Cisco Engineer
Resume:
Rizwan S
addz65@r.postjobfree.com
Phone: 803-***-****
Senior Network Engineer mailto:addz65@r.postjobfree.com
Professional Summary:
Over 8 years of professional experience in Network Planning, Implementing, Configuring, Troubleshooting and testing of networking system on both Cisco and Juniper devices.
Strong hands on experience on Cisco Catalyst (3550, 3750, 6500) series switches, Cisco (2500, 2600, 2800, 3600, 3800, 7200) series Routers, PIX Firewall (506, 515, 525, 535), ASA (5505/5510), Load Balancers using Cisco ACE, F5 LTM/GTM, Security Device Manager (SDM), Cisco Works, HP Open View, Solar Winds, Sniffer, Palo Alto Networks Firewall models (PA-2k, PA-3K and PA-5K).
Implementation of SSG Series, Net screen Series ISG 1000, SRX Series.
Worked on Cisco PIX 535, 520, 515, ASA -5500 and 5505 and Cisco Routers with IOS and IOS XR
Expert Level Knowledge about TCP/IP and OSI models.
Provide scalable, supportable military grade TCP/IP security solutions along with expert TCP/IP network designs that enable business functionality.
5+ years of experience in Install and configure Bluecoat Proxy in the network for web traffic management and policy configuration.
Implementation, working analysis, troubleshooting and documentation of LAN, WAN& WLAN architecture with excellent work experience on IP series.
Working knowledge with Load Balancers F5 LTM like 3900, 6900 for various application.
In-depth knowledge and experience in WAN technologies including OC3, E3/T3, E1/T1, Point to Point, MPLS and Frame Relay
Monitored Network Activity using Cisco Prime 2.2, Splunk, Ops Manager, IPAM, Wire Shark, TufinSecure Track, ePo, HIPS.
Having knowledge and hands-on experience on IP Addressing, Sub netting, VLSM and ARP, reverse & proxy ARP, Ping Concepts.
Hands on Experience in Bluecoat -Proxy set up, troubleshooting production issues and analysis.
Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS, switching (VLANS, VTP Domains, STP and trucking).
Basic and advance F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 and general troubleshooting of the F5 load balancers.
Installed and configured Network Automation System (NA) to validated compliance checks on Cisco routers, switches.
Worked on configuring the Nexus 5K Aggregation Switch and Nexus 2K Fabric Extenders.
Implemented VDC, VPC, VRF and OTV on the Nexus 5505 and 7009 switches.
Substantial knowledge, including the configuration, of Spanning Tree Protocol (STP), Per VLAN Spanning Tree (PVST), Rapid STP (RSTP) and Rapid per VLAN Spanning Tree (PVST+), TCP and UDP protocols, Next generation data center oriented technologies such as virtual port channels (VPC), Fabric path, Fiber channel over Ethernet (FcoE), virtual switches, network virtualization.
Expertise in installing, configuring, and maintaining Cisco Switches (2900, 3500, 7600, 3700 series, 6500 series) Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800).
In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Subnetting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits, Firewalls.
Experience in installing and configuring DNS, DHCP server.
Experience in Checkpoint IP Appliances R65, R70, R75, R77 &Cisco ASA Firewalls.
Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/VPN-1
Upgraded the platforms using the Checkpoint upgrade tools.
Provide L3 support for checkpoint and Palo Alto firewalls.
Involved in the integration of F5 Big-IP load balancers with Checkpoint firewalls for firewall load balancing and was responsible was trouble shooting and maintenance.
Provided administration and support on Bluecoat Proxy for content filtering and internet access between site and VPN client users.
I have strong knowledge with TCP/IP, BGP, OSPF, ISIS, MPLS (L2 & L3 VPN), VPLS, Multicast protocols (IGMP, PIM), Switching technologies (VLAN/Trunking) and Strong knowledge with data center technologies, EVPN/ VXLAN, MP-BGP, MC-LAG, underlay, overlay, cabling, fibers.
