Senior Network Engineer
Resume:
Vijay Chander
Senior Network Engineer
ac7akg@r.postjobfree.com
PROFESSIONAL SUMMARY:
* ***** ** ********** ** Network engineering, designing, architecting, deploying and troubleshooting Network & Security infrastructure on CISCO Routers, Switches (L2/L3) and Firewalls
Expert level knowledge of troubleshooting, implementing, optimizing and testing of static and dynamic layer 3 routing protocols such as EIGRP, OSPF, BGP IS-IS ability to interpret and resolve complex route table problems.
Experience in configuration and troubleshooting of VLAN, Trunking, STP, VTP, Ethernet channel MSTP, RSTP, PVST, 802.1q, DTP, HSRP, VRRP and GLBP.
In depth experience on load balancers & understanding of routing protocols BGP, OSPF, EIGRP, TCP, SSL, and TLS.
Experience with convert Checkpoint VPN rules over to the Cisco ASA solution.
Performed all the tasks on the CISCO Switches and routers, Checkpoint Firewalls and DNS etc.
Experience with different Network Management Tools and Sniffers like SNMP to support 24 x 7 Network Operation Center.
Experience working with Nexus 7K, 5K, 2K devices.
Experience with F5 GTM/LTM 8950, 10000 series and VIPRION configuration/installation/support.
Worked extensively in Designing, Implementing & Managing LAN, WLAN & WAN solutions for different client setups.
Experience in Physical cabling, IP addressing and Subnetting with VLSM using QIP configuring and supporting TCP/IP, DNS, installing and configuring proxies.
Configured Cisco Routers for BGP, OSPF, RIP, RIPv2, EIGRP, Static and default routes in a VPN environment using MPLS.
Design and configuring of OSPF, BGP on CISCO Routers and on Proxy servers.
Involved in troubleshooting network traffic and its diagnosis using tools like ping, traceroute, Wireshark, TCP dump and Linux operating system servers.
Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.
Good knowledge of SDN Concepts, open stack, VxLAN and Plum-grid Platform.
Creating iRules for various redirection as well as security & worked on ACI Implementation
Expertise in creating custom iRules, health monitors, VIP’s, Pools, Nodes for F5 LTM/GTM.
Experience working with High performance data center switches like Nexus 7710, 7010, 7018, 7009, 5020 & 2248 fabric extender switches and Cisco 1001-x, 9k edge routers.
Experience in Firewall configuration of Web application.
Experience on working with different security types and usage of different Servers for testing and firewall administration.
Expertise in installing, configuring and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 series) Juniper Routers (E, J, M and T-series).
In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Subnetting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits, Firewalls.
Installing, Configuring, Monitoring and Troubleshooting of Fortigate Firewalls.
Experience in installing and configuring DNS, DHCP server.
Palo Alto next-generation firewalls provide complete visibility into all network traffic based on applications, users, content and devices. (PA-5200, PA-3000, PA-800)
Successfully installed Palo Alto PA-3060 firewall to protect data center and provides L3 support for routers/switches/firewall.
Managed Configuration, Logging and Reporting of Palo Alto firewall through the Panorama.
Implementation and maintained intrusion detection/ prevention (IDS/IPS) system to protect enterprise network and sensitive corporate data. For Fine-tuning of TCP and UDP enabled IDS/IPS signatures in Firewall.
Performed Installation of Cisco ASA 5585 & 5520 series firewalls as well as Palo Alto 3500 series.
Managed Core network upgrades, communications and Identity Services deployment.
Monitoring and capturing the traffic with network management tools Wire shark, Solar winds, Cisco Works and Cisco ISE.
Worked extensively in Configuring, Monitoring and Troubleshooting of Cisco's Security appliance, zoning & configuring VLANs/routing with the firewalls as per the design.
Troubleshooting DNS/DHCP issues within the LAN network.
Managed inventory of all network hardware, Management and Monitoring by use of SSH, Syslog, SNMP, NTP.
Good knowledge and Experience on Bluecoat proxy server SG and ITIL framework.
Deployed, Managed and supported Bluecoat Proxy SG to safeguard web applications in extremely untrusted environments such as guest Wi-Fi zones.
Advanced knowledge in Design, Installation, configuration and creating Checkpoints in Provider Environment.
Firewall AAA Threat protection DLP ADRMS Firewall Management Creation and modification of firewall based on infrastructure requirement.
Hands on experience in Troubleshooting access /connectivity issues, version upgrades. Changes in network security design
Documented standard operation policies for Cisco IOS, IOS-XR, IOS-XE, NX-OS and ASA firewalls.
TECHNICAL SKILLS:
Router platforms
Cisco routers (3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst
switches (6500, 4900, 3750, 3500, 4500, 2900, 6807 series), Nexus 7K, 5K, 2K & 1K.
