Network Security Engineer Resume
Harrisburg, PA
PROFESSIONAL SUMMARY:
- Highly motivated CCNA, CCNP certified consultant with around 9+ years of experience in routing, switching, firewall technologies, systems design and troubleshooting.
- Exposure to LAN/WAN setup, Integration, configuration and troubleshooting. In - depth knowledge and experience in WAN technologies including T1, T3, ISDN, HDLC, Point to Point, ATM & Frame Relay.
- Good knowledge in ACL, NAT/ PAT, Ether Channel, IPSec and VPNs. Experience in Troubleshooting for connectivity and hardware problems on Cisco Networks.
- Hand-on experience with Arista(7304, 7150S, 7050S, 7048T), Cisco IOS, Application-ID firewall, Load-Balance(F5 and A10), and critical network services such as DNS & DHCP(Infoblox), AD, Radius, TACACS, SMTP .
- Experience in L2/L3 protocols like VLAN, STP, ISL, MPLS and Trunking protocols. Experience in set up, configuration and management of Cisco ASA Firewall in various domain such as Internet, DMZ, Business-Partner and Remote-Access VPN etc.
- Extensive knowledge with VLAN’s, Trunking, RSTP, SNMP, Ether Channels, HSRP, Port Security, ACL’s, QoS, Traffic Policing, Shaping, EIGRP, OSPF, NAT, PAT, Inspections, VPN’s, DHCP, Wireshark etc.
- Implemented features in an IVR system that invites and notifies users of the IPICS system of certain events and enables them to join the system using their phones. Wrote CTI modules such as Cisco Contact Center IVR scripts on Cisco UCCX.
- Designed Contact Center to support 10000 multimedia agents located geographically across multiple international locations with complex network IVR integrations.
- ØManaging IP contact center Enterprise including IVR/ICM components Installation and configuration of Verint servers for voice call recordings.
- Experience in configuring and Troubleshooting BIG-IP F5 load balancer LTM. Experience in Layer 2 Routing protocol configurations: ATM/FRAME RELAY,IP services such as QoS and VPN technologies: IPSec & SSL.
- Multiple data center migrations and transformation projects, with great expertise on Wireshark. Upgrade and Maintenance of Service router such as Cisco router.
- Experience in configuring and troubleshooting vPC.
- Use of Altiris, Service Desk, Exchange/AD, OWA, Symantec Endpoint Encryption, Single Sign On, McKesson, EPIC, Midas, Crystal Reports, etc., and EMR, HIPAA and other compliance.
- Symantec Endpoint Encryption as well as MSI client packaging.
- Managing global ouUse of Altiris, Service Desk, Exchange/AD, OWA, Symantec Endpoint Encryption, Single Sign On, McKesson, EPIC, Midas, Crystal Reports, etc., and EMR, HIPAA and other compliance.
- Symantec Endpoint Encryption as well as MSI client packaging.
- Managing global outsourced services SLA with external third party vendors on the systems and applications side such as SUN, Red Hat, HP-UX, Oracle Linux, HP-UX, Symantec (to name a few).
- Protocols in high availability environment. Experience with different Network Management Tools and Sniffers like SNMP, HP-Open view, and Cisco works to support 24 x 7 Network Operation Center.
- Experience in Cisco Routing, Switching and Security with strong Cisco hardware/software experiences with Cisco Routers such as 1900, 2900, 3900, Cisco ASR-1k/9k, Cisco Multilayer Switches 4500, 6500, Cisco Nexus 2k/5k/7k/9k and Juniper: M320, MX80, MX480, MX960 and EX4200, EX8200 switches.
- Experience in Physical cabling, IP addressing & subnetting with VLSM, configuring and supporting TCP/IP, DNS, installing and configuring proxies. Access Control Server configuration for RADIUS & TACACS+.
- Implementing, maintaining and troubleshooting switching tasks such as VLANs, VTP, VLAN Trunking using ISL and 802.1Q, STP, RSTP, PVST+, Etherchannel using LACP and PAGP, Inter-VLAN routing, CEF and DCEF.
- Supported enterprise environment including: Aruba controllers, Airwave and APs/Cisco wireless controllers and
- APs worldwide, remote Cisco router/switch, Cisco/Palo Alto security appliances Innovated with support of Palo Alto for remote and mobile users and for analyzing files for malware in a separate (cloud-based) process that does not impact stream processing.
