We provide IT Staff Augmentation Services!

Network Security Engineer Resume

Chicago, IL

PROFESSIONAL SUMMARY:

  • Networking Professional 8 years of Experience computer networking and Solid understanding of Design, Implementation, Administration, Software Quality Assurance Testing Operational and Troubleshooting of enterprise data networks.
  • Shell Scripting for automating tasks using Python.
  • Configured a DNS server using a geolocation API to get the client location. Using the locations coordinates, the distance would be computed to find the closest server and the client would be redirected to that server.
  • Proficient in testing on Client/ Server and Web based applications.
  • Analyzed key parameters like throughput, latency, drop rate, Round trip delay to study TCP behavior under congestion and summarize the performance of various TCP variants like Tahoe, Reno, NewReno, Vegas and SACK.
  • Implemented a python raw socket program to download webpage bypassing kernel TCP/IP stack.
  • Created HTTP request, TCP payload, IP packet and Datalink frame to send over the internet.
  • Handled TCP functionality like checksum, reliable - data transfer, congestion window, re assembly, retransmissions and timeouts, ethernet CRC and ARP.
  • Configured and administered vSphere storage, including iSCSI, VMFS, NFS, and software-driven solutions.
  • Configured vSphere standard switches, implemented network policies and set up VMkernel networking.
  • My work on vSphere mostly revolves around administration, troubleshooting, and monitoring.
  • Worked on controlling resource allocation with DRS rules and resource pools, configuring fault tolerance, and fixing common issues related to installation.
  • Strong hands-on experience on Palo Alto (5060, 3060), Checkpoint Firewall R77, juniper and Cisco ASA 5585 firewall.
  • Designed and configured the commands for QoS and Access lists for Nexus 7K and 5K.
  • In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Subnetting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits, Firewalls.
  • Experience in Manual Testing strategy, design, execution and reporting of Set Top Box and services.
  • Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+& RADIUS)
  • Worked extensively on Data Center Palo Alto firewalls and F5 BIG-IP LTM.
  • Migrating Palo Alto 5060 & 7060 firewalls and configuring IPS/IDS and content Filtering
  • Configuring and implementing IPsec VPN tunnel between ASA 5550 Firewalls, Palo alto 5060, 7060 firewalls Applied access list, NAT & IPS/IDS configurations.
  • Deploying and upgrading Palo Alto 5060 & 7060 firewalls and establishing IPS/IDS, anti-malware
  • Experience with Migrations of Cisco ASA firewall to Palo Alto firewall
  • Advanced knowledge in installation and configuration of Juniper Netscreen Firewall.
  • Strong knowledge on migration of DDoS attack’s, IPsec & SSL implementation on Cisco and Palo Alto firewalls.
  • Worked with Cisco Nexus, Catalyst and Aruba wireless devices
  • Developed a cache management system using least frequently used algorithm and configured HTTP servers on geographically distributes AWS EC2 instances that could handle multiple requests.
  • Developed TCL script in NS2 to design a network topology to simulate TCP and UDP flows over the network.
  • Responsible for check point and Cisco ASA firewall administration across global networks.
  • Hands-on expertise with ASR-901, ASR-903, ASR 5500, ASR-9010 and Juniper ACX, E, M, MX960 series.
  • Implementation and maintained intrusion detection/ prevention (IDS/IPS) system to protect enterprise network and sensitive corporate data. For Fine-tuning of TCP and UDP enabled IDS/IPS signatures in Firewall.
  • Adept understanding of the JUNOS platform and worked with IOS upgrade of Juniper devices.
  • Experience in implementing site-to-site and remote access VPN Technologies using GRE, IPSEC, Remote Access VPN, DMVPN tunnels.

TECHNICAL SKILLS:

Router platforms: Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900, 6807 series), Nexus 7K, 5K, 2K & 1K.

Switch platforms: Cisco 2900XL, 2950, 2960, 3560, 3750, 4500 and 6500, Nexus (2K, 5K, 7K and 9K)

Juniper Platforms: SRX, MX, EX Series Routers and Switches

Networking Concepts: Access: lists, Routing, Switching, Subnetting, Designing, CSU/DSU, IPSec, VLAN, SAN, VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi

Firewall: Cisco Firewalls (ASA 5505, 5506-X, 5585), Palo Alto Networks (PA-2K, PA-3K and PA-5K).

Network Management/Monitoring: Solar winds, HP NNMi 8xi (Network Node Manager), Net flow and Cisco prime, Ethereal / Wireshark, TCP Dump.

Load Balancers: F5 BIG: IP LTM 2000, 3900, 5000, 6400, 6800 AND 8900, Bluecoat SG8100, AV 510.

