Network Engineer Data Center

Faisal Ali Mohammed

Email: *************@*****.***

Contact No: +1-813-***-****

Professional Summary

CCNA, CCNP & PCNSE Certified seasoned network engineer with 10+ years of extensive experience in configuring user roles and policies for authentication using Cisco NAC and monitoring network status using Cisco ISE.

Proficient in configuring and troubleshooting CISCO 12000, 7500, 3800 series routers, and 3560 series switches for LAN/WAN connectivity.

Demonstrated expertise in designing and implementing Data Center Migrations, including strategies for MPLS VPN network expansion.

Proficient in Azure networking, including Virtual Networking, and experienced in creating and managing virtual networks (VNets) in Azure. Skilled in deploying and troubleshooting Network Virtual Appliances (NVAs), configuring Network Security Groups (NSGs), and implementing Azure Load Balancer solutions

Hands-on experience in installing, configuring, and maintaining various networking technologies and protocols from vendors such as Cisco, Juniper, Alcatel-Lucent, Arista, Brocade, Riverbed, Enterasys, and Fortinet.

Skilled in SDWAN network deployment and management, particularly with Cisco Viptela Solution and migration from DMVPN to Cisco Viptela SDWAN.

Lead VMware infrastructure upgrades, patches, and maintenance activities.

Implement security best practices within VMware environments, including network segmentation and isolation.

Proven experience in firewall configuration and management, including Cisco ASA 5500/PIX, Checkpoint VPN, Bluecoat proxy, and Zscaler.

Facilitated weekly status calls with internal teams, stakeholders, and vendors to track project deliverables and blockers.

Facilitated Silver Peak SD-WAN appliances across remote branches to enhance WAN optimization and application performance.

Extensive involvement in network automation using Terraform and Ansible, enhancing operational agility and automation practices.

It is assigned to the network support team handling issues relating to CIFS, NFS, replication, OST, and performance tuning.

Implemented Data Loss Prevention (DLP) policies on Palo Alto firewalls to prevent sensitive data exfiltration via email and web traffic.

802.1X authentication across wired and wireless networks using Cisco ISE with posture assessment and profiling.

Proficient in working with various routing protocols such as EIGRP, OSPF, BGP, and MPLS. Experienced in troubleshooting complex LAN/WAN infrastructures.

Hands-on experience with Cisco WLC controllers and AP devices globally. Expertise in VLANs, VTP, STP, RSTP, PVST, RPVST, and inter-VLAN routing.

Generated detailed weekly status reports outlining project milestones, open issues, and change requests for leadership.

Skilled in deploying and managing various security products including tetration, Stealthwatch, NAC, and Client.

Strong background in firewall administration and configuration using Checkpoint, Cisco, Palo Alto, and Fortinet appliances.

Proficient in load balancing technologies such as F5 LTM, GTM, ASM, APM, and Citrix NetScaler VPX.

Solid experience in VPN solutions including IPSEC VPN and B2B VPN, and integration of cloud environments such as Azure and AWS.

Designing a backup strategy for disaster recovery from Netbackup in EMC Data Domain, DDboost and OST plugins.

Expertise in designing, implementing, and managing network infrastructures using Cisco Meraki solutions.

Created IoT digital and embedded device forensic investigation process for event and incident response.

Security incidence responder to PS JIRA issues to Product Security Incidence Response (PSIRT) team.

Performed Docker Container and Microsoft services component and system threat modeling.

Lead IoT Security Architect in risk approving high CVE vulnerabilities in IoT platform architectures.

Architect IoT platform and SDK General Data Protection Regulation (GDPR) metadata tagging.

NetBackup/Backup Exec. Included migration from tape to Data Domains (OST/DDboost/VADP).

Knowledgeable in network monitoring and analysis tools such as SolarWinds, Wireshark, and QRadar.

Proven ability to handle multiple projects simultaneously, ensuring timely delivery and adherence to security and compliance standards.

Automated network security tasks and configurations using scripting languages like Python and Bash, increasing efficiency and consistency across security operations

Strong troubleshooting and problem-solving skills in complex network environments.

