Pratit Agnihotri

Senior Network Engineer

Contact: +1 (937) 991-4138
Email: [email protected]
Very Passionate Sr Network Engineer having worked in projects that includes Data Center refresh,
Campus Redevelopment, Firewall and F5 Installations, with 10 years of experience in routing,
switching, Network Security-Next-Gen Firewalls, Load Balancers, Wireless and VOIP systems design,
administration and troubleshooting. Excellent communication skills with the ability to interface at all levels.
A proactive team player who also can work independently.

Career Highlights:
 Experience and high-level technical knowledge in OSPF, EIGRP, RIP and BGP routing protocols. L1/L2
troubleshooting skills in Routing in complex environments. Worked with MPLS over BGP. Worked on
upgrading Edge routers, failing over ISP circuits for maintenance. Knowledge in EVPN, VXLAN, VTEPS.
Experience with Cisco ACI.
 Configured F5 LTM, series 5000 series for the corporate applications and high availability.
Implemented LTM and GTM in DMZ and Internal network. Worked on software versions up to 12.1.2.
Experience with upgrading software and hotfix. Experience with APM and ASM modules.
 Experience in installing, configuring, and maintaining Cisco Switches (2960, 3500, 3750, 3850, 4500,
and 6500) in enterprise Environment and Nexus 2k, 3k, 5k, 7k and 9k in Data Center Environment.
 Expertise in installing, configuring, and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200,
EX4200, EX4500, EX8200 series).
 procedures, Migration projects to different vendor equipment.
 Experience working in complex environments which includes Layer2 Switching, Layer3 routing,
Network security with perimeter and VPN firewalls, Load balancing and Access policies management in
F5 and Wireless LAN Controllers.
 Experience in VSS, VRF, VPC, and VDC technologies. Experience working on Gateway redundant
protocols HSRP, VRRP, and GLBP. Experience with Access, Distribution and Core Layer and Spine Leaf in
Datacenter.
 Expertise in installing, configuring, and troubleshooting of Cisco Routers (3800, 3600, 2800, 2600, 1800,
1700, 800, ASR 9k) and Juniper Routers (E, J, M, and T-series).
 Worked on APM module with integration with RADIUS server and RSA secure ID for applications that
require 2-factor authentications.
 Experience with Bluecoat and McAfee Web Gateway Proxies. For URL filtering and SSL Decryption,
traffic flows from trust to untrusty and vice versa.
 Experience with PA 200, 500, 3020 and VM series firewalls for both Internet and internal traffic
filtering. Experience with Panorama M100 series and maintaining up to 23 firewalls in large networks.
 Proficient in using Solarwinds Network Management tools like Network Performance Monitor (NPM),
NetFlow Traffic Analyzer, Network Configuration Manager (NCM) and Cisco Prime.
 Proficient using the F5 based profiles, monitors, VIP’s, pools, SNAT, SSL offload, iRules, virtual Servers,
IAPPS. Migration experience from ACE to F5.
