SUMMARY:

• Dynamic and versatile Cisco as well as Palo Alto certified Network Security Engineer with 7+ years of experience in deploying, migrating, troubleshooting and supporting enterprise level networks and Data Centers.
• Extensive knowledge in securing networks using Palo Alto, Cisco FirePower, Fortigate Checkpoint and Juniper Firewalls.
• Expert knowledge in Threat prevention (Anti - Spyware, Antivirus, Vulnerability protection), Data filtering, URL filtering, Palo Alto's APP-ID to enable application-based traffic inspection.
• Experience in managing multiple firewall using Panorama using Templates and Device groups.
• Knowledge on implementation of IDS/IPS systems in networks.
• Generate a wide variety of reports on firewall and IDS/IPS/DLP/endpoint activity notifying the end customer concerning suspicious traffic.
• Strong knowledge on IPsec & SSL implementation on Cisco and Palo Alto firewalls.
• Hands-on experience of Aruba Clearpass, Airwave, Controllers and Access Points among with other WLAN products, services and troubleshooting techniques.
• Configured alerts, extracted logs and performed real time analysis using SIEM tools like Splunk, Qradar.
• Extensive knowledge on Cyber Kill Chain management.
• Knowledge on mitigating various attacks like DOS, DDOS, MITM, and Rouge Software.
• In-Depth knowledge of migrating data to Azure and AWS cloud environment.
• Proficient in using all amazon web services (AWS)/Azure like EC2, EBS, IAM, S3, ELB, RDS, VPC, Route 53, Cloud Watch, Cloud Formation etc.
• Knowledge or Understanding of Express Route, Network Security Groups, Storage Accounts and Storage Explorer and Azure Architecture.
• Worked with a successful Cisco Partner to migrate Palo Alto 5050 firewalls to Cisco FirePOWER 9300 firewalls with throughput up to 1.2Tbps crushing the current slow Palo Alto 5050s.
• Hands on experience on configuring or administering with Cisco Firepower Threat Defense, Cisco Firepower Management center .
• Enhanced Conventional incident response methods and Security Operations by employing and combining Intrusion Prevention, Cyber kill chain model analysis, and Cyber Threat Analysis.
• Hands on experience on configuring or administering of Security Management Products to an enterprise environment with tools like McAfee E Policy Orchestrator, Host Intrusion prevention, Data Loss Prevention, VSE and McAfee Security for SharePoint, etc.
• Create, setup, configure and modify security rules on SIEM appliances for multiple divisions.
• Experience in deploying and managing Cisco ACS/ISE to implement TACACS+, RADIUS in Access Control Networks (ACN).
• Worked on the CLI for tracing and creating ACLs between the source and destination for Cisco ASA, juniper SRX, Fortigate and NX-OS.
• Configuring, maintaining and troubleshooting with Fortinet firewall and security.
• Create new rules on the Fortigate 300 firewall, UTM and VPN access for remote users.
• Deployed a multi-site datacenter-class FortiGate ATP solution that integrated FortiSandbox, FortiManager, and FortiAnalyzer across multiple US regions.
• Extensive knowledge on vulnerability management tools like Qualys.
• Expert level knowledge of troubleshooting, implementing, optimizing and testing routing protocols such as EIGRP, OSPF, BGP.
• Experienced in installation, configuration, and troubleshooting of Cisco 7600 series Juniper M320 and SRX series routers.
• Expert level troubleshooting methodologies to isolate and identify configuration, design, and software anomalies.
• Analyze traffic patterns using Monitoring and Sniffing tools like SolarWinds, Splunk ES, Wireshark, and Tcpdump to mitigate Cyber attacks like DoS and DDoS.
• Expert level knowledge of implementing and testing redundancy protocols like HSRP, VRRP, and GLBP.
• In-depth knowledge and experience in LAN and WAN technologies including MPLS, SD-WAN, DIA, Point to Point (Dark Fiber), CDN and SDN.
• Expertise in Redistribution, Route Filtering, Summarization, Supernetting without overlaps, PBR.
• Extensive knowledge of standards in the industry such as the seven-layer OSI reference model and the five-layer TCP/IP model
• Expert level knowledge of implementing and troubleshooting complex Link layer technologies.
• Experienced in Switching technologies like VTP version 1,2 & 3, VTP modes, SVI, Trunks like 802.1q & ISL, switchport security, PPP like PAP and CHAP, IGMP and port aggregation.
• Working experience in managing and troubleshooting the core, distribution and access switches.
• Knowledge in migrations of Cisco Catalyst to Nexus switches at access layer in complex data center environments.
• Substantial working experience on Virtual Port Channels (vPC), bonding server NICs and Virtual Device Contexts (VDC) in Nexus 7000 series switches.
• Experienced in setting up Splunk Forwarders for new application tiers introduced into environment and existing applications.
• Building Splunk queries by Splunk Search Processing Language (SPL) and Regular expressions.
• Good knowledge on WPA/WPA2 - Enterprise and its RADIUS server, along with other 802.1x protocols for authentication.
• Knowledge on different kinds of encryption and its terminology- PSK, TKIP, and AES.
• Experienced with Aruba, Cisco Meraki Wireless platform.
• Expert knowledge in ensuring high availability of servers using Load balancers like BIG-IP, Cisco CSS
• Knowledge of F5 Load Balancers and their configuration of LTM and GTM's to manage the traffic on the servers.
• Hands on experience with ServiceNow as a ticketing tool.
• Experienced working with Tufin SecureTrack and SecureChange in Tufin Orchestration suite.
• Experience with Change management process and Project documentation tools like Excel and VISIO
• Extensive Experienced with Symantec DLP and RSA DLP architecture and implementation for enterprise level.