Technical Skills

Networking Technologies

Cisco NAC, Cisco ISE, Cisco 12000/7500/3800 series routers, Cisco 3560 series switches, MPLS VPN, SDWAN (Cisco Viptela), DMVPN, AWS security groups

Networking Protocols

EIGRP, OSPF, BGP, MPLS, VLANs, VTP, STP, RSTP, PVST, RPVST, inter-VLAN routing, IPSEC VPN, B2B VPN

Firewall & Security

Cisco ASA 5500/PIX, Checkpoint VPN, Bluecoat proxy, Zscaler, Palo Alto, Fortinet, Prisma Access, Panorama, Prisma Cortex, Tetration, Stealthwatch

Network Automation & Orchestration

Terraform, Ansible

Load Balancing & ADC

F5 LTM, F5 GTM, F5 ASM, F5 APM, Citrix NetScaler VPX

Cloud Integration

AWS, Azure

Network Monitoring & Analysis

SolarWinds, Wireshark, QRadar

Operating Systems

Windows 10/7/XP, MAC OS, Linux, NX-OS, IOS XR, XE.

Certifications:

Palo Alto Certified Network Security Engineer (PCNSE).

CCNA (Cisco Certified Network Associate)

CCNP (Routing & Switching)

Work Experience:

Client: State Farm, IL Dec 2023 – Present

Role: Senior Cloud Network Engineer

Responsibilities:

Configuring user's role and policies for authentication using Cisco NAC and monitoring the status of logged users in the network using Cisco ISE.

Configure / Troubleshoot CISCO 12000, 7500, 3800 series routers, and 3560 series switches for LAN/WAN connectivity.

Involved in the design and implementation of Data Center Migration, and worked on implementation strategies for the expansion of the MPLS VPN networks.

Deployed and managed SolarWinds Network Performance Monitor (NPM) to proactively monitor network health and reduce downtime.

Configured business intent overlays, path conditioning, and dynamic path control to support critical application routing.

Configured and managed Juniper Mist cloud-based WLAN, enabling AI-driven Wi-Fi optimization and predictive analytics.

Integrated Juniper Mist APs with Mist AI for automated root cause analysis and proactive issue resolution.

Implemented network policies and wireless configurations via Mist dashboard for enterprise-level access control.

Implemented multi-AZ and multi-region architectures ensuring high availability, fault tolerance, and low-latency failover for critical financial workloads.

Managed complex AWS network topologies, including VPCs, Transit Gateways, Direct Connect, and PrivateLink, to support secure and scalable FinTech applications.

Configured and maintained secure hybrid cloud connectivity using Site-to-Site VPNs, Direct Connect with BGP, and failover routing for on-premise to AWS integrations.

Configured and maintained A10 Networks reverse proxies and load balancers for high-availability application delivery and SSL offloading.

Integrated Free RADIUS with Cisco ISE for 802.1X authentication and user access control across wired and wireless networks.

Integrated DLP with content filtering and file blocking rules to safeguard PII and financial data per compliance standards.

Designed and implemented data center architectures using Cisco ACI, VXLAN, and Spine-Leaf topology to improve network efficiency.

Configured and managed Azure Virtual Networks (VNets) and Network Security Groups (NSGs).

Installed, configured, and maintained with vendors Cisco, Juniper, Alcatel-Lucent, Arista, Brocade, Riverbed, Enterasys, Fortinet networking, and Wireless technologies and protocols.

Configured and managed Cisco Wireless LAN Controllers (WLCs), including 5500, 9800, and FlexConnect architectures.

Designed and deployed Aruba WLAN solutions for enterprise and campus networks, improving wireless connectivity and security.

Designed and implemented Cisco Meraki SD-WAN solutions, leveraging Auto VPN to connect branch offices securely and efficiently.

Deployed and optimized Cisco Access Points (APs), including 2700, 2800, and 3800 series, ensuring seamless wireless coverage.

Deployed and Managed SDWAN network (Cisco Viptela Solution) for WAN connectivity.

