SUMMARY

• Network Security Professional with 6+ years’ experience in researching, implementing and administering network security solutions.
• Skilled in supporting and troubleshooting operational issues related to network security Infrastructure.
• Designing, Implementation and Operations of enterprise data networks as Network Security Administrator.
• Configuration, troubleshooting Checkpoint Firewall using R77.
• Providing support for Checkpoint R77. 40 with GAiA and SPLAT.
• Experience in risk analysis, security policy, rules creation and modification of Check Point/Nokia Firewall VPN - 1 FW-1 NGX R65, R70 & R75 Provider-1/Site Manager-1 R65, R70.30 & R75.40.
• Configure all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments.
• Involved in Fortinet Firewall design and installation which includes Application and URL filtering, IP reputation and anti-botnet security as well as database security.
• Advanced knowledge in Design, Installation & configuration of Palo Alto & Checkpoint Provider Environment
• Hands on experience in configuring and supporting site-to-site and remote access server, IPSec, VPN solutions using ASA/PIX firewalls, Cisco and VPN client.
• To perform operations such as device discovery, inventory, configuration, diagnostics, monitoring, fault detection using Cisco Unified Computing System (UCS).
• Experience in site to site VPN configurations using Cisco ASA 5500 series firewalls
• Well conversant in Cisco, Bluecoat proxy, Bluecoat DNS/IPAM, Cisco IronPort, IPv6 based Network & Security Architectures.
• Responsible for Check Point and Cisco ASA firewall administration across global networks.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Implemented traffic filters using Standard and Extended access-lists, Distribute-Lists, and Route Maps.
• Have good experience in Active Directory 2010 administration.
• Configuring & Managing LAN, WAN, VPN and Firewall of Juniper MX Routers for End Users
• Work experience on Bluecoat Proxy SG for Content filtering and URL filtering.
• Worked on network topologies and configurations, TCP/IP, UDP, Frame Relay, Token ring, ATM, bridges, routers, and Switches.
• Excellent customer management/resolution, problem solving, debugging skills and capable of quickly learning, effectively analyzes results and implement and delivering solutions as an individual and as part of a team.

TECHNICAL SKILLS

Operating Systems: Win XP, Win 7, Win 8, Win Server 2003, working knowledge of Mac OS X and Linux

Routing: Cisco, OSPF, EIGRP, BGP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static Routing. Configuring

Switching: Cisco, VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switching, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging

LAN: Ethernet, Fast Ethernet, Gigabit Ethernet(10GbE), FDDI, CDDI, Token Ring, ATM LAN Emulation

Firewalls: Palo Alto, Checkpoint & Cisco ASA/PIX, Fortinet, SonicWALL, Bluecoat

IP SERVICES: DHCP, NAT, VLAN, DNS, FTP, TFTP, LAN/WAN

AAA Architecture: TACACS+, RADIUS, Cisco ACS.

Miscellaneous: Juniper, Cisco UCS, VPNs, SSH, Telnet, IPsec VPN, Site to Site and Remote Access VPNs, Load Balancing, VMware, Hyper-V, ESX, Parallels (Mac OS), Wireshark, Packet Tracer, GNS3, Putty.

PROFESSIONAL EXPERIENCE

Confidential, Town of Oyster bay, NY

Sr. Network Security Engineer

Responsibilities:

• Works with client engineering groups to create, document, implement, validate, and manage policies, procedures, and standards that ensure confidentiality, availability, integrity, and privacy of information.
• Provide 24*7 supports for day to day global operational activities including Change Implementation, Handling Work order access Request, High Priority incident handling/troubleshooting for Security Devices (Firewalls, Proxies, IPS, SSL, VPN Devices etc.)
• Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls (160+ firewalls) - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
• Configure Palo Alto Firewall models as well as a CMS (Panorama) to manage large scale firewall deployments.
• Worked on FortiGate’s 90-30 series and firewall virtual appliances.
• Worked extensively on checkpoint R77.20 on GAiA and SPLAT, Cisco ASA.
• Successfully replaced Checkpoint R65 Provider1 to R77.20 & Migrated more than 500 firewalls from R65 to R77.20 Gaia across the globe it includes Checkpoint Appliance, HP, Dell & Nokia firewalls.
• 50 Firewalls software upgrade from R65 to R77.20 Gaia.
• Managing more than thousands Checkpoint Firewalls: Checkpoint R65/70/75, Checkpoint CMA, Multi Domain Services Manager (Provider-1) and Smart Center Management Server.
• Configuration/Management Proxy IronPort S360/S650/S660/Bluecoat SG180/8100 Series/ (Bluecoat Director) /Websense Appliances for Web Security/Access Control and filtering policies implementation.
• Configuring Juniper Net Screen Firewall Policies between secure zones using NSM (Network Security Manager).
• Perform detailed analysis and troubleshooting of complex problems on the Firewall platform.
• Configuration of Cisco unified computing system (UCS) and using UCS manager perform operation such as device discovery, inventory, configuration, diagnostics, monitoring, fault detection, auditing, and statistics collection.
• Provide troubleshooting of latency sensitive perimeters involving the stocks & vendor connectivity.
• Performed RIP & OSPF Routing Protocol Administration.
• Involved in Troubleshooting IP Addressing Issues and Updating IOS Images using TFTP.
• Followed the process, change management, SOPs, BCP and DR plans on network infrastructure which helped the team to get ISO27001 certified for the information security management system.
• Setup LAN and WAN using new Routers, Switches, Modems and Cables as well as troubleshoot them.
• Creating new policies, Packet and URL filtering, Identity Awareness, Data loss Prevention, Quality of Services and IPS.