TECHNICAL SKILLS:

Firewall Technology: Palo Alto Series -2k,3k,5k,7k, Checkpoint(NGX,NGAI), Cisco ASA,PIX 535 Juniper, Fortinet, Fortigate.

Network Security: ACL, IPsec, VPN, Port-security, RSA, AAA and IPS/IDS

Virtualization: Wire shark, FireEye, Fiddler, Microsoft Network Monitor, Solar Winds, Solaris, Cisco Works Guardium 8 .0 NetScout and NMAP.

Router Platform: PA- 3060,PA-5060,PA-7050, Cisco 2811, Cisco 6509-E (Multi-layer Switch), Cisco7200, Cisco3800, Cisco 3640, and Cisco 3745, ASR9K series, Nexus 3k

Routing Protocols: EIGRP, OSPF, BGP, RIP & IGRP

Switches: Cisco Multi-layer Switch 6500, Catalyst 4500, Catalyst3750, Catalyst2900 and Catalyst 3500XL, Catalyst 6500, 4500, 4900, 3750, 3500, 2900 .

Switching protocols: VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switching, Multicast Operations, Layer 3 Switches, Ether channels, Transparent Bridging, Data Center Switching, vPC, VDC, OTV, RBAC.

Infrastructure Services: DHCP, DNS, SMTP, FTP, TFTP, IIS

LAN Protocol: FHRP, HSRP, GLBP, VRRP, VLAN, STP, VTP, Ether Channel, Trunks.

WAN Technology: Frame Relay, ISDN, PPP, HDLC, ATM

Fiber optics: FC patch cable Assemblies, Testing with ODTR and troubleshooting.

