Sr Network Engineer
Resume:
Santhosh N
Senior Network Engineer
acxs3t@r.postjobfree.com 908-***-****
Professional Summary:
Over 8 years of strong IT experience in Network Engineer tasks such as day-to-day site monitoring and maintenance, infrastructure configuration, network design, network management, security, tier support of network, system installation, system backup and restoration, tuning, quality of service management, security implementation and application migration.
Configuration and Administration of Juniper Routers and Switches.
Strong hands on experience in installing, troubleshooting, configuring of Cisco900x,ASR1k, ASR9k 7200vxr, 3900, 3800, 2900, 2800 series routers and Cisco Catalyst 6500, 4500, 3850T, 3750, 2950 and 3500XL series switches
Extensive experience with Juniper: EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240
Experience working with Cisco Nexus2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for a datacenter access architecture
Performed various configurations using the CISCO SDM like configuring VPN, Security Audits, Firewalls, VLANS
Worked on Riverbed Steelhead Appliance for WAN Optimization
Experience securing and managing remote access using various VPN technologies like IPSec, SSL, and GRE Experienced in handling and installing Palo Alto Firewalls.
Configuring Cisco routers and switches to enable and troubleshoot a variety of features such as trunk, Vlan, Ether channel, port security, routing protocols including EIGRP, OSPF & BGP and other related technologies such as multicasting, IP Telephony & IP Video.
Extensive knowledge and hands-on experience with the latest version 13.3 of JunOS-Space
Worked on Cisco ACE load balancers. Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
Experience multiple storage systems
Troubleshooting Layer 2 issues, Spanning Tree protocol, RSTP, MST, VTP, VLAN on Cisco – 6500 series switches and Juniper EX-4200 switches.
Configuration and maintenance of routers, firewalls, and load-balancers. Included configuration of Juniper ISG 2000, Juniper EX4200, F5 BIG-IP 3600, and Cisco 6500. Includes protocols such as MPLS, BGP, OSPF, and VRRP.
Configuration and troubleshooting on Juniper SRX via Juno space JA2500.
Strong experience in Network security using ASA Firewall, Checkpoint, Palo Alto, Cisco IDS/IPS and IPSEC/SSL VPN, F5 Load Balancer.
Created Operational manual, for Imperva containing responses/actions to alerts.
Experience and Expertise on Cisco Iron ports – WSA S170 (Web Security Appliance) Version: 8.0.6-119, ESA C370 (Email Security Appliance) Version: 8.5.6-074, and M670 - Content Security Management Appliance Version: 8.3.6-028
Hands on experience in troubleshooting and deploying of various IP Routing Protocols EIGRP, RIP v1/2, OSPF, IS-IS & BGP.
Implemented security policies using ACL, Firewall, IPSec, and VPN
Exposure to Blue coat Proxy
Working knowledge of security products such as Cisco ISE
Implemented security policies using ACL, Firewall, IPSec, VPN, AAA Security TACACS+, and Radius on different series of routers.
Knowledge on cisco NCS router.
Experience working with ASR 9000 series switches with IOS-XR
Experience with convert PIX rules over to the Cisco ASA solution.
Responsible for Cisco ASA firewall administration across our global networks
Handled multi-Vendor / platform Security technologies including Firewall, IDS-IPS, VPN, Proxies
Extensive experience with Juniper SRX - Juniper SSL VPN
Extensive knowledge of deploying & troubleshooting TCP/IP, Implementing IPv6, Transition from IPv4 to IPv6, Multilayer Switching, Multicasting protocols, UDP, Fast Ethernet, Gigabit Ethernet, Voice/Data Integration techniques
Strong knowledge of Cisco and Juniper software (IOS/XR and JunOS) and hardware.
Proficient with deployment of Palo Alto firewalls for different NAT, Skype traffic
Ability to manage all phases of network installation and administration.
Experienced working with security issues related to Cisco ASR 9K, Checkpoint and Juniper Net screen firewalls
Well organized, Self-starter, Quick learner, Self-Motivated, Team player with analytical, technical and communication skills.
