Engineer Project Manager
Resume:
Salman
Sr. Network Engineer
acvqy2@r.postjobfree.com
SUMMARY:
* ***** ** ********* ***** on experience in Network and Security engineering and Network Infrastructure.
Strong understanding and experience of Firewall on various platforms.
Managing and implementing remote firewall for State agencies using NSM, SPACE, SmartDashboard and CSM.
Configuration of new juniper SRX firewall for remote site implementation.
Configuring & Managing LAN, WAN, VPN and Firewall of Juniper MX Routers for End Users
Worked closely with the customer to suggest the need of firewall rules, help them design the request.
Configuration remote access VPN and site-site VPN on Juniper platforms.
Configuration and troubleshooting on Juniper SRX via Juno space JA2500.
Configuration VPN, Firewall rules on SRX series firewalls.
Configuration, troubleshooting Checkpoint Firewall using R77.
Configuring Site-Site VPN on Checkpoint Firewall with R77 GAIA.
Implemented Checkpoint FW Interface, NAT and VLAN using R77 GAIA SmartDashboard.
Implement & troubleshooting of Juniper switches, routers and Firewalls.
Worked on L2 and L3 Protocols and troubleshooting experience with network equipment and network protocols including IP, L2, L3 protocols.
Installing and configuring of Cisco L2 & L3 Switches.
Implementation of Wireless access over LAN.
Hands on experience in linux, VM ware .
Planned and implemented network designs, including WAN, LAN, MPLS.
Knowledge in Bash shell scripting, Perl, Python, Ruby
Responsible for service request tickets generated by the helpdesk in all phase such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.
Deep understanding of TCP/IP and OSI Model.
Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST.
Configuration and implementation of Cisco Firewall PIX/ASA
Efficient in Routing Protocols and Understanding of OSI model.
Good concept on subnetting of IPV4 addresses.
Experienced with various dynamic and static network protocols RIP, OSPF, EIGRP, HSRP, VRRP, BGP, VLAN, Spanning Tree, Frame-relay, MPLS, and IPsec VPN.
Worked extensively on Cisco Router and Switches.
Worked closely with application team on troubleshooting the issues.
Good understanding of security infrastructure including Antivirus, Encryption, DLP, SIM, IDS and IPS
Hands on experience with packet sniffer, TCP DUMP and wireshark for packet monitoring.
Configuring & Managing LAN, WAN, VPN and Firewall of Juniper MX Routers for End Users
Basic knowledge of CISCO ACE and F5 Load Balancers.
Basic knowledge of VMware NSX.
Basic knowledge of PlaoAlto firewalls and Panorama centralized management.
Communicating and managing relationship with external & internal customers and ensuring customer satisfaction of service delivery in accordance to their quality & consistency of State of Work & Service Level Agreements.
Knowledge in Documenting and preparing the Process related Operational Manuals.
Ensuring network availability, vendor management, fault management
Strong general management, negotiation, inter-personal, communication and team building skills.
CERTIFICATIONS:
Cisco Certified Network Assistant (CCNA)
Cisco Certified Network Professional (CCNP)
TECHNICAL SKILLS:
Load Balancer BigIP 2000, 4000, 5000, 7000 series, F5 LTM 8900, 6400, 6800, GTM and 3-DNS
Firewalls Checkpoint GAIA, R72, R75, R77.20; Cisco ASA 5505, 5510, 5550; Palo Alto firewalls,
Juniper ISG 1000/2000
Switches Cisco Catalyst 2900, 3500, 4500, 6500 series, Nexus 7000, 5000, 2000 & NX-OS, Cat
OS, IOS, juniper QFX1008s and QFX5100-48S
Routers Cisco 1750, 1800, 2500, 2600, 2800, 3800, 3900 &7200 series with IOS, IOS-XE &IOS-
XR, Juniper MX480s and MX104s
Routing OSPF, EIGRP, BGP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static
Routing
Switching VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switching,
Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging, and Data
Center Switching
LAN/Features Ethernet, Fast Ethernet, Gigabit Ethernet, 10 Gigabit, 40 Gigabit Ethernet, HSRP, GLBP,
VRRP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP and FTP
AAA Architecture TACACS+, RADIUS, Cisco ACS, LDAP
Network Tools Wire shark, Fiddler, Solar Winds, and Cisco Works
PROFESSIONAL EXPERIENCE:
United Health Group, Las Vegas, NV Dec 2014 to Present
Sr. Network Engineer
Responsibilities:
Strong experience in Networking, including hands-on experience in providing network support, installation and analysis for a broad range of LAN/WAN communication systems.