Knowledge in EVPN, VXLAN, VTEPS. Experience with Cisco ACI.
Experience in installing and configuring DNS, DHCP server.
Cisco ASA and FWSM, Fortinet FortiGate; F5 AFM, A10 WAF, IDS/IPS systems, and general knowledge of security features and protocols.
Provide hands on management of Data Center services, including rack and cable management Experienced in the evaluation, testing, configuration, and implementation of Palo Alto firewall security solutions across enterprise networks. Experience also includes working with other vendor firewalls like Cisco's ASA Firewall, Checkpoint Firewall, and the Fortinet Firewall.
Deployment and Management of Bluecoat proxies in forward proxy scenario as well as for security in reverse proxy scenario.
Performing URL filtering and content filtering by adding URL’s in Bluecoat Proxy SG’s.
Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MST.
Successfully installed Palo Alto PA-3060 firewall to protect data center and provides L3 support for routers/switches/firewall.
Managed Configuration, Logging and Reporting of Palo Alto firewall through the Panorama.
Managed URL filtering, File blocking, Data filtering by Palo Alto firewall, Barracuda NG Firewalls.
Implementation and maintained intrusion detection/ prevention (IDS/IPS) system to protect enterprise network and sensitive corporate data. For Fine-tuning of TCP and UDP enabled IDS/IPS signatures in Firewall.
Performed Installation of Cisco ASA 5585 & 5520 series firewalls as well as Palo Alto 3500 series.
Review daily log data gathered from various resources such as sensors, alert logs, firewall logs, content filtering logs.
Security, ISIS, EIGRP and RIP routing protocols in addition to Multicast protocols.
Layer 3 Multicast VPN support using MLDP with FRR capabilities, MLD Proxy
Developing Powercli Scripts to automate Operations, configuration of 2500+ Esxi hosts and more than 20000 VM’s hosted on Cisco UCS Blade chassis and VMware vSphere infrastructure suite 6.7
Monitoring the health of the Virtual environment and performing day to day administration and troubleshooting on CISCO UCS and VMware vSphere 6.7 environment.
Deploy Cisco Nexus 1000V to VMware Infrastructure
Proficient in using SolarWinds Network Management tools like Network Performance Monitor (NPM), Net flow Traffic Analyzer, Network Configuration Manager (NCM) and Cisco Prime.
Provide 24/7 support.
Certifications:
Cisco Certified Network Associate (CCNA)
Cisco Certified Network Professional (CCNP)
Technical Skills:
Routers
Cisco 2900, 3200, 3600, 3700, 3800, 7200 and 7600 and ASR 1000.
Juniper Mx-960, MX-480, M10i, M7i.
L2 & L3 Switches
Cisco Catalyst 2900, 3560, 3750, 4500, 4900, 6500
Nexus 2200,5500,7000, EX-4300, EX-4200, QFX-5100
LAN Technologies
Ethernet, Fast Ethernet, and Gigabit Ethernet, SMTP, VLAN, VXLAN Inter-VLAN Routing, VTP, STP, RSTP, Light weight access point, WLC, DOT1Q,Nexus OTV Fabric path.
WAN Technologies
Frame Relay, ISDN, HDLC, (E1/T1/E3T3), OC192, ATM, SD-WAN, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3 & SONET Packet Switched WAN – ATM, FRAME RELAY, MPLS VPNs. WAN optimization technology -Riverbed, and WAAS.
Network Security
Cisco ASA (5512/5550/5585), ACL, IPSEC and SSL VPN, HTTP, IPS/IDS,
NAT/PAT, Ingress & Egress Firewall Design, VPN Configuration, Internet Content Filtering, IDS/IPS, Dynamic, Reflexive ACL, and authentication AAA
Routing Protocols
Routing Protocols (RIP v1 & v2, OSPF, EIGRP, BGP), Route filtering, redistribution, Summarization, Static Routing QoS, TCP/IP, UDP, ESP IPsec, MPLS, PPP, PPTP, IPSEC, IKE, SSL, SSH
Gateway Load Balancing
HSRP, VRRP, GLBP
Various Features / Services
IOS and Features, IRDP, NAT, SNMP, SYSLOG, NTP, DNS, DHCP, CDP, TFTP and FTP.
