We provide IT Staff Augmentation Services!

Senior Network Security Engineer Resume

2.00/5 (Submit Your Rating)

Mountlake Terrace, WA

SUMMARY:

  • Extremely passionate, professional Sr Network Security Engineer having experience worked in projects that include F5 installations, Firewall, Load Balancers, Data Center refresh and cloud - based services. With overall 8 years of experience in switching, routing, Network Security Next-Gen Firewalls and Wireless, a truly proactive team player who also can work independently. Excellent communication skills who also can work with storage, VMware, server and application teams.
  • Over 8 years of experience working in large scale environments on IP Network Design, Network Integration, deployment and troubleshooting.
  • Experience in configuring and troubleshooting Layer 3 Interior Gateway Routing protocols such as Link-State routing protocols (OSPF and IS-IS) and Distance Vector routing protocols (RIPv1, RIPv2 and EIGRP). Wide exposure to LAN/WAN setup, installation, configuration and commissioning of network devices.
  • Experience in crafting, implementing and troubleshooting Exterior Gateway protocols such as BGPv4 including internal BGP (iBGP) and external BGP (eBGP).
  • Strong hands-on experience on Cisco Catalyst (series 3850, 3560, 4500, 6500), Cisco Nexus (series 2K, 5K, 7K), Cisco Routers (series 7300, 4000, 3800, ASR 9000), Firepower (4100), Load Balancers (Citrix NetScaler, Cisco ACE, F5 BIG-IP LTM/GTM ADC), IDS/IPS (HIDS, NIDS, NIPS, HIPS), Fire eye, Splunk, Confidential Networks Firewalls (PA-820, series PA-3K, 5K), Checkpoint IP Appliances (NXG R60, R70, 3100, 5900),Fortinet Firewalls.
  • Hands on Experience on FortiGate firewalls (7040/7030) by implementing security policies and firewall rules.
  • Hands on experience in configuring high end routers like GSR 12000 series, 7500 series and Catalyst Switches like 7600, 6500, 4500 series. Extensive experience in upgrade, backup and password recovery of Cisco IOS.
  • Experience in working with Cisco Nexus Switches like 5000 and 7000 series and Virtual Port-Channel configuration. Implemented VDC, VPC, VRF and OTV on the Nexus 5505 and 7009 switches and 9K series.
  • Expertise in installing, configuring and troubleshooting Juniper Switches (series EX3300, EX4200, EX4600), Juniper Routers (series J, M and T) and Juniper series SRX Firewalls, Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/VPN-1. Experience deploying ACI in Network-Centric model.
  • Proficient in monitoring and managing networks using SolarWinds Netflow Traffic Analyzer, Network Performance Monitor (NPM), Network Configuration Manager (NCM); Cisco Prime, Arista, Security Device Manager (SDM), Cisco Works; Infoblox, HP OpenView and Wireshark. writing shell scripts.
  • Experience with Cisco IOS, Cisco ACI, F5. Strong understanding in cloud, managing systems and networks in an AWS and Azure environment. Primary support for all Blue Coat Proxy activities on the network security team.
  • Knowledge and configuration of redundant router protocols like HSRP, VRRP and GLBP.
  • Substantial knowledge, including the configuration, of Spanning Tree Protocol (STP), Per VLAN Spanning Tree (PVST), Rapid STP (RSTP) and Rapid per VLAN Spanning Tree (PVST+).
  • Thorough experience in configuring Virtual Local Area Networks (VLAN) with IEEE 802.1Q, VLAN trunking protocol (VTP), shortest path bridging, Multiple VLAN Registration Protocol and VLAN Cross Connect (CC).
  • Experience with F5 LTM, GTM and APM modules for application load balancing. Worked on migration from cisco ACE to F5. Worked on SSL off loading, Virtual servers, Monitoring, Profiles, iRules, SNAT.
  • Experience in troubleshooting both connectivity issues and hardware problems on Cisco based networks. Work with TAC on IOS bugs and high-level issues.
  • Experience in testing Cisco routers and switches in lab scenarios and deploy on site for production.
  • Good knowledge of IPv4 and IPv6 Addressing, IP Subnetting, Fixed Length and Variable Length Subnet Masking (VLSM), OSI and TCP/IP models. Experience in migration of IPv4 addresses to IPv6 addresses using mechanisms like Tunnel Broker, Transport Relay Translation (TRT), In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3, SONET POS OCX/ GigE circuits.

