SUMMARY

• 7+ years of experience as a Network/Systems Administrator specializing in Cisco devices, Network security, Firewalls and VPNs, Cisco Routers, LAN/WAN connectivity, TCP/IP Windows XP, Windows Vista, NT/ System administration, communications.
• Implemented firewalls using Cisco ASA, Cisco PIX, CheckPoint Provider - 1 /SiteManager-1 NGX R65, Firewall-1/VPN-1 NGX R65 Gateways, Secure Platforms.
• Migration of all the PIX firewalls to ASA firewalls for DOT-NC
• Migration of Checkpoint R54 to SPLAT
• Proficient in setting up IT infrastructure including wide area networks (WAN) / local area networks (LAN), security management systems & networking devices administration.
• Extensive experience in Layer 3 routing and Layer 2 switching and dealt with router configurations like 7200, 3800, 2800 and switches 6500, 4500, 3700, 3750, 3900, 2900, 2960 and 3500XL, 3950 switch series.
• Proficient with Cisco routing and switching products, UNIX, Linux, shell scripting and routing protocols. Experience in tools like SNMP, AAA, RADIUS and designed VPN with IPSEC security layer.
• Understanding of IPSEC & GRE tunnels in VPN technology implementation using Cisco IOS and have checkpoint firewall /VPN.
• Experience with Watchguard firewalls, Sidewinder firewalls, Stonegate firewalls and Opensource Linux/BSD based firewalls such as iptables, ipchains and pf.
• Hands on experience with the usage of diagnosis tools like Qkview, TCPDUMP for analyzing the real time statistics during the packet flow.
• Experience testing Cisco routers and switches in laboratory scenarios and deploy on site for production.
• Proficient in configuration of routing protocols like RIP, IGRP, EIGRP, OSPF multiple areas and BGP.
• Worked on MPLS-VPN designs and MPLS-QoS for the migration of Frame relay to MPLS system.
• Involved in designing L2VPN services and encryption system and other VPN with IPSEC based services.
• Expertise in IP subnetting and worked on various designing and allocation various classes of IP address to the domain.
• Involved in troubleshooting of IP conflict problems and worked on Gigabit Ethernet and Fast Ethernet connection and applied QoS for the bandwidth delay.
• Extensive troubleshooting experience in ISDN and telephony circuits CSU/DSU connections.
• Hands on experience on NAT (Network address translation) configurations and it’s analysis on troubleshooting issues related access lists (ACL).
• Involved in monitoring network traffic and its diagnosis using performance tools like Snort, Snortsnarf, ping tools, and packet player.
• Good knowledge on VOIP protocols like H.323, SIP, MGCP and SS7 and interfacing of TDM to VOIP system.
• Excellent communication and interpersonal skills, interfaces effectively with upper management, subordinates, vendors, co-workers & peers.

TECHNICAL SKILLS

Operating Systems: Windows Server 2008 R2, Windows Server 2000/2003 SP1/ 2008, Windows XP/Vista/7

Routers and Switches: Cisco 2811, Cisco 6509-E (Multi-layer Switch), Cisco7200, Cisco3800, Cisco 3640, and Cisco 3745, Cisco Multi-layer Switch 6500, Catalyst 4500, Catalyst3750, Catalyst2900 and Catalyst 3500XL.

Software: MS Office 2007; MS Office 2003/XP; Norton Utilities; WinFax; PC Anywhere; McAfee; WinZip; Symantec Ghost; Veritas; Heat; Remedy 7.0/6.0; DameWare Mini Remote Console; Email (Microsoft Exchange, Lotus Notes Mail); Oracle and many others

Hardware: Intel, 3COM, HP Proliant DL380, HP ML570, IBM x86 Servers, Dell PowerEdge M805 and others

Firewalls: Checkpoint NGX (R65-R75), Cisco PIX 515E,Cisco PIX 535 Firewall, Cisco ASA 5510,Cisco ASA 5520,Cisco ASA 5540,Cisco ASA 5550, Cisco ASA, Cisco FWSM, Check Point NGX R52, R54, R61, R62, R65, R 75,Nokia IP690, Nokia IP530, Checkpoint provider 1, Checkpoint Firewall 1, SPLAT

Networking: Eicon Communications products such as OSI Gateway for DOS and OS/2; SNA Gateway; IPX/SPX; TCP/IP; Routers; Switches; Modems; Hubs and Bridges

PROFESSIONAL EXPERIENCE

Confidential, Las Vegas NV

Sr. Firewall Engineer

Responsibilities:

• Configuration and Maintenance of ASA, ASA 5540, ASA 5520, ASA 5510, PIX 535, FWSM Firewalls.
• Installation of Cisco ASA 5500 series firewalls, Cisco 3500, 4500, 6500 series switches.
• Installation and administration of Checkpoint R 75.40 Firewall.
• VLAN and Port channel configurations on Cisco 4500 and 6500 series switches
• OSPF configuration
• Firewall Log monitoring using RSA Envision and Q RADAR
• Site to site VPN implementation on ASA Firewalls
• SSL VPN configuration on F5 Firepass 4300
• ASA software upgrade on Failover setup.
• PIX to ASA Migration.
• Installation and administration of Cisco 2800,3800,7200 series Routers
• Best practice implemented on Cisco Routers and Switches.
• Fine tuning of Firewall policies based on Information security policy.
• Network documentation using Microsoft Visio 2007.
• Network sniffing using Wiresharc.
• Building, configuring, maintaining, troubleshooting the firewalls.
• Develop and implement the company’s security policies, and rules implementation. Coordinate lab testing of new software to ensure stable implementation.
• Planned, installed, monitored and was the single point of contact for all intrusion detection for client systems.
• Monitored and maintained client firewall, intrusion detection systems and VPN systems including (Checkpoint FW-1/VPN-1/Cisco PIX/SecureVPN /SecureIDS).
• Perform Checkpoint and PIX firewall/IDS design, integration and implementation for CyberTrap client networks.
• Provide Information Security Risk Assessment and consulting for internal projects.
• Coordinate with network operations center (NOC) for change notifications, alerts and escalation of security incidents.
• Provide support to help desk for complex/major network problems. Build the rules for the application access across the IPSEC VPN tunnel.
• Configure IPSEC VPN tunnels between Checkpoint and other non-Checkpoint endpoint devices using IKE pre-shared keys, 3DES and MD5.
• Perform packet trace, packet analysis, (using Iris, Ethereal and Etherpeek) on IDS systems to determine validity of attack alarms.
• Perform daily network operations, on-call, and other duties and tasks as required.
• Monitor the ticket queue for incoming tickets, update tickets in accordance to Service Level Agreement (SLAs) requirements and, escalate based on severity levels using AxiosAssyst.
• Perform network security, administration, analysis, and problem resolution for networks, including NT 4.0, Windows 2000, UNIX (Solaris & BSD), CISCO, TCP/IP, and Checkpoint firewalls.
• Implemented enterprise wide network infrastructure and ecommerce support solutions including, network intrusion detection, encryption and monitoring.
• Performed business migration planning including location change, platform introduction and integration

Confidential, Trevose, PA

Senior Systems / Network Engineer

Responsibilities:

• Evaluated, and analyzed corporate LAN to determine what improvements need to be made.
• Reengineered the LAN for maximal performance by installing new Cisco 3524XL switch, and Compaq server. Documented the new network layout as needed.
• Analysis of customers LAN/WAN s to determine network performance problems. Provided solutions, and documentation.
• Administered 300 +Windows NT and Windows 2000 servers supporting 600+ users and 46 remote sites
• Migrated the data from the old server to the new server.
• Setup the old server to mirror critical data from the new server including all Exchange data, users’ home directories, and databases for the purpose of a disaster recovery in the event of a server crash.
• Implemented in house DNS, Installed and configured Microsoft BackOffice 4.5 components including Exchange Server, SQL 7.0, & 6.5.
• Migrated 46 Nokia Firewalls from Checkpoint 4.1 to Checkpoint NG FP 3.
• Created Site to Site VPN connections with clients using firewalls other than Checkpoint
• Managed 46 Checkpoint Firewalls and 40 concurrent VPN encryption domains
• Responsible for redesign and implementation of corporate network environment
• Performed numerous Cisco IOS upgrades on production equipment
• Migrated core network off of Cisco 5509 switches to Cisco 4006, 4507, 6513
• Managed network protocols including OSPF, BGP, EIGRP, TCP, and HSRP
• Set up new offices into existing VPN architecture
• Performed all system administration and builds of UNIX servers
• Responsible for maintenance and upkeep of all core UNIX servers
• Designed and implemented HP OpenView NNM 6.2 on Sun E220r servers
• Performed system monitoring of all servers and network equipment
• Designed and implemented Bind DNS Cluster running Red Hat Linux into existing
• Windows NT DNS environment for use of NNM and Hosting environment
• Provided disaster recovery of the Compaq sever that resulted from a corrupt configuration file.

Confidential, Eden Prairie, MN

Security Consultant

Responsibilities:

• Responsible for producing the network designs and architectures, including IP and VLAN Engineering, and associated Requests for Proposals (RFPs) for PCI industry related information security technologies such as Access Control, Vulnerability Assessment, Anti-Virus, Firewalls, Identity Management, Security Event (Log) Management, Data Loss Prevention, Intrusion Detection, VPN, strong authentication systems, Encryption, URL and malicious mobile code Filtering.
• Responsible for all IP addressing, VLAN and IP Subnet design, equipment specification and high/low level designs and architecture, including core, external and internal IP and VLAN Engineering.
• Responsibilities extended to the integration of Security Control Services for the Solution includingAnti-Spyware, Anti-Phishing, SSL Inspection, IM/Chat, and Malicious Code Scanning.
• Provide support for all Checkpoint and Cisco environments.
• Provide support for all firewall related activities and upgrades for the Checkpoint environment from R60 to R70, R71, and R75. Support for Nokia/Checkpoint firewalls in a P-1 environment with 300 firewalls.
• Support for all Juniper firewalls and related environments. PCI DSS and SOX requirement and mitigation support.
• Administered Juniper 50, 200, 500, and SSG 520 firewalls. Upgraded and administered 75 Fortinet 5000A and 100A firewalls.
• Management of each firewall is done remotely and onsite at client sites. Network documentation was done with MS Access, Visio, and Power Point.
• Site to site vpn for all b2b and vendor tunnels with Checkpoint and Cisco vpn’s.
• Identifying IT related risks throughout areas including perimeter, network, host, application, data and physical security.
• Conducting reviews of Security Operations Center, data centers, extranets and intranets to assess controls and ensure availability, accuracy and security.
• Performing application vulnerability assessments to provide a comprehensive view of the clients application weaknesses that are exposed to threats.
• Responsible for the integration of the Security Control Services and Director 510 management system and all related aspects of routing protocols, IP addressing, applications, equipment configurations, Firewall Changes, and connectivity including all IP and VLAN Engineering.
• Worked with the Security Operation Center (SOC) team of a leading global financial firm to assess their operational and technical policies and procedures to provide a basis for comparison against industry standard best practices.

Confidential

Network / Security Admin

Responsibilities:

• Troubleshooting, installation, and support of Software/Hardware for desktop systems, and LAN for 250+ users nationwide.
• Supported OS/2 gateway for Novell GroupWise E-mail, Supported nationwide GroupWise e-mail, and messaging system.
• Documented, engineered and implemented this standard to migrate 6 Novell 3.x servers into two main servers.
• Analyzed corporate LAN and WAN to determine what were the major problems and improvements needed to be made to the network infrastructure, and network Security using Protocol Analyzers, security auditing software packages from Network Associates.
• Documented the network equipment lay out using Cisco Works 200 package including CiscoView, and Resource Manager Essentials, Tivoli Netview, Visio and MS-Word.
• Reengineered the LAN eliminating unneeded equipment to streamline the LAN for the purpose of reducing latency.
• Implemented HSRP on the Cisco 2948G Layer 3 switches, and EIGRP, OSPF on the 2 Cisco 7200 routers, 2 Cisco 2610 routers, the Layer 3 switch, 3 Cisco 3508XL Switches, 2 Cisco 3524XL switches for load balancing and fail over.
• Implemented a network security policy regarding users on the LAN/WAN network and VPN using Cisco Secure, Network Associates Security Management Interface, Cybercop, and Cybercop Server, and Nmap.
• Engineered a network SNMP solution and recommend the following software Tivoli, Tavve, Cisco Works 2000, CiscoView, Cisco Resource Manager Essentials, and started the installation.
• Troubleshooting and repairing cabling, and network problems site wide, used Network General Sniffer, formulated an accurate port to room map for troubleshooting. Implemented SNMP Hub Management using HP Openview.
• Installed new Hub s and finial cabling from patch panels to hubs, brought newly installed FDDI backbone on-line using Cisco 7500 Router and Catalyst 5000 switch for interfacing it with the 10meg fiber supporting managed Hub s in each wiring closet.
• Provided Desktop support hardware/software, troubleshooting, and repair as needed.
• Implemented network Software license compliance program, user disk space audits on servers, and a network security plan for monitoring and tracking security breaches.

Confidential

Network Associate

Responsibilities:

• Monitoring, Maintenance and Troubleshooting of core as well as customer’s IP Network.
• Provide phone support directly to customers experiencing network performance issues.
• Provide configuration support of customer devices when necessary, and follow the documented change control procedures
• Analyze and interpret existing LAN/WAN infrastructures: provide information, advice or instructions and assist in problem resolution
• Issues related to NAT (Network address translation).
• Issues related to NTP, Netflow
• Issues related to policy based routing,HSRP, DHCP.
• Issues related to VPN tunnels on Fortigate firewall devices.
• Coordinate problem-solving efforts between customers, NOC personnel, 3rd party vendors, partners, and field service personnel.
• Work with telecommunication carriers to resolve chronic network issues
• Escalate product issues to product vendors and implement proposed solutions
• Determine when a hardware-related problem requires on-site field service dispatch
• Maintain contact with field support engineers to ensure that repair procedures are followed and updates customer with status of field repairs.
• Provide timely and accurate updates in the trouble ticket database
• Research documents and investigate potential recurring technical issues.
• Troubleshooting Network related Alert/Alarms and checking the status via EMC Smarts Tool.
• Maintenance and Troubleshooting of the network & Network devices like Routers and Switches.
• Assisting Technical Support team in Troubleshooting Network Device.
• Coordination with Cisco Technical Assistance Center (CTAC) and Juniper Technical Assistance Center (JTAC) for any hardware related issue.