Post Job Free
Sign in

Network Engineer Data Center

Location:
Dallas, TX, 75201
Salary:
125000
Posted:
May 04, 2025

Contact this candidate

Resume:

Chowdhury Badrul Huda

Sr. Network Engineer

Contact: +1 516- 928-8405

E-mail: ****************@*****.***

PROFESSIONAL SUMMARY:

Professional network and systems engineer with over 10+ years of experience designing and managing network, security and server infrastructure.

Professionally worked on medium to large scale environments, enterprise, and Data center networks.

Performed roles of Project lead, Senior Network Engineer, Operations and Deployment Engineer with Clients that include Financial, healthcare and Cloud Providers.

Expert in Switching, routing, Network Security, Application Delivery, Wireless, VOIP, Virtualization and SDN.

CAREER HIGHLIGHTS:

Switching & Routing Expertise: Proficient in Cisco Catalyst (3750, 4500, 6500) and Nexus (2000, 5000, 7000) series, with extensive experience in Layer-3 Routing and Layer-2 Switching. Expertise in complex technologies such as VLANs, EtherChannel, HSRP, VRRP, OSPF, BGP, and MPLS. Firewall & Security Management: Advanced skills in configuring and managing Checkpoint, Palo Alto, ASA, and Fortinet firewalls. Experience with Zone-Based Firewalls, security policies, VPNs, and threat prevention strategies.

Data Center & Cloud Networking: Expertise in Arista 7250QX switches, Spine-Leaf architecture, VXLAN, EVPN, and cloud technologies like AWS Direct Connect, EC2, and VPC. Familiar with SD- WAN design (Versa, Viptela) and WAN optimization for efficient data delivery. Load Balancers & Application Delivery: In-depth experience with F5 LTM/GTM and Cisco load balancers (ACE, GSS), including migration from Cisco ACE to F5, application delivery, SSL offloading, and Layer 7 load balancing.

Wireless & IP Networking: Skilled in Aruba wireless solutions (ClearPass, AirWave, APs), with hands-on experience in deploying, troubleshooting, and securing IP and wireless networks. Expertise in RF analysis and Aruba controllers (7000, 7100 series). Network Automation & Monitoring: Experienced with network automation using Python and Ansible, as well as using tools like SolarWinds, Wireshark, Netcool, Splunk, and ArcSight for monitoring, troubleshooting, and log analysis.

Security & Compliance: In-depth knowledge of implementing security policies, IPsec, cryptography, ACLs, and advanced network security configurations to ensure data integrity and network protection.

Advanced Protocols & Traffic Management: Extensive experience with traffic monitoring and routing protocols (RIP, EIGRP, OSPF, BGP), as well as troubleshooting and optimizing network performance.

CERTIFICATIONS:

● Cisco Certified Network Associate (CCNA)

● Cisco Certified Network Professional (CCNP)

● Palo Alto Certified Network Security Engineer (PCNSE) Technical Skills:

Cisco Platforms Nexus 7K, 5K, 2K & 1K, Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series), ASR1001, 2900, 3900, 7200, 7600 & ASR9000, CSR/ASR, IOS-XR

Juniper

Platforms

SRX, MX, EX Series Routers and Switches

Networking

Concepts

Access-lists, Routing, Switching, Subnetting, Designing, CSU/DSU, IPSec, VLAN, VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi

Firewall ASA Firewall (5505/5510), Checkpoint, Cisco ASA, Palo Alto Network Tools Solar Winds, SNMP, Cisco Works, Wireshark Load Balancers Cisco CSM, F5 Networks (Big-IP)

WAN

technologies

Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET

LAN

technologies

Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channel, VLANS, VTP, STP, RSTP, 802.1Q

Security

Protocols

IKE, IPSEC, SSL-VPN, Blue Coat proxy

Networking

Protocols

RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA

Languages Perl, C, C++, Python, SQL, HTML/DHTML

Operating

System

Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix

PROFESSIONAL EXPERIENCE:

Client: Hackensack Meridian Health, hackensack, New Jersey Aug’23 – Till Date Role: Senior Network Engineer

Responsibilities:

● Worked the Wi-Fi migration project from Cisco to Aruba 630 Wireless Access Points (AP), ensuring seamless integration and minimal disruption to operations. Configured and optimized Aruba controllers, access points, and security policies.

