SUMMARY

• I am a Cisco Network Administrator and Firewall Specialist with over 7 years total IT experience specializing in network support and security.
• I provided remote and onsite day to dayfirewall/VPN support for over 30 customer environments including Cisco PIX/ASA, Juniper Netscreen, and Checkpoint.
• I handled the implementation and operations of firewall management systems and integrated logs and performed analysis pertains to Advanced Threat Protection. I performed and reviewed firewall policy, workflow and system settings following established change process.
• He assisted in the development of DLP alerts and IPS alerts to maximize information value from each system.
• Worked with DNS, WINS, DHCP and networking protocols such as TCP/IP. I possesses excellent communication and analytical skills.
• Extensive years of experience as a Network/Systems Administrator specializing in Cisco devices, Network security, Firewalls and VPNs, Cisco Routers, LAN/WAN connectivity, TCP/IP Windows XP, Windows Vista, NT/ System administration, communications.
• Experience regarding security incident response team activities, providing and implementing risk mitigation to incidents and troubleshooting it.
• Experience in working and leading a group in tactical planning & design implementation of network setup.
• Experienced in handling and installing Palo Alto Firewalls.
• Configure all Palo Alto Networks Firewall models (PA - 2k, PA-3k, PA-5k etc.) and a centralized management
• Strong hands on and exposure to Checkpoint & Palo Alto on a regular basis.
• Implemented firewalls using Cisco ASA, Cisco PIX, CheckPoint Provider-1 /SiteManager-1 NGX R65, Firewall-1/VPN-1 NGX R65 Gateways, Secure Platforms.
• Migration of all the PIX firewalls to ASA firewalls for DOT-NC
• Migration of Checkpoint R54 to SPLAT
• Knowledge about Palo-alto juniper firewall technologies.
• Proficient in setting up IT infrastructure including wide area networks (WAN) / local area networks (LAN), security management systems & networking devices administration.
• Extensive experience in Layer 3 routing and Layer 2 switching and dealt with router configurations like 7200, 3800, 2800 and switches 6500, 4500, 3700, 3750, 3900, 2900, 2960 and 3500XL, 3950 switch series.

TECHNICAL SKILLS

Routers: Cisco 7609, 2600, 2800, 3800, 3640, Cisco 3745, 7200 Series

Switches: Cisco 3500, 5000, 6500 Catalyst Series Cisco 7000, 2000 Nexus Series

Routing Protocols: BGP, OSPF, EIGRP, VRRP, HSRP, GLBP, and RIP

Switching Protocols: STP, RSTP, PVSTP, VTP, ARP, and VLAN

IP Services: DHCP, NAT, VLAN, DNS, FTP, TFTP, LAN/WAN

Firewalls: Palo Alto 500, 2k, 3k, 5k & 7050, Checkpoint R65/R70/R75/R76/R77, Cisco ASA

Hardware: Sonic Wall, SSL, CDP, HP / Compaq / Dell / IBM Servers

Operating System: Windows XP, Vista, Windows 7, UNIX, SPLAT (Secure Platform), Linux

PROFESSIONAL EXPERIENCE

Confidential, SFO, CA

Network Security Engineer

Responsibilities:

• Working with Network Design and implementation teams on various projects across related to Branch, Campus and Data Center.
• Fine tuning of Firewall policies based on Information security policy.
• Configuration and Maintenance of Checkpoint R65, R75.40 Gaia Firewalls.
• Strong hands on and exposure to Checkpoint & Palo Alto on a regular basis.
• Successfully installed Palo Alto PA-3060 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• Migration of Checkpoint R54 to SPLAT
• Designing and deployment of Partner IPSEC VPN tunnels.
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Exposure to wild fire feature of Palo Alto.
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
• Building, configuring, maintaining, troubleshooting the firewalls. Develop and implement the company’s security policies, rules implementation. Coordinated lab testing of new software to ensure stable implementation
• Deploying and decommissioning Cisco switches and their respective software upgrades.
• Experienced in configuration and implementation of various technologies like Check Point Firewalls - IDS/IPS, Sourcefire, CISCO ASA;
• Converting CatOS to Cisco IOS Config Conversion on distribution layer switches
• Experience with manipulating various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
• Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS switching for stable VPNs.
• Configuration of ACLs in Cisco 5540 series ASA firewall for Internet Access requests for servers in LAN and DMZ and also for special user requests as authorized by management.
• Configuring/Install/Maintenance of McAfee Firewalls, systems upgrades, client server upgrades.
• Experience configuring Virtual Device Context in Nexus 7010.
• Experience in Configuring, upgrading and verifying the NX-OS operation system.
• Performing ACL requests change for various clients by collecting source destination info from them.
• Performed Break Fix support through driving to different buildings, identifying the root cause of the hardware issues with switches, routers.
• Design, implementation and operational support of routing/switching protocols in complex environments including BGP, OSPF, EIGRP, Spanning Tree, 802.1q, etc.
• Performing troubleshooting on slow network connectivity issues, routing issues that involves OSPF, BGP and identifying the root cause of the issues.
• Configure Corporate, Wireless and Lab Devices which includes Bandwidth Upgrade, Adding New Devices, Decom the Devices, Testing( Pilot ) .
• Implemented DHCP, DNS, IPAM configuration on servers to allocate, resolute IP addresses from Subnet.
• Worked on Aruba Wireless LAN Implementation for 11n Infrastructure Across the Corporate Network.
• Troubleshoot the Network Issues onsite and remotely depending on the severity of the issues.
• Created Visio Dean / Visio Documentation to give complete picture of network design for each building.

