PROFESSIONAL SUMMARY:

• Network Engineer with Over 8+ years of experience in testing, troubleshooting, implementing, optimizing and maintaining enterprise data network and service provider systems.
• Implementation, Configuration and Support of Checkpoint (NGX R65, R70, R71, R75 and R77), Juniper Firewalls (SRX5400, SRX5600 and SRX5800), Cisco Firewalls (ASA 5505, 5506 - X, 5585), Palo AltoNetworks Firewall models (PA-2k, PA-3k and PA-5 k).
• Provide scalable, supportable military grade TCP/IP security solutions along with expert TCP/IP network designs that enable business functionality.
• Administration, Engineering, and Support for various technologies including proficiency in LAN/WAN, routing, switching, security, application load balancing and wireless.
• Worked on Juniper Net Screen Firewalls NS50, SSG 550M, SSG520M, ISG 1000, ISG 200 and Cisco PIX 535, 520, 515, ASA -5500 and 5505.
• Experience in Deployed Check Point Provider-1 NGX and configured CMAs
• Install, configure, document, and maintain global enterprise LAN/WANsystems consisting of Brocade, Foundry, Cisco, Juniper, Palo Alto, Avaya, andRiverbedtechnologies.
• Policy development and planning / programming on IT Security, Network Support and Administration.
• Experience withJuniperSRX 240 Firewalls, QFX,MX, EX SERIES
• Experience in configuring and Troubleshooting BIG-IP F5 load balancer LTM.
• Creating Virtual Servers, Nodes, Pools and iRules on BIG-IP F5 in LTM module.
• Experience with Firewall migrations from PIX firewall to Cisco ASA and Juniper SRX firewall appliances
• Supported configurations forCiscoVoice CUCM, Unity and UCCE as well as supporting infrastructureACS, Radius and F5
• Experience in analyzing security logs generated by Intrusion Detection/Prevention Systems (IDS/IPS), firewalls, network flow systems, Anti-Virus, and/or other security logging sources.
• Monitor SIEM and IDS/IPS feeds to identify possible enterprise threats. Actively investigate, respond to and remediate security incidents.
• Proficiency in configuringCiscoASA 5540, 5580,AAAauthentication, Palo Alto Firewall
• Strong background working with Cisco Unified Communications suite (Call Manager, Unity Connection, Presence, Emergency Responder, Jabber Client)
• Experience with Bluecoat Proxy servers, LAN & WAN management.
• Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.
• Experience with Checkpoint VSX, including virtual systems, routers and switches.
• Design Cisco voice technologies, including CiscoUnifiedCommunicationsproducts such ascommunicationsmanager (CUCM), Unity/Unity Connection, and CER
• Administration of IBM QRadar SIEM systems,
• Experience with DNS/DFS/DHCP/WINS Standardizations and Implementations.
• Extensive understanding of networking concepts, (IE. Configuration of networks, router configuration and wireless security, TCP/IP, VPN, Content Filtering, VLANs, and routing in LAN/WAN, Ethernet Port, Patch Panel and wireless networks.)
• Experience with security tools from various vendors to include: Cisco, McAfee, Symantec, Sourcefire, ArcSight, Juniper, BlueCoat, Encase, FireEye.
• Experience with management platforms such as Panorama, Juniper NSM and Smart center.
• Hands on experience with Juniper mx and ex series
• Black listing and White listing of web URL on Blue Coat Proxy Servers.
• Administration of production Windows Servers infrastructure that includes Domain Controllers, IIS Web Servers, SharePoint, File and Print and FTP/SFTP servers.
• Experienced with routing protocols (RIPv1/2, IGRP, EIGRP, OSPF, BGP), switching (VLANS, VTP Domains, STP and trunking),
• Extensive experience in Windows 2008 R2/2008/2003 Wintel Servers at single or multi domain platforms.
• Proficient in installing and configuring Windows Server 2003, 2008, 2012 and Windows XP, 7 & 8 Professional Client Operating Systems
• IDS and IPS event management using CSM including signature updates for SSM Modules, IDSM.
• Provides management level reporting of firewall and Intrusion Protection System (IPS) activity on a periodic basis.
• 24 x 7 on call support.

TECHNICAL SKILLS:

Cisco router platforms: 2500, 2600, 2800, 3600, 3700, 3800, 7200, 7609

Cisco Switch platforms: 2900XL, 2950, 2960, 3560, 3750, 4500, and 6500.

