Home

Rizwan - Network Engineer

[email protected]

Location: Coulterville, Illinois, USA

Relocation: Yes

Visa: GC

Rizwan Mohammed Abdul Sr. Network Engineer Email: [email protected] Phone: +1 (173)-2813-3315 Linked in: linkedin.com/in/rizwan-mohammed-abdul-01bb59276 PROFESSIONAL SUMMARY: Over 10 years of experience in Routing-Switching technologies, System design, Configuration and Troubleshooting of complex network System-Security Devices, Documentation of LAN/WAN networking system Experience with network hardware and technologies including firewalls, routers, switches, Gateway technologies, Ethernet, Fast Ethernet, Gigabit Ethernet, Wireless technologies Expertise in Routing protocol such as EIGRP, OSPF, BGP, MPLS, LDP Working experience with installing, implementing, maintaining, and troubleshooting Cisco Switches, Cisco Routers, Juniper EX Switches, Juniper Routers and Cisco Nexus Switches. Experienced in full stack developing web applications (Perl, PHP, HTML/JavaScript/CSS) Profound knowledge of implementing and maintaining Checkpoint R75/76 and Cisco ASA Firewall/PIX In-depth knowledge of TACACS+, RADIUS implementation in Access Control Network Strong hands-on experience on Cisco Catalyst (series 3850, 3560, 4500, 6500), Cisco Nexus (series 2K, 5K, 7K), Cisco Routers (series 7300, 4000, 3800, ASR 9000), Firepower (4100), Load Balancers (citrix NetScaler, Cisco ACE, F5 BIG-IP LTM/GTM ADC), IDS/IPS (HIDS, NIDS, NIPS, HIPS), Fire eye, Palo Alto Networks Firewalls (PA-820, series PA-3K, 5K). Served as the lead PowerShell developer in hundreds of Windows based migration and automation projects Experience with design and implementation of Virtual Switching System VSS for both User segment and server segment using 6509-V-E catalyst switches. Hands on knowledge/experience on F5 load balancers, its methods, implementation and troubleshooting on LTMs. Implemented Zero Trust Security Architectures: Designed and deployed Zero Trust security frameworks using micro-segmentation, multi-factor authentication (MFA), and strict access control measures to ensure that all network access is continually verified, regardless of location or user. Solid experience in VPN solutions including IPSEC VPN and B2B VPN, and integration of cloud environments such as Azure and AWS. Proficient and high-level expertise using the F5 based profiles, monitors, VIP s, pools, SNAT, SSL offload, iRules, virtual Servers, iAPPs. Migration experience from ACE to F5/ old F5 to New F5. Expert in TMSH. Implemented VDC, VPC, VRF and OTV on the Nexus 5505 and 7009 switches, Netgear switches Implementation and maintained Sourcefire intrusion detection/ prevention (IDS/IPS) system to protect enterprise network and sensitive corporate data Profound knowledge of TCP/IP, OSI, Spanning-tree protocol Strong understanding in WAN technologies including HDLC, E1, E3, T1, T3, ISDN, MPLS Working on IP Addressing schemes, Subnetting, VLSM, LAN/WAN protocol and provide IP services to fulfill network requirement in different environment. Successfully designed and implemented SASE solutions to enhance network security and optimize performance across distributed environments. Conducted thorough testing and quality assurance of SASE and SD-WAN solutions, ensuring high availability and performance. CCIE Network Engineer, AWS and Azure cloud Architect, passionate and hardworking with 8 years of experience in the IT industry with skills in the following areas: Expertise in using build tools like Maven and Ant for the building of deployable artifacts such as war & ear from source code. Application Deployments & Environment configuration using Chef, Ansible. Experience in layer 2 and 3 Routing and Switching Design and implement Cisco ACI in datacenters, create a strategy that allows use of containers, cloud orchestration tools for end users and developers Collaborate with application owners to define dependencies, map dependencies for better application workflow within ACI or public cloud use. Authored several scripts leveraging VMware s PowerCLI and Windows PowerShell to aid with capacity planning and monitoring of the virtualization infrastructure. Accomplished in script writing for system utilities (Perl, PHP, sh, csh). Define the migration from network centric model to an application policy model infrastructure, create plans in include ACI, Hybrid Cloud and use of containers and orchestration tools Create ACI migration plans (brownfield) create L2/L3 transitions. Map traffic flows for EPGs and BDs. Handle drivers for ML2 and GBP OpenStack integrations in corporate Cisco Nexus 9000 NXOS to ACI fabric to work in concert with existing Nexus 7000s and ASRs for MPLS Hands on experience with Cisco ASA s, Cisco Firepower FWs, FortiGate FW s Experience with setting up aws direct connect to amazon