Engineer Network
Resume:
QUALIFICATION SUMMARY:
CCNP (R & S) and CCNA (Security) certified Network Engineer with 7+ years of experience leading, planning, implementing and troubleshooting of Network Infrastructure. Adept at setting goals monitoring work and evaluating result to ensure objectives and operating requirements are met. Capable of implementing and supporting IP data installations, build-outs including security, switching, routing as well as general network support.
TECHNICAL EXPERTIES:
7+ years of experience in designing, deploying and troubleshooting Network and security infrastructure on routers, switches (L2/L3) and firewalls of various vendor equipment.
Deployed and managed Cisco ONS 15454 Multiservice Transport Platform DWDM devices, Cisco CRS-3, ASR9K, 7600, 6500, 4900, 4900M, 515 Series and Juniper EX4500, 4300, MX960 Series routers/switches/firewalls and Cisco 10K, Arris C4 CMTS routers that utilized 10/100Gb Ethernet circuits to provide SSM Multicast/BGP/OSPF/RIP based services to customers throughout National phone/video customers throughout the US.
install, configure, and troubleshoot Cisco CMTS and DOCSIS related devices.
Verify and troubleshoot all Tier-1 type NOC problems.
Implementing and supporting site-to-site IPSec VPNs through Juniper SRX firewalls.
Good experience on deploying and troubleshooting of Nexus (VPC, VDC, OTV, Fabricpath), LoadBalancer (Cisco Ace, Citrix NetScaler and F5), Security (ASA/Palo Alto), Routing (OSPF, EIGRP, BGP), Switching (VLAN, VTP, STP, HSRP, VRRP, GLBP), DMVPN, MPLS VPN and QOS etc.
Worked with the hardware that includes Cisco Nexus: 7K, 3K, 5K, 2K series and ASR (1004,ASR9010, ASR5505, ASR9922 devices). Load Balances: Cisco ACE, Citric NetScaler& F5. Security: Cisco ASA (5505/5510/5540/5585) firewalls, Cisco WSA/CWS, Checkpoint IP Appliance, JUNIPER (110/210/220/550) Firewall, SSL VPN, Palo Alto firewall environments. Cisco Routers: 7200, 3800, 2800, 2600, 2500, 1800 series. Cisco catalyst switches: 6500, 4500, 3750, 3500, 2900 series. Cisco Access Points and WLCs, Cisco ACS, Cisco ISE, IPS, Microsoft TMG,HP switches, switches and firewalls.
Experience working with Blue Coat ProxySG.
Supported migration projects from old Brocade Foundry, Cisco CSS to F5 load balancers V10.x and 11.x.
Implemented security policies using ACl, Firewall, IPSEC, SSL, NAT, PAT, VPN, IPS/IDS, AAA (TACACS+ & RADIUS), CheckPoint firewall R55 up to R70 version.
Expertise knowledge on PALO ALTO Firewalls.
Experience to run independently with Checkpoint and Network Engineering like Routing/Switching and Protocols VPN along with ASA Firewall.
System Administration and with technical expertise in Cisco Environment as well as in Data center, LAN/WAN Security, managing the complete system admin and technical support functions.
Responsible for Checkpoint and Juniper firewall administration across global networks.
Experience in implementing and managing Symantec Data Loss prevention, Network Intrusion detection/prevention system and firewalls within security solutions.
Strong hands on experience in layer-3 Cisco and Juniper based Routing and layer-2 Switching.
Implanted Juniper WX/WXC devices for WAN Traffic acceleration.
Technology and infrastructure consultant for Cisco & Juniper design, implementation projects. Specific task with installations, configurations, support and maintenance of routers and switches.
Experience with design & deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, MPLS QOS.
Configuring Client-to-site VPN using SSL Client Cisco ASA 5540, 5510.
Advanced knowledge in IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols.
Configuration of VTP, VLANs, UDLD, BGP, OSPF, EIGRP, IGRP, RIP, MPLS, TCP/IP, DLSw, GRE tunneling and routing, troubleshooting, monitoring and maintenance.