- Configured Security Policies including NAT, PAT,
- AAA, ACL’s Standard Access Lists, Distribute-Lists, Route-Maps, VPN
- Concentrators, IPS/IDS, (PIX, ASA) firewalls Palo Alto & managing around 500+ Network &Security Devices that includes Cisco Routers & Switches, Nexus Switches, Juniper and Palo Alto Firewalls, F5 BigIP Load balancers, Blue Coat Proxies and Riverbed WAN Optimizers.
- Experienced on Firewalls Cisco ASA,Websence DLP, SonicWall, Palo Alto Networks, Sourcefire, Checkpoint, JuniperNetworks, Arista, Huawei, Peplink, and ADTRAN.
- Excellent knowledge on CISCO ISE and TACACS authentication servers with Palo Alto.
- Configuring & managing Network &Security Devices that includes Cisco Routers & Switches, Nexus Switches,Juniper and Palo Alto Firewalls, F5 BigIP Load balancers, Blue Coat Proxies and Riverbed WAN Optimizers.
- Expertise in implementation and troubleshooting of protocols such HSRP, VRR, GLBP, ACL.
- Extensive knowledge in different networking protocols DHCP, DNS, FTP, VOIP (SIP, H.323, MGCP). Knowledge of Terminal Server, Firewalls, Standard/ Extended ACL, Distribute-Lists. Extensive experience with Cisco IOS,Windows client/server operating systems, Linux, Networking technologies, Firewalls.
- Worked extensively on Palo Alto, Juniper Net screen and SRX Firewalls.
- Hand-on experience in developing scripts using Perl scripting language. Ability to Install, Manage & Troubleshoot Large Networks & Linux platforms in Development, Staging, Lab & Production Environments.
- Strong Experience in using various tools for management, analyzing, and troubleshooting, monitoring & process automation in Lab & Production environment.
- Highly valuable Project Management and Operations Planning skills. Demonstrated success record in:
- Managing multiple tasks with proven ability to meet deadlines and proactively identifying the problem to solve complex technical issues.
- In-depth knowledge of network communication technologies and techniques.
- Finely tuned analytical/critical thinking and debugging skills with excellent verbal and written communication skills.
- Highly enthusiastic, creative team player, project implementation, analytical, interpersonal and communication skills.
TECHNICAL SKILLS:
IP Routing: RIP, BGP, OSPF, IGRP, EIGRP, Static Routing, IP Addressing and Subnetting, VLSM, Network Infrastructure.
Communication Protocols: TCP/IP, UDP, DHCP, DNS, ICMP, SNMP, ARP, RARP, PPP, HDLC and ISDN.Worked on InfoBlox to change and creatin Secure DNS, DHCP and IPAM.
Redundancy Protocols: GLBP, HSRP, VRRP
Topologies: Frame Relay, ATM, Ethernet, Cable Modem, and Wireless.
Switch Technologies: VLANs, VTP, STP, DTP, MLPPP, MPLS, ISL and dot1q.
Network Hardware: Cisco switches (2960, 3550, 3560, 4500, 6509, and 6513), Cisco Nexus Swiches (2248, 2232, 5548, 5596, 7010, 7718), Cisco routers (1900, 2900, 3900, 7200, ASR-1k/9k), Cisco ASA 5500 series, CSU/DSU s, network cards, Modems and F5 Network Load Balancer.
Network Management Tools: MRTG, HP Openview, Cisco WAN manager, Cisco works 2000.
Security: NAT/PAT, Ingress & Egress Firewall Design, VPN Configuration, Internet Content Filtering, URL Filtering -Web-sense, SSL, IPSEC, IKE, Static, Dynamic, Reflexive ACL, and authentication AAA (TACACS+ & RADIUS).
Firewall: Cisco ASA, Check Point, Juniper SRX
Operating Systems: Windows, UNIX, Active Directory, Linux.
PROFESSIONAL EXPERIENCE:
Confidential, Harrisburg, PA
Network Security Engineer
Responsibilities:
- Configuring various advanced features (Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital s, Executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
- Working on ArubaWireless LAN Implementation for 11n Infrastructure across the Corporate Network.
- Monitor and analyze network threats through Palo Alto Panorama; run vulnerability assessment on machines with anomalous behavior, monitor firewall for incoming and outgoing threats.
