We provide IT Staff Augmentation Services!

Sr. Network Security Engineer Resume

Kenilworth, NJ

PROFESSIONAL SUMMARY:

  • More than 9+ years of experience in Designing, Implementation and Operations of enterprise data networks as Network Engineer
  • Enterprise routing experience using protocols such as Static, RIP, EIGRP, OSPF and BGP.
  • Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN, Trunk, VTP, Ether channel, STP, RSTP and MST.
  • Experience with design and implementation of Virtual Switching System (VSS) on 6500 Switches
  • Working knowledge of MPLS, DNS, LDAP, DHCP, HTTP, HTTPS, TCP/IP, UDP, SNMP, PPTP, VLAN, OTV, vPC, STP, (Spanning tree Protocol), and RTSP
  • Comprehensive understanding of the technologies involved with network security vendor firewall products (Cisco PIX / ASA, CheckPoint, Juniper NetScreen/SRX and Palo Alto)
  • Performing migrations from Cisco PIX to ASA, Juniper SSG to SRX and Checkpoint to Palo Alto firewalls.
  • Experience with working on Juniper Routers like, M320 and MX80, MX960, MX480 -configure OSPF and route policies.
  • Experiance in Cisco IDS/IPS, Cisco PIX 525,535, ASA 5520, 5540, 5550, Checkpoint NGX R65, R70,R75, R77 Gaia, VSX, Provider-1/MDM/MDS, SPLAT, Nokia IPSO, Juniper Netscreen Firewall, Juniper SRX, Snort IDS, Syslog analysis and Windows/Linux/Unix Security configurations.
  • Experiance in Manage and maintain Check Point VPN -1 firewall, strong abilities in installation and configuration of Check Point security Gateway, SmartConsole and SmartCenter server
  • Network Monitoring using SNMP and other management tools such as SPLUNK, wireshark, Tufin, Algosec, Solarwinds, Remedy, Service Now, HSPM, HP NAS and Cyber Ark.
  • Black listing and White listing of web URL on Bluecoat Proxy servers.
  • Experience in layer-3 Routing and layer-2 Switching . Dealt with Nexus models like 7K, 5K, 2K series, Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3750, 3500, 2900 series switches
  • Upgraded NX- OS on Nexus devices.
  • Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
  • Understanding the JUNOS platform and worked IOS upgrade of Juniper devices.
  • Experience on PCI, SOX, ITIL and ISO compliant security implementations on the firewalls and perimeter devices.
  • Good knowledge in network hardware and technologies including routers, switches, bridges, hubs, Ethernet, frame relay, and wireless
  • Experience of Juniper and Check Point Firewalls and configure Security policies including NAT, PAT, Route-maps, Prefix/distribution list and Access Control Lists.
  • Implemente Site-to-Site VPNs over GRE tunnel on ASA Firewall.
  • Familiarity with the UCS B-Series Family, UCS C-Series and UCS Management
  • Excellent Verbal, written communication skills and Interpersonal skills with ability to work with large teams as well as independently with minimum supervision & Team Player

PROFESSIONAL EXPERIENCE:

Confidential, Kenilworth, NJ

Sr. Network Security Engineer

Responsibilities:

  • Configuring Static, IGRP, EIGRP, and OSPF Routing Protocols on Cisco 1600, 2600, 2800, 3600, 7300 series Routers
  • Cisco 3560 2950 2924 switches, Cisco 6509 6513 5500 series Layer 3 switches, Cisco 3825 3640 7200 series routers, Cisco Pix firewall 500 series and Wireless Access points Cisco 1230.
  • Worked on F5 BIG-IP LTM 8900, configured profiles, provided and ensured high availability.
  • Worked on F5 and CSM load balancers deploying many load balancing techniques with multiple components for efficient performance.
  • Provided 47 F5 maintenances for Viprion Blade replacements and Code upgrades.
  • Migrated applications from Brocade Server Iron ADX to F5 LTM infrastructure
  • Responsible for deploying various network security & High Availability in Checkpoint Firewall.
  • Successfully installed Palo Alto Next-Generation PA-3060, PA-5060 firewalls to protect Data Center with the use of IPS feature.
  • Executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
  • Support and maintain the routing and switching Data Center fabrics according to client needs.
  • Configuring routing protocols OSPF, EIGRP, RIP, MPBGP, LDP and BGP V4
  • Managing security with 2 Juniper Netscreen Security Managers (NSM).
  • Used VMware vMotion to eliminate application downtime from planned server maintenance by migrating running virtual machines between hosts.
  • Design, implement and maintain VMware vSphere infrastructure
  • In-depth knowledge and technical expertise in data center and cloud technologies, Software Defined Networking
  • Upgrade and deploy Juniper Routers and Citrix Load Balancer to the Data Center environment.
  • Configure all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) and ensure that all system in the domain have McAfee Antivirus Protection Installed.
  • Helped design, rack, wire, and implement five FlexPod installations.
  • Providing technical support on Nexus 2000/5000 switches and operating systems (NX-OS).
  • Helped Netflow configuration on Nexus 7k plat form and live ugrade on 120 Nexus 520 for both kickstart & system image code from version 4.2(x) to 5.1(x) and applied power sequencer.
  • Develop a plan for software defined networking platforms for use across the Data Center environments.
  • Installation & Maintenance of Juniper switches routers &firewalls Configuring HSRP between VLANs, Configuring Ether-Channels, Port Channel on 6500catalyst.
  • Implemented planned maintenances for hardware replacement or upgrades required for the 7750/7705 Service Routers and Data Center servers.
  • Performed Infoblox reporting server testing which uses splunk to gather data and reporting.
  • Did authoritative and recursive performance testing on F5(load balancer) for different firewall settings and compared the results with Infoblox NIOS ADP performance.
  • Implemented cluster and configuration of SRX-100 & SRX-110 Juniper firewall.
  • Worked on F5 BIG-IP LTM 8900, configured profiles, provided and ensured high availability.
  • Worked on F5 and CSM load balancers deploying many load balancing techniques with multiple components for efficient performance.
  • Oversee and proactively manage Cisco IOS, NXOS, and Palo Alto PAN-OS software upgrades.
  • Maintain, support and deploy Cisco Nexus devices for our Data Center Pod Environment.
  • Worked on F5 LTM, GTM series like 6400, 6800, 8800 and Radware for the corporate applications and their availability.
  • Automate core network actions across data center, virtualized environments, and the cloud with Infoblox DNS, DHCP, and IPAM (DDI).
  • Excellent working knowledge, skills and expertise with Fortinet and Palo Alto Firewalls.
  • Implement and monitor firewalls (Fortinet and Palo Alto) security policies.
  • Supported TDM/VoIP soft-switch and new VoIP broadband telephone services division.
  • Assisted users with-in the Department with any Network or VoIP issues and trouble tickets.
  • Checkpoint Firewall policy management, analysis, deploying and supporting checkpoint firewalls.
  • Involved in Migration of SSG firewalls to Juniper SRX firewalls, as well as experience working directly with customer in a service/support environment.
  • Worked with VMware Infrastructure Client in supporting our Windows 2003 & 2008, Linux Enterprise 5 Server environment.
  • Configured, troubleshoot, and upgraded Checkpoint Firewalls for Manage clients, which included network and/or resource access, software, or hardware problems.
  • Directly responsible for deployment and support of VMware vSphere ESXi5.5 update 3a/3b.
  • Implemented Zone-Based Firewalling and Security Rules on the Palo Alto Firewall.
  • Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Checkpoint and Cisco ASA VPN experience
  • Managed installation, and configuration of 50+ Checkpoint Firewall-1 2000 (v41) and Checkpoint Firewall-1 NG (v50) firewalls.
  • Responsible for Cisco ASA firewall administration across our global networks
  • Experience with migration Hybrid based Cisco CatOS and Native Cisco IOS on 6500 switches.
  • Configured various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
  • Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550.
  • Converting CatOS to Cisco IOS Config Conversion on distribution layer switches
  • Configured various Router interfaces like ATM interface, T3 & Channelized T1 interfaces
  • Configuring and troubleshooting CISCO catalyst 6509, 7609, 7613 with Supervisor cards, Cisco 3640, Cisco GSR 12416, 21418(with PRP and RPR processors)
  • Configuring and implementing F5 BIG-IP, LTM, GTM load balancers to maintain global and local traffic.

