Senior network engineer
Resume:
Name: Max Well
Email-id:************@*****.***
Phone: 908-***-****
Professional Summary
• Certified Network Engineer with 9+ years of experience in Routing, Switching, Firewall Configuration, and Load Balancing.
• Extensive hands-on expertise with Cisco routers (7200, 3800, 3600 series) and switches (9500, 6800, 6500 series).
• Proficient in configuring Data Center infrastructure with Cisco Nexus 5K/7K series switches and Fabric Extenders.
• In-depth knowledge of network protocols, including spanning tree, VLANs, DTP, and port security on access layer switches.
• Expertise in implementing traffic filters using Access Control Lists, with a deep understanding of TCP/IP and OSI models.
• Strong experience in LAN/WAN architecture design, implementation, troubleshooting, and documentation.
• Skilled in configuring and troubleshooting Cisco ASA firewalls and Checkpoint R75 firewalls.
• Installed Palo Alto PA-3060 firewalls for Data Center protection, with L3 support for routers, switches, and firewalls.
• Hands-on experience with Cisco ACI fabric infrastructure, cloud security solutions, and SDN security applications.
• Proficient in deploying F5 BIG-IP iSeries Load Balancers, for traffic management and SSL offloading.
• Experienced in automating network tasks with PowerShell, Python scripting, and integrating CI/CD pipelines.
• Skilled in cloud technologies, including Azure and AWS, with expertise in VPC/VNet, hybrid cloud architecture, and migration.
• Expertise in managing network performance with tools like ScienceLogic, NetScout, and Cisco Secure Network Analytics.
• Strong knowledge in SD-WAN solutions, Zscaler, Prisma, and Aruba/Meraki wireless networks for secure, optimized connectivity, EX-2200 series Ethernet switches & Juniper QFabric QFX3500.
• Extensive experience with Azure and AWS cloud environments, including Virtual Networks (VNet/VPC), hybrid cloud architectures, and Direct Connect/ExpressRoute for seamless integration.
• Proficient in deploying cloud-native security solutions, such as Azure Firewall, Zscaler, and Prisma, ensuring compliance and secure application delivery.
• Extensive experience configuring and optimizing OSPF, BGP, and EIGRP for enterprise-level network routing.
• Proficient in deploying and managing Cisco ISE for secure access control, including 802.1X authentication and posture assessments.
• Configured and managed Fortinet FortiGate firewalls for SSL inspection, application control, and robust network protection.
Technical Skills
Routers & Switches Cisco ISR 4000, ASR 1001-X, ASR 9K, Nexus 9000/7000/5000, Catalyst 9500/9300/9200, Juniper EX4200, MX5, MX10, MX40
Routing & Switching
Protocols
OSPF, BGP, EIGRP, MPLS, VRF, STP, RSTP, VLAN, HSRP, VRRP, TCP/IP, IPsec Operating Systems Windows, Linux, Cisco IOS, Junos, Gaia, Azure, AWS AAA & Network
Security
Cisco ISE, TACACS+, RADIUS, Palo Alto Panorama, Check Point SmartConsole. Firewalls & VPN Cisco ASA 5500-X, Palo Alto PA-5260, FortiGate 600F, Juniper SRX4600, Check Point Quantum, IPsec VPN, DMVPN, Zscaler ZTNA
SD-WAN & Cloud
Security
Cisco Viptela SD-WAN, SilverPeak EdgeConnect, Velocloud, Zscaler, Prisma Access, Azure Firewall, AWS Security Groups
Wireless & WLAN Cisco Catalyst 9800 WLC, Meraki MR36/MR44, Aruba AP-635, 802.11ax (Wi-Fi 6) Load Balancing F5 BIG-IP LTM/GTM, Citrix ADC, iRules, ASM, SSL Offloading LAN Ethernet (IEEE 802.3), Fast Ethernet, Gigabit Ethernet, VLANs, Inter-VLAN routing, EtherChannel, Spanning Tree Protocol (STP), VLAN Trunking Protocol (VTP), IEEE 802.1Q Network Management
& Monitoring
Wireshark, SolarWinds, Cisco Prime, Meraki Dashboard, FortiManager, Splunk, SNMP Network Automation Python, Ansible, Terraform, CloudFormation Certifications
• CCNA (Cisco Certified Network Associate)
• CCNP (Cisco Certified Network Professional)
• PCNSE (Palo Alto Certified Network Security Engineer) Professional Experience
Flagstar Bank, NYC, NY Feb 2024 – Till Date
Network Security Engineer
Responsibilities:
• Configured and managed Cisco SD-WAN (Viptela), Silverpeak EdgeConnect, and VMware Velocloud for enterprise-wide connectivity.