Troubleshooting and implementation of Vlan, STP, MSTP, RSTP, PVST, 802.1Q, DTP, HSRP, VRRP, GLBP, LACP, PAGP, AAA, TACACS, RADIUS, MD5, VTP, SVI, ATM, SMDS, Frame relay, ISDN circuits.
Comprehensive understanding of networking concepts pertaining to LAN & WAN, information security, IT communication, presentation skills, and maintenance in multi-platform environments.
A liaison between the NOC and Voice Engineering groups for investigating and resolving network issues reported by customers or internal staff.
Implementing and supporting site-to-site IPSec VPNs through Juniper SRX firewalls.
Opening, following-up and closing trouble tickets, via phone or email, acting as a liaison between customers/providers and our NOC Engineer team, working and resolving network problems and testing with customers.
TECHNICAL SKILLS:
Cisco Gear
Nexus7K, 5K, 3K, 2K, Cisco routers(7200VXR.3725, 3660, 2500, 1800 series)
and catalyst switches (6500, 4500, 3750, 3500, 2900 series), ASR
(1004, ASR9010, ASR5505, ASR9922 devices).
Juniper Gear
SRX firewall, MX series
Routing
BGP, OSPF, EIGRP, IGRP, RIP, IS-IS, HSRP, VRRP, GLBP, PBR, Route filtering,
Redistribution, Summarization, Static routing
Switching
LAN, VPN, STP, PVST+, RSTP, Inter VLAN routing & Multi-Layer Switch,
Multicast operations, Layer-3 Switches, Ethernet channels, MPLS, VPLS.
Communication
Protocols
TCP/IP, UDP, DHCP, DNS, ICMP, SNMP, ARP, PPP
Firewall
PIX Firewall 505, Cisco ASA5540 VPN, Cisco WSA/CWS, Juniper(220/550) SRX,
Palo Alto, Check Point
LoadBalancer
Cisco ACE, A10(AX3200-3400),Citric NetScaler, F5 LTM and GTM(Big-IP)
Network Tools
GNS3, Packet Tracer, Putty, Tera-Term, Solar Winds, SNMP, Wireshark
WAN
Leased Lines 64K, Channelized links (E1/T1/E3/T3), ATM, Frame relay
Network Security
NAT/PAT, Ingress & Egress Firewall Design, VPN Configuration, VRF on Routers and Switches, Internet Content Filtering, URL Filtering-Web-sense, SSl, IPSEC, IKE, Static, Dynamic, Reflexive ACL, authentication AAA.
Operating
Systems
Windows, Mac OS X, Linux, Unix
TECHNICAL Certifications:
Cisco Certified Network Professional (Routing and Switching)
Cisco Certified Network Associate (Routing and Switching)
Cisco Certified network Associate (Security)
Juniper network certified Associate (JNCIA-JUNOS)
EDUCATION QUALIFICATION:
Bachelors of Engineering in Electronics and Telecommunications-India
Professional experience:
Cohnreznick, Roseland, NJ (Dec 2015 – Present)
Network Security Engineer
Responsibilities:
Implementing and troubleshooting firewall rules in Juniper SRX 5400, 550, 5600 Checkpoint R77.20 Gaia and VSX as per the business requirements
Install, maintain, support and improve Triple Point Technology, enterprise Data Center and server technologies; essential components of which include VMware, EMC Storage, Watch guard Firewall, Microsoft Windows Server and Active Directory.
Installed/tested/deployed all DOCSIS/CMTS equipment. Primarily consisting of Cisco uBR10K routers and Cisco RF Gateways.
Monitor and analyze data center server infrastructure and related network environment to ensure reliability and resolve technical problems that may arise.
Working experience in Firewall rule implementation/ removals (Juniper, NetScreen, SRX)
Build and support Site to Site IPsec based VPN Tunnels.
Migrate Physical Servers to Virtual Server(P2V) using VMware vCenter Converter Standalone Client.
Site to Site IPsec based VPN Tunnels for all B2B and 3rd party communications.
Support Data Center Migration Project involving physical re-locations.
Cisco ASA Firewall configuration and troubleshooting.
Administration and management of all firewall environments.
Proactively finds potential site issues and take initiative to address them in a timely fashion in a 24x7 Command Center environment .
