SUMMARY:

• Over 8+ years of experience in network security engineer with proficiency in installing, upgrading, troubleshooting, configuring, and supporting variety of Network & Security Devices.
• Maintain and Configure Firewalls like Palo Alto (PA - 3k, PA-5k), Cisco ASA 55XX, Checkpoints (R65/R77) Juniper SRX.
• Expert in Monitoring Checkpoint Firewall traffic through Smart Dashboard and smart view Tracker Applications
• Experience on Palo Alto NG Firewall configurations including URL filtering, Threat prevention, Data filtering, IPsec Tunnels, SSL-VPN and Zone Protection.
• Experience on Bluecoat Troubleshoot for Root Cause Analysis to ensure limited downtime
• Bluecoat Configuration modification for updates to rule sets
• Expert in configuringSecurity policies using App ID, Services, Security profiles and URL category.
• Experience on configuring and troubleshooting HA, Zones, VLANs, Routing, and NAT on firewalls as per the design requirements.
• Sound knowledge on Panorama, Wildfire, FireEye and its integration with Palo Alto Firewalls. Experience with CISCO ASA Content Securityand Control Security Services Module (CSC - SSM) and Advanced Inspection and Prevention SecurityServices Module (AIP-SSM).
• Responsible for Palo Alto, Check Point and Cisco ASA firewall administration across global locations.
• Experience on Access Control Server configuration using AD, RADIUS & TACACS+.
• Extensive experience in dealing with vendors for MPLS/DSL installations.
• Proficient in configuration & troubleshooting of routing protocols: BGP, OSPF, EIGRP, MP - BGP and their redistribution over the networks
• Hands on experience in deploying GRE tunnels, IPSEC Tunnels, SSL-VPN, Site-Site VPN and DMVPN.
• Proficient in implementation of filters using Standard and Extended access-lists, Time-based access-lists, Route Maps.
• Experience on implementing route manipulation using Offset-list, route metrics.
• Implemented redundancy protocols like HSRP, VRRP, and GLBP.
• Implemented VSS along with VDC and VPC on Nexus 5K, 7K switches.
• Worked on troubleshooting issues on F5 LTM related to network, objects and servers.
• Experience in rectifying issues related to F5 LTMs using F5 support services
• Managed all network and devices to include Cisco routers, switches, VPNs, SSL, Check point, Cisco PIX, Cisco ASA, Cisco FWSM as well as content delivery networks (CSS, Citrix Netscalarand F5 BigIP LTM and GTM 1600 and 3400 load balancers) enterprise environment.
• Expert level knowledge of troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as EIGRP, OSPF, BGP ability to interpret and resolve complex route table problems.
• Expert Level Knowledge about TCP/IP and OSI models.
• Ability to interpret and resolve complex route table problems.
• Experience in configuring router redistribution between routing protocols and troubleshooting them.
• Implementation of HSRP, VRRP and GLBP for Default Gateway Redundancy.
• In-depth knowledge and hands-on experience on IP Addressing, Sub-netting, VLSM and ARP, RARP and Ping Concepts.
• Experience setting up 802.1x wired and wireless networks in NAM (Network Access Manager)
• In-depth knowledge and hands-on experience on IP Addressing, Subnetting, VLSM and ARP, reverse & proxy ARP, DNS & DHCP, Ping and Traceroute concepts.
• Experience with DNS/DFS/DHCP/WINS Standardizations and Implementations.
• Experience in automating network actions across data center, cloud using Infoblox DNS, DHCP
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MST.
• Analyzed different types of attacks on Secure Socket Layer/ Transport Layer Security (SSL/TLS) which includes Crime, Beast, and Breach and Time attacks.
• Experience in network troubleshooting and analysis using Wireshark.
• Knowledge of server support group that provides system administration and advanced application support for 600+ VMware ESX.
• Hands on Designed, tested, built, and documented a VMware ESX platform to virtualize Linux application servers.
• Efficient at use of Microsoft VISIO/Office as technical document and presentation tools.
• Expert level of knowledge about TCP/IP and OSI models.
• Hands on with Upgrading Cisco OS, Jun OS using TFTP server.

