| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
Phone: PHONE NUMBER AVAILABLEE-mail: EMAIL AVAILABLESummary: 8+ years of experience in network operations, administration, design and security. Expert in dealing with Networking Protocols and Standards such as TCP/IP, OSI, UDP, Layer 2 (VLANs, STP, VTP), Routing Protocols (RIP, EIGRP, OSPF, BGP) Experience in Network Security design and operations on Cisco ASA, Palo Alto, Juniper SRX and Checkpoint. Knowledge on cloud-based services like AWS (Amazon Web Services). Responsible to manage AWS VPC configuration for CIDRs and internet gateway Working experience of managing EC2 instances, Target groups and Load balancers in AWS cloud. Knowledge on SD-WAN cloud solution with Aviatrix Hub and Spoke gateways in AWS Experience of onboarding new financial institutes as a client (i.e. Banks, Credit Unions, Insurance Companies, Counties) with the end-to-end network connectivity including WAN, LAN and F5 solutions. Extensive experience on F5 LTM/GTM including CLI commands i.e. VIP creation, ssl offloading, iRules, persistence profiles, pool member health monitors, tcp dump utility. Working experience performing Incident, change management using ticketing tools such as ServiceNow, Remedy. Experience in installing and configuring DNS, DHCP server. Experience on Monitoring and Management tools such as HP Open view, Splunk, TCP dump, Solar Winds and Wireshark/Ethereal, Cisco Prime Expert in configuration of Virtual Local Area Networks (VLANS) using Cisco routers and multi-layer Switches and supporting STP, RSTP, PVST, RPVST along with trouble shooting of inter VLAN routing and VLAN trunking using 802.1q. Configured RACL (Router ACL), VACL (VLAN ACL) and PACL (Port ACL) Experience on Data centre operations with Cisco Catalyst and Nexus switches, Load balancing technologies, configuring & troubleshooting of MPLS, BGP, OSPF and EIGRP. Working on Cisco Catalyst Series 3750, 4500, 4900, 6500; Nexus 2000, 5000, 6000, 7000 and 9000 series switches and Cisco 7200, 3800, 3600, 2800, 2600, 1800 series Routers. Cisco Security: Telnet, SDM, NAT/ACLs, AAA, Layer 2 Security, IPS/IDS, Cisco (ASA, PIX) 5510, Cryptography, VPN, IPSec. Experienced in Physical cabling, IP addressing, WAN configurations with routing protocols like EIGRP, OSPF, BGP, MPLS and frame relays. Hands-on experience with installing wireless controllers - Aruba Airwave and ClearPass, APs. Good understanding of OSI Layers and TCP/IP models, IP Addressing and Sub netting. Experienced provisioning SD-WAN service as automated failover solution. Responsible to maintain Infoblox and Active Directory. Established VPN tunnels between remote branch to head quarter and datacentres. Expert in creating Access Control List (ACL) on firewall and troubleshooting DNS/DHCP related issues. Configure VRRP & GLBP and VLAN Trunks 802.1Q & ISL, STP, Port Security on Cisco switches. Responsible for configuration of the firewall and Load Balancers like f5 and A10. Experience in migration of Cisco ASA firewall to Next Gen Palo Alto and Juniper SRX Extensive Experience in AAA protocols such as RADIUS, TACACS+ and Cisco ACS Experienced in escalating the issues regarding LAN and WAN reachability from the client side to ISP side. Highly experienced on troubleshooting routing and switching issues on Layer2 and Layer 3. Experienced on configuring Nexus 5k/2k series switches as a aggregator and fabric expander. Good knowledge on implementation and migration of traditional data centre with spine and leaf structure. Works on hardware refresh projects to deploy SD-WAN Viptela Vedge routers on remote sites to replace old MPLS circuits. Configures and monitors SD-WAN devices through VManage centralized management system. Hands-on experience on working with Nexus 9k and 7K as spine and leaf fabric on Cisco ACI. Configured Active and standby Palo Alto firewalls at edge location in Network. Experience in Implementation of site-to-site VPN tunnels from branch sites to the data centre. Migrated DMVPN configuration into Site-to-site configuration from remote sites to the Headquarter network. Responsible for providing connectivity from ISP to the client site network. Updated PAN OS on Palo Alto devices from version 7.1 to version 8.1 Worked on network topologies and configurations, TCP/IP, UDP, Frame Relay, bridges, routers, hubs and switches Installed, configured and managed Cisco Meraki switch series MS220-48LP, MS225-48LP, MS250-48FP & Meraki AP MR52, MR66, MR74 Experience in implementing IGP, VPN, and MPLS, Network system maintenance, issues connectivity and System upgrading. Excellent in communication Network Design, Network Protocols and firewalls. Execute DHCP, DNS, IPAM configure on the servers to allocate Experience with moving data centre from