Expertise in installing, configuring and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 series).
Managed corporate Checkpoint smart console R77, R75.20 and R75.40 implementing security rules, experience on using Smart Dashboard, Smart view Tracker to mitigate network attacks.
Writing MOPS for Decommissioning Ports, adding new Firewall rules, adding Vlan Trunks.
Configuration of Palo Alto firewalls for remote site implementation.
Migration of servers from one datacenter to another, providing switch connections to the new servers, updating Check point Firewall rules for the new servers, F5 to A10 load balancers Migration.
Strong knowledge of Cisco and Juniper software, Nortel (IOS/XR and JunOS) and hardware
Creating new nodes and Pools in F5 load balancers to support newly added servers in Layer 3 environment.
Expert Level Knowledge about TCP/IP, Spanning-tree, and OSI models.
Involved in the Team of Data Center Operations to perform duties like administration and monitoring of Cisco Routers and Switches according to the organization requirements.
Configuring and implementing Remote Access Solution: IPsec VPN, Anyconnect VPN and SSL VPN.
Implementation of Wireless access over LAN
Planned and implemented network designs, including WAN, LAN, MPLS.
Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
Troubleshooting issues related to L2 protocols - VLAN, STP, RSTP and IGMP Snooping. L3 protocols - RIP, OSPF, BGP, IPv4, IPv6, TCP/IP, DHCP, DNS, Multicast, 1/10 GB, Ethernet & SNMP.
Cisco Nexus 7000, 5000 series installation and configuration, implementation with Port channel
and troubleshooting in a TCP/IP OSPF environment.
Developing and maintaining Network Documentation with Visio diagrams, Excel spreadsheets, Word documents, etc.….
Assisted in creating network design standards for hardware and software. Experience with various Ticketing systems such as Remedy, USD and creating work orders with citrix web applications
Involved in Network Designing, Routing, DNS, and IP Subnetting, TCP/IP protocol.
In-depth knowledge and hands-on experience on IP Addressing, Subnetting, VLSM and ARP, reverse & proxy ARP, Ping Concepts
Worked with Cisco Catalyst 6500, 4500, 3750, and 3560, 2960 switches and Cisco 2800, 3600, 3800, 7200, 7600 and ASR series Routers.
Involved in the team for designing and Configured Nexus 7000/5000/2000 in Top of Rack & End of Row Architecture for a Scalable Production Network that supports Rack & Blade server architecture in a Multi-Tenancy environment using VPC, VDC & VRF
Experienced in Configuring/Troubleshooting Routing Protocols EIGRP/OSPF/BGP/RIP.
Installed and Configured A10 (AX2500) load balancer as SLB for various application in backend.
Troubleshoot layer1, layer2 and layer3 technologies for customer escalations.
IP Allocation & Maintenance for users and other needs throughout company.
MasterCard, O’Fallon MO Oct 2012 to Nov 2014
Senior Network Consultant
Responsibilities:
Performed migration of legacy Bigip and 3-DNS devices to newer version of LTM 8900 boxes
Major role in ATT MIS, GMIS, USP and VHO DNS network setup, implementing advanced features such as QOS, Load balancing using Brocade ADX10000, Alteon. Configuring named for the DNS.
Writing the Deployment Guides and MOPS for production network.
Implementing Multicast for the ATT CDN network. Configuration and troubleshooting of multicast protocols such as PIM-SM, PIM-DM, PIM-SSM.
Designed, built, and implemented Checkpoint R71 Firewall-1 VSX, with Provider-1 running on a Crossbeam X 45.
Implemented MPLS VPN (RFC 2547) Mechanisms on Cisco IOS and JUNOS.
Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550. This project also involved in configuring and testing EIGRP and BGP protocols.
Configuring and troubleshooting Edge and Core routers in MPLS domain. Implementing MP-BGP Session between PE Routers.
Excellent Ping test and Network Validation Test after Deployment of the Routers in the Network Design and deployment of Large scale SONET, MPLS, BGP network architecture design.
Worked on troubleshooting Production issues related to MPLS VPN involving PE configuration, PE-CE link issues such as routing protocol configuration, Layer1 / Layer2 issues, BGP4 address-family related issues, MP-BGP.
Implementing IPv6 for the ATT DNS network, and troubleshooting configuration and routing issues.
Troubleshooting issues related to STP, RSTP, VLANs and VTP trunking for maintaining Layer 2/3 Switching intact.
