SUMMARY

• 9 years of hands on experience in Enterprise& service provider network engineering, designing, integrating, deploying, maintaining and supporting broad range of communication systems.
• Hands on experience in configuring Virtual Local Area Network (VLAN), VLAN Trunking Protocol (VTP), Dynamic Trunking Protocol (DTP), Spanning Tree Protocol (STP), RSTP, MST and Per VLAN Spanning Tree (PVST).
• Expert noledge of redundancy protocol like HSRP and VRRP, and migrated old chassis based VSS redundancy to HSRP and VRRP redundancy protocols
• Experienced in performing configuration, testing and implementation of CitrixNetScaler HA and LB.
• Experience in Layer 2 routing Protocol Configurations: ARP, RARP, ATM/FRAME RELAY and VPN technologies: IPSec & SSL and L4 - L7 security solutions.
• Implemented MPLS/VPN services for various customers. Experience in Layer 3 Routing Protocol configurations: RIP, OSPF, BGP, EIGRP and MPLS.
• Worked on SD-WAN and SDN related issues and troubleshoot it. Also worked on Viptela SD-WAN deployment.
• Experience of providing CloudGenix SDWAN installation and support.
• Thorough understanding of juniper SRX 5400/3600/3400 , Palo Alto firewalls PA- 7050/5050/5020 , Checkpoint firewalls security GWs & Management servers, Cisco ASA Firewalls 5500/ 5550/ 5545/5585 , Cisco PIX Firewall 525, Cisco Firepower 2100 and 4100 series, Juniper NetScreen Firewall 1000 series.
• Experience in troubleshooting Network performance issues using NetQoS.
• Experience in F5 LTM, GTM series like 6400, 6800, 8800, Cisco ACE load balancers.
• Extensive Knowledge and hands on experience Datacenter Hardware and technologies like, Catalyst 6500 series switches, Nexus 7K,5K,2K (fabric extenders)
• Worked on load balancing methods, SSL certs, persistence profiles, SNAT IPs, client/server profiles while configuring VIPs and customizing them as per the applications needs.
• Successfully resolved communication issues between network devices and network management applications such as CA Spectrum and InfobloxNetMRI.
• Primary responsibility is to design and deploy various network security & high availability products like Cisco ASA other security products.

TECHNICAL SKILLS:

Routing Technology: RIP, RIPV2, IGRP, EIGRP, OSPF, BGP, TCP/IP, Static and Dynamic Routing.

Network Products: Cisco Routers (1900, 2500, 2600, 2800, 3600, 4300,4400, 7200). Cisco Switches (2900, 3500, 4000, 4500, 5000, 6500, Nexus 9k,5k and 7k). Cisco WLCs (2504, 3850, 5508, 5520, 8510, 8540). Juniper(JUNOS)M and MX, EX series Routers and SRX, ISG firewalls.

Security & VPN: PIX 500 Firewall, ASA 5505 Firewall, ACL-Access Control List, IPS/IDS, NAT, PAT, Cisco ACS/ISE.

LAN Technology: Workgroup, Domain, HSRP, DNS, DHCP, Static, VLAN, STP, VTP, Ether Channel, Trunks.

WAN Infrastructure: Leased Line, ISDN/Dial-Up, Frame Relay circuits, Metro Ethernet.

WAN Technologies: HDLC, PPP, ATM, MPLS, VPN, IPSec-VPN, T1/T3.

AAA Architecture: TACACS+, RADIUS, Cisco ACS.

Monitoring: Solar Winds, Riverbed, Wireshark, Microsoft Network Monitor.

PROFESSIONAL EXPERIENCE

Confidential

Sr. Network Engineer

Responsibilities:

• Resolving Cisco vulnerabilities on routers, switches, voice, wireless and other Cisco systems.
• Compiling a list of vulnerabilities on Cisco equipment, research the vulnerability, providing a summarization of the vulnerability and review with Aera to determine if applicable to Aera. Determine corrective actions if it is applicable.
• Testing F5 Advanced Firewall Manager for feature deployment.
• Providing a recommendation to remedy as many vulnerabilities as possible with the fewest actions or interruptions to the device.