Isolate and resolve network issues ( Juniper and Cisco routers, switches, CMTS and Security Devices)
Managing VMware infrastructure environment with 227 ESX and ESXi host, 2800 plus virtual machines.
Experience working with IP, Ethernet, SONET, DWDM, DOCSIS, and telephone technologies.
Work on Routing and Switching on the third party segment using Cisco based Routers and switches.
Management of each firewall is done remotely and onsite at client sites.
Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
Checkpoint Firewall configuration and troubleshooting.
Troubleshoot on security related issues on JUNIPER SRX/PIX, Checkpoint and IDS/IPS.
Implemented rules on Juniper SRX 550 at the server farm.
Managed and maintained various web content filtering solutions including Web Sense and Blue Coat. Maintained DNS, DHCP, Active Directory, Replication & other services on the Windows Server 2000 & 2003 network.
Implementation of secure enclaves with Palo Alto and ASA firewalls.
Configuration and troubleshooting on Juniper EX4500 and EX8200 switches and MX series, SRX series universal edge routers.
Worked on Wireless technology including Aruba 6000 controllers with 65 and 70 series APs as well as Cisco Wireless solution (WLSE, WLSM, 1200 series APs), and Blue coat IDZ.
Remote access and site-to-site VPN administration using Cisco ASA/ASR and Palo Alto.
Configuration and implementation of Juniper and Palo Alto firewalls.
Checkpoint policy Implementation, Data and URL filtering.
Site-to-Site IPsec based VPN Tunnels for all 020 Communications.
Working and commenting on global firewall polices.
Provided firewall policy configuration and services with Juniper SRX 240 & 650 service gateways.
Experience working with JUNOS OS on Juniper Routers and Switches.
Migrated Firewall infrastructure from Checkpoint R65 to Netscreen ISG2000.
Worked on Juniper SRX Versions 300, 3400, 3600, 220 implementing new and additional rules on the existing firewalls for a server refresh project.
Upgrade of Juniper firewalls and management servers from SRX 110 to SRX 5400.
Firewall Policy Implementation on Checkpoint R62 and R65 using Provider 1.
Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls (160+ firewalls) - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
Providing input on day-to-day security architecture policies and procedures.
Configuring and administering Viprion (F5) – configuring vCMP guest.
Implement and produce both the supporting documentation and diagrams for the installation of Cisco Nexus 7010, 5548 switches and 2232PP fabric extenders to replace legacy network hardware.
Deploying, configuring, and administering Checkpoint EndPoint firewalls and hands on experience with network protocols.
Expert Level Palo Alto, Check Point and Juniper SRX Firewalls Administrator.
Monitor and report issues for over 100 MSO's troubleshooting RF, DOCSIS and TCP/IP. Monitor and support critical managed network elements using real time alarming network fault notifications via alarm traps.
Upgrading OS on F5 devices within the environment.
Experience with Checkpoint Firewall policy provisioning.
Provide shared support in managing and configuring Lan/Wan environment consisting primarily of Watch Guard Firewall (WatchGuard XTM 830,) and Watch Guard wireless.
Configuring and managing F5 ASM (Application security manager). Develop security policies.
As a second part Worked on a data center project to install AGG network using NEXUS 5k and 2k to provide network for the new Aruba Clear pass infrastructure for Disney world enterprise.
Spearhead the complete spectrum of PCI audits to evaluate network and information security from the perimeter of the network to the infrastructure's internal core.
Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
Project technical lead in “End of life refresh project”, replacing 6509 distribution switches to nexus 5k.
Adding nodes, pools and virtual servers via f5 load balancers.
Provided support for 24x7x365.
Provided Level 1 and Level 2 support to Data center Operations which includes monitoring systems, building and provisioning systems, providing applications support, asset management and participation in Enterprise projects.
Paypal, San Jose, CA
Firewall Engineer (Nov 2013 – Nov 2015)
Responsibilities:
Responsible for managing network & security at the Data center.
Implemented extended ACLs on Juniper SRX and 3750 to allow communication between the required networks, and to restrict other communications.
Responsible for all Juniper SRX firewalls consisting of SRX 3560, 1400, 550. Using CLI and/or Junos Space Security Director for management. Install, upgrade, troubleshoot, design, etc.
