SUMMARY

• 8 plus years of experience in Networking, including hands - on experience in IP network design providing network support, installation and analysis.
• Expertise with OSPF, BGP, and TCP/IP.
• Configuring RIP, OSPF and Static routing on JuniperRouters.
• Experience with design and implementation of Virtual Switching System (VSS) for both User segment and server segment using 6509-V-E catalyst switches.
• Knowledge on security attacks like DoS, DDoS, Spoofing, Nexsus & Cisco IOS and Cisco Works.
• Involved in designing L2 VPN services and encryption system and other VPN with IPSEC based services.
• Experience with the Juniper JUNOS platform and worked with IOS upgrade of Juniper devices.
• Installing and configuring F5 Load balancers and firewalls with LAN/WAN configuration.
• Experience in Configuration and Support of LAN protocols on Cisco Switches (Layer2, Layer3 and Multi-Layer).
• In-depth understanding of IPV4, IP Subnetting, VLSM and ARP, Ping Concepts.
• Worked on network topologies and configurations, TCP/IP, UDP, Frame Relay, bridges, routers, hubs and Switches.
• Sound knowledge of routing and switching concepts and MPLS design.
• Experience in Package management using RPM and YUM in Red HatLinux.
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS.
• Worked on Cisco 7500,7200,4000,3800, 3600, 2800, 2600, 1800 series Router andCisco 2900, 3500,4500, 5500, 6500 and RSM series switch.
• Superior expertise in MSWindowsimplementation maintenance documentation and troubleshooting.
• Strong knowledge underImpervaweb application firewall for monitoring for In-depth analysis of attacks and SIEM tools such as Splunk for analysis and log monitoring
• Experience in trouble-shooting both connectivity issues and hardware problems on Cisco based networks.
• Experience on ASR routers like 1k, 9K series as a core and configured HSRP for active-active redundancy.
• Involved in migration of WLAN segment on the LAN Core. Also, involved in configuring wireless VLANS.
• Have working knowledge ofVPN, Network Security, Payment Domain, DPI, CDMA2000, ATM, and SONET.
• Perform Palo Altonetworkfirewall design, integration & implementation for Cyber Trap clientnetworks.
• Hands-on Experience with Cisco firewalls PIX 515, ASA 5500 series and Check Point Firewalls.
• Knowledge in the analysis, implementation, troubleshooting & documentation of LAN/WAN architecture and good experience on IP services.
• Hands-on experience with Ether Channel, Spanning Tree, Trunking, ACLs, Syslog.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MST.
• Hands-on configuration and experience in setting up Cisco routers to perform functions at the Access, Distribution, and Core layers.
• In-depth knowledge and hands-on experience on IP Addressing, Sub netting, VLSM and ARP, reverse & proxy ARP, Ping Concepts.
• Hands on configuration experience last mile Internet &VPN.
• Providing support and troubleshooting for Business VOIP clients.
• Experience in installation, configuration, backup, recovery, maintenance, and support of Several Unix/LinuxServers.

TECHNICAL SKILLS

Routers: (1800, 2500, 2600, 2800, 3600, 3800, 7200).

Cisco Switches: (2900, 3500, 4000, 4500, 5000, 6500, 3750, MSFC, MSFC2, Nexus 5k, 7k, 2k, 3K)

Routing Protocol: (BGP, OSPF, EIGRP, ISDN, PBR, PRI, IGRP, IS-IS, RIP), Routed Protocol TCP/IP, Multicasting, PIM

Management tools: SNMP, Syslog, Sniffer, and Wire shark.

LAN Protocol: VLAN, VTP, RAS, Inter-vlan routing, ISL, dot1q, STP, RSTP, RPVST, PVST, LACP, PAgP, HSRP, GLBP, MC-LAG, Ethernet, Port security.

WAN Technology: Frame Relay, PPP, X.25, E1/T1/T3/DS1/DS3, ATM, MPLS VPNs, L3VPN, VRF, and MPBGP.

