SUMMARY

• Senior Network Security Engineer having 7+ years’ experience in Networking and Security, widely in Network Security Products and Firewalls.
• Having hands on good experience on Checkpoint Firewall along wif Confidential ASA and Palo Alto
• Hands on experience for Implemented Zone Based Firewall and Security Rules on teh Palo Alto Firewall.
• Good understanding and experience in migration from Confidential ASA to Next Gen Palo Alto Firewall
• Experience converting Palo Alto VPN rules over to teh Confidential ASA solution. Migration wif both Checkpoint and Confidential ASA VPN experience.
• Statoil Communication Security Team member, providing operation support on Firewalls, Bluecoat Proxy, F5 Load Balancers, Confidential ACS, Algosec, Open gear, RSA & IDS technologies.
• Experience working on Confidential 's Adaptive Security Device Manager (ASDM) to manage teh Confidential ASA security appliances
• Having good experience on Tufin on for pushing Firewall policies and monitoring teh logs.
• Responsible for supporting teh Citrix NetScaler F5 platform, configuring, implementing, and troubleshooting Citrix NetScaler VIP configuration wif health check, policy configurations Access Gateway, and content switching configuration solutions.
• Implemented Perl Scripting for network Analysis.
• Experienced Firewall Engineer wif a demonstrated history of working in teh information technology and services industry. Strong information technology professional skilled in Confidential IOS, Technical Support, Secure Sockets Layer (SSL), SSL Certificates, Checkpoint Firewalls, Confidential ASA Firewalls, Palo Alto Firewalls, Fortinet Firewalls and Tipping Point Firewalls.
• aspect of DLP.
• Good Experience wif AWS services like Cloud Formation, Cloud Watch, Code Build, Code Commit, Code Deploy, Code Pipeline, EC2, EC2 Container Service, EBS, Elastic Beanstalk, IAM, Security Groups, Route 53, S3, Cloud Front, SNS, VPCs, Dynamo DB, Lambda.
• Experience wif next - generation firewalls like Checkpoint firewalls, Confidential ASA, Fortinet firewalls, Palo Alto Firewalls, Confidential WSA/CWS, VPN, Confidential ACS, Confidential ISE, IPS.
• Good experience wif Source code management collaboration tools GIT, SVN, Github, Bit bucket, Gitlab, AWS-Code commit.
• Experience wif Checkpoint firewall deployment and operations.
• Experience wif Checkpoint VSX, including virtual systems, routers and switches.
• Set up AWS Security Groups which behave as Virtual firewalls controlling teh traffic by allowing it to reach one or more AWS EC2 instances.
• Experience wif Bluecoat Proxy and VPN Technologies including B2B and Remote.
• Experience in configuring protocols like TCP/IP, Routing Protocols (RIP, OSPF, BGP, IGRP and EIGRP), PPP, PPTP and L2TP.
• Extensive experience in layer-3 Routing and layer-2 Switching. Dealt wif Confidential router models like 7200, 3800, 3600, 2800, 2600, 2500 and 1800 series, Confidential catalyst 6500, 4500, 3750, 3500 and 2900 series switches.
• Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Checkpoint R65, R70 & R77, Palo Alto and Confidential ASA.
• Involved in Configuration of Access lists (ACL) on checkpoint firewalls for teh proper network routing in B2B network connectivity.
• Configured Confidential Switches 2900 and firewall (checkpoint) Built and support VRRP / Cluster based HA of Checkpoint firewalls.
• Good understanding of information security practices. Adding and removing checkpoint firewall policies based on teh requirements.
• Experience in installing and configuring DNS, DHCP server and Windows 8 and Windows 12 servers

TECHNICAL SKILLS

Routers: Confidential 7609, 2600, 2800, 3800, 3640, Confidential 3745, 7200 Series

Switches: Confidential 3500, 5000, 6500 Catalyst Series Confidential 7000, 2000 Nexus Series -2k,5k,7k

Firewalls: Palo Alto PA-3050, PA-5050, Confidential ASA 5500, Checkpoint, Fortinet.

Routing Protocols: RIP v1&v2, BGP, OSPF, EIGRP, HSRP, VRRP, GLBP, FTP, SMTP, SNMP

Switching Protocols: STP, RSTP, PVSTP, VTP, ARP, and VLAN.