TECHNICAL SKILLS:

Routers: Cisco 1700, 1800, 2600, 2800, 3700, 3800, 3900, 7200, 7600 series, ASR9k

Switches: Cisco 3550, 3750, 4500, 6500 series & nexus 7k, 5k, 2k, 1000v, 1010

Load Balancer: Cisco CSS, F5 Networks (BIG-IP)

WAN Optimization: Cisco WAAS, PPP Multilink

Routing: OSPF, EIGRP, BGP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static Routing

Switching: VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switching, Multicast Operations, Layer 3 Switches, Ether channels, Transparent Bridging

LAN: Ethernet, Fast Ethernet, Gigabit Ethernet, FDDI, CDDI, Token Ring, ATM LAN, Emulation

WAN: Leased lines 64k - 155Mb (PPP / HDLC), Fiber Optic Circuits, Frame Relay, ISDN, MPLS, DMVPN

Voice: Cisco call manager 8.x, 7.x

IP Telephony: VOIP, ISDN, PRI, Unified Call Manager

Wireless: Cisco 4400 Wireless Controller (WLC) and 1100, 1200 series Access Points

Firewalls: Cisco PIX, ASA, Juniper Netscreen, Palo Alto, SRX, Checkpoint

Features & Services: IOS and Features, HSRP, GLBP, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP and FTP Management

Network Monitor Tool: MRTG, Netbrain & Solarwinds & Cisco Prime Infrastructure

Protocol Analyzer: Wireshark

Ticketing tool & Data Center Tool: BMC Remedy 8 & Nlyte

Security: Cisco ASA, Check point, Juniper SRX, Palo Alto

Operating System: DOS, Windows (95, 98, NT/2000, XP, Vista/7/8/10), Cisco IOS, Pan-OS

PROFESSIONAL EXPERIENCE:

Confidential, Wilmington, DE

Sr. Network Engineer

Responsibilities:

• Responsible for managing and maintaining Data-center, DR andnetwork Infrastructure. Respond to outages, user problems by triaging and troubleshooting, plan for Device & OS upgrades.
• Have implemented OSPF within the four areas I administer. Setup Data-center and DR in area 0 and other regions in different areas.
• Worked with PAN migration tool to migrate from to Palo-Alto. Initially started with Like to like migration and then manually configured polices like used id, app id, URL filtering etc. to take complete advantages of PAN devices.
• Configured PA-5020, and PA-5050 to meet organizational requirements and industry best practices.
• Worked on Panorama to manage multiple Palo alto firewalls from one central location. Constantly ensured Software Upgrades and Content Updates are up to date on those devices.
• Worked on configuration of Anti-Virus, Spyware, Wildfire, APP-ID, USER-ID, and Global Protect on Palo-Alto devices. Also enabledSecurityPolicy, URL filtering, Threat Prevention etc.
• Implemented VDC, VPC, VSS, VRF and OTV on the Nexus 5505, 6500 and 7009 switches. Deployed Fabric Extender (FEX) 2248 for access layer.
• Made changes to data center environment, setup Nexus 7k and 5k hardware in a VPC topology
• Administered Cisco catalyst (6500, 4500), Nexus (2k, 5k, 7k), and Juniper (EX2300 EX3400) switches, enabled all L2 critical configurations like 802.1Q encapsulation, Port channels, VTP, VLAN, inter VLAN routing, etc.
• Deploying and decommission of VLANs on core ASR 9K, Nexus 9K, 7K, 5K and its downstream devices and configure 2k, 3k,7k series Routers.
• Gained abilities to take preemptive measures to mitigate DDoS attacks on Cisco and Palo alto Firewalls.
• Expertise on configuring and maintaining SSL VPN's on Palo alto and Cisco ASA firewalls
• Involved in migration from Site-to-site GRE tunnelsnetwork to MPLS-based VPN for customer's WAN infrastructure.
• Took initiative to block traffic from rouge nations, also worked in blocking traffic from malicious sites as per the Information Security Systems guidelines using bluecoat proxies.
• Completely administered and maintained F5 Big-IP (LTM and GTM) and Brocade Load balancers.
• Worked with Quality of service traffic. Involved in QoS issues related to Policing, Shaping and queuing towards access and distribution level L2 and L3 devices.
• Configured Cisco 6500, 4500 & 3750 Catalyst Switches for Network access.
• Worked on configuring BGP, OSPF, EIGRP protocols on Cisco (7200, 3800), Juniper (MX240, MX280) series Routers, also enabled HSRP and VRRP protocols for redundancy
• Assisted in setting up new 510 and 810 Blue Coat Proxy SG units, performed one to many proxy migrations.
• Worked with Aruba 7200, 3600, series wireless controllers, Airwave Wireless NetworkManagement System and clear pass servers. Setup ClearPass policy manager and ClearPass guest access manager to authenticate wireless users.
• Set-up Tufin clusters in virtual environment, worked on monitoring tools like, SolarWinds & Splunk and Sniffing tools like WireShark
• Worked with Infoblox IPAM and SolarWinds IPAM for IP address management

