We provide IT Staff Augmentation Services!

Network Security Engineer Resume

Fort Worth, TX

SUMMARY

  • CCNA & CCNP Certified Network Engineer with experience in network design, network integration, deployment and troubleshooting.
  • Experienced in complete LAN, WAN development includes IP address planning, designing, installation, configuration, testing and maintenance.
  • Having expert level knowledge on OSI model and TCP/IP protocol suite. Implemented and maintained Sourcefire intrusion detection/ prevention (IDS/IPS) system.
  • Worked on Switching Technology Administration including creating and managing VLANS's, Port security, Trunking, STP, Inter Vlan routing, LAN security etc.
  • Experience in Cisco Routing, Switching and Security with strong Cisco hardware/software experiences with Cisco Routers such as 1900, 2900, 3900, Cisco ASR - 1k/9k, Cisco Multilayer Switches 4500, 6500, Cisco Nexus 2k/5k/7k and Juniper: M320, MX80, MX480, MX960 and EX4200, EX8200 switches.
  • Implemented CiscoLayer3switcheslike 3750, 4500 and 6500 in multi VLAN environment with the use of inter-VLAN routing, HSRP, ISLtrunk and ether channel.
  • Configured &monitored around 600+ Network &Security Devices that includes Juniper SRX Firewalls, F5 BigIP Load balancers and Nexus Devices.
  • Troubleshooting experience in complex network layers 1, 2to layer 3 (routing with MPLS, BGP, EIGRP, OSPF protocols) technical issues.
  • Commissioning and Decommissioning of MPLS circuits for multiple field/locations offices.
  • Work roles included Network, system and data availability and integrity through preventive maintenance and upgrades.
  • Monitored network for optimum traffic distribution and load balancing using Solarwinds.
  • Provided admin and support roles on Bluecoat Proxy for content filtering and internet access between site and VPN client users.
  • Deployed and Managed Bluecoat proxies in the forward proxy scenario as well as for security in reverse proxy scenario.
  • Setup secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and Palo alto Firewalls (3k, 5k).
  • Monitored performance of network and servers to identify potential problems and bottlenecks.
  • Designed and implemented F5 load balanced environment at the data center. Supported F5 LTM, F5 LTM VE (ESXi) and F5 Viprion c2400.
  • Troubleshooting the Network Routing protocols (BGP, EIGRP and OSPF) during the Migrations and new client connections.
  • Access control server configuration for RADIUS& TACAS+. Working knowledge of Firewall, LDAP, AAA, TACACS/RADIUS, and IPSEC.
  • Monitoring Network infrastructure using SNMP tools, OPnet, NetSight, Solar-winds, CISCO works, Wireshark and Splunk.

TECHNICAL SKILLS

Routing: OSPF, EIGRP, BGP, RIP, Route Filtering, Redistribution, Summarization, and Static Routing

Cisco routers: 7606, 7609, 3845, 3660, 2921, 2691, 1812, ASR-1k/9k

Switching: VTP, STP, PVST+, RPVST+, Inter VLAN routing, Multi-Layer Switch &Ether channels

Switches: Nexus 2248, 2232, 5548, 5596, 6000, 7009, 7010, 7018, 7718

Cisco Catalyst: 6506, 6509, 4928, 4948, 4507, 4510, 3750, 3560, and 2960

Network Security: Cisco ASA 5520/5550/5585 and PIX 525Firewalls, ACL, IPsec, IDS, Checkpoint security, Palo alto firewalls (2k,3k,5k), Fortigate 500E/600E

Load Balancer: F5 Networks (Big-IP) LTM 6400, LTM 8900

Operating System: Windows Server 2012, Linux Ubuntu

Gateway Redundancy: HSRP, GLBP and VRRP

Features & Services: IOS and Features, SNMP, SYSLOG, DNS, DHCP, CDP, TFTP, FTP

Network Management: Netflow Analyzer, Syslog, SolarWinds, CISCO works, Wireshark and Splunk