Certifications:
Cisco Certified Network Associate (CCNA)
Cisco Certified Network Professional (CCNP)
Technical Summary:
Operating Systems
Windows (Server 2003/2008, Vista, Windows 7), Linux OS
Routers
Cisco GSR12016, ASR1001, 2900, 3900, 7200, 7600 & ASR9000
Switches
Cisco 3750, 4507, 4510 & 6500 series switches, Nexus 7010, 5548
Routing
MPLS, OSPF, EIGRP, BGP, RIP-2, PBR, IS-IS, Route Filtering, Redistribution, Summarization, Static Routing
Switching
LAN, VTP, STP (spanning tree protocol), PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switch, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging.
Network security
Cisco (ASA, PIX) 5510, Palo Alto, juniper, ACL, IPSEC VPN, GRE VPN, NAT/PAT, Filtering, Load Balancing, IDS/IPS
Load Balancer
F5 Networks (Big-IP) LTM Module, Cisco ACE 30 load balancer
LAN
Ethernet (IEEE 802.3), Fast Ethernet, Gigabit Ethernet.
WAN
Leased lines 128k - 155Mb (PPP / HDLC), Channelized links (T1/DS3/OC3/OC12), Fiber Optic Circuits, Frame Relay, ISDN, Load Balancing. Various Features & Services: IOS and Features, HSRP, GLBP, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP and FTP Management
AAA Architecture
TACACS+, RADIUS, Cisco ACS
Network Management
SNMP, Solar Winds, HP open view, and Wire shark
Reports & Network Diagrams
Microsoft (Visio pro)
Professional Experience:
Waddell & Reed, Overland Park, KS Mar 2015 – Present
Sr. Network Engineer
Responsibilities:
Interacted with the customers and on call support to troubleshoot the issues
Worked on network analyzing tools like TCP dump, Wireshark
Involved in Implementation, administration: Design / Configuration changes, Defining events/signatures policies and its actions, Logging and Log analysis.
Responsible for maintaining and updating VPN Gateways for ensuring force of latest Security policy to deny all input requests from all non-compliant devices.
Set up multiple wired and wireless LAN/WANs testing TCP/IP Layer 2/ 3 functionality.
Documented all communication with the clients.
Configured and administered Riverbed Steelheads.
Responsible for Check Point and Cisco ASA firewall administration across our global networks.
Responsible for IDS/IPS.
Experience in troubleshooting VLAN, STP (Spanning Tree Protocol) and Switch Trunk and IP subnet issues.
Experienced in Cisco ASR 9k, CRS, Nexus and 7600 series equipment. Also Cisco products such as 3750, 2901 and 2811.
Implemented layer 2 access switching networks with spanning tree and vPC technologies.
Experience with configuring FCOE using cisco nexus 5548
Designed and configured the commands for QoS and Access Lists for Nexus 7K and 5K,9k
Experience in working with Nexus 7010, 5548, 5020, 2148, 2248 devices.
Apply Cisco ISE configuration to switches
Configuring TACACS, LDAP, and RADIUS for Cisco ASA and Palo Alto firewalls.
Worked on WAN connectivity between CISCO routers using T1, T3, Frame relay and troubleshooting connectivity issues.
Performed various configurations using the CISCO SDM like configuring VPN, Security Audits, Firewalls, VLANS.
Involved in the deployment of Cisco Nexus 7k, 5k and 2K along with ASR 9K, 6509s (Sup 720), Cisco 4900, 3750, 2960 switches
Wi-Fi Cisco Access Point and Cisco Wireless LAN Controller configurations.
Configured and supported Cisco Routers/Switches, LAN/WAN Technologies, Ethernet, OSPF, RIP, EIGRP, HSRP, VLAN, VTP, Trunking, Spanning Tree, Frame-relay.
Worked on software based ADC on VMware.
Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools
Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5585 Security appliance
Responsible for Cisco Proxy ESA and WSA.
Everyday performance with the Cisco Iron ports – WSA S170 (Web Security Appliance) Version: 8.0.6-119, ESA C370 (Email Security Appliance) Version: 8.5.6-074, and M670 - Content Security Management Appliance Version: 8.3.6-028
Implementation and Configuration (Profiles, I Rules) of F5 Big-IP LTM-6400 load balancers
Upgraded load balancers from Radware to F5 BigIP v9 which improved functionality and scalability in the enterprise.
