SUMMARY

• Network Engineer with 8+ years of diverse experience in implementing, testing, optimizing, maintaining and troubleshooting Enterprise Network & Security infrastructures
• Extensive experience working with Firewalls, Switches, Routers, load balancers, VoIP and wireless technologies of different vendors
• Extensive experience in implementing, managing and troubleshooting IP addressing and VLSM subnetting, NAT, Routing protocols (RIP, EIGRP, OSPF, BGP), First Hop redundancy protocols (HSRP, GLBP and VRRP) on Layer 3; VLANs, Standard and Extended ACLs, VTP, WLANs, EtherChannel, STP, RSTP, and MST on Layer 2 technologies
• Proficient in monitoring and managing networks using SolarWinds NetFlow Traffic Analyzer, Network Performance Monitor (NPM), Network Configuration Manager (NCM); Cisco Prime, Security Device Manager (SDM), Cisco Works; Infoblox, HP OpenView and Wireshark
• Configured and maintained Quality of Service (QoS) protocols (SIP, SRTP, SDP, IAX) on VoIP along with PBX servers, VoIP Gateways and Cloud based PBX servers
• Strong hands - on experience on Cisco Catalyst (series 3850, 3560, 4500, 6500), Cisco Nexus (series 2K, 5K, 7K), Cisco Routers (series 7300, 4000, 3800, ASR 9000), ASA Firewall (5505/5550-X), Firepower (4100), Load Balancers (citrix NetScaler, Cisco ACE, F5 BIG-IP LTM/GTM ASM), IDS/IPS (HIDS, NIDS, NIPS, HIPS), Palo Alto Networks Firewalls (PA-820, series PA-3K, 5K), Checkpoint IP Appliances (NXG R60, R70, 3100, 5900)
• Expertise in installing, configuring and troubleshooting Juniper Switches (series EX3300, EX4200, EX4600), Juniper Routers (series J, M and T) and Juniper series SRX Firewalls
• Experience of managing Tier II ISP Routing Policies, FT1/T1, FT3/T3, SONET, OCx / STMx IOAs, Metro Ethernet (MANs)
• Preparing reports and drawing network diagrams using Office Suite and Microsoft Visio
• Knowledge of Cisco Meraki Cloud Managed Switches (MS250, MS350, MS410) and SD-WAN (MX 65, MX100, MX400)
• Virtualization Experience: VMware Workstation, vCenter server, VMotion, vSphere, ESXi hypervisor
• Experience in installing, configuring and managing AAA Authentication servers RADIUS & TACAS+, DNS and DHCP servers and management by means of Infoblox and Active Directory Database
• Working experience with off-shore teams, NOC and SOC to resolve elevated issues immediately
• Configured and implemented VDC, VPC, and OTV on Nexus 7K and 5K
• Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/VPN-1
• Implemented and maintained Sourcefire intrusion detection/ prevention (IDS/IPS) system and hardened protection standards on firewall for enterprise network to protect sensitive corporate data and enabled IDS/IPS signatures on Firewall for Fine-tuning of TCP and UDP services
• Experience in troubleshooting, maintaining and integrating on F5 Big-IP LTM/GTM load balancing and Application Security Manager(ASM)
• Provided full visibility and notification of authorized and unauthorized network access with integration of CISCO ASA and NAC solutions.
• Worked hand-in-hand with different vendors for company products, solutions and performance
• Co-ordinated work with Network, Storage and Database teams on critical application failure issues.
• Perform live migration from one host to another host.
• Worked on moving strategies for data center between different locations, and from Cisco 6500 based data center to both Cisco 6500 & Nexus based data center
• A motivated dynamic team player with excellent communication skills, resiliency and enthusiasm

TECHNICAL SKILLS

Router and VoIP Platforms: Cisco Routers series 7300, 4000, 3800, 2000, 1900,ASR-9922,9912,9010,1006,1004,1002,902,920i and; Juniper T4000, MX10, MX40, ACX2200, ACX5000;cisco IP phones

Routing Fundamentals and Protocols: Routed and Routing protocols RIP, EIGRP, IS-IS, OSPF, BGP; MPLS, IPv4 and IPv6 addressing, subnetting, VLSM, Static routing, ICMP, ARP, HSRP, VRRP, Route Filtering, Multicast, 802.11, Policy Based Routing, Redistribution, Port forwarding

Switch Platforms: Cisco Catalyst series 2960, series 3560, 3850, 4500, 6500, 7000; Nexus series 2K,5K, 7K; Nortel/Avaya 5510, 5520; Juniper EX3300, EX4600, EX4300, EX3400

Switching Fundamentals and Protocols: Ethernet technologies, LAN networks, MAC, VLAN and VTP, STP, MulticastRSTP, Multi-Layer Switching, 802.1Q, EtherChannel, PAgP, LACP, CDP, HDLC, RARP

