| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateProfessional Experience:Highly skilled and experienced Sr Network Engineer with over 13 years of experience in Designing, Implementing, and Maintaining complex networks for a wide range of Organizations. Skilled in all aspects of network engineering, including Network Architecture, Routing and Switching, Security, and performance tuning. Proven track record of delivering reliable and high-performance networks that meet the needs of Organizations. Orchestrated with a variety of networking technologies and tools, including Cisco, Juniper, and Palo Alto Networks.Expertise in configuration and troubleshooting of Palo Alto 800, 3k, 3260, 5060, 5220, 5430, 7050 and 7080 series firewalls. Fortinet Firewall 300D, 500E & 60D firewalls.Extensive experience with Cisco ISE posture, Cisco Switches with IOS at the command line level in both Campus LAN and WAN environments.Hold distinction in optimizing the network/system performance by executing the changes, including BGP, OSPF, RIP and EIGRP.Overhauled and implemented an entire Cisco Meraki Wireless network, Cisco Meraki Switches and Security Appliances, and redesigned the Voice network with Polycom phones.Managing Cisco ISE for wireless and wired authentication. Migrating Cisco ACS to Cisco ISE.Creation of VLANs and Inter VLANS routing in Layer 3 Switches.Experienced in IP schema IPv4/v6 design for entire project and deployment.Troubleshoot single area and multi-area OSPFv2 for IPv4 and Troubleshoot EIGRP for IPv4, troubleshoot RIPv2 for IPv4.Honed skills in determining over 50 network Vulnerabilities Assessment and Penetration Testing (VAPT) by testing infrastructure security and tracking potential threats to the Network.Experienced in Juniper Routers, Switches such as MX-960, MX104, MX240, EX4200, EX4300, EX4550, EX8208 and CISCO Routers, Switches such as Catalyst Switches 2960, 3750, 3850 &Cisco routers series 1100, 1921, 1841 and ASR1K.Design and setup of Aruba Controllers 531, redundant 7211, 3200, 3400 and 6000 series.Orchestrated on SDWAN (Cisco Viptela & Meraki), SD-Access (SD-Access (DNA C)), Cloud computing (AWS).Experience in Wired & Wireless (Wi-Fi) Data-Networks for Infrastructure support which includes Designing, Implementing, Operations and technical support on IT Infrastructure (LAN/WAN/Wireless).Implement and maintain all aspects of the VOIP network infrastructure (i.e. Cabling- Racking/LAN/WAN/WLAN/VoIP/VPN/Network Security).Experience in analyze, design, implement and maintain the network's BIG-IP LTM F5 Load Balancer BIG-IP i15000 Series / 2RU, BIG-IP i7000 series / 1RU infrastructure.Designed, Directed, and configured new CPE test Lan environment, enabling transfer of CPE testing activities to a new facility.Adept in installation, configuration, maintenance & troubleshooting of wide network topology crafted of Cloud (AWS) services and peripherals in multi-platform environments ensuring maximum uptime.Supported over 1000 users, including Lan cables, ports, routers, switches, Load Balancers, and VPNs by designing, configuring, and installing all Data Center Network Devices.Associated with Cyber Security teams internal and external in managing tools that include but are not limited to allowing technologies, data loss prevention, malware prevention, and real-time metrics reporting.Expert in network assessment of existing Architecture and identify area of improvement and propose new network design.Directed the technical infrastructure and operations of the Network Operating Center (NOC), including network monitoring tools, management systems, and network devices such as switches, routers, and firewalls.Orchestrated closely with the IT team to configure and integrate various SASE components, including VPN, firewall, and web security.Experience in Configuration and Optimization with cloud-based network solutions Such as AWS, including advanced features such as Virtual Networks, Subnets, Routing tables, and security groups.Experience in monitor high availability and performance extent of AWS resources and manage disaster recovery and create backups of AWS resources.Expertise with AWS network, Used AWS CloudWatch, AWS CloudTrail, as monitoring tools to keep an eye on network bandwidth, latency, and other metrics.Experienced with AWS CloudFormation or AWS Elastic Beanstalk to automate the deployment and management of network resources to reduce manual intervention and ensure consistency across environments.Technical SkillsNetwork Support:Cat OS Switches: 9000, 6500, 4500, 