● Worked extensively with Palo Alto Networks for firewall management, including the design, configuration, and maintenance of next-generation firewalls with features such as Application and URL filtering, SSL decryption, SSL Forward Proxy, and IPSEC/SSL VPNs.

● Involved in the installation, configuration, and upgrade of Fortinet firewalls, including working on the FortiGate series for enhanced network security. Configured VPNs, firewall policies, and routing for secure access to resources.

● Designed and implemented Layer 2 (L2) and Layer 3 (L3) switch upgrades as part of a broader network infrastructure enhancement project, including the configuration of Virtual Port Channels (VPC) for redundancy and fault tolerance.

● Led the Border Router Implementation Project, integrating the new border routers into the existing network infrastructure. This involved configuring and optimizing routing protocols

(BGP, OSPF) and ensuring a smooth handoff between the internal network and external networks.

● Worked with the latest technologies in network security, including troubleshooting and resolving complex network issues, optimizing routing protocols, and performing regular upgrades and maintenance of network equipment such as Cisco switches (2960, 3500, 3750, 3850, 6500 series), Palo Alto Firewalls, and Fortinet devices.

● Managed and maintained network infrastructure for Hackensack Meridian Health’s internal and external networks, ensuring high availability and secure access to critical applications and services.

● Responsible for overseeing firewall policies, configurations, and upgrades, including integration of Palo Alto and Fortinet firewall solutions for perimeter and internal network security.

● Collaborated with cross-functional teams to troubleshoot and resolve network-related incidents on a daily basis, ensuring minimal downtime and prompt recovery of critical network services.

● Participated in the design and implementation of high-availability solutions for mission- critical applications, focusing on network performance and redundancy.

● Contributed to the development of network design standards, ensuring adherence to industry best practices in security, scalability, and performance.

● Conducted network troubleshooting using tools like Wireshark for packet captures, analyzed logs from firewalls and switches, and provided root-cause analysis for network outages.

● Collaborated with the security team to improve network security posture by identifying emerging threats and recommending appropriate mitigation strategies.

● Assisted in the design and implementation of IP Address Management (IPAM) strategies, and worked with DNS and DHCP services to ensure efficient IP address allocation and network resource management.

● Played a key role in the company’s transition towards advanced cloud computing platforms, including the integration of network services with Azure AD, AWS, and Office 365 environments.

● Led the migration of the internal network infrastructure, ensuring smooth transitions and minimal downtime during the upgrade of core network devices and the implementation of VPC and SD-WAN solutions.

Client: IQVIA, Danbury, CT Jun’21 – Aug 2023

Role: Senior Network Engineer

Responsibilities:

● Worked in Client’s Global Deployment and operations team to support multiple migrations in switching, routing, firewalls, LB and Proxies.

● Palo Alto design and installation (Application and URL filtering, SSL decryption, SSL Forward Proxy). Configured and maintained IPSEC and SSL VPN on Palo Alto Firewalls. Successfully installed PA-5000 series firewalls in the Data Center as perimeter Firewalls.

● Migration of ASA firewalls to PA next gen Firewalls using migration tool in PA. Migrated all IPSEC tunnels, ACL’s, NAT rules and policies.

● Experience working on Cisco ASR9K, Nexus 7k and 9K. Configured and designed OSPF, EIGRP and BGP at Distribution and Core layers. Configured OTV layer 2 connection between Data centers on Nexus.

● Worked on Juniper devices like M, MX, T routers on advanced technologies like MPLS VPNs, TE and other service provider technologies.

