Overview
Summary
Work History
Education
Skills
Certification
Personal Information
Technical Skills
Timeline
Generic

Muhammad Zeeshan

The Woodlands,TX

Overview

11
11
years of professional experience
1
1
Certification

Summary

Worked with Cisco Routers 3900, 4000, 7200, 7500 and Catalyst Switch 2960, 3560, 3750, 4500, 9300 and Juniper switch 4500 EX, 3500 QFX Experience with networking protocols and OSI models (e.g., Layers 1-5, DNS, OSPF, EIGRP, BGP, VLAN, HSRP, QoS, and VPN - IPsec) and extensive knowledge with MPLS. Worked with Cisco Routers and Switches 1891, 2900, 38xx, 4500 and 6500 and Nexus 5k, 7k, 9k, Arista DCS-7200 and cumulus Network. Proficiency in network security firewall technologies Cisco 5500 ASA, Palo Alto PA-5600, 5220, 850, 250 and Juniper SRX-4100 Administration Active Directory, LDAP, FTP, DNS, DHCP, TFTP under various LAN, WAN environment. Working knowledge of 40/100G Ethernet and T1, T3 and optical transport network technologies Deal with monitoring tools like CA spectrum, Solarwinds and Splunk and network packet analyzer tools like Wireshark, also IP service tool-Infoblox, DNS lookup tool. Hands on experience in configuring Cisco Nexus2232, 2248, 5548, 6001 and 7018(Sup 2E) and worked on nexus protocols VPC, VRF, VDC and FEX Links. Good understanding of operations, maintenance of Cisco ISE Configuration and support of Checkpoint on the new 21000, 13500, 12000 series running GAIA R77.30. Fortinet on the FortiGate 6500F, 3600C, 2000E, 1500D running Forti-OS 5.2,5.4 and Palo Alto NGFW PA-7000, PA-5000, PA-3000 series running PAN 0S-7.x, 8.x. Experience creating Virtual Storage Area Networks to create a redundant environment to prevent data loss through zoning on Brocade Networks. Worked on Cisco Data-center platforms such as Cisco ACI, APIC and Cisco Nexus switches such as 7718, 5548, 2248. Worked with Implementation of security policies using Standard & Extended Access-lists (ACL), Firewall, IPSEC, SSL, AnyConnect VPN, IPS/IDS, AAA (TACACS+ & RADIUS) VMware administration and configuration Experienced with Voice products such as Nortel SL1, Sl100, Meridian, Passport, 82x, CT1000, Avaya System 85, 75, 8700, 5ESS. NEC 2400, IBM 5000. Octel 250 Voice mail system. Extensive experience with Cisco IOS, IOS-XR, NX-OS Windows client/server operating systems, Linux, Networking technologies, Firewalls. Hands on experience in building Cisco ACI fabric (policy groups, switch profiles, etc.), tenants - VRFs, Endpoint Groups, Contracts Worked on wireless IEEE 802.11x environment with Aruba and Cisco. Downloaded, Upgraded, and updated Cisco IOS and SDWAN device OS. Worked on NX-OS, Cat OS, IOS, and IOS-XR and N7K-NX-OS. Experienced in handling and installing Palo Alto (FW + IDS/IPS functions). Experience and knowledge with ServiceNow, Magic Ticketing and Footprint Ticketing System. Designed and managed enterprise Wi-Fi solutions using Aruba wireless controllers, optimizing performance and coverage across multiple campuses. Implemented ClearPass Policy Manager (CPPM) for 802.1X authentication, device profiling, and role-based access control, improving network security posture. Integrated RADIUS and TACACS+ for centralized user/device authentication and administrative access control across network infrastructure. Developed automation scripts using Ansible for network device configuration compliance and patch management, reducing manual effort by 60%. Utilized NetBrain for dynamic network mapping and real-time troubleshooting, significantly accelerating root cause analysis during incidents. Worked with Privileged Identity Management (PIM) solutions to manage and audit elevated access rights across systems and devices. Developed python scripts to gain efficiencies for reporting and automating repeated tasks. Responsible for maintenance and utilization of VLAN, Spanning-tree, HSRP, VTP of the switched multi-layer backbone with catalyst switches. Experience in site-to-site and remote access VPN solutions. Experience with developing network design documentation and presentation using VISIO. Performed a variety of maintenance and audits of network infrastructure such as upgrades (Cisco IOS, firmware, etc.) and auditing equipment for EoL (End of Life) Troubleshooting of complex LAN/WAN infrastructure, route summarization, route redistribution Experience working in a multi-vendor environment (Cisco, Juniper, Arista, Dell, HP, Nexus, F5, Palo Alto) with hands-on experience with networking hardware.

