Technical Support Network Engineer
Resume:
Mohit Kumar
Sr. Network Engineer
*******.****@*****.*** 908-***-****
Professional Summary:
* **** ***** ** ********** in Networking, Security, System Engineering and Wireless Communications.
Hands-on experience in providing network support, installation and analysis for a broad range of LAN/WAN/MAN communication systems.
Professional experience in Network engineering, performing Network analysis, design, implementing, capacity planning with focus on performance tuning and support of large Networks.
Strong Knowledge in WAN technologies including T1, T3, ISDN, HDLC, Point to Point, ATM and Frame Relay.
Working experience with deployment of Pa-5000 series Palo Alto firewalls.
Implemented zone based firewalling and security rules on the Palo Alto Firewall.
Have knowledge on various advanced technologies like VOIP, SIP, QOS, IPv6, Multicasting, and MPLS.
Hands on Experience configuring and testing F5 iRules using Browser(IE), HTTP watch.
Support customer with the configuration and maintenance of PIX and ASA 5585-X firewall systems and Checkpoint firewalls.
Experience configuring Virtual Device Context in Nexus 7010.
Troubleshooting on network problems with Wireshark, identify problem and fix.
Identify, design and implement flexible, responsive, and secure technology services.
Strong hands on experience on Cisco Routing, Switching and Security with Cisco hardware/software Cisco Catalyst 6500, 4500, 2900, 3500, 3750 XL series switches, Cisco 1800, 2500, 2600, 2800, 3600, 3800, 7200 series routers.
Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIXsecurity appliance, Failover DMZ zoning andconfiguring VLANs/routing/NATing with the firewalls as per the design.
Experience with converting PIX and Checkpoint firewalls over to the Cisco ASA solution.
Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches.
Experience setting up IPSEC VPN between ASA Firewall and Router 3800.
Strong work experience with the following technologies MPLS, QoS, L2VPN, Multicast, and IPv6.
Experience in implementation, support and trouble shooting of VLAN’s including operational knowledge of spanning tree protocol (STP), VLAN trunking, inter VLAN routing and ISL/802.1q.
Provides technical leadership for problem escalation and resolution.
Responsible for advanced troubleshooting skills and experience in resolving complex network problems.
Experience working with Nexus 7010, 5020, 2148, 2248 devices.
Experience configuring SDH and SONET in the WAN environment.
Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers.
Extensive knowledge and troubleshooting in data communication protocols and standards including IEEE802.3, Token Ring, TCP/IP, Cable Modem, ADSL, PPPOE, Multilayer Switching, DoD Standards, Voice & Data Integration techniques & standards such as SIP andIP Routing Protocols RIP, OSPF, EIGRP and BGP.
Extensive and in-depth knowledge in Security, including VPN, IPSEC and GRE.
Strong interpersonal, organizational communication, customer service & presentation skills.
Experience working with troubleshooting WAN circuits like, T1, DS3, OC3, OC-12, OC 192 Circuits.
Experience in monitoring and analyzing the load balancing of network traffic using KIWI Solar Winds.
Technical Skills:
LAN Technologies
Ethernet, Fast Ethernet, Gigabit Ethernet, LWAPs.
WAN Technologies
HDLC, PPP, Frame Relay, Channelized links (E1/T1/E2/T2).
Routing Protocols
OSPF, EIGRP, BGP, RIP v1/v2, PBR, Route redistribution, Route filtering, Summarization, Static route.
Routers dealt with
Cisco 7606, 7609, 3845, 3660, 2921, 2691, 1812, Juniper MX series and T series routers.
Switching Technologies
VLANs, Inter VLAN routing and Port Channels, VTP, Spanning Tree Protocols like PVST+, RSTP+, Multi-Layer Switching, Port security, VSS, CEF and DCEF.
Switches dealt with
Nexus 5548, 5596, 56128P, 6000, 7009, 7018; Cisco Catalyst: 6506, 6509, 4928, 4948, 4507, 4510, 3750G, 3750X, 3560, and 2960.
Network Security Technologies
ASA 5550/5540 Firewalls, Juniper SRX Firewall, PaloAlto firewall PA 200, 3000, Check points, Access Control Lists, IPsec, IDS, and IPS.
Load Balancers
F5 Network (Big-IP) LTM 8900 and 6400.
