Hafsa Samreen
Email: hafsasamreen.10@[Link] PH: 937-504-1653
Career Highlights
CCNA, CCNP and ACMP CERTIFIED professional with over around 10+ years of experience in routing,
switching, firewall technologies, systems design, administration and troubleshooting.
Experience in LAN/WAN setup, installation, configuration, and troubleshooting.
Experience of routing protocols like EIGRP, OSPF, RIP, BGP and IP addressing.
Worked extensively on Palo Alto, Juniper Net screen, Fortinet and SRX Firewalls.
Strong experience in Network security using ASA Firewall, Checkpoint, Palo Alto, IDS/IPS and IPSEC/SSL VPN
and implementing security rules.
Advance Experience and knowledge with Cisco SDN ACI solution, Cisco Tetration, Enterprise SDW Meraki, F5,
ASA/Fire Power/Palo Alto firewall, Support daily operation
Experience on Palo Alto Next Generation Firewall features including URL filtering, Threat prevention, Data
filtering, IPsec Tunnels, SSL-VPN, App Id, Security Profiles and Zone Protection.
Experience in working with Cisco Catalyst series 2900, 3560, 3750, 4500, 4900, 6500 Switches.
Experienced in Troubleshooting for connectivity and hardware problems on Cisco devices.
Hands on experience in configuring Cisco Nexus 2232, 2248, 5548, 6001 and 7018(Sup 2E) and worked on
nexus protocols VPC, VRF, VDC and FEX Links.
Implementing, maintaining, and troubleshooting switching tasks such as VLANs, VTP, VLAN Trunking using
802.1Q, STP, RSTP, PVST+, Ether channel using LACP and PAGP, Inter-Vlan routing, and CEF.
Experience in L2/L3 protocols like VLAN, STP, VTP, MPLS, 802.1Q protocols.
Enhanced level of knowledge with PPP, ATM, T1 /T3 Frame-Relay, MPLS.
Worked with PAN migration tool to migrate from Cisco ASA to Palo-Alto. Initially started with Like-to-like
migration and then manually configured polices like used id, app id, URL filtering etc. to take complete
advantages of PAN devices.
Aruba 802.11ac wireless access points deliver superb Wi-Fi performance, Aruba 330 series, 501 wireless
client bridge, 7220, 7010 MOBILITY CONTROLLER.
Advance Cisco SDN ACI and Meraki solution, Tetration
Expertise with Installation of Arista 7250QX series switches on Spine Platform
Configured LACP, OSPF protocols on Arista 7250qx-64 switches.
Expertise in implementation and troubleshooting of FHRP protocols such HSRP, VRRP, GLBP, ACL.
Prepared, arranged, and tested Splunk core search strings and operational strings.
Extensive experience with Cisco IOS, IOS-XR, NX-OS Windows client/server operating systems, Linux,
Networking technologies, Firewalls.
VMware ESX/ESXi, VMware vCenter, VMware vCSA and Windows 2008 R2 Hyper-V.
Experience working with Cisco IOS-XR on the ASR9000 devices for MPLS deployments.
Hands on Knowledge/experience on F5 load balancers, its methods, implementation and troubleshooting on
LTMs and GTMs.
Experience in design, implementation, and support of F5’s Big-IP Access Policy Manager (APM) software
component in a complex enterprise environment
Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, MPLS, QoS and
ITIL.
Extensive experience with various wireless tools such as Spectrum Analyzer, Protocol Analyzer, and Site
Survey Tools.
Design and Implementation Cisco/Meraki Enterprise Wireless solutions for corporate infrastructures
Hands on experience on cisco cloud-based devices MX84, MX100 routers, MS210, MS250 switches & MR42,
MR52 wireless Access points
Worked on Campus Wireless environments with 1000+ access points, Wireless LAN controllers, Anchor
Controllers, Authentication policies, BYOD policies, Integration with RADIUS. Experience with Aruba and
Cisco WLAN.
� Experience with Aruba WLAN infrastructure in large scale global deployments
Scripting experience in Powershell, Python, Java, VBScript, Perl, Ruby
Demonstrated success record in managing multiple tasks with proven ability to meet deadlines and
proactively identifying the problem to solve complex technical issues.
