We provide IT Staff Augmentation Services!

Sr. Network Security Engineer Resume

Harvey, IL

PROFESSIONAL SUMMARY:

  • 8.2 years of professional experience in Network Planning, Implementing, Configuring, Troubleshooting and Testing of networking system on both Cisco and Juniper Networks
  • Experience with escalating problems for Routing, Switching and WAN connectivity issues using ticketing system remedy
  • Expertise in configuring and troubleshooting of Palo Alto, Juniper Netscreen & SRX Firewalls and their implementation
  • Experience Configuring and troubleshooting multivendor devices like Cisco ASA 5585, 5550, 5540, Juniper SRX series for Branch/Datacenter Setup. Configured Palo Alto Firewalls like PA - 7050, PA-5050 and PA-3060 devices with Panorama for Management.
  • Experience in implementation and troubleshooting of Datacenter devices like Nexus 7000, Nexus 5000 and Nexus 2000 Series devices with VDC's /VRF’s configurations.
  • Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.
  • Designed, configured and implemented LAN/WAN/Wireless networks in 30 remote offices domestic and globally consisting of Cisco 4510R-E and 3850X Core switches, Cisco 2921 WAN router, Aruba Mobility controller, and Palo Alto firewalls.
  • Experience on Working with Cisco Nexus switches, 7000, 7700, 5500's 2000's (VDC/VRF/VPC) configurations.
  • Experience deploying BIG-IP F5 LTM, GTM Load Balancers for load balancing and traffic management of business application.
  • Experience in troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as EIGRP, OSPF, and BGP with ability to interpret and resolve complex route table problems.
  • Experience in migration of networking devices in a multivendor network with devices like Cisco, Juniper, F5, and Palo Alto Networks
  • Demonstrated success record in: Managing multiple tasks with proven ability to meet deadlines and proactively identifying the problem to solve complex technical issues.
  • Highly enthusiastic, creative team player, project implementation, analytical, interpersonal and communication skills.

TECHNICAL SKILLS:

Cisco Platforms: Nexus 7K, 5K, 2K & 1K, Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 3850 4500, 2900, 6807 series)

Juniper Platforms: SRX, MX, EX Series Routers and Switches

Networking Concepts: Access-lists, Routing, Switching, Auditing, Subnetting, Designing, CSU/DSU, IPsec, VLAN, VPN, WEP, WAP, MPLS, VoIP, DMVPN,Bluetooth, Wi-Fi, EIGRP.

Firewall: ASA Firewall (5505/5510),Checkpoint, Cisco ASA

Network Tools: Solarwinds, SNMP, Cisco Works, Wireshark

Load Balancers: Cisco CSM, F5 Networks (Big-IP)

WAN technologies: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1,DS3,OC3, T1 /T3 & SONET

LAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port-channel, VLANs, VTP, STP, RSTP, 802.1Q

Security Protocols: IKE, IPsec, SSL-VPN

Networking Protocols: RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA, IPv4 and IPv6

Operating System: Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix

PROFESSIONAL EXPERIENCE:

Confidential, Harvey, IL

Sr. Network Security Engineer

Responsibilities:

  • Provided the network recommendations according to the existing configuration and building reports including diagrams.
  • Supporting management with the ground work in preparing data sheets with all the devices and there IP address and serial numbers.
  • Experience working on multiple projects in route, Switch, auditing firewall configuration and provide the suitable recommendations.
  • Identified opportunities for implementation of network best practices, particularly Palo alto, ASA firewall, Aruba Controllers and Clear pass management implementations.
  • In-depth knowledge on Aruba clear pass management and monitoring connected devices.
  • Lead person in handling the clear pass management in adding and assigning access to internal wireless partner network for BYOD / Company owned devices and troubleshooting.
  • Managing the MDM server (Mobile Device Management) for the networks handles sites for the access to the Exchange on the mobile (Android & Apple), I Pad’s (company & personal) owned.
  • Worked closely with the server team in creating the SAN storages on the baled switches and assigning interface with VLAN.
  • Responsible for troubleshooting complex networking issues in service provider MPLS & internet.
  • Identified opportunities for implementation of network best practices, particularly F5 load balancer implementations.
  • Worked closely with the Desktop Team in migrating all the windows 7 to the Win 10 Machines for the new building and assigning network Access and troubleshooting.
  • Have good experience in troubleshooting the Wireless network issues.
  • Provided Recommendations and creating New SSID’s with the 802.1X authentication for the wireless access to University of Chicago medicine staff vising other work locations.
  • Handling tickets for the network wired/ wireless issues and Primary person for the Cleanup project on the BYOD MDM management.
  • Worked extensively on Cisco ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.
  • Worked Closely with Palo Alto Network for the upgrading and reconfiguring the policies and troubling shooting the Log issues hitting the Palo-alto.

