SUMMARY

• Around 7 years’ experience in routing, switching, network design, implementation and troubleshooting of complex network systems.
• Extensive hands - on experience with complex routed LAN and WAN networks,routers and switches.
• Experience of routing protocols like EIGRP, OSPF, RIP, and BGP.
• Advanced proficiency with Cisco Wireless ( APs, Controllers, ISE, Prime)
• Expertise with Cisco Routers, Extreme Networks Switches, Cisco Switches (2900), Layer 3 switches (65XX, 3700, 3500)
• Configuring and implementing routing protocols including TCP/IP, OSPF, EIGRP, BGP.
• Maintain and support Cisco ASA 5505, 5550 & 5525.
• Engineered VPN connectivity for the network remote access VPN, site-to-site VPN.
• Experience on Firewalls (Palo Alto, Meraki MX), Switching (Meraki MX, Arista, Cisco) and Routers (Cisco, Juniper).
• Involved in designing and implementing Openstack environments.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Palo Alto Security appliance, Juniper SRX, Cisco WSA/SMA, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
• Strong Hands on experience with Cisco Routers(CRS-1, GRS) and Cisco Catalyst Switches(6500/7500) and Juniper Routers(M/T Series)
• Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 5500(5510/5540) series.
• Implemented Zone Based Firewalling, Security Rules & fine tuning of Firewalls.
• Strong knowledge in MOP, NTP & PGB configuration, VPN administration - SSL VPN and authentication technologies, such as RSA SecurID.
• Strong knowledge of IP networking, IP Address Management (IPAM) and ITIL guidelines.
• Good with regression testing, scheduled project timelines and timely resolution of customer issues.
• Experience with migrating all the Cisco LAN to juniper LAN.
• Experience with physical layer Technologies-Gig/10G Ethernet, CAT6 & Fiber cabling.
• Sound knowledge of and experience network administrative tools for adding, modifying and deleting network, to monitor and maintain all IT network infrastructures.
• Implemented Scrutinizer NetFlow monitoring to track internet usage across the global WAN.
• Operating systems package and firmware installation support for networking hardware.
• Responsible for design and architecture of the LAN, WAN and the security infrastructure.
• Planning, designing of Corporate Network architecture and implementing in distributed environment with future expansion option.
• Supported server-based environment on Windows 2003/2008/2012/ R2 with Active Directory, DNS, DHCP, and ADCS.
• Good understanding of cloud technologies like Azure & AWS express routes, direct connect gateways. Successful in extending SCH’s perimeter zone into AWS & Azure setting up isolated VRFs as required to increase security, using Megaport & Equinix cloud vendors.
• Working knowledge on Software defined networking, Cloud technologies like AWS & Azure, Cloud vendors like Megaport & Equinix.
• Active Directory / Exchange / O365 Administration - Adding / Changing / Disabling Accounts and Mailboxes / Updating Distribution and Security Groups / Group Policies and GPOs
• Conducted active, passive, predictive site surveys for WIFI infrastructure and provided heat maps accordingly.
• Working knowledge of frame relay, MPLS services, NATing, sub-netting, DNS, WINS, LDAP, DHCP, HTTP, HTML, HTTPS, TCP/IP, UDP, SNMP, IPSEC, PPP, VLAN, STP (Spanning tree Protocol), RSTP.
• Expertise indocument creation with technical configurations, billing, security standards design and network documentation using MS Visio and MS office.
• Experience in installation, administration, and networking in various MS Windows OS environments.

TECHNICAL SKILLS

Operating System: Windows (98, ME, 2000, XP, Server 2003/2008, Vista, Windows 7/8), Linux programming

Hardware: Cisco Switches (2900, 2924, 2950, 3550, 5500, 6500, 6509, 6513), Cisco routers (2600, 2800, 3640, 3700, 3825, 7200, 7204, 7206, 9200), Cisco PIX 500 series, CSU’s/DSU’s, Catalyst 6500, 7600, 4500,3850,3750 Juniper M320 and T640 routers, Palo Alto 5050, Meraki MS,MX and AP.

