Network Engineer Cisco
Resume:
Abdul
Phone: 732-***-****
Email: ads4jl@r.postjobfree.com
Summary
Senior Network Engineer with 8+ years of experience in designing and implementing IT network architecture including configuration, optimization and supporting LAN/WAN networking systems in Campus, Service Provider and Data Center environments.
Experience with Cisco ISE implementation and troubleshooting. Hands-on experience on Enterprise solution in user access control with 802.1x by Cisco ISE for LAN and WLAN.
Extensive experience on working with troubleshooting of VoIP network using Cisco Call Manager, Cisco Unity Connection, Voice gateways.
Good experience with Cisco Meraki wireless including Cisco Meraki switches installation, adding new AP’s, creating Wi-Fi heat maps.
Experience troubleshooting wireless issues in multi-vendor environments such as Aruba, Cisco wireless or Cisco Meraki.
Experience in installing and troubleshooting multiple vendor firewalls such as Cisco, Palo Alto, Check Point and Fortinet Firewalls.
Hands-on experience on SDN technology, including VMware NSX and Cisco ACI.
Experience in WAN technologies including MPLS, SD-WAN, IPSEC, DMVPN.
Hands on experience with implementation and troubleshooting of routing protocols such as: BGP, OSPF, EIGRP, RIP and ISIS.
Hands on experience in creating different application policies in the ACI including Tenants, Application Network Profile (ANP), End Point Group (EPG), Contracts, Subjects and Filters.
Experienced in preparing network designs like HLD, LLD based on the business requirements.
Experience on storage protocols Fiber Channel, iSCSI, NFS, CIFS in SAN/NAS/DAS environments.
Provided technical leadership, standards, and best practices to infrastructure teams during network design and build phases of initiatives or projects (SD-WAN, NetScout, and Palo Alto firewalls).
Experienced in managing Azure Active Directory, Compute/Network/Storage, Identity Protection, MFA, PIM, RBAC, Automation Runbooks, PowerShell DSC, Offce365.
Experience working on network monitoring and analysis tools like SolarWinds, Logic Monitor, InterMapper and Wireshark.
Technical Skills
Routers : Cisco 2600, Cisco ASR [9k, 1k], Juniper [MX960, MX480]
Switches : Cisco 2900, Meraki, Nexus [9k, 7k, 5k, 2k], Arista [7280, 7170]
Firewalls : Cisco ASA [5510, 5585, 2130 etc.], Palo Alto [5000/3000 Series],
Checkpoint, Fortinet
Cisco ACI : APIC controllers, Leaf and Spine Switches, CIMC, etc.
LAN Technologies : VLAN, Inter-VLAN, VTP, STP, RSTP, SMTP, Virtual Port Channel (vPC)
WAN Technologies : MPLS, VPLS, SD-WAN, EPL, EVPL
Routing Protocols : RIP v1/v2, EIGRP, OSPF, IS-IS, BGP
DNS/DHCP Management : Infoblox, Windows Server 2019
Network Management : Cisco DNA Center, Cisco ISE, Aruba ClearPass, Infoblox, Cisco Prime
Network Monitoring : Wireshark, SolarWinds, NetScout (nGeniusONE),
InterMapper, Logic Monitor
Load Balancers : F5 Networks (Big-IP, Viprion 4400, 2400)
Cloud Environments : Azure
Scripting : Python
Network Design Tools : MS Visio
Ticketing Systems : ServiceNow, Footprints, HP Service Manager
DNS/DHCP : Infoblox, BlueCat
Valid Certifications
Palo Alto Networks Certified Network Security Engineer (PCNSE)
Cisco Certified Networking Professional (CCNP) – Enterprise
Cisco Certified Specialist - Service Provider Core
Cisco Certified Network Associate (CCNA)
Education
Master of Science in Electrical Engineering
Experience
Boston Public Health Commission, Boston, MA Oct 2020 – Current
Senior Network Engineer
Responsibilities:
Configure and maintain IPsec, SSL Decryption, high availability, port mirroring, SSL VPN on Palo Alto firewalls.
Implementation of panorama for firewall management. Configuring of FW rules and analyze firewall logs.
Configured Firepower NGFW to block attacks and intrusion attempts.
Redesign the network for multiple locations to have the redundant internet circuits and site addition for SDWAN.
