| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidate Name: JavedRole: Network/Security Engineer
Contact No.: PHONE NUMBER AVAILABLEEmail: EMAIL AVAILABLE
Professional Summary:
Professional network and systems engineer with over 11 years of experience designing and managing network, security, and server infrastructure. Mentored hundreds of new engineers resolved escalated issues and implemented solutions to complex business needs.
Professional network and systems engineer with over 11 years of experience designing and managing network, security, and server infrastructure. Mentored hundreds of new engineers resolved escalated issues and implemented solutions to complex business needs.
CCNA, CCNP Certified professional with 11 years of experience with networking installations, configurations testing, troubleshooting, implementing, optimizing, maintaining enterprise data network and service provider systems.
Led the upgrade and configuration of Citrix NetScaler gateway appliances in a production environment. Worked on Cisco Nexus 9000 family of switches whose hardware is based on Cisco ACI.
Design expertise for the SD-WAN (Versa & Viptela), SD-LAN and WAN optimization technologies for efficient delivery of the application data across LAN and WAN.
Analyze network traffic PCAP and Tcpdump with Wireshark.
Narrow down anomaly traffic with Wireshark for hostile string or domain.
Experience with working on latest cisco switches like Nexus 2000, 5000, 6000, 7000 and 9000 series switches while implementing advanced features like VDC, VPC, OTV and Fabric Path.
Well versed in ACI technology, starting from Fabric discovery to end datacentre deployment.
Designed, configured, and integrated 9504 and 9372 switches into data center environment and Implemented OTV in multicast environment.
Configured Access policies, static bindings, EPG's, Bridge Domain and VRF.
Worked on connections handoff using Bridged Interface to an External Route. L3 - EPG configurations, AEP configurations and Expert in GUI of ACI.
Trained new employees on how to bring up the ACI fabric and Basic configurations of Tenants/BDs/EPGs Networking and OOB Management configurations of Leaf/Spine Switches.
Configured the tenets, VRF's and EPGs in ACI APIC cluster.
Hands on experience in configuring Cisco Nexus 2232, 2248, 5548, 6001 and 7018(Sup 2E) and worked on nexus protocols VPC, VRF, VDC and FEX Links.
Worked on troubleshooting port issues regarding QSFP, CRC errors, Cable replacements in Production environment. Provide technical support on Nexus 2000/9000 switches and operating systems (NX-OS) create vPC
domain, design single sided VPC, design double sided VPC, design VPC peer-keepalive, VPC peer link, VPC member ports.
Experience configuring VPC, VDC and ISSU software upgrade in Nexus 7010.
Deployed the Nexus 9000 Application Virtual switch to support network telemetry applications and 9000 Core with VPC and 3172 TOR.
Configured ACI integration with VMware and Worked on integrating existing Layer 2 and Layer-3 networks with ACI.
Configure EPG, update APIC, implement access and fabric policies in Cisco ACI environment.
Worked on Bridge Domains, VXLANs, VTEPS, VNID. Configuration of routing using BGP among multiple Leaf to spine switches. Thorough understanding of Application Profile, Tenants, End Point Group, Inter Subnet Tenant Routing, Routing within Tenants, Router Peering and Redistribution.
Worked on Migration project from traditional data center Architecture to Spine Leaf.
Hands on Experience in configuring and troubleshooting Cisco routers, WIFI wireless Controller, Cisco catalyst, Nexus switches, Citrix net scalar, ASA, Palo Alto Next generation, and Firepower Threat D fense FTD Next generation Cisco Firewalls.
Manage and monitor multiple commercial-sourcing agreements such as Master Service agreement (MSA), Statement of work (SOW) and 120+ service level agreements (SLA).
Installation of Windows 2003 enterprise and standard editions, R2, Windows 2000 standard and advanced server editions.
Experienced in DHCP, DNS, NIS, SMTP, IMAP, ODBC, FTP, TCP/IP, LAN, WAN, LADP, security management and system troubleshooting skills.