WORK EXPERIENCE:

Confidential, Seattle, WA

Network Security Engineer

Responsibilities:

• Deployed, Configured and upgraded firewalls for managed client’s global network via Palo Alto’s centralized management platform Panorama .
• Implemented App-ID, URL filtering, threat prevention and wildfire subscription on PAN OS .
• Created and modified various access polices to allow vpn ports for certain services and applications in Palo alto via Panorama in various geographical regions.
• Actively Monitor, analyze and capture logs in Palo Alto to identify the root cause and resolution of the critical network incident for client’s global network.
• Created custom report on the cpu processor history of the firewall analyze the traffic in management and data plane.
• Deployed and administered via Clearpass Policy Manager for 802.1x authentication on wired and wireless networks.
• Deployed and administered Clearpass Onboard and Guest solutions.
• Successfully upgraded the all wireless Cisco/Aruba access points and Airwave controllers to 8.2 .
• Designed and configured switches, routers, wireless access points and controllers for new sites and branch offices as created network traffic flow diagram in Visio .
• Configured and implemented NAT, SVS (site-to-site) vpn client request in Global Protect and Palo Alto and also troubleshoot various SVS connection issues within our SLAs.
• Implemented, upgrade and modified virtual servers, pool members and irules in BIG IP F5 LTM/GTM.
• Troubleshoot and Performed health checks on F5 LTM/GTM load balancers and monitored the status of the application servers.
• Create filters like Change request, service request and incident request on ServiceNow to promptly resolve the tickets.
• Configured and troubleshoot issues related to VLAN, inter-VLAN and STP protocols.
• Configured route filters, route re-distribution and ACLs in complex global environment.
• Troubleshoot and configured TCP/IP and routing protocols like IPv4/v6,CDP,OSPF,BGP,EIGRP,VPN,Frame Relay, Wireless LAN and WAN.
• Review the client's Palo Alto configuration and map it to Cisco FirePOWER 9300 features.
• Created and managed A-records/DNS entries, CNAME, ALIAS, URL record in IPAM Infoblox as well as in Microsoft Active directory/DHCP/DNS server via MMC(Microsoft management console).
• Configured and deployed new Cisco 4k router and certify 6500 switches for production.
• Troubleshoot and configured ACL, DMVPN and IPSec tunnel on cisco devices.
• Upgrade as well Take back up of all networking devices periodically using Solar Wind Orion.
• Configured and Troubleshoot NPS related issue
• Planned and Worked on Network Refresh activity for Branch and DATA Centre activity.
• Worked on generating alerts on SolarWinds as well as ran EEM/Power shell scripts in the background to promptly resolve those alerts on networking devices .
• Worked on TMG Server for Web filtering.
• Configured and troubleshoot the Switches related issue .

Confidential, Tallahassee, FL

Network Security Engineer

Responsibilities:

• Migrated large scale enterprise network from one ISP to another ISP provider in a US state government project, built new router and switch configuration template in order to increase the scalability, stability and security of the network as well as troubleshoot any kind of issues and test the circuits to ensure successful migration.
• Designed whole mesh GETVPN topology in the test environment and implemented it into over 300 sites throughout the states.
• Deployed code specific targets to the environment and troubleshooting the Paas based services in Azure.
• Backup and recovery on Azure Virtual Machines. Migratted the data from Azure to AWS.
• Configured, Installed and upgraded Palo Alto and Checkpoint Firewalls for managed client which included network/resource access, software, or hardware problems.
• Expert knowledge in Threat prevention (Anti-Spyware, Antivirus, Vulnerability protection), Data filtering, URL filtering, Palo Alto's APP-ID to enable application-based traffic inspection using Palo Alto/Checkpoint.
• Monitor and analyze network security events (IPS,IDS Antivirus, Anti-spam,Proxy and Firewall logs) via SIEM.
• Troubleshoot and researched security incidents using IPS/IDS, SIEM applications, IBM QRadar Security Intelligence Platform.
• Create, modify and push IDS/IPS policies, custom/vendor signatures, health checks and custom scripts to alert and enable the security response team to quickly identify outstanding issues.
• Implemented IDS/IPS on tap/span port to mitigate in-line and out-of-band threats and vulnerabilities.
• Performed Log analysis using Splunk on SIEM as well as use Kali Linux environment and effectively neutralized DOS, DDOS, XSS and SQL Injection Attacks.
• Strong knowledge on IPsec & SSL implementation on Cisco and Palo Alto firewalls.
• Performed Aruba HP switch and Cisco router IOS upgrades and test the stability of the code in the lab environment and implemented it into the production.
• Worked on FortiGate 5000-series security appliance to maintain SSL Inspection, Application control, Firewall and VPN management.
• Performed in-depth analysis on hacker activities from a technical standpoint to include hacker tactics, techniques and procedures based on Cyber kill chain Model.
• Conducted analysis support based on cyber kill chain methodology of cyber and non-cyber investigations and operations .
• Use SeriveNow as a ticketing tool for Network related issues.
• Extensive use of NSM (Network and Security Manager), FortiOS 5 and CSM (Cisco Security Manager) for adding or modifying firewall policies for the firewalls in use.
• Drafted, installed, and provisioned Cisco ASA, juniper SRX, Fortigate and NX-OS rules and policies.
• Extensive Packet level debugging and troubleshooting on Fortigate firewalls and Juniper SRX to resolve numerous network issues.
• Designed and implemented Cisco Embedded Event Manager (EEM) to resolve the crypto tunnel issues .
• Performed day-to-day LAN and WAN administration, maintenance and support.
• Troubleshoot layer-2 to layer -7 connectivity issues.
• Worked in a criminal justice environment and State government projects;
• Familiar with Service Now ticketing and Orchestration for maintenance upgrades and patches and troubleshooting tickets to provide all around technical support .
• Configured and implemented DMVPM as well as Site to Site VPN configuration for data encryption
• Implement high-availability-HA (failover) configuration for security management server.
• Implement URL filtering, threat prevention and wildfire subscription on PAN OS .
• Troubleshoot connectivity issues from various branch locations and third-party sites to data center.
• Troubleshoot, Monitor and configure checkpoint firewall issues using command-line (CLI) commands and GUI smart console.
• Integrated the necessary functionalities to monitor corporate nodes and the quality of services using Orion Solarwinds Network Management System to ensure system are complaint with service specifications.
• Created, Update Orion customized views, user accounts, maps, reports and actionable alerts in SolarWinds.
• Performed cleanup of user accounts, management accounts, and managed nodes on enterprise Solarwinds Orion Platform.
• Created network interactive maps for easy visual status of critical systems for an airport in Solarwinds.
• Performed several upgrades on the system and subsystem of Solarwinds in support of desired functionality.
• Configured and implemented SSL Decryption, URL filtering, ACLs and NAT with Palo Alto/Checkpoint Firewalls .
• Designed, implement and troubleshoot Cisco, HP Aruba switches and routers.
• Experience in designing the network topology using Visio diagram .
• Configured and implemented upgrades, patches, modification of a code throughout the enterprise using Kiwi CatTools.
• Experienced with LAN premise wiring and cable management.
• Configured, troubleshoot and implemented Cisco Meraki, Mojo wireless controllers and AP’s .
• Familiar with VoIP, Wireless security, QoS systems configuration and troubleshooting.
• Analyze, design and troubleshoot alerts using Network monitoring tools like Nagios XI and SolarWinds.
• Automate the reoccurring events and crypto tunnel failures using Cisco Embedded Event manger(EEM), TCL and python script.
• Familiar with Linux servers and administration.
• Effective inter-personal skills both in written and verbal, adaptive to any environment, keep abreast with the latest technologies and delivering solutions as an individual and as part of a team.
• Expertise in customizing Splunk for Monitoring, Application Management, and Security as per customer requirements and industry best practice.
• Have extensive experience in setting up LAN, WAN and troubleshooting related issues using Cisco Discovery Protocols (CDP).
• Working on VMware vSphere to virtualize the server and expand resources as business needs.
• Effective inter-personal skills, adaptive to any environment, keep abreast with the latest technologies and delivering solutions as an individual and as part of a team.
• Advanced DDI monitoring scripting and experience with Infoblox DDI administration and DDI -Guard monitoring tools.

