SUMMARY

• 8 years of experience in the IT industry, which includes experienced in the areas of DATA CENTER, Service provider based Routing, Switching, security, and physical layer deploying and troubleshooting.
• Worked on CISCO Palo Alto PA - 7080, 5430, 5060, 3020 and VM-300 series, CISCO ASA 5540, 5500, 5555-X series firewalls.
• Experience in Tier3 and Tier 4 Architecture solutions to provide for most robust and less prone Data center.
• Experienced in Substantial lab testing & validation prior to implementation of Nexus 9k, 7K, 5K & 2K connecting to blade servers.
• Worked on design deployed spine and leaf architecture along with Cisco ACI that allows the virtualization of Datacenters
• Experience in working on Juniper MX960, MX480, MX240 series routers and EX3300, EX4200, EX4300 series switches.
• Worked on the recent migrations that involve SDN including VIptela SD-WAN, iWAN and many other open sources SDN technologies like open stack and open flow.
• Experienced in Meraki wireless device and python scripting automation.
• Deployed and configured AZURE cloud platform and Windows and Linux operating systems using Recovery Services Vault in Azure Resource Manager.

TECHNICAL SKILLS

Data Center: Nexus 9K, 7K, 5K, 2K and 1K

Networking Concepts: Access-lists, Routing, Switching, Subnetting, Designing, CSU/DSU, IPSec, VLAN, VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi

Firewall: Palo Alto (7080, 5430, 5060, 3020), ASA Firewall (ASA 5540, 5500, 5555-X), Juniper SRX (240)

Network Tools: Solar-winds, SNMP, Cisco Works, Wireshark

Load Balancers: Cisco CSM, F5 Networks (Big-IP)

Security Protocols: IKE, IPSEC, SSL-VPN

Operating System: MAC OS X, Windows Server 2008/2012, Linux, Unix

PROFESSIONAL EXPERIENCE

Confidential, Philadelphia, PA

Sr Network Security Engineer

Responsibilities:

• Worked on performing the software upgrade from version 9.0 to 9.1 on panorama and palo alto PA-7080, 5430, 5060 series firewalls.
• Experienced on implement SSL VPN solutions including Palo Alto Networks Global Protect with single and multiple gateway solutions including integration of PKI certificates.
• Working on integrate multiple vendor IPSEC site to site VPNs, including Palo Alto Networks and Cisco ASA.
• Support Quality Inspections and Operational Test (OT) events related to the 2GWLAN Aruba Networks Controllers, and Access Points. (Aruba 6000 controller, Aruba AP65, 70, 124, 85,125) system.
• Experience in centralized management system (Panorama) to manage large-scale Palo Alto firewall deployments.
• Experience in configuring, installing, and troubleshooting on Cisco ASA 5500, 5555-X series firewalls.
• Worked on Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Configure and administrating Fortinet Firewalls (FortiGate 240D,FortiWiFi 60D), IPv4 policy, interfaces DHCP Servers, IPsec VPN between two Fortinet routers, on premise and VPC in AWS,SSL VPN for client app
• Experience in Configured and maintained SSL VPN's on Palo Alto and Cisco ASA Firewalls.
• Configuration, Testing, Planning and Design of Nexus 9000, 7706, 7009, 5000 and 2000 Fabric Extenders (FEX) Layer 3 data center switches.
• Managed and maintained Fortinet Firewalls through IPv4 policies, traffic shaping, IPS, web filtering, interfaces, and routing
• Support and maintain Vmware Infrastructure Running on Cisco Ucs and Vsphere 6.0
• Experience in Datacenter Technologies and Tier 3/ Tier 4 solutions.
• Experience working with Aruba and Cisco Wireless LAN controllers, Configuring and Provisioning AP’s, Virtual AP’s, RTLS, Wireless SSID’s, remote and campus AP’s, upgrading WLC, worked in Active/Active local Controllers and Master controller. Worked on RAP3 for remote access.
• Experience in Cisco ACI (Application Centric Infrastructure) SDN architecture to reduce operating costs, automate IT tasks, for greater scalability and visibility in a data center environment.
• Working for provisioning, health monitoring, and managing the full lifecycle of Cisco ACI networking policies and stretched tenant policies across Cisco ACI sites.
• Integrated and Configured Cisco ASA-5585, 5000, 5520, 5555 Firewalls with ISE to the Posture
• Policy compliance performs CoA for remote VPN IPsec, SSL Any Connect users.
• Experience with Cisco ACI fabric networks, including python scripting automation device.
• Configure, maintain and upgrade of data center infrastructure, Nexus 7k, 6k, 5k, 2k, and UCS, employing VDC, VPC, VRF, and fabric-path technologies.
• Experienced in configuration and troubleshooting of Juniper MX960, MX480, MX240 series routers and EX3300, EX4200, EX4300 series switches.
• Configured OSPF, BGP, VDC, Management VRF's, STP, Multicast, QoS, TACACS, SNMP traps, Net flow, WCCP Web Cache Communication Protocol access lists on and between the Nexus 7010 Core Routers and ASR 1006 CE Customer Edge Routers interconnectivity in the PWAZ.
• Position the VMware and Dell partnership. Deliver the value proposition of new and updated products such as NSX, VSAN, vCloud Air and AirWatch to achieve customer outcomes
• Experience working with Fortinet Firewall series FortiGate 3800, 3700, 3200, 3100, 2500 & 2000.
• Worked on Bringing Cisco Viptela SDWAN on to ISR routers in remote sites to bring ON boarding to SD WAN.
• Working as Cloud Administrator on Microsoft Azure, experienced in configuring virtual machines, storage accounts, resource groups and follow agile methodology to develop scripts to achieve CI/CD.
• Hands-on experience with virtualized environment using VMware products such as ESXi, NSX,vCloudDirector, vSAN, vRealize, etc.
• Tested L2 protocols (VLAN. STP, flavors of STP, PVST, HSRP, VRRP & LACP) and routing protocols (OSPF. MPLS, EIGRP & RIP).
• Experience working in complex environments which includes Layer 2 Switching, L3 routing, Network security with perimeter and VPN firewalls, Load balancing and Access policies management in F5/NetScaler. Experience with Aruba Wireless LAN Controllers.
• Used Ekahau as the primary tool to perform predicative analysis, active and passive surveys as well as trouble shooting of RF as well as Cisco Prime to expand wireless coverage in the branch banks.
• Deployed and configured Firewall Appliances (Palo Alto, ASA) to secure Azure Cloud platform.
• Experienced in deployed and configured Azure Backups for Virtual Machines and files & folders backups on Windows and Linux operating systems using Recovery Services Vault in Azure Resource Manager
• Worked on Supports, Monitors and manages the SIEM environment. Splunk Administration and analytics development on Information Security, Infrastructure and network, data security, Splunk Enterprise Security app, Triage events, Incident Analysis.
• Experience in performed site refreshes on Cisco switching and Meraki wireless infrastructure.
• Worked on configuration and implementation of VIP’s, High availability (A/S), virtual server and irules on F5 BIG BIG-IP i11000 Series / 1RU.
• Hands-on experience in configuringVipteladevices and creating device and feature templates on vManage required forSD-WANimplementation.
• Designed and Configured Cisco Identity Services Engine (ISE v2.3) to support corporate connectivity to a new wireless environment utilizing Active Directory Authentication.
• Worked on virtual F5 LTM module on VMware for application testing.
• Experienced with configuration of SSL Offload on F5 Load balancer.

