SUMMARY:

• Visiona ry and innovative techn ologi st se ekin g ch allen ging position i n the high - te ch indu stry to make the mo st of my technical backg rou nd, cu stome r focus, creativity, passio n, indu stry experi en c e, and le ade rshi p skills.
• 7+ years of IT industry experience as Network Security engineer with experience in testing, troubleshooting, implementing, optimizing and maintaining enterprise data network and service provider systems.
• Extensive knowledge in configuring and deploying Next Generation Firewalls including Palo Alto, Cisco ASA and Checkpoint Firewalls.
• Profound working knowledge of administration and management of Palo Alto firewalls using centralized Panorama M-100 and M-500 devices.
• Responsible for configuring and maintaining Citrix Net scalar SDX and F5 Load Balancers.
• Experienced working with Juniper SRX firewalls, Juniper switches and routers.
• Have In-depth knowledge of deploying and troubleshooting LAN, WAN, Frame-Relay, Ether-channel, IP Routing Protocols - (RIP, OSPF, EIGRP & BGP), ACL's, NAT, VLAN, STP, VTP, HSRP & GLBP.
• Proficient in Cisco IOS for configuration &troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS, switching (VLANS, VTP Domains, STP, and trunking).
• Experience with Virtualization technologies like Installing, Configuring, and Administering VMware ESX/ESXI.
• Hands-On experience in the configuration, management, maintenance and support of wireless devices like Cisco Meraki, Cisco Aps, Clear Pass and Aruba Wireless.
• Experience working with Bluecoat WAN Accelerator, Bluecoat Packet shaper and Bluecoat Proxy and assisted setting up Blue Coat proxy as forward proxy for URL filtering.
• Profound experience in working with Nexus-OS, VPC, VDC, OTV, FEX in the datacenters.
• Expert level knowledge on configuring and troubleshooting IPSec VPN and SSL VPN tunnels for connectivity between site-site and remote location users by using IKE and PKI.
• Strong working experience with siem tools like Splunk and packet sniffing tools including Wireshark, tcpdump.
• Independent problem solving and a good team player with strong interpersonal and communication skills.
• Experience supporting 24x7 production computing environments. Experience providing on-call and weekend support.
• Excellent analytical, problem solving, communication and interpersonal skills.

TECHNICAL SKILLS:

Firewalls: Palo Alto 52XX, 32XX. Cisco ASA 55XX series, Juniper SRX 5400,5600 Checkpoint 15000,23000 series

Load Balancers: F5 Networks (Big-IP), Cisco ACE & Brocade Load Balancers.

Switches: Stackable Switches: Cisco 3850, 3750, 350X, 2960, Brocade ICX 6610

Chassis Switches Cisco catalyst 6500,4500, Nexus 9500, 7700, 7000, 5600: Arista 7100,7300X, 7500R

Nexus 2000 FEX series, SFP+ cables: Juniper EX3300,3400, 4200

Routers: Cisco ASR 9000,1000, Core Routers NCS 6000, 5000 series, ISR 1000,800 series, Juniper

Routing: EIGRP, OSPF, BGP, Route Redistribution, ACLs, Policy based routing, NAT, PAT.

Wireless Technologies: Airwatch & WLC’s (8510, 5508, 5706), Cisco AironetAP’s (2600, 3600, 3700), Aruba 225, Aruba 3000 controller & Airwave.

Operating Systems: Windows Server 2003/2008/2012 , Mac OS and Linux, VMWareESX, PAN-OS, IOS-XE, NX-OS.

Networking: TCP/IP protocol suite (IP, ARP, ICMP, TCP, UDP, SNMP, FTP, TFTP). IPv4, IPv6, DHCP, Static and dynamic NAT, PAT, HTTP, VoIP, LDAP

PROFESSIONAL EXPERIENCE:

Network Security Engineer

Confidential, CA

Responsibilities:

• Configured SSL VPNs on Palo Alto firewalls for secure site-to-site VPN connectivity.
• Configured and deployed F5 Big-IP LTM for distributing inbound traffic to the servers
• Responsible for implementing the Palo Alto to mitigate DOS, DDOS, attacks using Dos Protection, Threat Prevention and Data Filtering.
• Exposure to WILD FIRE feature of Palo Alto and Assisting Customer with leveraging new features on Palo Alto devices.
• Implemented Global Protect with single and multiple gateway solutions for clientless VPN.
• Upgrading firewall versions (Palo Alto) to the latest versions/IOS & applying Hot-fixes. Taking Regular backups & testing the backups by restoring in test lab frequently.
• Deployed Active/Standby modes of High Availability (HA) with Session and Configuration synchronization on multiple Palo Alto firewall pairs. Knowledge on the application of Active/Active HA mode.
• Managed Palo Alto firewalls utilizing panorama and constantly ensured software upgrades and content updates are up to date on the devices.
• Installed and maintained Aruba switches, Aruba Wireless AP’s and Aruba Virtual Controllers.
• Configured role-based, device-based access and self-service capabilities using Clear Pass access management system.
• Configured 802.1X port-based authentication on Cisco switch-to-TACACS+ server communication
• Experienced in configuring the Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000.
• Installing and configuring of Cisco and Palo Alto Firewalls (PAN-5060).
• Managing Bluecoat proxy, responding to issues related to proxy, generating usage reports and checking for any threats Configuring and troubleshooting site-to site VPN tunnels on both Cisco and Palo Alto.
• Debug VPN connectivity issues.
• Performed security policy analysis and rule modifications on Cisco ASA firewalls.

