Engineer Network
Nagaraja Hemanth
acyhxj@r.postjobfree.com
Professional Summary:
Over 8+ years of experience as Network Security Engineer working on testing, troubleshooting, implementing, optimizing, and maintaining enterprise data network and service provider systems.
Extensive knowledge in configuring and troubleshooting Interior Gateway Routing protocols (IGRP) such as Link-State routing protocols (OSPF and IS-IS) and Distance Vector routing protocols (RIPv1, RIPv2 and EIGRP).
Knowledge in configuring and troubleshooting Exterior Gateway Protocols (EGP) such as BGP including both internal (iBGP) and external (eBGP).
Knowledge on policy based routers such as cisco routers and Experience in testing Cisco routers and switches in lab scenarios and deploy on site for production.
Good understanding of networking concepts, like Configuration of networks, router configuration, TCP/IP, VPN and wireless security and routing in LAN/WAN, Ethernet Port, Patch Panel, Content Filtering, VLANs and wireless networks.
Knowledge on WAN technologies such as T1, T3, DS3, OCx, SDH, SONET, LTE, Fiber, and Frame relay.
Wide exposure to routing, switching, security, application load balancing, wireless and LAN/WAN setup, installation, configuration and commissioning of network devices.
Extensive knowledge and configuration of Spanning Tree Protocol (STP), Per VLAN Spanning Tree (PVST), Rapid STP (RSTP) and Rapid per VLAN Spanning Tree (PVST+).
Experience in working with Cisco Nexus Switches like 5000 and 7000 series and Virtual Port-Channel configuration.
Experience in configuring high end routers like GSR 12000, 7500 series and catalyst switches like 7600, 6500, 4500 series.
Implemented VDC, VPC, VRF and OTV on the Nexus 5505 and 7009 switches.
Knowledge of IPv4 and IPv6 Addressing, Fixed Length (FLSM) and Variable Length Subnet Masking (VLSM), OSI and TCP/IP models.
Knowledge and configuration of redundant router protocols like HSRP, VRRP and GLBP.
Worked on Cisco Firewalls Cisco ASA 5500(5510/5540) Series and Checkpoint R75, 76 Firewalls.
Played a Responsible Role Check Point and Cisco firewall administration across global networks.
Extensive experience in upgrading, backup and password recovery of cisco IOS.
Experience in Configuring, Managing and Troubleshooting the Cisco Switches/Routers and Juniper Firewall/Switches.
Experience in installing and configuring NAT, DHCP server and DNS in large networks.
Knowledge on implementing F5 BIG-IP load balancer.
Knowledge and Experience on Tier 2 ISP routing Policies and Firewalls.
Experience in installing and configuring Checkpoint NGX R70.
Proficient in installing and configuring Windows Server 2003, 2008, 2012 and Windows XP, 7, 8, 10 Professional Client Operating Systems.
Experience in Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point Gaia R65, R70 & R77, R77.1, and VSX R77.1Palo Alto.
Experience with Firewall migrations from PIX firewall to Cisco ASA and Juniper SRX firewall appliances.
Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 5000 and 2000 for the corporate applications and their availability.
Provides management level reporting of firewall and Intrusion Protection System (IPS) activity on a periodic basis.
Worked on Juniper Net Screen Firewalls like, NS50, SSG 550M, SSG520M, ISG 1000, ISG 200 and Cisco PIX 535, 520, 515, ASA -5500 and 5505.
Knowledge on WLAN operations like design, configuring and deployment.
Experience with Firewall migrations from PIX firewall to Cisco ASA and Juniper SRX firewall appliances.
Excellent interpersonal, communication and organizational skills with the ability to interact effectively with employees at all levels within the organization.
Certifications:
Cisco Certified Network Associate (CCNA) Certified.
Check Point Certified Security Associate (CCSA) Certified.
