We provide IT Staff Augmentation Services!

Network & Security Architect Resume

Houston, TexaS

PROFILE SUMMARY:

  • 10 years of Network Security Engineer with experience in testing, troubleshooting, implementing, optimizing, and maintaining enterprise data network and service provider systems, Cyber Threat/Network Security Information and Event Management (SIEM) tools, Enterprise Security Engineer
  • Experienced in reviewing the design, architecture, capacity, implementation, and support of a variety of network security infrastructure environment such as firewalls, proxy appliances, cloud security services, URL filtering, IPS, IDS, VPNs, NAC etc.)
  • Designed and implemented of network security platforms form manufacturers such as Palo Alto, Cisco, AWS, McAfee, URL, etc.
  • Designed and implemented of AWS cloud services VPC, Transit Gateway, SG, NACL’s, VPC and VPN attachments, NAT Gateways.
  • Well Experienced in cloud security solutions including network security automation tools such as Terraforms and ansible.
  • Well versed with several of the Infrastructure technologies such as network routing, switching, Active Directory, DNS, DHCP, etc.
  • Experience with Palo Alto security products Next Generation Firewalls, cloud security tools, URL filtering etc.
  • Designed and implemented Network Access Control infrastructure (NAC), Zscalar Product.
  • Monitored TFS network security infrastructure
  • In - depth Cisco technology experience/knowledge in design, implementation, administration, and support
  • Strong hands on experience in installing, configuring, and troubleshooting of Cisco 7600, 7200, 3800, 3600, 2800, 2600, 2500 and 1800 series Routers, Cisco Catalyst 6500, 4500, 3750, 2950 and 3500XL series switches
  • Strong experience in Network security using ASA Firewall, Checkpoint, Palo Alto, Cisco IDS/IPS and IPSEC/SSL VPN, F5 Load Balancer
  • Coordinated with vendors, the customer (users), managers to build systems and standards
  • Hands-on experience implementing Palo Alto, including Prisma Access, Prisma Cloud and optionally Prisma Cortex
  • Utilized Symantec DLP (Symantec data loss prevention) tool in order to capture data at Rest Events, Scanning of NAS drives and SharePoint sites, monitored activity, and generated reports for high impact Data Protection issues
  • Expertise in Installation, Migration, Configuration, Troubleshooting and Maintenance of Splunk, Passionate about Machine data, Operational Intelligence and Apache Web server on different UNIX flavors like LINUX
  • Experience in Junos and FortiGate, Fortinet Firewalls
  • Deployed new Check Point firewalls either physicals or VSX/VSLS
  • Design, configure, implement, and manage installations for new and existing customers utilizing Cisco, Aruba, Aerohive, Meraki and Fortinet technologies
  • Hands - on experience with design, evaluation, and implementation of client/server and web-based solutions with focus in identity and access management (IdM), public key infrastructure (PKI), cyber security, strong authentication, and credentialing
  • Created third-party converters (Palo Alto & Fortinet) to Check Point
  • Maintained, installed and Configured SD-WAN equipment's such as Fortinet firewall
  • Handled all the Firewall Migrations from Cisco ASA to Fortinet
  • Configures, manages, and upgrades Fortinet firewalls and a variety of other security products/appliances
  • Configuring, maintaining, and troubleshooting with Fortinet firewall and security
  • Support of firewall technologies includes Fortinet firewalls
  • Configures, manages, and upgrades Fortinet firewalls and a variety of other security products/appliances
  • Visual Monitoring of IVR, MTC (VXML), WEB and SPEECH servers using HP Open View
  • Checkpoint VPN-1,3D Analysis, Gaia, Standalone & Distributed setup, Security management, Log server, Secure platform (SPLAT), License management
  • Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Palo Alto rules
  • Experience in risk analysis, security policy, rules creation and modification of Check Point/Nokia Firewall VPN-1 FW-1 NGX R65, R70 & R75 Provider-1/Site Manager-1 R65, R70.30 & R75.40, Cisco ASA
  • Problem determination using local error logs and by running user traces and service traces
  • Perform application penetration tests across public and private networks
  • Documenting design procedures and test plans
  • Palo Alto Networks Firewall models
  • Utilized Custom Threat Feeds to Determine Network Vulnerabilities and IOCs
  • Conducted Criminal Investigations using Open-Source and Social Media Tools
  • Wrote Python Scripts for Performing Investigations, Cyber Threat Analyses, and Big Data Inquiries
  • Experience in layer-3 Routing and layer-2 Switching. Dealt with Nexus models like 7K, 5K and 2Kseries
  • Integrated Service Now with Splunk to generate the Incidents from Splunk
  • Design & Integration experience on Security information and Event management solutions (SIEM). That enable organizations to detect, respond, and prevent these threats by providing valuable context and visual insights to help you make faster and smarter security decisions
  • Utilized Custom Threat Feeds to Determine Network Vulnerabilities and IOCs
  • Conducted Criminal Investigations using Open-Source and Social Media Tools
  • Wrote Python Scripts for Performing Investigations, Cyber Threat Analyses, and Big Data Inquiries
  • Handling Break/Fix situations, monitor, configure, policy creation on Checkpoint's Smart Center Server
  • Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/VPN-1 and Cisco ASA
  • Working on network design for new next-generation VPN solution, migration from Checkpoint VPN to Pulse Secure VPN from network prospect
  • Hands on Experience in configuring F5 objects, components and provisioning various modules like LTM. GTM, ASM, APM
  • Have experience in Intrusion Detection, DMZ, encryption, IPsec, proxy services, Site-to-Site VPN tunnels, MPLS

