We provide IT Staff Augmentation Services!

Network Security Specialist Resume

Concord, CA

SUMMARY:

  • About 7+ years of professional experience in Network planning, implementation and support.
  • Configuring, Troubleshooting and Testing of networking devices.
  • Experience in network protocols, Firewalls and Communication Network design.
  • Ability to provide 24x7 on - call support as required.
  • Working knowledge of TCP/IP protocol suite and OSI layers
  • Sound knowledge of Routing and Switching concepts and Proxy design.
  • Strong hands on experience in layer-3 Routing and layer-2 Switching. Experience working on Cisco 3800, 3600, 2800, 2600, ASR9000 series Router and Cisco 2900, 3500, 4500, 5500, 6500 series switch, Juniper EX series and Nexus switches.
  • Strong hands on experience on ASA (5506/5540/5585 ) Firewalls. Implemented security policies using firewall ACLs, NATs, IPSEC VPN.
  • Knowledge at physical layer level cabling, IP address management, storage and racking network devices
  • Experience with Routing Protocols - (RIPV2, OSPF, EIGRP & BGP), ACL's, NAT, VLAN, STP, VTP, HSRP & GLBP
  • Good knowledge of migrating and troubleshooting proxy infrastructures handled separately for users and servers.
  • Troubleshooting Cisco, Juniper network routers/switches.
  • Worked on ACE load balancers. Experience with F5 load balancers - LTM, GTM
  • Implementing and troubleshooting layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP and RSTP.
  • Hands on experience with migrating vpn infrastructure from 3000 concentrators to Cisco ASA firewalls.
  • Extensive experience with design and troubleshooting 3rd party vendor IPSEC, SSL VPNs.
  • Strong experience with Websense Triton Manager in migrating and maintaining proxy infrastructure.
  • Experience with configuration and deploying cradlepoint routers.
  • Knowledge on configuring Cyclades for out of band network management.
  • Good experience with Cisco, Palo Alto firewall rules, ACLs, NATs, URL filtering concepts.
  • Dealt with Cisco IP phones and VOIP devices and configuration and troubleshooting VoIP issues on the network and did the documentation accordingly with changes.
  • Clear and crisp written and oral communication skills.
  • Good team player and able to work under short deadlines.

TECHNICAL SKILLS:

Equipment: Cisco (3800, 3600, 2800, 2600, 2500 series), Cisco Catalyst switches (6500, 4900, 3750, 3500, 2900 series), Nexus switches, Cisco ASA Firewall (5506/5510/5540/5585 ), Juniper EX4500, EX8200, Palo Alto firewalls (PA 200)

Routing Protocols: RIP, IGRP, EIGRP, OSPF, IS-IS, BGP, HSRP, VRRP & GLBP Infrastructure services: DHCP, DNS, SMTP, FTP, TFTP

LAN technologies: Ethernet, Port- Channel, VLANS, VTP, STP, RSTP, 802.1Q

WAN technologies: Frame Relay, ISDN, ATM, MPLS

Network Security: Cisco ASA/FWSM/ASDM, Juniper SRX, ACE Module and F5 Load Balancers, PAN firewalls, NAT/PAT, Ingress & Egress Firewall Design, VPN Configuration, URL Filtering, IDS/IPS, TACACS/RADIUS

Network Management: SNMP, Cisco packet Capture, Wireshark, Syslogs, Qradar, Infoblox, Netdata, Telenium

PROFESSIONAL EXPERIENCE:

Confidential, Concord, CA

Network Security Specialist

Responsibilities:

