SUMMARY

• Over 7+ years of experience as a Networking Professional in areas concerned with network design, implementation, operation and troubleshooting enterprise data networks.
• Expert in IP addressing and Subnetting with Variable Length Subnet Masking (VLSM), Route Summarization, Route Redistribution, TCP/IP, DHCP, DNS and LAN/WAN technologies.
• Expert in IP routing protocols such as RIPv1 &v2, EIGRP and OSPF.
• Expert in Border Gateway Protocol (BGP) and its attributes.
• Experience configuring different layer 2 technologies which includes VLANS, STP, RSTP, VTP, Ether channel, QOS and port Security.
• Experience in configuring security policies including NAT/PAT and ACL's.
• Experience in configuring ASR 1000 and 9000 series service routers.
• Expert in implementing redundancy protocols HSRP, VRRP and GLBP.
• Experience in Data Center Nexus 2k, 5k and 7k switches and configured vPC, OTV and Fabric Path.
• Experience in using different area types in OSPF which includes SA, TSA, NSSA and Virtual Links.
• Good experience in configuring F5 BIG - IP LTM 3600 load balancers.
• Experience with Cisco ASA Firewall, Firepower Firewall.
• Hands-on experience in configuring access rules on Cisco ASA 5505, 5540 and 5580 Firewalls.
• Upgraded IOS images on Cisco ASA Firewalls and migrated polices from Cisco ASA to Palo Alto firewalls.
• Security policy review and configuration in Palo Alto and Junipers Firewall in US offices and Datacenter.
• Designed and configured of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Implemented Positive Enforcement Model with the help of Palo Alto Networks.
• Innovated with support of Palo Alto for remote and mobile users and for analyzing files for malware in a separate (cloud-based) process that does not impact stream processing.
• Failed over Cisco ASA and Palo Alto Firewalls for maintenance and redundancy purposes.
• Good knowledge of Checkpoint Firewalls and hands-on with Palo Alto Firewalls such as 3000 and 5000 series.
• Good knowledge about ASR 1000 and 9000 series service routers.
• Experience in configuring Multi-Protocol Label Switching (MPLS) and knowledge in VRF.
• Experience in VPN technologies such as GRE tunneling, DMVPN, Remote Access VPN, Site-to-Site VPN and SSL VPN.
• Experience in CGMP, IGMP RADIUS and TACACS.
• Working Experience on McAfee web gateway and other web filtering technologies
• Experience in Datacenter Environment.
• Knowledge in Cisco Unified Communications to manage traffic (Voice, Video and Data) in single Network infrastructure.
• Secured network using AAA (Authentication, Authorization and Accounting).
• Worked in Wireless technologies: 802.11 a/b/g/n
• Basic knowledge in Cryptography.
• Analyzed different types of attacks on Secure Socket Layer/ Transport Layer Security (SSL/TLS) which includes Crime, Beast, Breach and Time attacks.
• Evaluated the use of SSL against Man-in-the-Middle attack in android platform and provided some countermeasures to reduce it.
• Experience in Infoblox and Net brain.
• Experience with vulnerability tool Nessus.
• Monitored performance of network devices using Solar wind, Spectrum and Stat seeker.
• Maintaining and updating inventory of all network hardware, Management and monitoring by use of SSH, SYSLOG, SNMP.
• Experience on Change Management tools such as Remedy and Service Now.
• Experience in network troubleshooting and analysis using Wireshark.
• Strong Experience in Python Scripting.
• Experience using Microsoft Visio to create and update network diagrams.
• Experience with Windows 2008 and 2012 servers and Knowledge on VMware.
• Possess strong network troubleshooting, interpersonal and communication skills.

TECHNICAL SKILLS

Networking: TCP/IP, Cisco IOS, IOS-XR, LAN/WAN interconnection, VPN, IP-Sec, Frame-Relay, ISDN, RIP, OSPF, EIGRP, IS-IS, BGP, MPLS, STP, RSTP, MST, VTP, NAT, ACLs

Hardware Routers: Cisco (1800/2600/3600/3800/7200/7600 series), Cisco ASR 9Ks)

Switches: Cisco (2900/3500/3700/5500/6500 Series, Nexus 7k)

Firewalls: Cisco ASA (5510,5540), Checkpoint R65, R70, R75, R77 Gaia, Juniper SSG

Other Networking Tools: F5 LTM (Big IP), GTM, 3 DNS, Bluecoat Proxy SG, Wireshark, Remedy, Tufin Secure Track, CounterAct, Citrix Netscalar

VPN: Cisco IOS Firewall feature set (IOS 12.X)

Operating Systems: Win 95/98, NT, XP,VISTA, LINUX, UNIX

PROFESSIONAL EXPERIENCE

Sr. Network Engineer

Confidential - Irving, TX

Responsibilities:

• Implemented Voice VLANS, UDP, SIP, and RTP and provide QOS by DSCP and IP Precedence.
• Used DHCP to automatically assign reusable IP addresses to DHCP clients.
• Integrate VoIP with PSTN and setup voice Gateway ensuring QOS for Cisco based Voice over IP and CDR for voice call Accounting.
• Configuration and maintenance of Palo Alto Firewalls.
• Experience in working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a flexible Access Solution for datacenter access architecture.
• Design and implement campus switch network with Cisco Layer 3 switches (3750, 4500, and 6500) in multi VLANs environment and inter-VLAN routing, HSRP, ISL trunk, ether channel.
• Designed MPLS VPN and QoS for the architecture using Cisco multilayer switches
• Implement Cisco Works 2000 device to manage Cisco routers, switches, PIX and ASA firewall, Access Points, Concentrators.
• Experience in working with installing Nexus 7010 License upgrade.
• Experience in installing and configuring Checkpoint NGX R60.
• Maintain Security policy by monitoring PIX firewalls (515 and 520)
• Experience working with Network management software NSM primarily to manage the firewalls as well as performing changes as per the requirement.
• Involved in effective communication with vendors, peers and clients in resolution of problems, equipment.
• Configuring Vlans, Self IP's& Routes on F5 load balancers.
• Worked with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Worked extensively in configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs / Routing / NATing with the firewalls as per the design. Primary responsibility is to design and deploy various Network Security & High Availability products like Cisco ASA and other Security Products.
• Worked extensively on Cisco Firewalls, Cisco PIX (506E/515E/525) & ASA 10/5540) Series.
• Experience with converting PIX rules over to the Cisco ASA solution.
• Implemented Splunk to drive reporting and search for data collected from Cisco firewall devices - FWSM, Pix and ASA.
• Handling network devices such as Switches (Cisco Catalyst 2900 and 3500 series), Routers (Cisco 2600, 2800 and 7200 series), Firewalls, Load balancers etc.
• Experience configuring Virtual Device Context in Nexus 7010.
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Maintaining Checkpoint security policies including NAT, VPN and Secure Remote access.
• Experience working with ASR 9000 series switches with IOS-XR.
• Experience working with design and deployment of MPLS Layer 3 VPN cloud, involving VRF, Route Distinguisher (RD), Route Target (RT), Label Distribution Protocol (LDP) & MP-BGP
• Functional and Regression Testing.
• Experience in Configuring, upgrading and verifying the NX-OS operation system.
• Configuring IP, RIP, EIGRP, OSPF and BGP in routers.

Environment: Cisco switches 4510/4507/4948 , Cisco routers 2600/2500/7600/7200 , HSRP, Site-to-site VPN, PIX firewall, ACL, ASA firewalls, BGP, OSPF, EIGRP, RIP, Nexus 2k/5k/7k Juniper devices, Wireshark, Frame relay, VLAN, ISL Trunking, NAT, RADIUS server.

Network Security Engineer

Confidential - Branchburg, NJ

Responsibilities:

• Configuration and management of Cisco Nexus 2k, 5k and 7k series switches and Cisco 3560, 3750, 6500 series and 2800, 3600, 7200 routers, ASA, Checkpoint firewall, Palo Alto and F5 load balancer.
• Redistributed sites from OSPF to BGP.
• Worked on load balancer and provided solutions for many network related issues.
• Worked with other teams to design and implement the data center network.
• Deployed, configured and maintained network equipment that support LAN/WAN activities.
• Configured and implemented prefix-lists, route maps and ether channels.
• Performed Data Center Asset Management.
• Created vPC domain, designed single sided vPC, double sided vPC, vPC peer-keep alive, and vPC peer-link and configured Fex.
• Configured F5 load balancer LTM & GTM.
• Worked on Cisco ASR 1000 series devices
• Involved in installing and configuring PIX 515E, 506E firewalls.
• Performing the configuration and troubleshooting of routing protocols such as OSPF and BGP.
• Configuration and administration of cisco and juniper routers and switches.
• Configured redundancy protocols such as HSRP and GLBP.
• Deployment of enterprise firewalls (Palo Alto network, Cisco ASA, Checkpoint) in production environment.
• Implemented and configured OSPF and BGP.
• Configured inter-Vlan routing, redistribution, access-control lists and Network Address Translation (NAT)
• Configuring Multi-Protocol Layer Switching (MPLS).
• Configured client VPN technologies which includes Cisco VPN client via IPSEC.
• Installation, maintenance and troubleshooting LAN/WAN (Frame Relay, NAT, DHCP).
• Modified OSPF link costs to route traffic in different direction and to reduce delay, bandwidth across the links.
• Involved in configuration of access-control lists on juniper and Palo Alto firewalls for proper network routing and B2B connectivity.
• Configured different OSPF area types which includes stub area, TSA, NSSA and virtual links.
• Secured network using AAA (Authentication, Authorization and Accounting)
• Configured Juniper SRX series firewalls such as SRX240, SRX220 and SRX550
• Worked on Palo Alto Firewalls including PA 5000 and PA 3000 series.
• Configured BPDU guard, Port fast, Uplink fast and other spanning tree features.
• Negotiate VPN tunnels using IPSEC encryption standards and also configured and implemented site-to-site and remote-to-site VPN.
• Troubleshooter and resolved computer hardware and software issues escalated from customer support and other departments with a 100% success rate.
• Installed and configured network hardware and software
• Worked in Wireless technologies: 802.11 a/b/g/n
• Installed and configured all the Linux servers in the network per specifications of clients.
• Monitored the servers and Linux scripts regularly and performed troubleshooting steps. Tested and installed the latest software on server for end-users.
• Performed routine checks on the Linux servers of the firm.
• Monitored and reported on system and database backups to ensure they appropriately configures, implemented and verified to enable recovery from failure.
• Contributed to team activities and completed assigned tasks within prescribed deadlines.
• Provided network troubleshooting and support
• Good experience in using NetScaler to provide level 4 load balancing
• Experience with Remedy ticketing system.
• Monitored network traffic and solved performance issues in applications using Solarwinds.

