SUMMARY:

• Working knowledge of Firewall, TACACS/RADIUS, ACL, IPSEC
• 7 years of practical experience in the IT field as a network engineer, with proficient hands-on experience in the areas of Routing, Switching and Troubleshooting
• Strong knowledge in configuring and troubleshooting routing protocols like RIP, OSPF, EIGRP and BGP
• Configuring Cisco switches 2960, 3560, 4500, 6500, 4900, 2900, 3750 series and Nexus 5000 and 7000 series
• Hands-on expertise with routers 2600, 2900, 3600, 3900, 7200 and 7600 series
• Implementation, working analysis, troubleshooting and documentation of LAN/WAN architecture with excellent work experience on IP series
• Knowledge and hands-on experience of BlueCoat.
• Basic knowledge of scripting like Perl and Python.
• Proficient with SIEM tools like QRadar and RSA Envision. Also, Nexpose and Critical Watch for vulnerability scanning.
• Working knowledge with Load Balancers F5 LTM like 3900, 6900 for various applications
• Knowledge of SNMP, MIBS, TRAPS and alarm correlation.
• Proficient with TCP/IP and relative OSI models
• Security policy configuration including NAT, PAT, VPN, Route-maps and Access Control Lists.
• Strong practical experience in IP addressing, Sub-netting, VLSM and ARP, proxy ARP and ping concepts
• Expertise in troubleshooting and configuring DNS, DHCP,TFTP,SSH, FTP and NFS
• Excellent hands-on experience in designing and implementing IP addressing that includes both IPV4 and IPV6
• Implementation of Access lists, route maps, and distribute lists.
• Hands-on experience with Juniper SRX firewalls.
• Hands-on experience on Checkpoints, ASA, Cisco PIX 501, 506E and 515E and Palo Alto firewalls. Working knowledge of Lucent Brick Firewalls.
• Knowledge of Nessus Security Tools.
• Strong fundamental knowledge in implementing Layer-2 level technologies including VLAN's, VTP, STP, RSTP and Trunking.
• Troubleshooting TDM, SONET and WDM devices.
• Technical support for improvement, up-gradation expansion of the network architecture
• Capable enough to work independently with minimal supervision and multitasking
• Equally capable of working as a team member or a team leader as per the situation and its demands
• Proven capabilities in learning and working with emerging new technologies

PROFESSIONAL EXPERIENCE

Confidential

Designation: Network Application Security Engineer

Roles Responsibilities:

• Working with Nexpose and Critical Watch tool and actively involved in Quarterly and Annual PCI scans and their remediation and making sure they are compliant.
• Working with SIEM tools like QRadar and RSA Envision to find security violation events and validate IDS findings to negate False Alarms.
• Closely working with the Network and Firewall team to resolve the client network issues.
• Python scripting to keep a check on the configuration changes for router as well as firewall for the client network.
• Processing of weekly Governance and Anti-virus reports checking on the DAT version for the complete client network entities workstations and servers
• Maintenance of Active Directory. Also, Investigate and Resolve account lock-out issues.
• Extensive use of Windows PowerShell and scripting knowledge.
• Experience with Hyena tool for keeping up-to-date with the inventory network devices, users and groups concerning the company network.
• Promptly resolving issues related to mal-functioning of applications to maintain customer needs.
• Actively involved in major projects of migration of OS for workstations and servers and optimization of resource availability for users in the network.
• Experience with Citrix XenApp and ensuring resource availability.
• Actively participating in Change Advisory Board CAB weekly meetings to be aware of the network changes.
• Updating project managers on the tickets Service requests and Work orders of the client through daily meetings and avoiding SLA violations on the tickets.