  • Extensive work on legacy Proxy migration to Websense proxy infrastructure.
  • Research network documents to discover application and server owners, fill out questionnaire and work with proxy engineers to migrate the hosts to the new Websense platform.
  • Knowledge on DLP and Experience with setting up group policies, security profiles, URL categorizations in Websense.
  • Involved in building two separate Websense proxy infrastructures for both server and user connections and managed URL filtering categorizations and numerous troubleshooting issues related to AAA and Websense.
  • Experience with Firewall Administration, Rule Analysis and necessary modifications for Cisco ASA and Palo Alto firewalls.
  • Worked on migrating the Websense security infrastructure to the newer Palo Alto firewall URL filtering infrastructure.
  • Enabled the SSL decryption functionality for web traffic going out through PAN URL filtering over https.
  • Worked on creating Group policies, personal and group security profiles and URL categorizations under PAN URL Filtering infrastructure.
  • Managed and maintained URL Filtering and APP ID policies in Palo Alto URL filtering and Websense security infrastructures.
  • Troubleshooting and experience with solving issues related to SSL decryption and web page certificates.
  • Implementing firewall rules and policies including the NATs, ACLs, group policies on Cisco and Palo Alto firewalls depending on the project requirements and in troubleshooting issues.
  • Creating block pages for unsafe URL categorizations for corporate security and enabled blocking from detected probable security threat domains.
  • Prime experience in using network data tools like Netdata, Infoblox NETMRI, Qradar Logging console for data log inspection, management and troubleshooting.
  • Hands on Experience with Websense GUI and Palo Alto Panorama Console in maintaining day to day operational issues and firewall templates.
  • Hands on experience in configuring and setting up a couple of Cyclades ACS 5000s for Out Of Band network management.
  • Experience with configuring and managing Cradlepoint routers for internet connection incorporated with the B2B VPNs.
  • Worked on migrating the legacy VPN 3030 concentrators to the more advanced in terms of security and DR capable Cisco ASA VPN cluster infrastructure using Cisco ASA 5500 series firewalls.
  • Migrated and managed numerous IPSEC Vendor B2B VPN and SSL Vendor VPN using Cisco AnyConnect to Cisco VPN cluster infrastructure.
  • Setup a number of PG&E branch site-site IPSEC VPNs for various call centres, service centres, SOHOs and mobile trailers.
  • Knowledge and experience at CLI level with VPN troubleshooting involving issues with Phase1, Phase2, Encryption, Hashing and other VPN parameters.
  • Experience with staging firmware to network firewalls routers and switches.
  • Participated in Disaster Recovery Exercises twice a year in order to test and ensure the functionality of the redundant systems for Websense and VPN in case of an emergency event.
  • Worked as On-call specialist for the day on rotation basis to support network operational issues and Tier-1 Data-Center escalation requests.
  • Experience with creating and submitting work order tickets and Change process requests with detailed Method of Procedure, Back out Plan and Risk Analysis.
  • Maintain data integrity for database, application, and security and recovery requirements.
  • Provide clear communication and documentation of events, processes, procedures and configuration detail.

Confidential, Mattawa, IL

Network Engineer

Responsibilities:

  • Configured IP RIP, PPP, BGP and OSPF routing
  • Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, EIGRP, RIP, BGP v4. Configured IP access filter policies.
  • Identify, design and implement flexible, responsive, and secure technology services
  • Experience with Firewall Administration, Rule Analysis, Rule Modification
  • Configured and implemented Nexus 5K and 2K in lab environment
  • Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 7000.
  • Configuration and troubleshooting on Juniper EX4500 and EX8200 switches
  • Configuration and set up of Palo Alto firewalls for policy mgmt. and VPN's.
  • Test Equipment Network Instruments OPNET, Ethereal/Wireshark.
  • Troubleshoot traffic passing managed firewalls via logs and packet captures
  • Configured and resolved various OSPF issues in an OSPF multi area environment.
  • Managed fast Layer 3 switched/routed LAN/WAN infrastructure as a part of Network team. The LAN consisted of Cisco campus model of Cisco 3560 at access layer
  • Check for DNS issues by pinging the server’s name. Experience with Wireshark, TestTCP& OPNET
  • Worked with IOS upgrade of Juniper devices.
  • Involved with troubleshooting VOIP issues as part of Network team on call schedule.
  • Work with multiple ticketing and configuration platforms including: CIRAS, IMS, CMS, Access Care, Remedy and others
  • Configuring RIP, OSPF and Static routing on Juniper Routers
  • Designed and implemented Cisco VoIP infrastructure for a large enterprise and multi-unit office environment. Met aggressive schedule to ensure a Multi-office reconfiguration project which was successfully delivered
  • Configuration and troubleshooting of Cisco catalyst 6509,7613 with supervisor cards
  • Design, implementation and operational support of routing/switching protocols in complex environments including BGP, OSPF, EIGRP, Spanning Tree, 802.1q, etc.
  • Estimated Project costs and created documentation for project funding approvals.
  • Managed various teams involved in site surveys, cabling specifications, Network equipment installation and configuration.
  • Implemented redundant Load balancing technique with Internet applications for switches and routers.
  • Planned resources and presented project status to higher management.