S3, Amazon EC2, Amazon VPC Experience working on Security groups in aws in vpc for traffic flowing between various virtual nets for dev, prod and uat instances. Worked on traffic flows from onpremises to Aws, aws to internet via virtual palo alto firewalls for services that include PAAS and IAAS Experienced with implementation, configuration and troubleshooting of compound layer 2 technologies such as VLAN, VLAN trunk and 802.1q, VTP, VTP pruning, Ether-channel, STP, RSTP, MSTP Experience in installing and configuring DNS, DHCP server and install DNS through Infoblox for highly scalability In-depth knowledge of implementing redundancy with HSRP, VRRP, default gateway and Ether-channel technologies. Based on provided OU and Group Policy design strategy, implemented scalable automation using Windows PowerShell for creating the AD structure for new sites and locations, allowing for significantly increased efficiency and accuracy Worked on the migration from Cisco ASA to the Palo Alto firewall and the configuration of User-ID s, App-ID s, SSL Decryption. AWS security group implementation via Terraform to create infrastructure as code. Network Optimization Improved network performance and reliability by leveraging SASE architecture to streamline traffic management and reduce latency. In-Depth Knowledge and experience of various wireless 802.11 standards, controllers, Access Points, Wi-Fi analytics from various vendors (Cisco Meraki, HPE /Aruba, D-Link and Netgear), SD-WAN (MX 65, MX100, MX400) Proficient knowledge and hands-on experience of wireless 802.11, Cisco Meraki, Aruba, Wireless LAN Controller Experience in troubleshooting, maintaining and integrating on F5 Big-IP LTM load balancing, GTM and APM Deployed, Managed, monitored and supported Bluecoat Proxy for content filtering, internet access between sites and VPN client users, forward proxy scenario and reverse proxy scenario for security and also worked on adding URL s in Bluecoat Proxy SG s for URL filtering . Experience wif deployments of various systems to Azure wif Azure CLI, PowerShell, ARM Templates and Terraform. Created a dynamic and automated inventory of workstation software/hardware on the network via remote PowerShell scripting and WMI Working with Azure Cloud Storages. That includes working with blob and file containers. Also setting up file share sing Azure cloud storages Experience with Putty, Exceed, Secure CRT, GNS 3 and Cisco Packet Tracer Configured security policies including NAT, PAT and VPN, IPSec, Route-maps, Prefix lists and Access Control Lists on different router Hands on experience in deployment of GRE tunneling, SSL, Site-Site IPSEC VPN and DMVPN Experienced working on network monitoring and analysis tools like, SOLAR WINDS, CISCO works and RIVERBED and Wireshark CERTIFICATION: CCNA - Cisco Certified Network Associate CCNA Security Cisco Certified Network Associate Security CCNP - Cisco Certified Network Professional TECHNICAL SKILLS: Router and VoIP Platforms Cisco Routers series 7300, 4000, 3800, 2000, 1900; F; OnSIP, Avaya products, cisco IP phones Routing Fundamentals and Protocols Routed and Routing protocols RIP, EIGRP, IS-IS, OSPF, BGP, IPX; MPLS, IPv4 and IPv6 addressing, subnetting, VLSM, Static routing, ICMP, ARP, HSRP, VRRP, Route Filtering, Multicast, 802.11, Policy Based Routing, Redistribution, Port forwarding, Arista. Switch Platforms Cisco Catalyst series 2960, series 3560, 3850, 4500, 6500, 7000; Nexus series 2K, Netgear switches,5K, 7K; Nortel/Avaya 5510, 5520; Juniper EX3300, EX4600, EX4300, EX3400 Switching Fundamentals and Protocols Ethernet technologies, LAN networks, MAC, VLAN and VTP, STP, PVST+, Multicast, RSTP, Multi-Layer Switching, 802.1Q, EtherChannel, PAgP, LACP, CDP, HDLC, RARP Firewall Platforms Juniper Netscreen 6500, 6000, 5400, Juniper SSG, SRX5600, SRX5800, CheckPoint (NGX R65, 3100, 5100, 5900), Cisco Firewalls (ASA 5505, 5506-X, 5585), Netgear Firewall, Palo Alto Networks (PA series 2K, 3K and 5K), WAF,ACI. Security Protocols Standard and Extended ACLs, IPsec, VPN, Port-security, SSH, SSL, IKE, AAA, Prefix-lists, Zone-Based Firewalls, NAT/PAT, HIPAA standards, Ingress & Egress Firewall Design, Content Filtering, Load Balancing, IDS/IPS, Blue Coat URL Filtering, L2F, IDS, TCP Intercept, Router Security, SNMP trap Network Management and Monitoring Wireshark, Infoblox, HP OpenView, Cisco Prime, Security Device Manager (SDM), CiscoWorks; TCP Dump and Sniffer; SolarWinds Netflow Traffic Analyzer, Network Performance Monitor (NPM), Network Configuration Manager (NCM) , Sevone, Sitescope. Load Balancers F5 (BIG-IP) LTM 2000, 3900, 6400, 6800, AV 510, ASM, citrix NetScaler, APM WAN technologies Frame-Relay, ISDN, ATM, MPLS, PPP, DS1, DS3, OC3, T1 /T3 lines, SONET OC3-OC192, SDH, POS, PDH Cloud Computing and Automation AWS, Microsoft