Confidential, Louisville, KY

Network Security Engineer

Responsibilities:

• Configuring High Availability(HA) on Checkpoint/Palo Alto as well as VRRP and monitor the Sync status for stateful replication of traffic between active and standby member.
• Updating/patching Linux, Windows Virtual Machine in VMware clusters.
• Upgrade, configure Checkpoint Firewall, Site-to-Site VPN and implement Cluster.
• Monitored Checkpoint VPN tunnel activities with Smart View Monitor and troubleshoot VPN issues with CLI.
• Implemented firewall rule to set migration for Cisco ASA to Palo Alto.
• Migrated the various region of an enterprise customer from Checkpoint firewalls to FortiGate Next-Gen firewalls with FortiCaches and integrated FortiManager, FortiAnalyzer, and Forti Authenticator for central management and single sign on.
• Implemented Fortinet (FortiGate) devices, content filtering, encryption, two factor authentication, SSH, HTTP/S, SMTP, FTP.
• Developed migration strategies for Cisco ASA to Checkpoint R75 firewalls with the help of SmartDashboard.
• Migrated anti-spoofing and security policy configuration from Cisco ASA to Checkpoint firewalls
• In corporate Cisco Nexus 9000 NXOS to ACI fabric to work in concert with existing Nexus 7000s and ASRs for Multi-Protocol Label Switching (MPLS).
• Utilize Azure IaaS, PaaS, and containers (Kubernetes) to move a legacy application into the cloud first model.
• Using on command system manager and cluster shell on command tolls to create new vservers , aggregates, volumes and provisioning new storage.
• Installed and configured Unified Manager and Performance manager along with Integration to schedule the alerts and the Capacity reports for the easy management.
• Map the legacy application components to the Azure cloud from a legacy hosting company.
• Use Azure App Service and the Azure SQL PaaS platform to host the new application .
• Deployed Splunk on Azure/ AWS environment.
• Build Checkpoint firewall, and configured GUI to open/close TCP/IP ports.
• Backup, Restore and Upgrade of Checkpoint Firewall appliance.
• Optimize existing policies to improve security and performance. Identify and remove security policies that are not no longer needed to reduce CheckPoint Firewall policy lookup.
• Administration of Palo Alto Network Device, Configuration of New Access Policy, Firewall Rules, QOS Rules, User ID agents, Threat Policy.
• Responsible for monitoring Large scale deployments of Palo Alto firewalls on our global network using centralized management system Panorama.
• Performed optimization on Solarwinds Platform Managing a 1600+ site / 6000+ node network.
• Created tuned alerts for event classes and error reporting and response mechanisms Integrated Solarwinds alerting functions with automated trouble ticket creation.
• Integrated Solarwinds with asset tracking and life cycle reporting.
• Setup and configured network TCP/IP protocols at all levels on Linux servers
• Configuring High Availability(HA) on Checkpoint/Palo Alto as well as VRRP and monitor the Sync status for stateful replication of traffic between active and standby member.
• Upgrade, configure Checkpoint Firewall, Site-to-Site VPN and implement Cluster.
• Performed design, deploy, refresh and change control for Cisco ASA firewalls, routers and switches, F5 Networks LTM and GTM load balancing.
• Have expert level of experience on F5 related stage and test device tickets for creating, upgrading and modification on the virtual servers, pool members and custom related health monitors to satisfy client and application team.
