We provide IT Staff Augmentation Services!

Network Security Engineer Resume

Dundee, MI

SUMMARY:

  • 8.4 Years of Experience in Designing, Deployment and Operations of complex enterprise and service provider networks.
  • Experience in installing and configuring DNS, DHCP server.
  • Experience in configuring Site - to-site and remote access VPN solutions.
  • Experience on F-5 load balancers LTM and GTM.
  • Experience in implementing and configuring F5 Big-IP load balancers 6400-LTM (V9).
  • Strong knowledge on Wireless Standards and Technologies, i.e. Ethernet, WAN, LAN, IEEE 802.11 (Wi-Fi). Very good knowledge on IEEE 802.15.1 (Bluetooth), Mesh networks, etc.,
  • Provided technical leadership for problem escalation and resolution.
  • Highly motivated with the ability to work independently or as an integral part of a team and committed to highest levels of professionalism.
  • Well experienced in configuring various routing protocols like RIP, EIGRP, OSPF, BGP, MPLS
  • Well Experienced in configuring protocols like HSRP, GLBP, VRRP, ICMP, IGMP and SNMP.
  • Experienced in various Juniper products: EX-2200,EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240
  • Experienced working with Nexus 7010, 5020, 2148 and 2248 devices.
  • Experience with Firewall Administration, Rule Analysis, Rule Modification.
  • Responsible for designing and deploying various network security & High Availability products like Cisco ASA and Checkpoint Firewall products.
  • Experience in Checkpoint Firewall on SPLAT and VPN technologies, Stateful inspection, and Global rule base, address spoofing.
  • Experience in configuring and troubleshooting Palo Alto devices like PA-3050, PA-5060 and PA-7050.
  • Responsible for Check Point (Secure Platform R70) and Cisco ASA firewall administration across global networks.
  • Migration of checkpoint firewall into Confidential using PAN.
  • Implementation of F5 includes configuration/creation of Network Element, Pool, pool members and virtual server.
  • Knowledge on configuration of iApps (BIG-IP) application service in implementing F5 load balancer.
  • Working and opening trouble tickets(TAC) and Smartnet with Cisco for new product orders, device diagnostics and hardware/insurance.
  • Experience with network monitoring tools like Solarwinds in regular backups and monitoring network inflow and outflow on various network devices and servers.
  • Configured Security policies including NAT, PAT, VPN, Route-maps and Access Control Lists.
  • Implemented traffic filters using Standard and Extended access-lists, Distribute-Lists, and Route Maps.
  • Enterprise Switching with VLANs, Trunks, Spanning Tree, Port Spanning etc.
  • Well experienced in configuring gateway redundancy protocols like HSRP, GLBP, PPP and SNMP.
  • Worked on Load Balancer F5 LTM, GTM series like 6400, 6800, and 8800
  • Strong hands on experience in installing, configuring, and troubleshooting of Cisco 7600, 7200, 3800, 3600, 2800, 2600, 2500 and 1800 series Routers, Cisco Catalyst 6500, 4500, 3750, 2950 and 3500XL series switches.

TECHNICAL SKILLS:

Routing: OSPF, EIGRP, BGP, RIP-2, Route Filtering, Redistribution, Summarization, Static Routing.

Switching: VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switching Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging

LAN: Ethernet, Fast Ethernet, Gigabit Ethernet, FDDI, CDDI, Token Ring, ATM LAN Emulation

WAN: Leased lines 64k - 155Mb (PPP / HDLC), Channelized links (E1/T1/E3/T3), Fiber Optic Circuits, Frame Relay, ISDN, and Load Balancing.

Various Features & Services: IOS and Features, HSRP, GLBP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP and FTP Management.

Juniper: EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240

Firewalls: Palo Alto PA- 2000/3000/4000/5000, Pix (525/535), ASA (5520/5550/5580 ), Check Point Firewalls NG, NGX, NG R55, NGX 60, NGX R65.

AAA Architecture: TACACS+, RADIUS, Cisco ACS

Hardware: Cisco Cat Switches, Routers, Cisco IP796X/794X.

