SUMMARY

• Adroit and Deft IT Professional demonstrating 18+ years of Seamless experience, extremely competent in Network Engineering, Network Security Testing; expert knowledge on ZTA, SSL & IPSEC VPN, UAC, IPv6 on Mobile devices; engrossed with Analytics and SDP (Software Defined Perimeter) and Adaptive authentication.
• 18+ years rich and affluent experience in Network Engineering and Security.
• Good knowledge in Configuring Access Control List(ACL).
• Configured IPv4 VPNs using IPSec VPNs.
• Configured and troubleshooted Cisco PIX and ASA series firewalls in enterprise level.
• Advanced Knowledge in IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols.
• Knowledge in Documenting and preparing the Process related Operational Manuals & worked on office 365
• Collaborate with technical teams and management to achieve project objectives.
• Deft in system/integrated testing of network security products i.e. UAC, SSL - VPN GATEWAYS, NAC and Firewalls.
• Accomplished in AAA Mechanisms i.e. PKI, RADIUS, LDAP, AD and RSA Secure ID.
• Well versed with Security protocols i.e. SSL, IPSEC.
• Sound with SPIRENT
• Resourceful in setting up the VMware ESX server for SSL VPN & UAC servers
• Professional in creating SMS (SCCM) test setup for Network Wide distribution of the Client Software (Pulse) on Windows Machines.
• Hands On Experience in Cisco ACS & Cisco ISE for 802.1x, AAA Configurations
• Aware on functioning of Pulse Driver and Involved in testing of New Technology Driver (Unified Driver)
• Savvy in preparation and execution of Test Cases, Bug Documentation and Reporting
• Seasoned in configuring Cisco ASA 5505, Cisco 3000 concentrator & Nortel Connectivity 1010

TECHNICAL SKILLS

Firewalls: Juniper SRX340, SRX1400, SRX3600, SRX 5400, SRX5800, Netscreen ISG2000, Screen OS 20

Routing Protocol: TCP/IP, Cisco IOS, LAN/WAN interconnection, VPN, IPSec, SSL VPN, NAT, ACLs

Routers: Router series 2900, 2800, 3900, 7200, ISR4451, ASR9000, ASR1000

Switches: Nexus 9000, 7000, 5000 and 2000, ) 3800, 3700, 3500, 2900, 45000, 6500, CGS2520

Load balancer: ZEUS and F5

Other Networking Tools: Panorama, Space, NSM, Splunk, Tufin, Bluecat, Wireshark, Service Now, Solarwinds, Firemon Tool

Sniffing and Monitoring Tools: Wire shark, Omni peek, Tcpdump

Security Tools: Burp suite, Codenomicon, Appscan, NMAP

Operating Systems: Win 95/98, 10, 11, NT, XP, VISTA, WINDOWS7, WINDOWS8, LINUX 5.1, UNIX, Windows 2008 Server, Blade Server, Exchange Server 2010

Scripting Tools: Shell and Ansible

Other: SSH,TELNET,HSRP,GLBP,TACACS+,FTP, HTTP, DNS, DHCP

Virtualization: VMware workstation, ESX, Terraform, AWS Cloud Formation, Kubernetes

AAA Authentication: RADIUS, LDAP, PKI (CA), AD

Networking: L2, L3, TCP, UDP, SNMP, CIFS, MAPI, DHCP, DNS

Testing Tools: Test Director 6.0, Lab Director, GNATS

PROFESSIONAL EXPERIENCE

Confidential, Princeton, NJ

Sr Network Engineer

Responsibilities:

• Configure firewall security policies for server farm using Access Control List in Firewall
• Troubleshoot and Worked with Security issues related to Cisco ASA/PIX, Checkpoint, IDS/IPS and Juniper Net screen firewalls.
• Configuring and maintaining TACACS+ servers for AAA authentication and user authorization. Switching modules.
• Deployed Multi-context Mode (Virtual Firewalls) on Cisco ASAs
• Implementation of Security Policies, AAA (TACACS), NAT
• Involved in setting up IPsec VPN between ASA firewalls
• Upgraded images on the ASA 5520,5540, 5550 firewalls
• Configuring Checkpoint and ASA for NAT (Static PAT/Manual NAT) to enable remote access for sites by doing Port redirection and configuring various VPNs like IPsec Site to Site, SSL VPN
• Performed multiple firewall changes on the PIX, ASA, andPalo Alto firewall based on the requirements and monitored firewall changes using Firemon Tool.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco ASA 5500 security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.
• Experience with Cisco Datacenter Switches Nexus 9000, 7000, 5000 and 2000.
• Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tunings AS-path.
• Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network.
• Advanced in working on Customer Scenario’s and replicating Customer Reported Issue’s
• Configured L2 and L3 security features on devices.
• Configuring DVPN's on customer deployments.
• Implementing IPsec tunnels in VPN technology.
• Creation of implementation standards and configuration templates
• Working experience building, configuring, and using Windows Group Policy
• Windows patch Management and policies configuration.
• Perform daily monitoring, maintenance and troubleshooting of Confidential ’s VPN infrastructure. Identify and resolve issues including performance, patching and upgrades as required.
• Configuring and testing Multicast for both IPv4 and IPv6 routing in Data Center Environment.
• Assisting in tracking bugs and gathering specific technical information to be given to the developers.
• Open/Track trouble tickets with various service providers.