Redundancy Protocols
HSRP, GLBP, VRRP.
NEXUS Features
VDC, VPC, VRF, FEX, Fabric Path, F & M Series line cards.
VPN Technologies
GRE Tunneling, Remote Access VPN, Site-to-Site VPN.
Operating Systems
Windows (98, ME, 2000, XP, Vista, Windows 7, 8.1), Linux.
Microsoft tools
Microsoft Visio, Microsoft office.
Professional Experience:
Restoration Hardware, Pleasanton, CA. Oct 2015 - Present
Sr. Network Engineer
Responsibilities:
Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K, 2k and its downstream devices.
Experience in Configuring, upgrading and verifying the NX-OS operation system.
Experience with converting 6500 to Cisco Nexus in the data center environment.
Converting CatOS to Cisco IOS Config Conversion on Access, distribution & Core layer switches.
Experience working with Nexus 7010, 5020, 2148, 2248 devices.
Experience configuring Virtual Device Context in Nexus 7010.
Configuration of Cisco 6500 (Sup 720), 4500 (SUP 6) & 3750 Catalyst Switches for network access. Worked extensively on Cisco Firewalls, Cisco PIX (506E/515E/525) & ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.
Configured and maintained IPSEC and SSL VPN’s on Palo Alto Firewalls.
Detailed knowledge of critical routing and switching features such as Class of Service/Quality of Service, Traffic and Performance Engineering, High Availability, and IP Services such as FTP, NAT/PAT, and NTP
Configuring, Installing and troubleshooting on Check Point Devices.
Good knowledge on Intrusion Detection and Intrusion Prevention System.
Policy Building using IDP.
Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network.
Configured OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
Configured CIDR IP RIP, PPP, BGP, MPLS and OSPF routing.
Configured F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
Worked on migrating the LTM 5100 version 9.2 to 5100 LTM version 9.4 and F5 GTM configurations.
Worked on updating pools, members and nodes using the GUI interface for the local traffic managers.
Cisco IPT Migration Projects from legacy PBXs with Nortel.
Involved in iRule management like loading rules, writing iRule syntax using TCL language and iRule extension to TCL.
Worked on updating the SSL certificates to the application URL using the F5 LTM and F5 GTM.
Working with Network Design and implementation teams on various projects across North America.
Experience with manipulating various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
Experience in network security in a telecommunications environment.
Configuring RIP, Static routing, BGP, OSPF on Juniper M and MX series routers.
Identify, design and implement flexible, responsive, and secure technology services.
Deploying and decommissioning of Cisco Routers, Cisco switches and their respective software upgrades.
Performing the Firewall ACL requests change for various clients by collecting source and destination details.
Performing troubleshooting on slow network connectivity issues, routing issues that involves OSPF, BGP and identifying the root cause of the issues.
Configure Corporate, Wireless and Lab Devices which includes Bandwidth Upgrade, Adding New Devices, Decom the Devices, Testing(Pilot).
Developed Visio Documentation to give complete picture of network design for each building.
Experience with configuring OTV between the data centers as a layer 2 extension.
Understand the JUNOS platform and worked with IOS upgrade of Juniper devices.
Configuration and extension of VLAN from one network segment to another segment between different vendor switches (Cisco, Juniper).
Configuration & troubleshooting of routing protocols: BGP, OSPF, EIGRP, RIP, BGP v4.
Implemented DHCP, DNS configuration on the servers to allocate, resolute the IP addresses from subnet.
Hands on Experience testing iRules using Browser(IE), HTTP watch, curl, Scripts (shell/batch file/perl) and host files.
Dealt with creating VIP (virtual servers), pools, nodes and applying iRules for the virtual servers like cookie persistency and redirection of URL and F5 ASM cookies issues and configures ASM policies.
Experience working with Juniper Routers (MX960, MX480, M320) and Switches (EX2400, QFX Virtual Chassis Switches) with BGP, OSPF, VSTP, MST layer 2 and layer 3Technologies.
Environment: Cisco 6500 (Sup 720), 4500 (SUP 6) & 3750, 6500 switches and Nexus 7010, 5020, 2148, 2248, Palo Alto 5K, Cisco ASA5510, Checkpoint windows server 2008/2012: F5 BIGIP LTM.