 Hands on experience and demonstrated knowledge on the Cisco, ShoreTel, and Avaya unified
communications solutions.
 Experience with manipulating various BGP attributes such as Local Preference, MED, Extended
Communities, Route-Reflector clusters, Route-maps, and route policy implementation.
 Extensive Knowledge of the implementation of Cisco ASA 5500 series - 5505, 5510, 5512-
X with Firepower module. Palo Alto firewall policies, panorama and Checkpoint firewalls R81 NG, NGX.
Experience with convert Checkpoint VPN rules over to the Cisco ASA solution.
 Experience working with Aruba and Cisco Wireless LAN controllers, Configuring and Provisioning AP’s,
Virtual AP’s, RTLS, Wireless SSID’s, remote and campus AP’s, upgrading WLC, worked in Active/Active
local Controllers and Master controller.
 Experience with TACACS/RADIUS severs, migration from ACS and Aruba ClearPass to ISE. Experience
with windows and Infoblox DNS and DHCP servers, IPAM, internal and external grids.
 Worked on Solarwinds NPM, NCM, IPAM, Windows DHCP and DNS. Infoblox as DHCP and DNS server.
 Experience working with Avaya and Cisco VOIP environments with assigning VOICE VLANS,
troubleshooting call quality and basic level proficiency in QoS. Worked on DSCP code markings for VOIP
traffic.
 Involved in troubleshooting network traffic and its diagnosis using tools like ping, trace route, Gigaton,
Wireshark, TCP dump and Linux operating system servers. Implementing, maintaining and
 Troubleshooting & implementation of VLAN, STP, MSTP, RSTP, PVST, 802.1Q, DTP, HSRP, VRRP, GLBP,
LACP, PAGP, AAA, TACACS, RADIUS, MD5, VTP & SVI.
 Enhanced level of knowledge with, PPP, ATM, T1 /T3 Frame-Relay, MPLS. Experience with design and
deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, and MPLS QOS.
 Experience with H.323 and SIP, Voice VLANS, DSCP marking for VOIP traffic.
 Hands on experience and demonstrated knowledge on the Network monitoring tools such as
SolarWinds, Cisco Prime, Wireshark, and Splunk.
 Hands on experience with the Bluecoat Proxy and Infoblox for the DNS, DHCP, and IPAM (DDI).
 Hands on experience with Juniper SRX series firewalls 500 series.
 Experience with NAT/PAT, static and dynamic NAT, access lists, security zones, policies on SRX firewalls.
 Hands-on experience with the configuration of Cisco Unity and Cisco Call manager for features like
single no reach, mobile connect, hunt lists, calling search space, DID, translation pattern, dial rules etc.
 Working knowledge and hands on experience with the SIP, MGCP, SCCP, and H.323 protocols.
 Experience with next gen firewall technology like URL Filtering, SSL Forward Proxy, APP ID, Threat ID
etc. on Palo Alto and checkpoint firewalls.
 Experience in deploying Cisco 6900, 7800, 7900, 8800 and 3900 series VoIP phones.
 Hands-on experience on the installation Cisco IP phones and softphones, and the configuration of Cisco
Unified Communications Manager (CUCM), Call Manager Express (CME), and Cisco IP Communicator.