IP Services:DHCP, NAT, VLAN, DNS, FTP, TFTP, LAN/WAN

WAN Technologies: ATM, ISDN, PPP, MPLS, ATT, 802.11, 802.11a, 802.11b, APLUS.

VPN Technologies: Remote access and site-to-site IPsec VPN, IPv6 transition techniques viz. Manual tunneling, GRE tunneling, 6to4 tunneling, NAT64 and ISATAP

Monitoring ToolsOPNET, GNS3 Simulator, Packet Tracer, Wire Shark, Solar Winds, Wat’s Up IP, Nagios and Fluke Networks

Networking: TCP/IP, OSI Model, Socket Programming, LAN/WAN, Switches and Routers, IPV4/IPV6 Addressing & Subnetting, Ethernet, STP, VLAN, Trunking, DNS, DHCP, NAT, ACL, HTTP, ATM, ISDN, PPP, MPLS, ATT, 802.11, 802.11a, 802.11b, APLUS Web Services (REST & SOAP), Windows Servers 8 & 12

Tools:GNS3, Packet Tracer, Solar Winds, Wat’s Up IP, VMware Workstation, Wireshark, Nagios and Fluke Networks Languages Python

Operating Systems: Windows XP, Vista, Windows 7, UNIX, SPLAT (Secure Platform), Linux, window 10

DOCSIS: Confidential, RCA, Com21, GI, 3Com, Samsung, and Toshiba

PROFESSIONAL EXPERIENCE

Confidential, Dearborn, MI

Responsibilities:

• Developed HLD/LLD/SOP for Network security infrastructure as Technical lead. Products like Confidential, Check point Juniper and Bluecoat Proxy, BIG IP, Palo alto firewall. Citrix VM ESXi, WAF, MacAfee, DLP antivirus solution etc.
• Experience building Firewalls, mainframes, and UNIX based platforms at teh data centre and implementing teh initial policies, configuring NAT, Routing etc.
• Experience in cloud security tools (Netskope, Aqua, Cloudsploit)
• Experience wif security configuration checklists (e.g. CIS Benchmarks and CSA security guidance) .
• Experience wif design and implementation of Data Loss Prevention (DLP) solution for Endpoint, Network-Email, Cloud such as Digital Guardian, McAfee, or Netskope .
• W orking wif key stakeholders to modify content based on production technologies (me.e. Aqua, Premix, Feed) .
• Good knowledge and Experience wif BGP, OSPF, and VoIP
• Handling and good Knowledge of ACI (Application Centric Infrastructure) Technology .
• Hands on experience and proven knowledge of Confidential . F5 loadbalancer and ACI knowledge is an advantage.
• Utilization of common ticket systems (Remedy, ServiceNow) and common network management tools (HPOV, HPNA, Solarwinds, MNS, Netcool, etc)
• Network Understanding of VMware, RedHat, HP, NetApp, IBM System servers, Confidential UCS servers, virtualization, SAN and NAS, Active Directory.Remote monitoring tools equivalent to Netcool, Netsmart
• Configure and support multiple datacenters consisting of a Confidential Nexus LAN (L2/L3), ASR/ISR WAN, Support ITM team in day to day responsibilities by conducting data analysis, and developing reporting and presentation content
• ASA firewalls, Confidential UCS Fabric Interconnects, Palo Alto firewalls, Confidential Wireless LAN Controllers and other miscellaneous network appliances.
• Provide backup support of Confidential VoIP phones, analog gateways, voice routers, and telecom circuits.
• Knowledge of VoIP and collaboration technologies (MS Lync/Skype For Business/Teams preferred)
• Strong understanding of ISO-27000 based security program functional areas and other commonly accepted standards (e.g. NIST, OWASP, CIS Benchmarks, Trust Services Principals.)
• Coordinate cybersecurity inspections such as: DAIG, CSA, and CCRI, RMF.
• A clear understanding of securing infrastructure in AWS, Azure and Google Cloud.
• Experienced in AWS, AZURE, Google Cloud Services, and other Cloud environments .
• responsible for providing support for all activities related to teh network architecture and operation of teh Open Cloud platform operating on Amazon Web Services (AWS), Azure and Google Cloud (GCP).
• Create site-to-site VPN tunnels using IPsec security and Confidential ASA 5510/5520/5540 and PIX 515e firewalls.
• Configured Palo Alto Firewall models PA-2k, PA-3k, PA-5k as well as a centralized management system (Panorama) to manage large-scale Firewall deployments
• Network monitoring and troubleshooting tools HP OpenView, LiveAction, Panorama, NetScout
• Successfully installed Palo Alto PA 3060 Firewalls to protect Data Centre and provided L3 support for routers/switches/Firewalls.
• Monitoring and troubleshooting Checkpoint, Confidential ASA, Fortinet, Tipping point firewalls.
• Worked wif a team in firewall policy management and support on Confidential ASA 5585X, 5540, PIX and Checkpoint Firewalls 12K, 13K
• Collaborate wif engineering, operations and other key stakeholders to engineer reliable, scalable, secure and cost-effective solutions for our customers
• Manage third-party support and service vendors to ensure operational stability of teh networks.
• Experience developing and understanding network device configuration for at least one vendor (Arista, Juniper, Confidential, Brocade, Ciena, Infinera, Linux, etc.)
• Troubleshooting, upgrading, and supporting Brocade Fiber Channel Backbones and Switches.
• Observe, manage, and maintain constant operational monitoring of network and server environments through teh management suite SolarWinds .
• experience managing and monitoring of network and server environments through teh management suite SolarWinds.
• expert wif banking domain experience in ATM, ITM, Branch Sales and Serving platform, and Teller.
• Provide operations and engineering support for critical network and application security systems and services including Intrusion detection/prevention, Data leakage prevention, content filtering, Firewall compliance, Vulnerability and security event management.
• Partner wif security and technical teams to design, deliver and maintain highly available, performance and cost-effective network and application security system and services.
• Collaborate wif other teams to bring new architectures, network features, and services into production
• Create and maintain documentation as it relates to network configuration, network mapping, processes, and service records.
• Review and optimize Firewall rules using Secure Track Tufin tool and Firewall audit reports
• Configuring Tufin secure track and network devices for monitoring network rules.
• Involved in teh process of Confidential ASA to Checkpoint Firewall migration.
• Responsible for monitoring and troubleshooting Checkpoint, Confidential ASA, Fortinet, Tipping point firewalls
• Migration from Confidential Firewalls to Palo Alto Firewalls platforms PA 4000 and PA 500 and PA- 200 Firewalls.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.
• Worked wif a team in firewall policy management and support on Confidential ASA 5585X, 5540, PIX and Checkpoint Firewalls 12K, 13K
• Responsible for supporting Azure, AWS Cloud infrastructure and on-perm infrastructure.
• Good knowledge and experience in Proxy (ZScalar and AWS).
• Conducting cloud security analysis, recommendations and configurations of Microsoft Azure Active Directory, Office 365 and EMS Cloud platforms and environments based on Cloud Cyber Risk Framework. This can include Microsoft’s cloud solutions such as 0365 security and compliance, SharePoint, One Drive, Teams, Skype, Exchange, AAD, 0365 DLP, Azure Information Protection (AIP) and Exchange Online Protection, Microsoft MFA, SSO .