Network Tools
Wireshark, Net flow Analyzer, Cisco Works, Snoop, Ethereal, SNMP, Fluke, Cable Analyzers, Tcpdump,Sniffer., Infoblox, NetMRI, Solar winds, Nagios, Net Scout, What's-Up Gold, Ethereal, MS Visio, SecureCRT, Putty, GNS3
Security Server Protocols
TACACS+, RADIUS, Cisco ACS
Facilities
DS0, DS1, DS3, OCX, T1/T3
Load Balancers
Cisco CSM, F5 Networks (Big-IP) LTM 8900, Cisco ACE 4710.
Operating Systems
Windows, Linux, UNIX, Mac.
Firewall & Security / Scripting
Checkpoint, Cisco ASA, Palo Alto, SRX / Bash(shell),C/C++
Professional Experience:
Conduent, Columbia, South Carolina Dec 2018 – Present
Sr. Network Security Engineer
Responsibilities:
Configured and managed Nexus 2k fabric extender, 5K, 7K, 9K switch network at the client's location.
Troubleshooting and installing New Cisco Catalyst 3850 and 2960x switches.
Worked on Traditional Campus Migration and successfully migrated the devices to new IP address range.
Responsible for Internal and external accounts and, managing LAN/WAN and checking for Security Settings of the networking devices (Cisco Router, switches) co-coordinating with the system/Network administrator during any major changes and implementation
Used vArmour application controller for monitoring communication behaviors, validating errors
resulting from manually developed policies, protecting risks associated with deploying policies
Worked on Fortinet, FortiGate firewall, Forti-Manager, Forti-Analyzer.
Used auto-discovery feature to generate complete application relationship maps, generated intent-based
security policies for protecting applications running on various computing platforms.
Leading daylight SD-WAN conversion project portion of 8-person crew on 2800 branch Viptela over VMware and Cisco network, each site served by Private MPLS / Broadband / LTE.
Determine client requirements from the SOW and provide designs for complex Network Solutions including Internet, MPLS- IP VPN, SD-WAN, Broadband, and Ethernet.
Study and make key recommendations to customer current design to account for the migration to the SD-WAN technology.
Monitored the status and efficiency of the deployed policies by observing, evaluating policies producing deny hits over a threshold over 90-day period.
Deployed policies across various platforms, simulated impact of candidate policies with observed communications before deployment to production.
Built over 100 specific Boot Configuration for SD-WAN Devices to call back to a specific Director to establish secures Overlay Tunnels over different Transports.
Worked on F5 Enterprise Manager 3.1 version to manage multiple F5 LTM devices from single-pane view.
Create additional site-to-site IPSec VPN to connect SD-WAN to Zscaler for cloud-based Security.
Troubleshoots routing issues that may arise in BGP routing protocols, HP switch fabric, Cisco routers and switches (IOS, IOS- XR, NX-OS), Juniper routers and switches (JunOS), and F5 Load Balancers
Worked with complex routed IP networks, routers, layer 2/3 switches, firewalls, LAN/WAN networking hardware and protocols.
Designed and implemented MPLS core running VPLS for virtualized server infrastructure and eventually integrated into a VXLAN combination. Well-versed in Networks routers and switches using, BGP, MPLS, OSPF, VxLAN.
Configure/troubleshoot Cisco Nexus 7000 series switches for BGP, OSPF, HSRP, MPLS, VLAN, VRF, VXLAN, Trunks, STP, xconnect& static routes.
Verification of Vxlan and Datacenter interconnect use cases for Vxlan, MPLS, RSVP-TE, LDP, BGP, OSPF, DHCP, Radius authentication, TCP/IP, Dot1x, Vlan, Lag, access protocols, STP for Juniper devices running Junos.