Technical Summary:
Network Advanced switch/router configuration (Cisco IOS access list, Route
Configuration: redistribution/propagation).
Routing Protocols: RIP, IGRP, EIGRP, OSPFv2, OSPFv3, IS-IS, BGP v4, MP-BGP
WAN Protocols: HDLC, PPP
Circuit switched T1/E1 – T3/E3/OCX (Channelized, Fractional & full).
WAN:
Security Cisco FWSM/PIX/ASDM, Palo Alto, Cisco ASA, Checkpoint, Blue Coat proxy
Technologies: server. Port Security, DHCP Snooping, IP Source Guard (IPSG).
Cisco Routers: Cisco ISR-1000, ISR-4000, ASR-1000, ASR-9000, ASR-5500, Meraki vMX
100.
Redundancy and HSRP, VRRP, GLBP, RPR, NSF/NSR, STP, Wireshark, SolarWinds, SNMP
management:
Physical interfaces: Fast Ethernet, Gigabit Ethernet, Serial, HSSI, Sonet (POS)
Layer 2 technology: VLAN, VXLAN, HSRP, VRRP, GLBP, STP, RSTP, PVST+, MST, PVLAN,
Optimizing STP (Port Fast, Uplink Fast, Backbone Fast, Root Guard,
BPDU Guard),
Layer 3 Switching: CEF, MLS, Ether channel (PAGP & LACP, Load Balancing)
Switches: Catalyst 9400, 3850, 3650, 2960; Nexus 2k, 3k, 5k, 7k, 9k
Load Balancers F5 LTM, GTM, iRules
Operating Systems:
Microsoft XP/Vista/7, Windows Servers 2003/2008, Windows MS-Office,
Microsoft project server 2013
Opertating Handled All the tickets worked as with business project with client and
with the project requriment phase updates