● Experience with configuring BGP, OSPF in Juniper M and MX series routers. Worked on several BGP attributes like MED, AS-PATH, Local Preference for route optimization. Worked on Route- Reflector, Route-Redistribution among routing protocols.

● Experience working with Juniper devices like EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX650, SRX240

● Managed AD Domain Controller, DNS and DHCP Servers and configurations.

● Worked on Cisco ISE for user Authentication, Security Group Tags, MAC based authentication for Wireless and Wired users, 802.1X, EAP, PEAP etc.

● Responsible for the IPAM (IP Address management) system for a very large WAN/LAN network

(QIP) using Solarwinds IPAM and Infoblox DNS and DHCP servers. Experience with DHCP scopes, IP reservations, DNS host entries, pointers, delegations, Zones, DNSSec etc.

● Provides expert level security and networking knowledge in the planning, researching, designing, and testing of new networking technologies for perimeter firewall security, Intrusion Prevention/Protection System (IPS), DNS and DMZ security, and Internet Security in support of established Info Security program initiatives for the next 3 years.

● Regular upgrade and maintenance of Infrastructure, Installing, configuring, and maintaining Cisco Switches (2960, 3500,7600, 3750, 3850 series, 6500 series) Cisco Routers (4800, ASR 9K, 800), Juniper Routers and Firewalls, Nexus 7k,5k & 2k, f5 BIG IP, Palo Alto Firewalls, Zscaler Proxy and Versa SD-WAN appliances.

● Conducted a POC on Versa and Viptela SD-WAN solution as a team and worked on evaluating the solutions.

● Migrated Nexus 7Ks & Nexus 5Ks to an ACI Fabric consisting of 9336PQ Spines & 9332PQLeafs in a brownfield Data Center.

● Worked on PAC file updates, Internet proxy migration from Ironport to Zscaler cloud. Access policies, AD based, user based, location-based access. ZAPP client.

● Worked on Bridge Domains, VXLANs, VTEPS, VNID. configuration of routing using BGP among multiple Leaf to spine switches. Thorough understanding of Application Profile, Tenants, End Point Group, Inter Subnet Tenant Routing, Routing within Tenants, Router Peering and Redistribution. Worked on Migration project from traditional Data Center Architecture to Spine Leaf.

● Worked on connections handoff using Bridged Interface to an External Route. L3- EPG configurations, AEP configurations. Expert in GUI of ACI.

● Worked on integrating existing Layer 2 and Layer-3 networks with ACI.

● Play a key role in the company’s direction towards Cloud Computing platforms by creating a strategy for transition plans. Azure AD and AWS, Office 365.

● Analyze and provide courses of action on current as well as emerging security threats like ransomware attacks by research and recommendation of other security solutions to help mitigate network security threats while preventing their outbreak across the network.

● Worked on network design improvements involving BGP, EIGRP, OSPF, IP metric tweaking and load balancing.

● Design, implement, and develop network designs for applications used in TMO.

● Worked on Checkpoint Firewall to create new rules and allow connectivity for various Applications. Checkpoint is used as an internal firewall for application security in the Kodiak network.

● Implemented Firewall rules and Nat rules by generating precise methods of procedure (MOPs). Responsible for packet capture analysis, syslog and firewall log analysis.

● Experience with F5 load balancers LTM and GTM and reverse proxy design and setup. Migration from ACE to F5.

● Experience in F5, Cisco ACE 4710 Load balancers. Migration Experience from ACE to F5 and NetScalers to F5. Worked on critical applications on Layer 4 and layer 7 load balancing. Experience with Virtual server, Pool, Node, Profiles – TCP, http, https, ftp, fastl4, Persistence – Source IP, SSL, Cookie, SNAT, iRules, iAPP, SSL offloading.

● Experience with F5 GTM and in-depth knowledge of DNS, Global level load balancing, Wide IP’s, Zones, Prober pools, Delegation from Windows DNS server to listener IP.

● Troubleshooting of Linux and Unix servers for application delivery servers. Install Dockers, Cisco and HP servers.

