SUMMARY

• Having 8.1 years of experience in Network Security Engineer and Network Consultant.
• Experience working on Cisco Catalyst Series 3750, 4500, 4900, 6500; Nexus 2000, 5000, 8000, 7000 and 9000 series switches.
• Worked on Cisco 7200, 3800, 3600, 2800, 2800, 1800 series Routers and Cisco 2900, 3500, 4500, 5500, 6500 and Nexus 5K series switches and Sound noledge of Routing and Switching concepts and MPLS design.
• Experience in working wif Cisco Nexus Switches and Virtual Port Channel configuration.
• Intensive applications of Network automation tools and testing for network automation and configuration management using Python scripting.
• Performed IOS Software upgrades on switches Cisco 6509, 4510, 3750 and Cisco ASR for compatibility wif Cisco ISE.
• Responsible for Configuration and administration of firewalls, which includes Palo Alto PA - 4k/3k/5k/7k and Cisco ASA- 5500/5525/5510 firewalls.
• Established VPN tunnels between Cisco routers and Cisco Firewalls and Palo Alto Firewalls.
• Replaced aging ASA firewall architecture wif new next generation Palo Alto appliances serving as firewalls and URL and application inspection.

TECHNICAL SKILLS

Routing: Cisco Routers ASR1002X. 3945, 3845, 2800, 3800, 7200, 3925E and 2951E

Switching: Cisco 3560/3850/3750/3500/3850/4510/8500/7600 switches

Data Center: Nexus-9K, 7K, 5K, 3k, 2K

Firewall: Palo Alto, ASA

AWS: VPC, EC2 Instance, S3 Buckets, Auto scaling, AWS IAM, ELB

F5 Load Balancers: LTM, SSL offloading, VIP, Pool, TCPDUMP, Troubleshooting

SD WAN Technology: Meraki SD-WAN Technology, Cisco Viptela (vManage, vSmart & vBond)

PROFESSIONAL EXPERIENCE

Confidential, San Antonio, Texas

Senior Network Security Engineer

Responsibilities:

• Migration from Cisco firewalls to Palo Alto firewalls platforms PA-4000 and PA-500 and PA-200 firewalls network technologies.
• Successfully Design and installed Palo Alto PA-3080 firewalls to protect Data Center and provided L3 support for routers/ switches/ firewalls.
• Installing and Configuring Palo Alto Pa-500 series and Pa-2000 series firewalls using Panorama.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Installing and configuring new Cisco equipment including Cisco catalyst switches 3850, 3750, Nexus 5548 and Nexus 2k as per teh requirement of teh Organization.
• Designing and Implementation of (LAN) VLANS, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel on CISCO Catalyst Switches 3500, 3650, 3850 6500, 7800.
• Configuring and Installing Juniper EX-2200, EX-4200, M-320 routers.
• Coordinate wif multiple vendors (Cisco, Juniper) to troubleshoot network outages and issues.
• Configuring, Monitoring and Troubleshooting Cisco's ASA 5500 security appliance. Failover DMZ zoning and configuring VLANsirouting/NAT wif teh firewalls as per teh design.
• Established IPSEC VPN tunnels wif ASA 5500 series Firewall between some branch offices & headquarters.
• Upgraded ASA 55055 to 5525X and Setup high availability ASA pair wif Firepower.
• Configuration and troubleshooting of CSM, integration wif ASA devices.
• Implementations of Network and Devices for Network SD-WAN environment.
• Deploy and support Viptela solution in production.
• Resilience, failover and performance of vEdge, vSmart and vManage.
• Focused on working wif Cisco Channel partners to build practices around Cisco ACI.
• Implemented Cisco Application Centric Infrastructure (Cisco ACI) as a solution for data centers using a Spine and Leaf architecture.
• Expert in troubleshooting production issues and resolving incident and change tickets related to Cisco ACI.
• Managing teh AWS security policies and network configuration, including AWs direct connect, vpn failover, Multiple VPC's, user and site access to servers and accounts.
• Created S3 buckets in teh AWS environment to store files, sometimes which are required to serve static content.
• Used security groups, network ACL's, internet gateways and route tables to ensure a secure zone for organization in AWS public cloud.
• Used IAM for creating roles, users, groups, and implemented MFA to provide additional security to AWS account.
• Used Python scripting for network sniffing and managed parameters for pool of servers and updated, automated and migrated different services.
• Configured and created wireless sites using teh Cisco Meraki System dashboard.
• Implemented site to site VPN on Cisco Meraki MXx64. MX85, MC84, and MX400.
• Configure and installation Cisco prime infrastructure to deploy IWAN.
• Configured and implemented F5 BIG-IP GLB and LTM load balancers.
• Modified and reconfigured two factor autantication BIG-IP APM autantication.
• Created Access policies on APM module using AD and LDAP autantication for external clients.
• Worked on F5 Enterprise Manager 3.1 version to manage multiple F5 LTM devices from single-pane view.
• Worked wif Blue coat and handled teh Trouble Tickets on F5 Load Balancers.
• Configured and troubleshooting Cisco unified UC580 manager VolIP systems.
• Apply Cisco ISE configuration to switches.
• Worked wif Cisco ISE to identify threats in teh network for rapid containment and remediation.
• Worked on upgrading Cisco ISE 3300 Appliances and 1.0.4 Cisco ISE software on VM ware's.
• Experience on dealing wif Cisco ISE Secure Network Server 3515 and other network security products.
• Performed Troubleshooting and monitored routing protocols such RIP. OSPF, EIGRP & BGP.
• Worked on VM Ware migration from physical servers to virtual servers.
• Managed successful delivery of massive security response portfolio including Splunk and Cisco ISE.
• Worked on Riverbed devices for WAN bandwidth Optimization in teh data centers for teh sensitive.