Confidential, Austin, TX

Network Engineer

Responsibilities:

• Installation, configuration and troubleshooting of Cisco ASR 1k, ASR 9k series routers and Catalyst 6500, 3500 series switches.
• Primary WAN Engineer configuring, maintaining, and implementing networking infrastructure solutions on a day to day basis. Also led WAN MPLS migration project from major ISP to new ISP.
• Upgraded the core WAN routers from Cisco ISR 3800 to ASR 1001-X.
• Deployed Cisco ISE as an internal enterprise NAC solution to enhance and centralize network policy management.
• Implementing SNMP and AAA (Radius & TACACS) on various devices, allowing for Network management and access.
• Handling Clients VPN connections establish new connections and troubleshoot.
• Configured, monitored and troubleshoot Cisco's ASA 5500 security appliance Firewall, integrated firewalls with Gateway Anti-Virus and web filtering applications, like IDS.
• Worked on Cisco Secure Access Control Server (ACS) for Windows to autanticate users that connects to a VPN 3000 Concentrator.
• Installed, configured and managed AAA Autantication servers RADIUS & TACAS+, DNS and DHCP servers and management by means of Infoblox and Active Directory Database.
• Worked with TAC, BU team for debugging and fixing ACI Network issues in Cisco Cloud.
• Assisted in deployment, integration and management of both next-gen and traditional stateful firewalls (primarily Palo Alto, Cisco ASA, Fortinet) for access control, visibility and security.
• Experience with connectivity of Cisco Networking Equipment with F5 Load Balancer.
• Assisted with providing requirements for implementing SD-WANacross various State Parks.
• Led WAN Ethernet upgrade project where various state parks were upgraded from a single T1 to an Ethernet circuit where availability permitted. If Ethernet was not available, we upgraded to a bonded T1 multilink in rural areas.
• Hands on experience in configuring and supporting site-to-site and remote access server, IPSec, VPN solutions using ASA/PIXfirewalls, Cisco and VPN client, FirePower, Sourcefire.
• Responds to trouble tickets by troubleshooting all major types of CMTS and PON equipment, including Cisco CBR8, Arris E6000, Casa C100G CMTS', and Adtran 9500/9516 and Nokia XGS-PON.
• Experience with Meraki switches, access points and Meraki dashboard.
• Utilizing secure access (VPN, SSH) and QoS to ensure client satisfaction.
• Configured VLANs with 802.1q tagging, configured trunk groups, ether channels, and spanning tree for creating access/distribution and core layer switching architecture.
• Monitored and identified capacity and performance issues for VoIPtraffic to ensure uninterrupted operation of telephony systems.
• Participates in DOCSIS planning/deployment operations, network architecture design, and engineering.
• Designed a secured wired networkusing NetworkAccess Control (NAC) centered around a multi-site redundant solution with Cisco ISE and Windows Active Directory.
• Specific responsibilities included handling AAA, LDAP and Linux based devices.
• Configured 3850,3650,2960 switches and 1921,4321,4331,4451 routers
• Maintained and Supported Multiprotocol Label Switching (MPLS) on WAN network.
• Experience with NetworkAutomation using Python.
• Provisioning Cisco controllers, routers and switches for VLANs, QoS, firewall services, and 802.1x to support multiple SSIDs in an integrated wired and wireless environment.
• Worked on reconfiguring BGP with new AS numbers over WAN connections that connect multiple locations.
• Substantial lab testing & validation prior to implementation.

Confidential, East Lansing, MI

Network Engineer

Responsibilities:

• Configured and installed Juniper Layer 3 EX4200 and EX3200 switches. Designed, implemented and administered IPv4/IPv6 enterprise network infrastructure utilizing Juniper routers.
• Worked with IOS upgrade of Juniper devices, worked on daily CA tickets.
• Installing, connecting, up-linking and configuring switches across the campus.
• Migrated the MPLS environment to Cisco Meraki based on SD- WAN IPSEC VPN solution.
• Migrated/Upgraded SolarWinds Orion and Print Services environments to Azure Cloud from on-premises.
• Implementing and configuring F5 LTM's for VIP's and Virtual servers as per application and business requirements.
• Review monitoring and security risks for our network infrastructure, update security policies using Palo Alto firewalls.
• Exposure to cloud managed SD-WAN with Cisco Meraki, cloud-based Wi-Fi implementation and provisioning. Working with various WAN vendors troubleshooting circuit relation issues
• Worked on Viptela SD-WAN Deployment for Charter WAN Infrastructure. Integrated with existing BGP environment to redistribute routes seamlessly from Viptela SD-WAN into traditional MPLS WAN.
• Advanced noledge of DOCSIS 3.0/3.1 standards, DOCSIS Modulation profiles, TFTP, CM files, CMTS (Arris E6000, Cisco CBR8), EPON and other related provisioning elements
• Turned up ISEas a NAC solution and to support 802.1x on wired and wireless.
• Cisco ACI fabric networks, including pythonautomation. Also, great exposure to SDN and networkvirtualization technologies like Cisco ACI.
• Installed, configured and managed AAA Autantication servers RADIUS & TACAS+, DNS and DHCP servers and management by means of Infoblox and Active Directory Database.
• Assessing standards and project direction and achieving deliverability of a project.
• Experience on Cisco FirePower for Network Address Translation (NAT), Access Control, Encrypted Traffic Handling, Intrusion Detection and Prevention.
• Configured and deployed QOS.
• Expertise on the analysis, implementation, troubleshooting & documentation of LAN/WAN architecture and good experience on IP services.

Confidential, Maplewood, MN

Network Engineer

Responsibilities:

• Experienced in providing NetworkDesign, Installation, Analysis, Troubleshooting, and Support for LAN, WAN and WLAN services.
• Full lifecycle experience in designing, deploying, and supporting enterprise-scale SD- WAN migration.
• Provided daily network support for all branches and sits in the organization's WAN consisting of MPLS, VPN and point-to-point (P2P) circuits.
• Implemented vulnerabilities patches on quarterly PCI DSS (Payment Card Industry Data Security Standards).
• Worked with installation of Palo Alto firewalls.
• Experience in activating/maintaining CPE as per the DOCSIS, PacketCable, and SNMP specifications.
• Enhanced the network access security & feasibility at a higher end using Cisco ISE implementation.
• Supported network operations, maintenance and engineering including all aspects of the connectivity infrastructure, firewall support, and VPN support (IPSEC tunnels and remote access).
• Migrated all network devices TACACS+ and RADIUS to ClearPass from Cisco ACS.
• Worked with the team to design and implement industry leading SD-WAN infrastructure to provide secure WAN connectivity.
• Worked extensively on policy design and implementation for NACsolution and integrated NACwith various Networkinfrastructures for successful deployment of NACsolution.
• Worked extensively on Microsoft Visio for designing the Cisco ISE NetworkArchitecture and for POC setups.
• Troubleshoot various application issues with respect to F5.
• Led migrations from old equipment to new equipment and Implemented standards that has been globally developed.
• Planned designing, Installation, configuration and maintenance of 802.11a/b/g Wireless Networks and WirelessAccess points.
• Good noledge and experience in installation, configuration and administration of FTP, DNS, DHCP, TFTP, Linux OS under various LAN and WAN environments.

Confidential, Livingston, NJ

Network Engineer

Responsibilities:

• Configured layer 2 and layer 3 switching and routing protocols such as MPLS VPN, OSPF, BGP, MP-BGP, MPLS, on Juniper 4200, MX960 and Cisco 2800, 2500 and 3700's routers.
• Experience in configuring routing protocols like EIGRP, RIP v2, OSPF & BGP and Cisco ACS protocols like RADIUS and TACACS.
• Troubleshot BGP, IS-IS, and MPLS routing anomalies.
• Hands-on experience in configuring Citrix NetScaler with GSLB multiple sites as well as F5 BIG-IP GTM and LTM.
• Good noledge in SD- WAN technology in involving discovery design and implementation of client's network.
• Experience on Cisco FirePower for IPS Device Deployments and Configuration, High Availability and Scalability, Appliance Platform Settings.
• Innovated with support of Palo Alto for remote and mobile users and for analyzing files for malware in a separate process that does not impact stream processing.
• Managed theF5BigIPGTM/LTMappliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
• Participates in DOCSIS planning/deployment operations, network architecture design and engineering.
• Create, modify and deploy configuration scripts for DOCSIS modems and CMT
• Performed technical problem resolution including analysis, trouble isolation, and repair on SD- WAN devices. Worked closely with architect team by halping them in designing and implementing.
• Worked with security team and audit team to maintain PCI compliance for the network.
• Well versed withDNS functionality and concepts as it relates to IPv4 and IPv6 and experience withInfoblox.
• Well experienced working in structured change management processes for highly available enterprise networks.
• Experience in activating/maintaining CPE as per the DOCSIS, PacketCable, and SNMP specifications.
• Handled project which involves replacingWAAS (Wide Area Application Services) devices in production network.
• Supported nationwide LAN infrastructure consisting of Cisco 4510 and catalyst 6513.
• Expertise in providing documentation describing projects, deliverables and timeline.

