Resume

Manager Engineer

Location:

Camp Hill, PA, 17011

Salary:

65k

Posted:

June 04, 2018

Contact this candidate

Resume:

Siva Kumar Mattam

Network Security Engineer

302-***-****

ac5q01@r.postjobfree.com

CCNA CERTIFIED professional with over around 3 years of experience in routing, switching, firewall technologies, systems design, administration and troubleshooting.

Exposure to LAN/WAN setup, installation, configuration and troubleshooting.

Experience of routing protocols like EIGRP, OSPF, RIP, BGP and IP addressing.

Experience in testing Cisco, Juniper & Mikrotik routers cum switches in laboratory scenarios and deploy on site for production.

Hands on experience in Installing and Configuring Brocade Switches ICX7150, 7450, 7750.

Configured syslog-ng for Splunk implementation, Familiar with monitoring tools such as Nagios and Splunk.

Strong experience in Network security using ASA Firewall, Checkpoint, Palo Alto, IDS/IPS and IPSEC/SSL VPN and implementing security rules.

Knowledge and experience on F5 load balancers and Cisco load balancers (CSS and ACE).

Excellent hands on Cisco ASA and checkpoint firewall to use multiple security levels and interfaces.

In Depth knowledge of all DNS RFC specifications.

Experience in working with Cisco Catalyst series 2900, 3560, 3750, 4500, 4900, 6500 Switches.

Experienced in Troubleshooting for connectivity and hardware problems on Cisco devices.

Hands on experience in configuring Cisco Nexus2232, 2248, 5548, 6001 and 7018(Sup 2E) and worked on nexus protocols VPC, VRF, VDC and FEX Links.

IOS/Juncos upgrade for Cisco & Juniper routers and switches.

Implementing, maintaining and troubleshooting switching tasks such as VLANs, VTP, VLAN Trucking using 802.1Q, STP, RSTP, PVST+, Ether channel using LACP and PAGP, Inter-Vlad routing, and CEF.

Experience in L2/L3 protocols like VLAN, STP, VTP, MPLS, 802.1Q protocols.

Good knowledge in WAN Technologies like ACL, NAT/ PAT, Ether Channels, IPSec VPNs.

Enhanced level of knowledge with, PPP, ATM, T1 /T3 Frame-Relay, MPLS.

Expertise in implementation and troubleshooting of FHRP protocols such HSRP, VRRP, GLBP, ACL.

Worked with Cisco, Palo Alto, Juniper, Splunk, Checkpoint, Scalar and other vendors to provide a stable, high-speed secure network.

Experience in working with Cisco 2800, 3600, 3800, 3900, 7200 7600 series Routers

Extensive knowledge in different networking protocols DHCP, DNS, FTP, VOIP (SIP, H.323)

Troubleshooting & implementation of VLAN, STP, MSTP, RSTP, PVST, 802.1Q, HSRP, VRRP, GLBP, LACP, PAGP, AAA, TACACS, RADIUS, MD5authentication, VTP & SVI.

Knowledge on complex Checkpoint, Cisco ASA & Palo Alto Firewalls Environment.

Experience working with Cisco IOS-XR on the ASR9000 devices for MPLS deployments

IOS/JUNOS upgrade for Cisco & Juniper routers cum switches.

Experience working with Nexus 7K, 5K and 2K.

Hands on Knowledge/experience on F5 load balancers, its methods, implementation and troubleshooting on LTMs and GTMs.

Experience in design, implementation, and support of F5’s Big-IP Access Policy Manager (APM) software component in a complex enterprise environment

Knowledge on F5’s BIG-IP Application security management and Edge Gateway Solution

Worked extensively on Palo Alto, Juniper Net screen.

Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, MPLS, QOS and ITIL.

In-depth knowledge of network communication technologies and techniques.

