SUMMARY

• 9 + years of hands on experience providing network support to a range of LAN/WAN and Wireless Telecommunication Networks.
• Extensive hands - on experience in Planning, designing of Corporate Firewalls architecture and implementing in distributed environment i.e., configuring & troubleshooting - Checkpoint, Cisco PIX, ASA, FWSM & Juniper Firewalls.
• Experience on different Checkpoint products like NGX R60, R65, R71, R75, R77 SPLAT, Nokia IPSO Smart Center and Cluster XL.
• Experience in migrating CSS to F5 load balancers, and upgrade F5 to Viprions.
• Installing & configuring firewalls like Checkpoint NG & NGX, Cisco ASA & Pix, and ISA.
• Planning and executing changes and upgrades to teh operating systems of servers directly supporting firewall components and functionality.
• Executing change requests to teh firewall rule base.
• Executing changes to teh autantication configuration established at teh user, client, and session levels.
• Planning, Designing & Implementing VPN connections using Checkpoint, ASA, Cisco PIX, and Cisco Routers using site-to-site VPN’s.
• Proposal & Deployment of security & Network connectivity details for Offshore Development Centers (ODC’s).
• Implementing changes to teh supported encryption configuration and domains of enabled client(s) to teh firewall VPNs
• Installing and maintaining SSL VPN’s, Cisco Easy VPN servers attaining teh work from home concept.
• Implementing of BCP (Business Continuation Plan) for project connectivity’s.
• Designing and Implementing Remote access VPN server using Checkpoint & Cisco ASA.
• Experience in migrating Firewalls - Checkpoint R55, R60, R65,R70, R71, R75, PIX, ASA
• Experience in configuring and troubleshooting site-to-site VPN’s.
• Extensive load balancer experience - F5 - Big IP, Cisco CSS & CSM’s, Citrix Netscalers
• Installing, Configuring and troubleshooting of network devices CISCO Routers and CISCO Switches.
• Security design, vulnerability assessment, development and implementation of Security Policies.
• Extensive experience in operating, troubleshooting and supporting Cisco Routers, Ethernet switches in LAN/WAN environments.
• Installing and configuring Cisco L2, L3 & L4 Switches (2900, 3560, 4500 & 6500) as per Cisco 3-tier Architecture (Core, Distribution, Access)
• Implementing Cisco Secure Access Control Server (ACS 3.0 & 4.0) for TACACS+/ RADIUS
• Implementing & maintaining network management tools like MRTG, JFFNMS, Netflow Analyzer, Smokeping and NTOP.
• Flexible and adaptable working capability as an individual or in a group.

TECHNICAL SKILLS

Web-Servers: IIS 5.0/6.0/7.0/7.5

Cisco: Cisco, OSPF, BGP, PBR, Route Filtering, ISE, Redistribution, Summarization, Static Routing, ASA

Firewall: Checkpoint R75, R77 Gaia, Provider-1/MDS and VSX, ASA, Palo Alto Panorama, PA-500, PA-3060

Network Tools: Wireshark, Blue Coat proxy, Infoblox, infiniti Stream, Opnet, Splunk, NetIM

Ticketing Tools: Tufin, ServiceNow, BMC remedy, Stargate

Load Balancers: F5 Big IP, Citrix Net scalar

Monitoring Tools: SCOM, MOM, Riverbed, NETIM

LAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port channel, VLANS, VTP, STP, RSTP, 802.1Q

Security Protocols: IKE, IPSEC, SSL-VPN

Networking Protocols: RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA

Operating System: Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix, Gaia.

Scripting: C, C++, HTML/HTML5; UNIX Shell Scripting

PROFESSIONAL EXPERIENCE

Confidential, VA

Network systems Administrator

Responsibilities:

• Plan, implement and support network solutions between multiple platforms using various protocols
• Install and maintain LAN/WAN/Wireless network hardware and Software.
• Design network routers, hubs, firewalls, ASA, Sourcefire(IDS/IPS), BigIP, Bluecoat devices.
• Experience in Infoblox managing Infoblox 1050,1410 appliances in DNS - Creating and managing Domains.
• Building IPsec Site to Site VPN and Remote access VPN for users and business partners.
• Configuring and troubleshooting IPsec VPN on ASA Firewall.
• Troubleshooting, Monitor & Maintain rules policies on CISCO ASA via ASDM and cli.
• Experience with Blue Coat Systems -implementing and Managing Bluecoat SG400, Bluecoat SG800
• Blue Coat URL filtering with whitelisting and blacklisting URL, creating rules for content filtering.
• Created/modified necessary profiles dat allowed authorized devices on to teh network.
• Installed, configured new ISE nodes and connected them to external Active Directory services.
• Migrated Autantication from 1.3 version deployment to 2.1 version on ISE.
• Configured Stealth Watch as a remote logging target on ISE to send pertinent data about people and devices dat are connected to teh network.
• Plan, coordinate and implement network security measures to protect data, software and hardware.
• Troubleshoot system issues, resolve & recommend solutions
• Experience with F5 BIG-IP local traffic manager for performing load balancing across servers across data centers.
• Implementing and configuring F5 LTM's for VIP's and Virtual servers as per application and business requirements.
• Modify computer security files to in corporate new software, correct errors or change individual access status.
• Providing 24*7 on call production support to troubleshoot teh incidents related to most critical revenue generating applications.
• Maintaining Corporate Firewalls & Analysis of firewall logs using firewall optimization tools Tufin.
• Planning & implementation of information security guidelines as per teh security standards.
• Verifying & Configuring teh Rules in firewalls. (Firewall Change Request processing).
• Configuring Network Address Translation (NAT) according to teh connectivity requirements.
• Implement security policies using ACL, ASA & Routers.
• Upgrading Operating Systems for various network equipment’s & applying Hot-fixes.
• Taking Regular backups & testing teh backups by restoring in test lab frequently.
• Disaster Recovery Planning (DRP) - performed DRP for Checkpoint, F5, bluecoat& ASA - Replicate teh production environment in DR.
• Provide technical support for data security, Disaster recovery and network design initiatives.
• PNPS (Production - Nonproduction Separation): Non-prod Mainframe separation - Planning and device deployment for various infrastructure components, Checkpoint, Bluecoat, Tufin.
• Bluecoat - Unified agent installation tool for monitoring malicious activity on user desktop.
• Bluecoat - Troubleshooting and implemented tickets on daily basis.
• Firewall gateway upgrades (R75 to R77) and install teh maintaining teh firewalls with current Jumbo Hotfix (Take 216 & Take 302).
• Audit - Annual review of Firewall rules - Generate reports accordingly and analyses teh rules and disable accordingly. a. Firewall Prod/Non-prod b. Bluecoat
• Establishing and troubleshooting OPSEC connectivity from Secure Track to Checkpoint Management server.
• Tufin Upgrade from 15.4 - 16.3 - 17.2.

Confidential, Harrisburg, PA

Network and Security Engineer

Responsibilities:

• Providing operational support to teh network primarily consisting of Cisco equipment protected by Check Point Firewall, Cisco PIX, Cisco ASA appliance and other appliances.
• Designed and implemented a redundant firewall architecture using Cisco Firewall Service Module (FWSM).
• Installing and maintaining Juniper SSL VPN’s, Cisco EasyVPN servers.
• Moved connections from Cisco 6500 to Nexus 7000 series
• Working on daily tickets to complete firewall, load balancer and route requests
• Completed Firewall code upgrade project for Checkpoint Firewalls - From R7 .20 - SPLAT & NOKIA IP 395's
• Support daily LAN, WAN, RAS, VPN and Wireless connectivity issues
• Planning, designing implementing and supporting Firewalls and VPNs over Cisco PIX, ASA and Checkpoint firewalls.
• Configuration and maintenance of VPN 3DES/SSL connectivity with vendors.
• Implementing changes to teh firewall rule base, network routing tables and ACLs.
• Working with Application management team in executing Network/Security Change Requests.
• Network design, optimization, troubleshooting and security monitoring using Wireless Control System (WCS).
• Configuration and implementation of Cisco Content Engines.
• Configuring CSS, CSM load balancers to enable load sharing and load balancing among web servers.
• Designing and Implementing Remote access VPN server using Checkpoint & Cisco ASA
• Working on Migrating CSS to Citrix Netscaler Load balancers
• Implemented teh use of VLANs (and VTP), HSRP and OSPF routing to optimize Layer 2 and Layer 3
• Performed maintenance of routing infrastructure and troubleshooting RIP and OSPF on teh network.
• Setting up a network wide management application mainly to provide network availability reports and network monitoring using tools like Sniffer, MRTG etc.

Environment: Cisco 6500, Cisco 3560, Checkpoint NGX, Cisco easy VPN, Cisco ASA5500’s, Juniper SA6500, F5 Load balancers.

