PROFESSIONAL SUMMARY:

• Network Security Professional with 8+ years’ experience in researching, implementing and administering network security solutions. Skilled in supporting and troubleshooting operational issues related to network security Infrastructure.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Experience with designing, deploying and troubleshooting LAN, WAN, Frame - Relay, and Ether-channel
• Advanced knowledge, design, installation, configuration, maintenance and administration of Checkpoint Firewall R55 up to R77 version.
• Advanced Knowledge in IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols.
• Implemented Zone Based Firewalling and Security Rules on thePaloAltoFirewall.
• PaloAlto, Imperva Web App Firewall support and deployment.
• Configure centralized management system (Panorama) to manage large scale firewall deployments
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.
• Assist various users and groups to troubleshoot issues and support the implementation of new PKI rollouts. Plans and coordinates team projects.
• Worked with other IT groups to ensure Security policy and procedures are met concerning PKI implementations and usage.
• Managed operational security for HP’s public cloud, including incident response, service hardening, Active Directory, VPN/2FA, PKI, firewall rules, and compliance.
• Experience with F5 load balancer, administration, management and upgrades to support 24x7 operations.
• Intense knowledge of IPV-6 servers.
• Hands on experience using diagnosis tools like TCPDUMP, Wireshark for analyzing the real time statistics during the packet flow.
• Well experienced in handling Cisco ACS and EMC RSA for remote access and authentication.
• Excellent communication and interpersonal skills, interfaces effectively with upper management, subordinates, co-workers & peers.

TECHNICAL SKILLS:

Routers: Cisco 7609, 2600, 2800, 3800, 3640, Cisco 3745, 7200 Series

Switches: Cisco 3500, 5000, 6500 Catalyst Series Cisco 7000, 2000 Nexus Series

Routing Protocols: BGP, OSPF,, GLBP, and RIP, EIGRP, VRRP, HSRP

Switching Protocols: STP, RSTP, PVSTP, VTP, ARP, and VLAN

IP Services: DHCP, NAT, DNS, FTP, LAN/WAN

Firewalls: Checkpoint R65/R70/R75/R76/R77, Cisco ASA, Juniper

Hardware: HP, Compaq, Dell, IBM Servers

Operating System/Diagnosis Tool/Third Party Tool: Windows XP, Windows 7, SPLAT (SECURE PLATFORM),UNIX, LinuxTCPDUMP, WiresharkTufin

PROFESSIONAL EXPERIENCE:

Confidential, Warrenville, IL

Security/Firewall Admin

Responsibilities:

• Works with client engineering groups to create, document, implement, validate, and manage policies, procedures, and standards that ensure confidentiality, availability, integrity, and privacy of information.
• Provide 24*7 supports for day to day global operational activities including Change Implementation, Handling Work order access Request, High Priority incident handling/troubleshooting for Security Devices (Firewalls, Proxies, IPS, SSL, VPN Devices etc.)
• Researched, designed, and replaced aging Cisco ASA firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection.
• Successfully installedPaloAltoPA 3060 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• PaloAltodesign and installation which includes Application and URL filtering Threat Prevention and Data Filtering.
• Configured and maintained IPSEC and SSL VPN's onPaloAltoFirewalls.
• Exposure to wild fire feature ofPaloAlto.
• Worked on checkpoint R77.20 on GAIA and SPLAT, Cisco ASA.
• Successfully replaced Checkpoint R65 Provider1 to R77.20 & Migrated more than 500 firewalls from R65 to R77.20 Gaia across the globe it includes Checkpoint Appliance, HP, Dell & Nokia firewalls.
• 50 Firewalls software upgrade from R65 to R77.20 Gaia.
• Managing more than thousands Checkpoint Firewalls: Checkpoint R65/70/75, Checkpoint CMA, Multi Domain Services Manager (Provider-1) and Smart Center Management Server.
• Administration of 2FA (two factor authentication) software and hardware.
• Installation, configuration, management and troubleshooting of 2FA (Two factor authentication).
• Applied security enhancement by implementing s and RSA keys for authentication.
• Installed and administered RSA Secure ID token authentication servers.
• Responsible for the integrity of PKI Infrastructure.
• Provides support for PKI encrypting email and network authentication.
• Supported PKI project through testing, implementation, and support of PIVI smart cards Microsoft PKI, and SQL servers.
• Handled remote access responsibilities and secured key management using the EMC's RSA andCisco ACS.
• Configuration/Management Proxy IronPort S360/S650/S660/Bluecoat SG180/8100 Series/ (Bluecoat Director) /Websense Appliances for Web Security/Access Control and filtering policies implementation.
• Perform detailed analysis and troubleshooting of complex problems on the Firewall platform.
• Performed RIP & OSPF Routing Protocol Administration.
• Involved in Troubleshooting IP Addressing Issues and Updating IOS Images using TFTP.