Azure, Cisco Meraki, C/C++, Python scripting, Shell, Cloud Migration Other Networking Protocols and Fundamentals DHCP and DNS server, Shell, Active Directory Management, NTP, NDP, TCP, UDP, FCP, Network Implementation, Troubleshooting techniques, NHRP, NetBIOS, NFS, FTP, TFTP, HTTP, PAP, PPTP, SIP Trunking, SNMP logging, BitTorrent, SMTP, RADIUS and TACAS+, PBX servers, SDN, SAN Operating Systems Windows 10/7/XP, MAC OS, Windows Server , Nexus OS, Cisco IOS-XR,Linux, UNIX Wireless Technologies Canopy Wireless Devices, D-Link Point-to-point Wireless, D-Link APs, CISCO 1200 series APs, Aruba wireless and APs, Cisco Meraki, Linksys Wireless/Wi-Fi Routers Microsoft Office Visio, Excel, PowerPoint, Word Change Management ServiceNow PROFESSIONAL EXPERIENCE: Client -FedEx (Remote) Nov 2022 - Present Roll: Sr. Network Engineer Responsibilities: Maintained communication networks, monitored network performance, and resolved technical issues Collaborated with colleagues on the improvement of network infrastructure in order to increase quality, reliability, effectivity, and reduce expenses Installed and configured network devices, including routers, modems, hubs, switches, wireless AP's, and WLAN controllers. Hands-on experience writing TEMPeffective terraform scripts, Resource Templates based on Azure policies and migrating Apps to the cloud. Migration of applications into AWS and Azure cloud domains Managed and troubleshoot NET Cloud, Cradle Point and Aruba access points wireless devices on Citrix and Airwave. Aruba VPN, customer public and private wireless networks. Aruba mobility and Clearpass training. Supported massive DDI (DNS, DHCP, IPAM) network environment Configured and performed software upgrades on Cisco Wireless LAN Controllers 2504, 4404, and 5508 for Wireless Network Access Control integration with Cisco ISE. Performed backups of all servers and provided support and assistance to users Completed troubleshooting, tested networks, and performed other duties as required Design, Implementation and Support of a Disaster recovery facility for fail-over purpose, Enterprise management for back-end connectivity, access, distribution and core layer switches as well as the backbone routers, VPN and DMZ networks. Zero Trust Network Access (ZTNA): Integrated ZTNA solutions with enterprise networks, enforcing least privilege access and enabling secure connectivity for remote and on-premises users without compromising performance. Automated OpenStack and AWS deployment using Cloud Formation, Ansible, Chef and Terraform. Worked on the URL filtering and upgradation of Palo Alto firewall from PAN-OS 7.1 to PAN-OS 8.0. Managed data build repos, artifacts, and cron backup jobs, and update Python/Java web frameworks running apache and mysql services. Involved with designing internal administrative tools using DJANGO on Python framework. Experience with implementing Cisco 6500 VSS on the User distribution switches. Developed and executed test plans and cases for SASE deployment, including network functionality, security, and application performance Written automation scripts for creating resources in OpenStack cloud using Python and terraform modules. Designed and deployed Secure Access Service Edge (SASE) solutions for distributed enterprises, ensuring secure and optimized network connectivity. Worked on high end cisco devices like ASR 4451-x, Cisco 2900, 3900, 4300 series and Juniper Routers. Strong hands on experience on Cisco (5525/5510) Firewalls, Cisco Firepower FMC and FTD 2100 series, Palo Alto Firewalls. Unify GLP coding - develop a single Perl code to work on Solaris SPARC and X86 and Linux X86 platforms. Utilized Ansible and AWS lambda, elastic cache and cloud watch logs to automate the creation of log aggregation pipeline with Elastic Search, Log stash, Kibana stack (ELK stack). Conduct throughput testing and No Drop rate testing for various topologies. Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS) Responsible for Palo Alto firewall management and operations across our global networks. Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering). Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls. Breaking down the HPOO flows and tracking down which are able to provision in Terraform. Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using Panorama. Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls and also implemented Zone Based Firewall and Security Rules on the Palo Alto Firewall. Exposure to Palo Alto Wildfire. Convinced the CTO to start a department wide initiative to train IT staff in the use of Windows PowerShell. Aruba 802.11ac wireless access points deliver superb Wi-Fi performance, Aruba 330 series, 501 wireless client bridge, 7220, 7010 MOBILITY CONTROLLER. Development of PHP and OO Perl API to interface with the existing 'incident report' Oracle database. Implemented Positive Enforcement Model with the help of Palo Alto Networks Helping Customers with Architecture and deployment of Palo Alto firewalls and other products like centralized management server Panorama and Log Collector Upgraded Palo alto Panorama and Palo Alto stand-alone device from 8.0.9 to the latest version 8.1.8 Knowledge on Data center design and operations, Cisco Nexus switches, Load balancing technologies, configuring & troubleshooting of MPLS, BGP, OSPF& EIGRP, ASIC design of a device and line cards Modules, network elements of the telecom space & understanding of service delivery platforms Having good understanding of ACI (Cisco Application Centric Infrastructure) Simplified automation by an application-driven policy model through ACI Centralized visibility with real-time, application health monitoring with ACI Design and Implementation Cisco/Meraki Enterprise Wireless solutions for corporate infrastructures Deployed and configured devices using Meraki dashboard. Deploying Cisco Meraki Enterprise Cloud Access Points and Wireless Bridges/Repeater for LAN Expansions Designed and Deployed Cisco/Meraki Enterprise Cloud for Corporate HQ, Co-Locations and 500+ branches with distinct SSIDs. Zero Trust in Cloud Environments: Deployed Zero Trust architectures in hybrid cloud environments (AWS, Azure), integrating security gateways and automated policy enforcement to ensure secure data flow across cloud-based applications. Prepared capacity and architecture plan to create the Azure Cloud environment to host migrated IaaS VMs and PaaS role instances for refactored applications and databases Experience in configuring and using PaaS offerings (like WebApp, Azure Database services, Azure Kubernetes, Azure DataLake, etc). Implemented CASB Solutions: Designed and deployed Cloud Access Security Broker (CASB) solutions to monitor and control data movement across cloud environments, ensuring compliance with security policies and data protection regulations. Cisco Router and Switch configuration using Cisco 6509's running VSS. Migrating the HPOO to the Terraform. Development of GLP Deployment Oracle database table and Perl interface module. Helped develop and implement a ClearPass configuration necessary to support a secure wireless network that uses WPA2-Enterprise with IEEE 802.1X authentication for Corp Owned Devices Hands-On experience working with firewall models such as Palo Alto's PA-3K and the PA-5K Series Firewalls Expert-level experience with Cisco IOS Routing and Switching. configuration & troubleshooting of routing protocols: BGP, OSPF, EIGRP. Working on products for Wi-Fi alliance and WLAN testing & pre and post deployment Wireless security WEP, WPA, EAP Threat Detection and Response: Integrated CASB with SIEM tools to enhance threat detection and response capabilities, monitoring user activity across cloud platforms and identifying malicious behavior. Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, ISL/ 802.1q, Ether channel, Port Security, STP, RSTP and MST Experience with f5 load balancers - LTM, GTM series like 6400, 6800.Worked with load balancers to manage corporate applications and their availability Experience with F5 load balancers and Cisco load balancers (CSM, ACE and GSS). Configuring and managing F5 ASM (Application security manager). Developed security policies. Work with Load Balancing team to build connectivity to production and disaster recovery servers through F5 Big IP LTM load balancers. Hands-on experience on large scale migration from on premises environments into Azure using 6R techniques such as Rehosting, Re-platforming, Refactoring, etc. depending on the customer's needs. Deploy and manage with advanced security and network management tools like Aruba ClearPass Policy Manager, Aruba AirWave and cloud-based Aruba Central. Implement changes on switches, routers, load balancers (F5 and CSS), wireless devices per engineer s instructions and troubleshooting any related issues. Used terraform to write Infrastructure as code and created Terraform scripts for EC2 instances, Elastic Load balancers and S3 buckets Experience working with Datacenter switches such as the Cisco Nexus and Cisco Catalyst Implemented Quality of Service QOS for critical applications, also prioritized traffic for voice using classification techniques like DSCP Provide Cisco VoIP services using Cisco CUCME, utilizing both Cisco IP Phones and analog endpoints via FXS ports. Network and Azure cloud services seeking an opportunity to utilize my talents in a professional capacity, employing comprehensive knowledge and immense professional experience. Teh IPAM Platform is QIP wif Infoblox on teh External Network where. Knowledge of MySQL, JSON, REST, NoSQL, Django, Hadoop, Arduino, Raspberry