• Manage and monitor 0365 environment including mail flow and collaboration products such as email, Sharepoint, Teams and licensing.
• Liaison to Cities, Counties and FDOT for all Frontier transportation related activities.
• Knowledge of State of Florida Department of Transportation (FDOT) rules, regulations and standards, FDOT Design Standards and Standard Plans Manual.
• Experience on cloud AWS cloud EC2, S3, RDS, Load Balancer, Auto Scaling wif AWS command line interface and AWS python SDK
• Providing administration and technical support for Armis servers, containers, or other such infrastructure hosted wifin teh AWS GovCloud.
• Good Knowledge of SD-WAN technology and concepts. SD-WAN design and support experience.
• Installing, configuring, and supporting network equipment including routers, switches, SD WAN, Wireless AP & Controllers, and Firewalls.
• Worked on Networking, WAN concepts, SD-WAN and Layer 3 networking concepts.
• Hands-on experience wif enterprise SD-WAN vendors such as Silver-Peak, Confidential, Meraki, Versa, Aruba, etc...
• Good Knowledge of SD-WAN architectures and concepts. Expertise wif troubleshooting network connectivity, SD/WAN troubleshooting, PCI Compliance, VPN Connections, and Site to Site VPN setup/troubleshooting.
• Configuration of ACLs in Confidential 5540 series ASAfirewall for Internet Access requests for servers in LAN and DMZ and also for special user requests as authorized by management.
• Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-VLAN routing, LAN security.
• Implementing, configuring and troubleshooting routing protocols such as OSPF (v3, v2), RIPv2, BGPv4, EIGRP, HSRP, GLBP and MPLS.
• Design, Implement and Operate Global Network for Confidential ’s Premise sites.
• Support Palo Alto Global Protect VPN, RSA SecurID factor autantication systems
• Responsible for all routing, switching, VPN, network security, and server load balancing.
• Using PBR wif Route Maps for route manipulation/filtering. Troubleshooting routing issues like suboptimal routing and asymmetric routing
• Implemented various EX, SRX & J series Juniper devices
• Has created lot of site to site IPSEC VPN tunnel wif Checkpoint, Juniper Net screen firewalls and Confidential PIX/ASA firewalls. Completed a project to update teh patch HFA50 across all teh firewall to overcome teh bugs in teh existing version of R65.
• Remotely deploying configuration files to devices through python automation.
• Strong engineering and implementation skills especially around teh Confidential (switches/routers/wireless controllers), Fortinet Firewalls
• Building Cloud Infrastructure as code using tools such as Terraform or Cloudformation .
• Ability to create and utilize AWS Cloud Formation/Terraform templates to automate creation of AWS images .
• Support and implement required improvements, regulatory requirements, strategic improvements, and operational improvements through teh planning and execution of company projects and tasks.
• Worked on writ ing technical documents and manage projects from concept to production.
• Professional understanding of Firewalls ( Confidential ASA, Confidential ISE, Confidential Firepower,Palo Alto, Fortinet, Checkpoint, end user autantication, remote access,security network segmentation, security compliance other).
• Extensive hands-on in network equipment of Confidential, Fortinet etc.
• Created virtual systems (Firewalls) in teh Palo Alto Environment.
• Having good exposure to wild fire feature of Palo Alto.
• Update Policy on teh VPM via Bluecoat Director
• Handling Monitoring Alerts related to Bluecoat and troubleshooting accordingly
• Implementing IPv6 addressing scheme for routing protocols, VLan, Subnetting and mostly during up gradation of Confidential ISR switches.
• Worked on vulnerabilities, threats, attacks and autantications methods. Installed a Certificate Authority (CA), configured NAT/PAT and windows Firewalls
• Configuration and extension of VLAN from one network segment to their segment between Different vendor switches
• Firewall policy provisioning on Fortinet Fortigate appliances using FortiManager.
• Configured Firewall logging, DMZs and related security policies and monitoring
• Implemented Perl scripts for network monitoring tasks.
• Troubleshot traffic passing managed Firewalls via logs and packet captures
• Worked on different load balancing options & features to include One Connect, Persistence's, SSL offload functions, HTTP profiles
• Developed several Python administrative scripts to automate project deployment process.
• Network problem identification and resolution using Python Scripting.
• Testing cloud level deployments in AWS (Amazon Web Services) for future cloud deployments.
• Configured and managed Nagios for monitoring over existing AWS Cloud platform. Build Nagios monitors for new services being deployed.
• Involved in teh process of Confidential ASA to Checkpoint Firewall migration.
• Manage Linux staging and testing environments and automated application packaging and deployments.
• Integrate GIT into Jenkins to automate teh code checkout process and trigger builds.
• Worked on Installed, configured and troubleshoot F5 Network Load Balancing BigIP’ s.
• Worked on Bluecoat Proxy SG to blacklist/Whitelist websites, URL filtering and content filtering as per requirement.
• Configured and administered Load balancers F5 Big-IP LTM and GTM Load Balancer. Experience working on F5 load balancers - LTM, GTM series like 6400, 6800, 8800 for teh required applications
• Configured and secured VPN remote access for redundant users working from home
• Responsible for modem firmware upgrades across teh @Home Network to meet DOCSIS Level 2 specifications.
• Cross Tool Chain, Open Embedded, Set-up of Linux Environment on TI-OMAP, panda and beagle boards.
• Set up of teh Link Aggregation between teh routers and servers. Debugging of flooding in teh switches.
• Deployment and bring up of teh servers and network switches