Other software & tools: MS VISIO/office, Vmware

Security Technologies: PAP, CHAP, Cisco PIX, Blue Coat, Blue Coat 8100-10/9000-40 ProxySG appliances, Bluecoat Proxy AV appliances, Zscaler & SDWAN, Cisco Meraki

PROFESSIONAL EXPERIENCE

Confidential, Fort Worth, TX

Network Security Engineer

Responsibilities:

  • Deployed, implemented, configured and managed Cisco FWSM and ASA Firewalls, Cisco IDS/IPS, Cisco ISE, Wireless Controllers/APs and Cisco Meraki Cloud Wireless Security on high volume critical production environment.
  • Experience in the Zscaler Cloud environment with the Cisco SD-WAN Platform
  • Deployed, configured, managed and implemented Cisco Routers and Switches, Cisco ASA 5500 series Firewalls, Cisco VPN Concentrators LAN-LAN IPSEC VPN and Cisco IDS/IPS on high volume critical production environment.
  • Configured, managed, monitored and analyzed IDS/IPS Signatures Attacks, Wire Shark , Firewall logs, Systems, Applications and Security Event Incident Management Logs for comprehensive security vulnerability monitoring.
  • Responsible for NAT traffic flow in the Juniper SRX 3600 and support juniper Space
  • Worked extensively in Configuring, Monitoring and Troubleshooting Juniper Security appliance
  • Serve as a Troubleshooting resource for the continuous Connectivity for the network automation.
  • Creating the WAN optimization, and minimizing the bandwidth requirements from the Service Providers henceforth saving the money to the organization to a notable level.
  • Configured rules and maintained Palo Alto Firewalls & analysis of firewall logs using various tools.
  • Managed the F5 Big IP GTM/LTM appliances to include writing IRules, SSL offload and everyday task of creating WIP and VIPs.
  • Working on the riverbed Steel central for Generating reports for the Traffic Monitoring and utilizing the Netflow to design the future network requirements.
  • Implementation and Configuration ( Profiles, I Rules) of F5 Big-IP LTM-6400 load balancers
  • Modifying the script for the network migration of more than 150 sites in more than 73 countries containing riverbed equipment of models ranging from low to high levels.
  • Providing Support for the Network Security infrastructure using Prime servers located in 3 different Continents.
  • Providing support to the organization for the Configuration, verification and Troubleshooting using the Cisco Prime.
  • Monitoring the user activity and the Server utilization of various sites located across the world and utilizing it for the elimination of the vulnerable security breaches before they even penetrate in to the network.
  • Using the Net brain to get insight into the live network and generating a network diagram in less than 3 minutes to meet the fast pace of the network operation.
  • Created, Modified and exported Visio diagrams with various layouts to facilitate better experience.
  • Creating a script to grab the subnets of more than 100 sites using the Qapp of Netbrain and utilizing it for the Network Migration.
  • Executing simultaneous commands for the Netbrain at the same time to reduce the time and provide better efficiency in troubleshooting, Configuration and design of the network.
  • Designing a whole new site from the scratch for the network operations like subnets, VPN, LAN and WAN etc. Implementing the various steps required to configure the Meraki gateways, switches and firewalls for the connectivity to the cloud. Documenting all the implemented steps for the future reference to an organization
  • Providing the security to the infrastructure using the Palo Alto next generation firewalls. Configuring the Various security and access polices as per the requirements of the client. Troubleshooting at the various routing protocols like, BGP and OSPF for the connectivity of the network.
  • Configuring various routing protocols and designing it to meet the traffic requirements using QOS. Providing support to more than 100 sites for the LAN, WAN design, Configuration and troubleshooting. Modifying a script for the LAN, WAN migration of the network.
  • Providing the DNS, DHCP and IP support for the network operations using BLUECAT Server. Utilizing the DDI script for the network migration of more than 20,000 Users.
  • Utilizing a WLAN script for the wireless network migration and testing it for each site for the successful operation into the live production environment.

