We provide IT Staff Augmentation Services!

Sr. Network And Security Engineer Resume

Fort Worth, TX

SUMMARY:

  • 11+ years of experience in data networking with Medium and large Enterprise and ISPs.
  • Hands on experience in Design, Implementation, Operations, Architecture, Troubleshoot, Maintenance and Deployment of Multivendor Routers, Switches, Load - Balancers and Firewalls in Data centers and Offices.
  • Hands on experience in Cloud and Devops model technologies like Jenkins, Git, Docker, Python and Terraform.

TECHNICAL SKILLS:

Domain: Routing, Switching, Security, Load balancers, Automation.

Load Balancers: F5 LTM GTM APM ASM, Citrix-netscaler, Nginx Plus, A10,Appview-X

Routing Protocols: EIGRP, OSPF, BGP, RIP, MPLS.

Other Technologies: IP Sec, GRE, DHCP, VPN, NAT, TCP/IP, FTP, HSRP, QOS, ACLVLAN, STP, ETHERCHANNEL, DNS, GSLB,HTTP Automation, Python Scripting, Devops, GitHUb, JenkinsIBM, Azure cloud technologies, Docker, Kubernetes

Monitoring tools: WhatsUP GOLD, Solar Winds, MRTG, CACTI.

PROFESSIONAL EXPERIENCE

Confidential, Fort Worth, TX

Sr. Network and Security Engineer

Platforms used: Palo Alto, Cisco ASA, F5, Netscaler, Nginx Plus, Appview-X, Cloud, Devops

Responsibilities:

  • Analyze, design, implement and maintain the network Load Balancer infrastructure across four data centers with F5 LTM, GTM DNS, APM, ASM, Citrix Netsclaer, NGINX-Plus.
  • Configuring and maintaining Static,OSPF,BGP routes on L3 devices for load balancer infrastrure.
  • Analyze networks to find vulnerabilities and capacity issues to meet PCI audit compliances.
  • Creating policies, NAT on firewall Palo Alto as per customer requirement.
  • Daily change management tools using Archer, Service Now and internal tools.
  • Deploying templates, object creations,Rule changes on Palo Alto firewalls.
  • Working with risk team and Vulnerability managemen team for PCI Compliance for firewall change approval process and Security Policy creations as per Zone basis.
  • Deploy new software load balancer Nginx Plus on-premise in various data centers and migrating EOSL F5 LTM to Nginx-plus.
  • Designed and Implemented the NGINX+ solution by tightly integrating Devops model with with GIT, Jenkins, Docker.
  • Deliver applications and services at high velocity by automate the engineer tasks using DevOps model Github with CI/CD capabilities and jenkins, infrastructure automation tools and orchestration.
  • Automate the configuration tasks and SSL certificate renewals using scripting like python.
  • Offer architecture/ engineering expertise for new implementations, cloud environment, integrations, and project designs.
  • Troubleshooting by packet flow and packet capture diagnostics to reverse engineer web http applications.
  • Coordinate with multiple managed service providers using standardized engagements.
  • Determine specific network hardware or software requirements such as platforms, interfaces or routing schemes.
  • DNS functionality setup with F5 GTM for global system load balancing and Infoblox solutions for IPAM DHCP and DNS.
  • Implementing and testing centralized management tools like appviewX, BigIQ, dynatrace, nginx controller for load balancer solutions.
  • Create ASM policies to protect from attacks like Cross-site scripting,DDos, OWASP etc
  • Engineer and onboard new applications in Azure
  • Migrating applications from AA datacenter to Azure Cloud platform
  • Confgured Azure Cloud load balancer and Avi networks software load balancer for application infrastructure.
  • Create Load balancer FrontEnd IP, BackEnd Pool, Health Probe, SNAT, rules on Azure Cloud load balancer.
  • Coordinate with network team and cloud team for Azure load balancer infrastrure.
  • Working with other teams for different cloud environments IAAS, PAAS and SAAS Azure and Google.
  • Set up SAML SSO with F5 APM
  • Part of cisco anyconnect vpn setup for AA enterprise network

Confidential, Redmond, WA

Network Security Engineer

Platforms used: Cisco ASA firewalls, checkpoint firewall, Juniper Netscreen and SRX firewalls, Juniper NSM, Cisco Nexus Switches 3k,5k and 7K,cisco IOS based Switches 4500,6500,F5 BIG IP load balancers and Netscaler devices.

