Subash

Senior Network Engineer

Email : aczkep@r.postjobfree.com Contact : 908-***-****

Summary:

Implementing IP addressing schemes, LAN/WAN protocols, IP Services, to fulfill network requisites in different environments.

Hands on experience in configuring Cisco Catalyst 2960, 3750, 4500, 6500 series, and Cisco 2600, 2800, 3600, 3800, 7200, 7600 series routers, Cisco Nexus 7000 series, 5000 series, 2000 series data center switches, Juniper EX/ MX/ SRX series.

Comprehensive expertise in the implementation of optimization, analysis, troubleshooting and documentation of LAN/WAN networking systems.

Worked extensively on Cisco Firewalls Cisco PIX (506E/515E/525) & ASA 5500(5510/5540) Series.

Implemented redundancy with HSRP, VRRP, GLBP, Ether channel technology (LACP, PAGP) etc.

Implemented traffic filters using Standard and Extended access-lists, Distribute-Lists, Route Maps and route manipulation using Offset-list.

Hands on in deployment of GRE tunneling, SSL, Site-Site IPSEC VPN and DMVPN.

Managed inventory of all network hardware, Management and Monitoring by use of SSH, Syslog, SNMP, NTP.

Strong experience on Juniper SSG series Firewalls and Checkpoint R75, 76 Firewalls.

Experience with F5 load balancers - LTM, GTM series like 6800 and 8900 for the corporate applications and their availability.

Experience in Installing & configuring firewalls Cisco ASA, Cisco PIX, FWSM, Palo alto PA-2000, PA-3000, PA-5000, Panorama, Checkpoint NGX R70, R75, R77 Gaia, Provider-1 and VSX.

Experience in risk analysis, security policy, rules creation and modification of Checkpoint, Cisco ASA, Palo Alto Firewall networks.

Worked on different firewall & security appliance such as, Checkpoint 4400, 4600, 4800, 21700, Palo-Alto 200, 500, 3020, 3060, 5020, 5060, Juniper SRX 240, 650, 1400, 3400.

Involved in troubleshooting network traffic and its diagnosis using tools like ping, traceroute, Wireshark, TCP dump and Linux operating system servers.

Expertise in Data Center Core layer, Access layer, Aggregation layer, Services layer.

Configuring & Managing LAN, WAN, VPN and Firewall of Juniper MX Routers for End Users and VLAN on Juniper EX series switch 2500, 4500

Sound knowledge of Routing and Switching concepts and MPLS design.

Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS.

Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.

In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Sub netting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 POS OCX / GigE circuits, Firewalls.

Primary responsibility is to design and deploy various network security & High Availability products like Cisco ASA other security products.

Certification:

Cisco Certified Network Associate (CCNA)

Cisco Certified Network Professional (CCNP)

Technical Skills:

Cisco Routers

:

1600,1700,2600,2800, 2900, 3600, 3800, 7200 and 7600

Cisco L2 & L3 Switches

:

1900,2900, 3560, 3750, 4500, 4900, 6500

Cisco Nexus

:

5020,5548,5596T,2148,2248TP,2348UPQ,7010,7702

Juniper

:

EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240

LAN Technologies

:

Ethernet, Fast Ethernet, and Gigabit Ethernet, SMTP, VLAN, Inter-VLAN Routing, VTP, STP, RSTP, Light weight access point, WLC.

WAN Technologies

:

Frame Relay, PPP, HDLC, (E1/T1/E3T3), DS3, OC192.

Network Security

:

Cisco ASA, ACL, IPSEC.

OS products/Services

:

DNS, DHCP, Windows (2000/2003/2008, XP), UNIX, LINUX.

Routing Protocols

:

OSPF, EIGRP, BGP, ISIS, VRF, PBR, Route Filtering, Redistribution, Summarization, and Static Routing.

Gateway Load Balancing

:

HSRP, VRRP, GLBP, EBGP

Various Features / Services

:

IOS and Features, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP and FTP.

Network Management Tools

:

Wireshark, Netflow Analyzer, Cisco Works, Ethereal, SNMP, HP open view.