CORE COMPETENCIES:

Network & Security Ops Support/Design/Implementation

Architectures of Cisco, Juniper, Arista

Cisco Wireless & Aruba Wireless

ITIL Framework Process

Service Now Ticketing System

Change, Incident and Vendor Management

PRESENT EXPERIENCE:

Network & Security Architect

Confidential, Houston, Texas

Responsibilities:

  • Experience in Cisco switches and routers: Physical cabling, IP addressing, Wide Area Network configurations. Configured BGP on the Core Cisco 9508 switches and provided connectivity with existing datacenter
  • Performed NS-OX codes upgrade for 9508 via USB for both active and standby SUP. Deployed 9508 switches across the data center as a part of the new data center built
  • Performed Installation and Monitoring of Servers, Storage devices and Network Gear Routers, Switches as required by various groups
  • Architect, Design and deliver Encryption, key management, and PKI related solutions
  • Served as the primary PKI administrator for machine-based certificates including SSL server and device-based (Cisco ACS 6.x, firewall certs, etc.) for Confidential.
  • Designed and implemented of AWS cloud services VPC, Transit Gateway, SG, NACL’s, VPC and VPN attachments, NAT Gateways.
  • Configured PKI split VRF in Trust point
  • Hands on experience on Prisma Cortex, running play books
  • Trained on Prisma Cortex for about 2 months and gained lot of experience practically during my project
  • Configured OSPF on datacenter nexus 9508 switches to provide connectivity for intra network and core switches. Also provide L2 connectivity to 9348 Switches
  • Successfully installed different fiber (X97160YC-EX) and Copper (X9788TC-FX) line cards for 95087 switches. Planned and executed port assignments (Data/console/management) for all 9508 switches
  • Designed VLAN’s, access lists (ACL), troubleshooting IP addressing issues and Updating IOS images and other hardware installations
  • Experience in Junos and FortiGate, Fortinet Firewalls
  • Maintained, installed and Configured SD-WAN equipment's such as Fortinet firewalls
  • Handled all the Firewall Migrations from Cisco ASA to Fortinet
  • Configures, manages, and upgrades Fortinet firewalls and a variety of other security products/appliances
  • Configuring, maintaining and troubleshooting with Fortinet firewall and security
  • Configured nexus 9508 switches with peer-link, VPC keep-alive link, VPC domain, different VRFs, Virtual Port channel for downstream Switches etc
  • Resolved License issues with all the upgrades and deployed it successfully
  • Managed and resolved technical support requests to 3rd party vendors
  • Responsible for contacting 3rd party vendors regarding service contract repairs
  • Problem solved network issues related to IP video multicasting, layer 2 and layer 3 services (VPLS and IES), DHCP issues, remote access, hardware failure, and link redundancy
  • Performed configuration changes to network switches as requested by the customer (PGR) Site Operations personnel
  • Provided management and console connectivity to all datacenter devices like nexus 9508, Palo Alto PA-7050, Panorama, F5 Load balancers, Gigamon, Guardium, CyberArk, Bluecoat, SSLv, Infoblox, Riverbed, hurricane IDS
  • Configured Base configs and rules according to customer’s demand on all the security devices mentioned above. configured management IP’s for those devices on management 9348 switches
  • Created all Security rules. Configured all the security policies depending on customer’s request
  • Dealt with creating VIP pools, nodes and created Rules for Virtual servers. Designed, deployed and configured BIG IP F5i10800, i5800 and i4600 appliances
  • Configured and troubleshoot F5 LTM & GTM and provide Level 2 and 3 Support for customers. Licensing and provisioning F5 modules such as LTM and GTM
  • Worked on code upgrade from V13.1.0.1 to 13.1.1.4
  • Application deployment requests to QA, Performance, Production, Disaster Recovery environments, in support of Consumer Web operations and Professional Web operations
  • Performed client assessments covering VMware, NetApp, and backup best practices and recommendations
  • Site to Site, IPsec based VPN Tunnels for all B2B and third-party communications. Support Data Center Migration Project involving physical re-locations
  • Created the topology for all the devices in the data center on how its designed to be connected (Visio)
  • Dealt with NAT configuration and its troubleshooting issues related access lists and DNS/DHCP issues within the LAN network
  • Troubleshoot critical alarms, diagnose problems, determine course of action, repair and/or escalate to respective groups / individuals. Responsible for troubleshooting/correcting/escalating customer email/webmail and web hosting issues
  • Spearheaded deployment and configuration of several virtual private networks (VPN). Adeptly inspected and audited security and disaster recovery systems daily, resulting in robust systems and zero security intrusions
  • Used server Management Technology like, IPMI, Roamer, and iLO. Configured switches and router through switch builder software
  • Responsible for validating all the port assignments and cable alignments for the designated switches and all the security devices
  • Responsible for Incident and issue tracking, monitoring of the devices, SNMP configurations and making sure the network devices meet our security baseline configurations
  • Experience working in LAN and WAN design and implementations

Specialist Network & Security

Confidential, Boron, CA

Responsibilities:

  • Works with client engineering groups to create, document, implement, validate and manage policies, procedures and standards that ensure confidentiality, availability, integrity and privacy of information
  • Researched, designed, and replaced aging Cisco ASA firewall architecture with new next generation Fortinet appliances serving as firewalls and URL and application inspection
  • Assisted in standing up an internal Windows 2019 PKI server prototype for serving internal server certificate requests in the future.
  • Configured and Managed a Cisco IOS Certificate Server for PKI Deployment
  • Deployed RSA Keys within a PKI
  • Performed Configuration, Authorization, and revocation of certificates in a PKI
  • Working in Maintenance alerts of PKI credentials expiry alerts
  • Worked on Cisco IOS release 15MT
  • Performed site refreshes on Cisco switching and Aruba wireless infrastructure at several locations
  • Configured, implemented and troubleshooting issues on Checkpoint R77.10 Gaia, R75, Cisco ASA 5540, 5000 series and Fortinet 7040E, 5001E firewalls for the client environment
  • Manage project task to migrate from Cisco ASA firewalls to Check Point firewalls
  • Worked on VPN configuration, routing, NAT, access-list, security contexts and failover in ASA firewalls
  • Fortinet design and installation (Application and URL filtering, Threat Prevention, Data Filtering)
  • Configured and maintained IPSEC and SSL VPN's on Fortinet, Cisco ASA Firewalls
  • Configuring, Administering and troubleshooting the Checkpoint, Fortinet and ASA firewall
  • Configured IPSEC VPN (Site-Site to Remote Access) on Cisco ASA (5200) series firewalls
  • Working with the rule base and its configuration in Cisco ASA, Fortinet and Checkpoint firewalls
  • Rule consolidation and rule lockdown process in the ASA firewalls
  • Supported 200 Cisco ASA firewalls in configuring and maintenance
  • Researched, designed and replaced aging Cisco ASA firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection
  • Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering)
  • Configured and maintained IPSEC and SSL VPN's on Palo Alto, Cisco ASA Firewalls
  • Configuring, Administering and troubleshooting the Checkpoint, Palo Alto and ASA firewall
  • Configured IPSEC VPN (Site-Site to Remote Access) on Cisco ASA (5200) series firewalls
  • Working with the rule base and its configuration in Cisco ASA, Palo Alto, Juniper and Checkpoint firewalls
  • Experience working with Palo Alto firewalls managed through Panorama management platform
  • Deployment of Cisco ASA firewalls and migration of end of life ASA firewalls to New ASA firewalls
  • Cisco Firewalls include ASA 5585x, 5580, 5550 Series Hardware managed through CLI, ASDM as well as CSM
  • Configuring & Administration of the Checkpoint Firewall that includes creating Hosts, Nodes, Networks, Static & Hide NAT's
  • Experience in creating multiple policies and pushing them into Checkpoint Firewall (Gateways) and hands-on experience in managing the Checkpoint Management Server and Gaia operating system
  • Configure High Availability on Fortinet firewalls
  • Defining, tracking and maintaining the standard baselines and configuration sets of security devices and implementing industry best practices with regards to Firewall, IDS/IPS, IPsec VPN, SSL VPN
