SUMMARY

• 8 years of experience in Network design, Security, Tier support of Networks in various environments.
• Extensive experience working on Cisco and Juniper routers/switches in complex environments with multiple ISPs.
• Worked on Cisco 7200, 3800, 3600, 2800, 2600, 1800 series Routers and Cisco 2900, 3500, 4500, 6500 and Nexus 9k, 7k, 5K series switches and Sound noledge of Routing and Switching concepts
• Worked with security devices such as Firewalls, VPN switches and Intrusion Detection Systems.
• Replaced aging Checkpoint firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection
• Experience with products such as Aruba wireless, Cisco ASA 5500 series firewalls and Cisco ACE 4710 Load balancers.
• Experience in installing and configuring DNS, DHCP servers.
• Experience in Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Experience working with Cisco IOS - XR on teh ASR9000 devices for MPLS deployments.
• Expert in dealing with Networking Protocols and Standards such as TCP/IP, OSI, UDP, Layer 2 (VLANs, STP, VTP), Routing Protocols (EIGRP, OSPF, BGP), WAN technologies ( IPsec, VPNs, MPLS), Qi’s.
• Experience in F5 Load balancers such a BIG-IP LTM Modules.
• Cisco ACI fabric networks, including python automation.
• Good understanding of cable management such as CAT5/6/6E, Fiber-Optic (Multi & Single mode fibers).
• Excellent communication skills to interact with team members and support personnel and also can act as a mentor to less experienced personnel.

TECHNICAL SKILLS:

Operating Systems: Windows (Server 2008/2012, Windows 7/10 ), Linux OS

Routers: Cisco GSR12016, ASR1001, 2900, 3900, 7200, 7600 & ASR9000

Switches: Cisco 3750, 3850, 4507, 4510 & 6500 series switches, Nexus 9K, 7K, 5K, 2K

Routing: MPLS, OSPF, EIGRP, BGP, PBR, IS-IS, Route Filtering, Redistribution, Summarization, Static Routing

Switching: LAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switch, Multicast operations, Layer 3 Switches, Ether channels

Network security: Cisco (ASA,) 5510, Palo Alto, juniper SRX, ACL, IPSEC VPN, Remedy, GRE VPN, NAT/PAT, Filtering, Load Balancing, IDS/IPS

Load Balancer: F5 Networks (Big-IP) LTM Module, Cisco ACE 30 load balancer

LAN: Ethernet (IEEE 802.3), Gigabit Ethernet.

WAN: Leased lines, Channelized links (T1/DS3/OC3/OC12), Fiber Optic Circuits, Load Balancing. Various Features & Services IOS and Features, HSRP, GLBP, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP and FTP Management

AAA Architecture: TACACS+, RADIUS, Cisco ACS

Network Management: SNMP, Solar Winds, HP open view, and Wire shark

Reports and Network Diagrams: Microsoft (Visio pro.)

PROFESSIONAL EXPERIENCE:

Confidential

Sr. Network Security Engineer

Responsibilities:

• Upgrading code on Palo alto firewalls PA 5050 Version 9.0 to meet company security policy
• Involved in configuring Palo Alto PA 7020 firewall from teh scratch
• Experience in configuring allPaloaltoNetworksFirewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments
• Designed and implemented a secure instant messaging system in Python providing interface state changes on teh devices to support team
• Worked on Python scripting for network configuration and management.
• Migrated complex, multi-tier applications on AWS. Defined and deployed monitoring, metrics and logging systems on AWS. Migrated existing on-premises applications to AWS
• Selecting appropriate AWS service to design and deploy an application based on given requirements.
• Upgrading code onPaloaltofirewalls PA 5050/3020 to meet company security policy
• Implemented Zone Based Firewalling and Security Rules on thePaloAltoFirewall.
• Implementation of Access Lists for allowing/blocking desired traffic.
• Monitored infrastructure with Nagios like Firewalls, Servers, Services, Network devices, applications, web portals etc. Resolution of tickets fresh & pending
• Configure, update software, troubleshoot routing issues and maintain various enterprise network devices such as Cisco Nexus 9k's,7k'.
• Installed and configured Palo alto images in AWS cloud.
• Managing DATA Center Inbound and outbound services.
• Worked on Ansible automation tool.
• Installed Configured and managed Ansible Centralized Server and creating teh playbooks
• Upgraded Nexus 9k, 7k and 5k switches to deal with teh vulnerability issues.
• Worked in for teh NextGen Datacenter Cloud Architecture, usingCiscoACIand Nexus 9K
• Configured VPC (Virtual Port Channel), VDC (Virtual Device Context) in Nexus 9k,7k/5k devices
• Configured BGP load balancing and ensured stability of BGP peering interfaces
• Implemented site to site VPN in Juniper SRX as per customer Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering using Route-maps.
• Implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA 5500 Firewalls.
• Configuring Static, IGRP, EIGRP, and OSPF Routing Protocols on Cisco 1600, 2600, 2800, 3600, 7300 series Routers.
• Configured Cisco 2800, 3800 routers and 3750, 4500, 6500 switches as part of teh implementation plan.
• Deployed BIG IP Enterprise manager to cluster all teh F5 LTM, GTM.
• Responsible for configuration of F5 Viprion 2200.
• Involved in migration of F5 Local traffic managers of LTM 5100 series to LTM 6800 series for higher.
• Provide second/third level technical support forACI(Application Centric Infrastructure)technologies.
• Maintain and expand teh Cisco ACI Network Centric infrastructure including ASRs, ISR, ASAs, Source file, 9k and 7k switches.
• Designed and configured OSPF, BGP on Juniper Routers and SRX Firewalls
• Implementation of Site-to-Site VPNs over teh internet using 3DES, AES/AES-256 with ASA Firewalls.
• Migration and implementation of Palo Alto Next-Generation Firewall series PA-500, PA-3060, PA-5060, PA-7050, PA-7080.
• Configure various LAN switches such as CISCO CAT 2900, 3550, 4500, 6509 switches and Access layer switches such as Cisco 4510, 4948, 4507 switches for VLAN, Fast Ether Channel configuration.
• Configured NAT and PAT policies.
• Performed processes of optimization, backup, configuration and updating of Cisco IOS and IOS XR.
• Configuration and troubleshooting of EIGRP, OSPF, BGP.
• Configuration and troubleshooting of CSM, integration with ASA devices.
• Experience in migration of VLANS & Configured VLANs with 802.1q tagging, Ether channels, and Spanning tree for creating Access/distribution and core layer switching.