Work History

Sr. Network Engineer

Cisco
Woodland, TX
05.2024 - Current
  • Designs, tests and deploys IT security systems, solutions and ecommerce environment.
  • Working on Secure Change/Remedy ticket management tool by providing support service to client by implementing and working on change request, Incident request and troubleshooting.
  • Responsible for design and implementation/migration from Cisco wireless platform to Aruba wireless platform.
  • Configuration of Juniper and Palo Alto firewall according to client topology and features such as Application & URL filtering, Security Profiles, VPN, Data filtering and file blocking. Antivirus.
  • Configuration of Palo Alto Next-Generation Firewall mainly VSYS according to client topology and working on Content-ID, User-ID, App-IP.
  • Configured BGP-MPLS, VRF, VLANs, Cisco ASR 1001/1002, IOS-XE, Cisco 4500/3560.
  • Implemented EIGRP, BGP, IOS-XE/IOS on Cisco ISR 4451, Cat 4500-X, 2900X, 3750, 3550.
  • Implementing Zero Trust model across network security landscape. Using multi layered defense model for visibility.
  • Experience of working on Cisco IPsec VPN, SSL VPN and natting.
  • Firewall technologies include general configuration, optimization, security policy, rules creation and modification of Palo Alto and Juniper Firewall.
  • In corporate Cisco Nexus 9000 NX-OS to ACI fabric to work in concert with existing Nexus 7000s and ASRs for Multi-Protocol Label Switching (MPLS).
  • Upgrade the physical and virtual environments, including VMware vCenter, NSX, ESXi, Cisco Nexus 9K, Palo Alto, & Big IP F5.
  • Deployed Nexus switches 2248, 5548, 7018 and implemented features like FEX Links, VPC, VRF, VDC, and OTV, Fabric Path.
  • Experience in Qualys policy compliance in detecting internal and external threats and vulnerability.
  • I worked on IBM QRadar SIEM tool for network/log monitoring troubleshooting.
  • I work as a Network engineer supporting CISCO routers, switches & Bluecoat proxy servers.
  • Experience in working with designing, installing and troubleshooting of Palo Alto firewalls.
  • Create policies, alerts and configure using SIEM tools (Splunk, IBM QRadar).
  • Automated the cloud deployments in contrail, OpenStack using Ansible and AWS Cloud Formation Templates.
  • Installation of Palo Alto (Web Application and URL filtering, Threat Prevention, Data Filtering).
  • Experience in Configuration, Management, Deployment, Optimization and Troubleshooting Juniper Firewall.
  • Performed upgradation of Palo Alto firewall from old platforms to new platforms 6.1.5 to 6.1.10.
  • Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
  • Knowledge in design zero trust network security architecture.
  • Experience in implementation and troubleshooting of Data center devices like Nexus 7000, Nexus 5000 and Nexus 2000 Series devices with VDC's /VRF's configurations.
  • Worked on network packet analyzer tools such as, Wireshark, Microsoft Network Monitor, Snort, Tcp dump.
  • Experience with working on Palo Alto centralized management GUI PANORAMA.
  • Experience with working on Palo Alto Next-Generation firewalls security profiles and Cisco ASA VPN.
  • Experience in working with Cisco 5500-X Firepower and Cisco Sourcefire IPS & FireEye.
  • Experience on working with migration with both Juniper and Palo Alto Next-Generation.
  • Successfully integrate and validate OpenStack Liberty with Cisco ACI platform ML2 plugin as the next generation network infrastructure for Cisco Cloud.
  • Worked on security tools and software like Cisco WSA, Qualys, Splunk, Symantec Endpoint Protection, and QRadar.
  • Upgrading Imperva WAF (Web application firewall) and fixing hot fixes and patches.
  • Exposure to wildfire advance malware detection using IPS feature of Palo Alto.
  • Experience of working in data center and on different devices console.
  • Good experience on tools and devices like Source Fire, Fire eye, Aruba, Cisco ASA, Cisco ISE.
  • Cisco ACI (Application Centric Infrastructure) deployed, monitored, and managed in a way that benefits different teams in the IT organization including SDN Network, Cloud and DevOps, and Security.
  • Maintain a thorough understanding of the basics behind the Internet and its workings (DNS, Security, IP Routing, HTTP, VPN).
  • Configured Site to Site IPsec VPN tunnels and Split tunnels to peer with different clients.
  • Routing and Switch protocols: BGP, OSFP, VLAN, VTP, STP, RIP, RSTP.
  • Firewall deployment, rules migration, firewall administration and converting existing rules based onto new Checkpoint and Palo Alto Next-Generation Firewall platforms.
  • Responsible for planning, documenting and implementation of complex Firewall and VPN solutions.
  • Represent the changes at the weekly change review and application migration meetings.

