SUMMARY:

• Skilled, accomplished, intuitive, result oriented and Certified Professional Network Security Engineer ready to influence experiences to provide high - level comprehensive, secure network, system analysis, and hands-on experience in all stages of system development effort, including requirements definition, design, testing, support and Troubleshooting. Subject matter expert with Cisco Routing, Switching, IPSec, SSL VPN, Campus Design, ASA and Checkpoint Firewall.

TECHNICAL SKILLS:

• Cisco: 6500 Series Cisco 4948, 4500, 3560, 3550 and 2900 Series Switches .
• OSI Layer, TCP/IP, LAN, WAN routing protocols including EIGRP, OSPF and BGP .
• Application/Software: MS Outlook, MS Office, Putty, Solar Wind.
• Operating Systems: Cisco IOS 12-15, Windows XP, Vista, Windows 7, Windows Server.
• Redundancy protocols HSRP, VRRP and GLBP
• Checkpoint 2200, 4200, 4400, 4600 and 12200 and ASA Firewall 5505X, 5515X, 5525X and 5545X.

PROFESSIONAL EXPERIENCE:

Confidential, NY

Network Security Engineer

Responsibilities:

• Responsible to implementation and operational support of enterprise Firewall ASA 5515X, 5525X and Checkpoint firewall GAIA operating system.
• Troubleshoot Cisco ASA Firewall, Checkpoint Firewall, SSL VPN connectivity and provide connection profile solution.
• Responsible for the creation and maintaining of standard configurations for all Checkpoint Firewalls .
• Work on Checkpoint Platform including Provider Smart Domain Manager.
• Work on configuring, managing and supporting Checkpoint Gateways
• Assist in troubleshooting complex layer 1, 2 and 3 connectivity using Smart Tracker analyzer and recommend solution for better performance.
• Involve in designing and various network security and high availability like Cisco ASA, Checkpoint and other security products.
• Monitor the real time traffic using Smart view Tracker and detect IP Spoofing.
• Work with network team to isolated traffic from current environment to various Cisco ASA firewall.
• Deal with everyday various sites troubleshooting issue including Checkpoint and ASA firewall.
• Implement Botnet filtering by using ASA Firewall and Cisco centralized database of IP address and domain that have been identified as being part of Botnet.
• Perform in conducting Redundancy test, Failover and Recovery Test, Compatibility Test, Regulatory Compliance Test, Installation Test.
• Configure, troubleshoot first hop redundancy protocol such as HSRP, VRRP and GLBP .
• Configure and Maintain connectivity issue LAN/WAN infrastructure at layer 2 and layer 3 devices.
• Conduct Switching tasks include VTP, 802.1q, VLANs, Trunking, STP, RSTP, Port Security, and Ether Channel.
• IP troubleshoot BGP, OSPF and LAN switches, secure every branch office switch .
• Manipulate BGP traffic with BGP Weight, Local Preference, AS-Path Prepending, BGP summery only, route-map, IP access-list, and BGP redistribution external and internal.
• 24/7 on call support provided on a bi-weekly rotational basis.
• Maintain standards, risk assessments, documentation and procedure related to security for the Information Services Production, Business Continuity, and Disaster Recovery environments.
• Develop and maintain comprehensive security documentation including design requirements, network diagrams, dataflow diagrams, application communication diagrams, support diagram and project documentation.
• Taken interviewed end user, manager and other remote worked and verified existing policy to reduce risk assessments. Also, supported end user any routing, port related issue in both firewall ASA and checkpoint
• Monitor firewall traffic, identify network open port in existing network security hole, take snapshot IP traffic to identify security vulnerability.
• Validate test to check boundary conditions and error messages documented the Test Results and present the daily and weekly report to Manager.
• Add new user in Centralized Servers and created user name and policy for user and management. Solve complex network connectivity issue, dedicated to solve end user network problem.
• Provide training and prepared documents for new employees in operations department.

Network Security Engineer

Responsibilities:

• Responsible to implementation and operational support of enterprise Firewall ASA 5515X, 5525X and Checkpoint firewall GAIA operating system.
• Designed and documented firewall rules like, NAT, VPN, mobile access VPN.
• Troubleshoot Cisco ASA Firewall, Checkpoint Firewall, SSL VPN connectivity and provide connection profile solution.
• Identified awareness, pushing firewall policy, app Control and URL filtered, Backed-up and Recovered firewall database, analysis IP network GAIA built up tools smart view Monitor, Smart View Tracker and TCP dumps.
• Configured firewall with high availingly mode VRRP Clustering technology, failover each firewall to ensure the firewall redundancy and troubleshoot for necessary requirement.
• Visited customer all remote site to troubleshoot various firewall including SIC communication and troubleshoot L3 connectivity.
• Implemented full mesh connectivity with Router, switch and checkpoint firewall to achieve full redundancy.
• Redesigned existing network and added L3 Switching, run EIGRP in ASA Firewall
• Supported, Documented and Evaluated operation of enterprise/departmental applications and enterprising network infrastructure to ensure HIPAA compliance and ensued applicable information security design considerations are appropriately inclusive within all new and existing Health System computing environments.

Confidential, NY

Network Engineer

Responsibilities:

• Converged network by using network protocol such BGP, OSPF, Static route and secure layer2 switch using industry standard compliance, Created appropriate VLAN, and trunk 802.1Q.
• Ensured HSR, port security in Cisco catalyst switch and routing protocol password authentication.
• Installed and configured new Cisco equipment including firewall, switches and routers including catalyst 6500,7200, and configured of new VLAN and extension of existing VLANs .
• Managed ACL in Cisco router and added new IP address edit existing IP addressing in Switches.
• Troubleshoot ACL, Advance TCP traffic inspection with various third party tools.
• Implemented VLAN, add VLAN, modify existing VLAN in 2950 catalyst and solved IP connectivity.
• Identified, access, and resolved complex networking and system issue/problem utilizing analytical and structured troubleshooting.
• IP network troubleshoot in various branch office, worked with end user connectivity issue. Used various network map tool identify network location and optimized network solutions.
• Planed and designed network infrastructure for multiple branch office for corporate requirements.
• Documented each changed in network infrastructure and reduced operating and managements cost.
• Collected existing router, switches and firewall configuration, analyzed all traffic in separated mode
• Managed network related backup system and restore protocols for data centers and improved comprehensive network and system documentation.