SUMMARY:

• Having almost 8years of experience in routing, switching, firewall technologies, systems design, and administration and troubleshooting.
• Experience in Supporting and troubleshooting Checkpoint (R77 Gaia, R75, R70, R65, Provider - 1, SPLAT, IPSO, Smart Center Server, VSX, Cluster XLand Crossbeams) Juniper (SRX, JUNOS, ScreenOS, Netscreen SSG and NSM), Palo Alto (PA-5000 series, Panorama) and Cisco firewall (ASA 5540, 5520, PIX 535, CSM and ASDM) technologies.
• Strong hands on experience in installing, configuring and troubleshooting of Cisco 7600, 7200, 3900, 3600, 2900, 2600, 2500 and 1800 series routers, Cisco Catalyst 6500, 4500, 3750, 2950 and 3500XL series switches.
• Working experience on Pa-5000 series Palo Alto firewalls and Panorama.
• Exposure to LAN/WAN setup, installation, configuration and troubleshooting.
• Experience of routing protocols like EIGRP, OSPF, RIP v2, and BGP.
• Experience working with source fire IPS/IDS systems Intrusion detection /prevention systems (IDS/IPS) that compare inbound and outbound network traffic
• Experienced in Troubleshooting for connectivity and hardware problems on Cisco Networks.
• Installing and configuring Citrix Netscaler, F5 LTM and GTM load balancer in Active-Standby mode and Creating Virtual Servers, VIP’s and server pools based upon application requirements.
• Extensive experience with Cisco IOS, Windows client/server operating systems, Linux, Networking technologies, Firewalls.
• Installed and configured Cisco FWSM on cisco catalyst 6500 series switch.
• Experience in L2/L3 3 protocols like VLAN’s, STP, RSTP, VTP, MPLS and Trunking protocols.
• Good knowledge in LAN/WAN Technologies like DHCP, DNS, FTP, TFTP, HSRP, VRRP, ACL, NAT/PAT, IPsec and VPNs.
• Worked in OSI model, TCP/IP, UDP, IP addressing and Sub netting.
• Hands-on experience in the setup of HSRP, ACL, and tunnel installations.
• Extensive knowledge in different networking protocols DHCP, DNS, FTP, ARP and TCP/IP.
• Involved in monitoring network traffic and its diagnosis using performance tools like CiscoWorks, Snort, Snortsnarf, ping tools, and packet player.
• Demonstrated success record in: Managing multiple tasks with proven ability to meet deadlines and proactively identifying the problem to solve complex technical issues.
• Highly enthusiastic, creative team player, project implementation, analytical, interpersonal and communication skills
• Worked on the Check Point VSX during firewall virtualization project.
• Installing & Configuring Network Access Control (NAC) using Cisco Clean Access (CCA).
• Worked on the Bluecoat proxies for content filtering and URL filtering.
• Excellent communication and interpersonal skills, interfaces effectively with upper management, subordinates, vendors, co-workers & peers.

PROFESSIONAL EXPERIENCE:

Confidential, Mechanicsburg, PA

Network Security Engineer

Responsibilities:

• Implementing and troubleshooting Firewall rules in Palo alto Pa-5000 series using Panorama, Checkpoint VSX, R75.40, R76 and R77.20 as per Business Requirements
• Creating user accounts, administrators, defining user groups and authentication in Provider-1/MDM/MDS.
• Configuring and troubleshooting complex NAT rules based on the client requirements.
• Configured Static routes on the firewalls using the Network Voyager,GUI on the firewall and also in Clish mode
• Configured firewall rules on panorama m-100/management platform.
• Configuring and troubleshooting Anti-spoofing issues in checkpoint firewalls.
• Involved in implementing firewall rules in Palo Alto firewalls using Panorama for one of the environment.
• Worked with complex NATting issues on panorama.
• Working on trouble tickets in the DHL managed Service management Suite when issues comes up based on the priorities. Also worked on Service requests as approved by the Clients.
• Proactively involved in upgrade, maintenance, monitoring and support for the PA500 Palo Alto devices
• As part of Quarterly audit review process, we will remove user accounts which no longer exist in Bluecoat proxies and in Provider-1
• Creating accounts for new users and password resets on Bomgar, tool that allows support technicians to remotely connect to end-user systems through firewalls from their computer.
• Exposed and trained inCisco IronPort Proxies, Analysing the .PAC files which define the traffic flow.
• Implemented changes on .PAC files in Production environment.
• Worked on the AT&T cloud web security for content filtering and URL filtering
• Generating user reports, adding users to restricted sitesbased on the approvals from the Managements on AT&T cloud web security.
• Changing rule configuration from IP based authentication to client-based authentication.
• Documented serial numbers, IP’s model number of all the devices in the data center managed by the security team.
• Blocked malicious websites using Bluecoat proxy. Did URL and content filtering
• Given extended internet access to users who needs to extra access than regular users using proxies.
• Attended meeting with the Access IT group, a provider of IT Security and Infrastructure technologies in regards with the Checkpoint license renewal and also discussed about checkpoint latest product R80.

