PROFESSIONAL SUMMARY:

• Over 8+ years of professional experience in Network engineering with Cisco Certified Network Professional and Palo Alto certified network Security Engineer performing Network analysis, design, Implementing, capacity planning with a focus on performance tuning and support of large Enterprise Networks.
• Experience working on Cisco Catalyst Series 3750, 4500, 6800, 6500, 9300, 9400, 9500; Nexus 2000, 5000, 6000 and 7000 series switches.
• Implementation, Configuration and Support of Checkpoint (NGX R65, R70, R71, R75 and R77), Juniper Firewalls (SRX5400, SRX5600and SRX5800), Cisco Firewalls (ASA 5505, 5506 - X, 5585), Palo Alto Networks Firewall models (PA-2k, PA-3kand PA-5 k).
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST. Implementation of HSRP, VRRP, GLBP for Default Gateway Redundancy.
• Expertise in installing, configuring and troubleshooting Juniper Routers (E, J, M and T-series)
• Strong knowledge in Cisco Routing, Switching and Security with Cisco hardware/software (heavy Cisco shop) experience.
• Excellent Hands on experience with Cisco ISE and the Migration of Wireless and TACACs to ISE.
• Good knowledge on Endpoint incorporates a rules-based firewall, as well as an anti-malware technique.
• Worked on F5 LTM/GTM, BIG-IP, load balancing, I Rules and WAN acceleration.
• Work experience in Administration, Engineering and Support for various technologies including proficiency in LAN/WAN routing, switching, security, application load balancing and wireless.
• Working experience on tools and devices like Gigamon, Sourcefire, Fire eye, Aruba, Cisco ASA, Cisco ISE.
• Knowledge of JUNOS platform and worked with IOS upgrade of Juniper devices.
• Experience in creating User/Group Accounts and attaching policies to User/Group Accounts using AWS IAM service.
• Experience with Cloud Networks and migration projects in AWS and Azure. Automation using Ansible.
• Experience with different Network Management Tools and Sniffers like Wireshark (ethereal), HP-Open view, RSA envision, and Cisco works to support 24 x 7 Network Operation Center.
• Strong knowledge of TACACS+, RADIUS implementation in Access Control Network.
• Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.
• Managed all network and devices to include Cisco routers, switches, VPNs, SSL, Check Point, Cisco PIX, Cisco ASA, Cisco FWSM as well as content delivery networks (CSS, Citrix NetScaler and F5 Big IP LTM and GTM 1600 and 3400 load balancers) enterprise environment.
• Experience with F5 load balancers and Cisco load balancers (CSM, ACE and GSS).
• Configuration and troubleshooting of CISCO & ARUBA wireless devices
• Aruba Airwave Manager, ClearPass Policy Manager Server
• Basic and advance F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 and general troubleshooting of the F5 load balancers
• Worked on Juniper Net Screen Firewalls NS50, SSG 550M, SSG520M, ISG 1000, ISG 200 and Cisco PIX 535, 520, 515, ASA -5500 and 5505.
• Responsible for Checkpoint and Cisco firewall administration across global networks.
• Worked on Cisco Catalyst Switches 6500/4500/3500 series.
• Policy development and planning/programming on IT Security, Network Support and Administration.
• Experience in Configuring and Troubleshooting BIG-IP F5 LoadBalancer LTM.
• Creating Virtual Servers, Nodes, Pools and iRules on BIG-IP F5 in LTM module.
• Experience with Firewall migrations from PIX firewall to Cisco ASA and Juniper SRX firewall appliances.
• Experience in implementation of F5 GTM based on topology load balancing methods.
• Experience with Bluecoat Proxy servers, LAN & WAN management.
• Excellent knowledge in Routing, Switching, Firewall and Gateway technologies, system design, wireless design, data network design, capacity management and network growth.
• Deployed the Cisco 3500 Access Points using Cisco Wireless controllers 5500 and 2500 and WCS System.
• Configuration of Network and Security devices such as Cisco routers and switches (Cisco 7600/3500/Nexus 7K/5K), Firewall (Checkpoint R75/Gaia and Cisco FWSM), Load Balancers and DNS and IP Manager (Infoblox).
• Administration of production Windows Servers infrastructure that includes Domain Controllers, IIS Web Servers, SharePoint, File and Print and FTP/SFTP servers.
• Provide consultancy services to customers on a variety of network security products including firewalls, VPNs, authentication, load-balancing, data loss prevention and security information and event management.
• Proficient in installing and configuring Windows Server 2003, 2008, 2012 and Windows XP, 7 & 8Professional Client Operating Systems
• Optimize, secure and control the delivery of all enterprise and cloud services and maximize the end user experience for all users including mobile clients using NetScaler.
• Excellent customer management/resolution, problem solving, debugging skills and capable of quickly learning, effectively analyses results and implement and delivering solutions as an individual and as part of a team.

