Network Engineer Security
Resume:
ANIL
Network Engineer
ac80ia@r.postjobfree.com
PROFESSIONALSUMMARY
5+ years of experience in Networking, including hands-on experience in providing network support, installation and analysis for a broad range of LAN / WAN/ MAN communication systems.
Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, EIGRP,RIP, BGP v4, MPLS.
Hands on experience in configuring Cisco Catalyst 2960, 3750, 4500, 6500 and Nexus 3000, 5000, 6000, 7000 series switches and Cisco 2600, 2800, 3600, 3800, 7200, 7600 series routers, Load Balancers & Cisco Firewalls
CiscoPrime Infrastructure deployment.
Build WLAN monitoring site maps in the Cisco Prime Infrastructure system
Hands on experience in configuring and supporting site-to-site and remote access Cisco, IPSec, VPN solutions using ASA/PIX firewalls, Cisco and VPN client.
Advanced knowledge in TCP/IP suite and routing protocols, such as OSPF, BGP, EIGRP, multicast, IPSEC VPN design connection & protocols, IPSEC tunnel configuration, encryption and integrity protocols.
Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLANTrunks, VTP, Ether channel, STP, RSTP and MST. Implementation of HSRP, VRRP for Default Gateway Redundancy.
Working experience on Juniper J series j230, M 320 routers and EX 3200 series switch.
Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
Practical experience in Active directory, OU, DNS, DHCP, Group policy, Replication, Active directory domain trust relationship.
Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.
Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
Knowledge of Cisco configurations focused on Routing, QOS, MPLS Multicast and Security.
Configuring, Administering and troubleshooting the Checkpoint, Palo Alto, and ASA firewall.
Configuration of Network and Security devices such as Cisco routers and switches (Cisco
7600/3500/Nexus 7K/5K), Firewall (Checkpoint R75/Gaia and Cisco FWSM), Load Balancers and DNS and IPManager (Infoblox)
Services Engine (ISE),ACS (Radius and TACACS+).
Experience in working with Nexus 7K, 5K, 2K devices.
Experience in testing Cisco routers and switches in laboratory and deploy them on site production.
Cisco UCS, switching and routing equipment. F5 3900 and Viprionload balancers
In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Sub netting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits, Firewalls.
Experienced in using Cisco Identity Services Engine (ISE).
Strong knowledge of TACACS+, RADIUS implementation in Access Control Network.
Experience in Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions for ASA.
F5Viprion/LTM load balancers
Configuration of F5's Big IP for Application Load Balancing.
Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.
Knowledge in preparing Technical Documentation and presentations using Microsoft VISIO/Office.
Worked with F5s Big-IP 6900 Series Platform and the Viprion 2400.
Excellent customer management/resolution, problem solving, debugging skills and capable of quickly learning, effectively analyses results and implement and delivering solutions as an individual and as part of a team.
Experience in designing MPLS VPN and QoS for architecture using Cisco multi-layer switches.
Configuring BGP/OSPF routing policies and designs, worked on implementation strategies for the expansion of the MPLS VPN networks.
Excellent customer management/resolution, problem solving, debugging skills and capable of quickly learning, effectively analysing results and implement and delivering solutions as an individual and as part of a team.
Expertise in creating groups and pruning traffic flow using VLAN, VTP, ISL, 802.1Q.
Working experience with REMEDY, HPOPENVIEW for ticket change management process.
Excellent in documentation and updating client's network documentation using VISIO.
TOOLS AND TECHNOLOGIES:
Protocols
RIP, RIP V2, EIGRP, OSPF, IS-IS, IGRP, HSRP, VRRP, GLBP, LACP, PAGP,
DNS, SMTP, SNMP, FTP, TFTP, LPD/TDP, WEP, POP3 LADP,TNS
LAN Technologies
Workgroup, Domain, HSRP, DHCP, Static, VLAN, STP, VTP, Ether Channel, Trunks.
WAN Technologies
Leased Line, Frame Relay, ISDN, PPP, HDLC, ATM, SONET, Metro Ethernet.
