SUMMARY:

• Around 9 years of experience in Cisco/Juniper Networking, Security which includes designing, Deployment and providing network support, installation, and analysis for a broad range of LAN / WAN protocols.
• Hands On experience Cisco IOS/IOS - XR/NX-OS, Juniper JUNOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, EIGRP, RIP, BGP v4.
• In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Subnetting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits, Firewalls.
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
• Good knowledge of Palo Alto Firewalls and the Panorama Network Security Management Box.
• Configuring Virtual Chassis for Juniper switches EX-4200, Firewalls SRX-210
• Strong knowledge of TACACS+, RADIUS implementation in Access Control Network.
• Experience in Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions for ASA.
• Extensive work experience with Cisco Routers, Cisco Switches, Load Balancers and Firewalls.
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 7010, 5000 series to provide a Flexible Access Solution for a datacenter access architecture
• Responsible for Check Point (Secure Platform R70) and Cisco ASA firewall administration across global networks.
• Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.
• Implemented and maintained Sourcefire intrusion detection/ prevention (IDS/IPS) system and hardened protection standards, IDS/IPS signatures on Firewall for Fine-tuning of TCP and UDP services.
• Implemented traffic filters using standard and extended access-lists, distribute-lists and route maps.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST. Implementation of HSRP, VRRP for Default Gateway Redundancy.
• Proficiency in Cisco ASAs, ISRs, Catalyst/Nexus, HP Switches, Cisco Meraki, Aruba, EIGRP, OSPF, BGP.
• Experience in testing Cisco routers and switches in laboratory and deploy them on site production.
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000.
• Deployed, Managed, monitored and supported Bluecoat Proxy for content filtering, internet access between sites and VPN client users, forward proxy scenario and reverse proxy scenario for security and worked on adding URLs in Bluecoat Proxy SG's for URL filtering.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.
• Worked extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 5500(5510/5540) Series.
• Worked on upgrading Aruba controllers and Access points in troubleshooting the onboarding devices with the networks.
• Knowledge in preparing Technical Documentation and presentations using Microsoft VISIO/Office.
• Worked on MPLS while ensuring secure networking, improving the network performance by prioritizing network traffic and allocating bandwidth according to usage and service requirements.
• Knowledge of WAN Optimization Technology, Riverbed.
• Worked on Cisco Firewalls Cisco ASA 5500(5510/5540) Series and Checkpoint R75, 76, NGX R70 Firewalls.
• Worked with the Python 2 & 3 version
• Worked with Automation script with Python module like Chef & Ansible.
• Configuring Cisco Wireless Controllers and AP’s.
• Configuring the Network Admission Control (NAC).
• Configuring Cisco WAAS.
• Excellent customer management/resolution, problem solving, debugging skills and capable of quick learning, effectively analyze results, and implement and delivering solutions as an individual and as part of a team.
• Hands on Experience testing iRules using Browser (IE), HTTP watch
• In-Depth Knowledge and experience of various wireless 802.11 standards, controllers, Access Points, Wi-Fi analytics from various vendors (Cisco Meraki, HPE /Aruba, D-Link and Netgear), SD-WAN (MX 65, MX100, MX400).
• Provided support that included resolving day-to-day operational issues with tickets generated by a server.
• Good understanding of SNMP, IP SLA and Network Monitoring with experience in tools like PRTG.

TECHNICAL SKILLS:

Networking Technologies: LAN/WAN Architecture, TCP/IP, Frame Relay, VPN, VLAN, VTP, NAT, PAT, STP, RSTP, PVST, MSTP

Networking Hardware: Cisco Switches, Cisco Routers, ASA/Pix firewalls, IronPort

Routing Protocols: OSPF, IGRP, EIGRP, RIP, MPLS, IS-IS, BGP, Multicasting

Security Technologies: PAP, CHAP, Cisco PIX, Blue Coat

Network Monitoring: Cisco Works 2000, Wireshark, HRping

Operating Systems: Windows 7, Vista, XP, 2000, LINUX, Cisco IOS, IOS XR

Routers: CISCO 2600, 2800,3600,3800,7200, Juniper M & T Series, Cisco CRS-1, CRS -3, GSR

