SUMMARY

• Accomplished Network and Security engineering professional with 7+ years of real time experience in designing, deploying, migrating & supporting critical multi - site redundantNetworkenvironments.
• Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• PerformCheckpointand PIX firewall/IDS design, integration & implementation for Cyber Trap client networks.
• Hands on experience on configuring Cisco ASA 5540, 5580 firewalls.
• Experience in installing, configuring and troubleshooting Checkpoint Firewalls.
• In-depth in preparing Technical Documentation and presentations using Microsoft VISIO/Office
• Designed 10 gigabit networks using Cisco Nexus 7000 series switches, Checkpoint NGX firewall and Cisco 3800 series routers
• Good knowledge of CISCO NEXUS data center infrastructure with 5000 and 7000 series switches includes (5548, 7010) including CISCO NEXUS Fabric Extender (223, 2248)
• Experience working with Juniper JUNOS version 12 and Version 13 for routing and switching protocols.
• Responsible for checkpoint and Cisco ASA firewall administration across global networks.
• Checkpoint level 3 operations support with hardware operation and fixed all problems.
• Good understanding of NAT & Firewall on Aruba Controllers.
• Strong hands on experience on PIX Firewalls, Palo alto, ASA (5540/5550) Firewalls. Implemented Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience.
• Enterprise experience with Nexus models like 7K, 5K, 2K series.
• Experience in configuring VDC, VPC and FCOE, upgrading NX-OS for Nexus Family Switches.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Expertise in Migration ofFirewallsfrom Nortel Contivity to ASA, ASA to Checkpoint, Checkpoint to Palo altoand Vice Versa
• Supporting and troubleshooting Checkpoint/Cisco site-to-site VPN/IP Sec functionality.
• Experience on working, implementing, configuration and managing Juniper SA 2500/4500/6500 SA devices with secure access services 7.1/8.0.
• Performing theJuniperSRX 5800 deployment to replace the Crossbeam/Checkpoint firewalls.
• Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS)
• Hands on experience in configuring and supporting site-to-site and remote access Cisco, IPSec, VPN solutions using ASA/PIX firewalls, Cisco and VPN client.
• Good knowledge on Juniper SRX240, SRX220 and SRX550 series Firewalls.
• Implemented Positive Enforcement Model with the help of Palo AltoNetworks.
• Experienced in handling and installing Palo Alto Firewalls with exposure to wild fire feature of Palo Alto Networks.

TECHNICAL SKILLS

Cisco Platforms: Nexus 7K, 5K, 2K, 1K

Cisco Routers: 1700,1800,2500,2600,2800,3600,3800,3900,7200,7600

Cisco L2 & L3 Switches: 2900,3500,3560,3750,4500,4900,6500

Juniper Platforms: SRX, MX, EX Series Router and Switches

Networking Concepts: Access-lists, Routing, Switching, Sub netting, Designing, CSU/DSU, IPsec, VLAN, VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi

Firewall: ASA Firewall (5505/5510), Checkpoint, Cisco ASA

Network Tools: Solar Winds, SNMP, Cisco Works, Wireshark

Load Balancers: Cisco CSM, F5 Networks (Big-IP)

Wan Technologies: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3,0C3, T1 /T3 & SONET

Lan Technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channelVLANS, VTP, STP, RSTP, 802.1Q

Security Protocols: IKE, IPSEC, SSL-VPN

Networking Protocols: RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA, IPv4 and IPv6

Operating System: Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix

Documentation: MS Office, MS Visio

PROFESSIONAL EXPERIENCE

Confidential, Santa Ana, CA

Sr Network Engineer

Responsibilities:

• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
• Design, configuration, and support of Cisco Nexus Platforms (Nexus 2000/5000/7000 )
• Designing MPLS VPN and QoS for architecture using Cisco multi-layer switches.
• Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS switching for stable VPNs.
• Configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures.
• Configured Cisco routers for MPLS VPN connectivity and VRF tables on edge routers for customer usage of the MPLS network.
• Configure/upgrade wireless access points and am familiar with Cisco wireless controllers.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs.
• Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525) & ASA 5500(5510/5540) Series
• Configured IPsec site-to-site VPN connection between Cisco VPN 3000 Concentrator and Cisco 3800.
• Responsible for everyday tasks related toJuniperSRX Firewalls, Space Changes, and Iron Port Proxy Traffic.
• Collaborated with thenetworkengineers to identify areas of high risk that can be resolved using ISE
• Creation of Firewall policies as per the requirements on Checkpoint, ASA, FWSM, and Juniper Firewalls.
• Configuration and implementation of Juniper andPaloAltofirewalls.
• Configured Protocol Handling, Object Grouping and NAT on ASA Firewalls (5505).
• Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate Authority for purpose of scaling.
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000
• Advanced knowledge in Design, Installation & configuration of Palo Alto & Checkpoint Provider Juniper ContrailSDNdeployment assistance to the senior engineering team
• Experience deploying BIG-IP F5LTM Load Balancers for load balancing and traffic management of business application
• Responsible for Checkpoint firewall management and operations across our global networks.
• Implemented site to site VPN in Juniper SRX as per customer and various EX, SRX & J series Juniper devices.
• Working on security devices ASA, Juniper, Palo Alto Firewalls, Routers, and Switches.
• Implementation of secure enclaves withPaloAltoand ASA firewalls
• Remote access and site-to-site VPN administration using Cisco ASA/ASR andPaloAlto
• Team member of Configuration of Cisco 7206 router with VPN and Configuration of Catalyst switches.
• Implemented Site-to-Site VPNs over the Internet utilizing 3DES, AES/AES-256 with ASA Firewall 5505.
• Responsible for NAT traffic flow in theJuniperSRX 3600 and supportJuniperSpace.

Confidential, Irvine CA

Network Security Engineer

Responsibilities:

• Designed application mapping and application delivery using F5 BIG IP LTM.
• Design/install/Configure Nexus 7k, 5k and 2k switches, PAN firewall and Netscaler Application load balancer.
• Installed and designed four PIX 525 and two ASA 5505 in client areas. Notwithstanding that, arranged two PIX firewall for the Guest access.
• Configured IPsec VPN access for client to site remote access.
• Configured and implemented Nexus 5K and 2K in lab environment
• Configuration of firewalls 5520 series ASA for business to business connectivity and application of ACL rules for network traffic.
• Configuring and managingF5ASM (Application security manager). Develop security policies.
• Creating new nodes and Pools in F5 load balancers to support newly added servers in Layer 3 environment.
• Implemented site to site VPN with IPSEC via. GRE ISKAMP
• Implemented Cisco site to site VPN for partnering with different partners around the world.
• Create and test Cisco router and switching operations using OSPF routing protocol, ASA 5500 Firewalls, and MPLS switching for stable VPNs.
• Technical Knowledge on Cisco PIX/ASA series,JuniperNet screen/SRX firewall gateways.
• Involved in the redistribution into OSPF on the core ASA firewall.
• Working experience on upgrading Checkpoint old devices/Software to new platforms like R70 to R75.
• Implementing and maintaining Network Management tools (OPAS, Solar Winds, Cisco Works)
• Worked withNetworkEngineer's in the installation and configuration of firewalls.
• Experience with configuring BGP in the data center and using BGP as a WAN protocol and manipulating BGP attributes.
• Responsible for Cisco ASA firewall administration across our globalnetworks.
• Involved in the redistribution into OSPF on the core ASA firewall.
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks
• Coordinate activities between departments to ensure uninterrupted business operation
• Experience withCheckpointFirewall policies provisioning.
• Provided technical assistance for LAN/WAN management & troubleshooting and complex customer issues using Network monitoring tools such as Solar winds.
• Migration from Cisco toPaloAltofirewall & Cisco to Checkpoint firewall
• Worked on wireless networking hardware such as Cisco Wireless LAN Controller and AP 1200.
• Working with Cisco ASA 5585-X firewalls with Firewall rules,IPSec VPN, NAT, Active-Standby Failover, OSPF and Any Connect VPN technologies
• Implemented site to site VPN in Juniper SRX as per customer.
• Troubleshot VoIP issues with Cisco Call Manager 8.6; Unity Connections and Presence.
• Experience with converting PIX rules over to the Cisco ASA solution.
• Maintain Security policy by monitoring PIX firewalls (515 and 520).
• Router/ Microsoft VPN Server to get to certain restricted system assets from client areas.
• Established IPSEC-VPN tunnels with ASA 5500 series Firewall between some branch offices & headquarters.
• Experience in working with designing, installing and troubleshooting ofPaloAltofirewalls.

