We provide IT Staff Augmentation Services!

Senior Network Security Engineer Resume

SUMMARY:

  • I have worked in network field for over eight - years and have done multiple network engineer role as well as security projects, some of which included:
  • IPSEC-VPN configuration for data encryption.
  • Firewall security policy implementation and monitoring.
  • Checkpoint Management server HA for fail-over for network management reliability.
  • Checkpoint cluster implementation and configuration including R77 Cluster XL and previous version of checkpoint firewall OS.
  • Hands-on experience on migrating from Fortinet, Checkpoint into Palo Alto.
  • Ability to work in a provider-1(SMS Virtualization) environment, understanding of MSD operation, MDS HA, CMA HA and MLM/CLM configuration.
  • Firewall traffic track using CLI TCP dump and FW monitor for packet capture and packet analysis with tools like Wireshark.
  • Experience in Network Intrusion detection/Intrusion Prevention System and Firewalls.
  • Implemented a test lab which comprises other vendor firewall/security appliances such as Palo-Alto, CheckPoint and Fortinet for data security.

TECHNICAL SKILLS:

Check Point Provider - 1, Check Point NGX R65, R75.20(SPLAT), R76-R80(Gaia), Palo Alto Firewall, Fortinet, Static & Dynamic IP Addressing, NAT/PAT. Networking/Protocols: TCP/IP Protocol Suite; VLAN, VLSM, VTP, VPN, SSL VPN, CISCO ACL, RIP, EIGRP, OSPF, DHCP, OSI, Cisco Routers; Cisco Switches, F5, Tufin, Traceroute Tool, Splunk, Solar wind, Proof Point, Qualys, Tripwire, Arc Sight, NetScaler.

PROFESSIONAL EXPERIENCE:

Confidential

Senior Network Security Engineer

Responsibilities:

  • Implementation and administration of Check Point and Palo Alto Firewalls & network Management.
  • Configure NAT and PAT such as Dynamic, Static, and Manual NAT policies as required for user traffics going out to the internet.
  • Identify and remove security policies that are not needed to reduce checkpoint firewall policy lookup.
  • Implement and troubleshoot firewall rules in Palo Alto firewalls using Panorama.
  • Configured and troubleshoot remote access and site to site VPN using Palo Alto and Check Point firewalls.
  • Monitor all users/Firewall traffics using smart view-tracker, TCP Dump and smart view-monitor smart consoles.
  • Implementation of Application Identity and control using Palo Alto/Check Point firewalls.
  • Deploy Check Point/Palo Alto URL filtering configuration .
  • Migration and implementation of Palo Alto Next-Generation Firewall seriesPA-500, PA-3060, PA-5060, PA-7050, PA-7080.
  • Migrating checkpoint firewall, Cisco ASA FW to Palo Alto Firewall using Migration tools 3.0
  • I have built Panorama M-500 and M-600 from scratch and migrated multiple HA pairs Palo Alto firewalls to Panorama
  • Monitor checkpoint VPN tunnel activities with smart view monitor and troubleshoot VPN issues with CLI.
  • Perform regular updates, HFAs and patches for firewall when needed for maximum performance.
  • Configure IP-SEC VPN, and SSL-VPN (Mobile Access) based for user traffics that needs to be encrypted using Checkpoint.
  • Configure URL filtering to enable and/or disable user traffic access to web-sites.
  • Configure IPS to prevent malicious traffics using software blades
  • Experience with wire data analytics solutions (Splunk, Traceroute tool).
  • Encryption detection experience with tools such as Symantec.
  • Configure Cortex XDR to completely remove blind spots by incorporating cloud data, endpoint and network to accurately detect attacks and simplify investigations.
  • Configured Panorama to forward logs to syslog server, analyse logs through Splunk, configure email alert and Solarwinds for monitoring.
  • Strong knowledge on leveraging advanced firewalls features like APP-ID, User-ID, Global Protect, Wild Fire, NAT policies and Security Profiles.
  • Strong knowledge working with Endpoint Security solutions such as Symantec Endpoint Protection, AV, DLP, EDR

Confidential

IT Security/Firewall Engineer

Responsibilities:

