Name: Jaya Prakash P
Cell Phone: 859-***-****
Email: **************@*****.***
SUMMARY
Network Engineer with 8 years of diverse experience in implementing, testing, optimizing, maintaining and troubleshooting Enterprise Network & Security infrastructures
Extensive experience working with Firewalls, Switches, Routers, load balancers, VoIP and wireless technologies of different vendors
Strong hands-on experience on Cisco Catalyst (series 3850, 3560, 4500, 6500), Cisco Nexus (series 2K, 5K, 7K), Cisco Routers (series 7300, 4000, 3800, ASR 9000), ASA Firewall (5505/5550-X), Firepower (4100), Load Balancers (citrix NetScaler, Cisco ACE, F5 BIG-IP LTM/GTM ASM), IDS/IPS (HIDS, NIDS, NIPS, HIPS), Fire eye, Splunk, Palo Alto Networks Firewalls (PA-820, series PA-3K, 5K), Checkpoint IP Appliances (NXG R60, R70, 3100, 5900)
Proficient in monitoring and managing networks using SolarWinds Netflow Traffic Analyzer, Network Performance Monitor (NPM), Network Configuration Manager (NCM); Cisco Prime, Security Device Manager (SDM), CiscoWorks; Infoblox, HP OpenView and Wireshark
Extensive experience in implementing, managing and troubleshooting IP addressing and VLSM subnetting, NAT, Routing protocols (RIP, EIGRP, OSPF, BGP), First Hop redundancy protocols (HSRP, GLBP and VRRP) on Layer 3; VLANs, Standard and Extended ACLs, VTP, WLANs, EtherChannel, STP, RSTP, and MST on Layer 2 technologies
Configured and maintained Quality of Service (QoS) protocols (SIP, SRTP, SDP, IAX) on VoIP along with PBX servers, VoIP Gateways and Cloud based PBX servers
Expertise in installing, configuring and troubleshooting Juniper Switches (series EX3300, EX4200, EX4600), Juniper Routers (series J, M and T) and Juniper series SRX Firewalls
In-Depth Knowledge and experience of various wireless 802.11 standards, controllers, Access Points, Wi-Fi analytics from various vendors (Cisco Meraki, HPE /Aruba, D-Link and Netgear)
Experience of managing Tier II ISP Routing Policies, FT1/T1, FT3/T3, SONET, OCx / STMx IOAs, Metro Ethernet (MANs)
Preparing reports and drawing network diagrams using Office Suite and Microsoft Visio
Knowledge of Cisco Meraki Cloud managed Switches (MS250, MS350, MS410) and SD-WAN (MX 65, MX100, MX400)
Virtualization Experience: VMware Workstation, vCenter server, VMotion, vSphere, ESXi hypervisor
Experience in installing, configuring and managing AAA Authentication servers RADIUS & TACAS+, DNS and DHCP servers and management by means of Infoblox and Active Directory Database
Working experience with off-shore teams, NOC and SOC to resolve elevated issues immediately
Configured and implemented VDC, VPC, and OTV on Nexus 7K and 5K
Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/VPN-1
Implemented and maintained Sourcefire intrusion detection/ prevention (IDS/IPS) system and hardened protection standards on firewall for enterprise network to protect sensitive corporate data and enabled IDS/IPS signatures on Firewall for Fine-tuning of TCP and UDP services
Experience in troubleshooting, maintaining and integrating on F5 Big-IP LTM/GTM load balancing and Application Security Manager(ASM)
Deployed, Managed, monitored and supported Bluecoat Proxy for content filtering, internet access between sites and VPN client users, forward proxy scenario and reverse proxy scenario for security and also worked on adding URL’s in Bluecoat Proxy SG’s for URL filtering
A motivated dynamic team player with excellent communication skills, resiliency and enthusiasm
CERTIFICATIONS
CCNA – Cisco Certified Network Associate
CCNP – Cisco Certified Network Professional
RHCSA and RHCE Certified.
