Cisco Engineer
Resume:
Professional summary:
Very Passionate Sr. Network Engineer having worked in projects that include Data Center refresh, Campus Redevelopment, Firewall and F5 Installations, with 8 years of experience in routing, switching, Network Security-Next-Gen Firewalls, Load Balancers, Wireless & VOIP systems design, administration and troubleshooting. Excellent communication skills with the ability to interface at all levels. A proactive team player who also can work independently.
Career Highlights:
Configured F5 load balancer and Citrix NetScaler to monitor the network, load balancing and also GLBP, creating a site for web interface for the internal clients. Experience working in complex environments which include Switching, Routing, Network security with perimeter & VPN firewalls, F5 Load balancing & Access policy management, and Wireless LAN Controllers.
Fi analytics from various vendors (Cisco Meraki, HPE /Aruba, D-Link and Netgear)
Knowledge of Cisco Meraki Cloud managed Switches (MS250, MS350, MS410) and SD-WAN (MX 65, MX100, MX400).
Experience with Simulation softwares such as EVE-NG, Cisco Packet Tracer, and GNS3.
Experience working on Cisco ISE for user Authentication, Security Group Tags, MAC based authentication for Wireless and Wired users, 802.1X, EAP, PEAP etc.
Experience working in large-scale environments on L1/L2 troubleshooting, Network Design, IDF and MDF architecture, Datacenter Architecture, Spine Leaf Architecture and support roles, IOS upgrades, downtime procedures, Migration projects to different vendor equipment.
Experience with TACACS/RADIUS severs, migration from ACS and Aruba Clearpass to Cisco ISE. Worked on 802.1X.
Experience working in complex environments which include Switching, Routing, Network security with perimeter & VPN firewalls, F5 Load balancing & Access policy management, and Wireless LAN Controllers.
Experience in installing, configuring, and maintaining Cisco Switches (2960, 3500, 3750, 3850, 4500, and 6500) in enterprise Environment and Nexus 2k, 3k, 5k, 7k and 9k in Data Center Environment.
Expertise in installing, configuring and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 series).
Experience in VSS, VRF, VPC, and VDC technologies. Experience in Gateway redundant protocols HSRP, VRRP, and GLBP. Experience with Access, Distribution & Core Layer Architecture.
Expertise in installing, configuring, and troubleshooting of Cisco Routers (3800, 3600, 2800, 2600, 1800, 1700, 800, ASR 9k) and Juniper Routers (E, J, M, and T-series).
Experience in OSPF, EIGRP, RIP and BGP routing protocols. L1/L2 troubleshooting skills in Routing in complex environments. Worked with MPLS over BGP. Worked on upgrading Edge routers, failing over ISP circuits for maintenance. Knowledge in EVPN, VXLAN, VTEPS. Experience with Cisco ACI.
Configured F5 LTM, series 5000 series for corporate applications and high availability. Implemented LTM and GTM in DMZ and Internal network. Worked on software versions up to 12.1.2. Experience with upgrading software and hotfix. Experience with APM and ASM modules.
Worked on APM module integration with RADIUS server & RSA secure ID for 2-factor authentication.
Proficient in using Solarwinds Network Management tools like Network Performance Monitor (NPM), NetFlow Traffic Analyzer, Network Configuration Manager (NCM) and Cisco Prime.
Proficient using the F5 based profiles, monitors, VIP’s, pools, SNAT, SSL offload, iRules, virtual Servers, IAPPS. Migration experience from ACE to F5.
Experience with manipulating various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
Extensive Knowledge on the implementation of Cisco ASA 5500 series firewalls - 5505, 5510, 5512-X with Firepower module. Palo Alto firewall policies, panorama and Checkpoint firewalls NG, NGX. Experience with converting Checkpoint VPN rules over to the Cisco ASA solution.
Experience with Bluecoat and McAfee Web Gateway Proxies for URL filtering and SSL Decryption, traffic flows from trust to untrusty and vice versa.
Experience with PA 200, 500, 3020 and VM series firewalls for both Internet and internal traffic filtering. Experience with Panorama M100 series and maintaining up to 23 firewalls in large networks.