- Responsible for conversion of IBM Tivoli monitoring situation to Solarwind monitoring template.
- Write VBScript codes to cater to customer monitoring requirement is Solarwind.
- Configure CIDR, IP, RIP, PPP, HDLC, BGPv4, EIGRP, MPLS and OSPF routing.
- Have a good experience working with the Trouble Tickets on F5 Load balancers on LTM module. Switch experience includes Cisco Catalyst switches: CISCO 3750, 4500, 6500 series switches.
- Configuration and maintenance of OSPF protocol which was the enterprise IGP.
- Configuration included deploying of new branch locations or new network devices in the existing infrastructure. Creating Stub Areas & configuring Summarization for effective Routing.
- The users will get authenticated via the RADIUSservers. Provide technical support for full setup, debugged the problems of OSPF, switching and HSRP. Implement and use SDM to configure Cisco IOS security features and network connection.
- Network Segmentation-application migrations for enterprise Private Data Firewall and data behind ASA 5585-Xs
- Created and testedCisco router and switching operations using OSPF routing protocol, ASA
- Firewalls for stable VPNs. Configured Object Grouping, Protocol Handling and Code up gradation on ASA Firewalls.
- Implementation and maintained intrusion detection/ prevention (IDS/IPS) system to protect enterprise network and sensitive corporate data.
- For Fine-tuning of TCP and UDP enabled IDS/IPS signatures in Firewall. Design, implement and provide second level support for hostload-balancingsolutions at SWA.
- Configuration the access-list rules, network object-service group based on well-known port the port i.e. FTP/SFTP, SSH, HTTPS/HTTPS (SSL) and etc. Regular upgrade and maintenance of Infrastructure, Installing, configuring, and maintaining Cisco Switches (2900, 3500, 7600, 3700 series, 6500 series) Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800) Cisco Router and Switches, Juniper Routers and Firewalls, Nexus 7k,5k & 2k, f5 BIG IP, Palo Alto Firewalls, BlueCoat Proxy and Riverbed Steelhead appliances.
- Supported enterprise environment including:Aruba controllers, Airwave and APs/Cisco wireless controllers and
- APs worldwide, remote Cisco router/switch, Cisco/Palo Alto security appliances Innovate with support of Palo Alto for remote and mobile users and for analyzing files for malware in a separate (cloud-based) process that does not impact stream processing.
- Configured Security Policies including NAT, PAT,AAA, ACL’s Standard Access Lists, Distribute-Lists, Route-Maps, VPN Concentrators, IPS/IDS, (PIX, ASA) firewalls Palo Alto.
- Excellent knowledge on CISCO ISE and TACACS authentication servers with Palo Alto.
- Configuring & managing Network & Security Devices that includes Cisco Routers & Switches, Nexus Switches,Juniper and Palo Alto Firewalls, F5 BigIP Load balancers, Blue Coat Proxies and Riverbed WAN Optimizers.
- Switching related tasks included implementing VLANs, VTP and configuring and maintaining multi VLAN environment and inter-VLAN routing on Fast-Ethernet channel.
- Worked with different vendors and implement Site-to-Site VPNs over the Internet. Negotiate VPN tunnels using IPSec encryption standards and also configured and implemented site-to-site VPN, Remote VPN. Working knowledge of the UNIX and CLI based command to implement the networking tools.
- Configure and monitor Firewall logging, DMZ’s and related security policies.
- Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches, fixes, and all around technical support.
- Configuration of ACLs in Cisco 5540 series ASA firewall for Internet Access requests for servers in LAN and DMZ and also for special user requests as authorized by management. Involve in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-Vlan routing, LAN security.
- Implementing, configuring and troubleshooting routing protocols such as OSPF (v3, v2), RIPv2, BGPv4, EIGRP, HSRP, GLBP and MPLS.
Confidential, Folsom, NJ
Sr. Network Engineer
Responsibilities:
- Experienced in Integration, configuration and maintenance of Cisco 7200, 3900, 2800, 2600, 2500 and 1800 series Router / Cisco Catalyst Cisco 6500 (sup 720), 4500 (SUP 6), 3750, 2950 series Switches.