TECHNICAL SKILLS:

Networking: OSI, TCP/IP, Cisco IOS, IOS-XR, LAN/WAN interconnection, Frame-Relay, ISDN, RIP, OSPF, EIGRP, IS-IS, BGP, MPLS, STP, RSTP, MST, VTP, NAT, ACLs, VPN, IP-Sec

Hardware Routers: Cisco (1800/2600/3600/3800/7200/7600 series), Cisco ASR 9Ks)

Switches: Cisco (2900/3500/3700/5500/6500 Series, Nexus 7k, 9k)

Firewalls: Cisco ASA (5510,5540), Checkpoint R65, R70, R75, R77 Gaia, Juniper SSG, SRX, Palo Alto

Other Tools: Tufin Secure Track, ForeScout CounterACT, F5 Big IP (LTM/GTM/ASM), DNS, Bluecoat Proxy, Solar Wind, Wireshark, BMC Remedy, Citrix NetScaler, Cisco Prime, VM Ware

Network Monitor Tool: Wireshark Lan and Wan Protocols Ethernet, TCP/IP, CDP, STP, RSTP, VTP, Fast Ethernet, Frame Relay, PPP, HDLC.

Routing Protocols: OSPF, GP, RIP

Load Balancer: Citrix, F5 Load Balancer

Application Protocols: SNMP, Telnet, SSH, DHCP, DNS, ARP, HTTP, FTP, TFTP

AAA Architecture: TACACS+, RADIUS, Cisco ACS

Operating Systems: Win 95/98, NT, XP, VISTA, LINUX, UNIX

PROFESSIONAL EXPERIENCE:

Confidential, San Antonio, TX

Sr. Network Security Engineer

Responsibilities:

• Works with client engineering groups to create, document, implement, validate and manage policies, procedures and standards that ensure confidentiality, availability, integrity and privacy of information.
• Researched, designed and replaced aging Cisco ASA firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection.
• Executing RADIUS pre-deployment tasks like ISE setup, loading templates into Cisco Prime.
• Performed site refreshes on Cisco switching and Aruba wireless infrastructure at several locations.
• Configured, implemented and troubleshooting issues on Checkpoint R77.10 Gaia, R75, Cisco ASA 5540, 5000 series firewalls for the client environment.
• Contribute to the development and overall strategy of the penetration testing program
• Manage project task to migrate from Cisco ASA firewalls to Check Point firewalls.
• Configured Cisco ISE for Wireless and Wired 802.1x Authentication on Cisco Wireless LAN
• Configuration and Integration of Cisco Identity Services Engine (ISE) 1.2
• Worked on VPN configuration, routing, NAT, access-list, security contexts and failover in ASA firewalls.
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Configured and maintained IPSEC and SSL VPN's on Palo Alto, Cisco ASA Firewalls.
• Configuring, Administering and troubleshooting the Checkpoint, Palo Alto and ASA firewall.
• Configured IP Sec VPN (Site-Site to Remote Access) on Cisco ASA (5200) series firewalls.
• Working with the rule base and its configuration in Cisco ASA, Palo Alto, Juniper and Checkpoint firewalls.
• Deploying ISE Wired and Wireless Authentication, Authorization and Accounting.
• Deployment of Cisco ASA firewalls and migration of end of life ASA firewalls to New ASA firewalls
• Cisco Firewalls include ASA 5585x, 5580, 5550 Series Hardware managed through CLI, ASDM as well as CSM
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Responsible for maintaining availability, reporting and communication of the SIEM between it, its event-sources and the endpoints
• Design and configuring of OSPF, BGP on Juniper Routers (MX960, MX480) and SRX Firewalls (SRX240, SRX550)
• Configuring & Administration of the Checkpoint Firewall that includes creating Hosts, Nodes, Networks, Static & Hide NAT's.
• Configure High Availability on Palo Alto firewalls.
• Defining, tracking and maintaining the standard baselines and configuration sets of security devices and implementing industry best practices with regards to Firewall, IDS/IPS, IPsec VPN, SSL VPN.
• Applied security enhancement by implementing s and RSA keys for authentication.
• Installed and administered RSA Secure ID token authentication servers.
• Support Citrix NetScaler F5 platform, configuring, implementing, & troubleshooting Citrix NetScaler VIP configuration with health check, policy configurations Access Gateway, & content switching configuration solutions.
• Coordinate and evaluate vendors and associated products/tools in facilitating the Penetration Testing initiatives
• Configured F5 GTM solutions, which includes Wide IP, Pool Load Balancing Methods, probers and monitors.
• Defined AWS Security Groups which acted as virtual firewalls that controls the incoming traffic and configured the traffic allowing reaching one or more AWS EC2 instances Virtual private cloud (VPC), subnets, Internet Gateways.
• Physically deployed new Cisco Nexus devices, Catalyst and Nexus replacement blades, FWSMs, Cisco ASAs, Citrix NetScaler MPX and SDX chassis.
• Worked extensively on Cisco ASA 5500(5510/5540) Series, Nexus 7k and 9k Series
• Verify Firewall status with Checkpoint Monitor. Creation and implementation of Application delivery architectures which includes load balancing on F5 BIG IP modules.
• Worked with F5 Load balancing, IDS/IPS, Bluecoat proxy servers and Administrating.
• Use of Web application firewall providing reverse proxy-based protection for applications deployed in physical, virtual / public cloud environments.
• Knowledgeable in building a strong secure network with expertise in implementing the organizations IDS/IPS, ISE, VPN's, ACE and Firewall solutions. Including the auditing and event management
• Involved in the deployment and decommission of VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices.
• Involved in F5 LTM GTM and ASM planning, designing and implementation. Actively involved in F5 ASM policy configuration and deployment. Troubleshoot and Worked with Security issues related to Cisco ASA/PIX, Checkpoint, IDS/IPS and Juniper Net screen firewalls
• Configured High availability, User ID on Palo Alto firewall.
• Configured and utilized many different protocols such as OSPF, ISIS, BGP/MP-BGP, OER, MPLS, LDP, Multicast, IPv4/IPv6 protocols.
• Utilized knowledge of Spanning Tree Protocol, BGP, MPLS, OSI model layers 1-2 to create networklayouts.
• Stateful firewall, VLAN to VLAN routing, Link bonding / failover, 3G / 4G failover, Traffic shaping / prioritization, WAN optimization, Site-to-site VPN, Client VPN, MPLS to VPN Failover, Active Directory and LDAP integration.
• Responsible for investigating Data Loss Prevention using Symantec DLP.
• Configured EIGRP routing and BGP route maps to allow traffic from subnets out to the core to Datacenter on the ASR 1002 devices.
• Implementation and configuration of Cisco L3 switches 3750, 4500, 6500 in multi VLAN environment with the use of inter-VLAN routing, dot1Q trunk, ether channel
• Configure and troubleshoot Routing protocols such as OSPF and EIGRP for routing internally and BGP for external routing.
• Worked and maintained various network, application monitoring tools like Solar Winds, Cisco Prime, ForeScout, Wireshark, TCP Dump.
• ForeScout CounterACT- NAC, endpoint compliance, real-time intelligence and policy-based control.
• Involved in Troubleshooting IP Addressing Issues and Updating IOS Images using TFTP.