  • Monitor all users/Firewall traffics using smart view-tracker, and smart view-monitor smart consoles.
  • Integrates Confidential active directory (LDAP) into checkpoint for identity awareness and user authentication.
  • Perform regular updates, HFAs and patches for firewall when needed for maximum performance
  • Support Checkpoint migration to new platform for all Business and Data centers in environment.
  • Involved in designing and deploying a multitude applications utilizing the AWS stack (Including EC2, Route53, S3, RDS, SNS, SQS, VPC, IAM) focusing on high-availability, fault tolerance, and auto-scaling.
  • Monitor all users/Firewall traffics using smart view-tracker, and smart view-monitor smart consoles.
  • Implement high-availability configuration for security management server for fail-over.
  • Implement and configure clustering system for checkpoint security gateways/Firewalls for fail-over both in load sharing mode and fail-over.
  • Configuring rules and maintaining Palo Alto firewalls & analysis or firewalls logs. configured Panorama to manage more than 3000 Palo Alto firewalls using Device group and Template and centralize policy push.
  • Regularly gather and document user traffic log information files for information purpose.
  • Monitor firewall work-load using smart view-monitor to enhance checkpoint firewall performance.
  • Troubleshoot firewall issues through command-line using CLI commands and GUI interface using smart console.
  • Configured Global Protect gateway to provide VPN connections for Global Protect agents.
  • Regularly perform network assessment to view firewall work-load effect on the network.
  • Implement identity awareness using checkpoint software blade to track user activity as company policy demands.
  • Periodic policy review to ensure security polices achieves purpose.
  • Remotely troubleshoot firewall issues using secure end-end connectivity to prevent network security loops.
  • Troubleshoot, Monitor and configure checkpoint firewall issues and other smart console applications using CLI.
  • Configure IP-SEC VPN, and SSL-VPN (Mobile Access) based for user traffics that needs to be encrypted using Checkpoint.
  • Migrating the policy from Cisco ASA firewall into Palo Alto.
  • Perform regular snapshot and revert/backup and restore/upgrade export/ upgrade import services to backup and restore all configuration in-case of disaster recovery.
  • Implement DMZ network for inside and outside user access to dedicated DMZ servers for e-mail and other services.
  • Configured windows USER-ID agent to collect host information using Palo Alto Global Protect.

Confidential, Alpharetta, GA

Network Security/Firewall Administrator

Responsibilities:

  • Install, configure and maintain Check Point R75-R80 Gaia /SPLAT.
  • Supported and managed Palo Alto Firewalls PA-7050, PA-5000 on Panorama platform.
  • Configure and implementation of zones, interfaces and virtual routers including rules/changes on Palo Alto firewalls.
  • Migration of multiple SMC customers to MDS for Check Point (Provider 1).
  • Manually migrate all Check Point data configuration to Palo Alto and vice versa.
  • Implement and configured firewall rules in Checkpoint Gaia R77.20, R75, R70, VSX and Palo Alto Pa-500, Pa- 3000,5000 series, panorama.
  • Configured and troubleshoot issues with VLAN, Inter-VLAN routing, NAT/PAT, Access-List, and IOS Firewall.
  • Focusing on high-availability, fault tolerance, and auto-scaling.
  • Configure Palo Alto Panorama Console to maintain and control all Infrastructure firewall templates
  • Encouraged implementation of physical security to the access of network and security devices.
  • Configured network devices to Identify network security loops and implemented ways to mitigate them using STP protocol
  • Worked on the migration of Checkpoint to Palo Alto firewalls in one of the environment.
  • Configuring, Administering and troubleshooting the Checkpoint Firewalls R61, R65 and R70.
  • Encouraged network redundancy for backup of network devices in case of disaster recovery.
  • Managed network evaluation, and troubleshoot various network problems.
  • Maintained leverage of Routers data processing, Switches bandwidth control through Vlan configuration and routed network with the use of routing protocols.
  • Installing & configuring firewalls like Checkpoint NG & NGX R65 and Cisco ASA5520.
  • Replaced multiple Cisco clustered PIX firewalls with checkpoint cluster and deployed High Availability for security management server.
  • Configured firewall products to suit client's need in addition to already installed other vendor’s security appliance.
  • Implement and configured firewall rules Palo Alto Pa-500, Pa- 7000 series, panorama.
  • Configured user authentication rules/policies to permit or deny user traffics on role-based access.
  • Managed and set up VLANs and deploy new VMware environment.
  • Handled the tasks of configuration and deployed wireless solutions.
  • Monitored, troubleshoot, configured, and deployed LAN/WAN solution .

Confidential, Atlanta, GA

Network Administrator

Responsibilities:

  • Ability to install, manage and troubleshoot wireless network infrastructures, Standalone devices, Virtual Controllers, Campus development, Indoors and Outdoors APs and Cradle points.
  • Install, configure and maintain Check Point SPLAT.
  • Implemented and troubleshoot firewall rules in Palo Alto firewalls and Check point firewalls.
  • Knowledge of wireless Network protocols (802.11a/b/g/n/ac).
  • Hands on working knowledge of Cisco and Aruba Access points.
  • Working knowledge of setting up and configuration of secured client SSID and Public SSID.
  • Ability to configure and push out firmware configuration updates for APs, monitor the process and address mismatch
  • Demonstrates technical knowledge of device connectivity issues and replicate poor wireless network problems, VPN set up and reset
  • Working knowledge of Airwave Management tools and AMP servers for remote management and troubleshooting client’s wireless networks.
  • Delivers a range of technical support services to field engineers for wireless Access point deployments, setups and replacements.
  • LAN / WAN Network Configuration, Diagnosis and Troubleshooting.
  • Troubleshoot network interface device and hardware devices using appropriate tools

Confidential, Houston, TX

IT Field Engineer

Responsibilities:

  • Resolved security issues with Ceridian HR/Accounting system and migrated legacy data to Confidential Excel for auditing.
  • Coordinated with telecom providers regarding migration of digital circuits with SWIFT secure monetary transaction service.
  • Setup undocumented Digi voice recording system for monitoring and logging of all telephone conversations between customers and bank representatives.
  • Modified custom MS Access based Visual Basic application with enhanced functionality to allow the automatic translation of numbers to words and to limit the maximum amount of money a check can be printed with.

Hire Now