SUMMARY

• Experienced Professional with over 6+ years of experience as an IT Security Professional with expertise in Network Security viz. Routing, Switching, and Firewall Technologies, System Design, implementation and troubleshooting of complex network systems.
• Implemented firewalls using Cisco ASA, Cisco PIX, Check Point Provider - 1 / Site Manager-1 NGX R65, Firewall-1/VPN-1 NGX R65 Gateways, Secure Platforms.
• Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point Firewall Smart Domain Manager command line & GUI.
• Seasoned professional in Check Point Firewall policy administration and support between various zones.
• Hands on Experience with blocking of IP's on Check Point which are suspicious.
• Experience in Check Point IP Appliances R65, R70, R75, R77 & Cisco ASA Firewalls.
• Migration with both Check Point and Cisco ASA VPN (Check Point R75.30 to Gaia R77.30 GA version).
• Proficient in configuration of routing protocols like RIP, IGRP, EIGRP, OSPF multiple areas and BGP.
• Involved in designing L2VPN services and encryption system and other VPN with IPSEC based services.
• Expertise in IP subnetting and worked on various designing and allocation various classes of IP address to the domain.
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
• Good knowledge and experience in Installation, Configuration and Administration of Windows, HTTP, FTP, DNS, NTP, DHCP servers under various LAN and WAN environments.
• Excellent customer management/resolution, problem solving, debugging skills, able to quickly learn and apply new technologies and adapt to new environments, teamwork skills and committed to delivering error free solutions.

TECHNICAL SKILLS

Routers: Cisco (1800, 2500, 2600, 2800, 3600, 3750, 3800, 7200).

Cisco Switches: (2900, 3500, 4000, 4500, 5000, 5800, 6500, Nexus 2k, 3k, 5kand 7k), MSFC, MSFC2.

Routing Protocols: (BGP, OSPF, EIGRP, IGRP, IGMP, RIP), TCP/IP, Multicasting (PIM).

Management Tools: SNMP, Syslog, HP Open View NNM, Sniffer, and Wireshark

LAN Protocols: VLAN, PVLAN, VTP, Inter-VLAN routing, ISL, dot1q, STP, IS-IS, RSTP, MSTP, ISL PVST, LACP, HSRP, GLBP, VPC, VDC, Ethernet, Port security.

WAN Technology: Frame Relay, WiSM Module in 6509, X.25, L2VPN, L3VPN, E1/T1/DS1/DS3, MPLS

Network Management: SNMP v2, v3, Cisco Works, 3Com Network Analyzer, MRTG, Solarwinds, and Orion

AAA Architecture: TACACS+, RADIUS, Cisco ACS.

Operating Systems: Linux, UNIX, DOS, Windows XP/2007/8, Windows 2003 server and Windows 2008 server

Firewalls: Check Point R65/R70/R75, ISA 2004/2006, Palo Alto PA-500/PA-2K/PA-3K/PA-5K, ASA 5585/5520/5510

Network Security: Knowledge of Firewall, ASA, Cisco FWSM/PIX/ASDM, Cisco ISE, Sourcefire IPS/IDS, Cisco NAC, IPsec, Nokia Check Point NG,IPS/IDS(Snor), VPN

Application Protocols: DHCP, DNS, FTP, HTTP, SMTP, TFTP

Documentation: Microsoft Office, Visio

PROFESSIONAL EXPERIENCE

Firewall Engineer

Confidential, Lake Zurich, Chicago

Responsibilities:

• Implemented and troubleshot firewall rules in Cisco ASA 5540, 5580, Check Point R77.20 Gaia and VSX as per the business requirements.
• Worked on Gaia Versions 77.10, 77.20, R65 implementing new and additional rules on the existing firewalls for a server refresh project.
• Upgrade of Check Point firewalls and management servers from Splat R75.30 to Gaia R77.20.
• Established IPSec VPN tunnels between branch offices and headquarter using Cisco ASA Firewall.
• Responsible for Check Point, Cisco ASA and PaloAlto firewalls configuration and administration across global networks.
• Provided support for 2Tier and 3Tier firewall architecture, which includes various Check Point, Cisco ASA firewalls and Palo-Alto firewalls.
• Configuration of Palo-Alto PA 5000 series firewalls for outbound traffic via Blue Coat proxy server.
• Worked with level-2 team on migration project of CMA's from one Provider-1 to another Provider-1.
• Troubleshooting and Configuration of Cisco ASA 5580, 5540, FWSM, firewalls for all the agencies connecting to Citynet.
• Implemented proxy rules in Bluecoat Proxy SG using Blue Coat director.
• Worked on changing global objects and global rules to local objects and local rules for migration project.

Firewall Administrator

Confidential, Newport Beach, CA

Responsibilities:

• Participated in planning, designing, installing and configuring new Firewall policies.
• Staged firewall rules in Check Point smart dashboard during the day time to install during window time.
• Configuration and Maintenance of Check Point R65, R75.40 Gaia Firewalls.
• Created and tested Cisco router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS switching for stable VPNs.
• Configuration of ACLs in Cisco 5580 series ASA firewall for Internet Access requests for servers in LAN and DMZ and also for special user requests as authorized by management.
• Monitored firewall logs in Check Point smart view tracker and captured packets in command line during troubleshooting.
• Configuration and Maintenance of ASA 5540, ASA 5520, ASA 5510, PIX 535, FWSM Firewalls.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX SSL Security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
• Worked on the project of F5 LTM and GTM code upgrade.
• Implemented and configured F5 LTM's for VIP's and Virtual servers as per application and business requirements.
• Fine tuning of Firewall policies based on Information security policy.
• Designed and deployed Partner IPSEC VPN tunnels.
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4.

Network Support Executive

Confidential

Responsibilities:

• Troubleshooting using various command tools on Cisco routers and network segments at various OSI layers and maintenance of Cisco 2500, 4000, 6500 series routers.
• Managed service providers/vendors relationships from a project and technology perspective.
• Worked with the basic communication protocols like TCP/IP.
• Proactively monitored including a weekly review of log files, reports, weekly Knowledge Base updates, etc. to determine the health and performance of Secures appliances.
• Worked on Routing and Switching issues including OSPF, RIP, VLAN's.
• Created and implemented filters on the Routers for security purposes.
• Remotely configured the Network.
• Supported and maintained networking devices, cabling and standalone systems as part of job duties. Installed different software on the systems.
• Installed and managed network devices including Hubs and Switches.