SUMMARY

• Accomplished Networkand Security engineering professional with 7 years of real time experience in designing, deploying, migrating & supporting critical multi - site redundantNetworkenvironments.
• PerformCheckpointand PIX firewall/IDS design, integration & implementation for Cyber Trap client networks.
• Configuring and troubleshooting issues inCisco5508wirelesscontrollers and 1131, 1142, 2602, 2702, 3602, 3702 LWAPP access points.
• Designing, configuring, implementing and documentingwirelessnetworks.
• Expert working knowledge (including the ability to setup, configure, upgrade, manage and troubleshoot Cisco routers, switches, VPN concentrators, firewalls, 802.11 wireless access points and load balancers).
• Migrated firewall rules from Cisco ASA to Palo Alto and Checkpoint Firewalls. Designing and Configuring of OSPF, BGP on Juniper Routers (MX960, MX480) and SRX Firewalls (SRX240, SRX550).
• Advanced knowledge in installation and configuration of Juniper Netscreen Firewall.
• Migration from Cisco firewalls to Palo Alto firewalls platforms PA 4000 and PA 500 and PA- 200 firewalls.
• Perform Palo Alto network firewall design, integration & implementation for Cyber Trap client networks.
• Experience with convert Palo Alto VPN rules over to the Cisco ASA solution. Migration with both Palo Alto and Cisco ASA VPN experience
• Experience in configuring Wireless 5508 Controllers and Wireless WAP’s
• Firewalltechnologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point R65, R70, R75, R77 and Cisco ASA.
• Worked on Nexus platform 7010, 5K series (5548, 5020 and 5010) and FEX (2248, and 2232) and deployed VPC, VDC and OTV and successfully implemented VSS on the Cisco catalyst switches.
• Configured policies on F5 ASM Created rules and scripts for the automation of the environment. Reengineered Firewall policies onJuniperSSG320 and SSG140 Firewalls.
• Strong experience on Juniper SSG series Firewalls and checkpoint R75,76 Firewalls
• Good knowledge of CISCO NEXUS data center infrastructure with 5000 and 7000 series switches includes (5548, 7010) including CISCO NEXUS Fabric Extender (223, 2248)
• Experience working with Juniper JUNOS version 12 and Version 13 for routing and switching protocols.
• Responsible for checkpoint and Cisco ASA firewall administration across global networks.
• Good understanding of NAT & Firewall on Aruba Controllers.
• Strong hands on experience on PIX Firewalls, Palo alto, ASA (5540/5550) Firewalls. Implemented Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.
• Expert in design, configuration and deployment of F5 Solutions with extensive experience working with APM and ASM technologies.
• Enterprise experience with Nexus models like 7K, 5K, 2K series.
• Experience in configuring VDC, VPC and FCOE, upgrading NX-OS for Nexus Family Switches.
• Expertise in Migration ofFirewallsfrom Nortel Contivity to ASA, ASA to Checkpoint, Checkpoint to Palo altoand Vice Versa
• Supporting and troubleshooting Checkpoint/Cisco site-to-site VPN/IP Sec functionality.
• Experience on working, implementing, configuration and managing Juniper SA 2500/4500/6500 SA devices with secure access services 7.1/8.0.
• Performing theJuniperSRX 5800 deployment to replace the Crossbeam/Checkpoint firewalls.
• Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS)

TECHNICAL SKILLS

Cisco Platforms: Nexus 7K, 5K, 2K, 1K

Cisco Routers: 1700,1800,2500,2600,2800,3600,3800,3900,7200,7600

Cisco L2 & L3 Switches: 2900,3500,3560,3750,4500,4900,6500

Juniper Platforms: SRX, MX, EX Series Router and Switches

Networking Concepts: Access-lists, Routing, Switching, Sub netting, Designing, CSU/DSU, IPsec, VLAN, VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi

Firewall: ASA Firewall (5505/5510), Checkpoint, Cisco ASA

Network Tools: Solar Winds, SNMP, Cisco Works, Wireshark

Load Balancers: Cisco CSM, F5 Networks (Big-IP)

Wan Technologies: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3,0C3, T1 /T3 & SONET

Lan Technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channelVLANS, VTP, STP, RSTP, 802.1Q

Security Protocols: IKE, IPSEC, SSL-VPN

Networking Protocols: RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA, IPv4 and IPv6

Operating System: Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix

Documentation: MS Office, MS Visio

Wireless & Wi-Fi: Ciscowirelessaccess points AIR-CAP3702, AIR-CAP3602, AIR-CAP3502, AIR-CAP2602, AIR-CAP2702, AIR-LAP1142and WLC 5508, 2504, 4404 and WLC 4402wirelessLAN controllers, Catalyst 6513, 6509, 4006, 4003, 3750, 3560, 3550, 2950G switches

