Phone : +1-408-***-****
Email : firstname.lastname@example.org
Over 7+ years of Experience in deploying and troubleshooting network & security infrastructure for Enterprise Environments.
Expertise on next generation firewalls, IPS / IDS, IPsec VPN, ACL’s, security reviews & audits etc.
Expert in Palo Alto NG Firewall features like URL filtering, Threat prevention, Data filtering, IPsec Tunnels, SSL-VPN and Zone Protection.
Expert in configuring Security policies using App ID, Security profiles and URL category.
Experience on configuring and troubleshooting HA, Zones, VLANs, Routing, and NAT on firewalls as per requirements.
Sound knowledge on Centralized Management Panorama integration with Palo Alto Firewalls to Manage all Firewalls.
Configured IPS/IDS Features, Anti-Virus scanning, Anti-Spyware, Malware detection, File & Data blocking Mechanism on Palo Alto.
Worked on Sever Profiles such as and LDAP with Palo Alto to authenticate User-IDs.
Experience on Access Control Server configuration using AD, RADIUS & TACACS+.
Expertise with Various Cisco Firewalls like Traditional ASA, Next Gen ASA-5k / FirePower.
Worked on SIEM Tools such as QRadar & Splunk to manage multiple network devices.
Migrated from Checkpoint Firewall 12k R77.30 to Palo Alto Nxt Gen Firewall 5k.
Deployed and Maintained Microsoft Azure Cloud from Scratch.
Design and implement Cisco ACI in datacenters, create a strategy that allows use of containers, cloud orchestration tools for end users and developers
Experience in configuring and Troubleshooting BIG-IP F5 load balancer LTM and Citrix NetScaler ADC.
Created Virtual Servers, Nodes, Pools and iRules on BIG-IP F5 in LTM>M module.
Proficient in Cisco Wireless Controllers 8510 and Access Points Aruba 305.
Deployed 802.1x authentication mechanism for wired and wireless devices
Proficient in Configuring enterprise wireless security
Extensive knowledge and hands on expertise on Implementation of OSPF, EIGRP, BGP and MPLS and their redistribution over the networks.
Extensive expertise in implementing Route Filtering methods to manage and advertise routes to its neighbors.
Responsible for deployment, configure and administrator of Data Center Switches/Routerss such as Nexus 9k,7k,6k,5k&2k Series.
Implemented Virtual Port Channels, Profiles and VPC peer links using fabric path.
Deployed SD-WAN hub & spoke topology solution and established VPN tunnels.
Configured Cisco Meraki MX84 in remote sites and VPN Consentrators in Data Centers.
Worked on FEX configurations on Nexus switches. Deployed Fully Mesh and Partial Mesh topologies
Hands on experience in deploying GRE tunnels, IPSEC Tunnels,DMVPN.
Implemented redundancy protocols like HSRP & VRRP,
Proficient in implementing Security policies like NAT, PAT & Access lists.
Worked on all layer 2 Switching technologies like; VLAN, VTP, STP, RSTP, PVST, RPVST, Ether channel, LACP, PAGP, Inter VLAN routing etc.
Adminitrated and troubleshooted Active Directory, DNS and DHCP servers
Responsible for DNS and DHCP Administration through IPAM.
Worked on Wireshark, Tcpdump and solar wind to analyze packet. Also configured syslog and SNMP agents as well as manager.
Expert in managing and monitoring the network devices using Syslog, SNMP, and NTP.
Involved in troubleshooting network for health issues and reduced network downtime by using monitoring tools like Splunk and SolarWinds.
Expert level knowledge on IP Addressing, Subnetting, VLSM, OSI model, TCP/IP model
Cisco Platforms: Nexus 9K, 7K, 6K,5K and 2K, Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) and Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series), ASR1001, 2900, 3900, 7200, 7600 and ASR9000, CSR/ASR, IOS-XR
Juniper Platforms: SRX, MX, EX Series Routers and Switches
Networking Concepts: Access-lists, Routing, Switching, Subnetting, Designing, IPSec, VLAN, VPN, WEP, WAP, MPLS,VRF, Wi-Fi.