Firewalls & Load Balancers: Cisco ASA 5585, 5550, 5540, Juniper SRX5400, 5600, 5800, Juniper Netscreen 6500, 6000, 5400. Juniper SSG Firewalls, Palo Alto PA- 2000/3000/4000/5000, F-5 BIG-IP LTM (3900 and 8900), Blue Coat SG8100, AV 510, AV810.

Routers: Cisco routers (1900, 2600, 2800, 2900, 3600, 3800, 3900, 7200, 7600), Cisco L2 & L3,Cisco NCS 2k,4k,4216, Juniper routers (M7i, M10i, M320)

Switches: Cisco switches (3560, 3750, 4500, 4900 & 6500), Nexus (2248, 5548 &7010)), Cisco ASR 9000 series, Cisco ACE load Balancers

Routing: RIP, EIGRP, VRF, OSPF & BGP, Route Filtering, Redistribution, Summarization, Static routing

WAN Technologies: FRAME RELAY, ISDN T1/E1, PPP, ATM, MPLS, leased lines, DSL modems.

LAN Technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, NAT/PAT, FDDI. Cisco

Secure Access Control Server (ACS) for TACACS+/Radius.

Routing Protocols: RIP, OSPF, EIGRP, and BGP.

Switching Protocols: VTP, STP, RSTP, MSTP, VLANs, PAgP, and LACP.

Network management: SNMP, CiscoWorks LMS, HP OpenView, Cisco ISE, Solar winds, Ethereal.

Software: Microsoft Office Suite, MS SQL Server 2008, HTML.

Language: Unix, Turbo C / C++, basics in Perl and Shell scripting.

EXPERIENCE:

Confidential, Boston, MA

Sr. Network Security Admin

Responsibilities:

• Implementing security Solutions using PaloAlto PA-3000/5000, Cisco 5580/5540/5520
• Configuration and administration of firewalls, which includes Palo Alto and Cisco ASA firewalls.
• Researched, designed, and replaced Cisco firewall architecture with new next generation Palo Alto PA3000 and PA5000 appliances serving as firewalls and URL and application inspection.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using Panorama.
• Successfully installed Palo Alto PA-3000/PA-5000 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• As part of Security and network operations(NOC) team I was actively involved in the LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems)
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls and also implemented Zone Based Firewall and Security Rules on the Palo Alto Firewall.
• Configuration and Maintenance of Cisco ASA, ASA 5540, ASA 5520, ASA 5510 series firewalls.
• Deployment and Management of Blue coat proxies in forward proxy scenario as well as for security in reverse proxy scenario.
• Set up and configure new 810 and 9000BlueCoatProxySG units to Bank of America standards, updating these standards when needed with A&E.
• Extensive knowledge of Cisco ISE, FirePower, Cisco AMP for endpoints, and/or FireEye.
• Worked onBlueCoatProxy SG to safeguard web applications in extremely untrusted environments such as guest Wi-Fi zones.
• Provide and ongoing support to customers in best practices with configuring a next generation Palo Alto firewall including URL Filtering, Antivirus, Intrusion Prevention,Wildfire, and Application control.
• Provided administration and support on Blue coat Proxy for content filtering and internet access to primary, remote site offices and VPN client users
• Monitor Intrusion Detection Systems (IDS) console for active alerts and determine priority of response.
• Successfully deployed VIPRION 2400 with 2 blades and licensed the chassis with vCMP.
• Review daily log data gathered from various resources such as sensors, alert logs, firewall logs, content filtering logs.
• Installed and configured F5 BIG-IP to provide Load Balancing for server across multiple datacenters.

Environment: Cisco ASA 5580/5540/5520, Palo Alto PA-5000/3000, Big IP F5 LTM/GTM, Nexus switches, TCP/IP, VPN, wireshark, Cisco Sourcefire, Splunk, Bluecoat Proxy servers, IDS/IPS. SIEM and Monitoring.

