SUMMARY

• 10 years of professional experience in Networking Security, CISCO Firewalls, Juniper Routing and Switching.
• Installed, configured and deployment of CISCO Palo Alto PA - 4k, PA-5020, PA-6750 PA-7080 security appliance roles.
• Designed and troubleshooted CISCO ASA 5510, 5520, 5555 series Firewall to manage large scale Firewall deployments.
• Supported, migration and installation of CISCO Checkpoint R81.20, R80, R77, R75, R71 firewall for site to site Connectivity.
• Designed and configured CISCO Nexus 9k to 2k series data center switching platforms and experience with migration of existing infra to ACI on Leaf Switches (N9K- C93108TC-EX), Spine (N9K - C9364C), Border Leaf (N9K - C93180YC - EX).
• Configured and troubleshooted Juniper EX-2200, EX-3300, EX-4200, EX-4500, EX-8200 switches and MX-10016, MX-9800, MX-9020, MX-6600, MX-6240, MX-4800, MX-4400 routers.
• Experienced on implementation of Azure cloud infrastructure network security platform.
• Experienced in Python automation scripting for test templates and configuration of VPN, ISP and Managed services.
• Designed, supported and managed of meraki wireless access point devices
• Experience in administration and installation of F5 BIG-IP i15000 Series / 2RU, i5600 LTM, GTM Access Gateway, and content switching load balancers.

TECHNICAL SKILLS

Juniper Routers: MX-10016, MX-9800, MX-9020, MX-6600, MX-6240, MX-4800, MX-4400

Juniper Switches: EX-2200, EX-3300, EX-4200, EX-4500, EX-8200

Palo Alto: Virtual System and Physical hardware PA-4k, PA-5020, PA-6750 PA-7080

Checkpoint: Open System & Appliances with R81.20, R80, R77, R75, R71

ASA: ASA 5510, 5520, 5555

Data Center Switches: Nexus 9k, 7k, 5k, 4k, 3k, 2k, ACI, Leaf Switches (N9K- C93108TC-EX), Spine (N9K - C9364C), Border Leaf (N9K - C93180YC - EX)

Load Balancer: F5 BIG-IP i15000 Series / 2RU, i5600 LTM, GTM, Access Gateway, and content switching

PROFESSIONAL EXPERIENCE

Confidential, Harrison, NY

Senior Network Security Engineer

Responsibilities:

• Experience in Configured and Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall PA-5020, PA-6750 PA-7080.
• Configuring Access control Policies on Cisco ASA firewalls and testing in lab environment to migrate from ASA to Firepower
• Design and implement the cisco FMC and FTD's for secure infrastructure in client environment.
• Evaluated Palo Alto and FortiGate UTM platform to replace our corporate office cisco ASA 5540 firewalls
• Configuring Policies and interfaces on Palo Alto Firewall.
• Configuring rules and Maintaining Palo Alto Firewall & analysis of firewall logs.
• Working with deployed Active-Standby/Active-Active modes of High Availability (HA) with Session and Configuration synchronization on multiple Palo Alto firewall pairs.
• Work for implement the Global Protect VPN, IPsec VPNs and SSL VPNs through IKE and PKI on Palo Alto firewalls for site-to- site VPN Connectivity.
• Dealt with monitoring tools like VPN client, Putty, ASDM, ASA Dashboard, Smart View Monitor, Smart View Tracker, MRTG and PRTG.
• Cconfigured IPSec, SSL - VPN (Mobile Access) on CISCO ASA and troubleshoot VPN tunnel connectivity issues.
• Configured and troubleshooted CISCO Nexus 9000, Nexus 7000, Nexus 5000 and Nexus 2000 platforms.
• Managed Cisco Application Centric Infrastructure (ACI) & migration of existing infra to ACI on Leaf Switches (N9K- C93108TC-EX), Spine (N9K - C9364C), Border Leaf (N9K - C93180YC - EX).
• Developed the plan and approach to migrate the data center network from Legacy to ACI.
• Performed the network assessment and discovery to define the approach to migrate the data center from Legacy to ACI/SDN using network centric approach.
• Involved in configuring and installing Juniper routers and switches like MX-10016, MX-9800, MX-6600, MX-4800 and EX-2200, EX-4200, EX-4500, EX-8200 Series.
• Configured Viptela SD-WAN appliances and migrating the customer services (LAN) from existing traditional router set-up to SD-WAN fabric.
• Used security groups, network ACL's, internet gateways and route tables to ensure a secure zone for organization in Azure public cloud.
• Worked on Azure IAM service enabled to grant permissions and resources to users. Managed roles and permissions of users with the help of Azure Virtual IAM.
• Involved in conducting Azure multi-factor authentication (MFA) for instance RDP/SSH logon, worked with teams to lockdown security groups.
• Worked on automate standard configuration-L3VPN/ISP/Managed services-develop code using Python Scripting.
• Involved in integration of Splunk with Service Now, Active directory and LDAP authentication.
• Designed and implemented CISCO/Meraki enterprise cloud wireless bride/repeater to extend the LAN for multiple buildings.
• Configured and installed F5 BIG-IP i15000 Series / 2RU series LTM, GTM load balance appliances.
• Worked on F5 Load Balancer and managing global & local traffic.
• Created load balancer Pools, Virtual Traffic group as per the client requirement.
• Worked on Info-Blox grid to enabling the DNS entry, global load balancing, managing DHCP pool & IPAM.

