Monday, April 5, 2021

Certified Cisco Network Engineer available for new projects. Open to relocate. Visa : H1B


Certified Cisco Network Engineer available for new projects. Open to relocate.

Name : Bharath
Email : Nithin@techsmartglobal.com
732-798-7771

Certifications:
·        Cisco Certified Network Associate Routing & Switching
·        Cisco Certified Network Professional Routing & Switching

Professional Summary:
·        Over 7+ years of practical experience in the IT field as a network engineer, with proficient hands-on experience in the areas of Routing, Switching and Troubleshooting
·        Working knowledge of Firewall, LDAP, AAA, TACACS/RADIUS, and IPSEC.
·        Strong knowledge in configuring and troubleshooting routing protocols like RIP, OSPF, IS-IS, SNMP, EIGRP and BGP
·        Installing and Configuring Cisco switches 2960, 3560, 4500, 6500, 4900, 2900, 3750 ,Nexus 5000,Nexus 7000, WS-C4948, Juniper EX, QFX and Alcatel 7705 SAR series
·        Hands-on expertise with routers 2600, 2900, 3600, 3900, 7200, 7600, ASR-901, ASR-903, ,ASR 5500, ASR-9010 and Juniper ACX, E, M, MX960 series
·        Working Knowledge on Devices like Juniper SRX240, Alcatel5620 SAM, 9500 MPR and Omni switch 6400
·        Implementation, working analysis, troubleshooting and documentation of LAN,WAN WLAN architecture with excellent work experience on IP series
·        Working knowledge with Load Balancers F5 LTM like 3900, 6900 for various applications
·        Proficient with TCP/IP and relative OSI models
·        Security policy configuration including NAT, PAT, VPN, SSL-VPN, Route-maps and Access Control Lists.
·        Strong practical experience in IP addressing, Sub-netting, VLSM and ARP, proxy ARP, and ping concepts
·        Expertise in troubleshooting and configuring DNS, DHCP,TFTP,TELNET,SSH, FTP and NFS
·        Excellent hands-on experience in designing and implementing IP addressing that includes both IPV4 and IPV6
·        Implementation of Access lists, route maps, and distribute lists.
·        Strong fundamental knowledge in implementing Layer-2 level technologies including VLAN's, VTP, STP, RSTP and Trunking.
·        Technical support for improvement, up-gradation expansion of the network architecture.
·        Working experience on tools and devices like Gigamon, SourceFire, Fireeye, Aruba, Cisco ASA, Cisco ISE.
·        Good understanding and working knowledge of Protocols like IEEE 802.1, IEEE 802.3 IEEE 802.11, 802.1x, EAP, PEAP EAP-TLS.
·        Hands-on experience of Python scripting, automation using Python, string parsing, libraries, API's, regexp and more.
·        Expertise on various Operating Systems and software's like Win8, Win7, Win 2008, Win Vista, Ubuntu, Kali Linux, Red Hat Linux, Asterisk and MS Office Suite, Adobe Photoshop,.
·        Working Experience in VMware ESX 5.x, VMware Workstation, VMware vCenter Server, Microsoft SharePoint, System Center 2012 R2, C .
·        VoIP Installation and troubleshooting, configuring Digium Phones and setting up VoIP over VLAN.
·        Good understanding and working knowledge of ITIL standards
·        Hands on experience on several Ticketing Tools like JIRA, Change Management, Service Catalog, ePCR, SR, Remedy, IPcenter, etc.,
·        Working Experience on web content filter and gateways like Blue Coat, Websense.
·        Working Experience on Network Scanning, Management, Alerting Logging tools like SolarWinds, IBM Net cool, Science Logic, Log Logic, EM7, Indeni, nCircle, PRTG, Wire shark.
·        Expertise in CCNA, CCNA Security, CCNA Voice, CCNA Wireless, CCNA Service Provider and Working knowledge of CCNP, CCNP Security.
·        unmatched and proven capabilities in learning and working with emerging new technologies
·        Capable enough to work independently with minimal supervision and multitasking
·        Eequally capable of working as a team member or a team leader as per the situation and its demands
 
