Home

Sreeja - Network Engineer

[email protected]

Location: Los Angeles, California, USA

Relocation: Yes

Visa:

Sreeja A Network Engineer Ph: (512) 630-0609 Email: [email protected] Linkedin: linkedin.com/in/asreejaa PROFESSIONAL SUMMARY: Around 6+years of Experienced Telecommunications and Network Professional worked on medium to large scale environments, enterprise, and Data center networks. Expert in Switching, routing, Network Security, Application Delivery, Wireless, VOIP, Virtualization and SDN. Highly motivated with the ability to work independently or as an integral part of a team and committed to highest levels of professional, Experience in Networking and Security domain which includes Deployment and providing network support, installation, and Operation for a broad range of LAN / WAN Environment. Experience in installing, configuring, and maintaining Cisco Switches (3850, 6500, 6800, 9200, 9300, 9400, 9500, 9600 series) in enterprise Environment and Nexus 3k, 5k, 7k and 9k in Data Center Environment. Expertise in installing, configuring and troubleshooting Juniper EX Switches (EX9200, Juniper EX4600, Juniper EX4400, Juniper EX4300, Juniper EX4100, Juniper EX3400, Juniper EX9250 Series ). Experience in VPC, and VDC technologies. Experience working on Gateway redundant protocols HSRP, VRRP, and GLBP. Experience with Access, Distribution and Core Layer Architecture in Datacenter. Experience in Spine Leaf Architecture. Experience in installing, configuring and managing AAA Authentication servers RADIUS & TACACS+, DNS and DHCP servers and management by means of Infoblox and Active Directory Database Experience working in large-scale environments on high priority troubleshooting issues, several Proof of concepts for installations and Migrations to different vendor Equipment or implementing a new technology. IDF and MDF architecture, Datacenter Architecture and support roles, IOS upgrades, downtime procedures, Migration projects to different vendor equipment. Experience with Next Gen Firewalls PA-5420, PA-5420, PA-800 series, PA- 3200 series and VM series firewalls for both Internet and internal traffic filtering. Experience with Panorama M100 series and maintaining up to 75 firewalls in large networks. Experience in SSL forward Proxy, URL filtering and Policies on PA Firewalls. Experience on Fortinet FortiGate Appliances including 3200D, 1500D, 1200D running Latest 5.2 FortiOS. Experience with Zscaler Internet security and Zscaler private access. Worked on ZIA for internet web traffic security. Migrated from Ironports to Zscaler ZIA. Proficient in monitoring and managing networks using SolarWinds NetFlow Traffic Analyzer, Network Performance Monitor (NPM), Network Configuration Manager (NCM); Cisco Prime, Security Device Manager (SDM), Cisco Works; Infoblox, HP OpenView and Wireshark Expertise in installing, configuring, and troubleshooting of Routers Cisco ASR 1000, Cisco ASR 9000, Cisco ISR 4000 Series and Cisco ISR 1000 Series Experience on SCIM provisioning from Azure AD to Zscaler ZIA for users and groups sync. Experience with cisco ACI and Arista Cloud Vision on a POC. Knowledge on Spine leaf Architecture in Data center. Worked on EVPN, VXLAN, VTEPS, Bridge Domains, MP-BGP etc. Experience and high-level technical knowledge in OSPF, EIGRP, RIP and BGP routing protocols. L1/L2 troubleshooting skills in Routing in complex environments. Worked with MPLS over BGP. Worked on upgrading Edge routers, failing over ISP circuits for maintenance. Hands on experience on Azure cloud migrated number of applications from CIS private cloud to Azure. Experienced in network and applications diagnostic and reporting tools such as Wireshark, TCPDump, SSLDump, firewall session logs, Splunk, etc. Configured F5 LTM, series10000 & 20000 series for the corporate applications and high availability. Implemented LTM and GTM in DMZ and Internal network. Worked on software versions up to 12.1.2. Experience with upgrading software and hotfix. Proficient and high-level expertise using the F5 based profiles, monitors, VIP s, pools, SNAT, SSL offload, iRules, virtual Servers, iAPPs. Migration experience from ACE to F5/ old F5 to New F5. Expert in TMSH. Experience with manipulating various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation. Extensive Knowledge of the implementation of Cisco ASA 5500X series - 5505, 5510, 5512-X firewalls with Firepower module. Palo Alto firewall policies, panorama and Checkpoint firewalls NG, NGX. Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Experience with McAfee Web Gateways and Bluecoat Proxies for the internet traffic. Expert in IPS sensors in DMZ and inside network and device level proxy configuration for Internet traffic. Experience in WCCP. Experience working with Aruba and Cisco Wireless LAN controllers, Configuring and Provisioning AP s, Virtual AP s, RTLS, Wireless SSID s, remote and campus AP s, upgrading WLC, worked in Active/Active local Controllers and Master controller. Worked on RAP3 for remote access. Involved in troubleshooting network traffic and its diagnosis using tools like ping, trace route, Gigamon, Wireshark, TCP dump and Linux operating system servers. EDUCATION: Bachelor s- Bharat Institute of Engineering and Technology (Computer Science) Master s- Gannon University (Information Assurance and Cyber Security) CERTIFICATION: Cisco Certified Network Associate (CCNA) Palo Alto Certified Network Security Engineer (PCNSE) - Active Cisco Certified Network Professional (CCNP)-Active Aruba Certified Switching Associate (ACSA) TECHNICAL SKILLS: Networking Technologies LAN/WAN Architecture, TCP/IP, Frame Relay, VPN, VLAN, VTP, NAT, PAT, STP, RSTP, PVST, MSTP, WAAS Networking Hardware Cisco Switches, Cisco Routers, ASA/Pix/Palo Alto/Fortinet/Juniper firewalls. Routing Protocols OSPF, ISIS, EIGRP, RIP, MPLS, IS-IS, BGP, Multicasting Security Technologies PAP, CHAP, Cisco PIX, Blue Coat, Palo Alto, ASA, Fortinet, Checkpoint Network Monitoring SolarWinds, Wireshark, HRping, Whatsupgold, Infoblox Operating Systems Windows 7, Vista, XP, 2000, LINUX, Cisco IOS, IOS XR, IOS-XE, NX-OS Routers 2800, 2900, 3900, 3800, 3845, 4300,4500, 8300, 8500 ASR 1000X, 7206VXR, Juniper M & T Series. Load Balancers F5 Networks (BIG-IP), Netscaler (Citrix) Capacity & performance Cascade Riverbed (Flow Monitor), WAN Killer Switches CISCO 3850, 4600, 6500, CAT 9200, CAT 9300, CAT9400, CAT 9500, CAT 9600, 6800 Nexus 9k, 7k, 5k, Programming Languages C, C++, Perl, Power Shell, Python Simulation Tools GNS3, VMware, OPNET IT GURU, OPNET Modeler, Cadence Firewalls Juniper Net Screen (500/5200), Juniper SRX300, SRX320, SRX340, SRX345, SRX5600, SRX5800, ASA (5520/5550/5580), McAfee Web Gateway, Checkpoint, Palo Alto firewalls. AAA Architecture TACACS+, RADIUS, Cisco ISE Wireless Cisco Meraki wireless Access points (MR36, MR46, MR56, MR57), Aruba Access points 200, 207,300,320, Wireless controllers 7280, 7240, Cisco Wireless controller 5508 and Cisco Aironet 3700 series. Features & Services IOS and Features, HSRP, GLBP, VRRP, IPAM IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP and FTP Management, Open Stack, IVR s, HLD and LLD documents, Dell equal logics PROFESSIONAL EXPERIENCE: Client: Albertsons November 2023 Till Date Location: Los Angeles, CA Role: Network Engineer Responsibilities: Performed Configuration on ASR 9K Pairs includes HSRP, Bundle Ethernet Configuration, Assigning DHCP profiles Experienced in configuring Cisco Nexus 9K, 7K, and 5K series switches, specializing in VPC, VDC, and FCOE setups. Proficient with ASR 9000 series routers using IOS-XR and adept at AWS and Azure security, including RBAC, Azure Security Center, and Azure Monitor. Skilled in Azure Automation with Runbooks and Terraform scripts. Strong understanding of SD-WAN, routing technologies, and Nexus 3000 Fabric Extender (FEX) configuration. Expertise extends to security protocols like RADIUS and TACACS+, and deploying Cisco ISR 800, 1000, and ASR 1000 series routers. Experience configuring and troubleshooting on Citrix NetScaler Load Balancer. Resolved Customers request to create firewall policies for Cisco ASA, juniper SRX, Fortinet and NX-OS. ConfiguredVPC (Virtual Port Channel), VDC (Virtual Device Context) in Nexus 7010/7018 Created documents for various platforms including Nexus 7k, ASR9k, and ASR1k enabling successful deployment of new devices on the network. Installated and Configured Cisco Catalyst switches 6500, 3850 & 2960, 9300 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy it also includes the configuration of port channel between core switches and server distribution switches Worked on moving data center from one location to another location, from 6500 based data centers to Nexus based data center. Worked on the automation framework using Python scripting. Worked with Azure Resource Manager API, Azure CLI, and PowerShell for configuring and managing assets in Azure. Well Experienced with Azure networks and integration with on-premises infrastructure. Deployed and Maintained SDWAN solution, routers and Switches, Cisco ASR, Juniper SRX and Fortinet firewalls. Worked as a customer facing engineer to Deploy new hardware, Upgraded IOS, troubleshooted ongoing issues with Routing, Security, SDWAN and coordinate with support and professional services. Worked in multi-Datacenter environment for LAN and WAN connectivity Switching tasks include VTP, 802.1q, IP Sec and GRE Tunneling, VLANs, Ether Channel, Trunking, Port Security, STP and RSTP. Worked with VM