Confidential, Louisville, KY

Sr. Network Engineer

Responsibilities:

• Implemented MX-960 router and configured virtual chassis in teh core to enable interchassis redundancy.
• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems during teh conversion of existing point-to-point circuits to MPLS.
• Implemented Dual homed connections between multiple UHG sites to connect to primary and redundant datacenters in Alpharetta/ Santa Ana.
• Dealt with implementation of deployment related to Cisco ASA 5585 devices, Juniper SRX 550 devices to apply security policies on it.
• Troubleshoot issues related to VLAN, VLAN Trunking, VRRP failovers, related issues.
• Involved in Planning for upgrade of IOS/JUNOS on devices and performing teh upgrade to teh TAC recommended code.
• Assisted in teh architecture, evaluation and recommendations related to purchasing and installing hardware, software related to IPV4 and IPV6 Networking.
• Add Trunks, Spanning Tree protocol, Port-Security, VLAN-MAPs and DOT1X for Switches and Wireless.
• Used Cisco ACI Fabric which is based on Cisco Nexus 9000 series switches and Cisco Application Virtual Switch (AVS).
• Working as a Network SME for teh NextGen Data Center Cloud Architecture, using Cisco ACI and Nexus 9K. Working with Cisco Account team onsite for creating and testing teh POC
• Implemented Cisco Application Centric Infrastructure (Cisco ACI) as a solution for data centers using a Spine and Leaf architecture
• Designed and implemented DMZ for Web servers, Mail servers &FTP Servers using Cisco ASA5500 Firewalls.
• Involved in teh Migration of policy from Cisco ASA firewall into Palo Alto Firewalls.
• Experience in Spine Leaf Architecture, EVPN, VXLAN. Worked on software Defined Network solutions using Cisco ACI.
• Hands on experience in building Cisco ACI fabric (policy groups, switch profiles, etc.), tenants - VRFs, Endpoint Groups, Contracts
• Used Cisco ACI (Application Centric Infrastructure) for fabric implementation, operations, and integration with external bridged networks and Cisco Unified Communication Systems.
• Performed all maintenance tasks on teh Nexus Switches, ASR Routers, Checkpoint Firewalls, F5 Load balancers Infoblox DNS and Cisco ACI.
• Provisioned ports in Cisco ACI to support SAN, VoIP, and hypervisors.
• Troubleshoot issues with Wireless Access points (Cisco 3502) and configure SSID’s on 5520 Wireless LAN Controllers.
• Responsible for Juniper SRX firewall management and operations across our corporate networks.
• Responsible for Working with JTAC/CISCO TAC for resolving escalated issues and bug fixes.
• Worked on a project to migrate vendor DMZ's from a disaggregated cisco environment to a unified SRX 550 firewall cluster leveraging UHG's services.
• Monitored network traffic and developed capacity-planning initiatives, making necessary recommendations, additional resources or hardware.
• Provide Load Balancer expertise on F5 BigIP LTM and GTM devices like 7050 and 2200 and Troubleshoot application slowness.
• Responsible for writing and executing Test Plan, Desk level procedures and Test Case for smooth network operations.
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for datacenter access architecture.
• Experience in configuring Virtual Device Context in Nexus 7010.
• ConfiguredJuniperMX80s, EX4300s, and SRX240s to implement as a part of teh branch office.
• Managing enterprise BGP setup by configuring and troubleshooting BGP related issues.
• Responsible to add new BGP peers for remote branch offices and business partners.
• Experienced with Juniper: EX-2200, EX-4300, EX-4500, MX-480 and M Series, SRX210 and SRX240 troubleshooting.
• Configured VPN tunnels to multiple vendors with end devices terminating at vendor end being a Cisco/Juniper firewall.
• Switching tasks include VTP, ISL/ 802.1q, IPSec and GRE Tunneling, VLANs, Ether Channel, Trunking, Port Security, STP and RSTP.
• Perform Configuration changes on BIG IP (F5) Load balancers and monitored teh Packet Flow in teh load balancers.
• Involved in Configuring and implementing of Composite Network models consists of Cisco 7600, 7200, 3800 series and ASR 9k and Cisco 2950, 3500, 5000, 6500 Series switches.
• Configured networks using routing protocols such as OSPF, BGP and manipulated routing updates using route map, distribute list and administrative distance for on-demand Infrastructure.
• Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (Dot1q and ISL) and Ether channel.
• Administration of ASA and Juniper SRX firewalls in teh DMZ and FWSM in teh Server Farm to provide security and controlled/restricted access.
• Responsible for monitoring alerts through tools like Solar winds Orion, Ops view in teh Production environment as a part of first response for teh service desk.
• Implemented changes in projects in accordance with teh change management process and responsible for MOPS, Post-Implementation handoff documents and Visio drawings.