Load Balancers: Cisco CSM, F5 Networks (BIG-IP)

Capacity & performance: Cisco works

Switches: CISCO 2900, 3500,4500,5000,6500, Nexus 7k,5k,2k

Programming Languages: C, C++, Perl, Power Shell, Python

Simulation Tools: GNS3, VMware, OPNET IT GURU, OPNET Modeler, Cadence

Firewalls: Juniper Net Screen (500/5200), Juniper SRX (650/3600), Pix (525/535), ASA (5520/5550/5580 ), McAfee Web Gateway, Checkpoint, Palo Alto firewalls.

AAA Architecture: TACACS+, RADIUS, Cisco ACS

Features & Services: IOS and Features, HSRP, GLBP, IPAM IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP and FTP Management, Open Stack, IVR’s, HLD and LLD documents, Dell equal logics

PROFESSIONAL EXPERIENCE:

Confidential,  San Diego, CA

Senior Network Engineer

Responsibilities:

• Upgrading JUN OS on SRX 5800, SRX 3600, MX960, MX480, EX4500, EX4200
• Creating security policies to allow traffic through perimeter and aggregate firewalls, and troubleshooting the issues persisting.
• Configuring IPSec VPN tunnels on Juniper SRX and Cisco ASA firewalls.
• Configuring NAT on SRX devices from Internet to DMZ zones.
• Creating Security policies, URL filtering, on IPS devices.
• Creating HA Pairs of Palo Alto Firewalls for migration project.
• Upgrading PAN OS, Software upgrades on PA 5600, PA 5050, PA 3020.
• Configuring routing, VLAN creating, zones on SRX firewalls.
• Migrating servers from about to be decommissioned data center to new data center and creating security policies, VLAN’s, routing, zones, interface configurations.
• Creating SOP, MOP documents for every change as a part of the project.
• Monitoring CPU utilization and device health of Juniper devices SRX 5800, SRX 3600, MX960, MX480, EX4500, EX4200, and Palo Alto Firewalls PA 5600, PA 5050, PA 3020, Bit9 Carbon Black servers, and Forcepoint Data Loss Prevention servers.
• Handling and troubleshooting tickets within SLA based on different case scenarios.
• Creating and Documenting Server inventory for different devices handled.
• Upgrading Cisco IOS on Cisco 3750 Switches, Cisco 3845 Routers.
• Configuring routing protocols OSPF, BGP on SRX devices for new data center as a part of migration project.
• Monitoring traffic through firewall, utilized Splunk to see the traffic flow and Wireshark for packet analysis.
• On call when changes are scheduled and Handling Priority incidents whenever issue persists.
• Resetting the Cisco EOL switches before disposing and maintaining a record of the decommissioned devices.
• Configuring route-redistribution on certain Cisco devices in the enterprise networks for routing protocols BGP, EIGRP, OSPF.
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering). Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.
• Updating keys on Certicom for smart meters through script running on CLI, importing the keys provided and a backup file is maintained.
• Troubleshooting user account unlock through CyberArk and unlocking RSA account.
• Documenting detailed Root Cause Analysis reports for high priority incidents.

Environment: Juniper SRX Firewalls, Palo Alto Firewalls, Juniper Routers MX960, MX480, Juniper Switches EX4500, EX4200, Cisco Routers 3845, Cisco Switches 3750, 2960 F5 Viprion, Splunk, Infoblox, Cisco Firepower, Aruba Wireless, Carbon Black, Forcepoint Data Loss Prevention.

