SUMMARY:

• IT professional with around 7+ Years of extensive hands on experience in Networking Security and proven expert proficiency in designing, engineering, configuring, and maintaining of large enterprise firewalls
• Skilled & technically proficient with multiple firewall solutions, network security, and information security practicess
• Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point Next - Generation Firewalls R65, R70 & GAIA R77.30, NetScreen Firewall, Palo Alto Next-Generation firewalls, Bluecoat proxies and Cisco ASA
• Worked on different firewall & security appliance such as, Checkpoint 4400,4600,4800, 21700,Palo-Alto 200,500,3020,3060, 5020,5060, Panorama M-100, Cisco ASA 5505, 5510,5512-X, 5500-X,5585-X, Cisco WSA S370, S680, Radware DefensePro IPS, Radware Appwall (WAF)
• Experience on working with different migrations environment such as, Staging, Sandbox, Development, Production(Go live)
• Managing and implementing remote firewall for State agencies using NSM, SPACE, SmartDashboard and CSM.
• Advanced knowledge in Cisco ASA 5000 series and PIX installation, configuration and maintenance, configuration and installation of IOS security features and IPS module, security risk analysis, attack mitigation & penetration tests based on LPT methodology.
• Advanced Knowledge in IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols
• Maintaining Corporate Firewalls by analysis of firewall logs and implementation of security firewall policies for the migration of Datacenter
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Knowledge of Intrusion Detection and Prevention System, DMZ, encryption, IPsec, proxy services, Site to Site VPN tunnels, MPLS/VPN, SSL
• Proficient in design, implementation, management and troubleshooting of Check Point firewalls, Check Point Provider-1 / VSX, Palo Alto IDS/IPS modules, Data Center Migration, Foundry/F5 Load Balancers, Cyber Security, Amazon Web Service (AWS), and Bluecoat URL filtering & Packet Shaper systems.
• Advanced Knowledge in IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols.
• Configuration and implementation of Cisco Firewall PIX/ASA
• Experience on PCI and ISO compliant security implementations on the firewalls and perimeter devices
• Advance Knowledge in Penetration testing tools such as Metasploit, Nessus, Qualys, Nmap, Zenmap, AppScan, SQL Map, Burp Suite, IBM Appscan
• Knowledge in Documenting and preparing the Process related Operational Manuals and worked on office 365
• Ensuring network availability, vendor management, fault management
• Strong ecommerce, general management, negotiation, inter-personal, communication and team building skills.

TECHNICAL SKILLS:

Firewall: Checkpoint R65/R70/R75/R77.30 GAIA/Firewall-1, Palo Alto 3000/5000 series, Cisco ASA5555-X / 5550, FortiGate, Panorama M-100, Wildfire, Radware WAF

Protocols: NAT, VTP, VLAN, TCP/IP, UDP, EIGRP, OSPF, RIP

Nexus: Nexus 7000/ 8

ANS: F5 BIG-IP LTM 6900/6400, APM

Switches: Cisco Catalyst VSS 07 / 50 / 3750- X / 2960X

Routers: Cisco Routers ASR 06 / 06 / 51 / 2600

Operating Systems: Linux, Windows XP/7/8, Windows Server 2003/2008/2012

Protocols: TCP/IP, IPSEC, IKE, SSL, SSH, UDP, DHCP, DNS

Routing: OSPF, EIGRP, BGP, RIP-2, PBR, Route Filtering, Summarization, Static Routing

Switching: VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switching, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging

PROFESSIONAL EXPERIENCE:

Confidential, Durham, NC

Firewall Engineer

Responsibilities:

• Experience in management of Checkpoint VSX environment and using VSX with Multi-Domain Security Management (SDM)
• Experience on working with Checkpoint and Palo Alto Next-Generation Firewall
• Working on setup Cisco ASA 5555-X firewall on IPsec VPN, Palo Alto IPsec VPN and Global Protect VPN, and AWS VPN solution
• Working on Fujitsu proprietary ITIL management tool by providing support service to different Fujitsu America client related projects
• Integrating TACACS+ with Palo Alto Firewall and syslog server for logging and SNMP for monitoring
• Experience on working on Checkpoint Provider-1 and Panorama M-100 for centralized management
• Implementation and maintenance of PA 3050 and PA 5060 firewalls and providing support service to client
• Working on different modules of Checkpoint Next Generation firewall R77.30 such as IPS, Application control and URL filtering, Identity Awareness, DLP and IPsec VPN
• Setup/Managing ELB, Security group, ACL, VPC, Subnets; make connection between different zones/region and Blocking suspicious ip/subnet on AWS
• Created AWS cloud formation templates to automate the process of launching custom-sized VPC, subnets, EC2 instances, ELB, security groups, Cloud Watch, S3, Route53, Cloud Trail.
• Working on Firemon for network security policy audit and PCI/DSS compliance audit
• Day to day customer interaction on client related projects on different firewalls and VPN
• Perform troubleshooting by packet capture analysis using TCPDump, Wireshark and analyzing the PCAP
• Working on different Security tool such as Nessus Vulnerability Scanner and Cisco Iron port
• Experience on working in datacenter and on different devices console
• Configuring and troubleshooting Access-lists, Service Policies, and NAT rules, Network Object Groups, Service Object Groups on ASA 5585 and 5505 Firewalls.
• PCI and ISO compliant security implementations on the firewalls and perimeter devices
• Migration from Cisco to Checkpoint firewall
• Upgradation of Checkpoint MDS to support mobile access blade on Checkpoint Web application firewall
• Advance knowledge of Amazon Web Services (AWS) with broad IT infrastructure services, Deep visibility into compliance and governance and Hybrid Cloud capabilities
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs
• Bluecoat proxy server’s setup, configuration, upgrade and Troubleshooting with optimization of WAN Application, SSL traffic, Web traffic, URL filtering & Content filtering.
• Experience with LTM & GTM F5 component to provide high availability with providing services across data centers.
• Experience using Nessus & Qualys Tool for networking discovery and mapping, asset prioritization, vulnerability assessment and tracking.