Confidential, Foster City, CA

Network Engineer

Responsibilities:

• Designed WAN structure to prevent single point of failure in case of link failure.
• Lead the campus refresh project.
• Implemented stub/Totally stub areas. Implemented various OSPF features like route-summarization and SPF throttling
• Upgraded the old infrastructure to a new one replacing CISCO routers with Arubaswitches.
• Installed Wireless Access Points (WAP) at various locations in the company.
• Maintenance and Troubleshooting of connectivity problems using PING, trace route.
• Monitored and documented the stability and performance WAN/MANusing Network Tools such as Solar Winds, Cisco Prime.
• Implemented Positive Enforcement Model with the halp of Palo Alto Networks
• Implementing various platform technologies fromCiscoISIS, BGP, MPLS, VPN, IPSEC, VSS, CSS, ACE, VPLS, to F5 load balancing.
• Configured Aruba WAP, CiscoMeraki and wirelesscontroller, CiscoPRIME, CiscoMobility Services Engine (MSE) for proper access of Gilead wirelessinternet.
• Performed configuration of SNMP, RADIUS, and TACACS along with other standard global.
• Configurations on existing client production routers and switches.
• Provided connectivity to On-premise devices to Azure VNET by using Azure VPN, Express Routes and Virtual Network peering.
• Daily support of Cisco platform devices including Nexus9K,7K, 5Kand 2K, Catalyst 4500 and 6500 series, 1800, 2800 and 3800 series routers, ASA 5500 series, 3500 and 2900 series
• Worked closely with Project Managers of various changerequests for budgeting and UAT Resources.
• Designed and Implemented the Automated Role Based Access (ARBAC) in ISR Routers with the halp of Identify Service Engine (ISE) product to provide various access controls for all Tier teams in Network Operations and end users.
• Supported Infobloxappliances grid environment for DNS, DHCP and IP Address Management tools (IPv4)

Confidential, Edinburg, TX

Campus Networking Administrator

Responsibilities:

• Hands on experience on configuration and implementation of various Cisco Routers & L2/L3 Switches.
• Extensive experience in configuring and implementing OSPF and BGP.
• Configuration of EIGRP and OSPF as interior gateway protocol with route filtering and route redistribution, installed and maintained Cisco 3600, 2600 and 7200 backbone routes with HSRP.
• Implemented stub/Totally stub areas. Implemented various OSPF features like route-summarization and SPF throttling.
• Troubleshot issues with the following types of routers Cisco (1700, 2600 and 3500 series), to include: bridging, switching, routing, Ethernet, NAT, and DHCP.
• Managed and maintained Cisco ACS (Access Control Server) TACACS and Radius Utility Grid Network devices. Used DHCP to automatically assign reusable IP addresses to DHCP clients

Confidential

Network Administrator

Responsibilities:

• Configured Cisco Routers 2600 series using RIP, OSPF, EIGRP and Cisco Switches 2900.
• Developed, planned and maintained documentation necessary for operation in support of LAN to WAN connectivity
• Configured the BGP as a WAN protocol, and OSPF/EIGRP as interior routing protocol.
• Configuration of Access List ACL (Std, Ext, Named) to allow users all over the company to access different applications and blocking others.
• Deployed and decommissioned VLANs on core ASR 9K, Nexus 7K, 5Kand its downstream devices.
• Installed and configured DNS and DHCP server.
• Involved in troubleshooting of DHCP and other IP conflict problems
• Ensured problems are satisfactorily resolved in a timely manner with focus on providing a high level of support for all customers.
• Working noledge with F5 ASM / GTM/ LTM.
• Performed switching technology administration including VLANs, inter-VLAN routing, Trunking, STP, RSTP, port aggregation & link negotiation.
• Maintained excellent communication with the IT Manager on all tasks and projects
• Attended meetings and technical discussions related to project.