Daily problem and determination could involve providing precise direction or support assistance to Field Engineers and Datacenter personnel regarding IBM products, X-Series Servers/ Blade Centers and Lenovo machines.
Upgrade of Juniper firewalls and management servers from SRX 3750 to SRX 6509.
Implementation and configuration of Firewalls Especially Checkpoint and Cisco ASA.
Work on Policy administration of Cisco and Checkpoint Firewalls.
Managing VMware infrastructure environment with 227 ESX and ESXi host, 2800 plus virtual machines.
Troubleshooting end user connectivity issues through the firewalls and network.
Making sure the NAT is applied appropriately on the firewall for all the third party and DMZ traffic.
Real world experience with firewalls from both Cisco and Checkpoint.
Established IPSec VPN tunnels between branch offices and headquarter using Juniper SRX Firewall.
Worked on Checkpoint Provider -1/Smart Domain Manager (R75).
Managing Access list on F5s and check for the ACLs on Firewalls such as CISCO ASA, Juniper, Fortinet-Fortigate.
Manage VM's using VMware virtual center via local and web access
Take care of the Logging issues of the F5 load balancer and how it works with the syslog servers making sure the communications through the switches and routers.
Troubleshooting the issues with the application owners hosted on the F5 environment in the 3- tier environments.
Installed and configured VMware ESX/ESXi server environments on HP servers connected to an EVA 4000, EVA 8000 and P4500 Left-hand.
Installed and maintained Windows 2003, 2008, Windows 7, Sun Solaris OS Ver. 8,9, 10 Red hat 9.0. Built and installed all network equipment in data centers
Installing the F5 TMOS upgrades, Hot-fix installations depending on Business need.
Configured Nexus 7010 including NX-OS Virtual Port Channels, Nexus port profiles, Nexus Version 4.2 and 5.0, Nexus VPC peer links.
LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems).
VLAN's design and implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to avoid loops in the network. Trunking and port channels creation.
Determining the functionality with the DNS naming conventions and migrations from old load balancing environments to the F5 environment both 10.x and 11.x.
Hands on experience with Cisco Nexus 7K, 5K and 2K series equipment including configuration of protocols
Build IT security infrastructure including Checkpoint, Juniper and Palo Alto firewalls.
Responsible for ASA 8.x Firewall and Troubleshooting, IOS Security Configurations, IPsec VPN Implementation and Troubleshooting, DMZ Implementation and Troubleshooting.
Load Balancing with F5 GTM and LTM across multiple data centers.
Analyzed business requirements/requests and developing security rules changes for a variety of juniper firewall products in large, complex data center environment.
Troubleshooting Layer 2 and Layer 3 issues.
Performed Network related testing to ensure that the Juniper Networks products operate correctly
Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience.
Extensive implementation of firewall rules on Juniper SRX 3600, SRX 650 and SRX 220 on a daily basis, using SPACE as well as CLI when needed.
EIGRP static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Transition.
Creating a rule on the checkpoint firewall for a NAT (used ACLs to block unauthorized users) to the VLAN IP and allowing the IPsec traffic.
Successfully installed Palo Alto PA-3060 firewalls to protects Data Center and provided L3 support for routers/ switches/firewalls.
Implemented Positive Enforcement Model with the help of Palo Alto Networks.
Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.
Configuration of Palo Alto Firewall PA-5k and CMS.
DNS, DHCP services configuration and support.
Deployed a Syslog server to allow proactive network monitoring.
Implemented VLANS between different departments and connected them using trunk by keeping one VLAN under server mode and rest falling under client modes.
Configured Client VPN technologies including Cisco's VPN client via IPSEC.
Configured Firewall logging, DMZs and related security policies and monitoring.
Softech Global, India
Network Admin (July 2012 – Aug 2013)
Responsibilities:
Responsible for the installation, configuration, maintenance and troubleshooting of the client's based network.
Installation and configuration of Cisco 6509, Cisco 2960 Switches.
Setup and Configuration of Cisco ASA Firewall.
Provided proactive threat defense with JUNIPER SRX that stops attacks before they spread through the network.
Configuring Remote Access VPN Using IPsec.