Switch platforms
Cisco 2900XL, 2950, 2960, 3560, 3750, 4500 and 6500, Nexus (2K, 5K, 7K and 9K)
Firewall
Juniper Net screen 6500, 6000, 5400, Juniper SSG, SRX5600, SRX5800, Checkpoint (NGX,
R65, R70 and R71), Cisco Firewalls (ASA 5505, 5506-X, 5585), Palo Alto Networks (PA-2K,
PA-3K and PA-5K).
Network Management
Solar winds, HP NNMi 8xi (Network Node Manager), Net flow and Cisco prime, Ethereal /
Wireshark, TCP Dump
Load Balancers
F-5 BIG-IP LTM 2000, 3900, 5000, 6400, 6800 AND 8900, Bluecoat SG8100, AV 510.
Networking Concepts
Access-lists, Routing, Switching, Subnetting, Designing, CSU/DSU, IPSec, VLAN, VPN, WEP,
WAP, MPLS, VoIP, Bluetooth, Wi-Fi
WAN technologies
Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 &
SONET
LAN technologies
Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channel, VLANS,
VTP, STP, RSTP, 802.1Q
Security Protocols
IPsec, SSL, AAA, Access-lists, prefix-lists, SSL-VPN
Networking Protocols
RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA, IPv4 and IPv6
Operating Systems
Windows 7/XP, MAC OS X, Windows Server, Linux
CERTIFICATION:
Cisco Certified Network Associate (CCNA)
Cisco Certified Network Professional (CCNP)
PROFESSIONAL EXPERIENCE:
Mondelez, Hanover, NJ Aug 2016 - Current
Sr. Network Engineer
Responsibilities:
Hands-on experience with Ether Channel, Spanning Tree, Trunking, ACLs, Syslog. Experience in the setup of HSRP, Access-Lists, and RIP, EIGRP, and tunnel installations.
Involved in the troubleshooting aspects of complex network infrastructure using routing protocols like EIGRP, OSPF and BGP.
Involved in the Design, deployment and configuration of Global data centers. Part of the Data center consolidation project in the AMER region.
Experience with configuring Nexus 5000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 7000.
Experience with converting Cisco 6500 IOS to Cisco Nexus NX-OS in the data center environment.
Upgraded load balancers from Adware to F5 BigIPv9 which improved functionality and scalability in the enterprise. Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs
Worked with network services like DNS, DHCP, DDNS, IP4, IP6, IPSec, VPN etc
Worked with F5, CISCO ACE 4710 Load balancers, GSS and Wireless networks.
Used IPSec VPN tunneling to provide access to user machines and partners in another network. Provided application level redundancy and availability by deploying F5 load balancers LTM.
Experience configuring the switch ports, VLAN's, Port Security, STP, VSS and other protocols and troubleshooting on cisco core switches of 6513 and cisco 6510.
Experience with convert PIX rules over to the Cisco ASA solution.
Experience working on F5 Load Balancing devices, specifically LTMs, GTM's, APM and ASM.
Experience in conducting upgrades, fail over, configuring pools, complex irules, virtual servers, and managing certificates on the F5 devices.
Performance monitoring of various applications and web servers to maintain quality of service and network stability.
Performed DHCP configuration using Infoblox and deployed TACACS for accounting and authorization implementations
manage active directories, exchange servers, configure DHCP and DNS, software migrations and data migrations.
Provided technical expertise and support of network devices and security peripherals including Cisco routers and switches.
Hands-on experience Installing & configuring firewalls for various remote locations with Checkpoint NG & NGX, Cisco ASA (5500), Palo alto PA-200, Juniper SRX and Fortinet.
Configured and troubleshoot the Fortinet 100E and 200E devices.
Experienced with Network Monitoring tools such as Service now and SolarWinds
Experience in deployment of Bluecoat as proxy and firewall solution to provide secure and optimum access of web service.
Migrated and implemented new solutions with Cisco ASA Firewall (5500) series.
Converting PIX rules over to the Cisco ASA solution.
Managed IP addressing and Sub Netting using Infoblox
Migration of existing IPSEC VPN tunnels from one Data Center to another Data Center, due to decom of existing Data Center, which involved working with Partner Companies.
Troubleshooting Firewall Connectivity related issues using Smart view tracker on Checkpoint, NSM Log viewer for Juniper Firewalls.
Experience on ASA firewall upgrades to 9.x.
Websense Web Security Gateway Installation, Upgrade & Configuration 8.4
Configured Panorama web-based management for multiple firewalls.
Worked on configuration, maintenance and administration of Palo Alto PA3000 Firewalls and migrating customers from Cisco ASA to Palo Alto in HA network.
Implementing security Solutions using Palo Alto Pa-5000/3000, Cisco ASA, Checkpoint firewalls R75, R77.20 Gaia.
