SUMMARY:

• Dynamic and versatile Network Security Engineer with outstanding knowledge, skills and expertise, dedicated and committed to providing excellent interconnectivity and networking services, network security and solving networking problems.
• Senior Security Engineer with CCNP certified and 5+ years of experience in the Network, system design and Security Design, Implementation and Support.
• Strong experience in creating firewall policies as per the requirements on Checkpoint, Palo Alto, Cisco ASA and Juniper firewalls
• Designed and implement security strategies with Cisco and Palo Alto firewalls
• Experience in Supporting and troubleshooting Checkpoint (R77 Gaia, R75.40, R70, R65, Provider - 1, MDM/MDS, VSX, SPLAT and IPSO)
• Responsible for CheckPoint and Cisco firewall administration across global networks
• Experience in Layer 3 routing and Layer 2 switching and dealt with router configurations like 7200, 3800, 2800 and switches 6500, 4500, 3700, 3750, 3900, 2900, 2 960 and 35 00XL, 3950 switch series.
• Good Experience on Cisco UCS 6200 interconnects Cisco UCS B-series Blades and Cisco UCS 5100 series blade server chassis.
• Installed CISCO UCS rack servers to automate and accelerate deployment for all applications
• Black listing and White listing of web URL on Blue Coat Proxy Servers
• VLAN design and implementation, Spanning Tree protocol (STP) configuration and support using Rapid PVST to avoid loops in the network. 802.1q Trunking and port channel creation
• Work experience on Bluecoat Proxy SG for Content filtering and URL filtering.
• Experience deploying BIG-IP F5 LTM and GTM Load Balancers for load balancing and traffic management of business application.
• Implemented F5 LTM / GTM 9.x 10.x changes using TMSH configurations
• Support troubleshooting application issues related to network security (SIEM, firewalls, network data collection and storage)
• Analyze, troubleshoot, and remediate issues with the SIEM, frequently working with the support teams
• Extensive experience architecting security solutions with multi-vendor IDS/IPS/Firewalls, UTM, SIM/SIEM, Virtualization Security & Monitoring solutions
• Manage Active Directory administrative, configurations and functions
• Implemented efficiency by making use of Group Policies and PowerShell Scripting
• Familiarity with Websense, nCircle, Imperva, DAM, SourceFire and WAF devices and services
• Turn up and optimize property WiFi and layer 2 delivery network on centralized wireless controllers (Ruckus)
• Configure and stage Cisco wireless controllers
• Manage virtual machines using Vmware Sphere Client and Vmware Horizon View Administrator
• Experience in configuring VMware DRS Rules and VMware HA on Clusters in Virtual Center
• Back up, Restore and upgrade of Check Point and Fortigate firewall appliances

PROFESSIONAL EXPERIENCE:

Confidential, Morristown, NJ

Sr. Network Security Engineer

Responsibilities:

• Implementing security Solutions using PaloAltoPA-5000/3000, Cisco 5580/5540/5520, Checkpoint firewalls R70, R75, R77.20Gaia and Provider-1/MDM.
• Configuration and administration of firewalls, which includes Checkpoint and Cisco ASA firewalls.
• Build Checkpoint Security Gateway’s from Scratch and set up in High Availability.
• Experience building firewalls, mainframes, and UNIX based platforms at the data center and implementing the initial policies, configuring NAT, Routing etc.
• Responsible to evaluate, test, configure, propose and implement network, firewall and security solution with Palo Alto networks
• Export Firewall configurations including objects and policies using checkpoint web visualization tool
• Configure and troubleshoot Checkpoint software blades such as Identity Awareness
• Configuring rules and Maintaining Palo Alto Firewalls& Analysis of firewall logs using Panorama
• Successfully installed Palo Alto PA-3000/PA-5000 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• Installation and configuration of Cisco ASA Firewalls including 5585 series firewall
• Configure Syslog server in the network for capturing and log’s from firewalls.
• Provided tier 3 support for CheckPoint and Cisco ASA Firewalls to support customers, Backup and restore of checkpoint and Cisco ASA Firewall policies.
• Monitoring Traffic and Connections in Checkpoint and ASA Firewall.
• Worked in Data center environment with Cisco UCS 6200 interconnects Cisco UCS B-series Blades and Cisco UCS 5100 series blade server chassis and implemented RAC mounted servers
• Configured Cisco 1000v switches for virtual VMware servers in the cisco UCS environment
• Maintained, upgraded, configured, and installed Cisco routers, Cisco Catalyst Switches and Load Balancer F5 LTM and GTM
• Utilizing ArcSight Smart Connectors, Logger appliances and HBSS server log analysis to verify proper SIEM security event flow
• Created and managed use cases, analyze correlated traffic, created and monitor channels, create and send reports, collected detailed evidence to support cases with SIEM HP Arcsight Application Worked with SIEM tools such as IBM QRadar to get real-time analysis of security alerts generated by network hardware and applications
• Extract the logs, perform real time log analysis using SIEM technologies and Forensics Analysis of logs as per the request
• SIEM tuning and log analysis of alerts
• Identify/correct Active Directory deficiencies and performance issues
• Monitored the Email and Active Directory components and whole systems and proactively fixed potential issues before they actually caused service disruption
• Configuration/Management Proxy IronPort S360/S650/S660/BlueCoat SG180/8100 Series/ (Bluecoat Director) /Websense Appliances for Web Security/Access Control and filtering policies implementation.
• Cisco ASA and FWSM, Fortinet FortiGate; F5 AFM, A10 WAF, IDS/IPS systems, and general knowledge of security features and protocols
• Configure checkpoint and fortigate firewall to authenticate users based on user identity, user group, session and PC-User Authentication
• Troubleshoot wireless access point problems
• Install, configure and bring up guest wireless
• Network diagrams using MS Visio, network documentation using SharePoint portal