Confidential, Austin, TX

Responsibilities:

• Configure, maintain and design network security solutions including Firewalls (Checkpoint and Confidential ASA), IDS/IPS (Checkpoint and Source Fire), VPN, ACLs, Web Proxy, etc.
• Configuring TACACS, LDAP, and RADIUS for Confidential ASA and Palo Alto Firewalls
• Maintenance, Changes in ACL and Auditing of Confidential ASA.
• Analysed network traffic wif Arcsight tools on network traffic, Firewall (Source Fire defence centre) and AV (McAfee) logs.
• Extensive Knowledge of Microsoft Exchange 2010, 2016 and 0365
• Working knowledge of business software applications to include MS Office/0365 .
• Installation and administration of Checkpoint R 75.40 Firewall.
• Support and troubleshooting during cutover while implementing Confidential firewall configuration from other vendor firewall (like Checkpoint, Juniper, MacAfee sidewinder)
• Implemented firewall policy change on teh Checkpoint clusters.
• F amiliar wif a number of network application tools such as VX Builder, VX Watch, Confidential Call Manager (CCM), Linkway NMS, iDirect NMS and Tivoli NetCool.
• Use monitoring tools such as Nagios, DataDog, Juniper Space and Palo Alto Networks Panorama.
• Good Handling and knowledge wif Panorama centralized management system for provid ing global visibility and control over multiple Palo Alto Networks next generation firewalls through an easy to use web-based interface
• Configuring Global protect connectng teh user to teh optimal gateway in order to deliver teh best performance for all users and their traffic.
• Hands on experience working on wif NetScout, IBM NetCool and/or NMS products
• Performed Checkpoint Firewall changes using teh Smart Dashboard NGX R65, R70 and R75.
• Real-time experience in designing and assisting in deploying enterprise wide Network SSL Security and High Availability Solutions for Confidential ASA
• Perform analysis of existing operational plans and standard operating procedures and develop improvement recommendations
• Research governing policies and apply them to operational plans and requirements
• Responsible for Confidential ASA and Palo Alto configuration and administration of networks.
• Involved in Shell and Perl scripts to handle files management and performed regular TFTP management for configuration files to store revisions.
• Conduct research on network products, services, protocols, and standards to remain abreast of developments in teh networking industry.
• Interact and negotiate wif vendors, outsourcers, and contractors to secure network products and services.
• Profound knowledge in Confidential / Foundry / Brocade routing and switching equipment which includes Hardware/Software configuration and troubleshooting .
• Good knowledge and working e xperience wif NetScout, IBM NetCool and/or Solarwinds NMS products
• Handling and working on Container security platforms such as Aqua, Twistlock, Sysdig, etc.
• Experience wif teh usage and management of a variety of products, but not limited too; Netskope CASB/WSG, Imperva an/or other WAF technologies, Confidential FirePower IPS and network packet brokers such as Ixia or GigaMon.
• Experience in Designing, implementing, and migrating all network services .
• Mature teh Information Security Program to align wif industry best practices, standards and guidance related to cybersecurity such as NIST (including CSF, 800-53), ISO 270xx, CSA, AICPA SOC 2, 23 NYCRR, FINRA, FFIEC .
• Experience wif Firewall migrations from PIX Firewall to Confidential ASA and Palo Alto Firewall appliances.
• Implemented Site-to-Site VPNs between Confidential ASA Firewall and Router
• Adding and removing checkpoint Firewall policies based on teh requirements of various project requirements.
• Verified and Validated teh Firewall policy on Checkpoint R75 clusters for unused rule and halped consolidating rule.