Proficiently implemented traffic filters using Standard and Extended access-lists, Distribute- Lists, Route Maps, and route manipulation using Offset-list.
Access control server configuration for RADIUS and TACACS+.
Experience with Network security, Routing and Switching,
Experienced in python and ansible script to automate to configure the network devices for last two projects infrastructure-as-code, and
Experienced in Design of network Security using Palo alto and ASA Firewall for Datacenter from past 5 years
Experience in implementing network security using NAT, PAT, ACL, IDS, IPS and ASA firewalls.
Developed Merge jobs in GitLab for Ansible script to automate and find the delta between Production and Test devices
Experience with Firewall migrations from Cisco ASA to Cisco Firepower.
Experience on working with Wireless enterprise (Cisco & Aruba)
Configured VPC and Fabric Extender on Nexus Switches.
Extensive knowledge on configuring and troubleshooting STP, PVST, RSTP, MSTP, VLAN, Inter- VLAN routing, Trunking (802.1q & ISL), Port channels (LACP & PAgP).
Experienced in working on network monitoring tools like SolarWinds, Nagios, NetFlow, Sniffing tools like Wireshark and tcpdump.
Created different application policies in the ACI including Tenants, Application Network Profile (ANP), End Point Group (EPG), Contracts, Filters & Labels.
Worked in for the NextGen Datacenter Cloud Architecture, using Cisco ACI and Nexus 9K.
Configured ACI Policies, Tenants, Bridge Domain, Private Networks, Contracts and Filters.
Integrated layer 4 - 7 services (ASA) with ACI.
Upgrade IOS and configure routers and switches according to documentation.
Deployed ACI Greenfield and Migrated from Legacy network.
Supporting and Troubleshooting ACI Micro-segmentation and Worked with Cisco ACI & Kubernetes/Docker integration.
Provided AWS Hybrid solution to our client.
Fabric Access Policy include to create switch policies, interface policies, AEPs, Physical and External Domains.
Expert in performing deep packet analysis to troubleshoot network and application issues using Wireshark.
Experience with design and implementation of data center migration and ACI.
Strong understanding of current and future technologies including TCP/IP, IPv4/v6, RIP, EIGRP, OSPF, BGP, Frame Relay, ACL, VPN, Wireless LAN, and configuration of VLANs.
Strong communicator: able to interact effectively and positively with individuals of all technical abilities; An Out- of-the-Box Thinker, believe in Teamwork & Team Spirit, Decision Maker, Proactive, Customer Focused & Good Documentation / Presentation Skills.
Technical Skills:
Cisco Platforms
Nexus 9K, 7K, 5K, 2K & 1K, Cisco Catalyst switches (6500, 4500, 3750, 3650, 2960), ASR4431, ISR1009, Cisco 6509, 9300/9500 platforms, Cisco ASA PHONE NUMBER AVAILABLE, Cisco WSA Appliances, Cisco Routers (ISR 2900, 3900 series), Cisco IronPort ESASDN/ACI TechnologiesCisco ACI, VXLAN, VTEPS, VNID, L3-EPG, ACI APIC, SD-WAN (Versa & Viptela), SD-LAN, OTV, Fabric PathNetworking ConceptsRouting, Switching, VLANs, STP, RSTP, MSTP, VTP, EtherChannel, Inter-VLAN routing, Trunking (802.1q & ISL), Port channels (LACP & PAgP), VRF, VPC, VDC, DHCP, DNS, NIS, SNMP, TCP/IP, LAN/WAN, VLAN, VPN, IPv4/v6FirewallCisco ASA (5500 series), Palo Alto (PA-3000/5000 series), Cisco Firepower Threat Defense (FTD), CheckpointNetwork ToolsWireshark, TCPDump, SolarWinds, Nagios, NetFlow, Orion, Citrix NetScalerLoad BalancersCitrix NetScaler, F5 Load BalancerWAN technologiesMPLS, OTV, Frame Relay, WAN Optimization, SD-WAN, ISDNLAN technologiesEthernet, Fast Ethernet, Gigabit Ethernet, 10 Gigabit Ethernet, Port-channel, VLANs, Trunking, VTP, RSTPSecurity ProtocolsIPSec, SSL VPN, NAT, PAT, ACL, IDS/IPS, AAA, TACACS+, RADIUS, DMZ, VLAN taggingNetworking ProtocolsWireshark, TCPDump, SolarWinds, Nagios, NetFlow, Orion, Citrix NetScalerLanguagesPython, AnsibleOperating SystemWindows Server (2003/2008), R2, Windows 2000, LinuxCertifications: Cisco Certified Network Associate (CCNA)
