PROFESSIONAL SUMMARY:

• Highly motivated, result oriented Engineer with more than 7 years of experience in Network & Security Implementation
• Proficient in installing, upgrading, troubleshooting, configuring, and supporting variety of Network & Security Devices
• Hands on experience in Implementation, Troubleshooting &configuring Cisco ASA 5500 Series
• Worked on S2S VPNs Implementations
• Providing support for Checkpoint R77 with GAiA and SPLAT
• Proficient at establishing User Tunnels in VPN Routers
• Implementing network security protocols, installing and supporting backup strategies, and planning/executing disaster recovery solutions
• Worked remotely on network design & implementation for client’s sites
• Excellent troubleshooting skills; tenaciously committed to the thorough resolution of technical issues
• Troubleshooting for Palo Alto Firewall.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools
• Palo Alto, Imperva Web App Firewall support and deployment.
• Exceptional ability to grasp and master new technologies quickly and easily
• Strong communicator; able to interact effectively and positively with individuals of all technical abilities; An Out - of-the-Box Thinker, Believe in Team Work & Team Spirit, Decision Maker, Proactive, Customer Focused & Good Documentation / Presentation Skills
• Advanced knowledge, design, installation, configuration, maintenance and administration of CheckPoint Firewall R55 up to R77 version, Secure Platform Installation, VPN
• Knowledge of Intrusion Detection, DMZ, encryption, IPsec, proxy services
• Real-time experience in designing and assisting in deploying enterprise wide Network SSL Security and High Availability Solutions for ASA
• Platforms with TCP/IP, LAN switching, Spanning-Tree and various Cisco IP routing protocols RIP, BGP, EIGRP and OSPF.
• IP route redistribution; static routing configuration for network connectivity.
• Configuring, Administering and troubleshooting the Checkpoint and ASA firewall.
• Responsible for implementing Data Center Security best practice, audit and compliance requirements.
• Responsible for managing Network & Security Engineering implementation that architect, design, builds, manages and supports Network and Security Infrastructure and Data Centers.
• Configured Cisco ASA and Checkpoint firewall layers to secure the infrastructure for the Data Center.
• Configured and managing site-to-site VPN tunnel in Cisco ASA Firewall.
• Configured and managing Remote Access VPN on Cisco ASA Firewall.
• Worked extensively on firewalls and VPN gateways Checkpoint, CISCO, Juniper, Fortigate GUI and Shell

TECHNICAL SKILLS:

Firewall: Checkpoint R65/R70/R75/R77/Provider-1 firewall, Cisco ASA, Palo Alto Firewall, Juniper SRX, NetScreen, Junos

Routers: Cisco 2600, 3600, 4400, 7200 Series

Switches: Cisco 2900/3500/6500 Catalyst Series, Cisco 2000/7000 Nexus Series

Protocols: TCP/IP, UDP, DHCP, DNS, BGP, OSPF, EIGRP, RIP, VTP, ARP, VLAN, NAT, DNS, FTP, LAN/WAN

Operating Systems: Windows XP/7/8, Linux

PROFESSIONAL EXPERIENCE:

Confidential, MA

Network Security Analyst

Responsibilities:

• Worked extensively on checkpoint R77on GAiA and SPLAT, Cisco ASA, Palo Alto
• Successfully installed Palo Alto PA-3060 firewall to protects data center and provides L3 support for routers/switches/firewall.
• Configured Failover between Cisco ASA Firewalls.
• Handled more than 500+ security devices and upgrades
• Configuration and Administration of Palo Alto PA-2050 Firewall and PA-500
• Palo Alto design and installation which includes Application and URL filtering Threat Prevention and Data Filtering.
• Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design
• Hands On experience in push Policy from Panorama to Firewall in Palo Alto.
• Worked extensively on addressing the audit issues and mitigating the failed controls
• Worked for firewall rule analysis and firewall rules cleanup
• Experience on ASA firewall upgrades to 9.x
• Firewall migration to Cisco ASA to Checkpoint
• Collapsing the existing firewall rules and fine tuning the firewall policies for better performance
• Worked extensively on firewalls and VPN gateways Checkpoint, CISCO ASA and Palo Alto.
• Implemented and troubleshooting the Virtual firewalls (Contexts) solutions in ASA
• Configuring & Administration of the Checkpoint Firewall that includes creating Hosts, Nodes, Networks, Static & Hide NAT’s.
• Implementing Access maps & VLAN Access Lists (VACLs)
• Taking backups of all network devices configurations on Weekly & Monthly basis
• Monitoring the Links with CLI Manager
• Assessing the usage of bandwidth with the help of graphs & forwarding the periodical reports
• Knowledge about wild fire feature of Palo Alto.
• Configured Policies on both firewall Cisco ASA firewall and Palo Alto.
• Design and configuring of OSPF, BGP on Juniper Routers (MX960, MX480) and SRX Firewalls(SRX240, SRX550).
• Worked on Cisco ASDM for configuring VPN on Cisco ASA Firewall
• Implemented the redundancy for ACS servers by replicating the database between primary & secondary servers.
• Audit firewall logs on a regular basis and investigate any suspicious activities. Used Bluecoat Proxy SG Appliances to effectively secure Web communications and accelerate delivery of business applications.
• Adding Websites to blocked list on the bluecoat proxies based upon business requirements.
• Deploying Cisco WSA and Bluecoat ProxySG (Web Security Appliance) S170 for URL Filtering Policies.
• Proficient in design, implementation, management and troubleshooting of Check Point firewalls, Cisco PIX, NetScreen Firewalls, Check Point Provider-1 / VSX, Nokia VPN, Palo Alto IDS, Foundry / F5 Load Balancers, and Blue Coat PacketShaper systems.
• Good Understanding of fundamental network security products and protocol operation