Technical Skills:
Cisco Routers : Cisco ASR9k, GSR 12000, 7600, 7500, 7200 VXR, 3800, 3700, 2800,
2600 Cisco Catalyst Switches Catalyst 6500, 4000, 3550, 2900
Nexus Switches : Nexus5548, 5596, 6000, 7009, 7018; Cisco Catalyst: 6506, 6509, 4928,
4948, 4507, 4510, 3750, 3560, and 2960
IP Routing Protocols : BGP, OSPF, EIGRP, IGRP, RIP v1 & v2, IS-IS MPLS LDP, MPLS L3
And L2 VPN
Load Balancing : Cisco ACE 4700 series, F5 LTM
Firewalls : Cisco ASA 5500, Cisco PIX 500, checkpoint r60, checkpoint r65
LAN Switching : STP, IEEE 802.1Q, VTP, VLAN & Inter-VLAN routing, QoS
WAN/core : ATM, Frame-Relay, ISDN, PPP, HDLC
Optical infrastructure : SONET OC3-OC192, SDH, POS, PDH
IP Telephony : SIP, H.323, RTP, Voice Gateways, CCM, QoS
Quality of service : CBWFQ, RED/WRED
Wireless Technology : Cisco AP, LWAP, Access Points, WCS
Ticketing software : Connect Wise, Remedy system
Management software : HP open view, Solar winds, PRTG Network Monitor
IPSEC/VPN Configuration : PIX to Router, Router to Router, PIX to VPN wildcard client, Router to VPN
wildcard client, PIX to PIX, fully meshed configurations
Operating Systems : Windows Server/8/7/Vista/XP, Nexus OS, Cisco IOS-XR, Linux, UNIX
Microsoft Office : Visio, Excel, PowerPoint, Word
Capital One, Mclean, VA Nov 2015 to Present
Sr. Network Engineer
Responsibilities:
Performed network implementation that includes configuration of routing protocols, leased lines, ISDN lines, VLANs and IOS installations.
Troubleshot the network issues onsite and remotely, depending on the severity of the issues.
Assist in the design and implementation of security tools, Configure and troubleshoot security systems including the SIEM, anti-virus, application whitelisting tools, firewalls and vulnerability scanners
Provides governance and overall administration of endpoint security controls.
Ensures proper configuration, health, and installation of endpoint security solutions and tuning of said solutions to maintain a positive end-user experience while concurrently protecting the users’ systems.
Configuration and troubleshooting on HSRP, VRRP, GLBP, RSTP, MST related issues coming in network environment
Configuration and extension of VLAN from one network segment to their segment between Different vendor switches (Cisco, Juniper)
Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
Creating Change Management for Router IOS upgrades and downgrades
Configuring Firewall logging, DMZs & related security policies & monitoring
Configuring the Voice VLAN's (VOIP) and Prioritizing the voice traffic over the data traffic
Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP
Configuring and tweaking Core XL and Secure XL acceleration on Check Point gateways.
Configuring VRRP & GLBP and VLAN Trunking 802.1Q, STP, Port Security on Catalyst 6500 switches.
Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience.
Configuring VPN both B2B and remote access SSL and centralized policy administration using Forti Manager, building FortiGate High Availability using FortiGate Clustering Protocol (FGCP).
Responsible for PIX 7.x/8.x ASA 8.x Firewall migration and in place hardware upgrades and Troubleshooting, IOS Security Configurations, IPsec VPN Implementation and Troubleshooting, DMZ Implementation and Troubleshooting.
Ability to build deployment, build scripts and automated solutions using various scripting
languages such as Python and Perl programming languages.
Provide expertise for IT infrastructure, Active Directory infrastructure, solutions, and recommendations and related services.
Configured ASA 5500-X Series firewalls to provide highly secure and high performance connectivity between the site locations.
Performed Network Address Translation on Cisco ASA 8.2 and 8.3
Experience in white listing webpages and blocking webpages with Blue Coat Proxy SG and Blue Coat reporter.
Experience with Juniper Net Screen 520M Firewall and Palo Alto network firewall.
Involved in the redistribution into OSPF on the core ASA firewall.
Troubleshooting and installing of CRS, ISR, GSR, ASR9000 and Nexus 7010 and 7009 devices
Configuring, Monitoring and Troubleshooting Cisco's PIX firewall, ASA 5500.
Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
Responsible for Cisco ASA firewall administration across our global networks
Implementing Cisco Linux access points using LEAP and Cisco Radius for authentication, greatly increasing Wireless security.
Involved in the removal of EIGRP from all devices and making OSPF the primary routing protocol.
Perform the installation and maintenance of VPN gateways, IDS/IPS, proxy servers, firewalls, and load balancers.
Configuring network access servers for AAA Security Using Juniper IC (Intranet Controllers) MAG-SM360, MAG-4610.
Exposure to wild fire feature of Palo Alto.
Configured Site-to- Site IPsec VPN tunnels to peer with different clients and each of client having
different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.
VLAN’s, Private VLAN’s.
Conduct predictive wireless site surveys using Air Magnet Planner, Aruba Visual RF Planner.
Perform new additions (VIPs, Pools, Virtual Servers, and Monitors) to the F5 BigIP LTM load balancer.
Configuring and testing Multicast for both IPv4 and IPv6 routing in Data Environment.
Monitoring and configuring Cisco 7600 routers at data center.
Worked on WLAN authentication methods like Extensible Authentication Protocol(EAP), Pre-Shared Key(PSK).
Configuration of Fabric path and connectivity between Nexus 5K and Nexus 7k
Configuring Cisco iOS ACL and Firewall rules to restrict and allow access to data resources.
