Sr Network Engineer
Resume:
Jitendra G
Sr Network Engineer
908-***-**** ac47aq@r.postjobfree.com
Professional Summary:
Over 8 years of experience in providing solutions, implementation, configuration and troubleshooting of Cisco Routers and switches, fine tuning of firewalls, VPN configuration, troubleshooting network related problems in Enterprise Network.
Experience in configuring Cisco switches and Cisco routers and F5 Load Balancers. Experience with various LAN and WAN technologies and protocols like: - TCP/IP, VLAN, VTP, STP, EIGRP, OSPF, BGP, IKE/IPsec VPNs, NAT and access list.
Knowledge and experience on Protocols such as TCP/IP, SNMP, ICMP, NAT, PAT, Firewall technologies including general configuration, security policy, rules creation and modification of cisco ASA and Palo Alto.
Experience in addressing Cisco infrastructure issues, monitoring, debugging like routing, WAN outages, Network Hardware/Software failure, configuration and performance issues.
Practical experience in DNS, DHCP, Group policy, Replication, Active directory domain trust relationship.
Worked on F5 LTM series like 6400, 6800 for the corporate applications and their availability. Configuring, Administering and troubleshooting the Palo Alto firewall.
Also proficient in handling Network Monitoring tools and Packet capture tools, technical documentation and presentation tools and also has excellent analytical, organizational, problem solving & resolution skills.
Configuring and troubleshooting CISCO catalyst 6509, 7609, 7613 with Supervisor cards, Cisco 3640, Cisco GSR 12416, 21418. Strong knowledge of Network Access Control Server, RSA SecurID two-factor authentication, digital certificates & logging.
Extensive experience in designing and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls. Implement/Maintain a Juniper Environment of 600 data collection units across USA.
Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST. Implementation of HSRP, VRRP for Default Gateway Redundancy.
Experience in testing cisco routers and switches in laboratory and deploy them on site production. In-depth knowledge and hands-on experience in IP Subletting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3, Firewalls.
Adept in preparing Technical Documentation and presentations using Microsoft VISIO/Office. Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
Experience with Palo Alto Networks Next Gen firewalls. Installing and configuring FWSM and ACE modules on Cisco 6509 distribution switches.
Implemented firewalls using Cisco ASA, Cisco PIX, Check Point Provider-1 /SiteManager-1 NGX R65, Firewall-1/VPN-1 NGX R65 Gateways, Secure Platforms. Migration of all the PIX firewalls to ASA firewalls.
Configuring, Administering and troubleshooting the Checkpoint, Palo Alto, Imperva and ASA firewall
Technical Skills:
Cisco routers
2600, 2941, 2960,3600, 3750, 7200, 7609, 12K and CRS-1
Cisco switches
Cisco 3550, 3750, 45XX, 65XX series
Switching
LAN, VTP, STP, PVST+, RSTP, Inter VLAN routing & Multi-Layer Switch, Multicast operations, Layer 3 Switches, Ether channels, MPLS
Network Routing Protocols
OSPF, EIGRP, BGP, VRRP, HSRP, Policy Based Routing, Route Filtering, Redistribution, Summarization, Static Routing
Security
ACL, IPsec, VPN, Port-security, Zone-Based Firewalls, NAT/PAT, Ingress & Egress Firewall Design, VPN Configuration, Internet Content Filtering, Load Balancing, IDS/IPS, URL Filtering
Load Balancer
F5 Networks (Big-IP), ACE
IP Services
L2VPN, L3VPN, VPLS, QOS
WAN
Frame Relay, ISDN, PPP, MPLS, exposure to DS1, DS3, OC3, OC12,
T1 /T3
Network Management
SNMP, Cisco works LMS, Cisco MWTM, ALU 5620 SAM
Reports
Microsoft Visio, Microsoft Excel, Microsoft Word
Operating Systems
Windows 2000/2003, 7, Linux
Professional Experience
Ameriprise Financial, Minneapolis MN Aug 2016 – Present
Sr. Network Operations Engineer
Responsibilities:
Configured, deployed and managed firepower/Sourcefire and legacy IPS (Intrusion Prevention System) across Ameriprise Environment.
Worked on upgrades for Legacy IPS and Sourcefire IPS from first version 5.3.1 to newest version 6.1. Worked on migration project from Palo alto IPS to Firepower IPS for guest wireless.
Troubleshooting and provided solutions that would fix the problems for Legacy and Sourcefire IPS modules.
Design, Deploy and installation wireless controller (2500) and access points high profiled site at One world trade center, NY.
Worked on wireless controller upgrade 5508 and involved in cisco Prime infrastructure upgrade as well. Dealt with 3650,3750 and 3850 stack and wan router ASR 1001, 1002, 1001-X, 1002-X upgrades across all the datacenters at Ameriprise networks and Nexus 5k upgrades as well. Upgraded VPN headend and involved Cisco ACS server upgrade.
