Home

Zubair - Senior Network engineer

[email protected]

Location: Houston, Texas, USA

Relocation:

Visa:

Mohammed Zubair Ahmed 917-640-3525 [email protected] SUMMARY PROFESSIONAL: 10+years of experience in Networking, including hands-on experience in providing network installation, network integration, network support, and analysis for a broad range of LAN/WAN/MAN communication systems. Experience with Azure cloud connectivity using express routes. Configured express routes and NSG in cloud security center, cloud application security. I have knowledge of Cisco Meraki and pretty much knowledge of cisco ISE. Experience with Zscaler cloud proxies ZIA and ZPA. Set up tunnels to Zscaler Zens, zero trust network access. Experience with setting up AWS direct connect to Amazon S3, Amazon EC2, Amazon VPC. Worked on traffic flows from on-premises to AWS, AWS to internet via virtual palo alto firewalls for service that include PAAS and IAAS. Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for datacenter access architecture. Worked on F5 and A10's GTMs to troubleshoot DNS issues and actively participated in A10 to F5 GTM migrations. Designed and recommended architecture of virtualization and private cloud environments based on VMware technologies. Experience Wi-Fi deployments of various systems to Azure Wi-Fi Azure CLI, PowerShell, ARM Templates and Terraform Firewall security policy implementation and monitoring. Installation, deployment, Analysis and troubleshooting of Firewall Technologies i.e. Checkpoint, Fortinet, Palo - alto, Cisco ASA, F5 (LTM). Checkpoint, Cisco ASA, Fortinet and Palo Alto installation, upgrade, Monitoring and patch management. Migrate, Upgrade and Patch Management of Cisco ASA, Checkpoint, Palo alto and Fortinet Firewalls. Setup site-to-site IPSEC VPN tunnel and Remote VPN (SSL) within and across platforms like Checkpoint, Cisco ASA, Palo alto and FortiGate Firewalls and Cisco Router devices. Experience with SD-WAN solutions for optimization of WAN traffic. Hands on experience with creating in-path rules, traffic policies, troubleshooting issues related to delay, jitter, throughput on Riverbed Steelhead. Hands on experience on the Python and Ansible scripting. Experience with network segmentation using Illumio and Palo Alto firewalls for traffic filtering and applying policies on Illumio central manager. Updated training Silver Peak SDWAN, SolarWinds, Splunk, Aruba wireless, F5 LTM/GTM & Cisco. SD-WAN - Silver Peak & Cisco Viptela Hands on experience with data center technologies that include spine leaf, CISCO ACI, Arista cloud vision. Experience utilizing industry standard network management tools such as Riverbed, OpenView HPNA, and NNM. Working Knowledge and demonstrated experience on the Cisco Juniper, HP Aruba, Avaya, and Arista switches & Routers. Working experience on the Cisco Catalyst 2960, 3750, 3850, Cat 9K, Cat 4500X, Cat 6500 switches; Nexus 2k, 3k, 5k, 7k, and 9k series switches. Working experience on the Cisco ISR 800 series, 1000 series, 4000 series; ASR 1000 series, 5000 series, 9000 series; IOSXRV 9000, Meraki vMX100 virtual routers. Working experience on the Juniper EX 2200 series, EX 2300 series, EX 3400 series, QFX 5120 series; MX5, MX40, PTX series, and T4000 Core Routers. Working experience on the HP Aruba 2920 series, 2930 F series, and 5400R series switches. Working experience on the Arista 7150S series, 7160 series, and 7260QX series switches; 7508R routers. Hands-on experience on implementation and troubleshooting complex layer 2 technologies such as VLANs, SVI, Trunks, VTP, EtherChannel, DTP, STP, RSTP and MSTP; Implementation of HSRP, VRRP, GLBP for Default Gateway Redundancy. In-depth knowledge and hands-on experience in ISP Routing Policies, Network Architecture, IP Addressing and Subnetting, ARP, VLSM, TCP/IP, MPLS, NAT, ACL, DHCP, DNS, FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits. Thorough knowledge and hands on experience on the data center technologies such as VDC, VPC, VXLAN, FEX, OTV, FCoE, and Fabric Path. Experience with WAN connectivity, MPLS circuits, leased Lines, Metro Ethernet, Site to Site IPsec tunnels, ISP circuits, Customer Edge configurations. Experience with SD-WAN solutions that include Viptella and Versa Implementation of Quality of Service (QoS) through the QoS models, tools, mechanisms, and algorithms to avoid congestion. Working knowledge and demonstrated experience on the PAN-OS 6, 7.1, and 8.0 versions: PA 220, PA 820, PA-2K, PA-3K