Confidential, Torrance, CA

Sr. Network Security Engineer

Responsibilities:

• Implementing Security Solutions using PaloAltoPA-5000/3000, Cisco 5580/5540/5520 , Checkpoint firewalls R70, R75, R77.20Gaia and Provider-1/MDM.
• Configuration and administration of firewalls, which includes Checkpoint, Juniper and Cisco ASA firewalls.
• Configured and maintained rule sets in the firewalls and updated them on the daily basis.
• Monitors the network traffic and maintain the records with the help of SPLUNK.
• Designed AWS Cloud Formation templates to create custom sized VPC, subnets, NAT to ensure successful deployment of Web applications and database templates.
• Create and validate SMOPS for upgrade, replace, add and remove Cisco VOD equipment.
• Work with Load Balancing to build connectivity to production & disaster recovery servers through Citrix NetScaler.
• Vulnerability security patching using IBM Endpoint Manager, SCCM & WSUS
• Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for state full replication of traffic between active and standby member.
• Innovated with support of Palo Alto for remote and mobile users and for analyzing files for malware in a separate (cloud-based) process that does not impact stream processing.
• Researched, designed and replaced Checkpoint firewall architecture with new next generation Palo Alto PA3000 and PA5000 appliances serving as firewalls and URL and application inspection.
• Handling Modern related issue like that of RAD & Aruba.
• Responsible for the deployment and associated tasks for the implementation of the
• Configuring rules and maintaining Palo Alto Firewalls& Analysis of firewall logs using Panorama.
• Successfully installed Palo Alto PA-3000/PA-5000 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls and also implemented Zone-Based Firewall and Security Rules on the Palo Alto Firewall.
• Configuration and Maintenance of Cisco ASA, ASA 5540, ASA 5520, ASA 5510 series firewalls.
• Configured and installed Cisco routers 2500, 2600, 3601 and 4000 series. 2950 Switches & Link sys wireless access points.
• Configuring and install hardware and software required to conduct network penetration testing.
• Provided tier 3 support for CheckPoint and Cisco ASA Firewalls to support customers, Backup and restore of Checkpoint and Cisco ASA Firewall policies.
• Manage project task to migrate from Cisco ASA firewalls to Check Point firewalls.
• Configuring and troubleshooting site-to-site IPSEC VPN tunnels using Cisco ASA 5540 for third-party connectivity.
• Installed and configured a variety of Cisco devices like Cisco Routers (1841, 1900, 2600, 2800, 3800, ASRs and more), Cisco switches (3560, 3750, 4507 catalysts, 6500 catalyst Switch and more) and Nexus 7000 series, Nexus 5000 series, Nexus 2K Fabric Extenders and F5 appliances.
• Applied knowledge of Ethernet switch and router configuration to configuration/design MPLS connections.
• Creating object, groups, updating access-lists on Check Point Firewall, apply static, hide NAT using smart dashboard.
• Installed and configured high availability Big IP F5 LTM and GTM load balancers like 6600, 6800 to provide uninterrupted service to customer applications and monitoring the availability.
• Identified opportunities for implementation of network best practices, particularly F5 load balancer implementations.
• Configuring F5 Load Balancers: Adding virtual IPs, nodes, pools and health monitoring.
• F5 Big IP iRule programming and troubleshooting.
• Worked on F5 solutions/support for migration work of applications and websites from Cisco CSS Load Balancers to the F5 BigIP Load Balancers.
• Configure and Monitor Cisco Sourcefire IPS for alerts.
• Working with different teams to gather info for the new request and troubleshoot for any connectivity issues by capturing traffic using TCPDUMP and smart view tracker.
• Worked on VPN configuration, routing, NAT, access-list, security contextsand failover in ASA firewalls.
• Provide support to help desk for complex/major network problems. Build the rules for the application access across the IPSEC VPN tunnel
• Implemented configuration back-ups using WinSCP, cyberfusion to automate the back-up systems with the help of public and private keys.
• Deployment and Management of Bluecoat proxies in forward proxy scenario as well as for security in reverse proxy scenario.
• Worked on Blue Coat Proxy SG to safeguard web applications in extremely untrusted environments such as guest Wi-Fi zones.
• Performing URL filtering and content filtering by adding URL's in Bluecoat Proxy SG's.
• Working on the network team to re-route BGP routes during maintenance and FW upgrades.
• Running vulnerability scan reports using Nessus tool.
• Use of Citrix NetScaler for the application delivery control.
• Configure B2B VPN with various business partners and 3rd parties and troubleshoot VPN Phase 1 and Phase 2 connectivity issues including crypto map, encryption domain, psk etc.
• Provided administration and support on Bluecoat Proxy for content filtering and internet access to primary, remote site offices and VPN client users
• Follow information security policies, methods, standards, NIST standards and practices to organize information systems, IT material and interpret regulations.
• Monitor Intrusion Detection Systems (IDS) console for active alerts and determine priority of response.
• Actively use SIEM technology for searching and monitoring real-time events for network security and compliance.
• Review daily log data gathered from various resources such as sensors, alert logs, firewall logs, content filtering logs.
• Working on day-to-day service tickets to solve troubleshooting issues.

