Sr Network Engineer
Resume:
Kaunain Basir Mohammed
CCNA Certified Network Engineer
Email Id: ***************@*****.***
Phone no: 720-***-****
LinkedIn: https://www.linkedin.com/in/kaunainbasirmohammed/
PROFESSIONAL SUMMARY:
Network Professional with around 8+ years of experience in Designing and troubleshooting LAN, WAN, and MPLS in Branch, Campus, and Data Center environments.
Expert level knowledge of troubleshooting, implementing, optimizing, and testing static and Dynamic routing protocols such as EIGRP, OSPF, and BGP; ability to interpret and resolve complex route table problems.
Expert-level knowledge of TCP/IP and OSI models. In-depth expertise in analysis, implementation, troubleshooting & documentation of LAN/WAN.
I have good knowledge of Juniper models EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210 and SRX240.
Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come online or that may have been altered during various planned network changes.
Experienced in installation, configuration, and maintenance of Cisco ASR 9K, 7200, 3900, 2800, 2600, 2500, and 1800 series Router/Cisco Nexus 7010, 5548, 2148 Catalyst Cisco 6500 (sup 720), 4500 (SUP 6), 3750, 2950 series Switches.
Experience configuring Nexus 9k, 7k, 5k and 2k switches.
Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS.
Hands-on Experience testing I Rules using Browser (IE), HTTP watch, curl, Scripts (shell/batch file/Perl), and host files. Configuring and testing Multicast for both IPv4 and IPv6 routing in Data Environment Technical Knowledge on Cisco DMZ, ASA 5500 series firewalls.
Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP, and MST.
Strong understanding of current and future technologies including TCP/IP, IPv4/v6, RIP, EIGRP, OSPF, BGP, Frame Relay, ACL, VPN, Wireless LAN, and configuration of VLANs.
Engineered several SD-WAN POCs with Silver Peak, Cisco Viptela, and VeloCloud for a multi-tenant zero trust WAN requirement.
Implemented WAN network technologies like MPLS and Frame Relay, switching technologies like STP, switch and LAN security on L2 and L3 layer switches.
Performed on Palo Alto Firewall on network security software and hardware, security monitoring systems, encryption software, threat and vulnerability management services and software, identity management solutions, and network objects on the global group, cleaned up unused rules, decommissioned, etc.
Working and demonstrated experience on the PAN-OS 6, 7.1, and 8.0 versions: PA 220, PA 820, PA-2K, PA-3K, and PA-5K firewalls.
Implement & manage around 500+ Network & Security Devices including Cisco Nexus & Catalyst Switches, Cisco ASA, Juniper EX Series Routers, and Juniper SRX Firewalls.
Experienced in DHCP, DNS, NIS, SMTP, IMAP, ODBC, FTP, TCP/IP, LAN, WAN, LADP, security management, and system troubleshooting skills.
Experience Arista Cloud Vision on a POC. Working on Spine leaf Architecture in the data center.
Worked on EVPN, VXLAN, VTEPS, Bridge Domains, MP-BGP etc.
Hands-on experience on F5 LTM, and GTM series like 6400, 6800, and 8800 for the corporate applications and their availability. Experience on Virtual Servers, Pools, Persistence, I Rules, Listener IPs, SSL, HTTP, and TCP headers.
Updating Silver Peak SD-WAN, SolarWinds, Splunk, Aruba wireless, F5 LTM/GTM & Cisco.
Experienced in wide area networking (LAN, WAN, WLAN, SD-WAN), wireless networking, and industrial Ethernet
Experience troubleshooting network issues including boundary protection devices and Bluecoat Proxy Servers.
Installed new Aruba wireless Network infrastructure utilizing Aruba3400 and 3200 controllers.
Experience with F5 load balancer administration and support.
Design, implementation and support for network security technologies and products (WAF, Cisco ISE, AMP, Firepower, etc.)
Configuring Cisco routers and switches to enable and troubleshoot a variety of features such as the trunk, VLANs, Ether channel, port security, routing protocols including EIGRP, OSPF & BGP, and other related technologies.
Education:
Bachelors in Electronics and Communication Engineering – JNTUH - INDIA.
Masters in Information Studies – Trine University, Indiana (USA).
Certification:
Cisco Certified Network Associate (CCNA).
