Cisco Engineer
Resume:
Imran Syed
Certified Network Security Engineer
adk5f9@r.postjobfree.com
Summary:-
Certified Senior Network Engineer with 8.9 Years of experience in Networking, Security, Installing, Configuring and Maintaining Network devices.
Experience in Cisco Routing, Switching and Security with strong Cisco hardware/software experiences with Cisco Routers such as 1900, 2900, 3900, Cisco ASR-1k/9k, Cisco Multilayer Switches 4500, 6500, Cisco Nexus 2k/5k/7k/9k.
Successfully created Network Automations using Python.
Experienced in remote management protocols such as TR-069, SNMP & MQTT.
Strong Experience and broad technical knowledge with converged infrastructure, switching & routing in a large and complex network.
Experienced in Palo Alto Firewalls, Juniper Firewalls, Check point firewalls, Fortinet Firewalls, Cisco WSA/CWS, Cisco ASA, SSL VPN, Cisco Nexus, Cisco ACS, Cisco ISE and IPS.
Hands on with Blue Coat URL filtering with white listing and blacklisting URL, creating rules for content filtering.
Created Route maps on F5 BIG-IP GTM to link various VIPs from different F5 BIG-IP LTM to GTM.
Proficient in using firewall technologies including general configuration, security policy, rules creation and modification of Cisco ASA, Juniper SRX and Check point.
Experience with Cisco IOS, cat OS, Cisco IOS XR and JUNOS.
Create PowerShell runbooks in Azure Automation.
Extensively worked on Cisco catalyst 6509 and implemented VSS along with VDC and VPC on Nexus 5505, 7009 switches.
Used python programming and language to develop an efficient and working network in the company.
Worked on Load balancer F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
Performed review of all AWS resources for open security group ports on ELB, EC2, and RDS resources as well as open S3 bucket policy rules locking down all resources with least security permission required.
Established relationships and network connectivity with vendors via site to site VPN.
Highly motivated with the ability to work independently or as an integral part of a team and committed to highest levels of profession.
Certification:-
Cisco Certified Network Associate (CCNA)
Cisco Certified Network Professional (CCNP)
Technical Skills:-
Networking Technologies
LAN/WAN Architecture, TCP/IP, Frame Relay, VPN, VLAN, VTP, NAT, PAT, STP, RSTP, PVST, MSTP
Networking Hardware
Cisco Switches, Cisco Routers.
Firewalls
ASA/Pix/Palo Alto/Fortinet/Juniper /Fortinet firewalls
Routing Protocols
OSPF, ISIS, EIGRP, RIP, MPLS, IS-IS, BGP, Multicasting
Network Monitoring
Solarwinds, Wireshark
Load Balancers
F5 Networks (BIG-IP), Netscaler (Citrix)
Switches
CISCO 2960,3750,3850, CAT 9300, CAT9400, CAT 9500,4500,6500,6800 Nexus 7k,5k,2k
Scripting Automation
Python and pearl
Professional Experience: -
T-Mobile, Seattle, WA Jan 2019 – Till date
Sr. Network Security Engineer
Responsibilities:
Configured rules and maintained Palo Alto Firewalls & analysis of firewall logs using various tools
Worked on Azure DNS to configure custom domain names for the resources in your VNets. Finally, we will move on to learning how to set up both public and private DNS zones.
Worked on Palo Alto PA-5050 design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
Staged, planned and deployed Palo Alto NGF 5250s, 3020s, 3060s within Data Centers
Strong experience on Ansible for network configuration automation and management using built-in libraries.
Configured and maintained Azure firewalls to protect SQL databases, Network Groups, Key Vaults, and Virtual Machines.
Incorporate Cisco Nexus 9000 NXOS to ACI fabric to work in concert with existing Nexus 7000s and ASRs for Multi-protocol Label Switching (MPLS)
Experience in configuring vdc, fex pinning, fex port-channel, port-channel, peer keep alive, peer link.
Support Quality Inspections and Operational Test (OT) events related to the 2G WLAN Aruba Networks Controllers, and Access Points. (Aruba 6000 controller, Aruba AP65,70,124,85,125) system.
Create L2 and L3 Vlans on Juniper switches during the migration from the old switches for Prod, Dev, QA, Backup and ILO environments of different application groups and business units.
Worked in for the NextGen Datacenter Cloud Architecture, using Cisco ACI and Nexus 9K.
Advanced skills of designing, coding, and troubleshooting iRules Executed the F5 Viprion to deal with high traffic volume for L7 traffic on 2250 blade while Thunder 6630 using Viprion chassis
Participated in troubleshooting SDN/SD-WAN deployments
Configured WAN connections with SD-WAN.
Deployed CISCO ACI Greenfield and Migrated from Legacy network.