TECHNICAL SKILLS:

Router and VoIP Platforms: Cisco Routers series 9300, 9500, 3800, 2000, 1900; Juniper T4000, MX10, MX40, ACX2200, ACX5000; OnSIP, Avaya products, cisco IP phones

Routing Fundamentals and Protocols: Routed and Routing protocols RIP, EIGRP, IS-IS, OSPF, BGP, IPX; MPLS, IPv4 and IPv6 addressing, subnetting, VLSM, Static routing, ICMP, ARP, HSRP, VRRP, Route Filtering, Multicast, 802.11, Policy Based Routing, Redistribution, Port forwarding, Arista.

Switch Platforms: Cisco Catalyst series 2960, series 3560, 3850, 4500, 6500, 7000; Nexus series 2K, Netgear switches,5K, 7K; Nortel/Avaya 5510, 5520; Juniper EX3300, EX4600, EX4300, EX3400

Switching Fundamentals and Protocols: Ethernet technologies, LAN networks, MAC, VLAN and VTP, STP, PVST+, MulticastRSTP, Multi-Layer Switching, 802.1Q, EtherChannel, PAgP, LACP, CDP, HDLC, RARP

Firewall Platforms: Juniper Net screen 6500, 6000, 5400, Juniper SSG, SRX5600, SRX5800, Checkpoint (NGX R65, 3100, 5100, 5900), Cisco Firewalls (ASA 5505, 5506-X, 5585), Netgear Firewall, Fortinet, Confidential Networks (PA series 2K, 3K and 5K), WAF, ACI.

Security Protocols: Standard and Extended ACLs, IPsec, VPN, Port-Security, SSH, SSL, IKE, AAA, Prefix-lists, Zone-Based Firewalls, NAT/PAT, HIPAA standards, Ingress & Egress Firewall Design, Content Filtering, Load Balancing, IDS/IPS, Blue Coat URL Filtering, L2F, IDS, TCP Intercept, Router Security, SNMP trap

Network Management and Monitoring: Wireshark, Infoblox, HP OpenView, Cisco Prime, Security Device Manager (SDM), CiscoWorks; TCP Dump and Sniffer; SolarWinds NetFlow Traffic Analyzer, Network Performance Monitor (NPM), Network Configuration Manager (NCM), SevOne, SiteScope.

Load Balancers: F5 (BIG-IP) LTM 2000, 3900, 6400, 6800, AV 510, ASM, Citrix NetScaler, APM

WAN technologies: Frame-Relay, ISDN, ATM, MPLS, PPP, DS1, DS3, OC3, T1 /T3 lines, SONET OC3-OC192, SDH, POS, PDH

Cloud Computing and Automation: AWS, Microsoft Azure, Cisco Meraki, C, Python scripting, Shell, Cloud Migration

Other Networking Protocols and Fundamentals: DHCP and DNS server, Shell, Active Directory Management, NTP, NDP, TCP, UDP, FCP, Network Implementation, Troubleshooting techniques, NHRP, NetBIOS, NFS, FTP, TFTP, HTTP, PAP, PPTP, SIP Trunking, SNMP logging, BitTorrent, SMTP, RADIUS and TACAS+, PBX servers, SDN, SAN

Operating Systems: Windows 10/7/XP, MAC OS, Windows Server, Nexus OS, Cisco IOS-XR, Linux, UNIX

Wireless Technologies: Canopy Wireless Devices, D-Link Point-to-point Wireless, D-Link APs, CISCO 1200 series APs, Aruba wireless and APs, Cisco Meraki, Linksys Wireless/Wi-Fi Routers

Microsoft Office: Visio, Excel, PowerPoint, Word

Change Management: ServiceNow

PROFESSIONAL EXPERIENCE:

Confidential, Mountlake Terrace, WA

Senior Network Security Engineer

Responsibilities:

  • Good experience with major routing protocols EIGRP, OSFP, BGP This includes advanced routing techniques such as Policy Based Routing, VRF, and Qos Campus network switching design and configuration including FHRPs, VSS, VTP, Multicast, and Spanning Tree.
  • Hands-on technical experience working with VPN technologies like (IPSEC, SSL VPN, and DMVPN,).
  • Responsible for the implementation, organization and operation of Confidential Firewalls based on perimeter security network (PA-3020, PA-5220). Create and maintain documentation of standards, best practices for supported technologies.
  • Good experience of firewall configuration and maintenance, experience with Cisco ASA equipment such as (5525-X, 5545-X and 5585-X along with firepower services.).
  • Work within established configuration and change management policies to ensure awareness, approval and success of changes made to the network infrastructure.
  • Integrated IP address management and network traffic analyzer module to solar winds to better visibility of devices.
  • Working knowledge of dynamic network routing protocols such as EIGRP, OSPF and BGP.
  • Working knowledge and providing support with Cisco Nexus 7K, 5K, 2K, VPC, VDC, Port-channels and 802.1q trunks .
  • Supported and administered with 3750 and 3850 stacks, ISR WAN 4551-X, 4331 and CSR routers
  • Installation, configuring and maintaining Checkpoint and Cisco ASA firewalls. Responsible for building and maintaining site to site VPN tunnels with other business partners based on the business requirements.
  • Configured systems log on the Confidential firewall and moved the logs to Splunk.
  • Worked with Confidential firewalls PA5050 using Panorama servers, performing changes to monitor/block/allow the traffic on the firewall.
  • Responsible for Confidential and Cisco ASA firewall administration across our global networks Maintenance and configuration of Cisco ASR1000 series
  • Installing, configuring, managing and modifying cisco Data Center Network Manager version 10.3 and 10.4.
  • Datacenter experience create new cable run list (L1), document runbook and Solution planning and upgrading, architect VXLAN, ACI and ASA cluster firewall with NAC, ISE
  • Installing and configuring new Cisco equipment including Cisco catalyst switches 6500, Nexus 7010, Nexus 5548 and Nexus 2k as per the requirement of the Organization.
  • Experience with F5 load balancers and Cisco load balancers (CSM, ACE, and GSS).
  • Working configuration of new VLANs and extension of existing VLANs on/to the necessary equipment to have connectivity between two different data centers.
  • Managing and providing support to various project teams with regards to the addition of new equipment such as routers switches and firewalls to the DMZs.
  • Participated and implemented zscaler cloud firewall for all the remote offices in North America, Europe and Asia sites.
  • Trained junior colleagues on the zscaler project and how to configure the tunnels to zscaler portal from the local cisco routers.
  • Configured zscaler tunnels on the dia circuits on all the remote offices and moved all the offices of to backhauling the internet from data center to local dia circuit through zscaler firewall.

Environment: Nexus (7k, 5k, 2k), cisco Meraki, Cisco firewall (5525-X, 5545-X), Cisco campus switches (4500, 6508-XL), Cisco catalyst switches (3850, 9300), SolarWinds, FortiGate firewalls (60E, 80E, 100E), Infoblox, routing protocols (EIGRP, OSPF, BGP), zscaler, zscaler firewall.

Confidential, Hartford, CT

Senior Network Security Engineer / Firewall Engineer

Responsibilities:

  • Configured L2 and L3 security features on devices
  • Experience with design and implementation of Virtual Switching System (VSS) on 6500 Switches
  • Manage a very large DNS environment using Lucent QIP and manual management of DNS for DMZ/External servers broad Hands on Experience in Inter-VLAN routing, redistribution, access-lists, and dynamic NAT
  • Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience
  • Experience CSM, F5 (LTM) Load balancers to provide efficient switching and routing for local and global traffic.
  • Implemented many numbers of security policy rules and NAT policy rules on Confidential, created Zones, Implemented Confidential Firewall interface, Confidential IDS, and VLAN.
  • Worked on the implementation of VXLAN and MLAG pairing of the switches.
  • Deploying, Scaling and troubleshooting many Datacenters across all of AWS network fabrics.
  • AWS data backup (snapshot, AMI creation) techniques, along with data-at-rest security within AWS.
  • Deploying the code to AWS instances and spin new instance depending on the requirement
  • Designed and implemented remote dial-up solution for clients
  • Installed and configured workstations for IP based LAN’s
  • Responsible for designing and implementation of network and Security infrastructure.
  • Experience in working with Nexus 7010, 9396, 5548, 5020, 2148, 2248 devices.
  • Experience in configuring vdc, fex pinning, fex port-channel, port-channel, peer keep alive, peer link.
  • Experience in working and designing configurations for vPC, vPC domain, vpc peer-gateway, vPC peer-switch, auto-discovery, vPC single sided, vPC double sided, NX-OS, Vfr, Otv, fabric path.
  • Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000.
  • Experience with Cisco ACI on VXLAN’s, VTEPS, VNID’s, EVPN, Bridge Domains, Tenants, Application profiles, Contracts etc. on ACI. Thorough understanding of Spine Leaf Architecture.
  • Experience working with Layer 3 Routing Protocols OSPF and BGP.
  • Configured and maintained VPCs with 7010/7018 and 5548 in the network and maintained VDCs in 7k switches, maintained VRFs in those separate VDCs.
  • Worked on ACE, A10 load balancers. Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
  • Worked in updating the Ciphers Suits to the VIP’s in A10 and worked on enabling and disabling the Backend servers.
  • Experience consisting of Global load balancing, Local load balancing, SSL acceleration, HTTP compression.
  • Involved in the modification and removal (wherever necessary) of BGP from the MPLS routers.

