SUMMARY:

• Experience as a Network Security Consultant specializing in Cisco devices, Network security, Firewalls and VPNs, Cisco Routers, LAN/WAN connectivity & TCP/IP.
• Checkpoint firewall implementation and configuration including R77 and previous version of checkpoint firewall OS.
• Configuration, troubleshooting Checkpoint Firewall using R77.
• Configuring Site - Site VPN on Checkpoint Firewall with R77 GAIA.
• Monitor Firewall traffics using smart view-tracker and Smart View-Monitor
• Managing Checkpoint firewall R65-R75 installing software blades, configuring and deployment
• Migration of Checkpoint R54 to SPLAT
• Responsible for Check Point and Cisco ASA firewall administration across global networks.
• CreateSplunkSearch Processing Language (SPL) queries, Reports, Alerts and Dashboards.
• Advanced knowledge in Design, Installation & configuration of Palo Alto & Checkpoint Provider Environment.
• Configure all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments.
• Implemented Zone Based Firewall and Security Rules on the Palo Alto Firewall.
• Extensive experience in Layer 3 routing and Layer 2 switching and dealt with router configurations like 7200, 3800, 2800 and switches 6500, 4500, 3700, 3750, 3900, 2900, 2960 and 3500XL, 3950 switch series.
• Worked with F5 Load balancing, IDS/IPS, Bluecoat proxy servers and Administrating
• Proficiency in installing and configuring Nexus 2248, 5000 and 7000 series switches.
• Proficient in setting up IT infrastructure including wide area networks (WAN) / local area networks (LAN), security management systems & networking devices administration.
• Proficient in configuration of routing protocols like RIP, IGRP, EIGRP, OSPF multiple areas and BGP.
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
• Firewall Policy Optimization using third party tool Tufin
• Particular strengths include team spirit, the ability to learn new concepts and quest for knowledge, excellent communication and interpersonal skills.

TECHNICAL SKILLS:

Operating Systems: Windows (XP- 8.1), Windows Server (2008, 2012), Linux/Unix familiarity (CLI skills)

Firewalls: Check Point NGX R65, R75.20, R75.45 (Gaia), R76, R77, Palo Alto firewall, Cisco PIX 515E, Cisco PIX 535 Firewall, Cisco ASA, Cisco FWSM, Nokia IP690, Nokia IP530, Checkpoint provider 1, Checkpoint Firewall 1, SPLAT

Routers/Switches: Cisco 1600, 1700, 1800, 2500, 2600, 3600, 4000, 6000, 7206

Protocols: OSI, TCP/IP, DHCP, UDP, RIP v1, RIP v2, IGRP, EIGRP, OSPF, BGP, SSH, TFTP, FTP, SMTP, NTP, LDAP, Active Directory, L2F, L2TP, PPP, Frame Relay, ATM, Fast/Gig Ethernet, HSRP, ISDN, AAA, DES, 3DES, AES, and MD5, VPN (IPsec and SSL),VRRP, HSRP, DNS, SNMP.

PROFESSIONAL EXPERIENCE:

Confidential, Woonsocket, RI

Information Security Consultant

Responsibilities:

• Implement and manage ArcSight SIEM
• Responsible for testing vulnerability updates for all releases and patches of ArcSight ESM (Enterprise Security Manager) product.
• Responsible for ArcSight ESM (Enterprise Security Manager) Data seed Upgrade testing.
• Provide technical administration services for the ArcSight ESM, Logger, and Connector software platform deployed.
• Integration of IDS/IPS to ArcSight and analyze the logs to filter out False positives and add False negatives in to IDS/IPS rule set.
• Develop content for ArcSight like correlation rules, dashboards, reports and filters, Active lists and Session list.
• On-boarded 1500+ devices (Windows, Linux, IIS, DNS, DHCP, NPS, Main frame, firewall, VPN, bluecoat proxies) to ArcSight ESM for monitoring.
• Replicate and migrate ArcSight Express from 6.1 to 6.9.
• Migrate logs on ArcSight Logger 6.3 and configure Smart Connectors for syslog and audit log forwarding.
• Configure Symantec Critical System Protection IDS to forward logs to ArcSight Express for File Integrity Monitoring. Configured remote logging to ArcSight with flexible fields.
• CreateSplunkSearch Processing Language (SPL) queries, Reports, Alerts and Dashboards.
• Helping application teams in on-boardingSplunkand creating dashboards / alerts / reports etc.
• Responsible for testing and implementation ArcSight with setup to AD (Active Directory), and LDAP.
• Configure ArcSight connectors and loggers; add missing assets in ArcSight.
• Troubleshooting the issues which are related to ArcSight Express.