Configured RSTP, LACP and VTP on Nexus devices.
Worked with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
Configuring AAA for Cisco Routers and Switches using TACACS+.
Monitoring network performance and Administration of the Network Setup using Cisco LMS and also provided necessary recommendations to improve network performance.
Setup a lab environment for CCNA and CCNP certification programs.
Configuring and Implementing VLANS over the core Switch.
Configured VTP to manage VLAN database throughout the network for Inter-VLAN Routing.
Configured VLANS to isolate different departments and Troubleshoot issues related to VLAN, VLAN Trunking, HSRP failovers and related issues.
Extensive implementation of firewall rules on Juniper SRX 3600, SRX 650 and SRX 220 on a daily basis, using SPACE as well as CLI when needed.
Managed IP addressing and implemented IP Access Lists.
Worked in setting up redistribution, access-lists and dynamic routing.
Tested various BGP attributes such as Local preference, MED, AS-PATH, Community and Weight.
Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering using Route-maps.
Implementation and maintenance by backup schedules as per the company policies.
Configuring IP ACL's over the router to secure the unauthorized access of Network.
Aegis India
Network Engineer (July 2011 – July 2012)
Responsibilities:
Responsible for installation, configuration, maintenance and troubleshooting of client’s network infrastructure Managed fast Layer 3 switched/routed LAN/WAN infrastructure as a part of Network team. The LAN consisted of Cisco 3550/3745/4948 at access layer, Cisco 6500 Series at distribution/core layer.
Design, implementation and operational support of routing/switching protocols in complex environments including BGP, OSPF, EIGRP, Spanning Tree, 802.1q.
Hands-on experience with WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP/OSPF), and IP addressing.
Troubleshoot on security related issues on JUNIPER SRX/PIX, Checkpoint and IDS/IPS.
Created OSPF multi area summarization plan. Created stub, totally stub areas.
Configured routing protocols such as iBGP, eBGP, OSPF, EIGRP and static routing on the routers.
Planned, tested and evaluated various equipment, systems,10S's and procedures for use within the network / security infrastructure.
Handling network devices such as Switches (Cisco Catalyst 2900 and 3500 series), Routers (Cisco 2600, 2800 and 7200 series), Firewalls, Load balancers.
Implemented IP Telephony and Cisco VOIP 7960 phone systems in the company. Implemented Voice VLANS, UDP, SIP, RTP and provide QOS by DSCP and IP Precedence.
Worked in Multi-vendor environment containing Juniper, Cisco routers.
Worked with NOC Support and involved in troubleshooting LAN/WAN issues.
Tested routers and Line Cards using Smart Bits and done Performance Analysis of both LAN/WAN infrastructures.
Maintain service level agreements by maintaining NOC escalation time lines and continuous re-assessment of open issues.
Interacted with business users from a service delivery and service support perspective.
Intelenet Global Services, India
Network Admin (Mar 2009 – June 2011)
Responsibilities:
Configuration, Management, Troubleshooting of Network devices (Routers, Switches).
Troubleshoot Desktop Operating Systems, in addition to Applications/Service, both Standard and Proprietary.
Maintained the Telecommunication Connectivity using DSL and T1 Lines.
Worked on Routers Cisco 2620, Cisco 3750, and Cisco 2950 Switches & Link sys wireless access points.
Maintained complex LAN/WAN networks with several VLANS and provided support for routing protocols.
Managed IP addressing and implemented IP Access Lists.
Configured and troubleshoot VLAN, VTP, STP and Trunks.
Configuring and Maintaining TACACS+ for AAA.
Installing and configuring protocols like TCP/IP and Internet protocols including Local Area Networking, routing and HTTP.
Establishing Root Cause Analysis on NOC events, both internal and external.
Use network management tools to determine the nature of the outage and follow online procedures to resolve the problems.
Customer Focus in problem-solving to troubleshoot issues affecting internal and external customers.
Live the Values, particularly Teamwork in situations which require overtime coverage and various shift rotations
Perform routine tasks to maintain computer equipment and their peripherals to include loading peripheral equipment Such as tapes, hard drives, memory modules, controller cards, and cabling.
References provided on Request.
Contact this candidate