Network Management: SNMP v2, Cisco Works, 3Com Network Analyzer, Citrix Netscape, MRTG, Solar winds, TACACS

Network Security: Knowledge of Firewall, Checkpoint Provide 1, ASA, F5 (LTM, GTM), A10, IPSec, IPS/IDS & VPN

Application Protocols: DHCP, DNS, FTP, TFTP, SNMP, HTTP, FTP, ICMP, SMTP, SSL, IP, IPV6.

Documentation: Microsoft Office, Visio

PROFESSIONAL EXPERIENCE

Confidential, ROUND ROCK,TX

SR.NETWORK SECURITY ENGINEER

Responsibilities:

• Responsible for Network Architecture development, Validation and content (documentation and video) creation based on the architecture for Confidential Networking Products.
• Handled theVMwaresolutions to support multiple storage connectivity options such as FC-SAN, iSCSI, NFS (NAS) like interconnection of Fiber Channel Cables with switches, Fabric interconnects.
• Performed backup and restore operations ofVMwarehost server's configuration, Virtual Machines backup, snapshots, P2V-V2V conversion usingVMwarestand-alone convertor, monitoring/reporting, SSH, SNMP and alerts notification.
• TCSE functions: setup and installtufincluster in virtual environment. Train Confidential 's client on usage and reporting ofTufinand Check Point. Check Point Optimization Consulting.
• Verify Symantec/Mcafeesignatures against client software in test environment and successfully deploy signatures to production environment.
• Responsible for configuration, maintenance and troubleshooting routing protocols BGP, EIGRP and OSPF on Confidential Switches s4048,s3048,z9100 and s6010.
• Configure and administersecurityrules and policies to permit and/or deny user traffics based on companysecuritypolicy.
• Expertise in Installing & configuringfirewallsCiscoASA, Palo alto PA-3060, PA-5060, Panorama.
• Proficient in implementing Check PointFirewallsNG, NGX, NG R55, NGX 60, NGX R65, R70, R75, R77 Gaia, Provider-1 and VSX.
• Experience configuring OSPF and BGP on branch routers with Access Control lists implemented as perNetworkDesign Document. Established redundancy at critical sites for high availability.
• Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trunking, deployed port security when possible for user ports.
• Successfully installed Palo Alto PA-3050, PA-5050firewallsto secure zones of network.
• Install and maintain Palo Altofirewallconfiguration to protect cardholder data for payment card industry (PCI).
• Configuring, Administering and troubleshooting the Checkpoint, Palo Alto,ImpervaWAFand ASA firewall.
• McAfeeSpam, Virus and Malware protection at different layers within organization.
• Expertise insecurityidentity management platform such as ACS 5.x, RSA Secure ID 8.x.
• Manage & supportActiveDirectory, Group Policy Objects to implement corporate policies and manage workstations, servers, and user's environment, AD Certificate services, access & identity management.
• Replace branch hardware with new 2900/3900/MX-80 routers and 3850 switches.
• Responsible for managing activities, Upgrading IOS - Upgrading hardware and installing new devices, tuning (Configuration), make standardization for the topology.
• Coordinate with end users and departments in configuring special applications to useActiveDirectoryauthentication.
• Work with Rackspace in managing; IDS/IPS (Alert Logic),WAF(Imperva), DDOS Protection service.
• Experience in implementation and administration Software Define Network technologies such asVMwareNSX,VMwarevCloud Networking and Security.
• Implement and configured GLBP (on core switching and for VPN redundancy), HSRP on different location of office on the switchednetworkand managing the entire multilayer switchednetwork.
• Switching tasks include VTP, ISL/ 802.1q, IPsec and GRE Tunneling, VLANs, EtherChannel, Trunking, Port Security, STP and RSTP.
• MonitorSymantecand Symantec's Customer network for stability and optimal performance.
• McAfeeATD detects targeted attacks and connects with existing defenses, converting threat intelligence into immediate action and protection. Furthermore, it provides multiple analysis engines to broaden detection and expose evasive threats.
• Setup scripting of various aspects ofTufinmanagement
• Experience in CiscoASAfirewalls: Knowledge of ACLs, Cisco ACS, IPSec, VPN, NAT.
• Implemented, and administeredWindowsServer2012R2/2008/2003 Servers in the Environment. Wrote/update PowerShell & VBScript that would scan each server after a build and verify in an Excel
• Created PowerShell Scripts with VMware vSphere PowerCLI 6.3 to Determine and log the VMware Virtual Machine Name with the Guest\WindowsServer Name, Determine the Version of VMware Tools and if the VMware Tools Service was running, Free Disk Space, Operating Systems, Pending Reboots, System Uptime.