Professional Experience
Wells Fargo Bank, FL Aug 2021 – Current
Network Engineer
Responsibilities: -
Deployed Arista network equipment's like 7508 ,7304, spine switches 7280, VXLAN, LANZ
Monitored and Created traffic Pattern on Arista 7250 switches using Open flow.
Experience with Palo alto and checkpoint firewalls with next gen firewall features that includes app id, threat
id, URL filtering, user Id, SSL decryption.
Experience with data center technologies that include spine leaf, cisco ACI, Arista cloud vision. Well versed
with Nexus family switches to implement VPC and VDC
Knowledge and operational experience with SDN, Cisco ACI, VXLAN, VTEPS, VNI, Bridge Domain, Arista Cloud
Vision, EVPN.
Configure Cisco 4500 routers, 2900 switches, Cisco 5500(WLC) & Wisms2, 3800 2900 switches, Aruba 7200
3600s (Cisco, Aruba, & Ruckus AP’s).
Experience with Versa SD WAN for remote site connectives over MPLS network, configuration of routing and
application policies in SD WAN.
Implementing large Data Center infrastructures with Cisco ACI, Cisco N9K, N7K, N5K, N3K, Cisco Cat
9500/9300, 6500, 4500/4900, Cisco ISR 4451, Cisco ASR1001.
Testing of the new Core SRX zone hardware in Sandbox Lab– including regression feature test, performance,
and failover.
Created ‘Contracts’ in Cisco ACI between migrated EPGs and existing VMs in new DC
Improved Infrastructure Security and Agility using Cisco Tetration
Installed and configured Cisco Meraki Switch (MS-225/350), Meraki Router/Firewall (MX-64/84), Meraki
Wireless (MR-42/52) in branch locations
Deployed and configured devices using Meraki dashboard.
Designed and Deployed Cisco/Meraki Enterprise Cloud for Corporate HQ, Co-Locations and 100+ branches
with distinct SSIDs.
Aruba wireless solution for international company. Virtual Controllers' ,Clustered AP's Access points, Airwave
management.
Authored several scripts leveraging VMware’s Power CLI and Windows PowerShell to aid with capacity
planning and monitoring of the virtualization infrastructure.
Worked on Palo Alto Firewall using centralized management feature called PANORAMA for logging, creating
reports and managing different firewall devices.
Configured Palo Alto to connect with the Wildfire inspection engine cloud to prevent Zero-day and Malware
Attacks.
Micro Segmentation in Network Virtualization and Cloud Security using Palo Alto, Fortinet in VMware
Environment
Implemented and configured Cisco tetration and Cisco Email security from scratch
Determined and recommended methods to address improvement opportunities within a migration from
Asterisk to Avaya SIP
Established and maintained productive working relationships with staff to resolve operational difficulties and
to promote interdisciplinary, collaborative approach to customer service provision.
Avaya Session Manager/System Manager 7.0, AES connectivity with Salesforce, CTI, and NICE Engage 6.5 for
call recording, Avaya One-X
Worked on implementation of major project like Juniper SRX firewall migrations in core mobility networks
for multiple sites and zones (CORE-DMZ, EXN, ECB, CAZ, ISPAN, DST)
Experience with Firewall administration, Rule analysis, Rule modification
� Agent testing and implementation, Avaya CMS training for reporting, and disaster recovery testing for high
availability
Securing the cloud and Virtual Network using Micro Segmentation with Fortinet and Palo Alto Firewall
Experience in Provisioning tool (Chef provisioning, Terraform, CloudFormation)
Design and Implementation Cisco/Meraki Enterprise Wireless solutions for corporate infrastructures
Worked on automating the JUNOSPACE and some other basic deployments by using ANSIBLE, PYCHARM,
JINJA2 templates which is called End to End Automation.
Experienced in troubleshooting both connectivity issues and hardware problems on vSRX, Contrail cloud.