● High-level network troubleshooting and diagnostic experience using Packet capture tools like Wireshark.

● Configured network using routing protocols such as EIGRP, BGP and OSPF and troubleshooting L2/L3 issues.

● Designing, configuring, and troubleshooting QoS, SIP, H.323, RTP, SCCP, Session Border Controllers, Voice Gateways, Voice circuits IP /TDM, Cisco Telepresence Infrastructure, QoS, NAT, PAT, and multicast.

● Adding and modifying the servers and infrastructure to the existing DMZ environments based on the requirements of various application platforms.

● Assist in creating network design standards for hardware and software. Developing and maintaining Network Documentation (Visio diagrams, Excel spreadsheets, Word documents, etc.) Configure and troubleshoot network elements in a test/dev environment.

● Worked on Orion (Solar Winds) for mapping network diagrams, updated Orion with commissioned and decommissioned network devices.

Jefferies Finance LLC, Boston, MA Mar’19-May’21

Role: Network Security Engineer

Responsibilities:

● Configuration and troubleshooting of Site to Site as well as Remote Access VPN on Cisco ASA and Checkpoint firewalls.

● Involved in validating orders of equipments required for the DC builds and legacy device conversion.

● Experience working on Cisco Nexus OS 7Ks, Juniper Network Junos QFX3500, QFX5100, SRX1500, Accton 7760, Linux Quanta LB9.

● Troubleshooting the traffic and configuration issues/anomalies in the datacenters and logging them on Ticketing tools (TTs/SIMs).

● Responsible for maintenance, and troubleshooting of dynamic routing protocols: BGP, OSPF & ISIS (route redistribution, distribute lists, route-maps, offset-lists, prefix lists, route summarization, BGP attributes) on Cisco Routers 7613, 7201, and Juniper QFX, MX and PTX routers and switches.

● Working knowledge of frame relay, MPLS services, OSPF, BGP and ISIS routing protocols, NATing, NAC product sub-netting, also including DNS, LDAP, DHCP, http, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, STP (Spanning tree Protocol), RTSP & Multicasting protocols.

● Provided proactive threat defense with ASA that stops attacks before they spread through the network.

● Troubleshoot on security related issues on Cisco ASA/PIX, Checkpoint and IDS/IPS.

● Experience in different VPN platforms, IPSec, SSL & Web VPN. Mobile VPNs solutions from Cisco and Checkpoint.

● Deploying Cisco ASA and Bluecoat ProxySG (Web Security Appliance) S170 for URL Filtering Policies.

● Upgrading 3x data centers' network and fiber optic infrastructures with an Arista spine-leaf.

● Advanced knowledge and troubleshooting experience of wireless networking

(802.11a/b/g/n/ac/ax etc.)

● Working knowledge of Microsoft Active Directory, LDAP & RADIUS-based authentication systems.

● Configuring and troubleshooting Aruba related products (7000, 7200, 3200, 3400, 3600 and MK3 series controllers

● Worked on Blue Coat Proxysg to safeguard web applications (Blacklisting and Whitelisting of web URL) in extremely untrusted environments such as guest Wi-Fi zones

● Created multiple policies and pushed them into Checkpoint Firewall (Gateways) and the Checkpoint Management Server with SPLAT operating system.

● Work on remedy ticketing tools prioritizing the TT's (Troubleshooting Tickets).

● coordinating with Engineers On-Call in other areas like Europe (Dublin) and Australia (Sydney) to solve the TT's in queue.

● Provides escalation for network-level troubleshooting activities as related to customers, including but not limited to: analyzing packet captures, event logs, traffic and other diagnostic records

● Supported BGP and OSPF based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations.

● Responsible for resolution of tickets by troubleshooting networks by analyzing packet traces using Wireshark and performing scheduled maintenance and backup.

● POC for corp security rack hand-off in a DC build for security equipment and wifi access to the customers.

● Building servers by deploying corp switches and attaining high-priority and time-sensitive server handoff to the customers.