and PA-5K firewalls. Thorough knowledge and hands on experience on the Palo Alto firewall User-ID s, App-ID s, SSL Decryption, URL Filtering, Policies, Zone Protection, High Availability, and Certification Management. Working knowledge and demonstrated experience on the Cisco ASA 9.7, 9.9 versions: ASA 5500-X Firepower series. Thorough knowledge and experience with the Cisco Firepower NGIPS/IDS. Experience with the FortiGate 100, 200, 600 series Next Generation Firewalls. Experience and demonstrated knowledge on the F5 Load Balancers, Citrix NetScaler. Experience on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability. Experience on Virtual Servers, Pools, Persistence, I Rules, Listener IP s, Wide Ip s, SSL, HTTP and TCP headers. Worked on load balancers like F5 to troubleshoot and monitor DNS issues and traffic related to DNS. Working knowledge and demonstrated experience on the Cisco, HP Aruba wireless networking. Worked on the deployment and installation of Wireless Access Points, and their management through Wireless LAN (WLAN) Controller from scratch. Experience with cisco Aironet 500 series, 1800 series, 2800 series, 3800 series Wireless Access Points (WAPs) and their management through the 3504 and 3650 Wireless LAN Controllers (WLCs). Worked on the configuration of AP groups, LWAPs, Guest networks, SSID s, Authentication rules, RRM, Signal strength issues. Provisioning AP s etc. Knowledge of Network monitoring tools such as SolarWinds, Cisco Prime, Wireshark, Splunk, ELK, Catchpoint, Extra hop and Moog soft. Hands on experience with the Bluecoat Proxy and Infoblox for the DNS, DHCP, and IPAM (DDI). Utilized ChatOps and chatbot tools for incident management. Hands on experience with Juniper Pulse setup in DMZ and inside environment for remote SSL VPN setup. Hands on experience and demonstrated knowledge on the Red Hat Enterprise Linux (RHEL), Ubuntu OS, CentOS, and Kali Linux. CERTIFICATIONS: Cisco Certified Network Associate (CCNA) Cisco Certified Network Professional (CCNP) Palo Alto Accredited Configuration Engineer (ACE) TECHNICAL SKILLS: Networking Technologies LAN/WAN Architecture, TCP/IP, Frame Relay, VPN, VLAN, VTP, NAT, PAT, STP, RSTP, PVST, MSTP Networking Hardware Cisco Switches, Cisco Routers, ASA/Pix/Palo Alto/Fortinet/Juniper firewalls. Routing Protocols OSPF, ISIS, EIGRP, RIP, MPLS, IS-IS, BGP, Multicasting Security Technologies PAP, CHAP, Cisco PIX, Blue Coat, Palo Alto, ASA, Fortinet, Checkpoint Network Monitoring SolarWinds, Wireshark, HRping, Whatsupgold, Infoblox Operating Systems Windows 7, Vista, XP, 2000, LINUX, Cisco IOS, IOS XR, IOS-XE, NX-OS Routers CISCO 4300, 4400, 4500,2600, 2800,3800,7200, Juniper M & T Series, ASR 1000 Load Balancers F5 Networks (BIG-IP), NetScaler (Citrix) Capacity & performance Cascade Riverbed (Flow Monitor), WAN Killer WAN and SDWAN technologies MPLS, ISP Leased Lines, SONET, Viptela, Versa. Switches CISCO 2960,3750,3850, CAT 9300, CAT9400, CAT 9500,4500,6500,6800 Nexus 7k,5k,2k Programming Languages C, C++, Perl, Python Simulation Tools GNS3, VMware, OPNET IT GURU, OPNET Modeler, Cadence Firewalls Juniper Net Screen (500/5200), Juniper SRX (650/3600), Pix (525/535), ASA (5520/5550/5580), McAfee Web Gateway, Checkpoint, Palo Alto firewalls. AAA Architecture TACACS+, RADIUS, Cisco ACS Features & Services IOS and Features, HSRP, GLBP, VRRP, IPAM IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP and FTP Management, Open Stack, IVR s, HLD and LLD documents, Dell equal logics EXPERIENCE: DTarform Houston, TX May2024- Till Date Senior Network Engineer________________________________________________________________ Lead the design, implementation, and support of network infrastructures for various clients, focusing on reliability, scalability, and adherence to SLAs. Manage the configuration and troubleshooting of client networks, including LAN/WAN, firewalls, VPNs, and cloud connectivity using services like AWS Direct Connect and Azure ExpressRoute. Deliver end-to-end network and storage solutions to support client data storage needs, ensuring high-performance access across their infrastructures. Oversee the integration of cloud-based networking services, such as ExpressRoute, Direct Connect, and cloud-based VPNs, to provide seamless, secure, and high-performance connectivity for clients. Collaborate with clients to design customized network architectures and storage solutions tailored to their business requirements and security standards. Develop and implement