Addition/ Deletion of Firewall Rules, Reviewing and Processing the ticket, Firewall Clean up, Virtual Servers,
Certificate Creation/Renewals, Troubleshooting
Deployed Web Security Appliance like Cisco WSA S170 and Bluecoat Proxy SG S200/400 for Web Filtering,
data loss prevention, and inspection.
Deployed Cisco and Aruba wireless 802.1X infrastructure across the enterprise network. Installed and
maintained Aruba switches.
Implemented l4/l7 services and network Micro segmentation using ASA, Palo alto virtual firewalls and
integration with ACI fabric and Arista VXLAN fabric
Worked on F5 GTM, AFM, ASM and other F5 components to protect against advanced DDoS attacks.
Designed, built, and deployed F5 Big IP load balancers (8900’s, Viprions, Blades), F5 Big IP TCL, F5 Big IP
TMOS, F5 Big IP LTM Local Traffic Manager, F5 DNS Domain Name Services
Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
Provided TierII Load Balancer expertise on F5 BigIP Local Traffic Managers (LTM). Designing
F5solutions/support for migration work of applications and websites from Cisco CSS Load Balancers to the F5
BigIP Load Balancers.
Utilize Cisco Tetration hardware and software sensors to understand application flows and to build ACI
contracts along with documenting application mappings.
Mizuho, NJ
Network Engineer May 2019 - July 2021
Responsibilities: -
My daily tasks are used to be providing the security between the data centers based on tiers and also giving
access to two the serves which are in two different zones and also monitoring the traffic.
Handled Enterprise Network firewalls and involved in a part of migration from juniper to Palo Alto firewalls.
Successfully installed Palo Alto PA 3060 firewalls to protect Data Center and provided L3 support for
routers/switches/firewalls.
Configured and maintained IPSEC and SSL VPNs on Palo Alto Firewalls.
Created firewall policies and NAT rules to provide access for websites internal and externally on Palo Alto
and Juniper firewalls.
Helped in creating BDs in Cisco ACI that are mapped to Vlans in ‘Network’ centric migrations.
Also push Firewall rules staged during the day to respective cmas at night. Push includes the juniper and Palo
Alto firewalls.
Worked on Firewall tickets to deal with low, medium, and high priority issues.
Addition/ Deletion of Firewall Rules, Reviewing and Processing the ticket, Firewall Clean up, Virtual Servers,
Certificate Creation/Renewals, Troubleshooting.
Involved in L2 Technical approver for any changes made to the network which involved changes to the
Switches, routers, firewall, Load balancers and DNS.
Hands-on experience Installing & configuring firewalls - Checkpoint NG & NGX, Cisco ASA (5500), Cisco Pix,
ISA, and IP tables.
Responsible for maintaining multi-vendor network environment including Cisco ASA, Juniper JUNOS, Fortinet
firewalls, Palo Alto PA-200 and configuring different policies to provide connectivity.
Created ‘Contracts’ in Cisco ACI between migrated EPGs and existing VMs in new DC.
Implementing security Solutions using Palo Alto Pa-5000/3000, Cisco ASA, Checkpoint firewalls R75, R77.20.
� Configure and administer network devices consisting of F5 load balancers, Bluecoat proxies, Juniper SRX's,
Palo Alto Network Firewalls.
Provide design solutions to the users based on the requirement and work on the changes that lead to work
on the implementation.
Worked on configuring BDs and EPGs to migrate VMs and troubleshoot Cisco ACI GUI slowness.
Experienced with microservices, dynamic management, container packaged technologies (such as Docker
and Kubernetes)
Configured syslog-ng for Splunk implementation, Familiar with monitoring tools such as Nagios and Splunk.
Installed, configured Cisco Meraki equipment and web-based monitoring platform for MR32 wireless access
points.
Installation, Configuration policy creation and troubleshooting of Symantec Antivirus Server 12.x and 14.x
Fortinet firewall deployment for multiple locations
Experience in JUNO Space, NSM (Network and Security Manager) and Pulse secure, Panorama, Algosec
(Firewall analyzer), Splunk tools.
Worked on ClearPass Access Management for Whitelisting of Aruba devices.