Developed ACI (Cisco Application Centric Infrastructure) based Cisco Validated Designs for Enterprises and Service Providers to transform Traditional 3 Layer Architecture to ACI based (Spine, Leaf and APIC) Architecture
Monitored network devices, interfaces, logs, CPU utilization, health, alerts and troubleshot issues, pushed/modified configs, generated change reports, run scheduled jobs, etc. using Solarwinds.
Helped other T-Mobile team project in Cisco, Aruba 225, 325, AP groups, SSID’s, Authentication rules, 802.1X for Wireless
Strong hands on experience on PIX (506, 515, 525, 535), ASA (5505/5510) Firewalls.Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS AAA(TACACS+ & RADIUS
Provided administration and support on Bluecoat Proxy for content filtering and internet access to headquarters, remote site offices and VPN client user
Good knowledge and experience in Installation, Configuration and Administration of Windows Servers 2000/2003, Active Directory, FTP, DNS, DHCP, TFTP, Linux OS under various LAN and WAN environments.
Responsible Implementing NAT solution's on WAN applications with Cisco ASA based solution.
Included Day to Day activities Include Incident Resolution and Service Request for Creating new WIP and VIP are on the F5 LTM/GTM. Virtual Edition and the F5 Big IP VIPRION 4800, 4480 Hardware
Automated network implementations and tasks and designed monitoring tools using python scripting.
Designed and configured Azure Virtual Networks (VNets), subnets, Azure network settings, DHCP address blocks, DNS settings, security policies and routing.
Automated network implementations and tasks and designed monitoring tools using python scripting.
Worked in configuring Azure AD and Conditional access policies.
Dealt with creating VIP(virtual servers), pools, nodes and applying I Rules for the virtual servers like cookie persistency, redirection of the URL
Responsible for providing ongoing support to application centric infrastructure (ACI) solution.
McKesson, Irving, TX June 2017 – December 2018
Network Security Engineer
Responsibilities:
Involved in implementation of trunking using Dot1Q, and ISL on Cisco Catalyst Switches.
Worked on Nexus 5548, Nexus 2248, Nexus 2232, Cisco 12418, 12416 Cisco 7200VXR, Cisco 6513, and Cisco OSR, Cisco 4507 Routers, Cisco 6500, 4500, 3750 & 3560 switches.
Work on Change Management for migration from Cisco ASA to Palo Alto.
Implemented VLAN, VTP domain, Trunking and Ether Channel on Cisco 5500 switches.
Upgraded Panorama version 7.0 to 8.0 on Palo Alto Firewalls.
Upgraded the existing Panorama to V8.0.6. Integrating the new firewalls to Panorama and responsible for working on change tickets for existing 3250 Palo Firewalls in the environment.
Upgraded Data Center from C6500s to Nexus 7k/5k/2k, double-VPC between distribution and access, single-VPC to servers
Configured and deployment of routing protocols RIP, OSPF, EIGRP & BGP over Cisco Routers in Production environment and manipulated routing updates using route-map, distribute list and administrative distance for on-demand Infrastructure.
Wrote IOS and CAT OS upgrade procedures and Pre/Post checks for customer production upgrades.
Worked with Load balancing device like F5 Big-IP local traffic manager (LTM) 1600
Configured & managed Security Devices that includes Juniper (Net screen) Firewalls, F5 Big IP Load balancers, Blue Coat Proxies and Plug Proxies. Used pulse secure VPN secure login & single sign in across the production environment.
Work on Juniper series of Routers, Switches and Firewall devices such as MX-960, MX104, MX240, EX4200, EX4300, EX4550, EX8208, QFX5100 SRX branch/data center devices like SRX340, SRX550, SRX1500 and SRX3600 to implement new features that will be used in the production network
Migrated complex, multi-tier applications on AWS.
Experience in working on cloud AWS cloud EC2, S3, RDS, Load Balancer, Auto Scaling with AWS command line interface and AWS python SDK.
Helped team in integrating Cisco ACI with nexus 9k in ACI mode
Helped team in deploying Meraki SD WAN devices
Deployed a new Meraki cloud base Guest and Corporate Wireless system. Personally, built, installed and maintained Meraki MR42 Access point and cloud system
Worked on network automation using python scripting
Defined and deployed monitoring, metrics and logging systems on Aws.
Migrated existing on-premises applications to AWS
Installed and maintained Cisco 7500 and 7200, 12000 backbone routers with HSRP and various IGP routing protocols such as EIGRP, and OSPF.
Participated in TCP/IP network planning, Implementation and Management with subnets.
Designed and configured LAN networks with Access layer switches such as Cisco 4510, distribution layer switches such as 6513 and a routed core.
Designed and implemented WAN IP infrastructure using frame relay, T1/T3, DSL technologies.
Troubleshooting issues related to Cisco Routers, Switches, and ASR, Nexus 5K, 2K, MPLS and critical network links by coordinating with the vendor.