Strong product knowledge as it applies to Cisco iOS, Cisco iOS- XR, Nexus (NX-OS), ASR series routers, CRS.
Operating systems included IOS- XR, IOS-XE, IOS, and Linux
Worked extensively in Configuring, Monitoring and Troubleshooting Checkpoint security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls per design.
Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
Work on Physical Site Inventory verification; gather information of various Cisco Network devices and Security Devices to develop Run book and Spec Book.
Assisting with the design and deployment of a Cisco Firepower cluster in the core.
Configured and maintaining Security Policies, NAT policies, IPSEC tunnels on various firewalls like PaloAlto, Cisco ASA/ Firepower, Checkpoint firewalls and SIEM solutions like LogrRhythm and McAfee.
Implementing VLAN, STP, VTP, 802.1Q, SVI, OSPF, Multicast,, MPLS, VRF, BGP technologies
Adding and removing checkpoint firewall policies based on the requirements of various project requirements.
Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/VPN-1.
Migrated previous corporate Checkpoint 4.0 Firewall-1/VPN-1 on Windows NT.
Provided expensive network troubleshooting, wireless hard wired and multicast
Layer 3 Multicast VPN support using MLDP with FRR capabilities Proxy
The fabric-based Ethernet switch, with cut through routing between TORs for Unicast and Multicast
Managed and troubleshoot both multicast and unicast connections to multiple stock exchanges world-wide
Monitoring the health of the Virtual environment and performing day to day administration and troubleshooting on CISCO UCS and VMware sphere 6.7 environment.
Deploy Cisco Nexus 1000V to VMware Infrastructure.
Support and maintain VMware Infrastructure Running on Cisco Ucs and Vsphere 6.0.
Configured and Created wireless sites using the Cisco Meraki System dashboard.
Implemented site to site VPN on Cisco Meraki MX64, MX65, MC84, and MX400.
Implementing Cisco Meraki Wireless network.
Designed & Deployed Cisco ISE and Provided comprehensive guest access management for Cisco ISE administrators.
Configured Cisco ISE for Domain Integration and Active Directory Integration.
Configured and performed software upgrades on Cisco Wireless LAN Controllers 5508 for Wireless Network Access Control integration with Cisco ISE.
Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
Implemented Cisco ISE 1.2 for Wireless 802.1x Authentication and Authorization with Flex Connect.
Configured and performed software upgrades on Cisco Wireless LAN Controllers 2504, 4404,5508 for Wireless Network Access Control integration with Cisco ISE.
Upgrading Cisco ISE Appliances Company wide. Recently rolled out OpenDNS including onsite VM appliances.
Experienced on Cisco ISE and advanced technologies like QOS, Multicasting, MPLS and MPLS-VPN and Bluecoat proxy server SG.
Sentara Healthcare, Norfolk, Virginia Jul 2017–Nov 2018
Sr. Network Security Engineer
Responsibilities:
Design, deployment and maintenance of security/network devices and datacenters of enterprise.
Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls (36+ firewalls) - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
Successfully installed Palo Alto PA-5000, PA-3000 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls and configured and maintained IPSEC and SSL VPN's on Palo Alto firewalls.
Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
Configuring and maintaining the Network connectivity to Cloud Providers such as AWS, Azure using AWS VPC, AWS Direct.
Experience in migration of data to Cloud environment.
Configure, Integrate, Upgrade, Optimize, Troubleshoot network components including ASR 9000, Nexus 9232, Catalyst 6500, C4500, C3850/3650 and ISR with IOS/ IOS XR/NX OS, EIGRP, IS-IS, OSPF, BGP, MPLS, VRRP and HA capability
Worked on Design implementation of new data center with products ranging from cisco, ASA with Firepower, Dell Switches, Cisco Meraki, VMware NSX
Experience working with MPLS Layer 3 VPN on ASR 1006 with IOS- XR
Good working knowledge of Azure and AWS
Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/VPN-1.
Built and support VRRP/Cluster based HA of Checkpoint firewalls.
