SUMMARY

• 7+ Years of experience in networking, security, installing, configuring and maintainingnetwork devices.
• Good understanding of networking concepts such as routing protocols, VLANs, IP address management andnetworksecurity.
• Experience in Cisco Routing, Switching and Security with strong Cisco hardware/software experiences with Cisco Routers such as 1900, 2900, 3900, Cisco ASR - 1k/9k, Cisco Multilayer Switches 4500, 6500, Cisco Nexus 2k/5k/7k/9k.
• Expertise in Configuration of VLANS, using Cisco Multilayer switches and supporting STP, RSTP, PVST, RPVST along with troubleshooting of inter-VLAN routing and VLAN Trunking using 802.1Q.
• Researched, redesigned, and redeployed UNIX server and applications LDAP clients to authenticate directly to Windows Active Directory Global Catalog server.
• Support enterprise internal/external BIND and Infoblox DNS/DHCP environment.
• Administering Firewalls i.e. Cisco/Checkpoint, Evaluate firewall access control requests to ensure they confirm to Company'ssecuritystandards and policies, applicationsecurityreviews using vulnerability assessment tool i.e. ISS InternetSecuritySystems (IBM's) for application level vulnerability assessment & Solar Winds for performance monitoring.
• Hands-on experience on Checkpoint Firewall R77, Palo Alto and Cisco ASA 5520 firewalls.
• Proficient in using firewall technologies including general configuration, security policy, rules creation and modification of Cisco ASA, Juniper SRX and checkpoint.
• Strong understanding of current and future technologies including TCP/IP, IPv4/v6, RIP, EIGRP, OSPF, BGP, Frame Relay, ACL, VPN, Wireless LAN and configuration of VLANs.
• Experience with Cisco IOS, cat OS, Cisco IOS XR and JUNOS.s
• Experience in deploying and maintaining layer 7 appliances like Infoblox.
• Proficiently implemented traffic filters using Standard and Extended access-lists, Distribution lists, Route-maps and Route Manipulation using offset-list.
• Great knowledge and good hands on experience in CISCO source fire and its products.
• Expertise in IP Subnetting and worked on various designing and allocating various classes of IP address to the domain.
• Experience in configuring and Troubleshooting BIG-IPF5load balancer LTM.
• Configured Infoblox failover using Infoblox DHCP that is based upon ISC DHCP modes on f5 management system.
• In-depth understanding of UDP and TCP protocols.
• Responsible for check point and Cisco ASA firewall administration across globalnetworks.
• Worked on ASR 1000 series routers.
• Configured DNSand DHCP for servers usingInfoblox.
• Worked on Load balancer F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Established relationships andnetworkconnectivity with vendors via site to site VPN.
• In-depth knowledge and hands on experience in Tier-2 ISPRouting policies,NetworkArchitecture, IP Subnetting, VLSM, TCP/IP, NAT, DHCP, DNS, Firewalls.

TECHNICAL SKILLS

Routing Protocols: RIP, RIPV2, IGRP, EIGRP, OSPF, BGP, TCP/IP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS HSRP, VRRP, GLBP, TACASS+, Radius, AAA

CISCO Routers: Nexus 7K, 5K, 2K & 1K, Cisco routers (7600, 7200, 3900, 36002800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series) Huawei AR Series Routers

Antivirus & Endpoint protection: Cisco CSA, Symantec Enterprise Edition, MacAfee Enterprise Edition.

Security & VPN: PIX 500 Firewall, ASA 5505 Firewall, AIP SSM, CSC, SSM, FWSM, FortiGate, Cisco CSM, ACL-Access Control List, IPS/IDS, NAT, PAT, Cisco ACS, and Juniper Net screen firewall, Windows Patch Management (WSUS).

LAN Technology: Workgroup, Domain, RSTP, VLAN, STP, VTP, Ethernet, Fast Ethernet, Gigabit Ethernet&10 Gigabit Ethernet,802.1q

WAN Infrastructure: Leased Line, ISDN/Dial-Up, and Frame Relay circuits, Metro Ethernet.

WAN Technologies: HDLC, PPP, ATM, SONET, MPLS, VPN, IPsec-VPN.

Juniper: EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240

Operating Systems & Tools: Cisco IOS, Windows NT 4.0 (Desktop/Server), Windows 2000/2003/2008 Server, Windows XP/Windows 7/8, LINUX, Solaris, Active Directory, Apache Server

Network Security: ACL, IPSec, VPN, Port-security, AAA, Zone-Based Firewalls, IOS based router security firewalls, IDS/IPS, Palo Alto firewalls.

Network Technologies: MANET, SONET, TDMA, FDMA, CDMA. DSL, POP3

PROFESSIONAL EXPERIENCE

Confidential, Lebanon, NY

Sr. Network Engineer

Responsibilities:

• Installed, Configured, and maintained 2600, 3600, 7613 Cisco Routers and 3750, 4500, 6500 series Cisco Switches.
• Worked on server's migration and understanding the VMware and virtualization which connected to End of life and End of support switches from 3560, 3750, 3850 etc. which are having no dual power source to the Nexus-5x as part of power redundancy.
• Experienced in configuring Site-to-site and remote access VPN solutions.
• Configured networks using routing protocols such as RIP, OSPF, and BGP and troubleshooting L2/L3 issues.
• Provided estimated bandwidth requirements for data replication, to best determine adequate timing for migration service levels
• Executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs
• Management tools, AppVision, Solarwinds, SNMP, Syslog, Sniffer, and Wireshark.
• Experience in Layer 3 Routing protocol configurations: RIP, EIGRP, OSPF, BGP, & MPLS.
• Helped with time-to-time upgrade network connectivity between branch office and regional office with multiple link paths and routers running HRSRP, EIGRP in unequal cost load balancing to build resilient network.
• Designed and implemented Catalyst/ASA Firewall Service Module for various LAN's.
• Key contribution includes troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF, & BGP.
• Configured Client VPN technologies including Cisco's VPN client via IPSEC.
• Providing technical security proposals, detailed RFP responses, and security presentation, installing and configuring ASA firewalls, VPN networks and redesigning customer security architectures.

