SUMMARY:

• Over 7 years of professional experience years of expertise in Implementing and troubleshooting various Network Technologies.
• System Administration and with technical expertise in specializing in Cisco Environment in Data Center, LAN / WAN Security, managing the complete system admin and technical support functions.
• Demonstrated abilities in large enterprise wide network design, implementation as well as administration support and network integration.
• Advanced Cisco Router, Switch, Firewall, VPN Concentrator, Clean Access, Wireless AP experience.
• Advanced configuration of Cisco 2500/2600/4000/7000/12008/2900/3750/6509.
• Advanced troubleshooting of data circuits such ATM, SMDS, T1, Frame Relay, ISDN circuits.
• Has Experience working in Enterprise Data centers with 50 Firewalls
• Proven success managing multiple Information Security Systems.
• Checkpoint IP Appliances and SPLAT Cisco ASA Firewalls
• Advanced knowledge, design, installation, configuration, maintenance and administration of CheckPoint Firewall R55 up to R70 version, SecurePlatform Installation including, VPN.
• Advanced knowledge in Design, Installation and configuration of CheckPoint Provider Environment.
• Advanced knowledge in design, installation and configuration of Firewall ISG 1000/2000, SSG series and NSM Administration.
• Drafted and installed Checkpoint Firewall rules and policies.
• Experience in Network Intrusion detection/Intrusion Prevention System and Firewalls.
• Experience in Implementing managing Symantec Data Loss Prevention.
• Experience in implementing application security solutions
• Advanced knowledge in configuration and installation of IOS security features and IPS.
• Advanced knowledge in Cisco Switches and Routers Configurations.
• Advanced knowledge in TCP/IP suite and routing protocols, such as OSPF, BGP, and EIGRP.
• Advanced Knowledge in IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols.
• Demonstrated skills managing and analyzing servers, databases and security within a data center environment.
• Implementation and administration of Juniper WX/WXC devices for WAN Traffic acceleration.
• Configuration of VTP, VLANs, UDLD, BGP, OSPF, EIGRP, IGRP, RIP, MPLS, DLSw, GRE Routing, Troubleshooting, Monitoring and Maintenance.
• Good experience in configuring, optimizing and troubleshooting of Windows 2003 and higher versions of OS servers and the Networking setups.
• Comprehensive understanding of networking concepts pertaining to LAN and WAN, Information security, IT communication and maintenance in multi-platform environments.
• Experience in managing a team and the resources during Server Infrastructure migrations and platform upgrades.
• Excellent communication and presentation skills and a good team player, Extensive experience in working at 24x7 Support.
• Adapts to new systems and environments quickly, takes ownership of all duties, meeting management skills, Good work ethics, Group and individual based problem solving and decision making abilities.

TECHNICAL SKILLS:

PROFESSIONAL EXPERIENCE

Confidential

Firewall Consultant/ Administrator

Responsibilities:

• Troubleshooting complex CheckPoint issues, Site-to-Site VPN related.
• Performed upgrades for all IP series firewalls from R65-R75.
• Support for all migrations, upgrades, PCI and SOX audit requirements, and vulnerability assessments.
• Support for all firewalls and related environments.
• Administered firewalls consisting of 75, 100, and 200, firewalls.
• Checkpoint firewall upgrade from R55 to R65 on Nokia 390 appliances for headquarters and remote sites.
• Risk assessments where done using Nessus, and Internet scanner, on a monthly basis to help ensure that risks to the network are mitigated in a timely manner.
• Managed Smart Center Checkpoint management server SmartView Tracker
• Managed Checkpoint Firewalls from the command line cpconfig and Sysconfig .
• Installing and setting up Firewall Analyzer product to facilitate consulting on an IDS deployment project, using my Cisco Nexus 7k/5k experience to place IDS devices globally.
• Administration and management of all firewall environments.
• Management of each firewall is done remotely and onsite at client sites.
• Working and commenting on global firewall polices.
• Providing input on day-to-day security architecture policies and procedures.
• Developing systems and process to protect, various user groups while accessing public Internet content from malicious hack attacks.

Confidential

FIREWALL ADMINISTRATOR

Responsibilities:

• Implementation, configuration and support of Checkpoint and ASA firewalls for clients.
• Firewall Policy administration and work with user requests submitted by users. Use HP Service Manager Ticketing System for change and incident management.
• Work actively on Fortinet UTM firewall administration using FortiManager
• Cisco ASA Firewall configuration and troubleshooting.
• Troubleshooting connectivity issues within the server zones of the Data center between application servers, database and web servers as well as user requests and user connectivity issues from various branch locations, office locations and third party sites to data center.
• Actively use, smart view tracker, and Checkpoint CLI to security gateways for troubleshooting.
• Perform advanced troubleshooting using Packet tracer and TCPdump on firewalls.
• Built and support VRRP / Cluster based HA of Checkpoint firewalls.
• Firewall Policy Optimization
• Perform Firewall OS upgrades using CLI, Splat and Voyager GUI.
• Backup and restore of checkpoint Firewall policies.
• Black listing and White listing of web URL on Blue Coat Proxy servers
• Review Firewall rule conflicts, unused rules and misconfigurations and clean up.
• Checkpoint firewall policy administration and support between various zones.
• Upgraded and converted 6 HA CheckPoint SPLAT pairs to PaloAlto.
• Architected and designed were on the network to place multiple IDS, FireEye and DLP devices.
• Implemented the SPAN ports to facilitate the various network device traffic captures.
• VPN User access management on Check point firewalls.
• Part of migrating the entire store Cisco ACL's to Fortinet UTM devices.
• Build and support Site to Site IPsec based VPN Tunnels
• Work on Cisco based Routing and Switching environment with Rapid Spanning tree and using Routing Protocols such as BGP and OSPF.
• Hardened Cisco routers and switches.
• Manage LAN WAN and BlueCoat proxy servers.