CVS Healthcare, Woonsocket, RI. May 2014 – Sep 2015
Network Engineer
Responsibilities:
Expert working knowledge including the ability to setup, configure, upgrade, manage and troubleshoot Cisco routers, switches, VPN concentrators, firewalls, 802.11 wireless access points and load balancers.
Designed and implemented security systems including various Cisco IOS ACLs, Context-Based Access Control, PIX Firewall (PIX 506, 515), Network Intrusion Detection Systems, AAA Cisco Secure Access Control Server (Radius/TACACS+) and Linux syslog servers. Planned, configured and operated IPsec VPNs.
Involved in installing Hardware network devices such as Cisco switches, routers and Wireless access points at MBUSA location sites.
Involved in Configuring and implementing of Composite Network models consists of Cisco7600, 7200, 3800 series and ASR 9k, GSR 12K routers and Cisco 2950, 3500, 3550, 3750, 5000, 6500 Series switches.
Worked on ASA 5505, 5510 models and migration from PIX to ASA.
Managing intrusion detection system (IDS) and intrusion prevention system such as NSM, Tipping point
Worked on Cisco ACE load balancer for minimizing traffic congestion.
Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices.
Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
Worked on configuring and supporting Cisco ASA, Checkpoint, Juniper firewalls.
Experienced on working with Checkpoint R75/R77 & Juniper firewalls such as installing/deleting and troubleshooting the networks.
Coordinated installations and followed up with project managers and end users to ensure acceptable system/network performance once changes were completed.
Troubleshooting on the network issues using firewall logs, Running TCP DUMP.
Configuring and troubleshooting Cisco Iron port proxies S670-series.
Installed ESX devices on Nexus cluster and creating port-profiles for the VMWARE platform.
Understanding of QOS technologies (L2 QOS, L3 QOS, LLQ, CBWFQ, Policing, Traffic Shaping).
Worked on Hardware replacement (EOL devices), Upgrading IOS images according to company standards.
Worked with Business partners to gather the requirement and adding new IPsec tunnels on cisco VPN concentrator.
Worked experience on Daimler tools like CISM (ITIL ticket system), Monitoring portal, QIP (reserving IP addresses).
Responsible for infrastructure documentation being updated and accurate when infrastructure changes are made for requests, initiatives, and projects.
Provided on call supports 24/7 and worked in NOC (Network operations center).
Environment: Cisco routers 3900, 7200 and 7500; Cisco cat 6500, Nexus 5K, Nexus 7K, Cisco ASA 5540 firewall.
Federal Home Loan Bank, Des Moines, IA. Aug 2012 – Apr 2014
Network Engineer
Responsibilities:
Performed basic security audit of perimeter routers, identifying missing ACL’s, writing and applying ACL’s.
Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trunking, deployed port security when possible for user ports.
Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed.
Secured Internet connections using Cisco IOS IPS perimeter routers.
Writing iRules defining criteria for selection of pool-members containing servers performing protocol support, content transformations.
Configuration and troubleshooting link state protocols like OSPF in multiple areas.
Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst 6500switches.
Optimized performance of the WAN network consisting of CISCO 3550/4500/6500switches by configuring VLANs.
Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers.
Configured IP access filter policies.
Providing Technical Support and solutions for Network Problems.
Implementing NAT solution's on Cisco IOS routers.
Successfully installed Palo Alto PA 3060 firewalls to protect Data Center and provide L3 support for routers, switches and firewalls.
Defining profiles for Application, Session, Protocol and Authentication profiles which has the settings that define the behavior of the individual applications.
New approach & design include termination of all existing & upcoming new GRE over IPSEC tunnels to Cisco 7200vxr router series located in data center.
Worked as part of a team for Cisco Product Support. Troubleshooting by providing relevant knowledge base articles and other information.
Network solutions for complex networks for VAR (Value added resellers) users of Cisco.
Configured & maintained LAN, WAN, VPN, WLAN, and Firewalls on Cisco Routers for end users.
Configuring MPLS, VPN (IPSEC, GRE) in VPN concentrators and QOS in integrated networks (Data, Voice, and Video).
Installed and configured of Juniper J-Series (J2350) and M-Series(M10)routers.
Installed and configured the ACE and CSM for firewall/Server Load balancing for Cisco Catalyst switches.