Pi. Monitored Global Support Service desk for tickets that were opened dealing with VOIP troubles or changes. Created and maintained Cisco TAC cases until closure of VOIP network issues. Measured, cut, and installed wires and cables, often using hand-tools to splice. Establish voice and data networks by running and pulling copper and fiber optic cables. Mount telecommunication equipment such as cable trays, routers and switches by following set industry standards. Client -STATE OF TEXAS (HHSC), Austin TX May 2019 Nov 2022 Roll: Sr. Network Engineer Responsibilities: Providing layer 2 security by setting up different protocol such as BPDUguard, Root/loopguard, Orphan ports on collapse/core network architecture Upgrading Nexus 7009 with ISSU in data center Redesigning data center architecture by adding Cisco catalyst 9500 at distribution level by separating collapse/core architecture. Cloud Security Posture Management (CSPM): Utilized CASB for real-time analysis of cloud services, identifying misconfigurations and ensuring alignment with security best practices through continuous compliance monitoring. Deployed Aruba and Cisco Wireless controllers, Loading an SSL Certificate (GUI), SSL Certificate (CLI), Configuring 802.11 Bands, 802.11n Parameters, DHCP Proxy, SNMP, Aggressive Load Balancing, Fast SSID Changing, 802.3 Bridging, Enabling Mulitcast mode, IP- MAc Address Binding, Experienced in Infrastructure Automation tools like Chef, Puppet, Ansible, Cloud Formation, Terraform. Resource Allocation to projects based on Skill testing and analysis. Troubleshot and resolved issues identified during testing, collaborating with engineering and support teams as needed. In-depth knowledge of terraform for automation in cloud envionments Used Provisioners in Terraform to execute scripts. Implemented Cisco and Aruba Wireless Controllers, and Aruba Wireless Access Points at corporate site as a part of WLAN Infrastructure. Provided training and instruction to co-workers and peers on PowerShell scripting techniques and practices. Deployed and Maintained windows phone applications on azure cloud technologies Subject matter expert for the CBS Infoblox DDI system. Installed and configured C6506 switches with VSS configuration as core switches. Responsible for Data Center migration and its operation including change from cisco 6500 switches to nexus series switches, configured VPC/VDC on nexus 5k/7k. Contracted to the U.S. Navy FNMOC to deploy a web user interface for the Optimum Path Aircraft Routing System (OPARS) project using Perl CGI on Linux OS. Experienced in developing web - based applications using Python, Django and HTML. Upgraded Cisco 6500, 3560, 2960s, Nexus 5000, Nexus 2000 and Nexus 7000 switch software Experience working with Nexus 7010, 5548, 2148 devices. Migrated the Internet Edge Firewall Juniper SRX FW to Cisco Firepower2130 in the Datacenter Installed, Configured Cisco Firepower boxes in HA mode. Also installed FMC, upgraded FMC and FTD2130 devices as well. Designing advanced networking solutions including Quality of Service QoS , Virtual Routing and Forwarding VRF and route redistribution. Experience working with OTV & FCOE on the Nexus between the datacenters Deployed Nexus switches 2248, 5548, 7010 and implemented features like FEX Links, VPC, VRF, VDC, and OTV, Fabric Path Granular Access Control: Configured CASB to enforce granular access controls, ensuring only authorized users could access critical cloud applications and data. Working knowledge of Firewall, LDAP, AAA, TACACS/RADIUS, and IPSEC Working on migration of Cisco ACS to Cisco ISE Configured/Deployed Enterprise level Cisco ISE for wired/wireless devices by installing certificates, building multiple ISE clusters and ISE nodes. Setting up Throughput testing, No Drop Rate for different topologies and routing features. Creating ISE policies to correspond with various devices on the network Expertise in Cisco Firepower FTD managing with FMC. Experience with security zones, security policies, NAT in Firepower and Juniper Firewalls. Experience in the setup of access-list, EIGRP-BGP and tunneling installation Experienced in VPN implementation, IPsec VPN and SSL VPN with server to server and client to server Working on authentication protocol PAP, CHAP, 802.1x, Port security and configuring security policies including NAT, PAT, VPN, Route Map and Access-list Hands on experience on F5 load balancer, its method implementation and troubleshooting on LTM and GTMs Deals with creating VIP pools, nodes and created custom iRules for virtual servers Worked on F5 VIPRION4800 series BIG IP devices, configured VIP's with HTTP/SSL profiles To secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures. Vast experience in developing and testing network topologies. Responsible