Confidential, Boston, MA

Sr. Network Admin

Responsibilities:

• Implementing security Solutions using PaloAlto PA-5000/3000, Cisco 5580/5540/5520, Checkpoint firewalls R70, R75, R77.20Gaia and Provider-1/MDM.
• Configuration and administration of firewalls, which includes Checkpoint, Juniper, and Cisco ASA firewalls.
• Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for stateful replication of traffic between active and standby member.
• Researched, designed, and replaced Checkpoint firewall architecture with new next generation Palo Alto PA3000 and PA5000 appliances serving as firewalls and URL and application inspection.
• Configuring rules and Maintaining Palo Alto Firewalls& Analysis of firewall logs using Panorama.
• Successfully installed Palo Alto PA-3000/PA-5000 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• As part of Security and network operations(NOC) team I was actively involved in the LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems)
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls and also implemented Zone Based Firewall and Security Rules on the Palo Alto Firewall.
• Planned, configured, and actively managed thecommunicationshardware infrastructure that included Cisco 3745/3845 Voice Gateways, VG248 Analog Gateways, CiscoUnifiedBorder Elements, and
• Installed and configured high availability Big IP F5 LTM and GTM load balancers like 6600, 6800 to provide uninterrupted service to customer applications and monitoring the availability.
• Responsible forDatacenteroperations, monitoring and maintaining the network devices 24/7.
• Planning, designing, configuring, testing, validating, implementing and deploying of Microsoft Local Administrator Password Solution (LAPS) across client's Active Directory with GPOs.
• Assist in the creation and maintenance of network andDataCenterdiagrams and detailed site documentation..
• Worked on F5 solutions/support for migration work of applications and websites from Cisco CSS Load Balancers to the F5 BigIP Load Balancers.
• Build the rules for the application access across the IPSEC VPN tunnel
• Experience with converting Cisco 6500 IOS to Cisco Nexus NX-OS in the data center environment.
• Install updates on new signatures.
• Working on day-to-day service tickets to solve troubleshooting issues.
• 24x7 support.

Environment: Cisco ASA 5580/5540/5520, Checkpoint R70, R75, R77.20 Gaia, Palo Alto PA-5000/3000, Big IP F5 LTM/GTM, wireshark,CiscoSecureACS5.x, Nexus switches, CISCO ISE, TCP/IP, VPN, Cisco WSA, Bluecoat Proxy servers, Qradar, IDS/IPS. SIEM and Monitoring.

Confidential, Columbia, SC

Sr. Network Engineer

Responsibilities:

• Daily technical hands on experience in the configuration, troubleshooting of Juniper SRX firewalls as well as experience working directly with customer in a service/support environment.
• Troubleshooting Firewall Connectivity related issues using Smart view tracker on Checkpoint, NSM Log viewer for Juniper Firewalls.
• Expert working knowledge including the ability to setup, configure, upgrade, manage, and troubleshoot switches; enterprise VPN solutions; Juniper SRX firewalls.
• Design, Implement & troubleshooting of Juniper switches, routers, Wireless and Firewalls EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240, SRX 3600/650, WLM1200, WLA632, WLA 532, WLC2800 and JunosVwireless Lan controller.
• ExperienceQFX5100, SRX 1500, 5400, MX 480, EX 4300 Series Routers and Switches, Aruba wireless 7200 series.
• Successfully deployed VIPRION 2400 with 2 blades and licensed the chassis with vCMP
• Configuring & Managing LAN, WAN, VPN and Firewall of Juniper MX Routers for End Users
• Perform the technology planning, design, implementation and L3 support of IT Security solutions including PKI, Checkpoint Endpoint Security, Splunk, Bromium, and other security tools.
• Ensure identity management systems align withCiscohardware and software and follows TACACS+ and/or RADIUS standards by utilizingCiscoAccess Control Server as an Authentication, Authorization, and AccountingAAAserver.
• Used Python to interface with the UI and manage the storage and deletion of content.
• Managing and administering Juniper SRX and Checkpoint Firewalls at various zones including DMZ, Extranet (Various Business Partners) and ASZ and internal.
• Deep understanding intrusion detection/protection systems such as Sourcefire, Firesight, Snort and FireEye and tools like tcpdump, Wireshark, nmap.
• Licensing the VIPRION 2400 vCMP guest and mirroring the vCMP guest.
• Implementing Security Solutions in Juniper SRX and NetScreen SSG firewalls by using NSM.
• Monitoring Cisco FirePower (Threat Detection System), ASA traffic logs, Manage SIEM, access control list, VPN connection reports, and routers/switches change events.
• Part of the migration from "network centric" model to an application policy model infrastructure, create plans in includeACI, Hybrid Cloud and use of containers and orchestration tools
• Configure B2B VPN with various business partners and 3rd parties and troubleshoot VPN Phase 1 and Phase 2 connectivity issues including crypto map, encryption domain, psk etc.
• Provided administration and support on Blue coat Proxy for content filtering and internet access to primary, remote site offices and VPN client users
• Follow information security policies, methods, standards, NIST standards, and practices to organize information systems, IT material, and interpret regulations.
• Monitor Intrusion Detection Systems (IDS) console for active alerts and determine priority of response.