Confidential, Bellevue, WA

Network Security Administrator

Responsibilities:

• Maintaining Checkpoint security policies including NAT, VPN and Secure Remote access, Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls...
• Implementation and troubleshooting of ASA firewall.
• Migrated Cisco ASA firewall to next generation Palo Alto firewalls
• Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls (160+ firewalls) - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series
• Worked extensively on firewalls and VPN gateways Checkpoint, CISCO ASA andPaloAlto.
• Adding security policies and security rules on checkpoint, Palo Alto and ASA firewall.
• Exposure to wild fire feature ofPaloAlto.
• Implemented RSA Real Secure two form authentication.
• Taking backup of checkpoint configuration, security policies, logs with policy package management, database revision controls, upgrade export and import, snapshot procedure on regular basis.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
• Provided Load Balancing towards access layer from core layer using F5 Network Load Balancers.
• Configured Routing protocols such as RIP, OSPF, EIGRP, MPLS static routing and policy base routing.
• Configured VLAN's onEnterasysN7 Matrix switch as core switch & GLBP to replicate VLAN's to access switches as designed.
• ConfiguredEnterasysN5 Matrix switches as access layer switches in order to communicate to Core Switch.
• Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst 6500 switches.
• Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs
• Involved in Troubleshooting of DHCP and other IP conflict problems.
• Performed Switching Technology Administration including VLANs, inter-VLAN Routing, Trunking, STP, RSTP and Port Aggregation & Link Negotiation.
• Worked on CiscoComplianceProgram framework based on ISO9001. Reviewed processes and policies to identify auditable items.

Confidential, San Diego, CA

Network Engineer

Responsibilities:

• Responsible for implementing, supporting, and maintaining 24x7 network services.
• Coordinated efforts with Engineer's to ensure all network devices conformed to defined network standards.
• Configured and troubleshooting HSRP, BGP, OSPF, EIGRP, MPLS WAN, QoS and Route Maps.
• Configured and maintaining Cisco 7200, 4400, 5000 and 6500 platforms.
• Troubleshoot connectivity issues involving VLAN's, OSPF, QoS etc.
• Support, monitor and manage the IP network.
• Performance monitoring of various applications and web servers to maintain quality of service and network stability.
• Maintained core switches, creating VLAN's and configuring VTP.
• Designed IP Addressing schemes, VLAN tables and Switchport assignments, Trunking and Ether-channel implementation.
• Gained hands on experience with VLSM, STP, VTP, VLAN Trunking.
• Installed and set up Cisco routers and switches according to deployment plans.
• Applied access lists and NAT configurations based on implementation guidelines.
• Managed and developed network projects designed to strengthen network continuity and deploy security elements in an attempt to meet and exceed contract requirements, including system analysis and troubleshooting.
• Change management, monitoring network performance with network tools.
• IP Distribution for existing devices and new devices as they were added.
• Preformed maintenance on equipment as necessary, performing device upgrades, modification of configurations, password changes and diagnostic testing.
• Worked with vendors and Engineering team to test new hardware and procedures.
• Prepared and maintained documentation using MS Visio.
• Route configuration and point code checks for System Technician and Network Technician.
• Knowledge and experience of 802.11 a/b/g/n Ethernet standard for wireless Technology.
• Worked with other team members in testing of the network architecture.
• Participated in quality system implementation project.
• Implemented, configured redundancy protocols HSRP, VRRP, GLBP for Default Gateway Redundancy.
• Implementing, configuring, and troubleshooting various routing protocols like RIP, EIGRP, OSPF and BGP etc.
• Performing network monitoring, providing analysis using various tools like WireShark, Solarwinds etc.
• Responsible for Cisco ASA firewall administration, Rule Analysis, Rule Modification.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500.
• Experience in migration of VLANS.
• Primary responsibility is to design and deploy various network security & High Availability products like Checkpoint, Cisco ASA other security products
• Installed various network hardware including concentrators, bridges, and hubs to establish communication connections with remote locations.

Confidential, Villanova, PA

Security/Network Engineer

Responsibilities:

• Provides day to day support for firewall engineering and operations tasks and level 1 & 2 on-call technical support for the Firewall Engineering and Operations team; including assisting peers with issues and escalation.
• Secured network access with Cisco Secure (RADIUS/ TACACS+) and Configured network access servers for AAA Security
• Implemented VTP and Trunking protocols (802.1q and ISL) on 3560, 3750 and 4500 series Cisco Catalyst switches.
• Worked on different networking concepts and routing protocols like RIP, BGP, EIGRP, OSPF and other LAN/WAN technologies.
• Configured VLAN’s, Private VLAN’s and enabling inter-VLAN routing.
• Configuring routing protocols like EIGRP, OSPF & BGP and troubleshooting layer3 issues.
• Responsible for designing and implementation of customer’s network and Security infrastructure.
• Provide hardware and software support to end users
• Collaborate with stakeholders to develop processes related to network architecture
• Installing, Configuring, Administering and supporting the Windows 2003 Server, Windows 2003 Server, Windows 2000 Server, Windows 2000 Advanced Server, IDS server, SQL Server and Active Directory
• Responsible for virus detection and spy ware removal
• Configured Remote User VPN, Site to Site VPN, and Remote Access VPN, Easy VPN, SSL VPN for Client based and Clientless applications.

Confidential

Network Engineer

Responsibilities:

• Installing, Monitoring and Maintaining Local Area Network.
• Implemented Windows NT domain, domain name services E-mail, Web, and FTP services.
• Installed and configured network printer installation (HP) 3500 series.
• Installing and configuring the peripherals, components and drivers.
• Resolving tickets on network and service provisioning.
• Configuring and troubleshooting desktops, laptops and servers.
• Installation and Maintenance of OS (Win XP/7) and Professional Servers.
• Good Knowledge on DHCP.
• Familiar with hardware tools like printers, routers, switches.
• Knowledge of IIS.
• Experienced in the setup of Structured Cabling in UTP and Optic fiber.
• Experience in configuration of Cisco routers.
• Experience in layer-3 Routing and layer-2 Switching.