Security Server Protocols

:

TACACS+, RADIUS.

Facilities

:

DS0, DS1, DS3, OCX, T1/T3

Load Balancers

:

Cisco CSM, F5 Networks (BIG-IP) LTM 8900, BIG-IP GTM 6800, Cisco ACE 4710.

Operating Systems

:

Windows (98, ME, 2000, XP, Server 2003/2008, Vista, Windows 7/8), CentOS, Ubuntu, IOS.

Firewall & Security

:

Checkpoint (R62, R65, R70, NGX), Cisco ASA, Palo Alto, Juniper SRX, Fortigate 5000-series.

PROFESSIONAL EXPERIENCE

Ultimate Software, Weston FL Aug 16 – Present

Sr. Network Engineer.

Responsibilities:

Technical activities and responsibilities include total Network integration, maintenance, and administration for various Network and Network-related technologies and devices according to the client' needs specifications.

Working on Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.

Experience working with Nexus 7018/7010, 5020, 5548, 2148, 2248 devices

Experience working with FCoE VLAN with OTV the nexus between the datacenters.

Configuring IPSEC VPN on SRX series Checkpoint firewalls

Maximizes Network performance by monitoring performance; troubleshooting Network problems and outages; scheduling upgrades; collaborating with Network architects on Network optimization

Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000

Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools..

Have hands on experience on Network Access Control(NAC)

Hands on Experience testing iRules using Browser(IE), HTTP watch

Convert Campus WAN links from point to point to MPLS and to convert encryption from IPsec/GRE to GET VPN.

Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.

Implement and configured GLBP (on core switching and also for VPN redundancy), HSRP on different location of office on the switched network and managing the entire multilayer switched network

Troubleshooting and installing of CRS, ISR, GSR, ASR9000 and Nexus devices.

Engineering the configurations for the different branches, campus locations

Executed commissions on information security risk assessments and controls selection activities.

Configure LTM system/F5 Load balancers

Configuration changes to F5 GTM devices

Provide remotely access support on Network devices/systems, monitoring and alerting, manage Network Environments and maintain policy integrity, service levels A, provided customers support within corporate infrastructure

Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.

Successfully installed Palo Alto PA-3060 firewalls to protects Data Center and provided L3 support for routers/switches/firewalls

Implemented Site-to-Site VPNs over the internet utilizing 3DES, AES/AES-256 with PIX Firewalls

Experience with MP-BGP and MPLS LDP protocols.

Configuration and Administration of Palo Alto Networks Firewall to manage large scale Firewall deployments.

Best practice implemented on Cisco & Juniper routers and switches.

Implemented new device of Cisco & Juniper MX – series as per policy reviewed by network architect.

Experience with leadership of staff within the Information Security Management function

Worked on the redistribution of connected routes on all OSPF devices so that all connected subnets are advertised via OSPF

Supported in Management of all the necessary Security Services.

Manage customer engagement team and manage all facets of service delivery.

Develop programs for the recruiting and retention of top cybersecurity talent.

Configured IPSEC VPN tunnels between Checkpoint and other non-Checkpoint endpoint devices using IKE pre-shared keys, 3DES and MD5

Handled RFC4510 is an Internet protocol for accessing distributed directory services that act in accordance with X.500 (LDAP) Lightweight Directory Access Protocol.

Troubleshooting and implementing Monitors and I rule on F5 equipment

Responsible for Cisco ASA firewall administration across our global networks

Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP

Strong knowledge of Public Key Infrastructure (PKI) concepts, patterns and practices

Hands-on familiarity with Microsoft Certificate Services and related components

Working knowledge of Active Directory and its integration with Microsoft PKI

Supporting development, maintenance, and management of PKI policies in accordance with the department Directives and local Instructions.

Maintaining awareness of and competency with new and developing PKI authentication protocols, specifications, techniques, and standards such as but not limited to: public key cryptographic key standards, certificate management protocols, and certificate validation.

Follow all Change Management Policies and Procedure Experience with certificate-enabled applications, such as SSL/TLS, S/MIME, authentication, EFS, 802.1X, Code Signing, etc.