Confidential, Austin, TX

Network Administrator

Responsibilities:

• To troubleshoot the connectivity on Layer 3 and Layer 2 in case there are access problems for customers (VPN, IVPN, and MPLS VPN).
• Identify resolve problems on high end Switches, Routers (Cisco & Juniper& CISCO ASR) & fortinet firewall.
• To troubleshoot the various last miles, which involve Broadband, Leased lines, ISDN.
• To troubleshoot the latency issues faced by the customers and providing best path in reaching their destinations across the world.
• Implementation & troubleshooting of VLANS, high availability solutions like hsrp, ether channels, access control lists, NAT, PAT, routing solutions etc
• Troubleshoot and identify problems related to Juniper and Fortigate Firewall.
• Configuring routing protocols such as BGP, OSPF, RIP, and EIGRP for customer.
• Configuring IPSEC and GRE tunnels for VPN customers.
• Coordinating with internal teams for quicker resolution of issues.
• Configuring L2 path for Bridged mode customer (VPN, IVPN and MPLS).
• Configuring Access-Lists for implementing security and applying rate-limit in last mile.
• Configuring VLAN Trunking Protocol and Troubleshoot and identify problems in STP, RSTP, PVSTP, MSTP.
• Firewall and router configuration changes as per the business requirement.
• Protocols Configuration knowledge in ASR (9001SERIES) XR IOS routing such as BGP, OSPF, RIP, and EIGRP for customer last mile.
• Configuration & troubleshooting knowledge in HP Router routing protocols such as BGP, OSPF, RIP, and EIGRP protocols.

Confidential, San Jose, CA

Firewall Engineer

Responsibilities:

• Project based engagements that involve migration of incumbent firewall to Palo Alto Networks solutions
• Conversion of multiple vendors' firewall configurations (Cisco/Juniper) into PAN-OS configuration
• Customary additional professional services as necessary and directed from the customer and vendor management (Firewall reporting, troubleshooting support, knowledge transfer to customer, etc.)
• Remote and on-site engagements as required by project scopes
• Support incident management processes and security monitoring alerts
• Develop & maintain operating guidelines procedures in support of corporate standards and guidelines.
• Determine appropriate levels of security configuration, controls and monitoring.
• Overall central management of firewall and web filtering solutions
• Respond to trouble tickets, perform troubleshooting on perimeter security devices
• Resolve incidents through effective troubleshooting methodology, Tier 3.
• Support of hardware/software maintenance to include troubleshooting, installation and upgrades

Confidential

Network and System Administrator

Responsibilities:

• Installed, configured maintained the company server network infrastructure supporting around 70 users.
• Configured and administered Domain Controllers; DNS and DHCP Servers; File servers; IIS, Wamp and WordPress Web Servers; an Antivirus Server; MS SQL, MySQL and PostgreSQL Database Servers, WSUS and WDS Servers; all in an in-house Hyper-V Environment.
• Physical network cabling and small rack setups with unmanaged switches; software firewall setups; server setups; remote management, monitoring and troubleshooting; for around 10 clients.
• Support LANs, WANs, network and Internet systems.
• Maintain network servers as file servers, and VPN gateway.
• Diagnose hardware and software problems, and replace defective components.
• Perform data backups and disaster recovery operations.
• Maintain and administer computer networks and related computing environments including system software, applications software and all configurations.
• Perform routine network startup and shutdown procedures and maintain control records.
• Design, configure and test computer hardware, networking software and operating system software.
• Research new technology and implement to recommend its implementation.
• Monitor network to ensure network availability to all system users and perform necessary maintenance to support network availability.