Network Security Engineer Resume
Scottsdale, AZ
SUMMARY:
- Network Engineer/security with good experience in installing, upgrading, troubleshooting, configuring and supporting variety of network and security devices using cisco Router/switch and Firewall.
- Worked on layer 2 protocol such as STP, VTP, RSTP, PVSTP+,MST and configuring switches from scratch.
- Experience on IP addressing, FLSM and VLSM Sub netting, ARP and ping concept.
- Worked on installing, configuring, of Cisco 7200, 3800, 3900,2800, 2900 series routers and Cisco Catalyst 2950, 3650,3750, 4500 series switch.
- Experience in configuring protocols HSRP, GLBP, VRRP, ICMP, OSPF, BGP, EIGRP, MPLS, RIPV2, PPP, HDLC, PAP,
- Worked on Cisco Firewalls ACLs, ASA 5500 series, knowledge of Juniper Firewalls
- Experience to adding Palo Alto Firewall to current network infrastructure. intergrade Cisco ISE with Cisco Firepower to enable automated remediation
- Upgrade Cisco 6500, 3750, 2960s, Nexus 5000, Nexus 2000, Nexus 7000 switch IOS software
- Innovated with support of Palo Alto for remote and mobile users and for analyzing files for malware in a separate (cloud - based) process that does not impact stream processing.
- Experience in adding Policies in Palo Alto firewall PA-500, PA-3020 using GUI 6.1.
- Exhibit strong communication, critical thinking, multitasking, and customer service skills
- Involved in the redistribution into OSPF on the core Palo alto firewall.
- Well experienced in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP, HDLC, PAP, CHAP, and SNMP.
- Worked on layer 2 security like port security, Port Fast, DTP, DHCP Snooping, Dynamic ARP Inspection.
- Working knowledge of solar wind Orion traffic monitoring tool and Splunk.
- Working knowledge of F5 load balancer LTM.
- Adept in preparing technical documentation and presentations using Microsoft Visio/ Office.
- Implemented traffic filters using Standard and Extended access-lists, Distribute-Lists, and Route Maps.
- Experience with MS Word, Access, Excel, PowerPoint and MS Outlook.
- Self-motivated, proactive, and can thrive in a fast-paced, mission-critical operations environment
TECHNICAL SKILLS:
Cisco &juniper Routers: 2500,,2800,,3600,3800,3900,7200,7600, mx240,mx960,T640,ptx 3000,ptx 5000
Cisco L2 & L3 switches: 2900,3560,3750,4500,4900,6500
LAN Technologies: VLAN,VTP,STP,RSTP,PVST,802.1x
WAN Technologies: HDLC, PPP, ATM, SONET, MPLS, VPN, IPSec-VPN
Network Securities: NAT/PAT, VPN, Filtering, IPSec VPN,ACL, Palo alto Firewall
Routing Protocols: RIP,IGRP,EIGRP,OSPF,BGP,IS-IS,HSRP,IPv6
Network Managements: SNMP, SSH, Telnet, ICMP
Tools and skill: Solar wids, splunk, netscout, Wire shark, OPNET, GNS3, VMWare, Secure CRT
Operating System: Windows,MS DOS,UNIX,Linux
PROFESSIONAL EXPERIENCE:
Confidential - SCOTTSDALE, AZ
Network security Engineer
- Responsible for firewall rule set migration from Cisco ASA to newly implemented Palo Alto.
- Responsible for implementing firewall technologies including general configuration, optimization, security policy, rules creation and modification of Palo Alto Firewalls. Extensive Packet level debugging and troubleshooting on Palo Alto Fire wall.
- Working with Palo Alto firewalls PA3020, PA5020 using Panorama servers, performing changes to monitor/block/allow the traffic on the firewall.
- Configuring rules and maintaining Palo Alto firewalls & analysis of firewall logs using various tools.
- Centrally managed all Palo Alto Firewalls using Palo Alto Panorama M - 100 management server.
- Implementing brand new Cisco ASA Firewalls with updated Security Policies.
- Perform firewall rule audit and optimization using Algosec.
