SUMMARY

• Cisco Certified Network Engineer with 8+ years of professional experience in Network engineering, performing Network analysis, design, Implementing, capacity planning with focus on performance tuning and support of large Networks.
• Excellent hands on experience in configuring Cisco Nexus 2248T, 2224T, 5548P, 5596T, 6000, 7010, 7018, 7710, 9kswitches.
• Hands on experience in configuring Cisco Catalyst 2960, 3750, 4500 and 6500 series switches.
• Worked extensively on Cisco Firewalls Cisco PIX (506E/515E/525) & ASA 5500(5510/5540) Series.
• Hands - on experience on IP Addressing, Sub-netting, VLSM and ARP, reverse & proxy ARP, Ping Concepts and Cisco ISE (identity service engine).
• Hands-on experience in implementing and troubleshooting Switch technologies such as STP, VTP, 802.1q, VLAN and MPLS.
• Experienced in configuring, deploying, maintaining, and troubleshooting of routing protocols like OSPF, EIGRP and BGP on Cisco 1800, 2600, 3600, 7200 and 7600 routers
• Proficient in configuring and troubleshooting route Re-distribution between Static, RIP, EIGRP, OSPF, and BGP protocols and also in Route Manipulation.
• Proficient in implementing first hop redundancy protocols like HSRP, VRRP, and GLBP.
• Understand the JUNOS platform and worked with IOS upgrade of Juniper devices
• Hands-on experience in creating security zones and security policies on branch JuniperSRX 240 and SRX 100 firewalls.
• Implemented traffic filters using Standard and Extended access-lists, Distribute-Lists, Route Maps and route manipulation using Offset-list.
• Hands on in deployment of GRE tunnelling, SSL, Site-Site IPSEC VPN and DMVPN.
• Expert in configuring and implementing proxy servers and Authorization, Authentication & Accounting (RADIUS, TACACS+).
• Experiences with Cisco Nexus Fabric Extender (FEX).
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.
• In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Sub netting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 POS OCX / GigE circuits, Firewalls
• Knowledge in configuring and troubleshooting Cisco Wireless Networks: LWAPP, WLC, WCS, Standalone APs, Roaming, Wireless Security Basics, IEEE 802.11 a/b/g, RF spectrum characteristics.
• Hands on Experience in configuring F5 objects, components and provisioning various modules like LTM and GTM
• Experience in using Shellscriptingto automate and solve network issues including problem identification, resolution and reporting.
• Experiences in Deploying & Troubleshooting policy management on Web Proxies.
• Experience with MacAfee and Splunk SIEM tools for log analysis and threat management analysis.
• Expertise in structured cabling, IP address management, Racking, Stacking, UCS management.
• Extensively used the packet capture tools like TCP dump, Wireshark and snoop on the devices to identify the potential network issues.
• Proficient in using Network Management Application layer software’s like SNMP, Solar winds,HP Open View, NTP and Syslog.
• Monitoring, analysing & reporting network traffic events and 3-way Handshake process on Real Time Monitoring on Cisco Firewalls.
• Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tools.

TECHNICAL SKILLS

Cisco Routers: 1600,1700,2600,2800, 2900, 3600, 3800, 7200 and 7600

Cisco L2 & L3 Switches: 1900,2900, 3560, 3750, 4500, 4900, 6500

Cisco Nexus: 5020,5548,5596T,2148,2248TP,2348UPQ,7010,7702

Juniper: EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240

LAN Technologies: Ethernet, Fast Ethernet, and Gigabit Ethernet, SMTP, VLAN, Inter-VLAN Routing, VTP, STP, RSTP, Light weight access point, WLC.

WAN Technologies: Frame Relay, PPP, HDLC, (E1/T1/E3T3), DS3, OC192.

Network Security: Cisco ASA, ACL, IPSEC.

OS products/Services: DNS, DHCP, Windows (2000/2003/2008 , XP), UNIX, LINUX.

Routing Protocols: OSPF, EIGRP, BGP, ISIS, VRF, PBR, Route Filtering, Redistribution, Summarization, and Static Routing.

Gateway Load Balancing: HSRP, VRRP, GLBP, EBGP

Various Features / Services: IOS and Features, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP and FTP.

Network Management Tools: Wireshark, Net flow Analyzer, Cisco Works, Ethereal, SNMP, HP open view.

Security Server Protocols: TACACS+, RADIUS.

Facilities: DS0, DS1, DS3, OCX, T1/T3

Load Balancers: Cisco CSM, F5 Networks (BIG-IP) LTM 8900, BIG-IP GTM 6800, Cisco ACE 4710.

