- Working knowledge of Firewall, TACACS/RADIUS, ACL, IPSEC
- 7 years of practical experience in the IT field as a network engineer, with proficient hands-on experience in the areas of Routing, Switching and Troubleshooting
- Strong knowledge in configuring and troubleshooting routing protocols like RIP, OSPF, EIGRP and BGP
- Configuring Cisco switches 2960, 3560, 4500, 6500, 4900, 2900, 3750 series and Nexus 5000 and 7000 series
- Hands-on expertise with routers 2600, 2900, 3600, 3900, 7200 and 7600 series
- Implementation, working analysis, troubleshooting and documentation of LAN/WAN architecture with excellent work experience on IP series
- Knowledge and hands-on experience of BlueCoat.
- Basic knowledge of scripting like Perl and Python.
- Proficient with SIEM tools like QRadar and RSA Envision. Also, Nexpose and Critical Watch for vulnerability scanning.
- Working knowledge with Load Balancers F5 LTM like 3900, 6900 for various applications
- Knowledge of SNMP, MIBS, TRAPS and alarm correlation.
- Proficient with TCP/IP and relative OSI models
- Security policy configuration including NAT, PAT, VPN, Route-maps and Access Control Lists.
- Strong practical experience in IP addressing, Sub-netting, VLSM and ARP, proxy ARP and ping concepts
- Expertise in troubleshooting and configuring DNS, DHCP,TFTP,SSH, FTP and NFS
- Excellent hands-on experience in designing and implementing IP addressing that includes both IPV4 and IPV6
- Implementation of Access lists, route maps, and distribute lists.
- Hands-on experience with Juniper SRX firewalls.
- Hands-on experience on Checkpoints, ASA, Cisco PIX 501, 506E and 515E and Palo Alto firewalls. Working knowledge of Lucent Brick Firewalls.
- Knowledge of Nessus Security Tools.
- Strong fundamental knowledge in implementing Layer-2 level technologies including VLAN's, VTP, STP, RSTP and Trunking.
- Troubleshooting TDM, SONET and WDM devices.
- Technical support for improvement, up-gradation expansion of the network architecture
- Capable enough to work independently with minimal supervision and multitasking
- Equally capable of working as a team member or a team leader as per the situation and its demands
- Proven capabilities in learning and working with emerging new technologies
Designation: Network Application Security Engineer
- Working with Nexpose and Critical Watch tool and actively involved in Quarterly and Annual PCI scans and their remediation and making sure they are compliant.
- Working with SIEM tools like QRadar and RSA Envision to find security violation events and validate IDS findings to negate False Alarms.
- Closely working with the Network and Firewall team to resolve the client network issues.
- Python scripting to keep a check on the configuration changes for router as well as firewall for the client network.
- Processing of weekly Governance and Anti-virus reports checking on the DAT version for the complete client network entities workstations and servers
- Maintenance of Active Directory. Also, Investigate and Resolve account lock-out issues.
- Extensive use of Windows PowerShell and scripting knowledge.
- Experience with Hyena tool for keeping up-to-date with the inventory network devices, users and groups concerning the company network.
- Promptly resolving issues related to mal-functioning of applications to maintain customer needs.
- Actively involved in major projects of migration of OS for workstations and servers and optimization of resource availability for users in the network.
- Experience with Citrix XenApp and ensuring resource availability.
- Actively participating in Change Advisory Board CAB weekly meetings to be aware of the network changes.
- Updating project managers on the tickets Service requests and Work orders of the client through daily meetings and avoiding SLA violations on the tickets.
Role: Network Security Engineer
- Develop IT roadmaps for security
- Collaborate with NW Engineering team and Design team to understand TE needs and thereon design Security Protocol for the client network
- Conduct expert level R A for corporate wide security
- Develop lab scenarios to act as test beds for testing custom security solutions designed
- Implement firewall changes
- Deploy VPN' s with other partner companies, IPsec, GRE
- AAA Administrations, TACACS
- Administering DNS Records
- Monitor Networks through SolarWinds and WireShark
- Work with Nessus Vulnerability scanner for patch and configuration auditing.