Firewall Platforms: Juniper SSG, SRX5600, SRX5800, Cisco Firewalls (ASA 5505, 5506-X, 5585), Palo Alto Networks (PA series 2K, 3K and 5K), WAF

Network Management and Monitoring: Wireshark, Infoblox, HP OpenView, Cisco Prime, Security Device Manager (SDM), CiscoWorks; TCP Dump and Sniffer; SolarWinds Netflow Traffic Analyzer, Network Performance Monitor (NPM), Network Configuration Manager (NCM)

Load Balancers: F-5 (BIG-IP) LTM 2000, 3900, 6400, 6800, AV 510, citrix NetScaler ADC 6400, Cisco ACE 4710

WAN technologies: Frame-Relay, ISDN, ATM, MPLS, PPP, DS1, DS3, OC3, T1 /T3 lines, SONET

Servers: DNS, DHCP, Apache, NFS, SAMBA, FTP, SSH, SQUID, Dedicate server’s (Web Server, Mail Server, Proxy Server ) etc.Securing System Services and Network Securing service using TCP-wrapper & Securing network using Net filter (IP-tables)

Other Networking Protocols and Fundamentals: DHCP and DNS server, Active Directory Management, NTP, NDP, TCP, UDP, Network Implementation, Troubleshooting techniques, FTP, HTTP

Operating Systems: Windows 10/7/XP, MAC OS, Windows Server 2012R2/2008/2003, Linux, UNIX

Languages: C, C++, Java, SQL, HTML, DHTML, CSS, JAVA SCRIPT

PROFESSIONAL EXPERIENCE

Confidential, Charlotte, NC

Senior Network Engineer

Responsibilities:

• Played a principle role in configuring and implementing composite Network models consisting of Cisco 7300, 4000, 3800, ASR 9000 series routers and Cisco catalyst 3850, 3560, 4500, 6500 series switches
• Worked with cisco ASA5545 and ASA 5585-SSP20,NetScreen ISG 1000 and ISG2000 and JUNIPER SRX650,SRX3600,SRX1400 firewalls
• Managed RTP, RTSP, FTP, DNS, HTTP, DHCP Application Level Gateways, services and servers whenever needed
• Implemented Virtual Router Redundancy Protocol (VRRP) by tuning priority levels, preemption parameters, Authentication and object tracking
• Acquitted with Cisco Meraki for Cisco Wireless devices
• Monitoring, managing and troubleshooting Cisco Wireless devices using Cisco Meraki
• Participated in the installation, configuration, and post installation routine operational tasks and configuration of the Cisco Nexus Switches
• Designed integrated 10 gigabit networks using Cisco Nexus 7k series switches and Cisco 6500, 3800 series routers improving performance of existing network
• Monitored, Managed and hardened security policies and rules on checkpoint NGX firewalls
• Maintained and Supported Multiprotocol Label Switching (MPLS) on WAN network
• DNS, DHCP & IPAM (DDI) protocols and security
• Implemented and upgraded Networks using OSPF and BGP based routing protocols and prepared flow charts and utilization monitoring reports
• Worked with Cisco ASA 5500-X with Firepower services, Firepower 4100 and Palo-alto Next-Gen PA-5000 Firewalls implementing and managing NAT, IPsec, site-to-site and remote VPNs, advanced inspection, anti-spoofing and AAA policies
• Worked with Host Master for shared web hosting and managed Web Application firewall (WAF), DNS and DHCP management using Infoblox and Analyzed networks using Wireshark
• Experience on monitoring, network diagnostic and network analytics tools (i.e. SolarWinds, PRTG, etc.)
• Experience with a wide range of real-world networks. Ideally expert in specific internet infrastructure technologies including DNS, DHCP, IPAM (especially experience with DDI appliances) and web caching (ideally with Squid) - or other deep exposure to HTTP.
• Provided assistance in redundancy mechanisms for multi homed Border Gateway Protocol (BGP) network by tuning AS-path for various network segments
• Improved Quality of Service (QoS) by defining LSPs on MPLS to meet specific service level agreements (SLAs) on traffic latency, jitter, packet loss and downtime
• Performed Load balancing using F5 BIG-IP LTM ADC 6400, Cisco ACE 4710 Load balancers
• Configured policy based routing for BGP for complex network systems and configured Multiprotocol Label Switching (MPLS) VPN with OSPF implementation on the client end
• Experience in custom or structured IOT design, implementation and maintenance with Systems integration and design.
• Tuned BGP internal and external peers with manipulation of attributes such as metric, origin and local preferences
• Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network