WAN technologies: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET

LAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channel, VLANS, VTP, STP, RSTP, 802.1Q

Security Protocols: IPsec, SSL, AAA, WAF, Access: lists, prefix-lists, SSL-VPN

Networking Protocols: RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA, IPv4 and IPv6

Operating System: Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix

Wireless/ Voice: Cisco WLC, IEEE 802.1x and 802.11, WLAN, WAP, AP, SSID, LWAPP, VoIP/SIP, CUCM, UCCM, UCCX, MGCP, RTP, PoE, CCK, DSSS.

PROFESSIONAL EXPERIENCE:

Confidential, Chicago, IL

Network Security Engineer

Responsibilities:

  • Designing, Implementing LAN/WAN configurations on Cisco Nexus 5k, Catalyst 6500 switch.
  • Worked on ASA (5540/5550) Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
  • Experience with Virtualization, SDN, NFV, Openflow, Openstack Neutron
  • Prepared test deliverables, test plan, test scenario, test cases, test data, traceability matrix, and generated test reports.
  • Identified, triaged, tracked and performed reporting of bugs.
  • Created and Designed Cisco ISE policy for iPad, tablet and mobile phone. Making sure the business and guest devices where working within Company’s wireless network.
  • In depth experience in TCP/IP, LAN/WAN, SDN (software Defined Networks) technologies including reliable trouble shooting techniques
  • Integrating Panorama with Palo Alto fireballs, managing multiple Palo Alto fireballs using Panorama.
  • Implementing and configuring F5 LTM's for VIP's and Virtual sewers as per application and business requirements. F5 configuration, installation, and monitoring with F5 APM.
  • Researched and evaluated technical concepts to provide direction regarding development and deployment SDN
  • Designed, configured, and implemented distribution and access layers’ network infrastructure for a new building using Cisco Nexus 7009s and using VPCs to floor switches (Catalyst 4510s)
  • Configured and maintained VPCs with 7010 and 5548 in the network. Also configured and maintained VDCs in 7010 switches, maintained VRFs in those separate VDCs.
  • Providing daily network support for national wide area network consisting of MPLS, VPN and point-to point site.
  • Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability Checking and configuring Cisco 7600 routers at data center for remote sites’ issues.
  • Knowledge of JUNOS platform and worked with IOS upgrade of Juniper devices.
  • Deep understanding of cloud technologies, such as IaaS, PaaS, Software-defined networks (SDN), Network Functions Virtualization (NFV), Openstack, and other emerging technologies
  • Developed test areas to replicate in-home media network and tested interactive media guide application. Prepared test lab to simulate Verizon’s software and hardware environment to perform replicated the operations.
  • Experience configuring Virtual Device Context in Nexus 7k, 5k and 2k.
  • Experience in VPC, VDC, Fabric path and OTV configurations.
  • Configured and maintained VPCs with 7010/7018 and 5548 in the network. Also, configured and maintained VDCs in 7010/7018 switches, maintained VRFs in those separate VDCs.
  • Deploying of VLANs, port and IP allocations and planning on ASR Mk, Nexus '7k, 5k, Mk and its downstream devices.
  • Working on Cisco 6500 and 4500 switches for LAN requirements that include managing VLANs, Port Security and troubleshooting LAN issues.
  • Managed Check Point Firewalls from the command line using Putty sessions. (cpconfig and Sysconfig).
  • Troubleshoot traffic passing managed firewalls via logs and packet captures.

Environment: Cisco routers and switches: 7500/catalyst 6500/R V320/2960/catalyst 3550/12410, 12816, 1204 series, Nexus 7k and 5k, WLC, and ASA 5540. Palo Alto firewalls 3060, 5060, 7050. Cisco Nexus 5000 and Nexus 7000 series Switch.

Confidential, Fort Worth, Texas

Firewall Engineer

Responsibilities:

  • Implementing and maintenance of network design, structure, up gradation and configuration of routers and switch the client server for 400+ users.
  • Design MPLS VPN and QoS for the architecture using Cisco multi-layer switches.
  • Configuring rules and Maintaining Palo Alto Firewalls& Analysis of firewall logs using various tools.
  • Understand the flow of traffic through the Check Point Security gateway cluster and troubleshoot connectivity issues using advanced troubleshooting from Command Line Utilities.
  • Build and configure Active/Standby Failover on Cisco ASA with stateful replication.
  • Successfully installed Palo Alto PA-3060 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
  • Configuring and deploying Cisco ASA 5505; Cisco 594/294; I500 web sense manager at customer Maintained, configured, and installed Cisco ASA 5520 Firewall.
  • Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
  • Configured Juniper MX480s, EX8200s, EX4500s, EX4200s, and SRX5800s from scratch to match design.
  • Experienced with Juniper EX-2200, EX-4200, EX-4500, MX-480 and M Series, SRX210 and SRX240.
  • Firewall policy administration and support on Checkpoint as well as Cisco ASA Firewall
  • Configuring TACACS, LDAP, and RADIUS for Cisco ASA and Palo Alto fireballs.
  • Implement changes on switches, routers, load balancer (F5 and CSS), firewalls, wireless devices per engineer’s instructions and troubleshooting any related issues.
  • Switching tasks include VTP, ISL/ 802.1q, IPSec and GRE Tunneling, VLANs, Ether Channel, Trunking, Port Security, STP and RSTP.
  • Deployed and maintained routing protocols such as OSPF, EIGRP, BGP, GRE, MPLS/VPN, HSRP and static routes on Cisco routers and switches and Juniper routers
  • Worked with customers to define, plan and execute technology solutions that are specific to their needs. Deployment and configuration of F5 BIG IP load balancer (LTM, GTM, ASM, and APM Modules).
  • Built site-to-site IPsec VPNs over Frame-relay & MPLS circuits on various model’s tor Cisco routers to facilitate adding new business partners to new and existing infrastructure.
  • Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
  • Involved in Configuration of Access lists (ACL) for the proper network routing for the B2B network connectivity
  • Working on different modules of Checkpoint Next Generation firewall R77.30 such as IPS.