3850. Cisco Router: ASR 1001X, 7200, PHONE NUMBER AVAILABLE Series. Cisco ASA 5585, Firepower 4150, Cisco ISE, Nexus 9K,7K,5K, Meraki MX 250, Meraki MS 250, Viptela, ClearPassNetwork/Protocol:LAN/WAN, TCP/IP, WINS, DNS, DHCP, POP3, SMTP, FTP, TELNET, VPN, ICMP, TFTP, Ethernet, RIP, IPSEC, IGRP, EIGRP, OSPF, BGP, MPLS, VPLS VoIP, H.323, SIP, BFD, ZTP, OMPLoad BalancerBIG-IP F5, A-10, NETSCALERRouting Protocols:RIP, EIGRP, OSPF, BGP, IS-IS,L2 Protocols:VTP, STP, RSTP, PVST, ISL,802.1q,802.1X, 802.1DSwitchingVDC, VRF, VLANs, PVLANs, Ether-Channel and LACPWAN Technologies:SD-WAN, SDN, PPP, MPLS, EVPN, Metro EthernetOperating SystemWindows 2008 Server, Windows 2012 Server, LinuxSwitchingVLAN, VTP, STP, HSRP, Ether-channel, VSSToolsWireshark, Solar Wind, Infoblox, Cisco Prime, Nagios, DNA Center, HPNA, extreme management center (XMC)Data CenterNexus-9K, 7K, 5K, 2K, FEX, vPC& AristaFirewallPalo Alto 800, 3k, 3260, 5060, 5220, 5430, 7050 and 7080 Checkpoint.R76/R77 75+ 15000, 21400, 23000 and Fortinet 300D, 500E & 60DF5 Load BalancersLTM, GTM, SSL offloading, VIP, Pool, TCPDUMP, TroubleshootingAWSVPC, EC2 Instance, S3 Buckets, Auto scaling, AWS IAM, ELBCertificationsPalo Alto (PCNSE), CCNA(R&S), CCNP(R&S), CEH and CISAProfessional ExperienceCleveland Clinic (CCF)- Cleveland, OHIO. Mar 2023 to Till now.Senior Network Engineer and Team LeadDirected the Architecture and operations of Data Center in the entire Cleveland Clinic area and provided support for other regions as needed.Designed and implemented secure and compliant Data Center network infrastructure to support 10,000+ connected devices. Established and monitored effective security protocols, policies, and procedures.Experience in deploying Palo Alto Networks Next-Generation Firewalls (NGFWs) for perimeter defense and Utilized Palo Alto Networks features like SSL Decryption and App-ID to identify and mitigate potential threats hidden within encrypted traffic.Threat prevention. Experienced and skilled Security Architect with a proven track record in designing and implementing robust security solutions and Expertise in analyzing and assessing security risks to develop comprehensive security architectures.Successfully renewed Citrix NetScaler certification, demonstrating ongoing dedication to staying updated with industry-leading networking technologies.Proficient in designing, implementing, and managing application delivery infrastructures using Citrix NetScaler, ensuring optimal performance and security for critical business applications.Configuration and operation of Infoblox ND 800 used for Network Discovery and DNS/DHCP Trouble shooting.Configured and managed F5 BIG-IP LTM (Local Traffic Manager) load balancers, optimizing traffic distribution and enhancing application performance.Implemented advanced traffic management policies using iRules and F5 TMOS, improving network efficiency and user experience and designed and implemented a high-availability load balancing solution with F5, reducing application downtime by 40%.Wireless LAN (WAN) -- Installation of controllers, Access points and wireless Coverage Plans.Takin care of all DNS/DHCP Infoblox related task, new subnets creation, alias, DNS records update.Taking care of all new implementations (Routing, Switching, Data Center, Security and Working on Migration, incidents and Service request related to all network outages.Documentation, Drawings preparation, CAB meetings, Project meetings, daily standup calls, outage calls.Designed and implemented Metro Ethernet networks to provide high-speed, scalable, and reliable connectivity for enterprise customers.Implemented and configured Forescout NAC solutions to enhance network security posture by controlling and monitoring device access.Conducted assessments and audits of network infrastructure using Forescout NAC, identifying and remediating security vulnerabilities and compliance gaps.Proficient in deploying and configuring Cisco Meraki networking devices such as wireless access points, switches, and security appliances.Managing network infrastructure through the Cisco Meraki dashboard, utilizing its cloud-based interface for centralized configuration, monitoring, and troubleshooting.Working on Network tools migration, migrating to Cisco DNAC and Working on WAN redesign project to migrate legacy WAN to New SDWAN and Working on vulnerability remediation by security team.Pre-migration Planning: Identify the need for the migration, such as upgrading to a newer model for improved performance or replacing an end-of-life device and Conduct