Firewall: Checkpoint, Cisco ASA, Palo Alto
Security Protocols: IKE, IPSEC, SSL-VPN
Load Balancers: F5 Networks (Big-IP),Netscalars
WAN technologies: Frame Relay, ISDN, ATM, MPLS, leased lines and exposure to PPP, DS1, DS3, OC3, T1 /T3 and SONET
LAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, and 10 Gigabit Ethernet, Port- channel, VLANS, VTP, STP, RSTP, 802.1Q
Network Tools: Solar Winds, SNMP, Cisco Works, Wireshark
Networking Protocols: RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA
Languages: Perl, C, C++, Python, SQL, HTML/DHTML
Wireless and Radius Technologies: CISCO 1200 series APs, Aruba wireless and APs, Cisco Meraki.
Cisco Certified Network Associate (CCNA)
Cisco Certified Network Professional (CCNP)
Palo Alto Accredited Configuration Engineer (Palo Alto ACE)
Cisco Certified Internetwork Expert(CCIE) - Written Completed
Master of Science in Computer Science Technology
Northwest Missori State University,Maryville,MO,USA
Bachelor of Technology – Information Technology
Client: Albertsons/Safeway – Pleasanton, CA
Role: Sr.Network Engineer Duration: Sept 2018 – Current
Planning, Designing, Implementing, Operating and Optimizing phases of Network Engineering projects for Data Centers.
Involved in complete LAN, WAN development (including IP address planning, designing, installation, configuration, testing, maintenance etc.).
Determining security needs, developing and implementing solutions, and creating and enforcing security policies.
Migrated checkpoint 41k firewalls to PaloAlto 5250 and Installing PaloAlto VM firewalls in Azure Cloud.
Palo Alto design and installation (Application and URL filtering, SSL decryption, SSL Forward Proxy). Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls. Successfully installed PA-5050 series firewalls in Data Center as perimeter Firewalls.
Auditing the Security policies to mitigate high security Vailations
Configured PANORAMA management for logging sessions, creating reports and managing onprem and Cloud firewall devices.
Limiting access to specific internal applications by creating necessary firewall rules, NAT policies and access control lists on Routers/Switches.
Ordering and Configuring MPLS, Broadband WAN circuits and Network Build of Materials (BOM) for Data Centers.
Build Network connectivity with Partners and necessary security controls to limit the access to internal applications.
Establishing Site-to-Site IPsec VPN tunnels on Checkpoint & PaloAlto firewalls and MPLS connectivity for partners.
Configured and consolidated Broadband circuit Access to all Development and QA Labs
Migrated and Increased the bandwidth of Internet Circuit in the Data Center.
Migrated Majority of the Application’s from Legacy to Zone Environment where we have high bandwidth to all the servers in Data Centers.
Configured and Established Express route and VPN connectivity to Microsoft Azure Cloud.
Worked with Microsoft support and Deployed HUB and Spoke topology in Azure Cloud.
Configured Virtual Networks, Network Security Groups, User defined routes and Established Peering between the Virtual Networks.
Collabrated with Application Teams to Migrate Applications to Azure Cloud from Onprem Data Center.
Administered Data Center migration, transformation, consolidation
Migrated Application Servers from the Onprem Datacenter & NSX private cloud to Azure Cloud.
Configured VMware NSX firewall ACL Policies and monitored the logs.
Configured Nexus 9k,7k,5k & 6k Routers and Switches at Core & Distribution Level for Data Center.
Deployed FEX(2K) Devices and Migrated Layer 3 devices Nexus 7k to 9k.
Configure HSRP to balance Loads in Core and Distribution Routers.
Analyze, configure and troubleshoot the LAN/WAN Networks. Monitor Network traffic and Access Logs in order to troubleshoot Network Access issues.
Administered Core, Distribution and Access layer Routing, Switching and Firewall infrastructure. Setup Out of Band for management for all this infrastructure.
Provide Level 3 support for any escalations from Level 1(Network Operations) and Level2(Network Support).
Resolving issues by engaging on monthly on-call schedule for any escalated incidents and re-Engineering for further optimization when necessary.