SENIOR PRINCIPAL SOFTWARE DEVELOPMENT ENGINEER

Confidential

Responsibilities:

• Firewall deployment, rules migrations, firewall administration and converting existing rule based onto new Checkpoint and Palo Alto Next-Generation Firewall platforms.
• Managing Palo Alto PA-820,850,5250,5280,5220,5260,7080 firewalls
• Migration from Cisco to Palo Alto firewall & Cisco to Checkpoint firewall
• Creating zones and Interfaces on SRX and PaloAlto
• Experience with working on Palo Alto Next-Generation firewalls security profiles and Cisco ASA VPN
• Creating and managing VPN tunnels on SRX and Netscreen
• Experience in deploying configuring and managing various Juniper security platforms like SRX240, SRX1400, SRX3600, SRX5800, Netscreen ISG2000, Junos Space Security Director
• Adding firewalls in Solarwinds and monitoring health of firewalls
• Blocking malicious IPs which are recommended by vendor security advisory
• Hands on experience on Managing Tripplite and DIGI console servers.
• Creating dashboards in Looker and splunk monitoring tool for better visibility.
• Perform daily/weekly/quarterly health checks on Security Information and Event Management (SIEM) systems including ArcSight, Nitro, LogRhythm, QRadar, and Splunk.
• Created management interfaces, device setup, NAT/PAT, creating log settings, creating objects and
• Installed and Configured Cisco Routers (2900, 2800, 3900, 7200, ISR4451, ASR9000, ASR1000)
• Installed and Configured Cisco catalyst Switches (3800, 3700, 3500, 2900, 45000, 6500, CGS2520) using VLANs, STP, VTP.
• Experience working with BGP attributes such as Weight, Local-Preference, MED and AS-PATH to influence inbound and out bound traffic.
• Configured EIGRP, RIP, OSPF, BGP and static routing, MPLS WAN connectivity, Frame relay Wan Connectivity and Telnet and SSHv2 sessions.
• Installs, configures and maintains Juniper EX series switches and SRX, MX, and M series routers.
• Configuration of Access List ACL (STD, Ext, Named) to allow users all over the company to access different applications and blocking others.
• Advanced in working on Customer Scenario’s and replicating Customer Reported Issue’s
• Creating complex Performance Lab’s and evaluating to customers.
• Creation and Deployment of Wireless 802.1x setup.
• Configuration of IPv6 and IPv6 dual stack environment.
• Working on MS Visio, MS Windows, MS office and O’365 deployments in lab.
• Deployment of lab’s for Performance, AD Server.
• Deploying SCCM server for Large scale software deployments on Windows.
• Tested a variety of Mobile apps - Native, Web-based and Hybrid apps in various testing Environments - Emulators, Simulators and Actual Devices.
• Experience testing mobile platforms.
• Performed Functional, Usability, UI, Regression and Sanity testing on Android/iOS platform.
• Performed installation, configuration of the Android SDK and ADT Plug-in for Eclipse IDE and setting up of the Android Framework Test Environment.
• Coordinated with business analyst to understand the requirements/Functionalities and write test case accordingly.
• Prepared test plans and test cases using by reviewing the requirement specifications and then upload the test cases in QC, Zephyr.
• Communication of Project Planning is complete with the business, development, and PMO regarding status, milestones, issue resolution and escalation
• Provide daily updates on the QA activities in scrum calls.

MTS 3 (Member of Technical Staff)

Confidential

Responsibilities:

• Advanced in working on Customer Scenario’s and replicating Customer reported issues.
• Created IPv6 test bed and maintaining the same while conducting testing that IPv6 & v4 feature
• Well versed in testing the IPv6 and SSL VPN features on Mobile devices like IPhone & ANDRIOD. Qualified the client in IPv6 n/w’s in Win 7 and Win 8 platforms
• Played a KEY role in Qualification of pulse client, testing with various VPN clients where in configured & Tested Pulse client with Cisco 3000 concentrator/ Cisco ASA 5505/ Nortel Contivity 1010
• Deployment of OPENCA & OPENSSL infra in lab.
• Created the SMS (SCCM) test setup for Network Wide distribution of the Client Software on to Windows EP’s.
• Evaluating the in house product with Windows Drivers, Configuring the UAC gateway and firewall
• Took necessary checks for the Layer 3+ via firewall enforcement and dynamic IPsec user-specific access
• Examined the L2 & L3 UAC solutions on Mobile devices like IPhone & ANDRIOD
• Explored the Machine authentication, credential provider and captive portal features
• Deployed and Configured all the external authentication mechanisms like RADIUS, LDAP, and AD
• Investigated all EAP methods like EAP-TLS, TTLS, PEAP, MD5, CHAP, PAP, JUAC
• Evaluated Mac, windows with Junos Pulse and ACLs, posture validation, End point security on client machines
• Involved in preparation and configuring SMS Server for deployment of Phoenix client on windows Endpoints
• Effectively maintained Dog food server (DFS) for live deployments.
• Evaluated various VPN clients where Tested with in-house SSL VPN product
• Checked-out Interoperability with UAC (IC, and Firewall as IE)
• Created and Prepared High-level test scenarios and executed the implementation and Testing of certificate chains using OPENCA and OPENSSL

Network QA ENGINEER

Confidential

Responsibilities:

• Efficient in writing Test Plan/Strategy/cases specifications, automation and execution of the test cases
• Performed Integration testing of applications to support Backup and Restore across various platforms
• Analysed the reporting and tracking the defects found in testing using Bugzilla while submitted the performance report using in house tools and automation scripts
• Skilled in Writing PERL and SHELL scripts to automate the test process
• Configured and tested for dual authentication using RSA Secure ID
• Involved in Configuring the CISCO ASA 5505 Series For Clientless SSL VPN, Thin-Client SSL VPN