  • Applied security enhancement by implementing certificates and RSA keys for authentication
  • Support Citrix NetScaler F5 platform, configuring, implementing, & troubleshooting Citrix NetScaler VIP configuration with health check, policy configurations Access Gateway, & content switching configuration solutions
  • Configured F5 GTM solutions, which includes Wide IP, Pool Load Balancing Methods, probers and monitors
  • Work with the Cisco Meraki Sales team and on strategic sales initiatives like customer outreach and channel training to grow business in targeted regions
  • Defined AWS Security Groups which acted as virtual firewalls that controls the incoming traffic and configured the traffic allowing reaching one or more AWS EC2 instances Virtual private cloud (VPC), subnets, Internet Gateways
  • Privileged and access management using AWS and Microsoft Azure
  • Verify Firewall status with Checkpoint Monitor. Creation and implementation of Application delivery architectures which includes load balancing on F5 BIG IP modules
  • Worked with F5 Load balancing, IDS/IPS, Bluecoat proxy servers and Administrating
  • Use of Web application firewall providing reverse proxy based protection for applications deployed in physical, virtual / public cloud environments
  • Involved in the deployment and decommission of VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices
  • Involved in F5 LTM GTM and ASM planning, designing and implementation. Actively involved in F5 ASM policy configuration and deployment. Troubleshoot and Worked with Security issues related to Cisco ASA/PIX, Checkpoint, IDS/IPS and Juniper Net screen firewalls
  • Configured High availability, User ID on Fortinet firewall
  • Configured and utilized many different protocols such as OSPF, ISIS, BGP/MP-BGP, OER, MPLS, LDP, Multicast, IPv4/IPv6 protocols
  • Installed and configured a variety of Cisco devices like Cisco Routers (1841, 1900, 2600, 2800, 3800, ASRs and more), Cisco switches (3560, 3750, 4507 catalysts, 6500 catalyst Switch and more) and Nexus 7000 series, Nexus 5000 series, Nexus 2K Fabric Extenders and F5 appliances
  • Configured Spine and leaf Architecture on new Datacenter with Cisco Nexus Switches
  • Utilized knowledge of Spanning Tree Protocol, BGP, MPLS, OSI model layers 1-2 to create network layouts. Stateful firewall, VLAN to VLAN routing, Link bonding / failover, 3G / 4G failover, Traffic shaping / prioritization, WAN optimization, Site-to-site VPN, Client VPN, MPLS to VPN Failover, Active Directory and LDAP integration
  • Configured EIGRP routing and BGP route maps to allow traffic from subnets out to the core to Datacenter on the ASR 1002 devices
  • Implementation and configuration of Cisco L3 switches 3750, 4500, 6500 in multi VLAN environment with the use of inter-VLAN routing, dot1Q trunk, ether channel
  • Configure and troubleshoot Routing protocols such as OSPF and EIGRP for routing internally and BGP for external routing
  • Worked and maintained various network, application monitoring tools like SolarWinds, Cisco Prime, ForeScout, Wireshark, TCP Dump
  • Experience with Monitoring wireless networks and performing site surveys
  • Involved in Troubleshooting IP Addressing Issues and Updating IOS Images using TFTP
  • Used ServiceNow Remedy tool for ticketing purpose