Confidential, Houston, TX

Security Engineer

Responsibilities:

• Maintaining Checkpoint security policies including NAT, VPN and Secure Remote access, Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls.
• Maintained Corporate Firewalls & Analysis of firewall logs using various tools.
• Implementation and troubleshooting of ASA firewall
• Adding security policies and security rules on checkpoint and ASA firewall.
• Taking backup of checkpoint configuration, security policies, logs with policy package management, database revision controls, upgrade export and import, snapshot procedure on regular basis.
• Responsible for designing and implementation of customer’s network and Security infrastructure.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
• Involved in Fortinet Firewall design and installation which includes Application and URL filtering Threat Prevention and Data Filtering.
• Worked on Bluecoat Advance threat protection, content analysis, malware analysis, mail threat defense
• Hands on experience on Cisco PIX ASA Firewalls, Juniper SRX series, Palo Alto Troubleshooting Skills, Log Analysis and Review, Compliance Audit.
• Provided Load Balancing towards access layer from core layer using F5 Network Load Balancers.
• Configured Routing protocols such as RIP, OSPF, EIGRP, MPLS static routing and policy base routing.
• Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst 6500 switches.
• Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs
• To perform operations device discovery, inventory, configuration, diagnostics, monitoring, fault detection using Cisco UCS.
• Involved in Troubleshooting of DHCP and other IP conflict problems.
• Performed Switching Technology Administration including VLANs, inter-VLAN Routing, Trunking, STP, RSTP and Port Aggregation & Link Negotiation.

Confidential, San Jose, CA

Network Security Engineer

Responsibilities:

• Provides day to day support for firewall engineering and operations tasks and level 1 & 2 on-call technical support for the Firewall Engineering and Operations team; including assisting peers with issues and escalation.
• Secured network access with Cisco Secure (RADIUS/ TACACS+) and Configured network access servers for AAA Security as well as Cisco UCS.
• Involve in creating a Fortinet firewall policy, Secure Email Gateway, Web Application Firewall and wireless LAN
• Worked on bluecoat web application firewall to improve application performance and to perform health checks on HTTP, HTTPS, TCP, ICAP and ICMP in order to monitor web content servers.
• Hand on experience with Juniper Routers and Firewall.
• Implemented VTP and Trunking protocols (802.1q and ISL) on 3560, 3750 and 4500 series Cisco Catalyst switches.
• Worked on different networking concepts and routing protocols like RIP, BGP, EIGRP, OSPF and other LAN/WAN technologies.
• Configured VLAN’s, Private VLAN’s and enabling inter-VLAN routing.
• Configuring routing protocols like EIGRP, OSPF & BGP and troubleshooting layer3 issues.
• Responsible for designing and implementation of customer’s network and Security infrastructure.
• Provide hardware and software support to end users
• Collaborate with stakeholders to develop processes related to network architecture
• Installing, Configuring, Administering and supporting the Windows 2003 Server, Windows 2003 Server, Windows 2000 Server, Windows 2000 Advanced Server, IDS server, SQL Server and Active Directory
• Responsible for virus detection and spy ware removal
• Conducted and implement Network and software installations and upgrades.
• Configured Remote User VPN, Site to Site VPN, and Remote Access VPN, Easy VPN, SSL VPN for Client based and Clientless applications.

Confidential

Network Technician

Responsibilities:

• Worked on network-based IT systems such as racking, stacking, and cabling
• IOS upgrading of 1900, 2900, 3500 series Cisco Catalyst switches and 2500, 2600, 3600 series Cisco routers using TFTP
• Help administrator to configuring Cisco routers and switches
• Setup new LAN and WAN at different places as per customer demand and if any problem happen then troubleshoot them
• Served as a main escalation point of contact for level I team
• Coordinated with higher-level support and external vendors for resolution
• Maintained all servers & network equipment with current stable firmware, IOS images & access control lists
• Maintained and configured all Extended Access Lists securing VLAN 802.1q trunks to W2003/8 servers, STP, OSPF, Port-Channels, Classes, Group, Objects, Load-Balancing, ACS, Wireless setup for corporate office and stores
• Implemented strategies for operating systems, virus protection, mail systems and Internet services
• Performed scheduled Virus Checks & Updates on all Servers & Desktops.
• Resolved all computer related problems, monitored and maintained system functionality and reliability by identifying ways to prevent system failures