Certifications:
 CCNA (Cisco Certified Network Associate)
 CCNP (Routing & Switching)

Professional Experience:

Client: Hackensack Meridian Health, NJ Sep

2022 – Till Date
Senior Network Engineer

Roles&Responsibilities:
Working as a part of network team where my daily tasks included configuring, monitoring and
troubleshooting of TCP/ IP networks. Configuring & managing around 500+ Network &Security Devices that
includes Cisco Routers & Switches, Nexus Switches, Juniper and Palo Alto Firewalls, F5 BigIP Load
balancers, Blue Coat Proxies and Riverbed WAN/MAN Optimizers. Trained in Spine Leaf Architecture.
 Involved in deployment, operation, and integration, including installation and configuration using the
Meraki platform and Cisco switches.
 Troubleshooted to ensure sites are operational for production workloads and smooth transition during
cutover phases.
 Developed Python scripts to automate network configuration tasks, reducing manual effort and
minimizing human errors.
 Worked on LAN and WAN development, including IP address planning, designing, installation,
configuration, testing, and maintenance.
 Designed primary and redundant data centers with next-gen firewalls, IPS/IDS sensors, switching, and
routing.
 Upgraded firmware for Meraki Security Appliances and Cisco Catalyst 9000 switches to recommended
versions.
 Implemented Cisco Meraki SD-WAN solutions for zero-touch cloud provisioning.
 Managed and operated Palo Alto firewalls across global networks.
 Managed and optimized network traffic using TCP/IP protocols, ensuring efficient data transmission and
reliable network communication.
 Created custom Python tools for network monitoring and troubleshooting, improving efficiency in
identifying and resolving issues.
 Designed and installed Palo Alto systems for application and URL filtering, threat prevention, and data
filtering.
 Configured and maintained IPSEC and SSL VPNs on Palo Alto Firewalls and implemented zone-based
firewall security rules.
 Analyzed firewall logs using Panorama.
 Configured and troubleshooted dynamic routing protocols such as OSPF, EIGRP, and BGP.
 Configured and maintained site-to-site and remote access VPNs, enabling secure communication
between geographically dispersed networks.
 Worked on campus wireless environments with over 1000 access points, including wireless LAN
controllers, anchor controllers, authentication policies, and BYOD policies.
 Utilized Ansible for automated backup and restoration of network configurations, ensuring quick
recovery in case of failures.
 Integrated wireless networks with RADIUS and managed environments using Aruba and Cisco WLAN
solutions.
 Configured AWS Direct Connect (VPC) between on-premises Palo Alto firewalls and AWS for accessing
cloud-hosted servers.
 Configured and managed Cisco Catalyst and Nexus switches, optimizing network performance and
ensuring high availability.
 Configured VPC to monitor VPC flow logs delivered to Amazon S3 or Amazon CloudWatch.
 Implemented Auto-VPN for Meraki SD-WAN Security Appliances to ensure reachability of AWS hosted
domain controllers and services.
 Deployed and managed Intrusion Prevention Systems (IPS), enhancing network security by detecting
and preventing malicious activities.
 Worked with AWS services including EC2, S3, EBS, VPC, IAM, ELB, Route 53, auto-scaling, and security
groups.
 Managed Meraki Security Appliances (MX450, 250, 100, 84) including unboxing, firmware upgrades,
pre-configuration, deployment, and troubleshooting.
 Configured and troubleshooted TCP/IP networks, resolving connectivity issues and ensuring seamless
communication between devices.
 Configured static routes, IP pools, reserved IP addresses, VLANs, and SVIs.
 Experienced with TACACS/RADIUS servers, migrating from ACS and Aruba ClearPass to ISE.
 Managed Windows and Infoblox DNS/DHCP servers, IPAM, internal and external grids.
 Implemented Network Access Control (NAC) solutions to enforce security policies, ensuring that only
compliant devices can access the network.
 Installed, licensed, configured, deployed, and troubleshooted Cisco 9K switches.
 Implemented redundancy, failover, and fault tolerance solutions for security appliances, UPS, and
switching infrastructure.
 Designed and deployed SD-WAN solutions, optimizing network performance and reducing costs by
leveraging multiple WAN connections.
 Configured EtherChannels between switch stacks to increase bandwidth and link failover, and stacked
9200 series switches.
 Converted Cisco ASA rules to Palo Alto firewall solutions.
 Configured and managed large-scale network environments using Ansible Tower, providing centralized
control and monitoring of automation tasks.
 Acted as the single point of contact for client wireless infrastructure, particularly for Meraki wireless
solutions.
 Implemented site-to-site VPNs over the Internet utilizing 3DES and AES/AES-256 with Palo Alto
firewalls.
 Configured and maintained Palo Alto Networks firewall models (PA-2k, PA-3k, PA-5k) and centralized
management using Panorama.
 Implemented VLANs, VTP, and STP on Cisco Catalyst switches to enhance network segmentation and
stability.
 Installed and configured Meraki MX80 and MX60 appliances via Meraki MX400 Cloud.
 Installed and configured Cisco Meraki wireless access points (MR66, MR74, MR84) in warehouses.
 Deployed Cisco Meraki wireless solutions and wireless access points.
 Managed routing protocols such as OSPF, EIGRP, and BGP across Cisco Nexus and Catalyst switches to
ensure efficient network traffic flow.
 Configured and maintained DMVPN solutions, enabling secure, scalable, and flexible connectivity
between multiple sites.
 Implemented and managed DHCP servers to automate IP address assignment, reducing administrative
overhead and minimizing IP conflicts.
 Implemented Cisco Meraki Enterprise Cloud Wireless Bridge/Repeater to extend LAN across multiple
buildings.
 Deployed Cisco ISE as a replacement for ACS, providing long-term and short-term guest wireless
services for the Port Authority.