Troubleshooted Network Connectivity between Datacenters,Azure Cloud, Retail Stores, Backstage offices.
Work with vendors for security patches and new firmware recommendations and test in Labs prior to Implementing in production.
Client: Western Digital – San Jose, CA
Role: Network Security Engineer Duration: July 2017 – Sept 2018
Configured, monitored and troubleshooted Security on Palo Alto 5k & 3k series and managed them with Panorama M-500.
Responsible for unlike-to-like Firewall migration from Cisco ASA 5500 Firewall to Palo Alto Firewall using Palo Alto PAN Migration Tool.
Implemented APP-ID, which defines custom applications and comprehensive set of predefined applications to be applied to firewall.
Configured and LDAP with Palo Alto Firewall to authenticate User IDs.
Configured the User-ID feature on Palo Alto firewalls to facilitate username to IP address mappings.
Configured Objects and worked on Custom Applications and services to manage the traffic on the firewall.
Established and maintained IPSec tunnels on Palo Alto Firewalls for Site-To-Site connectivity.
Integrated Palo Alto to Wildfire cloud to mitigate Zero day attacks.
Configured and maintained Palo Alto’s GlobalProtect to enable Remote Access to users accessing internal resources from external networks.
Configured Palo Alto Firewall Clusters in Active/Passive mode for High-Availability. Thorough knowledge on the Active/Active HA mode for complex infrastructure.
Configuring Zones, Virtual routers and interfaces on Palo Alto Firewall.
Implemented security policy rules and NAT policy rules on Palo Alto firewalls.
Managed and troubleshooted Cisco ASA/Firepower.
Created enterprise multi-Zones in VMware NSX and Integrated that with Palo Alto network.
Experience in integration of NSX manager 6.0 with Palo alto firewalls.
Configured & monitored Virtual Severs, iNodes, iRules on F5 LTM Load Balancer 3900, 6900.
Implemented SSL/TLS profiles with F5 Big IP LTM such as SSL offload, SSL Orchestrator, Client SSL Profile and Certificates.
Configured Static and Dynamic Load Balancing and priority based pool-member activation to manipulate load on servers on F5 Big IP LTM Load Balancer.
Deploy, configure & monitor Cisco Wireless Controllers 8510 and Access Points Aruba 305.
Troubleshoot Aruba Wireless 305 AP issues like intermittent connectivity, authentication failure, low signal strength, Replacing AP's and controllers
Captured packets by configuring span port and analyzed using WIRESHARK and TCPDUMP.
Analyze and visualize the machine data using SPLUNK in real-time.
Client: CITI BANK – Austin,TX
Role: Network Security Engineer Duration: Jan 2017 – July 2017
Expertise in Configuring, Monitoring and Troubleshooting Palo Alto (5040, 3020) and checkpoint firewalls.
Worked with PAN migration tool to migrate from Check Point to Palo-Alto. Initially started with Like to like migration and then manually configured polices like used id, app id, URL filtering etc. to take complete advantages of PAN devices.
Configured Protocol Handling, Object Grouping and NAT on various Firewalls like Palo Alto & Checkpoint
Configured and installed the Multiple Firewall pairs in High Availability mode as Active/standby and managed through the Panorama.
Involved in Installing and Configuring a Cisco secure ACS server for AAA authentication.
Centrally Managed Multiple Firewalls using Panorama M-500,Constantly ensured Software Upgrades and Content Updates are up to date on those devices.
Created Rules (Pre, Post), Objects, Device Groups and Templates on Panorama M-500.
Implemented IPSecVPNs on Palo Alto firewalls for site-to-site VPN Connectivity.
Assisted in VPN configuration, NAT policies, failovers, maintaining and analysis of firewall logs.
Participated with the deployment and operation of information security systems, including integration, testing, troubleshooting, and updating/upgrading of various security tools and appliances such as antivirus, IPS, malware detection tools.
Hands on experience of Cisco NextGeneration firewall Firepower
Provided administration and support on Bluecoat Proxy for content filtering.