Experience working with Aruba & Cisco Wireless LAN controllers, Configuring & Provisioning AP’s, Virtual AP’s, RTLS, Wireless SSID’s, remote & campus AP’s, upgrading WLC, worked in Active/Active Local Controllers and Master controller. (Aruba 6000, 7200 controller, Aruba AP65, 70, 124, 85, 125)
Worked on Solarwinds NPM, NCM, IPAM, Windows DHCP and DNS. Infoblox as DHCP and DNS server.
Experience working with Avaya & Cisco VOIP environments - assigning VOICE VLANS, troubleshooting call quality and basic level proficiency in QoS. Worked on DSCP code markings for VOIP traffic.
Involved in troubleshooting network traffic and its diagnosis using tools like ping, trace route, Gigamon, Wireshark, TCP dump and Linux servers. Implementing, Maintaining, Troubleshooting & Implementation of VLAN, STP, MSTP, RSTP, PVST, 802.1Q, DTP, HSRP, VRRP, GLBP, LACP, PAGP, AAA, TACACS, RADIUS, MD5, VTP & SVI.
Enhanced level of knowledge with, PPP, ATM, T1 / T3 Frame-Relay, MPLS. Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, and MPLS QOS.
Experience with H.323 and SIP, Voice VLANS, DSCP marking for VOIP traffic.
Hands on experience with Juniper SRX series firewalls 500 series.
Experience with NAT/PAT, static & dynamic NAT, access lists, security zones, policies on SRX firewalls.
Experience with next gen firewall technology like URL Filtering, SSL Forward Proxy, APP ID, Threat ID etc. on Palo Alto and checkpoint firewalls.
Experience with creating virtual servers and application load balancing, upgrading software versions, redirect rules on NetScaler and migrating from NetScaler’s to F5.
TECHNICAL SUMMARY:
Network Configuration:
Advanced switch/router configuration (Cisco IOS access list, Route redistribution/propagation).
Routing Protocols:
RIP, IGRP, EIGRP, OSPFv2, OSPFv3, IS-IS, BGP v4, MP-BGP
WAN Protocols:
HDLC, PPP
Circuit switched WAN:
T1/E1 – T3/E3/OCX (Channelized, Fractional & full).
Security Technologies:
Cisco FWSM/PIX/ASDM, Palo Alto, Cisco ASA, Checkpoint, Blue Coat proxy server. Port Security, DHCP Snooping, IP Source Guard (IPSG).
Cisco Routers:
Cisco ISR-1000, ISR-4000, ASR-1000, ASR-9000, ASR-5500, Meraki vMX 100.
Redundancy and management:
HSRP, VRRP, GLBP, RPR, NSF/NSR, STP, Wireshark, SolarWinds, SNMP
Physical interfaces:
Fast Ethernet, Gigabit Ethernet, Serial, HSSI, SONET (POS)
Layer 2 technology:
VLAN, VXLAN, HSRP, VRRP, GLBP, STP, RSTP, PVST+, MST, PVLAN, Optimizing STP (Port Fast, Uplink Fast, Backbone Fast, Root Guard, BPDU Guard),
Layer 3 Switching:
CEF, MLS, Ether channel (PAGP & LACP, Load Balancing)
Switches:
Catalyst 9400, 3850, 3650, 2960; Nexus 2k, 3k, 5k, 7k, 9k
Load Balancers:
F5 LTM, GTM, iRules
Network Management and Monitoring:
Wireshark, Infoblox, HP OpenView, Cisco Prime, Splunk, Gigamon, Security Device Manager (SDM), Cisco Works; TCP Dump & Sniffer
Scripting:
Python, Ansible and TCL(F5)
Ticketing Tools
JIRA, CA Service Now
Operating Systems:
Microsoft XP/Vista/7, Windows Servers 2003/2008, Windows MS-Office, Microsoft project server 2013
Certifications :
CCNA (Cisco Certified Network Associate)
CCNP (Routing & Switching)
PCNSE (Palo Alto Networks Certified Network Security Engineer)
Education:
Bachelor of Technology in Electronics and Communication Engineering. GPA – 3.72/4.0
Professional Experience:
Medline Industries, Mundelein IL Jun 2018– Present
Sr. Network Engineer
Role - Worked as a part of network team where my daily tasks included configuring, monitoring and troubleshooting of TCP/ IP networks. Configuring & managing around 500+ Network & Security Devices that includes Cisco Routers & Switches, Nexus Switches, Juniper and Palo Alto Firewalls, F5 BigIP Load balancers, Blue Coat Proxies and Riverbed WAN/MAN Optimizers. Trained in Spine Leaf Architecture.