Technical Skills:
Networking:
OSI, TCP/IP, Cisco IOS, LAN/WAN interconnection, ISDN, RIP, OSPF, EIGRP, BGP, MPLS, STP, Aruba ClearPass, IP-Sec
Hardware Routers:
Cisco (1800/2600/3600/3800/7200/7600 series), Cisco ASR 9Ks), Juniper Routers like, M320 and MX80
Switches:
Cisco (2900/3500/3700/5500/6500 Series, Nexus 7k, 9k), Cisco switches: Layer 2 2900 series, Layer 3 3560, 3750
Firewalls:
Cisco ASA (5510,5540), Checkpoint R65, R70, R75, R77 Gaia, Juniper SSG, SRX, Palo Alto
Routing Protocols:
TCP/IP, RIP, OSPF, BGP, EIGRP, STP, DHCP, HSRP, RSTP, ARP, SNMP, STP, SIP, H.323, VOIP, QoS
Application/Network Protocols:
SNMP, Telnet, ARP, HTTP, TFTP, OpenID, 802.1q, 802.3, SD-WAN, VLAN’s, SAML
Scripting Automation:
Python, PowerShell/Bash
Other Tools/Technologies:
TDM, SONET/SDH, Visio, EFM, PON, ITSM/ MS Azure, VM Ware, GPON, VDSL2, BARP, CODEC, TACACS+, WebRTC
Operating Systems:
UNIX, LINUX (Ubuntu & Fedora), Windows 10, MAC OSX
Network/ Security Services:
DNS, DHCP, WINS
Professional Experience:
Client: Charter Communications, Inc, Denver, CO July 2024-Present
Role: Senior Network Engineer
Responsibilities:
Collaborate with Data Center Engineers to ensure proper installation of over 240 devices annually, including hardware like Juniper EX4300, PTX 10K, QFX 5x, Cisco 8201, and TSV servers, ensuring all are racked, stacked, powered, and consoled within 2-3 days of delivery.
Request and allocate IP addresses for onboarding devices using the IPAM tool, ensuring correct allocation of IPv4/IPv6 addresses for up to onboarding devices per project, supporting seamless network integration.
Perform code upgrades on devices, including upgrading to the latest JunOS or IOS-XR versions, reducing security vulnerabilities by ensuring all firmware is up to date.
Add devices to TACACS+ and Cisco ISE servers for centralized authentication, authorization, and accounting (AAA), enforcing multi-factor authentication (MFA) and role-based access control (RBAC) to secure network access for more than 120+ devices per quarter.
Manage DNS entries for devices by adding them to DNS records using the DIRRT tool, supporting scalable DNS configurations for hundreds of devices with accurate name resolution.
Write and deploy base configurations that adhere to industry standards such as BGP, OSPF, ISIS, and MPLS for network routing and traffic engineering, ensuring optimal performance for over 120+ devices in large-scale network deployments.
Write detailed Method of Procedure (MOPs) for device turnups, documenting the exact steps for staging and production integration for 100+ devices per deployment cycle, with a focus on reducing errors during the transition.
Add devices to network monitoring tools like SNIP, GRANITE, Alethia, CA Spectrum, and CA Performance Center, ensuring real-time network visibility for 99.9% uptime and faster incident detection.
Collaborate with teams including CBO Service Transition Staging, CBO Service Transition Project, APS-NASS-PASS, and CBO Tools on projects involving onboarding 120+ DAA devices across multiple regions, ensuring alignment on technical and security requirements.
Validate device configurations using automated scripts and manual checks to ensure all devices are fully operational post-onboarding, ensuring 100% compliance with predefined network standards.
Troubleshoot and resolve issues related to network performance, configuration errors, and security gaps within 24 hours to minimize downtime and maintain SLAs.
Client: Verizon, Tampa, FL Jan 2023 – Jun 2024
Role: Sr. Network Security Engineer
Responsibilities:
Maintained the Client's network configurations and dependencies and recommended design alternatives.
Responsible for designing, Implementing, and monitoring all Layer 2 and Layer 3 devices on the internal network.
Installed, Configuration and managed Cisco Meraki Switch Series MS220-48LP, MS225-48LP, MS250-48FP, and Meraki AP.
Troubleshooting DMVPN and Meraki auto-VPN, addressing Wireless issues on Flex Controller 7500.
Upgraded Meraki security devices and kept current firmware, verified Meraki was upgraded, both circuits were functioning through Meraki and wireless clients were using the Meraki appliances
Planning, installing, configuring, and troubleshooting of networking infrastructure including routers, and switches, and configuring all necessary LAN / WAN protocols in support of wireless infrastructure.
Performed TCP/IP application network analysis which led to the application being optimized by developers to improve the response time.
Assist and troubleshoot Cisco Meraki solutions remotely including 802.11a/b/g/n/a Wireless networks, Stateful.
Supported implementation of new CM and wireless system standards backed by enhanced security, Implementation of wireless systems, Meraki Wireless, Cisco Wireless, wireless controller, autonomous and lightweight APs.