Environment: Cisco 2948/3560/4500/3560/ 3750/3550/3500/2960 , 6500,Cisco 3640/ /3845/3600/2800/3800 routers, Aruba 7200, 3600, PA-5020,PA-5050,Fortinet Firewall, Juniper(EX2300 EX3400) Nexus 2K/7K/5K, Cisco ASA 500, Checkpoint, windows server 2003/2008: F5 BIGIP LTM, RIP,OSPF,BGP,EIGRP,LAN,WAN,VPN,HSRP, F5 Load Balancers, Checkpoint, NetFlow, Gigamon

Confidential, Scottsdale, AZ

Network Security Engineer

Responsibilities:

• Installation, configuration and maintenance of Palo Alto Firewalls, Cisco ASA firewalls.
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering)
• Successfully installed Palo Alto Next-Generation PA-3060, PA-5060 firewalls to protect Data Center with the use of IPS feature.
• Experienced in handling Panorama firewall management tool to administer Palo firewalls
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Manages, maintains and support Checkpoint Firewalls, IPS/IDS, EndpointSecurity products, PKI, andnetwork Security Infrastructure.
• Implementing and Managing VPN Networks of the Customer through CheckpointR75 firewalls.
• Real-timesecurity events monitoring, maintain endpoint andnetwork security controls and managingnetwork IDS/IPS, firewalls, malware detection, review and respond tosecurity events
• Managed VPN, IPSec, Endpoint-Security, status policy, Application control, IPS, Monitoring, Anti-Spam, Smart Provisioning, DLP using Checkpoint Firewalls
• Installed, configured and set security policies on cisco and checkpoint firewalls, VPN
• Network security involves web filtering on internet sites (User's restriction) using checkpoint Firewalls.
• Experience handling tickets with less or no supervision in troubleshooting checkpoint 77.30. access points.
• Worked extensively in configuring, Monitoring and Troubleshooting Check Point R77.XX security appliance, Failover DMZ zoning & configuring VLANs / Routing / NATing with the firewalls as per the design. Extensive Knowledge on the implementation of Cisco ASA 5500 series and checkpoint R 75 firewalls
• Responsibility is to design and deploy various Network Security & High Availability products like Check Point R 77.XX and other Security Products.
• Designed, configured, implemented site-site VPN on cisco ASA 5500 firewall.
• Configured Routing Protocols like BGP, OSPF, MPLS, multicast and L2 protocols in ASA to check it is passing through via Cisco ASA in customer deployments. Involved in setting up IP Sec VPN between ASA firewalls.
• Implementation/verification of changes Citrix Netscaler, GSLB, VSERVER, SERVICES, SSL CERTS APPEXPERT.
• Performed basic security audit of perimeter routers, identifying missing ACL's, writing and applying ACL's Network security including NAT/PAT, ACL and Cisco ASA firewall.
• Configuring of Cisco Routers such as 1700, 1800, 2500, 2600, 3200, 3600, 3700, 3800 and 7200, 7609.
• Experience converting Cat OS to Cisco IOS on the Cisco 6500 Switches.
• Configuring IP, RIP, EIGRP, OSPF and BGP in routers.
• Maintaining and operating Cisco Prime Infrastructure in a worldwide deployment.
• Configured and Maintained over 1500 VoIP Phones throughout several sites.
• Well experience in troubleshooting and optimizing performance in Cisco based routers and switches.

