SUMMARY:

• Checkpoint and Cisco Network Administrator and Firewall Specialist with over 9 years total IT experience specializing in network support and security. Provided remote and onsite day - to-day firewall/VPN support for customer environments including Cisco PIX/ASA, Juniper Netscreen, Palo Alto and Checkpoint.
• Experience in Checkpoint firewalls, Palo Alto Firewalls, Juniper Firewalls, Cisco WSA/CWS, Cisco ASA, SSL VPN, Cisco Nexus, Cisco ACS, Cisco ISE, IPS, and Microsoft TMG.
• Knowledge and experience of TCP/IP architecture, TCP/IP protocol suites and dynamic routing protocols including RIP, IGRP/EIGRP, OSPF, and BGP (eBGP / iBGP )
• Thorough knowledge of Windows Server 2003; 2008; Windows NT; TCP/IP.
• Capabilities include an extremely broad knowledge base and familiarity with firewalls, VPN, IDS, and IPS. In-depth knowledge of TCP/IP, high availability, load balancing, and remote management complements outstanding relationship management, analysis, and problem resolution skills as well as outstanding organizational, multitasking, and team building skills at all levels. planning, design, implementing & troubleshooting complex networks & advanced technologies.
• Advanced knowledge, design, installation, configuration, maintenance and administration of Palo Alto Firewalls, Checkpoint Firewall R55 up to R75 version, VPN.
• Advanced knowledge in Design, Installation & configuration of Palo Alto & Checkpoint Environment.
• In-depth knowledge and hands-on experience in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX SSL Security.
• Advanced knowledge in Cisco ASA 5000 series and PIX installation, configuration and maintenance.
• Advanced knowledge in Cisco Switches and Routers Configurations TCP/IP suite and routing protocols, such as OSPF, BGP, & EIGRP.
• Advanced Knowledge in IPSEC VPN design connection & protocols, IPSEC tunnel configuration, encryption and integrity protocols.
• Advanced knowledge in web security devices or proxy - Cisco WSA/CWS and Bluecoat.
• Extensive experience in Configuration and deployment of network security devices, including firewalls, Intrusion, Detection Systems, VPN, Identity Gateways.
• Advanced knowledge in IPS and IDS tools such as Cisco and ISS Site protector.
• Process elaboration, flowchart and network topology and several documentations.
• Good Knowledge about Palo-alto & juniper firewall technologies

TECHNICAL SKILLS:

Routers: Cisco 7609, 2600, 2800, 3800, 3640, Cisco 3745, 7200 Series.

Switches: Cisco 3500, 5000, 6500 Catalyst Series Cisco 7000, 2000 Nexus Series

Firewalls: Palo Alto PA-500, PA-2k, PA-3k, PA-5k & PA-7050, Checkpoint R65/R70/R75/R76/R77

Load Balancer: F5-Big-Ip, LTM, Ax10.

Routing Protocols: BGP, OSPF, EIGRP, VRRP, HSRP, GLBP, and RIP.

Switching Protocols: STP, RSTP, PVSTP, VTP, ARP, and VLAN.

IP Services: DHCP, NAT, VLAN, DNS, FTP, TFTP, LAN/WAN.

WAN Technologies: ATM, ISDN, PPP, MPLS, ATT, 802.11, 802.11a, 802.11b, APLUS.

Network Technologies: IPsec, GRE, NAT/PAT, ACL, IPv4, IPv6.

Operating System:: Windows XP, Vista, Windows 7, UNIX, SPLAT (Secure Platform), Linux

PROFESSIONAL EXPERIENCE:

Confidential, New York NY

Firewall Engineer

Responsibilities:

• Configuration and Maintenance of ASA, ASA 5540, ASA 5520, ASA 5510, PIX 535, FWSM Firewalls.
• Installation of Cisco ASA 5500 series firewalls, Cisco 3500, 4500, 6500 series switches.
• Installation and administration of Checkpoint R 75.40 Firewall.
• VLAN and Port channel configurations on Cisco 4500 and 6500 series switches
• OSPF configuration
• Firewall Log monitoring using RSA Envision and Q RADAR
• Site to site VPN implementation on ASA Firewalls
• SSL VPN configuration on F5 Firepass 4300
• ASA software upgrade on Failover setup.
• PIX to ASA Migration.
• Installation and administration of Cisco 2800,3800,7200 series Routers
• Best practice implemented on Cisco Routers and Switches.
• Fine tuning of Firewall policies based on Information security policy.
• Network documentation using Microsoft Visio 2007.
• Network sniffing using Wiresharc.
• Building, configuring, maintaining, troubleshooting firewalls. Develop & implement the company’s security policies, rules implementation. Coordinate lab testing of new software to ensure stable implementation.
• Planned, installed, monitored and was the single point of contact for all intrusion detection for client systems. Monitored and maintained client firewall, intrusion detection systems and VPN systems including (Checkpoint FW-1/VPN-1/Cisco PIX/SecureVPN /SecureIDS).
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Provide Information Security Risk Assessment and consulting for internal projects.
• Coordinate with network operations center for change notifications, alerts & escalation of security incidents.
• Provide support to help desk for complex/major network problems. Build the rules for the application access across the IPSEC VPN tunnel.
• Configure IPSEC VPN tunnels between Checkpoint and other non-Checkpoint endpoint devices using IKE pre-shared keys, 3DES and MD5.
• Perform daily network operations, on-call, and other duties and tasks as required.
• Perform network security, administration, analysis, and problem resolution for networks, including NT 4.0, Windows 2000, UNIX (Solaris & BSD), CISCO, TCP/IP, and Checkpoint firewalls.
• Implemented enterprise wide network infrastructure and ecommerce support solutions including, network intrusion detection, encryption and monitoring.
• Performed business migration planning including location change, platform introduction and integration