for managing Cisco routers, switches, HP switches, F5 load-balancers using SNMP MIBs for fault detection and for fault isolation. Experience in routers and switches in various network configurations supported VLANs, Qos, VoIP, and advanced access-lists. DDI (DNS/DHCP/IPAM) support, design, Security, Planning and trouble-shooting. Built site to site IPsec base VPN tunnel between various client and business partner sites Worked on cisco ASA 5510 firewalls configuration and implementation for the network security Experience in designing, configuration and troubleshooting, security policies, Modular Policy Framework, Zone based Firewall and Implementing different failover mechanism on cisco ASA in order to upgrade Palo-Alto. Experience with advance rule base design, rule base optimization on cisco ASA Intermediate experience in Layer 3 technologies, gateway load balancing protocols VRRP/HSRP and dynamic routing protocols (OSFP/BGP) Remote access VPN IPsec, GRE, 3DES or AES VPN Tunnels Implementation of HSRP (using IP SLA) and GLBP . Designed and implemented Versa Networks' SD-WAN and SASE solutions for enterprise customers Configuring VLANs, VTP, Ether channels . Experience with integration between VPC solutions and terraform as infrastructure as code. Good to has experience on Designing & building Azure Kubernetes platform. Responsible for performing predictive wireless designs/site surveys with AirMagnet Planner (Cisco 3500/3600/3700/ Aruba 105 access points) and conducting physical wireless site surveys with AirMagnet Survey. Redundancy Technologies: Virtual Scale (CISCO VSS), VCP, Virtual Link Trunking (VLT), VRRP, HSRP. Configuring inter-VLAN routing on Layer-3 switches, Securing switch access Experienced in Configuring/Troubleshooting CiscoRoutersASR1000/4300, 2900/3900 Experienced in Configuring/Troubleshooting Routing protocols EIGRP/OSPF/BGP/RIP/IS-IS Supported any network or VoIP issue during the cutover and after the site was migrated Responsible for configuring network devices at field offices to support the new Cisco VoIP system. Some VoIP features tested at each site were VM, MoH, Call Park, SRST, etc. Client - State Farm, IL Nov 2017 May 2019 Role: Senior Network Engineer Responsibilities: Upgraded Cisco 6500, 3560, 2960s, Nexus 5000, Nexus 2000 and Nexus 7000 switch software Configure & troubleshoot routing protocols like MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, and MPLS Configuring and maintaining ASR 9K(9010 9922), Nexus 7000, 5000, 2000, Cisco 6500 series IOS multilayer switches, Cisco 2960s series switches and Cisco 3560 switches. Created dedicated VLANs for Voice and Data with QoS for prioritizing the VOICE over the DATA. Created pre-filter rules, access-control polices, Intrusion policies, Malware polices on Firepower (IPS, IDS, Malware Detection). Migrating virtual environments VMWare to Azure cloud using ASR Experienced in configuration, IP address management using Infoblox and SolarWinds IPAM Tools. My experiences have been versatile - ranging from applications, network Architect/engineering, and Infoblox DDI (DNS, DHCP, and IPAM) Configured and optimized Versa Director and Versa Titan for centralized management and orchestration of SD-WAN and security services Built IP-Sec VPN tunnels from Cisco Firepower to SRX-220 s in remote sites using IKE pre-shared keys, AES-128, SHA and DH5. Integrated Hashi corp Vault via Terraform. Created scripts using Windows PowerShell to automate Identity Lifecycle Management, including, but not limited to, the creation, managing and decommissioning of user accounts. Good to has experience on Designing & building Azure Service mesh (ex. Istio) on top of Kubernetes platform Developed multi-users (portal) web applications written in Perl on Linux OS. Worked with automation/configuration management using Ansible create playbooks to automate dev processes. Configured and performed software upgrades on Cisco Wireless LAN Controllers 5508 for Wireless Network Access Control (NAC) integration with Cisco ISE. Experience in working on advanced features like VPC, VDC in Nexus and VSS in Catalyst 6500 Implemented SASE architectures integrating SD-WAN, security, and cloud services for enhanced network performance and security. Created CI/CD pipelines and setup auto trigger, auto build and auto deployment with the help of the CI/CD tool like Jenkins. Configured and maintained Site to Site IPSEC and SSL VPN's on PAN 5K series firewalls Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering) Upgrading Palo Alto PAN-OS to the latest version with panorama in the production environment Palo Alto, 3060,5060, and 7050. Configuration and Administration of Palo Alto Firewalls to manage large scale firewall deployments Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS) Implement and