Confidential, NYC, NY

Sr. Network Engineer

Responsibilities:

• Maintain and track teh status of device supplied to teh client.
• Implemented Juniper firewall switches.
• Identified opportunities for implementation of network best practices, particularly F5load balancer implementations.
• Worked on migration of existing ASA firewall to Palo Alto firewall,
• Monitor performance of network appliances and WAN utilizing using network analyzer like Wireshark.
• Deployed BIG IP Enterprise manager to cluster all teh F5 LTM, GTM, ASA, Netscreen devices for easier management and common configurations.
• Involved in migration of F5 Local traffic managers of LTM 5100 series to LTM 6800 series for higher.
• Integration of JuniperSSG series firewalls, SA VPN Appliances, J series Routers, and EX series switches.
• Configuring and managing FC zones on Cisco 9K/7K/5K.
• Focused on building new content and functionality for several F5ecommerce sites.
• Configuration of Fabric path and connectivity between Nexus 7K and Nexus 5K.
• Configuring Routing protocols like BGP, OSPF, multicast and L2 protocols in ASA to check it is passing through via ASA in customer deployments.
• Maintenance and troubleshooting of LAN, WAN, IP Routing, Multilayer Switching.
• Performed interconnection of customer sites using IPSec VPN.
• Palo Alto Firewalltroubleshooting and policy change requests for new IP segments that either come on line or that may has been altered during various planned network changes on teh network.
• Troubleshoot and reconfigure Cisco,Fortinet, Sonic wall, firewall/switch/routers/Cradle points as needed.
• Performing onsite data center support including monitoring electrical power, switch alarms, network alerts and access logs.
• Installation and troubleshooting of routing protocols like static and dynamic.
• Installed high availability Big IP F5LTM and GTM load balancers to provide uninterrupted service to customers.
• Optimizing and monitoring teh performance of a WLAN, LAN, WAN and user's segments
• Configuring RIP, OSPF and Static routing on JuniperM and MX series Routers
• Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches
• Maintain connectivity for approximately 300 switches and routers in a 500+ node network.
• Experience with deploying Fabric Path using Nexus 7000 Devices
• Experience with configuring OTV between teh data centers as a layer 2 extension.
• Managing health check of Network devices this is involves upgrading IOS on every quarter after checking teh vulnerability of IOS and reviewing teh configuration

Confidential

Network Engineer

Responsibilities:

• Configured and designed LAN networks with Access layer switches such as Cisco 4510, 4948, 4507 switches.
• Worked on Extensively on Cisco ASA Firewalls 5500(5510/5540) Series
• Responsible for Checkpoint firewall management and operations across our global networks.
• Configured routing policy for BGP. Switching related tasks included implementing VLANs and configuring trunk 802.1Q on Gig-Ethernet channel between switches
• Implemented Cisco IOS Firewall IDS using 2600 series router.
• Configured and troubleshoot OSPF and EIGRP.
• Planning and configuring teh routing protocols such as OSPF, RIP, and Static Routing on teh routers.
• WAN Infrastructure running OSPF & BGP as core routing protocol.