We provide IT Staff Augmentation Services!

Network Security Engineer Resume

CA

SUMMARY:

  • Visiona ry and innovative techn ologi st se ekin g ch allen ging position i n the high - te ch indu stry to make the mo st of my technical backg rou nd, cu stome r focus, creativity, passio n, indu stry experi en c e, and le ade rshi p skills.
  • 7+ years of IT industry experience as Network Security engineer with experience in testing, troubleshooting, implementing, optimizing and maintaining enterprise data network and service provider systems.
  • Extensive knowledge in configuring and deploying Next Generation Firewalls including Palo Alto, Cisco ASA and Checkpoint Firewalls.
  • Profound working knowledge of administration and management of Palo Alto firewalls using centralized Panorama M-100 and M-500 devices.
  • Responsible for configuring and maintaining Citrix Net scalar SDX and F5 Load Balancers.
  • Experienced working with Juniper SRX firewalls, Juniper switches and routers.
  • Have In-depth knowledge of deploying and troubleshooting LAN, WAN, Frame-Relay, Ether-channel, IP Routing Protocols - (RIP, OSPF, EIGRP & BGP), ACL's, NAT, VLAN, STP, VTP, HSRP & GLBP.
  • Proficient in Cisco IOS for configuration &troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS, switching (VLANS, VTP Domains, STP, and trunking).
  • Experience with Virtualization technologies like Installing, Configuring, and Administering VMware ESX/ESXI.
  • Hands-On experience in the configuration, management, maintenance and support of wireless devices like Cisco Meraki, Cisco Aps, Clear Pass and Aruba Wireless.
  • Experience working with Bluecoat WAN Accelerator, Bluecoat Packet shaper and Bluecoat Proxy and assisted setting up Blue Coat proxy as forward proxy for URL filtering.
  • Profound experience in working with Nexus-OS, VPC, VDC, OTV, FEX in the datacenters.
  • Expert level knowledge on configuring and troubleshooting IPSec VPN and SSL VPN tunnels for connectivity between site-site and remote location users by using IKE and PKI.
  • Strong working experience with siem tools like Splunk and packet sniffing tools including Wireshark, tcpdump.
  • Independent problem solving and a good team player with strong interpersonal and communication skills.
  • Experience supporting 24x7 production computing environments. Experience providing on-call and weekend support.
  • Excellent analytical, problem solving, communication and interpersonal skills.

TECHNICAL SKILLS:

Firewalls: Palo Alto 52XX, 32XX. Cisco ASA 55XX series, Juniper SRX 5400,5600 Checkpoint 15000,23000 series

Load Balancers: F5 Networks (Big-IP), Cisco ACE & Brocade Load Balancers.

Switches: Stackable Switches: Cisco 3850, 3750, 350X, 2960, Brocade ICX 6610

Chassis Switches Cisco catalyst 6500,4500, Nexus 9500, 7700, 7000, 5600: Arista 7100,7300X, 7500R

Nexus 2000 FEX series, SFP+ cables: Juniper EX3300,3400, 4200

Routers: Cisco ASR 9000,1000, Core Routers NCS 6000, 5000 series, ISR 1000,800 series, Juniper

Routing: EIGRP, OSPF, BGP, Route Redistribution, ACLs, Policy based routing, NAT, PAT.

Wireless Technologies: Airwatch & WLC’s (8510, 5508, 5706), Cisco AironetAP’s (2600, 3600, 3700), Aruba 225, Aruba 3000 controller & Airwave.

Operating Systems: Windows Server 2003/2008/2012 , Mac OS and Linux, VMWareESX, PAN-OS, IOS-XE, NX-OS.

Networking: TCP/IP protocol suite (IP, ARP, ICMP, TCP, UDP, SNMP, FTP, TFTP). IPv4, IPv6, DHCP, Static and dynamic NAT, PAT, HTTP, VoIP, LDAP

PROFESSIONAL EXPERIENCE:

Network Security Engineer

Confidential, CA

Responsibilities:

  • Configured SSL VPNs on Palo Alto firewalls for secure site-to-site VPN connectivity.
  • Configured and deployed F5 Big-IP LTM for distributing inbound traffic to the servers
  • Responsible for implementing the Palo Alto to mitigate DOS, DDOS, attacks using Dos Protection, Threat Prevention and Data Filtering.
  • Exposure to WILD FIRE feature of Palo Alto and Assisting Customer with leveraging new features on Palo Alto devices.
  • Implemented Global Protect with single and multiple gateway solutions for clientless VPN.
  • Upgrading firewall versions (Palo Alto) to the latest versions/IOS & applying Hot-fixes. Taking Regular backups & testing the backups by restoring in test lab frequently.
  • Deployed Active/Standby modes of High Availability (HA) with Session and Configuration synchronization on multiple Palo Alto firewall pairs. Knowledge on the application of Active/Active HA mode.
  • Managed Palo Alto firewalls utilizing panorama and constantly ensured software upgrades and content updates are up to date on the devices.
  • Installed and maintained Aruba switches, Aruba Wireless AP’s and Aruba Virtual Controllers.
  • Configured role-based, device-based access and self-service capabilities using Clear Pass access management system.
  • Configured 802.1X port-based authentication on Cisco switch-to-TACACS+ server communication
  • Experienced in configuring the Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000.
  • Installing and configuring of Cisco and Palo Alto Firewalls (PAN-5060).
  • Managing Bluecoat proxy, responding to issues related to proxy, generating usage reports and checking for any threats Configuring and troubleshooting site-to site VPN tunnels on both Cisco and Palo Alto.
  • Debug VPN connectivity issues.
  • Performed security policy analysis and rule modifications on Cisco ASA firewalls.

