SUMMARY:

• Network Security Engineer with over 7+ years of experience in design, installation, configuration, administration and troubleshooting of IPS/IDS, check point firewalls, LAN/WAN infrastructure and security using Cisco routers/Switches/firewalls.
• Extensive experience as an IT Security Professional in IT Infrastructure, Information Security, Network Security, Enterprise Security, Project management.
• Advanced proficiency in designing, deploying, and maintaining perimeter security devices such as IPS, IDS, Radware, etc.
• Proficiency includes checking server and firewall logs, scrutinizing network traffic, establishing and updating virus scans, troubleshooting, analyzing and resolving security breaches and vulnerability issues.
• Knowledge in planning, design, implementing and troubleshooting complex networks and advanced technologies.
• Advanced knowledge, design, installation, configuration, maintenance and administration of CheckPoint Firewall R55 up to R70 version, SecurePlatform Installation, VPN.
• Advanced knowledge in design, Installation and configuration of IPS/IDS, FireAMP, Lanco and other security devices.
• Advanced knowledge in design, installation and configuration of CheckPoint Provider Environment, Juniper Netscreen Firewall ISG 1000/2000, SSG series and NSM Administration.
• Support Firewall Administrator (Cisco ASA and Checkpoint), on - call support for 30 Cisco and 2 Checkpoint firewalls, Cisco routers and level 3 switches.
• Drafted and installed Checkpoint Firewall rules and policies.
• Advanced knowledge in TCP/IP suite and routing protocols, such as OSPF, BGP, and EIGRP.
• One plus years of extensive experience with SourceFire IPS/IDS.
• Advanced Knowledge in IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols.
• Advanced knowledge in IPS and IDS tools such as Cisco and ISS Site protector.
• Experience in Network Intrusion detection/Intrusion Prevention System and Firewalls.
• Experience in Implementing & managing Symantec Data Loss Prevention.
• Deployment of NAC - Network Access Control System. Knowledge in Proxy
• Possess in depth expertise in analysis, implementation, troubleshooting and documentation.
• Experience in implementing application security solutions and IPS Signature Analysis.
• Excellent problem solver with strong “hands-on” technical knowledge and the ability to work well with diverse teams and individually.
• Proven lead for complex projects delivered on time and within expectations.

TECHNICAL SKILLS:

Firewalls: CheckPoint Firewall-1 and Provider-1, Raptor Eagle, Cisco PIX, IPFilter, iptables, Netfilter, Check Point, ISA 2004/2006

Network Intrusion Detection Systems (NIDS): Dragon, Cisco NetRanger, Snort, PSAD, Fwsnort, custom software, Lanco, SourceFire (3D9900, 3D8370, 3D8250, DC3000)

Virtual Private Networks: SKIP, IKE, IPsec, FWZ, SSL

Operating Systems: Windows 2000/2003, Solaris 9/10, Linux (RedHat), Backtrack 3.0

Database: Oracle 10g/9i, SQL Server 2005/2000

Protocols: TCP/IP, L2TP, PPTP, IPSEC, IKE, SSL, SSH, UDP, DHCP, DNS

Networking: Conversant in LAN, WAN, Wi-Fi, DNS, WINS, DHCP, TCP/IP, ISCSI, Fiber, Firewalls/IPS/IDS

Internet Communications: TCP/IP based communications (IPv4), Internet Routing, and DNS, Webserver communications, CGI development.