Operating Systems: Windows (98, ME, 2000, XP, Server 2003/2008, Vista, Windows 7/8), CentOS, Ubuntu, IOS.

Firewall & Security: Checkpoint (R62, R65, R70, NGX), Cisco ASA, Palo Alto, Juniper SRX, fortigate 5000-series.

PROFESSIONAL EXPERIENCE

Confidential, Germantown, MD

Sr. Network Engineer

Responsibilities:

• Configured, installed and deployed Nexus 7K switches at the core and distribution levels.
• Experience configuring VPC(Virtual Port Channel), VDC(Virtual Device Context) in Nexus 7010.
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000.
• Responsibilities include configuration and installation of End of life Cisco Network hardware and assisted in migrating the access switches to the network.
• Involved in L2/L3 Switching Technology administration including creating and managing VLANs, VTP, Dot1Q,Port security, Trunking, Ether channel, STP, SVI, LAN security.
• Configured and resolved various OSPF issues in an OSPF multi area environment on CISCO 2800, 3945.
• Configured and played with various BGP attributes such as Local Preferences, MED, Extended Communities, AS path manipulations, Route-Reflector clusters, Route-maps and route policy implementations. .
• Cisco Secure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN 3000 Concentrator.
• Configuring, Installing and troubleshooting on Check Point Devices.
• Created ACLS based on certain requirements at the client side to access the internal network and the internet.
• Configured L2/L3 Ether-Channels to increase bandwidth on core and distribution switches.
• IOS Upgrade in CISCO 6500 switch and 2800, 3845, 3945 routers.
• Implementation and configuration of ASA 5520 in failover along with the CSC module as per the customer requirement.
• Implemented clientless SSL VPN on ASA 5500-x platforms.
• Experience working with the Cisco IPS module which allows IDS or IPS inspection of all traffic passing through the firewall
• Configuring RADIUS and TACACS+ authentication on Cisco ASA firewalls.
• Worked with monitoring tools involving Tripwire, Log-Rhythm and Source-Fire.
• Assisting with ongoing tuning of the SIEM, case management tool and reports, and the creation and maintenance of event response runbooks/documentation.
• Predominantly set up, configured and maintained a Windows server and Network Equipment on a TCP/IP network.
• Experience with Solarwinds Orion and Solarwinds Network Performance Monitor (NPM) v12 for network monitoring, troubleshooting, USB filtering.
• Configured Cisco Firepower Management policies for web traffic filtering and IDS/IPS protection
• Experience with evaluating, designing, developing, implementing and/or integrating security solutions may include, but are not limited to: SIEM (QRadar, Splunk, Arc Sight) and Vulnerability Management (Nessus).
• Event analysis and correlation using multiple log sources including Windows / Linux / Cisco ASA systems and SIEM solutions.
• Correlate and analyse log events within Cisco ISE to view, verify, evaluate, and identify on site network devices that may need to be up-to-date with antivirus, updates, and patches.
• Dealt with NAT configuration and troubleshooting issues related access lists and DNS/DHCP issues within the LAN network.

Confidential, LA, CA

Network Engineer

Responsibilities:

• Configured Easy VPN server and SSL VPN to facilitate various employees’ access internal servers and resources with access restrictions.
• Responsible for entire company network infrastructure that includes Cisco Switches, Routers, Firewalls, Access Points, Servers and PBX.
• Configuring and implementation of Juniper Firewall, SSG Series, and Net screen Series ISG 1000, SRX Series.
• Implementation of Site-to-Site VPNs and DMVPN over the internet using IKE Phase 1 and IKE Phase 2 based on traffic with ASA 5500 series Firewalls.
• Deployed Cisco Catalyst 4900 switches, Nexus 7K, 5K and 2K switches, Juniper SRX and SSG firewalls and Juniper M and MX series routers as part of an enterprise wide technical refresh effort in both classified and unclassified environments.
• Managed and deployed a variety of Cisco Catalyst Switches, Cisco Routers and Cisco ASA 5520 Firewalls
• Investigated security incidents and developed response to incidents
• Analyze currentnetwork.to find sub-optimal design and configuration instances and design methods to improve the operational efficiency of currentnetwork.
• Configured Juniper MX480s, EX8200s, EX4500s, EX4200s, from scratch to match design.
• Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering using Route-maps.
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls.
• Configured and performed software upgrades on Cisco Wireless LAN Controller 508 for Wireless Network Access Control integration with Cisco ISE.
• Worked extensively on Cisco ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.
• Complete 802.11a/b/g/n site survey analysis and remediation, Wireless LAN Controllers upgrades, and technical refresh end of life/end of support for all wired and wireless equipment
• Implemented and maintained intrusion detection/ prevention (IDS/IPS) system to protect enterprise network and sensitive corporate data. For Fine-tuning of TCP and UDP enabled IDS/IPS signatures in Firewall.
• Signature Updates Deployment on the Management Components and all the Individual IPS/IDS devices.
• As part of SIEM, monitored notable events through Splunk ES(Using V3.0)
• Administrating on F5 LTM, GTM on series 5050
• Created an automated backup procedure for all F5load balance appliances.
• Hands on Experience with deployments utilizing Shell scripting.
• Create complex iRules using TCL language for URL redirections, HTTP header-insertion and HTTP header modification.
• Configuring Palo Alto policies and setting different device configurations.
• Configuring, Administering and troubleshooting the Checkpoint, Palo Alto and ASA firewall
• Review proposals that include SIEM, log management, full disk encryption, VLAN/PCI, device segmentation, security controls, secure Proxies WAFS VPN/remote access, DLPs, SSL decryption Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall
• Adding firewall policies to Palo Alto Firewall PA-5060 as per requirements.
• Adding URL filter lists in the Palo Alto Firewalls.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.
• Worked with engineering team to resolve tickets and troubleshoot L3/L2 problems efficiently.

