SUMMARY:

• Highly creative and client - focused Information Technology Professional with over 10+ years of industry experience spanning every aspect of the design, implementation, configuration, management and support of complex, mission-critical LAN/WAN network security solutions.
• Capabilities include an extremely broad knowledge base and familiarity with the latest cutting-edge technologies, including firewalls, VPN, IDS, and IPS. In-depth knowledge of TCP/IP, high availability, load balancing, and remote management complements outstanding relationship management, analysis, and problem resolution skills as well as outstanding organizational, multitasking, auditing and team building skills at all levels.
• Proven ability as a resourceful coordinator, quick to learn new skills in fast-paced IT environments.

TECHNICAL SKILLS:

Firewalls: Checkpoint, Cisco FWSM, Cisco PIX, Cisco ASA, Fortigate, Confidential Procurve TSM, Confidential H3C VPN Firewall Appliance, Juniper firewalls, WatchGuard and Palo Alto

Routers: Cisco, HPN

Switches: Cisco catalyst, HPN

Intrusion Detection & Prevention: Cisco Secure NIDS, ISS Proventia Series, McAfee IntruShield, Tipping Point, Juniper IDP

Web /URL Filtering: Websense, Trend Micro IWSS, Surf Control, Blue Coat, ISS Proventia Web Filter

SMTP Scanning: Trend Micro IMSS, Iron Port, Message Labs, Barracuda

AV Gateways: Trend Micro Office Scan, Trend Micro Server Protect, McAfee

Authentication Tools: Cisco ACS, Steel Belt Radius, RSA ACE Server, Vasco, Arcos PIM

Proxy: Microsoft ISA, Wingate, Bluecoat, Cisco Ironport, Websense.

Network Management tools: PCM, IMC.

Cyber/Info Security: Algosec, Tufin

SIEM: Arcsight, splunk, Symantec, IBM Qradar

Scanning tools: Acunetix, Qualys guard, Nessus

PROFESSIONAL EXPERIENCE:

Confidential

Security compliance engineer

Responsibilities:

• Part of migration from Juniper SRX to Palo Alto. Migrating Juniper firewalls from NSM to Juniper Space as NSM is phased out.
• Part of firewall IT security architecture team Prepare changes for network security architecture changes and follow the process.
• Works on Junos space to login to the firewalls and work on the requirement.
• Part of Compliance review team Each Change that are going to be implement on network devices will be reviewed and then approved if it is meeting the compliance standards Following different types of internal standards for PII data and PCI data.
• Works on Tufin product to validate the changes
• Works on Tufin product to validate the objects Responsible for rule reviews of firewalls (Juniper, Cisco, Palo Alto)
• Divide the rule review project into parts as High, medium, low risk categories and assign to team Primarily working on High risk category and disabling/cleaning unnecessary access
• Uses Splunk to check the latest logs and old stored logs
• Works on Solarwinds for IT Management Software & Monitoring Tools Joining / scheduling meeting for providing google cloud project access.
• Following the change management standards for all the changes to provide quality changes.

Confidential

Technical Solutions Consultant III

Responsibilities:

• Part of complex problem resolution and quality team Providing Level 2 TAC support for post sales service to the customers across regions.
• Works on Multi-vendor products (Security, Network management tools, R&S and Wireless) Duty engineer for Checkpoint products
• As a Primary skill works on security products troubleshooting of Checkpoint, Cisco firewalls, Juniper firewalls,Palo Alto, VPN boxes, Confidential security products (TMS, F1000, F5000, sec-blades), authentication devices, proxies, TrendMicro mail services, etc... As a secondary skill works on Cisco, Procurve & 3Com Routing/Switching, Network Management tools (PCM, IMC) and MSM wireless related issues reported by customer.
• Handling elevation/escalations from L1 team and provide them support Supports customer via email or telephone and for priority cases would be providing the remote support (WebEx) as well.
• Upgrading/migrating firewalls such as Cisco, Checkpoint, etc. Problem management and RCA
• Analyze the problem and provide the root cause analysis.
• Replicate customer network in LAB and provide accurate solution for new implementations.
• Providing prompt and acceptable resolution within the SLA and achieve customer satisfaction.
• Preparing the knowledge base documents for solved issues and store it in database for further references of the engineers.
• As per the process updating the cases with in the framed SLA and reaching the targets.
• Providing required documents to L1 or discussing about requested topics which they require clarifications and guiding them in trouble shooting. Working as a transition engineer for Network security technical Knowledge transfer from Customer to Confidential internal NOC team Working as an Internal Architect for designing, developing, configuring and implementing enterprise networks in diverse environment with Network, Security and Wireless components (including site survey for Wireless) Designing of LAN and WAN networks based on the requirements . Administrative experience on VMWare.

Confidential

Sr. Security Engineer

Responsibilities:

• Provide 24/7 technical support for managed security services, security engineering, infrastructure, management, and sales groups. Manage and monitor client security devices worldwide.
• Perform installs, configure and troubleshooting on stateful inspection firewalls and inline/passive IPS/IDS sensors.
• Perform firewall migration projects between different technologies.
• Serve as lead on configuration and troubleshooting VPN's on all vendor firewall devices.
• Serve as Subject Matter Expert on global operations projects and architect network security solutions for customers utilizing a variety of cutting edge technologies (firewall solutions, IDS, and IPS).
• Perform testing on new network security technologies and appliances.
• Provided technical expertise in pre and post sales engagements.
• Maintain and develop content for the organization's internal technical knowledge base as well as technical documentation and best practice procedures for the Managed Device Team.
• Develop business processes and improvement procedures for the Managed Device Team.
• Developed a technical training curriculum and serving as the technical trainer/mentor for new and existing hires.
• Provide high level support for FW/IPS platforms.
• Uphold positions in providing 24/7 on-call support rotation for our managed customer base.
• Daily analyzed network traffic looking for trends and or malicious activities, created vulnerability report with action plans.
• Teamed with partners and management to implement improved operational procedures and advise customers on IT security best practices.
• Defined/tracked 'how to' documents for supported FW/IPS platforms.
• Configure and troubleshoot VPN's on infrastructure VPN devices.
• Performed network security equipment repairs, installs, removals and upgrades.
• Performed audits on all vulnerable aspects of the Infrastructure and create vulnerability reports with patch recommendations.
• Provided support to end-users, performed troubleshooting, and resolved network and software issues.
• Interfaced with vendors and service providers ensuring that hardware or software problems were dealt with efficiently and effectively, with minimal downtime.
• Implemented and integrated new security solutions into existing customer network infrastructures and coordinate network security audits and changes with clients.
• Configured site-to-site and client VPNs and identify and resolve firewall and VPN connectivity issues.
• Defined/tracked standard baselines and configuration sets for all SOC managed and monitored security devices, as well as technical expertise and operational knowledge standards for organization.