Configured Policy statements, Route-maps, Access-lists, Routing instances.
Manage vendor relations and placement of orders to support successful deployment of projects, both on the Edge and Core.
Ability to work independently and also as part of a team, following established guidelines.
Monitored and troubleshoot the protocols EIGRP, OSPF and MPLS
Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes, BGP route filtering policy problems, ORF etc.
Included Router and switch configuration VLANs (802.1q), STP, etc.
Configured and maintained Cisco catalyst switches with HSRP for redundancy and migration of existing infrastructure to GLBP for unequal load balancing in critical sites using weighted technique according to company policies.
Played important role in managing timelines during the deployment process of network assets (routers, cards, facilities, Fiber Drawers, etc.,) and integration.
Troubleshoot multi area OSPF and OSPF scale issues.
Configured and tested server features such as Response Rate Limiting, Response Policy Zone.
Participate in design authority and CAB meetings to review and approve load balancer configurations
Configured SSL Termination/offloading on the LTM boxes; Installed and renewing SSL certificates
Design and engineering Load balancing solutions for multi-tiered applications deployed across multiple data centers and DMZ security constructs
Applied iRules such as cookie persistency, SSL termination and SSL initiation, redirection of URL from http to https for application specific e-commerce technology
Migrated legacy 3-DNS wider ip's to GTM sync groups
Troubleshoot and resolve load balancers related sev1 and sev2 incidents
Design and implement GTM wider ip's including required topology and dns setup
Work with technical project manager and business teams to design virtual server, pool, lb methods
Implement and configure http, https profiles, ecv health monitors
Provide rotational on-call engineer services to resolve sev1 and sev2 incidents
CITI Group, NYC NY Aug 2011 to Oct 2012
F5 Load Balancer Engineer
Responsibilities:
Performed migration of legacy Bigip and 3-DNS devices to newer version of LTM 8900 boxes
Participate in design authority and CAB meetings to review and approve load balancer configurations
Configured SSL Termination/offloading on the LTM boxes; Installed and renewing SSL certificates
Design and engineering Load balancing solutions for multi-tiered applications deployed across multiple data centers and DMZ security constructs
Applied iRules such as cookie persistency, SSL termination and SSL initiation, redirection of URL from http to https for application specific e-commerce technology
Migrated legacy 3-DNS wider ip's to GTM sync groups
Troubleshoot and resolve load balancers related sev1 and sev2 incidents
Design and implement GTM wider ip's including required topology and dns setup
Work with technical project manager and business teams to design virtual server, pool, lb methods
Implement and configure http, https profiles, ecv health monitors
Provide rotational on-call engineer services to resolve sev1 and sev2 incidents
Cognizant, India, Jun 2008 to Aug 2011
Network Engineer
Responsibilities:
Setup, configuration, troubleshooting and testing of IPSEC site-to-site VPNs and SSL VPN on Cisco ASAs, Checkpoint and Juniper Firewalls
Ensure network availability and integrity through preventive maintenance and upgrade
Configure and support NATs, access-lists, and routing on Cisco routers Cisco ASA/PIX firewalls, routers and switches
Network Operations and support by providing Tier-2 and Tier-3 support to WAN and LAN related issues including HSRP, VLANs, VTP, STP, RSTP, TRUNKING, SPAN and RSPAN, EIGRP, RIP, OSPF, BGP.
Stacked, configured 2960 series switches and connected with Nexus 7000 series switches creating Vpc, spanning tree, Trunk and redundancy for failover.
Monitored and analyzed Intrusion Detection Systems (IDS) & Intrusion Prevention System (IPS) to identify security issues for remediation.
Supported core network consisting of Cisco 7200 series routers running multi area OSPF. Implemented stub/Totally stub areas as per requirements.
Implemented IP addressing, Subnetting, Route summarization and Distribution
Configured Routing protocols such as VLANs, VTP, STP, MSTP, VRRP and HSRP
Configured STP for switching loop prevention, and VLANs for data and voice along with configuring port security for users connecting to the switches.
Negotiate VPN tunnels using IPSec encryption standards and also configured and implemented site to site VPN and remote VPN
Configured NATs, ACL and routing on Cisco routers, firewalls, and layer 2 & layer 3 switches.
Configured policy based routing for specific traffic, route filtering with route maps and route redistribution.
Implemented Network monitoring tools Wireshark and ManageEngine IT360.
Configured and implemented TACACS+ and Radius for network authentication
Contact this candidate