Confidential, Kansas City, MO

Network Engineer

Responsibilities:

• Responsible for entire LAN and WAN/WLAN maintenance and troubleshooting of the company network. Involved in the Team of DataCenter Operations to perform duties like administration and deployment of Cisco Routers and Switches according to the organization requirements.
• Day-to-day work involves scheduling firewall policy provisioning and working with users to identify connectivity related issues and troubleshoot using CLI.
• Creating security and access policies to the end users using Cisco ISE connected within the network
• Configuring and resolving various OSPF issues in an OSPF multi area environment.
• Provide solutions to Tier 1/2 escalated issues, tickets and assessing cabling issues such as Token Ring, Ethernet, and Fiber Optic.
• Configuration was running and completed in timely manner. Configure policies and enabled rules to alerting on intrusion events.
• Configured Cisco 7200 routers which were also connected to Cisco ASA5500 security appliances providing firewall security.
• Configure VDCs and implement Layer2 topologies using Fabric Path, VPC+, L2-L3, VRFs, HA and Port Channel.
• Configured various Router interfaces like ATM interface, T3 interface, and Channelized T1 interfaces.
• Troubleshooting Network Connectivity issues in Local Area Networks (LAN) using Packet Capturing Methods (Wireshark).
• Worked with blue coat proxy to actively utilized and monitor the web security and WAN optimization.
• Hands on experience with Cisco 3500, 3750, 4500, 6500 series equipment and configuring and deploying and fixing them with various modules like Gig card, VPN SPA card, WIC card.
• VSS on 6506E switches maintenance to provide dual homing for the consumers as well redundancy.
• Route redistribution between OSPF and EIGRP & also in required routers, between IGP and BGP.
• Experience in migrationof Frame-relay based branches to MPLS based technology using multi-layer stackable switch like 6500 series and 2800 series router.
• Developed and implemented core network consolidation plan. Included redundant configuration of Juniper EX8200.
• Configuring, Monitoring and Troubleshooting Cisco's ASA 5500 security appliance.
• Worked with multiple customers over a period of time to enhance their network, resolve and create work around for known IOS issues.
• Expertise in maintenance of layer2 switching tasks which advocate VLAN, VTP, STP, RSTP, PVST, RPVST, configuring of ether channel along with troubleshooting of inter-VLAN routing.
• System testing with PPP, L2TP, STP, and Network Access Control List (NAC) enabled.
• Perform system monitoring and respond to alarms both on Avaya PBX and Cisco Call Manager
• Experience in VoIP systems and technologies along with the ability to implement, administer, and troubleshoot Cisco UC and Cisco Call Center. (version 6x 10x)
• Creating network designs using the Microsoft Visio and Creating Virtual Servers, Nodes, Pools and iRules on BIG-IP F5 in LTM module and GTM's for managing the traffic and tuning the load on the network servers.
• Experience in configuring and Troubleshooting BIG-IP F5 load balancer LTM.
• Worked on team that designed and implemented F5 Big IP load balancers that resulted in improving application performance.
• Implemented, configured BGP WAN routing, converting OSPF routes to BGP (OSPF in local routing) and also redundancy for Routers, Switches and Firewalls.
• Documenting the security policies enforced in internet access using Microsoft Visio.

