Network Engineer Security
Harsha Nall
ac39r4@r.postjobfree.com
PROFFESSIONAL SUMMARY:
CCNP Certified Professional with 6 years of experience in routing, switching, firewall technologies, system design, implementation and troubleshooting of complex network systems.
Experience in site-to-site and remote access VPN solutions.
Managed Cisco routers and switches, including installations, upgrades, and configurations.
Designed and implemented Spine-and-Leaf Architecture (Cisco Nexus and Arista Switch) for Citigroup’s large-scale data centers.
Performed End-of-Life network devices tech refresh (Cisco Catalyst 4948 and 6509, Nexus 5k).
Experience working with Nexus 7010, 5020, 2148, 2248 devices.
Experience with F5 load balancers – LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
Worked extensively on Cisco Firewalls, Cisco PIX (506E/515E/525) and ASA 5500 (5510/5540) series.
Understanding of JUNOS platform and worked with IOS upgrade of Juniper devices.
Configured Cisco routers with protocols, such as OSPF, EIGRP, and BGP4.
In depth understanding of IPV4 and IPV6 and implementation of Subnetting.
Configured security policies including NAT, PAT, and VPN, Route-maps, Prefix lists and Access Control Lists.
Extensive experience in WAN Technologies, Switching Technologies along with Failover Mechanisms and Inter Vlan Routing types.
Switching tasks include VTP, ISL/802.1q, IPSec and GRE Tunneling, VLANs, Ether Channel, Trunking, Port Security, STP and RSTP.
Good knowledge with the technologies VPN, WLAN and Multicast.
Involved in designing and deploying various network security and High availability products like Cisco ASA and other security products.
Strong hands on experience in installing, configuring and troubleshooting of Cisco 7600, 7200, 3900, 3600, 2900, 2600, 2500 and 1800 series routers, Cisco Catalyst 6500, 4500, 3750, 2950 and 3500XL series switches.
Extensive experience in configuring and troubleshooting of protocols RIP v1/v2, EIGRP, OSPF, BGP and MPLS.
Worked on network topologies and configurations, TCP/IP, UDP, Frame Relay, Token Ring, ATM, bridges, routers, hubs, Switches, etc.
Familiar with HP Routers and Switches. Experience with HP servers DL 180, DL 380, ML 350.
Well experienced in configuring HSRP, GLBP, ICMP, PPP, PAP, CHAP and SNMP.
Experience in installing and configuring DNS, DHCP server.
Extensive Knowledge on the implementation of Cisco ASA 5500 series and checkpoint R 77 firewalls.
Excellent communication skills, enthusiastic, motivated and a team player.
A highly organized individual who adopts a systematic approach to problem solving, effectively analyzes results and implements solutions.
Highly motivated with the ability to work independently or as an integral part of a team and committed to highest levels of professional.
Experience with Change management process and Project documentation tools like Excel and VISIO.
PROFESSIONAL CERTIFICATION:
ITILv3 certified
Cisco CCNA certified
Cisco CCNP certified
Education Details:
Masters in Computer Science & Engineering
Bachelors in Computer Science
1
TECHNICAL SKILLS:
Security/Firewalls: Cisco ASA Firewalls 5580-20, Juniper SRX Firewall, IPSEC and SSL VPNs, IPS/IDS, DMZ Setup, CBAC, Cisco NAC, ACL, IOS Firewall features, IOS Setup and Security features.
Various Services: IOS and Features, NAT, SNMP, NTP, DHCP, CDP, DNS, TFTP and FTP Management.
Routing: OSPF, BGP, EIGRP, RIP-2, Route Filtering, Redistribution, Summarization, Static Routing
Switching: VLANs, VTP, STP, RSTP Inter VLAN routing and Multi-Layer Switching, Layer3 Switches, Ether channels, Dot1Q, HSRP, GLBP, CEF, DCEF and Port Security.
LAN: Ethernet, Fast Ethernet, Gigabit Ethernet, Ten Gigabit Ethernet, LAN emulation.
WAN: Leased lines (PPP/HDLC), channelized links (E1/T1/E3/T3/DS1/DS3), Fiber Optic circuits (OS3), Frame relay, ISDN.
AAA Architecture: TACACS+, RADIUS, Cisco ACS.
Firewalls: Checkpoint NGX, Cisco PIX, Cisco ASA.
Monitoring: Wireshark, Solar Winds NCM, Net Scout, TCP Dump.
PROFFESSIONAL EXPERIENCE:
Citigroup (Citi bank), Dallas, TX January 2017-Present
Network Engineer
Designed and implemented End of Life (EOL) Projects in North America Data Centers and upgrading EOL devices to Nexus 5K/6K/9K.