Cisco Certified Network Professional (CCNP)Professional Experience: Lake Charles, LA Nov 2022 to Current
SASOL, Sr. Network Engineer
Responsibilities:
A Senior Network engineer responsible for managing the Network operations and support during technology implementation and their day-to-day activities
Ensured minimal downtime and seamless integration during Citrix NetScaler gateway upgrades. Configured and managed Cisco Firepower Threat Defense (FTD) for securing network infrastructure. Configured and managed Cisco Secure Firewall Management Center for centralized firewall management. Troubleshot and resolved issues related to Cisco ISE. Involved in Designing and configuring Distributed Cisco ISE Deployment (12 Nodes).
Tier 4 Network Engineer, Responsible for Re-architecture, and Implementing Cisco Next Generation Firewalls across the Network.
Configured and managed Citrix NetScaler SDX appliances for high availability and load balancing. Implemented Riverbed WAN optimization solutions to enhance network performance. Participate in IT infrastructure Planning & designing network projects, involved in network designing, technical proposal write up and documentation for data center migration.
Design expertise for the SD-WAN (Versa & Viptela), SD-LAN and WAN optimization technologies for efficient delivery of the application data across LAN and WAN.
Designing and providing support of Routers, Switches, Security Solutions, VPNs, L4 -7 Load
Balancers, SD-WAN and Network Management Solutions across LAN/WAN.
Experience of OTV, VXLAN with Strong understanding of SDN and SDWAN Migration of legacy WAN network to SD-WAN with virtual firewalls on WAN routers Migration of the company s 200 sites from legacy hub and spoke legacy WAN network to SD- WAN to support a star topology with virtual firewalls at the remote sites.
Created a wide range of technical documentation (HLD, LLD, Transitions phases, migration test plans, Migration Checklists, Risks and Impact analysis, LAN standards).
Developed data center Migration Runbook (Migration Approach, Pre-Cutover Activities, Cutover day Activities, Post cutover Activities, Communication Plan, Monitoring plan, Rollback plan)
Implementing and troubleshooting firewall rules in Cisco ASA 5510, 5585
Responsible for Cisco ASA firewalls configuration and administration across global networks for providing IPS/IDS.
Configured and managed Cisco ISE for secure network access control. Configured and managed Cisco DNA for network automation and assurance. Analyze network traffic PCAP and Tcpdump with Wireshark.
Narrow down anomaly traffic with Wireshark for hostile string or domain.
Experience installing and administering firewall and IDS/IPS systems in enterprise networks including in data center. Configured and managed Cisco ISE for secure network access control. Configured Infoblox DHCP and DNS services to support network operations. Implementing security Solutions using Palo Alto Pa-5000/3000, Cisco ASA
Installed and upgraded antivirus, applied security patches as per policy and monitored network security compliance.
Provide Health Check support for End Customers with Cisco WSA Appliances.
Creating automated scripts using Python language, which will parse all trace files and calculate throughput, latency and drop rate. Troubleshot and resolved issues related to Cisco ISE. Create new and support existing automation Python code for internal applications
Installation, Configuring and maintenance of Cisco Layer 3 switches 2960 -X,2960-XR 2960C, 3750, 3850, 4500- X, 4507,4509, 6506, 6509, 4510, Nexus 7K/5K/2K/3K switches, ASR4431, ISR1009, 2600, 2900, VG 224 Routers, ASA 5585 firewall, Citrix NetScaler, Brocade, and Dell devices
Expertise in the administration, support and operation of the Orion Solar Winds platform including Network Performance Monitoring (NPM), NetScout, Network Configuration Manager, Server & Application Monitor (SAM), NetFlow, Traffic analyzer and IP address Manager.