Creating object, groups, updating access-lists on Check Point Firewall, apply static, hide NAT using smart dashboard.
Experience in Deploying and decommissioning Cisco switches, Cisco Meraki Products, and their respective software upgrades.
Implemented site to site VPN on Cisco Meraki MX64, MX65, MC84, and MX400.
Deployed and managed Cisco Meraki products SD-WAN including Cisco Meraki Security Appliances (MX25, MX450, MX400, MX600 and MX100), Cisco Meraki switches and Cisco Meraki Wireless Aps (MR84, MR74, MR52).
Adding agents (IDS/IPS) at Host and Network level to Sentinel.
Working on Enterprise AV Solutions, IDS\IPS, Firewalls and SIEM (IBM QRadar\HP Arcsight) tools.
Performing URL filtering and content filtering by adding URL’s in Bluecoat Proxy SG’s
Black listing and White listing of web URL on Blue Coat Proxy servers.
Worked on Blue Coat Proxy SG to safeguard web applications (Black listing and White listing of web URL) in extremely untrusted environments such as guest Wi-Fi zones.
Create service profiles on the Cisco Unified System (Cisco UCS) platform and manage Service Profiles.
Configure VMware switching, Install and configure a Cisco Nexus 1000V Switch & Networking.
Cisco UCS configuration and troubleshooting.
Experience with connectivity of Cisco Networking Equipment with F5 Load Balancer.
Basic and advance F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 and general troubleshooting of the F5 load balancers.
Helped installed F5 VIPRION load balancers for one of our new datacenters.
Configured Cisco ISE for Wireless and Wired 802.1x Authentication on Cisco Wireless LAN Controllers, Catalyst Switches.
Monitor and troubleshoot BGP, EIGRP, TI circuits, and cellular backup circuits via ICMP and SNMP ticketing systems. Cisco IOS upgrades.
Working on Cisco 6509 and 4507 series switches for LAN requirements that include managing VLANs, Port Security and troubleshooting LAN issues.
Implementation of various protocols like RIP, OSPF, BGP and STP.
Expertise in networking technologies like LAN, MAN, WAN and peripheral devices.
Working with VPN tunnels, DS1, DS3 & T1 links.
Used to handle efficiently a workload of nearly 60 Layer 3 MPLS VPN provision orders which included, MPLS network resource reservation & VPNV4, EBGP configuration checking, Troubleshooting of EBGP sessions with customer carriers in the MPLS cloud which is made up of routers Cisco housed in different datacenters (Cisco 7609).
Experience configuring Catalyst (2900, 3500, 3700 and 6500 Series), Nexus (7000, 5000 and 2000 Series) Switches, and Routers (2800, 3600, 4400 Series) and Wireless AP's (1260, 3600) using CLI and GUI.
Used Cisco ACI (Application Centric Infrastructure) for fabric implementation, operations, and integration with external bridged networks and Cisco Unified Communication Systems.
Hands on experience in building Cisco ACI fabric (policy groups, switch profiles, etc.), tenants - VRFs, Endpoint Groups, Contracts
Lead network engineer on a project to build out a software defined data center based on Cisco ACI, VMware NSX and F5 load balancers.
This global role helped expand my expertise into other areas such as Cisco UCS, Checkpoint Firewalls, Cisco ASA, and VMware NSX.
Deployed Cisco ISE 1.2 with 8 nodes in deployment, initially in learning mode increasing methodically to 802.1x on wireless and wired.
Integrating Configuring Cisco Wireless LAN Controllers WLC with ISE to perform Dot1x authentication for Wireless users.
Design and Implementation of 802.1x Wired/Wireless User Authentication using Cisco ISE Radius Server.
Performed all maintenance tasks on the Nexus Switches, ASR Routers, Checkpoint Firewalls, F5 Load balancers Infoblox DNS and Cisco ACI.
Supported Infoblox appliances grid environment for DNS, DHCP and IP Address Management tools (IPv4)
Provided technical assistance for LAN/WAN management & troubleshooting and complex customer issues using Network monitoring tools such as Solar winds.
