We provide IT Staff Augmentation Services!

Network Security Engineer Resume

Chicago, IL

SUMMARY:

  • Network Security Engineer with Over 7+ years of experience in testing, troubleshooting, implementing, optimizing and maintaining enterprise data network and service provider systems.
  • Implementation, Configuration and Support of Checkpoint (NGX R65, R70 and R71), Cisco Firewalls (ASA 5505, 5506 - X, 5585), Palo Alto Networks Firewalls models (PA-2k, PA-3k, and PA-5 k)
  • Experience in Proliferating the query performance with modification in T-SQL queries, removing unnecessary columns, eliminating redundant and inconsistent data, normalizing database, establishing necessary joins, creating useful clustered index and non-clustered indexes.
  • Responsible for Checkpoint and Cisco Firewall administration across global networks worked on Cisco Catalyst Switches 6500/4500/3500 series.
  • Policy development and planning / programming on IT Security, Network Support and Administration.
  • Worked on cisco Nexus 5000 series switches for data center.
  • Experience with working on Palo Alto Next-Generation firewalls security profiles and Cisco ASA VPN.
  • Hands on in deployment of GRE tunneling, SSL, Site-Site IPSEC VPN and DMVPN.
  • Using Smart Update, user management and authentication in Check Point Firewall.
  • Troubleshooting and installing of CRS, ISR, GSR, ASR9000 and Nexus devices.
  • Designed and implemented redundant Internet circuits with automatic BGP-failover of public subnets (class C addresses) between the two primary U.S. locations (disaster recovery).
  • Designed and implemented disaster recovery configuration for the Globalscape Enterprise File Transfer system (Secure FTP with PGP encryption).
  • Assisted with the installation and configuration of the new Sioux Falls Nexus switches - 7000, 5000, 2000, and 9000 series (ver 7.0.2). Configured the FEX connections, VDCs (virtual device contexts), VPC (virtual private circuits), etc.

TECHNICAL SKILLS:

LAN Technologies: VLAN, VTP, Inter-Vlan routing, STP, RSTP, PVST, 802.1x

WAN Technologies: Frame Relay, ISDN, PPP, ATM, MPLS, Leased lines

Network Security: NAT/PAT, VPN, Filtering, IDS/IPS, IPSec, ACL

Routing Protocols: RIP, IGRP, EIGRP, OSPF, BGP, IS-IS, HSRP

Routed Protocols: TCP/IP, IPX/SPX

Infrastructure Services: DHCP, DNS, SMTP, MIBs, Syslog, POP3, FTP, TFTP

Network Management: SNMP, SSH, Telnet, ICMP

IP Telephony: VOIP,FXO/FXS/E&M/T1/ISDN/PRI, Call manager Express

Operating Systems: Windows Vista/XP/NT/2003, MS DOS, UNIX, Linux

Comm. Protocols: Wi-Fi, WiMax, CDMA, 3G

Protocol Analyzers: OPNET, Wireshark.

Languages/ Tools: Python, Linux Red Hat

PROFESSIONAL EXPERIENCE:

NETWORK SECURITY ENGINEER

Confidential - Chicago, IL

Responsibilities:

  • Expertise in configuring and troubleshooting of Palo Alto, NetScreen & SRX Firewalls and their implementation.
  • Experience working on Palo Alto firewalls such as PA-3000, PA-5000 and PA-7000 series.
  • Actively participated in a Data Center migration where I involved in migrating all the security appliances.
  • Experience on working with external business partners for site-to-site VPN migration.
  • Hands on experience on building VPN tunnels between Palo Alto and Fortigate, PfSense, Azure Virtual Gateway, Checkpoint.
  • Worked on VPN migration from a router to Palo Alto PA-5260 firewall.
  • Design and Implementation of VPN site-to-site tunnels on Palo Alto firewalls.
  • Migrated firewall security policies from PA-3000 series to PA-5000 series using PAN Migration tool 3.0
  • Wifi testing for the purpose of verifying security levels
  • Worked on enabling zone protection on all interfaces on Internet gateway firewalls.
  • Worked on configuring SSL decryption for outbound traffic flow and troubleshooting connectivity issues by validating the signed certificates.
  • Worked on port forwarding NAT rules and security policies. Worked on APP-ID, Content ID, PBF (Policy Based Forwarding).
  • Entered Wifi testing results and network information while maintaining data integrity.
  • Configured User based policies to allow USER-ID authentication using LDAP servers.
  • Managed ADOMs by using Forti Manager to manage multiple Fortigate firewalls.
  • Configured destination and source NAT on Fortigate firewalls by creating virtual and Pool IPs. Worked on DHCP relay implementation with IP-helper address.
  • Migrated security policies from a PA firewall to Fortigate firewall using FortiConverter and worked on enabling the interfaces in production.
  • Configured high availability on Palo alto and Fortigate firewalls.
  • Hands on experience working on Blue Coat Proxy devices to enable web-filtering for external business partners using Virtual policy manager.
  • Monitor, analyze, troubleshoot Aruba APs, wireless controllers and s3500 switches using the Airwave management systems
  • Experience with Security- Firewalls, NAT / PAT, IPSEC, S2S.
  • Troubleshoot and customize office 365 applications including Word, Excel, One Note, Skype.
  • Installed and monitored extreme networks S-series, 7100 stackable switches and E4G-400, 1800 router to support VMware machines in NCFAST.
  • Involved setting up the TFTP server for backing up the IOS images and configuration files of Cisco Routers and Switches and troubleshooting the file servers.
  • Upgrades, installs, configuration and administration security and monitoring tools on Linux.
  • Experience with Security- Firewalls, NAT / PAT, IPSEC, S2S.
  • Experience with ALG (RTP, RTSP and FTP, DNS, HTTP), DHCP.
  • Responsible for network evaluations, troubleshooting a variety of network problems, and implementing various software and hardware upgrades efficient performance.
  • Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls.

FIREWALL ENGINEER

Confidential - Texas

Responsibilities:

  • Installation, configuration and troubleshooting of Checkpoint (5000, 4400, 1400 series with GAIA OS) and ASA Firewalls.
  • Hands-on experience Installing & configuring firewalls - Checkpoint NG & NGX, Cisco ASA (5500), Cisco Pix, ISA, and IP tables.
  • Responsible for maintaining multi-vendor network environment including Cisco ASA, Juniper JUNOS, Fortinet firewalls, Palo Alto PA-200 and configuring different policies to provide connectivity.
  • Experience working on F5 Load Balancing devices, specifically LTMs and GTM's. Experience in conducting upgrades, fail over, configuring pools and virtual servers and also managing certificates on the F5 devices.
  • Migrated and implemented new solutions with Cisco ASA Firewall (5500) series.
  • Provide technical expertise and support of network devices and security peripherals including Cisco routers and switches.
  • Experience with Bluecoat Proxy servers, LAN & WAN management.
  • Implementing security Solutions using PaloAlto Pa-5000/3000, Cisco ASA, Checkpoint firewalls R75, R77.20 Gaia and Provider-1/MDM.
  • Extensively worked on Data Center switching technology including Nexus 7K, 9K and 5K and Catalyst switches.
  • Adding Websites to the URL filtering blocklist in Bluecoat Proxies and upgrading firmware on the bluecoat proxies.
  • Experience in configuring site-to-site VPN tunnels and MPLS between various site offices.
  • Worked with the architects and application teams across the globe to ensure that the requirements are met according to the network architecture for the successful migration of the applications.
  • Created and implemented firewall policy to allow/block services on specific TCP/UDP ports in production firewall.
  • Majorly involved in Office Move, Network Upgradation, Network Standardization projects.
  • Provided best solution to user's ServiceNow incidents by maintaining the security standards of the organization
  • Key contributions include troubleshooting of complex LAN/WAN infrastructure that include Configured Firewall logging, DMZs & related security policies & monitoring Creating Private VLANs & preventing VLAN hopping attacks & mitigating spoofing with snooping & IP source guard
  • Other responsibilities included documentation and change control
  • Installation & configuration of Cisco VPN concentrator 3060 for VPN tunnel with Cisco VPN hardware & software client and PIX firewall
  • Used various scanning and sniffing tools like Wire-shark
  • Documenting and Log analyzing the Cisco PIX series firewall
  • Spearheaded meetings & discussions with team members regarding network optimization and regarding BGP issues
  • Performing maintenance activities in Cisco switches, routers and checkpoint firewall.
  • Using TCP Dumps and Wireshark captures for determining the flow of traffic across the Intranet to Internet and vice versa.
  • Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
  • DNS administration like adding/modifying/deleting IP and DNS assignments using log messages on Infoblox.
  • Worked on PCI compliance, Smart Optimize and removed all the unwanted rules and unused objects.
  • Experience with ALG (RTP, RTSP and FTP, DNS, HTTP), DHCP Worked with ITIL (Information and technology information library) for managing our services.
  • Working with ITS networking teams to install an Avaya VoIP phone system and test phone system connectivity and functionality.
  • Knowledge of with API's for troubleshooting Network issues using Wireshark and NTOP.
  • Configured static NAT, dynamic NAT, dynamic NAT overloading.
  • Back up a Cisco IOS to a TFTP server and Upgraded and restored a Cisco IOS from TFTP server.
  • Configured and perform trouble shooting on Dell Power Connect Switch 5548 used to connect VM Servers and Flex Systems.
  • CSU/DSU loop testing in examining WAN link issues by implementing hardware and software loops.
  • Extensive Packet level debugging and troubleshooting on Palo Alto Firewalls to resolve numerous network issues.
  • Analyzed the Policy rules, monitor logs and documented the Network/Traffic flow Diagram of the Palo Alto Firewalls placed in the Data Center with MS Visio.
  • Configure and maintain security policies on Fortinet firewall and managing Fortinet Analyzer.
  • Hands-on experience in configuration of firewalls - Palo Alto, Cisco, Fortinet, and Firefly.
  • Expertise in configuring and troubleshooting of Palo Alto, Fortinet, SRX Firewalls and their implementation.