Environment: Cisco 3750/3550/3500/2960 switches and Cisco 3640/ 00/3845/3600/2800 routers, Cisco ASA5510, Fortinet Firewall FortiGate 5000 series, PA-3060, PA-5060, Nexus 7K /, ASA 5500, Checkpoint, LAN,OSPF,BGP,RIP,EIGRP Checkpoint, Palo Alto.

Confidential, East Peoria, IL

Network Engineer

Responsibilities:

• Maintain and track the status of device supplied to the client. Installation & Maintenance of Juniper switches, routers & firewalls. Implementing and maintaining WAN/LAN and WLAN networks in different diagrams.
• Designed Securitypolicies on Palo Alto Networkfirewall for controlling what traffic needs to be allowed or blocked based on customer requirements.
• Analyzed the Policy rules, monitor logs and documented the Network/Traffic flow Diagram of the Palo Alto Firewalls placed in the Data Center with MS Visio.
• Provided daily Palo Alto Firewalls administration such as Threat prevention, URL filtering, IPSEC and SSL VPN's, zone-based integration, and analyzing syslog's, and utilizing wild fire feature in Panorama.
• Experience with working on Palo Alto Next-Generation firewallsSecurity profiles.
• Provided Load Balancing towards Access layer from Core layer using F5 NetworkLoad balancers.
• Implemented various EX, SRX & J Series Juniper devices. Identified opportunities for implementation ofNetworkbest practices, particularly F5 load balancer implementations.
• Utilized Aruba's Airwave server to manage and monitor the Network for issues. Involved in migration of F5 Local Traffic managers of LTM 5100 series to LTM 6800 series for higher.
• Design and integration of Juniper SSG series firewalls, SA VPN Appliances, J series Routers and EX series switches. Implementing and configuring F5 Big-IP LTM-6400 load balancers.
• Created and resolved Checkpoint, Palo Alto Customer orders and request orders. Configured ASA 5520 firewall to support Cisco VPN client on Windows 7/XP/Vista.
• Deployed Palo Alto Networks PAN- 5050 designed and configured the commands for QoS and Access Lists for Nexus 7K and 5K.
• Experience working with Nexus 7018/7010, 5020, 5548, 2148, 2248 devices.
• Configured Routing Protocols like BGP, OSPF, MPLS, multicast and L2 protocols in ASA to check it is passing through via ASA in customer deployments. Involved in setting up IP Sec VPN between ASA firewalls.
• Configured and performed software upgrades on Cisco Wireless LAN Controllers for WirelessNetwork Access Control integration with Cisco ISE.
• Experience with implementing Cisco 6500 VSS on the User Distribution Switches and upgraded IOS on the ASA 5550, 5585, 5520 firewalls.
• Performed basic Securityaudit of perimeter routers, identifying missing ACL's, writing and applying ACL'sNetworkSecurityincluding NAT/PAT, ACL and ASA firewalls.
• Re-design enterprise PCI Internal and External (PCI ASV) program to meet intent of PCI DSS requirements and ensuring coverage of PCI assets. Implemented site to site VPN in Juniper SRX as per customer.
• Installed high availability Big IP F5 LTM and GTM load balancers to provide uninterrupted service to customers. Optimizing and monitoring the performance of a WLAN, LAN, WAN and user's segments.
• Configuring RIP, OSPF and Static configuration on Juniper Series Routers. Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches.