• Implemented Zero Trust Network Access (ZTNA) using Zscaler Private Access (ZPA) and Palo Alto Prisma Access for secure remote workforce connectivity.
• Configured and optimized Cisco ACI for micro-segmentation and policy-based automation in data centers.
• Deployed and managed Cisco Meraki MX450, MS390, and MR76 for cloud-managed networking and security across branch offices.
• Configured Cisco DNA Center with SD-Access for automated policy enforcement and network assurance.
• Deployed Fortinet FortiGate 600F and FortiManager 7.2 for Next-Generation Firewall (NGFW) security and SD-WAN.
• Configured F5 BIG-IP LTM and GTM for load balancing, SSL offloading, and Web Application Firewall (WAF) security.
• Configured and managed Aruba ClearPass for 802.1X authentication and device profiling.
• Expertise in Juniper SRX4600 and EX4600 for firewalling and high availability.
• Hands-on experience with Cisco ISE 3.2 for TrustSec, TACACS+, and posture assessment.
• Configured Check Point Quantum 7000 firewalls for intrusion prevention and VPN connectivity.
• Managed Cisco Firepower 4150 and 9300 for deep packet inspection and threat intelligence.
• Configured Palo Alto PA-5260 and PA-3450 with Panorama for advanced threat prevention.
• Strong expertise in BGP, OSPF, and EIGRP for large-scale enterprise WAN and data center routing.
• Configured Cisco Catalyst 9500, 9600, and Nexus 9332C switches with VLANs and VXLAN overlays.
• Hands-on experience with Infoblox Grid Master for DNS/DHCP management.
• Configured wireless networks using Aruba AP-635, Cisco Catalyst 9800 WLC, and Meraki MR86.
• Experience with Azure Virtual WAN, Azure Firewall Premium, and ExpressRoute for hybrid cloud connectivity.
• Configured and managed AWS Transit Gateway and Route 53 for multi-account cloud networking.
• Experience with Terraform, Ansible, and Python scripting for network automation and Infrastructure as Code (IaC).
• Configured Cisco ISR 4461, ASR 1009-X, and CSR 1000v with IPsec VPNs and cloud interconnects.
• Extensive experience in network troubleshooting and performance optimization in multi-site enterprise environments.
Alignment Health Care, Orange, CA May 2022 – Jan 2024 Network Security Engineer
Responsibilities:
• Configured and optimized BGP, OSPF, EIGRP, and MPLS for enterprise and data center networks.
• Deployed and managed Cisco ACI, Nexus 9000, 7000, and 5000 series switches for VXLAN overlays and Layer 2/3 segmentation.
• Configured and troubleshooted Cisco ISR 4451, ASR 1001-X, ASR 9K series routers for WAN connectivity and SD-WAN deployments.
• Designed and implemented SD-WAN solutions using Cisco SD-WAN (Viptela), SilverPeak EdgeConnect, and Velocloud.
• Configured and optimized Cisco Meraki MX security appliances, MR access points, and MS switches for cloud-managed networking.
• Managed and configured Aruba ClearPass for 802.1X authentication and network access control (NAC).
• Deployed and managed Infoblox Grid Master for DNS/DHCP/IPAM automation.
• Configured and managed Fortinet FortiGate 600F, Palo Alto PA-5260, Check Point Quantum 7000, and Juniper SRX4600 firewalls.
• Deployed VPN solutions including IPSec, DMVPN, and remote access VPNs using Cisco ASA, Palo Alto GlobalProtect, and Zscaler ZTNA.
• Configured F5 BIG-IP LTM and GTM for application load balancing and SSL offloading.
• Managed Cisco Firepower 4150 and 9300 for deep packet inspection (DPI) and threat intelligence.
• Configured Cisco ISE 3.2 for TrustSec, posture assessment, and TACACS+/RADIUS authentication.
• Managed AWS, Azure, and GCP networking including VPCs, Transit Gateway, ExpressRoute, and hybrid cloud security.
