We provide IT Staff Augmentation Services!

Senior Network Security Engineer Resume

4.00/5 (Submit Your Rating)

Alpharetta, GA

SUMMARY

  • 8.3 years of experience in Networking and Security Domain, including analyzing, designing, installing, maintaining and repairing hardware, software, peripherals and networks.
  • Working experience in configuration and deployment of CISCO Palo Alto PA7k, 5k, 4k, 3k and 2k series firewalls.
  • Experienced on troubleshoot, integrated and installation of CISCO ASA 5510, ASA 5512 - X, 5550 Firewall rules configuration Using Cisco security Manager Client (CSM) create, modify, delete, disable the rule based on the CRF.
  • Experience in install and support of Nexus 9k (9504 & 9300), Nexus 55 & 5283), Nexus 3k (3200) and 2308 series data center switches.
  • Experience with configuring and troubleshooting of Viptela SD-WAN devices on vManage, VManage, VBond, VSmart and Vedges required for SD-WAN implementation.
  • Installed, deployed and configured of CISCO 920, 2900, 3668, 3850, 4500, 7000, 9k’s, 12000 routers with OSPF, EIGRP, BGP, MP-8GP, MPLS-VPN, DMVPN environments.
  • Experienced in troubleshooting and installation of CISCO 2960, 2950, 3750, 4500, 4507, 6500 switches along with VLAN, VTP, STP, NTP, SYSLOG, SSH, AAA, HSRP switching concepts.
  • Deployed and Administered AWS Services CLI, EC2, VPC, S3, ELB Glacier, Route S3, Cloud trail, IAM and Trusted Advisor services & folders backups on Windows and Linux operating systems using Recovery Services Vault in AWS Resource Manager.
  • Worked on designing and developed network infrastructure with Silver Peak and calculate throughput, latency and drop rate and experience in Meraki wireless device concepts.
  • Experienced in design and deploy of F5 device to replace End of Support, End of Life legacy F5 appliances with engineering traffic management solutions and Single Sign-On (SSO) for SAML resources.

TECHNICAL SKILLS

CISCO Routers: 920, 2900, 3668, 3850, 4500, 7000, 9k’s, 12000, OSPF, EIGRP, BGP, MP-8GP, MPLS-VPN, DMVPN

CISCO Switches: 2960, 2950, 3750, 4500, 4507, 6500 Nexus 9000, 5000, 3000, 9504, 9300, 3200, 2308

Palo Alto Firewall: PA7k, 5k, 4k, 3k and 2k series firewalls, Configuration, Routing Configuration, App-ID, Content-ID, Decryption, User-ID, Site- to-Site VPN, HSRP

Cisco ASA Firewall: ASA 5510, ASA 5512-X, 5550 Firewall Rules Configuration Using Cisco security Manager Client (CSM) create, modify, delete, disable the rule based on the CRF

Cisco WSA (Proxy): URL Whitelisting, Monitoring the Web traffic. Updating of white listing and black listing domains, Patches and signature updates, Cisco SMA

Cisco ISE: Add/remove network devices from Tacacs server, Create username and assign roles (read, read/write)

Switching Concepts: VLAN, VTP, STP, NTP, SYSLOG, SSH, AAA, HSRP

PROFESSIONAL EXPERIENCE

Confidential, Alpharetta, GA

Senior Network Security Engineer

Responsibilities:

  • Experience on installed, configured, and troubleshoot the functionality queries for the source fire/firepower modules and Install, configure and maintain Cisco Palo Alto firewalls 7k, 6800, 5k (5505, 5512), 3k devices.
  • Working with deployed Cisco Palo Alto Firepower Services Delivers cultivating rapid threat detection and mitigation using Cisco Sourcefire IPS with AMP.
  • Work for implemented new Cisco Firepower IPS modules in Cisco Palo Alto, tied to a Firepower Management Center.
  • Provisioned ports in Cisco ACI to support SAN, VoIP, and hypervisors.
  • I have assisted in building cloudfare enablement in my team which is a global user access environment.
  • Experience on migrated internal Cisco ASA 5510 firewalls with ASA 5512-X firewalls with Firepower Services, included swapping out hardware as well as converting the configuration on the 5510 to the 5512-x, created Network Objects and service objects for 9.51 ASA code.
  • Experience with converting PIX rules over to the Cisco ASA solution and Backup and restore of Palo Alto and Cisco ASA Firewall policies.
  • Experience on dealing with office 365 including hosting Lync web Conferencing and assisting in installing office applications.
  • Performed installation and upgrades of office 365 Business as per the changes recommended by the network architect.
  • Configure Zscaler Security Policies to protect user and company devices based on security Policies Administration and Code upgrade on Existing Bluecoat SG200 SG300 SG 600 proxy appliance with Bluecoat (Proxy/Reverse Proxy),
  • Administer and use orchestration Suite Firemon/ Tufin / Algosec to manage configurations, Backups, check compliance on firewalls.
  • Maintained multi-vendor firewalls Palo alto 3k, 5k and 5k series firewalls, Checkpoint R77.30, R75, Cisco ASA 5540, 5585 firewalls with firepower
  • Experience on installing, upgrading, configuring, and troubleshooting cisco ASA Firewalls, Routers Switches and Bluecoat Packet Shaper.
  • Experience with include software upgrade, license activation, configuring/installing new CISCO router 7000, 12000, Nexus switch 9000, 5000, 3000, 9504, 9300, 3200, 2308 and maintaining network documentation.
  • Proficient with container systems like Docker and container orchestration like EC2 Container Service, Kubernetes
  • Strong working knowledge of Active Directory, DNS, DHCP, TCP/IP, VPN, VLAN, LAN/WAN, SDWAN, networking concepts.
  • Experience with AWS, VPC, NAT’s, networking on Cloud, Troubleshoot issues leveraging VPC flow logs and researchedSecurityincidents, alerts based on Splunk network Flow and Log Activity.
  • Experience with Bluecoat (Proxy/Reverse Proxy), Zscaler, Experience with Zscaler for Url Filtering
  • Working experience on implementation & Migration from traditional Network to Application Centric Infrastructure (ACI).
  • Implemented Contracts, Multi-tenants between Endpoint groups using SDWAN in ACI.
  • Experience for configure the ACI fabric from scratch and deploy high-level architecture.
  • Experience in working on performed ACI upgrading three times at different location having ACI environment.
  • With the cloudfare technology enabled password less to login into application
  • Extensive implementation ofCisco ASA 5500 series - 5505, 5510, 5512-XwithFirepowermodule. Palo Alto firewall policies, panorama, and Checkpoint firewallsNG, NGX
  • Working in configuring Viptela devices and creating device and feature templates on vManage required for SD-WAN implementation
  • Working on management and Administration on AWS Services CLI, EC2, VPC, S3, ELB Glacier, Route S3, Cloud trail, IAM and Trusted Advisor services
  • Experience in deployed and configured AWS Backups for Virtual Machines and files & folders backups on Windows and Linux operating systems using Recovery Services Vault in AWS Resource Manager.
  • Experience with performed migration of servers from On-Premises to AWS Cloud, servers from Classic to AWS Resource Manager.
  • Experience on developed a Silver Peak script, which will parse all trace files and calculate throughput, latency and drop rate.
  • Working with installed Splunk Common Information Model add-on is packaged with Splunk Enterprise Security, Splunk IT Service Intelligence and the Splunk App for PCI Compliance.
  • Experience in diagnose and troubleshoot Meraki wireless, R&S & other various network related issues reported by cisco Meraki customers.
  • Experience with Splunk Security Infrastructure and Event Management. (SIEM). Using Splunk for search and analysis of logs.
  • Installed and configured IBM Tivoli Network Storage Manager (TSM) client & Server backup and recovery solutions
  • Worked on configure and support as L2 and L3 for fix the hardware, software and network issues. If critical issues open PMR send the snapshots to IBM on the basis of severity and resolve issues
  • Experience in applied current licenses and performed software upgrades for Infoblox Switch Port Manager Onboarding and Certifying new F5 device to replace End of Support, End of Life legacy F5 appliances.
  • Testing with the help of various Cisco developed tools like Cisco CMX ( Cloud and On-prem), DNA, MSE, Cisco Prime, Radius servers like ACS, ISE, Cisco Unified Communications Manager for end to end wireless network management
  • Work with engineering traffic management solutions, including the design, low level engineering, and application load balancing solutions for client applications across the pre provisioned ADC infrastructure.
  • Deployment, Migrate form Cisco ASA/Pix to Cisco Firepower 2100/4100 with ASA logical system and FTD.
  • BuildWLANmonitoring site maps in the Cisco Prime Infrastructure system
  • Deployment of Cisco Firepower 4150 Firewalls as edge Firewalls. Devices with FTD code for next generation features. Setup Cisco Firepower Management Center to manage Firepower Next generation Features such as IPS, Application Control, Advance malware protection (AMP)
  • Working experience in configuration of VCMP in HA architecture and sync - failover group between two VCMP guests.