Environment: Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800), switches
(6500/3750/3550 3500/2950), F5 Load balancing (LTM, GTM, APM, AFM, ASM), EIGRP, RIP, OSPF,
Voice Gateways, BGP, VPN, MPLS, Ether Channels, Cisco Catalyst Switches, Firewalls (Cisco ASA, Palo Alto),
Cisco Voice (CCM, UCCE), Shell Scripting.

Client: Trace 3, NY Mar

2021 - Aug 2022
Senior Network Engineer

Roles&Responsibilities:
Worked in Enterprise and Data center environment on switching, routing, firewalls (Site to Site VPN
tunnels) and VOIP. Worked on Different VOIP systems on network. Worked on Cisco Wireless. Worked on
Load balancers in Data center for internal and external applications.
• Migrated and implemented Palo Alto Next-Generation Firewall series (PA-500, PA-3060, PA-5060, PA-
7050, PA-7080) from Cisco PIX and ASA.
• Worked on BGP routing protocol, configuring BGP sessions and troubleshooting on Nexus 1K, 5K, 7K,
Juniper MX-960 routers, and Cisco ASR routers.
• Managed DNS infrastructure, including the configuration of DNS zones, records, and forwarders,
ensuring reliable name resolution across the network.
• Integrated NAC with existing security infrastructure, enhancing network visibility and improving threat
detection and response.
• Installed VMware ESX, NSX Servers, vSphere Client, and Vcenter Server.
• Part of the delivery team, handling code upgrades, prefix-list addition, and access-list addition using
Python scripts on Linux based on customer-generated tickets.
• Used the internal automation tool, Autopilot, for code upgrades and configuring new devices at various
data centers.
• Set up GCP firewall rules to manage traffic to and from VM instances and used GCP Cloud CDN to
enhance user experience and reduce latency.
• Performed regular firmware upgrades and patching on Cisco Catalyst and Nexus devices, maintaining
network security and compliance.
• Integrated device data into Splunk, creating dashboards and reports, and provided Splunk (SIEM)
support for remote and on-site users.
• Optimized DMVPN performance by tuning routing protocols and QoS settings, ensuring reliable and
efficient communication across the network.
• Integrated Panorama with Palo Alto Firewalls and managed multiple firewalls using Panorama.
• Configured and troubleshooted Citrix NetScaler load balancers.
• Troubleshooted DNS issues, improving network accessibility and reducing downtime for end-users.
• Coordinated with application teams to develop effective application validations involving F5 LTM and
GTM components.
• Integrated Ansible with CI/CD pipelines to enable continuous deployment of network configurations,
improving agility and reducing downtime.
• Automated network performance analysis and reporting using Python, enabling real-time insights and
proactive management.
• Worked on Zscaler Internet Access (ZIA) for web traffic security, migrating from IronPort to Zscaler ZIA.
• Configured and managed GCP firewall rules and utilized GCP CDN for content delivery.
• Designed perimeter security policies, implemented firewall ACLs, and configured client VPN
technologies, including Cisco's VPN client via IPSEC.
• Upgraded Cisco ISE 3300 appliances and Cisco ISE software on VMware.
• Managed SD-WAN environments to provide centralized control, dynamic path selection, and improved
application performance.
• Managed Solarwinds for monitoring, alerting, and saving network configurations.
