Network Engineer Security

Location:

San Antonio, TX

Posted:

February 28, 2017

Contact this candidate

Resume:

Name: Parth Patel

Email: *.********@*****.***

Contact: 201-***-****

Summary

Network engineer with around 7+ years of experience in routing, switching, firewall technologies, system design, implementation and troubleshooting of complex network systems.

Worked on Cisco Nexus 9000, 7000,5000,2000, Catalyst 4500, 6509, 7613 series switch, 6500, 7200VXR, ASR 1002, 1006 router.

Hands-on configuration and experience in setting up Cisco routers to perform functions at the Access, Distribution, and Core layers.

Hands on Experience with Back up, upgrade and restring all OS for future disaster recovery purposes.

Expertise in configuring of MPLS, IP Multicast, VPN, Frame Relay and Policy routing.

Widespread work proficiency in advanced TCP/IP Management, IP Addressing &Subnetting VLSM, Route Summarization, Route Redistribution and NAT/PAT.

Experience with Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewall as per the design

Experienced with route manipulation by using Offset-list and route filtration by using Access-lists, Distribution list and Route Maps.

Good understanding and hands on experience configuring AAA-authentication, authorization, accounting, SSH, Syslog, SNMP and NTP.

Experience in configuration Voice over IP (VOIP).

Expertise in configuring of MPLS, IP Multicast, VPN and Policy Based routing.

Hands on Experience of BGP (EBGP, IBGP) and MPLS (LDP) protocols.

Extensive experience in configuring and troubleshooting of routing protocols EIGRP, OSPF.

Hands on in deployment of GRE tunneling, SSL, Site-Site IPSEC VPN and DMVPN.

Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.

Worked for firewall rule analysis and firewall rules cleanup.

Handled more than 250+ security devices and upgrades.

Configured rules and maintaining Palo Alto Firewalls & Analysis of Firewall logs.

Implemented Palo Alto PA-3050's in HA/VWire configuration for security and web filtering.

Knowledge of Palo Alto firewall, Creating security policies for interzone traffic. Creating NAT policies for hosts to access internet, URL-Filtering to block certain websites.

Experience in configuring rules and Maintaining Palo Alto Firewall & analysis of firewall logs.

Successfully installed Palo Alto PA 3050 firewalls to protect Data Center and provided L3 support for routers/ switches/ firewalls.

Implementing Brand new Cisco ASA Firewalls with updated Security Policies.

Involved in troubleshooting network traffic and its diagnosis using tools like ping, traceroute, Wireshark and Linux operating system servers.

Proficient in Configuring Virtual Local Area Networks (VLANS) using Cisco routers and multi-layer Switches and supporting STP, RSTP, PVST, RPVST along with trouble shooting of inter-VLAN routing and VLAN Trunking using 802.1Q.

Experience with Project documentation tools & implementing and maintaining network monitoring systems and experience with developing network design documentation and presentations using VISIO.

Excellent Verbal, written communication skills and Interpersonal skills with ability to work with large teams as well as independently with minimum supervision & Team Player.

Certifications:

Cisco Certified Network Associate (CCNA)

Cisco Certified Network Professional (CCNP-Switch 300-115)

Cisco Certified Network Professional (CCNP-Route 300-101)

Cisco Certified Network Professional (CCNP-Tshoot 300-135 in progress)

Technical Skills:

Routers: Cisco ASR 1002 / 1006 / 7304 / 7206 / 3945 / 2951 / 2600

Switches: Cisco Catalyst VSS 1440 / 6513 / 6509 / 4900 / 3945 E / 3750-X / Nexus 7K,5K,2K

Firewall: Cisco ASA 5520,5540,5585,Palo Alto

Routing Protocols: OSPF, EIGRP, BGP, ISIS, VRF, PBR, Route Filtering, Redistribution, Summarization, Static Route

Protocols: TCP/IP, IPSEC, IKE, SSL, SSH, UDP, DHCP, DNS

LAN: Ethernet, Fast Ethernet, Gigabit Ethernet

WAN: VPN, IPSEC-VPN, MPLS, ATM, Frame Relay

Redundancy protocol: HSRP, VRRP, GLBP, EBGP

Network Management Tools: Wireshark, Net flow Analyzer, SNMP, HP open view.

Security Server Protocols: TACACS+, RADIUS.

Load Balancers: F5 Networks (BIG-IP) LTM 5050

Operating Systems: Windows Vista, Windows 7/8, Linux

Professional Experience:

Client Name: Tesoro, San Antonio, TX Oct- 2016 – Present

AS a part of network migration team, we started to build a two-new cloud enable datacenter. Major responsibility is to standup core network, migrate all current services from production and shutdown current datacenter.