Confidential, Conshohocken, PA

Network Security Engineer

Responsibilities:

• Involved in complete LAN, WAN development (including IP address planning, designing, installation, configuration, testing, maintenance etc.).
• Involved in Switching Technology Administration including creating and managing VLANS's, Port security, Trunking, STP, Inter Vlan routing, LAN security etc.
• Implemented with Cisco Layer 3 switches 3750, 4500, 6500 in multi VLAN environment with the use of inter-VLAN routing, HSRP, ISL trunk, ether channel.
• Possess good experience in configuring and troubleshooting WAN technologies like MPLS, T1, T3, DS3 and ISDN.
• Monitoring the network traffic with the help of Qradar and Cisco IPS event viewer.
• Remediation of firewall rules from checkpoint firewalls to Cisco ASA firewalls and their implementation.
• Monitoring the traffic through Cisco catalyst switches for Detection of Intrusion using IDSM2 and its Prevention IPS.
• Managing and implementation of PORs (port open requests) based on the requirements of various departments and business lines.
• Implementing and troubleshooting (on-call) IPsec VPNs for various business lines and making sure everything is in place.
• Installing and configuring new Cisco equipment including Cisco catalyst switches 6500, Nexus 7010, Nexus 5548 and Nexus 2k as per the requirement of the company.
• Worked primarily as a part of the security team and daily tasks included firewall rule analysis, rule modification and administration.
• Configuring & managing around 500+ Network & Security Devices that includes, Palo Alto Firewall, Cisco ASA, Fortinet and Juniper (NetScreen) Firewalls, F5 BigIP Load balancers and 3DNS, Blue Coat Proxies and Plug Proxies.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Implement the firewall rules using Panoroma/Fortimanager.
• Adding and removing checkpoint firewall policies based on the requirements of various project requirements.
• Installing, configuring Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design.
• Designed, configured, implemented site-site VPN between cisco ASA 5500 firewall and Palo Alto Firewall.
• Configuration and Administration of Cisco and Juniper Routers and Switches
• Deploying and decommission of VLANs on core ASR 9K, Nexus 9K, 7K, 5K and its downstream devices configure 2k, 3k, 7k series Routers
• Created documents for various platforms including Nexus 7k, ASR9k, and ASR1k enabling successful deployment of new devices on the network
• Configured Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000 to connect servers and storage devices.
• Configuring and managing F5 ASM (Application security manager). Developed security policies.
• Configure and troubleshoot Juniper EX series switches.
• Migrated to Juniper EX series switches from Cisco 3500 series and 6500 series switches
• Work with Load Balancing team to build connectivity to production and disaster recovery servers through F5 Big IP LTM load balancers
• Experienced in configuring Guest access using Aruba ClearPass and Web Authentication.
• Experience with Aruba/Ruckus Wireless Controllers, Access Points and IAP. Implement Aruba Wireless infrastructure using Aruba controllers & Access Points. Configured Aruba access points troubleshoot connectivity issues with Aruba access points
• Installed, configured Cisco Meraki equipment and web based monitoring platform for MR32 wireless access points.
• Strong hands on experience on, ASA Firewalls, Palo Alto Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
• Implemented Zone Based Firewalls and Security Rules on the Palo Alto Firewall. Exposure to wildfire feature of Palo Alto. Supported Blue Coat Proxy in explicit mode for users trying to access Internet from Corp Network.
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering). Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.