one location to another location, from 6500 based data centres to Nexus based data centre. Basic and advance F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 and general troubleshooting of the F5 load balancers Responsible to Enable LLDP (Link layer Discovery protocol) on all Network devices. Worked on upgrading Cisco ISE 3300 Appliances and 1.0.4 Cisco ISE software on VMware. Experience on dealing with Cisco ISE Secure Network Server 3515 and other network security products Managed inventory of all network hardware. Management and monitoring by use of SSH, SYSLOG, SNMP, NTP. Worked on PCI Firewall ACL Addition change which enabled the new antivirus, Carbon Black, to get updates Technical Skills:Cisco PlatformsNexus 7K, 5K, 2K & 1K, Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900,3850, 9300 series)Juniper Platforms SRX, MX, EX Series Routers and Switches. Networking Concepts Access-lists, Routing, Switching, Subnetting, Designing, CSU/DSU, IPSec, VLAN, VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi. Firewall ASA Firewall (5505/5510), Checkpoint, Cisco ASA, Palo Alto. Network Tools Solar Winds, SNMP, Cisco Works, Wireshark, Infoblox. WAN technologies Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET.LAN technologies Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channel, VLANS, VTP, STP, RSTP, 802.1QNetworking ProtocolsRIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA, IPv4 and IPv6.Security ProtocolsIKE, IPSEC, SSL-VPN.Operating Systems Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix. Professional Experience:Costco, Issaquah WA Oct 2023 to Till DateRole: Sr. Network EngineerResponsibilities: Responsible for establishing end to end connectivity to onboard new clients for various financial applications hosted in servers located to different datacentres all over the USA. Handling new connectivity process from the scratch including placing orders for new devices and MPLS circuits. Installing new F5 Load Balancers i.e. BIG IP 7255/3900 Modifying LTM traffic behaviour with persistence i.e. cookie persistence Responsible to manage High Availability scenario for active and stand by F5 devices. Working on F5 irules to SNAT the LTM traffic. Playing a key role in migrating old TMG server to new F5 Proxy devices in DMZ zone. Configuring LTM VIPs for inbound traffic on DMZ Load Balancer. Responsible to open firewall ports on outbound traffic from proxy devices in DMZ to client site. Troubleshoot the LTM issues on blocked traffic from DMZ zone to backend servers through the DMZ proxy device and backend VIP. Responsible to manage SSL certificates in case of ssl offloading happening on F5 Load Balancer. Configure GTM Wide IP (WIP) to enable automatic traffic swing from production DC to disaster recovery DC in case of connectivity outage. Often working on Netscaler load balancers to bind the policy and whitelisting the certificates. Working with tcp dump utility to find out root cause with live traffic blockage. Support automation team to build a tool to query existing VIPs, pools and pool members. Deploying new Arista in small data centres to migrate old cisco switches i.e. arista 7050 as a super spine and arista 7010 as a leaf Configure HSRP (Hot Standby Routing Protocol) on client edge routers to leverage High Availability and perform failover scenarios. Supports AWS cloud solution with VPC and EC2 operations on daily basis Configuring Application Load balancers (ALB) in AWS to support high availability of EC2 instances Deploying and managing F5 load balancer and Palo alto firewalls in AWS cloud and establish On-Perm to cloud network connectivity. Managing AWS security groups to provide access from sources to the EC2 instances and Load balancers Create Virtual Port-Channel on NX-OS devices to connect two devices in order to have High Availability. Working on arista CVP portal to provide 0 touch provision of new arista deployment. Responsible to add new static routes, advertising new EIGRP subnet and open firewall ports towards CVP server on remote site through the MPLS/VPLS circuits. Responsible for configuring switchport and interface assignments for new servers. Collaborate with clients to establish new connectivity from client sites to primary and secondary datacentres with MPLS and DMVPN solutions. Create and manage VRFs on cisco 4300 edge routers. Providing support for Datacentre interconnectivity with switching and routing technologies like VPC, VPD, VRF, EIGRP, BGP Managing IP subnets for NATs, VIPs, Servers, VMs also creates new VLANs for capacity add projects. Developed Ansible playbooks to automate routine tasks, including network provisioning and configuration management, significantly reducing manual effort and accelerating deployment times. Leveraged Python scripting for automation and network troubleshooting, enhancing monitoring capabilities for live traffic and streamlining operational workflows. Utilized data structures to improve problem-solving and optimize network performance during troubleshooting and system enhancement efforts.Comcast, Philadelphia, PA Aug 2021 to Sep 2023Role: Network EngineerResponsibilities: Supporting EIGRP and BGP based network by resolving level 2 &3 problems of internal teams & external customers of all locations. Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support Upgrade, Cisco Routers, Switches and Firewall IOS using TFTP. Updated the HP open view map to reflect and changes made to any existing node/object. Handled configured the Gateways, Voice Gateways. Configuring HSRP between the 3845 router pairs for Gateway redundancy for the client desktops. Configuring STP for switching loop prevention and VLANs for data and voice along with Configuring port security for users connecting to the switches. Ensure Network, system and data availability and integrity through preventive maintenance and upgrade. Completed service requests (i.e. IP readdressing, bandwidth upgrades, IOS/platform upgrades, etc.) Involved in L2/L3 Switching Technology Administration, including creating and managing VLANs, Port security, Trunking, STP, Inter-Vlan routing, LAN security. Worked on the security levels with RADIUS, TACACS+. Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies. Identify, design and implement flexible, responsive, and secure technology services. Supports AWS cloud solution with VPC and EC2 operations on daily basis Configuring Application Load balancers (ALB) in AWS to support high availability of EC2 instances Deploying and managing F5 load balancer and Palo alto firewalls in AWS cloud and establish On-Perm to cloud network connectivity. Managing AWS security groups to provide access from sources to the EC2 instances and Load balancers Experience with Firewall Administration, Rule Analysis, Rule Modification Implemented Positive Enforcement Model with the help of Palo Alto Networks. Innovated with support of Palo Alto for remote and mobile users and for analysing files for malware in a separate (cloud-based) process that does not impact stream processing. Created standard access lists to allow SNMP, NTP and logging servers. Documented new VPN enrolments in a database and create standard procedures for further improvement. Troubleshoot traffic passing managed firewalls via logs and packet captures Managed fast Layer 3 switched/routed LAN/WAN infrastructure as a part of Network team. The LAN consisted of Cisco campus model of Cisco 3550 at access layer, Cisco 6513 at distribution/core layer. Configure VRRP & GLBP and VLAN Trunking 802.1Q & ISL, STP, Port Security on Catalyst 6500 switches. Negotiate VPN tunnels using IPSec encryption standards and also configured and implemented site-to-site VPN, Remote VPN.JPMorgan Chase & Co. May2017 to July 2021Role: network Engineer Design, Implement, Operate and Maintain all facets of an Enterprise Network with multiple data centres and over 120 remote offices of varying sizes, servicing over 15,000 end users and millions of members; utilizing the latest technologies in routing (Cisco ASRs and ASR-Xs) Switching (Cisco Nexus line 9K,7K,5K and 2K) Firewalls (FTD 9300, 4100, 2100 series). Migration of ASA Firewalls ASA 5525, 5555-X, 5585 to Cisco Firepower Threat Dfense (FTD) 4110 and 9300 for tightening the IT Security of the Company's Infrastructure and increase the handling capability of Network traffic. Deployed Firepower Management Centre (FMC) 4500 in HA pair mode for managing and configuring the new generation FTD Firewalls devices and policies for security of network. Implementation, configuration and deployment of Cisco next generation of FTD firewall for security enhancement. Configuration, troubleshooting of IPSec VPN tunnel and coordinating with vendor while creating VPN tunnels with them. Troubleshooting and maintenance of Cisco Identity Service Engine (ISE) utilizing 802.1X to enable the creation and enforcement of security and access policy for end users laptop and the desktop access of company network. Creation of profiles, monitors, virtual servers, iRules, pools and load balancing method on F5 LTM as per enterprise naming conventions. Evaluated existing F5 LTM configurations, designed, defined and implemented changes. Consulting with application engineers on new application load balancing requirements for internal and external facing sites. SSL profile and cipher tuning and renewing certificates. Coordinating with IT Security team for compliance report and eliminate vulnerabilities from the Network devices by configuring them properly according to compliance report for