Confidential, Dallas, TX

Sr. Network Security Engineer

Responsibilities:

  • Installed Palo Alto PA-3060 firewalls to protect Data Center
  • Worked on data center segmentation project to create segmentation between the user and server traffic by deploying Palo Alto firewalls (5250s) in the datacenter including cabling to the Nexus 7K VDCs
  • Maintained Palo Alto firewalls Creating zones, adding rules and maintained the policies on PA 220 series,3020,5220
  • Creating network object groups and Access Control lists and Object group services on Cisco ASA 5500 as per client needs.
  • Work on Change Management for migration from Cisco ASA to Palo Alto
  • Maintenance and support for access layer CISCO Catalyst 6509, 6513, 3750 switches
  • Setting up Modality Data Center (MDC) in Dallas and Maintain and setup/disconnect MDC VLAN to data jacks within the Dallas building as needed.
  • Configured Splunk on AWS VPC that collects and indexes log messages, analyses them to deliver real time operational intelligence anywhere across the organization
  • Used Python Scripting to load completely new configuration file.
  • Dealt with implementation of Cisco ASA 5585 devices and Juniper SRX 550 devices to apply security policies on it.
  • Experience configuring VPC(Virtual Port Channel), VDC(Virtual Device Context) in Nexus 7010/7018
  • Replaced the Legacy 3750 stack wise with Juniper EX 4200 switches in the LAN Environment
  • Experience in Configuring the DNS and DHCP for servers using Infoblox.
  • Experience in Administering the Infoblox Core DDI (DNS, DHCP & IPAM) devices and AD integrated DNS, DHCP and IPAM.
  • Responsible for the configuration of access lists to permit or deny traffic corresponding to various zones in NDC, RDC and RRDC Datacenters on Juniper SRX-3400 devices
  • Configure various LAN switches such as CISCO CAT 2900, 3550, 3850 4500, 6509 switches and Access layer switches such as Cisco 4510, 4948, 4507 switches for VLAN, Fast Ether Channel configuration.
  • Maintenance and support of the NEXUS core switches (Nexus 7010, 7018) and other nexus devices such as, 5010, 2148 devices)
  • Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
  • Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems during the conversion of existing point to point circuits to MPLS

Confidential, Voorhees, NJ

Sr. Network Engineer

Responsibilities:

  • Experience with Palo Alto Network firewalls such as security NAT, Threat prevention & URL filtering. PANDB migration and code upgrades for Palo Alto Firewall.
  • Good understanding of industry standard security frameworks.
  • Configuration and troubleshooting of Firewalls ASA 5520, ASA 5510,
  • Dealt with implementation of Cisco ASA 5585 devices and Juniper SRX 550 devices to apply security policies on it
  • Implemented antivirus and web filtering on Juniper SRX 240 at the web server.
  • Successfully implemented the datacenter segmentation project with 7K, 5K and 2K Cisco Nexus architecture, ISR and ASR 1001, 1004, 1006 series routers, F5 BIGIP 4000s and 7200v load balancers and Palo Alto Pa-5000/3000 series firewalls.
  • Experience working with Nexus core 7010, 7706, 5500 and 5600 series switches and 2000 series Fabric Extenders.
  • Deployed BIG IP Enterprise manager to cluster all the F5 LTM, GTM, ASA, Netscreen devices for easier management and common configurations.
  • Automated network implementations and tasks and designed monitoring tools using python scripting.
  • Involved in the migration of F5 Local traffic managers of LTM 5100 series to LTM 6800 series for higher.
  • Extensive use of NSM (Network and Security Manager) and CSM (Cisco Security Manager) for adding or modifying firewall policies for the firewalls in use.
  • Experience on Working with Cisco Nexus switches, 7000, 7700, 5500's 2000's (VDC/VRF/VPC) configurations
  • Setup testbed with Juniper QFX 5100 and Nexus 7010, Nexus 5548 devices for testing interoperability with Juniper/Cisco Devices
  • Implemented F5 hardware refresh of older 3600 hardware to Viprion.
  • Mapped, Network Diagrams and physical identification in MS Visio.
  • Preformed IOS upgrades on Cisco routers and switches
  • Worked with engineering team to resolve tickets and troubleshoot L3/L2 problems efficiently.
  • Configured Cisco 2800, 3800 routers and 3750, 4500, 6500 switches as part of the implementation plan.