Confidential, San Jose, CA

Security Engineer

Responsibilities:

• Day-to-Day work involves scheduling firewall policy provisioning and working with users to identify connectivity related issues and troubleshoot using both Smart Utilities and CLI.
• Managing and administering Juniper SRX and Checkpoint Firewalls at various zones including DMZ, Extranet (Various Business Partners) and ASZ and internal.
• Implementing Security Solutions in Juniper SRX and Net Screen SSG firewalls by using NSM.
• Juniper Firewall Policy Management using NSM and Screen OS CLI.
• Provide VOD Method of Procedures documentation to customer for software upgrade downgrade release.
• Maintained the following Cisco platforms 7600, 7500, 7200, 7000, 3560, 2900, 2801, 2000, ASA5500, Catalyst 6500, 4500, 3560 and 2900.
• Experience as a Sales QA Representative in Production Environment for Network Based Firewall Based Wireline Applications and interact with Net bond team who establishes a firewall connection on a VPN to the Cloud Portal.
• Participate in the installation and configuration of new VOD equipment.
• Configured and utilized many different protocols such as OSPF, ISIS, BGP/MP-BGP, OER, MPLS, LDP, jenipercast, IPv4/IPv6 protocols.
• Utilized knowledge of Spanning Tree Protocol, BGP, MPLS, OSI model layers 1-2 to create networklayouts.
• Acts as local liaison to identify, correlate, communicate and verify customer impact for nationally managed care team events impacting Video, VOD, network transport, or related IP services.
• Daily technical hands-on experience in the configuration, troubleshooting of Juniper SRX firewalls as well as experience working directly with customer in a service/support environment.
• Troubleshooting Firewall Connectivity related issues using Smart view tracker on Checkpoint, NSM Log viewer for Juniper Firewalls.
• Creating and Provisioning Juniper SRX firewall policies.
• Configure and administer Cisco ASA Firewalls (5585, 5550 and 5540) and use command line CLI, Cisco CSM, ASDM for day-to-day administration.
• Active/Standby and Active/Active HA configuration on Cisco ASA Firewalls.
• Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for stateful replication of traffic between active and standby member.
• Configuring rules and maintaining Palo Alto firewalls and analysis of firewall logs using various tools.
• Experience on ASA firewall upgrades to 9.x.
• Configured Panorama web-based management for multiple firewalls.
• Worked on configuration, maintenance and administration of Palo Alto PA3000 Firewalls and migrating customers from Cisco ASA to Palo Alto in HA network.
• Configuring rules and maintaining Palo Alto Firewalls& Analysis of firewall logs using various tools.
• Network hands-on installation experience of (Cisco routers, switches, ASA 5505 firewall, VPN)
• Understand the flow of traffic through the Check Point Security Gateway cluster and troubleshoot connectivity issues using advanced troubleshooting from Command Line Utilities.
• Use Tools such as SKYBOX for Firewall Policy optimization and rule base Clean up.
• Build and configure Active/Standby Failover on Cisco ASA with stateful replication.
• Configure and tweak the inspection policies on Firewall to allow legacy application traffic.
• Understand different types of NAT on Cisco ASA firewalls and apply them.
• Firewall policy provisioning on Fortinet FortiGate appliances using FortiManager.
• Support Blue Coat Proxy in explicit mode for users trying to access the Internet from Corp Network.
• Troubleshooting connectivity issues through Blue coat as well writing and editing web policies.
• Involved in Upgrading Bluecoat proxy servers from SG s to SG B.
• Administration Big IP F5 LTM for all Local Load balancing and use GTM for load balancing across Data Centers.
• FWSM configurations in single/multiple contexts with routed and transparent modes.
• Support Data Center Migration Project involving physical re-locations