- Configured of OSPF, BGP on Juniper Routers and SRX Firewalls. Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-Vlan routing, LAN security. Designed and implemented Cisco Nexus data center platform and worked closely with Cisco advance services and built Communication access zone for contact center services, management access zone for network management and monitoring tools, private wan access zone for remote site and elastic computing access zone. Plan Design and assist in deploying enterprise wide Network Security and High Availability Solutions for ASA. Maintained F5 load balancer and Cisco ACE.
- Conversions to BGP WAN routing, which converts WAN routing from OSPF to BGP (OSPF is used for local routing only) that involves new wan links.
- Worked with Cisco advance services to implement data center Nexus environment for new Upgraded the NX-OS in nexus 7018, 7010 and nexus 5548 and 5596.Consolidated multi-tiered environment into a pair of Nexus 7000 switches using VPC and VRF.
- Configuring & managing around 500+ Network &Security Devices that includes Cisco Routers & Switches, Nexus Switches, Juniper and Palo Alto Firewalls, F5 BigIP Load balancers, Blue Coat Proxies and Riverbed WAN Optimizers.
- Configured Security Policies including NAT, PAT,AAA, ACL’s Standard Access Lists, Distribute-Lists, Route-Maps, VPN Concentrators, IPS/IDS, (PIX, ASA) firewalls Palo Alto.
- Experienced on Firewalls Cisco ASA,Websence DLP, SonicWall, Palo Alto Networks, Sourcefire, Checkpoint, Juniper Networks, Arista, Huawei, Peplink, and ADTRAN.
- Excellent knowledge on CISCO ISE and TACACS authentication servers with Palo Alto.
- Configuration included VLANs & VTP, STP port features, Gateway redundancy using HSRP, enterprise security using Cisco Port Security and Dot1X framework.
- Hands-on experience with WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP/OSPF), and IP addressing.
- Create monitoring template using custom MIBs in Solarwind.
- Gather and document system functional requirement with respect to Solarwind.
- Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 5500(5510/5540) Series. Configuration and maintenance of OSPF protocol which was the enterprise IGP.
- Configuration included deploying of new branch locations or new network devices in the existing infrastructure. Creating Stub Areas & configuring Summarization for effective Routing.
- Worked on BGP configuration for providing redundant internet connectivity using BGP attributes, Route maps, prefix-lists etc.
- Designing and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
- Configured the Cisco router as IP Firewall and for NATting. Switching (Ethernet) related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches Configured and Maintained BGP features such as load balancing, Route Reflectors, BGP metrics such as maintaining the Enterprise IP Addressing scheme with allocation of new IP Pools for use subnets, and updating the port on the switches MED, AS Path, Local P, Communities.
- Configuring and managing Blue Coat Proxy Servers. Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX as per the design.
- Configured VLANs with 802.1q tagging.
- Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
- Conversions to BGP WAN routing, which converts WAN routing from OSPF to BGP (OSPF is used for local routing only) that involves new wan links.
- Worked on WAN connectivity between CISCO routers using T1, T3, Frame relay and troubleshooting connectivity issues. Worked with RadiusandTACACS+.
Confidential, Chicago, IL
Network Engineer
Responsibilities:
- Configured Routing protocols such as OSPF, BGP, static routing and policy based routing.
- Troubleshooting day-to-day switching issues with VTP and trunking protocols (like 802.1q and ISL) on catalyst 3560, 3750 and 4500 switches.
- Team member of Configuration ofCisco router with VPN and Configuration of Catalyst switches. Configuration and troubleshooting link state protocols like OSPF in single area and multiple areas.
- Redesign of Internet connectivity infrastructure for meeting bandwidth requirements.Optimized performance of the WANnetworkconsisting of Cisco 3550/4500/6500 switches by configuring VLANs. Resent projects:
- Arubaand Cisco Wireless deployed NAC Security at all company sites. Evaluated and negotiated our MPLS solution.
- Configure and Manage Cisco ASA, Palo alto Firewalls and VPNs. Responsible for 6500, 3500, Nexus switching, ASA, FWSM Firewalls, CSS and F5 load balancers.
- Riverbed WAN accelerators and Linux/Bind DNS servers.
- Backing up Cisco devices configuration for HQ and branch offices using Solarwind Cat tools. Plan Design and assist in deploying enterprise wide Network Security and High Availability Solutions for ASA.
- Corporation Lead for the deployment standardization of the corporate VPN using the Junos MAG.