Network Products
CISCO Routers 1700, 1800, 2500, 2600, 2800. CISCO High-End Router 3600, 3800, 7200, 12010. CISCO Switches 1900, 2950, 2960. CISCO Campus Switches 3550XL, 4984 Core Catalyst 4503, 4507 RE, Catalyst 6500/6503/6507. Juniper MX-80,MX-480,SRX-100, SRX-110,SRX-550 Routers and EX-4200 Switches.
Security & VPN
PIX 500 Firewall, ASA 5505 Firewall, AIP SSM, CSC SSM, FWSM, FortiGate, Cisco CSM, ACL- Access Control List, IPS/IDS, NAT, PAT, CISCO ACS, Checkpoint, SonicWALL, RSA SecurID, SRX,SSG series firewalls.
Authentication
RADIUS, TACACS+, Digital certificates
Monitoring Tools
Wireshark, Nmap, Nessus, OpManager, PRTG Packet Sniffer
Servers
Domain servers, DNS servers, WINS servers, Mail servers, Proxy Servers, Print Servers, Application servers, FTP servers, Avocent Console server.
Operating Systems
Windows NT 4.0 (Desktop/Server), Windows 2000/2003/2008 server, Windows XP/7, Linux, Solaris, Red Hat, Active Directory, UNIX,Junos.
Work Experience:
Client: Microsoft, Redmond, WA May 2018 – Till Date
Role: Network Engineer
Responsibilities:
Worked as Network Engineer in various capacities of Cisco technologies such as Routing and Switching, Security, Acquisitions, Integration, New and Existing projects deployments
Designed and implement Cisco/Meraki Enterprise Cloud Wireless Bridge/Repeater to extend the LAN for multiple buildings
Engaged in design, install, configure and maintain complex routing, switching, WAN/LAN, firewalls and network security issues.
Upgraded Palo Alto Firewall and Panorama codes and design and deployed ASA High Availability
Expert in Configuring and Implementing VPNs and Security using IPSec
Set up site-to-site and remote access VPN, and created security policies on firewalls
Provided 24/7 on-call support for all network and security related issues
Cisco code upgrade for IOS/NXOS platform for all core data centers included Catalyst 3750,3850,4500,2960X and NEXUS 2K,3K,5K,9K and RoutersASR-1K, 2900Series, 4300 Series
Performed Baseline Configuration Module BCM, Domain Control Module DCM and Core Services Installation Module CSIM upgrades to COMPOSE v3.0.1 on ISNSServers.
Providing Network and Security Architecture and Operations support services for Windows 2000 based web, application and database servers.
Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF.
Configuring ACL to allow only authorized users to access the servers.
Participated in on call support in troubleshooting the configuration and installation issues.
Designed and built a prototype system to perform lightweight, real-time mapping of Internet paths between data centers and client hosts, using probabilistic databases and information theory.
Migrate and provisioned existing MPLS circuits for newly accusation's branches and corporate office to dedicated High-Speed WAN circuits from Verizon, Comcast and with all other local service providers
Provisioning PaloAlto based DMZ and L2LVPN between Corporate HQ and Co-Locations, partners and 3rd party cloud hosting services
Performed network troubleshooting, second level technical support, and tape backup operations.
Manage the day-to-day log collection activities of source devices that send log data to ESEMSIEMRSA Envision.
Designed and Implemented CiscoPIX525 and ASA5550 firewall's interfaces with FTP, DNS, HTTP servers on DMZ with different security levels.
LAN/WAN/WLAN/VoIP/VPN/NetworkSecurity, Cabling and racking.
Computer Communication Networks, Wireless and Mobile Networks and Security in WirelessNetworks, Advanced Digital System Computer Architecture, Statistical Communication Theory, CMOSElectronics, VLSI, Mixed Signal ICDesign.
Worked on netmap a framework for high speed software packet forwarding
Extract the logs, Perform real time log analysis using SIEM technologies and Forensics Analysis of logs as per the request
Served as a main escalation point of contact for level II personnel.
Coordinated with higher-level support and external vendors for resolution.
Worked on Port Groups on M Series Module and F Series Module for Nexus 7010 and Nexus 7009.
