SUMMARY

• Experienced Professional with over 7+ years of experience as an IT Security Professional with expertise in Network Security
• Experienced in routing, switching, firewall technologies, systems design, and administration and troubleshooting
• Effectively implemented and documented incident management with incident tracking workflows
• Configuration of VPN, Eventia Reporter, Smart Defense
• Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point Firewall Smart Domain Manager command line & GUI, Cisco ASA
• Working experience on Palo Alto and Checkpoint Next Generation firewall
• Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point Next - Generation Firewalls R65, R70 & GAIA R77.30, NetScreen Firewall, Palo Alto Next-Generation firewalls, Bluecoat proxies and Cisco ASA
• Worked on different firewall & security appliance such as, Checkpoint 4400,4600,4800, 21700,Palo-Alto 200,500,3020,3060, 5020,5060, Panorama M-100, Cisco ASA 5505, 5510,5512-X, 5500-X Firepower Service,5585-X, Cisco WSA S370, S680, Cisco SourceFire,
• Knowledge of information security control measures, evaluated vulnerabilities, determine probabilities and assess its impact to breach of security and initiate activities to resolve any issues or risks
• Good knowledge in WAN Technologies, ACL, NAT, Ether Channel, and VPNs, Frame Relay
• Hands on Experience with blocking of IP’s on Checkpoint which are suspicious
• Firewall management and troubleshooting on Firewalls (Checkpoint, ASA)
• Familiar with working of Intrusion Prevention System (IPS)
• Configuration of User-group rights management, File-folder permission, FTP, DNS, DHCP, Printer server
• Configuring for Load balancing the traffic between multiple IPS / WAF devices
• Upgrading WAN protocols (RIP to OSPF)
• Proficient in design, implementation, management and troubleshooting of Check Point firewalls, Check Point Provider-1 / VSX, Palo Alto IDS/IPS modules, Data Center Migration, Foundry/F5 Load Balancers, Cyber Security, Amazon Web Service (AWS), and Bluecoat URL filtering & Packet Shaper systems.
• Configuring and troubleshooting the Site to Site IPSec VPN tunnels
• Expert in Implementation of virtual contexts on the ASA
• Perform Cluster configuration, backup and restore the current Gateway installation
• Experience in Managing and Leading Security Incident / Event Response and Monitoring Teams
• Highly enthusiastic, creative team player, project implementation, analytical, interpersonal and communication skills
• Working knowledge in Cisco Switches and Routers Configurations
• Advanced knowledge in TCP/IP suite and routing protocols, such as OSPF, BGP, and EIGRP
• Prepared technical documentation of configurations, processes, procedures, systems and locations
• Experienced with vulnerability assessment tools & monitoring

TECHNICAL SKILLS

Firewall: Checkpoint R65/R70/R75/R77/Provider-1 firewall, Cisco ASA, Palo Alto

Routers & Switches: Cisco 2600/3600/4400/7200 Series, Cisco 2900/3500/6500 Catalyst Series, Cisco 2000/7000 Nexus Series

Protocols: TCP/IP, UDP, DHCP, DNS, BGP, OSPF, EIGRP, RIP, VTP, ARP, VLAN, NAT, DNS, FTP, LAN/WAN

VPN: IPsec Site to Site VPN, IPSec VPN Client, SSL Anyconnect VPN and SSL Clientless VPN

AdministrationTroubleshooting: ICMP, PING and TRACEROUTE, SNMP, Syslog and CISCO IOS software and configurations.

Operating Systems: Windows XP/7/8, Linux

Languages: C, C++

PROFESSIONAL EXPERIENCE

Confidential, Plano, TX

Firewall Specialist

Responsibilities:

• Responsible for reporting any security risk through global Issue or risk management process and facilitated resolution plans and solutions needed for information security risk management to meet regulatory requirements and audit recommendations
• Configuration of Palo Alto Next-Generation Firewall mainly VSYS according to client topology and working on Content-ID, User-ID, App-IP
• Performance monitoring and tuning of firewall clusters
• SSL VPN implementation and administration with enterprise clients
• Following operational and change management process on firewalls
• Experience in working with designing, installing and troubleshooting of Palo Alto firewalls
• Experience with working on Palo Alto centralized management GUI PANORAMA
• Migration from Cisco to Palo Alto firewall & Cisco to Checkpoint firewall
• Experience with working on Palo Alto Next-Generation firewalls security profiles and Cisco ASA VPN
• Installation of Palo Alto (Web Application and URL filtering, Threat Prevention, Data Filtering)
• Knowledge of Network Administration with configuration and management of Routing Protocols like RIPv1, RIPv2, EIGRP and OSPF
• Create policies, alerts and configure using SIEM tools (Splunk, SolarWinds, HP ArcSight, Log Rhythm)
• Exposure to wild fire advance malware detection using IPS feature of Palo Alto
• Worked on Checkpoint provider R77,R65 and R60 and ASA
• Configuration of Checkpoint R77
• Policy Creation as per user request on Checkpoint
• Migration from PIX to ASA series, IOS upgradation
• Cisco ASA clusters 5520/5540/5550 using CLI & GUI