• Provisioned firewall policies on Fortinet fortunate using forti manager.
• Worked on Confidential ASDM for configuring VPN on Confidential ASA Firewall
• Troubleshot security related issues on Confidential ASA/PIX, Palo Alto Firewalls
• Manages Cloud Security tools. (Netskope, Aqua, Cloudsploit) .
• Implemented teh Policy Rules, DMZ and Multiple VDOM’s for Multiple Clients of teh State on teh Fortigate Firewall
• Checkpoint log server upgrade from R71.40 to R75.40 to take advantage of Smart logs.
• Planned, installed, monitored and was teh single point of contact for all intrusion detection for client systems. Monitored and maintained client Firewall, intrusion detection systems and VPN systems.
• Experience wif Confidential ASA VPN Platform covering high end devices including ASA Firewalls including ASA 5585, ASA 5580, 5540, 5520, 5510
• Managed several security environments for Tipping point IPS, Bluecoat proxy, Fortinet Firewalls.
• Involved in scripting teh me Rules using TCL (Tool command language) and Perl for HTTP redirection.
• Provided Level-3 Network support for Confidential Switches and Confidential ASA 5500 Series Security Appliances
• Part of team for configuring Next Generation Firewalls (NGFW) such as Bluecoat Proxy SG and other vendors such as Palo Alto networks NGFW for URL filtering
• Virtual Private Networks on Confidential ASAs wif Any Connect, Confidential ISE for autantication, as well as site to site VPN
• Worked on leveraging F5 devices for web acceleration & caching.
• Used Service Now to monitor teh ITIL Service delivery via process mapping audits and design teh procedure
• Implemented new Confidential ASA's, installed teh framework for Confidential ACI and implemented new F5 LTM's and GTM's.
• Blocking teh network traffic from malware using Fortinet and checkpoint.
• Adding and removing Checkpoint firewall policies based on various project requirements
• Configuring VPN both B2B and remote access SSL and centralized policy administration using FortiManager, used Fortigate Clustering Protocol (FGCP).
• Migrated and implemented new solutions wif Confidential ASA Firewall series 5505, 5510, 5512-X
• Developed, Built and administered all DOCSIS config files for transponders D1.1/D2.0/D3.0, End of Line devices, DOCSIS 1.1, 2.0, and 3.0 cable modems and gateways in Production and in teh Labs.
• Help lead teh Projects such as DOCSIS 1.0 and 1.1 Cable Modem Retirement and to ensure successful cable modem swap outs/replacements across teh Comcast footprint.
• Test Case Execution and Defect logging in Jira.
• Configured, installed and maintained Checkpoint endpoint security E80.40/E80.50 management and policy servers.
• Installation and administration of Checkpoint R 75.40 Firewall.
• Implementing and configuring Checkpoint VSX for security gateways.
• Use Tools such as Tufin secure track for Firewall Policy optimization and rule base Clean up.
• Configuring MPLS, VPN (IPSEC, GRE) in VPN concentrators and QOS in integrated networks (Data, Voice, and Video).
• Troubleshoot and Worked wif Security issues related to Confidential ASA, and IDS/IPS firewalls. Large scale Deployment and installation of Juniper SSG5, Confidential ASA, and Fortinet firewalls.
• Engineered BLS Checkpoint infrastructure which consists of 500+ firewalls running different flavors of hardware and Checkpoint OS such as (R71, R75, R76 and R77).
• Implemented firewall policy change on teh Checkpoint clusters.
• Verified and Validated teh Firewall policy on Checkpoint R75 clusters for unused rule and halped consolidating rule.
• Extensive knowledge and troubleshooting in data communication protocols and standards including IEEE802.3, Token Ring, TCP/IP, Cable Modem, ADSL, PPPOE, Multilayer Switching, DoD Standards, Voice & Data Integration techniques & standards.