PROFESSIONAL EXPERIENCE:

Confidential, Dundee, MI

Network Security Engineer

Responsibilities:

  • Monitor, operate and support network security devices such as cisco ASA
  • Responsible for configuration, maintenance, and troubleshooting of dynamic routing protocols: BGP, OSPF & EIGRP (route redistribution, distribute lists, route-maps, offset-lists, prefix lists, route summarization, route-feedback, BGP attributes) on Cisco Routers 7613, 7201, and 3945E.
  • Experience in F5 load balancers, its methods, implementation and troubleshooting on LTMs and GTMs
  • Experience on the Palo Alto firewall platforms PA-7050, PA-5050, PA-2000 series, PA-200, PA-500.
  • Experience in configuring all Palo Alto Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments.
  • Experience in Adding Rules and Monitoring Checkpoint Firewall traffic through smart dashboard
  • Experienced on working with Checkpoint firewalls R75/R77 such as installing/deleting and troubleshooting the networks.
  • Innovated with support of Palo Alto for remote and mobile users and for analyzing files for malware in a separate (cloud-based) process that does not impact stream processing.
  • Configured OSPF and Static routing on Juniper M and MX series Routers.
  • Establish AWS technical credibility with customers and external parties
  • Help customers build scalable, resilient, and high-performance applications and services on AWS
  • Develop/capture/document architectural best practices for building systems on AWS
  • Working on as security devices Cisco ASA series, Palo Alto firewalls.
  • Working on to set up OSPF dynamic routing on Cisco ASA Firewalls by using and following their current network structure.
  • Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls.
  • Supporting EIGRP and BGP based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations
  • Documenting workflow process, managing and implementing standard policy and procedures.
  • Apply Cisco ISE configuration to switches
  • Provide level 2/3 support for ISE related issues, including off-shift and weekend support functions
  • Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
  • Managing data center and network by using solar winds, NPM, NTA, NCM and F5 load balancer
  • Working on troubleshooting, implementing and configuring new devices and helping them to build new data center and moving devices from one data center to another by moving all devices.
  • Experience configuring VPC, VDC and ISSU software upgrade in Nexus 7010
  • Deployed VXLAN on the Nexus 9000 to map the physical VLANs to the Virtual Overlay VLANs.
  • Deployed the Nexus 9000 Application Virtual switch to support network telemetry applications and 9000 Core with VPC and 3172 TOR.
  • In corporate Cisco Nexus 9000 NXOS to ACI fabric to work in concert with existing Nexus 7000s and ASRs
  • Experience working on CISCO NEXUS data center infrastructure with 2000, 5000 and 7000 series switches by enabling networked devices to communicate effectively
  • Automated network implementations and tasks and designed monitoring tools using python scripting.

Confidential, Auburn Hills, MI

Network Operations Engineer

Responsibilities:

  • Experience in working with Nexus 7010, 5548, 5020, 2148, 2248 devices.
  • Implementing and Maintaining Network Management tools (OPAS, Solar Winds, Cisco Works)
  • Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed
  • Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices. and smart view Tracker applications
  • Migrated the policies from Check point Firewalls to Cisco ASA firewalls
  • Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
  • Involve in deployment of new F5 LTM for Datacenter.
  • Involved in designing new 10-Gig infrastructure with Security team
  • Assisting Networking with installation and implementation of GigaVUE HC2 into production environment to provide monitoring taps for Security appliances
  • Experience in configuring Load balancers and Riverbed WAN optimizers
  • Areas of responsibility include routing and switching, SSL VPN and Site-to-Site VPN using Cisco ASA 5505 and 5520, Riverbed WAN optimization
  • Implementation and troubleshooting F5 Load balancers.
  • Implementation, configuration & troubleshooting the issues related to Virtual Servers, pools, nodes & certificates on F5 Load Balancer.
  • Worked with OLT, ONTs, splitters and fiber optics on a campus LAN
  • Migrated to Juniper EX series switches from Cisco 3500 series and 6500 series switches
  • Configure and troubleshoot Juniper EX series switches and routers
  • Design, and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls
  • Experience with configuring BGP, OSPF in Juniper M and MX series routers
  • Involved in configuring Juniper SSG-140 and Cisco ASA firewall
  • Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
  • Experience with Network Automation using Python
  • Experience working with JUNOS OS on Juniper Routers and Switches.
  • Configuring Cisco ASA firewalls in single and multiple context mode firewalls.
  • Deployed VXLAN on the Nexus 9000 to map the physical VLANs to the Virtual Overlay VLANs.
  • Configuring & managing Security Devices that includes F5 BigIP Load balancers, Blue Coat Proxies and Plug Proxies.
  • Configured VDC’s and implement layer 2 topologies using FabricPath, L2-L3, VRFs, Port Channel and OTP functionality.
  • Configured Cisco ASA 5510 Firewall to establish logical separation between legacy network & lab environment.
  • Extensively worked on Juniper models EX 2200, EX 4200, MX-480, SRX 210 and SRX240.
  • Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover, DMZ zoning, & Configuring VLANs/routing/NATing with the firewalls as per the design
  • Migrating the policy from Cisco ASA firewall into Palo Alto.
  • Experience with deployment of Palo Alto firewalls for different NAT, video conferencing traffic
  • Experience with migrating the Partner IPSEC VPN tunnels from one data center to another data center.
  • Replace Campus Cisco 6509 End of Life hardware with new 4507/4510 devices.
  • IOS upgrade in Nexus 7010 through ISSU (In service software upgrade)
  • Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tuning AS-path.
  • Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000.
  • Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
  • Experience with Project documentation tools & implementing and maintaining network monitoring systems and experience with developing network design documentation and presentations using VISIO
  • Experience on designing and troubleshooting of complex BGP and OSPF routing problems.