Converting CatOS to Cisco IOS Config Conversion on distribution layer switches
Used network analyzers like Wireshark, ethereal and sniffer for packet analysis.
Configured network access servers for AAA Security
Design & Implementation of Cisco ASA 5555 in High Availability.
Design & Implementation of Cisco ASA 5545 as VPN gateway.
Troubleshooting of Cisco 2800,2900, 3900, 7200, 7600, ASR9k, CRS, GSR 12k Series routers
Nationwide, Columbus, OH June 2016 – June 2017
Sr. Network Security Engineer
Responsibilities:
Upgrade PAN-OS in Palo Alto firewalls.
Configure Security Profiles such as Antivirus, Anti malware, Threat Prevention, Vulnerability
Implement URL filtering on Palo Alto Firewall and control access to restricted sites.
Configure and troubleshoot IPSEC VPN form Site to Site with Cisco, Palo Alto Devices as peer.
Configuring and troubleshoot Global protect SSL VPN for Work from Home Users on Palo Alto
Configuring Security Policies for Access control, interzone connectivity, External Access on Palo Alto Firewall.
Configure NAT polices on Palo firewalls as per requirements.
Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
Panorama firewall management tool to administer Palo Alto 5050, & 5250 device groups.
Designed Network Security Groups (NSGs) to control inbound and outbound access to network interfaces (NICs), VMs and subnets.
Setup Azure Virtual Appliances (VMs) to meet security requirements as software based appliance functions (firewall, WAN optimization and intrusion detections).
Worked on Infoblox to provide DNS, DHCP, IPAM, administration services.
Configuration and Deployment Big IP F5 LTM and GTM load balancers from a Scratch at the Ohio Data Center Location.
Apply QOS/COS Configurations on AristaJuniper devices to get finer control around the application need to prioritize traffic as per the DSCP code points for BE, AF, CS and EF markings on incoming and outgoing packets.
Support production environment of Juniper products within the Customer infrastructure and ongoing efforts in defining best practice policies for Juniper product applications used by Customer
.Configure Server Pool, Pool Members, Server nodes for a VIP.
Software Upgrade projects across F5 Upgrade of Big-IP from 11.6 to 13.0
Troubleshoot issues related to Application slowness by Analyzing nodes, Health monitors, Server pools.
Management of F5 LTMs & GTMs Load Balancers. This Includes Incident Resolution Tickets, Service Request Tickets, Certificate renewals.
Configuration and troubleshooting of Issues related to VIP’s, Server pool’s, Redundancy, Persistence,
SSL offloading to improve application performance.
Experience working with Cisco Nexus 7700, 5500, 2148, 2248 series in Data Center Environment.
Performed ISSU to upgrade to Core Nexus 7k switches
Decommission of legacy Cisco 6500’s, Cisco 4500’s and Deployment of new 6807 to replace the 6500.
Configure OSPF & Troubleshoot issue’s related to OSPF as Internal Routing Protocol.
Perform Layer 2 switching and Layer 3 routing within a Data Center Environment, between Core, Distribution& Access Layers
Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K and downstream devices.
Implemented DHCP, DNS, IPAM configuration on the servers to allocate, resolute the IP addresses from
Worked on Infoblox Management of replication between Grid Master and member appliances
Experience with CA Suite, Spectrum Network Monitoring tool.
Orange Research Labs, India June 2012– August 2015
Network Security Engineer
Responsibilities:
Provided technical support for expansion of the existing network architecture to incorporate new users.
Involved in Local Area Network (LAN) implementation, troubleshooting, and maintenance as per company’s requirements.
Configured STP for loop prevention on Cisco Catalyst Switches
Configured VTP to manage VLAN database throughout the network for Inter-VLAN Routing.
Worked in setting up inter-vlan routing, redistribution, access-lists and dynamic routing.
Merge/swap existing Juniper SSG and Cisco PIX firewalls to Checkpoint firewall and Provider-1 management
Migrated multiple IPsec site-to-site VPNs from Check Point to FortiGate, implementing
Implemented various Switch Port Security features as per the company’s policy
Configured VLANS to isolate different departments.
Worked on physical and virtual networks to provide functionality on additional layers on VMware NSX.
Design, installation and troubleshooting networks with hand-on experience with OSPF, BGP, VPLS, Multicast, VPN, MPLS, & Traffic engineering.
Hands on Experience in Configuring L2 and L3 security features on devices
Implementing Routing and Switching using the following protocols; OSPF, BGP on Juniper M series routers.
Configured VLANS to isolate different departments.
Troubleshoot issues related to VLAN, VLAN Trunking, HSRP failovers, related issues.
Configured RIP, and EIGRP on 2901 and 3925 Cisco routers.
Designed and implemented VLAN using Cisco switch catalyst 1900, 2900, 5000 & 6000 series.
Contact this candidate