infrastructure automation using APIs on Juniper and Arista devices, improving network management and operational efficiency. Conduct regular network assessments and audits to optimize clients' infrastructures for performance and security. Troubleshoot complex networking issues using industry-standard tools like SolarWinds, Splunk, and Wireshark for real-time monitoring and analysis. Design, implement, and manage client-specific security policies using next-generation firewalls such as Palo Alto, Fortinet, and Cisco ASA, while applying network segmentation techniques. Collaborate with Mega port and Equinix to provide secure and reliable network connectivity for clients, optimizing performance and scalability. Lead the migration of legacy client networks and storage systems to modern cloud-based infrastructures, minimizing downtime and ensuring smooth transitions. Ultragenyx Bedford, MA March2023- April2024 Senior Network Engineer________________________________________________________________ Involved in complete LAN, WAN development (including IP address planning, designing, installation, configuration, testing, maintenance etc.). Integrated Meraki SD-WAN into the infrastructure during the design process. Involved in Switching Technology Administration include creating and managing VLANS s, Port security, Trunking, STP, Inter Vlan routing, LAN security etc. Implemented with Cisco Layer 3 switches 3750, 4500, s6500 in multi VLAN environment with the use of inter-VLAN routing, HSRP, ISL trunk, ether channel. Actively involved in design & deployment of a new datacenter using Cisco Nexus 9000 platform in spine & leaf architecture utilizing VXLAN fabric & BGP-EVPN overlay technologies. Responsible for developing traffic engineering in Meraki SDWAN to support intelligent traffic flow across the networks Involved in deployment of Meraki SDWAN solution across the corporate offices. Possess good experience in configuring and troubleshooting WAN technologies like MPLS, T1, T3, DS3 and ISDN. Supporting project test teams in analyzing the bandwidth utilization. Experience in designing and implementing F5 web-based solutions. Experience in writing F5 I Rules. Daily Support of F5 environment to include Creation of new VIPs/WIPs and I rule. Engineering and configuring Virtual Server, Pools, I Rules, Profiles, Persistence, and monitor on F5 LTM Responsible for Palo Alto firewall management and operations across our global networks. Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering). Configured and maintained IPSEC and SSL VPNs on Palo Alto Firewalls Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using Panorama. Deploying Cisco Meraki Enterprise Cloud Access Points and Wireless Bridges/Repeater for LAN Expansions Designed and Deployed Cisco/Meraki Enterprise Cloud for Corporate HQ, Co-Locations and 500+ branches with distinct SSIDs Configured and maintained IPSEC and SSL VPNs on Palo Alto Firewalls and implemented Zone Based Firewall and Security Rules on Palo Alto Firewall. Exposure to Palo Alto Wildfire. Implemented Positive Enforcement Model with the help of Palo Alto Networks Responsible for the IPAM (IP Address management) system for a very large WAN/LAN network (QIP) using SolarWinds IPAM and Infoblox DNS and DHCP servers. Experience with windows and Infoblox DNS and DHCP servers, IPAM, internal and external grids. Worked on Infoblox to update the DNS host and A records to assist the part of the migration. Configuration and administration of the SolarWinds product for both Network and Server/Application monitoring Configured Solar Winds Orion NCM/NPM Add, change, and remove devices from Solar Winds inventory add or change alert, add or change maps in Orion Network Atlas Mizuho NY (Dec 2021 Feb 2023) Network Security Engineer. ______________________________________________________________ Responsibilities: Responsibilities included installation, configuration, maintenance and troubleshooting of the corporate network, monitoring network performance using various network tools to ensure the availability, integrity and confidentiality of application and equipment and to provide support for Cisco network. Reviewing, analyzing, approving, and executing all changes in the network. All Configurations of Cisco Routers and Switches. Configuring TCP/IP IPv4 addresses and IPv6 addresses for Layer 3 testing. Hands-on experience writing TEM effective terraform scripts, Resource Templates based on Azure policies and migrating Apps