Configured various BGP attributes such as Local Preference, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
Extensively worked on Data Center switching technology including Nexus 7K, 9K and 5K and Catalyst switches configuring VPC.
Designed, implemented, and managed network security including firewalls and intrusion detection/prevention systems (IDS/IPS).
Experience configuring various
networking protocols, specifically OSPF, BGP and EIGRP in the core Switches of cisco 6500 and Nexus 7k and 9k and troubleshooting issues with the network.
Responsible for troubleshooting and analyzing root cause of major network outages and any critical issues involved with the network.
Having experience in network monitor tools Cacti, Nagios, Infoblox IP address management and PAPI console
Performing network monitoring, providing analysis using various tools like Wireshark, SolarWinds etc.
Managed and set up VLANs and deploy new VMware environment.
Transurban, Alexandria, VA Feb 2015 - July 2016
Sr. Network Engineer
Responsibilities
As a Senior Network Engineer, I am responsible for network design and strategies to prepare the CHEP global network to better provide services to our users
Plan and manage a migration from Cisco Unified Communications to Microsoft Office 365 E5 licenses with Cloud PBX and Conferencing Services
Manage a group of 12 engineers in their day to day operations, continuing education and certification tracks
Configuring & troubleshooting DNS & DHCP.
Prepare remote building LANS through use of Infoblox DHCP and DNS, Check functionality of router and switch for proper implementation of Spanning Tree, IPSEC, VLANS, VRRP, Multilink Trunking and IP Addressing
Worked on multiple projects related to Branch networks, Campus networks, extranet clients and Data Center Environments involving in data center migrations from one data center to another.
Global migration from autonomous wireless access points to Meraki access points
Experience working with Nexus 7010, 5020, 2148, 2248 devices
Involved in designing and configuring Nexus 5k and 2k series switches for the data center migration.
Provide Tier III Level Load Balancer expertise on F5 BigIP Local Traffic Managers (LTM). Designing F5 solutions/support for migration work of applications and websites from Cisco CSS Load Balancers to the F5 BigIP Load Balancers.
Experience in designing data communications and networks utilizing that utilize a mixture of frame relay,
Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks
Administration, troubleshooting & new implementations on Cisco 6500 series switches, Nexus switches, Cisco Routers, Juniper devices, checkpoint & ASA firewalls.
Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tunings AS-path.
Upgrade Cisco Routers, Switches and Firewall (PIX) lOS using TFTP
Experience with converting checkpoints VPN rules over to the Cisco ASA Solution. Migration with Cisco ASA VPN experience.
Troubleshooting various DNS, DHCP issues using Infoblox.
Develop training hand out documents, end user videos, and class materials to instruct users on new collaboration tools
Deployment of new Data Center using Nexus 9000 in ACI Network Centric mode
Develop a network hardware refresh strategy to keep the network equipment up to date globally
Evaluate different video conferencing solutions, focusing on interoperability with Microsoft Skype for Business
Checking and configuring Cisco 7600 and 7200 routers at data center for remote sites’ issues.
Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point Next-Generation Firewalls R65, R70 & GAIA R77.30, Net Screen Firewall, Palo Alto Next-Generation firewalls.
Interact with various ISP's and vendors like Cisco, FortiGate, F5, Level 3 to consider physical circuit and hardware related problems in MSIT network infrastructure.
Remotely upgrading the FortiGate devices by adding patch ups from V3.1.18, V4.0 to the latest released versions V5.0.11 using upgrade paths.
Working knowledge of leveraging F5 devices for web acceleration & caching.
Configured and implemented Nexus 5K and 2K in lab environment
Managed and coordinated the efforts with Vendors like Cisco, Juniper etc for implementing and staging the equipment’s and installing and finally configuring it for the required projects.
Configuring and managing F5 ASM (Application security manager). Develop security policies.
Configuring, Installing and troubleshooting on Check Point Devices.
Designed application mapping and application delivery using F5 BIG IP LTM.
Experience in working with designing, installing and troubleshooting of Palo Alto firewalls.
Worked with software developers to enhance the features of F5 product, BIGIP.
Worked on Juniper J series j230, M 320 routers and EX 3200 series switch.
Implement changes on switches, routers, load balancer (F5 and CSS), wireless devices per engineer's instructions and troubleshooting any related issues.
Provide technical support in the implementation, testing and configuration of various network protocols to include: OSPF, EIGRP, Spanning-Tree, VRRP/HSRP, VPN, VRF, IPSEC and GRE Tunnels
Responsible for adding Policies to the Juniper SRX 3600, 240, ISG firewalls and Checkpoint Firewalls and monitoring the logs
Taco Bell/ Yum Brands, Irvine, CA Dec 2013 – Jan 2015
Network Security Engineer
Responsibilities
Worked with Juniper Net Screen 500/5200 and Juniper SRX 650/3600.
