PROFESSIONAL SUMMARY:

• Over 9+ years of experienced in Networking, Design, implement and maintain firewalls.
• Review information security requirements, assess security risks, and define security requirements
• Experienced in Network deployments and Network security designs.
• Monitor, identify, report, and mitigate security weaknesses
• Configured RIP and EIGRP routing protocol in a complex network environment with the following attributes: Summarizing networks, passive interfaces, load balancing / load sharing, authentication, EIGRP over NBMA.
• Configured loopback addresses on routers and switches to provide stability for dynamic routing protocols
• Proficient with IP access lists, Cisco Discovery Protocol (CDP), Static Routing, Network Address Translation (NAT), VLAN Trunking Protocol (VTP), Spanning Tree Protocol (STP), InterVLAN routing, HSRP, Policy Based Routing, etc.
• troubleshooting to isolate, diagnose, and correct telephony related provisioning problems
• Demonstrated knowledge of telephony systems, applications and networks
• Perform risk assessments for clients and provide the findings and recommendations
• Communicate and manage client needs and expectations in all phases of their information security solutions
• Work with internal resources to ensure proper security controls are identified, implemented and tested
• Work independently with internal and external clients regarding security requirements for existing and future business
• Develop detailed technical recommendations to solve security issues
• Enforce Information Security policies and procedures
• Troubleshoots network access problems and implements network security policies and procedures.
• Ensures network (LAN/WAN, telecommunications, and voice) security access and protects against unauthorized access, modification, or destruction).
• Experience in Identifying and evaluating implementations of specific and general security tools (Secure Works, SharePoint, IDS, ASA, etc.)
• Expertise in F5 LTM and GTM Management
• Expertise in F5 BIG - IP LTM and Cisco CSS load balancers
• Experience in Citrix Netscaler MPX, VPX load balancer
• Experience with proficiency in deploying and maintaining security environments built around Cisco, Juniper and Check Point solutions.
• Designed wire line data network
• Identified necessary network changes, validated proposed changes through testing, developed and submitted detailed work plans. Interfaces with the Data Network
• Worked for STC Data Network Operations and Support Dept.
• Extensive experience using Cisco IOS on routers/switches.
• Implement complex Check Point firewall clusters, VPN devices, IDS/IPS solutions.
• Experience in FWSM Firewalls and ASA Firewalls.
• Installed and configured FWSM ASA PIX and CISCO Firewalls
• Experience with firewalls to include Confidential Web Gateway, Sidewinder and Cisco ASA products.
• Design, implementation and troubleshooting of Sidewinder firewalls and Cisco devices.

TECHNICAL SKILLS:

Cisco Routers: (1605, 2500, 3640, 4000, 7500, 6400, 7100, 7200)

Bay Routers: (28200/5000/350/252/250)

Switches: Cisco (Catalyst 5000, 5500, 6000, 8500)

CSU/DSU: Kentrox

Load Balancer: Link proof, F5, WSD - Radware Inc.

Firewalls/Security: Cisco Pix Firewall 520/515, Checking Point, TACASA/RADIUS, Tipping Point.

Servers: Dell Power edge (6350, 2450, 4350), Compaq (Proliant 6500, 8000, 85000, CL380), Confidential (e-200, e-800, ih-3000, ih-6000HP), Digital, IBM, Acer, Sun (E6500, E450, Ultra 10, Ultra 5), RaQ 2- Linux Box

Workstation Tools: Exceed, MS suite, Citrix clients

NETWORKING: Switches, Routers, Hubs, Servers, Cables, Racks, Firewalls, LAN, WAN, TCP/IP, DNS, UDP, Latency, VoIP, QoS, EIGRP, BGP, OSPF, NHRP, ATM, PPP, MPLS

PROFESSIONAL EXPERIENCE:

Confidential, Irving, Texas

Network Engineer

Responsibilities:

• Configuring & managing around 500+ Network & Security Devices that includes Cisco Routers & Switches, Nexus Switches, Checkpoint firewalls, Cisco Wireless WLAN Controllers, Access Points (APs); Cisco, Aruba and Palo Alto Firewalls.
• Extensive experience in Installation, Configuration and Administration of FIREWALLS i.e. CISCO, Cisco ASA 5510, 5520, 5540, 5550, 5580, Juniper SRX, Junos, Fortinet, Checkpoint NGX-1/VPN-1 Firewall.
• Used Bluecoat, Palo Alto, Juniper firewall, Windows Infrastructure logs.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Implemented many number of security policy rules and NAT policy rules on Palo Alto, created Zones, Implemented Palo Alto Firewall interface, Palo Alto IDS and VLAN.
• Working on as security devices ASA, juniper, Palo Alto firewalls, routers, switches.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools
• Experience working with the latest ASA IOS (8.3, 8.4,9.1)
• Managed over 500 networks devices for AAA using Cisco ACS 4.x
• Hands-on experience and good knowledge on implementing Cisco Intelligent WAN (IWAN)
• Configure Cisco ISR routers and implement IWAN at remote sites to dynamically route the traffic prioritized by application, endpoint, and network conditions for best traffic quality.
• Deployed Intelligent WAN (IWAN) in both Hybrid and Dual-ISP branches to provide an increase in bandwidth capacity, security and reliability
• Configurations involved routing protocols like OSPF, BGP, and EIGRP, DMVPN, IWAN, MPLS, QOS, Static routes, Vlans, VRFs etc.
• Worked on IWAN deployment, MPLS & Internet circuit activations and configurations, cabling process, orders and quotes
• Upgraded IOS on over 40 Cisco ASA 5500 firewalls and FWSM modules
• Regular upgrade and maintenance of Infrastructure, Installing, configuring, and maintaining Cisco Switches (2900, 3500, 7600, 3700 series, 6500 series) Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800) Cisco Router and Switches, Juniper Routers and Firewalls, Nexus 7k,5k & 2k, f5 BIG IP, Palo Alto Firewalls, BlueCoat Proxy and Riverbed Steelhead appliances .
• Configuring & managing around 500+ Network &Security Devices that includes Cisco Routers & Switches, Nexus Switches, Juniper and Palo Alto Firewalls, F5 BigIP Load balancers, Blue Coat Proxies and Riverbed WAN Optimizers.
• Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 5500(5510/5540) Series.
• Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX as per the design.
• Upgrade Aruba wireless from 6000 to 7000 series WLAN controller.
• Very Good Experience with Check Point Provider - Version R70 and R75.
• Performed trouble shooting of Check point provider - Version R70 and R75.
• Production support for major firewall platforms to include Cisco ASA, Juniper SSG and ISG products, Check Point NGX implemented on Secure Platform (SPLAT) and expert-level network.
• Troubleshoots network access problems and implements network security policies and procedures.
• Ensures network (LAN/WAN, telecommunications, and voice) security access and protects against unauthorized access, modification, or destruction).
• Experience in FWSM Firewalls and ASA Firewalls.
• Installed and configured FWSM ASA PIX and CISCO Firewalls
• Configured with F5 Load balancers in Failover for Load balancing and SSL handling
• Configured F5 BiGip to provide Load Balancing for server farm.
• Experience with configuring VIPs on F5 and Citrix load balancer which include creating policies and creating redirection rules.
• Configure SSL certificate install and configure on loadbalancer.
• Hardware migration from Citrix Netscaler NS 7000 to MPX 9500
• Experienced in F5 GTM Traffic Management (GTM)
• Experience in Identifying and evaluating implementations of specific and general security tools (Secure Works, SharePoint, IDS, ASA, etc.)
• Experienced with Firewall administration such as Juniper, Check Point or Cisco
• Extensive experience with Check Point and CISCO Security Firewall Configurations and network configurations.
• Strong TCP/IP understanding. Knowledge of debugging Check Point Firewall.

Confidential, Chicago, IL

Network Engineer/ Administrator

Responsibilities:

• Experience with configuring, supporting, and troubleshooting security products including Check Point, Juniper, Cisco, IDS solutions, and others
• Installed Configured and administered Confidential Sidewinder Security Appliance and Smart Filter web content filtering software.
• Experience with firewalls to include Confidential Web Gateway, Sidewinder and Cisco ASA products.
• Configuring and install hardware and software required to conduct network penetration testing.
• Experience in infrastructure strategies, hardware/software, security and networking products
• Experienced in Advising management of options, risk vs. cost, benefits and other impacts of infrastructure solutions.
• Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Work with Cisco switches and routers, Confidential switches, Juniper and magnablend devices, Riverbed systems, Phone systems, Cisco ASA, Checkpoint firewalls, UPS systems, cradlepoints and PRTG network monitors, Opengear out of Band devices.
• 2960, 2950, 3560, 3650 cisco PoE & Non PoE switches. 1941, 3945, 4431, 4331 cisco routers, nexus 5k, 7k switches, riverbed 555 series, cisco ASA 5505,5506, Siemens phone system, Avaya phone systems
• Upgraded the data center network environment with Cisco ASA 5520. Configured ACL’s on Cisco Switches as well as configured routers as terminal servers
• Experience in setting technical standards for network infrastructure, security baselines, policies and procedures
• Configurations involved routing protocols like OSPF, BGP, and EIGRP, DMVPN, IWAN, MPLS, QOS, Static routes, Vlans, VRFs etc.
• Worked on IWAN deployment, MPLS & Internet circuit activations and configurations, cabling process, orders and quotes.
• Worked on turning a site into IWAN involving provision of two circuits, one for MPLS, other for Internet, activating these circuits, forming DMVPN over MPLS and DMVPN over Internet with our IWAN-MPLS and IWAN- INET head end routers at Datacenters.
• Ability to access Information Security Risks, understand business needs, and apply defined information security policies and architectures in order to develop effective solutions
• In-depth knowledge of IP routing, virtual routing and forwarding(VRF) and routing protocols
• Well versed in different vendors L2/3 switch hardware architectures
• Detailed knowledge and hands-on experience of Layer 2 protocols includes Spanning Tree Protocols, VLAN Tagging(802.1Q), Link aggregation (IEEE 802.1AX)
• Hands-on experience with design and implementation of large IP networks
• Hands-on experience with design and implementation of network security infrastructure (firewalls, IPS)
• Hands-on experience in datacenter environment (LAN/WAN/security/application)
• Experience with security as a discipline, with focus on IPSec, Access Control, Firewalling, IDS/IDP
• Hands-on experience with Cisco equipment, Juniper equipment, CDN platforms; test platforms: Spirent
• Experienced in pertaining to both security software (IOS-s) and hardware in Juniper and Cisco Routers and Switches.
• Managing Network consisting of more than 100 servers with Novell Netware, Windows NT, UNIX, Winframe, AS400, Cisco Routers and more than 1500 client.
• Also provided help in Medical Billing, In-house financial applications, Lytech Coding system
• Implementation and administration of Check Point Firewalls & network Management

Confidential, Bentonville, AR

Network Administrator

Responsibilities:

• Experience in setting technical standards for network infrastructure, security baselines, policies and procedures.
• Hands-on experience with design and implementation of network security infrastructure (firewalls, IPS)
• Hands-on experience in datacenter environment (LAN/WAN/security/application)
• Experience with security as a discipline, with focus on IPSec, Access Control, Firewalling, IDS/IDP
• Hands-on experience with Cisco equipment, Juniper equipment, CDN platforms; test platforms: Spirent
• Experienced in pertaining to security software (IOS-s) and hardware in Juniper and Cisco Routers and Switches.
• Develop and document infrastructure support policies and guidelines
• Educate and mentor IT support staff as needed, including requisite training on technology and governance
• Research and stay current on Infrastructure best practices and function as a subject matter expert in this area
• Work with outsource vendor to drive sound architectures, engineering designs, and configuration templates
• Engage in complex production impacting technical issues and work to troubleshoot and restore service
• Configure, design, evaluate, and integrate information security solutions into client sites
• Experienced in Design, implement and maintain firewall systems and firewall policies
• Experienced with Check Point (CCSA/CCSE) and CISCO Security Gateways/Appliances
• Experienced with Firewall administration such as Juniper, Check Point or Cisco
• Extensive experience with Check Point and CISCO Security Firewall Configurations and network configurations.
• Strong TCP/IP understanding. Knowledge of debugging Check Point Firewall.
• Designed and Configuring the WAN infrastructure, consisting of multiple T1 and T3 lines, Cisco routers, Cisco switches, Load balancers, Dell and Sun servers.
• Optimized performance of the WAN network consisting of Cisco 4500/5500 switches by configuring VLANs.
• Experienced with Cisco catalyst switches 5xxx,4xxx, 29xx,19xx and RSM and Cisco Routers 7500,7200,4000,3600,2600,2500
• Implementation of Checkpoint Firewall 4.1 to protect and authenticate local-net and DMZ. Defined policies, NAT and anti-spoofing for internal, external networks as well as Internet gateways.
• Experience in full life cycle, including coding standards, code reviews, source control management, build processes, testing, and operations.
• Experience with Provider One or Check Point's Smart Center management station Tipping Point
• Experience with common network management protocols/tools (TACACS, NTP, SNMP, SYSLOG, etc)
• Designed and Configured Web Server Farms, to increased performance through intelligent traffic, Bandwidth management and enhanced application security using WSD.
• Configured Web Trends for Real-time web traffic analysis and ecommerce Analysis
• Enabled remote users to access corporate LAN with VPN connectivity.
• Evaluating and creating a plan to deploy Windows 2000 Advanced server in a separate domain (Active Directory Services), to be integrated into existing environment once the production environment is ready to migrate to Windows 2000 ADS model. Installed and configure BackOffice 4.5 on this server.
• Provide 24/7 support and documenting network designs, Microsoft Visio diagrams and Implementation process

Network Engineer

Confidential, New Jersey

Responsibilities:

• Working with Network Design and implementation teams on various projects across related to Brach, Campus and Data Center.
• Implemented and maintained various WAN equipment such as Cisco 2800, 3800 and 7200 routers, ASR 1006.
• Experience working with Cisco 3750, 4948, 2811, 2600, 7200, 6500, series switches. Designing and deployment of Partner IPSEC VPN tunnels.
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4.
• Used network simulation software such as IxNetwork, and test case automation software, such as Ixia and Spirent, network analysis like Scapy and Wireshark
• Development of Perl scripts for tools and process automation.
• Designing, coding, and testing of software in Perl, including back-end and front-end (UI) code.
• Deploying and commission of core ASR 1K, Nexus 7K, 5K and its downstream devices.
• Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
• Experience in working with Python ORM (Object Relational Mapping) code Library including Django, SqlAlchemy ORM to switch an application between various relational
• Design, installation and configuration of JSC, TDWC and Tivoli Workload Scheduler on Solaris, Linux and Windows servers/clients.
• Configured CIDR IP RIP, PPP, BGP, MPLS and OSPF routing.
• Performing the ACL requests change for various clients by collecting source and destination information from them. Performed Break Fix support through driving to different buildings, identifying the root cause of the hardware issues with switches, routers.
• Design, implementation and operational support of routing/switching protocols in complex environments including BGP, OSPF, EIGRP, Spanning Tree, 802.1q, etc.
• Performing troubleshooting on slow network connectivity issues, routing issues that involves OSPF, BGP and identifying the root cause of the issues.
• Upgraded load balancers from Radware to F5 BigIP v9 which improved functionality and scalability in the enterprise.
• Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs
• Configuring various advanced features (Profiles, monitors, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital Certificates,
• Build and maintain SQL scripts, indexes, and complex queries for data analysis and extraction.
• Perform quality assurance and testing of SQL server environment.
• Executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.

Confidential, South Portland, ME

Network Associate

Responsibilities:

• Involved in configuring Cisco routers and switch administration, familiar with enterprise level Cisco Routers such as 7200 series, 3800 series, 3700 series, 2800series, and Cisco catalyst series switches like 6500, 3750, and 4500.
• Configuring and troubleshooting of routing protocols such as OSPF and BGP for effective communication.
• Installing & configuring firewalls like Checkpoint NG & NGX.
• Implement VLAN’s and access lists (ACL) and troubleshoot IP addressing issues and Update IOS images and other hardware installations.
• Experience in troubleshooting VLAN, STP (Spanning tree protocol), & Switch Trunk and IP subnet issues.
• Dealt with F5’s load balancing products in managing the key role issues.
• Dealt with NAT configuration and troubleshooting issues related access lists and DNS/DHCP issues within the LAN network.
• Managing and configuring Cisco Switches and Firewalls independently.
• Coordinated with senior engineers with BGP/OSPF routing policies and designs, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Provisioning and troubleshooting Ethernet services, Gigabit networks and Connectivity issues with WAN types (Frame relay).
• Installing and configuring the VPN’s for the clients (site to site) using IPSec and GRE.
• Monitoring Network infrastructure using SNMP tools like Confidential Open view.
• Involved in Configuration of Access lists (ACL) for the proper network routing for the B2B network connectivity.
• Worked with customers in troubleshooting issues related to connectivity, STP, VLANs, Inter-VLAN routing, VTP, Ether channels, Layer 2/3 switching, log messages.
• Possess excellent verbal and written communication skills and experience developing and maintaining technical procedure and documentation.
• Dealt with redundant pair issues during the deployment of 6800 LTM Box
• Deployed the iRules using TCL for the Enterprise Intranet work for the VLAN based applications and their load balancing between datacenters.
• Involved in iRules management like loading rules, writing iRules syntax using TCL language and iRule extension to TCL
• Worked on configuring /modifying load balancing options and features to include OneConnect, Persistence, SSL offload functions, HTTP profiles, etc. Virtual servers, POOLs, TCP profiles, updating and renewing SSL certificates with SAN certs as required and applying standard iRules as needed.
• Worked on LTM Inbound SNAT configurations and outbound NAT server to IP mapping.
• Worked on building Global Traffic Manager and Iquery functionality between LTM and GTM for a HA design.
• Dealt with F5 GTM solutions, including WideIP and Pool Load Balancing Methods, probers and monitors to ensure that the day-to-day Security Operations runs smooth.
• Created several iApps on APM for Citrix and VMWare proxy.
• Implemented and supported SSL VPN network tunnels on F5 APMs.
• Implemented and supported security policies in ASM for securing LTM VIPs.
• Change management and 3rd level Incident management being the primary responsibility, participated directly as well as take escalations from the team members.
• Measured the application performances across the MPLS cloud through various routing and switching methods.