Responsible for Check Point and CiscoASA firewall administration across global networks
Aggregate, correlate, and analyze log data from network devices, security devices and other key assets using SIEM technologies.
Convert Branch WAN links from TDMcircuits to MPLS and to convert encryption from IPSec/GRE to GetVPN.
Worked on commissioning and decommissioning of the MPLS circuits for various field offices
Implemented Site-to-Site VPNs over the internet utilizing 3DES, AES/AES-256 with PIX Firewalls
Secured network access with Cisco SecureRADIUS/ TACACS
Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with CiscoASA VPN experience
Experience in configuring and troubleshooting various WAN technologies like MPLS, T1, T3, DS3 and ISDN
Installation, Maintenance, Troubleshooting Local and Wide Areas Network ISDN, Frame relay, DDR, NAT, DHCP, TCP/IP
Good understanding of JUNOS platform and worked with IOS upgrade of Juniperdevices.
Experience working Juniper T-Series, M-Series, MX-Series, J-Series Routers.
Provided firewall policy configuration and services with Juniper SRX 240 650 series.
Created security policy according to user's requirement in cisco ASA-5580, Juniper-SRX-5800 ISG-1000 fire-wall using CLI GUI
Troubleshoot TCP/IP problems troubleshoot connectivity issues in multi-protocol Ethernet, Environment.
Environment: Cisco/Meraki Enterprise, SSIDs, IOS/NXOS, Catalyst 3750,3850,4500,2960X, NEXUS 2K,3K,5K,9K, Routers ASR-1K, 2900 Series, 4300 Series, COMPOSE v3.0.1, ISNS Servers, EIGRP, OSPF protocols, ESEM SIEM RSA Envision, Nexus 7010 and Nexus 7009, Cisco ASA firewall, VPN, MPLS, T1, T3, DS3 and ISDN, Juniper-SRX-5800 ISG-1000 fire-wall, CLI GUI, 3DES, AES/AES-256 with PIX, DDR, NAT, DHCP, TCP/IP.
Client: Background Checks, TX Jan 2017- April 2018
Role: Network Engineer
Responsibilities:
Installation and maintenance of external customer network(private circuits,T1,ISDN) in international Data Center
Partial Designing and Maintenance of network infrastructure which included access list, OSPF, BGP, staticrouting, DNS and ISDN and voice (gateway and gatekeeper).
Migrating Clients IT network infrastructure to Teleglobe Communications Hosting Data Center.
Provided Firewall Administration Creating and removing firewall rules as needed, Network Security Administration, and Network Engineering duties within an OSPF / BGP environment.
Installation and maintenance of Cisco routers (26xx and 36xx series).
Scheduling and executing Periodic backups and configuration cleanup of the routers.
Involvement in configuring solarwind tools for regular activities as well for proactive monitoring of specific routers to record behavioral statistics.
Design and Configure the vNIC&vHBAFabric/Templates based on Application bandwidth requirement
Designed Virtualization and Cloud computing on UCS platform for a huge cost savings by reducing port costs of MDS and 6500 switches by implementing DCB/FCoE and reducing Cabling, Power & Cooling costs
Cisco ASA and PaloAlto migration and administration with access rules and security management
Designed and simulated two networks to evaluate the quality of video in a WiMAXnetwork using Qualnet.
Designed a simulation study to compare performance of a network under IEEE 802.11b/g/n standards.
Maintain and Administrate Cisco equipment using SNMP and Net cool.
Configured a Cisco ASR 1001 router to replace and upgrade MMO'sPrimary Internet router.
Involved in generating reports using super agentsoftware.
Execution phase with proper documentation.
Function as part of a Firewall and Security team in support of Checkpoint Firewalls, Zscaler Proxy, Juniper Portals, SecAuth, Open LDAP, and Active Directory.
I was responsible for resolving tickets from MMO'susers, using HPOpenview, for access to MMO's intranet and to the internet Creating and removing firewall rules as needed.
Weekly meeting reviews update and Escalation. Scheduling team meetings regularly to discuss both network issues and team concern
New circuit plan, design, and implementation for client network and documenting the same.