- Configured Security policies including NAT, PAT, VPN and access control lists.
- Worked with different application team and firewall operation team to support firewall related issues using the Service now ticketing system and Create change request RFC for any production changes.
- Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
- Worked with snipping tools like Ethereal (Wireshark) to analyze the network problems.
- Hands on Experience working with security issue like applying ACL's, configuring NAT and VPN.
- Configuring and analyzing ASA firewall logs.
Confidential - ASHBURN, VA
Sr. Network Engineer
- Planned, coordinated, implemented and supported the 802.11x, VPN over wireless, security, LAN/WAN hardware, software and Internet/Intranet/Extranet integration network connectivity, diagnosed network failures and resolved any problems.
- Deploy Cisco ISE on Nexus 5000/7000 routers, Cisco switches, and Cisco ASA and FirePOWER firewalls
- Configuration of juniper routers mx 960, mx240, T640, T1600,PTX 3000,PTX 5000 with protocols BGP, OSPF, IS-IS, RSVP,MPLS Static Routing etc.
- Installation and troubleshooting of firewalls Cisco ASA, Imperva Web App Firewalls, Checkpoint firewalls and Juniper firewalls
- Knowledge and experience with Cisco Firepower 9300 and 4120 Fire Sight.
- Expert knowledge with configuring Cisco ISE 2.2.
- Supported the technologies like IWAN Solutions, APIC-EM, Prime Infrastructure and Cisco ASA.
- Designing and Implementing Cisco ISE 2.2 for Cisco Customers and clients with over 50,000 nodes
- Writing HLD, LLD, CRQ, NRFU and Test-Plans for Cisco ISE Implementations
- Responsible for Cisco ASA firewall administration across our global networks
- Provided Level-3 Network support for Cisco Switches and Cisco ASA 5500 Series Security Appliances.
- Preparation & Validation of equipment Configurations.
- Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS switching for stable VPNs.
- Assistance with network operational support procedures
- Implemented and Managed Cisco Nexus 7018, 7700 and Nexus 5596UP Switches configured with FEX 2248 extenders
- Troubleshooting of network issues
- Dealt with creating VIP pools, nodes and created custom iRules for the virtual servers like cookie persistency and redirection of URL on F5 ASM cookies issues and configures ASM policies
- F5 VIPRION hardware products like LTM, GTM series like 6400, 6800, 8800.
- Experience working on network security Palo Alto firewall Using Panorama for managing Palo Alto to provides a comprehensive, graphical view of network traffic.
- Complete implementation of Firepower Firewall protects threat from External attack. Unified Threat Management, Configuration of Remote VPN connectivity to remote location.
- Configure the FirePOWER chassis in clustered and then after HA mode to meet the clients ever changing design requirements
- Design Installation and Configuration of Cisco Nexus 9732k DMZ Switches
- To hold network information gathering workshops with the Customer to understand the Customer’s existing network design and technical requirements of new network designs.
- Worked on upgrading F5 device from 11.4 to 11.5.3 to remediate HTTP classes and profiles and Upgrading and relicensed F5 LTM.
- Configuration, migrations, upgrades of F5 Big IP LTM 3400, 6400, 8900 running v4.x to 10.2.x, Active/Standby.
- Implemented and Managed Cisco Nexus 7010, 7700 and Nexus 5596UP Switches configured with FEX 2248 extenders
- To troubleshoot equipment and network problems and to open and track JTAC cases through to problem resolution on pre and post production issues.
- Configured OSPF, Multicast and static route on Firewalls.
- To raise equipment’s Return Material Authorizations (RMA’s) and to track these through to problem resolution
- Experience with firewall administration, Rule Analysis and Rule modification.
- Working experience on frame relay, MPLS services, OSPF, BGP and, IS-IS routing protocols, sub-netting, also including DNS, LDAP, DHCP, http, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, VLAN, STP (Spanning tree Protocol), RTSP & Multicasting protocol
- To assist the Customer to develop Network Operating and Equipment Operating Procedures
- Implemented traffic filters using Standard and Extended access-lists, Distribute-Lists/Route Maps
- Support production environment of Juniper products within the Customer infrastructure.