Configure and maintain VoIP systems, including Cisco Unified Communications Manager (CUCM).

Configure NSX logical switches and routers for network segmentation and isolation.

Design, deploy, and manage virtualized environments using VMware vSphere and ESXi.

Created detailed AWS Security Groups which behaved as virtual firewalls that controlled the traffic allowed to reach one or more AWS EC2 instances.

Enabled and optimized TLS/SSL decryption on Palo Alto NGFWs to inspect encrypted traffic for threats and malware

Designed and implemented enterprise-grade Cisco, Arista, and Aruba switch deployments across data centers and campus environments.

Created and monitored IPsec tunnels and integrated Silver Peak into existing firewall and cloud security ecosystems.

Monitor and analyze NSX environment performance to ensure optimal operation.

Replacing Checkpoint VPN and Bluecoat proxy with Zscaler and worked on implementing Zscaler in Production.

Helped design and build out a very large 100G Layer3 Leaf & Spine architecture (eBGP) using Arista switches to support the network consolidation in the new data center.

Monitor and optimize VMware performance to ensure high availability and reliability.

Worked on the installation and configuration of Cisco ISR 800, 1000 series, and ASR 1000 series routers.

Working as a network access controls (NAC) ISE engineer in planning and designing clients' global networks for network access solutions.

Designed and implemented enterprise Wi-Fi solutions using IEEE 802.11 a/b/g/n/ac/ax to enhance wireless performance.

Designed and maintained wireless mobility solutions, including Mobility Anchors, CAPWAP, FlexConnect, and seamless Layer 2 roaming.

Configured Cisco ISR voice gateways for PSTN connectivity using SIP and PRI trunks

Worked with SD-WAN solutions to integrate Riverbed WAN acceleration with hybrid cloud environments.

Configuration management and infrastructure automation tooling – Jenkins, Terraform, Ansible/Tower, Puppet/Chef, vRA/vRO, and other orchestrators and configuration management frameworks.

Deploy, configure, and support CISCO WLC controllers and AP devices globally.

Troubleshooting of complex LAN/WAN infrastructure that includes routing protocols EIGRP, OSPF & BGP, MPLS

Serve as part of a team of network engineers responsible for base-wide network upgrade from Cisco Layer 3 Catalyst switches to Juniper Layer 3 EX4200 & EX3200 switches.

Managed Cisco WLCs (9800, 5500 series) and configured Cisco Access Points (APs) for optimized connectivity.

Integrate Splunk with AWS deployment using Puppet to collect data from all EC2 systems into Splunk.

Monitored and Created traffic Patterns on Arista 7250 switches using Open flow.

Designed and deployed Cisco Call Manager (CUCM) solutions for enterprise-level voice networks.

Designed, deployed, and managed SD-WAN solutions using Cisco Viptela and Silver Peak to optimize enterprise connectivity across multiple sites.

Working with Nexus 7010, 5548, 5596, 2148, 2248 devices. Deployed Wi-Fi 6 (802.11ax) for high-density environments, ensuring seamless user experience.

Removed huge amounts of redundant Access Control Lists from various ASA 5500 series Firewalls as part of the Firewall Rule Optimization Project using tools like Algosec as part of it

Troubleshoot and resolve VoIP-related issues, including call quality and connectivity problems.

Deploying and decommissioning VLANs on core ASR 9K, Nexus 9K, 7K, 5K, and its downstream devices and configuring 2k, 3k, 7k series Routers.

Developed custom SolarWinds alerts and reports to track network performance trends and prevent outages.

Implement network automation and orchestration using NSX APIs and scripts.

Managed DHCP, DNS, and IP address through Infoblox, and Admin for Internet site access through Zscaler.

Configuring VPC (Virtual Port Channel), VDC (Virtual Device Context) in Nexus 7010/7018

Created documents for various platforms including Nexus 7k, ASR9k, and ASR1k enabling successful deployment of new devices on the network.

Administer IPv4 enterprise network infrastructure utilizing Juniper routers like Juniper MX80, MX 480 and MX960.

Configured and fine-tuned RF parameters using DCA, TPC, and CleanAir to mitigate interference and enhance coverage.