Key Responsibilities:
Palo Alto design and installation (Application and URL filtering, SSL decryption, SSL Forward Proxy). Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls. Successfully installed PA-5000 series firewalls in Data Center as perimeter Firewalls.
Install and manage Meraki Wireless and Firewall systems.
PCI Compliance auditing with Cisco/Aruba Wireless Security Assessments & also Wireless Site Surveys.
Migration of ASA firewalls to PA next gen Firewalls using migration tool in PA. Migrated all IPSEC tunnels, ACL’s, NAT rules and policies.
Experience working on Cisco ASR 9K, Nexus 7k & 9K. Configured and designed OSPF, EIGRP and BGP at Distribution and Core layers. Configured OTV layer 2 connection between Data centers on Nexus.
Worked on Juniper M, MX, T routers on MPLS VPNs, TE and other advanced service provider technologies.
Troubleshooting of Linux & Unix application delivery servers. Install Dockers, Cisco and HP servers.
Maintain shell scripts for RedHat Linux servers and performed patch upgrades for RedHat Linux servers.
Developed prototype configurations on EVE-NG and GNS3 to evaluate designs, before implementation.
Deployed & maintained various Gigamon devices with GigaSMART– HB1, HC3, HD4, HD8, etc.
Experience with configuring BGP, OSPF in Juniper M and MX series routers. Worked on several BGP attributes like MED, AS-PATH, Local Preference for route optimization. Worked on Route-Reflector, Route-Redistribution among routing protocols.
Experience with AWS integration to On premise datacenter utilizing VPN.
Configured access layer switches in the Cisco ISE lab for implementation testing.
Configured various applications such as De-duplication, packet masking, packet slicing, Netflow, etc on Gigamon devices.
Worked on Open software platform switches like Cumulus on Mellanox and Dell hardware in a POC. Basic Knowledge in Python and Ansible scripting for automation in configuration templates, back-ups etc.
Implementation of Cisco Meraki wireless solutions and the deployment of wireless access points.
Experience with Juniper devices - EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX650, SRX240
Managed AD Domain Controller, DNS and DHCP Servers and configurations.
Installed and configured Meraki (MX80, MX60) Appliance via Meraki MX400 Cloud. Installed and configured Cisco Meraki (MR66, MR74, MR84) wireless Access points in the warehouses.
Worked on Cisco ISE for user Authentication, Security Group Tags, MAC based authentication for Wireless and Wired users, 802.1X, EAP, PEAP etc.
Basic Experience in Automation using iControl and Python v3 for configuration and backups in f5
Exposure to various cloud platforms such as AWS, Azure and GCP.
Design and setup of Aruba Controllers 531, redundant 7211, 3200, 3400 and 6000 series.
Implemented Citrix Access Gateway & Advance Access Control, web interface into Msft Share point portal.
Responsible for the IPAM (IP Address management) system for a very large WAN/LAN network (QIP) using Solarwinds IPAM and Infoblox DNS and DHCP servers. Experience with DHCP scopes, IP reservations, DNS host entries, pointers, delegations, Zones, DNS Sec etc.
Upgraded Gigamon devices, maintained relationship with their support team including software bugs, etc.
Provides expert level security & networking knowledge in the planning, researching, designing, and testing of new technologies for perimeter firewall security, Intrusion Prevention/Protection System (IPS), DNS, DMZ, and Internet Security in support of established Info Security program initiatives for the next 3 years.
Experience in deployment of network monitoring software - SolarWinds and WhatsUp Gold. Worked on Orion (Solar Winds) for mapping network diagrams with commissioned & decommissioned network devices.
Provided operational support for networks & connections TCP/IP, ATM, VOIP(Voice-over-IP) and UCCE.
Configured separate VLAN for VOIP to implement QoS and security for VOIP(Voice-over-IP).
Configured, troubleshoot, and upgraded Checkpoint Firewalls for Manage clients, which included network and/or resource access, software, or hardware problems.
Virtualized and migrated 60+ legacy v10 appliances with over 5000 VIPs and 12000 pools to F5 TMOS v11 vCMP across 2 global data centers, including substantial iRules updates to support the new architecture.