TECHNICAL SKILLS
Router and VoIP Platforms
Cisco Routers series 7300, 4000, 3800, 2000, 1900; Juniper T4000, MX10, MX40, ACX2200, ACX5000; OnSIP, Avaya products, cisco IP phones
Routing Fundamentals and Protocols
Routed and Routing protocols RIP, EIGRP, IS-IS, OSPF, BGP, IPX; MPLS, IPv4 and IPv6 addressing, subnetting, VLSM, Static routing, ICMP, ARP, HSRP, VRRP, Route Filtering, Multicast, 802.11, Policy Based Routing, Redistribution, Port forwarding
Switch Platforms
Cisco Catalyst series 2960, series 3560, 3850, 4500, 6500, 7000; Nexus series 2K,
5K, 7K; Nortel/Avaya 5510, 5520; Juniper EX3300, EX4600, EX4300, EX3400
Switching Fundamentals and Protocols
Ethernet technologies, LAN networks, MAC, VLAN and VTP, STP, PVST+, Multicast,
RSTP, Multi-Layer Switching, 802.1Q, EtherChannel, PAgP, LACP, CDP, HDLC, RARP
Firewall Platforms
Juniper Netscreen 6500, 6000, 5400, Juniper SSG, SRX5600, SRX5800, CheckPoint (NGX R65, 3100, 5100, 5900), Cisco Firewalls (ASA 5505, 5506-X, 5585), Palo Alto Networks (PA series 2K, 3K and 5K), WAF
Security Protocols
Standard and Extended ACLs, IPsec, VPN, Port-security, SSH, SSL, IKE, AAA, Prefix-lists, Zone-Based Firewalls, NAT/PAT, HIPAA standards, Ingress & Egress Firewall Design, Content Filtering, Load Balancing, IDS/IPS, URL Filtering, L2F, IDS, TCP Intercept, Router Security, SNMP trap
Network Management and Monitoring
Wireshark, Infoblox, HP OpenView, Cisco Prime, Security Device Manager (SDM), CiscoWorks; TCP Dump and Sniffer; SolarWinds Netflow Traffic Analyzer, Network Performance Monitor (NPM), Network Configuration Manager (NCM)
Load Balancers
F-5 (BIG-IP) LTM 2000, 3900, 6400, 6800, AV 510, citrix NetScaler
WAN technologies
Frame-Relay, ISDN, ATM, MPLS, PPP, DS1, DS3, OC3, T1 /T3 lines, SONET
Installation:
Kick-start config, network (nfs/ftp/http) install.
Servers:
DNS, DHCP, Apache, NFS, SAMBA, FTP,SSH, SQUID, etc
Disk & file system Management
Partitioning tools (fdisk), File system management (ext3 & ext4), file system utilities (e2fsck, tune2fs), LVM-extending file system in LVM, mount & unmount of file systems.
Securing System Services and Network
Securing service using TCP-wrapper & Securing network using Net filter (IP-tables)
Cloud Computing and Automation
AWS, Microsoft Azure, Cisco Meraki, C#, Python scripting, Ansible, Cloud Migration
Other Networking Protocols and Fundamentals
DHCP and DNS server, Active Directory Management, NTP, NDP, TCP, UDP, FCP, Network Implementation, Troubleshooting techniques, NHRP, NetBIOS, NFS, FTP, TFTP, HTTP, PAP, PPTP, SIP Trunking, SNMP logging, BitTorrent, SMTP, RADIUS and TACAS+, PBX servers, SDN, SAN
Operating Systems
Windows 10/7/XP, MAC OS, Windows Server 2012R2/2008/2003, Linux, UNIX
Wireless Technologies
Canopy Wireless Devices, D-Link Point-to-point Wireless, D-Link APs, CISCO 1200 series APs, Aruba wireless and APs, Cisco Meraki, Linksys Wireless/Wi-Fi Routers
PROFESSIONAL EXPERIENCE
Bank of America, Charlotte NC Sep 2016 – Nov 2017
Senior Network Engineer
Responsibilities:
Played a principle role in configuring and implementing composite Network models consisting of Cisco 7300, 4000, 3800, ASR 9000 series routers and Cisco catalyst 3850, 3560, 4500, 6500 series switches