• Performed Network configuration, system integration, installed software, configured networks including Juniper MX/NFX, (L2/3), optical ports, and PCs.
• Migrated successfully from cisco 2960 network to switch EX3300 Juniper Network.
• Build Checkpoint firewall, and configured GUI to open/close TCP/IP ports.
• Backup, Restore and Upgrade of Checkpoint Firewall appliance.
• Optimize existing policies to improve security and performance. Identify and remove security policies that are not no longer needed to reduce CheckPoint Firewall policy lookup.
• Implemented firewall rule to set migration for Cisco ASA to Palo Alto.
• Configured of remote access systems through SSH, and managed system security via TCP Wrappers.
• Managed Linux and Windows virtual servers on AWS EC2 using Chef Server. Configured and monitored distributed and multi-platform servers using Chef.
• Setting up Auto scaling of the instance group using AWS command line tools and AWS cloud environment for Dev/QA environments.
• Configured SNMP on Palo Alto firewalls 3060, 5060, 7050 for receiving incident alerts and notification and wrote SSL decryption policies for decryption of traffic to provide Anti-virus, Malware protection.
• Initiate automated and manual audits on device configurations, security policies, and signature tuning.
• Hands-on experience on migrating from ASA, Checkpoint into Palo Alto .
• Worked on Blue Coat Proxy SG to safeguard web applications in extremely untrusted environments such as guest Wi-Fi zones.
• Analyzed logs on Splunk, as well as Threat Intelligence analysis using Wireshark, Arcsight, and FireEye .
• Create incident tickets with the Palo Alto Networks TAC/ServiceNow to troubleshoot and diagnose cases .
• Implemented WLAN Aruba/Cisco Meraki Wireless Access Points and its Controllers at various corporate sites fort 11n Infrastructure and its legacy technologies.
• Supported enterprise environment including: Aruba controllers, Airwave and APs/Cisco Meraki wireless controllers.
• Executed Shell scripts to start/stop web servers, web services, app servers on Linux based on the need.
• Configuring VM’s on ESX Server and installing hosts and Migrating Virtual Machines across various VMware ESX Server, Workstation and VMware servers.
• Hand-on experience in technologies including TCP/IP, IPv4/v6, CDP, EIGRP, OSPF, BGP, Frame Relay, VPN, Wireless LAN and VLANS.
• Monitored and responded to daily alerts generated from the DLP system; investigated events and escalated as necessary to the Data Privacy Group; followed the initial steps of the Incident Response Process (IRP) - Detection, Investigation, Containment, and Remediation.
• Implemented Domain Name Server by Using Primary and Secondary DNS Servers.
• Hands on experience in TCP/IP protocols like SSL/TLS, DNS, DHCP, WINS, NTP, FTP, HTTP, SMTP, CIFS, LDAP, and Microsoft AD.
• Hands-on technical experience working with VPN technologies (IPSEC, SSL VPN, WebVPN, AnyConnect, etc.)
• Expertise in BGP, OSPF, and MPLS (traffic engineering implementation) in complex enviroments.
• Upgraded and updated Cisco IOS from 12.3T to 12.4.
• Used to DHCP to automatically assign reusable IP addresses to DHCP clients.
• Contract F5 product-specific technologist role, implement the Design with Engineering team. Ensuring End-to-end design, ownership, and delivery of LTM and GTM load balancing solutions built to customer specifications and which meet project delivery goals and timelines.
• Support and maintain Splunk enterprise environment in a highly available, redundant, geographically dispersed environment.
• In-depth knowledge and hands-on experience on IP Addressing, Sub netting, VLSM and ARP, reverse & proxy ARP, Ping Concepts.

