SUMMARY

• 9 years of hands on experience in Enterprise& service provider network engineering, designing, integrating, deploying, maintaining and supporting broad range of communication systems.
• Hands on experience in configuring Virtual Local Area Network (VLAN), VLAN Trunking Protocol (VTP), Dynamic Trunking Protocol (DTP), Spanning Tree Protocol (STP), RSTP, MST and Per VLAN Spanning Tree (PVST).
• Expert knowledge of redundancy protocol like HSRP and VRRP, and migrated old chassis based VSS redundancy to HSRP and VRRP redundancy protocols
• Experienced in performing configuration, testing and implementation of CitrixNetScaler HA and LB.
• Experience in Layer 2 routing Protocol Configurations: ARP, RARP, ATM/FRAME RELAY and VPN technologies: IPSec & SSL and L4 - L7 security solutions.
• Implemented MPLS/VPN services for various customers. Experience in Layer 3 Routing Protocol configurations: RIP, OSPF, BGP, EIGRP and MPLS.
• Worked on SD-WAN and SDN related issues and troubleshoot it. Also worked on Viptela SD-WAN deployment.
• Experience of providing CloudGenix SDWAN installation and support.
• Thorough understanding of juniper SRX 5400/3600/3400 , Palo Alto firewalls PA- 7050/5050/5020 , Checkpoint firewalls security GWs & Management servers, Cisco ASA Firewalls 5500/ 5550/ 5545/5585 , Cisco PIX Firewall 525, Cisco Firepower 2100 and 4100 series, Juniper NetScreen Firewall 1000 series.
• Experience in troubleshooting Network performance issues using NetQoS.
• Experience in F5 LTM, GTM series like 6400, 6800, 8800, Cisco ACE load balancers.
• Extensive Knowledge and hands on experience Datacenter Hardware and technologies like, Catalyst 6500 series switches, Nexus 7K,5K,2K (fabric extenders)
• Worked on load balancing methods, SSL certs, persistence profiles, SNAT IPs, client/server profiles while configuring VIPs and customizing them as per teh applications needs.
• Successfully resolved communication issues between network devices and network management applications such as CA Spectrum and InfobloxNetMRI.
• Primary responsibility is to design and deploy various network security & high availability products like Cisco ASA other security products.

TECHNICAL SKILLS:

Routing Technology: RIP, RIPV2, IGRP, EIGRP, OSPF, BGP, TCP/IP, Static and Dynamic Routing.

Network Products: Cisco Routers (1900, 2500, 2600, 2800, 3600, 4300,4400, 7200). Cisco Switches (2900, 3500, 4000, 4500, 5000, 6500, Nexus 9k,5k and 7k). Cisco WLCs (2504, 3850, 5508, 5520, 8510, 8540). Juniper(JUNOS)M and MX, EX series Routers and SRX, ISG firewalls.

Security & VPN: PIX 500 Firewall, ASA 5505 Firewall, ACL-Access Control List, IPS/IDS, NAT, PAT, Cisco ACS/ISE.

LAN Technology: Workgroup, Domain, HSRP, DNS, DHCP, Static, VLAN, STP, VTP, Ether Channel, Trunks.

WAN Infrastructure: Leased Line, ISDN/Dial-Up, Frame Relay circuits, Metro Ethernet.

WAN Technologies: HDLC, PPP, ATM, MPLS, VPN, IPSec-VPN, T1/T3.

AAA Architecture: TACACS+, RADIUS, Cisco ACS.

Monitoring: Solar Winds, Riverbed, Wireshark, Microsoft Network Monitor.

PROFESSIONAL EXPERIENCE

Confidential

Sr. Network Engineer

Responsibilities:

• Resolving Cisco vulnerabilities on routers, switches, voice, wireless and other Cisco systems.
• Compiling a list of vulnerabilities on Cisco equipment, research teh vulnerability, providing a summarization of teh vulnerability and review wif Aera to determine if applicable to Aera. Determine corrective actions if it is applicable.
• Testing F5 Advanced Firewall Manager for feature deployment.
• Providing a recommendation to remedy as many vulnerabilities as possible wif teh fewest actions or interruptions to teh device.