PROFESSIONAL EXPERIENCE

Confidential, Columbus, OH

Senior Network Engineer

Responsibilities:

• Designing, configuring, implementing and documentingwirelessnetworks.
• Over 5 plus years of experience in WLANwireless networking, LAN/WAN and other Networking Technologies.
• Hands on experience on design and implementation of complex IP-basedwirelesssystems and Deploying and configuringWirelessAccess Points,WirelessClient Associations and Controllers.
• Good working knowledge on deployment of wirelessequipment, Switches, routers, controllers, firewalls, access points.
• At present working extensively with Cisco 5508 Wireless LAN controllers. Replacing 5508 Wireless LAN controller with 5520.
• UtilizingCisco5508wirelesscontrollers and 1131, 1142, 2602, 2702, 3602, 3702 LWAPP access points.
• Deploying the old Access Points (1142 and 1242) and installing the new 3702 access points.
• Has extensive Knowledge on Cisco Wireless LAN Controllers. Gathering information, locations of AP’s, determining “gaps” in coverage and generating heat maps.
• Configured Cisco routers for MPLS VPN connectivity and VRF tables on edge routers for customer usage of the MPLS network.
• Configured Cisco ASA 5510 for VPN Network Access Control integration with CiscoISE(Inline PEPs).
• Designing MPLS VPN and QoS for architecture using Cisco multi-layer switches.
• Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS switching for stable VPNs.
• Troubleshootwirelessnetwork issues at theWirelessController, using Debug commands and Wire shark.
• Wi-Fi deployments on campus and fortune 500 clients using Air Magnet and Fluke analyzers to validatewirelessinfrastructures.
• 2.4 GHz and 5 GHz certification and validations designs prior to deployments which remediating gaps in coverage area.
• Upgrading code onPalo altofirewalls PA5050/3020 to meet company security policy
• Experience in analyzing network using monitoring tools like Solar winds and Wire shark.
• Built an accruing network via MPLS circuits to split the trusted and un-trusted traffic via a Cisco ASRRouter.
• Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate Authority for purpose of scaling.
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000
• Advanced knowledge in Design, Installation & configuration of Palo Alto & Checkpoint Provider Juniper ContrailSDNdeployment assistance to the senior engineering team
• Experience deploying BIG-IP F5LTM Load Balancers for load balancing and traffic management of business application
• Responsible for Checkpoint firewall management and operations across our global networks.
• Implemented site to site VPN in Juniper SRX as per customer and various EX, SRX & J series Juniper devices.
• Working on security devices ASA, Juniper, Palo Alto Firewalls, Routers, and Switches.
• Implementation of secure enclaves withPaloAltoand ASA firewalls
• Remote access and site-to-site VPN administration using Cisco ASA/ASR andPaloAlto
• Team member of Configuration of Cisco 7206 router with VPN and Configuration of Catalyst switches.
• Implemented Site-to-Site VPNs over the Internet utilizing 3DES, AES/AES-256 with ASA Firewall 5505.
• Responsible for NAT traffic flow in theJuniperSRX 3600 and supportJuniperSpace.

Confidential, Sacramento, CA

Network Security Engineer

Responsibilities:

• Designed application mapping and application delivery using F5 BIG IP LTM.
• Installed and designed four PIX 525 and two ASA 5505 in client areas. Notwithstanding that, arranged two PIX firewall for the Guest access.
• Configured IPsec VPN access for client to site remote access.
• Worked on wireless networking hardware such as Cisco Wireless LAN Controller and AP 1200.
• Executed medium and large-scale wired andwirelesssite surveyingusing Air magnet software for 100 to 500 users
• Implement 5508Wirelessnetwork controller, 3700 AP's and Routing and Switching configurations
• Configuration of firewalls 5520 series ASA for business to business connectivity and application of ACL rules for network traffic.
• Configuring and managingF5ASM (Application security manager). Develop security policies.
• Creating new nodes and Pools in F5 load balancers to support newly added servers in Layer 3 environment.
• Implemented Cisco site to site VPN for partnering with different partners around the world.
• Managing Data Center and assisting other engineers with troubleshooting from network device, storage, and blade servers.
• OpenStackMitaka with integration of OpenContrail 3.1.0
• Engaged withOpenStackcomponents such as KVM,Neutron, Keystone, and Horizon for troubleshooting and configuration.
• Designed, implemented and maintained WAN technologies like DWDM, MPLS, VPLS and tunneling technologies.
• Implemented Cisco site to site VPN for partnering with different partners around the world.
• Juniper ContrailSDNCloud Computing Open Networking Open flow/ODL
• Responsible for Checkpoint and Cisco ASA firewall administration across global networks.
• Implemented Site-to-Site VPNs over the internet utilizing 3DES, AES/AES-256 with PIX Firewalls
• Experience with configuring BGP in the data center and using BGP as a WAN protocol and manipulating BGP attributes.
• Responsible for Cisco ASA firewall administration across our globalnetworks.
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks
• Coordinate activities between departments to ensure uninterrupted business operation
• Experience withCheckpointFirewall policies provisioning.
• Provided technical assistance for LAN/WAN management & troubleshooting and complex customer issues using Network monitoring tools such as Solar winds.
• Migration from Cisco toPaloAltofirewall & Cisco to Checkpoint firewall
• Working with Cisco ASA 5585-X firewalls with Firewall rules,IPSec VPN, NAT, Active-Standby Failover, OSPF and Any Connect VPN technologies
• Implemented site to site VPN in Juniper SRX as per customer.
• Troubleshot VoIP issues with Cisco Call Manager 8.6; Unity Connections and Presence.
• Experience with converting PIX rules over to the Cisco ASA solution.
• Established IPSEC-VPN tunnels with ASA 5500 series Firewall between some branch offices & headquarters.
• Experience in working with designing, installing and troubleshooting ofPaloAltofirewalls.