Worked on the implementation of Cisco Meraki Enterprise Cloud Wireless Bridge/Repeater to extend the LAN for multiple buildings.
Security Control assessment for AWS migrations including evaluating the AWS services and recommending additional security controls required.
Aided in troubleshooting potential network issues in rolling out ISE.
Working with leading cloud providers like AWS and GCP to align solutions as per RFPs, RFI.
Used App-Volumes Application to provide efficient solutions for Horizon, Citrix- XenApp and Xen-Desktop, and RDSH virtual environment.
Opened, resolved, or updated Tier II Support tickets for Manage Firewall clients.
Provided Manage Firewall Clients' with regular status reports of their trouble tickets.
Provided systems administration and support, developed effectiveness and manageability of Citrix environment.
AWS VPC design and recommendation of best Security practices.
VPN implement & troubleshoot: IP-SEC tunnels, GRE Tunnels, SSL-VPN on Cisco, Aruba, Juniper
Exposure to AWS Network architecture, including Amazon VPC, VPN and Elastic load balancing.
Worked on Cisco NAC and Cisco ISE to authorize users based on protocols PEAP and EAP-TLS, also manage and monitor user's access privileges.
Analyze and provide courses of action on current as well as emerging security threats like ransomware attacks by research and recommendation of other security solutions to help mitigate network security threats while preventing their outbreak across the network.
Worked on network design improvements using BGP, EIGRP, OSPF, IP metric tweaking and load balancing.
Designing, configuring, and troubleshooting QoS, SIP, H.323, RTP, SCCP, Session Border Controllers, Voice Gateways, Voice circuits IP /TDM, Cisco Telepresence Infrastructure, QoS, NAT, PAT, and multicast.
Worked on Checkpoint Firewall to create new rules and allow connectivity for various Applications.
Implemented Firewall rules and Nat rules by generating precise methods of procedure (MOPs). Responsible for packet capture analysis, syslog and firewall log analysis.
Experience with F5 load balancers LTM & GTM, reverse proxy design & setup. Migration from A10 to F5.
Experience in F5, Cisco ACE 4710. Migration from ACE to F5 and Net Scalers to F5. Worked on critical applications on L4 & L7 load balancing. Experience with Virtual server, Pool, Node, Profiles – TCP, http, https, ftp, fastl4, Persistence – Source IP, SSL, Cookie, SNAT, iRules, iAPPs, SSL offloading.
Experience with F5 GTM and in-depth knowledge of DNS, Global level load balancing, Wide IP’ s, Zones, Prober pools, Delegation from Windows DNS server to listener IP.
High-level network troubleshooting and diagnostic experience using Packet capture tools like Wireshark.
Configured network using RIP, EIGRP, BGP and OSPF protocols and troubleshooting L2/L3 issues.
Regular upgrade & maintenance of Infrastructure, Installing, configuring Cisco Switches (2960, 3500,7600, 3750, 3850 series, 6500 series) Cisco Routers (4800, ASR 9K, 800), Juniper Routers and Firewalls, Nexus 9k,7k,5k & 2k, f5 BIG IP, Palo Alto Firewalls, Bluecoat Proxy and Riverbed Steelhead appliances.
Assist in creating network design standards for hardware and software. Developing and maintain Network Documentation (Visio diagrams, Excel spreadsheets, Word documents, etc.) Configure and troubleshoot network elements in a test/dev environment.
Aruba Hardware: Switches: S3500's, S1200's Wifi Controllers:620, 651, 3200, 3600, 6000(M3) and 7211 Airwave/AmigoPod: 7.5 & 7.6 ClearPass : 6.1Access Points: All current Aruba access points (AP-60 thru AP 175), RAPs and MESH Aps.
Experience with Google Cloud Platform (GCP) for VPC’s.
Experience with TACACS/RADIUS severs, migration from ACS and Aruba Clearpass to Cisco ISE. Worked on 802.1X.
Assisted in IT security audits for clients/customers. Configured and supported Cisco 7500 and 4500 routers.
