We provide IT Staff Augmentation Services!

Network Security Engineer Resume

Fort Lauderdale, FL

SUMMARY

  • 7 plus years of professional experience as a Network & Security Engineer, including hands - on experience in providing network design, deployment, support, installation and analysis.
  • Experience in providing a wide range Network Infrastructure and Security Solutions for LAN / WAN, Enterprise and Data Center Environments.
  • Experience Working on equipment from multiple vendors such as Cisco, Juniper, F5, Palo Alto.
  • Expertise in working with Cisco Nexus 7k, 5k, 2k, Cisco Catalyst 6500’s, 4500’s & VPC, VDC, VRF configuration.
  • Expertise in installing, configuring and troubleshooting Juniper EX Switches & Mx Routers.
  • Experience working with Cisco IOS, IOS-XR, NX-OS, JunOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, EIGRP, BGP v4, MPLS.
  • Intensive applications of Network automation tools and testing for network automation and configuration management using Ansible, Python scripting.
  • Knowledge of implementing and troubleshooting, complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST.
  • Experience in Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions for Cisco ASA, Palo Alto and Checkpoint.
  • Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, and MPLS QOS.
  • Worked with team to implement NAC solution on Aruba wireless and LAN.
  • Worked on F5 Load Balancers Configuring Irules, Profiles, Nats/Snats, And Load Balancing.
  • Install, Configure, Deploy and Maintain Firewalls (Palo Alto, Cisco ASA), Cisco Routers and Switches, Citrix SD-WAN, autonomous Cisco WAPs and Meraki Networks
  • Hands on Knowledge/experience on F5 load balancers, its methods, implementation and troubleshooting on LTMs and GTMs. Experienced in working on Cloud Computing Virtualization using VMware NSX and Windows Hyper-V.
  • Expertise in configuring and troubleshooting of Palo Alto, Juniper NetScreen & SRX Firewalls and their implementation
  • Strong hands on experience on PIX (506, 515, 525, 535), ASA (5505/5510) Firewalls.
  • Having experience in Migration from Cisco ASA's to Fortinet’ s Fortigate firewalls.
  • Provided 24x7 availability and on-call support as required by the project.

TECHNICAL SKILLS

Cisco Platforms: Nexus 7K, 5K, 2K & 1K, Cisco routers (7600, 7200, 3900, 3600, 2800, 2600, 2500, 1900,1800 series) & Cisco Catalyst switches (6500, 4900, 3850, 3750, 3500, 4500, 2900 series), CSR/ASR, IOS-XR

Juniper Platforms: MX960, MX480, MX240, MX104, MX80 routers, QFX5100, QFX3500, EX4300, EX4200, EX2200 Switches, SRX1500, SRX550, SRX240, SRX210, SRX100 Firewalls.

Management tools: SNMP, Syslog, Sniffer, and Wireshark.

Routing Protocols: BGP, OSPF, EIGRP, IGRP, RIP, Routed Protocol TCP/IP, Multicast, HSRP, VRRP, GLBP.

LAN Protocols: VLAN, VTP, Inter-vlan routing, ISL, dot1q, STP, RSTP, PVST, HSRP, GLBP, Ethernet, Port security.

WAN Technology: MPLS, MPLS VPNs, LDP, L3VPN

Network Management: SNMP v2, Cisco Works, Network Analyzer, MRTG, Solar winds, TACACS, Net flow, Riverbed, Nagios, Datadog and Sumologic.

Network Security: Firewalls, Palo Alto Firewalls, ASA, ACI, IPsec, IPS/IDS, & VPN, Juniper SRX, Juniper VSRX, ACE Module and F5 Load Balancers

Application Protocols: DHCP, DNS, IPV6, FTP, TFTP.

Documentation: Microsoft Office

Design Tools: HP NA, MS Visio

Programming: Python, Shell Scripting, Ansible

Operating Systems: Cisco CATOS, IOS, IOS-XR, NX-OS, JUNOS, MS Windows 2007/08, Windows Vista, Windows 8, Windows 10.