- Analyze the existing SCADAnetworkand planned business needs and design and implement a reliable SecurityPoliciesto ensure network confidentiality, Integrity and Availability.
- Has a good experience working with the Trouble Tickets on F5 Load balancers on LTM module Configuring and troubleshooting various routing protocols like BGP, OSPF, and RIP and switching protocols like STP. Performance monitoring configuring through SolarWind server. Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers.
- Configured VLANs with 802.1q tagging.
- Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
- Providing Technical Support and solutions forNetwork Problems. Planned, tested and evaluated various equipments, systems, IOSs and procedures for use within the Network/ security infrastructure.
- Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst 6500 switches.
- Experience in designing, managing, and implementing complex IPCC and Cisco ICM/UC systems.
- Worked on Cisco Routers, Active /Passive Hubs, Switches, Juniper SRX firewall and VPN Concentrators TCP/IP.
- Switching technologies like VLAN, Inter-VLAN Routing, Ether-channel, VTP, MLS, HSRP and VRRP
Confidential
Network Engineer
Responsibilities:
- Hand on experience the configuration and implementation of various Cisco Routers and L2 Switches. Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, and BGP v4. Regular upgrade and maintenance of Infrastructure, Installing, configuring, and maintaining Cisco Switches (2900, 3500, 3700 series, 6500 series) Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800) Cisco Router and Switches, f5 BIG IP, Palo Alto Firewalls, Bluecoat Proxy and Riverbed Steelhead appliances.
- Extensive experience in configuring and implementing EIGRP, OSPF and BGP.
- Supported core network consisting of Cisco 3900 series routers running multi area OSPF Configuration of EIGRP and OSPF as interior gateway protocol with route filtering and route redistribution.
- Worked with JUNOSOS on JuniperRouters and Switches. Has an understanding of TCP/IP,NetBios, IPX/SPX, RIP, VLAN, IGRP, BGP, HSRP, OSPF, IGRP, RMON, EGRP, and BGP4.
- Configuring RIP, OSPF and Static routing on Juniper M and MX series Configuration of esoteric security applications for IT Security (AAA, SSL, PKI, RADIUS, TACACS+, EAP, EAP-Fast, PEAP, LEAP, CHAP, MS-CHAP) andmulti-factorauthentication.
- Worked on a broad range of topics such as routing and switching, dedicated voice access, planning and implementation, large-scale high-visibility outages, change management coordination, proactive monitoring and maintenance, disaster recovery exercises, and core network repairs.
- Responsible for service request tickets generated by the helpdesk such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.
- Troubleshooting complex issues with wireshark at source and destination which can’t be resolved by the basic troubleshooting like ARP, firewall logs, switch logs and tcpdump.
- Supporting EIGRP and BGP for problems of L2/L3 in internal teams & external customers. Providing daily network support for national wide area network consisting of MPLS, VPN and point-to point site.
- Perform technical audits of SCADAdevices and networks, and any other connected.
- Performed administrative support for RIP, OSPF routing protocol.
- Upgrading Used DHCP to automatically assign reusable IP addresses to DHCP clients.
- Configured and installed multi-protocol (IP, IPX) multi-interface.
- Cisco routers. Design, WAN link using PPP Multilink and by implementing Cisco WAAS. Configuring STP for switching loop prevention and VLANs for data and voice along with.
- Configuring port security for users connecting to the switches. Worked on commissioning and decommissioning of the MPLS circuits for various field offices.
Confidential
IP Technical Support
Responsibilities:
- Perform responsibilities of supporting the daily operations of the network, telecom and troubleshooting network issues.
- Resolved end-user technical issues: TCP/IP wired and wireless network connectivity, desktops, laptops, printers, servers, Windows operating systems and applications.
- Responsible for updating the IOS and configuring the new Router and Catalyst Switches. Designed and installed small Windows XP based LANs for business clients.
- Troubleshot and resolved many user issues.
- Performed network testing and base lining.
- Designed ACLs, VLANs, troubleshooting IP addressing issues and taking back up of the configurations on switches and routers.
- Provided testing for network connectivity before and after install/upgrade.
- Experience in Cisco switches and routers: Physical cabling, IP addressing, Wide Area Network configurations. Performed troubleshooting, while maintaining trouble ticket tracking, following internal/external. Responsible for creating and maintaining diagrams and documentation of network systems