SUMMARY

• 8 years of experience in Network Planning, Implementing, Configuring, Troubleshooting of networking system devices.
• Working on Configured and Installed CISCO Palo Alto 2k, 3k, 5050, 7k, 7020 series, CISCO ASA 5500, 5555, 5585 series and Chechpoint R77.10, 77.30 and R80.20 series firewalls.
• Experienced on incorporating NEXUS 2k, 3k, 4k, 5k, 7k, 9k Data Center with existing ACI fabric.
• Worked in deploy and maintain ACI data center lab utilized by internal parties and Migrated from Legacy network.
• Worked on Juniper MX - 960, MX104, MX240 series Routers and Juniper EX4200, EX4300, EX4550, EX8208 Series switches.
• Experienced on VIptela SD-WAN Implementations.
• Working on experienced in scripting of Python and Ansible playbooks to enable automation.
• Designing and deploying highly available and reliable applications on AWS cloud platform.
• Experience on diverse technology platform AWS Virtualization, Database Technology.
• Worked on troubleshootArubaaccess points wireless devices.
• Experience in managed F5 BIG-IP i11000 Series / 1RU, F5 Big-IP LTM-6400 load balancer appliances to include writing iRules, SSL offioad.
• Experienced on F5 BigIP LTM and GTM devices like 7050 and 2200 series.

TECHNICAL SKILLS

Routing Technology: RIP, RIPV2, IGRP, EIGRP, OSPF, BGP, TCP/IP, Static and Dynamic Routing.

Network Products: Juniper MX-960, MX104, MX240 & EX4200, EX4300, EX4550, EX8208 series routers, switches and Nexus 2k, 3k, 5k, 7k, 9k series switches.

Antivirus & Endpoint protection: Cisco CSA, Symantec Enterprise Edition, MacAfee Enterprise Edition.

Firewalls: Palo Alto - 2k, 3k, 5050, 7k, 7020, Chechpoint R77.10, 77.30, R80.20 and ASA 5500, 5555, 5585 series

LAN Technology: Workgroup, Domain, HSRP, DNS, DHCP, Static, VLAN, STP, VTP, Ether Channel, Trunks.

F5 Load Balancer: F5 BIG-IP i11000 Series / 1RU, F5 Big-IP LTM-6400

WAN Technologies: HDLC, PPP, ATM, SONET, MPLS, VPN, IPSec-VPN.

Wireless & Wi-Fi: Canopy Wireless Device (point to point/point to multipoint), DLink Wireless (point to point), DLink Access Point, CISCO 1200 series Access Point, and Linksys Wireless/Wi-Fi Router.

PROFESSIONAL EXPERIENCE

Confidential, Atlanta, GA

Senior Network Security Engineer

Responsibilities:

• Worked on Configured and Installed upgrading code on CISCO Palo alto firewalls PA 5050 and PA 7020 Version 9.0 to meet company security policy
• Utilized application groups, SSL decryption, IPS, antivirus, anti-spyware, URL filtering, NAT, VPN, and the Reporting features of Palo Alto.
• Experience in Configured and maintained IPSEC and SSL VPNs on Palo Alto Firewalls. Configuration and administration of Palo Alto Networks Firewall to manage large scale Firewall deployments
• Worked on Installed and configured Palo alto images in AWS cloud
• Worked on experience in Installed and configured Cisco ASA 5500 and ASA 5555 series firewall and configured remote access IPSEC VPN on Cisco ASA 5500 series
• Experienced on Configure Clientless/Any Connect SSL VPN on Cisco ASA for Work from Home Users
• Experienced in Configured VPC (Virtual Port Channel), VDC (Virtual Device Context) in Nexus 9k/7k devices
• Worked with Cisco advance services to implement data center Nexus environment for new Upgraded datacenter for the NX-OS in 7004 in core laye, 6880 in aggregation layer and cisco 6800 in access layer.
• Experience with incorporating Nexus 9000 series with existing ACI fabric.
• Experience in Deployment CISCO ACI Greenfield and Migrated from Legacy network.
• Worked on Implemented Contracts, Multi-tenants between Endpoint groups using SDWAN in ACI.
• Experienced in Plan, build, deploy, and maintain ACI data center lab utilized by internal parties.
• Work on Juniper series of Routers, Switches such as MX-960, MX104, MX240, EX4200, EX4300, EX4550, EX8208.
• Worked on Configured BGP peering rules for MX240 aggregate routers and MX960 core routers
• Working on experience in Deployment, Implementation and Configuration of Cisco SD-WAN Viptela.
• Experienced on Initial Network Management Configuration of Cisco VEdge (Currently working Version: VEdge-1000-ACK9 & VEdge-5000-AC-K9) & Preparation of LLD.
• Experience in Designing and deploying dynamically scalable, highly available, fault tolerant and reliable applications on AWS cloud platform.
• Work in Built and managed, stable & secure AWS cloud infrastructure/networking using cloud orchestration capabilities, scripting languages, and APIS to design, code, test, implement and support Infrastructure as Code (laCC).
• Created and maintained Cloud Formation scripts, automating manual processes, and generating deployment pipelines.
• Experience in Perform testing by executing scripts in Ansible playbooks to enable automation.
• Working experience on Managed and troubleshootArubaaccess points wireless devices on ArubaVPN.
• Maintaining standards-based network designs for multiple sites and backbone infrastructure.
• Worked on Managed F5 BIG-IP i11000 Series / 1RU appliances to include writing iRules, SSL offioad and everyday tasks of creating VIPS.
• Experience in Configuring F5 Load Balancers: Adding virtual IPs, nodes, pools and health monitoring.
• Installing and configuring F5 Load balancers and firewalils with LAN, WAN configuration.