Cisco Networks:
·        Excellent knowledge in Routing and Switching, Security and Voice domains of Networking at expert /Professional Level.
·        Worked on various routing protocols like RIP V2, EIGRP, and OSPF.
·        Comprehensive understanding of OSI Model, TCP/IP protocol suite IP, ARP, ICMP, TCP, UDP,SNMP,
·        FTP, TFTP.
·        Planning, Designing, Implementation of small, medium organisations including LAN, VLAN, WLAN and WAN on wired and wireless networks
·        Having vast experience in designing and configuring of Switches for VLANS and inter-switch communications
·        Having experience in implementation of WAN protocols - ISDN, HDLC, PPP, Frame-Relay
·        Implemented traffic filters on Cisco routes using Standard and Extended access-list
·        Configuring NAT, dynamic and static, TCP overloading
·        Network system problem analysis, diagnosis and troubleshooting.
·        Utilize the OSI model as a guide for systematic network troubleshooting
·        Performed LAN, WAN, WLAN and VLAN troubleshooting
·        Design/Implementation and troubleshooting of Cisco Unified Communication.
·        Troubleshooting and Maintenance of IPSLA Routers and Voice Gateways.
·        Experience in LAN, WLAN, WAN Networking, specifically on Cisco Platform, and to some extent in Junipers.
·        Extreme LAN technology. Design expertise in VoIP networks ON Cisco and Nortel interpretability.
·        Analysed and optimized bandwidth utilization and ensured profitability through load balancing using HSRP GLBP.
 
Knowledge on Firewall:
·        Configuring dynamic, static NAT PAT.
·        Identity NAT Policy NAT.
·        Creating, staging and implementing Firewall policies.
·        Configuring and upgrading Checkpoints and Juniper Firewalls.
·        Designing, Configuring and Implementation rules.
·        Implementing Object-groups.
·        Configuring managing security contexts.
·        IP routing on ASA 5510, 5520 5530 series firewalls.
·        Configuring Failover Active/Standby Active/Active.
·        Configuring IPSec VPN.
·        Configuring SSL VPN.
 
               
TECHNICAL SKILLS:
IP Routing
RIP, BGP, OSPF, IGRP, EIGRP, Static Routing, IP Addressing and Subnetting, VLSM, Network Infrastructure.
Communication Protocols:
TCP/IP, UDP, DHCP, DNS, ICMP, SNMP, ARP, RARP, HDLC and ISDN.
Load Balancer
F5 Networks (BIG-IP), AVI
Redundancy Protocols
GLBP, HSRP, VRRP
Topologies
Frame Relay, ATM, Ethernet, Cable Modem, and Wireless.
Switch Technologies
VLANs, VTP, STP, DTP, MLPPP, MPLS, ISL and dot1q.
Network Hardware:
Palo Alto PA-7050, Palo Alto Panorama M-100, M-500, PA Log Collector M-600, Palo Alto PA-5220, Palo Alto PA-3000 series, Cisco switches (2960, 3550, 3560, 3750, 3850, 4500, 6509, and 6807), Cisco Nexus Switches (2248, 2232, 5548, 5596), Cisco routers (1900, 2900, 3900, 7200, ASR-1k/9k), Cisco ASA 5500 series, CSU/DSU’s, network cards, Modems and F5 Network Load Balancer.
Network Management Tools:        
HP Open view, SolarWinds, Aruba ClearPass, Cisco WAN manager, Cisco works 2000
Security
NAT/PAT, Ingress & Egress Firewall Design, VPN Configuration, Internet Content Filtering, URL Filtering -Web-sense, Wildfire Submissions SSL, IPSEC, IKE, Static, Dynamic, Reflexive ACL, and authentication AAA (TACACS+ & RADIUS).
Firewall:
Palo Alto, Cisco ASA, Check Point, Juniper SRX
Operating Systems
Windows, UNIX, Active Directory, Linux.
Ticketing tool & Data Center Tool
Jira and Infra
 