Confidential, Framingham, MA

Firewall Administrator

Responsibilities:

• Responsible for installation, troubleshooting of firewalls (Cisco firewalls, Checkpoint R70 firewalls) and related software, and LAN/WAN protocols
• Troubleshooting the VPN tunnels by analyzing the debug logs and packet captures
• Configuring failover for redundancy purposes for the security devices
• Implemented the stateful & serial failover for ASA firewalls
• Checkpoint Clustering and load balancing features
• Planning, designing and implementing a secure ODC Network setup for projects
• Responsible for implementing Data Center Security best practice, audit and compliance (PCI/SOX/DOD) requirements
• Automation of security operations and optimizing the usage of infrastructure
• Involved in migrating various versions of checkpoint to Provider -1 environment for around 40 Enforcement Modules
• Day to day activity includes Change Implementation on firewalls, log analysis and troubleshooting of network access issues
• Deploying IDS/IPS in Promiscuous mode and inline mode as per the requirement and monitoring the network traffic & customizing the signatures
• In-depth knowledge and hands-on experience on IP Addressing, Subnetting, VLSM and ARP, reverse & proxy ARP and Ping Concepts
• Design and implement campus switch network with Cisco Layer 3 switches (3750, 4500, 6500 & Nexus 7000, 5000,2000 series) in multi VLANs environment and inter-VLAN routing, HSRP, 802.1q trunk, ether channel.
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
• Maintain and troubleshoot switch applications and Network connectivity including DNS, DHCP, LAN and TCP/IP issues.
• Advanced Knowledge in IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols.
• TCP/IP networking and troubleshooting, protocol analysis
• Data center network design and operations
• Thorough understanding of VPN technologies like IPSec, GRE tunneling, MPLS for remote access security
• Designed and Implemented Overlay Network Management Network to manage all our Production Devices with Syslog, Cisco Secure ACS, TACACS+ and Solarwinds NPM.
• Setup of internal routing protocol EIGRP
• Creation of rule base to support site to site VPN.

Confidential, Arlington, TX

Network Administrator

Responsibilities:

• Responsible for managing Network & Security Engineering implementation
• Configured redundant interfaces, DHCP server, DHCP relay, ntp settings, and sub interfaces on firewalls
• Implementing firewall Authentication, Accounting & Authorization
• Maintain the periodical software update on security devices
• Testing the new features/Product in the lab and preparing the reports
• Maintain the security standards across the security devices as per the security policies
• IDS/IPS Signature updates and CSM Management
• Implementing Brand new Cisco ASA Firewalls with updated Security Policies
• Implementing VPN Routers and creating Site-2-Site and Client-2-Site VPN Tunnels
• Providing support for Checkpoint Firewalls
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution
• Firewall OS Management
• Work on Checkpoint Platform including Provider Smart Domain Manager. Worked on configuring, managing and supporting Checkpoint Gateways
• Worked with network services like DNS, DHCP, DNS, IP4, IP6, IPSec, VPN
• Regularly performed firewall audits around Checkpoint Firewall-1 solutions for customers
• Managed Checkpoint Firewalls from the command line (cpconfig and Sysconfig)

Confidential

Network Technician

Responsibilities:

• Creating Private VLANs & preventing VLAN hopping attacks & mitigating spoofing with snooping & IP source guard
• Configured VLANs with HSRP on Cisco 6506 Switches
• Creating and modifying rules, Diagnose and resolve LAN/WAN problems
• Ensure LAN/WAN environment is secure and appropriate recovery and redundancy issues are addressed
• Configuring Cisco 1841, 2821, 2851, 3745 Routers, Cisco 3560, 3750 Switches
• Log Management and audit Co-ordination for Network security equipment
• Responsible for Configuring of firewalls, routers & switches to meet business needs
• Monitoring and troubleshooting traffic through SmartView Tracker