PROFESSIONAL EXPERIENCE

Confidential, Fort Lauderdale, FL

Network Security Engineer

Responsibilities:

  • Designed and implement security strategies with Cisco and Palo Alto firewalls.
  • Managed firewalls using Palo Alto's Panorama Central Management Software and Upgrade PAN-OS from 6.1 to 7.0 in Palo Alto firewalls.
  • Used tools including Tufin and Splunk to monitor firewall traffic and troubleshoot network access.
  • Configuration, implementation, and problem determination across the major firewall platforms and understanding each customer environment at a detailed level.
  • Implement URL filtering on Palo Alto Firewall and control access to restricted sites.
  • Configuring and troubleshoot Global protect SSL VPN for Work from Home Users on Palo Alto.
  • Configuring Security Policies for Access control, inter zone connectivity, External Access on Palo Alto Firewall.
  • Operated and maintained the Aruba ClearPass Policy Server and the Aruba AirWave Wireless Intrusion Detection System.
  • Managed and completed over 100 projects installing/upgrading client's wireless infrastructure to Aruba and Supported wireless networking team working on Aruba wireless.
  • Additional tasks include assisting with the day to day operations and management of other network devices such as Cisco ISE, Palo Alto firewalls and Panorama.
  • Strong hands on experience on Palo Alto Firewalls, ASA Firewalls and implemented Security Policies using Panorama, ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
  • Day to Day activities include Incident Resolution and Service Request for creating new WIP and VIP are on the F5 LTM/GTM.
  • Upgrade projects across F5 Upgrade of Big-IP from 11.6 to 13.0
  • Troubleshoot issues related to Application slowness by Analyzing nodes, Health monitors, and Server pools.
  • Configuration and troubleshooting of Issues related to VIP’s, Server pools, Redundancy, Persistence, and SSL offloading to improve application performance.
  • Configure NAT polices on Palo firewalls as per requirements.
  • Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
  • Worked on Panorama firewall management tool to administer Palo Alto 5050, & 5250 device groups.
  • Configured GCP Virtual Private Cloud (VPC) network services and deployed via CI/CD using concourse.
  • Experience in creating dashboards in Stackdriver and can setup alerting and create custom metrics using google API developer tools.
  • Configured AWS and GCP application logs in Sumologic and datadog for events.
  • In depth Knowledge of AWS cloud service like Compute, Network, Storage and Identity & access management.
  • Hands-on Experience in configuration of Network architecture on AWS with VPC, Subnets, Internet gateway, NAT, Route table.

Confidential, Moline, IL

Network Engineer

Responsibilities:

  • Assisted with the configuration, installation and maintenance of network equipment such as routers, switches, firewalls, and wireless access points.
  • Configuring OSPF and Static routing on Juniper M and MX series Routers in data center environment.
  • Converting networks with multiple routing protocols IGRP, EIGRP into a single OSPF domain, thus providing for future network scalability.
  • Worked on configuring and troubleshooting juniper SRX firewalls.
  • Configuring Layer 2 switching protocols and deployment of Juniper EX sand QFX series switches in data center environment.
  • Performed configuration verification and cleanup for LAN/WAN environments to achieve standardizations and good practices.
  • Configured and troubleshoot Infoblox DNS and DHCP servers.
  • Management of Infoblox Grid Manager to manage DNS Forward and Revers Lookup Zones.
  • Monitored and Created traffic Pattern on Arista 7250 switches using Open flow.
  • Worked to help clean up legacy FW policies and create migration path from current ASA to next gen Palo Alto firewall.
  • Troubleshooting issues with application access, network access across the firewall.
  • Experience on Virtual Private Network (VPN) for operating Network and Data Center.
  • Deploy Azure IaaS VMs and Cloud services PaaS with high availability by designing availability sets, VMSS.
  • Configured the Okta MFA VPN portals on Palo Alto Firewall by using various server Profiles like SAML, RADIUS, TACACS+, LDAP authentication.
  • Configuring Syslog, flow setting, radius, TACACS and SNMP for Juniper, Aruba and Palo Alto devices.
  • Troubleshooting network performance deeply through packet capture analysis by using Riverbed NetSharks and application performance through Riverbed Net profiler.
  • Monitored system capacity to determine its effect on performance and recommend enhancements to meet new or changing network demands through Nagios tool.

