Network Engineer Data Center
Resume:
Name: Rezaul k Roman
Email: adwtwr@r.postjobfree.com
Mobile: +1-646-***-****
PROFESSIONAL SUMMARY:
• 7 years of experience in the industry, which includes expertise in the areas of Routing, Switching and F5 Load balancing, Firewalls.
• Experience in Design, deployment, operations and Troubleshoot of Cisco(Catalyst/Nexus) Switches, Routers, Firewalls and Load balancers: Cisco Nexus switches and Cisco Catalyst 4500, 6500.
• Experience in Layer 3 Technologies: OSPF, EIGRP, EBGP, IBGP and MPLS-MP-BGP.
• Experience in Layer 2 Technologies : Vlans, Spanning tree, Trunks, ATM/FRAME RELAY.
• Experience with installing and managing IT services such as Active directory, site replication, DNS, DHCP, DNS and Terminal servers.
• Configure all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments.
• Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point R65, R70 & R77, Palo Alto and Cisco ASA
• Experience in configuring VDC, VPC and FCOE, ISSU upgrading NX-OS for Nexus Family Switches.
• Design, configuration, and support of Cisco Nexus Platforms (Nexus 9K, 7K, 5K, 2K).
• Configured BIG-IP Local Traffic Manager (LTM), Global Traffic Manger (GTM) and BIG-IP DNS for the F5 BIG-IP 3900 and 6900 platforms.
• Experience in Implementing and supporting applications load balancing using F5 LTM/GTM/ASM
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 Viprion for the corporate applications and their availability.
• Experience in Physical cabling, IP addressing, configuring and supporting TCP/IP.
• Experience with Load Balancing using F5 Virtual and Viprion appliance .
• Configure VIP’s, Server Pool’s, Server nodes, SSL offloading, Health Monitoring.
• Expertise with Physical and Virtual firewalls hosted in cloud.
• Expertise in Next gen Firewall’s Palo Alto, Checkpoints, Firepower, Juniper SRX
• Experience with Cisco ASA 5500 and 5500-XSeriesfirewalls.
• Experience with firewall on Application filtering, Site to site tunnels, remote access VPN, NAT etc
• Expertise with Firewall and Load balancers in Cloud in AWS, Microsoft Azure
• Experienced working on Network monitoring, capture and analysis tools like SOLAR WINDS NPM, Cisco NAM, Splunk and Wire shark.
• Experience with documentation tools such as Vizio etc TECHNICAL SKILLS:
Networking Technologies: LAN/WAN Architecture, TCP/IP, VLAN, VTP, NAT, STP, DHCP, IPsec, VPN, HSRP, VRRP, GLBP.
Routing Protocols: OSPF, IGRP, EIGRP, RIP, MPLS, IS-IS, BGP, Multicasting Operating Systems: Windows 7, 8, Linux, Cisco IOS, IOS XE Routers: CISCO [7500, 7200, 4000, 3700, 3600, 2800, 2600] Switches: CISCO [6500, 5000, 4500, 3550, 3524, 2900], Nexus 7k, 5k, 2k Big-IP F5 Devices: LTM/DNS/GTM/ASM/APM: 6900, 6800, 6400, 5100, 3400 and 2400
Firewalls: ASA, Check Point and Palo Alto
Programming Languages: Python, C, C++
Automation Tool: APPVIEWX
Documentation Tools: Visio, MS. Office 365
Professional Experience:
Cleint: AMEX, AZ
Role: Network Engineer
Duration: Jan 2018- Nov 2022
Roles and Responsibilities:
• Provide traffic management solutions, including the design, low level engineering, and delivery of new hardware systems as well as application load balancing solutions including F5 LTM, F5 GTM, and Authoritative DNS services
• Worked on Configuring and Troubleshooting Cisco Routers (2500,2600,3000,6500,7200,7500 series).
• Worked on Configuring and Troubleshooting Cisco switches (3702/3850/4500/4800 series, Nexus 7K/5K series)
• Worked on Layer 2 and Layer 3 switching and routing Protocols like BGP, EIGRP, OSPF.
• Deployed BIG IP Enterprise manager to cluster all F5 LTM, GTM devices for easier management and configurations.
• Worked on building F5 LTM boxes from scratch with initial setup configurations of Trunks, VLAN, static and floating IP allocation.
• Worked on Hotfixes /Upgrading TMOS version dealing with 9.x 10.x and 11.x.
• Engaged in various migration projects migrating F5 9.x load balancers to 10.x.
