SUMMARY:

• 6 year’s extensive experience in installation, administration and networking in various environments.
• Experience in Checkpoint firewalls, Palo Alto Firewalls, Juniper Firewalls, Cisco WSA/CWS, Cisco ASA, SSL VPN, Cisco Nexus, Cisco ACS, Cisco ISE, IPS, and Microsoft TMG.
• Knowledge and experience of TCP/IP architecture, TCP/IP protocol suites and dynamic routing protocols including RIP, IGRP/EIGRP, OSPF, and BGP (eBGP / iBGP )
• Thorough knowledge of Windows Vista, XP, Windows Server 2003; 2008; Windows NT; TCP/IP.
• Capabilities include an extremely broad knowledge base and familiarity with the latest cutting - edge technologies, including firewalls, VPN, IDS, and IPS. In-depth knowledge of TCP/IP, high availability, load balancing, and remote management complements outstanding relationship management, analysis, and problem resolution skills as well as outstanding organizational, multitasking, and team building skills at all levels.
• Implementing & maintaining tools like Snort (IDS), MRTG, JFFNMS, Netflow Analyzer, Tufin, Splunk, Wire shark, TCPDUMP, HP Open view, Cisco Works, Bluecoat, Algosec, Infoblox and NTOP
• Installed and configured Bluecoat ProxySG in the network for web traffic management .
• Assisted in the migration of policies from the formerly used Netscreen firewalls to the current Juniper SRX firewalls.

TECHNICAL SKILLS:

Operating Systems: Windows Vista/XP/7, Linux (Red Hat)

MicrosoftServers: Windows Server 2003; Windows Server 2008

Firewalls: Palo Alto Firewall, Checkpoint, Cisco Firewall Service Module, and Cisco PIX, Cisco ASAPlatforms: Microsoft Windows XP/2000/NT, Red Hat Linux, Sun Solaris UNIX, & Nokia IPSO

Virtualization: Microsoft Virtual Server 2008 R2, VMware.

PROFESSIONAL EXPERIENCE:

Confidential, Ohio

NETWORK SECURITY ENGINEER/FIREWALL ENGINEER

Responsibilities:

• Worked for IT Security Projects Team.
• Responsible for Major and Minor projects, total of 11 projects.
• Understanding of application requirements from Security/Firewall perspective.
• Worked on Cisco ASA firewalls- 5585, 5580, 5540 and Palo Alto Firewalls - PA 500, PA 5050
• Knowledge of ASA software version 8.4 and 8.2
• Responsible for eliminating password fatigue and security lapses by deploying a secure, centralized vault for password storage and access
• Worked on improving IT productivity many times by automating frequent password changes required in critical systems
• Configuration and troubleshooting of Cisco and Palo Alto firewalls.
• Worked on Panorama M100.
• Understanding of defining firewall policies and installing them without causing any impact.
• Knowledge of PAN-OS 5.0.0 to 6.0.10
• Knowledge of Tap mode, VWire mode and L3 mode for Palo Alto firewalls.
• Experience in installation of new firewalls in new environment with no or minimum impact to traffic.
• Configuration and troubleshooting of VPN.
• Responsible for configuring, monitoring and administering Websense Web Filter for Internal user web access.
• Defining firewall rule categories and using best practices to make it precise as per the requirement.
• Responsible for designing and implementing Internet filtering using Websense.
• Understanding of Project deadline, high priority issue and providing support while Go live phase.
• Knowledge of writing Technical Document.
• Ticket management on BMC Remedy and Change request process.
• BlueCoat WAN Optimization and acceleration implementation
• Configured Reverse Proxy, URL filtering and content filtering using Bluecoat proxy SG devices.
• Implemented URL filtering requests in Bluecoat Proxy SG for website blocklist and whitelist
• Experienced on Juniper (Junos OS & Netscreen OS) to Cisco Firewalls migrations/Rule conversion
• Primary responsibility is to design and deploy various network security & High Availability products like Checkpoint Secure Platform, JUNOS, and other security products

Network Security Engineer

Responsibilities:

• Responsible for handling security devices deployed globally (NA, APAC, EMEA regions) - Firewalls, VPN, ACS, WSA/CWS, IPS, Application Firewall, ISE, Microsoft TMG.
• 24/7/365 technical support calls- L2 and L3.
• Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls (160+ firewalls) - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
• Knowledge of PAN-OS 5.0 to 6.0
• Configuration, Troubleshooting and Maintenance of Checkpoint Firewalls (20 firewalls) - IP395 and IP560.
• Knowledge on Checkpoint- management and logging server R75, R77 Gaia OS.
• Experience on Checkpoint firewalls with R65, R70, R75, and R76 version IPSO 6.2 OS.
• Hands-on experience on Cisco ASA Firewalls - ASA 5550.
• Troubleshooting the VPN tunnels by analyzing the debug logs and syslogs.
• Serve as lead on configuration and troubleshooting VPN's on all vendor firewall devices.
• Hands-on experience on Cisco WSA/CWS with Cloud connector mode -S170, S370 and S670 .
• Knowledge of ASYNC-OS 7.5.0 to 8.0.5
• Knowledge of modifying and maintaining the Proxy Pac file.
• Worked on Cisco ISE 3300 series -wireless access and sponsor portal.
• Knowledge of ISE version 1.2.0.
• Configured and monitored the Websense Web Filter for External user web access .
• Maintenance of Cisco ACS server - Authenticating, Authorization and Accounting for several Network Devices in the environment. Versions 4.2 to 5.2
• Worked of Radware DefensePro IPS devices-inline mode
• Configuring and Troubleshooting of Radware Application Firewall (AppWall).
• Experience on Radware ApSolute Vision management server for IPS devices monitoring, maintenance and troubleshooting purpose.
• Responsible for maintenance and troubleshooting of Microsoft TMG-threat management gateway 2010 for LYNC, OWA and Active-Sync servers.
• Performed URL web filtering migration from the Blue Coat and Websense to Palo Alto firewalls.
• Responsible for Security Devices configuration backup and software updates/bug fixes.
• Knowledge of writing System Maintenance and Technical Document (SMTD).
• Ticket management on Service-Now and Change request process.
• On-Site primary point of contact for Security Operations team.

Network Engineer

Responsibilities:

• Managed a team of ten security analysts who provide a security event analysis roll, level-one network security engineering support, and a switchboard function for the SOC
• Managed user accounts, groups, print queues and controlling access rights using Active Directory.
• Responsible for managing Citrix Server 4.0 and configuring Citrix clients.
• Installed, configured, performed troubleshooting and deployed SP1 for Windows 2003 Servers.
• Performed day-to-day administration functions, backup & restoration, file server maintenance.
• Supported all remote offices and home-based users using NetMeeting, VNC and Cisco VPN.
• Configured DHCP, F5 load balancers, VLANs and 802.11g/n
• Created images for various divisions for all desktops and laptops using Ghost.
• Solely responsible for all IT decision making, support and administration at a site of more than 200 ‘demanding users’ in a fast paced architectural and engineering environment.
• Implemented a new in-house printing solution that includes Xerox multi-functional copier, printers, scanners and wide format printer.
• Empowered the team to be capable in providing level-one support for the Network Security Engineering team by providing formal hands-on training and by implementing step-by-step procedures
• Ensured the team has quarterly/annual objectives and goals
• Ensured the team performs quality analysis of security events via routine audits/coaching
• Provided customers accurate and insightful analysis of security events in a timely manner
• Ensured all team members providing top notch customer service via routine audits/coaching
• Ensured all work within team is being recorded in a work order, copiously notated, and ensuring the requests are addressed in timely fashion
• Provided technical support for hardware/software configurations and applications.
• Administered and supported local/LAN printers, LAN IDs in Novell.
• Administered/provided troubleshooting for Lotus Notes and MS Outlook.
• Utilized Remedy for call logging.
• Created and instructed intensive internal technical/procedural training program(s) in place to continue raising the bar for technical/procedural knowledge within the team
• Ensuring sufficient coverage is in place for all three shifts 24/7.