• Configured Azure Firewall Premium, NSGs, and ISE cloud security for multi-cloud environments.
• Developed Python and Ansible scripts for network automation and configuration management.
• Designed and implemented SDN solutions for large-scale enterprise networks.
• Configured and troubleshooted Cisco Catalyst 9500, 9600, and Nexus 9332C switches for high-performance LAN/WAN networks.
• Configured Cisco Wireless LAN Controllers (WLC) and Aruba AP-635 for enterprise Wi-Fi.
• Provided AAA security using TACACS+ and RADIUS for centralized authentication and authorization.
• Configured DNS, DHCP, NAT, and ACL policies for multi-vendor security environments.
• Troubleshot QoS policies to optimize VoIP and business-critical applications across WAN/LAN networks. Synchrony Financial Oct 2018 – Mar 2022
Sr Network Engineer
Responsibilities:
• Configured and managed routing protocols including BGP, OSPF, EIGRP, IS-IS, and MPLS for enterprise and data center networks.
• Designed and deployed SD-WAN solutions using Cisco SD-WAN (Viptela), SilverPeak, and Velocloud to enhance performance and security.
• Managed Cisco ACI for data center networking, application segmentation, and automation.
• Configured and deployed Infoblox for DNS, DHCP, and IPAM to improve network efficiency and automation.
• Managed Cisco Meraki MX security appliances, MR access points, and MS switches using the Meraki Dashboard for cloud-based network operations.
• Configured Aruba ClearPass for NAC and policy-based authentication to enhance enterprise security.
• Managed and optimized F5 Load Balancers (LTM/GTM), including iRules scripting and high-availability configurations.
• Deployed and troubleshooted Cisco ISE for identity-based network access control and security policies.
• Configured VLANs, ACLs, QoS, and network segmentation to optimize network performance and security.
• Designed and implemented high-availability solutions using Cisco ISR, ASR routers, and Catalyst switches.
• Managed enterprise firewalls, including Fortinet FortiGate, Juniper SRX, Palo Alto, and Check Point for advanced threat protection.
• Configured and troubleshooted Cisco ASA and Palo Alto firewalls for VPN, site-to-site, and remote access solutions.
• Designed and deployed Cisco Nexus 5000/7000 switches, including vPC, VXLAN, and Fabric Extender (FEX) configurations.
• Deployed and managed wireless networks using Cisco Wireless LAN Controllers (WLC), Catalyst Wireless, and Aruba ClearPass.
• Implemented Cisco Prime Infrastructure for network monitoring, automation, and compliance.
• Configured hybrid cloud connectivity using AWS Direct Connect, Azure ExpressRoute, and VPN gateways.
• Managed AWS, Azure, and GCP network infrastructure, including VPCs, Security Groups, IAM roles, and VPN gateways.
• Automated network configuration and monitoring using Python and PowerShell scripting.
• Configured HSRP, GLBP, VRRP, and redundant networking architectures for high availability.
• Provided ongoing network maintenance, software upgrades, and security patches to ensure a secure enterprise network.
Amazon, Hyderabad, India Aug 2015 – Sep 2018
Network Administrator
Responsibilities:
• Configured and maintained Cisco and Juniper routers and switches, ensuring network stability across LAN/WAN environments.
• Managed routing protocols including RIP, OSPF, and EIGRP to optimize network performance and redundancy.
• Configured VLANs, Spanning Tree Protocol (STP), Port Security, and ACLs to ensure secure and segmented network access.
• Administered DNS, DHCP, and IPAM for IP address management and network availability.
• Managed Cisco ASA and Juniper SRX firewalls, configuring firewall rules, NAT, and VPN policies for secure remote access.
• Supported enterprise wireless networks, configuring Cisco Wireless LAN Controllers (WLC) and Aironet access points for optimal Wi-Fi coverage.
• Deployed and managed IPsec VPNs and site-to-site VPN tunnels to connect branch offices securely.
• Conducted network troubleshooting using tools such as Wireshark, SolarWinds, and Ping/Traceroute to diagnose and resolve connectivity issues.
• Provided technical support for network incidents, escalating complex issues as needed.
• Performed IOS upgrades, software patching, and hardware replacements for network equipment lifecycle management.
Contact this candidate