Engineer Network
Resume:
Sreenivas K
Sr. Network & Security Engineer
Email id: ac8ko6@r.postjobfree.com
Ph No: 908-***-****
Professional Summary:
Certified Palo Alto Network Engineer with 8+ years of professional experience in Network engineering with Cisco Certified Network Engineer, performing Network analysis, design, Implementing, capacity planning with a focus on performance tuning and support of large Networks. Strong knowledge in Cisco Routing, Switching and Security with Cisco hardware/software (heavy Cisco shop) experience.
Experience working on Cisco Catalyst Series3750, 4500, 4900, 6500; Nexus 2000, 5000, 6000 and 7000 series switches.
Extensive work experience with Cisco Routers, Cisco Switches, Load Balancers and Firewalls.
Experience in layer-3 Routing and layer-2 Switching. Dealt with Nexus models like 7K, 5K, 2Kseries, Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3750, 3500, 2900 series switches
Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.
In-depth knowledge on Routing Policies, Network Architecture, IP Subnetting, VLSM, TCP/IP, NAT, DHCP, DNS. Experience with EIGRP, OSPF, RIPv2. Cisco Router technologies such as HSRP, VRRP. Familiar with BGP, VRF. LACP, STP/VTP, VSS
Involved in troubleshooting various layer 2 and layer 3 issues related to VRF. Configured Cisco 7600, 7200 series routers for MPLS VPN connectivity and VRF tables on Edge routers for customer usage of the MPLS network.
Implemented VPC, configurations on Nexus 7000, 5000, as well as port turn-ups and decommissions for Cisco 6500 port. Worked on VDC, VPC, OTV, and fabric path on of Nexus 7K and 5K.
Experience in Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions for ASA.
Enterprise Routing experience using protocols RIP v1 & 2, EIGRP, OSPF and BGP
Configuring and Troubleshooting of Various Firewall ACL, NAT rules, policy and protocols like OSPF and Switching protocols like STP, VLAN, VTP..
Experience with different Network Management Tools and Sniffers like Wireshark (ethereal).
Configured High availability, User ID on Palo Alto firewall. Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools Editing and Changing Palo Alto Polices and Monitoring threats on firewalls. Analyzed traffic pattern and implemented URL filtering using the Palo Alto Firewall. Troubleshooting and configuring Palo Alto FW's 3060 & 5060
Extensive experience with Check Point and CISCO Security Firewall Configurations and network configurations.
Installed, Configured and currently maintaining Check Point Firewalls (R76 Gaia, R75.40, R75 and R70) in a Distributed Deployment and High Availability Redundancy Scenario
Experience in configuring, deploying and deployment of Cisco Security Manager (CSM) for management of ASA [ ] Firewall series.
Design, Build, and Implement various solutions on Check Point Firewalls, Blue Coat Proxies, F5,A10 Load balancers and F5,A10 Global Traffic Managers.
Worked on GTMs like F5 and A10's on DNS issues and also was a part of A10 to F5 GTM migrations.
Configure VRRP & GLBP and VLAN Trunking 802.1Q & ISL, STP, Port Security on Catalyst 6500 switches.
Knowledge of JUNOS platform and worked with JUNOS upgrade of Juniper devices.
Technical Skills:
Cisco Platforms
Nexus 7K, 5K, 2K & 1K, Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series), CSR/ASR, IOS-XR
Juniper Platforms
SRX, MX, EX Series Routers and Switches
Networking Concepts
Access-lists, Routing, Switching, Subnetting, Designing, CSU/DSU, IPSec, VLAN, VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi
Firewall
ASA Firewall (5505/5510), Checkpoint, Cisco ASA, Palo Alto
Network Tools
Solar Winds, SNMP, Cisco Works, Wireshark
Load Balancers
Cisco CSM, F5 Networks (Big-IP)
WAN technologies
Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET
LAN technologies
Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channel, VLANS, VTP, STP, RSTP, 802.1Q
Security Protocols
IKE, IPSEC, SSL-VPN
Networking Protocols
RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA
Operating System
Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix
Professional Experience:
US Bank/Elavon
Network Engineer March 2018 – Present
Knoxville TN
Configured and implemented Nexus 5K and 2K in lab environment
Participated in the installation, configuration, post installation, daily operational tasks and configuration and deployment of Cisco Nexus equipment 7010, 5596 and 2248.