Technical Skills

Network Protocols

MPLS, VRF, VRRP, Policy Based Routing, Route Redistribution,

Static Routing, WCCP, VDC, MPLS, LDP, ISDN, PPP, VoIP, SIP, VTP, STP, RSTP, VLANs, 802.1q/ISL, CDP, LACP, OSPF, BGPv4, EIGRP, HSRP, RIPv2, VPC, VDC.

Cisco Router platforms

1841, 2611, 2621, 2800, 3600, 3845, 3900, 7206VXR

Cisco Switch Platforms

2900XL, 2950, 2960, 3500, 3550, 3560, 3760, 4500, 6500,

Nexus 9k 7k, 5k, 4k, 2k, 1k

Firewalls

Palo alto- 3020, 3060, 7500, 7050, Juniper (Net screen 5200,5400), Cisco ASA (5510,5520,5540,5550,5580),

FWSM, Checkpoint NGX R-55,R-60,R-65,

LAN Technologies

Ethernet, Fast Ethernet, Gigabit Ethernet, Port Channel, TCP/IP, Ether channel, VLSM, Cisco/Catalyst L2/L3 Switches, Wireless (802.11 a/b/g/n), Checkpoint, Juniper/Net screen/Cisco Firewalls

WAN Equipment

Cisco/Juniper Routers, Silver Peak NX-7xxx WAN Accelerators,

OC-192, OC-48, FRAME RELAY, PPP, T1/E1, HDLC, MPLS, DS3, Leased Lines, DSL Modems, ISDN(PRI/BRI)

Network Management Tools

Cisco Works, Silver peak GMS, RSA Security and operations

Console, VMware vSphere Client, TFTP, FTP, SSH.

Security Access Control/Policy

Cisco Secure ACS for Windows, RSA, AAA, TACACS+, Radius, MD5, IPsec, GRE, NAT/PAT, ACLs, Juniper SA SSLVPN w/DUO, SSLVPN

Operating Systems

Windows 2003, Windows 2008, Linux, Unix, Windows server 2012

Network Operating Systems

Cisco IOS, NX-OS, CATOS, Aruba, JUNOS.

Documentation Tools

Microsoft Office, Visio, Project, SharePoint.

Education:

Bachelor of Engineering in Electronics and Communications

Masters in Networking

Certifications :

Cisco Certified Network Associate (CCNA R&S)

Palo alto Accredited Configuration Engineer (ACE)

Client: American Tower Corporation, Cary, NC Sep 2017 to Present Role: Senior Network Security Engineer

Responsibilities:

Key Responsibilities:

Worked as a part of network team where my daily tasks included configuring, monitoring and troubleshooting of TCP/ IP networks.

Worked on installation, configuration of LAN/WAN Networks, Hardware, Software, and Telecommunication services: Cisco Routers and Switches

Managed Cisco call manager, Cisco Voice Mail Unity servers. Worked with in Cisco Routing and switching background w/QOS

Experienced in Configuring/Troubleshooting Dynamic Routing Protocols EIGRP, OSPF, IS-IS and BGP.

Worked on scripting/code language such as PowerShell, Shell, Python.

Experience on Writing software for configuration management systems (Puppet, Chef, Ansible) in production environments.

Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering). Configured and maintained IPSEC and SSL VPN's, Troubleshoot IAP (Internet Access Points) on Palo Alto Firewalls.

Successfully installed Palo AltoPA-3060 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.

Experience on Amazon Web Service Cloud environment EC2 Environments, EC2 Container Services, S3 Buckets, RDS, I&A Management, Route 53 and VPC Management & Configuration

Hands on experience with AWS ecosystem and environments

Experience configuring BGP, OSPF in Juniper devices like EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX650, SRX240 on advanced technologies like, MPLS VPNs, TE and other service provider technologies.

Managed AD Domain Controller, DNS and DHCP Servers and configurations

Responsible for the IPAM (IP Address management) system for a very large WAN/LAN network.