Designed perimeter security policy; Implemented Firewall ACL's; Allowed access to specified services; Enabled IDS/IPS signatures in Firewall & fine-tuned TCP & UDP.

Implemented advanced network segmentation strategies using VPC peering, NACLs, and security groups to isolate sensitive workloads and maintain compliance with financial regulations.

Implemented VPN security profiles and user authentication through LDAP and RADIUS integration.

Integrated SIP trunks with service providers, ensuring high availability and redundancy.

Responsible for managing Cisco routers, switches, HP switches, and F5 load-balancers using SNMP MIBs for fault detection and fault isolation.

Used Python libraries to create visual representations of network topology and performance metrics.

Set up CI/CD pipelines using Python for deploying network management applications and updates.

Upgrading Cisco ISE Appliances Company-wide. Recently rolled out OpenDNS including onsite VM appliances.

Experienced with Cisco ISE and advanced technologies like QOS, Multicasting, MPLS, and MPLS-VPN, and Bluecoat proxy server SG.

Developed and maintained RESTful APIs with Django for integrating network management features with other systems.

Integrate Microsoft Active Directory (LDAP) into checkpoint for identity awareness and user authentication.

Managed and configured Linux and Windows servers for optimal network performance and security.

Environment: Cisco 12000, 7500, 3800 series routers and Cisco 3560 series switches, Pulse, Juniper EX4200, EX3200 Switches, Juniper MX80, MX480, MX960 Routers, AWS, F5 ADC, FHRP: HSRP, Algosec, GLBP, ASR 9000, zscaler, Cisco Firepower, Palo Alto, Cisco Nexus Switches 2232, 5596, 7009, VLAN, 802.1Q.

Client: State of Texas (HHSC), TX Aug 2020 – Nov 2023

Role: Senior Network Engineer

Responsibilities:

Managing and configuring Cisco Switches and Routers independently.

Troubleshoot NSX-related issues, including connectivity and performance problems.

Experience in migration of Frame-relay-based branches to MPLS-based technology using multi-layer stackable switches like 6500 series and 2800 series routers. In addition to adding Ethernet Ring Protection (ERP)

Configuring and Automating Traffic Testing tools like Ix-Explore, IxLoad, IxNetwork, Spirent Test Center, and Spirent Test Center virtual using Python API’s.

Integrated A10 ADC into Palo Alto perimeter firewall deployments for enhanced load balancing and threat mitigation.

Managed firmware upgrades, patches, and lifecycle management for Cisco WLCs and APs to ensure compliance with best practices.

Created security policies to enforce SSL decryption exceptions and client error handling based on organizational requirements.

Implemented RADIUS attribute policies for VLAN assignments and user profiling in enterprise NAC environments.

Implemented cluster services using Docker and Azure Kubernetes Services (AKS) to manage local deployments in Kubernetes by building a self-hosted Kubernetes cluster using Jenkins CI/CD pipeline.

Deployed Fortinet Secure SD-WAN to enhance security and optimize traffic steering across multiple branch locations.

Integrated WPA2, WPA3, 802.1X, and PSK authentication mechanisms to enhance wireless security and prevent unauthorized access.

Performed upgrades and change management for Silver Peak orchestrator and edge devices as part of routine maintenance.

Troubleshot latency, jitter, and packet loss issues across Silver Peak tunnels using built-in monitoring and diagnostic tools.

Conducted seamless migrations from traditional controllers to Mist cloud-managed wireless infrastructure.

Led the DNS design and management using Amazon Route 53, enabling reliable service discovery, routing policies, and geo-redundancy for global applications.

Collaborated with vendors for Mist deployment in branch and data center environments, including WAN/LAN integrations.

Built zero-trust network models integrating encrypted traffic paths, mutual TLS, and fine-grained IAM policies to secure internal and partner API communications.

Deployed Wi-Fi 6 (802.11ax) for high-density environments, ensuring seamless user experience.

Implement Quality of Service (QoS) policies to prioritize VoIP traffic and ensure call quality.