Confidential, Miami, FL

Network Security Engineer

Responsibilities:

• Assist internal business units to build and maintain PCI certified systems and infrastructures.
• Configuring and troubleshooting site to site VPNs and SSL VPNs.
• Installing and maintaining Juniper SSL VPNs and Nortel Contivity to realize work from home solutions.
• Provided day to day support to existing Voice over IP solution consisting of Call manager 4.1 centralized cluster.
• Worked on multiple implementations of Cisco Call Manager Express and Unity Express.
• Solved/Engineered call routing, number translation, pickup groups, and call handler issues.
• Configuration and management of Alteon load balancers.
• Configuring Enclosure Alteon switches to support teh blades residing in teh enclosures.
• Designing and Configuring teh Nortel 8300 and 8600 switches with VRRP for redundancy in teh distribution level.
• Network design, optimization, troubleshooting, user tracking, and security monitoring using Wireless Control System (WCS).
• Managing Cisco 1300 series Wireless Access Points by Cisco wireless LAN controller.
• Configuring, Managing and troubleshooting Vlans and enabling IP routing in order to allow restricted connections from teh enterprise network
• Configured MLTs and SMLTs to provide network redundancy in teh event of failure as well as load sharing.
• Setting up and managing DNS, DHCP servers and IP provisioning (assign and manage IP addresses from specified address pools using Infoblox).
• Worked with Network Management tools like HPNAS, NETQOS, and NETMRI.
• Ticketing system (Remedy) and keeping teh customer up-to-date on problem resolution.

Environment: Nortel 8300/8600 routing switches, Cisco 6500, Cisco 3560, Checkpoint Firewalls, Juniper SRX240/ Srx650, Juniper Netscreen 5200/5400, McAfee sidewinder firewall, HP Blade enclosures, Nortel Contivity, Lantronix, Retina Scanners.

Confidential, CA

Network Engineer

Responsibilities:

• Managed and Designed Security and Network Implementations.
• Review, consolidate, optimize and translate firewall rules and configurations for high availability firewall clusters from a cisco PIX platform to Cisco ASA platform and Juniper Netscreen Firewalls
• Operational support of production security devices including firewalls and VPN appliances.
• Configured and Managed Check Point NGX (SPLAT, NOKIA) and Cisco (PIX, ASA 5500, and FWSM) Firewall technologies.
• Installing and Managing Cisco 1300 series Wireless Access Points by Cisco wireless LAN controller in a lab environment.
• Add, remove and configure network devices to accommodate changing LAN and WAN requirements, remove bottlenecks and maximize efficiency.
• Design and implementation of Network Security Policies.
• Planning, designing and implementing high availability solutions with checkpoint cluster XL.
• Configuration and maintenance of CSS and CSM for efficient load balancing.
• Planning and implementation of Check Point Nokia advanced features such as VRRP.
• Designed Configured and Utilized Various VPN Cisco Technologies.
• Troubleshooting Various Cisco Technologies including VPN's, Routers and Switches.
• Created manageable and Viable Networking infrastructures and address Policies.
• Involved in teh full implementation of Cisco IOS DHCP Server dat assigns and manages IP addresses from specified address pools within teh router to DHCP clients.
• Identify, troubleshoot, and resolve LAN/WAN network problems (ISDN, Frame Relay, NAT, DDR, DNS, DHCP, TCP/IP and a variety of hardware and other networking issues).
• Configuration and maintenance of Cisco routers and switches.

Environment: Cisco PIX 515E firewalls, Cisco 2500, RSA/ACE server v5.2, Cisco ASA 5500, Check Point, DNS and DHCP Server, VLANS.

Confidential

Network Engineer

Responsibilities:

• Responsible for configuration, testing, and maintenance of LAN/WAN equipment’s and related services
• Implemented teh use of VLANs, STP, HSRP and OSPF routing to optimize Layer 2 and Layer 3 performance.
• Configured Ether channels between core switches to enhance load balancing.
• Identify, troubleshoot, and resolve LAN/WAN network problems (ISDN, Frame Relay, DDR, DHCP, TCP/IP and a variety of hardware and other networking issues).
• Worked on network load balancers mainly F5, CSS and CSM.
• Migrated customers scattered across teh globe to single Checkpoint solution as part of consolidation.
• Handling day to day load balancing configuration tickets - creating rules, services, contents, installing s
• Maintain and manage NATs, ACLs, routers, and various network devices configurations
• Implementing IP Routing protocols BGP, EIGRP, OSPF, SSL, IPSec, MPLS, RIP1, RIP2 and other routed, routing Protocols.
• Create and maintain comprehensive documentation for all implemented networks (Using Visio Software to update client network diagrams).
• Perform hardware and software upgrades to network devices, including Cisco 6500, 3750, and 3560 switches, as well as 7200, 3800, and 2800 series routers.
• Configuring Cisco Wireless Network, switches and hubs in a LAN/WAN environment
• Providing advanced escalation support, including engaging supplier support
• Performance monitoring and tuning
• Fulfilling service requests for infrastructure services
• Participate in 24x7 on-call rotation

Environment: Cisco Catalyst Series Switches, Cisco Series Routers T1, DS3, OC-3, IGX, STP, VTP, OSPF, BGP, HSRP, DNS and DHCP server, firewalls, PIX and F5 load balancers.