- Experienced in installation and troubleshooting of Cisco Layer 2 & 3 Networking Devices
- Experienced with cloud concepts related to security, networking, APIs, and automation(AWS) familiar with azure cloud computing(vnet,virtual machine, azure firewall)
- Strong configuration skills in Cisco Routers and Cisco Catalyst and Nexus 9K,7K,5K Switches
- Experienced with 802.1q, STP, RSTP, IPsec VPN, Site2site VPN
- Working experience with TCP/IP, RIPv2, EIGRP, OSPF, BGP routing protocols
- Excellent understanding of LAN/WLAN/WAN Networks, TCP/IP, DNS, & DHCP, NAT
- Sound configuration skills in administering Access Control lists (ACL) on Cisco Routers for Network security, Excellent IP addressing skills.
- Advance Knowledge on configuring Palo alto Firewalls which includes PA 3 K and PA 5K and 7K series
- Experience in configuring security policies including NAT/PAT, GlobalProtect, HIP, PANOS 8+ and 9+, URL Filtering, SSL decryption, IPS/IDS, RADIUS, TACACS+, LDAP, SSO)
- Understanding of IT Service Management (ITSM) best practices and processes
Senior Network Security Engineer
- Documents and presents information in a clear and concise manner to cross - operational teams and executive management
- Design and configure cisco Firepower/ASA, VPN profiles and Tunnels
- Performing migration from legacy firewalls to Palo alto next Generation Firewalls appliances and VM firewalls
- Experience with AWS services, including VPC, EC2, ELBs, IAM, S3, Route 53, ElastiCache.
- Upgraded Panoramas and firewalls both Virtual and hardware to latest firmware 8.1.x 9.x.x
Example: Panorama M-100/500, PA 200, PA 3K and PA 5K and 7K, and Vm instances like VM300, VM1000, VM700 both on premise and in the cloud.
Senior Network Security Engineer
- Configuring and administration of Palo Alto Next Generation Firewall using Panorama
- Designed zero trust network security architecture .
- Migrate cisco ASA firewalls to Palo alto NGFirewalls
- Upgrading Panoramas and firewalls both Virtual and hardware to latest firmware 8.1.x 9.x.x
- Created AWS VPCs and had them communicate with on-prem either through VPN / Direct connect using transit Getaway.
- Configured cloudwatch, Cloudtrail and VPC flow logs, IAM and Security groups
- Troubleshooting and monitoring security issues using the CLI
- Deploying Palo alto user ID within the entire enterprise
- Design, document, and support end-to-end networking solutions to support global deployment services including Global backbone and Data Center. High Availability Technologies: HSRP,VRRP,VSS and vPC. Protocols: OSPF, BGP,EIGRP
- Collaborate with other engineers in order to create, maintain, review and automate best practices, improve quality and efficiency of deployment
- Set documentation standards and developed a documentation repository as well as a process for implementation for engineering deployments.
- Ensured SLA targets were exceeded and network performance was exemplary and beyond expectations.
- Assess capacity and performance management of existing infrastructure including solarwind, monitoring using splunk
- Designed and implementation of data centers utilizing Cisco ASR1002, Cisco Nexus 7000/5000/2000 , ASA, Catalyst 6500 VSS. The build included all WAN (MPLS, BGP, OSPF, and EIGRP), datacenter switching (vPC, FabricPath, FEX), VPN, Wireless Responsible in design, monitoring and support of a worldwide network in optimized for reliability, high availability, scalability, and cost effectiveness, through the coordination of telecommunications and service providers.
- Collaborate with other engineers in order to create, maintain, review and automate best practices, improve quality and efficiency of deployment.
- Manage and support distributed enterprise firewalls, and all network security components.
- Collaborates with the systems engineering team to design, integrate and maintain an environment compliant with internal and external regulations.
- Design and planning, monitoring and maintaining the network while ensuring systems and process compliance with HIPPA,PCI and SOX audit