- Managed all network infrastructures, including firewall, routers, switches, MPLS circuits.
- Support ongoing efforts in defining best practice policies for Juniper product applications used by Customer
- Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-Vlan routing, LAN security.
Confidential - NJ
Network Engineer
- Router, switches and Hub (Based on CCNA), configuration and maintenance of network devices such as computer, Printer, Scanner, Monitoring LAN/WAN
- Adding new devices on Solarwinds and manage the network alert and utilization.
- Functional experience of MPLS services, OSPF, EIGRP, BGP routing protocol, NAT, Sub-netting, DNS, LDAP, DHCP, HTTP, HTML, HTTPS, TCP/IP, UDP, SNMP, and spanning tree.
- Worked on configuring objects such as F5 Load balancer pools, members, SSL profiles for LTM on F5 load balancers.
- Comprehensive elementary configurations on the F5 BIG-IP LTMs load balancer on prevailing network to divide traffic on web-servers.
- Installed high availability BIG-IP F5 LTM 6900 and 7250 and GTM 6400 and 6800 load balancers to provide uninterrupted service to customers.
- Intergrade Cisco ISE with Cisco FirePOWER to enable automated remediation
- Manage the completion, expansion and relocation of the Data Center to adjacent buildings all with no downtime.
- Configuring TACACS, LDAP, and RADIUS for Cisco ASA firewalls
- Oversee the monitoring and management of all enterprise systems stability, availability, and performance (e.g., systems, networks, databases, storage, security) to meet service and operational level targets
- Work with other NOCs, datacenters and technicians on various tickets, alarms and outages in the regions
- Configuring and deploying BIG-IP LTM 8900 for providing application redundancy and load balancing.
- Change the SNMP string on Solarwinds and managed the port as per requirement.
- Reconciled enterprise Cisco FirePOWER deployment by updating software on the sensors and the management server, tuning the various policies, and piloting unused features such as Cisco AMP for Networks, URL filtering, and application control.
- SONET Engineering support and configuration for DWDM, SM and MM on OC3 up to OC192
- Primary installer and programmer for all IP Video, IP Access Control, Analog Video and Analog Access Control Systems.
- Wrote, directed and edited my short film "The Little Chapel" for Intro to Digital Video
- Responsible for the planning of the Cisco ISE deployment on the wired, wireless, and VPN networks
- Policy provisioning, access to specific segments of the networks through CISCO ISE.
- Engineered, configured and deployed routers using CISCO ISE.
- Experienced with Cisco Nexus 9300 platform and the N9K-X9564TX and N9K-X9564PX linecards.
- Experienced in working with Cisco 9000 switches for Automated VLAN and Virtual Extensible LAN (VXLAN), route injection, security configuration, analytics collection, and error reporting
- Designed and configured Fortinet Fortigate 90D for RMV branches.
- Monitor wireless Access-point, UPS, Router and switches using monitoring tool.
- Configuration of Cisco routers 7k, 3k, 2k with protocols EBGP, IBGP, OSPF, EIGRP, RIPV1-2, Static Routing etc.
- TCP, STP, ARP, NAT-PT, VLAN configuration, Routing protocol (EIGRP, RIP, NAT, IPV4,WLAN), Network Administration, Addressing subnet. configured and manage multiple F5's using GTM and LTM
- Configure F5 High-Availability
- Configure 2-FA Authentication using F5
- Standup VDI environment using F5 load-balancer
- IDS/IPS syslog review and parsing on a weekly basis
- Installed, Configured and troubleshoot the Network Routers and Switches in a Lab.
- Worked on Gateway Redundancy protocols like HSRP, VRRP and GLBP
- Deploy ISE virtual appliances because of the reliable VMware infrastructure and to keep costs down vs. purchasing a physical appliance
- Monitor, maintain and provision disparate DWDM equipment including but not limited to Infinera, Nortel, Fujitsu, Movaz, Lucent, Alcatel and Huawei platforms.
- I share a proficiency of various platforms, including CISCO, DWDM, and MPLS.