• Assisted with IP allocation schemes and used tools like Infoblox, Net MRI, and Solarwinds IP monitor.
• Designed and implemented an overlay network management system to manage production devices
using syslog and Solarwinds NPM.
• Set up tunnels from NetScaler devices to Zscaler cloud and worked on Zscaler policies, cloud app
control policies, advanced threat, malware, and sandbox-based policies.
• Configured DHCP scopes and options for dynamic IP address allocation, ensuring efficient network
utilization.
• Worked on setting up tunnels to Zscaler Zens for zero-trust network access.
• Worked extensively on CI/CD pipelines for code deployment, using tools like Git, Jenkins, and Code
Pipelines.
• Worked on migration projects, including XenApp 4.5 to XenApp 6.5 and Server 2003 to 2008 R2
environments.
• Managed Cisco call manager and Cisco Voice Mail Unity servers.
• Designed and deployed Layer 2 and Layer 3 network topologies using Cisco Catalyst and Nexus
switches, improving network efficiency and scalability.
• Configured custom IPS rules to address specific threats, improving the overall security posture of the
network.
• Configured and implemented voice gateways (H323/MGCP/SIP) and SRST for remote sites.
• Developed MTS software plug-in for MoCA configuration on DOCSIS cable modem and gateway
products.
• Implemented IPv6 addressing schemes for routing protocols, VLANs, and subnetting during Cisco ISR
router and switch upgrades.
• Installed and configured Microsoft Proxy Server 2.0 and Infoblox DNS, DHCP, and IP Address
Management.
• Updated DNS host and A records during migrations using Infoblox.
• Configured wireless LAN security using protocols such as PEAP and EAP-FAST.
• Configured advanced features like VDC (Virtual Device Context) on Cisco Nexus switches to create
multiple virtual switches within a single physical switch.
• Developed Ansible roles for managing network infrastructure, simplifying the deployment of complex
network services.
• Implemented VPN solutions using IPSec, SSL, and GRE, providing secure and encrypted connections for
remote users.
• Assigned RADIUS and TACACS for new deployments in production environments.
• Monitored traffic on devices and diverted traffic to different routes after reaching threshold values.
• Generated audit reports to check for layer 2 issues and troubleshoot port flapping and errors.
• Coordinated with global data center teams for troubleshooting layer 2 issues and assisted offshore
teams with upgrades, VLAN configurations, and layer 3 and routing protocol issues, primarily BGP.
• Automated cloud deployment processes using Python code and Ansible Python API.
• Troubleshot complex network issues on Cisco Catalyst and Nexus platforms, ensuring minimal
downtime and optimal network performance.
• Integrated Python scripts with REST APIs to automate device management and configuration across
multi-vendor environments.
• Documented changes made on devices, submitted them for approvals, and coordinated with alert
teams regarding upcoming changes.
Environment: Routers (Nexus 1K, 5K,7K, Juniper MX-960), switches (6500/3750/3550 3500/2950), F5
Load balancing (LTM, GTM, APM, AFM, ASM), EIGRP, RIP, OSPF, BGP, VPN, MPLS, Cisco Catalyst Switches,
Firewalls (Cisco ASA, Palo Alto), Cisco Voice (CCM, UCCE, UCCX), Citrix, GCP, Zscaler, Solarwinds, Infoblox,
Net MRI, Python, Ansible.

