We provide IT Staff Augmentation Services!

Network Security Engineer Resume

SUMMARY

  • A driven individual with ability to acclimate to new technologies and environments. More than 7 years of experience as an administrator in Design and Network Configuration and Network Support. Expertise in giving network solutions, security, and technical support.
  • Thorough knowledge and experience in Cisco Routing (Cisco routers - 1900, 2900, 3000, ASR- 1k/9k) Switching (Cisco multilayer switches - 4500, 6500, Cisco Nexus 2k/5k/7k/9k) and Security along with strong basics and foundation in networking applications and processes.
  • Experienced in previous and ongoing technologies like IPv4, IPv6, RIP, EIGRP, OSPF, BGP, Frame Relay, ACL, VPN.
  • Extensively worked on Cisco catalyst 6509 and implemented VSS along with VDC and VPC on Nexus 5505, 7009 switches. Implementation of Fortinet Firewall FortiGate 600, 800 series. Experienced in using Firewall technologies like rules creation, policies, configurations, and modifications of Juniper SRX, Cisco ASA and Check point. Migrate and Patch management of Cisco Firewalls.
  • Working knowledge in handling network monitoring tools such as Wireshark, NetFlow, SNMP and SYSLOG.
  • Expertise knowledge in scripting languages (JavaScript/Bash/Python/Ansible), VMware, ticketing tools like ServiceNow, Remedy and network security including NAT/PAT, ACL, VPN and IPSEC on DMVPN.
  • Used SDWAN technology to direct traffic across all the location of WAN.
  • Wireless LAN, VLANs and InterVLAN configuration.
  • Worked on Cisco multilayer switches that support STP, RSTP, PVST, RPVST.
  • Troubleshooting InterVLAN routing and VLAN Trunking using 802.1Q.
  • Tier 2 ISP routing protocols, IP subnetting, VLSM, TCP/IP, NAT, DHCP, DNS, Firewalls, VPN, SSL.
  • High level understanding of various protocols like UDP, TCP, Telnet, FTP, HTTP, etc.
  • Experienced in networking concepts like IP address management, network security, VLANs, TCP/IP protocols.
  • Working experience on various firewalls like Palo Alto, Juniper, Check point and Fortinet.
  • Experience in Cisco WSA/CWS, Cisco ASA, VPN, Cisco ISE, Cisco IPS and Cisco APS.
  • Network Administration done using the rules and methods of Network Access Control (NAC) to provide security and augment protection to LAN network.
  • Experienced on networking operating systems like Cisco IOS, cat OS, Cisco IOS XR, Cisco IOS XE and JUNOS.
  • Expertise in Ansible automation platform and creating JavaScript runbooks. Working knowledge on GCP networking.
  • Expertise in ticketing tools like Remedy and ServiceNow. Working knowledge on scripting languages like Python, Perl, and JavaScript.
  • Experienced in network security that includes NAT/PAT, ACL, VPN and IPSEC on DMVPN.
  • Worked on Blue Coat URL Filtering with whitelisting and blacklisting URL and making andmanaging rules and regulations for content filtering.
  • Experience in writing commands and execution of command line interface (CLI) with F5 BIG- IP and Traffic management Shell (TMSH).
  • Network administration skills in configuring L2/L3 devices, TFTP, FTP, CISCO IOS, NX-OS and thorough knowledge of troubleshooting.
  • Worked on reviewing of AWS resources for open security group ports on ELB, EC2 and RDS resources as well as open S3 bucket policy rules locking down all resources with least security permission.
  • Experience in configuring and troubleshooting NetScaler, BIG-IP F5 load balancer LTM.
  • Managed the fire sight devices along with security tools like Symantec, MacAfee.
  • Designing, Develop and Execute Test-Cases using C# and python.
  • Worked on Load balancer F5 LTM, Citrix NetScaler, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
  • Professional level understanding of TCP and UDP including the ability to identify root cause f illusive problems through packet capture analysis.
  • Network administration experience including configuring L2/L3 devices, TFTP, FTP, CISCO IOS, NX-OS and comprehensive troubleshooting skills.
  • Working knowledge on SDM and adhering to client needs and delivering client requests timely in regards to troubleshooting, configuring and managing Cisco products.
  • Determined and highly motivated team player who is willing to use my foundation to the best of my ability and reach goals and potential.