Environment: PaloAltoPA-5000/3000 and Cisco 5580/5540/5520, Cisco ASA, Checkpoint R70, R75, R77.20, Windows server, cloud administration, BlueCoat, SIEM, Load Balancer F5 LTM and GTM, Active Directory

Confidential, mountainside, NJ

Firewall Engineer

Responsibilities:

• Firewall Policy provisioning and work with firewall requests submitted by users through change system.
• Creating object, groups, updating access-lists on Check Point Firewall, apply static, hide NAT using smart dashboard.
• Troubleshooting connectivity issues on the firewall using smart view tracker, monitor health of the appliance using smart view monitor etc. Command line troubleshooting for packet level debug.
• Build and provision new Checkpoint security gateways ground up as well as upgrade the existing.
• Performed Checkpoint Firewall changes using the Smart Dashboard NGX R65, R70 and R75.
• Configuring Cisco ASA firewalls in Single and Multiple Context Mode firewalls.
• Upgrade of Cisco ASA Firewall in Active/Standby mode with no down time
• Implementation, configuration and support of Checkpoint and ASA firewalls for clients at data center.
• Installed and configured high availability Big IP F5 LTM and GTM load balancers like 6600, 6800 to provide uninterrupted service to customer applications and monitoring the availability.
• F5 Migration - LTM 4.x to 9.x & 3DNS to GTM 9.x
• Configuring LTM / GTM version 9.x on F5 Big-IP 6400 FIPS Application Switch & Big-IP 1500
• Maintain responsibility implementing, running, and operating complex SIEM environments and integrating security devices, nodes, and monitoring platforms
• Configure UCS B200 Blade servers, UCS C200 Rack mount servers, RSA (SIEM) device, Accelops (SIEM), and Splunk (SIEM), to stand up virtual environment and perform security testing
• Identify/correct Active Directory deficiencies and performance issues
• Management/configuration/repair of Active Directory Security Groups/OU structure/replication
• Duties also included resolving trouble tickets related to managing objects in Active Directory, changes, adds, moves and deletes in Active Directory and Windows group management.
• Microsoft server clustering, managed objects in Active Directory, replication, changes, adds, moves and deletes in Active Directory and Windows group management and set up and modified Windows Group Policies.
• Configuring and Troubleshooting Cisco Firewall/ASA, Checkpoint FW, Bluecoat ProxySG and Cisco IronPort.
• Deploying Cisco WSA and Bluecoat ProxySG (Web Security Appliance) S170 for URL Filtering Policies.
• Configuring, Administering, and troubleshooting the Checkpoint, PaloAlto, Imperva and ASA firewall.
• Experience in working with Windows PowerShell Scripting to maintain and administrating server environments
• Provided administration and support on Bluecoat Proxy for content filtering and internet access to primary, remote site offices and VPN client users
• Adding Websites to the URL filtering blocklist in Bluecoat Proxies and upgrading firmware on the bluecoat proxies.
• Powershell scripting and execution for account termination, Distribution List creation, Security Groups
• Upgrading Impervav WAF (Web application firewall) and fixing hot fixes and patches
• Support network security through the competent administration of Fortigate firewall including conducting security audits and vulnerability tests
• Configure, test and troubleshoot pre-migration 1G, 10G, IPTV and LAG (Link Aggregate) circuits on Juniper MX960 routers
• Worked on VMware and vSphere 5 and VCloud Director
• Configure, install and update 5508 wireless controllers
• Design, setup and configure Cisco wireless networking that supports open or secured access
• Configured Juniper SRX firewall setup for the production network

Environment: NGX R65, R70 and R75,BlueCoat,SIEM,Load Balancer F5 LTM and GTM,Active Directory, PowerShell Scripting, WAF

Confidential

Network Support Engineer

Responsibilities:

• Designed and implemented local area and wide area networks including network servers, workstations, hubs, routers, firewalls, VPN concentrators and other peripheral devices.
• Worked on installation, maintenance, and troubleshooting of LAN/WAN (ISDN, Frame relay, NAT, DHCP, TCP/IP)
• Configured and managed Cisco access layer routers and switches.
• Support Network Technicians as they require training & support for problem resolution including performing diagnostics, & configuring network devices.
• Provide hardware and software support, including the installation of new software and updates when required, across all supported sites.
• Served in computer maintenance, performed all types of hardware, software maintenance and engineering in addition to systems selection, backup and technical support.
• Implemented and Maintained Routing Protocols EIGRP and OSPF in the Network.
• Configured and demonstrated switching concepts such as trunking, ether channels, inter VLAN
• Trouble shooting network issues & provided incident reviews
• Created users accounts, provided authorization.
• Configure VLAN for different department and maintain the network.
• Spearheaded meetings & discussions with team members regarding network optimization and regarding BGP issues.
• Handled switching related tasks included implementing VLANS, VTP and configuring Fast-Ethernet channel between switches.
• Configuring of IP Allocation and sub-netting for all applications and servers and other needs throughout company using FLSM, VLSM addressing.
• Troubleshoot the issues related to RIP, OSPF, and EIGRP routing protocols.
• Perform wireless site surveys using industry standard tools such as Air Magnet
• Perform routine network maintenance checks as well as configure and manage printers, copiers, and other miscellaneous network equipment.

Environment: Trouble shooting, VLAN,LAN/WAN (ISDN, Frame relay, NAT, DHCP, TCP/IP)