Upgraded enterprise wireless infrastructure from legacy controllers to Aruba Mobility Master architecture.

Deployed WAN acceleration policies to optimize file transfers and database synchronization between remote offices.

Experience in configuration and Automation of Ix Explore, Ix Network, Ix Load, Spirent Test Center and Linux PC, Win PC, Radius Server, SSC using TCL and Python API’s.

Integrated Cisco ISE for 802.1X authentication, guest access, and NAC policies, improving wireless security.

Using Python, validate data that can be acted on for user IP migrations.

Interoperability testing and Traffic sending with Cisco, Extreme Devices, Ixia, and Spirent Test Center.

Integrate NSX with third-party security solutions for enhanced protection.

Designed IPsec VPN tunnels between branch offices and HQ using Palo Alto NGFWs with high availability failover.

Designed and developed horizontally scalable APIs using Python Flask.

Provide support for implementing Carrier/Metro Ethernet transport/backhaul networks with both point-to-point microwave and optical segments.

Performed Wi-Fi site surveys using Ekahau and AirMagnet to optimize AP placement and coverage areas.

Manage VMware ESXi Windows servers optimize for minimal downtime.

Designing, and implementing LAN/WAN configurations on Cisco 5K, catalyst 6500, and 9000 switches.

Configured network interfaces, routing, and firewall rules on both Linux and Windows systems.

Packet capturing, troubleshooting on network problems with Wireshark, identifying and fixing problems

Implementing, configuring, and troubleshooting various routing protocols like RIP, EIGRP, OSPF, and BGP etc.

Performing network monitoring, and providing analysis using various tools like Wireshark, Solar Winds, etc.

Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, and BGP v4. Configured IP access filter policies. Cisco CLI, Cisco Works, Network Security, Network Analysis Tools.

Develop and implement disaster recovery plans utilizing NSX capabilities.

Troubleshot and resolved wireless connectivity issues, interference, and performance bottlenecks using Wireshark and DNA Center.

Layer 2 switching technology architecture, implementation, and operations including L2 and L3 switching and related functionality. This includes the use of VLANS, STP, and VTP and their functions as they relate to networking infrastructure requirements including internal and external treatment, configuration, and security.

Ability to analyze, configure, and troubleshoot networks.

Environment: Cisco, MPLS, ERP, x-Explore, IxLoad, IxNetwork, Spirent Test Center, and Spirent Test, Python API’s, Docker, Azure Kubernetes Services, Jenkins CI/CD, VMware ESXi, Linux PC, Win PC, Radius Server, SSC, Azure EventHubs, OSPF, BGP, SRX Firewalls, Cisco 5K, catalyst 6500, and 9000, VLAN, VTP, STP, RSTP, PVST, RPVST, RIP, EIGRP, OSPF, BGP, MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, Cisco CLI, Cisco Works, Server 2003/2008 R2 – Server 2016, L2, L3, VLANS, STP, VTP.

Client: United Health Care, Charlotte, NC Nov 2017 – Aug 2020

Role: Senior Network Security Engineer

Responsibilities:

Performed Level 3-4 troubleshooting and analysis of disaster recovery issues, security implementations, firewall configurations, vulnerability assessments, and intrusion detection and analyze customer consultation.

Configure NSX Distributed Firewall rules to control traffic between virtual machines.

Deployed Azure IaaS virtual machines (VMs) and Cloud services (PaaS role instances) into secure VNets and subnets.

Implemented automated reporting solutions with Python and Django to generate network performance and status reports.

Creating Security policies and rules in Fortinet firewalls used as egress filtering firewalls in the enterprise network environment.

Tuned SSL inspection for compatibility with enterprise SaaS applications, improving user experience and compliance.

Perform capacity planning and scaling of VMware environments based on business needs.

Conduct regular security assessments and implement measures to protect VoIP systems from threats.

Collaborate with vendors and service providers to manage VoIP-related projects.

Worked on Multi-vendor platform with Check Point, Fortinet, and Cisco firewalls requesting net flow for security compliance, coding, and pushing firewall rules after approval and troubleshooting incidents.

