SUMMARY:

• To offer my services to an organization that provides stimulating and professional environment.
• Where my abilities, education, training and skills can be used to enhance the efficiency and productivity of the organization while allowing growth in my skills.
• I am passionate to work on project planning and deployment.
• Total of 16 years experience in Computer Networking

TECHNICAL SKILLS:

AWS Could Direct Connection/VPN Tunnel:

Security Devices: Checkpoint Firewall (Appliance, Confidential, Confidential, Dell) Cisco ASA 5510/5520 with IPS Module, Cisco Pix 515/525/535, Juniper, Astaro, PFSence Firewall,Cisco Secure ACS 4.0, Cisco IDS 4215, IPS 4210, Source Fire, Tipping Point, Cisco ASDM

Load Balancer: Cisco 4710, Radware, F5

Routers: Cisco 7200, 3945,3800,2800,1800 series, 3600/2600 series, 2500, 1700, 1600,800 series, Nortel, Maipu

Layer 2/3 Switches: Nexus, 7K, 5K, 2K, Cisco Catalyst 6500/4500 series Cisco Catalyst 3750, 3550,3500,2950,2900 series.

Tools: Wireshark, Phython

TECHNICAL EXPERIENCE:

Confidentia, St.Louis, MO

Senior Security Engineer

Responsibilities:

• Migrated Checkpoint Management server - R77.20 Gaia
• Migrated Checkpoint firewall hardware and software to Checkpoint Appliance with R77.20 Gaia
• Migrated F5 Hardware and Software to F5 Viprion load Balancer
• Migrated the Critical Application to AWS cloud
• Managing the Riverport, vXchnge, Switch, India, Austion, Springfield Data Center
• Responsible in resolving severity issues related to security for globally which involve checkpoint/ASA Firewall, F5 Load balancer/Viprion, AWS Cloud, Nexus, Cisco routing/switching, VPN’s, etc

Confidential, St.Louis, MO

Senior Security Engineer

Responsibilities:

• Responsible for migrating Checkpoint Firewall Hardware & Software to Checkpoint Appliance - R77.20 Gaia with Zero Impact.
• Configure, administer, and document firewall infrastructure
• Advanced experience with performance tuning, package installation, patch updates with checkpoint firewall
• Manage and expand enterprise level internal IT security, which include, Monitoring multiple checkpoint firewall through Splunk-Lea- loggrabber, intrusion detection, VPN, Solar winds for alerting systems, Algosec audit logs, firewall backup, disaster recovery and external IT vendor relationships
• Work with project management professionals to develop and deploy large-scale projects for both internal and public-facing applications
• Analyse existing network infrastructure and policies to identify opportunities to enhance securityreliability, and functionality
• Responsible for playing a strategic roll by developing the team into a group of highly technical engineers, in parallel implementing procedures and actions which will act as proactive measures in providing value to our customers
• Responsible in resolving severity issues related to security for globally which involve checkpoint/Pix/Juniper Firewall, Cisco/Radware/F5 Load balancer, Routing/switching, VPN’s, etc

Confidential, TAMPA, FL

Network Security Specialist

Responsibilities:

• We are part of the project and implementation team where we plan, design and implement new infrastructure for the client needs.
• This would include creation of new DCs, bringing up new site which includes firewall, load balancer, IPS, GSS, Layer 3 and layer 2 needs.
• We would coordinate with a design team and vendors to implement new sites, DCs etc.
• Infrastructure consists of Checkpoint/ASA-Pix/Juniper firewall, cisco concentrator/Juniper SSL VPN, Cisco/Radware/F5 load balancer, Cisco/Source fire/Tipping point IPS/IDS, GSS, Riverbed, Cisco Router, Nexus/Cisco/ Confidential switches, Cisco/Aruba wireless access controller.
• Successfully replaced Checkpoint R65 Provider1 to R77.20 & Migrated more than 500 firewalls from R65 to R77.20 Gaia across the globe it includes Checkpoint Appliance, Confidential, Dell & Confidential firewalls.
• Migrated 100 Firewalls hardware refreshed from Confidential to latest checkpoint Appliance/Dell.
• 50 Firewalls software upgrade from R65 to R77.20 Gaia.
• Performed the clustering for Confidential, Europe regions for automatic failover of firewalls
• Answer’s firewall ip redesigned for Production, QC, LAB setup due to lack of ip & configured load balancer & firewall accordingly.
• Implemented firewall hardware & configuration for Confidential project.
• Rebuild the new Provider-1 from existing production firewall modules since Provider-1 hardware got crashed.

Confidential

Responsibilities:

• Core Switch refreshed from 6509 to 4510
• Installed Checkpoint 13500 firewall & attached to P1
• LAN switch refreshed from Confidential /Nortel to cisco 3750 stack switch (200 Switches)
• Refreshed cisco wireless controller & 210 access point with Legacy Aruba devices
• Install Checkpoint Appliance & configure cluster in Lebanon, Millan, Lugano
• Establish site to site VPN tunnel between 56 client locations to Confidential & configure redundant link between IBOPE Mexico to Confidential .
• Installed & configured cisco load balancer with DMZ, Internal context between two data center
• Require firewall port opened between servers, data center & Microsoft office.
• Installed & Configured Cisco load balancer with Sticky based connection
• Allowed firewall port in Juniper, pix, checkpoint firewall from SSL VPN, digital line, external clients
• Installed & configured check point 4407 firewalls
• Installed & configured cisco 3750, ASR & establish Confidential tunnel between ASR to Confidential Router for Confidential data collection units.
• Installed & configured Checkpoint firewall 2205.
• Installed & configured Cisco3750-G & 2901 router.
• Responsible in resolving severity issues related to Network for Confidential Network globally which involve Checkpoint/Pix/Juniper Firewall, Cisco/Radware/F5 Load balancer, Routing/switchingVPN’s, GSS etc
• Backup auto failover from MPLS to VPN configured and implemented successfully for Confidential for major region.
• Involving firewall change implementations, VPN Creations, Syslog, bandwidth monitor via Confidential -
• Open view.
• Periodic Firewall, Load balancer, Router, Switch hardening and firewall rules audit.
• Working with ISP(AT&T/Equant-Orange/Quest) for new MPLS/Internet implementations.
• IT Infrastructure Service delivery to provide support to all the business processes in resolving day- to-day network related issues faced by the internal users and third party client.
• Handling Severity Issues on Network Interruption which affects Business /Client Deliverables and working towards its Effective Resolution
• Carry out onsite Due Diligence and study of a new opportunity by traveling to customer s office premises.
• Responsible for Network upkeep, troubleshooting network problems and provide solution within specific timeframe.
• Plan and augment network capacity based on the demand from business.
• Handling Globally 5 Data Centers which includes 1000 plus sites