 
PROFESSIONAL EXPERIENCE
Data – Axle, Omaha, NE
Network Security Engineer                                                                                                                                      Oct 2018 – Till Date
Responsibilities:
·        Set up maintained a source fire IDS/IPS system to control network security.
·        Troubleshooting firewall rules in Cisco ASA, Checkpoint, Zscaler.
·        Perform installs, configure and troubleshooting on stateful inspection firewalls and inline/passive IPS/IDS sensors. 
·        Subject Matter Expert in network security, Cloud computing security and SDN security applications.
·        Specialized in Network Security technologies (Firewall, IPS/IDS, Content Filtering, Proxy and Cisco network products).
·        Mutual redistribution of OSPF and BGP routes using route maps.
·        Involved in upgrades to the WAN network from existing 1001x with ASR1004 and ISR 2800/4331 routers.
·        Strong experience Working with the following routing/switching protocols: BGP, OSPF, EIGRP, LDP, HSRP, VRRP, GLBP, VTP, 802.1d, and 802.1q, ISL, VLAN’s and Port-Channels.
·        Worked on F5 BIG-IP LTM, configured profiles provided and ensured high availability.
·        Hands on Experience testing iRules using Browser (IE), HTTP watch on f5 load balancers.
·        Administer and Troubleshoot Cisco ISE and Cisco TACACS
·        Configuring IPSEC VPN on SRX series & Palo alto firewalls.
·        Integrate Splunk with AWS deployment using puppet to collect data from all EC2 systems into Splunk.
·        Convert Campus WAN links from point to point to MPLS and to convert encryption from IPsec/GRE to DMVPN.
·        Configuring IPAM on DNS Infoblox like adding the already existing networks and
·        Performed security audit of perimeter routers, identifying missing ACL’s, writing, and applying ACL’s
·        Configured and Established Express route and VPN connectivity to Microsoft Azure Cloud.
·        Worked with Microsoft support and Deployed HUB and Spoke topology in Azure Cloud.
·        Responsible for Cisco ASA firewall administration across our global networks
·        VMware vSphere security firewall, leveraging AD, configure network security policy
·        Planning and installing VMware ESX and ESXi.
·        Installed, configured, and set security policies on Cisco and checkpoint firewalls, VPN.
·        Monitored and tested network protocols TCP/IP using Wire shark tool.
·        Worked with Aruba/Cisco wireless AP 205 series supporting 802.11 ac.
·        Assisted developers with creating and securing Azure API connections.
·        Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate Authority for purpose of scaling.
·        Implemented Zone Based Firewalling and security rules on the Palo Alto Firewall.
·        Experience working with Nexus 9508, 9504, 7018/7010, 5020, 5548, 2148, 2248 devices
·        Implementation of BGP to optimize WAN routing on the core and edge routers.
·        Troubleshooting and installing of ISR, GSR, ASR9000 and Nexus devices. Managed rules on Checkpoint NGX firewall.
·        Managed VPN, IPsec, Endpoint-Security, status policy, Application control, IPS, Monitoring, Anti-Spam and Smart Provisioning.
·        Support over two hundred Cisco Firewalls Cisco ASA 5500, Series 5500 - X, and Cisco Next-Generation Firepower 4100 Series security appliances in standalone and high availability configurations
·        Level 3 support Firewall Engineer (Cisco ASA and Palo alto)
·        Configured site-to-site and client VPNs and identify and resolve firewall and VPN connectivity issues.
·        Configured and troubleshoot VPNs on infrastructure VPN devices. Provided support for infrastructure FW/IPS platforms.
·        Worked on checkpoint &Palo Alto design and installation of Application and URL filtering, thereat prevention, Data Filtering.
·        Good experience in Checkpoint Firewall Operations and implementations across a diverse network with many levels of required security configurations.
·        Created Azure Virtual Firewalls, VPNs, VLANs, Load Balancers and Route Tables. Implemented Checkpoint firewall rules according to business requirements and verifications.
·        Migrated firewalls from ASA to Checkpoint.
·        Designing and directing system configuration and installation to accommodate network needs of client.
·        Involved in migration of switches from catalyst 6500 E to catalyst 4500-X, 9500 and Nexus 9k, 7k & 9k
·        Good hands-on experience in data center migration from legacy to new Cisco ACI fabric infrastructure.
·        Configuring and managing VMware vSphere access controls.
·        Network security administrator for all user and B2B VPN configuration standards and implementations on production Cisco ASA 5520 and Cisco 5540 appliances Advise management of options, risk vs. cost, benefits, and other impacts of infrastructure solutions
·        Assisted field technician over the phone to install and connect the LAN & WAN connections.
·        Raise & Implement Break Fix Changes that come from incidents.
·        Participating in troubleshooting the F5 LTM and APM and provided level 2 and 3 support.
·        Configuring networks using routing protocols such as RIP, OSPF, EIGRP and BGP and manipulated routing updates using route-map, distribute list and administrative distance for on-demand Infrastructure.
·        Configuration of IP-Sec VPN tunnels to remote sites using IKEv2.Using tools like cisco works, we can monitor the remote sites connectivity
·        Experience on Zscaler cloud security.
 