Responsible for configuring standard configuration and DMVPN tunnel phase 3 branch routers like 2951, 2911, 3925,800,4331 Moreover, involved ISR router upgrades and replaced ISR 4331 routers because of the clock signal component failure.
Involved in major project as part of bug fixes and vulnerabilities we upgraded Next generation ASA firewalls like 5515-X, 5525-X, 5545-X, 5585-X.
Worked as lead engineer for VPN performance to identify client bandwidth issues and worked for VPN bandwidth capacity planning for Super bowl event. Responsible for troubleshooting network and firewall problems, specifically Palo Alto and Cisco ASA’s.
Responsible for the implementation, organization and operation of Palo Alto Firewalls based on perimeter security network (PA-5020, PA-5050). Create and maintain documentation of standards, best practices for supported technologies.
Provide communication on project status direct to Project Managers in alignment with the defined and agreed upon service level agreement. I was responsible for setting up lab devices for testing purpose and performed lot of device testing before its implemented into production.
As part of SOC2 audit documentation, I am responsible to provide evidence for controls. Worked QOS standardization across the network and troubleshooting video pixilation issues between sites.
Worked on NETMRI Infoblox network automation tool to identify standard configuration on routers and switches using Regex and CCS scripting.
Worked closely with cisco for scrub version recommendations on weekly basis to make sure Ameriprise networks are not vulnerable. Testing and migration of corporate Internet Zscaler tunnel from Washington node and Denver node.
Manage day-to-day networking engineering and support. Log work and track service problem tickets in centralized ticket tool (service now). Good team player capable of working independently or with other network engineers.
Environment: ASA Firewalls (5515-X, 5525-X, 5545-X, 5585-X), Palo Alto (PA-5020, PA-5050), Sourcefire/Firepower IPS, Legacy IPS, Cisco Wireless Controller, VPN bandwidth, Zscaler tunnel testing, Infoblox, Netmri, QOS, GRE tunnel testing, ASR and ISR (ASR 1001, 1002, 1001-X, 1002-X, ISR 4331), Catalyst switches (3650, 3750, 3850, and 6500), Nexus 5K and 2K.
AT&T, Dallas TX Jul 2014 – July 2016
Sr. Network Engineer
Responsibilities:
Manage all Network and Firewall devices to include Cisco routers, switches, SSLs, VPNs, Checkpoint as well as content delivery networks (Citrix Netscaler, F5 BigIP LTM and GTM load balancers)
Work with the following routing/switching protocols: BGP, OSPF, EIGRP, HSRP, VRRP, GLBP, VTP, 802.1d, and 802.1q, ISL, VLAN’s and Port-Channels.
Configure switch ports connecting to the WAN and LAN networks with separate subnets and VLAN’s, Experience with Checkpoint Firewall policy provisioning. Configuring OSPF as the Routing Protocol between PE and CE routers. Worked on MPLS enabled Backbone
Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5K and 7K.
Experience working with design and deployment of MPLS Layer 3 VPN cloud, involving VRF, Route Distinguisher(RD), Route Target(RT), Label Distribution Protocol (LDP) & MP-BGP
Implemented Access lists and policy mapping on Juniper router installed in each branch across all the states.
Performed circuit provisioning. Coordinated with engineering team and onsite technician for remote configuration of Cisco routers, switches, monitoring the cable design
Verify the VLAN ID’s are allowed through Unicast filter in MSS in case of troubleshooting, Configured OSPF, MPLS, BFD, QoS, creating VC/VP’s and assigning traffic parameters per the target profile Verification, Validation, Monitoring and Documentation after every day’s work by checking KPI
Tracked customer network at NOC 24x7, prepared forecasts of network traffic and capacity, and recommend modifications to the network configurations which reduce costs or improve quality of service
Troubleshooting problems on a day to day basis & providing solutions that would fix the problems within their Network Preparing various project reports for identifying areas of obstruction, conducting troubleshooting to rectify the network.
Ensuring execution of preventive maintenance of networks, including schedules maintenance to ensure trouble free and seamless operations.
Environment: F5 Big-IP, Citrix netscaler, QOS, MPLS, Cisco Wireless Controller, Switch/Route protocols (OPSF, BGP, FHRP), Checkpoint R77, Catalyst switches (3650, 3750, 3850, and 6500), Nexus 7K, 5K and 2K.
Inovalon, Bowie, MD Dec 2013 – Jun 2014
Sr. Network Engineer
Responsibilities:
Troubleshooting firewall and ACL related connectivity issues.
Designing, Installation and configuration on Checkpoint, ASA, and Juniper Firewalls.