Configuring IPS, IDS, VLAN, STP, Port security, SPAN, Ether channel in Cisco Composite Networks.
Configured routers and modems, troubleshot issues related to broadband technologies for Residential and Business Customers.
Configured & Maintained Cisco 2600, 2800, 3200 series routers including IOS upgrades.
Prompt technical support to customers on routers and switches.
Secured Internet connections using Cisco IOS IPS perimeter routers.
Deployed a Syslog server to allow proactive network monitoring.
Performed basic security audit of perimeter routers, identifying missing ACL’s, writing and applying ACL’s.
Worked on WAN Accelerator “River Bed “for optimization of the bandwidth and file sharing on the WAN Circuit.
Used “River bed” for Data Protection and Disaster Recovery for securing the backups and archives on WAN.
Responsible for the Global design, engineering, and level 3/4 support of existing network technologies/services and the integration of new network technologies/ services.
Familiarity with standard network protocols - LACP, STP, RSTP, VRRP, 802.1x.
Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP.
Substantial lab testing & validation prior to implementation of new technologies.
Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate Authority for purpose of scaling.
Configured, installed, & managed DHCP, DNS, & WINS servers.
Experience with Firewall Administration, Rule Analysis, Rule Modification.
Troubleshoot traffic passing managed firewalls via logs and packet captures.
Environment: Cisco 3550/4500/6500 switches and Cisco 2500, 2600, 3000, 6500, 7500, 7200 routers, Palo Alto, Checkpoint Firewalls.
Tech Mahindra, India. Mar 2010 – Jun 2012
Network Engineer
Responsibilities:
Responsible for Design, integration, configuration, maintenance, performance monitoring and security of network infrastructure including local area networks (LAN), wide area networks (WAN), firewalls, DHCP, DNS.
Installing the Network devices in datacenter environment and clearly articulate complex network designs and drawings through documentation ( Visio) as well as verbal training sessions.
Experience in Configuring Site-to-Site and Remote Site VPNs, NAT/PAT policies.
Managing Cisco Secure ACS for TACACS+, RADIUS authentications.
Monitoring customer data networks and providing fault isolation and remote troubleshooting.
Experience on designing and troubleshooting of EIGRP routing issues.
Responsible for the management of network at the client environment.
Supporting and performing projects for the client WAN environment at a global level.
Implementation of network system upgrades and modifications including planning, testing, scheduling and coordination. Ensures that change management and defined security procedures for all network systems are executed in accordance with customer policies and procedures.
Interacting with Carriers for installation of new WAN circuits at Customer premises and make sure circuit installed with no issues and ready to use before users move in to the branch.
Providing Teir-3 technical support for LAN/WAN issues and on-call for technical escalation on a rotational basis (Remedy Ticketing system). Well experienced in troubleshooting bug related issues with help of Cisco TAC service.
Providing networking services coordinate tasks and ensure their execution and documentation in accordance with established corporate standards.
Environment: Cisco 6500, 3560, 3750, 2950, 4500 series switches; 3800, 2600, 2800, 1800 routers, CiscoWorks.
Sonata Software, India. Sep 2008 – Feb 2010
Network administrator
Responsibilities:
Managed the LAN Switching Environment including creating and maintaining VLANs, STP, Trunking, Port Security, Vlan Security etc.
Assisted in migrating existing server and network infrastructure from HQ to a data center for optimal functionality and management.
Involved with the Systems team to Install, configure, & maintain DNS, DHCP on Windows 2000/2003 Server, also configured a FTP server; Installed configured & maintained MS Exchange Server.
Set up and troubleshoot secured wireless access points for broadband Internet.
Involved in configuration of WAN connection using a 3600 series Router and Frame relay method.
Implementation of NAT with a pool of 2 public IP addresses.
Responsible for Internal and external accounts and, managing LAN/WAN and checking for Security Settings of the networking devices (Cisco Router, switches) co-coordinating with the system/Network administrator during any major changes and implementation.
Designed and implemented an IP addressing scheme with subnets for different departments.
Support a video conferencing network of distributed video units across U.S. and optimize the network infrastructure over which they run.
Install and maintain voice, video and data communications infrastructure systems and cabling.
Used various Network sniffers like Ethereal, TCP dump etc.
SNMP network management using MRTG and Cisco works. Participate in 24 x 7 incident & problem support.
Contact this candidate