Designed and Implemented plan for migration from existing Catalyst switches to Nexus and configured NX-OS Virtual Port Channels, Nexus port profiles, Nexus VPC peer links on Nexus 5k and 7k
Acquitted with Cisco Meraki for Cisco Wireless devices
Monitoring, managing and troubleshooting Cisco Wireless devices using Cisco Meraki
Supported and executed migration to F5 BIG-IP LTM/GTM ADC Appliances from Citrix NetScaler
Implemented and upgraded Networks using OSPF and BGP based routing protocols and prepared flow charts and utilization monitoring reports
Worked with Cisco ASA 5500-X with Firepower services, Firepower 4100 and Palo-alto Next-Gen PA-5000 Firewalls implementing and managing NAT, IPsec, site-to-site and remote VPNs, advanced inspection, anti-spoofing and AAA policies
Participated in the installation, configuration, and post installation routine operational tasks and configuration of the Cisco Nexus Switches
Designed integrated 10 gigabit networks using Cisco Nexus 7k series switches and Cisco 6500, 3800 series routers improving performance of existing network
Monitored, Managed and hardened security policies and rules on checkpoint NGX firewalls
Worked with JunOS maintaining Juniper EX4600, EX3400, EX4300 series switches and ACX1000 router to maintain some sites and stations
Used Python scripting for network sniffing and managed parameters for pool of servers and updated, automated and migrated different services and software by means of Ansible
Maintained and Supported Multiprotocol Label Switching (MPLS) on WAN network
Worked with Host Master for shared web hosting and managed Web Application firewall (WAF), DNS and DHCP management using Infoblox and Analyzed networks using Wireshark
Intensive applications of Network automation tools and testing for network automation and configuration management using Ansible, Python scripting
Provided assistance in redundancy mechanisms for multi homed Border Gateway Protocol (BGP) network by tuning AS-path for various network segments
Improved Quality of Service (QoS) by defining LSPs on MPLS to meet specific service level agreements (SLAs) on traffic latency, jitter, packet loss and downtime
Performed Load balancing using F5 BIG-IP LTM ADC 6400, Cisco ACE 4710 Load balancers
Managed RTP, RTSP, FTP, DNS, HTTP, DHCP Application Level Gateways, services and servers whenever needed
Implemented Virtual Router Redundancy Protocol (VRRP) by tuning priority levels, preemption parameters, Authentication and object tracking
Configured policy based routing for BGP for complex network systems and configured Multiprotocol Label Switching (MPLS) VPN with OSPF implementation on the client end
Tuned BGP internal and external peers with manipulation of attributes such as metric, origin and local preferences
Worked with Nagios for monitoring of network services (SMTP, POP3, HTTP, NNTP, ICMP, SNMP, FTP, SSH)
Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network
Provided full visibility and notification of authorized and unauthorized network access with integration of CISCO ASA and NAC solutions.