Installation and configuration of CISCO VPN concentrators 3000 for VPN tunnel and implementation of SDM for IPSec VPN.
Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
Responsible for excellent customer management/resolution, problem solving and debugging skills with good verbal/written communications and presentation skills.
Everyday performance with the latest version 13.3 of JunOS-Space
Daily responsibilities with Unix Bastion Host loggers and trouble shooting.
Responsible for Arc Sight Logger on a daily basis
Duties related to CyberArc- Privilege Identity Management
OFI Global, Bellefonte PA Oct 2013 – Mar 2015
Sr. Network Engineer
Responsibilities:
Involved in I rule management like loading rules, writing Irule syntax using TCL language
Exposure with deployment of Palo Alto firewalls for different NAT, Skype traffic
Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Palo Alto Next-generation firewall working with PANORAMA.
Create and maintain documentation and diagrams, for troubleshooting and support of wireless network.
Coordinated precise scheduling for all migration events including all equipment and resources for the data center migration on an extremely accelerated schedule with for a high profile client.
Experience with Windows Server 2003
Involved in configuring Cisco routers and switch administration with enterprise level Cisco Routers such as Cisco ASR1004, 7200 series, 3800 series, 3700 series, 2800series, and Cisco catalyst series switches like 6500, 3750 and 4500
Responsible for adding Policies to the SRX 3600
Install and configure Cisco 3600, 3700 series Access Points for wireless implementations.
Experience with Firewall migrations from PIX firewall to Cisco ASA and Juniper SRX firewall appliances.
Provided remote Technical support on implementation of technology using various Juniper Network & Security products and applications and resolve product related issues through research and troubleshooting.
Involved in configuring and troubleshooting Juniper Firewalls including UTM features like anti-virus, deep inspection (IDP), URL filtering and screening.
Configuring Virtual Chassis for Juniper switches EX-4200,Firewalls SRX-210
Troubleshoot traffic passing managed firewalls via logs and packet captures
Integrated web application delivery controller(ADC).
Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
Creating, implementing and testing Citrix NetScaler ADC (Application Delivery Controller) responder
policies in order to meet DDoS defense strategies.
Worked on Converting the Partner IPSEC VPN from one Data Center to Another Data Center
Expertise in installing, configuring and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 series).
Configuration and Installation of Cisco ASR1002, 3845 routers for the migration of branches to new MPLS cloud rollout
Wired and set up access points for wireless connections.
Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
Responsible for NAT traffic flow in the Juniper SRX 3600 and support Juniper Space
Worked on ACE load balancers. Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
Configuration and Administration of Juniper Routers and Switches.
Installation and maintenance of windows 95/98/NT/2000/2003 client operating systems, hardware/software upgrades and network administration.
Extensive experience with Juniper: EX-2200,EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240
Designed, Installed and supported Installation and configuration of office-wide LAN. Installation of windows servers to provide inter-office Email and Shared Internet Access
Installation and configuration of DHCP and DNS servers.
Responsible for Juniper SRX firewall management and operation across our global networks.
Configuring NAT, Dynamic NAT, inside Global Address Overloading, TCP, overload, distribution, Overlapping Address Translation.
Involved in configuring Juniper SSG-140
Identify, design and implement flexible, responsive, and secure technology services
Experience with Firewall Administration, Rule Analysis, Rule Modification
Extensive work on creating VLANs and maintaining VLAN database throughout the network using VTP.
Worked on STP (Spanning tree protocol) to block redundant links for a loop free network
Worked extensively on network testing and troubleshooting.
Extensively worked on creating security Policies and implementation plans for an improved Security solution.
Liberty Mutual, Portsmouth NH May 2012 – Sept 2013
Sr. Network Engineer
Responsibilities:
Implemented and Maintained Routing Protocols EIGRP and OSPF in the Network.
Data center migration was involved in Access, Distribution and Core layers
Experience with design and implementation of Data center migration
Spearheaded meetings & discussions with team members regarding network optimization and regarding BGP issues.
Handled switching related tasks included implementing VLANS, VTP and configuring Fast-Ethernet channel between switches.