Implemented Cisco ISE for delivering consistent, highly secure access control across wired and wireless multivendor networks and remote VPN connections.
PCI Compliance auditing with Cisco/Aruba Wireless Security Assessments & also Wireless Site Surveys. Configured load balancing for high availability and redundancy. Performed IOS and NXOS Upgrades on cisco router and switches as per company standards.
Decommissioned of EOL/EOS devices in data Center, which involved working with Partner Companies.
Setup the DMZ, Internal and External VLANs, Trunking and IP addressing on the leaf switches
Enabled PIM-SM in the transport network and EIGRP in the control plane for optimal routing of traffic and equal- cost multipathing (ECMP) in the fabric between the leaf and spine switches
Integrated Tufin products into complex security environments with all Cisco Firewalls, SIEM (IDS/IPS), switches, routers, and other security tools
Palo Alto integration with VMware Virtual Desktop infrastructure.
Configuration of Palo alto series firewalls and implementation for outbound traffic via blue coat proxy server.
Configuration of Azure API gateway service.
Developed custom dashboards and reports in Splunk for network monitoring. Worked with level 2 team on migration project of CMAs from one Provider-1 to another Provider- Worked on changing global objects and global rules to local objects and local rules for migration project.
Cleveland, OH July 2018 Oct 2020
Park Place Technology, IT Lead APAC
Responsibilities:
Used Cisco ACI (Application Centric Infrastructure) SDN architecture to reduce operating costs, automate IT tasks, for greater scalability and visibility in a data center environment.
Conducted performance testing and tuning of Riverbed WAN optimization solutions. Used Cisco ACI Fabric which is based on Cisco Nexus 9000 Series Switches and the Cisco Application Virtual Switch (AVS). Implemented security policies and optimized performance on Citrix Netscaler SDX. Developed and executed upgrade plans for Citrix NetScaler appliances, ensuring secure and efficient operation. Troubleshot and resolved BGP-related issues to ensure optimal network performance. Configured and managed EIGRP for efficient routing within the network. Implemented Cisco ACI infrastructure for supporting rapid application change by reducing complexity with a common policy framework that can automate provisioning and resource management.
Troubleshot and resolved EIGRP-related issues to ensure optimal network performance. Deployed Cisco UCS, Cisco ACI data center switches like N9K, N5K, Cisco FI switch 6200 and Cisco 3850 switches, etc.
Configured and managed Cisco DNA for network automation and assurance. Experience in Cisco ACI Integrating Layer 2, Layer 3, L4-L7 and VMware with ACI
Design & Implemented (Application Centric Infrastructure) Cisco ACI Fabric based on Nexus 9500 & 9300 platforms in a lab environment for POC.
Understanding of Cisco ACI (Application Centric Infrastructure) and other SDN technologies
Developing transition mechanisms to deploy SDN within traditional IP networks
Working on tickets for International Circuit and Sites related Issues, contacting International Providers like SITA, OSPF, DCNM (Ver 9,10,11), VX LAN
Managed project risks and implemented mitigation strategies. Monitored and optimized load balancing performance. Managed Cisco Nexus 5k and 9300/9500 switches for the data center in Cisco data center Network Manager (DCNM) and timely upgrades of Cisco IOS XR, Nexus OS.
Experience working with hardware and software in a large, complex storage environment, including configuration of new environments (Cisco DCNM)
Designed 10 gigabit networks using Cisco Nexus 7000 series switches,
Performed OS upgrades &device replacements on several Cisco devices (6500, Nexus 2K, 3K, 5k,6k and 7k and 9k series switches).
Integrated Splunk for network data analysis and visualization. Involved in Designing and configuring Distributed Cisco ISE Deployment (12 Nodes).