Environment: Cisco Routers series 7300, 4000, 3800, ASR 9000, Cisco catalyst series 3850, 3560, 4500, 6500 and Nexus 2k, 5k, 7K; Juniper switches EX4600, EX3400, EX4300 and ACX1000 router, Cisco ASA 5500-X, Firepower 4100, Palo-alto Next-Gen PA-5000, PAN-OS, Infoblox, Routing Protocols OSPF, BGP; VPNs, MPLS, VRRP, Big-IP F5 LTM/GTM & ASM, IDS/IPS, Ansible, Python scripting, Wireshark, PowerShell, Cisco Works, MS Visio
MetTel, New York City, NY Jan 2015 – Aug 2016
Senior Network Engineer
Responsibilities:
Worked, managed and maintained LAN networks, VLANs and database, Port Security on Nortel 5510, 5520; Cisco Catalyst 3850, 4500 and 6500 switches and implemented VDC, VPC, and OTV on Nexus 5k and 7k switches
Configured and troubleshot OSPF, BGP, VRRP, Static routes on cisco 2900, 3800, 4000 Routers
Contributed in implementation and configuration of F5 BIG-IP LTM-6400 load balancers, redistribution into OSPF on the core ASA firewall
Made security policies in F5 Application Security Manager (ASM) and made iRules in Local traffic manager
Configured IP addressing scheme and coordinated with LAN/WAN engineers to develop and implement various security policies
Worked with Juniper SRX550 and Palo-alto Next-Gen PA-5000 Firewalls implementing and managing NAT, IPsec, site-to-site and remote VPNs, advanced inspection, anti-spoofing and AAA policies
Designed and implemented Aruba wireless infrastructure to ensure full connectivity and continuous service
Played an important role in a team by implementing and documenting Switching Topologies, VLAN management, Port security, Trucking protocols, STP configuration, Inter-VLAN routing, 802.1x port based authentication, LAN security and preparing Microsoft Visio reports and designs
Monitored network and provided analysis, improvement scopes and support using various monitoring tools such as Wireshark, SolarWinds Performance Monitor and coordinated with off-shore support teams to ensure flawless operations
Ensured availability and integrity of Network, System and Data through preventive maintenance and upgrade plans and implementations
Supported OSPF and BGP powered network by resolving Tier 3 and Tier 4 tickets for internal teams & external clients of all locations
Coordinated with a team to upgrade network by changing primary routing protocol to OSPF from EIGRP and Participated in the modification of BGP from multiple MPLS powered routers
Installed, configured and managed DNS and DHCP server, and Active Directory database
Provided Troubleshooting for IP conflict, DHCP, NAT, VPN and other security related tickets
Defined and configured Group policies, Organizational Units, Security policies, NAT and anti-spoofing for internal, external networks and gateways and also configured VPN policies and connection for employees to access servers
Implemented VoIP solutions using SIP & H.323 for Cisco routers 2851 and also practiced sound knowledge of Avaya VoIP products
Configured and managed with Aruba/cisco wireless access points 205 series supporting 802.11 ac
Set Aruba Access to link distribution switch system and then to WLAN controller
Worked hand-in-hand with different vendors for company products, solutions and performance
Configuring Virtual Device Context in Nexus 7010 and Worked on Network support, implementation related internal projects for establishing connectivity between the various field offices and data centers
Took responsibility for Cisco ASA 5500 firewall monitoring, Rule Analysis and Modification
Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network
Environment: Nortel 5510, 5520; Cisco Catalyst series 3850, 4500, 6500; Nexus 2k, 5k, 7k; VMware vSphere 6, cisco routers 2900, 3800, 4000; Juniper SRX550, Palo-alto Next-Gen PA-5000; Routing Protocols EIGRP, OSPF, BGP; VPNs, MPLS, Avaya telephony, VoIP, Wireless APs, Big-IP F5 LTM 6400 Load Balancer & Application Security Manager, citrix NetScaler, Wireshark, SolarWinds, Infoblox, Splunk
Aurora Health Care, Milwaukee WI Jul 2013 – Nov 2014
Network Engineer
Responsibilities:
Played an important role in migration to F5 LTM load Balancer from Cisco ACE load balancer in data center environment and performed basic and advanced F5 load balancer configurations including migrating configurations from Cisco ACE to F5, and testing and general troubleshooting of the F5 load balancers
Worked with Cisco Nexus 2148 Fabric Extenders and Nexus 7010, 5000 series switches to provide a Flexible Access Solution for datacenter access architecture
Remediated IPSO Versions and Checkpoint SW to target version of IPSO 6.1 Build 38 from Checkpoint R65 Build 63 and implemented remediation in Running in Active/Active Cluster mode into VRRP High Availability environments
Monitored and managed networks using CiscoWorks tools and Wireshark
Configured Frame-Relay, ISDN, ATM, load balancing switches and also configured IPX/SPX, HDLC, PPP, BGP, EIGRP, OSPF and VRRP on various sites
Extended support on access layer, distribution layer and core layer device of IBM as assigned
Worked on moving strategies for data center between different locations, and from Cisco 6500 based data center to both Cisco 6500 & Nexus based data center
Daily switching ticket resolving included VTP, ISL/ 802.1Q, IPSec and GRE Tunneling, VLANs, Ether Channel, Trunking, Port Security, STP and RSTP