Worked on Cisco Vmanage to deploy SD-WAN on multiple remote sites and also on the core network in the Data Centers.
Responsible for wireless configuration, implementation of wireless solutions, and remote troubleshooting.
Hands on Experience with Cisco Wireless Controllers 5500's and 2500's and coming to access points, worked on 3700's, 3500's and 1142 access points.
Experience administering IPAM solutions such as Infoblox for IP address management, DNS, and/or DHCP
Install and configure SAN Networks with FC / iSCSI switches. Install PCI Mezz cards in blade servers.
Performing the software upgrade from version 9.1 to 10.2 on panorama and support VM-300 series Palo alto
Deployment, configuration, and management of 802.1x solutions to include Cisco Identity Services Engine (ISE), ACS (Radius and TACACS+), and Cisco Prime Infrastructure. Address ISE Endpoint Information, which is used to estimate the failure, risks before change windows.
Review/modify/create/finalize design documents, plans, and configurations day-to-day operations and support of the dual site SolarWinds Orion performance monitoring environment.
Performed pen testing Nmapper, Wireshark and the Metasploit Framework. Created a full threat and vulnerabilities report for all assets of the company network
Monitor and alert management of all components related to ISE NAC solution and support patching, capacity reviews and lifecycle management. Monitoring and running ISE reports.
IP addressing and design schemas for a variety of IP Pools using DHCP scope or local IP pools for NAC Controls.
Experience in implementing site-to-site and remote access VPN Technologies using GRE, IPSEC & MPLS.
Troubleshoot DNS issues.
Design, setup and configure Cisco wireless networking that supports open or secured access.
Cisco ISE patch upgrade and integration of radius server (Cisco ISE server) with palo alto firewall for authenticating VPN users.
Worked on User-ID to collect user-mapping information. Used App-ID to determine that encryption (SSL or SSH) is in use. Worked on App-ID to match Traffic against policy to check whether it is allowed on the network.
Manage Azure AD Users, Users Group, User License, MFA to authenticate/authorize users based on Identity used with using Conditional Access.
Support the installation of SC Series Storage SC5020 (iSCSI) and VxRail.
Implemented InterMapper for network monitoring, Liebert Nform implementation for UPS management.
Manage Cisco Meraki Portal which includes adding new AP’s, new SSID’s, VPN tunnel, etc.
Experience using Cisco DNA Center to automate network routing and switching functions.
Experience in migrating legacy networks to new DNAC network platform.
Palo Alto installation and maintain threat prevention, data filtering and wildfire.
Working experience with PA App-ID for application visibility and URL filtering on PAN devices.
Deploying and decommission of VLANs on Nexus 9K, 5K and its downstream devices.
Configure and implement voice gateways (H323/MGCP/SIP, SRST) for remote sites and manage inbound and outbound voice traffic through the management of PRI and SIP voice systems.
Implementing Layer 3 firewall rules and policies on Meraki.
Establishing VPN Tunnels using IPsec encryption standards and configuring and implementing site-to- site VPN.
City of Hope, Irwindale, CA Apr 2020 – Oct 2020
Senior Network Engineer
Responsibilities:
Performed firewall migration from Cisco ASA firewalls to Palo alto firewalls using Palo alto Migration tool.
Implemented Cisco ISE for delivering consistent, highly secure access control across wired and wireless multi-vendor networks and remote VPN connections.
Installed, configured, and managed Cisco Meraki Wireless MX64, MX84, MX100 & MX400 network security appliances across Global sites.
DNS Updates/Removals/New Adds via InfoBlox DNS Appliance.
Supported Infoblox appliances grid environment for DNS, DHCP and IP Address Management tools (IPv4).
Integrating Configuring Cisco ASA Firewalls with ISE to the Posture policy compliance perform CoA for remote VPN IPSec, SSL AnyConnect users.
Successfully installed Palo Alto PA-3050, PA-5050 firewalls to secure zones of network.
Aruba Clear Pass authentication solution for guest and corporate connectivity (Dot1x).
Designed, configured, and administrated Silver-Peak WAN Optimization devices.
Design, code, test, and integrate system-level scripting on Python and JSON to perform multitasking for the Software Defined Network Solutions such as ACI.
Troubleshooting connectivity issues through Palo Alto firewalls as well as writing and editing policies.
Replaced aging Checkpoint firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection.