Confidential, Austin, TX

Network Engineer

Responsibilities:

• Installation, configuration and troubleshooting of Cisco ASR 1k, ASR 9k series routers and Catalyst 6500, 3500 series switches.
• Primary WAN Engineer configuring, maintaining, and implementing networking infrastructure solutions on a day to day basis. Also led WAN MPLS migration project from major ISP to new ISP.
• Upgraded teh core WAN routers from Cisco ISR 3800 to ASR 1001-X.
• Deployed Cisco ISE as an internal enterprise NAC solution to enhance and centralize network policy management.
• Implementing SNMP and AAA (Radius & TACACS) on various devices, allowing for Network management and access.
• Handling Clients VPN connections establish new connections and troubleshoot.
• Configured, monitored and troubleshoot Cisco's ASA 5500 security appliance Firewall, integrated firewalls wif Gateway Anti-Virus and web filtering applications, like IDS.
• Worked on Cisco Secure Access Control Server (ACS) for Windows to autanticate users dat connects to a VPN 3000 Concentrator.
• Installed, configured and managed AAA Autantication servers RADIUS & TACAS+, DNS and DHCP servers and management by means of Infoblox and Active Directory Database.
• Worked wif TAC, BU team for debugging and fixing ACI Network issues in Cisco Cloud.
• Assisted in deployment, integration and management of both next-gen and traditional stateful firewalls (primarily Palo Alto, Cisco ASA, Fortinet) for access control, visibility and security.
• Experience wif connectivity of Cisco Networking Equipment wif F5 Load Balancer.
• Assisted wif providing requirements for implementing SD-WANacross various State Parks.
• Led WAN Ethernet upgrade project where various state parks were upgraded from a single T1 to an Ethernet circuit where availability permitted. If Ethernet was not available, we upgraded to a bonded T1 multilink in rural areas.
• Hands on experience in configuring and supporting site-to-site and remote access server, IPSec, VPN solutions using ASA/PIXfirewalls, Cisco and VPN client, FirePower, Sourcefire.
• Responds to trouble tickets by troubleshooting all major types of CMTS and PON equipment, including Cisco CBR8, Arris E6000, Casa C100G CMTS', and Adtran 9500/9516 and Nokia XGS-PON.
• Experience wif Meraki switches, access points and Meraki dashboard.
• Utilizing secure access (VPN, SSH) and QoS to ensure client satisfaction.
• Configured VLANs wif 802.1q tagging, configured trunk groups, ether channels, and spanning tree for creating access/distribution and core layer switching architecture.
• Monitored and identified capacity and performance issues for VoIPtraffic to ensure uninterrupted operation of telephony systems.
• Participates in DOCSIS planning/deployment operations, network architecture design, and engineering.
• Designed a secured wired networkusing NetworkAccess Control (NAC) centered around a multi-site redundant solution wif Cisco ISE and Windows Active Directory.
• Specific responsibilities included handling AAA, LDAP and Linux based devices.
• Configured 3850,3650,2960 switches and 1921,4321,4331,4451 routers
• Maintained and Supported Multiprotocol Label Switching (MPLS) on WAN network.
• Experience wif NetworkAutomation using Python.
• Provisioning Cisco controllers, routers and switches for VLANs, QoS, firewall services, and 802.1x to support multiple SSIDs in an integrated wired and wireless environment.
• Worked on reconfiguring BGP wif new AS numbers over WAN connections dat connect multiple locations.
• Substantial lab testing & validation prior to implementation.

Confidential, East Lansing, MI

Network Engineer

Responsibilities:

• Configured and installed Juniper Layer 3 EX4200 and EX3200 switches. Designed, implemented and administered IPv4/IPv6 enterprise network infrastructure utilizing Juniper routers.
• Worked wif IOS upgrade of Juniper devices, worked on daily CA tickets.
• Installing, connecting, up-linking and configuring switches across teh campus.
• Migrated teh MPLS environment to Cisco Meraki based on SD- WAN IPSEC VPN solution.
• Migrated/Upgraded SolarWinds Orion and Print Services environments to Azure Cloud from on-premises.
• Implementing and configuring F5 LTM's for VIP's and Virtual servers as per application and business requirements.
• Review monitoring and security risks for our network infrastructure, update security policies using Palo Alto firewalls.
• Exposure to cloud managed SD-WAN wif Cisco Meraki, cloud-based Wi-Fi implementation and provisioning. Working wif various WAN vendors troubleshooting circuit relation issues
• Worked on Viptela SD-WAN Deployment for Charter WAN Infrastructure. Integrated wif existing BGP environment to redistribute routes seamlessly from Viptela SD-WAN into traditional MPLS WAN.
• Advanced knowledge of DOCSIS 3.0/3.1 standards, DOCSIS Modulation profiles, TFTP, CM files, CMTS (Arris E6000, Cisco CBR8), EPON and other related provisioning elements
• Turned up ISEas a NAC solution and to support 802.1x on wired and wireless.
• Cisco ACI fabric networks, including pythonautomation. Also, great exposure to SDN and networkvirtualization technologies like Cisco ACI.
• Installed, configured and managed AAA Autantication servers RADIUS & TACAS+, DNS and DHCP servers and management by means of Infoblox and Active Directory Database.
• Assessing standards and project direction and achieving deliverability of a project.
• Experience on Cisco FirePower for Network Address Translation (NAT), Access Control, Encrypted Traffic Handling, Intrusion Detection and Prevention.
• Configured and deployed QOS.
• Expertise on teh analysis, implementation, troubleshooting & documentation of LAN/WAN architecture and good experience on IP services.

Confidential, Maplewood, MN

Network Engineer

Responsibilities:

• Experienced in providing NetworkDesign, Installation, Analysis, Troubleshooting, and Support for LAN, WAN and WLAN services.
• Full lifecycle experience in designing, deploying, and supporting enterprise-scale SD- WAN migration.
• Provided daily network support for all branches and sits in teh organization's WAN consisting of MPLS, VPN and point-to-point (P2P) circuits.
• Implemented vulnerabilities patches on quarterly PCI DSS (Payment Card Industry Data Security Standards).
• Worked wif installation of Palo Alto firewalls.
• Experience in activating/maintaining CPE as per teh DOCSIS, PacketCable, and SNMP specifications.
• Enhanced teh network access security & feasibility at a higher end using Cisco ISE implementation.
• Supported network operations, maintenance and engineering including all aspects of teh connectivity infrastructure, firewall support, and VPN support (IPSEC tunnels and remote access).
• Migrated all network devices TACACS+ and RADIUS to ClearPass from Cisco ACS.
• Worked wif teh team to design and implement industry leading SD-WAN infrastructure to provide secure WAN connectivity.
• Worked extensively on policy design and implementation for NACsolution and integrated NACwif various Networkinfrastructures for successful deployment of NACsolution.
• Worked extensively on Microsoft Visio for designing teh Cisco ISE NetworkArchitecture and for POC setups.
• Troubleshoot various application issues wif respect to F5.
• Led migrations from old equipment to new equipment and Implemented standards dat has been globally developed.
• Planned designing, Installation, configuration and maintenance of 802.11a/b/g Wireless Networks and WirelessAccess points.
• Good knowledge and experience in installation, configuration and administration of FTP, DNS, DHCP, TFTP, Linux OS under various LAN and WAN environments.

Confidential, Livingston, NJ

Network Engineer

Responsibilities:

• Configured layer 2 and layer 3 switching and routing protocols such as MPLS VPN, OSPF, BGP, MP-BGP, MPLS, on Juniper 4200, MX960 and Cisco 2800, 2500 and 3700's routers.
• Experience in configuring routing protocols like EIGRP, RIP v2, OSPF & BGP and Cisco ACS protocols like RADIUS and TACACS.
• Troubleshot BGP, IS-IS, and MPLS routing anomalies.
• Hands-on experience in configuring Citrix NetScaler wif GSLB multiple sites as well as F5 BIG-IP GTM and LTM.
• Good knowledge in SD- WAN technology in involving discovery design and implementation of client's network.
• Experience on Cisco FirePower for IPS Device Deployments and Configuration, High Availability and Scalability, Appliance Platform Settings.
• Innovated wif support of Palo Alto for remote and mobile users and for analyzing files for malware in a separate process dat does not impact stream processing.
• Managed theF5BigIPGTM/LTMappliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
• Participates in DOCSIS planning/deployment operations, network architecture design and engineering.
• Create, modify and deploy configuration scripts for DOCSIS modems and CMT
• Performed technical problem resolution including analysis, trouble isolation, and repair on SD- WAN devices. Worked closely wif architect team by helping them in designing and implementing.
• Worked wif security team and audit team to maintain PCI compliance for teh network.
• Well versed wifDNS functionality and concepts as it relates to IPv4 and IPv6 and experience wifInfoblox.
• Well experienced working in structured change management processes for highly available enterprise networks.
• Experience in activating/maintaining CPE as per teh DOCSIS, PacketCable, and SNMP specifications.
• Handled project which involves replacingWAAS (Wide Area Application Services) devices in production network.
• Supported nationwide LAN infrastructure consisting of Cisco 4510 and catalyst 6513.
• Expertise in providing documentation describing projects, deliverables and timeline.

