Network Security Engineer Resume
Phoenix, ArizonA
SUMMARY:
- Responsible for service request tickets generated by teh helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes wif all around technical support.
- 6+ years of experience in networking, installing, configuring and maintaining network devices.
- Hands on experience in configuring Cisco Catalyst 2960, 3750,3850, 4500, 6500 and Nexus 3000, 5000, 6000, 7000, 9000 series switches and Cisco 2600, 2800, 3600, 3800, 7200, 7600 series routers.
- Implementing IP addressing schemes, LAN/WAN protocols, IP Services, to meet network requirements in different environments.
- Expertise in Configuration of Virtual Local Area Networks (VLANS) using Cisco routers and multi - layer Switches and supporting STP, RSTP, PVST, RPVST along wif trouble shooting of inter-VLAN routing and VLAN Trunking using 802.1Q.
- Implemented redundancy wif HSRP, VRRP, GLBP, Ether channel technology (LACP, PAgP).
- Proficiently implemented traffic filters using Standard and Extended access-lists, Distribute-Lists, Route Maps and route manipulation using Offset-list.
- Hands on experience in deployment of GRE tunneling, SSL, Site-Site IPSEC VPN and DMVPN.
- Extensively worked on Cisco catalyst 6509 and implemented VSS along wif VDC and VPC on Nexus 5505, 7009 switches.
- Performed configuration, deployment and support of cloud services including Amazon Web Services(AWS) and deploy monitoring, metrics, and logging systems onAWS.
- Comprehensive expertise in teh implementation of optimization, analysis, troubleshooting and documentation of LAN/WAN networking systems.
- Working noledge on configuring access lists. Troubleshooting DNS/DHCP issues wifin teh LAN network.
- Involved in troubleshooting network traffic and its diagnosis using tools like ping, traceroute, WireShark, TCP dump and Linux operating system servers.
- Implemented many number of security policy rules and NAT policy rules onPaloAlto, created Zones, PaloAltoFirewallinterface,PaloAltoIDS and VLAN.
- Hands-on experience on CheckpointFirewallR77, Palo Alto and CiscoASA5520firewalls.
- Experience wifNetworkAutomation using Python.
- Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP, V4, V6, MPLS
- Experience wif convert Checkpoint VPN rules over to teh CiscoASAsolution.
- Migration wif Checkpoint, CiscoASAand VPN experience.
- Experience in configuring Virtual Device Context in Nexus 7010.
- Responsible for Check Point and Cisco ASA firewall administration across global networks.
- Experience in Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering)
TECHNICAL SKILLS:
Cisco Routers: 2600, 2900, 3600, 3800, 7200 and 7600
Juniper Routers and firewalls: MX240, MX480, MX960, SRX1500 and SRX5600
Cisco L2 & L3 Switches: 2900, 3560, 3750, 3850,4500, 4900, 6500, Nexus 5K/7K/9K
LAN Technologies: Ethernet, Fast Ethernet, and Gigabit Ethernet, SMTP, VLAN, Inter-VLAN Routing, VTP, STP, RSTP, Light weight access point, WLC.
WAN Technologies: Leased lines 128k - 155Mb (PPP / HDLC), Fiber Optic Circuits, Frame RelayISDN, Channelized links (T1/DS3/OC3/OC12), Load Balancing.
Network Security: Cisco ASA, ACL, IPSEC, Juniper SRX,QFX, EX.
OS products/Services: DNS, DHCP, Windows (2000/2003/2008, XP), UNIX, LINUX.
Routing Protocols: MPLS, OSPF, EIGRP, BGP, RIP-2, PBR, IS-IS, Route Filtering, RedistributionSummarization, Static Routing, IPv4,IPv6.
Gateway Load Balancing: HSRP, VRRP, GLBP
Various Features / Services: IOS and Features, HSRP, GLBP, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP,TFTP and FTP Management
Network Management Tools: Wireshark, Netflow Analyzer, Cisco Works, Etheiral, SNMP, HP open view, Etheiral, Solarwinds, Splunk.
Security Server Protocols: TACACS+, RADIUS, Cisco FirePOWER
Facilities: DS0, DS1, DS3, OCX, T1/T3
Load Balancers: Cisco CSM, F5 Networks (Big-IP) LTM 8900, Cisco ACE 4710.