Managed DHCP, DNS and IP address thru Infoblox, and Admin for Internet sites access thru Zscaler
Managed users access thru Open LDAP, SecAuth and supported Active Directory.
Resolving customer live issues by using level based troubleshooting, isolating and fixing the problems by coordinating with LAN support(also supports FXS and E and M) and vendors(routers, CSU/DSU) if needed.
Fixing of IPLC issues which had ATM nodes by co-orientating with design team, vendors and, service providers.
Configuring standard and extended access-lists for security purpose.
Knowledge on working and security aspects of OSI and TCP/IP model.
Configured Cisco 7204 routers which were also connected to CiscoASA security appliances providing perimeter based firewall security
Upgrade Cisco Routers, Switches and Firewall (ASA) IOS using TFTP.
Security: PIX and ASA firewall, RADIUS, TACACS+, VPN, and IPSec.
Created security policy according to user's requirement in cisco ASA-5580, Juniper-SRX-5800 ISG-1000 firewall using CLI GUI
Extensive JuniperNetworks experience in Junos, ScreenOS, Pulse, NSM, and Junos Space
Worked on Migration of JuniperSRX firewalls for isolation of network segments and VPN's
Sound knowledge of Routing, Switching concepts and MPLS design
Monitored Network with Orion monitoring software. Admin for Sonexis Phone conferencing.
Redesigned, updated, and established network topography standard.
Driving weekly meetings internally to review and fix issues and also aggregate all the enhance points and get approvals from upper management.
Designed and Configured Nexus 7000/5000/2000 in Top of Rack & End of Row Architecture for a Scalable Production Network that supports Rack & Blade server architecture in a Multi-Tenancy environment using vPC, VDC & VRF
On-call with client on daily basis to discuss all ongoing issues, fixes, future enhancements and finally their feedback.
Configuration audits of all the routers in the network on periodic basis.
Clarify ticket based problem management.
Environment:Windows 2003 Server,, CISCO 2600 and 3600,,Unix servers, ATM,FXS E & M, gateway and gatekeeper, cisco switches, Tacacs, BRI, PRI, OSPF / BGP, Cisco ASR 1001 router, Checkpoint Firewalls, Zscaler Proxy, Juniper Portals, SecAuth, Open LDAP and Active Directory, DHCP, DNS, IP address thru Infoblox, Sonexis Phone conferencing, Orion monitoring software.
TENERE INC – Dresser, WI. Mar 2014 – Dec 2015
Role: Network Engineer
Description:
Responsibilities:
Performed IOS upgrades on Catalyst 1900, 2900, 3500 series switches, and 2500, 2600, 3600 series routers.
Involved in designing, configuring, implementing, maintenance and troubleshooting issues relating to routers and switches in LAN, WLAN,andWAN.
Performed IOS Software upgrades on switches 6500, 3750 and 4500s
Designed and deployed networks as per the company’s requirement. Handled different tasks such as network address assignment, assignment of routing protocols, etc.
Worked on NX-OS series 2000,3000,4000,5000,6000,7000 switches by configuring and upgrading in data centers
Handling the network infrastructure of NOC LAN/WAN, migration & configuration of network client workstations. Addressing performance bottlenecks & ensuring maximum network efficiency and uptime.
Planning designing, Installation, configuration and maintenance of 802.11a/b/g Wireless Networks and Wireless Access points.
Implemented, Monitored and troubleshoot the protocols EIGRP, OSPF and Static Routes.
Configuration and Installation of ASA 5520 firewalls.
NAT, VPN and Traffic filter implementation in Cisco Firewall.
Access distribution and core layer switching architecture, created VLANS, Firewall Services Module (FWSM) and STP configuration.
Experience with Cisco Voice and Unified Communications Solutions (CUCM 8 ).
Deployed unified communication solutions for the corporation with Cisco 2900, 3900, 3900E routers.
Hands on experience with voice protocols like MGCP, H323,and SIP.
Hands-on experience with various gateway models like Cisco Voice Gateway 200, Cisco Access Digital Trunk Gateway and Cisco Analog Trunk Gateway.
Experience with CUCM services such as Unified Messaging, Multimedia Conferencing, and Collaborative Contact Centers.