Confidential, Chicago, IL

Network Security Engineer

Responsibilities:

• Configured, Installed and upgraded Palo Alto and Checkpoint Firewalls for managed client which included network/resource access, software, or hardware problems.
• Integrated Panorama with Palo Alto firewalls, for managing multiple Palo Alto firewalls with single tool.
• Creation of new disk partitions and File Systems: Swap, ext4, LVM (Physical Volumes, Volume Groups, and Logical Volumes) in Linux environment .
• Configured and managed Fortigate firewalls for small to medium sized banks and credit unions.
• Management of system logs (rsyslog server), system automated tasks (cron jobs) using Linux CLI.
• Implementation of file transfer systems using FTP, NFS, and SSH (SCP) in Linux environment.
• Configuration and Implementation Firewall/IPtables rules on new servers.
• Configuring and troubleshooting remote access and site to site VPN in Palo Alto Firewalls.
• Update and configure App-ID, User-ID and Zones based on traffic pattern .
• Implement various policies like NAT, QoS, Decryption, DoS protection in Palo Alto as per requirement.
• Analyzed and troubleshoot on various communication TCP/IP protocols like FTP, FTPs, SFTP, HTTP and HTTPS.
• Installed and configured Juniper devices in the lab (MX, SRX, EX, QFX, NFX, etc)
• Build and configure Active/Standby, Active/Active for High Availability (HA) Failover on Palo Alto with stateful replication.
• Experienced with common encryption schemes such as symmetric/asymmetric encryption, hashing, SSL/TLS, IPsec, SSH etc. Using open SSL commands to troubleshoot issues related SSL certificates.
• IPsec and ISAKMP protocols with MD5 and SHA hash algorithms for safe transport of sensitive information.
• Authenticate certificates in servers, PKI, database encryption, data protection and key management systems.
• Analyzed traffic pattern and implemented URL filtering using the Palo Alto Firewall.
• Global Traffic Manager (GTM) designs providing multi-site load balancing and global availability of generic hosts and/or LTM virtual servers, iQuery-based monitoring of LTM virtual servers .
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewalls and centralized GUI Panorama.
• Performing URL filtering and content filtering by adding URL's in Bluecoat Proxy SG's and in Palo Alto.
• Performed on daily basis TCP/IP Protocols configuring Routing like OSPF, EIGRP, BGP on Cisco 72XX,76XX and Juniper 7320.
• Troubleshooting on the network issues using firewall logs, Running TCP DUMP.
• WildFire, FireEye tools are used for the notification and prevention of Zero-Day threats.
• Analyze Splunk enterprise environment in a highly available, redundant, geographically dispersed environment.
• Experience working with Arista 7050s, 7150s, 7010T, 7048T-A in data center.
• Performed Log analysis using Splunk on SIEM as well as use Kali Linux environment and effectively neutralized DOS, DDOS, XSS and SQL Injection Attacks.
• Conducted onsite penetration tests from an insider threat perspective.
• Strong experience in Black box, White box, responsive design and usability and exploratory testing, PKI (Public key Infrastructure) Encryption algorithms.
• Analyzed malware behavior, network infection patterns and security incidents.
• Perform Splunk agent deployment, configuration and troubleshooting across a variety of platforms.
• Experience with Splunk technical implementation, planning, customization, integration with big data and statistical and analytical modeling.
• Migrated company from Exchange 2003 to Exchange 2010 using VMware Sphere 4.1 Virtualization
• Implement and manage load balancing using F5 GTM load balancers. Provide consulting services to customers recommending best practices for their security posture and their environments.
• Configuring BGP/OSPF routing policies and designs, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Implemented and administered Web sense Web Security Gateway for web content filtering and DLP.
• Coordinating with Security team for NAT configuration and troubleshooting issues related to access lists and DNS/DHCP issues within the LAN network.
• Troubleshoot and ensure link availability using Cisco Discovery Protocol (CDP) in the internal network.
• Managed inventory of all network hardware, Management and Monitoring by use of SSH, Syslog, SNMP, NTP.
• Actively involved in resolving network tickets pertaining to IP Phone VLAN and IP Helper address, Adding Secondary IP address to the existing VLAN, High CPU Utilization.
• Hands-on experience in configuring and troubleshooting protocols like OSPF, EIGRP, RIP, MPLS, LDP, BGP, BGP v4. Configured IP access filter policies.
• Configured features on SolarWinds to help gather data on traffic patterns.

