Post Job Free
Sign in

Engineer Network

Location:
Dallas, TX
Posted:
February 17, 2017

Contact this candidate

Resume:

OBJECTIVE:

An able, enthusiastic, skilled, and reliable Network Engineer seeking a position that reflects my experience, skills and personal attributes including dedication, meeting goals, creativity, and the ability to follow through.

My goal is to obtain a dynamic, challenging opportunity that contributes to the outstanding success via 7+ years Information Technology and Networking experience within several industries.

PROFESSIONAL SUMMARY:

•Network Engineer with Over 7+ years of experience in testing, troubleshooting, implementing, optimizing and maintaining enterprise data network and service provider systems.

•Implementation, Configuration and Support of Checkpoint (NGX R65, R70 and R71), Juniper Firewalls (SRX5400, SRX5600, and SRX5800), Cisco Firewalls (ASA 5505, 5506-X, 5585), Palo Alto Networks Firewall models (PA-2k, PA-3k, and PA-5 k).

•Provide scalable, supportable military grade TCP/IP security solutions along with expert TCP/IP network designs that enable business functionality.

•Administration, Engineering, and Support for various technologies including proficiency in LAN/WAN, routing, switching, security, application load balancing and wireless.

•Experience in Proliferating the query performance with modification in T-SQL queries, removing unnecessary columns, eliminating redundant and inconsistent data, normalizing database, establishing necessary joins, creating useful clustered index and non-clustered indexes.

•Worked on Juniper Net Screen Firewalls like, NS50, SSG 550M, SSG520M, ISG 1000, ISG 200 and Cisco PIX 535, 520, 515, ASA -5500 and 5505.

•Responsible for Checkpoint and Cisco firewall administration across global networks.

•Worked on Cisco Catalyst Switches 6500/4500/3500 series.

•Policy development and planning / programming on IT Security, Network Support and Administration.

•Creating Virtual Servers, Nodes, Pools and iRules on BIG-IP F5 in LTM module.

•Experience with Firewall migrations from PIX firewall to Cisco ASA and Juniper SRX firewall appliances.

•Experience with Bluecoat Proxy servers, LAN & WAN management.

•Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.

•Experience with Checkpoint VSX, including virtual systems, routers and switches.

•Experience in Network LAN/WAN deployment,

•Experience with DNS/DFS/DHCP/WINS Standardizations and Implementations.

•Extensive understanding of networking concepts, (IE. Configuration of networks, router configuration and wireless security, TCP/IP, VPN, Content Filtering, VLANs, and routing in LAN/WAN, Ethernet Port, Patch Panel and wireless networks.)

•Configuration of Network and Security devices such as Cisco routers and switches (Cisco 7600/3500/Nexus 7K/5K), Firewall (Checkpoint R75/Gaia and Cisco FWSM), Load Balancers and DNS and IP Manager.

•Administration of production Windows Servers infrastructure that includes Domain Controllers, IIS Web Servers, SharePoint, File and Print and FTP/SFTP servers.

•Proficient in installing and configuring Windows Server 2003, 2008, 2012 and Windows XP, 7 & 8 Professional Client Operating Systems

•Provides management level reporting of firewall and Intrusion Protection System (IPS) activity on a periodic basis.

•24 x 7 on call support.

TECHNICAL SKILLS:

Domain Area

Network Designing, Network Troubleshooting, Network Security, etc.

Networking Equipment

Cisco series routers (2500, 2600, 2800, 3600, 3800, 7200, 7600)

Cisco series catalyst switches (1900, 2900, 3500, 3750, 4900, and 6500)

Juniper MX10, MX 40, SRX5400, 5600, 5800, Netscreen 5400, 6000, 6500

Nexus 1000v / 2000 / 3000 / 5596 / 7018

Juniper EX 2300, EX3300, M7i, M10i, M320

F-5 BIG-IP LTM (3900 and 8900), Blue Coat SG8100, AV 510, AV810

Cisco Aironet 1200/2600/3600

Cisco ASA Firewall 5505, 5506-X, 5512-X

Check Point Firewall GAiA R77

Palo Alto Firewall 7k, 5k series.

