SUMMARY

• IPSEC - VPN configuration for data encryption.
• Working knowledge of security governance, compliance frameworks, and technical hardening standards (e.g. PCI, COBIT, NIST, etc.).
• Experienced with firewall policy migration and firewall upgrades in an ACI environment.
• Use scripting to implement network configuration and push policy to firewalls.
• Administered Skybox to validate the Firewall rules and configurations before implementing the changes to meet NIST Standard.
• Checkpoint cluster implementation and configuration including R77 clusterXL and previous version of checkpoint firewall OS.
• Checkpoint Management server HA for fail-over for network management reliability.
• Firewall security policy implementation and monitoring
• Firewall traffic tracking using tcpdump and fw monitor for packet capture and analysis
• Well experienced in configuration of Cisco routers and switches for packet routing and switching.
• Experience in network intrusion detection/intrusion prevention systems and firewalls.
• Managed multiple Fortinet Firewalls using Forti-manager.
• Create administrative domain(Adom) to manage multiple Vdom.
• Create multiple virtual domain(Vdom) on Fortinet firewalls.
• Use Forti-Analyzer to troubleshoot and analyze traffics.
• Managed Checkpoint Cluster Firewalls in Provider1 environment.
• Managed Checkpoint VSX in ACI and Provider1 environment.
• Extensive Packet level debugging and troubleshooting on Palo Alto Firewalls to resolve numerous network issues.
• Managed multiple Palo Alto Firewalls using Panorama.
• Migrate from Checkpoint Firewall to Palo Alto Firewall using Expendition.
• Migrate from Cisco ASA Firewall to Palo Alto Firewall using PAN 3.0 tool.
• Considerable research into logs for root cause analysis of any issues within a network.
• Work with team and resolve client firewall issues.
• Experience managing and configuring Zscaler proxy filtering.
• Experience using office tools such as MS Word, Excel, Powerpoint,Visio, Outlook.
• Excellent verbal and written communication skill.

TECHNICAL SKILLS

• SECURITY: Checkpoint NGFW( R65, R75.20, R76(GAIA), R77), (4400, 4600, 5100, 5600, 12k, 13k,23k, 41k,61k Series), Palo Alto (Version 5.0.1 to 9.0.2), ( PA-5020, PA-3020, PA-500, PA-200,PA-220, 7k series ), Fortigate (3950B,1500D, 1200D, 300, 500, 3k, 7k chasis), ASA 5500 Series Cisco PIX.
• Static & Dynamic IP Addressing, NAT/PAT, web Application and IPS/IDS. Networking/Protocols: TCP/IP Protocol Suite

PROFESSIONAL EXPERIENCE

Confidential, Alpharetta, GA

Sr Network Security Engineer

Responsibilities:

• Experience in Palo Alto Firewalls, Checkpoint, Fortinet and Zscaler.
• Use scripting to implement network configuration and push policy to firewalls.
• Upgrade Check Point Version from R75 - R77.30 Gaia to R80.30 Gaia.
• Upgrade Check Point Version from R75 - R77.30 Gaia to R80.30 Gaia.
• Install, configure and maintain Check Point R75 - R77 Gaia and Splat.
• Analyze logs in smartview tracker to troubleshoot network traffics.
• Managed Checkpoint Cluster Firewalls in VSX environment.
• Deployed Site-to-Site VPN tunnels between Check Firewalls and Palo Alto firewalls.
• Install, configure and maintain Palo Alto Version 5.0.1 to 9.0.2.
• Install, configure and maintain Palo Alto PA-500, PA-3020, PA-3060, PA-5020, PA-5220, PA-5040 and 7k series.
• Palo Alto cluster implementation and configuration including Version 8.0.1 and previous version of Palo Alto firewall OS.
• Configuration, Troubleshooting and Maintenance of Palo Alto and Fortinet Firewalls.
• Strong experience in creating firewall policies as per the requirements on Palo Alto, Fortinet and Checkpoint firewalls.
• Install, configure and maintain Fortinet Version 4.0. to 6.2.
• Managed multiple Fortinet Firewalls using Forti-manager.
• Create administrative domain(Adom) to manage multiple Vdom.
• Create multiple virtual domain(Vdom) on Fortinet firewalls.
• Use Forti-Analyzer to troubleshoot and analyze traffics.
• Configure NAT such as Dynamic, Static, and Manual NAT policies as required for user traffics going out to the internet.
• Configure URL filtering to enable and/or disable user traffic access to unauthorized web sites.
• Configure new routes for new endpoints into Palo Alto Firewalls.
• Managed Palo Alto Firewalls from the command line interface.
• Extensive Packet level debugging and troubleshooting on Palo Alto Firewalls to resolve numerous network issues.
• Palo Alto Management server HA for fail-over for network management reliability.
• Managed multiple Palo Alto Firewalls using Panorama.
• Migrate from Checkpoint Firewall to Palo Alto Firewall using PAN 3.0 tool.
• Migrate from Cisco ASA Firewall to Palo Alto Firewall using PAN 3.0 tool.
• Administered Skybox to validate the Firewall rules and configurations before implementing the changes to meet NIST Standard.
• Experience managing and configuring Zscaler proxy filtering.