Operating Systems: Windows (98, ME, 2000, XP, Server 2003/2008, Vista, Windows 7), Linux
Firewall & Security: Checkpoint, Palo Alto, Cisco ASA 5520, PIX 501, 515E, 520,API
PROFESSIONAL EXPERIENCE:
Confidential, Phoenix, Arizona
Network Security Engineer
Responsibilities:
- Installing and configuring new Cisco equipment including Cisco catalyst switches 6500, Nexus 7010, Nexus 5548 and Nexus 2k as per teh requirement of teh Organization.
- Experience in implementing Next GenerationFirewalls(NGFW) such as Bluecoat Proxy and other vendors such as Palo Alto networksNGFWfor URL filtering.
- Experience in configuring VPC (Virtual Port Channel), VDC (Virtual Device Context) in Nexus 7010/7018.
- Configured PaloAltoNetworksFirewallmodels PA-3k & PA-5k (PA 3060, PA 5060 and PA 7050) as well as a centralized management system (Panorama) to manage large scaleFirewalldeployments.
- Help customers build scalable, resilient, and high-performance applications and services on AWS.
- Involved in migrating teh architecture from regular VM's toAWSCloud Management.
- Assist in teh fulfillment ofcloud-basedinfrastructureand migration of applications and data.
- Supported teh implementation ofcloud-basedIT environments using virtualization and data center technologies.
- Built and managed Azurecloudbasedsystems for rapid deployment and integration wif Azureinfrastructure.
- Successfully installed Palo Alto PA-3060 firewalls to protect Data Center and provided L3 support for routers/ switches/ firewalls.
- Worked wif Palo Alto firewalls PA 5050 using Panorama servers and performing changes to monitor/block/allow teh traffic on teh firewall.
- Implementation of severalenterprisecustomer data cloud environments wif Microsoft on UNIX/Linux/Windows platforms for data transformation of telecommunication and networking applications.
- Worked on Pulse Secure desktop client added new features such always-on and on-demand VPN to meet teh specialized needs of its customers.
- Participated in many large-scalenetwork projects and possessed profuse experience regarding teh design, deployment, configuration and maintenance ofCisconetwork products forenterprise-class customers.
- Monitoring projects on Siems, Logs, andIDS.
- Daily responsibilities included design, implementation, support and administration of multiple security products running CheckPoint Provider-1 and SourceFire.
- Provided Tier 3 support onSourceFireIPS/NGFW sensor placement and deployments.
- Monitoring and analyzing network traffic, Intrusion Detection Systems (IDS) and Instruction Prevention Systems (IPS), security events and logs.
- Monitoring Network using Network Auditor and follow upIDSand ISP and do reports weekly.
- Review teh Security Information Management (SEIM) tool interface, as teh tool correlates and aggregates alert data from multipleIDSsensor types and additional security devices.
- Robust Cisco voice skills for Cisco Unified Communications Manager, Cisco unity connection and Cisco voice gateways deployment and post implementation support.
- Help to build API capability including various aspects like security, services governance and policy management.
- Enterprisecloud computing and virtualization for tier 1enterpriseapplications.
- Worked on Pulse Mobile Security Gateway (MSG) product. MSG manages security and policies on mobile devices including Android and Windows Mobile. Major wireless service providers use MSG.
- Configured Firewall, IPS, andQoSby SDM and provide security by Prefix list, Access- List and by Distribution List.
- Automated network implementations and tasks and designed monitoring tools using python scripting.
- Advanced understanding of IT Security, OSPF, VRF, BGP, Cisco DMVPN, Multicast, IPSEC, and IP management deploying Cisco routers, switches, and ASA firewalls, Juniper MX,SRX, and EX devices.
- Supported design and planning ofJuniperMXandSRXproducts and associated solutions wifin teh Customer infrastructure.
- Configured Site to Site IPsec VPN tunnels to peer wif different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.
- Installation using Cisco 7500, 8500, 5508 Wireless LANcontrollers, Cisco Prime Infrastructure equipment and Cisco Identity Services Engine (ISE).
- Troubleshoot connectivity issues usingArubaClearPass, SolarWinds NPM/NCM and other technological resources as required.
- Expertise in document creation wif technical configurations, security standards design and network documentation using MSVisio.
Key Technical skills: Palo Alto PA 5220(5K and 3K),PA 850, Panorama software version 8.1.6 Model-M-500, Cisco switches 6500, Nexus 7010, 5548, 2k and 7k, Bluecoat proxy SG S/200, S/400, Cisco Security Manager 4.14.0 service pack 2, Splunk 7.0.3.6, F5 Networks (Big-IP) 11.5.1 LTM 8900, AWS cloud management, Wireshark 3.0.3, Azure could, IPS/IDS, SourceFire, Juniper MX240, MX480, MX960, SRX1500 and SRX5600.