Hardware: Dell, HP, CISCO, IBM, SUN, CheckPoint, SonicWall, Barracuda Appliances, SOPHOS email appliances

Security Tools: Wireshark, MBSA, MS Visio, Apache, VMWare ESXi 3.5, VMware Server, Encase

PROFESSIONAL EXPERIENCE:

Confidential, Framingham, MA

Network Security Engineer

Responsibilities:

• Design and deploy multi-sensor Sourcefire Intrusion Prevention System covering public shared web hosting, corporate web storefront, three remote data centers, and public E-Commerce environments directly leading to a reduction in attack volume to near zero percentage within the first 4 months of implementation.
• Provide security oversight and best-practices advice for ongoing operations within other organizations.
• Assisting in the maintenance/development of security policies and procedures to support computer forensics and investigations as a part of Staples SOC/NOC build-out.
• Installing and tuning of perimeter devices such as Radware, Terminal servers, Xstream40’s, and Copper/Fiber TAP’s.
• Work tasks also include operating and analyzing results from enterprise detection systems such as Orion, Radius/TACACS for user authentication, and several others.
• Configure, maintain, repair, and replace SourceFire 3D8350, 3D8370, and DC3500 appliances
• Upgrading Sourcefire IPS sensors and management appliances from V5.2 to V5.4.1.
• Maintain and administer checkpoint R75.xx firewalls.
• Weekly on call support and troubleshooting of checkpoint store firewalls for Staples stores in US.
• Provide status reports on security matters to develop security risk analysis scenarios and response procedures.
• Troubleshoot access issues, and configuring retail store firewalls.
• Analyze and review security threats from Firewall (FW), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Antivirus (AV), Radware, and other security threat data sources.
• Configure, manage, and upgrade FW, IDS, IVS, IPS, TAP’s, Xstream load balancers(XLB), Encryption and a wide variety of other security products/appliances.
• Adding Rules and Monitoring Checkpoint Firewall traffic through Smart Dashboard and Smart View Tracker applications.
• Create and maintain detailed network diagrams on the infrastructure of the company using Visio.
• Security monitoring process with the help of Log management tools (i.e. Splunk) and Security Information Event Management (SIEM) tools.
• Configure, deploy, and manage Radware DefensePro DDoS systems.
• Utilize network analysis tools such as tcpDump, WireShark, QRadar, and ArcSight SIEM
• Identifying reported incident, analyze impact to Network Operations, and develop action plan to mitigate incident
• Design, engineer and implement security infrastructure.
• Creating changes adhere to the change management processes, using service-now tool.

Confidential, Milwaukee, WI

Network Security Engineer

Responsibilities:

• Security infrastructure engineering experience as well as a Microsoft Windows, UNIX, Checkpoint Firewalls, Juniper firewalls, PIX firewalls, Bluecoat Proxies, Juniper Intrusion Prevention devices, Certificate authority support, and wireless switch Security Management.
• Configuration and Maintenance of ASA 5540, ASA 5520, ASA 5510, PIX 535, FWSM Firewalls
• Responsibilities includes monitoring, optimizing, problem resolution, root cause analysis, and managing all aspects of access to specified systems.
• Designing ruleset and analyzing Netflow with profiling (i.e., Lanco) solution.
• Designs, writes, and maintains common procedures, SLI's and EXEC's for installed operating systems.
• Organize, allocate, and supervise use of disk space for libraries, files, and common work space.
• Acted as a professional assistant or project team member in hardware evaluation, configuration, and software evaluation projects.
• Remotely coping files using sftp, ftp, scp, winscp, and FileZilla.
• Review, analyze, develop, install, and modify Security Tools and systems.
• Detect, diagnose, and report related problems.
• Executing security controls to prevent hackers from infiltrating company information or jeopardizing programs.
• Tune Sourcefire on Unclassified and Secret systems for false positives on Unclassified systems and secret.
• Implementing SEU Update process and Signature Analysis Process for SourceFire 4.9.x.
• Maintain security systems and administers security policies to control access to systems.
• Maintain the company's firewall and utilizes applicable encryption methods.
• Configuration of ACLs in Cisco 5580 series ASA firewall for Internet Access requests for servers in LAN and DMZ and also for special user requests as authorized by management.
• Working with a team to implemented PCI environment for 25K users within 3 months
• Provide feedback on various projects across the organization that impacted PCI compliance.
• Provide feedback on policies and projects impacting compliance initiatives beyond the scope of PCI.
• Advanced knowledge in design and deployment of multi-sensor SourceFire Intrusion Prevention System covering public shared web hosting, corporate web storefront, three remote offices, and public E-Commerce environments directly leading to a reduction in attack volume to near zero percentage within the first 3 months of implementation.
• Identifies opportunities and executes plans to improve workflow and understands and quantifies business impacts of those improvements for communication to management.
• Interface with user community to understand security needs and implements procedures to accommodate them. Ensures that user community understands and adheres to necessary procedures to maintain security.