Configuring Cisco ASA firewalls in Single and Multiple Context Mode firewalls.
Upgrade of Cisco ASA Firewall in Active/Standby mode with no down time.
Involved in the modification and removal of BGP from the MPLS routers.
Also prepared documentation for various VLAN’s and Voice subnetworks and worked on Visio for the same.
Involved in configuring IP Quality of service (QoS).
Worked on commissioning and decommissioning of the MPLS circuits for various field offices.
Implementing & maintaining tools like Snort (IDS), MRTG, Solar winds products, JFFNMS, Net flow Analyzer, WhatsUP Gold, Smokeping, and NTOP.
Supporting the team for migration work of applications and websites from Cisco CSS Load Balancers to the F5 BigIP Load Balancers.
Worked on Configuration and maintenance the access points through CISCO 4400 WLAN as controller.
Replace branch hardware with new 2851 routers and 2960 switches.
Performed basic security audit of perimeter routers, identifying missing ACL's, writing, and applying ACL's
Manage a very large DNS environment using Lucent QIP and manual management of DNS for DMZ/External servers.
Having Data Center Design Experience, installing and Configuring Network Devices in a Data Center including patching the cables in the Patch Panel. Design and implemented network infrastructure and configured all the network Infrastructure devices including Network Printers and Registers.
Environment: Cisco Routers, Cisco Switches, Nexus 7k/5k/2k Routing protocols, F5, Load Balancer, HSRP, VRRP, IPSEC VPN, VPN, QOS, ASA firewall, Load balancer, MPLS, VLANS, VTP, RSTP, ACL, NAT, IDS/IPS, Monitoring tools (PRTG, HP Open View), SIP, RTP, Catalyst 6500, Cisco ASA Firewall, Check Point.
Vista Print, Waltham, MA March 2014 – Oct 2015
Sr. Network Engineer
Responsibilities:
Experience in developing cloud strategies, roadmaps, architecting (hands-on) new cloud solutions end to end or enterprise level AWS/Azure migrations.
Designing and deploying dynamically scalable, highly available, fault tolerant and reliable applications on AWS.
Migrated complex, multi-tier applications on AWS.
Define and deploy monitoring, metrics and logging systems on AWS supported.
Migrating an existing on-premises application on AWS.
Implementing and controlling the flow of data to and from AWS
Picking the right AWS service for the application.
Monitoring of Infrastructure with Nagios like Firewalls, Servers, Services, Network devices, applications, web portals etc.
Resolution of tickets fresh & pending using Clear Pass for Network management
Selecting appropriate AWS service to design and deploy an application based on Aruba Clear Pass configured with controller.
Establish AWS technical credibility with customers and external parties
Help customers build scalable, resilient, and high-performance applications and services on AWS.
Develop/capture/document architectural best practices for building systems on AWS
Started deploying AWS for Corporate infrastructure managed by Aruba Clear Pass
Experience with configuring Cisco 6500, 4500 series devices for data center environment
Experience configuring Virtual Device Context in Nexus 7010.
Automated network implementations and tasks and designed monitoring tools using python scripting
Configured VLANs with tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
Configuring IPSLA monitor to track the different IP route when disaster occurs.
Configured Site-to-Site IPsec VPN tunnels to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls
Involved in Implementing, planning and preparing disaster recovery.
Having meetings with the application group and gathering requirements for disaster recovery.
Involved in configuring Juniper SSG-140.
Involved in smart view tracker to check the firewall traffic.
Troubleshooting hardware and network related problems.
Troubleshoot remote access services like Citrix NetScaler, Cisco VPN clients and for the users to access their enterprise network.
Stood up the Disaster recovery NetScaler, tested and validated.
Design and create dedicated VLANs for Voice and Data with QOS for prioritizing VOICE over the DATA on Catalyst switches and basic VOIP configurations.
Wide experience in implementing and managing F5 BIG-IP load balancing, including GTM, APM, ASM, and custom iRule development.
Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
Environment: Net Flow, TACACS, EIGRP, RIP, OSPF, BGP, VPN, SUP720, Ether Channels, Cisco 7200/ 3845/ 3600/ 2800 routers, Fluke and Sniffer, Cisco 6509/ 3750/ 3550/ 3500/ 2950 switches, Network edge routers, Switches, WAP, WLC, OSPF, BGP, VLAN, VTP, RSTP, STP (Spanning Tree Protocol), HSRP, IPSEC VPN tunnels, ACL, NAT/PAT, Firewalls (ASA), NetScaler Load balancer Pal Alto, Bluecoat Proxies.
BB&T Bank, Wilson, NC Jan 2013 to Feb 2014
Network Engineer
Responsibilities:
Configuring and troubleshooting WAN links, BGP, QOS for global customers.