Confidential, Livonia, MI

Network Security Engineer

Responsibilities:

• Integrating Panorama wif Palo Alto Firewalls, managing multiple Palo Alto link PA-3k, PA-5k, PA-7k Firewall using Panorama.
• Experience wif working on Palo Alto Next-Generation Firewalls Security profiles.
• Leveraged Palo Alto Networks’ Wildfire inspection engine to prevent Zero-Day attacks.
• Installing, Configuring and troubleshooting Cisco Routers (ASR1002X. 3945, 3845, 2800, 3800) and Switches to perform functions at teh Access, Distribution, and Core layers.
• Installing, Maintaining and Troubleshooting of Cisco ASR 1K, 7200, 3925E and 2951E Routers and Cisco 8500, 4510, 4500-X, 4948, 3580X, 3750X and 2960S Switches for deployment on production.
• Responsibilities include software upgrade, license activation, configuring/installing new GSR router 7000, 12000, Nexus switch 9000, 5000,3000, 9504, 9300, 3200, 2308, F5-5050 and maintaining network documentation.
• Experience working wif High performance data center switch like nexus 9000, 7000 series.
• Configuration of Fabric path and connectivity between Nexus 5K and Nexus 7k.
• Experience wif SDN/NFV technologies including Open Stack Neutron, VM ware, NSX. Open flow, Open daylight, Open v Switch, and Open Contrail or Cisco ACI.
• Plan, build, deploy and maintain ACI data center lab utilized by internal parties
• Configured Cisco ISE for Domain Integration and Active Directory Integration.
• Configured Cisco ISE for Wireless and Wired 802. 1x Autantication on Cisco Wireless LAN Controllers, Catalyst Switches, and Cisco ASA Firewalls.
• Worked wif Cisco ASA 5500-X wif Firepower services.
• Configured Site to Site IPsec VPN tunnels to peer wif different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.
• Automated network implementations and tasks and designed monitoring tools using python scripting.
• Involved in Viptela SD-WAN technology in discovery design and implementation of client's network.
• Provided teh technical integration of public and private AWS Cloud services,
• Worked on F5 BIG IP LTM 3600 load balancers to configure Nodes, Pools and VIP's on a need basis.
• Completed basic configurations on teh F5 Big-IP GTM load balancer on existing network to split traffic on web-servers.
• Expert in design, configuration and deployment of F5 Solutions wif extensive experience working wif APM and ASM technologies.
• Creating, configuring and Troubleshooting VIP's for (EBL & EFL Extranet networks) on F5 networks.
• Implemented and Configuring Cisco Meraki Wireless network system.
• Administrated LAN and WAN wif of TCP/IP, NAT, PPP, ISDN and associates network protocols and services.
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
• Experience wif Virtualization technologies like installing, configuring, VMware sphere.
• Creation, management, administration and maintenance of virtual servers and clients.