a thorough inventory of the existing network infrastructure, including all devices connected to the switch.Backup Configuration: Backup the current configuration of the Cisco 9410 switch to ensure that all settings, VLANs, access control lists, and other configurations are preserved.Post-migration Verification: Confirm that all network devices are properly communicating with the new switch and Monitor network performance and troubleshoot any issues that may arise during the post-migration period.Zscaler Zero Trust Firewall delivers cloud-based protection for web (HTTP/HTTPS) and non- web traffic (FTP, DNS, RDP, Telnet and more) for all users and devices regardless of where they connect.Update Network Documentation to reflect the changes crafted during the migration process.Design and Architecture: Developed and implemented Cisco ACI architectures based on business requirements, ensuring scalability, flexibility, and high availability.Integration and Migration: Successfully integrated existing network infrastructure with Cisco ACI, ensuring seamless migration with minimal disruption to operations.Troubleshooting and Optimization: Proficient in diagnosing and resolving network issues within the Cisco ACI fabric using various troubleshooting tools and techniques, optimizing performance and reliability.AT&T --- NJ Oct 2022 to Feb 2023.Senior Network EngineerResponsibilities:As a Network Admin and Palo Alto Firewall Engineer Configuration and managing Palo Alto firewall with Panorama and Security policy, NAT Policy, Antivirus, Dynamic and IOS upgrade.Provided Firewall VPN (Prisma, Any Connect) and Remote Access Management. Issues and response to end users.Directed and implemented changes to Firewall policies and configurations as per organization requests, based on existing models and best practices. Maintained detailed documentation of firewall configurations, diagrams, technical manuals, and incident reports.Architected, implemented, configured, and migrated traditional networking, wan, switching, storage to SDN, SDWAN, SD-Access, SD-Wireless and SD-Storage.Generated certificates, assign group policies, integrated Global Protect with Cisco ISE, build authentication profiles. Implement MFA for remote VPN Global Protect users. Build IP pools and modified portal pages of Global protect VPN and WAN optimizers (Silver peek) across data centers.Conducted Network Performance monitoring and analysis using tools such as SNMP, NetFlow, and packet captures, to identify and resolve network issues. Implemented network segmentation, access control, and other security policies, to protect the confidentiality, integrity, and availability of network data.Conducted Network Audits and assessments to identify opportunities for improvement, and implemented changes to enhance network performance, security and availability.Provided technical support and troubleshooting for WAN and LAN issues, including analyzing logs and metrics, diagnosing issues, and implementing solutions.Implemented and maintained firewall policies and rules to ensure the security of the client's network infrastructure and data. Conducted Vulnerability Assessments and Penetration Testing (VAPT) to identify potential security risks and implement appropriate security measures.Utilized monitoring tools to identify and resolve network incidents, such as network outages, device failures, and service disruptions, in both wired and wireless environments.Installation, Configuration, Monitoring, and Troubleshooting of Cisco Wireless environment using Prime and Cisco DNAC (cat 9800 infrastructure) automation and VXLAN Tunnel encapsulation knowledge.Oversaw for Additional coverage /New locations Network Design for wireless infrastructure support.Provided training and documentation to educate end-users about the new SASE capabilities and best practices for secure remote access.Collaborated with cross-functional teams to design and implement Zscaler SASE solutions tailored to specific business requirements.Site to site tunnel configuration. Configured and Directed Autonomous and Standalone Access Points with WLC 5508. Designed Security policies of wireless infrastructure.Configured and optimized wireless LANs, VLANs, and SSIDs to provide secure and efficient wireless access for end-users, while minimizing network congestion and interference. Designed and implemented Wireless Security Policies, such as WPA2, 802.1x, and captive portal authentication, to ensure the confidentiality and integrity of wireless traffic.Developed and implemented Cisco