Confidential

Role: Network Security Engineer

Responsibilities:

• Develop IT roadmaps for security
• Collaborate with NW Engineering team and Design team to understand TE needs and thereon design Security Protocol for the client network
• Conduct expert level R A for corporate wide security
• Develop lab scenarios to act as test beds for testing custom security solutions designed
• Implement firewall changes
• Deploy VPN' s with other partner companies, IPsec, GRE
• AAA Administrations, TACACS
• Administering DNS Records
• Monitor Networks through SolarWinds and WireShark
• Work with Nessus Vulnerability scanner for patch and configuration auditing.
• Implementing CISCO IDS/IPS
• Setting MIBS and TRAP variables
• Designing and deploying internal and external security edges for the company: DMZ and Extranet based security
• Consistently monitor unusual changes to the traffic patterns and hence identify a threat and troubleshoot its removal
• Basic Fault and Inventory Management and documentation of network.
• Designing, implementing and administering Checkpoint Firewalls
• Working with Checkpoint NG for VPNs , ASA's Other Remote sites , Palo Alto's and some extent of Juniper Netscreen and SRX.
• Work with Cisco ISE for NAC
• Work with Lancope and FireEye for Cyber security
• Work with BlueCoat Proxy for WAN optimization and M86 for Web security
• Work with Symantec DLP for data leakage prevention
• Work with FlowMatrix for NBAD
• Mitigation of DDOS using DNS INFOBLOX
• Designing, deploying and managing F5 devices for an enterprise size data center
• Configuring Load Balancer viz. F5 LTM
• Document designs and configurations
• Perform preventative maintenance along with installation of hot fixes and version upgrades.
• F5 and DNS traffic Management
• Monitor resource usage and make required adjustments.

Confidential

Role: Network Design Engineer Security

Job Responsibilities:

• Determine and design network security standards
• Analyze risks and vulnerabilities of the network and propose solutions
• Creating database of past threats
• Documenting all policies and filters deployed on the network
• Performance monitoring via NPMs.
• Ensure compliance with global security team and keep standards maintained along with uniformity
• Design application security with help from F5 LTM engineers
• Participate in configuration and deployment of security infrastructure which are part of project solutions and provide the necessary documentation, support and maintenance.
• Configuring and monitoring different monitor modules F5 BIG-IP LTM
• Work with F5 based profiles, monitors, VIP's, pools, pool members
• Implementation of Cisco IDS/IPS
• Design application security on the FW's
• Web application scanning using Nessus tools.
• Scanning of servers and applications for vulnerability assessment.
• Work with BlueCoat Proxy for Web security.
• Monitor performances and deal with basic fault management and alarm correlations
• Creating GAP analysis by analyzing current security standards and required standards
• Managing the vulnerability enhancement program
• Served as security consultant for other client sites as well
• Audit the network
• Manage and document network security alerts and use them as a basis to foresee future threats
• Designing and implementing Checkpoint NG
• Administering Cisco PIX and Juniper firewalls SRX
• Work with Lancope for Internet security
• Work with Cisco ISE for network access control

Confidential

Role: Network Administrator

Roles Responsibilities:

• Provide and maintain strong, professional relationships with the clients and customers.
• Provide help in installing Internet, Security, Network, Wireless Network, Email client software, installation of Routers and basic computer troubleshooting.
• Logging of calls from customers onto a database and following escalation procedures to resolve problems or issues.
• Configured VLANs for Cityonline on Cisco 4849 series switches.
• Restricts access to network using ACL.
• Configured static and default routes.
• Configuring DHCP and DNS services.
• Maintenance of various network servers.
• Providing clients with basic PC and network technical support.
• Monitor performance and availability of the network on an ongoing basis.
• Networking: -- TCP/IP. -- Troubleshooting client network connectivity at client place -- DNS Troubleshooting. -- Remote Access - Virtual Private Network VPN .
• Network Security Implementation Support.
• Attending to queries of the client and resolving issues related to resetting passwords for Siebel application, Mainframe sessions, sap login, Active Directory and synchronizing their passwords.
• Provide assistance to the clients related to Siebel, Siebel Analytics application issues, UNIX password resets/unlocks, Giving pseudo Privileges, Providing LAN and Wan Support.
• Document customer case information in the Tivoli Service Desk.
• Interacting with the clients by creating tickets for the issue and dispatching to the correct queues for resolution.
• Interacting with second level support and providing them necessary details in order to resolve the issue through e-mail Lotus Notes.7 .
• Involved in the creation and closing of IMAC Add, Move, Change Requests tickets.