monitor firewalls (Palo Alto, Checkpoint and Cisco) security policies Created site-site tunnel using GRE over IPSEC on ASR 1K series routers. Experience with adding devices to be monitored in SolarWinds using network discovery Configured flow monitor on routers for the SolarWinds. Installed and maintained routers and switches in various network configurations supported VLANs, Qos, VoIP, and advanced access-lists. Configured VMs in availability sets using ARM templates to provide resiliency for IaaS based solution and scale sets using Azure Resource Manager to manage network traffic. IPAM data processing and conversion to Infoblox-compatible format Working on Cisco 6509 and 4507 series switches for LAN requirements Configured trunk and switchport on access. L3 and nexus switches Experience with adding Fabric extenders to Nexus 9K switches using switchport fabric mode Configured port channel on Nexus 9K and 2960 access switches Installed and configure F5 LTM and GTM 5000 series in Data center DMZ environment Working on upgradation of F5 Big IP software version from 9.x to 11.4.1 and hotfixes on LTM pairs Worked on IOS XR, NXOS and routing protocols EIGRP, BGP and MPLS. Configured WLAN on WLC 5520 with anchoring Moved access points from one WLC to another Proficient in monitoring and managing networks using SolarWinds Netflow Traffic Analyzer, Network Performance Monitor (NPM), Network Configuration Manager (NCM); Cisco Prime Worked on Blue Coat Proxy SG to safeguard web applications (Blacklisting and Whitelisting of web URL) in extremely untrusted environments such as guest Wi-Fi zones Resolved 8 to 10 tickets in a day from ServiceNow Experienced in working with Session Initiation Protocol (SIP) trunking for voice over IP (VoIP) to facilitate the connection of a Private Branch Exchange (PBX) to the Internet. Client - HSBC, NY Jan 2017 Nov 2017 Role: Senior Network Engineer Responsibilities: Experience with racking, configuring, and connecting devices Experience with creating zone runner and zones on F5 GTM Configure nodes pools and virtual server for F5 LTM. Implement and administer Microsoft 365, Office 365, Azure AD Django configuration to manage URLs and application parameters. Coordinated with network development team and the product testing team and implemented product test cases on networks and identified the root cause. Configured VMs availability sets using Azure portal to provide resiliency for IaaS based solution and scale sets using Azure Resource Manager to manage network traffic Designed and configured Azure Virtual Networks (VNets), subnets, Azure network settings, DHCP address blocks, DNS settings, and security policies and routing. Worked on Cisco Layer 2 switches spanning tree, VLAN, QoS . DDI (DNS/DHCP/IPAM) support, design, Security, Planning and trouble-shooting. Configured Client VPN and RSA Token ID technologies including Cisco's VPN client via IPSEC Configure and troubleshoot Site to Site as well as Remote Access VPN on Cisco ASA firewalls 5540, 5585 Routed the traffic based on URL path, header values to different backend servers Maintained wireless IPS infrastructure and coordinated with management, customers and peers regarding wireless network innovations. Responsible for setting up from scratch and maintaining automated CI/CD Pipelines for multiple apps. Implement and configure Azure Infrastructure Solutions - Create and manage Azure Virtual Machines, Design and deploy ARM Templates, Azure Web Apps, Storage strategies, Virtual Networks, Manage Azure Identities, Azure Security and Recovery Services and Azure Operations. Integrated Versa solutions with existing network infrastructure and security systems Managed complex wireless network strategies and imparted support to operational wireless computer networks Helped installed F5 VIPRION load balancers for one of our new data centers Server load-balancing utilizing F5 LTM-Big-IP, including APM and ASM modules Experience in troubleshooting complex load balancing and traffic handling techniques in F5 load balancer Experience with configuring IGP and EGP on ISR routers. Completed Firewall migration from Juniper netscreen to new R77.20 checkpoint firewall. Configured default static route on ISR routers. Experience with RTDN Real Time Data Network for video, voice and WAP and RTP along with building QoS with CoS . Experience wif deployments of various systems to Azure wif Azure CLI, PowerShell, ARM Templates and Terraform Configured site to site tunnel using ISR routers on both end Experience with using Microsoft Visio to create network diagram. Used Infoblox for IPAM administration. Configured and troubleshot SASE components, including SD-WAN edge devices, security gateways, and cloud-based management platforms. Responsible for automated identification of application server and database server using Ansible Scripts. Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls Configured Cisco ISE for Wireless and Wired 802.1x Authentication on Cisco Wireless LAN Controllers, Catalyst Switches and Cisco IOS, and Cisco ASA Firewalls. Experience in configuring and using PaaS offerings (like WebApp, Azure Database services, Azure Kubernetes, Azure DataLake, etc). Creating and managing Azure digital estates according to Microsoft Cloud Adoption Framework for Azure: landing zones, workload migration, identity governance, back up and high availability. Implemented CISCO ISE on Layer 2 Access Switches Configured Profiles, postures and added network device group for Cisco ISE Hands-on experience with configuring VLAN, VTP, PVST, Port security, Port fast and BPDUguard Implementation of various protocols like OSPF, BGP and STP. Administration of Checkpoint, Palo Alto and Juniper Firewalls at multiple properties. Work on Checkpoint Platform including Provider Smart Domain Manager. Worked on configuring, managing and supporting Checkpoint Gateways Configured various routing protocols such as EIGRP, OSPF and BGP Cisco ASR 9910 and 1001, ISR and Juniper MX routers. Hands-on experience on large scale migration from on premises environments into Azure using 6R techniques such as Rehosting, Re-platforming, Refactoring, etc. depending on the customer's needs. Configured redundant protocols like HSRP, VRRP and GLBP on ISR routers Client - People Tech, India Sep 2015 - Nov 2016 Role: Network Associate Responsibilities Configuration & troubleshooting of routing protocols: MP-BGP, OSPF, EIGRP, RIP Configured IP access filter policies. Development of DNS/IPAM Architecture. Educate developers on how to commit their work and how can they make use of the CI/CD pipelines that are in place. Lead in Installation, integration and configuration of Jenkins CI/CD, including installation of Jenkins plugins. Configured and performed software upgrades on Cisco Wireless LAN Controllers 2504, 4404, and 5508 for Wireless Network Access Control integration with Cisco ISE. Maintained and provided Level 2 and Level 3 technical supports for all network related issues Experience in Cisco 7200, 7600 routers, Cisco 2800 3700 series switches: Physical cabling, IP addressing, WAN Worked with the Help Desk for circuit troubleshooting to give Support to the Tech persons at the site. Configuring routers and sending it to Technical Consultants for new site activations Giving online support at the time of activation Supporting Development team for the access to corporate network and outside world. Providing access to specific IP, Port filter and port access. Implementing Azure to on-premises hybrid domain solutions Configured VoIP using Cisco Call Manager, RTP for real time voice transfer, settings of QoS using CoS Trust Boundaries, call controlling signaling like MGCP, H323 and SIP. Working on products for Wi-Fi alliance and WLAN testing & pre and post deployment Wireless security WEP, WPA, EAP. Responsible for design and build Azure foundation setup. Maintained Ansible playbooks using Ansible roles, Ansible Galaxy, utilized combination of different module in Ansible playbook with YAML scripting to configure the files on remote servers. Setting up Throughput testing, No Drop Rate for different topologies and routing features. Configured and troubleshoot Juniper Ex 4500 and series switches and Juniper ACX series routers. Responsibilities included Creating Lab demonstrations for recent technology deployments with loaner equipment from various vendors and presented the findings to upper management. Other responsibilities included monitoring and managing servers, desktop computers, printers, routers, switches, phones, and security updates. Helped individual teams to set up their repositories in bit bucket and maintain their code and help them setting up jobs which can make use of CI/CD environment. Good to has experience on Designing & building Azure Kubernetes platform. Implemented QoS with DSCP Diff-Serv Code Point for qos marking of IP-phone traffic. Developed views and templates with Python and Django's view controller and templating language to create a user-friendly website for interface to perform in a high-level. Configuring HSRP between VLANs, Configuring Ether-Channels and Port Channel on Cisco6500 catalyst switches Good understanding on Cisco ASA 5500 (5510/5540) Series Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation, ACL. Good to has experience on Designing & building Azure Service mesh (ex. Istio) on top of Kubernetes platform Keywords: cprogramm cplusplus continuous integration continuous deployment sthree active directory information technology ffive hewlett packard Colorado Idaho Illinois New York Pennsylvania South Dakota Texas Wisconsin