Environment: Cisco 2600, 2800 and 3600router. F-5Load balancers. PaloA1to fireballs 3060, 5060, 7050. Cisco ASA 5520 Firewall, Juniper Firewalls.

Confidential

Network Engineer

Responsibilities:

  • Worked as part of team to manage Enterprise Network Infrastructure as a Tier 3 Support Engineer.
  • Troubleshoot problems on a day to day basis and providing solutions that would fix the problems within their network.
  • Experience in SDN&NFV application development with OpenDayLight SDN controller
  • Configured EIGRP, RIP, OSPF and Static routing on Juniper M and MX series Routers for Lab Environment.
  • Configured and troubleshoot Juniper Ex 4500 and series switches and Juniper ACX series routers.
  • Experience working with Network-attached storage (NAS) to provide Local Area Network (LAN) nodes with file-based shared storage through a standard Ethernet connection.
  • Configuring HSRP between VLANs, Configuring Ether-Channels and Port Channel on Cisco6500 catalyst switches.
  • Cisco Secure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN 3000 Concentrator.
  • Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall
  • Configuring rules and Maintaining Checkpoint, Palo Alto, Fortinet Firewalls& Analysis of firewall logs using various tools
  • Troubleshoot and hands on experience on security related issues on Cisco ASA/PIX, Checkpoint and Palo Alto Firewalls
  • Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
  • Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/VPN-1.
  • Provide consultation regarding segmentation, security and policy of the SDN network
  • Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPsec/GRE to GET VPN.
  • Assisted in MPLS migrations, implemented a backup for the existing WAN connection using site-to-site IPsec VPN tunnels.
  • Working on Network design and support, implementation related internal projects for establishing connectivity between the various field offices and data centers.
  • Negotiate VPN tunnels using IPsec encryption standards and also configured and implemented site-to-site VPN, Remote VPN.
  • Configuring STP for switching loop prevention and VLANs for data and voice along with Configuring port security for users connecting to the switches.
  • Other responsibilities included documentation, support other teams and Assisted in the architecture, evaluation and recommendations related to purchasing and installing hardware, software related to IP Networking.
  • Working with client team to find out requirements for their network.

Environment: Cisco 2600, 2800 and 3600 routers. F-5Load balancers. PaloA1to fireballs 3060, 5060, 7050. Cisco ASA 5520 Firewall.

Confidential

Network Admin

Responsibilities:

  • Configuration and maintenance of Cisco 2900 series including VLANS and TRUNKING protocols.
  • Configured EIGRP, BGP and MPLS
  • Implemented load balancing between Cisco L3 switch by HSRP and GLBP.
  • Delivered Departmental Efficiency through advanced engineering, technical support and documentation procedures.
  • Maintaining Checkpoint security policies including NAT, VPN and Secure Remote access
  • Responsibilities included configuration and installation of software and hardware.
  • Configuration of site 2 site and remote access VPN’s
  • Designing& Maintaining Network Diagrams by using Visio tool.
  • Maintaining backups of all network devices configurations on Daily & Monthly.
  • Good Experience in ITIL Processes (Incident, Problem, Change, Capacity, Configuration and Release Management).
  • Coordinating with Windows & Linux teams in Hardening the OS for Security issues.
  • Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISM routers and switches at access level to 2950, 3550.
  • Worked on Configuring, managing, and troubleshooting networks using routing protocols like RIP, EIGRP and OSPF (Single Area and Multi Area).
  • Handled Troubleshoot Frame Relay, Tl, TO, IP and OSPF related router and circuit issues.
  • Assisted with troubleshooting all network issues with routers and switches when necessary and consulted with on call tech as needed for client.

Environment: Cisco 3640 to Cisco 2811 ISM routers. switches at access level to 2950, 3550. Cisco router-7200, 6500, 4500, 1700, 2600 and 3500 series

Hire Now