Environment: Cisco 3560/2950/2924/6509/6513/5500 switches, Nexus, Cisco 3825/3640/7200 routers, VPN, BGP, OSPF, RIP, EIGRP, F5 BIG-IP, LTM, GTM, VLAN, VTP, and Checkpoint.

Confidential, Boston, MA

Network Engineer

Responsibilities:

  • Supporting and troubleshooting Checkpoint (R77.10 Gaia, R77, R76, Provider-1, MDM/MDS, VSX, SPLAT and IPSO) and Cisco firewall (ASA 5550, 5540, 5520, PIX 525, 535, CSM and ASDM) technologies.
  • Migration and implementation; new solutions with Palo Alto Next-Generation Firewall series PA-500, PA-3060 and PA-5060
  • Responsible for planning, documenting and implementation of complex Firewall and VPN solutions
  • Configured Juniper SRX and SSG firewalls using NSM and via CLI.
  • Adding zone based rules in Juniper SRX and netscreen SSG firewalls as per client requirements.
  • Experience on working with Palo Alto Next Generation firewall with security, networking, and management features such as URL filtering, Anti-virus, IPsec VPN, SSL VPN, IPS, Log Management etc.
  • Extracted the logs, Perform real time log analysis using SIEM technologies and Forensics Analysis of logs as per the request.
  • Engineered BLS Checkpoint infrastructure which consists of 500+ firewalls running different flavors of hardware and Checkpoint OS such as (R71, R75, R76 and R77).
  • Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience
  • Converting Checkpoint VPN rules over to the Cisco ASA solution and migrating with both Checkpoint and Cisco ASA VPN.
  • Implemented Site-to-Site VPNs between ASA Firewall and Router
  • Performing packet captures using TCPDUMP, fw monitor, Snoop, wireshark and other netwok monitoring tools.
  • Worked with Checkpoint Firewall (SPLAT/Gaia) for management (Smart Dashboard, Smart Monitor), Logging (Smart Log, Smart View Tracker)
  • Work with application team to understand their requirements and come up with the best load balancing options (F5 BIG IP- created Virtual servers and load balanced across the web server into network)..
  • Configuration of Fabric path and connectivity between Nexus 5K and Nexus 7k
  • Prepared engineering documents and network diagrams in Microsoft Visio.
  • Involved in Datacenter build and support, Implementation, migrations network support, Interconnectivity between an old Datacenter and new Datacenter.
  • Juniper: EX-2200,EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240,SRX 1600 SSG 550
  • Designed and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
  • Responsibilities also include technical documentation of all upgrades done. Attending meetings and technical discussions related to current project

Confidential, Boston, MA

Network Engineer

Responsibilities:

  • Working knowledge of Firewall service module FWSM UPGRADE, FWSM RULESET conversion
  • Configuring, Administering and troubleshooting the Checkpoint Firewalls R61, R65 and R70.
  • Troubleshooting connectivity issues on the Checkpoint Firewall using smart view tracker, monitor health of the appliance using smart view monitor
  • Adding and removing checkpoint firewall policies based on the requirements of various project requirements
  • Involved in Datacenter build and support, Implementation, migrations network support, Interconnectivity between an old Datacenter and new Datacenter.
  • Worked on the migration project of Converting old PIX firewalls into new ASA firewalls.
  • Converting access-lists to Firewall rule sets on FWSM module with 6509-E Catalyst switches
  • Upgrading IOS on 2960 and using 2960 switch as a PAGP between VSS
  • Involved configuring PPP multilink group, dialer group, PPP authentication protocols like PAP, CHAP
  • Working knowledge of Terminal server and the configurations
  • Installation of L3 Switching Engine policy Feature Card & Distributed Forwarding Card DFC3C
  • Experience with hybrid CatOS to Native Cisco IOS code migration involving Catalyst 6503 to Catalyst 6504 switches
  • Converting CatOS to Cisco IOS Configuration Conversion on distribution layer switches
  • Configured HSRP between VLANs, Configuring Ether-Channels, Port Channel on 6500 catalyst switches
  • Data center migration was involved in Access, Distribution and Core layers.
  • Installed new purchased Hardware to the new DC, Migrate data over WAN connection, also greatly involved in virtualization of physical servers’
  • Experience with migration Hybrid based Cisco CatOS and Native Cisco IOS on 6500 catalyst switches.
  • Involved in migration of WLAN segment on the LAN Core. Also, involved in configuring wireless VLANS
  • Coordinated precise scheduling for all migration events including all equipment and resources for the data center migration on an extremely accelerated schedule with for a high profile client.
  • Configuring Virtual Chassis for Juniper switches EX-4200,Firewalls SRX-210
  • Experience configuring Virtual Device Context in Nexus 7010
  • Involved in designing GRE tunnels for encryption of data flow from source to destination
  • Experience with Project documentation tools & implementing and maintaining network monitoring systems and experience with developing network design documentation and presentations using VISIO