Created Python scripts to automate network monitoring and configuration tasks, reducing manual intervention and improving efficiency.

Worked with compliance teams to refine DLP signatures and monitor incident logs via Panorama.

Designed and deployed various data center networks utilizing industry best practices. Expertise in Cisco, Arista, and Dell Force10 L2/L3 platforms.

Tuned Free RADIUS configurations to support large-scale device authentication and accounting in distributed sites.

Exposed Virtual machines and cloud services in the VNets to the Internet using Azure External Load Balancer.

Expertise in migrating Cisco ASA and Fortinet firewalls to Palo Alto’s Next-Generation Firewalls using PAN migration tool/ Expedition Tool.

Configured and managed Palo Alto Global Protect VPN solutions, supporting remote access and split tunneling for distributed users.

Integrated observability tools such as VPC Flow Logs, CloudWatch, and third-party SIEMs to monitor network traffic and support real-time incident response and audits.

Simplified legacy network topologies, reducing complexity and improving performance while ensuring alignment with regulatory and compliance requirements like PCI DSS or SOC 2.

Manage NSX Edge Services Gateway for load balancing and VPN services.

Executed POC’s for CSAA on Pluribus SDN, Cisco ACI, and Arista Cloud vision for comparison and selection of suitable SDN architecture that meets their requirements.

Evaluated Cloud Environment for Azure and AWS and enhanced availability and function for Dev teams by implementing VPN connectivity, which improved security and access to cloud resources.

Worked on AWS to Corporate connectivity and AWS EC2, Auto scaling, NAT Gateways

Used Visio diagram to support the verification of switches and servers in the DMZ.

Manage the firewall deployment, rules migrations, and firewall administration.

Used QRadar to check logs for troubleshooting firewall as well as network issues.

Demonstrated experience with IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption, and integrity protocols.

Utilized Django ORM to interact with databases for storing and retrieving network configuration data and logs.

Designed Network Security Groups (NSGs) to control inbound and outbound access to network interfaces (NICs), VMs and subnets.

Designed Python scripts for handling network events and generating alerts based on predefined criteria.

Created documentation for Python and Django-based network tools and applications to facilitate knowledge sharing and training.

Configure, and update software, troubleshoot routing issues and maintain various enterprise network devices such as Cisco Nexus 9k's,7k', 6k's, 5k's and 2k's, Cisco Catalyst switches, Dell switches and Fortigate Firewalls.

Worked on Next Gen Firewall features like Application and URL filtering, SSL Forward Proxy, SSL Decryption, Web-filter, and SD-WAN in Fortigate firewalls.

Implemented VLAN, VTP domain, Trunking, and Ether Channel on Cisco 5500 switches.

Responsible for performing predictive wireless designs/site surveys with Airmagnet Planner (Cisco 3500/3600/3700/) and conducting physical wireless site surveys with Airmagnet Survey.

Configured and performed software upgrades on Cisco Wireless LAN Controllers 5508 for Wireless Network Access Control (NAC) integration with Cisco ISE.

Diagnosed and resolved network connectivity and performance issues across Linux and Windows environments.

Analyzed network traffic data using Python libraries to identify performance issues and optimize network configurations.

Implemented Cisco Application Centric Infrastructure ( Cisco ACI) as a solution for data centers using a Spine and Leaf architecture

Worked on Python scripting for network configuration and management.

Developed custom network diagnostic tools using Python, enhancing troubleshooting and diagnostic capabilities.

Utilized NSGs for layer 4 Access Control List (ACLs) for incoming and outgoing packets.

Worked on physical and virtual networks to provide functionality on additional layers on VMware NSX.

Worked with Host Master for shared web hosting and managed Web Application Firewall (WAF), DNS, and DHCP management using Infoblox and Analyzed networks using Wireshark.

Performed all maintenance tasks on the Nexus Switches, ASR Routers, Checkpoint Firewalls, F5 Load balancers Infoblox DNS and Cisco ACI.