Implemented Network packet level monitoring using Wire shark, Solar winds.
TJX Companies, Marlborough, MA Jan 2017 – Jun 2017
Network Security Engineer
Responsibilities:
•Involved in complete LAN, WAN development (including IP address planning, designing, installation, configuration, testing, maintenance etc.).
•Involved in Switching Technology Administration including creating and managing VLANS's, Port security, Trunking, STP, Inter Vlan routing, LAN security etc.
•Implemented with Cisco Layer 3 switches 3750, 4500, 6500 in multi VLAN environment with the use of inter-VLAN routing, HSRP, ISL trunk, ether channel.
•Possess good experience in configuring and troubleshooting WAN technologies like MPLS, T1, T3, DS3 and ISDN.
•Monitoring the network traffic with the help of Qradar and Cisco IPS event viewer.
•Remediation of firewall rules from checkpoint firewalls to Cisco ASA firewalls and their implementation.
•Monitoring the traffic through Cisco catalyst switches for Detection of Intrusion using IDSM2 and its Prevention IPS.
•Managing and implementation of PORs (port open requests) based on the requirements of various departments and business lines.
•Implementing and troubleshooting (on-call) IPsec VPNs for various business lines and making sure everything is in place.
•Installing and configuring new Cisco equipment including Cisco catalyst switches 6500, Nexus 7010, Nexus 5548 and Nexus 2k as per the requirement of the company.
•Worked primarily as a part of the security team and daily tasks included firewall rule analysis, rule modification and administration.
•Configuring & managing around 500+ Network & Security Devices that includes, Palo Alto Firewall, Cisco ASA, Fortinet, and Juniper (Net Screen) Firewalls, F5 BigIP Load balancers and 3DNS, Blue Coat Proxies and Plug Proxies.
•Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
•Implement the firewall rules using Panoroma/Fortimanager.
•Adding and removing checkpoint firewall policies based on the requirements of various project requirements.
•Installing, configuring Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design.
•Designed, configured, implemented site-site VPN between cisco ASA 5500 firewall and Palo Alto Firewall.
•Configuration and Administration of Cisco and Juniper Routers and Switches
•Deploying and decommission of VLANs on core ASR 9K, Nexus 9K, 7K, 5K and its downstream devices configure 2k, 3k, 7k series Routers
•Created documents for various platforms including Nexus 7k, ASR9k, and ASR1k enabling successful deployment of new devices on the network
•Configured Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000 to connect servers and storage devices.
•Configuring and managing F5 ASM (Application security manager). Developed security policies.
•Configure and troubleshoot Juniper EX series switches.
•Migrated to Juniper EX series switches from Cisco 3500 series and 6500 series switches
•Work with Load Balancing team to build connectivity to production and disaster recovery servers through F5 Big IP LTM load balancers
•Experienced in configuring Guest access using Aruba ClearPass and Web Authentication.
•Experience with Aruba/Ruckus Wireless Controllers, Access Points and IAP. Implement Aruba Wireless infrastructure using Aruba controllers & Access Points. Configured Aruba access points troubleshoot connectivity issues with Aruba access points
•Installed, configured Cisco Meraki equipment and web based monitoring platform for MR32 wireless access points.
•Strong hands on experience on, ASA Firewalls, Palo Alto Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
•Implemented Zone Based Firewalls and Security Rules on the Palo Alto Firewall. Exposure to wildfire feature of Palo Alto. Supported Blue Coat Proxy in explicit mode for users trying to access Internet from Corp Network.
•Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering). Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.
Hospira, Lake Forest, IL Dec 2014 – Dec 2016
Security Engineer
Responsibilities:
·Extensively performed network configurations, conducted analysis to determine design standards, and leveraged best practices
·Performed IOS Software upgrades on Cisco Routers, Nexus Switches, ASR, ISR routers, Switches 6500, 3750 and 4500s.
·Installed and configured routers, Cisco 2800, 3845 routers and cisco catalyst switches.