Confidential, Oakland, CA

Network Engineer

Responsibilities:

  • Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies. Cisco CLI, Cisco works, Network Security, Network Analysis Tools
  • Experience with Checkpoint Firewall policy provisioning.
  • Identify, design and implement flexible, responsive, and secure technology services.
  • Troubleshoot traffic passing managed firewalls via logs and packet captures.
  • Configured and resolved various OSPF issues in an OSPF multi area environment.
  • Hands-on experience with WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP/OSPF), and IP addressing.
  • Layer 2 switching technology architecture, implementation and operations including L2 and L3 switching and related functionality. This includes the use of VLANS, STP, VTP and their functions as they relate to networking infrastructure requirements including internal and external treatment, configuration and security.
  • Configuration and troubleshooting of Cisco catalyst 6509, 7613 with supervisor cards.
  • Estimated Project costs and created documentation for project funding approvals.
  • Managed various teams involved in site surveys, cabling specifications, Network equipment installation and configuration.
  • Planned resources and presented project status to higher management.
  • Deployed 7613 as PE and CE router and configured and troubleshooted the Edge Routers.
  • Excellent troubleshooting knowledge on T1, T3, OC-3 and OC-12.
  • Created and delivered internal trainings for BGP.
  • Configured egress and ingress queues for ISP facing routers using CBWFQ.
  • Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems.
  • Ability to analyze, configure and troubleshoot networks.
  • Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support
  • Supporting EIGRP and BGP based PwC network by resolving level 2 & 3 problems of internal teams & external customers of all locations.

Confidential, Tewksbury Township, NJ

Network Engineer

Responsibilities:

  • Involved setting up the TFTP server for backing up the IOS images and configuration files of Cisco Routers and Switches and troubleshooting the file servers.
  • Responsible for network evaluations, troubleshooting a variety of network problems, and implementing various software and hardware upgrades efficient performance.
  • Troubleshoot Cisco hardware: Inspected devices, read device LEDs, loose connections, cards, dirty devices, interior IOS upgrade, switch configuration usage of Visual Switch Manager, switch port configuration, port monitoring. Watch over Flooding Control/Network port.
  • Designed IP addressing schemes, VLAN's, subnetting and Trunking to meet requirements.
  • Preformed installation, cabling and cable testing.
  • Setup Access list and configured Firewall.
  • Performed switching technology administration including VLANs, inter-VLAN routing, Trunking, STP, RSTP, port aggregation & link negotiation.
  • Designed and implemented IT security policies and networked backup systems.
  • Documented and maintained technical diagrams, documented logical and physical topology, and other IT procedures.
  • Reviewed, approved, procured various IT hardware and software products to fulfill strategic and operational needs of various departments.
  • Worked with management and various departments to develop procedures and troubleshoot problems as they arose.
  • Worked on Cisco router 3700, 2600 and Switches 2950 servers

Confidential, Edison, NJ

Network Engineer

Responsibilities:

  • Analysis, design, capacity planning and implementation of Active Directory Security
  • Translate business needs into workable technology solutions that meet the requirements of internal customers and peer Active Directory Engineering and Operations teams
  • Responsible for developing standards, target states, roadmaps, effectively socializing and obtaining consensus across architecture, engineering and operations teams
  • Independently manage and perform engineering role for large scale Active Directory efforts and initiatives
  • Perform various functions and duties in support of audit and compliance deliverables - verification/remittance of directory security evidence
  • Develop detailed architecture, standards, design and implementation documentation
  • Analyze current Active Directory environment to identify both technical and operational challenges while making recommendations and developing solutions for improvement
  • Participate in or lead complex or high severity troubleshooting and incident/problem resolutions with other infrastructure teams

Hire Now