Confidential

Network Engineer

Responsibilities:

• Firewall Policy Provisioning and troubleshoot connectivity issues through firewall.
• Performed penetration testing internally for our clients.
• I worked on Check Point Security Gateways and Cisco ASA Firewall.
• Firewall Clustering and High Availability Services using Cluster XL on Check Point.
• Configuring and tweaking Core XL and Secure XL acceleration on Check Point gateways.
• Troubleshoot User connectivity issues on Checkpoint and Cisco ASA using CLI utilities.
• Packet capture on firewalls and analyzing the traffic using Wire shark utilities.
• Troubleshot Clustering issues on Check Point and Sync issues monitoring and fix.
• Upgrade of Checkpoint Gateways in Cluster with Minimal downtime.
• Implemented Active/ Standby HA configuration on Cisco ASA Firewalls.
• Configuring Cisco ASA firewalls in Single and Multiple Context Mode firewalls.
• Upgrade of Cisco ASA Firewall in Active/Standby mode with no down time.
• Configuring VPN both B2B and remote access SSL and centralized policy administration using Fort Manager, building FortiGATE High Availability using FortiGATE Clustering Protocol (FGCP).
• Firewall Compliance and Rule remediation for compliance such as SAS 70 Audit.
• LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems)
• Vlan design and implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to avoid loops in the network. Trunking and Port channels creation.
• Working with OSPF as internal routing protocol and BGP as exterior gateway routing protocol.
• Configuring static NAT, dynamic NAT, Inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation on Cisco ASA Firewalls.
• Deployed a Syslog server to allow proactive network monitoring.
• Implemented VLANS between different departments and connected them using trunk by keeping one VLAN under server mode and rest falling under client modes.
• Configured Firewall logging, DMZs and related security policies and monitoring.
• Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.
• Documentation and Project Management along with drawing network diagrams using MSVISIO.

Confidential

Support Engineer

Responsibilities:

• Configuring and troubleshooting multi-customer network environment.
• Involved in network monitoring, alarm notification and acknowledgement.
• Implementing new/changing existing data networks for various projects as per the requirement.
• Troubleshooting complex networks layer 1, 2to layer 3 (routing with MPLS, BGP, EIGRP, OSPF protocols) technical issues.
• Providing support to networks containing more than 2000 Cisco devices.
• Performing troubleshooting for IOS related bugs by analyzing past history and related notes.
• Carrying out documentation for tracking network issue symptoms and large scale technical escalations.
• Managing the service request tickets within the phases of troubleshooting, maintenance, upgrades, fixes, patches and providing all-round technical support.
• Preparing feasibility report for various upgrades and installations.
• Ensure Network, system and data availability and integrity through preventive maintenance and upgrade.
• Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-Vlan routing, LAN security.
• Worked on the security levels with RADIUS, TACACS+.
• Completed service requests (i.e. - IP readdressing, bandwidth upgrades, IOS/platform upgrades, etc.)
• Identify, design and implement flexible, responsive, and secure technology services
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Configured switches with port security and 802.1 xs for enhancing customer’s security.
• Monitored network for optimum traffic distribution and load balancing using Solar winds.
• Validate existing infrastructure and recommend new network designs.
• Created scripts to monitor CPU/Memory on various low end routers in the network.
• Installed and maintained local printer as well as network printers.
• Handled installation of Windows NT Server and Windows NT Workstations.
• Handled Tech Support as it relates to LAN & WAN systems