TECHNICAL SKILLS

Cisco Switches: 2920, 2960, 3550, 3560, 3650, 3750, 3850, 4500, 4948, 4507, 6500, 9300, 9500.

Cisco Routers: 1600, 1700, 1800, 1900, 2600, 2800, 2900, 3600, 3800, 4300, 4400, 7200, 7600, 9010.

Nexus Switches: 7702, 7010, 5020, 5548, 5596T, 2148, 2348.

Juniper: EX-2200, EX-4200, EX-4500, EX-8200, MX-480, MX-960 Series, SRX210, SRX220, SRX240, SRX3600/650, SRX5800 Juniper Net screen, IDP Technologies, Junos IOS.

Routing Protocols: OSPF, BGP, EIGRO, RIP, IS-IS, MPLS PBR, Static Routing, Route Filtering and Redistribution.

Switching Protocols: LAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-layer switch, Ether Channels.

Multicast Protocols: IGMP v2/v3, CGMP, PIM-Sparse and Dense Mode, DHCP, FTP, TFTP.

Operating Systems: Windows XP/7/8, Windows Server 2003/2008, Mac OC X and Linux.

Ticketing Software: Remedy, Service Now.

Firewall & Security: Palo Alto, Check point (R62, R65, R70, NGX), Meraki, Fortinet, ASA Cisco Firewall.

LAN Technologies: Ethernet, Fast & Gigabit Ethernet, SMTP, VLAN, VTP, STP/RSTP, Cisco Prime.

WAN Technologies: Channelized links (T1/DS3/OC3/OC12), Fiber Optic Circuits, Frame Relay, DSL, ISDN, Silver peak.

Network Security: Cisco ASA, ACL, IPSEC-VPN, AWS.32

Gateway Load Balancing: HSRP, VRRP, GLBP, EBGP

Load Balancers: Cisco CSM, F5 Networks (BIG-IP) LTM 8900, BIG-IP GTM 6800, Cisco ACE 4710.

Language Skills: C, Bash Scripting, Python, Ansible

Network Management: SolarWinds, Wireshark, SNMP, Putty, Proteus, GNS3, Cisco Packet Tracer, Cisco Prime, Tenable Nessus scanners.

Services: IOS and Features, IRDP, NAT, SNMP, VM Ware, AWS, Azure Cloud, NTP, VoIP, DDoS, L4, Stakeholder, Jenkins, Dockers, Cisco CRS, Ansible.

PROFESSIONAL EXPERIENCE

Confidential

Network Security Engineer

Responsibilities:

  • Configured and managed ASA Cisco firewalls, Firepower Chassis Manager (FCM), Firepower Management Centre (FMC), Cisco Security Manager, Next-Gen Firepower threat Defense (FTD).
  • Deployment of Route maps on F5 BIG IP GTM to link various VIPs from other F5 BIG- IP LTM to GTM.
  • Working experience on Cisco NX-OS and next generation spine and leaf architecture.
  • Working knowledge with REST API and good understanding of cloud service using Z scaler.
  • Configuration of latest NEXUS switches (7k, 9k) and experience in configuring and troubleshooting.
  • Cisco Routers (ASR1002-X, 3945) and expertise in configuration of routing protocols OSPF, EIGRP, BGP and Policy routing over Cisco routers, switches like NEXUS 7Ks, Catalyst 6500.
  • Optimization of SDWAN and managing workloads on Azure virtual machines.
  • Experience on Configuring and troubleshooting of network security: NAT/PAT, ACL, IPsec, site to site and remote VPNs in ASA cisco firewalls and Palo Alto firewalls.
  • Configured OSPF, BGP, LDP, MP-BGP on Juniper M960 and Cisco CRS-1 in the Core.
  • Migrated Nexus 7Ks & 5Ks to a Nexus Fabric containing Spines and Leaf in datacenter. Experience in using Cisco Migration Tool to import & export, Access Control Policies & NAT’s.
  • Extensive MPLS, EIGRP and BGP design. Configuring MPLS features such as traffic engineering, VPNs, and VPLS.
  • Using DMVPN as a backup connectivity to our Data Centers.
  • Experience with Checkpoint Firewall policy provisioning and making sure the Security Gateway to give correct functionality.
  • Working knowledge on SDM to deliver client needs and respond timely to their requests and complaints.
  • Modification of Palo Alto PA-500, PA-2k, PA-3k, and PA-5k to help in prevention of cyber-attacks.
  • Experience in Updating and migrating to newer technologies in MX series routers.
  • Analysis of Fortinet Firewall FortiGate 600, 800 series.
  • Developed F5 and NetScaler load balancing in an SDN environment in round robin manner.
  • Worked with network engineers’ team to deploy and design SDWAN infrastructure (Cisco ACI, Cisco ISE) to provide secure, carrier independent SDWAN connectivity across enterprise.
  • Acting as a mediator between team members and with external stakeholders when conflicts arise.
  • Deployment of Palo Alto firewall into the network. Configured the Access List Policies on protocol-based services.
  • Used BGP environment to redistribute routes seamlessly from Viptela into MPLS SDWAN.
  • Diagnose and troubleshoot wireless, switching, security and network related issues reported by CISCO Meraki users.
  • Developed applications in RYU to perform DNS blacklist, SDN traceroute and unicast DHCP.
  • Worked on Nexus 5k, 7k & 9k switches and log into routers and switches to manage configuration changes.
  • Installation, Deployment, Upgrades and Monitoring of Fortinet firewalls.
  • Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewalls.
  • Configure various LAN switches such as Cisco 4948,4510,4507,3650, 2920 switches for VLAN, Fast Ether Channel configuration.
  • Worked with internal/external customers & application teams for the firewall access issues and Troubleshooting using Splunk, FMC, packet capture, packet tracer & TCP dump.
  • Deployed Cisco Firepower Threat Defense FTD (2100,4100&9300) along with Intrusion prevention system (IPS), logging features in Firepower management center (4500).
  • Manage Cisco and Juniper Firewall access lists, address translation, and Site to Site IPsec and remote connection of VPN's.
  • Troubleshoot latency and throughput issues on MPLS and Dedicated Internet Access circuits.
  • Experience in configuring Static, BGP, EIGRP, and OSPF Routing Protocols on Cisco 3600, 4300, 4400, ISR series Routers.
  • Worked on load balancer configuration and VPN using the Citrix NetScaler.
  • Experience working Juniper T-Series, M-Series, ERX 1400, M320, MX960, J-Series Routers.
  • Juniper MX480s, EX8200s, EX4500s, EX4200s, and SRX5800s from scratch to match design.
  • Design expertise for the SDWAN (Versa & Viptela), SD-LAN and WAN optimization technologies for efficient delivery of the application data across LAN and WAN.
  • Hands-on experience in configuring Viptela devices and creating device and feature templates on vManage required for SDWAN implementation.
  • Used Viptela router to connect all entities and automatically route traffic between them as if they were on one seamless VPN connection.
  • Installation, configuration, and troubleshooting Citrix NetScaler devices, Citrix Access Gateway, Storefront, Controllers and Windows Operating systems.
  • Experience in using IP Control & Infoblox for DNS, DHCP & IP addresses Management. Configuration, connectivity, and routing for new and existing EVC circuits and MPLS backbone and remediate when necessary.
  • Network-wide segmentation using Viptela.
  • Deployed BGP and OSPF for internal and external traffic to the data network over MPLS cloud and this may include influencing route-maps, communities, policies, and access-list for customer traffic.
  • Involved in migration from Frame-Relay/ATM network to MPLS-based VPN for customer’s WAN infrastructure.
  • Handle escalated Support tickets till closure for MS Azure IaaS platform.

Confidential

Network Support Engineer

Responsibilities:

  • Expert level experience on OSI models, TCP/IP, UDP networking architecture, CLI, hardware, connectivity and edge gateways and configuring all routing protocols like static, BGP, EIGRP, and OSPF Routing protocols on latest and old Cisco series routers.
  • Provide high level technical support for ACI (Application Centric Infrastructure), APIC technologies.
  • Implemented Quality of Service (QoS), Policy Maps, ACI, SOAP, Class-maps documentation, and Policy Routing in the network infrastructure.
  • Cisco ISE administration and setting up of ASA Cisco Firewall across organization’s network.
  • Design Implement and troubleshooting of Juniper MX series routers, SRX 220 firewall and other firewalls like EX-2200, EX-4200, EX-4500, M series and SRX series.
  • Migration from previous and existing hardware to new infrastructures in routers and switches.
  • Profound expertise on routing with BGP
  • Working experience on Aruba routers to maintain VPN across all connection and maintain secure networks.
  • Worked on Arista routers and major fundamentals of cloud networking.
  • Troubleshooting, deployment and management using Cisco
  • Working experience on implementing Network Security through Fortigate Firewalls with application prevention, threat prevention, etc.
  • Maintain, regulate, and manage Cisco and Juniper Firewall access lists, ACL rules, site to site IPsec and remote connection of VPNs. VPN connection between AWS and Data Centre.
  • Strong knowledge and experience on working with new Cisco 9000 series.
  • Load balancing of network traffic using Wireshark and Solar Winds.
  • Worked with Palo Alto firewalls. Design and Installation, URL and Data filtering. Integrate LDAP with Palo Alto rules and Global Protect Client VPNs.
  • Active Azure VPN gateway configuration.
  • Migrating form Layer 2/Layer 3 fabrics to Next Gen spine and leaf architecture, parallel architecture. Worked with the application team to define map dependencies for better workflow within ACI.
  • DHCP and FTP server’s configuration in Linux and Solaris servers.
  • Configuration of Network and security for CISCO CAT switches series and Access layer switches such as CISCO 4510, 4507, 4948 for VLAN and Fast ethernet configuration.
  • Load balancing configuration, EBGP, F5, Net Scaler to segregate and manage traffic across servers.
  • Mapping, documentation, Network Diagrams through MS Visio.
  • Performing ACL changes requested by various clients and answering to their problems.
  • Worked on Silver Peak WAN optimization technology with Edge Connect for creating high performance SDWAN solutions.
  • Resolving tickets and troubleshooting of L2/L3 problems with the support engineering team.
  • Worked on Infoblox and Splunk to deliver important technologies support and help.
  • Worked on MPLS to manage traffic and increase speed of processes.
  • Route filtering to help customers and troubleshooting BGP issues using route maps.
  • VIPs migration to F5 load balancers from Cisco ACE and CSM.

Confidential

Network Security Analyst

Responsibilities:

  • Installing, Configuration and Troubleshooting of latest NEXUS 7000 series, 5000 and 3000 series.
  • Support, Design and manage ACI networks for many companies.
  • Migration from NEXUS 3k, 5k,7k to ASR 9000. Migration from previous routers/switches/technologies to new ones.
  • Configuring trunking lines (ISL trunk) on Fast Ethernet channels and setting up Voice VLANs.
  • VTP configuration on new Cisco LAN switches such as Cisco CAT 2900, 3550, 4500, 6509 switches for VTP domain, VLAN, Trunking.
  • Worked on Aruba 3810 and Juniper SRX 210,240, Ex4200, QFX5100, and configured OSPF and BGP on these switches.
  • Installing, Configuration, troubleshooting and managing layer 3 protocols.
  • Setting up of VLANs, implementing VLANs and implemented switching related tasks. Configuration of routing policies for BGP.
  • Creating ACL rules for layer 3 security. ACL to allow only authorized users to access the servers on checkpoint firewalls.
  • Design, test, and implement networking components and VLANs to support data, voice, video, and unified communications.
  • ACL rules for SRST testing, block or move packets across networks.
  • Packet capture with Wireshark for troubleshooting and analyzing protocols.
  • Worked with Cisco fiber cables, Cisco Nexus 2248 Fabric Extender and Nexus 5500 series for data center architecture.
  • Worked on Fortinet and Checkpoint firewalls for troubleshooting of protocols and managing traffic flow.
  • Worked on load balancers F5 V9 BIG-IP 1500, 3400, F5 networks GTM Platform. Working knowledge on Citrix NetScaler.
  • Tests done by using scripting language like Ansible, JavaScript.
  • Configuration, implementation, and problem determination across the major firewall platforms and understanding each customer environment at a detailed level.
  • Provided network consulting to clients. Experience with Firewalls, Email Systems and Cisco Systems.
  • Deployment of virtual firewall ACL rules and policies in Counteract NAC appliances. Working knowledge on cloud networking like Azure and AWS infrastructure.
  • Configuring RIP, OSPF and Static routing on Juniper Routers.
  • Strong knowledge of standards associated with Carrier Ethernet, EVC Service Types, QoS, CoS, 802.1AG.

Hire Now