Experience with configuration of Cisco call manager, Installing and worked on ICM management
Environment: Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800), switches (6500/3750/3550 3500/2950), F5 Load balancing (LTM, GTM, APM, AFM, ASM), EIGRP, RIP, OSPF, Voice Gateways, BGP, VPN, MPLS, Ether Channels, Cisco Catalyst 9k Switches, Firewalls (Cisco ASA, Palo Alto), Cisco Voice (CCM, UCCE), Shell Scripting, Citrix.
Hermes of Paris, NYC NY Oct 2016 –May 2018
Sr Network Operations Engineer
Role - To Work in Enterprise and Data center environment on switching, routing, firewalls (Site to Site VPN tunnels) and VOIP. Worked on Different VOIP systems on network. Worked on Cisco Wireless. Worked on Load balancers in Data center for internal and external applications.
Key Responsibilities:
Worked as part of delivery team where my daily tasks included code upgrades, prefix-list addition, access-list addition using python scripts and on Linux platform based on tickets generated by customers.
Worked on Autopilot, an Automation tool used for code upgrades & configuring new devices at data centers.
Migration of Palo Alto PA-500, PA-3060, PA-5060, PA-7050, PA-7080 from Cisco PIX and ASA.
Worked on BGP routing protocol, configuring BGP sessions and troubleshooting on Nexus 1K, 5K, 7K, 9K, Juniper MX-960 routers and cisco ASR routers.
Installed and maintained production servers for client services (web, DNS, DHCP, mail). Experienced on working with Palo Alto Next Generation firewall with security, networking, and management features such as URL filtering, Anti-virus, IPsec VPN, SSL VPN, IPS, Log Management etc.
Used GNS3 for simulating configurations before deployment.
Aruba ClearPass server build & migration away from Microsoft/Cisco NPS & TACACS solutions
Managed syslog, Solarwinds on various network equipment to monitor, alert, and save network configurations
Worked with the Network planning team on IP allocation scheme for the routers, switches, workstations, phones, APs and various other devices. Used Infoblox, Net MRI, Solarwinds IP monitor and various tools.
Designed perimeter security policy, Implemented Firewall ACL's, allowed access to specified services, Configured Client VPN technologies including Cisco's VPN client via IPSEC
Troubleshooting Cisco routers, APs, Switches, Fortinet Devices and Meraki appliances.
Installed and configured Meraki (MX80, MX60) Appliance via f MX400 Cloud.
Installed and configured LAN/WAN Networks, Hardware, Software, and Telecommunication services- Cisco Routers and Switches like Cisco 3750, 3750 Gig, 6500, Nexus 7k, 9k, ASR 9k etc.
Worked on migration - XenApp 4.5 to XenApp 6.5 - Server 2003 (Legacy) to 2008 R2 (Gen 2) environment.
Experience in Cisco Unified Communication Manager (CUCM), Call Manager Express (CME), Cisco Unity Connection (CUC), Unified Contact Center Express (UCCX), Unified Contact Center Enterprise (UCCE), IM and Presence, SRST and Voice Gateways.
AirMagnent & Aruba Airwave Setup, Maintenance & Troubleshooting. Aruba ClearPass server Authentication: 802.1X, AAA, Policy Management, Guest Access, B.Y.O.D
Responsible for designing securing and managing Dell HP and other networking and server equipment as well as ShoreTel VIOP phones
Managed Cisco Voice Mail Unity servers. Worked in Cisco Routing & switching background w/QOS.
Developed entire frontend and backend modules using Python on Flask Web Framework.
Implementing IPv6 addressing scheme for routing protocols, VLANS, subnetting and mostly during up gradation of cisco ISR routers2800/2900/3800/3900 and switches.
Aruba ClearPass server build & migration away from Microsoft/Cisco NPS & TACACS solutions.
Worked on Cisco wireless LAN technologies and Switching. Configured Virtual server, service groups, Session persistence, Health monitors and Load balancing methods in new F5 and A10 LTMs. Configured WIDE IP and WIDE IP pool on F5 GTM’s to support load balancing between data centers.
Installed & configured Microsoft Proxy Server 2.0 & Infoblox DNS, DHCP and IP Address Management
Worked on Infoblox to update the DNS host and A records to assist the part of the migration.
Assigning RADIUS and TACAS for new deployments in production environment. AAA for users to implement changes on production devices. Most of these devices are cisco propriety.
Worked along with Microsoft operation center for monitoring traffic on the devices going to up-links and divert traffic on to different routes after traffic level reaching threshold value.