Migrating from Checkpoint R77 Firewalls to Juniper Firewalls.
Designed and configured OSPF, BGP on Juniper Routers and SRX Firewalls.
Creating rules on the checkpoint firewall for a NAT to the VLAN IP and to allow the IPsec traffic.
Configuration and integration of Cisco Wireless LAN Controllers WLC with ISE for performing Dot1x authentication to Wireless users.
Installation and configuration of Checkpoint NG R55 & NGX R60.
Used Jflow for working with feeds and flow feeds. Used Snort and sniffer trace for Monitoring and maintenance LAN/WAN.
Worked on Big IP F5 Load Balance: setting up, surveillance and configuration of F5 load balancer (using LTM & GTM).
Setup and maintained checkpoint security policies including NAT/VPN and secure remote access.
Utilizing Tufin and Splunk firewall analyzing tool to remediate idle firewall policies that leave the network open to unnecessary vulnerabilities.
Experience with network security protocols such as IPSEC tunnels, GRE tunnels, NAT (PAT), ACLs and VPN.
Managing URL Content Filtering on Websense Proxy.
Adding exemption, editing policy groups on Websense Management Server.
Adding/removing ARM bypass rules on Websense appliances.
Participated in the installation, configuration, post installation, daily operational tasks and configuration and deployment of Cisco Nexus equipment 7010, 5596 and 2248.
Researched, resolved and documented Syslog generated errors as escalated.
Configuring IP, RIP, EIGRP, OSPF and BGP in routers.
Managed the F5 Big IP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs
Upgrading of network connectivity occasionally between the branch office and the regional office through multiple link paths and routers running HSRP, EIGRP with unequal cost load balancing to build flexible network.
Implementation of ACLs and authentication (EIGRP, BGP) to ensure high reliability on the network.
Protechsoft Technologies Pvt Ltd, Chennai, India Oct 2011 – Nov 2013
Network Engineer
Responsibilities
Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
Configuring IP, RIP, EIGRP, OSPF and BGP in routers.
Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers and Cisco ASR 9K /1K
Installation, Configuration, Upgradation, Monitoring, Troubleshooting and Testing activities performed on Checkpoint and Juniper Firewalls.
Experience with converting Cisco 6500 IOS to Cisco Nexus NX-OS in the data center environment.
Responsible for check point and Cisco ASA firewall administration across global networks.
Worked and performed troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as EIGRP, OSPF, and BGP ability to interpret and resolve complex route table problems.
Experience in deploying EIGRP/BGP redistribution and the changing the metrics for the primary and Backup
Migration from Cisco to Palo Alto firewall & Cisco to Checkpoint firewall.
Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
Working on security devices ASA, Juniper, Palo Alto Firewalls, Routers, and Switches
Switching related tasks included implementing VLANS, VTP, STP and configuring on Fast Ethernet.
Replaced old 6500 and WAN routers from DR testing site and Installed Nexus 7K and ASR 1006 routers.
VLAN Configurations, troubleshooting and Firewall ACLs and Object-Groups configuration and Support
Configured IPsec site-to-site VPN connection between Cisco VPN 3000 Concentrator and Cisco 3800
Configuring and Managing Cisco ISE, ACS for TACACS+, RADIUS
Technical support to IPAM, DNS / DHCP, networking protocol, Sybase Database, and Active Directory.
Managing a TACACS server for VPN user authentication and network devices authentication.
Jothik Technologies, Chennai, India Apr 2010 – Sep 2011
Network Administrator
Responsibilities
Configuration and Maintenance of Ethernet Network consists of 3550/2500 Series switches.
Establishing VLAN's on switches based on customers' requirements.
Enabling Rapid Spanning tree protocol on switches to avoid loops.
Configuring and enabling VTP and port security on switches.
Configuration and Maintenance of Wireless Network consists of Cisco 4404 WLC and Cisco 1100/1200 series Access Points
Maintaining network routing using EIGRP protocols.
Configuration and Maintenance of DNS/DHCP server with Infoblox appliance.
Operation support 24X7.
Managing a network with help of Service now ticketing tool.
Documenting the changes in the network as backup.
Designing, planning and deploying network using cisco Configmaker.
Bandwidth control with Packeter 6500.
Configuring and maintaining cisco 2950 series switches with different VLANs based on requirements.
Using HP Open view to monitor the network.
Basic configuration of Cisco ASA firewall.
Configuring ACL's, NAT and implementing them on ASA firewalls.
Configuring routers with policy-based routing by creating route-maps.
Maintenance and trouble-shooting of LAN, WAN, IP Routing, Multilayer Switching.
Upgraded IOS on the different series of routes.
Maintaining network routing using EIGRP protocols.
Configuring DNS and DHCP on Unix server.
EDUCATION:
Bachelors of Technology in Electronics and Communication Engineering
Contact this candidate