Sr. Network Engineer

Verizon
Dallas, TX
04.2021 - 04.2024
  • Experienced in handling and installing Active/Standby Palo Alto Firewalls.
  • Implemented zone-based security policies/rules on the Palo Alto Firewall using Panorama M500.
  • Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls –PA 250, 850, 5260 and PA 5220.
  • Implemented numbers of security policy rules on Palo Alto, created Zones, and configured interface.
  • Configured Log Collectors as M600 for high throughput and storage capacity.
  • Migrated VoIP traffic behind the Local Palo Alto from Core/Distribution switch.
  • Set up DNS sinkhole for Anti-Spyware profile to block suspicious DNS queries.
  • Maintained malware IPs policies on edge Juniper SRX-4100 firewall.
  • Working on a large-scale enterprise-wide tier of F5 Virtual Servers, Pools, Nodes, and Rules to accommodate application protocol support and management.
  • Worked with internal/external customers including partners by delivering the ACI Jumpstart program to help customers and speed up technology adoption.
  • Assisted Voice product selection and contract negotiation.
  • Configured Catalyst devices as an HA pair for redundancy and Performed Cisco IOS, IOS-XE, NX-OS code upgrades across multiple different branches.
  • Configured VRF, VDC, peer-links and keep-alive links on the Nexus 9000 series switch.
  • Experience with Zscaler cloud proxies ZIA and ZPA. Worked on setting up tunnels to Zscaler Zens zero trust network access.
  • Worked on Palo Alto APP-ID, User-ID and other security profiles like Anti-virus, Threat Prevention, URL-filtering, and Wildfire etc.
  • Monitored and audited the PCI and BioMed traffic based on Segmentation project.
  • Administered and architected EMC CX4 and VNX 5500 Storage Arrays including the Brocade fiber switching, zoning, LUN creation through Unisphere, FAST management, and Power Path configurations on the servers.
  • Set up QoS profiles based on utilization at Hospital Campus and Clinics.
  • Improve scalability and ease of deployments of the OpenStack underlay network by migrating from Standalone Nexus to Cisco ACI platform.
  • Used Cisco ACI (Application Centric Infrastructure) SDN architecture to reduce operating costs, automate IT tasks, for greater scalability and visibility in a data center environment.
  • Worked as part of delivery team where my daily tasks included code upgrades, prefix-list addition, and access-list addition using python script and on Linux platform based on tickets generated by customers.
  • Monitored WAN circuit utilization while optimizing traffic flow/QoS and report to our team.
  • Entered new network devices in Infoblox, reserved IP in DNS for switches/workstation/phone for deployment.
  • Worked with different application teams and Network operation team to support core/distribution network infrastructure related issues and Create emergency change request RFC for any production issues.
  • Configuring and troubleshooting of FortiGate VPN tunnels (SSL and IPsec) with required IP routes.
  • Maintenance and Network control with secure DNS, DHCP and IPAM using Infoblox.
  • Analyzed the policy rules, monitor logs, and documented the Network/Traffic flow Diagram of the Palo Alto Firewalls placed in the Data Center with MS Visio.
  • Installed and configured SSH (Secure Shell) encryption to access securely on Ubuntu and Red hat Linux.
  • VMware Technology configuration and implementation.
  • Managed and monitored 65+ client sites by using Solarwinds and Extra Hop tool.
  • Managed BGP/OSPF configuration templates on Panorama.
  • Migrated configuration from Juniper switches to new Cisco switches using templates.
  • Configured security policies including VPN, Route-maps, Prefix lists and Access Control Lists.
  • Configured Objects and Object-Groups as per policies requirement.
  • Configured rules and maintaining Palo Alto Firewalls & Analysis of Firewall logs.
  • Managed IKEv1 & IKEv2 site-to-site VPN connectivity on Juniper SRX firewall for clinics and vendors.
  • Network analysis and diagnosing application and network problems using Wireshark tool.
  • Worked on Palo Alto firewall OS upgrading project. Upgraded PAN OS version to 9.0.3 h3 to 9.1.5.
  • Responsible for Implementation and configuration of VPN Tunnels.
  • Working with Footprint ticketing system for incident and project.