Confidential, Atlanta, GA

Senior Network Engineer

Responsibilities:

• Configuration and Administration of Cisco and Juniper Routers and Switches
• Performed Configuration on ASR 9K Pairs includes HSRP, Bundle Ethernet Configuration, Assigning DHCP profiles
• Experience working with Nexus 7010, 5548, 5596, 2148, 2248 devices.
• Deploying and decommission of VLANs on core ASR 9K, Nexus 9K, 7K, 5K and its downstream devices and configure 2k, 3k, 7k series Routers
• Experience configuring VPC (Virtual Port Channel), VDC (Virtual Device Context) in Nexus 7010/7018
• Experience with configuring FCOE using Cisco nexus 5548
• Created documents for various platforms including Nexus 7k, ASR9k, and ASR1k enabling successful deployment of new devices on the network
• Configured Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus5000 to connect servers and storage devices.
• Experience with setting up MPLS Layer 3 VPN cloud in data center and also working with BGP WAN towards customer
• Experience with configuring Cisco 6500 VSS in Distribution layer of the Data center network
• Managing and configuring Aruba Wireless devices and Cisco Access Points
• Configuring and managing F5 ASM (Application security manager). Developed security policies.
• Configure and troubleshoot Juniper EX series switches.
• Migrated to Juniper EX series switches from Cisco 3500 series and 6500 series switches
• Experience with moving data center from one location to another location, from 6500 based data centers to Nexus based data center
• Installed and ConfiguredFirepowerManagement Center within new corenetwork.
• Network security including NAT/PAT, ACL, and ASA/SRX Firewalls.
• Good knowledge with the technology’s VPN, WLAN and Multicast.
• Installed and configuredfirepowerIDS/IPS and came up with the baseline configuration for the organization
• Well Experienced in configuring protocols HSRP, GLBP, PPP, PAP, CHAP, and SNMP.
• Work with Load Balancing team to build connectivity to production and disaster recovery servers through F5 Big IP LTM load balancers.
• Configuring high availability pair between Juniper SRX firewall models SRX 4100, 4200
• Responsible for design and implementation/migration from Cisco wireless platform to Aruba wireless platform.
• Installation and Configuration of Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy it also includes the configuration of port channel between core switches and server distribution switches.
• Configuring security policies to permit or to deny certain traffic on SRX firewalls and reordering of security policies configured on SRX firewalls.
• Install, manage and monitored Palo Alto Firewalls in Panorama.
• Implement changes on switches, routers, load balancers (F5 and CSS), wireless devices per engineer’s instructions and troubleshooting any related issues
• Configured & Implemented Cisco Firepower Services with CiscoASA 5500-X advanced security defenses
• Worked with HP switches, Extrahop, F5 Load Balancer,
• Experience with communicating with different customers, IT teams in gathering the details for the project
• Switching tasks include VTP, ISL/ 802.1q, IP Sec and GRE Tunneling, VLANs, Ether Channel, Trucking, Port Security, STP and RSTP.
• Experience in installing and configuring DNS, DHCP servers.
• Configure and install Aruba wireless controllers 7210 and access points.
• Replace branch hardware with new 3900 routers and 2960 switches.
• Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IP Sec/GRE to Get VPN.
• Worked with Palo Alto firewalls PA250, PA4050, PA3020 using Panorama servers, performing changes to monitor/block/allow the traffic on the firewall. Technical assistance for LAN/WAN management and complex customer issues.
• Worked on unified threat management/ next generation firewall features like content filtering, web filtering, antispam, antivirus filtering on SRX firewalls and Palo Alto firewalls.
• Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trucking, deployed port security when possible for user ports.
• Involved in configuring Juniper SSG-140 and Cisco ASA firewall.
• Strong hands on experience on, ASA Firewalls, Palo Alto Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
• Implemented Zone Based Firewalls and Security Rules on the Palo Alto Firewall. Exposure to wildfire feature of Palo Alto. Supported Blue Coat Proxy in explicit mode for users trying to access Internet from Corp Network.
• Worked with the Python 2 & 3 version
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, prevention where needed.

Environment: Cisco ASA Firewalls, F5 ADC, Cisco 3900 Routers, Cisco Catalyst switches 6500, 3750, 3550, 2960 Switches, Juniper SSG-140, Palo Alto Wildfire, Juniper EX series switches, Cisco Firepower, Aruba Wireless, Nexus 9k, 7k, 5k, ASR 9k, ASR 1k, Nexus 2000 FEX, Juniper SRX, Routing Protocols: BGP, OSPF, AAA (TACACS+ & RADIUS), TCL Scripting, ACL Configuration.