General understanding of cryptographic concepts: symmetric/asymmetric cryptography, secure hash, digital signatures.

Large enterprise IT consulting, administration, or support experience

Involved in the redistribution into OSPF on the core ASA firewall.

Involved in the removal of EIGRP from all devices and making OSPF the primary routing protocol.

Involved in the modification and removal of BGP from the MPLS routers.

Worked on Orion for analysis and monitoring purposes

Replace branch hardware with new 2851 routers and 2960 switches.

Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trunking, deployed port security when possible for user ports

Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed

Performed basic security audit of perimeter routers, identifying missing ACL’s, writing and applying ACL’s

Experience with convert PIX rules over to the Cisco ASA solution.

Sate of WI, Madison WI May 15 – Aug 16

Sr. Network Engineer

Responsibilities:

Configuring Static, IGRP, EIGRP, and OSPF Routing Protocols on Cisco 1600, 2600, 2800, 3600, 7300 series Routers.

Deployed on Nexus 7000, 5000 and 2000 series with V-Block servers and Cisco UCS E-series.

Experience in working with Cisco Nexus 2148 Fabric Extender and Nexus 7010, 5000 series to provide a Flexible Access Solution for datacenter access architecture.

Configured Easy VPN server and SSL VPN to facilitate various employees access internal servers and resources with access restrictions.

Responsible for entire company network infrastructure that includes Cisco Switches, Routers, Firewalls, Access Points, Servers and PBX.

Configuring and implementation of Juniper Firewall, SSG Series, Net screen Series ISG 1000, SRX Series.

Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design..

Implementation of Site-to-Site VPNs and DMVPN over the internet using IKE Phase 1 and IKE Phase 2 based on traffic with ASA 5500 series Firewalls.

Managing and troubleshooting of Juniper M320 routers including installation, upgrade, configuration and network management.

Management of corporate Checkpoint Firewall implementing security protocols and alleviating network attacks

Deployed Palo Alto Firewalls for web filtering and application control.

Configured EBGP load balancing and Ensured stability of BGP peering interfaces.

Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering using Route-maps.

Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls.

Worked extensively on Cisco ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.

Worked on migration of existing PIX firewall to ASA firewall, PIX OS upgrade from 6.3 to 7.0.

Design and Implement DMZ for FTP, Web and Mail Servers with CISCO PIX 506E, PIX515.

Mapped, Network Diagrams and physical identification in MS Visio.

Worked with engineering team to resolve tickets and troubleshoot L3/L2 problems efficiently

.

General Motors, Alpharetta GA Feb 14 – May 15

Sr. Network Engineer

Key Responsibilities:

Troubleshooting the TCP/IP networks for connectivity, outages and slow network issues and recommended appropriate and cost-effective solutions for the congestion.

Network consists of Heavy Cisco equipment such as: Cisco 356*-****-**** switches, Cisco 650*-****-**** series Layer 3 switches, Cisco 382*-****-**** series routers, Cisco Pix firewall 500 series and Wireless Access points Cisco 1230.

Successfully installed Palo Alto PA 3060 firewalls to protects Data Center and provided L3 support for routers/switches/firewalls..

Configuration of policies and objects and applying NAT & Web Filtering on firewalls like Checkpoint, Palo Alto..

Configuring Juniper Netscreen Firewall Policies between secure zones using NSM (Network Security Manager)

Configuring failover for redundancy purposes for the security devices. Implemented the Stateful & serial failover for PIX/ASA firewalls, Checkpoint Clustering and load balancing features.

Worked on F5 BIG-IP LTM 8900, configured profiles, provided and ensured high availability.

Design, Implement & troubleshooting of Juniper switches, routers and Firewalls EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240, SRX 3600/650.

Managing and troubleshooting of Juniper M320 routers including installation, upgrade, configuration and network management.