Network Support Engineer

Cision
Austin, TX
08.2018 - 02.2021
  • Experience in supporting large scale corporate/data center networks.
  • Provided 24/7 technical support, analysis, and issue resolution for network infrastructure and network services.
  • Monitor the WAN/MPLS circuit health and cost out the circuit traffic depending on circuit flap/down/latency issue.
  • Worked with different application teams and Network operation teams to support core network infrastructure related issues and Create emergency change request RFC for any production issues.
  • Working Knowledge of SD-WAN technologies Such as Meraki, OpenStack and Silver peak.
  • Optimize network performance via analyzing, tuning, and monitoring on Splunk tool.
  • Providing daily network support for a national wide area network consisting of MPLS, VPN and point-to-point site.
  • Troubleshooting on Cisco routers, Nexus 5k, 9k (ACI/APIC & Standalone) switches and F5 LTM & GTM and Viptela SDWAN devices.
  • Worked on Load Balancer F5 LTM, GTM series like BIG IP 6900 and 8900 for the corporate applications and their availability.
  • Configure various BGP attributes such as Local Preference, AS prepend, Next-hop, Community, Extended community using route-map.
  • Administering, managing, maintaining, and troubleshooting Cisco Firewall, Palo alto firewall, F5 Load balancer, SDWAN devices and network switches related issues.
  • Assisted in designing proposals of Voice over IP for DOW Chemical using Cisco switches, Voice enabled Routers and Gateways.
  • Migrate SDWAN Viptela vEdge 1K to 2K and upgrade from 17.1.5 to 18.3.6 version.
  • Supporting OSPF, EIGRP and BGP in AMEX network by resolving level 2 and 3 problems of internal teams and external customers of all locations.
  • Configuring and troubleshooting FortiGate UTM features like Web-Filtering, Application Control, IPS, Anti-virus and custom IPS signatures.
  • Implemented network integration with ACI AND NSX for VMWare and UCS platforms.
  • Troubleshooting experience with asymmetrical BGP routing between multiple ISP autonomous systems (AS) to separate data center.
  • Experience working with Nexus 9504, 9300, 5548, 2148, 2248 switches and configuring VPC, VDC in Nexus.
  • Worked with Cisco Nexus 2148 Fabric Extender and Nexus 9300 series to provide a flexible access Solution for data center access architecture.
  • Worked on F5 GTM Wide IP, Pool Load Balancing Methods, probers and monitors recreating http and https redirect VIPs to client from data servers.
  • Experience adding Palo Alto Firewall to current network infrastructure. intergrade Cisco ISE wif Cisco Firepower to enable automated remediation.
  • Experience on dealing with Cisco Application Centric Infrastructure (ACI) by integration hardware and software products as per network layout.
  • Providing basic automation scripting including Linux shell script, Perl, Windows batch file, Linux Cron scheduling, and F5 Big IP I Rules scripting.
  • Interfaces with major system elements such as: DNS, DHCP, Active Directory, SANS, VMware, Backup Exec technology and Network Infrastructure devices, Dell EqualLogic Storage Arrays, ESXI Hosts.
  • Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes and route filtering using Route-maps.
  • Working knowledge of data center power and cooling infrastructure and critical facility operational best practices.
  • Extensive knowledge working with ServiceNow ticketing system for incident and change management.
  • Establishing VPN Tunnels using IPSec encryption standards and configuring and implementing site-to-site VPN, Remote VPN.
  • Comprehensive understanding of Network Performance Monitoring (NPM), NetFlow Traffic Analyzer (NTA).
  • Worked with Tier 2 & 3 escalation, manufacturers, and ISPs (Verizon/AT&T) as needed to ensure the highest level of service.
  • Provided Layer 2/3 support and troubleshooting to resolve issues.
  • Worked aggressively on complex Palo Alto firewalls Environment. Deep technical troubleshooting on customer SD-WAN Edge connect device, Firewall Cisco ASA, Palo Alto.
  • I worked on python scripting using Net Miko library for SSH to Cisco devices.
  • Supported wireless LAN access points (AP) and Wi-Fi connectivity using Aruba 3000 series.
  • Worked with ISPs (Verizon, SingTel, AT&T, Level 3, Century link WAN Circuits) to rectify county site outages.
  • Monitor the heath check such as ARP table check, DHCP discard, interface error, memory, CPU utilization during firewall migration.
  • Worked on AMEX network diagram documentation using VISIO.
  • Involved with troubleshooting Aruba Wireless issues like slow performance, intermittent connectivity.
  • Network analysis and diagnosing application and network problems and behavior (like TCP, HTTP, DNS, DHCP) using Wireshark, tcp dump.
  • Managed and monitored 567+ client sites by using CA Spectrum.