Environment: Cisco Routers series 7300, 4000, 3800, ASR 9000, ASA5545 and ASA 5585-SSP20, NetScreen ISG 1000 and ISG2000 and JUNIPER SRX650,SRX3600,SRX1400,Cisco catalyst series 3850, 3560, 4500, 6500 and Nexus 2k, 5k, 7K; Juniper switches EX4600, EX3400, EX4300 and ACX1000 router, Cisco ASA 5500-X, Firepower 4100, Palo-alto Next-Gen PA-5000, PAN-OS, Infoblox, Routing Protocols OSPF, BGP; VPNs, MPLS, VRRP, Big-IP F5 LTM/GTM & ASM, IDS/IPS, Wireshark, PowerShell, Cisco Works, MS Visio

Confidential, Cleveland, OH

Senior Network Engineer

Responsibilities:

• Worked, managed and maintained LAN networks, VLANs and database, Port Security on Nortel 5510, 5520; Cisco Catalyst 3850, 4500 and 6500 switches and implemented VDC, VPC, and OTV on Nexus 5k and 7k switches
• Played an important role in a team by implementing and documenting Switching Topologies, VLAN management, Port security, Trucking protocols, STP configuration, Inter-VLAN routing, 802.1x port-based authentication, LAN security and preparing Microsoft Visio reports and designs
• Ensured availability and integrity of Network, System and Data through preventive maintenance and upgrade plans and implementations
• Monitored network and provided analysis, improvement scopes and support using various monitoring tools such as Wireshark, SolarWinds Performance Monitor and coordinated with off-shore support teams to ensure flawless operations
• Experience Domain Name System/Dynamic Host Configuration Protocol/IP Access Management(DNS/DHCP/IPAM) appliances.
• SolarWinds monitoring & helpdesk platform
• Responsible for deployment, Integration and Troubleshoot Cisco Core Routers ( ASR-9922,9912,9010,1006,1004,1002,903, 920 i, 920 0 & 901).
• Configured and troubleshot OSPF, BGP, VRRP, Static routes on cisco 2900, 3800, 4000 Routers
• Contributed in implementation and configuration of F5 BIG-IP LTM-6400 load balancers, redistribution into OSPF on the core ASA firewall
• Configured IP addressing scheme and coordinated with LAN/WAN engineers to develop and implement various security policies
• Supported OSPF and BGP powered network by resolving Tier 3 and Tier 4 tickets for internal teams & external clients of all locations
• Coordinated with a team to upgrade network by changing primary routing protocol to OSPF from EIGRP and Participated in the modification of BGP from multiple MPLS powered routers
• Installed, configured and managed DNS and DHCP server, and Active Directory database
• Provided Troubleshooting for IP conflict, DHCP, NAT, VPN and other security related tickets
• Defined and configured Group policies, Organizational Units, Security policies, NAT and anti-spoofing for internal, external networks and gateways and also configured VPN policies and connection for employees to access servers
• Configuring Virtual Device Context in Nexus 7010 and Worked on Network support, implementation related internal projects for establishing connectivity between the various field offices and data centers
• Took responsibility for Cisco ASA 5500 firewall monitoring, Rule Analysis and Modification
• Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.

Environment: Cisco Catalyst series 3850, 4500, 6500; Nexus 2k, 5k, 7k; VMware vSphere 6, cisco routers 2900, 3800, 4000; Juniper SRX550, Palo-alto Next-Gen PA-5000; Routing Protocols EIGRP, OSPF, BGP; VPNs, MPLS, VoIP, Wireless APs, Big-IP F5 LTM 6400 Load Balancer & Application Security Manager

Confidential, Milwaukee WI

Network Engineer

Responsibilities:

• Monitored and managed networks using Cisco Works tools and Wireshark
• Played an important role in migration to F5 LTM load Balancer from Cisco ACE load balancer in data center environment and performed basic and advanced F5 load balancer configurations including migrating configurations from Cisco ACE to F5, and testing and general troubleshooting of the F5 load balancers
• Configured Frame-Relay, ISDN, ATM, load balancing switches and also configured IPX/SPX, HDLC, PPP, BGP, EIGRP, OSPF and VRRP on various sites
• Health check and automated IOS and script updates applied via voyance application
• Configured, Deployed, and Troubleshot Greenville Health System's Wireless Network utilizing Cisco WCS, wireless and conducted health check for Network devices involving upgrading IOS on every quarter after checking the vulnerability of IOS and reviewing the configurations
• Successfully installed Palo Alto PA-3060 firewalls to protects Data Center and provided L3 support for routers/switches/firewalls and Site-to-Site VPNs, 3DES, AES/AES-256 with PIX Firewalls
• Extended support on access layer, distribution layer and core layer device of IBM as assigned
• Daily switching ticket resolving included VTP, ISL/ 802.1Q, IPSec and GRE Tunneling, VLANs, Ether Channel, Trunking, Port Security, STP and RSTP
• Worked with Cisco Nexus 2148 Fabric Extenders and Nexus 7010, 5000 series switches to provide a Flexible Access Solution for datacenter access architecture
• Managed network security by working on NAT/PAT, ACL, and ASA/PIX Firewalls and convert PIX rules over to the Cisco ASA solution
• Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate Authority for purpose of scaling and also worked with MP-BGP and MPLS LDP protocols
• Worked on NNMI, Infoblox, e-health monitoring tools
• Successfully implemented EOL project alias 'End of life equipment' assigned as per IBM guidelines in live environment
• Successfully installed Palo Alto PA-3060 firewall and configured and provided troubleshooting using CLI and worked with Panorama management tool to manage all Palo Alto firewall and network from central location
• Configured and troubleshot F5 LTM 3900, 6800 for different applications and monitored and created reports on availability
• Participated in deployment of data center LAN and worked Nexus 7k, 5k, 2k switches
• Involved in migration projects, which involved replacing legacy devices to new Nexus devices and introduced VPCs in the new architecture