Confidential, Burbank, CA

Network Security Engineer

Responsibilities:

  • Configuring/Troubleshoot issues with the following types of routers Cisco (7200, 6500, 4500, 1700, 2600 and 3500 series), to include: bridging, switching, routing, Ethernet, NAT, and DHCP, as well as assisting with customer LAN /MAN.
  • Installation, deployment, Analysis and troubleshooting of Firewall Technologies i.e. Checkpoint, Fortinet, Palo - alto, Cisco ASA, F5 (LTM).
  • Pro-actively protected the integrity, confidentiality and availability of data and assets with Cisco Firewalls, Tripwire for Servers, IPSec, VPN, DMZ and IDS/IPS for access control and security monitoring and analyses.
  • Involved in deployment of Cisco ISE and Firepower as well as, created/modified necessary profiles that allowed authorized devices on the network.
  • Supported in giving access to the User machines and partners exterior to the network using IPsec VPN tunneling and SSL.
  • Configured and deployed VDC and VPC between Nexus 7018 and Nexus5596, 5548 switches along with FEX2248.
  • Configured EIGRP and OSPF as interior gateway protocol with route filtering and route redistribution, installed and maintained Cisco 3600, 2600 and 7200 backbone routes with HSRP.
  • Troubleshooting complex LAN /WAN infrastructure that include routing protocols EIGRP, OSPF, BGP.
  • Supported various LAN environments consisting of Cisco 6500 switches with Sup-720.
  • Involved in migration from Legacy Catalyst 6509 with SUP-720, Catalyst 4507 with SUP-6 to Nexus 7k with SUP-2E as part of the data center refresh.
  • Having hands on experience in implementation and deploying BIG-IP F5 LTM load balancers for load balancing and network traffic management for business applications.
  • Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate application and their availability.
  • Having Strong hands on experience on Cisco Catalyst (3550, 3750, 6500) series switches, Cisco (2500, 2600, 2800, 3600, 3800, 7200) series Routers, ASA Firewall (5505/5510), Load Balancers using Cisco ACE, F5 LTM/GTM, Cisco Works, HP OpenView, Palo Alto Networks Firewall models (PA-2k, PA-3K and PA-5K).
  • Managed and maintained high-availability firewall clusters utilizing NetScreenOS (NS5200 & ISG1000), JunOS (SRX 240, 1400, 3400), Palo Alto (3050, 52xx) and Cisco ASA (5585x).
  • Administered and engineered Cisco ASA, NetScreen5200, Juniper ISG, Juniper SRX, and Palo Alto firewalls to provide secure connectivity and integration with F5 reverse-proxy and load-balancing.
  • Designed firewall solutions to include zones, policies, NAT & PAT, address-groups, and network objects.
  • Configured data center switches for network backup, replication, and storage and resolved related technical issues.

Confidential

Network Engineer

Responsibilities:

  • Created data migration strategies to help with completion of migration of data center from one point to another.
  • Analyze network traffic using NAC tools for improving network security.
  • Configuration of Cisco 6500 (sup 720), 4500 (SUP 6) & 3750 Catalyst Switches for network access.
  • Worked extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 5585, 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.
  • Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers.
  • Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches.
  • Time to time upgrade network connectivity between branch office and regional office with multiple link paths and routers running HSRP, EIGRP in unequal cost load balancing to build resilient network.
  • Design and implement Catalyst/ASA Firewall Service Module for various LAN’s.
  • Key contribution includes troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF, & BGP.
  • Designed and implemented core switching and routing functionality for datacenters utilizing primarily Cisco Nexus 7000, 5000, 4000, and 2000 series switches.
  • Responsible for cabling and labeling based on day to day requirement and Racking & Stacking of various network equipment and made sure that there are no connectivity issues using ping and tracer.
  • Configured Access-lists, Distribution-lists, Offset-lists and Route Redistribution.
  • Responsible for level 2 support of existing network technologies /services& integration of new network technologies / services.
  • Installing new equipment to RADIUS and worked with MPLS-VPN and TACACS configurations.
  • Worked on Cisco 2300, 4000, 6500 series Router and Cisco 1600, 2900, 6500 series switch
  • Experience working on Big IP/F5 load balancer, Citrix NetScaler, Cisco ACE load balancer and Juniper Equipment.
  • Responsible for Data Center Migrations and its operations including the change from 6500 switches to nexus series switches, configured VPC/VDC on nexus 2k, 3k.
  • Oversaw numerous hardware upgrades, technical refreshes, and equipment migrations.
  • Network Monitoring using SNMP and other tools such as SPLUNK, SolarWinds.
  • Experience in configuration and extension of VLAN from one network segment to other segment between different vendor switches (Cisco).
  • Helped in designing and implementation of VLAN for the new users. Network Protocol Expert in DNS/DHCP&IP Management application support.
  • Used various BGP Attributes and various Route-filters such as named Access-lists, Prefix lists, Route-maps to permit or deny routes and to change various attribute.
  • Configured Ether channels, Trunks, Vlans, HSRP in a LAN environment.
  • Experienced in implementation and troubleshooting knowledge of protocols and technologies, especially in the following: BGP, OSPF, IPv4, and Ethernet.
  • Involved in configuration of OSPF Summarization (Summarizing internal and external routes).

Confidential, Bellevue, WA

Network Engineer

Responsibilities:

  • Configuration and Management of Cisco Nexus 3K Series Switches, Cisco 6500, 4500, 3750 series Switches, Cisco 2800, 2900, 7200, ASR 1000 Series Routers, ASA, Check Point Firewalls, Palo alto Firewalls, F5 Load Balancers.
  • Performed Nexus-OS ISSU and EPLD upgrade. Configured policy statements, routing instances, route manipulation on OSPF and BGP.
  • Migrated Sites From EIGRP to OSPF. Migrated Data Center Backend Firewalls from PIX to the ASA.
  • Deployed Checkpoint GAIA Firewalls at the Data Centers.
  • Coordinating with Vendors for creating and modifying firewall and NAT rules and Maintaining Site to Site and SSL VPN
  • Configuring switch ports (VLAN tagging, switch port mode, Port Channel) at distribution and Access layers for new server builds and critical server movement as per requirement
  • Configuration of Cisco wireless technology including Wireless LAN Controller (WLC).
  • Worked in HP blade centers for server storage and used HP One view for automated lifecycle management.
  • Provided deep application-aware network visibility and granular performance analytics that empower network administrators to rapidly isolate and remediate problems and improve the user experience using Cisco Prime.
  • Configured, Troubleshooting and Monitoring on Cisco LMS. Involved in Configuration of Access lists (ACL) on Juniper and Palo Alto firewall for the proper network routing for the B2Bnetwork connectivity.
  • Switching technologies like VLAN, Inter-VLAN Routing, Ether-channel, VTP, MLS, HSRP, VRRP, UDLD, Spanning Tree Protocol 802.1d, 802.1s and 802.1w.
  • Understanding of mobile backhaul network on IP, Ethernet, ATM, PW & TDM.
  • Setup and configure network monitoring and management systems like BNA (brocade).
  • Worked on configuration and commissioning of the MPLS circuits for various branch offices.
  • Provided Daily network support for national wide area network consisting of MPLS, VPN and point-to-point site.
  • Worked with TACACS+ and RADIUS Servers.
  • Performed Network Security Assessment and implemented security improvements such as network filtering, SSH, AAA, SNMP access lists, VTY access lists, EIGRP MD5 authentication, and HSRP authentication.
  • Handled Network capacity planning, modeling, and traffic optimization and experience in using tools (OPNet, Netflow, etc.).
  • Configured ACL’s in Cisco 5520 ASA firewall for internet Access requests for servers, Protocol Handling, Object Grouping and NAT.

Hire Now