Environment: Cisco Routers: 7200, 3600, 2800; Cisco catalyst switches: 3560, 3750, 6500; Nexus: 2000, 5000, 7000 series switches vdc, peer keep-alive, peer link, vPC domain, vPc single sided, vPC double sided, fabric path; Redundancy protocols: HSRP, GLBP; Inter-Vlan routing, Port-fast, STP, VTP, RSTP, ACL's; Routing protocols: OSPF, BGP; Cisco ASA, Checkpoint firewalls, Juniper SRX 240, SRX220, SRX550, Palo Alto Firewalls PA5000, PA3000; Network Security: NAT, PAT, IPSEC, GRE, VPN; Load balancer: BIG-IP F5; Ethernet, Fast Ethernet, Gigabit Ethernet, Fiber optic; solar winds, Citrix NetScaler

Network Engineer

Confidential, Fort Worth, Texas

Responsibilities:

• Primary Duties include 24x7 Level II support for the Network. Providing support to offices all over the State.
• Maintained and updated the Network diagrams.
• Worked on Cisco Routers, Cisco 3750, and Cisco 2960-SF Switches
• Responsible for Capacity planning, Contingency planning & disaster recovery.
• LAN Segments monitoring/troubleshooting LAN related issues.
• Carried out periodic backup of Router/Switch configurations, configured and upgraded Cisco IOS
• Troubleshoot IOS related bugs based on past history and appropriate release notes
• Worked in VPN (IPSEC and GRE) migrations and new designs for the clients.
• Configured SSH on all network switches and routers for secure management purposes.
• Troubleshoot the Network Routing protocols (OSPF and RIP) during the migrations and new client connections.
• Planned and Implemented New Infrastructure in the Data Center.
• Used Wireshark Network Packet Analyzer to capture live packet data from network interface and troubleshoot network related problems
• Hands on experience of Cisco works and Cisco configuration professional tools used for Network discovery, topology views and VLAN management
• Configured IP, RIP & OSPF in routers.
• Performed switching technology administration including VLANs, inter-VLAN routing, Trunking, STP, RSTP, port aggregation & link negotiation.
• Responsibilities also include technical documentation of all upgrades done
• Design, execution of installation and configuration of VPN, LAN/WAN as per organizational requirements.
• Used DHCP to automatically assign reusable IP addresses to DHCP clients
• Involved in troubleshooting of DNS, DHCP, and other IP conflict problems
• Upgrades and backups of Cisco router configuration file to a TFTP server
• Cisco IOS upgrade and device password recovery
• Configured and Implemented VLANS over the core Switch, configured VTP to manage VLAN database
• Enable STP attack mitigation using BPDU guard, Root guard and BPDU filters.
• Managed IP addressing and implemented IP Access Lists
• Converted Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Respond to inbound requests via phone and via Remedy Ticketing tool for technical assistance with managed services in a timely manner (within documented SLA) to support, threat and other cases.
• Worked with Configuration Management Database (CMDB) a centralized repository that stores information about the IP address, Vlan's info of the hardware devices.
• Collaborate effectively with local team members and offshore staff to create best practice processes

Environment: Switches- 3750, 3850, 2960-SF, 4500, 4900 series, ISR Routers-2900, 3800, 3900 series, Cisco ASA and Checkpoint firewalls