·Engaged in office moves, helped in identifying network requirements of new building, installed new networking hardware, and coordinated with vendors for cabling/wiring
·Trouble-shooting end-user reported problems, thoroughly and accurately documenting problem in trouble management tool.
·Configuring DNS /NIC card issues and wall jack issues while troubleshooting IP addressing problems.
·Responsible for creating, modifying, removing VLAN configuring as per the need.
·Tracking overall network traffic and capacity issues that are impacting throughput, bandwidth, and quality
·Pinpointing physical network conditions that are contributing to call quality issues
·Applied effectively various routing protocols including EIGRP and OSPF Implemented Redistribution of Routing protocols.
·Solving web related problem including HTTP, HTTPS, DNS, SMTP.
·Involved in migration from EIGRP to OSPF and documented change management procedure for migrating from EIGRP to OSPF network.
·Configured ACLs to prevent access to internal network from unauthorized users on ASA firewalls.
·Troubleshoot intra-net and internet connectivity issues using PING and Traceroute.
·Configured HSRP, Ether Channel in the LAN environment and NAT.
·Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches, fixes, and all around technical support.
·Design and Implement Remote access management and VPN access between the sites.
·Configured T1 interface and Channelized T1 interfaces between Cisco 2800, 2400 and 2500 series routers.
·Configuring ASA (5540/5550) Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
·Adding websites to blocked list on the bluecoat proxies based upon business requirements.
·Create end-user VPN accounts with appropriate access. Installed and configured for VPN IPSEC and VPN Dial-up
·connections for remote users using VPN Concentrator.
·Installation, Maintenance and Troubleshoot DNS, DHCP Servers and System issues.
·Managed and maintained DNS, DHCP protocols and windows AD Infrastructure.
·Configuration and installation of wireless networks using access points, and Wireless LAN cards of Wi LAN,Dlink, Linksys, and Cisco AG APs.
·Installation, Configuration, and maintenance of Network Printers.
·Providing End-user support for configuration and troubleshooting of hardware, software and Windows operating systems related issues, Network connectivity issues, Remote access setup and Management issues, and VPN connection issues.
·Experience in installing SQL 2005 Database server and Internet Information Server (IIS) 6.0 on Windows 2003 and
Internet Information Server (IIS) 7.5 on Windows 2008 Server.
CSS Corporation,Hyd India May 2012 – Oct 2014
Network Engineer
Responsibilities:
Configuring/Troubleshoot issues with the following types of routers Cisco (7200, 6500, 4500, 1700, 2600 and 3500 series), to include: bridging, switching, routing, Ethernet, NAT, and DHCP, as well as assisting with customer LAN /WAN
Configured and troubleshoot Juniper Ex 4500 and series switches and Juniper ACX series routers.
Involved in the deployment of Content Delivery Networks (CDN).
Experience with SQL for extracting the data from SQL database, related to network issues.
Experience working with Network-attached storage (NAS) to provide Local Area Network (LAN) nodes with file-based shared storage through a standard Ethernet connection.
Configuring HSRP between VLANs, Configuring Ether-Channels and Port Channel on Cisco6500 catalyst switches.
Cisco Secure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN 3000 Concentrator.
Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPsec/GRE to GET VPN.
Assisted in MPLS migrations, implemented a backup for the existing WAN connection using site-to-site IPsec VPN tunnels.
Worked on the migration of existing PIX firewall to ASA firewall and with converting PIX rules over to the Cisco ASA solution.
Worked extensively on Cisco ASA 5500 (5510/5540) Series.
Involved in Configuration of Access lists (ACL) on ASA firewall for the proper network routing for the B2B network connectivity.
Experienced in securing configurations of SSL/VPN connections, troubleshooting Cisco AS firewalls and related network security measures.
Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation.
Experience working with Active Directory (as a centralized system) to automate network security management and user data.
Worked with Aruba Access point as a Public Wi-Fi and successfully implemented Wireless Access Point
Contact this candidate