Generating audit reports through scripts on various devices to check the L2 issues - link errors, port flapping.
Analyzing the Audit report and work along with Data center teams to check the optics and troubleshoot issues.
Coordinating with Global data center teams and worked with them for troubleshooting L2 issues. Assisting in upgrades, VLANs configurations, in troubleshooting 7, L3 issues and routing protocol issues mostly BGP.
Migration from NetScaler’s to F5 without any downtime.
Documentation of various changes made on devices and submit them for approvals and work along with alerts team and intimate them the changes to be made.
Environment: Routers (Nexus 1K, 5K,7K, Juniper MX-960), switches (6500/3750/3550 3500/2950), F5 Load balancing (LTM, GTM, APM, AFM, ASM), EIGRP, RIP, OSPF, BGP, VPN, Unified Contact Center Enterprise (UCCE), MPLS, Cisco Catalyst Switches, Firewalls (Cisco ASA, Palo Alto), Cisco Voice (CCM, UCCE, UCCX), Citrix.
JPMorgan Chase, Columbus, OH Oct 2015– Sept 2016
Network/Security Engineer
Role –Installation PA firewalls. Worked on Tier 3 Issues. Managed IP subnets, Monitoring. Worked on service now tickets on Network issues in data center and Enterprise. Upgradation of IOS for various equipment on timely basis.
Key Responsibilities:
Implementing security solutions using Palo Alto PA-5000/3000, Cisco 5580/5540/5520, Checkpoint firewalls R70, R75, R77.20 Gaia and Provider-1/MDM.
Configuration and administration of firewalls, which includes Checkpoint, Juniper, and Cisco ASA.
Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for tasteful replication of traffic between active and standby member.
Enterprise and Public Safety Wireless LAN/WAN (802.11, Mesh).
Researched, designed, and replaced Checkpoint firewall architecture with new next generation Palo Alto PA3000 and PA5000 appliances serving as firewalls and URL and application inspection.
Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using Panorama.
Configured & maintained IPSEC and SSL VPN's, implemented Zone Based Firewall and Security Rules on the Palo Alto Firewall. Exposure to wildfire feature of Palo Alto.
Administered Cisco AMP endpoint security infrastructure and monitor endpoints for threats.
Exposure to design and implementation experience primarily on Cisco WSA proxy.
Configuration and Maintenance of Cisco ASA 5580-20, ASA 5540, ASA 5520, ASA 5510 firewalls.
Configure Syslog server in the network for capturing and logs from firewalls.
Monitoring Traffic and Connections in Checkpoint and ASA Firewall. Provided tier 3 support for Check Point and Cisco ASA Firewalls to support customers, Backup and restore Firewall policies.
Manage project task to migrate from Cisco ASA firewalls to Check Point firewalls.
Creating object, groups, updating access-lists on Check Point, apply static, hide NAT with smart dashboard.
Installed and configured high availability Big IP F5 LTM and GTM load balancers like 6600, 6800 to provide uninterrupted service to customer applications and monitoring the availability.
Worked on F5 solutions/support for migration work from Cisco CSS to F5 BigIP Load Balancers.
Configured SNAT, HA on F5 BIG-IP appliances SSL termination and initiation, Digital certificates.
Worked with protocols such as Frame Relay, IEEE 802.11 and VLAN, OSPF and BGP, DNS, DHCP, FTP, NTP, SNMP, SMTP and TELNET.
Provided support for network topologies & connections TCP/IP, ATM, VOIP(Voice-over-IP) and MPLS.
Performs router configurations on Dedicated Internet Access (DIA) and VOIP(Voice-over-IP) products.
Supported telephony specialist in the phased migration from PBX based systems to VOIP(Voice-over-IP).
Configured separate VLAN for VOIP to implement QoS and security for VOIP(Voice-over-IP). Administered network operating infrastructure (broadband, VoIP (Voice-over-IP), MPLS) and managed services (virtual servers, firewall, data storage, and cloud-based voice)
Provide support to help desk for complex network issues. Build rules for apps across IPSEC VPN tunnel.
Follow information security policies, methods, standards, NIST standards, and practices to organize information systems, IT reference material, and interpret regulations.
