Network Security Engineer Resume Profile
TX
Professional Summary
- 7 years of experience as a Network/Systems Administrator/ Security specializing in Cisco devices, Network security, Firewalls and VPNs, Cisco Routers, LAN/WAN connectivity, TCP/IP Windows XP, Windows Vista, NT/2000 /2003 System administration, communications.
- Experienced in Network Security, Juniper Firewalls, SSL VPN, Checkpoint, RSA, Cisco Nexus, Cisco ACE, Cisco Wireless. Enterprise experience and knowledge of Checkpoint, Cisco ASA and Juniper firewall.
- Experience with network security design implementation Assessment, evaluation, design, and implementation of solutions.
- Experience with F5 load balancer, administration, management and upgrades to support 24x7 operations.
Protocols | OSI,TCP/IP,DHCP, UDP, RIP v1, RIP v2, IGRP, EIGRP, TACACS , RADIUS, OSPF, BGP, SSH, TFTP, FTP, SMTP, NTP, LDAP, Active Directory, Kerberos, L2F, L2TP, PPP, Frame Relay, ATM, Sonnet, Fast/Gig Ethernet, HSRP, Token Ring, ISDN, AAA, DES, 3DES, AES, and MD5, VPN IPsec and SSL ,VRRP, HSRP, DNS BIND, DJBDNS, Infoblox , CARP, SNMP. |
Virtualization Products | VMware ESXi 2.5.2, Microsoft Virtual Server 2005 |
Programming Languages | ASP, VB, WSH, Perl, CMD, PL/SQL, and HTML, XML, JavaScript |
Operating Systems | Windows NT/200/2003, UNIX, SPLAT Secure Platform , Linux, Redhat, Debian, Cisco IOS., DOS |
Firewalls | Checkpoint NGX R65-R75 , Cisco PIX 515E, Cisco PIX 535 Firewall, Cisco ASA 5510, Cisco ASA 5520, Cisco ASA 5540, Cisco ASA 5550, Cisco ASA 5580-20, Cisco FWSM, Check Point NGX R52, R54, R61, R62, R65, R 75,Nokia IP690, Nokia IP530, Checkpoint provider 1, Checkpoint Firewall 1, SPLAT. |
Routers | Cisco 2811, Cisco 6509-E Multi-layer Switch , Cisco7200, Cisco3800, Cisco 3640, and Cisco 3745. |
Switches | Cisco Multi-layer Switch 6500, Catalyst 4500, Catalyst3750, Catalyst2900 and Catalyst 3500XL. |
LAN/WAN technologies | T1, DS3, OC3, SONNET, MPLS, DSU/CSU |
Network Equipment | CISCO 2950,3500,4500,6500 series Switches, CISCO 800, 1600, 2500, 2600,3700,3800,7200 series Routers, Cisco wireless access points. |
Microsoft | Windows NT/2000/2003/2008/2008 R2, Terminal Services/Remote Desktop Services, Hyper-V, App-V, Active Directory and Group Policy Windows 95/98/NT/2000/XP/Vista/7 |
Networking | LAN, WAN, Frame Relay, ATM, SSL VPN Switches, Routers, Hubs, Bridges, Repeaters TCP/IP, IPX/SPX, Ethernet, Token Ring, SNMP, SNA, ICA, RDP Hardware and Software Load Balancing |
LAN Hardware | HP Proliant DL560/580 Servers, Cisco, ATM, Xylan, 3COM, Cabletron, Bay, Digital Bay, Net Gear, SMC and Nortel, IBM eBlade Server HS20 |
Confidential
Network Security Engineer
- Implementation, configuration and support of Checkpoint and ASA firewalls for clients.
- Work on Big IP Load balancer LHA requests. Create Nodes, Virtual pool, Virtual
- Firewall Policy administration and work with user requests submitted by users. Use HP Service Manager Ticketing System for change and incident management.
- Manage checkpoint Firewalls split through multiple CMA's and administer using provider-1. R71
- Cisco ASA Firewall configuration and troubleshooting.
- Troubleshooting connectivity issues within the server zones of the Data center between application servers, database and web servers as well as user requests and user connectivity issues from various branch locations, office locations and third party sites to data center.
- Actively use, smart view tracker, and Checkpoint CLI to security gateways for troubleshooting.
- Perform advanced troubleshooting using Packet tracer and tcp dump on firewalls.
- Built and support VRRP / Cluster based HA of Checkpoint firewalls.
- Firewall Policy Optimization using third party tool Tufin.
- Perform Firewall OS upgrades using CLI, Splat and Voyager GUI.
- Backup and restore of checkpoint Firewall policies.
- Black listing and White listing of web URL on Blue Coat Proxy servers
- Review Firewall rule conflicts, unused rules and mis-configurations and clean up.
- Checkpoint firewall policy administration and support between various zones.
- Modify and implement ACL changes on store routers and assist the user when there are any issues using Network Authority. Authentication to this is also done through TACACS.
- VPN User access management on check point firewalls. Use LDAP for identifying user groups
- Schedule and participate in weekly meetings with various teams involved in the project to discuss the bottlenecks if any and contribute to design a solution framework. Maintain Configuration, Documentation Visio's and Records Management.
- Support Store Migration Project involving physical re-locations and DR testing involving various store locations.
- Part of migrating the entire store Cisco ACL's to Fortinet UTM devices. Use CSM to manage Cisco ASA Firewalls.