Confidential, Bellevue, WA

Sr. Network Security Engineer

Responsibilities:

• Design and deploy Datacenter networks utilizing industry best practices and Cisco hardware to include: Cisco enterprise level L3 switching and Nexus 7K/5K/2K platforms.
• Plan, design and test the application migration from F5 load balancer to new A10 load balancers.
• Design signal modulator following 802.11g OFDM standard for testing of a 2.4GHz PA
• Requirements gathering from Application customers about the application for low latency and reliable operation.
• Proficient inCiscoIOSfor configuration & troubleshooting of routing protocols: OSPF, EIGRP, RIP, IGRP, BGP etc.
• Expertise insecurityidentity management platform such as ACS 5.x, RSA SecureID 8.x.
• Implementnetworksecurityfor remote access. Tasks includes configuring site to site and clients to site VPN tunnels.
• Experience with devices Palo AltoNetworkfirewalls such assecurityNAT, Threat prevention & URL filtering.
• Design, implement, and develop network designs for applications used in TMO.
• Analyzed the Policy rules, monitor logs and documented the Network/Traffic flow Diagram of the Palo AltoFirewallsplaced in the Data Center with MS Visio.
• Troubleshooting and testing application functionality through load balancers in both test and production environments.
• Working onfirewalltasks like port addition or deletion, route addition, route deletion, route checkup, VPN, 2 factor authorization, network troubleshooting.
• Achieved managing complex BGP, OSPF, EIGRP, IGRP, RIP v1 & v2, IS-IS,TACAS, RADIUS protocols throughout equipment such as CISCO ASA, 7600, 7500, 7200 VXR, 3800, 3700, 2800, 2600.
• Provide level 2 technical support forSEPSesam Disaster Recovery Software.
• Configuring rules and Maintaining Cisco ASA, CheckpointFirewallsand Palo Alto & Analysis of firewalllogs using various tools.
• Extensive implementation offirewallrules on checkpoint R77 GAIA on daily basis using Smart Dashboard.
• Excellent experiences withVMwareupdate manager to install patches and updates on ESX/ESXi hosts and virtual machines.
• ManageVMwareDistributed Resource Scheduler (DRS), vMotion & High Availability (HA) cluster.
• Experience working with Cisco IOS-XR on the ASR9000 devices for MPLS deployments.
• Configuring and administering routing protocols OSPF, BGP and Static.
• Performed VPN/VRF secure designs over BGP enabledMPLSand dedicated WANs.
• Isolated network traffic via F5 load balancers for GTMs and LTMs
• Knowledge and experience with: IP Routing, VPNs, DNS, and Web Proxy
• Identified opportunities for implementation of network best practices, particularly F5 load balancer implementations.
• Creating and configuring vNetwork Standard Switch (vSwitch) and Distributed Virtual Switch (dvSwitch).
• Install and manageImpervaWAF, F5 APM, and Aventail VPN appliances and SME on corporate proxy policy and technology.
• Wrote F5 scripts that isolated traffic going to active site and failed over to the backup datacenter as well as failback to resume business as usual.
• Troubleshooting and problem resolutions onLinuxservers.
• Configured Virtual IP's (VIP) and virtual servers. Configured pool and pool members and associated it to the virtual server. Configured load balancing methods
• Working closely with Server team, Network appliance team to migrate the server connections and Riverbed, F5 connections from Catalyst 6500 Switches to Nexus 7000, 5000.
• Monitor network performance and troubleshoot problem areas as needed.
• Design and deploy managed LANs, WANs, and wireless networks, including routers, switches, firewalls and other hardware.
• Knowledge on Switches,routers,collaborations,NX-OS,Fireshight,ISE.
• Oversee/perform new and existing equipment, hardware, and software upgrades.