Confidential, West Kingston, RI

Responsibilities:

• Configured workstations wifin teh network LANs wif Confidential 2500, 3800, 2800 Routers by implementing protocols RIPv2, OSPF, EIGRP and Confidential 2960, 3560 Switches.
• Configured, deployed, managed and troubleshot existing and new Confidential Router/Switch networks on corporate VLANs.
• Configuring and troubleshooting perimeter security devices such as Checkpoint NGX R77 Gaia, Provider-1/MDM, Secure Platform, Palo alto and ASA Firewalls.
• Flexible to work on Linux and Window environments and worked on scripts to run patches.
• Responsible for configuring and maintaining communications including Internet connections, VPN, Checkpoint firewalls, point to point connections, and remote access.
• Performed troubleshooting, while maintaining trouble ticket tracking, following internal/external escalation procedures and customer notifications. Configured Confidential Routers for OSPF, RIP, IGRP RIPv2, EIGRP, Static and default route.
• Creation of Bluecoat reports upon request, for managers to show web activity.
• Troubleshooting and resolving issues wif Bluecoat reports, by recreating databases, recreating reports, performing functional builds.
• Adding Websites to teh URL filtering block list in Bluecoat Proxies and upgrading firmware on teh Bluecoat proxies.
• Experience wif convert Checkpoint VPN rules over to teh Confidential ASA solution. Migration wif Confidential ASA VPN experience.
• Familiarity wif common compliance standards, such as CIS Benchmarks, PCI-DSS and HIPAA.
• Responsible for handling Leveraged tools like Ansible, Puppet, Terraform, CloudFormation, Helm, and thoughtful scripting, code generation, template processing to automate configuration and deployment .
• Monitor connections on Bluecoat proxies.
• Regular upgrade and maintenance of Infrastructure, Installing, configuring, and maintaining Confidential Switches (2900, 3500, 7600, 3700 series, 6500 series) Confidential Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800) Confidential Router and Switches, Juniper Routers and Firewalls, Nexus 7k,5k & 2k, f5 BIG IP, Palo Alto Firewalls, Bluecoat Proxy and Riverbed Steelhead appliances
• Configuring various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
• Responsible for supporting Azure, AWS Cloud infrastructure and on-perm infrastructure.
• Provision environments (production, test, and development) in AWS, Azure & on-prem environments.
• Deployed teh Nexus 7000/5000/2000 architecture into production securing competitive advantage across multiple verticals.
• Good knowledge wif Networking fundamentals including BGP, OSPF, VPNs, DNS, AWS Constructs, Palo Alto firewalls.
• Experience in Microsoft products, protocols and tools: Microsoft Exchange O365, SharePoint, Active Directory, SQL, DNS.
• Prepare a monthly inventory report of all servers & services (me.e. route 53, cloud watch) and teh applications that run on them both on premise and in teh cloud wif costs for each where practical/appropriate.
• Experience working on Public and private DNS (Microsoft/AWS Route 53), DHCP.
• Thorough knowledge of teh following: IT concepts, strategies, infrastructure, cloud based platforms, and development tools.
• Experience leveraging typical Amazon capabilities such as AWS KMS, IAM, S3 and EFS.
• Good knowledge in configuring Zscaler to protect user and company devices based on security policies.
• Leveraged tools like Ansible, Puppet, Terraform, CloudFormation, Helm, and thoughtful scripting, code generation, template processing to automate configuration and deployment .
• able to manage infrastructure as code wif teh use of applications, scripts and configuration management tools such as Puppet, Terraform, and SaltStack.
• Good knowledge and experience in Network proxies (Blue Coat, Zscaler, McAfee, Websense, etc.).
• Experience wif AWS CloudFormation, AWS EC2, VPC, S3 or other similar technologies..
• Deep experiences wif AWS resources, such as CloudFormation, EC2, S3, RDS, IAM, Lambda, Infrastructure scripting,deployment of VPCs, Subnets, NACL, Route53, Kinesis, Serverless Technologies, etc.
• Good Knowledge on EC2 Route53VPC subnets internet gateway NAT route tables and managing security groups NACL on Amazon web services.
• Experience working wif Amazon AWS services like EC2, VPC, VGW & TGW, SMS-GW, etc.
• Good knowledge wif SNF/TGW/MGW Enhancements, RHEL migration and maintenance work
• Worked extensively on firewalls and VPN gateways Checkpoint, Blue Coat Web Gateway, Confidential, Juniper, Fortigate GUI and Shell.
• Configured teh Confidential router as IP Firewall. Maintained redundancy on Confidential 2800, 3600 routers wif HSRP.
• Adding and removing firewall policies on Checkpoint based on various change requirements.
• Configuration of ACLs in Confidential firewall for Internet Access requests for servers in LAN and DMZ and for special user requests as authorized by management.
• Staged firewall rules in Checkpoint smart dashboard during teh day time to install during window time.
• Designed and configured VLANs for major divisions of teh company like teh finance department and all others under one VLAN and implemented VTP trunks on switches.
• Monitored firewall logs in Checkpoint smart view tracker and captured packets in command line during troubleshooting.
• Actively use, smart view tracker, and Checkpoint CLI (to security gateways) for troubleshooting policies.
• Configured and maintained teh Interfaces, Zones, Virtual routers and IPsec tunnels on Palo Alto Firewalls.
• Configured IPsec site-to-site VPN connection between Confidential VPN 3000 Concentrator and Confidential 3800.
• Configuring Site-Site VPN on Checkpoint Firewall wif R77 GAIA.
• Configured Site to Site IPsec VPN tunnels to peer wif different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Confidential ASA 5500 series firewalls.
• Implemented Checkpoint Firewall Interface, NAT and VLAN using R77 GAIA Smart Dashboard.
• Configuring and maintaining teh Interfaces, Zones, Virtual routers and IPsec tunnels on Palo Alto Firewalls.
• Firewall technologies including general configurations, risk analysis, rules creation and modification.
• Creating and modifying Security and NAT policies.
• Experience wif convert Palo Alto VPN rules over to teh Confidential ASA solution. Migration wif both Palo Alto and Confidential ASA VPN experience and Checkpoint VPN rules over to teh Confidential ASA.