Contributed to the major charter projects like Spectrum mobile, Tec mobile and Unified buy flow, telemetry
and BHN to ICOMS migration.
Designed, implemented, and managed network security countermeasures including firewalls and intrusion
detection/prevention systems such as: Palo Alto, Pfsense, and Cisco's SourceFire.
Configuration and troubleshooting of Firewalls ASA 5520, ASA 5510, Nokia Check Point VPN1 NGX
R55/R65/[Link] upgradation from old platforms to new platforms R65 to R75.45 Created multiple
policies and pushed them in to Checkpoint Firewall (Gateways) and the Checkpoint Management Server with
SPLAT operating system.
Setup Cisco ACI Fabric (Spine/Leaf/APIC) Configure ACI APIC controller.
Configuration and troubleshooting of Site to Site as well as Remote Access VPN on Cisco ASA and Checkpoint
firewalls.
Build and maintain network security infrastructure using Cisco ASA, IPS,
Firepower, ISE, ACS and RSA SecurID.
Provided proactive threat defense with ASA that stops attacks before they spread through the network.
Working with level-2 team in deploying and installing Palo Alto firewalls.
Configured various Cisco Business 200 Series Access Points and varies WLC models like Cisco 8500 Series,
Cisco 5500 Series, Cisco 3500 Series, Cisco Catalyst 9800 Series and Cisco Virtual Wireless Controller.
Experience operating high-density AP and client deployments and designing mission critical wireless
infrastructure.
Work with our Business Unit partners to better understand their wireless needs and deliver products to
meet those needs in a timely and cost-effective manner.
Configured Aruba access points 300 series, 310 series and wifi 6 supported APs like 500 series and 510 series.
Worked on Aruba wireless controllers 7000 series and 7100 series and various standards 802.11a,802.11b,
[Link],802.11n,802.11ac,802.11ax and configuring authentication methods WPA3 with GCMP or WPA2
with CCMP.
Penske, FL
Security Engineer June 2018 – March 2019
Responsibilities: -
Worked as part of delivery team where my daily tasks included code upgrades, prefix-list addition, and
access-list addition using python script and on Linux platform based on tickets generated by customers.
Migration and implementation of Palo Alto Next-Generation Firewall seriesPA-500, PA-3060, PA-5060, PA-
7050, PA-7080.
Worked on migration project - XenApp 4.5 to XenApp 6.5 - Server 2003 (Legacy) to 2008 R2 (Gen 2)
environment.
Architected, proposed and implemented a 100gb, rack-mount server ESXi environment with NSX and VSAN
� Basic understanding of Unified Contact Center Enterprise (UCCE) – Intelligent Contact Management (ICM),
Customer Voice Portal (CVP) and Interactive Voice Response (IVR/VRU).
Designed and worked on VxLAN BGP-EVPN Cisco N9K and Extended Leaf in Cisco ACI.
Worked on OSPF routing protocol, configuring BGP sessions and troubleshooting on Nexus 1K, 5K, 7K,
Juniper MX-960 routers and cisco ASR routers.
Worked, configured and troubleshoot Cisco ACI, Layer 2/Layer 3-out, BGP and OSFP
Installed and maintained production servers for client services (web, dns, dhcp, mail).
Experience working with Juniper devices like EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX650, SRX240
and Juniper J series J230, M 320 and MX960 routers.
Mitigated security risk from within Azure Cloud. Ensured the secure transfer of data from on-premises
to Azure.
Micro Segmentation in Network Virtualization and Cloud Security using Palo Alto, Fortinet in VMware
Environment.
Working wif CISCO tetration on recent project which it states dat Tetration offersholistic workload protection
for multi-cloud data centersby enabling a zero-trust model using segmentation.
Use of Azure services for HA and DR and developed security policies for Azure cloud.
Responsible for planning, documenting and implementation of complex Firewall and VPN solutions.
Designed perimeter security policy, Implemented Firewall ACL's, allowed access to specified services,
Configured Client VPN technologies including Cisco's VPN client via IPSEC.
We are working Cisco tetration using ACI and Zero trust model.
Installed and configured LAN/WAN Networks, Hardware, Software, and Telecommunication services- Cisco
Routers and Switches.
