact.
• Has noledge about configuring technologies like F5 Load Balancing, Security Firewalls.
• Actively used smart view tracker for troubleshooting.
• NTPserver setup and configuration on network devices.
• M3000NTPserver configuration and administration.
• Problem solving support for issues affecting B2B, Internet and VPN, Routing, traffic and log analysis.

Environment: OSPF, BGP, VLAN, STP, RSTP, Cisco Nexus 7010, NAT, PAT, GLBP, TUNNELING, Cisco VPN, Ether- Channels.