They improve the overall performance of applications by decreasing the burden on servers associated with managing and maintaining application and network sessions, as well as by performing application-specific tasks using F-5 load balancer.
Develop and maintain network configuration, documentation, industry best standards and practices.
Work closely with the base personnel to ensure all network devices are monitored properly.
Designing, Installation and configuration of ACL's and firewall Filters on Cisco and Juniper Routers.
Configuring IPsec VPN connections, encryption algorithms & VPN domains on checkpoint R75.
Working Troubleshooting with the TCP dumps and wire shark.
Configuring, troubleshooting and managing secure web content gateways and filters like Blue Coat and Websense.
Worked on Active Directory to add users to new groups and change user's policy as well on RSA 2 Factor, AAA & Radius.
Working on Cisco ACS to authorize users based on protocols PEAP and EAP-TLS, also manage and monitor user's access privileges.
Immediate troubleshooting of the alerts and applying a fix individually or escalating it to different teams for the quick resolution of the alerts without letting any Data Center and/or Servers down.
Working and completing different types of ticketing tools like JIRA, CM, SC and SR with SLA time period.
Creating Security operation procedure manuals for different security operations for future reference and training purposes.
Preparing document manuals for the new work procedure, keeping records of work done and updating work logs and trackers.
Promoting team work by helping peers in daily work and improve the entire productivity output
Environment: F5 Big-IP, Check point R75, ASA (ASA-5515, 5525, 5545), Juniper SRX firewalls, Cisco ACS, TCP dump and wireshark, site to site and IPSEC VPN tunnels, Switch/Route protocols (OPSF, BGP, FHRP), Websense, AAA and radius.
Bosch, Owatonna, MN Dec 2012 – Nov 2013
Network Engineer
Responsibilities:
Responsible for managing activities, Upgrading IOS – Upgrading hardware and installing new devices, tuning (Configuration), make standardization for the topology Configured, installed, & managed DHCP, DNS, & WINS servers
Experience with LAN protocols like STP, RSTP, VTP, VLAN and Port Channel Protocols like LACP, PAGP
Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500 with ACL, NAT, Object Groups, Failover.
Experience working with migration from 6500 series devices to 4500 Series switches in Campus deployments at Core, Distribution and Access Layers.
Responsible for Cisco ASA firewall administration across our global networks.
Migration of existing IPSEC VPN tunnels from one Data Center to another Data Center, due to decom
of existing Data Center, which involved working with Partner Companies.
Experience with converting WAN routing from EIGRP/OSPF to BGP (OSPF is used for local routing only) which also involved converting from Point to point circuits to MPLS circuits.
Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trucking, deployed port security when possible for user ports
Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN
Implement and configured VRRP/GLBP (on distro/core switching), HSRP on different location of office on the switched network and managing the entire multilayer switched network
Experience in Configuring, upgrading and verifying NX-OS operation system with OSPF, BGP
Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP
Implemented Site-to-Site VPNs over the internet utilizing 3DES, AES/AES-256 with ASA Firewalls
Environment: STP, RSTP, VTP, VLAN, DNS, ASA (ASA-5515, 5525,5545), Catalyst (4500 and 6500), Ether channels, Firewall policy administration, patch upgrades, HSRP, VRRP, NX-OS, site to site and IPSEC VPN tunnels, Switch/Route protocols (OPSF, BGP, FHRP), Websense, AAA and radius.
Honeywell, India Aug 2009 – Nov 2012
Network Engineer
Responsibilities:
Expertise level 1 in the implementation of analysis, optimization, troubleshooting and documentation of LAN/WAN networking systems.
Configured and troubleshoot OSPF and EIGRP.
Planning and configuring the routing protocols such as OSPF, RIP, and Static Routing on the routers.
WAN Infrastructure running OSPF & BGP as core routing protocol.
Support various Routers like 2600/3600/7200 series routers.
Tested authentication in OSPF and BGP.
Performed and technically documented various test results on the lab tests conducted.
Hands on Experience working with security issue like applying ACL’s, configuring NAT and VPN
Responsible for Internal and external accounts and, managing LAN/WAN and checking for Security
Work on different connection medium like Fiber and Copper Connectivity.
Knowledge of Juniper environment including SRX/Junos Space.
Installed and configured Cisco ASA 5500 series firewall and configured remote access IPSEC VPN on Cisco ASA 5500 series
Responsible for Configuring SITE_TO_SITE VPN on VPN Concentrators series between Head office and Branch office.
Environment: Switch/Route protocols (OSPF, EIGRP, RIP), Routers (2600/3600/7200), IPSEC VPN, site to site VPN, ASA Software upgrades, Juniper SRX firewall, Firewall NAT.
Contact this candidate