OBJECTIVE

• Extensive background in computer and network security, management, and administration.
• Excellent troubleshooting and repair skills.
• Creative analysis and pattern matching in complex security environments providing proven results.

SUMMARY

• Good experience in researching, implementing and administering network security solutions. Skilled in supporting and troubleshooting operational issues related to network security Infrastructure Worked on layer 2 protocol such as STP, VTP, RSTP, PVSTP, MST and configuring switches from scratch.
• Expertise in implementation, administration, analysis and support of LAN and WAN.
• Experience in Cisco Routing, Switching, Cisco ASA firewall wif Firepower, F5 Load Balancer wif strong Cisco hardware/software experiences.
• Expertise in Fortinet and fortigate manager wif configuration.
• Worked on Juniper devices like M, MX,T routers on advanced technologies like, MPLS VPNs, TE and other service provider technologies.
• Seasoned professional in Checkpoint firewall policy administration and support between various zones.
• Expert level noledge in IP Routing and WAN protocols (BGP, EIGRP, OSPF, ISIS).
• Good noledge of Networking Protocol such as IGRP, IS - IS, RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, IPv4 and IPv6, LAN, WAN, MAN, VRF, VTP, NTP, HTTP, HTTPS.
• Profound Knowledge of LAN Technology like Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channel, VLANS, VTP, STP, RSTP, 802.1Q.
• Solid Knowledge of Linux, RHEL, CentOS, Windows, Unix Operating systems
• Used Palo Alto Dashboard to monitor servers and status of firewalls.
• Avid learner wif proven capability to implement new technologies to its detail level.
• Knowledge about Infrastructure Service such as DNS, DHCP, SMTP, POP3, FTP, TFTP, MLPP.
• Have very good noledge of operating system such as Windows 7/8/10, Windows Server 2008/2003, Linux, UNIX.
• Good noledge about Networking Protocol such as PAGP, LACP, VRRP, GLBP, TACACS+, Radius, AAA, IPv4, IPv6.
• Good noledge on AWS Implementations.
• Working noledge wif monitoring tools such as Solar Winds & network packet capture tools such as Wireshark and Cisco packet tracer.

TECHNICAL SKILLS

• Firewall
• Cisco ASA firewall, Sophos firewall, Checkpoint firewall, Palo alto firewall
• Networking Protocols
• RIP, OSPF, EIGRP, BGP, STP, RSTP, VLAN, VTP, NTP, PAGP, LACP, HSRP, MPLS, VRRP, GLBP, TACACS+, Radius, AAA, IPv4, IPv6
• LAN Technologies
• Ethernet, Fast Ethernet, Gigabit Ethernet, 10 Gigabit Ethernet, Poet-channel, VLAN, VTP, STP, RSTP, 802.1Q
• WAN technologies
• Frame Relay, ISDN, ATM, MPLS, DS1, DS3, T1/T3, SONET, Leased lines
• Security protocols
• IKE, IPSEC, SSL-VPN
• Tools
• GNS3, Packet Tracer, Riverbed (OPNET), MATLAB, Wireshark, LabVIEW
• Operating System
• Windows XP/7/8/10, MAC OS X, Linux, Unix, Windows Server 2008/2003

PROFESSIONAL EXPERIENCE

Confidential, San Ramon, CA

Sr. Network security Engineer

Responsibilities:

• Planned, coordinated, implemented and supported teh 802.11x, VPN over wireless, security, LAN/WAN hardware, software and Internet/Intranet/Extranet integration network connectivity, diagnosed network failures and resolved any problems.
• Experience in layer-3 Routing and layer-2 Switching. Dealt wif Nexus models like 7K, 5K, 2Kseries, Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3750, 3500, 2900 series switches.
• Hands on experience for Implemented Zone Based Firewall and Security Rules on teh Palo AltoFirewall.
• Experience wif Fortinet Firewall, Forti Manager and Forti Analyzer.
• Installing Fortinet Firewall on remote sites and configuring as HP policy and user needs.
• Configuring, maintaining and troubleshooting wif Fortinet firewall and security
• Performing troubleshooting on slow network connectivity issues, routing issues that involves OSPF, and identifying teh root cause of teh issues.
• Monitored network traffic using Cisco ASDM.
• Migrated Tufin Orchestration Suite to new hardware. Upgraded Tufin Orchestration Suite to v16. Conducting Security assessment of various security events through Splunk, Secureworks platform
• Experience converting Palo Alto VPN rules over to teh CISCO ASA solution. Migration wif both Checkpoint and CISCO ASA VPN experience.
• Assisted wif configuration and deployment of network switches, routers, and wireless.
• Configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures.
• Configured Cisco ISE for Wireless and Wired 802.1x Autantication on Cisco Wireless LAN Controllers, Catalyst Switches, and Cisco ASA Firewalls.
• Configured and performed software upgrades on Cisco Wireless LAN Controllers 5508 for Wireless Network Access Control integration wif Cisco ISE.
• Responsible for Cisco ASA firewall administration across our global networks.
• Configured Cisco ASA 5510 Firewall to establish logical separation between Legacy network & lab environment.
• Clean-up of unused objects / disabled objects in teh firewall rule based on Tufin report
• Implement security applications including Ensilo, RSA, Zscaler, ProofPoint, Tufin, and Symantec.
• Experience on administrating and maintaining Red Hat Enterprise Linux system
• Convert static proxy server to proxy auto-config (PAC) file through GTM and Fortigate proxies/firewall.
• Experience in setting up teh enterprise infrastructure on Amazon Web Services (AWS) like
• Checkpoint /Palo Alto Firewalls troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on teh network
• Experience in LAN switching protocols, Spanning tree, rapid spanning tree and Either-channel.
• Advanced noledge, design, installation, configuration, maintenance and administration of Checkpoint Firewall R55 up to R70 version, Secure Platform Installation.
• Advanced noledge in Design, Installation and configuration of CheckPoint Provider Environment
• Good noledge on AWS Implementations.
• Experience in security for teh following platforms: Windows physical and virtual desktops and laptops, UNIX / Linux Servers, Windows servers, Database as well as RSA (EMC), McAfee (Intel), FireEye, Symantec endpoint security tools
• Push configurations and updates to multiple Splunk Enterprise instances via teh Splunk Deployment Server
• Monitor teh performance of Splunk via teh Splunk Monitoring Console
• deployments of Splunk while working side by side wif teh customers to solve their unique problems across a variety of use cases
• Developed evidence collection process to ensure management can make attestation for SSAE16 report.
• Collaborate across teh entire organization to bring Splunk access to product and technical teams to get teh right solution delivered and drive future innovation gathered from customer input
• Having experience from Cisco ASA to Palo Alto Migration As well checkpoint to cisco ASA
• Decommission serial T3 circuits and replace wif MPLS circuits. MPLS clouds were provided by carriers ATT, Verizon or Level 3.
• Applied working noledge of COSO and SOX 302/404; IT general controls; NIST CSF, NIST RMF, HIPPA to daily GRC.
• Daily monitoring of Solarwinds, FortiSIEM (AccelOps), Splunk, LogRhythm, Vectra (AI), Cylance, ESA, WSA, Umbrella, and Proofpoint.
• Worked extensively on firewalls and VPN gateways Checkpoint, Blue Coat Web Gateway, CISCO, Juniper, Fortigate GUI and Shell.