Client: Mizuho, NY Apr

2019 - Feb 2021
Network Security Engineer

Roles&Responsibilities:
Installed PA firewalls. Worked on Tier 3 Issues. Managed IP subnets, Monitoring. Worked on service now
tickets on Network issues in data center and Enterprise. Upgradation of IOS for various equipment on
timely basis.
• Implemented security solutions using Palo Alto PA-5000/3000, Cisco 5580/5540/5520, and Checkpoint
firewalls (R70, R75, R77.20 Gaia, and Provider-1/MDM).
• Configured and administered Checkpoint, Juniper, and Cisco ASA firewalls.
• Configured High Availability using Cluster XL on Checkpoint and VRRP, monitoring Sync status for
traffic replication between active and standby members.
• Integrated Cisco Nexus switches with VMware environments, enabling seamless connectivity and
enhanced data center operations.
• Utilized Python for data parsing and analysis, generating actionable insights from network logs and
performance data.
• Deployed, configured, and supported Aruba wireless controller and AP devices globally.
• Hands-on experience with Microsoft Azure cloud services, storage accounts, and virtual networks.
• Configured and managed Cisco Web Security Appliance (WSA) in an enterprise environment.
• Created cloning Linux virtual machines and templates using VMware Virtual Client 6.
• Migrated TACACS/RADIUS servers from ACS and Aruba ClearPass to ISE.
• Managed Windows and Infoblox DNS and DHCP servers, IPAM, and internal and external grids.
• Worked on Zscaler cloud proxies ZIA and ZPA, setting up tunnels to Zscaler Zens for zero trust network
access.
• Configured rules and maintained Palo Alto Firewalls, analyzing firewall logs using Panorama.
• Automated network device configuration using Ansible playbooks, achieving consistent and repeatable
deployments across multiple devices.
• Installed Palo Alto PA-3000/PA-5000 firewalls for data center protection and provided L3 support for
routers/switches/firewalls.
• Utilized Cisco Prime Infrastructure for monitoring and managing Catalyst and Nexus switch
performance, leading to proactive network maintenance.
• Configured and maintained IPSEC and SSL VPNs on Palo Alto Firewalls and implemented zone-based
firewall and security rules.
• Configured Cisco ISE for domain integration and Active Directory integration.
• Utilized REST APIs in Python scripts to post policies and configure test environments as needed.
• Administered Cisco AMP endpoint security infrastructure, monitoring endpoints for threats.
• Configured and maintained Cisco ASA 5580-20, ASA 5540, ASA 5520, ASA 5510 series firewalls.
• Configured Syslog servers to capture and log firewall activities.
• Provided tier 3 support for Check Point and Cisco ASA Firewalls (R81), including backup and restore of
firewall policies.
• Installed and configured Cisco 2800 and 3845 routers, and Cisco Catalyst switches.
• Monitored traffic and connections in Checkpoint and ASA Firewalls.
• Configured and troubleshooted site-to-site IPSEC VPN tunnels using Cisco ASA 5540 for third-party
connectivity.
• Created objects, groups, and updated access-lists on Check Point Firewalls, applying static and hide
NAT using smart dashboard.
• Installed and configured high availability Big IP F5 LTM and GTM load balancers to provide
uninterrupted service to customer applications.
• Identified opportunities for implementing network best practices, particularly F5 load balancer
implementations.
• Configured F5 load balancers, adding virtual IPs, nodes, pools, and health monitoring.
• Worked on F5 solutions and support for migrating applications and websites from Cisco CSS Load
Balancers to F5 BigIP Load Balancers.
• Configured SNAT, high availability, SSL termination, and initiation on F5 BIG-IP appliances, and
managed digital certificates.
• Worked with protocols such as Frame Relay, IEEE 802.11, VLAN, OSPF, BGP, DNS, DHCP, FTP, NTP,
SNMP, SMTP, and TELNET.
• Provided operational support for network topologies and connections, including TCP/IP, ATM, VOIP, and
MPLS.
• Performed router configurations on Dedicated Internet Access (DIA) and VOIP products.
• Supported telephony specialists in migrating from PBX-based systems to VOIP.
• Configured separate VLANs for VOIP to implement QoS and security.
• Worked with different teams to gather information for new requests and troubleshoot connectivity
issues using TCPDUMP and smart view tracker.
• Configured VPN, routing, NAT, access-list, security contexts, and failover in ASA firewalls.
• Provided support to help desk for complex network problems and built rules for application access
across IPSEC VPN tunnels.
• Troubleshot Cisco ISE, adding new devices to the network based on policies.
• Followed information security policies, methods, standards, and NIST standards to organize information
systems and interpret regulations.
• Monitored Intrusion Detection Systems (IDS) console for active alerts and determined response priority.
• Maintained a strong understanding of Cisco networking technologies including ASA, IPS, WSA, ACS, and
VPN.