Experience working with BGP attributes such as Weight, Local-Preference, MED and AS-PATH to influence inbound and out bound traffic.
Work with Network Services management team, Solutions Architects, IT Security, Project Managers, and End-users on core infrastructure related projects. Ensure that projects result in highly reliable and supportable systems and tools.
Designed, configured, and administrated Silver-Peak WAN Optimization devices.
Assurant Inc, Chicago, IL Nov 2019 – Mar 2020
Network Security Engineer
Responsibilities:
Deployment of new technologies which includes the Spine-Leaf Architecture (Cisco ACI), Endpoint Groups, Switch Profiles, Interface Profiles and Fabric Wide Configurations for stabilizing the Network Infrastructure.
Experience with software defined networking (SDN) in a data center environment.
Experience on working with Silver Peak SD-WAN circuit.
Assisted in implementation of Silver Peak and Riverbed WAN Optimization appliances.
Extensive experience supporting Fiber Channel, FC-IP, FC routing, FICON, iSCSI
Configured mobility features such as mobile voice access, extension mobility, and remote destination profiles in CUCM.
Configure L3 out using SVI from the Cisco ACI fabric into the LAN/WAN environment.
Configure Access, PC and VPC policy groups under the interface profiles and ensure EPG’s implementation through the static port bindings.
Configure L2, L3 Port channels and VPCs within the data center nexus environment and the Cisco ACI environment.
Tracked and reported on number and value of certificates issued as well as performed internal audits to ensure all SSL On Demand customers remained in compliance with industry baseline requirements.
Extensive trouble shooting experience from legacy Cisco 5500 Series Wireless LAN Controllers to new Meraki security appliances and wireless access points.
Maintained DNS resolution policy, processed PKI certificate requests, blocked malicious websites using Websense, and maintained pattern based SPAM filters on Symantec Brightmail Gateways.
Implement Infoblox DNS appliance and run scripts as needed.
AlticeUSA, Tyler, TX Apr 2017 – Oct 2019
Network Engineer
Responsibilities:
Designing and providing support of Routers, Switches, Security Solutions, VPNs, L4-7 Load Balancers, SD-WAN and Network Management Solutions across LAN/WAN.
Work with MPLS to improve quality of service (QoS) by defining LSPs that can meet specific service level agreements (SLAs) on traffic latency, jitter, packet loss and downtime.
Installation and configuration of SDN and NFV Solutions (cloud-based solutions) and Integration of SDN and NFV Solutions.
Design, configure and deploy point to point and DIA. Resolve all IP network issues to reduce downtime while also ensuring client SLA's.
Supported in decommission of Juniper MX960, MX480 and migrating services to Cisco ASR 9006, 9010 and Cisco Catalyst 3850.
Testing the routing protocols and new software codes in Lab environment.
Written python scripts to implement y.1731 across the network to calculate delay and loss.
Managed the rollout of MPLS-TE protocol to control bandwidth usage for guaranteed delivery and reroute of voice and video traffic across the coast-to-coast network backbone.
Work with customers to complete DIA circuits, implement BGP or static routes depending on customer requirement.
Troubleshooting MPLS connectivity issues on CE/PE connectivity which includes L2VPN.
Srashtaa Software, Hyderabad, India Jan 2013 – Dec 2014
Network Engineer
Responsibilities:
Various refresh projects to replace older Cisco devices such as Cisco 7609 with newer ASR and older switches with various Nexus devices. Troubleshooting MPLS connectivity issues on CE/PE connectivity.
Worked on multi-vendor platform with Check Point, Fortinet and Cisco ASA firewalls requesting net flow for security compliance, coding, and pushing firewall rules after approval and troubleshoot incidents.
Implemented and troubleshoot complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MST.
Contributed to the implementation and support of SNMP monitoring software and other network
monitoring tools.
Configured Static and default routes.
Maintain and update Cisco ASA 5500 firewall to provide demarcation between DMZ, secure internal network and the external network.
Created VLAN and Inter-Vlan routing with Multilayer Switching.
Installing new equipment to RADIUS and worked with TACACS configurations.
Managing and troubleshooting issues related to UCCE scripting for call flow change, IVR or Holiday requests.
Configured and installed VoIP CUCM and cisco unity system, prepared network assessment for testing utilization for VOIP traffic and deployment and trained the user with more value-added services.
Contact this candidate