Confidential

Network Engineer

Responsibilities:

• Designing and installing new branchNetworksystems. ResolvingNetworkissues, running test scripts and preparingNetworkdocumentation.
• Configuring, Installing and troubleshooting on Checkpoint Devices.
• Worked with wireless technologies troubleshooting and configuration of APs and WLAN switches.
• Working with Cisco Nexus 2148 Fabric Extender and Nexus 5500 series to provide a Flexible Access Solution for datacenter access architecture.
• Successfully executed change on Nexus 9K and 7Ks to support redundant platform.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Working with Juniper JUNOS on M and MX series routers.
• Successfully installed Palo Alto PA-3060 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• Worked on migrating the F5 LTM 5100 version 9.2 to 5100 LTM version 9.4 and F5 GTM configurations
• Maintaining Checkpoint security policies including NAT, VPN and Secure Remote access
• Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls.
• Worked as a part of data center deployment where we converted from Cisco 6500 to Nexus.
• Adding Websites to the URL filtering blocklist in Bluecoat Proxies and upgrading firmware on the bluecoat proxies.
• Administration and Operation support for TACACS and RADIUS Appliances
• Implemented the network segmentation for PCI network which utilizes MPLS VPN andVRFLite.
• Experience configuring Catalyst (2900, 3500, 3700 and 6500 Series), NEXUS (7000, 5000 and 2000 Series) Switches, and Routers (2800, 3600, 4400 Series) and Wireless AP's (1260, 3600) using CLI and GUI.
• Migrated Cisco ASA firewall to next generation Palo Alto firewalls.
• Establishing VPN Tunnels using IPSec encryption standards and configuring and implementing site-to-site VPN, Remote VPN.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
• Implemented Load Balancing between Cisco L3 Switch by HSRP and GLBP.

Confidential

Network Admin

Responsibilities:

• Designed and implemented remote dial up solution for clients
• Upgrading and managing Linux Kernel on Red Hat Linux 5 &6 & ESX Reboots.
• Configuring IPS, IDS, VLAN, STP, Port security, SPAN, Ether channel in Cisco Composite Networks.
• Configured routers and modems, troubleshot issues related to broadband technologies for Residential and Business Customers.
• Efficient in cabling as per co-location contracts with loop-back testing, including all DS1, DS3, T1, T3, CAT 6 and CAT 5 connections as per defined cabling procedures.
• Installed and configured the ACE and CSM for firewall/Server Load balancing for Cisco Catalyst switches.
• Installed, and configured Cisco routers (7200, 3600, and 2800) and Cisco switches (6500, 4500, 2950 and 1900 series).
• Configured and resolved various OSPF issues in an OSPF multi area environment.
• Configured network access servers and routers for AAA Security (RADIUS/ TACACS+)
• Implemented static routing, routing protocols (OSPF, and BGP), switching (VLANS, VTP Domains, STP, and Trunking).
• Installation and configuration of Citrix NetScaler MPX 8200.
• Successfully installed Palo Alto PA 3060 Firewall to protect data center and provides L3 support for routers/switches/firewall.
• Deployment of enterprise firewalls (Palo Altonetwork, Cisco ASA, Check Point) in production environment.
• Expert level Knowledge on working with Wireless LAN Controller's, Cisco NCS, Cisco AP's, LWAPS, Standalone AP's and Mesh AP's.
• Knowledge and skill of 802.11 a/b/g/n LAN normal for wireless Technology.
• Experienced in trouble-shooting both connectivity issues and hardware problems on Cisco basednetworks.
• Performed Port channeling and LACP between downstream devices for vPC configuration.
• Involved in the removal of EIGRP from all devices and making OSPF the primary routing protocol.