Confidential

Network Engineer

Responsibilities:

• Designing the switched Network and configuring 6509E for Intervlan Routing.
• Implementing switch security by STP, VTP and configuring Port Security
• Securing Configuring Ether channel to connect to the edge switches connected through Fiber.
• Deploying Cisco ASA 5520 with IPS for Access Control and Intrusion Detection.
• Installing IEV to monitor the events caused by triggering the IPS Signatures
• Installing CSMARS and Adding ASA, Routers, IPS and Servers for event correlation.
• Configuring Router for ADSL connectivity and Net flow to detect anomaly detection.
• Installed and configure ASA 5520 Security Appliance with standard and extended access-lists and policy-based filters with object-groups.
• Configuring stateful failover for redundancy
• Installed and configured IPS Module to detect network attacks signatures.
• Configured Confidential VPN tunnels between ASA and Check Point using IKE pre-shared keys, 3DES and MD5 algorithm in ESP tunnel mode.
• Configure Remote Access VPN for Remote users.
• Install and Configure VPN Management Solution 2.3
• Managing and Monitoring IPS and ASA 5520 through VMS2.3
• Connecting different Branches through Lease line.
• Providing internet connection to users through ADSL Connection.
• Configuring Policy Based Routing to distribute traffic between 2 ADSL Lines
• Configuring Frame-Relay for branches in Saudi Arabia and Oman.
• Implementing Qos and Traffic Shaping for Frame-Relay after monitoring the bandwidth and Network with the Sniffer.
• Provided Consultation to Gulf Air for Deploying IDS 4260 Appliances in Load balancing and Failover Mode by configuring them through inline Vlan Pair Mode after analyzing their existing setup.
• Provided Consultation for replacing PIX Firewall with ASA 5520 in failover.
• Traffic capturing and analysis throughout their core Network
• Configuring PIX firewall 515E for Failover.
• Configuring Juniper Firewall for International Offices across the world to connect the Central Office Bahrain
• Monitoring Sonic Wall firewall for SSL VPN
• Designing the Switch Network and Configuring 6500 Series Switch as a core Switch.
• Configuring HSRP to provide redundancy to the VLANs
• Implementing VLANs and Configuring 6500 Series switch for inter vlan Routing
• Connecting ATM Machines through Frame-Relay.
• Interconnecting 10 Branches through Lease Line and Providing Backup through ISDN.
• Installing and Configuring IDSM-2 Module into 6500 Series Switch
• Upgrading IDS 4215 and IDSM-2 module for 6.0.
• Updating signatures on these devices through cli via FTP to protect against attacks
• Installing and Configuring VMS 2.3 to Manage IDS 4215, IDSM-2, and PIX Firewall.
• Installing and Configuring Cisco Works 6.1 to Manage routers and Switches.

Confidential

Responsibilities:

• Configuring site-to-site Confidential VPN between Pix Firewall and Router on overlapped networks between Bahrain and Australia (Perth)
• Configuring café network by interconnecting Micros POS, Great Plains to application servers at Perth
• Providing internet access in the café through wireless by installing wireless AP Isolating wireless users with server by configuring secondary ip addresses and access-lists
• Designing the Switch Network and configuring 4500 series as core switch
• Implementing Vlans and configuring Inter-vlan Routing on 4500 Switch.
• Configuring Port Security, DHCP Snooping and mitigating against VLAN Hopping Attacks.
• Configuring router for Frame-Relay internet Connectivity and Providing Perimeter Security.
• Installing and Configuring ASA 5520 with Active/Passive Failover.
• Installing and Configuring VMS 2.3 for the management of ASA 5520 and HIPS.
• Installing Cisco Security Agents on 10 servers including MAIL Server, WEB Servers, and Distance Learning server.
• Configuring site-to-site Confidential VPN between Pix Firewall and Router on overlapped networks between Dubai and Bahrain
• Implementing VLANs, Interconnecting different Branches through Lease Line and Providing Backup through ISDN.

Confidential

Network Engineer

Responsibilities:

• Configured and installed Maipu Routers MP800, MP17XX, MP26XX, MP36XX Series
• Configured and installed Maipu L2/L3 switches
• Configured and installed Maipu DXC 9400, MP3600 Series
• Configured and installed IP DSLAM 2048, 2024 Series
• Configured and installed Confidential Ws 3000, 4000, 4000RE, 5000, 5000B, 5100, 5300 modems
• Configured and installed Confidential Ws 144LCD, 288LCD, 336RE analog modems
• Configured and installed Confidential Interface Converter 610, 620, 630, 3000C
• Configured and installed Confidential WLB 1402, 2000 Wireless Access Point
• Coordinated with DXC, Router, switch, modem configuration and Leased line users for their connectivity