Confidential, Sunnyvale, CA

Firewall Administrator

Responsibilities:

• Performing System Security checking against emerging OS and subsystem technology automated tools
• Assist in developing a data security plan to ensure the threats, risks and vulnerabilities from emerging security issues are taken care thereby attain a stable state from a safeguarding perspective, including precautions to prevent the same
• Blocking of IP’s on Checkpoint which are suspicious to network
• Firewall management which involves Creating rule and troubleshooting on Checkpoint R75 and Cisco ASA
• Installed and Configured Checkpoint Firewall in Internet Edge
• Configuration of checkpoint firewall mainly VSX according to client topology and checkpoints
• Configuring rules and Maintaining Cisco ASA & Analysis of firewall logs using various tools
• Daily responsibilities included design, implementation, support and administration of multiple security products running CheckPoint Provider-1
• Worked on McAfee Network Security Platform where incident response were managed using SIEM
• Experience with network based F5 Load balancers with software module Access Policy Manager (APM) & Checkpoint Load Sharing on checkpoint clusters
• Having experience in Bluecoat proxy server’s firmware upgrade, URL filtering and content filtering
• Firewall technologies including general configuration, optimization, security policy, rules creation and modification of Check Point Next-Generation Firewalls GAIA R77.10, R77.20 & R77.30
• Experience in working with designing, installing and troubleshooting of Palo Alto firewalls
• Regularly performed firewall audits around CheckPoint Firewall-1 solutions
• Knowledge of VPN’s (IPSec, SSL)
• Worked on bluecoat proxy to provide both client and server with web service encryption and decryption and digital signature authentication.
• Experience in Configuration, Management, Deployment, Optimization and Troubleshooting Checkpoint VSX
• Performed upgradation of checkpoint firewall from old platforms to new platforms R7 .30
• Firewall as well as virtualization of firewall, both VSX and VSYS
• Installation of checkpoint Next-Generation firewall GAIA R76/77.30 in Open Server, UTM
• Configuration of checkpoint firewall mainly IPS (Intrusion Prevention System) module according to client topology and checkpoint MDS.
• Remote datacenter support and configuration of Load Balancers, firewalls, routers, switches
• Install Packet Shaper as QOS system to monitor and manage network traffic

Confidential, Atlanta, GA

Network & Security Administrator

Responsibilities:

• Managed domain based Network
• Maintaining SSL Network Extender
• Data loss Prevention Administration and Investigation
• Updating and installing patches to all network equipment’s including software and hardware
• Implement Traffic filters using Standard and Extended Access-lists, Distributed-Lists and Route Maps
• Handling projects for new site Installations, IOS up gradations, Firewall migrations from PIX to ASA and Checkpoint Migration
• Installed and Configured DNS server and Checkpoint Firewall with IPS feature in Internet Edge.
• Worked on Juniper SRX & checkpoint next-generation firewall on various modules such as SMART View Tracker, SMART View Monitor, SMART Update, SMART Log and SMART Event.
• Experience on working with Juniper SRX firewall
• Configuring Juniper SRX & NetScreen Firewall Policies between secure zones using NSM (Network Security Manager)
• Experience with APM, LTM & GTM F5 component to provide high availability with providing services across data centers
• Worked on Juniper SRX & NSM central management software
• Experience with Juniper environment including SRX/Junos Space.
• Administer, Maintain, and deploy Juniper IPS & VPN systems
• Configuring VLAN, Spanning tree, VSTP, SNMP on Juniper EX series switches
• Hands on experience and good working knowledge with ASA Firewall policy provisioning
• Checkpoint R65 installations, Site-Site VPNs deployment and troubleshooting
• Experience with connectivity of Cisco Networking Equipment with F5 Load Balancer
• Hands on experience on new firewall implementation like Checkpoint and ASA firewall
• Executing change requests to the firewall rule base as per the schedule
• DHCP, DNS, IIS, VPN, Print server, NAT, services configure and troubleshoot
• Implementing Architectural changes in Data Center Logical network
• To check the status of the IPSEC VPN tunnel and to pull out the VPN reports
• Implementation and configuration of ASA firewalls

Confidential

Network Support

Responsibilities:

• Designed and installed new Branch network systems. Resolved network issues, ran test scripts and prepared network documentation.
• Supporting the users for software and hardware problems
• Performed switching technology administration including VLANs, inter-VLAN routing, Trunking, STP RSTP, port aggregation & link negotiation
• Monitor bandwidth utilization, analyze traffic patterns and volume
• Proactive tracking, isolation and resolution of network outages within SLAs
• Configuration of Access List ACL (Std, Ext, Named) to allow users all over the company to access different applications and blocking others
• Configured Routing protocols such as OSPF, BGP, static routing and policy based routing
• Provide best practice security consulting for multiple compliance initiatives, with a focus on highly resilient solutions
• Installed and configured DNS and DHCP server
• Creating technical implementation plans and project plans
• Performed troubleshooting, while maintaining trouble ticket tracking, following internal/external.