Sr. Network Consultant/ Network security Analyst

Confidential, The Woodlands, Texas

Responsibilities:

  • Responsible for Incident and issue tracking, monitoring of the devices, SNMP configurations and making sure the network devices meet our security baseline configurations
  • Experience working in LAN and WAN design and implementations
  • Experience with DDI solutions (DNS, DHCP and IPAM)
  • Implementing of PKI / certificate based authentication
  • Migration of applications from Cisco ACE load balancer to F5 LTM BIG-IP
  • Created Virtual Servers, Pools and nodes as per application team requirements
  • Configured different load balancing methods, persistence profiles and Keep-Alive’s on F5 LTM and GTM
  • Performed high-level penetration testing on internal systems, infrastructure and web applications with the use of popular pen testing tools (Burp suite, Social Engineering Tool Kit, Metasploit, etc.). Found common web site security issues
  • Configured GTM Wide IP's for DR and Global Server Load Balancing
  • Troubleshooting experience with networks, identifying the root cause of the network failure with other support engineers
  • Worked on DDI solutions creating A and CNAME records on Infoblox
  • Implemented zone-based firewalling and security rules on the Palo Alto firewall
  • Worked on configuration, maintenance and administration of Palo Alto PA 3000 firewalls and migrating customers from Cisco ASA to Palo Alto in HA network using various tools
  • Successfully installed Palo Alto PA-3060 firewall then configured and troubleshot using CLI and worked with Panorama management tool to manage all Palo Alto firewalls and network from central location
  • Configured Palo Alto Next-Generation firewall mainly creating security profiles and VSYS according to client topology; Configured and installed Palo Alto Networks 5050 application firewalls (NGFW)
  • Administered Palo Alto firewalls to allow and deny specific traffic and to monitor user usage for malicious activity and future QoS
  • TACACS / Radius, AAA, Firewalls, VPN, Intrusion Prevention Systems, MAC Authentication Bypass, PKI, Dynamic routing, L2 / L3 Switching
  • Configured rules, maintained Palo Alto firewalls and analysis of firewall logs
  • Worked on activation of licenses and software upgrades on Palo Alto firewalls
  • Worked on Palo Alto firewall PAN OS version 6 and 7
  • Worked on generating new and renewal of Certs on Palo Alto firewalls
  • Worked on 4500 and 6500 Cisco catalyst switches that includes VLANs, SVI's, inter-VLAN routing and port aggregation
  • Worked on Cisco Identity Services Engine (ISE) project
  • Configured 6500, 3750 and 4500 for Network Access Solution integration with Cisco Identity Service Engine on ESX 4.0 VMware and physically with Cisco ISE appliances
  • Configured Cisco ISE for Domain Integration and Active Directory Integration
  • Configured Cisco ISE for Wireless and Wired 802.1x Authentication on Cisco Wireless LAN Controllers (WLC) and Catalyst Switches
  • Installed and maintained layer 2/3 switching including on Cisco Nexus platforms and Cisco Catalyst switches
  • Code upgrades from 11.4.0 to 11.5.1 HF8 and 11.6.1 to 12.1.1 on F5 LTM's and GTM's
  • Worked on Infoblox for DNS solutions
  • Decrypted traffic in Wireshark using the private key from F5 to find out the root cause
  • Thorough knowledge of Packet Analysis using network protocol analyzers like Wireshark and working on TCP dump
  • Implemented Checkpoint firewall cluster and MDS with multiple virtual firewall instances to support customers for an MSSP (Checkpoint 21800 - R77.30 GAIA) Investigated and identified multiple attack vectors, like malware, brute force, SQL injection, ransomware attack
  • Key architect in separating GE Appliances from the GE Global network for the Electrolux acquisition. (Palo Alto Firewalls)
  • Handle RFI’s from Incident Response around events/incidents
  • Deployed firewall management platform and DMZ infrastructure (Checkpoint Provider-1)
  • Maintained, monitored and tuned IDS/IPS (McAfee)
  • Implementing Web Application Firewalls (Imperva)