Confidential, Princeton, NJ

Network security Engineer

Responsibilities:

• Router, switches and Hub (Based on CCNA), configuration and maintenance of network devices such as computer, Printer, Scanner, Monitoring LAN/WAN.
• Working wif Network Design and implementation teams on various projects across related to Brach, Campus.
• Implemented and maintained various WAN equipment such as Cisco 2800, 3800 and 7200 routers, ASR 1006.
• Experience working wif Cisco 3750, 4948, 2811, 2600, 7200, 6500, series switches.
• Designing and deployment of Partner IPSEC VPN tunnels.
• Successfully installed CISCO ASA 5505 Firewalls to protect Data Center and provided L3 support for routers/switches/Firewalls.
• Configure and administer security rules and policies to either permit or deny user traffic
• based on company's security policies on checkpoint and Palo Alto firewall.
• Involved in teh configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
• Having good exposure to wild fire feature of Palo Alto.
• Implemented various EX, SRX and J Series Juniper Devices.
• Created and configured management report and dashboards using Fortinet and Fortigate.
• Troubleshooting fortigate CPE 80 series firewalls and Fortinet manager along wif forescout CounterAct
• Worked on Fortinet for most of teh reporting and dashboard purposes.
• Deployed and maintained IS-IS on Cisco and Juniper routers.
• Design MPLS VPN and QoS for teh architecture using Cisco multi-layer switches.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Exposure of large complex Cisco ASA & Palo Alto Firewalls Environment.
• Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR redundant pair.
• Worked on Juniper devices like M, MX, T routers on advanced technologies like, MPLS VPNs, TE and other service provider technologies.
• Designed and developed "Cluster Management Protocol" to coordinate and synchronize multiple nodes in Brocade Ethernet Fabrics.
• Redistribution of OSPF and EIGRP into BGP wif teh correct tagging parameters from teh old legacy network to route and to utilize teh correct MPLS VRF VPN’s provided from teh bearers.
• installing and Configuring Juniper switches EX, QFX5100 and QFX10000 series.
• Provided Cisco Unified Communications operational and project services for a single 8.6 cluster comprised of two Data Center.
• Responsible for organizing and creating quarterly compliance reports for American Express using an external control scan service. Coordinated vendor meetings in evaluating security products to assist wif PCI-SOX compliance. Conducted research for creating teh organization's security awareness program.

Confidential

Jr. Network Engineer

Responsibilities:

• Configured basic protocol on devices like Static Routing, RIP, EIGRP, OSPF, and BGP.
• Racking, stacking, and cabling network-based, IT systems.
• Configuring and deployment of Juniper ERX310 router.
• Configuring of IP Allocation and sub netting for all applications and servers and other needs throughout company using FLSM, VLSM addressing.
• Maintained redundancy on Cisco 2600, 2800 and 3600 routers wif HSRP.
• Hands on experience in Cisco Routers and Switches.
• Configuration of Cisco firewalls, VPN Configuration and support.
• Design and create dedicated VLANs for Voice and Data wif QOS for prioritizing VOICE over teh DATA on Catalyst switches and basic VOIP configurations.
• Troubleshoot teh issues related to routing protocols.
• Perform routine network maintenance checks as well as configure and manage printers, copiers, and another miscellaneous network equipment.
• Configuring VRRP, Static route, BGP, Routing policies, ACL
• Preparing reports of teh daily activities wifin teh datacenter. Managing various activities in setting up Data Centers & Disaster recovery centers
• Knowledge in OSPF, EIGRP and RIP. Knowledge in Dynamic routing protocols
• Preparation of all Branches Link up time/down time report to maintain SLA wif Customer
• Build and maintain Visio documentations for Clients. Troubleshoot Windows 2000 Servers and streamlining teh user policy.
• Built IPSec based Site-to-Site (B2B) VPN tunnels between various client locations using cisco ASA firewall.
• Installing operating systems, software and hardware on computers.
• Responsible for Data Backup, System Update, Recovery and Restore, and Spyware removal.
• Assisting Junior and Senior Engineers, on-site management of cable-wiring technicians.
• Troubleshoot problems on a day to day basis and documented every issue to share it wif design teams.