Client: United Airlines, Chicago, IL                                                                                                                         Jan 2018 – Oct 2018
Network Security Engineer                                                                                                                                     
Responsibilities:
·        Configuring rules and Maintaining Palo Alto Firewalls & Analysis of Firewalls logs using various tools.
·        Work on Checkpoint Platform including Provider Smart Domain Manager. Worked on configuring, managing and supporting Checkpoint Gateways.
·        Worked on F5's Traffic Management Operating System (TMOS) ensuring applications are fast, secure and available.
·        Created well-defined requirements documentation and process for F5 LTM, GTM, ASM, APM deployment
·        Participated in project scoping, estimating, delivery
·        Worked with F5 Support and open and managed all cases
·        Configured Network VLANS, Routes, Interfaces and Trunks on the F5 devices to integrate with Cisco routers and switches
·        Planning, designing and Configuration of various Policy Configurations, Profile Authorizations, End device Profiling, User Identities, Cisco ISE and AD mapping with various attributes and levels of authorizations and Network Access.
·        Worked extensively on lab build for POC comprising of Cisco Catalyst Switch 6500s, 4500s, 3750, Nexus 7000s, and Cisco ISE 3300 Appliances and 1.0.4 Cisco ISE software on VMware’s.
·        Performed upgrade process for Cisco ISE software from version 1.0.4 to 1.1 ADE-OS, patch management and data backup management.
·        Configured SSL Remote Access VPN with the F5 APM to handle over 1500 users.
·        Working on the project of F5 LTM, GTM and ASM code upgrade project, doing couple of them every week.
·        Successfully installed Palo Alto PA-3060 Firewalls to protect Data Center and provided L3 support for
·        Installation, Administration, configuration and troubleshooting of Fortinet and checkpoint Firewalls
·        Involved in the Migration of checkpoint to Fortinet Firewalls.
·        Assisting end user operations staff with technical support for Fortinet products
·        Cisco ASA and FWSM, Fortinet FortiGate; F5 AFM, A10 WAF, IDS/IPS systems, and general knowledge of security features and protocols
·        Implemented Positive Enforcement Model with the help of Palo Alto Networks.
·        Responsible for setting up the infrastructure environment with majority of Cisco & Palo Alto appliances apart from various other equipment.
·        Working on the project of F5 LTM, GTM and ASM code upgrade project, doing couple of them every week.
·        Developed python scripts to generate custom reports and FTP/Email.
·        Responsible design, deployment operation of a Security Incident and Event Management solution based on Splunk.
·        Network Consultant for Nexus Next-Generation project. Built out several MPLS/BGP VRF for multiple clients. Included implementation of 9K, 7K, 5K, 3Kand 2K configuration for integration witch UCS and legacy systems. Developed process for Network Engineering Peer review for all network related systems.
·        Researched, designed, and replaced aging Checkpoint Firewalls architecture with new next generation Palo Alto appliances serving as Firewalls and URL and application inspection.
·        Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
·        Configured and maintained IPSEC and SSL VPNs on Palo Alto Firewalls.
·        Implementing and configuring F5 LTM's for VIP's and Virtual servers as per application and business requirements.
·        Experience in working with Cisco 5500-X Firepower and Cisco Sourcefire IPS & FireEye
·        Implemented Zone Based Firewalls and Security Rules on the Palo Alto Firewalls.
·        Exposure to wild fire feature of Palo Alto.
·        Designed and implemented IT security policies and networked backup systems.
·        Configured route redistribution between OSPF and EIGRP in a multi-area OSPF network.
·        Implemented Hot Standby Router Protocol (HSRP) by tuning parameters like preemption.
·        Work on Checkpoint Platform including Provider Smart Domain Manager. Worked on configuring, managing and supporting Checkpoint Gateways.
 