• Worked on Migrating legacy LTM i.e. 5100, 6400 to 8900s (FIPS and Non FIPS) and 3dns to GTM 8900s as part of refresh project in DMZ/Internal network.
• Built and deployed F5 LTMs to support Anycast DNS
• Worked with L7 F5 ASM WAF Firewalls and Technologies including Vulnerability Scan conversions to ASM policies and related configurations
• Troubleshoot multiple issues on F5 LTMs and GTMs using tcpdump, curl, ssldump etc
• Involved in design of Internal DMZ networks having Checkpoint firewalls and F5 Load balancers.
• Performed SSL Offloading on F5 LTMs with 2048-bits VeriSign certificates. Renewed certificates to ensure the security of websites.
• Perform monitoring, analysis, diagnosis and resolution of problems involving Firewalls (CISCO ASA and Palo Alto), Routers, Switches, infrastructure and telecommunications applications.
• Migration from Cisco firewalls to Palo Alto firewalls platforms PA 820, PA 500 and PA- 200 firewalls
• Worked on deploying Cisco Identity Service Engine (ISE) over the enterprise in 5 different campuses with 362,000+ devices, for Wired & Wireless Authentication, Authorization and Accounting.
• Analyzing failed RADIUS authentications for 802.1x/MAB enabled switches in both Monitor and Enforcement mode.
• Created rules on Palo Alto firewalls devices PA-500, PA-2000 series running on version PANOS such as 4.x
• Worked on Cisco Identity Services Engine (ISE) implementation design, configuration, and deployment.
• Created the Authentication and Authorization Policy rules including (wired devices and wireless devices) 802.1x/RADIUS/TACACS.
• Worked on the deployment of the switches with configuration and changes required to add switches to the Cisco ISE Appliance and get visibility.
• Worked on the Python Scripting for the configuring the Switches/routers for Cisco NAC Project.
• Created the Profiles for endpoints and the required and also the rule conditions of profile in order to authorize the device with the OUI feedbacks.
• Configured and troubleshoot the issues with the profiling, Authentication and Authorization Policies, and proxy issues.
• Worked on using various tools such as IDA (ISE Deployment Assistant), Infloblox IPAM, Net brain, Wireshark, Cisco ISE, Cisco Prime Wired & Wireless, Ping Info View, Statseeker, Akips, Asset Data, JAMF.
• Worked on creating, reviewing and updating Service Now tickets according to established standard Operating procedures (SOP’s).
Client: Infoblox, Brooklyn
Role: Network Engineer
Duration: Oct 2016 - Dec 2017
Roles and Responsibilities:
• Working with Network Design and implementation teams on various projects across related to Branch, Campus and Data Center.
• Worked on Network Traffic sizing of cloud to network through security firewalls.
• Design, implementation and operational support of routing/switching protocols in complex environments including BGP, OSPF, EIGRP, Spanning Tree, 802.1q, etc.
• Performing troubleshooting on slow network connectivity issues, routing issues that involves OSPF, BGP and identifying the root cause of the issues.
• Switch experience includes Cisco Catalyst switches: Cisco 3750, 4500, 6500 series switches.
• Managing enterprise BGP setup by configuring and troubleshooting BGP related issues.
• Scaling of BGP and IGRP in the core, dealt with implementation of deployment related to Cisco devices and applying security policies on it.
• Troubleshoot issues related to VLAN, VLAN Trunking, HSRP failovers, related issues.
• Configuration and Deployment of new Big IP F5 LTM and GTM load balancers at the Dallas data center day to day activities include incident resolution and service request for creating new WIP and VIP’s on the F5 LTM/GTM. Virtual edition and theF5 Big-IPVIPRION 4800, 4480 Hardware.
• Configure Server pool, Pool members, Server nodes for a VIP.
• Configure advanced features on VIP’S. This includes configure a profile for cookie persistence. To configure a profile for SSL termination.
• Software upgrade projects across F5 upgrade of Big-IP from 11.6 to 13.0.
• Management of F5 LTMs & GTMs Load Balancers. This Includes Incident Resolution Tickets, Service Request Tickets, Certificate renewals.
• Configuring and troubleshooting OSPF routing protocol on the corporate network.
• Tested and implemented various BGP attributes such as Local Preference, MED, AS-PATH, Community, Extended community using route-maps.
• Worked on migration of Frame Relay based branches to MPLS based VPN for customer's WAN infrastructure.
• Have good experience working with the Trouble Tickets on F5 Load Balancers.