segmentation (VMware NSX, Illumio, vArmour, GuardiCore), Firewall management and auditing (FireMon, Tufin, AlgoSec, RedSeal, Skybox, etc.) Sandboxing and Analytics (FireEye, Damballa, Check Point, Fortinet, Palo Alto) Network packet brokers (Gigamon, IXIA, NetScout) Performed virtualization and deployed various VMs using VMware ESXI 6.5. Worked with Nexus 9k (standalone and ACI) ASRs, N5K/2k, N7K, ASAs, UCS, ACS, ACI, VMware. Implemented changes on switches, routers, load balancers (F5 and CSS), wireless devices per engineer s instructions and troubleshooting any related issues. Configured Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000 to connect servers and storage devices. Worked on setting up MPLS Layer 3 VPN cloud in data center and working with BGP WAN towards customer. Configured Cisco 6500, 6800, 4500 VSS in Distribution layer of the Data center network. Network security including NAT/PAT, ACL, and ASA/SRX/Palo Alto/Fortinet Firewalls. Good knowledge with the technologies Site to Site VPN, DMVPN, SSL VPN, WLAN and Multicast. Well Experienced in configuring protocols HSRP, GLBP, PPP, PAP, CHAP, and SNMP. Worked with Palo Alto firewalls PA-5420, PA-5420, PA-800 series, PA- 3200 series using Panorama servers, performing changes to monitor/block/allow the traffic on the firewall. Technical assistance for LAN/WAN management and complex customer issues. Implemented and managed cloud security controls including identity and access management (IAM), encryption, network security groups (NSGs), and security information and event management (SIEM) integration. Hands on experience with Aviatrix by integrating with AWS to provide advanced network capabilities to enhance security features, network segmentation and global transit networking. Expert in configuring FortiNAC for precise network access control and micro-segmentation in NSX-t and NSX-v environments. Proficient with Azure technologies including Web Apps, Service Bus, and Azure Functions. Skilled in Juniper MIST for secure resource access and proactive root-cause identification. Experienced with Cisco 6500 VSS in data center distribution layers and switching technology administration on Cisco Catalyst and Arista 7K devices. Capable of executing security posture assessments using Tufin, Splunk, and FortiNAC. Upgraded the data center network environment from Cisco ASA 5520 to Checkpoint R80 & R81.x firewalls. Implementing and Managing VPN Networks of the Customer through Checkpoint R80 firewalls. Dealt with Aruba wireless access points 200,300 series supporting 802.11 ac. Fortinet Firewall administration configuration of FortiGate 3000, 3815 series as per network diagram Setting Aruba Access to link distribution switch system and then to WLAN controller. Installed and configured Meraki (MX80, MX60) Appliance via Meraki MX400 Cloud. Troubleshooted Fortinet Firewall, issues, edited policies and created rules. Fortinet Firewall administration configuration of FortiGate 3000, 3815 series as per network diagram Installed and configured Cisco Meraki (MR36, MR46, MR56) wireless Access points in the warehouses. Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, prevention where needed. Client: KPMG Sep 2022- Oct 2023 Location: Melville, NY Role: Network Engineer Responsibilities: Assisted in troubleshooting LAN connectivity and hardware issues in the network of more than 1000 hosts. Involved in troubleshooting IP addressing issues and Updating IOS images using TFTP. Maintained redundancy on Cisco 2600, 2800 and 3600 routers with HSRP. Monitor performance of network and servers to identify potential problems and bottleneck. Performed RIP & OSPF routing protocol administration. Configured OSPF over frame relay networks for NBMA and point to multipoint strategies Implemented traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF). Troubleshooted Cisco ISR 4000 Series, Cisco ASR 1000 Series, ASR9k, CRS, GSR 12k Series routers Implementing the necessary changes such as adding, moving and changing as per the requirements of business lines in a data center environment. Configured BGP features such as as-override, Local pre, EBGP load sharing on client connections Configured and resolved various OSPF issues in an OSPF multi area environment between multiple branch routers. Worked with Fortinet Firewall to create policy, HA and monitored malicious traffic. Provided daily network support for national wide area network consisting of MPLS, VPN and point-to-point site. Configured HSRP between the 3845 router pairs of Gateway redundancy for the client desktops. Configured GLBP, VLAN Trunking 802.1Q, STP, Port security on Catalyst 6500 switches. Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tunings AS-path Hand on experience the configuration and implementation of various Cisco Routers and L2 Switches. Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms. Built site-to-site IPSec VPNs over Frame-relay & MPLS circuits on various models of Cisco routers to facilitate adding new business partners to new and existing infrastructures. Configured routers and coordinated with LD Carriers and LECs to turn-up new WAN circuits. Configuring, Maintaining the Routers and Switches and Implementation of RIP, EIGRP, OSPF, BGP routing protocols and trouble shooting. Worked on the Infoblox DNS Traffic control, DHCP, and IPAM for the Network control; Worked on the implementation of Domain Name Service. Experienced in deploying SD-WAN module (CloudGenix) in the production network environment. Worked with setting up AWS direct connect to amazon S3, Amazon EC2, Amazon VPC. Upgraded 3x data centers network and Optical fiber infrastructures with an Arista spine-leaf. Worked on NSX VMware, AWS, Azure Etc. Worked with Load balancing device like F5 Big-IP local traffic manager (LTM) 1600 Worked on setting up tunnels from f5 devices to Zscaler cloud. Worked on Infoblox to update the DNS host and A records to assist the part of the migration. Worked on upgrading Palo Alto Firewalls, Cisco Routers, Nexus Switches, and Bluecoat proxy devices. Functioned as part of a Firewall and Security team in support of Checkpoint Firewalls, Zscaler Proxy, Juniper Portals, SecAuth, Open LDAP, and Active Directory. Managed DHCP, DNS and IP address thru Infoblox, and Admin for Internet sites access thru Zscaler. Replaced Checkpoint VPN and Bluecoat proxy with Zscaler and worked on implementing Zscaler in Production. Troubleshooted BMS components (Like DDC, Actuators, DPT, AFMS etc.) Knowledge and experience on 802.11 a/b/g/n Ethernet standard for wireless Technology. Troubleshooted Cisco routers, APs, Switches, Fortinet Devices and Meraki appliances. Created change tickets according to the scheduled network changes and implementing the changes. Client: Aspire Nxt Pvt Ltd August 2017 April 2022 Location: Hyderabad, IND. Role: Network Engineer Responsibilities: Provided technical support for expansion of the existing network architecture to incorporate new users. Network layer tasks included configuration of IP Addressing using FLSM, VLSM for all applications and servers throughout the company Configured STP for loop prevention on Cisco Catalyst Switches Configured VTP to manage VLAN database throughout the network for Inter-VLAN Routing. Worked in setting up inter-vlan routing, redistribution, access-lists and dynamic routing. Involved in configuring and implementing of Composite Network models consists of Cisco 2620 and, 1900 series ISR 4000 series, routers and Cisco 6500 & 9300 Series switches. Implemented various Switch Port Security features as per the company s policy Installed and troubleshooted networks with hand-on experience with OSPF, BGP, VPLS, Multicast, VPN, MPLS, & Traffic engineering. Involved in implementation of trunking using Dot1Q, and ISL on Cisco Catalyst Switches Worked with snipping tools like Ethereal (Wireshark) to analyze the network problems. Trouble shooting of BMS components (Like DDC, Actuators, DPT, AFMS etc.) Security configuration on Wireless LAN using protocols PEAP, EAP-FAST. Extensive implementation, and operational experience with Cisco Wireless LAN Controllers, wireless access points, and management systems Created policies, realms, rules, and responses to protect the applications and configure them to work under the SSO environment. Assigned RADIUS and TACACS for new deployments in production environment. AAA for users to implement changes on production devices. Configured Net Brain for Event-triggered automation helps isolate and mitigate threats before they become a disaster. Worked, configured, and troubleshoot Cisco ACI, Layer 2/Layer 3-out, BGP and OSFP. Great exposure to SDN and network virtualization technologies like Cisco ACI. Deployed VMs from Templates and customized the necessary configurations. Good Knowledge on Application Load Balancer (ALB) for routing traffic to targets (EC2 instances, Lambda functions, IP addresses) based on the content of the requests. Implemented, and maintained network security controls such as firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and network segmentation. Remediation of firewall rules from checkpoint firewalls to Cisco ASA firewalls and their implementation. Adding and removing checkpoint firewall policies based on the requirements of various project requirements. Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience. Keywords: cprogramm cplusplus sthree active directory information technology ffive hewlett packard California New York Pennsylvania South Dakota