Post Job Free
Sign in

Network Engineer Security

Location:
Chicago, IL
Posted:
December 01, 2017

Contact this candidate

Resume:

Venkatesh

Sr. Network Engineer

Ph: 908-***-****

Email: *********.*********@*****.***

Professional Summary:

Around 8 years of experience in Cisco/Juniper Networking, Security which includes designing, Deployment and providing network support, installation, and analysis for a broad range of LAN / WAN protocols.

Extensive work experience with Cisco Routers, Cisco Switches, Load Balancers, and Firewalls.

Experience in physical cabling, IP addressing and Subnetting with VLSM, configuring and supporting TCP/IP, DNS, installing and configuring proxies

Hands on experience in configuring Cisco Catalyst 2960, 3750, 4500, 6500 and Nexus 3000, 5000, 6000, 7000 series switches and Cisco 2600, 2800, 3600, 7600, 7200series routers.

Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card. (module) for the Nexus 5000.

Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 7010, 5000 series to provide a Flexible Access Solution for a datacenter access architecture

Experience in testing Cisco routers and switches in laboratory and deploy them on site production.

Hands On experience Cisco IOS/IOS-XR/NX-OS, Juniper JUNOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS.

Good knowledge of OSI Model and TCP/IP networking standards with protocols such as SNMP, FTP, ICMP and IPv6

Implemented redundancy with HSRP, VRRP, GLBP, Ether channel technology (LACP, PAgP) etc.

Involved in implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST.

Configuring Virtual Chassis for Juniper switches EX-4200, Firewalls SRX-210

Implemented and configured Palo Alto Networks Firewall models, Cisco PIX (506E/515E/525), ASA Firewall (5505/5510), Juniper SSG series Firewalls, Checkpoint R75, 76 Firewalls, Security Device Manager (SDM) and centralized management system to manage large scale firewall deployments.

Responsible for Check Point (Secure Platform R70) and Cisco ASA firewall administration across global networks.

Experience in implementation of TACACS+, RADIUS in Access Control Network.

Worked extensively in Configuring and Monitoring F5 BIG-IP load balancer, Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.

Experience with F5 load balancers (LTM, GTM, ASM, APM Modules) for load balancing and network traffic management for business applications.

Involved in troubleshooting of DNS, DHCP and other IP conflict problems.

Experienced working on network monitoring and analysis tools like SOLAR WINDS, Gigamon, CISCO works, RIVER BED, NetScout, ArcSight Logger and Wireshark.

Working knowledge of routing protocols for voice: VoIP, IPSEC, Multicast, MPLS, DSCP/QoS, Cisco IOS and Wireless security protocols (I.E. 802.1x, EAP, WPA2).

Experience in Wireless LAN (IEEE 802.11) and deployment of light weight access point, monitoring wireless networks and performing site surveys.

Hands on Experience with Cisco Wireless Controllers 5500's and 2500's and coming to access points, worked on 3700's, 3500's and 1142 access points.

Involved in complete LAN, WAN development (including IP address planning, designing, installation, configuration, testing, maintenance etc.).

Troubleshooting complex multi-vendor network issues in the LAN and WAN networks

Management of Client VPN (IPSEC and SSL), Site-to-Site VPN, and MPLS networks worldwide.

Experience with 802.11x wireless technology.

Experience as team member to work on Datacenter migration to Amazon Web Services (AWS) infrastructure and provided support to Applications and Database teams.

Ability to Install, Manage Troubleshoot Large Networks Systems Administration on Windows & Linux platforms in Development, Lab & Production Environments.

Configuring the Network Admission Control (NAC).

Hands on Experience testing iRules using Browser(IE), HTTP watch

Excellent Customer management/resolution, problem solving, debugging skills and capable of quickly learning, effectively analyzes results, and implement and delivering solutions as an individual and as part of a team.

Technical Skills:

Cisco Routers

Cisco1800, 2500, 2600, 2800, 3600, 3750, 3800, 7200, ASR 1K and 9K.

Cisco Switches

6500, 7600, 5800, 2900, 4000, 3500, 4500, 5000, Nexus 2K, 3K, 5K and 7K, MSFC, MSFC2.