Confidential, Baltimore, MD

Network Security Engineer

Responsibilities:

  • Primary responsibility is to design, Test and deploy various Network Infrastructure and Network Security
  • Products in High Availability Configuration from Vendors such Cisco, Juniper, and Palo Alto.
  • Migration of Cisco Catalyst, IOS Platforms to Cisco Nexus, Juniper Platform Conversion on Core, distribution
  • Experience with Aruba Wireless Controllers, Access Points.
  • Implement Aruba Wireless infrastructure using Aruba controllers & Access Points and Configured Aruba access points troubleshoot connectivity issues with Aruba access points.
  • Worked on Configuration of VLAN, VRF, VX-LAN, VTEP, VPC, on Nexus devices.
  • Configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, BGP v4.
  • Experience in configuration and troubleshooting MPLS, L2VPN, L3VPN tunnels.
  • Design, implementation and operational support of routing/switching protocols in complex environments including BGP, OSPF, EIGRP, Spanning Tree, 802.1q, etc.
  • Performing troubleshooting on slow network connectivity issues, routing issues that involves OSPF, BGP and identifying the Root Cause Analysis of the issues.
  • Experience with manipulating various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
  • Deploying and decommissioning of Cisco Routers, Cisco switches and their respective software upgrades.
  • Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
  • Hands on Experience working on NextGen Firewalls such as Cisco ASA with Firepower (5585) and Palo Alto (5050).
  • Cisco Firesight management tool to manage Cisco ASA with firepower, (Sourcefire) appliances
  • Perform firewall administration adding, updating and troubleshooting as per requirement rules/policies on Palo Alto 5050 & Cisco ASA 5555, 5585.
  • Configure Security Profiles on Palo Alto / ASA for URL filtering, Anti-Virus, Anti-Spyware, Vulnerability Protection, Threat Prevention, File Blocking.
  • Configure Clientless/AnyConnect SSL VPN on Cisco ASA for Work from Home Users
  • Configuration and Troubleshooting of IPSEC VPN tunnel On Palo Alto/ Cisco ASA and Cisco ASA as peer.
  • Implement DMZ for multiple clients of the state on the Palo Alto/ ASA firewall.
  • Analyze of firewall logs, Provide administrational and Monitoring Support, Dynamic Updates for Palo Alto 5050 Firewall & Cisco ASA 5555, 5585.
  • Responsible for Migration from Legacy Cisco ASA firewall to Palo Alto firewall.
  • Experience with Splunk Security Infrastructure and Event Management. (SIEM). Correlate, review, rank, and coordinate work efforts for sites to follow up on high-priority events.
  • Work with Level 2 / Level 3 Engineering on software bugs and solutions involving software upgrades and feature enhancements.

Confidential, Thousand oaks, CA

Network Engineer

Responsibilities:

  • Installation and Configuration of Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document.
  • Configured Cisco ASA 5510 for VPN Network Access Control integration with Cisco ISE (Inline PEPs).
  • Configured and performed software upgrades on Cisco Wireless LAN Controllers 5508 for Wireless Network Access Control integration with Cisco ISE.
  • Provided connectivity to On-premise devices to Azure VNET by using Azure VPN, Express Routes and Virtual Network peering.
  • Worked on F5 LTMs & GTMs to improve web application delivery speed and replication through and between distributed global data centers.
  • Implement SSL VPN solutions including Palo Alto Networks Global Protect with single and multiple gateway solutions including integration of PKI certificates
  • Worked on wild fire advanced malware detection using IPS feature of Palo Alto.
  • Provided comprehensive guest access management for Cisco ISE administrators, sanctioned sponsor administrators using BYOD & Guest Management Portal Configuration.
  • Responsible for day to day management of Cisco Devices, Traffic management and monitoring.
  • Managing health check of Network devices this is involves upgrading IOS on every quarter after checking the vulnerability of IOS and reviewing the configuration
  • Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
  • Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel.
  • Involved in the redistribution into OSPF on the core ASA firewall.
  • Involved in the removal of EIGRP from all devices and making OSPF the primary routing protocol.
  • Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network.

Hire Now