Confidential, Mason,MI

Network Security Engineer

Responsibilities:

• Involved in Configuring and implementing of Composite Network models consists of Cisco7600, 7200, 3800 series routers and Cisco 2950, 3500, 5000, 6500 Series switches.
• Configured networks using routing protocols such as RIP, OSPF, BGP and manipulated routing updates using route-map, distribute list and administrative distance for on-demand Infrastructure.
• Configured OSPF redistribution and authentication with type 3 LSA filtering and to prevent LSA flooding.
• Configured and troubleshooting HSRP, BGP, OSPF, EIGRP, MPLS WAN, QoS and Route Maps.
• Configured OSPF over frame relay networks for NBMA and point to multipoint strategies.
• Implementing traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).
• Maintain, test and support ofVMwareESX server running both Linux and Windows 2003 servers.
• Maintenance of Platform Independent Code of Forwarding Element of MPLS that interacts with hardware.
• Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tunings AS-path.
• Created documents for various platforms including Nexus 7k, ASR9k, and ASR1k enabling successful deployment of new devices on the network.
• Remotely connect into end user computer to help troubleshootnetworkissues.
• Configuring and troubleshooting ofLayer3 routing protocols such as OSPF and BGP.
• Implemented Hot Standby Router Protocol (HSRP) by tuning parameters like preemption.
• Implemented various OSPF scenarios on networks consisting of 7600 routers.
• Configured policy based routing for BGP for complex network systems.
• Configured Multiprotocol Label Switching (MPLS) VPN with Routing Information Protocol (RIP) on the customer’s Site.
• Successfully installedfirewallsto protect Data Center and provided L3 support for routers/switches/firewalls.
• Configuring and troubleshooting ofLayer3 routing protocols such as OSPF and BGP
• EvaluatedITILprocesses maturity; provided gap analysis for automation goals.
• Tuned BGP internal and external peers with manipulation of attributes such as metric, origin and local preference.
• In depth knowledge onVMWareESXi Server and Desktop Virtualization product.
• Comprehensive understanding of networking concepts pertaining to LAN and WAN, Informationsecurity, IT communication and maintenance in multi-platform environments.
• Tuned BGP internal and external peers with manipulation of attributes such as metric, origin and local Preference.
• Built the Base Images inVMWaretime to time and testing the solutions using the linked clones and full clones.
• Configuring, Installing and troubleshooting on Check Point Devices.
• Troubleshoot and Worked with Security issues related to Cisco ASA/PIX, Checkpoint, IDS/IPS and Juniper Netscreen firewalls.
• Experience with Synchronous Optical Networking (SONET) over optical fiber.

Confidential, Napa, CA

Network Security Engineer

Responsibilities:

• Experience with Firewall administration, Rule analysis, Rule modification.
• Experience on F5 load balancer in order to maintain balance in the network system with application specific usage.
• Troubleshoot traffic passing managed firewalls via logs and packet captures.
• Installing and configuring juniper M series router along with juniper switches QFX series.
• Configured and resolved various OSPF issues in an OSPF multi area environment mostly on IPv4 and to some extent on IPv6.
• Managed fast Layer 3 switched/routed LAN/WAN infrastructure as a part of Network team.
• Hands-on experience with WAN (ATM/Frame Relay), routers, switches, TCP/IP, routing Protocols (BGP/OSPF), and IP addressing.
• Configured CIDR IP RIP, PPP, BGP and OSPF routing.
• Understand, analyze, and make recommendations for the architecture of a flexible, comprehensive security eco-system that includes IDS, IPS, malware detection/prevention, behavior anomalies, and big data analysis.
• The customer environment includes multiple MPLSnetworksrunning various routing (BGP, OSPF, EIGRP and Multicast), switching protocols, QoS, GetVPN and integration of various business unitnetworks.
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Deployed 7613 as PE and CE router and configured and troubleshoot the edge routers.
• Excellent troubleshooting knowledge on T1, T3, OC-3 and OC-12.
• Configured egress and ingress queues for ISP facing routers using CBWFQ.
• Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems.
• Experience with implementing and maintaining network monitoring systems (Cisco works and HP open view) and experience with developing complex network design documentation and presentations using VISIO.
• Estimated project costs and created documentation for project funding approvals.

Confidential

Network Engineer

Responsibilities:

• Installed and configured workstations for IP based LAN’s.
• Installed and configured DHCP Client/Server.
• Configured and managed networks using L3 protocols like RIPv2.
• Configured VLANs, Private VLANs, VTP and Trunking on switches.
• Configured L2 and L3 security features on devices.
• CreatedITILService Delivery Management Processes for theITILlifecycle.
• Designed and implemented remote dial up solution for clients.
• Designed, validated and implemented LAN, WAN & WLAN structure to suite client’s need.
• Performed troubleshooting and monitored routing protocols such as OSPF, EIGRP & BGP.
• Involved in writing troubleshooting guidelines for MPLS VPN.
• Streamlined the process of deployment of operating system.
• Active Directory user’s management and planning for authoritative and non-authoritative restore.
• Configured ACL & NAT through CLI.
• Support various Series ofCiscoRouters like 7200/7600 series.
• Hands on Experience in Inter-Vlan routing, redistribution, access-lists and dynamic NAT.
• Efficient in cabling as per co-location contracts with loop-back testing, including all DS1, DS3, T1, T3, CAT 6 and CAT 5 connections as per defined cabling procedures.

Confidential

Network Engineer

Responsibilities:

• Worked on maintenance and troubleshoot of the network infrastructure.
• Provided Technical hardware and software support.
• Configured and troubleshot Cisco 2800 series routers.
• Transformation of RIP V2 to OSPF, BGP routing protocols.
• Troubleshooting complex networks layer 1, 2(frame relay, ATM, Point to Point, ISDN) to layer 3 (routing with MPLS, BGP, EIGRP, OSPF and RIP protocols) technical issues.
• Developed VLAN and Inter-VLAN routing with Multilayer Switching.
• Implemented Hot Standby Router Protocol (HSRP) by tuning parameters like preemption.
• Implementing traffic engineering for Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).
• Management, Installation, configuring and troubleshooting of Proxy, DHCP, RAS, VPN and Linux servers.
• Prompt technical support to customers on routers and switches for 24 hours.

Confidential

Network Administrator

Responsibilities:

• Provided support and troubleshooting network related problems Monitored network systems operations and conducted systems performance evaluations and system diagnostics.
• Proactive monitoring of the health and status of the production network, servers and applications using appropriate tools.
• Ensured that every issue received is promptly tracked, controlled and escalated (if needed).
• Create, log troubleshoot notes and maintain outage notification logs and follow documented escalation procedure where appropriate.
• Assist network employees in troubleshooting the issues.
• Handled the development of code in the C and C++ programming languages for various projects assigned to me.
• Maintain documentation of processes, procedures, troubleshooting guides and change management logs.
• Monitored network devices like routers, servers, switches, Cisco PIX Firewall and Firewalls using HP open view network node manager (NNM).
• Extensive knowledge on Network Monitoring tools such Tivoli as HP Openview, IBM, and Cisco Works.
• Worked on Packet Analysis tools like Ethereal, Wire shark.