Confidential, Chicago, IL

Network Engineer

Responsibilities:

  • Configuring ACL to allow only authorized users to access the servers.
  • Maintain effective communications with vendors, peers and clients in resolution of trouble-tickets, equipment
  • RMAs, and support requests.
  • Troubleshoot Hardware, Cisco IOS, install and configure Cisco routers and switches.
  • Participated in on call support in troubleshooting the configuration and installation issues.
  • Installation, Maintenance, Troubleshooting Local and Wide Areas Network by using ISDN, Frame relay, DDR, NAT, DHCP, and TCP/IP.
  • Manage and coordinate all infrastructure related moves, adds, and changes.
  • Implement, and maintain Local/Wide Area Network over 13 branches.
  • Configured OSPF, BGP on Juniper M and MX series Routers.
  • Worked in Configuration and extension of VLAN from one network segment to other segment between different vendor switches (Cisco, Juniper)
  • Provided Technical support in terms of upgrading, improving and expanding the network.
  • Project to migrate/re-design 700+ customer connections (MPLS & Frame) out of retired
  • Data center to new Juniper M120.
  • Time to time upgrade network connectivity between branch office and regional office with multiple link paths and routers running HSRP, EIGRP in unequal cost load balancing to build resilient network.
  • Configured network using routing protocols such as OSPF, BGP and troubleshooting L2/L3 issues.
  • Configuration of NAT.
  • Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP.
  • Configured Client VPN technologies including Cisco’s VPN client via IPSEC.
  • Configure switch VLANs and inter-switch communication. Build and setup network Laboratory.
  • Actively involved in troubleshooting on network problems with Wireshark, identifying and fixing problems.

Confidential

Network Engineer

Responsibilities:

  • Configured EIGRP, BGP, and MPLS.
  • Implemented Load Balancing between Cisco L3 Switch by HSRP and GLBP.
  • Provided support regarding call routing, translation patterns, media resources etc.,
  • Configured redundant pair setup and synchronization between pairs on F5 load balancer.
  • Involved in migrating applications from netscalers to F5 Big - IP environment.
  • Configure Firewall, IPS, QoS by SDM and provide security by Prefix list, Access- List and By Distribution List.
  • Moved Core switches and several non-Cisco devices under strict deadlines to maintain network functionality
  • Satisfactorily Resolved Problems in timely manner with focus on providing a high level of support for all customers.
  • Implemented new ultra-secure networks in multiple data centers that included Cisco 6500s and Juniper security devices.
  • Designed VLAN’s and set up both L2 and L3 logical to have it communicate to the Enterprise network.
  • Juniper: EX-2200,EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240
  • Scheduled preventive maintenance for fire-protection systems, including new protocols. Utilize MS Windows, Word, and Excel for reporting/documenting process.
  • Provide high level technical support, including identifying and resolving problems on Cisco supported products for e-Commerce infrastructure. This included external routing and internal/intranet routing for DMZ servers.
  • Prepared Engineering documents and Network diagrams in Microsoft Visio.
  • Delivered Departmental Efficiency through advanced engineering, technical support, and documentation procedures.

Confidential

System/ Network Administrator

Responsibilities:

  • Configuring and troubleshooting multi-customer ISP network environment.
  • Involved in network monitoring, alarm notification and acknowledgement.
  • Implementing new/changing existing data networks for various projects as per the requirement.
  • Working on creating new load balancing policies by employing BGP attributes including Local Preference, AS-Path, and Community, MED.
  • Installing and maintaining Windows NT Workstations and Windows NT Server.
  • Providing technical support to LAN & WAN systems.
  • Monitoring performance of network and servers to identify potential problems.
  • Performing RIP, OSPF, BGP, EIGRP routing protocol administration.
  • Preparing feasibility report for various upgrades and installations.
  • Other responsibilities included documentation and support other teams.

Hire Now