Managed and troubleshooting the Core, Distribution, and Edge Switches
Performed OSPF, EIGRP routing protocols administration and provided redistribution.
Experience in problem solving on IP Core networks including routing convergence issues, routing configuration issues, WAN protocol issues.
Involved in LAN & WAN redesign (including IP address, designing, installation, pre- configuration of network equipment, testing, and maintenance) of both Campus and Branch.
Responsible for resolving the tickets that raised in the organization, change operations and simulating network operations
Client: TCS – Hyderabad, India
Role: Network Engineer Duration: Feb 2013 – Dec 2016
Established, managed, and optimized network uptime and provided end-user support for users.
Worked closely with the security team on the deployment and troubleshooting of Cisco ASA firewall to apply policies.
Provided high level of security to the network by installing ASA 5500 along with ACLs.
Establishing VPN Tunnels using IPsec encryption standards and configuring site-to-site VPN, Remote VPN.
Defined policies, NAT and anti-spoofing for internal, external networks as well as Internet gateways.
Designed and implemented DMZ for Web servers, Mail servers & SNMP, FTP Servers using Cisco ASA Firewalls.
Configure Syslog server in the network for capturing and log's from firewalls
Installed and configured high availability Big IP F5 LTM, Adding virtual IPs, nodes, pools and health monitoring
Configured Virtual Servers object and associated with derived pool. Also perform Static and Dynamic Load Balancing.
Performed priority based pool member activation to manipulate load on servers.
Implemented High Availability Configuration on F5 LTM Load Balancer, Failover backup
environment in case of any failure.
Hands on experience in implementation and management of Wireless networks, which includes Cisco Light Weight Access Points (LWAP) and Cisco Wireless Controllers
Provided Tier 3 support to Data Center (Server, Cisco Catalyst and Nexus Devices) and handle incident tickets related to the issues in the Firewall, Routing, Switching and Wireless Devices
Worked on Nexus devices for implementing Virtual Port Channels, Profiles and VPC peer links using fabric path. Also Configured Nexus 2k (FEX) to act as a remote line card to the nexus 5k switches.
Performed upgrades to Nexus 7K and 5K switches at the core and distribution layers in datacenter.
Experience working with design and deployment of MPLS layer 3 VPN Cloud, involving VRF, Route Distinguisher, Route target, Label Distribution Protocol.
Installing, configuring Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocols like OSPF, BGP with Access Control lists implemented as per Network Design.
Worked on BGP configuration for providing redundant internet connectivity using BGP attributes, Route maps, prefix-lists.
Involved in VRRP configuration and troubleshooting and Port channel management of the network.
Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST,.STP features: Port Fast, Backbone fast, Uplink fast, BPDU Guard
Experience in Network Management Tools and sniffers like SNMP, Wire shark and Cisco works to support 24 x 7 Network Operation Center.
Monitoring Network infrastructure using SNMP, Solar winds and Opnet.
Communicating and escalating tickets with service providers for network outage issues.
Client: HCL – Hyderabad, India
Role: Network Engineer Duration: Jan 2012 – Feb 2013
Involved in configuration and management of different Layer 2 switching tasks, which includes address learning, efficient switching etc.
Collaborated with the Systems team to Install, configure, & maintain Active directory and also configured file servers.
Designed and implemented VLAN using Cisco switch catalyst 1900, 2900, 3500 & 3750 series and Configured VLAN, VTP on Cisco Layer 2 switches.
Served as Level 1 Support engineer to resolve network related issues reported by clients on daily basis.
Responsible for day to day management of Cisco Devices, Traffic management and monitoring.
Involved with the Systems team to Install, configure, & maintain AD, DNS, DHCP on Windows Server, and configured an file server.
Maintained and troubleshooted DNS and DHCP through IPAM.
Designed and implemented an IP addressing scheme with subnets for different departments.
Proficient in preparing technical documentation using MS Office suite and Visio.
Used various Network sniffers like Wireshark, TCP dump etc.
Operating Systems: Microsoft XP/Vista/7, Windows Servers, MS-Office and MS VISIO.
Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance upgrades and patches with all around technics.