Troubleshoot OSPF, Cisco ACI, OTV, Cisco ISR 4431, L2/L3 DCI issues, Layer 2 issues, MPLS.
Configuring firewall rules in Juniper SRX firewall using cli.
Developed entire frontend and backend modules using Python on Flask Web Framework
Created MSI packages using Citrix Installation packager in Citrix.
Configuring Citrix Load balancing for XenApp 6.5 farm as per the environment demand.
Working on configuration of new VLANs and extension of existing VLANs on/to the necessary equipment to
have connectivity between different data centers.
Implementing IPv6 addressing scheme for routing protocols, VLANs, subnetting and mostly during up
gradation of cisco ISR routers2800/2900/3800/3900 and switches.
Configuration and deployment of cisco ASA 5540 firewall for internet Access requests for servers, Protocol
Handling, Object Grouping.
Installation & configuration of Microsoft Proxy Server 2.0 and Inflobox DNS, DNCP and IP Address
Management (IPAM)
Manage Bluecoat Web Proxy and content filter.
Lead member of the SSL decryption team for the implementation of decryption of SSL traffic using the Blue
coat proxy SG.
Assigning RADIUS and TACACS+ for new deployments in production environment. AAA for users to
implement changes on production devices. Most of these devices are cisco propriety.
Generating audit reports by running automated scripts on various devices to check layer 2 issues like errors
on the links, port flapping’s.
Analyzing the Audit report and working along with Data center teams to check the optics and troubleshoot
issues.
Developed/Modified/Enhanced existing and new Perl Packages, Perl frameworks and tools.
Coordinating along with Global data center teams located at different locations and working along with them
for troubleshooting layer 2 issues.
Worked on Citrix NetScaler load balancer for load balancing and failover across data center and between
web servers.
Implementing continuous delivery (CICD) pipeline with Docker, Maven, Ansible, Jenkins, GitHub and AWS
AMI's in Linux environment.
�Moody’s, New York
Network Engineer Dec 2015 – May 2018
Responsibilities:
Worked as part of delivery team where my daily tasks included code upgrades, prefix-list addition, and
access-list addition using python script and on Linux platform based on tickets generated by customers.
Migration and implementation of Palo Alto Next-Generation Firewall seriesPA-500, PA-3060, PA-5060, PA-
7050, PA-7080.
Worked on migration project - XenApp 4.5 to XenApp 6.5 - Server 2003 (Legacy) to 2008 R2 (Gen 2)
environment.
Architected, proposed and implemented a 100gb, rack-mount server ESXi environment with NSX and VSAN
Basic understanding of Unified Contact Center Enterprise (UCCE) – Intelligent Contact Management (ICM),
Customer Voice Portal (CVP) and Interactive Voice Response (IVR/VRU).
Worked on OSPF routing protocol, configuring BGP sessions and troubleshooting on Nexus 1K, 5K, 7K, Juniper
MX-960 routers and cisco ASR routers.
Installed and maintained production servers for client services (web, dns, dhcp, mail).
Experience working with Juniper devices like EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX650, SRX240
and Juniper J series J230, M 320 and MX960 routers.
Mitigated security risk from within Azure Cloud. Ensured the secure transfer of data from on-premises
to Azure.
Use of Azure services for HA and DR and developed security policies for Azure cloud.
Responsible for planning, documenting and implementation of complex Firewall and VPN solutions.
Designed perimeter security policy, Implemented Firewall ACL's, allowed access to specified services,
Configured Client VPN technologies including Cisco's VPN client via IPSEC.
Installed and configured LAN/WAN Networks, Hardware, Software, and Telecommunication services- Cisco
Routers and Switches.
Configuring firewall rules in Juniper SRX firewall using cli.
Developed entire frontend and backend modules using Python on Flask Web Framework
Created MSI packages using Citrix Installation packager in Citrix.
Configuring Citrix Load balancing for XenApp 6.5 farm as per the environment demand.
Working on configuration of new VLANs and extension of existing VLANs on/to the necessary equipment to
have connectivity between different data centers.