preventing devices vulnerable. Maximizing network performance by monitoring, troubleshooting network problems and outages scheduling and conducting upgrades and collaborating with team on network optimization. Coordinated with team of Network Engineers regarding BGP/OSPF routing policies and designs. Responsible for LAN/WAN network design and implementation. WLAN security configuration and deployment. Project involved multiple hardware device environment such as Cisco Nexus 3k/5k/7k series switches and Cisco Routers, Firewalls, F5 Load Balancer and other Networking devices. Worked on design and implementation of Data centre migration. Designed, Implemented and Troubleshot Cisco 3750, 3550, 3560, 2924, 6509-V-E, 6513, 6504, 6503, 6506, 6500 series switches, GSR, ASR routers with Cisco IOS and IOS-XR and NX. Installed, configured and managed Cisco routers such as 1001-X, 1002-X, 7200 series, 3800 series, 3700 series, 2800 series and Cisco Catalyst switch series 6500, 4500, 3500, and 2900. Worked on Upgradation of data centre network environment with Cisco 5520 Wireless Controller to Support centralized, distributed, and mesh deployments. Configured ACLs on Cisco Switches as well as configured routers as terminal servers. Configured Cisco Wireless LAN Controller (WLC) 5500, 4400 series and Lightweight Access point. Supported OSPF and BGP based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations. Worked on Racking, Stacking, configuring Nexus 9K, 7K, 5K, 2K. Installed Wireless Access Points (WAP) at various locations in the company. Actively involved in switching technology Administration including creating and managing VLANS, Port security, 802.1x, Trunking 802.1Q, RPVST+, Inter-VLAN routing, and LAN security on Cisco Catalyst Switches 4507R+E, 4510R+E, 6509-E and Cisco Nexus Switches. Qualcomm India Pvt. Ltd Aug 2016 to Apr 2017.Role: Network EngineerResponsibilities: Developing relationship with client in optimized network solution using best of practice and emergent technologies. Enterprise WAN and LAN design and implementation for serval large corporate projects. Responsible for designing, planning and implementing all aspects of the all-network infrastructure to support data, VoIP and server. Designed, Implemented and troubleshooting of Cisco 2960, 3750, 3550, 3560, 6509-V-E, 6500/4500 series switches, GSR, ASR, routers with Cisco and IOS-XR and Nexus 5000/2000 series switches. Working on installing, configuring and troubleshooting of Cisco routes (7600, 7500, 7200, 3800, 3600, 2800, 2600, 1800, 1700, 800) Configured various BGP attributes such as Local preference, MED, Extended communities, Route-Reflector cluster, Route-maps and route policy implantation. Worked on Migration between EIGRP/OSPF to BGP between with multiple ISPs. Installing, Configuring and Administration of cisco routers and switches (mid and high end), Pix/ASA Firewalls, HP Switches, Juniper SRX/SSG Firewalls. Evaluate the performance of NOC team through several statistical and reporting methods and models. Serve as an escalation point for the NOC staff for complex issue resolution. Cisco ISE installation/configuration, integration of WLAN controllers with cisco ISE. Experience with converting WAN routing from EIGRP/OSPF to BGP which also involved converting from point- to-point circuits to MPLS circuits. Worked on Layer 2 protocol such as STP, VTP, RSTP and MST worked on other VLAN troubleshooting issues and configured switches from scratch and deployed them into network. Firewall technologies including configuration, risk analysis, security policies, rules creation, and modification on Cisco ASA/Juniper SRX command line & GUI. Implementation of site- to site VPNs, and DMVPN over the internet. Configured SSL VPN to facilitate various employees access internal servers and resources with access restriction. Firewall design and installation which includes application and URL filtering, Threat prevention, and Data Filtering. Cleanup work for F5 Load Balancer like unused pool, unbound VIP and unused Real server. Having Data Centre Design Experience, installing and Configuring Network Devices in a Data Centre including patching the cables in the Patch Panel.Education:University of New MexicoMasters in Computer ScienceAugust 2021 May 2024 Relevant coursework: Computer Networks, Cloud Computing, Distributed Systems, Parallel Computing Skills developed: Network protocols, routing, cloud network infrastructure (AWS), high-performance computing techniquesIndian Institute of Technology, KharagpurIntegrated Masters in Exploration GeophysicsAugust 2011 August 2017 Degrees: Bachelor of Science (Honours) and Master of Science in Exploration Geophysics Awards: INSPIRE Scholarship, awarded by the Government of India for academic excellence |