NETWORK ENGINEER

Confidential

Responsibilities:

  • Designed MPLS VPN and QoS for the architecture using Cisco multi-layer switches
  • Implemented and configured Cisco IOS, IOS-XR, CAT-OS and Nexus hardware and software: 1000v to 7000 series.
  • Configure, IPS and QOS by SDM and provide security by Prefix list, Access- List and By Distribution List.
  • Designed and configured the commands for QoS and Access Lists for Nexus 7K, 2K and 5K.
  • Figure and manage printers, copiers, and another miscellaneous network equipment.
  • Handled the tasks of documenting network problems and resolutions for future reference.
  • Utilized VMware ESX configured and installed it properly to implement Cisco, Microsoft Server 2008, Linux, MySQL builds, designs, throughout the entire Network Infrastructure.
  • Managing enterprise BGP setup by configuring and troubleshooting BGP related issues. My responsibility was also to add new BGP peers for remote branch offices and business partners.
  • Create and troubleshoot VDC, allocate resources, interfaces, NTP
  • Maintenance and Troubleshooting of LAN connectivity problems using Ping, Trace route.
  • Experience on a mesh 6500 and 5500 series switches to support the core trading system.
  • Troubleshot Clustering issues on Check Point and Sync issues monitoring and fix.
  • Upgrade of Checkpoint Gateways in Cluster with Minimal downtime.
  • Vulnerability Management using Security Information & Event Management
  • Implemented Active/ Standby HA configuration on Cisco ASA Firewalls.
  • Monitoring network platforms include IBM Tivoli Netcool management systems, Siebel CRM, WebTop, utilizing HP Service Manager 9 logging tools.
  • Configuring Cisco ASA firewalls in Single and Multiple Context Mode firewalls.
  • Network design and administration experience.
  • Maintaining Checkpoint security policies including NAT, VPN and Secure Remote access
  • Responsibilities included configuration and installation of software and hardware.
  • Performed routine network maintenance checks as well as Responsible for gathering and compiling data for special projects as well as prepare weekly status reports.
  • Figure and manage printers, copiers, and another miscellaneous network equipment.

Hire Now