Confidential, Littleton, Colorado

Network Engineer

Responsibilities:

• Experienced with manipulating various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
• Cisco Nexus switches software upgrade and implementation. 5K Nexus, 7K Nexus and 2K Nexus NX-operating system devices.
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
• Configuring HSRP between VLANs, Configuring Ether-Channels, Port Channel on 6500 catalyst
• Assisted in MPLS migrations, implemented a backup for the existing WAN connection using site-to-site IP sec VPN tunnels.
• Having Data Center Design Experience, installing and Configuring Network Devices in a Data Center including patching the cables in the Patch Panel.
• Involved in Configuration of Access lists (ACL) on ASA firewall for the proper network routing for the B2Bnetwork connectivity.
• Build Logical design and Implementation of Wireless Solution
• Design an End -to-End High- Level Cisco Trust Sec Network with Cisco ISE and 802.1x
• Experience with configuring VMware and managing and maintenance of VMs (virtual server)
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Checkpoint and Cisco ASA VPN experience
• Responsible for Cisco ASA firewall administration across our global networks
• Experience with migration of Checkpoint R54 to SPLAT.
• Deployed 7613 as PE and CE routers and configured the Edge Routers.
• Excellent troubleshooting knowledge on T1, T3, OC-3 and OC-12.
• Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems.
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes
• Switches Replace branch hardware with new 2851 routers and 2960 switches.
• Used IPsec VPN tunneling to provide access to user machines and partners in other network. Provided application level redundancy and availability by deploying F5 load balancers LTM.
• To secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls and building the VPN tunnel and VPN encryption.
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA 5500 Firewalls.

Confidential

Network Engineer

Responsibilities:

• Worked onCiscoLayer 2 switches (spanning tree, VLAN).
• Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst 6500 switches.
• WAN Infrastructure running OSPF & BGP as core routing protocol.
• Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers.
• Optimized performance of the WANnetworkconsisting of Cisco 3550/4500/6500 switches by configuring VLANs.
• Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Configuration 7609, 7606 with OSPF and catalyst 6505, 4500, 3550 switches with various VLAN.
• Troubleshooting IOS related bugs based on past history and appropriate release notes.
• Worked on different connection medium like Fiber and Copper Connectivity.
• In-depth expertise in the implementation of analysis, optimization, troubleshooting and documentation of LAN/WAN networking systems.
• Planning and configuring the routing protocols such as OSPF, EIGRP, RIP, and Static Routing on the routers.
• Performed and technically documented various test results on the lab tests conducted.
• Planning and configuring the entire IP addressing plan for the clients'network.
• Assist the certification team and perform configuration of LAN\WAN technologies such as Ethernet, Fast Ethernet, and Gigabit Ethernet.
• Supported networks, which are comprised of 2000+Ciscodevices.
• Supported nationwide LAN infrastructure consisting ofCisco4510 and catalyst 6513.
• Deployed the switches in high availability configuration with HSRP.
• Configured port-fast, uplink fast and other spanning tree features.
• NetworkMonitoring using tools likeCiscoWorks 2000 and Net flow Analyzer.
• Troubleshootnetworkproblems using Packet Analysis tools like Ethereal.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500
• Worked on ASA (5540/5550) Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).

Confidential

Jr. Network Engineer

Responsibilities:

• Manage Cisco Routers and troubleshoot layer1, layer2 and layer3 technologies for customer escalations.
• Configuring RIP, OSPF and Static routing on JuniperM and MX series Routers.
• Hands-on with Network management software NSM & configuration and extension of VLAN from one network segment to other network segment between different vendor switches (Cisco, Juniper).
• Taking Regular backups & testing the backups by restoring in test lab frequently.
• Involved in designing L2VPN services and VPN-IPSEC authentication & encryption system.
• Experience in HSRP standby troubleshooting & Experience in configuring & upgrading of Cisco IOS.
• Key contributions include troubleshooting of complex LAN/WAN infrastructure.
• Network Troubleshooting and maintaining CISCO Routers and Switches Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Assisted in network engineering efforts consistent with the infrastructure of an Internet Service Provider and support of such network services. Helped in designing and implementation of VLAN for the new users.
• Installed and configured Cisco PIX 535 series firewall and configured remote access IPSEC VPN on Cisco PIX Firewall.
• Enabled STP Enhancements to speed up the network convergence that include Port-fast and Uplink-fast.
• Administered Red hat Enterprise Linux A.S, E.S 3.0, Solaris 8 Servers and other Workstations.
• Installed, administered and troubleshooting of Windows 2000, 2003 and NT Servers.