Client: Kroger, Cincinnati, OH                                                                                                                               March 2017 – Jan 2018
Role: Network Engineer
Responsibilities:
·        Configure, Administer and document the Firewalls structure, working with the Checkpoint Firewalls.
·        Implementing policies and Firewalls rules and Maintaining Checkpoint Firewalls Using various tools.
·        Configuration of the Checkpoint Firewalls 12200 and 12400.
·        Configure, Administer and document the Load balancer structure, working with the BIG-IP F5 Load balancer.
·        Configuration of Virtual servers and pools on F5 Load balancer.
·        Performing server Migration.
·        Experience working in a Data Center environment (Nexus, OTV, VXLAN, Fabric Path)
·        Configured and maintained IPSEC and SSL VPNs on Checkpoint Firewalls.
·        Firewall’s deployment, rules migration and Firewall’s administration.
·        Converting existing Firewalls rules based onto new platforms.
·        Worked on F5 BIG-IP Local Traffic Manager (LTM) to automate, and customize applications in a reliable, secure, and optimized way
·        Configured 6500, 3750 and 4500 for Network Access Solution integration with Cisco Identity Service Engine on ESX 4.0 VMware and physically with Cisco ISE appliances.
·        Configured Cisco ISE for Domain Integration and Active Directory Integration.
·        Configured Cisco ASA 5510 for VPN Network Access Control integration with Cisco ISE (Inline PEPs).
·        Experience working on network monitoring tools like, SOLAR WINDS, CISCO works, Wireshark and Splunk.
·        Responsible for the secure development lifecycle for Cisco’s Nexus line of products, including Application Centric Infrastructure (ACI), Application Policy Infrastructure Controller (APIC) – Cisco’s Software Defined Network (SDN) solution.
·        Designed & Deployed Cisco ISE 1.2/1.3 for Enterprise RADIUS Authentication with Active Directory, RSA Secure ID, Proxy Radius Services to Cisco ACS, Juniper Steel Belted Radius and Radiator Radius.
·        Configured and performed software upgrades on Cisco Wireless LAN Controllers 5508 for Wireless Network Access Control integration with Cisco ISE.
·        Experience on Check Point Firewalls NG, NGX R65, R70, R75, R77, NSX (VMware Network)
·        Configuring, Administering and troubleshooting the Checkpoint, Palo Alto, Imperva and ASA Firewalls
·        Installation, Administration, configuration and troubleshooting of Fortinet and checkpoint Firewalls
·        Hands-on experience with Cisco Nexus 7000, Nexus 5000 and Nexus 2000 platform.
·        Experience in integrating identity federation with Cloud (SaaS) SAML based applications using F5 APM.
·        Hands on Knowledge/experience on F5 load balancers, its methods, implementation and troubleshooting on LTM, GTM, APM and ASM. Worked on software versions including 9.2, 11.4.1, 11.5.3.
·        Strong production experience in managing F5 BIG-IP APM and LTM.
·        Used F5 BIG-IP Local Traffic Manager (LTM) and provided a flexible, high-performance application delivery system to increases operational efficiency and ensures peak network performance for critical business applications.
·        Implement changes on switches, routers, load balancers (F5 and CSS), wireless devices per engineers’ instructions and troubleshooting any related issues.
·        Design and implement Cisco ACI in datacenters, create a strategy that allows use of containers, cloud orchestration tools for end users and developers
·        Great exposure to SDN and network virtualization technologies like Cisco ACI.
·        Configuration of Palo-Alto PA 5000 series Firewalls for outbound traffic via blue coat proxy server.
·        Worked with level-2 team on migration project of CMAs from one Provider-1 to another Provider-1.
·        Proficient in design, implementation, management and troubleshooting of Check Point Firewalls, Cisco, Check Point Provider-1, Palo Alto IDS, Foundry / F5 Load Balancers.
·        Security Device – Palo Alto/ASA Firewalls, tipping point IPS/IDS, Cisco Identity Services Engine (ISE), VPN
·        Implementing checkpoint policies with multiple gateways in clusters
·        Configured VLAN Trunking with Palo Alto interface
·        Integrating Panorama with Palo Alto Firewalls, managing multiple Palo Alto Firewalls using Panorama
·        Part of technical discussion at onsite with client.
·        Designing and implementing Cisco ACI Network Centric based Data Center
 