Protocols: RIP, RIP2, PPP, OSPF, EIGRP, IS-IS, BGP, SNMP, HTTP, FTP, TFTP, HTTP,DHCP, SMTP, ICMP

Load Balancer: Cisco ACE load balancer, F5 Networks (Big-IP)

Lan Technologies: Ethernet (IEEE 802.3), Fast Ethernet, Gigabit Ethernet

WAN Technologies: Leased lines 64k - 155Mb (PPP / HDLC), Channelized links (E1/T1/E3/T3), Fiber optic circuits, Frame relay, ISDN, Load Balancing

Servers: Domain servers, DNS servers, WINS servers, Mail Servers, Proxy Servers, Print Servers, Application servers, FTP Servers

Redundancy Protocols: HSRP, GLBP, VRRP, RPR, RPR+, NSF-SSO.

PROFESSIONAL EXPERIENCE

Sr Network Engineer

Confidential, Goshen, NY

Responsibilities:

• Design and implement new solutions and improve the resilience of the current environment.
• Worked on Mapping, Questioners and Update plan, Network Audit for Police Departments
• Created Network Design for all the Orange County Police Departments.
• Migrated Local police network to orange county registered IP Space.
• Configured new devices, reset, repurpose and recovering devices.
• Worked on NEICH RMS, and E911 CAD applications services and policies to all the orange county police department devices to maintain the secure solution.
• Implemented a more robust network by changing the core network from using static routes to dynamic routing using EIGRP, BGP and OSPF. BFD is used to create a quick failover method to alternate routing paths and minimized business interruption.
• Troubleshooting Network devices, Configured EIGRP/OSPF Protocol, Tagging Vlan in the Edge Devices and Assigning edge L3 IP for devices.
• Provide Level 3 support of ACI in an enterprise Data Center
• Configuration and troubleshooting of Cisco Routers and switches such as Cisco 2801,2901, 1111p and 8200L Cisco Catalyst 3560, 9200, 9300.
• Implement VLAN's and access lists (ACL) and troubleshoot IP addressing issues and Update IOS images and other hardware installations.
• Experience in operating and the configuration of CiscoMeraki, Cisco Catalyst, Palo Alto firewalls switches.
• Performing troubleshooting on slow network connectivity issues, routing issues involves EIGRP, BGP and identifying the root cause of the issues.
• Analyze, trouble shoot & configure Domain Name server for DHCP and Static Ipv4 and IPv6 user. Analyzing Sys-log errors and troubleshooting DNS, DHCP and IP conflict issues in IPAM.
• Worked on few migrations, I was a part of DC core switch migration. We moved on existing 6509 core to Nexus 7009 and done end-end migration.
• Worked on nexus like creating VDC, VPC, configuring peer-peer link, keeping alive.
• Configured DC with Nexus 7009 core and Nexus 5K as access switches.
• Extensive troubleshooting in the installation and configuration of new routers and diagnose orange county police department desktops and servers deployment issues defects, errors, inconsistencies in system function, outputs, etc. and perform root cause analyses.
• Mobile integration for laptops/desktops, tablets, and phones using NEICH RMS.
• Researching, designing, implementing and managing software programs. Testing and evaluating new programs.
• Documented the network standards and best practices and processes employed for creating the reliable network through police departments.
• Maximize network performance by monitoring performance, troubleshooting network problems and outages, scheduling upgrades, and collaborating with network architects on network optimization of application deployments.

Environment: CISCO routers and switches, OSPF, BGP and EIGRP routing protocols, VLANS, Acl, NAT, cisco IOS, HSRP, VLAN trunking 802.1Q, Palo Alto and Cisco ASA Firewalls, Unix/Linux.