- Implementing CISCO IDS/IPS
- Setting MIBS and TRAP variables
- Designing and deploying internal and external security edges for the company: DMZ and Extranet based security
- Consistently monitor unusual changes to the traffic patterns and hence identify a threat and troubleshoot its removal
- Basic Fault and Inventory Management and documentation of network.
- Designing, implementing and administering Checkpoint Firewalls
- Working with Checkpoint NG for VPNs , ASA's Other Remote sites , Palo Alto's and some extent of Juniper Netscreen and SRX.
- Work with Cisco ISE for NAC
- Work with Lancope and FireEye for Cyber security
- Work with BlueCoat Proxy for WAN optimization and M86 for Web security
- Work with Symantec DLP for data leakage prevention
- Work with FlowMatrix for NBAD
- Mitigation of DDOS using DNS INFOBLOX
- Designing, deploying and managing F5 devices for an enterprise size data center
- Configuring Load Balancer viz. F5 LTM
- Document designs and configurations
- Perform preventative maintenance along with installation of hot fixes and version upgrades.
- F5 and DNS traffic Management
- Monitor resource usage and make required adjustments.
Role: Network Design Engineer Security
- Determine and design network security standards
- Analyze risks and vulnerabilities of the network and propose solutions
- Creating database of past threats
- Documenting all policies and filters deployed on the network
- Performance monitoring via NPMs.
- Ensure compliance with global security team and keep standards maintained along with uniformity
- Design application security with help from F5 LTM engineers
- Participate in configuration and deployment of security infrastructure which are part of project solutions and provide the necessary documentation, support and maintenance.
- Configuring and monitoring different monitor modules F5 BIG-IP LTM
- Work with F5 based profiles, monitors, VIP's, pools, pool members
- Implementation of Cisco IDS/IPS
- Design application security on the FW's
- Web application scanning using Nessus tools.
- Scanning of servers and applications for vulnerability assessment.
- Work with BlueCoat Proxy for Web security.
- Monitor performances and deal with basic fault management and alarm correlations
- Creating GAP analysis by analyzing current security standards and required standards
- Managing the vulnerability enhancement program
- Served as security consultant for other client sites as well
- Audit the network
- Manage and document network security alerts and use them as a basis to foresee future threats
- Designing and implementing Checkpoint NG
- Administering Cisco PIX and Juniper firewalls SRX
- Work with Lancope for Internet security
- Work with Cisco ISE for network access control
Role: Network Administrator
- Provide and maintain strong, professional relationships with the clients and customers.
- Provide help in installing Internet, Security, Network, Wireless Network, Email client software, installation of Routers and basic computer troubleshooting.
- Logging of calls from customers onto a database and following escalation procedures to resolve problems or issues.
- Configured VLANs for Cityonline on Cisco 4849 series switches.
- Restricts access to network using ACL.
- Configured static and default routes.
- Configuring DHCP and DNS services.
- Maintenance of various network servers.
- Providing clients with basic PC and network technical support.
- Monitor performance and availability of the network on an ongoing basis.
- Networking: -- TCP/IP. -- Troubleshooting client network connectivity at client place -- DNS Troubleshooting. -- Remote Access - Virtual Private Network VPN .
- Network Security Implementation Support.
- Attending to queries of the client and resolving issues related to resetting passwords for Siebel application, Mainframe sessions, sap login, Active Directory and synchronizing their passwords.
- Provide assistance to the clients related to Siebel, Siebel Analytics application issues, UNIX password resets/unlocks, Giving pseudo Privileges, Providing LAN and Wan Support.
- Document customer case information in the Tivoli Service Desk.
- Interacting with the clients by creating tickets for the issue and dispatching to the correct queues for resolution.
- Interacting with second level support and providing them necessary details in order to resolve the issue through e-mail Lotus Notes.7 .
- Involved in the creation and closing of IMAC Add, Move, Change Requests tickets.