Installing and configuring TACACS/RADIUS, Performed ISSU to upgrade to the core Nexus 7k switches.
Prepared Documentation to upgrade Cisco IOS, CAT OS and NX-OS in High availability production environments pre/post checks for customer production upgrades.
Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support
Performed IOS Software upgrades on switches Cisco 6509, 4510, 3750 and Cisco ASR for compatibility with Cisco ISE.
Hands on experience with Cisco Nexus 7K, 5K and 2K series equipment including configuration of protocols.
Monitored and resolved network device issues identified by SolarWinds in a timely manner
Worked on assessment and the finalization of the detailed designs and provided a design document for the Implementation of Cisco ISE and the Migration of Wireless and TACACs to ISE.
Configured network access servers and routers for AAA Security (RADIUS/ TACACS+).
Provided engineering support and technical assistance by ensuring the Cisco ISE server is correctly installed and licenses are applied.
Worked with different vendors and service providers like BT, AT&T and Verizon to TTU our circuit.
Managing Bluecoat and adding LDAP groups and users and give access right to groups.
Creating and adding and reserving new subnets and IP address in Bluecoat.
Reclaiming IP address in Bluecoat.
Managed inventory of all network hardware, Management and Monitoring by use of SSH, Syslog, SNMP.
Implemented and configured SNMP, Syslog and traps on Cisco routes to allow for network management
Experience with SSL offloading, TLS security, and cipher management on the F5.
Designed application mapping and application delivery using F5 BIG IP LTM. Configured Virtual IPs and servers on F5 and associated pool and pool members to it
Provided application level redundancy and availability by deploying F5 load balancers LTM
Worked on F5 LTM configuring different Load balancing methods Round Robin/Ratio based Etc.
Implemented changes on existing configurations for the applications on F5 load balancer
Managed and supported all NetScaler LTM's in pre-production and production environments
Configured Citrix NetScaler for load balancing and assigned virtual server IP (VIP) address to virtual servers.
Collaborating with Application owners, Network Team, DNS Team, and Firewall Team, to migrate applications from Legacy NetScaler Load Balancer to New F5 BIG-IP Local Traffic Manager
Engineering and configuring Virtual Server, Pools, Profiles, Persistence, and monitor on F5 LTM to match the configuration the Application had on NetScaler
Configured Site-to-Site IPsec VPN tunnels to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5505 series firewall.
Environment: Cisco Routers, Cisco Nexus 9k,7k,5k, 3k and 2k, Cisco Switches, BIG IP F5 LTM, GTM, Checkpoint and ASA Firewalls, IT Security Policies, OSPF, EIGRP, HSRP, BGP, Sniffers, Service Now, Service Desk, Catalog, Jira, Solar winds, spectrum, Gigamon, Anue, LAN and WAN networks
Pearson, NJ Sep 2017- Feb 2018
Sr. Network Security Engineer
Responsibilities:
Installing license according to the Customer requirements.
Time to time upgrade network connectivity between branch office and regional office with multiple link paths and routers running HSRP, EIGRP in unequal cost load balancing to build resilient network.
Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
Performed IOS upgrades on various catalyst series switches and maintained latest IOS versions according to company's policy.
Experience working with ASR 9000 series switches with IOS-XR.
Troubleshooting experience on Cisco ASR 9K devices and also have an experience to upgrade IOS-XR software.
Configured VSS on Cisco Catalyst 6509 switches in order to have redundancy.
Implementing 3750 Stackable switches using Cisco Stack Wise technology. Experience to review and evaluate current and future design issues as required maintaining network integrity, efficient data flow.
LAN Cabling in compliance of CAT6 standards infrastructure like Racking and Stacking.
Worked on service now ticketing system, participated in CAB meetings, participated in on call meetings and was involved in incident response management.