Sr. Network Engineer & IT security Consultant

Confidential

Responsibilities:

  • Advanced implementation and consultation on all F5 Networks BIGIP platform network modules (incl. LTM, GTM)
  • Hands-on experience with upgrading/downgrading operating system for Nexus 9K, F5 LTM, GTM
  • Installed high availability Big IP F5 LTM and GTM load balancers to provide
  • Implementing F5 BIG-IP application delivery controllers for load balancing using Virtual servers, irules and iApps
  • Provided application level redundancy and availability by deploying F5 load balancers LTM
  • In data center environment configured F5 LTM and GTM load balancer as a server where GTM dynamically resolve VIPs and provided to LTM server
  • Planning, installing, configuration and troubleshooting of networking infrastructure including routers and configuring end to end BGP sessions
  • Knowledge with F5 load balancers - LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
  • Performed load balancing and application level redundancy by deploying F5 BIG-IP LTM 3900
  • Basic and advanced F5 load balancer configurations, LTM, GTM, including migrating configurations from Cisco ACE to F5 and general troubleshooting of the F5 load balancers
  • Dealt with creating VIP (virtual servers), pools, nodes on F5
  • Design deploy and support Data Center Networks utilizing industry best practices and Cisco Application Centric Infrastructure and Nexus 9k platforms
  • Contribute to the development and performance of a migration plan from traditional data center Network designs to Cisco ACI
  • Experience working on Migration from classic architecture to Spine/Leaf for ACI support
  • Designed ACI fabric to ensure each tenant is secured and has separation from other tenants
  • Develop a process to generate ACI and Cisco IOS & NX-OS configurations based on certain inputs to build and configure tenants, Cisco routers, firewalls and switches
  • Configure all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale Firewall deployments
  • Extensive experience in configuring and implementing OSPF and BGP
  • Implemented BGP using Route filters to communicate with primary datacenter
  • Experience Installing, configuring, Troubleshooting Cisco Nexus 9508, 9348-FXP, 2332-TQ FEX, 93180-YC models in datacenter
  • Experience with configuring Nexus 2000 Fabric extender (FEX) which acts as a remote line card(module) for several ACI switches Datacenter
  • Created and maintained Citrix NetScaler configurations for virtual IPs including creation of virtual servers, system groups, content switching virtual servers and custom monitors
  • Migrated and reengineered complex, web-based applications from an NetScaler VPX load balancer to a F5 physical appliance
  • Configured VLANs on a switch for inter-VLAN communication. Configured VLAN Trunk Protocol (VTP) on Core Switches
  • Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves redistribution
  • Configured Cisco Nexus 9K,5K,3K and ASR 1001 routers at client locations
  • Strong knowledge on networking concepts like TCP/IP, Routing and Switching
  • Audited Firewalls, Switches, Load balancers and Routers for security threats and implemented corrective measures to eliminate the risk
  • Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall
  • Troubleshoot line card issues on daily basis depending on the alarms on the Chassis
  • Hands-on experience configuring TACACS+ on Network devices (Cisco Nexus, Palo Alto, Open gear, Riverbed, Gigamon)
  • Extensive experience taking copy of Cisco NX-OS, TFTP server and loading back on Nexus 9K and Palo Alto firewalls
  • Experience working with Palo Alto firewalls managed through Panorama management platform
  • Deployment of Cisco ASA firewalls and migration of end of life ASA firewalls to New ASA firewalls
  • Cisco Firewalls include ASA 5585x, 5580, 5550 Series Hardware managed through CLI, ASDM as well as CSM
  • Configuring & Administration of the Checkpoint Firewall that includes creating Hosts, Nodes, Networks, Static & Hide NAT's
  • Experience in creating multiple policies and pushing them into Checkpoint Firewall (Gateways) and hands-on experience in managing the Checkpoint Management Server and Gaia operating system
  • Configure High Availability on Fortinet firewalls
  • Defining, tracking and maintaining the standard baselines and configuration sets of security devices and implementing industry best practices with regards to Firewall, IDS/IPS, IPsec VPN, SSL VPN
  • Exposure to Network devices like Riverbed ARX, Net profilers, Infoblox, Gigamon, Garland
  • Used to raise tickets and work with Cisco TAC in case of devices hardware issues
  • Documented all the work done by using Visio, Excel &MS word