Responsibilities:

  • Understanding customer's technical requirements and map those to a technical solution.
  • Part of the team for deploying new devices, upgrading production devices and decommissioning existing devices.
  • Migrating and upgrading EOL software router switches and moving from one data center to another.
  • Configuring and troubleshooting OSPF,BGP routes, ip helpers on routers as per customer requirement
  • Configuring and troubleshooting STP, ether channel, vlans, trunks, VPC on switches as per customer requirement
  • Configuring and troubleshooting security policies and implementing NAT and ACL’s on routers and netscreen, SRX firewalls, Checkpoint firewalls.
  • Configuring global objects, firewall policies on checkpoint and reviewing firewall rules as per user requirement.
  • Reviewing checkpoint logs and analysing the security attacks based on traffic flow
  • Testing firewall changes in LAB device before implementing on production
  • Implementing Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS) to protect application servces.
  • Investigating implementation of failure tickets and resolving within SLA.
  • Configuring vlans,virtuals,pools,monitors,profiles,snat,snatpool,high availability (failover) on F5.
  • Configuring Irules as per customer requirement and co-coordinating with escalation team & F5 TAC for support on irule scripting.
  • Configuring and renewal SSL certs for virtuals on F5
  • Worked on Shell Scripts for pushing, sorting and backing up the configuration of network devices from FTP Server.
  • Configuring system entities, vlans,service monitors, load-balancing virtual servers,,high availability (failover) on netscaler.
  • Configuring access control lists, RNAT, Content Switching VServers on netscaler.
  • Installing and renewing SSL certs and SSL offload on netscaler.
  • Network documentation using MS Visio 2010.
  • Creating knowledge base / Standard operation procedure (SOP)
  • Performing RCA (Root cause analysis) for critical incidents and documenting the same.
  • Troubleshooting the issues by packet capture with tcpdump, wireshark
  • Participating in the CAB (Change Advisory Board), to highlight risk attached to a change (Architecture or major changes), and resolving queries of clients.
  • Train team members through both formal and informal training programs.
  • Managing Network which consist More than 2000 Nodes and providing 99.99% of Uptime to the Services/Network.

Confidential

NOC Engineer

Responsibilities:

  • Implementation of VLANs, Inter-VLAN Routing and Providing Security in Switched Network.
  • Designing and configuring the network for new clients with redundancy connectivity.
  • Monitoring the WAN Links using WHATS UP GOLD, Solar Winds, and Loriot Pro.
  • Interaction with ISPs in case of outage of Wan Links.
  • Involved in Configuring Advanced Routing Protocols (OSPF).
  • Configuring static and default routes in Routers and Firewalls.
  • Creating VLANs, Propagating VLAN Configuration with VTP.
  • Configuring VLAN Trunks using ISL & 802.1Q.
  • Implementing RSTP,Link Aggregation with Ether Channel.
  • Mitigating Layer 2 Attacks (CAM table Over Flow, MAC address Spoofing & DHCP Starvation).
  • Installation of Router IOS and Backup of IOS image.
  • Managing and configuring WiMaxAperto EMS (NMS)
  • Provisioning Sectors & SS in EMS, adding profiles for Sectors & SS in EMS, assigning frequency and channel Bandwidth in BSR, firmware upgradation
  • Supporting High Volume, high revenue impacting operations, 24*7 setup, focusing on failsafe network.
  • Troubleshooting over Customer Query Calls, from a Sophisticated corporate to an Individual Customer
  • Managing corporate Checkpoint Firewall implementing security rules and mitigating network attacks.
  • Deploying Site to Site and Client to Site VPNs utilizing Checkpoint Firewall
  • Configuring NAT on Checkpoint
  • Code upgrade on checkpoint firewalls
  • Configuring scheduled backup for checkpoint firewalls
  • Installation and administration of Checkpoint R 75.40 Firewall

Hire Now