Cisco Nexus

5020, 5548, 5596T, 2148, 2248TP, 2348UPQ, 7010, 7702

Juniper

EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240

Networking Technologies

LAN Technologies: Ethernet, Fast Ethernet, and Gigabit Ethernet, SMTP, VLAN, Inter-VLAN Routing, VTP, STP, RSTP, Light weight access point, WLC.

WAN Technologies: Frame Relay, PPP, HDLC, (E1/T1/E3T3), DS3, OC192.

Operating Systems

Windows 7, Vista, XP, 2000, LINUX, Cisco IOS, IOS XR, NX-OS

Network Security

Cisco ASA, Firepower, ACL, IPSEC.

Routing Protocols

OSPF, EIGRP, BGP, ISIS, VRF, PBR, Route Filtering, Redistribution, Summarization, and Static Routing.

Gateway Load Balancing

HSRP, VRRP, GLBP, EBGP

Various Features / Services

IOS and Features, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP and FTP.

Network Management Tools

Wireshark, Netflow Analyzer, Cisco Works, Ethereal, SNMP, HP open view, ArcSight.

Load Balancers

Cisco CSM, F5 Networks (BIG-IP) LTM 8900, BIG-IP GTM 6800, Cisco ACE 4710.

Firewalls

juniper net screen (500/5200), Juniper SRX (650/3600), Pix (525/535), ASA (5520/5550/5580), McAfee Web Gateway, Checkpoint, Palo Alto firewalls.

AAA Architecture

TACACS+, RADIUS, Cisco ACS

Programming Languages

C, C++, Perl, Power Shell, Python

Professional Experience

United Airlines, Elk Grove Village, IL Aug 15 - Present

Sr. Network Engineer

Responsibilities:

Experience with configuring Cisco 6500 VSS in Distribution layer of the Data center network

Configuration and Administration of Cisco and Juniper Routers and Switches

Performed Configuration on ASR 9K Pairs includes HSRP, Bundle Ethernet Configuration, Assigning DHCP profiles

Experience working with Nexus 7010, 5548, 5596, 2148, 2248 devices.

Deploying and decommission of VLANs on core ASR 9K, Nexus 9K, 7K, 5K and its downstream devices and also configure 2k, 3k, 7k series Routers

Experience configuring VPC (Virtual Port Channel), VDC (Virtual Device Context) in Nexus 7010/7018

Experience with configuring FCOE using Cisco nexus 5548

Configured Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000 to connect servers and storage devices.

Experience with setting up MPLS Layer 3 VPN cloud in data center and also working with BGP WAN towards customer

Work with Load Balancing team to build connectivity to production and disaster recovery servers through F5 Big IP LTM load balancers.

Experience on F5 LTMs & GTMs to improve web application delivery speed and replication through and between distributed global data centers.

Worked on F5 Enterprise Manager 3.1 version to manage multiple F5 LTM devices from single-pane view.

Worked on F5 LTM/GTM, Big-IP, load balancing, iRules, and WAN acceleration.

Configure and troubleshoot Juniper EX series switches and routers

Migrated to Juniper EX series switches from Cisco 3500 series and 6500 series switches

Experience with moving data center from one location to another location, from 6500 based data centers to Nexus based data center

Well Experienced in configuring protocols HSRP, GLBP, ICMP, IGMP, PPP, PAP, CHAP, and SNMP.

Installation and Configuration of Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy It also includes the configuration of port channel between core switches and server distribution switches

Implemented changes on switches, routers, load balancers (F5 and CSS), wireless devices per engineer’s instructions and troubleshooting any related issues

Switching tasks include VTP, ISL/ 802.1q, IP Sec and GRE Tunneling, VLANs, Ether Channel, Trucking, Port Security, STP and RSTP.

Experience in installing and configuring DNS, DHCP servers.

Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IP Sec/GRE to Get VPN.

Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trucking, deployed port security when possible for user ports

Strong hands on experience on Palo Alto Firewalls, ASA Firewalls and Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).

Involved in Configuration of Access lists (ACL) on ASA firewall to allow/block traffic in network

Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall, exposure to wild fire feature of Palo Alto and Supported Blue Coat Proxy in explicit mode for users trying to access Internet from Corp Network.

Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).

Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.

worked with the physical server migration to AWS data center

Implemented many number of security policy rules and NAT policy rules on Palo Alto, created Zones, Implemented Palo Alto Firewall interface, Palo Alto IDS and VLAN.