Confidential, San Jose, CA

Network Security Engineer

Responsibilities:

• Create and manage network, Exchange and Lotus notes accounts.
• Implemented terminal services on numerous servers for remote administration and application sharing.
• Create and manage user home directories and network shares.
• Setup and maintain network services: DHCP, WINS, DNS Public & Private and Print services.
• Maintain all hardware on Compaq, IBM and Dell servers and trouble shoot device conflicts.
• Automated SFTP synchronization of client invoices to reduce manual intervention
• Added missing functionality to FTP and SSH and designed and coded additional enhancements.
• Implementing and troubleshooting firewall rules in Cisco ASA 5540, 5580, Checkpoint R77.20 Gaia and VSX as per the business requirements
• Troubleshoot all network connectivity and client connectivity issues.
• Usually involved performing a diagnosis first then contacting the clients IT team, presenting them with my findings and working with them to resolve the issue.
• Implemented numerous Site to Site T1’s utilizing hardware from Cisco & Netopia
• Implemented and managed Norton’s corporate anti-virus solution.
• Implemented What’sApp Gold 8.0 to poll network servers, routers and switch availability.
• Migrated the company from bay networks 100mbit hubs to HP managed switches.
• Incorporated VLAN to segment traffic on managed switches.
• Usage of firewall log for investigative and troubleshooting purposes.
• Use of TCP Dump to troubleshoot access issues.
• Installing service pack upgrades.
• Implemented SecuRemote VPN for high speed remote access.
• Creation of site to site VPN tunnel
• Creation of rule base to support site to site VPN.
• Led a group of 2 helpdesk techs and another network administrator.
• Created and maintained detailed network diagrams on the infrastructure of the company utilizing Visio.
• Implemented Secure FTP site utilizing SSL encryption.
• Managed APC Symetra UPS, and network shutdown client on all servers.
• Performed Moves, Adds and Changes on Lucent Definity G3 PBX and Intuity Audix Voice mail system.
• Monitored VERITAS network backup solution for job completions.

Confidential, NJ

Network Security Engineer

Responsibilities:

• Rollout of RSA 6.0 Ace Server and Client for Windows Logon & VPN Authentication
• Designed & Deployed upgrade of all remote offices from checkpoint 4.1 to NG R55
• Upgraded company from mixed hardware platform Nokia & Intrusion to 100% intrusion PDS (Linux) appliances
• Designed and implemented DMZ for organizations public services
• monitoring and maintenance of Snort/SourceFire v4.1 IPS.
• Working with the Project teams to architect DMG and Vender supported environments in Virtusa.
• Working with Project and IT teams to architect VDI environment to support offshore and onsite VDI environment.
• Detect and take countermeasures for banking trojan's and session hijacking malware attacks.
• Operate and analyze results from enterprise detection systems such as Sourcefire, Tripwire, and several others.
• Usage of firewall log for investigative and troubleshooting purposes.
• Implemented Checkpoint SecuRemote VPN for high speed remote access
• Migrated VPN to a Meshed topology.
• Working with a team for developing a compliance program across PCI systems and applications to ensure year-round compliance.
• Implemented Front Bridge messaging solution for organization.
• Re-designing company’s primary network from a VPN network to a private point to point.
• Implemented Companies backup network utilizing AT&T MPLS
• Implemented VRRP for router and T1 redundancy at remote sites
• Implemented OSPF routing protocol.
• Provide backup support to the Windows Administrator..