Environment: Juniper (SRX, JUNOS, ScreenOS, NetScreen SSG), Big IP F5 LTM/GTM, Nexus switches, TCP/IP, VPN, wireshark, Cisco Sourcefire, Splunk, Bluecoat Proxy servers, IDS/IPS. SIEM and Monitoring.

Confidential, Irvine, CA

Network Security Engineer

Responsibilities:

• Day-to-Day work involves scheduling firewall policy provisioning and working with users to identify connectivity related issues and troubleshoot using both Smart Utilities and CLI.
• Managing and administering Juniper SRX and Checkpoint Firewalls at various zones including DMZ, Extranet (Various Business Partners) and ASZ and internal.
• Implementing Security Solutions in Juniper SRX and NetScreen SSG firewalls by using NSM.
• Juniper Firewall Policy management using NSM and Screen OS CLI.
• Hands on experience with Cisco Unified Applications like (CUCM, CUC, CER, UCCX, Presence, WebEx, Wireless, Video, etc.)
• Operate and manage routers, firewalls, load balancers, and Public-key infrastructure (PKI).
• Working experience of IPSec, SSL VPN and PKI technologies.
• Network consisted ofJuniperMX104, SRX3600, QFX3600, EX4300, EX2200,JuniperMAG SSL Configure and administer Cisco ASA Firewalls (5585, 5550 and 5540) and use command line CLI, Cisco CSM, ASDM for day-to-day administration.
• Active/Standby and Active/Active HA configuration on Cisco ASA Firewalls.
• Solved problems on case-by-case basis with deep understanding of networking/firewall concepts, particularly withFortinetdevices.
• Worked on configuration, maintenance and administration of Palo Alto PA3000 Firewalls and migrating customers from Cisco ASA to Palo Alto in HA network.
• Configuring rules and Maintaining Palo Alto Firewalls& Analysis of firewall logs using various tools.
• Involved in Upgrading bluecoat proxy servers from SG s to SG B.
• Administration Big IP F5 LTM for all Local Load balancing and use GTM for load balancing across Data Centers.
• Work directly with insurance companies to determine patient specific coverage and understand current HIPAA laws.
• PerformedFortinetFirewall OS upgrades viaFortinetManager.
• Support Data Center Migration Project involving physical re-locations.
• 24 x7 on call support.

Environment: Juniper (SRX, JUNOS, ScreenOS, NetScreen SSG), Cisco (CheckPoint, ASA Firewalls), Palo Alto Firewalls, Big IP F5 LTM/GTM, TCP/IP, FortiGate.

Confidential, San Jose, CA

Network Engineer

Responsibilities:

• Troubleshoot problems on a day to day basis &provide solutions that would fix the problems within their Network.
• Part of Network Operation Center NOCoffshore support team from India supporting HP Data Center 24x7. L2 support for Cisco PIX and ASA Firewalls.
• Schedule changes and work through maintenance requests over weekends.
• Assisted in troubleshooting LAN connectivity and hardware issues in the network of 100 hosts.
• Maintained redundancy on Cisco 2600, 2800 and 3600 router with HSRP.
• Hands on experience in Cisco Routers and Switches.
• Configuration of CISCO Routers (2600, 2800 Series) and 3550, 4500 series switches.
• Creating groups, users and policies in Active Directory.
• Maintenance and Troubleshooting of connectivity problems using Ping, Trace route.
• Managed the IP address space using subnets and variable length subnet masks (VLSM).
• Point-to-Point, Frame Relay, T3, ATM, WAN troubleshooting.
• LAN cabling in compliance with CAT5 standards.
• Troubleshooting Active Directory, DNS, and DHCP related issues.

Environment: Cisco 2600/2800 routers, Cisco ASA, TCP/IP, VLSM, AD, DNS, Switching/Routing.