Confidential, Foster City, CA

Network Engineer

Responsibilities:

• Designed WAN structure to prevent single point of failure in case of link failure.
• Lead teh campus refresh project.
• Implemented stub/Totally stub areas. Implemented various OSPF features like route-summarization and SPF throttling
• Upgraded teh old infrastructure to a new one replacing CISCO routers wif Arubaswitches.
• Installed Wireless Access Points (WAP) at various locations in teh company.
• Maintenance and Troubleshooting of connectivity problems using PING, trace route.
• Monitored and documented teh stability and performance WAN/MANusing Network Tools such as Solar Winds, Cisco Prime.
• Implemented Positive Enforcement Model wif teh help of Palo Alto Networks
• Implementing various platform technologies fromCiscoISIS, BGP, MPLS, VPN, IPSEC, VSS, CSS, ACE, VPLS, to F5 load balancing.
• Configured Aruba WAP, CiscoMeraki and wirelesscontroller, CiscoPRIME, CiscoMobility Services Engine (MSE) for proper access of Gilead wirelessinternet.
• Performed configuration of SNMP, RADIUS, and TACACS along wif other standard global.
• Configurations on existing client production routers and switches.
• Provided connectivity to On-premise devices to Azure VNET by using Azure VPN, Express Routes and Virtual Network peering.
• Daily support of Cisco platform devices including Nexus9K,7K, 5Kand 2K, Catalyst 4500 and 6500 series, 1800, 2800 and 3800 series routers, ASA 5500 series, 3500 and 2900 series
• Worked closely wif Project Managers of various changerequests for budgeting and UAT Resources.
• Designed and Implemented teh Automated Role Based Access (ARBAC) in ISR Routers wif teh help of Identify Service Engine (ISE) product to provide various access controls for all Tier teams in Network Operations and end users.
• Supported Infobloxappliances grid environment for DNS, DHCP and IP Address Management tools (IPv4)

Confidential, Edinburg, TX

Campus Networking Administrator

Responsibilities:

• Hands on experience on configuration and implementation of various Cisco Routers & L2/L3 Switches.
• Extensive experience in configuring and implementing OSPF and BGP.
• Configuration of EIGRP and OSPF as interior gateway protocol wif route filtering and route redistribution, installed and maintained Cisco 3600, 2600 and 7200 backbone routes wif HSRP.
• Implemented stub/Totally stub areas. Implemented various OSPF features like route-summarization and SPF throttling.
• Troubleshot issues wif teh following types of routers Cisco (1700, 2600 and 3500 series), to include: bridging, switching, routing, Ethernet, NAT, and DHCP.
• Managed and maintained Cisco ACS (Access Control Server) TACACS and Radius Utility Grid Network devices. Used DHCP to automatically assign reusable IP addresses to DHCP clients

Confidential

Network Administrator

Responsibilities:

• Configured Cisco Routers 2600 series using RIP, OSPF, EIGRP and Cisco Switches 2900.
• Developed, planned and maintained documentation necessary for operation in support of LAN to WAN connectivity
• Configured teh BGP as a WAN protocol, and OSPF/EIGRP as interior routing protocol.
• Configuration of Access List ACL (Std, Ext, Named) to allow users all over teh company to access different applications and blocking others.
• Deployed and decommissioned VLANs on core ASR 9K, Nexus 7K, 5Kand its downstream devices.
• Installed and configured DNS and DHCP server.
• Involved in troubleshooting of DHCP and other IP conflict problems
• Ensured problems are satisfactorily resolved in a timely manner wif focus on providing a high level of support for all customers.
• Working knowledge wif F5 ASM / GTM/ LTM.
• Performed switching technology administration including VLANs, inter-VLAN routing, Trunking, STP, RSTP, port aggregation & link negotiation.
• Maintained excellent communication wif teh IT Manager on all tasks and projects
• Attended meetings and technical discussions related to project.