Confidential, Forest Park, GA

Sr Network Security Engineer

Responsibilities:

• Experience in Checkpoint firewalls and Palo Alto Firewalls.
• Proven success managing multiple Information Security Systems.
• Install, configure and maintain Check Point R75 - R80.10 Gaia and Splat.
• Implement network security for remote access. Tasks includes configuring site to site and clients to site VPN tunnels.
• Configure and administer security rules and policies to permit and/or deny user traffics based on company security policy.
• Configure NAT and HIDE such as Dynamic, Static, and Manual NAT policies as required for user traffics going out to the internet.
• Configure IP-SEC VPN, and SSL-VPN (Mobile Access) on Check Point Gaia based on user traffics that needs to be encrypted using Checkpoint.
• Conducted security policy/rule review to identify and remove rules that are not needed to reduce checkpoint firewall policy lookup.
• Analyze logs in smartview tracker to troubleshoot network traffics.
• Checkpoint Management server HA for fail-over for network management reliability.
• Migrate from Cisco ASA Firewall to Checkpoint Firewall.
• Comprehensive understanding of networking concepts pertaining to LAN and WAN, Information security, IT communication and maintenance in multi-platform environments.
• Managed Checkpoint Firewalls from the command line interface.
• Worked with Checkpoint Support for resolving escalated issues
• Managed Checkpoint Cluster Firewalls in Provider1 environment.
• Install, configure and maintain Palo Alto PA200, PA220, PA500, PA3020 and PA5020.
• Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls.
• Migrate from Cisco ASA Firewall to Palo Alto Firewall using PAN 3.0 tool.
• Strong experience in creating firewall policies as per the requirements on Palo Alto firewalls.
• Configure new routes for new endpoints into Palo Alto Firewalls.
• Managed Palo Alto Firewalls from the command line interface.
• Extensive Packet level debugging and troubleshooting on Palo Alto Firewalls to resolve numerous network issues.
• Palo Alto Management server HA for fail-over for network management reliability.
• Managed multiple Palo Alto Firewalls using Panorama.
• Migrate from Checkpoint Firewall to Palo Alto Firewall using PAN 3.0 tool.
• Configure URL filtering to enable and/or disable user traffic access to unauthorized web sites.
• Periodic policy review to ensure security polices achieves purpose.
• Experience in Network Intrusion detection/Intrusion Prevention System and Firewalls.
• Signature Updates Deployment on the Management Components and all the Individual IPS/IDS devices.

Confidential

Firewall Administrator

Responsibilities:

• Experience in Fortinet and Cisco ASA Firewall.
• Responsible for service request tickets generated by the helpdesk in all phases.
• Remotely connect into end user computer to help troubleshoot network issues.
• Provide technical and administrative support to customers on a daily basis.
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.
• Install, configure and troubleshoot Fortinet firewalls.
• Maintain active directory database (backup and restore).
• Work with Fortinet Fortigate NGFW appliances 1500D, 1200D at the data center as well as Fortinet 300, 500 at regional office locations managed through Fortimanager.
• Cisco ASA Firewall configuration and troubleshooting.
• Advanced knowledge in Cisco Switches and Routers Configurations.
• Maintain effective communication with vendors, peers and clients.
• Participate in on call support in troubleshooting the configuration and installation issues.