Routing and Switching Protocols

Static Routing, RIP V1, V2; EIGRP, OSPF, BGP, MPLS, ACLs, Route Re-distribution and Summarization, VRF

VTP, STP, RSTP, MSTP, VLANs, PAGP and LACP

LAN Technologies

Ethernet/ Fast Ethernet/ Gigabit Ethernet networks, VLANS, VTP, STP (CST, PVST, RPVST+, RSTP), 802.1q, ISL, Ether channel, EVPL, HSRP, VRRP, GLBP, Cisco SLB, GSLB, F5 load balancers.

Wireless, WAN and Cloud Technologies

802.11 Standards, TCP/IP, OSI Layer, Fiber Optics, T1/E1, DWDM, OC192

Amazon Web Services

Airmon-ng

Communication Concepts

VoIP

Monitoring Tools

Platforms

Applications

VPN, Multicasting, IPSEC VPN, TLS, SSL

Cisco IP Phones, Asterisk server, SIP, RTP

Zenoss, Netcool, Solarwinds

Cisco IOS, NX-OSWindows XP, Vista, 7, 8, 10 and LINUX

MS VISIO, MS Office

CERTIFICATIONS:

CISCO CERTIFIED NETWORK ASSOCIATE (CCNA)

CISCO CERTIFIED NETWORK PROFESSIONAL (CCNP)

PROFESSIONAL EXPERIENCE:

Client: Bank of America, Dallas, TX.

Duration: July 2015 – Present

Role: Sr. Network Engineer

Responsibilities:

•Implementing security Solutions using PaloAlto Pa-5000/3000, Cisco ASA, Checkpoint firewalls R75, R77.20 Gaia and Provider-1/MDM.

•Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for stateful replication of traffic between active and standby member.

•Configuring Big-IP F5 LTMs (virtual servers, pools, SNATs, health monitors, irules) and GTM’s for managing the traffic and tuning the load on the network servers.

•Firewall rule base review and fine-tuning recommendation.

•Hands on experience in configuration of Cisco ASA 5000 series firewalls and experience with checkpoints and FortiGate.

•Administration and L3 support of our Infoblox DDI deployment and F5 GTM's and configuring various advanced features (Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, and HA) on F5 BIG IP appliances.

•Experience designing and implementing load balancing solutions for large enterprises working on F5 load balancers and Cisco load balancers.

•Executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.

•Administration Big IP F5 LTM 8900 for all Local Load balancing and configured profiles, provided and ensured high availability.

•Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support

•Configure Syslog server in the network for capturing the log from firewalls.

•Policy Reviewing, Audit and cleanup of the un-used rule on the firewall using Tufin and Splunk.

•Configure and Monitor Cisco Sourcefire IPS for alerts.

•Experience working on Network support, implementation related internal projects for establishing connectivity in various field offices and Datacenters.

•Working with different teams to gather info for the new request and troubleshoot for any connectivity issues by capturing traffic using TCPDUMP and smart view tracker.

•Configuring and troubleshooting site-to-site IPSEC VPN tunnels using Cisco ASA 5540 for third party connectivity.

•Implemented configuration back-ups using WinSCP, cyberfusion to automate the back-up systems with the help of public and private keys

•Documentation involved preparing Method of Procedures (MOPs) and Work Orders. Also creating and submitting Remedy tickets for user auditing.

•Performing URL filtering and content filtering by adding URL’s in Bluecoat Proxy SG’s.

•Working on the network team to re-route BGP routes during maintenance and FW upgrades.

•Co-ordinated and Upgraded F5 LTM’s and Cisco ASA’s IOS images during window time.

•Running vulnerability scan reports using Nessus tool.

•Configure B2B VPN with various business partners and 3rd parties and troubleshoot VPN Phase 1 and Phase 2 connectivity issues including crypto map, encryption domain, psk etc.