Managed network security by working on NAT/PAT, ACL, and ASA/PIX Firewalls and convert PIX rules over to the Cisco ASA solution
Successfully installed Palo Alto PA-3060 firewalls to protects Data Center and provided L3 support for routers/switches/firewalls and Site-to-Site VPNs, 3DES, AES/AES-256 with PIX Firewalls
Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate Authority for purpose of scaling and also worked with MP-BGP and MPLS LDP protocols
Health check and automated IOS and script updates applied via voyance application
Configured, Deployed, and Troubleshot Greenville Health System's Wireless Network utilizing Cisco WCS, wireless and conducted health check for Network devices involving upgrading IOS on every quarter after checking the vulnerability of IOS and reviewing the configurations
Worked on NNMI, Infoblox, e-health monitoring tools
Successfully implemented EOL project alias 'End of life equipment' assigned as per IBM guidelines in live environment
Environment: Cisco ACE, cisco Nexus 2k/5k/7k, IPS/IDS, SolarWinds, CiscoWorks, Frame-Relay, cisco 6500/3700/7200 routers, PA- 3060 firewalls, VPN tunnels, OSPF, EIGRP, BGP, MPLS, LDP, Cloud based Pbx servers, Infoblox, EOL, windows server 2012R2, Active Directory
Reliance JIO Infocomm, India Mar 2011 – Jun 2013
Network Security Engineer
Responsibilities:
Security infrastructure engineering and worked on various platforms such as Microsoft Windows, UNIX, Juniper firewalls, Palo Alto firewalls, Bluecoat Proxies, Juniper Intrusion Prevention devices, and wireless switch security management to maintain the network infrastructure
Administered and evaluated firewall access control requests to ensure that requests are compliant with client's security standards and policies
Configurated and supported of Juniper Netscreen firewalls and Palo Alto firewalls
Successfully installed Palo Alto PA-3060 firewall and configured and provided troubleshooting using CLI and worked with Panorama management tool to manage all Palo Alto firewall and network from central location
Implemented Zone-Based Firewalls and Security Rules on the Palo Alto Firewalls and administered the same allowing and denying specific traffic and to monitor user usage for malicious activity and future QoS standards
Created and analyzed reports on firewall logs and made required changes
Maintained Checkpoint security policies including NAT, VPN, and Secure Remote access, Configured IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls
Configuring, Monitoring, troubleshooting Cisco Wireless Access points and Wireless controllers using Cisco Meraki’s user interface
Configured Juniper Netscreen Firewall Policies between secure zones using Network Security Manager (NSM)
Participated in Configuration of Palo Alto Next-Generation Firewall to create security profiles and VSYS based on client topologies and Palo Alto Networks 5050 application firewalls (NGFW)
Consulted in Palo Alto design and installation for Application, URL filtering, Threat Prevention and Data Filtering
Maintained and updated Active Directory database for authentication and deployment purposes
Configured and troubleshot F5 LTM 3900, 6800 for different applications and monitored and created reports on availability
Participated in deployment of data center LAN and worked Nexus 7k, 5k, 2k switches
Involved in migration projects, which involved replacing legacy devices to new Nexus devices and introduced VPCs in the new architecture
Worked on Nexus platform 7k series, 5K series (5548, 5020 and 5010), 2248 and successfully implemented VSS on the Cisco catalyst switches for a client
Used FireEye to detect attacks through common attack vectors such as emails and webs
Learned and developed skills in working and planning migration to Check Point and Palo Alto next-generation firewalls from existing legacy firewalls
Managed successful delivery of massive security response portfolio including Splunk and Cisco ISE
Implemented and administered Websense Web Security Gateway for web content filtering and DLP and improved network and system security through setup and ongoing maintenance of Riverbed IPS and FireEye
Worked primarily as a part of the security team and daily tasks included firewall rule analysis, rule modification, and administration
Installation, configuration and Maintenance of Dedicate server’s (Web Server, Mail Server, Proxy Server) using Remote Administration, manage packages, apply security patches, analyze network traffic to identify performance and resource utilization problems, IP management, giving technical support by attending technical call directly as well as through e-mail, troubleshooting/installation procedures
Configuring/Maintaining the NFS Server/Client, Mail Server, DNS, DHCP, FTP, Apache
Supported proactive maintenance on systems by timely upgrading Patches to the systems and applications, Scheduling batch jobs and cron jobs
Created and managed Logical Volumes and File Systems Redhat Linux
Verification of the built servers
Upgraded Kernel for RHEL
Installed and configured NetBackup/Tivoli System Manager Tool on Linux/Unix servers to backup Filesystem on Operating System level
Co-ordinated work with Network, Storage and Database teams on critical application failure issues.