Confidential, Plano, TX

Network Security Engineer

Responsibilities:

• Implementing and troubleshooting firewall rules in Checkpoint R75.40and R77 Gaia as per the business requirements.
• Creating user accounts and global group’s creation in global policy in the Provider-1.
• Worked on Cisco Routers, Switches, Juniper SRX/SSG Firewall, NSM, SPACE, Checkpoint NOKIA Firewalls, NAT and ACL’s.
• Worked on the Check Point VSX during firewall virtualization project.
• Worked on the migration project of Juniper SSG to Juniper SRX firewalls.
• As part of Quarterly audit review process, we will remove user accounts which no longer exist in Bluecoat proxies and in Provider-1.
• Proactively involved in upgrade, maintenance, monitoring and support for the PA500 Palo Alto devices.
• Experience working with source fire IPS/IDS systems Intrusion detection /prevention systems (IDS/IPS) that compare inbound and outbound network traffic.
• Configured Routing protocols such as OSPF, static routing and policy based routing.
• Configuration 7609, 7606 with OSPF and 6505, 4500, 3550 switches with various VLAN.
• Create and testCisco router and switching operations using OSPF routing protocol in the lab environment
• Building site-site VPN connections for third party connectivity using ASA 5540 Firewalls.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Working onTufin and Splunk tool for firewall rule usage analysis and log analysis for Firewall rule optimization.
• Performing vulnerability scanning using Nessus tool on application servers.
• Implementing and configuring F5 LTM’s for VIP’s and Virtual servers as per business needs.
• Working on trouble tickets in remedy ticketing system which comes to our queue.
• Continually monitor, assess and improvenetworksecurity, test and implement new security technologies.
• Participate in all technical aspects of LAN, WAN, VPN and security Internet Service projects including, short and long term planning, implementation, project management and operations support as required.
• Worked on the Bluecoat proxies for content filtering and URL filtering.
• Creating and deleting accounts for the team member and other engineering teams in Bluecoat proxy SG’s.
• Configuring and monitoring Tipping Point Intrusion Prevention and detection devices.
• Participating in 24*7 on-call support and implementing changes in different time zones as per the client requirements.

Confidential, Dallas, TX

Network Security Engineer

Responsibilities:

• Implementing the necessary changes such as adding, moving and changing as per the requirements of business lines in a data center environmenton Checkpoint R75 and ASA 5520, 5540 firewalls.
• Remediation of firewall rules from checkpoint firewalls to Cisco ASA firewalls and their implementation.
• Migrated legacy Cisco PIX firewalls to new Cisco ASA firewalls also upgraded IOS images on ASA firewalls.
• Installed and configured Cisco FWSM on cisco catalyst 6500 series switch.
• Worked primarily as a part of the security team and daily tasks included firewall rule analysis, rule modification and administration.
• Managing and implementation of firewalls requests based on the requirements of various departments and business lines.
• Proactively involved in upgrade, maintenance, monitoring and support for the PA500 Palo Alto devices.
• Co-ordinate with data center team for any kind new installations, remote support and device RMA’s.
• Implementing and troubleshooting network issues for various business lines and making sure everything is in place.
• Worked on the Check Point VSX during firewall virtualization project.
• 24x7 on-call escalation support as part of the security operations team.
• Working configuration of new VLANs and extension of existing VLANs on/to the necessary equipment to have connectivity between two different data centers.
• Managing and providing support to various project teams with regards to the addition of new equipment such as routers, switches and firewalls to the DMZs.
• Adding and removing checkpoint firewall policies based on the requirements of various project requirements.
• Implementing IPsec and GRE tunnels in VPN technology.
• Configured site to site VPN tunnels using Cisco VPN 3000 concentrator.

Confidential

Network Support Engineer

Responsibilities:

• Upgrade Cisco 7200, 3600 Router IOS Software, backup Routers and Catalyst 3560, 4500 switch configurations
• Support 24x7 operations and answer calls from the customers on network emergencies and resolve issues
• Install and manage Cisco Catalyst 3500XL, & 2960 series Switches and Cisco 1800, 3900 series routers
• Hands on Experience in Inter-vlan routing, redistribution, access-lists and dynamic NAT’ing
• Log messages using Syslog server and analyze the issues related to high CPU utilization and parameters that can degrade performance of the network
• Involved in all technical aspects of LAN and WAN projects including, short and long term planning, implementation, project management and operations support as required
• Conduct through analysis, problem solving, and infrastructure planning
• Provide assistance to Network Manager and serve as Secondary Network support.
• Troubleshoot and fix any backup and monitoring systems related issues in conjunction with Systems team and external vendors
• Created & documented wiring and network diagram using MS- Visio.