Implemented VxLAN on OpenStack to data center network
Worked on redesigning the network drawings to provide detailed information about the logical and physical connectivity of newly built data center with extensive use of Cisco DCNM
Supported Cisco ACI fabric networks, including python automation.
Environment: In Corporate office architecture with highly reliable & secured network including Cisco ACI Infra, Cisco ASA, Routing Protocols (EIGRP, RIP, OSPF, BGP), 9K, 7K, 3550, 3560, 2924, 1400, 6513, 6504, 6503, 6506,
6500 series Routers & Catalyst switches, Switching protocols (VTP, STP, GLBP), Cisco WSA Citrix NetScaler, Nexus 7K/5k/2K, Multicasting, Bluecoat Proxy, VPN, Data Centre Migration, VMware.
Kula Lumpur, Malaysia Aug 2017 June 2018
DXC Technologies, Network Engineer
Responsibilities:
Worked to help clean up legacy FW policies and create migration path from current ASA to next gen Palo Alto firewall.
Provided technical support and troubleshooting for Riverbed WAN optimization deployments. Responsible for design, Implementation and Maintenance of data center on CISCO ISR 4300, CISCO 3560.
Designed and implemented load balancing solutions using F5 and Citrix NetScaler. Migrated legacy Catalyst 6509 distribution switches to Nexus 7700 c7718.
Collaborated with IT and network teams to troubleshoot and resolve issues related to Citrix NetScaler infrastructure. Provided technical support and troubleshooting for Citrix NetScaler SDX deployments. Responsible for configuring, maintenance and troubleshooting of cisco 3650, 4948.
Duties included monitoring network performance using various network tools to ensure the availability, integrity and confidentiality of application and equipment.
Planned migration of servers from traditional Nexus environment to Application Centri c Infrastructure (ACI).
Worked on migration of HP Blade chassis to ACI.
In the spine, joined the multi-Pod fabric and all the policies configured on the APIC controller are pushed to that device.
Upgraded HP ProCurve switches to cisco 3650's which support ISE.
Created Interface profile and Interface policy groups on ACI.
Configured Access policies, static bindings, EPG's, Bridge Domain and VRF.
Worked on remote site switch replacement project where I replaced HP Switch to cisco 3650 along with Access points.
Audited all the VLAN's and found servers to migrate them to ACI.
Migration of core routers from legacy to Nexus 9508.
Developed detailed project plans including timelines, resources, and risk assessments. Design Next generation data centers with Nexus, ACI, OpenStack, DCI, EPGs/bridge domains, OTV, and VXLAN.
Configured VPC and Fabric Extender on Nexus Switches.
Worked on Nexus platform 7010, 5K series and FEX (2248, and 2232) and deployed VPC, VDC and OTV, Fabric Path and successfully implemented VSS on the Cisco catalyst switches (6500, 6509,6800).
Providing Layer-3 redundancy by implementing HSRP in the network.
Kuala Lumpur, Malaysia April 2016 July 2017
SWIFT, Network Security Engineer
Responsibilities:
Responsible for installation, troubleshooting of firewalls (Cisco firewalls) and related software, and LAN/WAN protocols. Documented upgrade processes, configurations, and troubleshooting procedures for Citrix NetScaler appliances. Coordinated with cross-functional teams to ensure successful project execution. Provided technical support and troubleshooting for Infoblox deployments. Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls (160+ firewalls) - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
Installed and configured Cisco IronPort ESA and WSA appliances. Installed and administered ACS servers (3.x,4. x. 5.x) to provide AAA services for VPN, wireless, device administration. Plan and Migrate ACS from 4.0 to 5.x appliance.
Conducted load balancing assessments and provided recommendations for improvements. Create new and support existing Python code for internal applications
Building configurations for Cisco routers with features like port security, VLANS, VTP, PVST+.