• Having Data Center Design Experience, installing and Configuring Network Devices in a Data Center including patching the cables in the Patch Panel. Design and implemented network infrastructure and configured the entire network Infrastructure devices including Network Printers and Register. Client: Verizon, NZ
Role: Network Security Engineer
Duration: Sep 2015 – Sep 2016
Roles andResponsibilities:
• Designing, implementation, management and on-site support(Troubleshooting) of Next-Generation Firewall in Palo Alto (PA3020, PA 5020, PA 5050, PA 7050) Firewalls & cisco environment(ASA5510, ASA 5515,ASA5520, ASA5585) .
• Configured, Troubleshooting and Maintenance of Palo alto Firewalls - PA220, Pan 820, PA2000 series, PA 3050 series, PA 4000 series and PA5000 series.
• Installation of Palo Alto (Application and URL filtering, Threat Prevention, Data Filtering and SSL Decryption, Global Protect and Wildfire).
• Managing Palo Alto firewalls through Panorama (Palo Alto centralized management) M 100 & M 500.
• Configured ASA 5585 to ensure high-end security on the network with ACLs.
• Configuring BIG-IP-F5 LTM and GTM Load Balancers and troubleshooting Issues in F5 and upgrading and modifying the Virtual Pool, Nodes and Creating VIP (Especially for VM Ware NSX managers).
• Apply knowledge of the operation, management, and maintenance of network security systems, linked systems and peripherals in order to enhance network operations.
• Perform monitoring, analysis, diagnosis and resolution of problems involving Firewalls (CISCO ASA and Palo Alto), Routers, Switches, infrastructure and telecommunications applications.
• Creating Site to Site IPsec VPN and SSL VPN, and maintaining the VPN interfaces, System health, and traffic analysis and Cluster status
• Migration from Cisco firewalls to Palo Alto firewalls platforms PA 820, PA 500 and PA- 200 firewalls
• Firewall code upgrade, patching, backup & recovery, Firewall assessment and Reporting
• Documenting root cause analysis for malicious incidents Service Critical Success factor issues which may impact the security of the environment.
• Resolving Incident and problem management issues with the security operations team to identify, protect and restore the services impacted by the incident, keeping in mind the SLA Matrix and documenting the root cause analysis
• Designing and keeping the flow diagrams up-to-date for the Security related services
• Handling CRQs (Change Requests) related to Firewall configuration, troubleshooting and Implementation and discussing them in CAB (Change Advisory Board) meetings to get approvals for implementing any changes.
• Deployment of Cisco and Palo Alto firewalls in Standalone / distributed environment by correctly configuring and implementing the network security infrastructure.
• Designing and installation of other network systems, syslog server, SIEM Tool (Logarhythm), maintenance and troubleshooting of real suspected malfunction, operation errors and bugs of non-firewall devices.
• Enabling the TCP, UDP, SMTP ports to allow the traffic between the Firewalls through the enterprise network.
• Configured Cisco ASA 5510 for VPN Network Access Control integration with Cisco ISE (Inline PEPs). Environment: CenturyLink Internet Service Provider Network with Cisco hardware platforms of ASR9K, CRS-1, c7600, c7500, c7200, c3750 etc. Routing Protocols of ISIS, OSPF, BGP, and MPLS, Switching Protocols (VTP, STP, GLBP, and HSRP).
Client: TD AMERITRADE, NY
Role: Network Engineer
Duration: Jan 2015 – Aug 2015
Roles andResponsibilities:
• Identify, design and implement flexible, responsive, and secure technology services.
• Strong knowledge on networking concepts like TCP/IP, Routing and Switching.
• Configuring STP for switching loop prevention and VLANs for data and voice along with Configuring port security for users connecting to the switches.
• Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-Vlan routing, LAN security.
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.
• Supporting EIGRP and BGP network by resolving problems of internal teams & external customers of all locations.
• Deployment of OSPF dynamic routing NOC engineering network routers, previously running RIP Static.
• Provide Technical support to end-user either through remote management or onsite based on the requirement.
• Worked on the Cisco devices 6509, 6513, 3600, 2811 and worked on all line cards and port configuration for the VLAN.
• Performed switching technology administration including VLANs, inter-VLAN routing, Trunking, STP, RSTP, port aggregation & link negotiation.
• Hands on experience on Windows server installation components like DNS,DHCP, Active directory and ISA.
• Application for load balancing on the servers.
• Understanding of IPSEC &GRE tunnels in VPN technology implementation using Cisco IOS..
• Experience on configuration of routing protocols like EIGRP in autonomous multiple areas.
Contact this candidate