to the cloud. Successfully configured and managed Silver Peak SD- WAN infrastructure across 18 high-volume locations. Experience with WAN connectivity, MPLS circuits, leased Lines, Metro Ethernet, Site to Site IPSec tunnels, ISP circuits, Customer Edge configurations. Experience with SDWAN solutions that include Viptela and Versa. Knowledge and operational experience with SDN, Cisco ACI, VXLAN, VTEPS, VNI, Bridge Domain, Arista Cloud Vision, EVPN, Migrated legacy F5 LTM and GTM appliance to newer version appliances. Manage Palo alto, Checkpoint, Cisco ASA and Fortinet policy and network. Configured F5 GTM solutions, which include Wide IP, Pool Load Balancing Methods, probers, and monitors. Worked on Arista Cloud Vision (CVP) & Cloud Vision Exchange (CVX) Deployed on VMs. Worked on Routing protocols EIGRP and BGP. Working on Infoblox for IPAM, DHCP and DNS. Working on Linksys, SG500, Cisco, Arista switches and Cisco routers. Configure IPSEC and SSL VPN with Palo-alto, Cisco ASA, Fortinet, Checkpoint and Router. Well versed in troubleshooting and installing CRS, Carrier Routing System (CRS 1/3), CRS-X, ISR, GSR, ASR9000 and Nexus devices. Implemented IP SLA and SDWAN traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Open Shortest Path First (OSPF Currently working on performing circuit and satellite turn-ups, migrations from ALU7450 to 7750, configurations and installations, configuring IPV4/IPV6 address on new installation turn-ups. Experience in configuring and using PaaS offers (like WebApp, Azure Database services, Azure Kubernetes, Azure Data Lake, etc.) Experience working with Layer 3 Routing Protocols OSPF and BGP. IPV6 Implementation, changes to Network Stack (Host side) to make sure that our Network Stack is IPv6 compliant. Worked in Cisco CRS-16/S IOS XR and 12000 series GSR router types with updated Version of 12.0 Generate network configuration from low level design to highly complex environment like confidential Cisco routers (CRS, ASR), Cisco Nexus 5000 series switch, juniper M/MX Router/Switches and other participating vendor devices like F5 load balancers, IXIA & Spirent Traffic analysis devices, Firewall and Servers Implemented and reviewed the Cable Modem Termination Server (CMTS) traffic engineering based on the DOCSIS 3.0 and implementation of the network design using the ASR 9010 routers to balance system parameters for both the upstream and downstream nodes the DOCSIS encapsulation. Integrate DoDAF V2.0 (AV/DIV, TOGAF(Data) models. Hands-on experience on Azure IaaS (Design and Implementation). Implemented EBGP peering between all the branch offices. Migrated legacy F5 LTM and GTM appliance to newer version appliances. Configured F5 GTM solutions, which include Wide IP, Pool Load Balancing Methods, probers and monitors. Created Designs for guest network and mobile access network for NAC solutions. Managed cisco devices like Routers switches, Access points and handle SDWAN sites which have Silver peak Devices, Meraki switches, Open gear devices. Configured and assigned IPV6 address area to SSA Internal network groups. Hands-on experience on large scale migration from on premises environments into Azure using 6Rtechniques such as Rehosting, Re-platforming, Refactoring, etc. depending on the customer's needs. Created network diagrams using MS VISIO for remote offices. Configured and deployed Riverbed steelhead at remote locations. Working with Nexus 7010, 9396,5548, 5020, 2148, 2248 devices. Configuring vdc, fex pinning, fex port-channel, port-channel, peer keep alive, peer link. Experience consisting of Global load balancing, Local load balancing, SSL acceleration, HTTP compression. Involved in the modification and removal (wherever necessary) of BGP from the MPLS routers. Migration of ASA firewalls to Palo alto Next generation firewalls. Working on migration from traditional MPLS platform to SD- WAN technologies (Fat Pipe, Silver Peak, Cisco Meraki). Good to have experience on Designing & building Azure Service mesh (ex. Istio) on top of Kubernetes. Involved in Switching Technology Administration including creating and managing VLAN s, Port security, Trunking, Inter-VLAN routing, LAN security etc. Configured HSRP and VLAN trunking 802.1Q, VLAN routing on catalyst 9300 switches. Implementing and Maintaining Network Management tools (Solar Winds, Zenoss, Infoblox, IPAM) Configured Nexus 2000 Fabric Extender (FEX), which acts as a remote line card (module) for the Nexus 5000 to connect servers and storage devices. Configured and designed LAN networks with Access layer switches such as Cisco 4510, 4948, 4507 switches. Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems. Proficient in using SolarWinds network management tools like network performance monitor, NetFlow traffic Analyzer NCM and cisco prime. Worked on Packer filtering and Analyzation using Wireshark in the Corporate Network Configured and maintained Cisco-Meraki to manage Remote Branch office networks and security cameras. Worked 24X7 network supports for ON-CALL & maintains 99.98% uptime of the system. Documented all the work done by using Visio, Excel & MS word. Installed Cisco Aironet access points and add them to Cisco wireless controller (5508), manage Aruba, Cisco wireless access controls, troubleshooting LWAPP on Aruba wireless access points. Jefferies, NY (Apr 2020 Dec 2021) Network Engineer______________________________________________________________________ Responsibilities: Responsible for designing and implementation of network and Security infrastructure. Experience in working with Nexus 7010, 9396 ,5548, 5020, 2148, 2248 devices. Experience in working and designing configurations for VPC, VPC domain, VPC peer-gateway, VPC peer-switch, auto-discovery, VPC single sided, VPC double sided, NX-OS, VFR, OTY, fabric path. Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000. Upgrade and Patch Management of Cisco ASA Firewalls. As a part of the job, I made a lot of code deployments and was working with multiple teams including proxy, f5, networking, messaging, DNS which helped me improve management skills, learning and using the resources effectively. As a part of this project CCR (change control request) reported by CAPERS IPv6 Conformance Test Suites were fixed. Auto-VPN of Meraki SDWAN Security Appliance for reachability AWS Hosted Domain Controllers, services hosted on AWS, Partners Network Experience working with Layer 3 Routing Protocols OSPF and BGP. Juniper ERX1440, E320, MX960, and Cisco 6880/6509/7609, M40, GSR, CRS routers, Experience with Cisco ACI on VXLANs, VTEPS, VNID s, EVPN, Bridge Domains, Tenants, Application profiles, Contracts etc. on ACI. Thorough understanding of Spine Leaf Architecture. Worked with different models of Cisco/Juniper/Arista switches, routers, firewalls, load balancers, VPNs and wireless systems. Mainly compiled Network information for IPV6 installation, Implement IPV6 address pool, tunneling test bed, configuring for IPV6. Responsible for design and build Azure foundation setup. Heavily involved with data center migration from Cisco to primarily Arista with minimal downtime utilizing VXLAN. Configured and maintained VPCs with 7010/7018 and 5548 in the network and maintained VDCs in 7k switches, maintained VRFs in those separate VDCs. Worked on ACE, A10 load balancers. Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability. I implemented over 250 Arista switches for new data center deployment in a Colo facility utilizing Python scripts I built. Worked in updating the Ciphers Suits to the VIP s in A10 and enabled and disabling the Backend servers. Experience consisting of Global load balancing, Local load balancing, SSL acceleration, HTTP compression. Involved in the modification and removal (wherever necessary) of BGP from the MPLS routers. Experience with legacy and high-end switching technologies in Campus and Data Center environments. I worked at Cisco, Juniper, and Aruba/HP gear in campus environments. Worked on Cisco, Arista, Dell, Cumulus, Juniper gear in Data Center environment. Experience with Interior and Exterior routing protocols that include OSPF, EIGRP, and BGP. Worked on Cisco, Juniper, and Arista routers. Experience in installing Okta s Lightweight agent to integrate with Active Directory. Experience in Okta Set up Single Sing On (SSO) for applications within Okta that are used company wide. Involved in Switching Technology Administration including creating and managing VLAN s, Port security, Trunking, Inter-VLAN routing, LAN security etc. Configured HSRP and VLAN trunking 802.1Q, VLAN routing on catalyst 6500 switches. Implementing and Maintaining Network Management tools (Solar Winds, Zenoss, Infoblox, IPAM) Experienced in assigning the IP address dynamically to the end devices and involved in the migration of DHCP server. Responsible for Palo Alto firewall management and operations across our global networks. Working with Palo Alto Support to resolve escalated issues. Designed, validated, and