Environment: Cisco 4300,4400,4500, 3800 series routers and Cisco 3560, 4500,6500 series switches, Juniper EX4200, EX3200 Switches, Juniper MX80, MX480, MX960 Routers, F5 ADC, ASR 9000, Juniper SSG-140, Cisco Nexus Switches 2232, 5596, 7009, Checkpoint Firewall

Confidential, Pearl River, NY

Network Engineer

Responsibilities:

  • Configuring and troubleshooting multi-customer network environment.
  • Involved in network monitoring, alarm notification, and acknowledgment.
  • Implementing new/changing existing data networks for various projects as per the requirement.
  • Troubleshooting complex networks layer 1, 2to layer 3 (routing with MPLS, BGP, EIGRP, OSPF protocols) technical issues
  • Providing support to networks containing more than 2000 Cisco devices.
  • Performing troubleshooting for IOS related bugs by analyzing history and related notes.
  • Carrying out the documentation for tracking network issue symptoms and large-scale technical escalations.
  • Managing the service request tickets within the phases of troubleshooting, maintenance, upgrades, fixes, patches and providing all-around technical support.
  • Monitor the traffic of the network via NTA and IPAM
  • Provided Technical Support to customers and partners on Confidential security appliances
  • Commissioning and Decommissioning of the MPLS circuits for various field offices.
  • Preparing feasibility report for various upgrades and installations.
  • Ensure Network, system and data availability and integrity through preventive maintenance and upgrade.
  • Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-VLAN routing, LAN security.
  • Worked on the security levels with RADIUS, TACACS+.
  • Completed service requests (i.e. - IP readdressing, bandwidth upgrades, IOS/platform upgrades, etc.)
  • Configured switches with port security and 802.1 xs for enhancing customer’s security.
  • Monitored network for optimum traffic distribution and load balancing using Solar winds.
  • Created scripts to monitor CPU/Memory on various low-end routers in the network.
  • Handled installation of Windows NT Server and Windows NT Workstations.
  • Handled Tech Support as it relates to LAN & WAN systems.

Environment: MPLS, BGP, EIGRP, OSPF, NTA, IPAM, VLAN, Port Security, Trunking, LAN, RADIUS, TACACS+, LAN, WAN, MPLS, Solar Winds.

Confidential

Network Engineer

Responsibilities:

  • Worked with the Help Desk for circuit troubleshooting to give Support to the Tech persons at the site.
  • Configuring routers and sending it to Technical Consultants for new site activations and giving online support at the time of activation.
  • Supporting Development team for the access to corporate network and outside world. Providing access to specific IP, Port filter and port access.
  • Experience in Cisco 7200, 7600 routers, Cisco series switches: Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay and ATM).
  • Performed troubleshooting, while maintaining trouble ticket tracking, following internal/external escalation procedures and customer notifications. Configured Cisco Routers for OSPF, RIP, IGRP RIPv2, EIGRP, Static and default route.
  • Configured the Cisco router as IP Firewall and for NATting.
  • Switching (Ethernet) related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.
  • Installed and configured PIX 520, 525, 535 series firewalls, configured standard and extended access-lists and policy- based filters.
  • Configured ASA 5510 appliance and VPN.
  • Responsible for implementing Qos prioritizing voice traffic over a data.
  • Implemented SNMP on Cisco routes to allow for network management. Completed the installation and configuration of T1, T3 & OC3 circuits.
  • Troubleshoot TCP/IP problems, troubleshoot connectivity issues.

We'd love your feedback!