Confidential,  New York, NY 

Network Engineer

Responsibilities:

• Assisted in troubleshooting LAN connectivity and hardware issues in the network of 500 hosts.
• Studied and analyzed client requirements to provide solutions for network design, configuration, administration, and security.
• Involved in troubleshooting IP addressing issues and Updating IOS images using TFTP.
• Maintained redundancy on Cisco 2600, 2800 and 3600 routers with HSRP.
• Monitor performance of network and servers to identify potential problems and bottleneck.
• Performed RIP & OSPF routing protocol administration.
• Interacted with support services to reduce the downtime on leased lines.
• Maintenance and Troubleshooting of connectivity problems using Ping, Trace route.
• Daily responsibilities included monitoring remote site using network management tools, assisted in design guidance for infrastructure upgrade & help LAN administrator with backbone connection and connectivity issue Other responsibilities included documentation and support other teams
• Configured OSPF over frame relay networks for NBMA and point to multipoint strategies
• Implementing traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).
• Troubleshooting of Cisco 2800,2900, 3900, 7200, 7600, ASR9k, CRS, GSR 12k Series routers
• Implementing the necessary changes such as adding, moving and changing as per the requirements of business lines in a data center environment.
• Configure BGP features such as as-override, Local pre, EBGP load sharing on client connections
• Configured and resolved various OSPF issues in an OSPF multi area environment between multiple branch routers.
• Working with Juniper JUNOS on M and MX series routers.
• Providing daily network support for national wide area network consisting of MPLS, VPN and point-to-point site.
• Configuring HSRP between the 3845 router pairs of Gateway redundancy for the client desktops.
• Configuring GLBP, VLAN Trunking 802.1Q, STP, Port security on Catalyst 6500 switches.
• Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tunings AS-path
• Hand on experience the configuration and implementation of various Cisco Routers and L2 Switches.
• Designed and implemented VLAN using Cisco switch catalyst 1900, 2900, 5000 & 6000 series.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Built site-to-site IPSec VPNs over Frame-relay & MPLS circuits on various models of Cisco routers to facilitate adding new business partners to new and existing infrastructures.
• Analyzed customer application and bandwidth requirements, ordered hardware and circuits, and built cost-effective network solutions to accommodate customer requirements and project scope.
• Configured routers and coordinated with LD Carriers and LECs to turn-up new WAN circuits. Configuring, Maintaining the Routers and Switches and Implementation of RIP, EIGRP, OSPF, BGP routing protocols and trouble shooting.
• Possess good experience in configuring and troubleshooting WAN technologies like MPLS, T1, T3, DS3 and ISDN.
• Worked with Load balancing device like F5 Big-IP local traffic manager (LTM) 1600
• Responsible for implementing QOS parameter on switching configuration.
• Involved in Design and Implementation of complex networks related to extranet clients.
• Knowledge and experience of 802.11 a/b/g/n Ethernet standard for wireless Technology.
• Worked with other team members in testing of the network architecture.
• Troubleshooting the Network Routing protocols (BGP, EIGRP and OSPF) during the Migrations and new client connections.
• Manage operational monitoring of equipment capacity/utilization and evaluate the need for upgrades; develop methods for gathering data needed to monitor hardware, software, and communications network performance.
• Worked towards the key areas of the project to meet SLA’s and to ensure business continuity. Involved in meetings with engineering teams to prepare the configurations according to the requirement.
• Creating change tickets according to the scheduled network changes and implementing the changes.