Confidential, Chicago IL

Sr. Firewall Engineer

Responsibilities:

• Network security monitoring: analysis & identification of incident activities & system log files.
• Review Firewall release for any possible non-compliance or vulnerability.
• Assist with development of security policies, standards and procedures.
• Configuration and maintenance of Checkpoint NGX R65.
• Configuration and maintenance of Juniper Net Screen SSG -550.
• Implementing and Troubleshooting of VLAN.
• Implementing & Administration of Zoning Architecture project (Imp of various zone like Server, Intra & Internet Zone)
• Configuring routing protocols OSPF, EIGRP, RIP, MPBGP, LDP and BGPV4.
• Troubleshoot traffic passing managed firewalls via logs and packet captures
• Deployed 7613 as PE and CE router and Configured and troubleshoot the Edge Routers.
• Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems.
• Worked on Cisco ACS 5.2.0.26.5 for creating new VPN accounts.
• Troubleshoot and hands on experience on security related issues on Cisco ASA/PIX, Checkpoint, IDS/IPS, Palo Alto and Juniper Net screen firewalls.
• Experience on Check Point Firewalls NG, NGX, NGX R65, R70, R75.
• Created multiple policies and pushed them in to Checkpoint Firewall (Gateways) and the Checkpoint Management Server with SPLAT operating system.

Confidential, Andover MA

Firewall Admin

Responsibilities:

• Converted Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500.
• Experience in migration of VLANS.
• Expertise in implementing L2 technologies including VLAN's, VTP, STP, RSTP and Trunking.
• Configuring and Troubleshooting Route Redistribution between static, RIP, EIGRP OSPF & BGP protocols.
• Configured Security policies including NAT, PAT, VPN's and Access Control Lists.
• Configuring IPSec VPN on Cisco Firewall.
• Maintained, upgraded, configured, installed Cisco ASA 5510, 5520, & 5505 Firewalls from the CLI & ASDM.
• Managed network IP access via Dynamic Host Configuration Protocol (DHCP).
• Managed network security processes using ASA firewalls.
• Prepared technical documentation of configurations, processes, procedures, systems and locations.
• Redistribution of routing protocols and Frame-Relay configuration.
• Researched and implemented upgrade process to support Cisco VPN solution.
• Researched, designed, tested and implemented Cisco's VPN solution for remote clients.
• Responsible for designing and implementation for customer network infrastructure.
• Upgrade Cisco Routers and Switches IOS using TFTP.

Confidential, NYC NY

Network Administrator

Responsibilities:

• Monitoring, Maintenance and Troubleshooting of core as well as customer’s IP Network.
• Provide phone support directly to customers experiencing network performance issues.
• Provide configuration support of customer devices when necessary, and follow the documented change control procedures
• Analyze and interpret existing LAN/WAN infrastructures: provide information, advice or instructions and assist in problem resolution
• Coordinate problem-solving efforts between customers, NOC personnel, 3rd party vendors, partners, and field service personnel.
• Work with telecommunication carriers to resolve chronic network issues
• Escalate product issues to product vendors and implement proposed solutions
• Determine when a hardware-related problem requires on-site field service dispatch
• Maintain contact with field support engineers to ensure that repair procedures are followed and updates customer with status of field repairs.
• Provide timely and accurate updates in the trouble ticket database
• Research documents and investigate potential recurring technical issues.
• Troubleshooting Network related Alert/Alarms and checking the status via EMC Smarts Tool.
• Maintenance and Troubleshooting of the network & Network devices like Routers and Switches.
• Assisting Technical Support team in Troubleshooting Network Device.

Confidential

Computer Technician

Responsibilities:

• Installation of Operating Systems Win98, Win XP, Win NT, Win 2000, Win 2003 etc
• Install and maintain Hardware, Operating System
• Monitor Routers and Internet Connectivity
• Implement network monitoring tool for monitoring servers, routers other network resources
• Adding and deleting users and granting user level
• Resolving VPN &MTU issues
• Resolving Network Problem related to connectivity and assessing resources.
• Responsible for ensuring each reported problem is resolved in timely manner
• System Troubleshooting in case of a failure and maintain server uptime above 99.99%
• Migration of active directory services from Win NT to Win 2k to Win 2003
• Providing Capacity Planning review for all the servers
• Patching all Windows servers and workstations with Company standards
• Configuring & administering Domain Naming Server (DNS),Dynamic Host Configuration Protocol (DHCP), Distributed File System.(DFS),Internet and Remote Access Service(RAS)
• Assist staff with the installation, configuration, and ongoing usability of desktop computers, peripheral equipment and software within established standards and guidelines