Confidential, Atlanta, GA

Network Security Engineer

Responsibilities:

• Experience on working in panorama, Palo Alto user interface version 8.0.2 and VM-300 series firewalls.
• Creating or Modifying Firewall rules on Palo Alto VM-300 and Juniper SRX-240 devices.
• Worked on Migrate firewall and VPN platform to Palo Alto for Private cloud solution.
• Experience in Migrated VPN solution from Cisco ASA 5540 to Palo Alto PA-3020 with the Global connect VPN client.
• Configured Cisco ISE and switches to authenticate and authorize devices and users.
• Experienced in performing backups and upgrades from time to time on different type of firewalls mostly on Palo Alto and Cisco ASA firewalls.
• Worked on configure and support Nexus 5548, 5596, 5010, 2020 and 9372 switches in a Fex based architecture.
• Network security including NAT/PAT, ACL, and ASA/SRX/Palo Alto/Fortinet Firewalls.
• Worked in for the NextGen Datacenter Cloud Architecture, using Cisco ACI and Nexus 9K.
• Working for Cisco ACI, NXOS and IOS, QoS, data center network design, cloud infrastructure design and management, OSPF, BGP, VLAN Trunking.
• Configuration of RF devices such as subscriber units and access points and troubleshooting of customer WAN issues.
• Configured and tested the ACI, distribute-list, prefix-list and route-map for on demand routing and use of sub-optimal timers and link aggregation for failover providers.
• Helped the team to designing SD-WAN (Viptela) solution for Customer Networks.
• Experienced on Enabling Azure Defender on subscriptions to protect our Azure and hybrid resources to protect management ports of VMs with just-in-time and adaptive applications controls.
• Experience is defining cloud security controls for an Azure environment at an Enterprise level for DecOps.
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
• Experience working in Azure Security including RBAC, Azure Security Center and Azure Monitor
• Working on developing Python scripts for version upgrade of routers and day to day maintenance.
• Involved in Meraki wireless device to install and configuration.
• Worked on F5 issues using packet capture like TCP dump, Wireshark and SolarWinds and curl commands.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Experienced in provided application level redundancy and availability by deploying F5 load balancers LTM.

Confidential, Alpharetta, GA

Network & Service Delivery

Responsibilities:

• Working for Design, Troubleshooting and Operation of Network infrastructure.
• Experience in perform VAPT for to check vulnerability and penetration testing whenever required.
• Experienced in configure and troubleshooting on Palo Alto and ASA firewall.
• Monitoring the health of the Virtual environment and performing day to day administration and troubleshooting on CISCO UCS and VMware sphere 6.7 environments.
• Understand customer need and do the project ahead as per requirement.
• Experienced on identifying user training needs and devising and managing user training programs.
• Worked on configuration of IPSec, site-to-site, Remote Access VPN & NAT / Hide in ASA 5510 & R 77.40 Gaia.
• Experience on Installation Configuration and troubleshooting of dell wireless controller DWS3160 with Cisco Aironet 1850 APs.
• Worked on identifying user training needs and devising and managing user training programs.
• Experience in worked on Taking care of change Management Process and all network change done by us.
• Configuration and Management of Firewall Policy, NAT, VPN Configuration.
• Opening ports on firewall as per customer requirement like FTP, RDP, HTTP and HTTPS, SMTP.
• Experience in Configuration Backup and maintenance of firewalls on a regular interval.
• Worked in configuration of load balancing protocols like HSRP, VRRP, and GLBP.

Confidential - Allentown, PA

Network Engineer

Responsibilities:

• Experienced in Cisco Catalyst access switch 3750 and Cisco Catalyst 6509-E Chassis switches with 4451 and 3925 Cisco Router.
• Experience with ASA firewalls with (5510 and 5520) with 8.2 and 8.4 IOS version F5 Load Balancing and experience in Check Point.
• Worked on configuration and management of Microsoft TMG server 2010, Wan optimizer Steal head (Riverbed)
• Work experience on major switching and routing protocols such as a IP, VTP, STP, HSRP, VLAN, IP-Sec, HTTP, SSH, ACLs, OSFP.
• Working support and troubleshooting in Oracle VM ware environment were support more than 300 server and desktop VMs.
• Maintained and monitored all network, security and computer systems to meet the organization's current and future requirements with WANMON and SNOW tools.
• Worked with various vendors and service providers to ensure productive environment.