Confidential

Security Analyst/Engineer/Consultant

Responsibilities:

• Provide support for all Checkpoint and Cisco environments. Provider 1 management upgrades from R65-R75.
• Performed upgrades on all Checkpoint firewalls, and support for client services.
• Firewalls are R65 and R70 clusters. Administration of Juniper firewalls at corporate and remote locations.
• Configuration of security policies in Net screen and Checkpoint.
• Reviewing & creating the FW rules and monitoring the logs as per the security standards in Checkpoint and Net screen Firewalls.
• Provide support for all firewall related activities and upgrades for the Checkpoint environment from R60 to R70, R71, and R75. Support for Nokia/Checkpoint firewalls in a P-1 environment with 300 firewalls.
• Support for all migrations, upgrades, PCI and SOX audit requirements, and vulnerability assessments.
• Support for all Juniper firewalls and related environments. PCI DSS and SOX requirement and mitigation support.
• Deployment of Data loss prevention across the network - Data in motion, Data in Use & data at Rest servers.
• Network Access Control - Implementing a secure solution to identify network devices and profiling the Network devices to allow or disallow access based on the device type
• Signature Updates Deployment on the Management Components and all the Individual IPS/IDS devices.
• Intrusion Prevention System - IDS/IPS (IBM ISS IPS) Implementation and Upgrade for SiteProtector.
• Designing, Planning and Engineering support for the IPS
• Refining IPS Policy and Creating Rules according to the Security Standard.
• Contact with the various projects and team regarding the rules, monitoring the Logs and document, disable or refine the rules as per the clients’ requirement.
• Auditing the rules based on security standards and refining it.
• Conducting Training for the Team Members.
• Experience in audit for ISO27001 & BS7799 standards, Information System Audit Process, compliance assessment, Business Continuity and Disaster Recovery.
• Vulnerability assessment, penetration testing, Risk assessment, Threat management, Security advisories, compliance audits, IT security assessment.
• Patch management analysis reports of Microsoft Baseline Security Analyzer for critical & missing patches. OS hardening. Incidents handling, Root Cause Analysis of security incidents.
• Coordinating all security related issues and with Internal Infrastructure Team, Validating the Expectation request and approving.
• Symantec Antivirus server console Management, Support for Symantec Enterprise product.

Confidential

Security Administrator

Responsibilities:

• Installing, Upgrading and configuring (Checkpoint) firewall.
• Firewall implementation, firewall management, network management and troubleshooting connectivity, routing, and configuration issues with routers, switches, firewalls.
• Perform operating system, network and application vulnerability assessments to identify security exposures in the environment.
• IPS/AV signature updates; RADIUS/RSA user and group management; remote VPN assistance / VPN Management/Monitoring / creation of user accounts/tokens for remote access VPN
• Monitor Service Center queues for customer reported requests or incidents; access tickets for applicability.
• Analyze, define and implement processes for user administration (request and required approvals) and security administration.
• Provide technical support and assistance to schools and departments in the selection, installation, operation, and maintenance of computer hardware and software. Nortel - switches, routers, TLS, upgrades.
• Established protocols for backups, server space management, security, virus protection and other procedures essential to eliminating downtime or data loss.
• Perform on-going security maintenance and administration
• Analyze network and system logs and assist in security data analysis
• Implemented Internet proxy/firewall and monitoring solution
• Monitoring and reporting on IPS and IDS devices
• Antivirus Management
• Hardening (securing) of servers.
• Monitor for security incidents
• Configured servers for DHCP and DNS services.
• Installation and configuration of Print Servers.
• Performed troubleshooting of hardware and software related problems.
• Managed, installed and configured Windows 2000/NT Servers.
• Created user and computer accounts on the Active directory server.