Creating base configuration for the leased line and creating service configuration.
Commissioning and de-commissioning of circuits.
Worked on Juniper routers administration and Switches as well as SRX firewall
Deploying PE-CE router configuration, Test & Turn-up, Logical Amend
Activities as per order/service requirements
Provisioning and making changes on BT Global MPLS Platform and its finance vertical
Providing root cause analysis of fault tickets booked.
Implemented L3 SVI's and L2 VLANs, Inter VLAN Routing and HSRP configuration in Nexus on F series module.
Configured Security Policies including NAT, PAT, AAA, ACL's Standard Access Lists, Distribute-Lists, Route-Maps,
VPN Concentrators, IPS/IDS, (PIX, ASA) firewalls. Involved in Configuration of Firewall Access lists (ACL) on checkpoint firewall for the proper network routing for the B2B network connectivity
Configured and troubleshoot on Juniper EX4500 and EX8200 switches
Configured Cisco 7200 routers which were also connected to Cisco PIX 535 security appliances providing perimeter based firewall security.
Cisco IOS and Cisco CatOS configuration and backups, Uploading and download IOS and CatOS using XModem, TFTP and FTP protocols
Implementation and troubleshooting of routing protocols like, OSPF, EIGRP, RIP and IGRP and route redundancy protocol i.e., HSRP
Implementation and troubleshooting of various switching issues related to VLANs, VTP, STP, Port security, ether channels, Inter-VLAN routing.
Well versed with Cisco Hardware including Cisco Router and card types for 1800, 2800,1900, ASR1002,3700, 3800, 7200 series for providing Leased line, Frame-Relay, STM and Ethernet
Tools used IV serve, Classic/Tahiti, COT+, Chameleon, PMF, PNAD, and PPR.
Environment: Cisco 7200, 7204, and 7206 Routers, Switches: Cisco Distribution layer switches such as 4510, 4948, 4507, 7k, 5k and 2k series. Firewalls 5GT, 208, EIGRP, RIP, OSPF, CISCO ASA, DHCP, DNS, SAN, Spanning tree
Deltatec Solutions Pvt Ltd, Hyderabad, India Oct 2010 – Dec 2012
Network Engineer
Responsibilities:
Have ability to install and maintain Microsoft Exchange and worked extensively on different applications.
Created network diagram for employees using the Microsoft Visio.
Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches.
Preparing Client Machines for users with Operating Systems, Software, antivirus and required utilities and mailing clients etc.
Primarily responsible in designing and maintaining the budget for the whole network.
Perform daily maintenance, troubleshooting, configuration, and installation of all network components.
Configuration of CISCO Routers (3600, 4000 Series) and 3550, 4500 series switches.
TCP/IP network planning, Implementation and Management with subnets.
Enabled SNMP traps for our Cacti Monitoring tool to monitor traffic and check the regular health of Servers and Network Devices.
Implementation of Virtual LANs across Routers and Switches.
Implemented and Configured IP Routing Protocols: OSPF, EIGRP, and RIPv2
Implemented and configured LAN Protocols: Ethernet, VLANs, VTP and STP.
Worked with Remedy Ticketing tool in maintaining and keep a track of logs/monitor.
Designed and implemented IP Addressing, Subnetting, Route Summarization and Route Distributions
Monitoring the Servers and Networks.
Environment: LAN, WAN, Subnetting, VLAN, VTP, VPN, NAT, OSPF, BGP, EIGRP
Apex Knowledge Tech Pvt Ltd, Hyderabad, India June 2008- Sep2010
Network Support
Responsibilities:
Provide high level technical support, including identifying and resolving problems on Cisco supported products for E-Commerce infrastructure. This included external routing and internal/intranet routing for DMZ servers.
Implemented cable multi-service operator (MSO) to capture traditional Telco subscribers with IP telephony and provide relevant QOS.
Configured EIGRP, BGP, and MPLS.
Configure Firewall, QOS by SDM and provide security by Prefix list, Access- List and By Distribution List.
Moved Core switches and several non-Cisco devices under strict deadlines to maintain network functionality
Implemented new ultra-secure networks in multiple data centers that included Cisco, Juniper security devices.
Designed VLAN’s and set up both L2 and L3 logical to have it communicate to the Enterprise network.
Scheduled preventive maintenance for fire-protection systems, including new protocols. Utilize MS Windows, Word, and Excel for reporting/documenting process.
Satisfactorily Resolved Problems in timely manner with focus on providing a high level of support for all customers.
Environment: Cisco 2950 switches and Cisco 3825 Routers, EIGRP, BGP, MPLS, VLAN, QOS
Education:
Bachelor’s degree from JNTU in Electricals and Electronics.
Contact this candidate