Environment: Cisco ASA 5500, IAM, Cisco, Palo Alto, ClusterXL, LAN/WAN protocols, Fortinet Network Firewall, TCP/IPv4, SGs, WCCP, Arista, Dell Force10 L2/L3 platforms, Cisco ASA, MLS, POC’s, CSAA, SDN, Azure, AWS, EC2, IPSEC VPN, Cisco systems, SD-WAN, Citrix NetScaler VPX, Cisco Nexus 9k's,7k', 6k's, 5k's and 2k's, SSL Forward Proxy, SSL, VLAN, VTP, NAC, B2B VPN, Nexus Switches, ASR Routers, Checkpoint Firewalls, F5.

Client: Value Momentum, India Nov 2014 – Aug 2017

Role: Network Engineer / Network Analyst

Responsibilities:

Configure / Troubleshoot CISCO 12000, 7500, 3800 series routers, and 3560 series switches for LAN/WAN connectivity.

Involved in the design and implementation of Data Center Migration, and worked on implementation strategies for the expansion of the MPLS VPN networks

Designed and implemented support for streaming Open config models in model-driven telemetry.

Configure and manage VMware vMotion for live migration of virtual machines.

Actively involved in Switching Technology Administration including creating and managing VLANS, Port security- 802.1x, Trucking 802.1Q, RPVST+, Inter-VLAN routing, and LAN security on Cisco Catalyst Switches4507R+E, 6509-E and Cisco Nexus Switches 2232, 5596, 7009.

Design, deploy, and manage VMware NSX environments for network virtualization.

Troubleshooting of complex LAN/WAN infrastructure that includes routing protocols EIGRP, OSPF & BGP, MPLS

Experience with deploying PIM Sparse-mode/Dense-mode multicasting in Campus locations.

Serve as part of a team of network engineers responsible for base-wide network upgrade from Cisco Layer 3 Catalyst switches to Juniper Layer 3 EX4200 & EX3200 switches.

Design, implement and administer IPv4 enterprise network infrastructure utilizing Juniper routers like Juniper MX80, MX 480 and MX960.

Perform capacity planning and scaling of VoIP infrastructure based on business needs.

Participated actively in proof-of-concept project implementation which included storage and backup solutions from private cloud providers Amazon AWS & Microsoft Azure.

Devised new VPN solution utilizing Cisco Firepower and Cisco AnyConnect

Designed perimeter security policy; Implemented Firewall ACL's; Allowed access to specified services; Enabled IDS/IPS signatures in Firewall & fine-tuned TCP & UDP.

Troubleshoot and resolve issues related to VMware virtualization platforms.

Responsible for managing Cisco routers, switches, HP switches, and F5 load-balancers using SNMP MIBs for fault detection and fault isolation.

Working on products for Wi-Fi alliance and WLAN testing & pre and post deployment Wireless security WEP, WPA, EAP

Implement micro-segmentation using NSX to enhance network security.

Responsible for troubleshooting Cisco ISE and adding new devices on the network based on policies on ISE.

Implemented Cisco ISE 1.2 for Wireless 802.1x Authentication and Authorization with Flex-Connect

Configured and performed software upgrades on Cisco Wireless LAN Controllers 2504, 4404, and 5508 for Wireless Network Access Control integration with Cisco ISE.

Monitored and analyzed network performance metrics on Linux and Windows systems to ensure smooth operations.

Troubleshoot Fortinet Firewall, issues, edited policies, and created rules.

Fortinet Firewall administration configuration of FortiGate 3000, 3815 series as per network diagram

Understand OSPF configuration and authentication settings to migrate routing over to the Firepower platform

Involved in the Configuration of Access lists (ACL) on checkpoint firewalls for the proper network routing for the B2B network connectivity.

Responsible for the secure development lifecycle environment from NX-OS to Application Centric Infrastructure (ACI) in the data center, implemented in the lab environment.

Document VoIP network configurations, settings, and maintenance procedures.

Design and deploy VMware NSX for network virtualization and micro-segmentation.

Integrate VMware environments with third-party tools for monitoring and management.

Implement and manage SIP trunking for efficient voice communication.

Worked with several network engineers

Contact this candidate