Maintained Aruba Network, in two different data centers, for over 1500 remote home users (VPN)
Selected as the one person hired from the contractor to maintain the wireless network
Reengineered the LAN to provide more reliable services and to reduce the latency, analysed the NT domain in the Austin office to determine all the problems
Drive the project for implementing WAN solutions at the DaVita Global solutions headquarters giving highest redundancy and increased efficiency with 2 ISP links and 2 MPLS circuits saving $20,000 per year cost baseline.
Installed and provisioned close to 2000 AP's and RAP's.
Upgraded HP ProCurve switches to cisco 3650's which support ISE.
Configured Guest Access using ISE. Created security Profiles based on the company s requirement
Worked extensively in Configuring, Monitoring and Troubleshooting Checkpoint, Cisco s ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/ natting with the firewalls as per the design.
Access Control Server configuration for RADIUS & TACACS+.
Utilizing Aruba's built in analytical, management and security features to troubleshoot wireless issues.
Worked on Palo Alto PA-3000 Series to manage network traffic flows using dedicated processing and memory for networking, security, threat prevention and management
Created subnets (on these switches) from the given Class B and Class C addresses to support the VLANs.
Responsible for developing and deploying Solar Winds which includes WAN/LAN and server monitoring, reporting, and alerting and Configure Orion alerts.
Installed and upgraded antivirus, applied security patches as per policy and monitored network security compliance.
Coordinated with cross-functional teams to ensure project milestones were met. Used the Wireshark and other traffic analyzer to troubleshoot network issues.
Environment: Series T1 Controllers, DS3 Lines (T3 Lines), Palo Alto (PA-4000/PA-2000) Fiber and Ethernet cabling, Cisco ESA, Nexus 7010, 5020, McAfee Web Gateway, Security Analytics, Citrix NetScaler. Cisco 4500, 6500 VSS, Nexus VDC, vPC
Kuala Lumpur, Malaysia Sept 2012 to Mar 2016
Korean Airlines, Network Engineer
Responsibilities:
Design traffic flows in BGP using standard and extended access-lists, Distribute-list and Route Maps, MED, and Local Preference to load balance traffic across multiple ISP links.
Design and develop infrastructure software for network management system and monitoring for one of the largest networks, containing SDN, traditional routed and traditional optical mode.
Part of the team that manages the IP|MPLS VPN and Clients Enterprise Network to ensure all services. Developed load balancing strategies to improve application delivery. Cisco Systems ESA Email appliance (150/170 series), switches (2900/3500 series), and Routers (3200/3600/3800 series).
Lead design and implementation engineer for VoIP projects consisting of 100 to 15,000 IP Phones and Analog devices.
Designing, Implementing LAN/WAN configurations on Cisco Nexus 5k, Catalyst 6500 switch.
Assist customers with Certificate Updates, Load balancing through Citrix NetScaler.
Configuring and resolving various OSPF issues in an OSPF multi area environment.
Configured and designed Access layer switches such as Cisco 4510, 4948, 4507 switches.
PCO (Provisioning Control Office) function in support of Mobility Network Provisioning.
Responsibilities are including managing the order process which encompasses order tracking, validating engineering, documenting, and publishing daily reports. This is involving all aspects of the provisioning process CISCO including, Ethernet, PPP, and other duties.
Configuration and maintenance of PIX and ASA firewall systems.
Configured DHCP scopes for voice and data VLAN segments.
Redistribution of OSPF and EIGRP into BGP with the correct tagging parameters from the old legacy network to route and to utilize the correct MPLS VRF VPNs provided from the bearers.
Implemented, Configured BGP WAN routing, converting OSPF routes to BGP (OSPF in local routing).
Expertise in maintenance of layer 2 switching tasks- VLAN, VTP, RSTP, configuration of ether channel with LACP and PAGP along with troubleshooting of inter-VLAN routing.
Implemented Cisco IronPort Security Management Appliance and IronPort ESA in DR site to provide redundancy across data centers for email flow.
Environment: Cisco 5550 ASA, Cisco LAN controllers (8500, 5760, 5500) Cisco Aironet Access Points (3700, 2700,1600, 700W), SolarWinds.
Education Details: Bachelor s in Computer Science, McNeese State University 2012 |