Responsibilities include software upgrade, license activation, configuring/installing new ASR router 1002, 1006, Nexus switch 9504, 9372, 3172, 2348, ASA 5585 SSP-40, 5585 SSP-20, 5585 SSP-10, F5-5050 and maintaining network documentation.

Experience to troubleshoot and standup various service provider WAN Circuits.

Responsible for enterprise routing, switching, VLANs, Spanning Tree, Trunking, EIGRP and BGP. Responsible for route path control via distribution list, ACL's, redistribution, and route-maps with BGP, and EBGP.

Configure various BGP attributes such as Local Preference, AS prepend, Next-hop, Community, Extended community using route-map

Configured and migrated DMVPN Tunnels from current environment.

Provide connectivity of various network appliances like Voice router, voice gateway, ISE, Answerless controller, Riverbed steel head (WAN optimizer), Infoblox

Experience to provide Network core device connectivity to Big switch, Garland Taps, and Big switch monitor for Network traffic monitoring.

Configured Site Redundancy using EIGRP, IP SLA, and HSRP.

Deployed network tools such as Cisco firepower, Fire eye, Cisco Fire Sight manager, Source Fire, Cisco Prime.

Knowledge of Fiber, Ethernet Infrastructures using Fluke Network Testers

Setup network monitoring and alerts for our network and server devices using SNMP, configure authentication using TACAS+ authentication and NTP setup.

Experience working with design and deployment of MPLS Layer 3 VPNV4(MP-BGP) cloud, Involving VRF, Route Distinguisher(RD), Route Target(RT), Label Distribution Protocol (LDP), Super backbone, SHAM Link, MPLS PE-CE connection troubleshooting.

Actively involved in Switching Technology Administration including creating and managing VLANS, Port security- 802.1x, Trunking 802.1Q, Inter-VLAN routing, ether channels and LAN security on Cisco Catalyst Switches 3800,3900,4507R+E, 6509-E

Switching related tasks included configuring VTP, Inter-VLAN Routing, EtherChannel (LACP & PAgP) and RPVST+ for loop avoidance.

Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point and Cisco ASA 5540,5585

Experience with Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewall as per the design

Worked for firewall rule analysis and firewall rules cleanup.

Handled more than 250+ security devices and upgrades.

Third Party VPN migration from old data center to new data center and a complete Security

Configured rules and maintaining Palo Alto Firewalls & Analysis of Firewall logs.

Implemented Palo Alto PA-3050's in HA/VWire configuration for security and web filtering.

Successfully installed Palo Alto PA 3050 firewalls to protect Data Center and provided L3 support for routers/ switches/ firewalls.

Extensive knowledge working with Service Now ticketing system for incident and change management

Client Name: EBay, San Jose, CA May 2015 – Sep 2016

Network Engineer

As a part of LAN and WAN architecture team, I was responsible for designing, managing, troubleshooting and configuring Layer 2 and Layer 3 network equipment such Cisco routers 7200, 3800, 3700, 2900 and Cisco Catalyst switch series 6500, 4500, 3500XL

Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, configuration, upgrades, patches and fixes with all around technical support in complete LAN development

Good knowledge in configuring and troubleshooting Exterior Gateway protocols such as BGPv4 including internal BGP (IBGP) and external BGP (EBGP).

Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering using Route-maps.

Configured EBGP for CE to PE route advertisement inside the office environment

Switching related tasks included configuring VTP, Inter-VLAN Routing, EtherChannel (LACP & PAgP) and RPVST+ for loop avoidance.

Implemented redundancy / Failover using HSRP

Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls.

Configuring Static EIGRP, and OSPF Routing Protocols on Cisco 2600, 2800, 3600, 3800, 7300 series Routers

Experience working with Nexus 9504,7010, 5548, 5596, 2148, 2248 devices.

Experience with configuring FCOE using Cisco nexus 5548

Experience configuring VPC, VDC and ISSU software upgrade in Nexus 9504

Worked with Cisco Nexus 2148 Fabric Extender and Nexus 9300 series to provide a Flexible Access Solution for datacenter access architecture.

Configuring the Voice VLAN's (VOIP) and Prioritizing the voice traffic over the data traffic

Performing network monitoring, providing analysis using various tools like Wireshark, Solar winds etc.

Configuring F5 Load balancer LTMs and GTMs to isolate traffic from the web servers.

Managed the F5 BIG-IP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.

Responsible for managing activities, Upgrading IOS - Upgrading hardware and installing new devices including standardization for the topology.

Mapped, Network Diagrams and physical identification in MS Visio.

Be on call rotation and provide 24X7 support in that time and handle Office's branches during this timeframe if a network problem occurs.

Client Name: Adobe, Houston, TX May 2014 – Apr 2015

Network Engineer

Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.