Confidential, Philadelphia, PA

Senior Data Center Network Engineer

Responsibilities:

  • Experienced in install, deploy and configure of CISCO Palo Alto 7k, 5k and 2k series firewalls using Panorama.
  • Worked on primary responsibility is to design and deploy various network security & High Availability products like Cisco Palo Alto other security products.
  • Working experience in troubleshooting, installing and supporting agencies site-to-site and remote Palo Alto VPN connections throughout the State of Texas.
  • Assist and train clients on how to useOffice365 features such as SharePoint, One Drive,and office365 portal.
  • Supported Blue Coat Proxy in explicit mode for users trying to access Internet from Corp Network.
  • Experienced in configuration ACLs in Cisco 5550 ASA firewall for Internet Access requests for servers, Protocol Handling, Object Grouping and NAT Control using Object NAT.
  • Worked on Creating Object Network, Object-group Network on Cisco ASA Firewall and Up-gradation of Cisco ASA Firewall to Latest versions.
  • Experienced in Create and Troubleshooting IPsec Site-to-Site Tunnel related issues using COSCO Palo Alto and ASA firewalls.
  • Experience in data center architect for future fabric protocol including Cisco ACI/APIC pilot
  • Administer a company'snetworkin general such asOffice365, exchange, outlook, printer server, email server, file server etc.
  • Provided (ODL) Open daylight, Dockers Swarm container support using LINUX and Heat Orchestration and controlling network flows for Automation update using Dockers, Ansible Playbooks Yang model and NETCONF devOps tools.
  • Implementations of Network and Devices for Network SDWAN environment.
  • Responsible for installing, configuring and supporting of IBM pSeries Servers of AIX 5.3, 6.1 and 7.1
  • Experience with security tools such as Splunk Security Infrastructure and Event Management. (SIEM). Using Splunk for search analysis, correlation of logs
  • Hands on Experience working on NextGen Firewalls & IPS such as Cisco Firepower and Palo Alto.
  • Conducted provisioning and Repair on Cisco Routers 920, 9k's and 2900, 3668, 3850, 4500, Nexus 2K, Nexus 3K, Nexus 5K, and Nexus 9K Switches.
  • Currently work with network engineering to build and support SDWAN.
  • Troubleshoot and researchedSecurityincidents, alerts based on Splunk Network Traffic Flow and Log Activity.
  • Implementation of Docker and various Docker orchestration tools docker-compose and docker-swarm and many other management tools.
  • Worked on ACI fabric (leaf, spine, APIC) configuration of port, Vlan, switch policies, profiles.
  • Experienced with configuration of Cisco ACI-APIC SDN based leaf and spine architecture.
  • Experienced in design deploys and implementation of ACI VMM domain to manage the virtualized workload environment.
  • Helped the team to configure deployment and troubleshoot of Viptela SD-WAN optimization.
  • Experienced in configured AWS VPN gateway and established Site-to-Site connectivity, Express Route with On Premise Networks and AWS.
  • Worked in cloud automation tasks and also provided help in Infrastructures as a code for the cloud team.
  • Configured Blue Coat Proxy, SG Web Application Reverse Proxy for securing
  • Working in designing and Implementing AWS Infrastructure environment according to the customer requirements.
  • Experienced in designing network infrastructure with Silver Peak for product test scenarios and customer lab setup over SDN switches.
  • Actively monitored and responded to activity impacting various enterprise endpoints facilitating network communication and data handling McAfee End Point Security, DLP, and Splunk.
  • Worked on Network connectivity and configuration troubleshooting CISCO LAN, WAN & Meraki-Wireless Issues.
  • Experience in configuring and maintaining F5 SSL VPN and network access and Single Sign-On (SSO) for SAML resources.
  • Experienced on Design and deployed F5 LTM and GTM load balancer infrastructure per business needs from the ground up approach.
  • Worked in Onboarding and Certifying new F5 device to replace End of Support. End of Life legacy F5 appliances.

Confidential, Seattle, WA

Senior Network Engineer

Responsibilities:

  • Experienced with installation, configuration and maintenance of Palo Alto PA 5k and 3k series Firewalls.
  • Configured Object Grouping, Protocol Handling and Code up gradation on Palo Alto Firewalls.
  • Configured EPG, update APIC, implement access and fabric policies in Cisco ACI environment.
  • Worked on configuration of ACLs in Cisco 5540 series ASA firewall for Internet Access requests for servers in LAN and DMZ and also for special user requests as authorized by management.
  • Experienced in Troubleshoot and hands on experience on security related issues on Cisco ASA/PIX, Palo Alto, IDS/IPS, Palo Alto and CISCO Net screen firewalls.
  • Deploy Azure IaaS VMs and Cloud services PaaS with high availability by designing availability sets, VMSS
  • Worked on Great exposure to SDN and Network virtualization technologies like Cisco ACI.
  • Responsible for administrative duties in Hosted Exchange environments,Office365 and Windows Active Directory environments.
  • Perform firewall administration adding, updating and troubleshooting as per requirement rules/policies on Juniper SRX, Palo Alto & Cisco ASA / Firepower Firewalls.
  • Working in Switch experience includes Cisco Catalyst switches: CISCO 3750, 4500, 6500 series switches and Cisco Nexus switches 7000 and 7700 series.
  • Configure, Manage, Analyze, and Optimize Network Performance, Traffic, SDWAN, VPNs, Security, Firewalls, & Policies.
  • Provide connectivity to On-premise devices to Azure VNET by using Azure VPN, Express Routes and Virtual Network peering
  • Have worked moving some VM servers from VMWare on premise to the Azure Cloud.
  • Analyze Checkpoint firewall and Splunk logs to perform rule usage analysis and identify unused rules
  • Experienced in Configured Routers for OSPF, EIGRP, BGP, MP-8GP, MPLS-VPN, DMVPN protocols.
  • Enterprise IT Security Management using tools such as Palo Alto firewall, IBM QRadar SIEM, Imperva WAF and DAF, Qualys Scanner, PixAlert Card Scanner, Cyber Ark, etc.
  • Worked on Network Deployment of MPLS Cloud - Designed, constructed, implemented, tested and launched various network nodes featuring 8GP, OSPF, MPLS and VLANS using
  • Working with QIP, Confidential and DNS with aGP, OSPF, EIGRP and MPLS experience help Build Data Centres.
  • Experience with Container Orchestration tools like Kubernetes
  • Installation, configuration, maintenance and administration of AIX on P5, P7 and P8 IBM servers
  • Experienced in configuration and maintenance of OSPF protocol which was the enterprise IGP. Configuration included deploying of new branch locations or new network devices in the existing infrastructure.
  • Experience in Spine Leaf Architecture, EVPN, VXLAN. Worked on software Defined Network solutions using Cisco ACI.
  • Configuration of Zones, Vsys, Virtual routers, Security and NAT policies, APP ID, USER ID with AD integration, URL filtering, SSL Decryption, Forward Proxy on Palo Alto Firewalls.
  • Experienced in using PER with Route Maps for route manipulation/filtering. Troubleshooting routing issues like suboptimal routing and asymmetric routing.
  • Worked on responsible team member to troubleshoot the problems from indoor 802.1 In Access Point Cisco AirNet 600, 1600, 2600 and 5500/2504 wireless controller series.
  • Experienced in Switching related tasks included implementing VLANs, VTP and configuring and maintaining multi VLAN environment and inter-VLAN routing on Fast-Ethernet channel.
  • Worked on conducted vulnerability assessments and generic security scans of both systems and networks to identify and mitigate security vulnerabilities using Nessus Vulnerability Scanner.
  • Experienced for service request tickets generated by the Service Now ticketing system in all phases such as troubleshooting, maintenance, upgrades, patches, fixes, and all around technical support.

Confidential, Voorhees, NJ

Network Engineer

Responsibilities:

  • Worked on Network Monitoring Tool like NNM Tool (Network Node Management), BMC Remedy and Dashboard.
  • Experience in designing cloud based networks on top of AZURE, AWS, and Alibaba frameworks
  • Experienced in Configuration and troubleshooting of Serial, Ethernet interfaces for LAN, WAN connectivity.
  • Create a Virtual Network on Windows Azure to connect all the servers.
  • Experience in designing cloud based networks on top of AZURE, AWS, and Alibaba frameworks
  • Experience on Cisco Routers Such as Cisco 2911, 7206 VXR, 3845, 3945, 1841, 3750G and Cisco 2821.
  • Worked on Experienced in Cisco Switches such as Cisco 2960, Cisco 2950, and Cisco 4507.
  • Experienced in Configuration and troubleshooting of VLAN, Ether channel, GRE Tunnel, IPSec Tunnel, IP SLA with PBR.
  • Proficient in using Solarwinds Network Management tools like Network Performance Monitor (NPM), Netflow Traffic Analyser, Network Configuration Manager (NCM) and Cisco Prime.
  • Experience of Configuration and troubleshooting for Routing Protocol such as EIGRP, OSPF and BGP.
  • Working experience in Troubleshooting on Lease lines such as MTNL, BSNL, Bhatia, Tata and Reliance.
  • Experienced in troubleshooting and diagnosing faults like High Bandwidth Utilization, Speed & Duplex setting, Slow Response,
  • Working experience in Link Down, LAN not reachable, CRC Errors, Packet drops, link flapping and Reliability issue in Link.
  • Develop SDWAN architecture based on Cisco iWAN involving BGP, DMVPN and PfRv3, demo Viptela
  • Experienced in Configuration and troubleshooting of Static Routing, Basic of ISDN, Nexus 7000 Switch.
  • Working experience of Access Control List (ACL) such as Standard, Extended & Route map.

We'd love your feedback!