Network Security Engineer/ Firewall Engineer

Responsibilities:

• Designs, tests and deploys IT security systems, solutions and ecommerce environment.
• Working on Service Now ticket management tool by providing support service to client by implementing and working on change request, Incident request and troubleshooting.
• Configuration of checkpoint firewall mainly VSX according to client topology and checkpoints features such as Application & URL filtering, IPS, Identity Awareness, IPS, VPN.
• Configuration of Palo Alto Next-Generation Firewall mainly VSYS according to client topology and working on Content-ID, User-ID, App-IP
• Experience on working on Cisco IPsec VPN, SSL VPN and natting
• Firewall technologies including general configuration, optimization, security policy, rules creation and modification of Check Point Next-Generation Firewalls GAIA R77.10, R77.20 & R77.30
• Experience on working with checkpoint next-generation firewall on various modules such as SMART View Tracker, SMART View Monitor, SMART Update, SMART Log, SMART Event.
• Experience in Qualys policy compliance in detecting internal and external threats and vulnerability
• Experience in working with designing, installing and troubleshooting of Palo Alto firewalls
• Configuring Checkpoint and ASA for NAT (Static PAT/Manual NAT) to enable remote access for sites by doing Port redirection and configuring various VPNs like IPsec Site to Site, SSL VPN
• Create policies, alerts and configure using SIEM tools (Splunk, SolarWinds, LogRhythm)
• Installation of Palo Alto (Web Application and URL filtering, Threat Prevention, Data Filtering)
• Experience in Configuration, Management, Deployment, Optimization and Troubleshooting Checkpoint VSX
• Performed upgradation of checkpoint firewall from old platforms to new platforms R7 .30
• Performed upgradation of Palo Alto firewall from old platforms to new platforms 6.1.5 to 6.1.10
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall
• Worked on network packet analyzer tools such as, Wireshark, Microsoft Network Monitor, Snort, Tcpdump
• Experience with working on Palo Alto centralized management GUI PANORAMA
• Migration from Cisco to Palo Alto firewall & Cisco to Checkpoint firewall
• Experience with working on Palo Alto Next-Generation firewalls security profiles and Cisco ASA VPN
• Experience on working with migration with both Checkpoint and Palo Alto Next-Generation
• Firewall as well as virtualization of firewall, both VSX and VSYS
• Worked on security tools and software’s like Cisco WSA, Qualys, Splunk, Symantec Endpoint Protection, Bit9, HP Network Node Management
• Upgrading Radware Appwall WAF (Web application firewall) and fixing hot fixes and patches.
• Exposure to wild fire advance malware detection using IPS feature of Palo Alto
• Worked on Bit9 Endpoint protection whitelisting tool for the security of Endpoint servers and implement daily report
• Experience on working in datacenter and on different devices console
• Configured Site to Site IPsec VPN tunnels and Split tunnel to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.
• Routing and Switch protocols: BGP,OSFP, VLAN,VTP, STP, RIP, RSTP
• Firewall deployment, rules migrations, firewall administration and converting existing rule based onto new Checkpoint and Palo Alto Next-Generation Firewall platforms.
• Responsible for planning, documenting and implementation of complex Firewall and VPN solutions
• Represent the changes at the weekly change review and application migration meetings.