ASA integration with other network security solutions, such as firewalls, VPNs, and SIEMs, to provide a comprehensive and layered network security approach.Configured Firewall Policies, such as access control policies, VPN policies, and NAT policies, to provide granular control and visibility over network traffic and users. Conducted network assessments to analyze network requirements, identify security issues, and develop remediation strategies.Ernst Young (EY) (Hyderabad - India) Aug 2016 to May 2022.Senior Network EngineerResponsibilities:Understanding and creating the organization's specific requirements for the AWS VPC, including the number of resources that will be hosted in the AWS VPC, the geographic regions where the AWS VPC will be deployed, and any specific security or compliance requirements.Using AWS VPN services, connected organizations cloud infrastructure to an on-premises data center. And familiar with VPN configurations, encryption methods, and routing protocols.Created AWS Network Load Balancing services, which allows distribute traffic across multiple instances or virtual machines taken care of NLB configurations, health checks, and scaling policies.Created a private, high-speed connection between on-premises network and cloud infrastructure using AWS direct connectivity options Orchestrated with DX configurations, service provider options, and network topology.Configured to protect cloud-based resources such as AWS with wide range of network security features, such as firewalls, intrusion detection/prevention, and distributed denial of service (DDoS) protection.Orchestrated on deploying, designing, configuring, maintaining, and fixing most of the network security implementations of Palo Alto PHONE NUMBER AVAILABLE80 series firewalls.Designing and implementing wireless networks using Cisco Meraki wireless access points, including site surveys, RF optimization, and guest access setups.Familiarity with Cisco Meraki's SD-WAN solutions, including configuring and optimizing VPN tunnels, traffic shaping, and application-aware routing for enhanced WAN performance and reliability.Configured Metro Ethernet equipment including routers, switches, and optical devices, ensuring optimal network performance and minimal downtime through proactive monitoring and troubleshooting.Creating a virtual interface such as Switch Virtual Interface (SVI) for each VLAN and enabling IP routing. Configuration of Inter-VLAN routing. Which involves creating a routing table which includes entries for each on the Layer 3 switch that specifies how traffic is routed between VLANs. The routing table should include entries for each VLAN interface and should specify the next-hop gateway for each destination network.Installed and configured LAN/WAN Networks, Hardware, Software, and Telecommunication services- Cisco Routers and Switches. Implemented IPv4 and IPv6 on PTX platforms.Orchestrated on Cisco ACI, VMWare VX Rail/NSX, Cisco SD-Access, Velo cloud SDWAN, Cisco SD Access Wireless.Configuration and managing Palo Alto firewall with Panorama. Security policy, NAT policy, Antivirus, Dynamic and IOS upgrade.Orchestrated on configuring, maintaining, and troubleshooting of CheckpointR76/R77, 75+, 15000, 21400, 23000 series Firewall.Configuration and troubleshooting of Site to Site as well as Remote Access VPN on Cisco Palo Alto and Check Point firewalls.Implementing Port-Channel, STP, RSTP, PVST, VTP, HSRP, VRRP, ACL, VDC and VPC in Nexus 9220 (9k), 7010 (7K), 5555 (5k) and 3250 (3k) data center switches.Orchestrated on implemented Cisco Application Centric Infrastructure (Cisco ACI) as a solution for data centers using a Spine and Leaf architecture.Designed, configured and went live with Global Design Center of FR with Cisco Catalyst 6800- switches, 6880-line cards ASA5525x, Cisco WLC 5520, Cisco ISE 3514.Deployed and configured Cisco ACI Fabric, including leaf and spine switches, fabric interconnects, and other network devices. Worked with Cisco APIC (Application Policy Infrastructure Controller) to manage and configure the ACI Fabric, including creating policies, templates, and service graphs.Troubleshot network issues on the ACI Fabric using tools such as packet captures, log analysis, and network monitoring. Worked with cross-functional teams to integrate ACI Fabric with other IT systems, such as virtualization platforms, storage systems, and security tools.Deployment and Configuration responsibilities with Cisco ISE 2.x, Cisco ASA, and Palo Alto Firewalls.Cisco ISE profiling and AAA Radius