Performed Cisco IOS upgrades on ISR ASR routers and catalyst access switches: Any upgrade performed under CR, management approval and change window
Setup complex IP-Traffic test topologies to stress the system and functional blocks of ASR 9K routers.
Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a flexible Access Solution for Data Center access architecture.
Configured Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000 to connect servers and storage devices.
Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches, fixes, and all-around technical support.
Support the Solarwinds platform for monitoring the network for any network related issues
Setup custom profile looks for different groups using Solarwinds for monitor of network device.
Utilized Secure CRT for configuration and troubleshooting of Cisco network routers and switches.
Executed Mass device configuration updates (port descriptions, hostnames, SNMP locations, etc.) utilizing secure CRT console terminal.
Implemented and configured Fortinet Firewall FortiGate 600, 800 series.
Worked on Fortinet, Fortigate firewall, Forti-Manager, Forti-Analyzer.
Maintained, installed and Configured SD-WAN equipment's such as Fortinet firewalls.
Environment: Cisco 3750/3550/3500/2960 switches and Cisco 3640/12000 /7200/3845/3600/2800 routers, Cisco ASA5510, Checkpoint, F5 Load Balancer Cisco Nexus7K/5K, Checkpoint, Cisco ASA.
Anthem Inc, Denver, CO Mar 2015 – Aug 2017
Network & Security Engineer
Responsibilities:
Configured High availability, User ID on Palo Alto firewall.
Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools Editing and Changing Palo Alto Polices and Monitoring threats on firewalls. Analyzed traffic pattern and implemented URL filtering using the Palo Alto Firewall. Troubleshooting and configuring Palo Alto FW's 3060 & 5060
Designed security policies on Palo Alto network firewall for controlling what traffic needs to be allowed or blocked based on customer requirements.
Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
Extensive Packet level debugging and troubleshooting on Palo Alto Firewalls to resolve numerous network issues.
Analyzed the Policy rules, monitor logs and documented the Network/Traffic flow Diagram of the Palo Alto Firewalls placed in the Data Center with MS Visio.
Provided daily Palo Alto Firewalls administration such as Threat prevention, URL filtering, IPSEC and SSL VPN's, zone-based integration, and analyzing syslog's, and utilizing wild fire feature in Panorama 7.1.
Experience with working on Palo Alto Next-Generation firewalls security profiles
Provided Load Balancing towards Access layer from Core layer using F5 network Load balancers.
Worked on upgrading F5 device from 11.4 to 11.5.3 to remediate HTTP classes and profiles and Upgrading and relicensed F5 LTM.
Thorough understanding and Experience in F5 concepts which include Virtual servers, Pools, Health monitors, SSL Profiles, Persistence profiles, Load balancing methods, HA pair, iRules.
Installing, Configuring and troubleshooting Cisco Routers (ASR1002X, 3945, 3845, 2800, 3600) and Switches (6509E, 4507, 4500-X, 4900M, 3850, 3650, 2960) to perform functions at the Access, Distribution, and Core layers.
Working with Cisco Nexus 2248 Fabric Extender and Nexus 5500 series to provide a Flexible Access Solution for datacenter access architecture.
Worked as a part of data center deployment where we converted from Cisco 6500 to Nexus.
Configured Cisco 7600, 7200 series routers for MPLS VPN connectivity and VRF tables on Edge routers for customer usage of the MPLS network.
Configure BGP features such as as-override, Local pre, EBGP load sharing on client connections Configured and resolved various OSPF issues in an OSPF multi area environment between multiple branch routers.
Performed Ospf, BGP, DHCP profile, IPV6, Bundle Ethernet implementation on ASR 4300, 1K, 2K, 3K, 7K 9k redundant pair.
Experience on Deploying and decommission of VLANs on core ASR 4300, 1K, 2K, 3K, 7K 9K, Nexus 7K and 5K and its devices.
Troubleshooting Layer 2 issues, Spanning Tree protocol, RSTP, MST, VTP, VLAN on Cisco – 6500 series switches.
Configuring HSRP between the 3845 router pairs of Gateway redundancy for the client desktops.
Configuring GLBP, VLAN Trunking 802.1Q, STP, Port security on Catalyst 6500 switches.