Network Engineer

EMD Millipore
MA, US
11.2016 - 07.2018
  • Assist in maintaining an internal network with 175+ users and multiple servers.
  • Configure various BGP attributes such as Local Preference, AS prepend, Next-hop, Community, Extended community using route-map.
  • Troubleshoot BGP issues related to customer route prefixes also route filtering using route-maps and configured EBGP for CE to PE route advertisement inside the office environment.
  • Replace faulty parts (Power supply, modules, Blades) in Cisco 3850 and 4500, Nexus 5k, 9K and Arista switches.
  • Working on networking protocols TCP/IP, HSRP, VRRP, VLANs, Spanning-Tree, DHCP, VPN tunneling, Remote access, wiring and cabling.
  • Implementing continuous delivery (CICD) pipeline with Docker, Maven, Ansible, Jenkins, GitHub and AWS AMI's in Linux environment.
  • Palo Alto, Routers, Switches, infrastructure, and telecommunications applications.
  • Migration from Cisco firewalls to Palo Alto firewalls platforms PA 820, PA 500 and PA- 200 firewalls.
  • Installed Aruba wireless Access point 3702, 2602 and configure the WIC 2402.
  • Implementation of designed network using Catalyst 3850, 4500 switches & Cisco Routers 2900.
  • The networks included data, voice, and transmission networks.
  • Involved in Switching Layer 2 Technology Administration including creating and managing VLAN’s, Port security, Trunking, STP, Inter-VLAN routing, LAN security etc.
  • Implementing Palo Alto, Fortinet/FortiGate, Cisco ASA/ISE/Fire Power/WSA, Routers, Switches, Nexus, AND ASR/CSR1000V routers, VMware NSX Virtualization, Cloud Security, Amazon AWS, VPC etc. on Enterprise Network Environments.
  • Working with F5 vendors for Network Load Balancers to Load Balance network traffic inbound and outbound.
  • Migrate the traffic from Data center legacy environment to ACI Spine-leaf architect and perform heath checks such as packet errors, discard errors, bandwidth utilizations, memory hog and high CPU utilization issues for Palo Alto.
  • Actively involved in switching technology administration including creating and managing VLAN, Port security- 802.1x, Trunking 802.1Q, Inter-VLAN routing, ether channels and LAN security.
  • Worked on operations, maintenance of Cisco ISE.
  • Worked on physical infrastructure design including structured cabling and fiber-optic cabling.
  • Established IPsec -VPN tunnels with ASA firewall between some branch offices and the headquarters.
  • Maintain network security and systems including LAN/WAN, VPN, IPSEC, and Firewall.
  • Be on call rotation and provide 24X7 support in that time and handle Office's branches during this timeframe if a network problem occurs.
  • Upgrade and configure cisco routers and switches to enhance network stability.
  • Commendable use of Microsoft VISIO.
  • Monitor, troubleshoot and resolve network issues for customer locations using tcp dump/Wireshark, SNMP, syslog, etc.
  • Documented audits, potential issues, upgrades, RMA, hardware inventory.