Creating and modifying Palo Alto Polices and Monitoring threats on firewalls.

Experience with communicating with different customers, IT teams in gathering the details for the project

State of Nevada, Carson City, NV Oct 13 – Jul 15

Sr. Network Engineer

Responsibilities:

Configure / Troubleshoot CISCO 9000, 7500, 3800 series routers and 3560 series switches for LAN/WAN connectivity.

Updated and installed CISCO IOS and Catalyst OS software on different Switches and Routers.

Involved in Configuring and deploying Cisco Catalyst 6513E, 6506, 4948E, 4510 switches and Cisco 3750, 3560, 2960, 2921, 2950 2911 series switches.

Involved in the activity of DATA-Center migration of regular Cisco catalyst switches with the new Nexus2148, 2224T, 5548, 6018, 7010 using F3/M3 line-cards with 10GE & 40GE interfaces and Supervisor 2E/2T.

Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks.

Hands on experience on VLAN tagging, optimization the policies, create and deploy the in-path-rules(WCCP/PBR) in riverbed steelhead technology.

Experience on deployment, troubleshot and find out the RCA for riverbed.

Created dedicated VLANs for Voice & Data with QOS for prioritizing VOICE over DATA.

Configured OSPF, MPLS, PWE3 circuits, BFD, QoS, creating VC/VP's and assigning traffic parameters according to the target profile

Performed wireless site surveys using industry standard tools such as Air Magnet and Cisco & Aruba Switches

Experienced in configuring Guest access using Aruba ClearPass and Web Authentication.

Involved in Troubleshooting for Layer 2 LAN technologies including Ethernet (Switched, FastE, GigE), Spanning-Tree, VLANs, VTP, and Trunking (802.1q) and Aruba Wireless platform.

Experience configuring VPC, VDC and ISSU software upgrade in Nexus 7010

Experience in Configuring, upgrading, and verifying NX-OS operation system with OSPF, BGP

Troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP, MPLS

Worked on configuration commissioning and upgradation of the MPLS circuits for various branch offices and disabling all unused ports and putting them in unused VLAN and ensuring DHCP

Experience with deploying PIM Sparse-mode/Dense-mode multicasting in Campus locations.

Serve as part of a team of network engineers responsible for base wide network upgrade from Cisco Layer 3 Catalyst switches to Juniper Layer 3 EX4200 & EX3200 switches.

Experience working with ASR 9000 series switches with IOS-XR

Provided Layer-3 redundancy by implementing HSRP and GLBP for High availability

Design and implement Catalyst/ASA Firewall Service Module for various LAN’s.

Involved in Configuration of Access lists (ACL) on checkpoint Firewall for the proper network routing for the B2B network connectivity.

Integrated Microsoft active directory (LDAP) into checkpoint for identify awareness and user authentication.

Experience in adding Rules and Monitoring Checkpoint Firewall traffic through Smart Dashboard and Smart View Tracker applications.

Upgraded all network devices for compatibility of integrating all Palo alto network with VMware NSX.

Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.

Configuring and monitoring IDS and IPS systems. Analyzing and correlating logs from firewalls, servers, IDS/IPS, and other network devices.

Provides management level reporting of firewall and Intrusion Protection System (IPS) activity on a periodic basis.

Involved in configuring Juniper SSG-140 and Check point firewall.

Implementation and Configuration (Profiles, I Rules) of F5 Big-IP LTM-6400 load balancers

Worked on troubleshooting issues on F5 LTM related to network, objects, servers and experience in rectifying issues related to F5 LTMs using F5 support services

Configured and managed F5 ASM (Application security manager) and developed security policies.

Monitored and responded to network anomalies utilizing Solar winds/Orion's software and recommended appropriate network solutions for issues.

Tested and verified continuity using SolarWinds Orion Monitoring tool.

Network Tools use to assist in performing network evaluation were SolarWinds engineering toolset, Wireshark, SSH Putty, SolarWinds Orion.

Use SolarWinds Orion to monitor the health of devices and their various links, reserve and activate static IPs on IPAM as requested by Server Area Network engineers and other systems engineers

Experience in Packet capturing, troubleshooting on network problems with Wireshark, identifying and fixing problems.