Confidential, Fort Worth, TX
Network Firewall Engineer
Responsibilities:
- Involved in migrating physical Linux/Windows servers to cloud (AWS) and testing.
- Installed, configured and maintained DNS systems using Route53 (AWS) and used Cloud watch for basic and detailed monitoring ofAWSresources.
- Designing, implementing LAN/WAN configurations on Cisco Nexus 5K, catalyst 6500 switches.
- Configuration and Installation ofJuniperEX 4500,MX-480, M Series, and SRX210.
- Configured RIP, OSPF and Static routing onJuniperM andMXseries Routers.
- Be able to identify and troubleshootVoIPservice-impacting troubles and provided technical support for Residential and BusinessVoIPcustomers.
- Replaced aging Checkpointfirewallarchitecture wif new next generationPaloAltoappliances serving asFirewallsand application inspection.
- Reviewed and recommend appropriate action on network data fromIDS/IPS, routers, and firewalls devices deployed on customer networks as it relates to internal and external attack.
- Made recommendations for teh findings, wat rules and which ones to be turned on wifin theIDS.
- Daily management of activities to include DMZ,Enterprise, Wireless and Data Center Network.
- Wrote and edited team technical documentation across multiple topics, wif an emphasis onIPS/IDS.
- Deployment and support forCiscoUnifiedCommunicationsManager,CiscoUnity Connection, andCiscoVoice Gateways.
- Expertise in maintenance of layer2 switching tasks - VLAN, VTP, RSTP, configuration of ether channel wif LACP and PAGP along wif troubleshooting of inter-VLAN routing.
- Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525) & ASA 5500(5510/5540) Series.
- Experience wif converting PIX rules over to teh Cisco ASA solution.
- Configured Cisco switches 6500, 4500, 3750 to support voice and data wif customQoSpolicy.
- Performing network monitoring, providing analysis using various tools like Wireshark, Splunk, Solar winds etc.
- Experience working in Datacenter environment, configuration changes as per teh needs of company.
- ConfiguredCiscoISE server to authenticate wired and wireless clients wif and MAC options.
- Networking responsibilities includedCiscoRouters, Switches,Wireless, Optical and Electrical cabling, security applications, VPN and firewall.
- Worked on F5 BIG-IP LTM 8900, configured profiles provided and ensured high availability.
- Buildout and integratedCiscoISEat 2 data centers.
- Helping them to set up point to point OSPF connection on their Cisco and juniper routers like MX, EX, ASR series devices wif their current network.
- Configure, deploy, maintain, and troubleshoot Networking equipment such as security and NAT policies on firewalls, routing policies onJuniperMX, EX,SRXin both Corporate Infrastructure and Website Production networks.
- Implemented site-to-site VPN in Juniper SRX as per customer.
- Installed, Configured and tested Cisco Wireless (Aironet 3700, 2700,1600, 700W) andArubawireless devices.
Confidential, San Francisco, CA
Network Engineer
Responsibilities:
- Experience wif Checkpoint Firewall policy provisioning.
- Migrating teh policy from Checkpoint Firewall to Cisco ASA firewall.
- Identify, design and implement flexible, responsive, and secure technology services.
- Experience wif Firewall Administration, Rule Analysis, Rule Modification.
- Configured and resolved various OSPF issues in an OSPF multi area environment.
- Hands-on experience wif WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP/OSPF), and IP addressing.
- Installed different software on teh systems. Install and managing network devices including Hubs, Switches.
- Experience working on F5 load balancers and ASA firewalls.
- Configuration and troubleshooting of Cisco catalyst 6509, 7613 wif supervisor cards.
- Planned resources and presented project status to higher management.
- Created and delivered internal s for BGP.
- Responsible for service request tickets generated by teh helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes wif all around technical support
- Supporting EIGRP and BGP based PwC network by resolving level 2 &3 problems of internal teams & external customers of all locations
System Engineer
Confidential
Responsibilities:
- Performed troubleshooting, while maintaining trouble ticket tracking, following internal/external escalation procedures and customer notifications. Configured Cisco Routers for OSPF, RIP, IGRP RIPv2, EIGRP, Static and default route.
- Configured teh Cisco router as IP Firewall and for NATting.
- Worked wif teh Help Desk for circuit troubleshooting to give Support to teh Tech persons at teh site.
- Switching (Ethernet) related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.
- Troubleshooted and escalated issues to identify and repair network issues for WAN, Voice, Video, Internet connections and end-user issues.