Confidential, Irvine, CA

Network Security Engineer

Responsibilities:

• Managing location specific Cisco ASA Firewalls and data center internet gateway firewalls.
• Handling new application load balancing requirements through F5 devices.
• Performing network monitoring, providing analysis using various tools like Wireshark, Solar winds, riverbed etc.
• Integrating new locations with existing MPLS Network and enabling standard corporate application access.
• Experience working in Datacenter environment, configuration changes as per the needs of company.
• Provided an execution and tracking for end users.
• Configured and managed Cisco access layer routers and switches & carried out route redistribution & manipulated route updates using distribute lists, route-maps & administrative distance, and offset-lists.
• Configured routing protocols like EIGRP, OSPF & BGP and troubleshooting layer3 issues.
• Implemented Quality of service (QoS) to increase bandwidth utilization in LAN and WAN interface using RSVP and Packet prioritization.
• Maintained TACACS+ and RADIUS servers for AAA and user authentication.
• Configured PVSTP+ for loop prevention and VTP for Inter-VLAN Routing.
• Provide second/third level technical support for ACI (Application Centric Infrastructure) technologies.
• Support third party technologies within the ACI ecosystem such as VMware ESX, OpenStack.
• Involved in design, implementation of checkpoint.
• Checkpoint Firewall upgrade from Checkpoint R65 to Checkpoint GAIA R77.
• Monitoring Traffic and Connections in Checkpoint and ASA Firewall.
• Configuration of HSRP for load balancing on L3 switches on different location of office on the switched network.

Confidential, Washington, DC

Sr. Security Engineer

Responsibilities:

• Work on Checkpoint Platform including Provider Smart Domain Manager. Worked on configuring, managing and supporting Checkpoint Gateways.
• Access Point refresh and implementation at various sized branches and locations.
• Build IT security infrastructure including Checkpoint, Juniper and Palo Alto firewalls
• Configuring F5 Load Balancers: Adding virtual IPs, nodes, pools and health monitoring.
• Backup and restore of checkpoint and Cisco ASA Firewall policies
• Handling Break/Fix situations, monitor, configure, policy creation on Checkpoint's Smart Center Server running on Secure Platform
• Monitoring Traffic and Connections in Checkpoint and ASA Firewall
• Manage project task to migrate from Cisco ASA firewalls to Check Point firewalls
• Tested Juniper's router in comparison with Cisco routers that resulted in better performance and reduced cost.
• Configured and managed OSPF redistribution and authentication with type 3 LSA filtering and to prevent LSA flooding and configured OSPF over frame relay networks.
• Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes.
• Working on Cisco Routers and Switches and Wireless networks 802.11a/n at Enterprise level
• Implemented and supported Serve firewall solutions and VPN (Checkpoint).
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design
• Analyzed and tested network protocols (Ethernet, TCP/IP) mistreatment Wire shark tool.
• Provide step-up support to L1 members of network team.

Confidential

Network Engineer

Responsibilities:

• Involved in configuring and implementing of Composite Network models consists of Cisco 7600, 7200, 3800 series routers and Cisco 2950, 3500, 5000, 6500 Series switches.
• Worked on conversions to BGP WAN routing, which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) that involves new wan links.
• Replaced branch hardware with new 3900 routers and 2960 switches.
• Configured firewall switch module on Cisco 6506 distribution layer switches, configuring VTPs, trunking, NAC product, inter-Vlan routing, port fast, uplink fast, backbone fast on access layer switches.
• Enabled STP attack mitigation (BPDU Guard, Root Guard), Using MD5 authentication for VTP
• Planned and installed Frame Relay WAN links to the branch offices.
• Maintained wireless access points at various locations in the company.
• Configured and troubleshot OSPF routing protocol on the corporate network.
• Switching experience includes Cisco Catalyst switches: Cisco 3750, 4500, 6500 series switches.
• Worked on Cisco IOS Firewall Intrusion Detection system extensively
• Troubleshot issues related to VLAN, VLAN Trunking, HSRP failovers, related issues.

Confidential

Network Engineer

Responsibilities:

• Supporting EIGRP and BGP based PwC network by resolving level 2 &3 problems of internal teams & external customers of all locations.
• Responsible for Juniper and Cisco ASA firewall administration across global networks.
• Upgrade Cisco Routers, Switches and Firewall (PIX) IOS using TFTP
• Handled SRST, implemented, and configured the Gateways, Voice Gateways.
• Configuring HSRP between the 3845 router pairs for Gateway redundancy for the client desktops.
• Configuring STP for switching loop prevention and VLANs for data and voice along with Configuring port security for users connecting to the switches.
• Ensure Network, system and data availability and integrity through preventive maintenance and upgrade.
• Configured and installed Cisco routers 2500, 2600, 3601 and 4000 series.
• Worked in Network building and Network infrastructure management team.
• Recovered lost passwords and created standard access-lists and extended access list for new users.
• Support the project manager in defining the work and the associated effort, duration, and resource needs to deliver the solution.