We provide IT Staff Augmentation Services!

Sr. Network Security Engineer Resume

Indianapolis, IN

PROFESSIONAL SUMMARY:

  • 7+ years of experience in Routing, Switching, Firewall technologies and administration of complex inter networking communication systems.
  • Checkpoint - R60/R65/R70/R75 software version with hardware Checkpoint 11000, 21000 series with VSX environment.
  • Checkpoint software Blades (IPS, Anti-Bot, Anti-Virus, Identity Awareness and DLP) with managed by Checkpoint Checkpoint smart dashboard in smart domain manager/Provider-1 environment & separate Syslog servers.
  • Supporting and troubleshooting Checkpoint/Cisco site-to-site VPN/IP Sec functionality.
  • Experience on working, implementing, configuration and managing Juniper SA 2500/4500/6500 SA devices with secure access services 7.1/8.0.
  • Checkpoint VPN-1/ Firewall-1, IPSO, SPLAT and GAIA initial setup on open servers, Nokia devices, Crossbeam/Checkpoint hardware devices.
  • Experience with setup smart 1-150 devices with provider-1 and CMA(s)
  • Troubleshooting experience with packet capturing using .PCAP files and analyse via Wireshark and other tools. Also working on TCPDUMPS and Log analyzer tools with SIEM tools to analyse network flows and other traffics issues.
  • Working on AAA (TACAS+/RADIUS) servers and CISCO ACS devices to communicate with firewall for users/administrators roles and responsibilities. .
  • Hands-on experience with installing and managing IT services such as Active directory, site replication, DNS, SSH, DHCP, DNS, NAT and VMware.
  • Worked on F5 Local Traffic managers (LTM), Global traffic manager (GTM) of series 8900, 6400, 6800, 3400, 5100, 3600 and 3DNS migration to GTM
  • Proficient using the F5 based profiles, monitors, VIP’s, pools, pool members, iRules for virtual IP’s
  • Worked on Cisco PIX/ASA 55XX firewalls along with CISCO 2300, 4000, 7200, ASR series Router and Cisco 1600, 2900, Nexus switch.
  • Experience on LAN/WAN infrastructures with supporting network security devices.
  • Support BCP/DRP projects for network infrastructure.
  • Strong technical knowledge with ability to lead and motivate teams to ensure success with an excellent track record for diagnosing complex problems and consistently delivering effective solutions.
  • Strong problem solving skills, extremely organized, detailed and deadline oriented and ability to adapt to dynamic priorities, business requirements and to lead teams/project.
  • Support and promote an organizational culture that encourages high performance, dedication, high morale, integrity and collaboration.

TECHNICAL SKILLS:

Security &VPN: Check Point Firewalls NG, NGX, NG R55, NGX 60, NGX R65, R70, R75, R76 with 4k,11kand 21k appliances, CiscoPIX/ASA Firewall (525/535), ASA 5505, 5510, 5512-X Firewall, Juniper firewall NS50,SSG 550M, SSG520M, ISG 1000, ISG 200, Nokia IP 390, 560, 690, 1280, 2450.

Cisco Routers: 2600, 2800, 3640, 3700, 3825, 7200, 7204, 7206, 7600

Cisco Switches: 2900, 2924, 2950, 3550, 3750, 4000, 5500, 6500, 6509, 6513

WAN Technologies: HDLC, PPP, ATM, SONET, MPLS, VPN, IPSec-VPN

AAA Architecture: TACACS+, RADIUS, Cisco ACS

Operating Systems: Microsoft Windows® operating systems (Windows 98 to Windows 10), Microsoft Windows® Server operating systems (Windows 2003 to Windows 2012), Solaris 11, Red Hat 6, Cent OS, Ubuntu, Fedora, other UNIX/LINUX platforms

Programming Languages: C, C++, Assembly, SQL, HTML, CSS, XML

Tools: Microsoft Office System (including Microsoft Word, Microsoft Excel, Microsoft PowerPoint, and Microsoft Outlook), QDC Wi-Fi, Radius, WDC Wi-Fi Radius, QDC RAP, Cisco WAAS Admin, ITSM Ticketing system, nGenius, Wireshark, Eclipse, Solaris Volume Manager, Veritas Volume Manager, Veritas cluster, Apache Web Server, Samba.