Network Engineer & IT security Consultant

Confidential

Responsibilities:

  • Experience with Firewall administration, Rule analysis, Rule modification
  • Experience on F5 load balancer to maintain balance in the network system with application specific usage
  • Troubleshoot traffic passing managed firewalls via logs and packet captures
  • Installing and configuring juniper Mx series router along with juniper switches QFX series
  • Configured and resolved various OSPF issues in an OSPF multi area environment on IPv4
  • Worked with Cisco Contact Center (UCCE) technologies, including centralized ingress, CVP, VXML, ICM and UCCE/UC integration
  • Managed fast L3 switched/routed LAN/WAN infrastructure as a part of Network team
  • Hands-on experience with WAN (MPLS/Frame Relay), routers, switches, TCP/IP, routing Protocols (BGP/OSPF), and IP addressing
  • Involved in the configuration & troubleshooting of routing protocols: BGP, OSPF, EIGRP, RIPv2 and Configured IP access filter policies
  • Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms
  • Deployed 7613 as PE and CE routers and also Configured & troubleshoot the edge routers
  • Excellent troubleshooting knowledge on T1, T3, OC-3 and OC-12
  • Configured egress and ingress queues for ISP facing routers using CBWFQ
  • Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems
  • Experience with implementing and maintaining network monitoring and experience with developing complex network design documentation and presentations using VISIO
  • Worked on SONET and deployment of DWDM
  • Estimated project costs and created documentation for project funding approvals
  • Worked on Checkpoint Firewall R77, Palo Alto and Cisco ASA 5520 firewalls
  • Worked on Check Point Firewalls NG, NGX R65, R70, R75, R77, NSX (VMware Network)
  • Configured BGP/OSPF routing policies and designs, worked on implementation strategies for the expansion of the MPLS VPN networks
  • Applying crypto maps and security keys for the branches, ISAKMP (Internet security association key management protocol) for establishing Security associations (SA) cryptographic keys
  • Understanding & Implementation of IPSEC & GRE tunnels in VPN technology
  • Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms
  • Configuration, operation and troubleshooting of BGP, OSPF, EIGRP, RIP, VPN routing protocol in Cisco Routers & L3 Switches, System testing

Hire Now