Maintain monitoring (Sensu, Icinga/Nagios, ELK) tools and automation systems.
Perform live migration from one host to another host.
Environment: Netscreen, Juniper SRX5400, SRX5600, and SRX5800 and Palo Alto PA-3060 & 5050 Firewalls, Bluecoat Proxies, IDS/IPS, VoIP gateways, wireless Aps, Pbx servers, Fire eye, Juniper IPD, Juniper NSM, Panorama, Nexus 2K, 5K, 7K; Splunk, Cisco ISE, Websense, Solar Winds
Wipro, India Sep 2009 – Feb 2011
Network Engineer
Responsibilities:
Provided support to Cisco network consisting of a high speed, high availability core over five campuses with more than 2000 cisco devices by performing onsite installations, technical administration, upgrades and troubleshooting
Provided support for complex layer 2, layer 3 issues and other services (STP, VLAN, IPsec, VPN, NAT, MPLS, BGP, EIGRP, OSPF)
Worked with US based support team to troubleshoot and maintain servers and network OPs
Participated in L2/L3 Switching Technology Administration, creating and managing VLANs, Port security, Trunking, STP, Inter-Vlan routing, LAN security and server management
Worked on RADIUS, TACACS+ authentication serves and DNS, DHCP servers
Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms
Monitored network for optimum traffic distribution and load balancing using Solar winds
Completed service requests on IP readdressing, bandwidth upgrades, IOS/platform upgrades
Worked on cisco routers series 7200, 6500, 4500, 1700, 2600 and 3500 series to perform bridging, switching, routing, Ethernet, NAT, and DHCP, customer LAN /WAN support
Experience with SQL for extracting the data from SQL database, related to network issues
Worked extensively on Cisco ASA 5500 (5510/5540) Series
Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation
Experience working with Active Directory (as a centralized system) to automate network security management and user data
Worked with Aruba Access point as a Public Wi-Fi and successfully implemented Wireless Access Point (WAP)
Experienced in working with Session Initiation Protocol (SIP) Trunking for voice over IP (VoIP) to facilitate the connection of a Private Branch Exchange (PBX) to the Internet
Good Understanding and Knowledge of components and experience with Cisco UCS administration. Experience with x86 / x64 Intel, HP, Dell & CISCO UCS hardware like rack-mounted and blade servers
Experience in Server building both physical & virtual, troubleshooting, capacity planning, application monitoring, patch management, password and security management.
Experience and implementation of services like NFS, SSH, DNS, DHCP, LDAP, APACHE.
Experience working with Apache & IIS web servers.
Ability to provide 24x7 support, resolve complex issues and perform in a fast-paced environment
Environment: Cisco catalyst 2960/3750/4500/6500 switches, Linux, Cisco 2800/2900/3000 ISR routers, cisco VoIP, cisco 3640/9000/7200/3845/3600/2800 routers, SQL, Cisco ASA 5505, Juniper Ex switches, Active Directory, Juniper ACX series routers, Windows Server 2003/2008, ACLs, SIP, RIP, OSPF, MPLS, BGP, EIGRP, Wi-Fi, WLANs, Aps, MacAfee, WAN, WAP, IDS, IPS, Aruba WLAN, VPN
Education:
B. Tech Computer Science and Engineering,Hyderabad, India