Implemented configurations and deployment instructions into Service Now, Citi’s change management system, and insure that all approvals and processes adhere to greenzones and complaint with Audit.
Performed installation and configuration of Cisco, Arista & Juniper devices.
Created and documented configurations and network diagram (MS Visio) for each project.
Provided redundancy to network connections, implemented hot standby routing protocol (HSRP) and Load sharing for effective utilization of routers.
Complete turnover documentation and updated all systems with the new install information. Clean up of the all legacy devices and insured all systems in the environment have been cleaned up. Generated test plans or scripts detailing network related configurations.
Design and deploy new clusters.
Configured Cisco routers with protocols, such as OSPF, EIGRP, and BGP4.
Provided expertise in WAN technologies including ATM, Frame Relay, and Point-to-Point circuits.
Provided expertise in IP and internet-related protocols.
Designed and implemented LAN/WAN network topology, equipment, & connectivity.
Managed Cisco routers and switches, including installations, upgrades, and configurations.
Assisted in performing network analysis, monitoring and troubleshooting.
Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches
worked extensively in upgrading and migrating End-of-Life devices (CatOS/IOS to Nexus).
Experience in implementing Routing protocols BGP, OSPF, EIGRP and RIP. Supporting customers with the configuration and maintenance of PIX and ASA firewall systems.
Assisting with various duties that all will arise including implementation, configuration, management, rules definition, problem solving, design advice, troubleshooting, updating, maintenance etc.
Maintaining redundancy on Cisco 2600, 2800 and 3600 router with HSRP.
Studying and analyzing client requirements to provide solutions for network design, configuration, administration and security.
Interacting with support services to reduce the downtime on leased lines.
Experience on Cisco switch configurations to interface with existing Enterasys network infrastructure.
Monitoring the operability and reliability of the network.
Maintenance and Troubleshooting of LAN connectivity problems using Ping, Trace route.
Configuration and troubleshooting of BGP, OSPF, EIGRP on Juniper MX960 routers/switches.
Involved in troubleshooting IP addressing issues and Updating IOS images using TFTP.
Experience with configuring OSPF on 7609 router.
Managed the IP address space using subnets and variable length subnet masks (VLSM).
Worked on project and coordinated with cabling vendors.
Involved in troubleshooting IP addressing issues and updating IOS images using TFTP.
Worked along with the team in ticketing issues.
Nabors, Houston, TX June 2014-Dec 2016
Network Engineer
Implementing the necessary changes such as adding, moving and changing as per the requirements of business lines in a data center environment.
Worked on troubleshooting tickets on OSPF and BGP routing issues.
Experience in implementing Routing protocols OSPF, BGP, MPLS.
Worked with the Technical Program Managers and delivered the projects on time.
Support to plan and execute LAN (VLAN Management) and WAN management activity.
Remediation of firewall rules from checkpoint firewalls to Cisco ASA firewalls and their implementation.
Managing and implementation of PORs (port open requests) based on the requirements of various departments and business lines.
Experience in Working with Juniper JUNOS operating system.
Experience in configuring and maintaining M and MX series routers.
Knowledge in working with F5 Load Balancers and their Implementation in various Networks.
Implementing and troubleshooting (on-call) IPsec VPNs for various business lines and making sure everything is in place.
Installing and configuring new cisco equipment including Cisco catalyst switches 6500, Nexus 7010, Nexus 5548 and Nexus 2k as per the requirement of the company.
Configured T1/E1 interfaces, OC3 ports, Port Licensing, MPLS transport file on ME 3800X and ME 3600X.
Design and configuring of OSPF, BGP on Juniper Routers (MX960) and SRX Firewalls(SRX240).
Worked primarily as a part of the security team and daily tasks included firewall rule analysis, rule modification and administration.
Adding and modifying the servers and infrastructure to the existing DMZ environments based on the requirements of various application platforms.
Working closely with Data center management to analyze the data center sites for cabling requirements of various network equipment.
24x7 on-call escalation support as part of the security operations team.
Working configuration of new VLANs and extension of existing VLANs on/to the necessary equipment to have connectivity between two different data centers.
Managing and providing support to various project teams with regards to the addition of new equipment such as routers, switches and firewalls to the DMZs.
Adding and removing checkpoint firewall policies based on the requirements of various project requirements.
Created and deployed different Python/C# scripts in the network.
Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of CheckPoint R65, R70, R75, R77 and Cisco ASA.
Experience with Checkpoint VSX, including virtual systems, routers and switches.
Established IPSec VPN tunnels between branch offices and headquarter using Cisco ASA Firewall.
Responsible for Checkpoint and Cisco firewall administration across global networks.