Confidential, Richmond, VA

Information Security Analyst

Responsibilities:

• Managing Firewall products - Checkpoint Appliance 2200 Gateways, Provider-1 and VSX environment. (R77.10 and 77.20) and ASA environments.
• Successfully migrated provider-1 and R77.10 environments to R77.20.
• Successfully migrated databases from R71.20, R7 .40 and latest versions.
• Working on day to day firewall management activities like looking into troubleshooting tickets and firewall rule change requests.
• Configuration and implementation of Check Point Firewalls, IDS/IPS, Bluecoat Proxy, CISCO ASA.
• Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls (60+ firewalls) - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
• Review and optimize firewall rules using Secure Track Tufin tool and run firewall audit reports.
• Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Experience with devices Palo Alto Network firewalls such as security NAT, Threat prevention & URL filtering.
• On boarding of new data intoSplunk. TroubleshootingSplunkand optimizing performance.
• Worked on log parsing, complexSplunksearches, including external table lookups
• Integrated Service Now withSplunkto generate the Incidents fromSplunk.
• Proficient with Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
• Expert at using Splunk Power Design for creating fields, reports, pivots, data models.
• Installed HTTPS for splunk
• Upgrade Splunk from 6.1 to 6.2.
• Responsible for planning, documenting and implementation of complex Firewall and VPN solutions
• FireEye Web MPS anti-malware implementation and day to day administration.
• Use Sourcefire Next Generation Intrusion Prevention System (IPS/IDS), FireEye and Q1 Radar (SIEM) to monitor for suspicious network traffic.
• Managing web usage reports using Bluecoat and TMG proxy servers.
• Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS switching for stable VPNs.
• Performing troubleshooting on slow network connectivity issues, routing issues that involves OSPF, BGP and identifying the root cause of the issues.

Confidential, Redmond, WA

Network Security Engineer

Responsibilities:

• Install, configure and maintain Check Point NGX 75.20 on SPLAT/open-server and windows system from bare metal.
• Identify and remove security policies that are not needed to reduce checkpoint firewall policy lookup.
• Back up, Restore and upgrade of Checkpoint firewall appliance
• Configure and troubleshooting HA Cluster on Checkpoint Firewall.
• Plan Design and assist in deploying enterprise wide Network SSL Security and High Availability Solutions for ASA.
• Implementation of firewall rules on Cisco ASA 5500 and 5500-X Series on a regular basis.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX SSL Security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
• Worked on Extensively on Firewalls, PIX (506E/515E/525/) &ASA 5500(5510/5540) Series.
• Implements and Integrate experience (SIEMSecurity Tools, Splunk,IBMQRadar)
• Providing support for Splunk forwarder logging issues, troubleshoot servers not forwarding events during off work hours, providing round the clock support.
• Experience in installation and customization of splunk using Splunk Power Design.
• Also provide “Tier 2” support least twice weekly, and work on tickets for the Network Team, provide support with troubleshooting and resolving Networking issues with protocols static Routing and OSPF
• Used FireEye to detect attacks through common attack vectors such as emails and webs.
• Utilize FireEye to identify existing malware and zero-day exploits, analyze content and mitigate any attack vectors and multi-protocol callbacks.
• Analyze and investigate intrusion alerts generated by Juniper IDP and FireEye Web MPS.
• Assisted end users to troubleshoot problems on Microsoft Applications, and other hardware or software issues.
• Configured Cisco Router (OSPF, EIGRP) for Cisco 2500 series and 3600 series routers
• Configured VLAN and VTP on Cisco 2600 Switches to ensure all host within the LAN area can send and receive data

Confidential

Network Operational Engineer

Responsibilities:

• Provides day to day support for firewall engineering and operations tasks and level 1 & 2 on-call technical support for the Firewall Engineering and Operations team; including assisting peers with issues and escalation.
• Conducted and implement Network and software installations and upgrades.
• Configured Remote User VPN, Site to Site VPN, and Remote Access VPN, Easy VPN, SSL VPN for Client based and Clientless applications.
• Experience in the setup of HSRP, Access-Lists, and RIP, EIGRP, and tunnel installations.
• Proficiency in configuration of VLAN setup on various Cisco Routers and Switches.
• Experienced in trouble-shooting both connectivity issues and hardware problems on Cisco based networks.
• Managed network connectivity and network SSL Security, between Head offices and Branch office
• Responsible for Internal and external accounts and, managing LAN/WAN and checking for SSL Security Settings of the networking devices (Cisco Router, switches) co-coordinating with the system/Network administrator during any major changes and implementation
• Network Assessment and Documentation (including technical, operational, and economic assessment)
• IPAM Administration {NETID,Bluecoat.
• Involved in migration of Frame-relay connections to MPLS based technology with the extranet clients.
• Layer Three routing protocol configurations include, but are not limited to distance vector and link state protocols such as: Directly Connected Interfaces, Static Routing, RIP, EIGRP and other proprietary protocols used by Cisco.