- Support Cisco IGX/BPX models, Cisco 12000s models, Cisco Enterprise 6500 switches, Nortel Optera 5200 and support of multiple client T1/E1/T3/DS3 and private DWDM network.
- Implemented traffic filters using Standard and Extended access-lists, Distribute-Lists/Route Maps
- Worked on IP Routing protocols BGP, OSPF and EIGRP. Analyze various computer operating systems and ensure better results and administer all management networking tools.
- Installed and configured DHCP services using Cisco Devices.
- Performed IOS upgrades on Catalyst 3550, 2950, 1900 switches, and 3600, 2600 and 2500 routers.
- Done testing of Cisco routers and switches in laboratory scenarios and then deploy them on site.
- Managed all network infrastructures, including firewall, routers, switches, MPLS circuits.
- Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-Vlan routing, LAN security
- Implemented security policies using Access-list.
- Worked on set-up, configuration and management of VoIP, Data solutions and IP Telephony Networks.
- Good knowledge on TCP/IP Stack and protocol including TCP, UDP, VLAN, IPV6.
- Experience on riverbed OPNET application for designing the network.
- Working knowledge of juniper Ex and QFX switches and Juniper routers, firewall SRX-series.
Confidential
Jr. Network Engineer
- Configured basic protocol on devices like Static Routing, RIP, EIGRP, OSPF, and BGP.
- Worked with L2 and L3 switching technology like VLAN Trunk, STP, PVST, RSTP, VTP and Ether Channel, 2.1q.
- Built and support VRRP / Cluster based HA of Checkpoint firewalls
- Troubleshooting of DNS, DHCP and other IP conflict problems.
- Troubleshooting L2/L3 environments
- Troubleshooting the issues with the MPLS VPN connectivity and Configured Virtual Routing Forwarding (VRF) on Cisco routers.
- Monitored and maintained Synchronous Digital Hierarchy transport equipment over an DWDM network,
- Optimized performance of the WAN network consisting of Cisco 3550/4500/6500 switches by configuring VLANs.
- Troubleshooting of Cisco 2800, 2900, 3700, 3900, 7200, 7600 routers.
- Configuration and troubleshooting of Site to Site as well as Remote Access VPN on Cisco ASA and Check Point firewalls.
- Designed and specified all of the telecommunications, SONET and OSP projects, power protection, and computer support equipment as well as telemetry and monitoring systems for remote offices .
- Handled the Activations and maintained the Equipment of high profile customers - Ranging from Ds0, Ds1 and Ds3 to SONET and VoIP Configurations.
- Installed, tested, and maintained the following SONET equipment: 1630SX O/M, 1603 SM SONET O/M, 1640 OADM O/M, 1680 OGM O/M, 1631 SX LMC SONET CROSS CONNECT O/M, and Integrated Multi-Rate Transport Node
- Creating PVLANs and preventing VLAN hopping attacks and mitigating spoofing with snooping and IP source guard.
- Well experienced on IP addressing, FLSM and VLSM Sub netting, ARP and ping concept.
- Worked on Cisco IOS upgrade and Restore from TFTP server.
- Good knowledge of redundancy protocol like FHRP, NHRP, HRSP, VRRP.
- Responsible for installing and supporting network hardware, software, and applications on PC and Apple computers.
- Knowledge of networking standards, LAN/WAN protocols, cable standards and IP addressing
- Solid understanding and troubleshooting of Transport Network operations such as SONET and DWDM signal flow.
- Performs circuit provisioning through the cross connects of SONET, TDM, and DWDM network equipment.
- Handle responsibilities of analyzing hardware and software problems and select proper corrective action.
- Experience of deploying Cisco routers and switches, and administer Network Monitoring services
- Responsible for monitoring, troubleshooting, configuring, and deploying LAN/WAN solutions.
- Skilled in MS Word, Excel and PowerPoint, Legal Solutions, Internet, and Email.
- Proficiency in handling Network Monitoring tools and Packet capture tools.
- Adept in preparing technical documentation and presentations using Microsoft Visio/ Office.