configuration and Working experience with orchestrate, manage, and monitor the Cisco Viptela SD-WAN cloud infrastructure.Configured Cisco ISE 3514 for radius, MAB, 802.1x authentication and wireless guests access. Integrated Cisco ISE with Any Connect for Remote Clients. Facilitated Information Security Team to update the remote user policy, guest access policy and other policies.Designed and implemented routing protocols (BGP, OSPF, EIGRP) in SD-WAN environments to ensure network availability, scalability, and performance. Worked with WAN edge devices and controllers to manage routing policies and traffic flows, including configuring QoS and traffic shaping.Created detailed Network Diagrams, including physical and logical layouts, and presented them to stakeholders for review and approval. Configured and deployed network devices such as Routers, Switches, Firewalls, and Load balancers to support the network design and topology.Conducted Network Assessments and Audits to identify opportunities for improvement and implemented changes to enhance network performance, security, and availability.Oversaw for designing enterprise network solution comprising of Wireless, LAN, WAN, Meraki Aruba and wireless devices.Designed and implemented complex BG-IP environments that utilized multiple F5 products, such as GTM (Global Traffic Manager), LTM (Local Traffic Manager), APM (Access Policy Manager), and ASM (Application Security Manager).Configured Cisco WLC 5520, 2504 in all large offices. Designed policies. Integrated Cisco ISE with WLC 5520 for guest access. Configured QoS and policing for Guest SSIDs.Ensured the security of the network. Which includes configuring security groups, Network ACLs, and other security settings to protect the network from external threats.Supported the developers and other teams to ensure that their applications and services are working correctly on the network. This may include troubleshooting connectivity issues, providing guidance on Network.Tata Consultancy Service (TCS) Aug 2013 to July 2016.Network Admin and Architect (Hyderabad - India BOFA(USA Client)Responsibilities:Orchestrated on support, monitor and take care of existing configuration changes for Juniper and Fortinet Firewall Networks.Primarily oversaw for supervising Network data, Security and Voice infrastructure related projects deployment, new implementations.Implemented Active/ Standby HA configuration on Juniper and Fortinet Firewalls.Creation and modification of Policy on Fortinet Firewall 300D, 500E & 60D series.Orchestrated with configure objects, rules, and settings to define a security policy on FortiGate Firewall.Orchestrated with Data Center network infrastructure to provide connectivity to 2500 servers on Arista Data center switching.Done wireless site surveys for new and existing stores and recommended different enhancements network and wireless designs.Orchestrated extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.Configuring ASA Firewall and accept/reject rules for network traffic. Designing, implementing LAN/WAN configurations on Cisco 5K, catalyst 6500 switches.Maintenance of layer 2 and Layer 3 switching tasks which advocate VLAN, VTP, STP, RSTP, PVST, RPVST, configuring of ether channel with LACP and PAGP along with troubleshooting of inter-VLAN routing.Performed Network Security Assessment and implemented security improvements such as network filtering, SSH, AAA, SMTP, SNMP access lists, VTY access lists, EIGRP MD5 authentication, and HSRP authentication.Installation, configuration of Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol such as OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design.Packet capturing, troubleshooting on network problems with Wireshark, identifying and fixing problems.Configured and maintained network monitoring tools, such as Spectrum and Cisco Prime, to ensure optimal network performance and uptime for both wired and wireless environments.Orchestrated with Cisco ISE to prevent unauthorized access to the network and integrated with a variety of identity sources, such as Active Directory, LDAP, and RADIUS servers.Configured OSPF and BGP routing protocols, including advanced features such as route filtering, summarization, redistribution, and policy-based routing on Juniper routers and SRX firewalls to provide efficient and secure network routing for end-users.Developed and implemented OSPF and BGP integration with other network security solutions, such as firewalls and VPNs, to provide a comprehensive and layered network security