Perform Network Analysis, Problem Determination, and resolution for complex severity 2 and severity 3 network problems that impact business users.
Performed troubleshooting of complex enterprise network infrastructure environment.
Have migrated more than 100 firewalls from PA to Cisco ASA.
Experience in virtual environments, preferably with Hyper-V and System Center
Managed solar winds Network Performance Monitor configuration and operations.
Responsible for the wide area network design of the client’s network and connectivity to the vendors and partners.
Expert in the configuration of Virtual Local Area Networks VLANS using Cisco routers and multi-layer Switches and supporting STP, RSTP, PVST, and RPVST along with troubleshooting inter VLAN routing and VLAN trunking using 802.1q.
Creating automated scripts using Python language.
Involved in Network design, Routing, DNS, IP subnetting, and TCP/IP protocol.
Manage multiple Palo Alto firewalls centrally through the Palo Alto Panorama M-500 centralized Management appliance.
Configured Multiprotocol Label Switching (MPLS) VPN with Routing Information Protocol (RIP) on the customer’s stage.
Implemented, and configured BGP WAN routing, converting OSPF routes to BGP OSPF in local routing.
Tested various BGP attributes like local preference, MED, and Weight and replicated customer issues in the testing environment lab.
Configured and maintained rule sets in the firewalls and updated them daily.
Work with F5 Load Balancing to build connectivity to production & disaster recovery servers through Citrix NetScaler.
Innovated with the support of Palo Alto for remote and mobile users and for analyzing files for malware in a separate (cloud-based) process that does not impact stream processing.
Technology support for Open-Source solutions, AWS/Azure VPC
Researched, designed, and replaced Checkpoint firewall architecture with new next-generation Palo Alto PA3000 and PA5000 appliances serving as firewalls and URL and application inspection.
Configuring rules and maintaining Palo Alto Firewalls& Analysis of firewall logs using Panorama.
Configured and maintained IPSEC and SSL VPNs on Palo Alto Firewalls and implemented Zone-Based Firewall and Security Rules on the Palo Alto Firewall.
Configuration and Maintenance of Cisco ASA 5580-20, ASA 5540, ASA 5520, ASA 5510 series firewalls.
Provided tier 3 support for Checkpoint and Cisco ASA Firewalls to support customers, Backup, and restore Checkpoint and Cisco ASA Firewall policies.
Configured Global Protect remote access VPN and Global Protect gateway on Palo Alto firewalls.
Provided day-to-day administration and support of an OSPF/BGP Net screen firewall WAN with dual-stack IPV4/IPV6 environment.
Client: Digit 7, Richardson, TX SEP 2021 – DEC 2022
Role: Sr. Network Engineer
Responsibilities:
Responsible for the entire LAN and WAN/WLAN maintenance and troubleshooting of the company network. Involved in the Team of Data Center Operations to perform duties like administration and deployment of Cisco Routers and Switches according to the organization's requirements.
Developed the solutions approach SA, network management technical plan NMTP, and network validation test NMVT documents.
I worked on Cisco, Juniper, and Aruba/HP gear in campus environments.
Worked on Cisco, Arista, Dell, and Juniper gear in the Data Center environment.
Troubleshoot issues related to VLAN, VLAN Trunking, HSRP failovers, and related issues.
Involved in the team for designing and Configuring Nexus 7000/5000/2000 in Top of Rack & End of Row Architecture for a Scalable Production Network that supports Rack & Blade server architecture in a multi-tenancy environment using VPC, VDC & VRF
Created Cloud Formation scripts for deploying RDS hot components on AWS.
Experience in deploying OSPF/EIGRP/BGP redistribution and changing the metrics for the primary and backup.
Experience working on network monitoring tools like SOLAR WINDS, CISCO works, Wireshark, and Splunk.
Responsible for the secure development lifecycle for Cisco’s Nexus line of products, including Application Centric Infrastructure (ACI), and Application Policy Infrastructure Controller (APIC) – Cisco’s Software Defined Network (SDN) solution.
Manages, delivers, and deploys aspects of network architecture, design, and engineering and details network specifications to migrate clients from the current network environment to the new environment.
Understanding the key requirements for the Control and Data Plane features of the VeloCloud/Viptela SD-WAN product, architecting a solution, and delivering a working prototype and the final product
Hands-on experience in configuring Viptela devices and creating device and feature templates on v Manage required for SD-WAN implementation.
Deliver related Network Engineering services associated with the planning, deployment, installation, administration, and management of data and VoIP networks also provide LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, and 3 problems).
Working on configuration of new VLANs and extension of existing VLANs on/to the necessary equipment to connect two data centers.