Implementing IPv6 addressing scheme for routing protocols, VLANs, subnetting and mostly during up
gradation of cisco ISR routers2800/2900/3800/3900 and switches.
Configuration and deployment of cisco ASA 5540 firewall for internet Access requests for servers, Protocol
Handling, Object Grouping.
Installation & configuration of Microsoft Proxy Server 2.0 and Infoblox DNS, DNCP and IP Address
Management (IPAM)
Manage Bluecoat Web Proxy and content filter.
Lead member of the SSL decryption team for the implementation of decryption of SSL traffic using the Blue
coat proxy SG.
Assigning RADIUS and TACACS+ for new deployments in production environment. AAA for users to implement
changes on production devices. Most of these devices are cisco propriety.
Generating audit reports by running automated scripts on various devices to check layer 2 issues like errors on
the links, port flapping’s.
Analyzing the Audit report and working along with Data center teams to check the optics and troubleshoot
issues.
Developed/Modified/Enhanced existing and new Perl Packages, Perl frameworks and tools.
Coordinating along with Global data center teams located at different locations and working along with them
for troubleshooting layer 2 issues.
� Tech Indya IT Services, India
Network Engineer July 2012 – Nov 2015
Responsibilities:
Worked on Cisco routers 7200, 3700, 3800 and Cisco Catalyst switches 4900, 3750’s and 6500’s.
Key contributions include troubleshooting of complex LAN/WAN infrastructure.
Configured firewall logging, DMZs, related security policies and monitoring.
Creating private VLANs & preventing VLAN hopping attacks and mitigating spoofing with snooping & IP
source guard
Installed and configured Cisco ASA series firewall and configured remote access IPSEC VPN.
Enabled STP enhancements to speed up the network convergence that include Port-fast, Uplink-fast and
backbone-fast.
Implemented the security architecture for highly complex transport and application architectures addressing
well known vulnerabilities and using access control lists that would serve as their primary security on their
core & failover firewalls.
Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
Used various scanning and sniffing tools like Wire-shark.
Hands on experience working with security issue like applying ACL’s, configuring NAT and VPN
Documenting and Log analyzing the Cisco routers/switches/firewalls.
Technical Skills:
Networking Technologies LAN/WAN Architecture, TCP/IP, Frame Relay, VPN, VLAN, VTP, NAT, PAT, STP, RSTP,
PVST, MSTP, micro segmentation, SDN, SDWAN
Networking Hardware Cisco Switches, Cisco Routers, ASA/Pix firewalls, IronPort
Routing Protocols OSPF, IGRP, EIGRP, RIP, MPLS, IS-IS, BGP, Multicasting
Security Technologies PAP, CHAP, Cisco PIX, Blue Coat
Network Monitoring Cisco Works 2000, Wireshark, hrPING
Operating Systems Windows all platforms, LINUX, Cisco IOS, IOS XR
Routers CISCO 2600, 2800,3600,3800,7200, Juniper M & T Series, Cisco CRS-1, CRS -3, GSR
Load Balancers Cisco CSM, F5 Networks (BIG-IP)
Capacity & performance Cisco works
Switches CISCO 2900, 3500,4500,5000,6500, Nexus 7k,5k,2k
Wireless Technologies WLC’s (4100,5508,5706), Cisco AP’s (1552,1260, 2600, 3600, 3700, 3800), ISE,
Aruba 225, 303 Aruba 3000, 7210, 620, 650, 6000 controller & Airwave.
Firewalls Juniper Net Screen (500/5200), Juniper SRX (650/3600), Pix (525/535), ASA
(5520/5550/5580), McAfee Web Gateway, Checkpoint, Palo Alto firewalls.
AAA Architecture TACACS+, RADIUS, Cisco ACS
Features & Services IOS and Features, HSRP, GLBP, IPAM IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP,
DNS, TFTP and FTP Management, Open Stack, IVR’s, HLD and LLD documents, Dell
� equal logics
Certifications
• Cisco Certified Network Associate (CCNA) (Wireless)
• Cisco Certified Network Professional (CCNP)
• Aruba Certified Mobility Professional (ACMP)