approach.Deploying Service Packs and Security patches bi-monthly on BGIT Application servers (Product Studio and VSTFS)., which include windows 2008, 2012 R2 and MS SQL server 2008 and 2012R2 Servers.Implementing, configuring, and troubleshooting various routing protocols like RIP, EIGRP, performing network monitoring, providing analysis using various tools like Wireshark, Solar winds.Designed, configured, and implemented Meraki Firewall, Switches, Wireless and SD-WAN for a brand as all-in-one box solution and migrated MPLS circuits to Internet WAN links.Troubleshooting and managing different types of Cisco Catalyst Switches 2960, 3750, 3850&Cisco routers series 1100, 1921, 1841 and ASR1K.Configured Viptela devices for SD-WAN connectivity, including the deployment of vEdge routers and smart controllers, and the configuration of VPNs, QoS policies, and other features.Developed and implemented SD-WAN integration with other network security solutions, such as firewalls and IPSs, to provide a comprehensive and layered network security approach.Monitored and maintained F5 load balancers to ensure efficient and secure network traffic management for end-users. Conducted daily port checking to identify and resolve any issues or errors in port configurations.Configured F5 load balancer policies, including pool, virtual server, and I Rule configurations, to provide granular control and visibility over network traffic and users.Directed and delivered IP network projects from conception to delivery, including developing project plans, tracking milestones, and delivering on-time and within budget.Configured Cisco ISE 3514 for radius, MAB, 802.1x authentication and wireless guests access. Integrated Cisco ISE with AnyConnect for Remote Clients. Facilitated Information Security Team to update the remote user policy, guest access policy and other policies.Team Lead in configuring CVD of private MPLS LAN of company with 10 sites. Configured Nexus 7018 with Nexus 5596UP and Nexus 2232PP. Configured ISE, Cisco Prime (NMS/LMS).Orchestrated in Solution planning of IP Networks, LAN, WAN & Data center (Data network infrastructure).Configure and Install Cisco Wireless controllers and integrate with Cisco ISE and DNA and Configure Software Defined Access fabric based on Cisco DNA.HCL Technologies (Hyderabad - India) Apr 2011 to July 2013Network EngineerResponsibilities:Orchestrated on Implementing & Troubleshooting checkpoint Firewalls, Creating Policies, and rules in Checkpoint.Experience for site-to-site IP Sec VPNs; ACLs on corporate and client firewalls; new server deployment, VoIP administration; system upgrades including OS patches and virus definition updates; failed hardware replacement; and power monitoring and allocation.Working in LAN and WAN installation, configuration, and support and IOS updates (Cisco routers, switches, firewalls).Configured Cisco WLC 5520, 2504 in all large offices. Designed policies. Integrated Cisco ISE with WLC 5520 for guest access. Configured QoS and policing for Guest SSIDs.Configured and Directed Meru Wireless controllers and migrated SSIDs from standalone access points to Meru Wireless Controllers.Orchestrated on Performed Network Equipments (Routers & Switch) Configurations (PE & CE) and activated & accepted Testing; the operational changes included implementing protocols (MPLS, BGP, OSPF, EIGRP & RIP and switching technology).Experience in Configuring and troubleshooting WAN & LAN routing protocols such as RIP, OSPF, EIGRP, BGP and LAN technologies like STP, 802.1Q trunking, VLANs VTP, VRRP and HSRP, Wireless infrastructure using Cisco devices.Working experience with Regularly provide either on-site or remote support to end users.Experienced in Planned and designed the organization's LAN network expansion. Upgraded and configured Microsoft Window server and installed network routers, cabling, and Firewall.Experienced for network management including network performance tuning, security monitoring, file server backup and email server administration.Working experience for troubleshooting and debugging network related issues.Daily work includes installing and configurations ADSL modems managing incident calls, cable line connectivity issues, Monitoring and optimization troubleshooting of office Network, end user complaints and issues.Primarily oversaw for managing end to end Network infrastructure services in terms of data, voice, security and video conferencing services, 24x7 command center, batch processing and monitoring tools infrastructure related activities. |