Network Security Engineer

Responsibilities:

• Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point Firewall VPN-1 FW-1 NGX R65, R70 & R75 Provider-1/Site Manager-1 R65, R70.30 & R75.40 Smart Domain Manager (SDM) command line & GUI.
• Supports the implementation and ongoing operations of network access control devices to include firewalls, web proxies, and SSL VPN devices.
• Installation of checkpoint Next-Generation firewall GAIA R76/77.30 in Open Server, UTM
• Configuration of checkpoint firewall mainly IPS (Intrusion Prevention System) module according to client topology and checkpoint MDS.
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks
• Experience in working with designing, installing and troubleshooting of Palo Alto firewalls
• Experience with working on Amazon Web Service (AWS) environment for cloud computing
• Performed upgradation from old platforms to new platforms R65 to R77.30
• Configuration and troubleshooting of Site to Site as well as Remote Access VPN on Cisco ASA and Checkpoint firewall MDS.
• Experience with Using GTM, APM & LTM F5 component to provide 24“7 access to applications
• Configuring Checkpoint and ASA for NAT (Static PAT/Manual NAT) to enable remote access for sites by doing Port redirection and configuring various VPNs like IPsec Site to Site, SSL VPN
• Installation of Palo Alto (Web Application and URL filtering, Threat Prevention, Data Filtering)
• Successfully installed Palo Alto Next-Generation PA-3060, PA-5060 firewalls to protect Data Center with the use of IPS feature
• Experience with Cisco ASA firewall Cisco security Manager (CSM) and migration from Cisco to Palo Alto
• Worked on network packet analyzer tools as, Wireshark, Microsoft Network Monitor, Snort
• Exposure to wild fire advance malware detection using IPS feature of Palo Alto
• Maintained and Configured Checkpoint VSX with firewall virtualization and checkpoint clusters
• Configuring rules and Maintaining Palo Alto Firewalls with IPS & Analysis of firewall logs
• Worked on automating process for migration of security policy using Palo Alto Migration tool 3.0 and Symantec Endpoint Protection
• Experience on Cyber Security & Penetration Testing tools such as, Metasploit, SQL Map, Appscan, Burp Suite, Nmap, Nessus Vulnerability Scanner and familiar with shell scripting
• Worked on SIEM tolls such as Splunk, SolarWinds, LogRhythm
• Worked on bluecoat proxy to optimize WAN Performance by analyze and scan malwares to protect the infrastructure and URL filtering
• Advance knowledge on Network segmentation and checkpoint Next-generation firewall GAIA R77.30 host migration as well as the QoS of the LAN network

Confidential, Columbus, OH

Network security Engineer

Responsibilities:

• Planning and designing of corporate Firewalls architecture by implementing it in distributed environment.
• Maintaining Corporate Firewalls & Analysis of firewall logs
• Experience with working on some ecommerce technologies
• Experience on Check Point Next-Generation Firewalls R65, R70, R75.
• Worked on Juniper NSM central management software
• Worked on Imperva web application security for Logging, Monitoring, Data leak prevention, network and platform security.
• Configuring Juniper NetScreen Firewall Policies between secure zones using NSM (Network Security Manager)
• Advance knowledge of Amazon Web Services (AWS) with broad IT infrastructure services, Deep visibility into compliance and governance and Hybrid Cloud capabilities
• Strong knowledge under Imperva web application firewall for monitoring for In-depth analysis of attacks and SIEM tools such as Splunk for analysis and log monitoring
• Verifying & configuring the rule-sets on firewalls. (Firewall Change Request processing).
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs
• Experience with network based F5 Load balancers with software module Access Policy Manager (APM) & Checkpoint Load Sharing on checkpoint clusters
• Configure Cisco routers 2960-X, and switches 3750
• Bluecoat proxy server’s setup, configuration, upgrade and Troubleshooting with optimization of WAN Application, SSL traffic, Web traffic, URL filtering & Content filtering.
• Experience with LTM & GTM F5 component to provide high availability with providing services across data centers.

Network Engineer

Responsibilities:

• Responsible for Internal and external accounts and, managing LAN/WAN and checking for SSL Security Settings of the networking devices (Cisco IOS, Router, switches) coordinating with the system/Network administrator during any major changes and implementation
• Migration of RIP V2 to OSPF, BGP routing protocols.
• Configured EIGRP for Lab Environment.
• Cisco routing and switching technologies and devices LAN/ WAN, VPN, Routing protocols, VLANs, Trunking, Cabling, IOS administration
• Advance Knowledge in Cyber Security and Ethical hacking
• Experience with Cisco IOS and NS-OS.
• Configuring Port Mirroring, VLAN,SMTP, STP, RSTP, SNMP, and Routing Policies on switches
• Working with Client teams to find out requirements for their Network Requirements.
• Proficient in VPN technology and TCP/IP protocols
• Dynamic routing protocol configuration (RIP, RIP V2).
• Troubleshooting network problems and working knowledge of HTTP, SNMP, HTTPS, SMTP, DNS, DHCP, etc.
• Implementation & troubleshooting of complex WAN, LAN, VLANS, private VLANS, high availability solutions like HSRP, VRRP, GLBP, ether channels, site- to- site VPN, access control lists, NAT, PAT, routing solutions etc.
• Use of TCP Dump to troubleshoot access issues.
• Configuring VRRP, Static route, BGP, Routing policies, ACL and Managed network connectivity and network SSL Security, between Head offices and Branch office