Environment: Cisco ACE, cisco Nexus 2k/5k/7k, IPS/IDS, SolarWinds, CiscoWorks, Frame-Relay, cisco 6500/3700/7200 routers, PA- 3060 firewalls, VPN tunnels, OSPF, EIGRP, BGP, MPLS, Cloud based servers

Confidential, Middletown, NJ

Network Security Engineer

Responsibilities:

• Planning & automation of functional & performance tests ofBGP, OSPF, MARO, SNMP, XML, QoS, System Failure Recovery & Ethernet customer facingfeatures.
• Developing the scripts usingSpirent iTesttool
• Verification & Validation of the test cases in-line with specification to test functionality.
• Testing the Tomahawk 100GE line cards facing towards CE
• Involved inBGP & OSPF scaling
• Router upgradations when required
• Keep team members and managers informed of key developments, program decisions, issues, and changes to the project and the project plan.
• Interact directly with line managers to ensure resources are available when needed, and to negotiate amendments to the project plan especially those that change deliverable completion dates.
• Testing and verification of products compliant to latest version test plans and Confidential &T specifications.
• Follow configuration management, defect reporting, tracking tools and defect management practices of Confidential &T.
• Interact with Confidential &T team to attain feedback of the test results & implement the changes.
• Plan and execute capacity and service related certification activities.
• Perform the project demo of the automated features to the customers in a weekly basis

Environment: PA- 3060 firewalls, VPN tunnels, OSPF, EIGRP, BGP, MPLS, LDP, Cloud based Pbx servers, RTP, RSTP, FTP, HTTP, DHCP, TCP.

Confidential

Network Security Engineer

Responsibilities:

• Security infrastructure engineering and worked on various platforms such as Microsoft Windows, UNIX, Juniper firewalls, Palo Alto firewalls, Bluecoat Proxies, Juniper Intrusion Prevention devices, and wireless switch security management to maintain the network infrastructure
• Maintained Checkpoint security policies including NAT, VPN, and Secure Remote access, Configured IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls
• Configuring, Monitoring, troubleshooting Cisco Wireless Access points and Wireless controllers using Cisco Meraki’s user interface
• Administered and evaluated firewall access control requests to ensure that requests are compliant with client's security standards and policies
• Configurated and supported of Juniper Netscreen firewalls and Palo Alto firewalls
• Created and analyzed reports on firewall logs and made required changes
• Configured Juniper Netscreen Firewall Policies between secure zones using Network Security Manager (NSM)
• Consulted in Palo Alto design and installation for Application, URL filtering, Threat Prevention and Data Filtering
• Maintained and updated Active Directory database for authentication and deployment purposes
• Worked on Nexus platform 7k series, 5K series (5548, 5020 and 5010), 2248 and successfully implemented VSS on the Cisco catalyst switches for a client
• Learned and developed skills in working and planning migration to Check Point and Palo Alto next-generation firewalls from existing legacy firewalls
• Managed successful delivery of massive security response portfolio including Splunk and Cisco ISE
• Worked primarily as a part of the security team and daily tasks included firewall rule analysis, rule modification, and administration
• Installation, configuration and Maintenance of Dedicate server’s (Web Server, Mail Server, Proxy Server) using Remote Administration, manage packages, apply security patches, analyze network traffic to identify performance and resource utilization problems, IP management, giving technical support by attending technical call directly as well as through e-mail, troubleshooting/installation procedures
• Configuring/Maintaining the NFS Server/Client, Mail Server, DNS, DHCP, FTP, Apache

Environment: Netscreen, Juniper SRX5400, SRX5600, and SRX5800 and Palo Alto PA-3060 & 5050 Firewalls, IDS/IPS, VoIP gateways, wireless Aps, Pbx servers, Nexus 2K, 5K, 7K; Splunk, Solarwinds.