Confidential

Network Security Engineer/ System Support

Responsibilities:

• Day-to-day work involves changes on the Checkpoint Firewall, Authentication is done using an RSA SecurID.
• Firewall Policy administration and work with user requests submitted by users. Use REMEDY Service Manager Ticketing System for change and incident management.
• Administer and support Juniper Firewalls Using NSM as well as CLI.
• Schedule day to day firewall related changes and seek CAB approval if required for production impacting changes.
• Firewall policy administration and support on Checkpoint as well as Cisco ASA Firewalls.
• Extranet changes to Cisco 6513, 6509 and 7204 series devices including FWSM firewall changes, routing switching changes and Juniper NetScreen based SSL VPN and ISG.
• Creating object, groups, updating access-lists on Check Point Firewall, apply static, hide NAT using smart dashboard.
• Troubleshooting connectivity issues on the firewall using smart view tracker, monitor health of the appliance using smart view monitor etc.
• Support routing protocols including BGP and OSPF routing, HSRP, load balancing/failover configurations, GRE Tunnel Configurations, VRF configuration and support on the routers.
• Actively responsible for ASA 8.x and Cisco FWSM 2.x/3.x upgrades and network refresh projects and Troubleshooting, IOS Security Configurations, IPsec VPN Implementation and Troubleshooting, DMZ/ASZ Implementation and Troubleshooting.
• FWSM configurations in single/multiple context with routed and transparent modes.
• Site to Site IPsec based VPN Tunnels for all B2B and 3rd party communications
• Support Data Center Migration Project involving physical re-locations.
• Schedule and participate in weekly meetings with various teams involved in the project to discuss the bottlenecks if any and contribute to design a solution framework. Maintain Configuration, Documentation VISIO's and Records Management.
• ITIL Based Service Delivery and Management.
• Support Disaster Recovery for the applications between Primary and DR Data center locations.
• Work on Routing and Switching on the third party segment using Cisco based Routers and switches.
• Configuring administering Domain Naming Server DNS , Dynamic Host Configuration Protocol DHCP , Distributed File System DFS , Internet and Remote Access Service RAS
• Configuration, operation and troubleshooting of BGP, OSPF, EIGRP, RIP,VPN routing protocol in Cisco Routers L3 Switches
• Testing Implementing Group policies
• Installation of Operating Systems Win98, Win XP, Win NT, Win 2000, Win 2003 etc
• Install and maintain Hardware, Operating System
• Monitor Routers and Internet Connectivity
• Administer Active Directory Trust relationships between internal and client networks.
• Train and orient staff on use of hardware and software.
• Involved in the installation, monitoring and support of WINTEL based servers, firewalls, Cisco networks, perimeter security Internet technologies and remote office WAN/ LAN connectivity.

Confidential

Network Engineer/ Administrator

Responsibilities:

• Responsible for managing network security at the Data center.
• Implementation and configuration of Firewalls especially Checkpoint and Cisco ASA.
• Work on Policy administration of Cisco and Checkpoint Firewalls
• Troubleshooting end user connectivity issues through the firewalls and network.
• Making sure the NAT is applied appropriately on the firewall for all the third party and DMZ traffic.
• LAN/WAN level 3 support diagnose and troubleshoot layer 1, 2, 3 problems
• VLAN's design and implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to avoid loops in the network. Trunking and port channels creation.
• Responsible for ASA 8.x Firewall and Troubleshooting, IOS Security Configurations, IPsec VPN Implementation and Troubleshooting, DMZ Implementation and Troubleshooting.
• Troubleshooting Layer 2 and Layer 3 issues.
• EIGRP and RIP version 1 2 Routing Protocols. Redistributing from OSPF to EIGRP and vice versa.
• Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Transition.
• DNS, DHCP services configuration and support.
• Deployed a Syslog server to allow proactive network monitoring.
• Implemented VLANS between different departments and connected them using trunk by keeping one VLAN under server mode and rest falling under client modes.
• Configured Client VPN technologies including Cisco's VPN client via IPSEC.
• Configured Firewall logging, DMZs and related security policies and monitoring.
• Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.
• Installing and configuring System Center Configuration Manager 2007.
• Worked on Site Recovery Manager 5.0 for Disaster recovery.

Confidential

Systems Administrator/ Support Admin

Responsibilities:

• Systems Administrator builds and support.
• Managed network engineers for in house development and support of production IT environment.
• Provided all data and network security. Designed and built all remote office connectivity.
• Worked closely with database developers to build and assist with database servers.
• Designed and built front end solutions for most major database manufacturers
• Responsible for supporting all hardware and software engineers.
• Performing all Microsoft and Linux server builds for cooperate network and labs.
• Build and maintain all WAN connectivity for remote offices with a global Checkpoint firewall infrastructure.
• Support all sales staff worldwide for remote connectivity.
• Maintain all Cisco switches and routers for maximum uptime.