Responsible for deploying various network security & High Availability in Checkpoint Firewall

Configuring routing protocols OSPF, EIGRP, RIP, MPBGP, LDP and BGP V4

Configuring HSRP between VLANs, Configuring Ether-Channels, Port Channel on 6500 catalyst

Build Logical design and Implementation of Wireless Solution

Design an End -to-End High- Level Cisco Trust Sec Network with Cisco ISE and 802.1x

Experience with configuring VMware and managing and maintenance of VMs (virtual server)

Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Checkpoint and Cisco ASA VPN experience

Responsible for Cisco ASA firewall administration across our global networks

Experience with migration of Checkpoint R54 to SPLAT.

Configured various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.

Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550.

Configured Nexus 5020, 5548 7010 and 7702 with multiple distribution VDC’s running EIGRP for route propagation between them.

Experience with configuring Nexus 2000 Fabric Extender (FEX) hitch acts as a remote line card (module) for the Nexus 5000.

Continual network monitoring of data center support, troubleshoot and diagnose hardware problems.

Configured various Router interfaces like ATM interface, T3 & Channelized T1 interfaces

Configuring and troubleshooting CISCO catalyst 6509, 7609, 7613 with Supervisor cards, Cisco 3640, Cisco GSR 12416,21418(with PRP and RPR processors)

Configuring and implementing F5 BIG-IP LTM, GTM load balancers to maintain global and local traffic

Verizon Wireless, Dallas TX Jul 12 – Jan 14

Network Engineer

Key Responsibilities:

Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies. Cisco CLI, Cisco works, Network Security, Network Analysis Tools

Experience with Checkpoint Firewall policy provisioning.

Develop, design and implement firewall infrastructure surrounding Checkpoint and Cisco Firewalls and a good experience with security tools and protocols like NERC/CIP and SOX

Configured and resolved various OSPF issues in an OSPF multi area environment.

Hands-on experience with WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP/OSPF), and IP addressing.

Layer 2 switching technology architecture, implementation and operations including L2 and L3 switching and related functionality. This includes the use of VLANS, STP, VTP and their functions as they relate to networking infrastructure requirements including internal and external treatment, configuration and security.

Configuration and troubleshooting of Cisco catalyst 6509, 7613 with supervisor cards.

Estimated Project costs and created documentation for project funding approvals.

Managed various teams involved in site surveys, cabling specifications, Network equipment installation and configuration.

Responsible for Cisco ASA firewall administration across our Organizational networks.

Planned resources and presented project status to higher management.

Deployed 7613 as PE and CE routers and configured the Edge Routers.

Excellent troubleshooting knowledge on T1, T3, OC-3 and OC-12.

Created and delivered internal trainings for BGP.

Configured egress and ingress queues for ISP facing routers using CBWFQ.

Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems.

Ability to analyze, configure and troubleshoot networks.

Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support

Supporting EIGRP and BGP based PwC network by resolving level 2 &3 problems of internal teams & external customers of all locations

Polaris, INDIA Apr 09 – Jun 12

Network Engineer

Key Responsibilities:

Configuring RIP, EIGRP protocols and IP sub netting.

Troubleshoot connectivity issues involving VLAN's, OSPF, QoS etc.

Resolving routing and switching related real time performance issues.

Performance monitoring of various applications and web servers to maintain quality of service and network stability.

Connected switches using trunk links and Ether Channel.

Responsible for maintenance and utilization of VLANs, Spanning-tree, HSRP, VTP of the switched multi-layer backbone with catalyst switches.

Provided technical guidance for optimal performance and tuning of LAN and WAN technologies using Juniper Device.

Implemented redundant Load balancing technique with Internet applications for switches and routers.

Support Network Technicians as they require training & support for problem resolution including performing diagnostics, & configuring network devices

Experience with Installation as well as upgradation of Cisco IOS on Cisco switches and routers.

Used Network Monitoring tool to manage, monitor and troubleshoot the network.

Configured Cisco IOS feature Set, NAT and Simple Network Management Protocol (SNMP) for Network Security implementation.

Received inbound calls of technical nature, independently resolved customer complaints, concerns and inquiries regarding their Internet connection.

Troubleshoot a wide range of technical support issues and connectivity problems such as authentication, connection speed, e-mail configuration, and loss of synchronization.

Experience in new employee mentoring, training and coaching.

Contact this candidate