PROFESSIONAL SUMMARY:

• Accomplished Network and Security engineering professional with 5 years of real time experience in designing, deploying, migrating & supporting critical multi - site redundant Network environments.
• Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Perform Checkpoint and PIX firewall/IDS design, integration & implementation for Cyber Trap client networks.
• Experience in installing, configuring and troubleshooting Checkpoint Firewalls.
• Designed 10 gigabit networks using Cisco Nexus 7000 series switches, Checkpoint Confidential firewall and Cisco 3800 series routers
• Good knowledge of CISCO NEXUS data center infrastructure with 5000 and 7000 series switches includes (5548, 7010) including CISCO NEXUS Fabric Extender (223, 2248)
• Experience working with Juniper JUNOS version 12 and Version 13 for routing and switching protocols.
• Responsible for checkpoint and Cisco ASA firewall administration across global networks.
• Checkpoint level 3 operations support with hardware operation and fixed all problems.
• Good understanding of NAT & Firewall on Aruba Controllers.
• Strong hands on experience on PIX Firewalls, Palo alto, ASA (5540/5550) Firewalls. Implemented Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience.
• Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point R65, R70, R75, R77 and Cisco ASA.
• Worked on Nexus platform 7010, 5K series (5548, 5020 and 5010) and FEX (2248, and 2232) and deployed VPC, VDC and OTV and successfully implemented VSS on the Cisco catalyst switches.
• Experience working with advance level technical solutions for existing wireless networks VPNs and mesh network.
• Strong hands on experience on PIX Firewalls, Palo alto, ASA (5540/5550) Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS)
• Supporting and troubleshooting Checkpoint/Cisco site-to-site VPN/IP Sec functionality.
• Experience on working, implementing, configuration and managing Juniper SA 2500/4500/6500 SA devices with secure access services 7.1/8.0.
• Experience in configuring VDC, VPC and FCOE, upgrading NX-OS for Nexus Family Switches.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Expertise in Migration of Firewalls from Nortel Contivity to ASA, ASA to Checkpoint, Checkpoint to Palo alto and Vice Versa
• Supporting and troubleshooting Checkpoint/Cisco site-to-site VPN/IP Sec functionality.
• Experience on working, implementing, configuration and managing Juniper SA 2500/4500/6500 SA devices with secure access services 7.1/8.0.
• Performing the Juniper SRX 5800 deployment to replace the Crossbeam/Checkpoint firewalls.
• Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS)
• Hands on experience in configuring and supporting site-to-site and remote access Cisco, IPSec, VPN solutions using ASA/PIX firewalls, Cisco and VPN client.
• Good knowledge on Juniper SRX240, SRX220 and SRX550 series Firewalls.
• Implemented Positive Enforcement Model with the help of Palo Alto Networks.
• Experienced in handling and installing Palo Alto Firewalls with exposure to wild fire feature of Palo Alto Networks.
• In-depth in preparing Technical Documentation and presentations using Microsoft VISIO/Office

TECHNICAL SKILLS:

Cisco Platforms: Nexus 7K, 5K, 2K, 1K

Cisco Routers: 1700,1800,2500,2600,2800,3600,3800,3900,7200,7600

Cisco L2 & L3 Switches: 2900,3500,3560,3750,4500,4900,6500

Juniper Platforms: SRX, MX, EX Series Router and Switches

Networking Concepts: Access: lists, Routing, Switching, Sub netting, Designing, CSU/DSU, IPsec, VLAN, VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi

Firewall: ASA Firewall (5505/5510), Checkpoint, Cisco ASA

Network Tools: Solar Winds, SNMP, Cisco Works, Wireshark

Load Balancers: Cisco CSM, F5 Networks (Big-IP)

Wan Technologies: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3,0C3, T1 /T3 & SONET

Lan Technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channelVLANS, VTP, STP, RSTP, 802.1Q

Security Protocols: IKE, IPSEC, SSL: VPN

Networking Protocols: RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA, IPv4 and IPv6

Operating System: Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix

Documentation: MS Office, MS Visio

PROFESSIONAL EXPERIENCE:

Confidential, San Mateo, CA

Network Security Engineer

Responsibilities:

• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
• Design, configuration, and support of Cisco Nexus Platforms (Nexus 2000/5000/7000 )
• Designing MPLS VPN and QoS for architecture using Cisco multi-layer switches.
• Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS switching for stable VPNs.
• Worked on Juniper SA 2500/4500/6500 devices including configuring, troubleshooting and implementing SA devices along with secure access services.
• Configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures.
• Configured Cisco routers for MPLS VPN connectivity and VRF tables on edge routers for customer usage of the MPLS network.
• Configure/upgrade wireless access points and am familiar with Cisco wireless controllers.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs.
• Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525) & ASA 5500(5510/5540) Series.
• Configured IPsec site-to-site VPN connection between Cisco VPN 3000 Concentrator and Cisco 3800.
• Responsible for everyday tasks related to Juniper SRX Firewalls, Space Changes, and Iron Port Proxy Traffic.
• Collaborated with the network engineers to identify areas of high risk that can be resolved using ISE
• Creation of Firewall policies as per the requirements on Checkpoint, ASA, FWSM, and Juniper Firewalls.
• Configured Protocol Handling, Object Grouping and NAT on ASA Firewalls (5505).
• Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate Authority for purpose of scaling.
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000
• Advanced knowledge in Design, Installation & configuration of Palo Alto & Checkpoint Provider Juniper Contrail SDN deployment assistance to the senior engineering team
• Experience deploying BIG-IP F5LTM Load Balancers for load balancing and traffic management of business application
• Responsible for Checkpoint firewall management and operations across our global networks.
• Implemented site to site VPN in Juniper SRX as per customer and various EX, SRX & J series Juniper devices.
• Working on security devices ASA, Juniper, Palo Alto Firewalls, Routers, and Switches.
• Implementation of secure enclaves with Palo Alto and ASA firewalls
• Remote access and site-to-site VPN administration using Cisco ASA/ASR and Palo Alto
• Team member of Configuration of Cisco 7206 router with VPN and Configuration of Catalyst switches.
• Implemented Site-to-Site VPNs over the Internet utilizing 3DES, AES/AES-256 with ASA Firewall 5505.
• Responsible for NAT traffic flow in the Juniper SRX 3600 and support Juniper Space.