Confidential, Irvine, CA

Responsibilities:

• Performed numerous tasks related to maintaining network hygiene.
• Provided NOC support for all blocks that are connected to various districts that are connected to Backbone Router (7600) through leased lines.
• Day-Day tasks involved maintaining and troubleshooting all routers and switches and other VoIP phones.
• Monitors teh operations of telecommunications systems and services of vendors
• Manage office network wif Confidential devices wif network devices including 2500 and 3600 series routers
• and 3500, 2900, 1900 series switches.
• Hands on Experience in Inter-VLan routing, redistribution, access-lists.
• Log messages using Syslog server and analyze teh issues related to high CPU utilization and parameters
• that can degrade performance of teh network.
• Experience on Confidential IOS and Upgrading Confidential IOS using TFTP server.
• Designed and implemented Spanning-Tree Feature - Port Fast, Backbone Fast, Uplink Fast Loop Guards,
• BPDU Guards, and Root Guard's.
• Worked on various Sniffing tools like Etheiral, Packet Sniffer, Wireshark
• Backups of Confidential router configuration files to a TFTP server.
• Involved in SNMP Network management.
• Provided 24/7 service for all government offices that are interconnected. Created data migration strategies to halp wif completion of migration of data center from one point to another.
• Configuration of Confidential 6500 (sup 720), 4500 (SUP 6) & 3750 Catalyst Switches for network access.
• Worked extensively on Confidential Firewalls, Confidential PIX (506E/515E/525/) & ASA 5500(5510/5540) Series, experience wif convert PIX rules over to teh Confidential ASA solution.
• Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers
• Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches
• Time to time upgrade network connectivity between branch office and regional office wif multiple link paths and routers running HRSRP, EIGRP in unequal cost load balancing to build resilient network.
• Design and implement Catalyst/ASA Firewall Service Module for various LAN’s.
• Key contribution includes troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF, & BGP.
• Troubleshoots in Confidential Aironet 2700 and 600 series.
• Configured Client VPN and RSA Token ID technologies including Confidential ’s VPN client via IPSEC.
• Configuring ACL to allow only authorized users to access teh servers.
• Participated in on call support in troubleshooting teh configuration and installation issues.
• Installation, maintenance, troubleshooting local and Wide Areas Network (ISDN, Frame relay, DDR, NAT, DHCP, TCP/IP).
• Provided technical support in terms of upgrading, improving and expanding teh network.
• Providing technical security proposals, detailed RFP responses, and security presentation, installing and configuring ASA firewalls, VPN networks and redesigning customer security architectures.