Analyzed customer application and bandwidth requirements, ordered hardware and circuits, and built cost effective network solutions to accommodate customer requirements and project scope.

Configuring, Maintaining the Routers and Switches and Implementation of EIGRP, OSPF, BGP routing protocols and trouble shooting

Design and Implementation of complex networks related to extranet clients.

Network consists of Heavy Cisco equipment such as Cisco 356*-****-**** switches, Cisco 650*-****-**** series Layer 3 switches, Cisco 382*-****-**** series routers, Cisco Pix firewall 500 series and Wireless Access points Cisco 1230.

Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for datacenter access architecture.

Installed and configured Cisco routers using routing protocols such as EIGRP.

Managed the IP address space using subnets and variable length subnet masks (VLSM).

Providing technical security proposals, installing and redesigning customer security architectures.

Worked on F5 BIG-IP LTM 8900, configured profiles, provided and ensured high availability.

Worked on F5 and CSM load balancers deploying many load balancing techniques with multiple components for efficient performance.

Configured route policy for BGP and manipulated BGP attributes using route-maps, ACL, AS-Path list, AS prepend per customer requirements.

Configuring and troubleshooting STP, VTP, HSRP and Trunking in enterprise switched environment.

Involved in migration of Frame-relay connections to MPLS based technology with the extranet clients.

Troubleshooting the TCP/IP networks for connectivity, outages and slow network issues and recommended appropriate and cost-effective solutions for the congestion.

Troubleshooting the Network Routing protocols (BGP, EIGRP and RIP) during the Migrations and new client connections.

Involved in meetings with engineering teams to prepare the configurations per the client requirement.

Client Name: Level 3 Communications, Broomfield, CO Oct 2012 – Apr 2014

Network Engineer

Maintain, configure, and analyze network and host-based security platforms.

Configured policy statements, routing instances, route manipulation on OSPF and BGP.

Planning and implementation of IP addressing scheme using Subnetting, VLSM.

Assisted in backup, restoring and upgrading the Router and switch IOS.

Worked with the data center planning groups, assisting with network capacity and high availability requirements.

Configuration and troubleshooting of Cisco Routers such as Cisco 3640, Cisco GSR 12416, 21418(with PRP and RPR processors), Cisco catalyst 6509, 7613 with supervisor cards

Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4.

Good knowledge in configuring and troubleshooting Exterior Gateway protocols such as BGPv4 including internal BGP (IBGP) and external BGP (EBGP).

Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering using Route-maps.

Configured EBGP for CE to PE route advertisement inside the office environment

Worked with multiple customers over a period to enhance their network, resolve and do the RCA (root cause analysis) for in service production problems and create work around for known IOS issues.

Performed load balancing and application level redundancy by deploying F5 BIG-IP LTM 6900.

Configuring VLANs and implementing Inter VLAN routing.

Hands-on experience with WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP/OSPF), and IP addressing.

Layer 2 switching technology architecture, implementation and operations including L2 and L3 switching and related functionality. This includes the use of VLANS, STP, VTP and their functions as they relate to networking infrastructure requirements including internal and external treatment, configuration and security.

Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support

Supporting EIGRP and BGP based PwC network by resolving level 2 &3 problems of internal teams

Documentation of Managed customer database such as IP addresses, passwords, interfaces, network diagram.

Responsible for network availability, network redundancy, bandwidth planning, routing issues.

Client Name: Slim Line Solutions, India Mar 2011 – Aug 2012

Network Engineer

A core member of networking team and provided end client system support.

Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF and BGP.

Troubleshot complex routing and switching issues in a HSRP and GLBP environment.

VLAN design and Implementation for new network requirements, including VLAN bridging and multi-port Trunks.

Responsible for maintenance and utilization of VLANs, Spanning-tree, HSRP, VTP of the switched multilayer backbone with catalyst switches.

Implemented redundant Load balancing technique with Internet applications for switches and routers.

Support Network Technicians as they require training & support for problem resolution including performing diagnostics, & configuring network devices.

Configured and troubleshoot OSPF and EIGRP.

Configured VLANS using VTP protocol and implemented redundancy using STP protocol in switched Network.

Configured Access List (Standard, Extended, and Named) to allow users all over the company to access different applications and blocking others.

Used Network Monitoring tool to manage, monitor and troubleshoot the network.

Back up a Cisco IOS to a TFTP server and Upgraded and restored a Cisco IOS from TFTP server.

Was responsible in IOS upgrade of CISCO switches and routers which are owned by our team.

Configured Cisco IOS Feature Set, NAT and Simple Network Management Protocol (SNMP) for Network Security implementation.

Received inbound calls of technical nature, independently resolved customer complaints, concerns and inquiries regarding their Internet connection.

Contact this candidate