Environment: Juniper EX/SRX Switches, E, J Series Routers, Nexus 5k/7k Switches, Cisco ASA 5500 series, Juniper SRX, Palo Alto, Checkpoint, Firewalls, F5 BIGIP LTM, GTM, NetScaler, L3 VPN, OSPF, BGP, MPLS, EIGRP, LAN, WAN, RSTP, STP, BPDU, HSRP, VRRP, QOS, IDS/IPS.

Confidential

Network Administrator

Responsibilities:

• Experience in Cisco 7200, 7600 routers, Cisco series switches: Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay and ATM).
• Performed troubleshooting, while maintaining trouble ticket tracking, following internal/external escalation procedures and customer notifications. Configured Cisco Routers for OSPF, IGRPRIPv2, EIGRP, Static and default route.
• As a part of new site implementation configure Cisco devices with different routing protocol like BGP, OSPF, EIGRP based upon client requirement and as per company standards
• Experience with Information Technology Infrastructure Library (ITIL) processes, especially change management and configuration management.
• Experience in using Putty, Win SCP, Active Directory, VoIP, WebSphere Application Server, Apache, Eclipse, Databases (DB2, Oracle, SQL Server)
• Performed switching related tasks such as implementing VLANS, VTP, RSTP and Portsecurity.
• Implementedsecurity measures using ACL and configured NAT according to the connectivity requirement.
• We will make sure all Cisco routers are running with SNMP, SSH, Syslog, AAA, IPFlow and latest Cisco IOS
• As pa part of new site deployment, we will configure WAAS box to enable network(TCP) optimization
• Implementing HSRP, VRRP, GLBP redundancy on layer2 and Layer 3 level
• Port-channel implementation on Nexus 7k, 5k, Catalyst 6500, 4500 series for servers to get high bandwidth
• New Cisco Switches configuration with VLAN's, VTP and syslog, SMP server and other security features
• Nexus 7k, 5k, 2k Configuring with FEX, FHRP, VPC, VDC based on design which we are going to implement
• New Switches configuration with VLAN's, VTP and syslog, SMP server and other security features

Environment: In Corporate office architecture with highly reliable & secured network including Cisco routers (7200, 7600,3800, 2800) and Cisco switches (6500, 3700, 4900, 2900), Nexus (7K, 5K & 2K) Catalyst 6500, 4500 series, Routing Protocols (EIGRP,OSPF,IGRPRIPv2, OSPF, BGP), Switching protocols (VTP, STP, GLBP, HSRP), FortiGate Firewall, Checkpoint, Palo Alto, Load balancer

Confidential

Jr. Network Engineer

Responsibilities:

• Designing private networkand maintaining the hardware, software installation & configuration.
• Designing and implementation of routing policy for customer internet route with link utilization.
• Configuring the routes like default, static routing and dynamic routing in the devices.
• Involved in Local AreaNetworkdesign, troubleshooting and maintenance as per requirement.
• Creating and Maintaining the Networkstability on VLAN, LAN and WAN.
• Troubleshooting issues related to VLAN, VLAN- Trunking, and STP.
• Involved in implementation of Trunking Encapsulation IEEE 802.1Q and ISL on Cisco catalyst switches L2, L3
• Designing the VLAN along with INTER- VLAN routing.
• Configuring Cisco routers 26xx series using OSPF and EIGRP.
• Configuration to different applications with RSTP, VTP, VTP Pruning.
• Redistributing from OSPF to RIP and vice versa by implementing hub and spoke topology with a Frame Relay Switch in between.
• Troubleshooting TCP/IP problems troubleshoot connectivity issues in multiprotocol Ethernet.
• Configuring static Nat, dynamic Nat and Nat pooling.
• Designed the networkwith sustainable IP using SUBNETTING like FLSM, VLSM.

Environment: Cisco 7200/3845/3600/2800 routers, Routing Protocols EIGRP, OSPF, BGP including VPN, VLAN,LAN, WAN,L2,L3,RSTO,VTP,FLSM,VLSM,TCP/IP,MPLS and Ether Channels