PROFESSIONAL EXPERIENCE:

Confidential, Indianapolis, IN

Sr. Network Security Engineer

Responsibilities:

  • Designed, Built, Implemented various solutions on Check Point/Cisco/Juniper Firewalls
  • Working experience on upgrading Checkpoint old devices/Software to new platforms like R70 to R75.20.
  • Responsible for configuration and administration of the Checkpoint rule base policy in Checkpoint smart dashboard with section titles.
  • Troubleshooting application and network traffic on Checkpoint smart view tracker along with FW monitor and TCP dumps on CLI based.
  • Working on smart view monitor get statistics for the checkpoint hardware/software CPU’s, memories and overall health of the devices.
  • Migrating Cisco ASA firewalls policy to new Checkpoint appliance with support of vendor specific tool.
  • Implement and manage all the firewalls in smart domain manager/Procider-1 with CMA to organize enterprise and remote locations.
  • Monitoring, maintaining, and implementing security policies on Cisco firewalls.
  • Carried out performance monitoring & documentation of relevant network segments to ensure data integrity & environmental safety.
  • Routing Protocols (RIP, RIP V2, IGRP, EIGRP, OSPF), Virtual LANs, LAN, WAN and Ethernet.
  • Frame Relay, ISDN, PPP, HDLC, Network Troubleshooting using CLI Show commands, PING, Trace route, telnet.
  • Gathering details from customers and providing best security infrastructure solutions with F5 load balancers, Check Point/Netscreen firewalls and Blue Coat proxies.
  • Created various B2B environments using Blue Coat proxies.
  • Commissioning & de-commissioning with Cisco 7500, 7200, 6500 with SUP 720 module, 3550, 2950 switches for the Data Centre migration & operations.
  • Creating Virtual IP address, Pools and Persistence profiles on F5 LTMs.
  • Create complex iRules using TCL language for URL redirections, HTTP header-insertion and HTTP header modification.
  • Creating Wide IPs with various load balancing methods like, Global Availability, Topology and Round Robin.
  • Interacted with internal clients to resolve network connectivity issues.
  • Monitoring and supporting network traffic analysis with Wireshark tool.
  • Maintained good Customer Relation Skills & Troubleshooting skills in a production based environment.

Confidential, Topeka, KS

Network Security Engineer

Responsibilities:

  • To ensure that the day-to-day Security Operations runs smooth. Change management and 3rd level Incident management being the primary responsibility, participate directly as well as take escalations from the team members as and when required.
  • Change Management: Need to make sure that all the change designs and implementations are completed and tested as per the schedule required by the customers.
  • Migrated to R75.xx in various Checkpoint 4k/11k/21k appliances from R65, R62, R60, etc., and building the new SmartCenter server.
  • Systems Integration in Wide Area Network using Cisco Routers, Switches, and access servers over E1 leased Lines and ISDN.
  • Involved in updating the F5 based 3DNS for the DNS based loading and updating the Wideip’s list on the box as per the request from the business based on the application need.
  • Interact personally with local and central Telecommunication exchanges to install a data circuit for customers requesting leased Line connection.
  • Routing Protocols (RIP, RIP V2, IGRP, EIGRP, OSPF), Virtual LANs, LAN, WAN and Ethernet.
  • Frame Relay, ISDN, PPP, HDLC, Network Troubleshooting using CLI Show commands, PING, Trace route and telnet.
  • Configuring objects such as Load Balancer pools for local traffic management.
  • Extensively used TCP/IP tool like TELNET for remote login to the routers and SSH for secure login.
  • Has expertise in LAN/WAN technologies (fast Ethernet, Layer2 & 3 switched/routed LAN, and Frame Relay).
  • Enabled GSR RPR+ mode, installed Engine 5 SIP cards, Upgraded Cisco GSR routers GRP-Bs to PRPs (RPP+), PRP 1 to PRP 2 and IOS levels as well.
  • Tested various BGP features like local-preference, MED, Weight and replicated customer issue problems in the testing environment lab.
  • Being part of L3 escalation team, receive the call from L2 team during the on call time.
  • Configuring failover and working on ssl-vpn when in active/standby failover on ASA.
  • Interacted with internal clients to resolve basic help desk connectivity issues
  • Monitoring and keeping track of the Network traffic analysis through the routers using MRTG.
  • Involved in group & individual presentations to corporate clients about the company’s internet based products like leased lines and modular routers.