Involved in L2/L3 Switching technology administration including creating and maintaining VLANs, Port security, Trunking, STP, Inter VLAN Routing, LAN security.
Experienced provisioning SD-WAN service as automated failover solution for MPLS VPN by Cisco.
Configured Cisco devices with various protocols like VRF (Virtual Routing and Forwarding), OSPF and BGP as per the design and the number of users in a site.
Configured BGP, OSPF and VRF on Cisco routers.
Involved in configuring IP, IPsec, mGRE/GRE tunnels, Multicast, NAT overload, VRF, Policy Based Routing (PBR), Dynamic Multipoint Virtual Private Network (DMVPN) and MPLS.
Environment: Cisco 2948/3560/4500/3560/3750/3550/3500/2960 6500 switches and Cisco 3640/12000/7200/ 3845/3600/2800 routers, Cisco Nexus 7K/5K, Cisco ASA 500, Checkpoint, windows server 2003/2008: F5 BIGIP LTM, RIP, OSPF, BGP, EIGRP, LAN, WAN, VPN, HSRP
New York State Department of Financial Services, New York, NY Oct 2013 – Feb 2015
Network Engineer
Responsibilities:
Implemented many numbers of security policy rules and NAT policy rules on Palo Alto, created Zones, Implemented Palo Alto Firewalls interface, Palo Alto IDS and VLAN.
Integrating Panorama with Palo Alto Firewalls, managing multiple Palo Alto Firewall using Panorama.
Reviewing & creating the FW rules and monitoring the logs as per the security standards in Palo Alto Firewalls.
Successfully completed Firewall cleanup project consisting of multi-vendor like Checkpoint and Palo Alto.
Successfully worked with Checkpoint R77.30 Provider1
Implemented the policy rules and DMZ for multiple clients of the state on the Checkpoint firewall.
Basic and advanced F5 load balancer configurations, general troubleshooting of the F5 load balancers.
Provided Load Balancing towards Access layer from Core layer using F5 network Load balancers.
Experience with F5 load balancers to provide Land Balancing towards Access layer from core layer and configuring F5 LTM both by GUI and TMSH/CLI and Cisco load balancers (CSM, ACE and GSS).
Upgraded load balancers from Radware to F5 BigIP v9 which improved functionality and scalability in the enterprise.
Configuring and troubleshooting CISCO catalyst 6509, 7609, 7613 with Supervisor cards, Cisco 3640, Cisco GSR 12416,21418(with PRP and RPR processors)
Analyzed customer application and bandwidth requirements, ordered hardware and circuits, and built cost-effective network solutions to accommodate customer requirements and project scope.
Configured routers and coordinated with LD Carriers and LECs to turn-up new WAN circuits.
Expertise in physical infrastructure like structured cabling, IP address management, racking, stacking and Data Center concepts.
Worked in the Datacenters and performed tasks such as Racking, stacking, device testing, faulty management various network devices.
Involved in migration of Frame-relay based to MPLS based technology on ASR 1002 series and 2911 series routers.
Strong hands on experience in installing, troubleshooting, configuring of Cisco ASR.
Configuring Virtual Device Context in Nexus 7010.
Providing Level 3 Engineering and Support to other internal network engineers and contractors.
Designing and installing new branch network systems. Resolving network issues, running test scripts and preparing network documentation.
Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550.
Configuring, upgrading and verifying the NX-OS.
Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
Provided network support for the core network including MPLS, DMVPN and Datacenters.
Integrate multi-site networks via MPLS/VPLS/VRF/BGP as per customer requirements
Providing path isolation design for customer IP traffic using VRF.
Environment: Cisco 2948/3560/4500/3560/3750/3550/3500/2960/6500 switches and Cisco 3640/12000 / 7200 /3845 / 3600/ 2800 routers, Cisco Nexus 7K/5K/2K, Cisco ASA5510, Checkpoint, windows server 2003/2008: F5 BIGIP, LTM, OSPF, EIGRP, RIP, BGP, VLAN, VPN, Checkpoint, Juniper SRX
Polaris, India Aug 2011 – Sep 2013
Network Engineer
Responsibilities:
Managing the service request tickets within the phases of troubleshooting, maintenance, upgrades, fixes, patches and providing all-round technical support.