•Worked on Blue Coat Proxy SG to safeguard web applications in extremely untrusted environments such as guest Wi-Fi zones.

•Troubleshoot connectivity issues and Monitor health of the firewall resources as well as work on individual firewall for advanced troubleshooting.

•Working on Service now tickets to solve troubleshooting issues.

Client: JP MORGAN CHASE, Jersey City, NJ.

Duration: Dec 2013 – June 2015

Role: Network Security Engineer

Responsibilities:

•Day-to-day work involves scheduling firewall policy provisioning and working with users to identify connectivity related issues and troubleshoot using both Smart Utilities and CLI.

•Managing and administering Juniper SRX and Checkpoint Firewalls at various zones including DMZ, Extranet (Various Business Partners) and ASZ and internal.

•Juniper Firewall Policy management using NSM and Screen OS CLI.

•Troubleshooting Firewall Connectivity related issues using Smart view tracker on Checkpoint, NSM Log viewer for Juniper Firewalls.

•Configure and administer Cisco ASA Firewalls (5585, 5550, and 5540) and use command line CLI, Cisco CSM, ASDM for day-to-day administration.

•Policy Reviewing, Audit and cleanup of the un-used rule on the firewall using Tufin and Splunk.

•Active/Standby and Active/Active HA configuration on Cisco ASA Firewalls.

•Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for stateful replication of traffic between active and standby member.

•Configuring rules and maintaining Palo Alto firewalls and analysis of firewall logs using various tools.

•Experience on ASA firewall upgrades to 9.x.

•Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 5000 and 2000.

•Extensive Knowledge in configuring and troubleshooting as well as creating Virtual Servers, Nodes, Pools and iRules on BIG-IP F5 load balancer LTM for load balancing and traffic management in DC environment.

•Configured Panorama web-based management for multiple firewalls.

•Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.

•Understand the flow of traffic through the Check Point Security gateway cluster and troubleshoot connectivity issues using advanced troubleshooting from Command Line Utilities.

•Build and configure Active/Standby Failover on Cisco ASA with stateful replication.

•Configure and tweak the inspection policies on Firewall to allow legacy application traffic.

•Understand different types of NAT on Cisco ASA firewalls and apply them.

•Firewall policy provisioning on Fortinet FortiGate appliances using FortiManager.

•Support Blue Coat Proxy in explicit mode for users trying to access Internet from Corp Network.

•Troubleshooting connectivity issues through Blue coat as well writing and editing web policies.

•Administration Big IP F5 LTM for all Local Load balancing and use GTM for load balancing across Data Centers.

•FWSM configurations in single/multiple context with routed and transparent modes.

•Support Data Center Migration Project involving physical re-locations.

•24 x7 on call support.

Client: AT & T, Middletown, NJ.

Duration: Oct 2012 – Nov 2013

Role: Network Analyst / Engineer

Responsibilities:

•Designed and implemented Cisco VoIP infrastructure for a large enterprise and multi-unit office environment. Met aggressive schedule to ensure a Multi-office reconfiguration project which was successfully delivered.

•Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.

•Supporting EIGRP and BGP based PwC network by resolving level 2 &3 problems of internal teams & external customers of all locations.

•Expert level skills in Objects creation such as Table, Normalization, Indexes, Stored Procedures, Cursors, Triggers and other SQL joins and query writing.

•Configuring Big-IP F5 LTMs (virtual servers, pools, SNATs, health monitors, irules) for managing the traffic and tuning the load on the network servers.

•Upgrade Cisco Routers, Switches and Firewall (PIX) IOS using TFTP.

•Updated the HP open view map to reflect and changes made to any existing node/object.

•Handled SRST and implemented and configured the Gateways, Voice Gateways.

•Configuring HSRP between the 3845 router pairs for Gateway redundancy for the client desktops.

•Configuring STP for switching loop prevention and VLANs for data and voice along with Configuring port security for users connecting to the switches.

•Ensure Network, system and data availability and integrity through preventive maintenance and upgrade.

•Implementation and Configuration ( Profiles, I Rules) of F5 Big-IP C2400 load balancers.

•Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-Vlan routing, LAN security.

•Worked on the security levels with RADIUS, TACACS+.

•Completed service requests (i.e. – IP readdressing, bandwidth upgrades, IOS/platform upgrades, etc.)

•Identify, design and implement flexible, responsive, and secure technology services.

•Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.

•Performed load balancing and application level redundancy by deploying F5 BIG-IP LTM 3900.

•Configured switches with port security and 802.1x for enhancing customers security.

•Monitored network for optimum traffic distribution and load balancing using Solar winds.

•Validate existing infrastructure and recommend new network designs.

•Created scripts to monitor CPU/Memory on various low end routers in the network.

•Installed and maintained local printer as well as network printers.

•Handled installation of Windows NT Server and Windows NT Workstations.

•Handled Tech Support as it relates to LAN & WAN systems.

Client: DTE Energy, Detroit, MI.

Duration: June 2011 – Sep 2012

Role: Network Administrator

Responsibilities:

•Firewall Clustering and High Availability Services using Cluster XL on Check Point.

•Installed Solar winds Network Performance Monitor with traffic analysis, application & virtualization management, configuration management and other modules additionally installed. Tuned modules, customized the specific platforms used and trained staff. Support other smaller customer sites on similar analyze-recommend-implement site-wide upgrades and troubleshoot issues.

•Firewall Policy Provisioning and troubleshoot connectivity issues through firewall.

•Configuring and tweaking Core XL and Secure XL acceleration on Check Point gateways.

•Troubleshoot User connectivity issues on Checkpoint and Cisco ASA using CLI utilities.

•Packet capture on firewalls and analyzing the traffic using Wire shark utilities.

•Troubleshot Clustering issues on Check Point and Sync issues monitoring and fix.

•Upgrade of Checkpoint Gateways in Cluster with Minimal downtime.

•Vulnerability Management using Security Information & Event Management

•Implemented Active/ Standby HA configuration on Cisco ASA Firewalls.

•Monitoring network platforms include IBM Tivoli Netcool management systems, Siebel CRM, WebTop, utilizing HP Service Manager 9 logging tools.

•Configuring Cisco ASA firewalls in Single and Multiple Context Mode firewalls.

•Network design and administration experience.

•LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems)

•Vlan design and implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to avoid loops in the network. Trunking and port channels creation.

•Working with OSPF as internal routing protocol and BGP as exterior gateway routing protocol.

•Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation on Cisco ASA Firewalls.

•Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay).

•Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.

•Documentation and Project Management along with drawing network diagrams using MSVISIO.

Client: Volcano Corporation, San Diego, CA.

Duration: Dec 2009 – May 2011

Role: Network Engineer

Responsibilities:

•Responsible for PIX 7.x/8.x & ASA 8.x Firewall migration and in place hardware upgrades and Troubleshooting, IOS Security Configurations, IPSec VPN Implementation and Troubleshooting, DMZ Implementation and Troubleshooting.

•Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation.

•As part of Security and network operations team I was actively involved in the LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems)

•VLAN implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to avoid loops in the network. Trunking and port channels creation.

•IOS Upgrades from 7.x to 8.x as well as backup and recovery of configurations.

•Work in an enterprise network environment with dynamic routing using OSPF and BGP for external connectivity.

•Configured Switches with proper spanning tree controls and BGP routing using community and as path prepending attributes.

•Install Windows Server 2003, configure IP addresses, network printers and configure Client Access for PCs.

•Work with BGP routing protocol for communication with business partners and influence routing decision based on AS Path Prepend and other attributes.

•Administer and support Cisco based Routing and switching environment.

•Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay).

•Implemented VLANS between different departments and connected them using trunk by keeping one Vlan under server mode and rest falling under client modes.

•Configured Client VPN technologies including Cisco’s VPN client via IPSEC.

•Configured Firewall logging, DMZs and related security policies and monitoring.

•Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.

Education: Bachelor of Science (Computer Science), 1997.



Contact this candidate