Experience in troubleshooting VLAN, STP (Spanning tree protocol), & Switch Trunk and IP subnet issues
Dealt with NAT configuration and its troubleshooting issues related access lists and DNS/DHCP issues within the LAN network.
Experience in routing protocols like OSPF, BGP, and standby protocols like HSRP and VRRP application in the routers.
Worked on ACEload balancers and F5 LTM,GTM.
Experience in monitoring and analyzing the load balancing of network traffic using Wireshark and Solar Winds
Configure, troubleshoot, install, and manage Juniper J and M series routers, Juniper Netscreen firewalls to include ISG 2000, NS-5200, and SSG series
Configured RIP, OSPF, and static routing on Juniper M and MX Series Routers
Trace ports of the user via traceroute and ping to process change in VLAN assignment as requested by the user via TMAC process and notify them once done
Establishing VPN Tunnels using IPSec encryption standards and also configuring and implementing site-to-site VPN, Remote VPN.
Assisted in building Netscreen and SRX firewalls (interface creation, routing, policy, etc.)
Worked in the team in migrating from Netscreen to SRX platform
Good knowledge on managing Netscreen and SRX deployed in HA mode
Good understanding knowledge in managing code levels on Netscreen and SRX platforms, Knowledge of SPACE
Addressing issues like routing problems, route announcements/advertisements, and security access issues.
Used tools Wireshark, Packet Sniffer and Microsoft Network Analyzer for monitoring Local Area Network connections (LAN’s) and Wide Area Network Connections (WAN) for Network connection and failure issues.
Administrative responsibilities including the installations, additions, updates,and changes to Microsoft Windows 2003 and Windows 2008 servers.
Maintained accurate network documentation for moves, adds, changes, and deletes. Properly documentation of problem situations and resolutions.
Environment:Cisco Routers, Cisco Switches, Routing Protocols (RIP, BGP, OSPF), VPN Tunnels, Checkpoint Firewall, Frame relay, ACL, NAT, WAP, WLC, VLAN, RSTP, Active Directory, Tools (MRTG, Cisco Works).
Tikona Digital Networks (TDN) - Mumbai Dec 2012 – Feb 2014
Role: Network Engineer
Description:TikonaInfinet Limited, referred to simply as Tikona, is an Indian Internet service provider based in Mumbai. Tikona has an all-India Class-A ISP licence granted by the Ministry of Communications, government of India. The company started its operations as TDN in 2008 to provide home WIBRO services.
Responsibilities:
Responsible for PIX 7.x/8.x & ASA 8.x Firewall migration and in place hardware upgrades and Troubleshooting, IOS Security Configurations, IPsec VPN Implementation and Troubleshooting, DMZ Implementation and Troubleshooting.
Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation.
As part of Security and network operations team I was actively involved in the LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems)
VLAN implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to avoid loops in the network. Trunking and port channels creation.
Responsible for Firewall upgrades as well as Troubleshooting, Security Configurations, IPsecVPN Implementation and Troubleshooting, DMZ Implementation and Troubleshooting.
Work in an enterprise network environment with dynamic routing using OSPF and BGP for external connectivity.
Configured Switches with proper spanning tree controls and BGP routing using community and as path prepending attributes.
Install Windows Server 2003, configure IP addresses, network printers and configure Client Access for PCs.
Work with BGP routing protocol for communication with business partners and influence routing decision based on AS Path Prepend and other attributes.
Administer and support Cisco based Routing and switching environment.
Physical cabling, IP addressing, Wide AreaNetworkconfigurations (Frame-relay).
Deployed a Syslog server to allow proactive network monitoring.
Implemented VLANS between different departments and connected them using trunk by keeping one Vlan under server mode and rest falling under client modes.
Configured Client VPN technologies including Cisco's VPN client via IPSEC.
Configured Firewall logging, DMZs and related security policies and monitoring.
Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.
Environment: PIX, CISCO routers and switches, Access Control Server, VLAN, Trunk Protocols, CISCO ASA, DHCP, DNS, SAN, Spanning tree, Nimsoft, Windows Server, Windows NT.
Contact this candidate