Configured Client VPN technologies including Cisco’s VPN client via IPSEC.
Was responsible for designing and implementation of customer’s network infrastructure.
Supported the telephony specialist in the phased migration from PBX based systems to VOIP. Configured separate VLAN for VOIP to implement QoS and security for VOIP.
Designed, Implemented and configured HSRP on different location of office on the switched Network and Managed the Entire multilayer switched network.
Using Cisco switches Catalyst 3750, router 2600, Riverbed, Load balancing, Gateway 3900, IP phone 7940, CUCM, and Wi-Fi Catalyst 6500 Series (WISM) Wireless Services Module and Cisco Nexus 7000, 5500.
Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a flexible Access Solution for Data Center access architecture.
Worked on Routers & Switches: GSR 12000, Cisco2900, 3900, 7200, 7600, ASR 1002, Cisco 6500, 4506, 4510, Nexus.
Experience with Checkpoint Firewall policy provisioning.
Configured and Maintained the Local Network using 2900, 6500 series Switches and 2800 series Routers. Configured and installed the 3600 series Router.
Familiarity with F5 Big IP LTM and Cisco ACE 4710 Load balancers.
Achieved proficient in Adaptive Security Device Manager (SDM) and used it while performing security audit on routers.
Configured Firewall logging, DMZs and related security policies and monitoring.
Designed perimeter security policy; Implemented Firewall ACL’s; Allowed access to specified services; Enabled IDS/IPS signatures in Firewall & fine-tuned TCP & UDP.
Involved in Installing and Configuring a Cisco secure ACS server for AAA authentication (RADIUS/TACACS+).
Used load balancers and load balancing technique with multiple components for efficient performance and to increase reliability through redundancy.
Created effective network security by migrating from Check Point FW-1 NG to ASA 5510 Firewalls.
Configured Cisco 7204 routers which were also connected to Cisco ASA Firewall (5505) security appliances providing perimeter based firewall security.
Implemented Site-to-Site VPNs over the Internet utilizing 3DES, AES/AES-256 with ASA Firewall 5505.
Configured Protocol Handling, Object Grouping and NAT on ASA Firewalls (5505).
Involved in migration from Frame-Relay/ATM network to MPLS-based VPN for customer’s WAN infrastructure.
Troubleshoot latency and throughput issues on MPLS and Dedicated Internet Access circuits.
Computer Science Corporation, India Aug 2008 – Apr 2012
Network Engineer
Responsibilities:
Served as a main escalation point of contact for level II personnel.
Coordinated with higher-level support and external vendors for resolution.
Monitored Network Management System and responded to events, alarms and trouble tickets.
Coordinated and managed events and trouble tickets related to network failures and thus followed by technical support which included problem determination, customer notification and updates with regard to escalation(s).
Migrated from Frame-Relay/ATM network to MPLS-based VPN for customer’s WAN infrastructure.
Run scheduled Virus Checks & Updates on all Servers & Desktops.
Involved in new desktop, laptop and printer deployment as well as service, repair, and inventory management of peripherals, and equipment.
Included network services such as DNS, email, web, Servers, VPN and Firewall.
Juniper: EX-2200,EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240
Configured Nortel LAN 5530 and Nortel Chassis 8606/8610 Switches.
Troubleshooting latency and throughput issues on MLPS and Dedicated Internet Access circuits.
Involved in installation of 3845 series Routers at branch office edge and 7604 series router at the Zonal office Edge. These were the CE equipment for MPLS, configured BGP on CE for route advertisement to PE.
Used load balancers ACE and load balancing technique with multiple components for efficient performance and to increase reliability through redundancy.
Worked with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
Troubleshoot TCP/IP problems; troubleshoot connectivity issues in multi-protocol Ethernet, Environment.
Implemented Site-to-Site VPNs over the Internet utilizing 3DES, AES/AES-256 with ASA Firewall 5505.
Configured Protocol Handling, Object Grouping and NAT on ASA Firewalls (5505).
Involved in migration from Frame-Relay/ATM network to MPLS-based VPN for customer’s WAN infrastructure.
Troubleshoot latency and throughput issues on MPLS and Dedicated Internet Access circuits.
Contact this candidate