Confidential, Mooresville, NC

Network Security Specialist

Responsibilities:

  • Monitoring and Managing the Firewalls (Checkpoint Boxes, Nokia, Cisco ASA, Juniper), VPN Devices and Routers a total of over 1900 devices. Troubleshooting the Firewalls, Manage checkpoint Firewalls split through multiple CMA's and administer using provider-1.
  • Managing URL Content Filtering on Websense Proxy.
  • Adding exemption, editing policy groups on Websense Management Server.
  • Adding/removing ARM bypass rules on Websense appliances.
  • Perform Firewall OS upgrades using CLI, Splat and Voyager GUI.
  • Backup and restore of checkpoint Firewall policies.
  • Black listing and White listing of web URL on Blue Coat Proxy servers and web security gateway.
  • Review Firewall rule conflicts, unused rules and Mis-configurations and clean up.
  • Checkpoint firewall policy administration and support between various zones.
  • Modify and implement ACL changes on store routers and assist the user when there are any issues using Network Authority. Authentication to this is also done through TACACS.
  • Prepared engineering documents and network diagrams in Microsoft Visio.
  • Deliver departmental efficiency through advanced engineering, technical support, and documentation procedures.
  • Involved in troubleshooting IP addressing issues and Updating IOS images using TFTP.
  • Performed switching technology administration including VLANs, inter-VLAN routing, Trunking, STP, RSTP, port aggregation & link negotiation.

Confidential

Network Security Specialist

Roles & Responsibilities:

  • Design, Build, and Implement various solutions on Check Point Firewalls, Blue Coat Proxies, F5 Load balancers and F5 Global Traffic Managers.
  • Performed Up gradation from old platforms to new platforms R62 to R75.20 etc
  • Worked on migrating to R75.20 on IP560 nokia boxes.
  • Worked on various platforms of Checkpoint like - Nokia, Checkpoint (SPLAT).
  • Worked on Nokia IP 260, 295, 390, 56x, 69x, 128x, 245x flash & disk based appliances.
  • Fully versed in the syntax of security platforms, and day to day rule verification
  • Continuous monitoring of CPU utilization, link utilization, connection table utilization.
  • Firewall clusters, cluster-XL technology
  • Experience in different VPN platforms, IPSec, SSL & Web VPN. Mobile VPNs solutions from Cisco and Checkpoint.
  • Checkpoint Connectra appliances-NGX R62 & R66
  • Implemented clientless ssl vpn on Juniper SA 2500/4500 with Secure access 7.1/8.0 ASA 5500-x platforms.
  • Worked on ASA and ASDM configuring the ACL’s and monitoring.
  • Worked on ASA routed mode and transparent mode.
  • Worked on ASA 5500-x platform configuring the WEB, SSL, any connect VPN’s.
  • Worked on AIP-SSM and CSC-SSM modules on ASA.
  • Worked on ASA-botnet filter.
  • Deployed LTMs and GTMs in DMZ environments with FIPS solutions.
  • Perform SSL Offloading on LTMs and web accelerators with 2048-bits VeriSign certificates. Also, renewing certificates to ensure the security of websites.
  • Engaged in various migration projects like migrating V 9.x load balancers to V 10.x.
  • Migrated Firewall infrastructure from Check Point R65 to Netscreen ISG2000.
  • Implement the firewall rules using Netscreen manager (NSM).
  • Push the firewall rules on various versions of Nokia boxes and cross beam from Provider -1 NGX CMAs.

Confidential

Network Security Specialist

Responsibilities:

  • Created load balancing policies using BGP attributes such as Local Preference, AS-Path, MED, Community etc.
  • Managed fast Layer 3 switched/routed LAN/WAN infrastructure as a part of Network team. The LAN consisted of Cisco campus model of Cisco 3550 at access layer, Cisco 6513 at distribution/core layer.
  • Installed and maintained Cisco and F5 Load Balancer and documentation.
  • Improving OSPF convergence by controlling SPF algorithm, LSA/SPF throttling.
  • Participate in all technical aspects of LAN, WAN, VPN and security internetworking projects including, short and long term planning, implementation, project management and operations support as required.
  • Writing rules in such a way that they append various properties that define pool selection process.
  • Performed various Line card memory upgrades, PRP memory upgrades and fabric upgrades on Cisco 12000 series routers.
  • Handle customer escalations related to Internet connectivity issues, VPN issues (OSPF sync issues), etc; work with various technical teams to find a resolution in a timely fashion.
  • Configured policy maps, class maps and access lists on GSRs
  • Worked with JTAC and Cisco to troubleshoot various problems
  • Designed secure VPN architecture, including MPLS VPN platforms for various customers which include ISP’s.

Hire Now