Expertise in configuring and troubleshooting of Palo Alto, SRX Firewalls and their implementation Experience in site-to-site and remote access VPN solutions.

Configured (L2 & L3) multi-vendor Routers, Ethernet switches and Load balancers (F5, A10 etc.) to meet application requirements and Project demands.

Implemented Firewall rules and Nat rules by generating methods of procedure (MOPs).

Experience with F5 load balancers and reverse proxy design and setup and Configured Virtual server, service groups, Session persistence, Health monitors and Load balancing methods in new F5 and A10 LTMs.

Configured WIDE IP and WIDE IP pool on F5 GTM’s to support load balancing between data centers.

Hands on Experience with modern development languages Python, Perl, and C++.

Experience on Applications: such as Exchange, E-Policy Orchestrator, Snort, Whats-Up-Gold, SQL Server, Symantec Mail Relay.

Worked on configuring the Nexus 5k Aggregation Switch and Nexus 2k Fabric Extenders.

Installed and Configured new Cisco equipment including Cisco catalyst switches 6500, Nexus 7010, Nexus 5548 and Nexus 2K

Experience in 802.11x wireless technology and RF spectrum analysis.

Experience in Wi-Fi network and knowledge of WiMAX and WAP

Handson experience with network protocols and routing, WLAN and VLAN, network, server, and host operating systems; IP networking, internet and intranet technologies; email, office automation and collaboration technologies; client operating systems, server hardware, software, and administration.

Worked on Infoblox to update the DNS host, Configuring NAT onto the Juniper SRX firewalls and a record to assist the part of the load balancer migration from F5 to A10.

Supported Operations team when complex changes are done by developing MOPs for network devices (routers, switches and A10 Load balancers) code upgrades, VLAN/IP migrations from old to new network topology without any service disruption.

Configured network using routing protocols such as RIPv2, OSPF and troubleshooting L2/L3 issues.

Regular upgrade and maintenance of Infrastructure, Installing, configuring, and maintaining Cisco Switches (2900, 3500,7600, 3700 series, 6500 series) Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800) Cisco Router and Switches, Juniper Routers and Firewalls, Nexus 7k,5k & 2k, f5 BIG IP, Palo Alto Firewalls.

Added and modified the servers and infrastructure to the existing DMZ environments based on the requirements of various application platforms.

Assist in creating network design standards for hardware and software. Developing and maintain Network Documentation (Visio diagrams, Excel spreadsheets, Word documents, etc.) Configure and troubleshoot network elements in a test/dev environment.

Worked on F5 GTM, AFM, ASM and other F5 components to protect against advanced DDoS attacks.

Deployed Infoblox Trinzic 800 device for DHCP

Experience on configuring, utilizing, monitoring/logging solutions for operations such as Nagios, Collectd, logstash, Kafka.

Designed, built, and deployed F5 Big IP load balancers (8900’s, Virions, Blades), F5 Big IP TCL, F5 Big IP TMOS, F5 Big IP LTM Local Traffic Manager, F5 DNS Domain Name Services

Worked on F5 TMOS version 11 and 12.

Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.

Experience on configuration of enterprise network security infrastructure monitoring devices including Snort-based IDSs, FireEye MPS systems, log aggregation systems, and security information and event managers (SIEM).

Provided Tier II Load Balancer expertise on F5 Big IP Local Traffic Managers (LTM). Designing F5solutions/support for migration work of applications and websites from Cisco CSS Load Balancers to the F5 Big IP Load Balancers.

Worked on large scale implementation and maintenance for SSH (Secure Shell), PKI/SSH, VPN, IPSEC Satan, ISS, TCP/IP Monitoring.