Implemented Palo Alto solution for remote and mobile users and for analyzing files for malware in a separate (cloud- based) process that does not impact stream processing.
Established automated processes to monitor applications, minimize failures or degraded performance, and alert administrators to problems.
Maintained PowerShell scripts to solve automation and network management tasks.
Configuring and implementing F5 BIG-IP, LTM, and GTM load balancers to maintain global and local traffic.
Responsible for deploying new LTM, ASM, and APM devices for new environments including code upgrades on existing & new F5 devices.
Involved in F5 LTM GTM and ASM planning, designing, and implementation. Actively involved in F5 ASM policy configuration and deployment. Troubleshoot and Worked with Security issues related to Cisco ASA/PIX, Checkpoint, IDS/IPS.
Configured ASA 5520/5500 to ensure high-end security on the network with ACLs and Firewall.
Configured F5 GTM solutions, which include Wide IP, Pool Load Balancing Methods, proverbs, and monitors.
Performed L3/L4 network and firewall troubleshooting skills.
Implementing and managing traffic engineering on top of an existing Multiprotocol Label Switching MPLS network using Frame Relay and Open Shortest Path First OSPF.
Configured WAN connections with Meraki and FortiGate SD-WAN.
I worked on Cisco Meraki switching and wireless LAN.
Installed configured and troubleshot Juniper Routers (E, J, M, and T-series) also worked with the rule base and its configuration in Cisco ASA, Palo Alto, Juniper, and Checkpoint firewalls, also performed advanced F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 and general troubleshooting of the F5 load balancer.
Client: Amazon, Hyderabad, India April 2016 - Jul 2021
Role: Network Engineer
Responsibilities:
Utilized knowledge of Spanning Tree Protocol, BGP, MPLS, and OSI model layers 1-2 to create network layouts.
Troubleshooting network connectivity between branch office and regional office with multiple link paths.
Responsible for the analysis/troubleshooting of large-scale enterprise VoIP networks also Excellent Hands-on experience with Cisco ISE and the Migration of Wireless and TACACs to ISE, Configuration & Integration of Cisco Identity Services Engine (ISE) 1.2. Stateful firewall, VLAN to VLAN routing, Link bonding/failover, 3G / 4G failover, Traffic shaping/prioritization, WAN optimization.
Performed configuration and administration of Cisco ASA Firewall.
Implemented route redistribution between OSPF and EIGRP.
Creating NAT/PAT used ACLs to block unauthorized users to the VLAN IP and allow the IP-Sec traffic.
Implemented and maintained network security measures, including intrusion detection and prevention systems, to safeguard against cyber threats.
Conducted regular network performance assessments and optimizations to ensure efficient data flow and minimize latency.
Collaborated with cross-functional teams to design and implement network solutions aligned with business requirements.
Actively participated in the planning and execution of network infrastructure upgrades and expansions.
Executed disaster recovery plans and procedures to ensure network resilience and business continuity.
Monitored network traffic patterns and bandwidth utilization to identify and address potential bottlenecks.
Maintained documentation for network configurations, troubleshooting procedures, and security policies.
Provided WAN/LAN Cisco router/switch configuration, implementation, and support to internal customer tickets involving BGP, OSPF, and EIGRP.
Configuration and Maintenance of ASA 5585 firewalls with firepower, 5540, and 5525 Firewalls using Cisco Security Manager (CSM).
Handled Incident tickets & Service Requests related to Cisco ASA & Palo Alto firewall, & VPN along with the connectivity issues and provided prompt support when any issue popped up.
Implement and modify DNS entries and manage IP Addresses using Windows DNS and DHCP. Experience configuring and troubleshooting on Citrix NetScaler Load Balancer.
Performed Access Control Lists (ACLs) to set up usage for the intended users. Responsible for IOS installations and upgrades using TFTP Server.
Troubleshooting Routing/Switching/Security Configuration problems/errors encountered by Clients in Head/Remote camps.
Performed subnetting of the IP addresses.
Configuration and allocating IP and network resources to Storage, Virtualization, Server, and Application teams.
Installation and configuration of Cisco Routers 3600, 3900 and Switches 3550, 3560, 3560E, 3750, 6500, 7200 for VLANs, Routing Protocols (OSPF, BGP), VPNs etc.
Installed WAN and LAN access for internet and intranet access.
Configured Ether channels, Trunks, VLANs, and HSRP in a LAN environment.
Worked on Access, Core, and Distribution layers.
Provided end-user technical support for LAN and remote users in a 24/7 environment.
Assisted in deploying WAN projects.
Connectivity and configuration of routers, switches, end-to-end monitoring in new camps
Perform configuration, deployment, and support of cloud services including Amazon Web Services.
Contact this candidate