Working with different teams to gather info for the new request and troubleshoot for any connectivity issues by capturing traffic using TCPDUMP and smart view tracker.

Hitachi, Englewood, CO Jan 12 – Sep 13

Sr Network Engineer

Responsibilities:

Involved in implementation of trunking using Dot1Q, and ISL on Cisco Catalyst Switches.

Involved in Local Area Network (LAN) design, troubleshooting, and maintenance as per company’s requirements.

Enterprise Routing experience using protocols RIP, EIGRP, OSPF and BGP.

Experience in configuring protocols HSRP, VRRP, GLBP, ICMP, HDLC, & SNMP, configuring & troubleshooting routing protocols RIP v1/v2, EIGRP, OSPF, IS-IS, BGP & MPLS and installing & configuring DNS, DHCP server.

Configured and troubleshoot nexus 2k,5k,7k series of switches

Created and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS switching for stable VPNs.

Worked with snipping tools like Ethereal to analyze the network problems.

Maintenance and troubleshooting of network connectivity problems using PING, Trace Route.

Performed replacements of failed hardware and upgraded software.

Configured IPSEC VPN on SRX series firewalls.

Used TFTP server to backup Cisco configuration files.

Network layer tasks included configuration of IP Addressing using FLSM, VLSM for all applications and servers throughout the company.

Implementing Routing and Switching using the following protocols; IS-ISOSPG, BGP on Juniper M series routers.

Design, installation and troubleshooting networks with hand-on experience with OSPF, ISIS, BGP, VPLS, Multicast, VPN, MPLS, & Traffic engineering.

Worked in setting up Inter-VLAN routing, redistribution, access-lists and dynamic routing.

Involved in configuring and implementing of Composite Network models consists of Cisco 3750, 2620 and, 1900 series routers and Cisco 2950, 3500 Series switches.

Implemented various Switch Port Security features as per the company’s policy

Configured RIP, and EIGRP on 2901 and 3925 Cisco routers.

Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500.

Experience in Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions for ASA.

Created a static route from ASA to nexus 7k specific for subnets and from nexus to ASA created the default route to make nexus 7k live and active on to the network

Worked and working with Cisco ASA 5525, 5585-SSP-20 firewalls with current and demonstrated expertise with ACL security in a multi-VLAN environment.

Provided technical support for expansion of the existing network architecture to incorporate new users.

Wipro, India Apr 09 – Nov 11

Network Engineer

Responsibilities:

Used TFTP server to backup Cisco configuration files.

Network layer tasks included configuration of IP Addressing using FLSM, VLSM for all applications and servers throughout the company

Configured STP for loop prevention on Cisco Catalyst Switches

Configured VTP to manage VLAN database throughout the network for Inter-VLAN Routing.

Worked in setting up inter-VLAN routing, redistribution, access-lists and dynamic routing.

Involved in configuring and implementing of Composite Network models consists of Cisco 3750, 2620 and, 1900 series routers and Cisco 2950, 3500 Series switches.

Implemented various Switch Port Security features as per the company’s policy

Configured OSPF, and EIGRP on 2901 and 3925 Cisco routers.

Configured VLANS to isolate different departments

Troubleshoot issues related to VLAN, VLAN Trunking, HSRP failovers, related issues.

Configured IPSEC VPN on SRX series firewalls

Involved in implementation of trucking using Dot1Q, and ISL on Cisco Catalyst Switches

Worked with snipping tools like Ethereal (Wireshark) to analyze the network problems.

Performed scheduled Virus Checks & Updates on all Servers & Desktops.

Implementing Routing and Switching using the following protocols; OSPF, BGP on Juniper M series routers.

Involved in Local Area Network (LAN) implementation, troubleshooting, and maintenance as per company’s requirements.

Involved in L2/L3 Switching technology administration including creating and maintaining VLANs, Port security, Trunking, STP, Inter VLAN Routing, LAN security.

Hands-on experience in maintaining and troubleshooting RIP, OSPF and EIGRP routing protocols. Configured STP for loop prevention and VTP for Inter-VLAN Routing.

Experienced in implementation and troubleshooting knowledge of protocols and technologies. Configured Ether channels, Trunks, VLANs, HSRP in a LAN environment



Contact this candidate