Confidential, San Jose, CA

Network Engineer

Responsibilities:

• Designing and installing new branchNetworksystems. ResolvingNetworkissues, running test scripts and preparingNetworkdocumentation.
• Configuring, Installing and troubleshooting on Checkpoint Devices.
• Successfully executed change on Nexus 9K and 7Ks to support redundant platform.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Working with Juniper JUNOS on M and MX series routers.
• Successfully installed Palo Alto PA-3060 firewalls to protects Data Center and provided L3 support for routers/switches/firewalls.
• Worked on migrating the F5 LTM 5100 version 9.2 to 5100 LTM version 9.4 and F5 GTM configurations
• Responsible for Working in high availability Nexus Environment and provide Layer 3 Network
• Physically deployed new Cisco Nexus devices, Catalyst and Nexus replacement blades, FWSMs, Cisco ASAs, Citrix Netscaler MPX and SDX chassis
• Isolated network traffic via F5 load balancers for GTMs and LTMs
• Created and design network layout and documented the network system design with detail information.
• Responsible for creating, modifying, removing VLAN configs as per the need.
• Migrated Cisco ASA firewall to next generation Palo Alto firewalls.
• Working with wireless technologies troubleshooting and configuration.
• Establishing VPN Tunnels using IPSec encryption standards and configuring and implementing site-to-site VPN, Remote VPN.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
• Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
• Translating Cisco IOS Route maps to Cisco IOS XR Routing policies.
• Working with Cisco Nexus 2148 Fabric Extender and Nexus 5500 series to provide a Flexible Access Solution for datacenter access architecture.
• Implemented Load Balancing between Cisco L3 Switch by HSRP and GLBP.

Confidential

Network Engineer

Responsibilities:

• Installed, and configured Cisco routers (7200, 3600, and 2800) and Cisco switches (6500, 4500, 2950 and 1900 series).
• Configured and resolved various OSPF issues in an OSPF multi area environment.
• Configured network access servers and routers for AAA Security (RADIUS/ TACACS+)
• Implemented static routing, routing protocols (OSPF, and BGP), switching (VLANS, VTP Domains, STP, and Trunking).
• Experience in designing, implementation and operations of enterprise datanetworksasnetwork engineer.
• Enterprise Switching with VLANs, Trunks, Spanning Tree, Port Spanning etc.
• Performed Configuration on ASR 9K Pairs includes HSRP, Bundle Ethernet Config, Assigning DHCP profiles.
• Deployed all Sonus equipment in Data Centers and customer POP's
• Knowledge and skill of 802.11 a/b/g/n LAN normal for wireless Technology.
• Experienced in trouble-shooting both connectivity issues and hardware problems on Cisco basednetworks.
• Performed Port channeling and LACP between downstream devices for vPC configuration.
• Installed and configured CISCO ASA and Checkpoint firewall.
• Involved in the removal of EIGRP from all devices and making OSPF the primary routing protocol.

Confidential

Network Admin

Responsibilities:

• Had a chance to troubleshoot various application issues with respect to F5.
• Configured and managed networks using L3 protocols like RIPv2.
• Designed and implemented remote dial up solution for clients
• Upgrading and managing Linux Kernel on Red Hat Linux 5 &6 & ESX Reboots.
• Configuring IPS, IDS, VLAN, STP, Port security, SPAN, Ether channel in Cisco Composite Networks.
• Configured routers and modems, troubleshot issues related to broadband technologies for Residential and Business Customers.
• Efficient in cabling as per co-location contracts with loop-back testing, including all DS1, DS3, T1, T3, CAT 6 and CAT 5 connections as per defined cabling procedures.
• Installed and configured the ACE and CSM for firewall/Server Load balancing for Cisco Catalyst switches.
• Apache Web Server & MRTG, BIND DNS Server configuration and optimization over UNIX and Active directory implementation of Windows 2003 Server.
• Configured & Maintained Cisco 2600, 2800, 3200 series routers including IOS upgrades.
• Responsible for implementation and day to day operations of all associated hubs, routers, bridges, gateways andNetworkrelated equipment.
• Provide assistance toNetworkManager and serve as SecondaryNetworksupport.
• Monitoring and troubleshooting Server, File System management and migration.
• Worked on necessary tools for Linux/Unix System, and Microsoft Power shell.
• Prompt technical support to customers on routers and switches.