Environment: Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800), switches (6500/3750/3550 3500/2950), Nexus7K,5K &2K, Brocade switches (ICX-7150, 7450, 7750), F5 Load balancing (LTM, GTM, APM, AFM, ASM), EIGRP, RIP, OSPF, Voice Gateways, BGP, VPN, MPLS, Ether Channels, Cisco Catalyst Switches, Firewalls (Cisco ASA, Palo Alto), Mikrotik Routers CCR 1076, 1032, C++, Python, Shell.

Experience:

Client: Secure Network Solutions Inc, India Oct 2014 to Aug2015

Role: Network Engineer

Responsibilities:

Key Responsibilities:

Worked as a part of network team where my daily tasks included configuring, monitoring and troubleshooting of TCP/ IP networks.

Worked on installation, configuration of LAN/WAN Networks, Hardware, Software, and Telecommunication services: Cisco Routers and Switches.

Managed Cisco call manager, Cisco Voice Mail Unity servers. Worked with in Cisco Routing and switching background w/QOS.

Facilitating the automated collection, Analyzing, alerting, auditing, reporting and secure storage processing of all the logs using RSA envision solution.

Experience in setting up and maintaining perimeter security by using Cisco ASA/PIX, Fortinet 3340, F5 Load Balancer LTM & GTM.

Successfully installed Palo Alto PA-3060 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.

Worked on Iron Port to secure the mail infrastructure.

Migrated IP's from IP control and Solar winds to Infoblox, as a part of IP migration to single tool.

Experience configuring BGP, OSPF in Juniper devices like EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX650, SRX240on advanced technologies like, MPLS VPNs, TE and other service provider technologies.

Managed AD Domain Controller, DNS and DHCP Servers and configurations

Deployed Infoblox Trinzic 800 device for DHCP.

Responsible for the IPAM (IP Address management) system for a very large WAN/LAN network.

Expertise in configuring and troubleshooting of Palo Alto,SRX Firewalls and their implementation Experience in site-to-site and remote access VPN solutions.

Worked thru Aruba and Cisco WLAN and Controller config files to help Admin with WLAN troubleshooting

Configured SMTP rules and policies to manage email routing through Iron Port C370.

Designing, configuring, and troubleshooting QoS, SIP, H.323, RTP, SCCP, Session Border Controllers, Voice Gateways, Voice circuits IP /TDM, Cisco Telepresence Infrastructure, QoS, NAT, PAT, and multicast.

Deep knowledge of AWS cloud computing platform such as VPC (Virtual private cloud), EC2 and load balancing with ELB using ECB.

Worked on Cloud Services: Office 365, Azure, and AWS IAAS.

Configured (L2 & L3) multi-vendor Routers, Ethernet switches and Load balancers (F5, A10 etc.) to meet application requirements and Project demands.

Implemented Firewall rules and Nat rules by generating methods of procedure (MOPs).

Configured and implemented voice gateways (H323/MGCP/SIP), SRST for remote sites

Developed MTS software plug-in for Multimedia over Coax Alliance (MOCA) configuration capability on DOCSIS cable modem and gateway products.

Configured WIDE IP and WIDE IP pool on F5 GTM’s to support load balancing between data centers.

Worked on configuring the Nexus 5k Aggregation Switch and Nexus 2k Fabric Extenders.

Installed and configured new Cisco equipment including Cisco catalyst switches 6500, Nexus 7010, Nexus 5548 and Nexus 2K.

Experience in supporting multiple Virtual Environments (AWS, VMware, Open Stack)

Configured network using routing protocols such as RIPv2, OSPF and troubleshooting L2/L3 issues.

Added and modified the servers and infrastructure to the existing DMZ environments based on the requirements of various application platforms.

Worked on F5 GTM, AFM, ASM and other F5 components to protect against advanced DDoS attacks.

Designed, built, and deployed F5 Big IP load balancers (8900’s, Virions, Blades), F5 Big IP TCL, F5 Big IP TMOS, F5 Big IP LTM Local Traffic Manager, F5 DNS Domain Name Services

Worked on F5 TMOS version 11 and 12.

Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.