Confidential

Network Security Engineer

Responsibilities:

• Designed application mapping and application delivery using F5 BIG IP LTM.
• Design/install/Configure Nexus 7k, 5k and 2k switches, PAN firewall and Netscaler Application load balancer.
• Installed and designed four PIX 525 and two ASA 5505 in client areas. Notwithstanding that, arranged two PIX firewall for the Guest access.
• Configured IPsec VPN access for client to site remote access.
• Configured and implemented Nexus 5K and 2K in lab environment
• Configuration of firewalls 5520 series ASA for business to business connectivity and application of ACL rules for network traffic.
• Configuring and managing F5 ASM (Application security manager). Develop security policies.
• Creating new nodes and Pools in F5 load balancers to support newly added servers in Layer 3 environment.
• Implemented site to site VPN with IPSEC via. GRE ISKAMP
• Implemented Cisco site to site VPN for partnering with different partners around the world.
• Create and test Cisco router and switching operations using OSPF routing protocol, ASA 5500 Firewalls, and MPLS switching for stable VPNs.
• Technical Knowledge on Cisco PIX/ASA series, Juniper Net screen/SRX firewall gateways.
• Experience configuring Virtual Device Context in Nexus 7k series switch.
• Experience with configuring Nexus 5000, Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 7000.
• Configuration, Testing, Planning and Design of Cisco Routers, Cisco Catalyst 2900, 3570 and 6500 Switches.
• Set up and configured a Cisco ASA 5506-X and Cisco Firepower network security services.
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks
• Coordinate activities between departments to ensure uninterrupted business operation
• Experience with Checkpoint Firewall policies provisioning.
• Provided technical assistance for LAN/WAN management & troubleshooting and complex customer issues using Network monitoring tools such as Solar winds.
• Migration from Cisco to Palo Alto firewall & Cisco to Checkpoint firewall
• Worked on wireless networking hardware such as Cisco Wireless LAN Controller and AP 1200.
• Working with Cisco ASA 5585-X firewalls with Firewall rules, IPSec VPN, NAT, Active-Standby Failover, OSPF and Any Connect VPN technologies
• Implemented site to site VPN in Juniper SRX as per customer.
• Troubleshot VoIP issues with Cisco Call Manager 8.6; Unity Connections and Presence.
• Experience with converting PIX rules over to the Cisco ASA solution.
• Maintain Security policy by monitoring PIX firewalls (515 and 520).
• Router/ Microsoft VPN Server to get to certain restricted system assets from client areas.
• Established IPSEC-VPN tunnels with ASA 5500 series Firewall between some branch offices & headquarters.
• Experience in working with designing, installing and troubleshooting of Palo Alto firewalls.

Confidential

Network Associate.

Responsibilities:

• Designing and installing new branch Network systems. Resolving Network issues, running test scripts and preparing Network documentation.
• Configuring, Installing and troubleshooting on Checkpoint Devices.
• Successfully executed change on Nexus 9K and 7Ks to support redundant platform.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Working with Juniper JUNOS on M and MX series routers.
• Successfully installed Palo Alto PA-3060 firewalls to protects Data Center and provided L3 support for routers/switches/firewalls.
• Used Network tools such as Ixia for deployment of network infrastructures
• Worked on migrating the F5 LTM 5100 version 9.2 to 5100 LTM version 9.4 and F5 GTM configurations
• Responsible for Working in high availability Nexus Environment and provide Layer 3 Network
• Physically deployed new Cisco Nexus devices, Catalyst and Nexus replacement blades, FWSMs, Cisco ASAs, Citrix Netscaler MPX and SDX chassis
• Successfully installed Palo Alto PA-3060 firewalls to protects Data Center and provided L3 support for routers/switches/firewalls.
• Worked on migrating the F5 LTM 5100 version 9.2 to 5100 LTM version 9.4 and F5 GTM configurations
• Maintaining Checkpoint security policies including NAT, VPN and Secure Remote access
• Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls.
• Worked as a part of data center deployment where we converted from Cisco 6500 to Nexus.
• Adding Websites to the URL filtering blocklist in Bluecoat Proxies and upgrading firmware on the bluecoat proxies.
• Administration and Operation support for TACACS and RADIUS Appliances
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
• Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
• Translating Cisco IOS Route maps to Cisco IOS XR Routing policies.
• Working with Cisco Nexus 2148 Fabric Extender and Nexus 5500 series to provide a Flexible Access Solution for datacenter access architecture.
• Implemented Load Balancing between Cisco L3 Switch by HSRP and GLBP.