Network Technician

Harvey Nash
TN, US
03.2015 - 09.2016
  • Maintaining proper documentation of installations in the Data Center using VISIO.
  • Worked with network infrastructure consisting of LAN/WAN.
  • Firewalls, FortiGate firewalls and Palo Alto Firewall.
  • Troubleshoot fiber and copper patches using industry standard tools.
  • Knowledge of Fiber, Ethernet Infrastructures using Fluke Network Testers.
  • Installing cable management systems, building out equipment racks, and all other aspects of data center operations based on Layer1.
  • Labeling & documenting all blocks, panels, centers, jacks, and faceplates according to instructed methods and providing documentation for all testing on Layer1.
  • Assist with the removal of old or outdated equipment. Mount equipment in IDF’s & MDF’s (Switches, Routers, Power Supplies).
  • Configuration of cisco switches as per client requirements.
  • Cable pulling, Dressing and Terminate, Installing Security Cameras and Registers.

Education

Bachelor of Science - IT

Newport’s Institute of Communications and Economics
05.2005

Skills

Routers/Switches: Cisco 2900, 3750, 3850, 4500 and 6500, Nexus 5k, 7k, 9k

Firewalls: ASA 5520, 5550, Palo Alto 250, 850, 5220, 5260, Juniper SRX 4100

Routing Protocols: BGP, OSPF, EIGRP, IGRP, RIP, Redistribution, Summarization, Static Routing

Switching Protocols: STP, RSTP, PVSTP, VTP, ARP, VLAN, PVLAN, Optimizing STP (Port Fast, Uplink Fast, Backbone Fast, Root Guard, BPDU Guard)

IP Services: DHCP, NAT, VLAN, DNS, FTP, TFTP, LAN/WAN, TCP/IP

Gateway Redundancy: HSRP, VRRP, GLBP

LAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, Port-Channel, VLANS, VTP, STP, RSTP, 8021Q

WAN technologies: HDLC, PPP, Frame Relay, HTTP/HTTPS, ISDN, ATM, MPLS, VPNs

Network Security: ACL, NAT/PAT, SSL, Port Security, IPsec VPN, ASA, AAA, Palo Alto, Panorama M500-M600

Network Management Tools: Solarwinds, Wireshark, CA Spectrum, Splunk

Certification

CCNA, CCNP

Personal Information

Title: Sr. Network Engineer

Technical Skills

Cisco 2900, 3750, 3850, 4500 and 6500, Nexus 5k, 7k, 9k, ASA 5520, 5550, Palo Alto 250, 850, 5220, 5260, Juniper SRX 4100, BGP, OSPF, EIGRP, IGRP, and RIP, Redistribution, Summarization and Static Routing., STP, RSTP, PVSTP, VTP, ARP, and VLAN, PVLAN, Optimizing STP (Port Fast, Uplink Fast, Backbone Fast, Root Guard, BPDU Guard)., DHCP, NAT, VLAN, DNS, FTP, TFTP, LAN/WAN, TCP/IP, HSRP, VRRP and GLBP, Ethernet, Fast Ethernet, Gigabit Ethernet, Port-Channel, VLANS, VTP, STP, RSTP, 802.1Q., HDLC, PPP, Frame Relay, HTTP/HTTPS, ISDN, ATM, MPLS, VPNs., ACL, NAT/PAT, SSL, Port Security, IPsec VPN, ASA, AAA, Palo Alto, Panorama M500-M600, Solarwinds, Wireshark, CA Spectrum, Splunk

Timeline

Sr. Network Engineer

Cisco
05.2024 - Current

Sr. Network Engineer

Verizon
04.2021 - 04.2024

Network Support Engineer

Cision
08.2018 - 02.2021

Network Engineer

EMD Millipore
11.2016 - 07.2018

Network Technician

Harvey Nash
03.2015 - 09.2016

Bachelor of Science - IT

Newport’s Institute of Communications and Economics
Muhammad Zeeshan