Confidential, Baltimore, MD

Firewall Engineer

Responsibilities:

  • Experience working with Nexus 7018/7010, 5020, 5548, 2148, 2248 devices
  • Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000.
  • Involved in upgrading switches from 6500 E to 4500-X.
  • Implementation of BGP to optimize WAN routing on the core and edge routers.
  • Mutual redistribution of OSPF and BGP routes using route maps.
  • Involved in upgrades to the WAN network from existing 7200vxr with ASR1004 and 3845/3945 routers.
  • Responsible for monitoring alerts through tools like Solarwinds Orion, xenoss, scrutinizer in the Production environment as a part of first response for the service desk.
  • Technical Lead for EIGRP to OSPF Migrations for multiple sites and Implemented Virtualized areas among OSPF areas and Redistribution Techniques between OSPF and EIGRP.
  • Configuring rules and Maintaining Palo Alto & Analysis of firewall logs using various tools.
  • Build Cisco UCS 6200 series fabric interconnects.
  • Experience in Layer 3 routing - Cisco Routers: 2500, 2600, 3600, 3800, 3900, 7200 series, ASR 9000, 9001, 9006 series
  • In-depth knowledge of Cisco ASA and Juniper Netscreen Firewall security, spanning-tree, VLANs, TCP/IP, RIP, OSPF, QoS, VRRP and VPN technologies.
  • Worked on F5 BIG-IP LTM 8900, configured profiles, provided and ensured high availability.
  • Provides Level-3 incident response and problem management support for IP Telephony platforms, interfacing with other key Corporate IT teams, such as LAN, WAN, Security and/or IT Service Center
  • Worked on F5 and CSM load balancers deploying many load balancing techniques with multiple components for efficient performance.
  • Configuration and maintenance of routers, firewalls, and F5 load-balancers. Included configuration of Juniper ISG 2000, Juniper EX4200, F5 BIG-IP 3600, and Cisco 6500. Includes protocols such as MPLS, BGP, OSPF, and VRRP.
  • Also worked with Cisco ASA's 5505 and 5520, 5512X, 5515X.
  • Developed and implemented core network consolidation plan. Included redundant configuration of Juniper EX8200.
  • Racking, Stacking, configuring, Nexus 5K, 7K,and 9K, Static pinning fabric interface connection, PortChannel fabric interface connection, configuring a Fabric PortChannel Created Build-Outs of New Safe Zone in Palo Alto Panorama VLANs, VIP, IP, VRF, BGP.
  • Configuring Static, IGRP, EIGRP, and OSPF Routing Protocols on Cisco ASR 9000, 9001, 9006, 6500 series Routers.
  • Created labs for F5 APM, ASM, and LTM implementations of Microsoft Exchange, Microsoft SQL, Microsoft IIS services, LAMP servers,
  • Created VSYS Builds from Checkpoint to Palo Alto Panorama Database Zone, Access Zone.
  • Migrated over 50+ 3845 infrastructure to a 3945 series router. The new platform positioned corporate-wide move to IPv6 to support depletion of IPv4.
  • Identified opportunities for implementation of network best practices, particularly F5 load balancer implementations.
  • Configuration and troubleshooting on HSRP, VRRP, GLBP, RSTP, MST related issues coming in network environment

Confidential, Providence, RI

Network Engineer

Responsibilities:

  • Maintain and track the status of device supplied to the client.
  • Coordinating with JTAC for faulty part replacement and configuring standby device to support the customer with minimal downtime.
  • Implemented Juniper firewall &switches.
  • Installation & Maintenance of Juniper switches routers &firewalls.
  • Implementing and maintaining WAN/LAN and WLAN networks in different diagrams
  • Study of migration of the old WAF infrastructure from DenyAll to F5 BIG IP ASM technologies.
  • Responsible for providing support for IT infrastructure in the laboratory. Surveillance activities for physical and virtual switches. OpenFlow, 802.1x and MAC authentication test.
  • Deployed BIG IP Enterprise manager to cluster all the F5 LTM, GTM, ASA, Netscreen devices for easier management and common configurations.
  • Involved in the migration of F5 Local traffic managers of LTM 5100 series to LTM 6800 series for higher security.
  • Design and integration of Juniper SSG series firewalls, SA VPN Appliances, J series Routers and EX-series switches.
  • Configuring Routing protocols like BGP, OSPF, MPLS, multicast and L2 protocols in ASA to check it is passing through via ASA in customer deployments.
  • Perform Packet shaper Bluecoat 75000 OS upgrade, maintenance and configurations
  • Configuring RIP, OSPF and Static routing on Juniper M and MX Series Routers
  • Configuring VLAN, Spanning tree, VSTP, SNMP on EX-series switches
  • Maintain connectivity for approximately 300 switches and routers in a 500+ node network.
  • Troubleshooting any and all network problems involving LAN, WAN, BGP, EIGRP, MPLS/VPN, VRF - VPN Routing and Forwarding Instance, SIP Trunking, Internet ISP, Multi homed - BGP with Level-3 Datacenters.
  • Implemented cluster and configuration of SRX-110 Juniper firewall.
  • Installed Trapeze-MX 2800 wireless controller and light weight access points.
  • Working with MPLS Designs from the PE to CE.
  • Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks
  • Design and deployment of MPLS QoS, MPLS Multicasting per company standards.

Confidential, San Jose, CA

Network Operations Engineer

Responsibilities:

  • Actively participated and completed many projects based on MPLS VPN, Internet Solutions for corporate customers Backbone.
  • Hands-on experience working withCisco 7600, 12K, ASR routers & Juniper MX series and Juniper BRAS.
  • Currently working on wireless upgrade project for Allegheny Health network and their EPIC roll out.
  • Designing, Provisioning and Installation of the Customer Sites in Oracle IPSA for MPLS Backbone.
  • Verifying IPv4/IPv6 Addressing Architecture.
  • Verifying Dynamic Host Configuration Protocol for IPv6 (DHCPv6) and DNSv6 options.
  • Managing proxy server for branches and head office for internet access through Bluecoat Proxy SG600 for URL Filtering, traffic acceleration and visibility reporting with Bluecoat reporter.
  • Configuration and troubleshooting of many link types i.e. SONET Controllers for sub E1/T1, E3/T3 and POS controllers for STM1 links.
  • Work on Checkpoint Platform including Provider Smart Domain Manager. Worked on configuring, managing and supporting Checkpoint Gateways.
  • DNS Zone administration for 13 countries across EU for COLT customers.
  • Implementation and testing of ISDN BRI/PRI circuits.
  • Migrated Vlans from ASA (perimeter firewalls) to FWSM’s for better security management
  • Responsible to troubleshoot the connectivity between CPE router and the COLT's edge router (SAR).
  • Worked closely with RIR(Regional Internet Registry) to procure PI(Provider Independent) and PA
  • Responsible for troubleshooting complex networking issues in service provider MPLS & internet
  • Set up DNS Reverse Delegation according to RIPE rules in RIPE Database.

Confidential

Jr. Technical Network Engineer

Responsibilities:

  • Configured Cisco Routers for OSPF, RIP, IGRP RIPv2, EIGRP, Static and default route.
  • Performed troubleshooting, while maintaining trouble ticket tracking, following internal/external escalation procedures and customer notifications.
  • Supporting Development team for the access to corporate network and outside world. Providing access to specific IP, Port filter and port access.
  • Configured the Cisco router as IP Firewall and for NAT, Switching (Ethernet) related tasks included implementing VLANsand configuring ISL trunk on Fast-Ethernet channel between switches.
  • Installing new equipment to RADIUS and worked with MPLS-VPN and TACACS configurations.
  • Installing and maintaining local as well as network printers.
  • Validating existing infrastructure and suggesting new network designs.
  • Working on creating new load balancing policies by employing BGP attributes including Local Preference, AS-Path, and Community, MED.
  • Providing technical support to LAN & WAN systems.
  • Configuring all the required devices and equipment for remote vendors at various sites and plants.
  • Monitor performance of network and servers to identify potential problems and bottleneck.
  • Real-time monitoring and network management using Cisco Works LMS.
  • Provided technical support for hardware and software related issues to remote production sites.
  • Performed administrative support for RIP, OSPF routing protocol.
  • Maintained redundancy on Cisco 2600, 2800 and 3600 router with HSRP.

Hire Now