Confidential, Menasha, WI

Network Engineer

Responsibilities:

  • Migration of RIP V2 to OSPF, BGP routing protocols.
  • Configured EIGRP for Lab Environment.
  • Implemented ISL and 802.1Q for communicating through VTP.
  • Working with Client teams to find out requirements for their Network Requirements.
  • Designing solutions for frozen requirements using Cisco Routers and Switches.
  • Deploying the network infrastructure to meet the requirements
  • Experience working with F5 Load Balancer LTM and GTM module
  • Created VLAN and Inter-VLAN routing with Multilayer Switching.
  • Substantial lab testing & validation prior to implementation of Nexus 5K & 2K connecting to blade servers
  • Leading the efforts for the migration towards 3G, and IMS Core network integration into the Xpress network
  • Completed service requests (i.e. - IP readdressing, bandwidth upgrades, IOS/platform upgrades, and etc)
  • Providing technical consultancy for better application response using QoS
  • Monitor performance of network and servers to identify potential problems and bottleneck.
  • Performed RIP, OSPF, BGP EIGRP routing protocol administration.
  • Installed wireless access points (WAP) at various locations in the company.
  • Maintained redundancy on Cisco 2600, 2800 and 3600 router with HSRP.
  • Real time monitoring and network management using Cisco Works LMS.
  • Provided technical support on hardware and software related issues to remote production sites.
  • Other responsibilities included documentation and support other teams

Confidential

Network Engineer

Responsibilities:

  • Managed network connectivity and network security, between Head offices and Branch office
  • Responsible for Internal and external accounts and, managing LAN/WAN and checking for Security Settings of the networking devices (Cisco Router, switches) co-coordinating with the system/Network administrator during any major changes and implementation
  • Responsible for the installation, configuration, maintenance and troubleshooting of the company network. Duties included monitoring network performance using various network tools to ensure the availability, integrity and confidentiality of application and equipment
  • Installation & configuration of Cisco VPN concentrator 3060 for VPN tunnel with Cisco VPN hardware & software client and PIX firewall
  • Configured application load balancing using F5 LTM.
  • Dealt with Cisco IP phones and VOIP devices and configured Voice VLAN’s for Prioritizing voice on the network and did the documentation accordingly with changes.
  • Configured, Managed and troubleshooting 802.1X authentication for windows server-client based environment.
  • Configured Firewall logging, DMZs & related security policies & monitoring
  • Creating Private VLANs & preventing VLAN hopping attacks & mitigating spoofing with snooping & IP source guard
  • Involved in troubleshooting of DNS, DHCP and other IP conflict problems
  • Implementation of name resolution using WINS & DNS in TCP/IP environment
  • Configured FTP server for inside/outside users & vendors
  • Implemented the security architecture for highly complex transport and application architectures addressing well known vulnerabilities and using access control lists that would serve as their primary security on their core & failover firewalls

Hire Now