Mizuho, New York, NY Jan’18 –Feb ‘19

Role: Senior Network Engineer

Responsibilities:

● Hands on experience of Nexus 7k, 5k and 2K FEXs and Cisco switch 3560.

● Configured datacenter technologies like VPC, VDC on Nexus 7010 Core Switches.

● Designing, Implementing and Troubleshooting Cisco 3750, 3550, 3560, 2924, 6509-V-E, 6513, 6504, 6503, 6506, 6500 series switches, GSR, ASR routers with Cisco IOS and IOS-XR

● Configured Layer 2 & Layer 3 interfaces and port channels on Nexus 9508

● Worked on F5 LTM/GTM, Big-IP, load balancing, iRules, and WAN acceleration.

● Knowledge of F5 Best Practices, used iHealth, SSL offloading, Route Domains, GTM Sync Group.

● Experience with F5 load balancers and Cisco load balancers (CSM, ACE and GSS).

● Design, Configuring and troubleshooting F5 LTM load balancing.

● In depth understanding of implementing and configuring F5 Big-IP LTM, GTM ( 11.x, 10.x ).

● Basic and advanced F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 and general troubleshooting of the F5 load balancers.

● Recommend and design equipment configurations for LAN/WAN/VOIP deployment on Cisco, Adtran, Fortinet, F5, Radware and Bluecoat.

● Providing Technical Support and solutions for Network Problems.

● Creating and managing user accounts to all team members in a partner environment.

● Experience in Cisco switches and routers: IP addressing, WAN configurations.

● LAN cabling in compliance with CAT6 standards; Installing new hardware and swap out hardware physically..

● Design and configuration of OSPF, BGP on Juniper Routers and SRX Firewalls.

● Hands on experience installing and configuring Cisco ISE 1.4. .

● Provided technical support for full setup, debugged the problems of OSPF, switching and HSRP.

● Responsibility is to design and deploy various Network Security & High Availability products like Check Point R 77.XX and other Security Products.

● Performed Configuration on ASR9K Pairs includes HSRP, Bundle Ethernet Config, Assigning DHCP profiles

● Experience with configuring Virtual Server and Configuring Load balancing methods in F5 12.0 LTM.

● Network security involves web filtering on internet sites (User's restriction) using checkpoint Firewalls.

● Experience handling tickets with less or no supervision in troubleshooting checkpoint 77.30.

● Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs

● Installed checkpoint and F5 load balancers in VMware workstation and VSphere.

● Experience configuring VLANs, WLAN’s (SSID), WLC’s and WAP’s. Ultragenyx, Brisbane, CA Jun’15 – Dec ‘17

Role: Network Operations Engineer (Wireless, Switching, Routing, Firewalls) Responsibilities:

● Installing, Configuring and troubleshooting Cisco Routers (ASR1002X, 3945, 3845, 2800, 3600) and Switches (6509E, 4507, 4500-X, 4900M, 3850, 3650, 2960) to perform functions at the Access, Distribution, and Core layers.

● Configuration of various Cisco Routers & L2/L3 Switches and implementing OSPF and BGP on the routers

● Configuring, upgrading and deployment of Nexus 7010, 5596 and 2248.

● Installation and deployment of new class 9X and class 10 Server farms in multiple silos.

● Designing and installing new branch network systems. Resolving network issues, running test scripts and preparing network documentation.

● Working with Cisco Nexus 2248 Fabric Extender and Nexus 5500 series to provide a Flexible Access Solution for datacenter access architecture.

● Design, Installation and consolidation of local server farms in multiple branch locations with Cisco 4500-X at distribution and 4948’s replacing the 3750’s at access level.

● Worked as a part of data center deployment where we converted from Cisco 6500 to Nexus.

● Ensuring problems are satisfactorily resolved in a timely manner with focus in providing a high level of support for all customers.

● Worked with Blue coat and handled the Trouble Tickets on F5 Load Balancers.