Sr.Network Engineer

Confidential, Malvern, PA

Responsibilities:

• Create/maintain Cisco Prime maps, including online access points diagrams of MDFs, IDFs
• Leverage Cisco Prime performance counters to diagnose/troubleshoot network problems.
• Engage with new acquisitions to design network taps for their core data centers.
• Designed and migrated of legacy Cisco ISR WAN routers to Viptela SD-Wan routers (vManage, vSmart, vBond, vEdges, cEdges) for multiple Cisco customers.
• Role included multitenant segmentation, security and configuration automation, POC lab testing for large Cisco customers for pre deployment over an SDWAN network of more than 2000 sites (simulated using Spirent).
• Solution design included multi-region meshed hub to hub routing across regional DC’s - SD-WAN controller disaster recovery between two DC.
• The analysis of network segmentation and host locations and validating VLAN assignments or recommending changes. Work with project manager and internal organizations to implement recommendations.
• Configuration and maintenance of F5 and sonic wall firewalls.
• Create and manage VMWare virtual server environments to support various tools including Palo Alto, EIS, Rapid7, FireEye and Netbrain VMs that are deployed in new acquisition space.
• Review existing Palo Alto virtual firewall solution and recommend new solutions for perimeter security.
• Review existing internet network hub and recommend new solutions to meet enterprise security requirements.
• Co-ordinate with Project Managers of the work being done and stay on top of the deployment and cutover schedules.
• Worked on PCI Network segmentation project as a part of Yale network VLAN segmentation project. Also worked on Next-Gen Network Migration.
• Co-ordinate and Collaborate with the Network Engineers on-site at Business Partner location on piecing together the information required for the deployment.
• Documentation of all the changes made, information gathered and providing them during the hand-over to the Operations team.
• Experience with advanced datacenter and AWS networking topologies and integrations
• Build VPCs on AWS and establish site-to-site VPN connections and between Data centers.
• Configuration and maintenance at L2 and L3 level of support of Cisco routers and catalyst switches 2960, 3850 series
• Worked on L3 switches - good working experience in configuration and maintenance / sustenance of VLAN’s / Knowledge on all the protocols including 802.1q, PVSTP, RSTP, EIGRP, BGP
• Worked on WIFI controllers to provide WIFI connectivity across the organization in a secured manner - Cisco - Meraki cloud based controller solution for WIFI access across organization
• Trouble shooting on a setup of Cisco unified communications setup
• Configuration and maintenance of Cisco ASA firewall - 5545 - X and sonic wall firewalls.
• Good experience in support, troubleshoot, deploy applications, software updates, operate systems deployments within SCCM, and maintain client health.
• Configured and Maintaining Cisco ACS 1121 Appliance running with 5.3 for Network devices access and Guest WIFI solution.

Environment: CISCO routers and switches, OSPF, BGP and EIGRP routing protocols, Meraki switches, Meraki MX routers, VLANS, CSU/DSU’s, SNMP, NAT, cisco IOS, HSRP, VLAN trunking 802.1Q, Palo Alto and Cisco ASA Firewells, AWS.

Network Engineer

Confidential, Syracuse NY

Responsibilities:

• Implemented, managed an office network of many devices consisting of Cisco 7609/2600/2800/7200/ ASR1000 Routers and Cisco 2900/3700/6500/4500 switches.
• Worked on BGP, OSPF, MPLS enabled network environment.
• Provided last point of escalation to high care network incidents and provide immediate break-fix remediation such as disaster recovery re-configuration.
• Designed & migrated WAN infrastructure to VPLS providing ~$500K\year savings, improved quality of service and preparing the organization for SD-WAN in the future.
• Enforced network security to DMZ & external Market Data vendors via Cisco ASA 5500 series firewall rules, and NAT.
• Worked with firewall team to implement zone-based firewalling and security rules on the Palo Alto 3020,5220 Firewalls
• Configured and worked on BGP Path manipulation attributes Local preference, multi path, multi homing for having a proper Failover connectivity
• Work with Load Balancing team to build connectivity to production and disaster recovery servers through F5 Big IP LTM load balancers.
• Implement VLAN's and access lists (ACL) and troubleshoot IP addressing issues and Update IOS images and other hardware installations.
• Experience in troubleshooting VLAN, STP (Spanning tree protocol), & Switch Trunk and IP subnet issues.
• Monitored Enterprise network using Solar winds. Created Nodes, Network Maps etc.
• Maintained the company’s Infoblox IPAM system - manage IP addressing and DHCP globally
• Configuration of BGP using attributes, route-map, prefix-list etc.
• Configuring BGP features such as Route Reflectors, BGP metrics such as MED, AS path, local preference and communities.
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
• Break-fix routing issues and implement best practices of OSPF and BGP routing protocols.
• Redistribute routes from OSPF to RIP and vice versa by implementing hub and spoke technology with a frame relay switch in between them.
• Troubleshoot TCP/IP problems, connectivity issues in multi-protocol Ethernet environment.
• Diagnose and resolve application and network issues through Wireshark packet captures, ensuring end-to-end IP connectivity.
• Configuration of 7609, 7606 with Trunking 802.1Q.
• Deploying and Configuring Virtual Networks and Orchestrating Routing Paths, in aHybrid Cloud.
• Managing Public and Private IP addresses for your VMs and selecting other Azure resources.
• Experience in working with Unix/Linux environment for solving the network related issues.
• Conduct extensive root cause analysis to quickly alleviate technical problems. Network documentation creation for all deployed solutions across network environment.
• Collaborated extensively with various telecommunications firms including AT&T, Verizon etc. and quickly resolved technical issues, specifically related to T1, T3, OCx and Frame-Relay.

Environment: CISCO routers and switches, OSPF, STP, BGP and EIGRP routing protocols, VLANS, CSU/DSU’s, SNMP, NAT, cisco IOS, HSRP, VLAN trunking 802.1Q, Palo Alto and Cisco ASA Firewalls, Unix/Linux.

Network Engineer

Confidential, Wayne NJ

Responsibilities:

• Constant monitoring of live logs of Endpoints in ISE to eliminate Fault positives. Worked with the security team on the migration of Firesight IPS, staging new server for the Firewpower Management Center in Vmware and re-imaging the SFR modules in the firewalls 5515, 5525 and 5585 pairs to the latest Cisco recommended version
• Configured 7ks and ASA firewalls for the Datacenter Interconnect (DCI) during the merger of Fidelis Care and Centene.
• Maintained documentation up to date on the FidelisCare Wiki page, added Knowledgebase articles and SOPs for future use.
• Assisted the team in setting up an ACI lab with 3 APICs, Nexus 9396PQs serving as Spine and 9396PXs serving as leaf switches and a Netscaler load balancer. Worked with the Facilites team to secure the closet switches by configuring Biometric devices for all the rooms
• Scheduled and Implemented OS upgrades of Cisco routers, switches and firewalls as needed.
• Manage policy reports and maintain the compliance of all the devices using SolarWinds. Created scripts and job scheduling in SolarWinds to deploy the said configuration into the devices.
• Experience using NetBrain to oversight, validate Network Changes and dynamically map traffic flows.
• Worked on consolidating the all Vlans to the local Vlan for Network segmentation project. After the consolidation all the devices from layer 2 are moved to layer 3 environment.
• Used Tufin Orchestration Suite to document and log all the port openings for the servers in the Firewalls and Tufin Secure Track to cleanup firewalls, continuous compliance, and comprehensive view of firewall policy and optimization of security policies.
• Worked extra hours as needed during the maintenance windows to upgrade software and apply patches to the network infrastructure.
• Configured and performed software upgrades on CiscoWirelessLANControllers 5508 forWirelessNetwork Access Control integration with Cisco ISE.
• Troubleshoot Site - Site IPSec tunnels, network connectivity, EIGRP issues, IP SLA issues among other duties.
• Designed and configured the routing protocols, Local Area Network and Wireless Access points. Expert Hands On Experience in Cisco ACS & Cisco ISE for 802.1x, AAA Configurations.
• Successfully Upgraded ArubaClearpass Publisher and Subscriber devices from FIPS version 6.4 to FIPS version 6.7.9
• Successfully Upgraded ArubaAirwave from AMP FIPS version 8.0.10 to FIPS Version 8.2.4.2
• Configured Fabric Path to enable L2 routing in Datacenter which would help in providing Stability to F1 module line cards.
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls.
• Responsible for simulating network operations with the usage of packet analyzer like Wire shark, and use to resolve tickets whenever there is an issue.
• Hands-on experience with Ether Channel, Spanning Tree, Trunking, ACLs, Syslog. Experience in the setup of HSRP, Access-Lists, and RIP, EIGRP, and tunnel installations.
• Proficiency in configuration of VLAN setup on various Cisco Routers and Switches
• Implementing security policies using Cryptography, ACL, SDM, PIX Firewall, IPsec, VPN, and AAA Security on different series of routers.
• Implement and manage IP network devices including routers, switches, & working with firewalls, and VoIP teams.
• Responsible for using and managing IP Control system, and work with DHCP configuration team.
• Using different types of Network Monitoring tools like Solar Winds, Wireshark, Netbrain, TrueView, and ISE.
• Worked on Cisco Firewall ASA 5500(5510/5540) Series, Protocol Handling, Object Grouping and NAT.
• Configuring IPSEC VPN (Site-Site to Remote Access), Negotiated VPN tunnels using IPSEC encryption standards and also configured and implemented site-to-site VPN, Remote VPN.

Environment: LAN/WAN, DNS, DHCP, DDNS, TFTP, IP4, IP6, VPN, F5, Arista 7280, 7010, Cisco 4948, 3750X, 3850, 6506, 4948E, 4510 Switches, Cisco ASA 5500, Cisco 4500X, Cisco 3660, 3845, and 7609 series routers. 6400-LTM MPLS, EIGRP, OSPF, Ether Channel, Port Channel, Trunking, STP, Object Grouping, SNATs, PIX, VPN, Linux.

Network Engineer

Confidential

Responsibilities:

• Designed end-to-end network solution to customer depending upon requirement and best practices
• Provisioning and troubleshooting between PE and CPE router.
• Trained to get acknowledgement of Cisco IOS, ASR and Juniper routers.
• Maintain, configure, and analyze network and host-based security platforms.
• Configured policy statements, routing instances, route manipulation on OSPF and BGP.
• Planning and implementation of IP addressing scheme using Subnetting, VLSM.
• Assisted in backup, restoring and upgrading the Router and switch IOS.
• Worked with the data center planning groups, assisting with network capacity and high availability requirements.
• Configuration and troubleshooting of Cisco Routers such as Cisco 3640, Cisco GSR 12416, 21418(with PRP and RPR processors), Cisco catalyst 6509, 7613 with supervisor cards
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP,RIP, BGP v4.
• Worked with multiple customers over a period of time to enhance their network, resolve and do the RCA (root cause analysis) for in service production problems and create work around for known IOS issues.
• Performed load balancing and application level redundancy by deploying F5 BIG-IP LTM 6900.
• Involved in designing WAN infrastructure for redundancy in case of link failure.
• Configuring VLANs and implementing Inter VLAN routing.
• Hands-on experience with WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP/OSPF), and IP addressing.
• Layer 2 switching technology architecture, implementation and operations including L2 and L3 switching and related functionality. This includes the use of VLANS, STP, VTP and their functions as they relate to networking infrastructure requirements including internal and external treatment, configuration and security.