Monitor Intrusion Detection Systems (IDS) console for active alerts and determine priority of response. Configure and Monitor Cisco Sourcefire IPS for alerts.
Strong understanding of Cisco networking technologies: ASA, IPS, WSA, ACS, VPN.
Environment: Cisco ASA5580/5540/5520, Checkpoint R70, R75, R77.20 Gaia, Palo Alto PA-5000/3000, IEEE 802.11Big IP F5 LTM/GTM, Nexus switches, TCP/IP, VPN, Cisco WSA, Bluecoat Proxy servers, IDS/IPS. SIEM and Monitoring.
Century Link, Denver, CO July 2014 – Sep 2015
Network Engineer
Role – Worked in a NOC team on Layer1/2/3 issues in the network. Worked on various cisco switches and routers. Worked on Firewall rules, VPN tunnels. Includes Cabling and racking.
Key Responsibilities:
Worked on Cisco routers 7200, 3700 and Cisco switches 4900, 2900.
Key contributions include troubleshooting of complex LAN/WAN infrastructure that include configuring firewall logging, DMZs, related security policies, monitoring, documentation and change control.
Create private VLANs, prevent VLAN hopping attacks, mitigate spoofing with snooping & IP source guard.
Installed & configured Cisco PIX 535 series firewall and configured remote access IPSEC VPN.
Enabled STP enhancements to speed up network convergence using Port-fast, Uplink-fast and backbone-fast.
Configured SITE-TO-SITE VPN on Cisco routers between headquarters and branch locations.
Implemented the security architecture for highly complex transport & application architectures addressing well known vulnerabilities and using access control lists on their core & failover firewalls.
Installation & configuration of Cisco VPN concentrator 3060 for VPN tunnel with Cisco VPN hardware & software client and PIX firewall. Documenting and Log analyzing the Cisco PIX series firewall.
Troubleshooting of DNS, DHCP and other IP conflict problems. Used various sniffing tools like Wire-shark.
Hands on experience working with security issue like applying ACL’s, configuring NAT and VPN.
Troubleshoot problems on a day to day basis & provide solutions for problems within their Network.
Part of Network Operation Center NOC offshore support team from India supporting HP Data Center 24x7. L2 support for Cisco PIX and ASA Firewalls.
Schedule changes and work through maintenance requests over weekends.
Perform daily maintenance, troubleshooting, configuration, and installation of all network components.
Assisted in troubleshooting LAN connectivity and hardware issues in the network of 100 hosts.
Maintained redundancy on Cisco 2600, 2800 and 3600 routers with HSRP.
Configuration of CISCO Routers (2600, 2800 Series) and 3550, 4500 series switches.
Creating groups, users and policies in Active Directory.
Troubleshoot and support Cisco Core, Distribution and Access layer routers and switches.
Managed the IP address space using subnets and variable length subnet masks (VLSM).
Point-to-Point, Frame Relay, T3, ATM, WAN, Active Directory, DNS, and DHCP troubleshooting.
Configured BGP for CE to PE route advertisement inside the lab environment.
Environment: Cisco 2600/2800/3700/7200 routers, Cisco ASA, TCP/IP, VLSM, AD, DNS, Switching/Routing.
Virtusa, Hyderabad, India Aug 2011– May 2014
Network Operations Engineer
Role - Worked in an Operations team to support and troubleshoot issues related to switching, routing and Firewalls. Co-ordinate with testing team and deployment team for any issues.
Key Responsibilities:
Responsible for PIX 7.x/8.x & ASA 8.x Firewall migration and in place hardware upgrades and Troubleshooting, IOS Security Configurations, IPsec VPN Implementation and Troubleshooting, DMZ Implementation and Troubleshooting.
Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation.
As part of Security and network operations team I was actively involved in the LAN/WAN level 3 support.
VLAN implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to avoid loops in the network. Trunking and port channels creation.
IOS Upgrades from 7.x to 8.x as well as backup and recovery of configurations.
Worked in a dynamic routing enterprise network environment - OSPF & BGP for external connectivity.
Configured Switches with proper spanning tree controls and BGP routing for business partners using community and as path prepending attributes.
Installed Windows Server 2003, configured IP addresses, network printers and Client Access for PCs.
Administer and support Cisco based Routing and switching environment.
Physical cabling, IP addressing, Wide Area Network configurations (
Contact this candidate