Confidential, San Antonio, Texas

Network Security Engineer

Responsibilities:

• Planning, design, implementation, organization and operation of Palo Alto Firewalls based perimeter security network and network security devices including but not limited to PA-5200, 5000 and 3000 series Firewalls.
• Involved in multiple migration projects and migrated teh existing firewall configurations from Cisco ASA to Palo Alto firewalls.
• Core Network Migrations and Replacements for teh devices wif end-of-life and end-of-support, which also includes teh Cisco ASA to Palo Alto firewall migration across multiple agencies.
• Integrated and Configured Cisco ASA-5585, 5000, 5520, 5555 Firewalls wif ISE to teh Posture policy compliance performs CoA for remote VPN IPsec, SSL Any Connect users.
• Configuring failover and working on SSL-VPN when in active/standby failover on Cisco ASA.
• Installing, Configuring and troubleshooting Nexus 7k/5k/2k Data Center Switches.
• Maintaining and Troubleshooting of CISCO 5960, 3750, 3850, 4500, 6500 switches and CISCO 3945, ASR 1004, 1002-X routers.
• Provided support for all network security-related issues or queries including existing and new technologies, vendors and applications.
• Coordinating wif teh network staff to develop and enhance processes and procedures for disaster recovery.
• Deployed BIG-IP F5LTM Load Balancers for load balancing and traffic management of business application.
• Configured F5 Load Balancers: Adding virtual IPs, nodes, pools and health monitoring.
• Integrated Cisco ISE wif RSA multifactor for teh VPN users across multiple State of Texas Agencies and hands on experience wif teh DUO multifactor solution.
• Configured Cisco ISE and switches to autanticate and authorize devices and users.
• Responsible for network uptime and all changes are executed on time, in accordance wif service level agreements wif teh State business.
• Implemented a backup strategy along wif a disaster recovery plan in teh event that teh servers.

Confidential, San Antonio, Texas

Network Consultant

Responsibilities:

• Implemented and supported local and remote using Cisco devices (Cisco routers 1801, 1721, 1841, 2505, 7507 and 7513; Cisco Switches 2028, 3750, and 6509 series).
• Implemented and supported disaster recovery facility for fail-over purpose, which included teh backbone routers, VPN and DMZ networks.
• Configured static/dynamic routing for VPN customers wif Managed Router Service (MRS) and customers using Proxy Radius servers.
• Also implemented Network Address Translation (NAT) on managed routers.
• Troubleshot network connectivity/performance problems (serious fault investigation management and resolution).
• Monitored LAN and WAN links and handled capacity planning which included installation, configuration and maintenance of Cisco devices (Cisco routers 1603, 2500, 7507 and 7513: Cisco Catalyst Switches 2826, 5005. 5505, 6509 and 8540).
• Troubleshot network connectivity /performance problems and provided resolutions.
• Tested L2 protocols (VLAN. STP, flavors of STP, PVST, HSRP, VRRP & LACP) and routing protocols (OSPF. MPLS, EIGRP & RIP).
• Testing network features: NAT, ACLS, Multicast, Traffic shaping. Queuing on an L2 and L3 switches.
• Worked wifin established configuration and change management policies to ensure awareness, approval and success of changes made to teh network infrastructure.