Environment: Cisco ASA5580/5540/5520, Checkpoint R70, R75, R77.20 Gaia, Palo Alto PA-5000/3000, Big
IP F5 LTM/GTM, Nexus switches, TCP/IP, VPN, Cisco WSA, Frame Relay, IEEE 802.11, VLAN, OSPF, BGP,
DNS, DHCP, FTP, NTP, SNMP, SMTP, TELNET, MPLSBluecoat Proxy servers, IDS/IPS. SIEM and Monitoring.

Client: Availity, FL Jun 2017

- Mar 2019
Senior Network Engineer

Roles&Responsibilities:
Worked in a NOC team on Layer1/2/3 issues in the network. Worked on various cisco switches and routers.
Worked on Firewall rules, VPN tunnels. Includes Cabling and racking. Worked on Cisco routers 7200, 3700
and Cisco switches 4900, 2900.
 Key contributions include troubleshooting of complex LAN/WAN infrastructure that include.
 Configured firewall logging, DMZs, related security policies and monitoring.
 Creating private VLANs & preventing VLAN hopping attacks and mitigating spoofing with snooping & IP
source guard.
 Installed and configured Cisco PIX 535 series firewall and configured remote access IPSEC VPN on Cisco
PIX Firewall.
 Enabled STP enhancements to speed up the network convergence that include Port-fast, Uplink-fast and
backbone-fast.
 Experience with network and security performance testing equipment, both hardware and software
(e.g., Spirent)
 Other responsibilities included documentation and change control.
 Responsible for Configuring SITE-TO-SITE VPN on Cisco routers between headquarters and branch
locations.
 Installation & configuration of Cisco VPN concentrator 3060 for VPN tunnel with Cisco VPN hardware &
software client and PIX firewall.
 Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
 Used various scanning and sniffing tools like Wire-shark.
 Hands on experience working with security issue like applying ACL’s, configuring NAT and VPN.
 Troubleshoot problems on a day-to-day basis & provide solution that would fix the problems within their
Network.
 Part of Network Operation Center NOC offshore support team from India supporting HP Data Center
24x7. L2 support for Cisco PIX and ASA Firewalls.
 Schedule changes and work through maintenance requests over weekends.
 Perform daily maintenance, troubleshooting, configuration, and installation of all network components.
 Assisted in troubleshooting LAN connectivity and hardware issues in the network of 100 hosts.
 Maintained redundancy on Cisco 2600, 2800 and 3600 routers with HSRP.
 Hands on experience in Cisco Routers and Switches.
 Configuring F5 Load Balancers: Adding virtual IPs, nodes, pools and health monitoring.
 Configuration of CISCO Routers (2600, 2800 Series) and 3550, 4500 series switches.
 Creating groups, users and policies in Active Directory.
 Troubleshoot and support Cisco Core, Distribution and Access layer routers and switches.
 Built IPsec based Site-to-Site VPN tunnels between various client locations.
 Maintenance and troubleshooting of connectivity problems using Ping, Trace route.
 Managed the IP address space using subnets and variable length subnet masks (VLSM).
 Point-to-Point, Frame Relay, T3, ATM, WAN troubleshooting.
 LAN cabling in compliance with CAT5 standards.
 Experienced in python and ansible script to automate to configure the network devices infrastructure-
as-code.
 Troubleshooting Active Directory, DNS, and DHCP related issues.
 Documenting and Log analyzing the Cisco PIX series firewall.
 Configured BGP for CE to PE route advertisement inside the lab environment.

Environment: Cisco 2600/2800 routers, Cisco ASA, TCP/IP, VLSM, AD, DNS, Switching/Routing.

Client: Syntel, IND Feb

2015 - Apr 2017
Network Engineer

Roles&Responsibilities:
Worked in an Operations team to support and troubleshoot issues related to switching, routing and
Firewalls. Co-ordinate with testing team and deployment team for any issues.
 Responsible for PIX 7.x/8.x & ASA 8.x Firewall migration and in place hardware upgrades and
Troubleshooting, IOS Security Configurations, IPsec VPN Implementation and Troubleshooting, DMZ
Implementation and Troubleshooting.
 Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution,
Overlapping Address Translation.
 As part of Security and network operations team I was actively involved in the LAN/WAN level 3 support
(diagnose and troubleshoot layer 1, 2, 3 problems)
 VLAN implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to
avoid loops in the network. Trunking and port channels creation.
 Responsible for Firewall upgrades as well as Troubleshooting, Security Configurations, IPsec VPN.
Implementation and Troubleshooting, DMZ Implementation and Troubleshooting.
 IOS Upgrades from 7.x to 8.x as well as backup and recovery of configurations.
 Work in an enterprise network environment with dynamic routing using OSPF and BGP for external
connectivity.
 Configured Switches with proper spanning tree controls and BGP routing using community and as path
prepending attributes.
 Install Windows Server 2003, configure IP addresses, network printers and configure Client Access for
PCs.
 Work with BGP routing protocol for communication with business partners and influence routing
decision based on AS Path Prepend and other attributes.
 Administer and support Cisco based Routing and switching environment.
 Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay).
 Deployed a Syslog server to allow proactive network monitoring.
 Experience with network and security performance testing equipment, both hardware and software
(e.g., Spirent)
 Implemented VLANS between different departments and connected them using trunk by keeping one
VLANS under server mode and rest falling under client modes.
 Configured Client VPN technologies including Cisco’s VPN client via IPSEC.
 Configured Firewall logging, DMZs and related security policies and monitoring.
 Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet
channel between switches.

Environment: PIX, CISCO routers and switches, Access Control Server, VLAN, Trunk Protocols, CISCO ASA,
DHCP, DNS, SAN, Spanning tree, Nimsoft, Windows Server, Windows NT.