Network Security Engineer

Confidential, NJ

Responsibilities:

  • Experience in configuring Palo Alto Networks Firewall models as well as a centralized management system (Panorama) to manage large scale firewall deployments.
  • Worked on configuration of Palo Alto firewalls including Security policies, Application &URL filtering, Data filtering, Threat prevention and File blocking.
  • In-depth knowledge in designing, implementing, configuring with best practices on NexGen IDS/IPS Firewalls such as Palo Alto, Cisco Firepower (Sourcefire).
  • Deployed Palo Alto firewalls using VMware NSX through L2 and L3 interfaces on models such as VM-300, VM-500, and VM-1000-HV.
  • Enforce policy checks on north-south and east-west data center traffic through Panorama M-500.
  • Troubleshooting connectivity issues through Bluecoat as well writing and editing web policies.
  • Implement security measures to resolve data loss vulnerabilities, mitigate risk and recommend security changes or system components as needed.
  • Assisted in VPN configuration, NAT policies, failovers, maintaining and analysis of firewall logs.
  • Leveraged Palo Alto Networks’ Wildfire inspection engine to prevent Zero-Day attacks.
  • Configure F5 Big-IP load balancers through GUI and writing iRules to monitor and tune the load on network servers.
  • Performed configuration and implemented of High Availability (Active-Passive, Active/Active) on firewalls.
  • Manage multiple Palo Alto firewalls centrally through the Palo Alto Panorama M-500 centralized Management appliance.
  • Deployed Cisco and Aruba wireless 802.1X infrastructure across the enterprise network.
  • Implement the Global Protect VPN, IPSec VPNs and SSL VPNs through IKE and PKI on Palo Alto firewalls for site-to-site VPN Connectivity
  • Working on network design for new next-generation VPN solution, migration from Checkpoint VPN to Pulse Secure VPN from network prospect.

Network Security Engineer

Confidential

Responsibilities:

  • Troubleshooting issues on Cisco 7600, 3600, CRS-8, CRS-16, ASR, GSR, 6500, 2800. Juniper MX960's, T1600's, TXP+, T4000, EX4200.
  • Involved in protocol troubleshoots BGP, ISIS, OSPF, MPLS, Multicast, VPLS / L2VPN.
  • Configured and managed Check Point firewalls versions R77.30 and R77.10.
  • Hands-on experience with Bluecoat Proxy Secure Web Gateways for content filtering, Data loss prevention and prevent Zero-Day exploits
  • Managed and monitored Check Point firewall policies and configurations through Smart Dashboard and Smart View Tracker.
  • Configured and monitored DMZs, service policy rules such as NAT rules, AAA rules on the Cisco ASA firewalls according to the client requirement.
  • Configured Spanning tree protocols, VLAN trunking 802.1q and VLAN routing on Cisco 5500 catalyst switches.
  • Working in Networking Operations team, managing day-to-day network infrastructure activities comprising of Routing, Switching, Security and Application Load Balancers.
  • Supporting day-to-day routing requirements like route updates, new router/link installations, troubleshooting OSPF, BGP, EIGRP protocols.
  • Working with service provider for route updates and advertisements of new networks.

Network Engineer

Confidential

Responsibilities:

  • Documented and updated the network physical and logical layout.
  • Hands on experience with Network diagnostics, monitoring, and analytical tools.
  • Responsible for maintenance and utilization of VLANs, Spanning-tree, HSRP, VTP of the switched multi-layer backbone with catalyst switches.
  • Configured/Troubleshoot issues with Cisco routers, switches, NAT, and DHCP, as well as assisting with customer LAN /WAN.
  • Handling Break/Fix situations, monitor, configure, policy creation on Checkpoint's Smart Center Server. Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/VPN-1 and Cisco ASA.
  • Configured IP access filter policies and Network Analysis Tools.
  • Created Private VLANs & preventing VLAN hopping attacks & mitigating spoofing with snooping & IP source guard.
  • Experience with different Network Management Tools and Sniffers like Wireshark (ethereal), RSA envision, Netflow to support 24x7 Network Operation Centre.
  • Strong knowledge and experience in implementing, configuring VPN technologies like IPSec, SSL.
  • Performed DNS and DHCP troubleshooting.
  • Basic knowledge of wireless networking and web browsing content filtering.
  • Provided support for installation and troubleshooting of configuration issues.
  • Implemented & Integrated Cisco switches, routers, and security devices.
  • Involved in L2/L3 Switching Technology troubleshooting.
  • Creating and managing VLANs, Port security, Trunking, STP, INTER-VLAN routing, LAN security.
  • Configured/Troubleshoot issues with Cisco routers, switches, NAT, and DHCP, as well as assisting with customer LAN /WAN.

Network System Administrator

Confidential

Responsibilities:

  • Responsible for maintaining and monitoring performance of network.
  • Provide first-level technical support; assisting users who have network problems.
  • Perform high level troubleshooting, diagnostics for networking problems.
  • Construct protocols for port-security to prevent any unauthorized access to the network.
  • Performed troubleshooting in TCP/IP related problems and connectivity issues.
  • Performed troubleshooting and resolved Layer2 and Layer3 issues.
  • Deliver support for Remote Access VPN and troubleshooting when necessary.
  • Enabling port fast, uplink fast, and backbone fast for fast convergence.
  • Coordinate with team members to reduce technical complication and collaborate on projects.
  • LAN/WAN: IP Routing, Multi-Layer Switching, TCP/IP.
  • Design and deploy networks.
  • Assign routing protocols and routing table configuration.
  • Assign configuration of authentication and authorization of directory services.

Hire Now