implemented LAN, WLAN & WAN solution to suite client s needs. Configured and designed LAN networks with Access layer switches such as Cisco 4510, 4948, 4507 switches. Configured and maintained Cisco-Meraki to manage Remote Branch office networks and Intranet connectivity. Worked 24X7 network supports for ON-CALL & maintains 99.98% uptime of the system. Mattel, CA (Sept 2018 March 2020) Network Engineer______________________________________________________________________ Responsibilities: Responsible for three open-source projects like Elasticsearch, Logstash and Kibana. Hands-on experience on taking care of server-side data processing pipeline and sending it to stash . Played key role in documentation of Root Cause Analysis (RCA). Worked on the implementation of Infoblox DNS, DHCP, and IPAM (DDI) for the network. Experienced in creating Python apps to automate the daily networking tasks like configuring devices, network information collection and testing by client simulations. Assisted the networking team on the installation of 7800, 6900, and 3900 series IP phones. Implemented cutting-edge 100G Arista environment for high-bandwidth global collaboration network utilizing VX LAN and EVPN. Configured LACP, OSPF protocols on Arista 7250qx-64 switches monitored and Created traffic Pattern on Arista 7250 switches using Open flow. Expertise with Installation of Arista 7250QX series switches on Spine Platform. Assisted the team in the configuration of Cisco Unified Communications Manager (CUCM). Experience with converting Cisco ACE load balancer to F5 LTM load Balancer in data center environment. Working knowledge and demonstrated experience on the Arista 7150S series, 7160 series, and 7260QX series switches and 7508R routers. Hands on experience with networking experience including configuring Cisco, Arista, Juniper Networks switch including 10/40/100Gb. Experience designing and configuring Arista and Cisco Switches and Routers, review technical requirements for deployment. Played key role in providing support for the organization for service improvement. Hands-on experience with ITIL processes like knowledge management, service validation and testing, release and deployment management. Experienced querying SNMP objects on the network devices. Functional Knowledge and hands on experience with the Citrix infrastructure components such as Web interfaces, PNA Server, NetScaler setup and administration, License Server management, Edge Sight. Management and configuration of RSA SecurID Server. Formulated group policies for Citrix and NetScaler apps, and NetScaler review for load balancing high value web system. Experience working with migration from 4500 series devices to 6500 Series switches in Campus deployments at Core and Distribution Layers. Worked on the configuration and installation of HP Aruba 2520, 5400 R series switches and HSR routers. Hands-on experience with the working of protocols such as SIP, RTP, RTSP, and IGMP for supporting the Voice, Data, and Video networks. Configuring VLAN, STP, VSTP, SNMP on EX series switches from scratch. Hands on experience in Design, Installation, and configuration of Checkpoint Provider Environment. Managed the Checkpoint firewalls and provided Level 3 support for the Checkpoint Firewall administration. Performed upgrades on all Checkpoint firewalls and managed security policies for the firewall from scratch. Configured New Client connectivity via Site-to-Site/Remote/SSL VPN on Checkpoint firewall. Firepower Management Center 6.0 installed and configured on VMware and added ASA Sourcefire Agents as well as Firepower NGIPS for monitoring and management. Provided remote support for AWS Managed Services clients via all channels (Help desk, phone, email) adhering to SLA guidelines and providing thorough and timely communication. Tango Analytics, TX (Sept 2017 Aug2018) Network Engineer______________________________________________________________________ Responsibilities: Configured CIDR IP RIP, PPP, BGP and OSPF routing. Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies. Working knowledge and demonstrated experience on the Check Point Firewall R77 version; 3000, 5000 series security gateways. Worked on the creation and implementation of virtual machines on VMware ESXi in the Network Operations Center (NOC). Configured and Implemented Gateways, Groups, user accounts, access control policies, user accounts, threat prevention policies, VPN tunneling, and High Availability on the Check Point Firewall. Communities, Route-Reflector clusters, Route-maps, and route policy implementation. Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices. Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair. Experience with the SQL database maintenance logs and database mining procedures. Functional knowledge and experience with the Citrix NetScaler, like creating NetScaler IP addresses, enabling packet forwarding, configuring VMACs and route monitors, configuring basic load balancing, basic content switching, knowledge of FIPS too. Managed fast Layer 3 switched/routed LAN/WAN infrastructure as a part of Network team. The LAN consisted of Cisco campus model of Cisco 3550 at access layer, Cisco 6513 at distribution/core layer. Worked on the configuration and installation of arista 7160 series switches. Configuring routing protocols OSPF, EIGRP, RIP, MPBGP, LDP and BGPV4. Worked extensively on Cisco ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution. Palo Alto Firewall troubleshooting and policy change requests for new IP segments that either come online or that may have been altered during various planned network changes on the network. Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms. Worked on Physical site Inventory verification, gather information of various Cisco Network devices and Security Devices to develop Run book and Spec Book. Installation of the Aironet 500, 1850, 2800, 3800 series Access Points and their management through the different Wireless Lan Controllers (WLANs) Configuration and troubleshooting of Cisco catalyst 6509, 7613 with supervisor cards. Used Microsoft project server 2013 for task and resource management. Availity, FL (Apr 2015 Aug 2017) Junior Network Engineer________________________________________________________________ Responsibilities: Configured HSRP between VLANs, configuring Ether Channels, Port Channel on 6500 catalyst switches. Performed data center migration in Access, Distribution and Core layers. Experience working with ASR 9000 series switches with IOS-XR. Configured Routing protocols such as RIP, OSPF, EIGRP, MPLS, static routing and policy-based routing. Configured and troubleshot link state routing protocols like OSPF in single area and multiple areas. Configured BPDU Guard, port-fast, uplink fast and other spanning tree features. Worked on the installation of softphones on the client s end devices through Cisco IP Communicator. Upgraded Cisco ASA 5510 firewalls using 6500/7600 catalyst modules for enhanced performance, security, and reliability. Done troubleshooting of TCP/IP problems and connectivity issues in multi-protocol Ethernet environment. IOS upgrade 1900, 2900, 3500 series Cisco Catalyst switches and 2500, 2600, 3600 series Cisco routers using TFTP. Migrated IPv4 addresses to IPv6 addresses using mechanisms like Tunnel Broker, Transport Relay Translation (TRT), NAT64, DS-Lite and DNS64. Configuration and installation of IP phones and Session Initiation Protocol (SIP) implementation to enable communication. Performed Binding of LUNS onto the RAID Groups in the Clarion Boxes. Worked on the VMware ESXi, Microsoft Hyper-V by running several operating systems. Configured ACLs (Standard, Extended and Named) to allow users all over the company to access different applications and block others. Tech Throne IT Solutions (Jun2013 Mar 2015) Junior Network Engineer _____________________________________________________________ Responsibilities: Configured STP for switching loop prevention and VLANs for data along with configuring port security for users connecting to the switches. Worked on issues related to static and dynamic routing protocols like RIP, EIGRP (Variance and unequal cost load balancing) and OSPF. Configured VLANs with IEEE 802.1q tagging, private VLANs, VTP on Cisco 4500 and 6500 series switches. Configured trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture. Worked on issues related to VLAN, VTP and HSRP failovers. Created network diagrams and proper documentation for the network architecture. Education____________________________________________________________________________ Ayaan College of Engineering & Technology (2008) Electric and Electronic Engineering Coventry University (2012) Master s in strategic management and leadership Keywords: cprogramm cplusplus sthree rlang information technology ffive hewlett packard microsoft California Colorado Florida Idaho Massachusetts New York Pennsylvania South Dakota Texas Wisconsin