Confidential

Network Engineer-SOC/NOC

Responsibilities:

• Monitoring various cellular operator’s voice and data traffic that passes through the gateway in network operation center(NOC).
• Monitored network performance to improve the backup strategy using Nagios XI, Solarwinds Cacti and splunk.
• Maintained and Troubleshot IP connectivity problems using PING, and Trace route utilities and packet capture tools such as Wireshark.
• Configured and administered Cisco Routers 7200/3900/2900 as well as Cisco Switches 6500/3750/3550.
• Configured 802.1q Trunk Link encapsulation and Ether channel using LACP in Corporate LAN Environment.
• Hands on experience on designing L2/L3 networks in Datacenters and large remote locations.
• Configured and troubleshoot IP/TCP/UDP and its routing protocols (EIGRP, BGP).
• Configured ACL’s, route filters, route re-distribution, etc on complex environments.
• Implemented network security for remote access by configuring site -to- site and clients- to- site VPN tunnels through multiple Cisco VPN concentrators and Checkpoint firewalls and maintained access policies for remote users.
• Deployed IOS upgrades on various cisco routers / switches hardware including Nexus platforms.
• Configured and deployed cisco routers and switches (1900, 2800, 2900, 3900, ASR’s, 7206 VXR’s, 3500, 4500, 6500, Nexus 5K / 7K) on various environment .
• Deployed Cisco ASR9000 series Routers for MPLS in Data Centers.
• Experience with converting Cisco ACE load balancer to F5 LTM load Balancer in data center environment.
• Maintained secure connection using SSH and making authentication MD5, Plain text in routing protocols like EIGRP, OSPF, RIP, HSRP, VRRP, GLBP.
• Worked on checkpoint UTM, VPN and activated blade licenses to be used as Intrusion prevention and antivirus appliance.
• Configured and Deployed BIG-IP LTM 8900 for providing application redundancy and load balancing.
• Configured NAT and Simple Network Management Protocol (SNMP).
• Experience in troubleshooting VLAN, STP (Spanning tree protocol), & Switch Trunk and IP subnet issues.
• Experience creating and maintaining Splunk reports, dashboards, forms, visualizations, alerts.
• Real- time monitoring of the network devices using Solarwinds Network monitoring tools Orion.
• Experience in Risk Assessment and analysis of Vulnerabilities & Threat and their impacts in the business.
• Scheduled proposed network changes and worked with major business units to identify their impact. Familiar with Content Filtering, SNMP, Solar Winds and Cisco-works.
• Hands on experience by configuring and troubleshooting of routing protocols: MP-BGP, OSPF, MPLS, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
• Solarwinds features were configured to analyze data on traffic patterns.
• Installed Licenses, Certificates, and Upgraded the existing code on Cisco 3750 Switch, and Aruba 7010 Standard, Extended, and Named Access Lists(ACL) to allow users all over the company to access different applications and blocking others.
• Deployed Netflow Controller.
• Configured Switching Protocols(RPVST+,VTP, Portfast, BPDU Guard, UDLD), and Macros on Cisco 3560, 4500 Platforms.
• To ensure high availability(HA) of system resources to the end users and to maximize the uptime of doing the necessary work to diagnose, detect and rectify the faults in time.
• Monitoring & Troubleshooting Cisco core Routers (7200, 3600, 1700 and 1600) and Switches (Cisco 2900, 6500, 3500, 3700 and 3Com Switches).
• Coordinating the technical activities with their vendors & Telco to keep the systems and network uptime to 98% and submission of monthly reports on the project.
• Identify missing neighbor relations and performing neighbor optimization to improve retain ability KPI.
• Created wireless LANs and configure interface associated with it as well as security parameters.
• Configured and troubleshoot Juniper Servers as per customer’s requirement.
• Work with PHP, Perl, Python, Shell scripting, Cisco Internetwork Operating System (IOS) and Red Hat/Centos/Kali.