Commissioning and Decommissioning of the MPLS circuits for various field offices.
Preparing feasibility report for various upgrades and installations.
Ensure Network, system and data availability and integrity through preventive maintenance and upgrade
Troubleshooting complex networks layer 1, 2to layer 3 (routing with MPLS, BGP, EIGRP, OSPF protocols) technical issues.
Providing support to networks containing more than 2000 Cisco devices.
Performing troubleshooting for IOS related bugs by analyzing past history and related notes.
Carrying out documentation for tracking network issue symptoms and large-scale technical escalations.
Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-Vlan routing, LAN security.
Worked on the security levels with RADIUS, TACACS+.
Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
Configured switches with port security and 802.1 xs for enhancing customer’s security.
Monitored network for optimum traffic distribution and load balancing using Solar winds.
Implementing new/changing existing data networks for various projects as per the requirement.
Installed and maintained local printer as well as network printers.
Completed service requests (i.e. – IP readdressing, bandwidth upgrades, IOS/platform upgrades, etc.)
Identify, design and implement flexible, responsive, and secure technology services
Handled installation of Windows NT Server and Windows NT Workstations.
Handled Tech Support as it relates to LAN & WAN systems
Upgrade Cisco Routers and Switches IOS using TFTP.
Creation of Firewall policies as per the requirements on ASA Firewalls.
Configured and maintained IPSEC VPN tunnels on ASA Firewalls.
Experience in upgrading IOS on ASA 5500 devices
Implemented Zone Based Firewalling and Security Rules on the ASA Firewall.
Implementing ACLs on ASA firewalls to allow access to remote servers
Creating change tickets according to the scheduled network changes and implementing the changes. Experience in risk analysis, security policy, rules creation and modification of Cisco ASA networks.
Placed access control list (ACL) on inside and outside interfaces on the Firewall.
Experience on ACL, Cluster Firewall, and Experience in VLAN Tunnel optimization.
Yash Solutions, India Aug 2010 - Jul 2011
Network Engineer
Responsibilities:
Configuring/Troubleshoot issues with the following types of routers Cisco (7200, 6500, 4500, 1700, 2600 and 3500 series), to include: bridging, switching, routing, Ethernet, NAT, and DHCP, as well as assisting with customer LAN /MAN, router/firewalls.
Wrote IOS and CAT OS upgrade procedures and Pre/Post checks for customer production upgrades.
Excellent Troubleshooting Skills and Customer Centric approach.
Switches Replace branch hardware with new 2851 routers and 2960 switches.
Implemented Cisco Wireless Access Points and WLC’s at various corporate sites fort 11n Infrastructure and its legacy technologies.
Experience in working with Cisco Nexus 5000 series switches for data center.
Provided estimated bandwidth requirements for data replication, to best determine adequate timing for migration service levels
Configuring HSRP between VLANs, Configuring Ether-Channels, Port Channel on 6500 catalysts
Configuring, managing and troubleshooting networks using routing protocols like RIP, EIGRP and OSPF (Single Area and Multi Area).
Configured OSPF on CISCO devices with multiple routing processes and redistributed them. Tested and hands on experience in multi area OSPF topologies.
Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
Assisted in network engineering efforts consistent with the infrastructure of an Internet Service Provider and support of such network services. Helped in designing and implementation of VLAN for the new users.
Installation and Configuration of various types of Personal Computers and Printers. Installation of different operating systems on Intel based PC's.
Installed Hard disks, Floppy drives, CD Drives, Sound Blaster cards, CPU, Memory, Power supply unit, Network card, Video graphics card, Hard disk controller card on PC systems.
Troubleshooting of personal computers. On line Support to customers concerning their computer problems.
Assisted with troubleshooting all network issues with routers and switches when necessary and consulted with on call tech as needed for client.
Monitor, troubleshoot, test and resolve Frame Relay, ATM, MLPPP, PPP, and Dial-up.
Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550.
Configuring Vlan’s, VTP’s, enabling trunks between switches.
Contact this candidate