SUMMARY:

• A Network Security Engineer with proven knowledge and extensive experience gained over several years of working with different vendors
• NGFWs (Next Generation Firewalls) ranging from Fortigate, Checkpoint and Palo Alto.
• Configuration and Deployment of Fortigate, Palo Alto and Checkpoint NGFWs
• Implementation of UTM (Unified Threat Management) and ATP (Advance Threat Protection) across different platforms in a network
• Check Point Firewall Cluster Upgrades and Site - to-Site VPN configuration/Implementation
• Implementation and management of H/A in Palo Alto and Fortigate
• Sound knowledge of policy implementation and deployment across different vendors in Network security
• Good understanding of AWS global infrastructure (Region, AZ, Edge locations)
• Hands-on experience in AWS and strong knowledge of all its different services (EC2, S3, Cloudfront, Route53, Autoscaling, RDS, DynamoDB etc.)
• A good team-player and innovative thinker with ability to learn fast and adapt to changing situations
• A good understanding Cyber threats and Cybersecurity and the employment of automation in preventing cyber attacks
• Routing & Switching including configuration of routing protocols (OSPF, EIGRP BGP)
• Sound knowledge of Network Segmentation and its importance in securing/protecting a Network

PROFESSIONAL EXPERIENCE:

Confidential, TX

Network Security Engineer

Responsibilities:

• Configuration and deployment of policy through Pan 8 to facilitate traffic between several applications and servers involved in migration from a Legacy system to the Cloud
• Opening several Ports (standard & non-standard) on the FW for several applications (standard and custom)
• General troubleshooting to understand and eliminate problems which could arise with traffic at any time
• Actively collaborate with all other members of the team (Network, Server, Operations etc.) to ensure smooth operation and strict adherence to budgetary timeline

Confidential

Senior Network Security Engineer

Responsibilities:

• Configuration and deployment of Palo Alto NGFW (versions 5.0 & 7.0) successfully on several occasions
• Configuration and installation of security policies in accordance with the company’s SOP
• Employment of Panorama in the deployment, configuration and management of Palo Alto NGFWs
• Configure IPsec-VPN and troubleshoot VPN tunnel using all available tools including the CLI
• Configure and manage H/A in production environment to allow for redundancy and facilitate transparent fail-over
• Configure and employ Panorama for logging and reporting purposes
• Configure different Security Profiles for deployment with different security policies and rules to ensure maximum Network Security and prevent against possible DoS/DDoS attack
• Configure QoS (Quality of Service) for bandwidth optimization in a Network
• Configured and Implemented NAT (Dynamic and Static) on Palo Alto, Checkpoint and Fortinet NGFW successfully on several occasions
• Perform periodic policy auditing to remove rules or policies that are no longer needed to reduce Firewall and Network overhead
• Configure User ID and Authentication using Active Directory
• Schedule regular downloads and updates to keep the Firewall up to date
• Configure SSL decryption in PA-5050 and Forti-OS
• Troubleshoot and analyzed traffic logs to solve Network traffic issues
• Respond to emergency outages, disaster recovery and other Network Security issues
• Good experience architecting and configuring secure cloud infrastructure in AWS
• In-depth knowledge of AWS services like EC2, S3, Route53, Cloudfront, RDS, DynamoDB, etc. and how the services interact with each other to deliver a good user experience
• Creating IAM users and Groups and granting them the necessary permission adhering to the “Principle of Least Privilege”
• Creating and managing S3 with Lifecycle policy to optimize storage cost.
• Integrating Cloud watch alarm with SNS for monitoring and alert purposes
• Ensuring Audit compliance by using AWS services like Cloudwatch Logs, CloudTrail, AWS Config etc.

Confidential, IL

Network Security Engineer

Responsibilities:

• Assisted in planning, design and installation of network segmentation Firewall rules to support security architecture designs, strategies and compliance
• Actively involved in planning and implementation of Checkpoint upgrades from R75-R77 in the company network
• Configured and implemented NAT (Dynamic and Static) in Fortigate, Checkpoint and Palo Alto Firewalls
• Configured and managed Checkpoint Cluster (H/A) for Clients
• Configured and monitor VPN tunnel activities with Smart View Monitor and troubleshoot VPN issues with CLI
• Configured HTTPS inspection/SSL decryption paying attention to compliance issues
• Good understanding of the OSI, different protocols (TCP/UDP, IP, ARP, ICMP) and their importance in networking, traffic and data transmission
• Configured and managed H/A in Fortigate and Palo Alto NGFW.
• Deployment and installation of Checkpoint, Fortigate and Palo Alto NGFW
• Well experienced in using virtual lab environment: VMware, GNS3 in troubleshooting and simulation of different network scenario
• Reviewed traffic logs regularly to identify potential threat and vulnerability and take necessary preventive action