Network Security Engineer

Confidential, NJ

Responsibilities:

• Experience in configuring Palo Alto Networks Firewall models as well as a centralized management system (Panorama) to manage large scale firewall deployments.
• Worked on configuration of Palo Alto firewalls including Security policies, Application &URL filtering, Data filtering, Threat prevention and File blocking.
• In-depth knowledge in designing, implementing, configuring with best practices on NexGen IDS/IPS Firewalls such as Palo Alto, Cisco Firepower (Sourcefire).
• Deployed Palo Alto firewalls using VMware NSX through L2 and L3 interfaces on models such as VM-300, VM-500, and VM-1000-HV.
• Enforce policy checks on north-south and east-west data center traffic through Panorama M-500.
• Troubleshooting connectivity issues through Bluecoat as well writing and editing web policies.
• Implement security measures to resolve data loss vulnerabilities, mitigate risk and recommend security changes or system components as needed.
• Assisted in VPN configuration, NAT policies, failovers, maintaining and analysis of firewall logs.
• Leveraged Palo Alto Networks’ Wildfire inspection engine to prevent Zero-Day attacks.
• Configure F5 Big-IP load balancers through GUI and writing iRules to monitor and tune the load on network servers.
• Performed configuration and implemented of High Availability (Active-Passive, Active/Active) on firewalls.
• Manage multiple Palo Alto firewalls centrally through the Palo Alto Panorama M-500 centralized Management appliance.
• Deployed Cisco and Aruba wireless 802.1X infrastructure across the enterprise network.
• Implement the Global Protect VPN, IPSec VPNs and SSL VPNs through IKE and PKI on Palo Alto firewalls for site-to-site VPN Connectivity
• Working on network design for new next-generation VPN solution, migration from Checkpoint VPN to Pulse Secure VPN from network prospect.

Network Security Engineer

Confidential

Responsibilities:

• Troubleshooting issues on Cisco 7600, 3600, CRS-8, CRS-16, ASR, GSR, 6500, 2800. Juniper MX960's, T1600's, TXP+, T4000, EX4200.
• Involved in protocol troubleshoots BGP, ISIS, OSPF, MPLS, Multicast, VPLS / L2VPN.
• Configured and managed Check Point firewalls versions R77.30 and R77.10.
• Hands-on experience with Bluecoat Proxy Secure Web Gateways for content filtering, Data loss prevention and prevent Zero-Day exploits
• Managed and monitored Check Point firewall policies and configurations through Smart Dashboard and Smart View Tracker.
• Configured and monitored DMZs, service policy rules such as NAT rules, AAA rules on the Cisco ASA firewalls according to the client requirement.
• Configured Spanning tree protocols, VLAN trunking 802.1q and VLAN routing on Cisco 5500 catalyst switches.
• Working in Networking Operations team, managing day-to-day network infrastructure activities comprising of Routing, Switching, Security and Application Load Balancers.
• Supporting day-to-day routing requirements like route updates, new router/link installations, troubleshooting OSPF, BGP, EIGRP protocols.
• Working with service provider for route updates and advertisements of new networks.

Network Engineer

Confidential

Responsibilities:

• Documented and updated the network physical and logical layout.
• Hands on experience with Network diagnostics, monitoring, and analytical tools.
• Responsible for maintenance and utilization of VLANs, Spanning-tree, HSRP, VTP of the switched multi-layer backbone with catalyst switches.
• Configured/Troubleshoot issues with Cisco routers, switches, NAT, and DHCP, as well as assisting with customer LAN /WAN.
• Handling Break/Fix situations, monitor, configure, policy creation on Checkpoint's Smart Center Server. Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/VPN-1 and Cisco ASA.
• Configured IP access filter policies and Network Analysis Tools.
• Created Private VLANs & preventing VLAN hopping attacks & mitigating spoofing with snooping & IP source guard.
• Experience with different Network Management Tools and Sniffers like Wireshark (ethereal), RSA envision, Netflow to support 24x7 Network Operation Centre.
• Strong knowledge and experience in implementing, configuring VPN technologies like IPSec, SSL.
• Performed DNS and DHCP troubleshooting.
• Basic knowledge of wireless networking and web browsing content filtering.
• Provided support for installation and troubleshooting of configuration issues.
• Implemented & Integrated Cisco switches, routers, and security devices.
• Involved in L2/L3 Switching Technology troubleshooting.
• Creating and managing VLANs, Port security, Trunking, STP, INTER-VLAN routing, LAN security.
• Configured/Troubleshoot issues with Cisco routers, switches, NAT, and DHCP, as well as assisting with customer LAN /WAN.

Network System Administrator

Confidential

Responsibilities:

• Responsible for maintaining and monitoring performance of network.
• Provide first-level technical support; assisting users who have network problems.
• Perform high level troubleshooting, diagnostics for networking problems.
• Construct protocols for port-security to prevent any unauthorized access to the network.
• Performed troubleshooting in TCP/IP related problems and connectivity issues.
• Performed troubleshooting and resolved Layer2 and Layer3 issues.
• Deliver support for Remote Access VPN and troubleshooting when necessary.
• Enabling port fast, uplink fast, and backbone fast for fast convergence.
• Coordinate with team members to reduce technical complication and collaborate on projects.
• LAN/WAN: IP Routing, Multi-Layer Switching, TCP/IP.
• Design and deploy networks.
• Assign routing protocols and routing table configuration.
• Assign configuration of authentication and authorization of directory services.