Confidential, Los Angeles, CA

Network Security Engineer

Responsibilities:

• Worked on configuring and managing of CISCO Palo Alto PA 7k, PA 5k and PA 4k firewalls with Panaroma appliance.
• Worked on configuring rules on firewall and managing Palo Alto Firewalls & Analysis of Firewall logs as per the requirement.
• Configured Global Protect VPN with various connects methods and authentication types for end users on Palo Alto Firewalls.
• Configured and Implemented Zone Based Firewalling and Security Rules on the Checkpoint Firewall R81.20, R80, R77 series.
• Experienced in configuration and Administration of Checkpoint Networks Firewall to manage large scale Firewall deployments.
• Worked on replaced aging Checkpoint firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection.
• Experience with configuring Nexus 7000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 9000.
• Worked on ACI Deployment Support Installation commissioning and Integration in Datacenter.
• Worked on deploying and Implementation of world’s largest ACI deployment for all LTE and OSS applications which are connected behind ACI.
• Worked on deploying Cisco ACI Fabric from scratch in UPPCL Data Center (DC-DR).
• Involved in troubleshooting and configuring Juniper MX 4400/6240/9020 series routers, Juniper EX 2200/3300/4200 series switches.
• Worked on installation and configuration of Viptela SD-WAN devices in INLINE and VIRTUAL INLINE mode.
• Involved in conducting systems design, feasibility and cost studies and recommend cost-effective cloud solutions such as Azure.
• Interacted with cloud team to provision Azure Landing Zones to create a customized baseline of Azure accounts, networks, and security policies.
• Involved in building and managing, stable & secure Azure cloud infrastructure/networking using cloud orchestration.
• Created Automation scripts using Python Scripting for test templates and configured scripts.
• Used Splunk Security Manager to identify threats and assigned category.
• Experienced in managed and troubleshoot Meraki wireless access point’s and wireless devices on Meraki VPN.
• Supported, deployed and designed F5 Load Balancer i5600 LTM Access Gateway, and content switching configuration solutions.
• Created a high availability feature between the VCMP guests for different VCMP hosts.
• Experienced in Enabling load balancer setting as per the application requirement.

Confidential, Lancaster, PA

Network Engineer

Responsibilities:

• Implemented and configured Firewalls Especially Checkpoint R75, R71 and Cisco ASA 5510 series devices.
• Work on Policy administration of Cisco and Checkpoint Firewalls.
• Experienced in managing network & security Confidential the Data center.
• Experience in ASA 8.x Firewall and Troubleshooting, IOS Security Configurations, IPsec VPN Implementation and Troubleshooting, DMZ Implementation and troubleshooting.
• Worked in Troubleshooting end user connectivity issues through the firewalls and network.
• Worked to make sure the NAT is applied appropriately on the firewall for all the third party and DMZ traffic.
• Worked in LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems)
• Experience on VLAN's design and implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to avoid loops in the neüork.
• Trunking and port channels creation.
• Worked on Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Transition.
• Implemented VLANS between different departments and connected them using trunk by keeping one VLAN under server mode and rest falling under client modes.
• Configured Client VPN technologies including Cisco's VPN client via IPSEC.
• Involved in Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.

Confidential, Dallas, TX

IT Support (Network Administrator)

Responsibilities:

• Worked in deliver Tier 1 network ticketing support to resolve all issues and responsible first and second level for IT Network Management ptimized network performance and reliability by maintaining hardware and software, analyzing technical issues, and ensuring availability to system users
• Implemented effective security measures to protect data, software, and hardware
• Executed the maintenance window changes for multiple locations, performing troubleshooting of routing and switching issues
• Performed Firewall, Router, Modem & Switches configuration & management.
• Coordinate with services providers & provide remote access to configure the needful setup
• Experienced in replacing the network hardware in case of failures and up gradation