Provided TierII Load Balancer expertise on F5 BigIP Local Traffic Managers (LTM). Designing F5solutions/support for migration work of applications and websites from Cisco CSS Load Balancers to the F5 BigIP Load Balancers.

Worked on large scale implementation and maintenance for SSH (Secure Shell), PKI/SSH, VPN, IPSEC Satan, ISS, TCP/IP Monitoring.

Environment: Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800), switches (6500/3750/3550 3500/2950), Nexus7K,5K &2K, Brocade switches (F5 Load balancing (LTM, GTM, APM, AFM, ASM), EIGRP, RIP, OSPF, Voice Gateways, BGP, VPN, MPLS, Ether Channels, Cisco Catalyst Switches, Firewalls (Cisco ASA, Palo Alto)

Client: Hindustan Machine Tools, India Jun 2013 – Sep 2014

Role: Network Engineer

Responsibilities:

Day to day network troubleshooting at the Alcatel lucent area network.

Cisco IOS experience on 3600/7200 class hardware in complex WAN environment and experience

On Cisco OS and IOS on CAT6500 in a complex data center environment.

Hands on experience installing Sup720 for Cisco 6509-E series and its Gigabit Ethernet port

Deployment in core network.

Planned, tested and evaluated various equipment's, systems, IOSs and procedures for use within

the Network / security infrastructure.

Supported Data Center migration and consolidation project. Configured HSRP and VLAN trucking

802.1Q, VLAN Routing on Catalyst 6500 switches.

Worked on Cisco Routers, Active /Passive Hubs, Switches, Cisco PIX Firewall, Cisco ASA, NOKIA

Firewalls, Nortel VPN Concentrators TCP/IP, NAT and Checkpoint ESX/GSX firewall.

Worked with Load balancing device like F5 Big-IP local traffic manager (LTM) 1600.

Hands on experience in F5 LTM, GTM series like 6400, 6800, 8800 for the corporate

Applications and their availability.

Deployed Riverbed WAN optimizers and F5 load balancers.

Experienced in working with BIG-IP Edge Portal and BIG-IP Edge Client.

Work with Load Balancing team to build connectivity to production and disaster recovery

Servers through F5 Big IP LTM load balancers.

Configured vPC, FEX and VDC's on Nexus 5K, 7K.

Coordinate with Server, Security, Application teams along with 3rd party vendors to provision and

Setup third party servers, network devices in Data Center environment.

Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems.

Configuring Voice VLANS with respect to Cisco VOIP phones 7940, 7960.

Work with 3rd party vendors and application owners to migrate site to site VPN's to new

Datacenter.

Configure, deploy and troubleshoot 4400 wireless controllers and 1200 LWAPP's.

Establishing VPN Tunnels using IPSec encryption standards and also configuring and implementing

site-to-site VPN, Remote VPN.

Worked on the security levels with RADIUS, TACACS+.

Hands on experience and good working knowledge with Checkpoint Firewall policy provisioning.

Primary responsibility is to design and deploy various network security & High Availability

products like Checkpoint NGX, Provider-I, Nokia appliance, Cisco ASA other security products.

Monitor network health using tools like eHealth, Cisco Prime, Spectrum and recommend

optimization Solutions.

Create BOM's and network implementation plans.

Configured Nexus 5K, 7K, Cisco 3900, ASR 1K routers and 2960, 3750, 6500 switches as part of

the day to day activities.

Map out existing network and forthcoming changes in Visio as part of the quarterly network audit

Process.

Environment:

LAN, WAN, Cisco PIX, Fortinet 3340B, Palo Alto, Cisco 7200 and 3945 ISR routers, Cisco catalyst 6509, 4510, 4506 switches, Cisco 2900 access switches, Cisco WAP's, Ubiquity wireless devices, IPSec VPN, SSL VPN, Site-Site VPN, Access-Lists, and NAT

Contact this candidate