Confidential, Chicago, IL

Network Security Engineer

Responsibilities:

• Working experience on clean up legacy FW policies and create migration path from current Checkpoint to next gen Palo Alto firewall.
• Experienced on Configure all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k, PA-7k) as well as a centralized management system (Panorama) to manage large scale Firewall deployments.
• Experience in Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools
• Worked on Maintenance, configuration and Backup of firewalls (Check Point 4600, 4800, 115600 Gaia OS 77.10 & 77.30, R80.20).
• Experience in Perform Level 3-4 security implementations and troubleshooting of Checkpoint and Palo Alto firewalls.
• Experience on Maintain High Availability and clustered firewall environments for customers using Check Point High Availability.
• Worked on Datacenter Migration project to migrate the existing 6509, 4509 devices to a Nexus 9000, 7010, 5010 and Nexus 2248 FEX based solution.
• Supported Integration of Riverbed Steelhead-7050 and Interceptor-9350 optimizer appliances into Nexus platforms in Data Centers.
• Worked on provided design and Contrail SD-WAN networking support using Cisco ACI, Cisco wireless controllers
• Experience in Maintain and expand the Cisco ACI Network Centric infrastructure including ASRs, ISR, ASAs, Source file, 9k and 7k switches.
• Experience on NAT traffic flow in the Juniper SRX 3600 and support Juniper Space.
• Worked extensively in Configuring, Monitoring and Troubleshooting Juniper Security appliance
• Helped team in Implementation and configuration of CISCO Viptela SD-WAN network environment.
• Configured and maintained backup, monitoring, and alerting systems for multiple clients.
• Interacted with teams and customers in different time zones for ensuring 24x7 supports in Linux/Windows administration in AWS.
• Worked on developing, implementing, and operational zing cloud solutions that are highly available and resilient by utilizing best practices in systems engineering, network engineering, and multi-region design strategies.
• Experienced on working in python script Libraries like Napalm and Netlike to Automate the VLAN configurations.
• Experience on configuration and troubleshooting issues related to F5 GTM/LTM devices such as 4200v, 5200v.
• Implementation and Configuration ( Profiles, I Rules) of F5 Big-IP LTM-6400 load balancers
• Managed the F5 Big IP GTM/LTM appliances to include writing IRules, SSL offload and everyday task of creating WIP and VIPs.
• Operates and maintains (O&M) the Aruba ClearPass Policy Server and the Aruba AirWave Wireless Intrusion Detection System.

Confidential, Dallas, TX

Network Security Engineer

Responsibilities:

• Experience on maintaining the Network Infrastructure, Installation, migration and configuration of Palo Alto and ASA firewalls, F5 load balancers.
• Experience on installed and configured Palo Alto PA-3060 firewalls to protect Data Center.
• Maintained Palo Alto firewalls Creating zones, adding rules and maintained the policies on PA 220, 3020 and 5220 series.
• Experienced on implementation of deployment related to Cisco ASA 5585 devices, Juniper SRX 550 devices to apply security policies on it.
• Worked in Configuring Routing protocols like BGP, OSPF, multicast and L2 protocols in ASA to check it is passing through via ASA in customer deployments.
• Worked on Configuration of Fabric path and connectivity between Nexus 7K and Nexus 5K.
• Experience in Python Scripting to automate threat hunting on network sensors.
• Configuration and troubleshooting link state protocols like OSPF in multiple areas.
• Provide Load Balancer on F5 BigIP LTM and GTM devices like 7050 and 2200 and Troubleshoot application slowness.
• Working in upgraded load balancers from Radware to F5 BigIP v9 which improved functionality and scalability in the enterprise.

Confidential, Weston, FL

Network Security Engineer

Responsibilities:

• Installed and configured two ASA 5505 in customer locations.
• Worked extensively on Checkpoint firewalls for analyzing firewall change requests and implementing changes into existing firewall policies, maintaining security standards
• Troubleshooting complex
• Worked on Nexus 5k, 7k Switches.
• Configured VLANS on multiple catalyst switches performed troubleshooting on TCP/IP network problems, Administered Frame-Relay and networks.
• Experience with converting 6500 to Cisco Nexus in the data Center environment
• Checkpoint issues, Site-to-Site VPN related. Performed upgrades for all IP series firewalls from R75-R77.
• Installed, configured (through CLI & SDM) and managed CISCO routers and Catalyst switches.