Environment: Cisco 3750/3550/3500/2960 switches and Cisco 3640/12000 /7200/3845/3600/2800 routers, Cisco ASA5510, Checkpoint, F5 Load Balancer Cisco Nexus7K/5K, Checkpoint, Cisco ASA

Confidential,  Englewood, CO

Sr Network Engineer

Responsibilities:

• Involved in implementation of trunking using Dot1Q, and ISL on Cisco Catalyst Switches.
• Involved in Local Area Network (LAN) design, troubleshooting, and maintenance as per company’s requirements.
• Worked with sniffing tools like Ethereal to analyze the network problems.
• Maintenance and troubleshooting of network connectivity problems using PING, Trace Route.
• Performed replacements of failed hardware and upgraded software.
• Configured VLANS to isolate different departments.
• Troubleshoot issues related to VLAN, VLAN Trunking, HSRP failovers, related issues.
• Configured IPSEC VPN on SRX series firewalls.
• Used TFTP server to backup Cisco configuration files.
• Network layer tasks included configuration of IP Addressing using FLSM, VLSM for all applications and servers throughout the company.
• Performed scheduled Virus Checks & Updates on all Servers & Desktops.
• Implementing Routing using the following protocols; IS-IS, OSPF, BGP onJuniperM series routers.
• Design, installation and troubleshooting networks with hand-on experience with OSPF, ISIS, BGP, VPLS, Multicast, VPN, MPLS, & Traffic engineering.
• Configured VTP to manage VLAN database throughout the network for Inter-VLAN Routing.
• Worked in setting up Inter-VLAN routing, redistribution, access-lists and dynamic routing.
• Involved in configuring and implementing of Composite Network models consists of Cisco 2620 and, 1900 series routers and Cisco 2950, 3500 Series switches.
• Implemented various Switch Port Security features as per the company’s policy
• Configured RIP, and EIGRP on 2901 and 3925 Cisco routers.
• Provided technical support for expansion of the existing network architecture to incorporate new users.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500.
• Experience in Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions for ASA.

Environment: Cisco 3750/3550/3500/2960 switches and Cisco 3640/12000 /7200/3845/3600/2800 routers, Cisco ASA5510, Checkpoint, F5 Load Balancer Cisco Nexus7K/5K,Checkpoint,Cisco ASA, Nexus 5k and 7k, NX-OS, Meraki, BIG-IP, LTM/GTM, ADC, Citrix NetScaler, Juniper EX4600, EX3400, EX4300, ACX1000, JunOS, Infoblox, DNS, DHCP, Web Application firewall (WAF), POP3, HTTP, NNTP, ICMP, SNMP, FTP, SSH, Wireshark, NAC, Cisco ACE 4710, OSPF, Frame Relay, MPLS, BGP,VLAN, IPSec, QOS,RIP.

Confidential

Network Engineer

Responsibilities:

• Used TFTP server to backup Cisco configuration files.
• Provided technical support for expansion of the existing network architecture to incorporate new users.
• Network layer tasks included configuration of IP Addressing usingFLSM,VLSMfor all applications and servers throughout the company
• Configured STP for loop prevention onCisco Catalyst Switches
• Configured VTP to manage VLAN database throughout the network for Inter-VLANRouting.
• Worked in setting up inter-vlan routing, redistribution, access-lists and dynamic routing.
• Involved in configuring and implementing of Composite Network models consists of Cisco 2620 and, 1900 series routers and Cisco 2950, 3500 Series switches.
• Implemented various Switch Port Security features as per the company’s policy
• ConfiguredVLANSto isolate different departments.
• ConfiguredIPSEC VPNonSRXseries firewalls
• Design, installation and troubleshooting networks with hand-on experience with OSPF, BGP, VPLS, Multicast, VPN, MPLS, & Traffic engineering.
• Involved in implementation of trunking using Dot1Q, and ISL on Cisco Catalyst Switches
• Worked with snipping tools like Ethereal (Wireshark) to analyze the network problems.
• Maintenance and troubleshooting of network connectivity problems using PING, Trace Route.
• Performed replacements of failed hardware and upgraded software
• Performed scheduled Virus Checks & Updates on all Servers & Desktops.
• Implementing Routing and Switching using the following protocols;OSPF, BGPonJuniperM series routers.
• Involved inLocal Area Network (LAN) implementation, troubleshooting, and maintenance as per company’s requirements.

Environment: Cisco 3750, 2950 series switches, Cisco 2620, 1900 series routers, VLAN’s, 802.1Q Trunking, HSRP, Sniffing Tools: Ethereal, Wireshark, Routing Protocols: OSPF, BGP. TFTP Server