SUMMARY

• Having almost 8 years of experience in Security technologies such as Firewalls from multiple vendors such as Cisco, Checkpoint, Juniper, Palo Alto and FortiGate devices in installation, administration troubleshooting and migrations.
• Tasks include installations, configurations, support and maintenance of Firewall and Proxies.
• Experience in upgrade of all major multiple vendor firewalls.
• Configuring and adding policies in Checkpoint, Juniper, Palo Alto and Cisco ASA Firewalls
• Configuring the checkpoint firewall hierarchy gateway, management server and console. .
• Advanced knowledge, design, installation, configuration, maintenance and administration of CheckPoint Firewall R65 up to R77 version, Secure Platform Installation, VPN.
• Experience in Supporting and troubleshooting Checkpoint (R77 Gaia, R75.40, R70, R65, Provider - 1, MDM/MDS, VSX, SPLAT and IPSO) Juniper (SRX, JUNOS, and NSM) and Cisco firewall (ASA 5550, 5540, 5520, PIX 525, 535, and ASDM) Fortinet Firewalls (FGT 100, 200D, 600D, 1500D) Cisco Firepower Threat Defense (FTD 4100 Series) technologies.
• Understanding of OSI Layer, TCP/IP, TCP/UDP, Dynamic Routing Protocols EIGRP, OSPF, BGP. IPsec VPN technologies including Site to Site, Remote Access, SSL VPN etc.
• Working experience on Pa-5000 series Palo Alto firewalls and Panorama.
• Work experience in SIEM tool IBM Qradar.
• Good knowledge in LAN/WAN Technologies like DHCP, DNS, FTP, TFTP, HSRP, VRRP, ACL, NAT/PAT, IPsec and VPNs.
• Knowledge in Routing Protocols RIP, OSPF, BGP, EIGRP.
• Work experience on Bluecoat Proxy SG for Content filtering and URL filtering.
• Network Management Protocols including SNMP, SYSLOG and Understanding of application layer protocols.
• Good at OSI Layers concepts.
• Work experience on Zscalar proxies firewalls
• Troubleshooting of CISCO routers like ping, trace route and basic issues.
• Maintenance and trouble-shooting of LAN, WAN, IP Routing, Multilayers Switching.
• Demonstrated success record in: Managing multiple tasks with proven ability to meet deadlines and proactively identifying the problem to solve complex technical issues.
• Highly enthusiastic, creative team player, project implementation, analytical, interpersonal and communication skills

PROFESSIONAL EXPERIENCE

Confidential

Network Admin

Responsibilities:

• Working independently with the Client on the operations side of the project.
• Configuring and maintaining the Checkpoint firewalls R80.20 for the client network.
• Co-ordinate with different application teams to configure firewall rules necessary in environment after the migration of their servers to new data center.
• Created Forwarding profiles in ZAPP Portal for the Groups to use based on the Authentication.
• Creating local admin ac for ZIA and ZPA for all the Security Group and the Operational
• Strong hands on experience on Cisco (5525/5510) Firewalls, Cisco Firepower FMC and FTD 2100 series, Palo Alto Firewalls
• Experience in building Site to Site VPN using IKEV2 on cisco ASA, FTD with cross vendor appliances.
• Experience with converting Cisco ASA to Cisco FTD, working with both FTD and Cisco ASA experience
• Clean up of policies and NAT rules based on analysis.
• Upgraded Zapp Client to latest version Via ZIA Portal.
• Working on trouble tickets in Service Now ticketing system which comes to our queue.
• As part of Quarterly audit review process, We provide complete information of the infrastructure to find the loopholes in the security setup.
• Experience and knowledge in working on Cisco ISE.
• Worked with OKTA on multi factor authentication on ZPA
• 24x7 on-call escalation support as part of the security operations team
• Building site-site VPN connections for third party connectivity on Checkpoint Firewalls.
• Attending daily call with the internal teams and discuss the on-going issues and updates regarding tickets in the security queue.
• Migrated Cisco Devices to the new Checkpoint Firewalls.
• Attending the weekly call with the client on updates and changes.
• Attending the CAB meeting with the client security officers and presenting the changes and their impact on the network.
• Configuring the weekly backups using the FTP server of all the firewalls in the environment.
• Performing patches and upgrades of the checkpoint firewalls from R80.10 to R80.20.
• Configuring the VPN between the office locations for their infra accesses.

Confidential

Network Security Engineer

Responsibilities:

• Installation, maintenance and troubleshooting of Juniper SRX 240 and 650 equipment.
• Understanding and support of Palo Alto UTM’s, their configurations and support.
• Configuring the devices in standalone and clustered High Availability mode.
• Analyze data to provide solutions to complex problems and assist in resolving issues.
• Work collaboratively with Division of Technology Operations (DTO)/Network Security and DIS/Security Operations Center (SOC) personnel to ensure systems are implemented correctly, operationalized and are clearly visible to the DIS/SOC Security Information Event Management (SIEM) system. .
• Develop operational configuration control and approval process for firewall changes.
• Configuring and Implementing Security rules as per the business needs in Juniper SRX Firewalls and Palo Alto Firewalls.
• Migrated Juniper Devices to the new Fortinet Firewalls (FGT 100D, 200D, 600D 1500D)
• Responds to service requests from CA/Service Desk in a timely manner. When service requests are assigned, determines how to apply network best practices. After determining the service request requirements and documenting the necessary network platform and/or modifications, submits change request to change management system. Upon change management approval, employee completes the modifications on the network platforms and/or software in order to resolve the service request.
• Responsible for maintenance and support of Cisco Firewall, Juniper Mag Devices.
• Configuring the User-mapping on the Fortigate devices by using Fortiauthenticator FSSO using Forticlient mobility agent so as to eliminate the DHCP reservations and other complexities in the network.
• Extensive use of Fortigate (FGT 100D, 200D, 600D, 1500D), Cisco (5510, 5585, 5525x) and Juniper SRX (240 and 650) firewalls to manage policies and rule base of security control points, device mapping using network address translation, objects management, routes and other administrative tasks
• Analyze data to provide solutions to complex problems and assist in resolving issues. When a network problem is reported, uses the tools available such as Enterasys' TALON SIEM to determine the issue.
• Co-ordinate with different application teams to figure out what firewall rules they needed in environment after the migration of their servers to new data center.
• Configuring networks to ensure their smooth and reliable operation for fulfilling business objectives and processes.
• Developing and processing the Information Technology Resource Change Request (ITRCR) form in place of state customers along with their request/ Incidents and provide it to the DIS Officer for review before implementing the firewall changes.
• Replacing and installing the devices with RMA (return merchandise authorization ) devices when there is a crash on the production device.
• Upgrading Palo Alto, Cisco, Fortigates and Juniper SRXs when there are severe Security Advisories provided by the respective vendors.
• Works directly with customers to develop, design, implement, and manage network architecture to support and secure customer data and information technology processes related to customer service delivery functions.
• Creates and maintains network documentation, design drawings, security diagrams, procedures and policies using Microsoft Word, Excel and Visio.