Performing network monitoring, providing analysis using various tools like Wireshark, Solarwinds and NetScout etc.
Supporting project test teams in analyzing the bandwidth utilization.
Regions Financial Corporation, Birmingham, AL Mar 2013– May 2014
Network Engineer
Responsibilities:
Working in high availability Nexus Environment and provide Level 3 Network Support.
Working on a broad range of topics such as routing and switching, dedicated voice access, planning and implementation, large-scale high-visibility outages, change management coordination, proactive monitoring and maintenance, disaster recovery exercise and core network repairs.
Configuring, upgrading and verifying the NX-OS operation system.
Planning, Designing & Implementing VPN connections using Checkpoint, ASA, Cisco PIX, and Cisco Routers using site-to-site VPN's.
Experience in implementing the Routing protocols EIGRP, OSPF, BGP and MPLS
Experience in troubleshooting the network issues.
Worked in L2 and L3 tickets/issues of routing protocols EIGRP, OSPF and BGP.
Providing Level 3 support to customers, resolving issues by attending to conference calls.
Providing Level 3 Engineering and Support to other internal network engineers.
Designing and installing new branch network systems. Resolving network issues, running test scripts and preparing network documentation.
Support network infrastructure including Cisco routers, switches, firewalls and security.
Translating Cisco IOS Route maps to Cisco IOS XR Routing policies.
Experience in configuring and maintaining the Nexus 9K,7K,5K and 3K.
Ensuring problems are satisfactorily resolved in a timely manner with focus in providing high level of support for all customers.
Establishing VPN Tunnels using IPsec encryption standards and also configuring and implementing site-to-site VPN, Remote VPN.
Experience in Working with Juniper JUNOS operating system.
Experience in configuring and maintaining M and MX series routers.
Providing daily network support for national wide area network consisting of MPLS, VPN and point-to-point site.
Hands-on experience of Python scripting, Automation using Python, string parsing, libraries, API's, and more.
Configuring HSRP between the 3845 router pairs of Gateway redundancy for the client desktops.
Configuring GLBP, VLAN Trunking 802.1Q, STP, Port security on Catalyst 6500 switches.
Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.
Migrated existing CheckPoint firewalls platform to Cisco ASA firewall.
Configuring, Monitoring and Troubleshooting Cisco’s ASA 5500/PIX security appliance, Failover DMZ zoning and configuring VLANs/routing/NATing with the firewalls as per the design.
Experience in Converting Cisco IOS to Cisco IOS XR configurations.
Configuring, maintaining and troubleshooting with Fortinet firewall and security.
Migrated VPN Tunnels from CheckPoint Firewall to Cisco Router.
Involved in Configuring Virtual Device Context in Nexus 7010.
Involved in Configuring multiple route reflectors within a cluster.
Involved in L2/L3 Switching technology administration including creating and maintaining VLANs, Port security, Trunking, STP, Inter Vlan Routing, LAN security.
Working on security levels with RADIUS, TACACS+.
Implemented firewall policy change on the Checkpoint clusters .
Monitor, improve, and support all aspects of network connectivity using Solarwinds
Verified and Validated the Firewall policy on Checkpoint R75 clusters for unused rule and helped consolidating rule.
Medco Health Solutions, Franklin Lake, NJ Jan 2012–Mar 2013 Network Engineer
Responsibilities:
Experience in working with F5 Load Balancers and their Implementation in various Networks.
Configuring various advanced features (Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital Certificates, Executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
Configuring various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
Checkpoint/ASA Firewall Management, including DMZ and Network Segmentation.
Converting CatOS to Cisco IOS Config Conversion on distribution layer switches
Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 5500(5510/5540) Series.
Worked On Unix, Linux, Windows Platforms and also involved in capacity planning of Network Maintenance.
Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPSec/GRE to GetVPN.
Configuring routing protocols OSPF, EIGRP, LDP and BGPV4.
Configuring Vlan’s, VTP’s, enabling trunks between switches.
Configuring VLANs with 802.1q tagging. Configuring Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
Configuring various Router interfaces like ATM interface, T3 & Channelized T1 interfaces
Configuring and troubleshooting CISCO catalyst 6509, 7609, 7613 with Supervisor cards, Cisco 3640, Cisco GSR 12416,21418(with PRP and RPR processors).
Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
Planning, Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions for ASA.
Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550.
Strong Knowledge of Configuring ARUBA access points(AP).
Excellent Troubleshooting Skills and Customer Centric approach.
Dealt with monitoring tools like (Solar Winds, Cisco Works), network packet capture tools like Wireshark.
Experience with design and implementation of Data center migration.
Data center migration was involved in Access, Distribution and Core layers.
Contact this candidate