● Work with Engineering on Server Farm refresh project on consolidation and increasing the bandwidth on Server Access silos.

● Implementing the necessary changes such as adding, moving and changing as per the requirements of business lines in a data center environment.

● Configure BGP features such as as-override, Local pre, EBGP load sharing on client connections

● Intermediate knowledge and experience in F5 LTM, F5 DNS, APM,iRule, Profile,SSL offloading

● Experienced in implementing and managing F5 BIG-IP load balancing, including GTM, APM, ASM, and custom iRule development.

● Providing Level 3 support to customers, resolving issues by attending to conference calls.

● Configuring multiple route reflectors within a cluster.

● Worked with Juniper NetScreen 500/5200 and also juniper SRX 650/3600

● Implementation of Palo alto firewalls in standalone, vmware, active/passive & active/active modes

● Setup of Central Panorama console to manage Palo Alto firewalls 3020,3050,5020 & VM-200 models

● Working on HP open view map for Network Management System and Ticketing.

● Deployed and configured Cisco ASR 1000, 7000, 9000 series routers

● Implementation of Juniper Firewall, SSG Series, Net screen Series ISG 1000, SRX Series

● Involved in L2/L3 Switching technology administration including creating and maintaining VLANs, Port security, Trunking, STP, Inter Vlan Routing, LAN security.

● Working on security levels with RADIUS, TACACS+. Access Telecom (BD) Ltd, Dhaka, Bangladesh Jun’13– May ‘15 Role: Network Engineer

Responsibilities:

● Configuring HSRP between the 3845 router pairs of Gateway redundancy for the client desktops.

● Configuring GLBP, VLAN Trunking 802.1Q, STP, Port security on Catalyst 6500 switches.

● Configuring and troubleshooting CISCO catalyst 6509, 7609, 7613 with Supervisor cards, Cisco 3640, Cisco GSR 12416,21418(with PRP and RPR processors)

● Excellent Troubleshooting Skills and Customer Centric approach.

● Analyzed customer application and bandwidth requirements, ordered hardware and circuits, and built cost effective network solutions to accommodate customer requirements and project scope.

● Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.

● Worked extensively on ASR 1000 Series, Cisco 3945, Cisco 2921, and Cisco 2911 routers. This includes dynamic routing, VRF, VPN, NAT, ACL, and QOS

● Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls.

● Configured HSRP between Cisco 3845 router pairs to ensure high availability and gateway redundancy for client desktop connectivity, enhancing network resilience.

● Configured GLBP for load sharing, and VLAN Trunking (802.1Q) on Catalyst 6500 switches to ensure efficient data transport across multiple network segments.

● Implemented STP and RSTP to optimize network topology, ensuring loop-free operation. Also configured Port Security on Catalyst 6500 switches to prevent unauthorized device access and enhance network security.

● Proficiently configured and troubleshoot Cisco Catalyst 6509, 7609, and 7613 switches with Supervisor cards, alongside Cisco 3640, Cisco GSR 12416, and Cisco 21418 routers (featuring PRP and RPR processors) to meet operational and service requirements, ensuring stable and reliable network performance.

● Analyzed client application requirements and bandwidth needs to design cost-effective network solutions. Ordered hardware and circuits to accommodate these requirements, contributing to network optimization and customer satisfaction.

● Worked extensively on ASR 1000 Series, Cisco 3945, Cisco 2921, and Cisco 2911 routers. Configured dynamic routing protocols (OSPF, EIGRP),VRF,VPN,NAT, ACL,and QoS to ensure robust and secure data transmission and efficient traffic management.

● Designed and implemented DMZ network architecture for hosting Web Servers, Mail Servers, and FTP Servers using Cisco ASA 5500 series firewalls, ensuring secure access to internal resources while protecting critical network assets.

● Demonstrated exceptional troubleshooting abilities with a strong focus on customer-centric approaches to network issues, providing on-the-spot solutions and proactively improving network performance and uptime.



Contact this candidate