- Build and support Site to Site IPSec based VPN Tunnels for all B2B and 3rd party communications.
- Work on Cisco based Routing and Switching environment with Rapid Spanning tree and using Routing Protocols such as BGP and OSPF.
Confidential
Firewall Administrator
- Installed, configured and maintained Cisco PIX /ASA, Check Point firewalls and Juniper NetScreen Firewall.
- Designing, deploying and managing Check Point Provider-1 NGX firewall using the Multi-Domain Server MDS , and configuring and managing Checkpoint VSX firewall.
- Migration of Cisco PIX/ASA, Juniper NetScreen firewall to Checkpoint NGX firewall.
- Defining, tracking and maintaining the standard baselines and configuration sets of security devices and implementing industry best practices with regards to Firewall, IDS/IPS, IPsec VPN, SSL VPN.
- Review, update and align security policies in Cisco ASA/PIX related to network interconnection system.
- Create objects and rules applied to each CMA in a Global Policy. Define a Global VPN Community
- Review and analysis of security logs from various security tools and create adequate related reports.
Confidential
Network engineer
- Designed and Configuring the WAN infrastructure, consisting of multiple T1 and T3 lines, Cisco routers, Cisco switches, Load balancers, Dell and Sun servers.
- Redesign of Internet connectivity infrastructure for meeting bandwidth requirements. This involved negotiating with ISPs, switching from T1 to Flexible T3 lines and configuring/replacing existing Cisco 1605 series routers with Cisco 3640 routers.
- Optimized performance of the WAN network consisting of Cisco 4500/5500 switches by configuring VLANs.
- Experienced with Cisco catalyst switches 5xxx,4xxx, 29xx,19xx and RSM and Cisco Routers 7500,7200,4000,3600,2600,2500
- Implementation of Checkpoint Firewall 4.1 to protect and authenticate local-net and DMZ. Defined policies, NAT and anti-spoofing for internal, external networks as well as Internet gateways.
- Configured and worked on Inbound and outbound Load balancer using product called Link Proof, WSD.
- Fully configured the Linkproof with Smart NAT for Optimal content routing that ensures the fastest inbound and outbound content delivery
- Designed and Configured Web Server Farms, to increased performance through intelligent traffic, Bandwidth management and enhanced application security using WSD.
- Configured Web Trends for Real-time web traffic analysis and e-commerce Analysis
- Enabled remote users to access corporate LAN with VPN connectivity.
- Implemented Fiber channel disk arrays with Dell PowerVault 650F.
- Evaluating and creating a plan to deploy Windows 2000 Advanced server in a separate domain Active Directory Services , to be integrated into existing environment once the production environment is ready to migrate to Windows 2000 ADS model. Installed and configure BackOffice 4.5 on this server.
- Monitoring and managing network resources using HP Openview by implementing policies and creating custom events.
- Worked with various ISP providers, InterNIC, providing online WAN tech support.
- Systems Management of complete MS Exchange 5.5 Infrastructure.
- Created and deployed desktop images using Symantec Ghost 5.1c.
- Documentation of all the work done using Visio, Excel and MS word.
Confidential
Network Engineer
- Design and implement the company's LAN and WAN network infrastructure.
- Operated the router-point-defense Intrusion Detection System for the data network. ASIMS Director, Net Ranger Director, and via Firewall VPNs
- Collected and monitored network defense metric per the MNAP
- Configured production and test firewalls as requested by deployed units
- Configuring multiple Cisco 6509 with MSFC2, 3500, 2948G-L3 switches, 2600 and 3600 routers, Frame relay, dedicated T1s and ISDN lines Implement network security for remote access.
- Configuring site to site and clients to site VPN tunnels through multiple Cisco VPN concentrators and Checkpoint firewalls, and maintaining access policies for remote users.
- Setup and configure network monitoring and management systems, which include CiscoWorks 2000 to manage Cisco devices.
- Upgrade multiple Checkpoint firewall 3.0 to version 2000 and NG on distributed NT environment and Nokia Appliance. And manage network security policies which includes access control, NAT, content security and authentication
- Implement Cisco Secure Intrusion Detection Sensors, IDSM and CSPM to monitor network activities
- Configure and maintain Windows NT/2000 environment services, including Active Directory, DFS, WINS, DNS, DHCP, file replications and logon scripts.
- Grew user base from 3 users to over 2000 dial-up and web hosting users.
- Responsible for configuring, maintaining and securing mixed UNIX and NT servers to provide Internet service to dial-up and DSL customers
- Configuration and maintenance of ACL lists on Cisco routers
- Responsibility includes regular maintenance, security patch update and troubleshooting.
- Setup Cisco Local Director for load balancing of several corporate websites
- Implement WebShield SMTP mail gateway for mail relay and email virus scanning.
- Actively involved in PSM VMware vSphere4/ESX4, Win2003/2008R2 Server deployment in DR environment
Confidential
Jr. Network Engineer
- Provides technical support to all areas of Network Administration, Telecommunications, Systems and Network Architecture, and Personal Computer Administration.
- Maintenance of IP Telephony based on Cisco Unified Communication Manager 8.5 in publisher/subscriber environment.
- Maintain and keep eye on NMS for monitoring of MIS network devices.
- Maintaining of Cisco Adaptive Security Appliances ASA firewall for LAN, WAN and Internet connectivity.
- Develops and maintain IT security policy related to LAN and WLAN.