Client: Elitech, India                                                                                                                                                 May 2014 – Dec 2016                                                                                                                                              
Role: Network Engineer  
Responsibilities:
·        Primary duties include core IP network break fix.
·        Maintain and Troubleshoot routers and switches, including software, hardware and modify configuration as needed.
·        Provide subject matter expert level support for end-to-end production networks.
·        Extensively working with Cisco Routers ISR (2900,3800,3900 series), Cisco IOS XR on ASR9000, Cisco ASR (3000, 5000, 9000 series), Cisco Catalyst Switches (2960, 3560, 3650, 3850, 4500, 4900), Nexus Switches (3000, 5000, 9000).
·        Diagnose, troubleshoot and resolve hardware related problems and replace the entire unreliable component when necessary.
·        Implementing LAN to LAN IPSEC tunnels for Client on a need basic on CP R55.
·        Troubleshooting knowledge on STP, BFD sessions, VLAN, ARP, Traceroute, and RFC2544 Testing.
·        Troubleshooting Physical Circuits including T1, Ethernet (Copper and Fiber), DS3, P2P, MPLS, and Cisco proprietary routing protocol (BGP, OSPF, EIGRP)
·        Monitor Network Alarms and provide support for technicians.
·        Implementing network security for remote access. Tasks including configuring site to site VPN tunnels through multiple Cisco VPN concentrators and Checkpoint and Crossbeam Firewall maintaining and troubleshooting access policies for remote users.
·        Troubleshooting connectivity issues with F5(LTM) Load balancers and A10 (GTM) load balancers.  
·        Working with Tracking and Reporting of IT Tasks.
·        Diagnostic investigation and complex customer-impacting network issues to resolve and identify root causes.
·        Configured VLAN, spanning tree, VSTP, SNMP on EX series switches and helped with time-to-time upgrade network connectivity between branch office and regional office with multiple link paths and routers running HRSRP, EIGRP in unequal cost load balancing to build resilient network.
·        Perform diagnostic investigation and complex customer-impacting network issues to resolve and identify root causes.
·        Maintain and Troubleshoot routers and switches, including software, hardware and modify configuration as needed.
·        Cisco (ISE) to simplify identity management across diverse devices and applications.
 
Client: Pentagon Global Solutions Limited, India                                                                                         March 2013 - Feb 2014
Role: Network Engineer
Responsibilities:
·        Responsible for firewall hardware refresh and security patching
·        Work together with engineering / project team to determine the appropriate firewall involved for the firewall changes
·        Lead project of rules cleanup and upgrade of Check Point to Palo Alto firewall.
·        Manages firewall/security systems by establishing and enforcing policies; defining and monitoring access.
·        Deployed and manage Check Point Cloud Guard and Check Point VSX firewalls in AZURE.
·        Design and manage VNets, network security groups (NSGs) and network assets
·        Remediation of security misconfigurations
·        Administered endpoint security protection utilizing Palo Alto Cortex XDR.
·        Active protection against vulnerabilities and attacks
·        Vulnerability management with Qualys - compliance and security hardening
·        Makes recommendations on existing projects to improve network security
·        Monitors network performance and implements performance tuning when necessary
·        Local & Wide Area Network and Network Security Support
·        Work closely with colleagues to meet team goals and improve processes and practices
·        Performs network and security hardware and software maintenance
·        Create and maintain detailed network documentation and procedures.
·        Part of Global Firewall LCM Team under Project Services
·        Responsible for implementing firewall related changes to the client’s service requests, in accordance with security approval via proper change management
 
 
Thanks & Regards
Nithin | Sr.Sales Recruiter |
TechSmart Global INC
W: 732-798-7771