SUMMARY:

• 6+ years of professional experience in Networking and security, design, Implementing, performing Network analysis and support of large Networks.
• Experience in Configuration of all Palo Alto Firewall models such as PA - 3k and PA-5k, centralized management system (Panorama) to manage large scale firewall deployments.
• Strong hands on experience in configuring and troubleshooting of Cisco ASA (5540/5550) Firewalls, Checkpoint Firewalls and Juniper SRX Firewalls.
• Configuring Rules in Palo Alto Firewalls & Analysis of logs using various tools like Solar Winds and Splunk.
• Performed deep packet analysis to troubleshoot application issues using tool like Wire-shark.
• Strong noledge in KILL CHAIN and mitigating various attacks such as ZERO-DAY ATTACK, DOS & DDOS ATTACK.
• Working noledge wif Load Balancers F5 LTM like 3900, 6900 for various applications.
• Implementing standard security measures on all the Routers and Switches. Configuring AAA on all network devices wif TACACS+ and RADIUS.
• Exposure to Blue coat Proxy.
• Expertise in installing, configuring, and maintaining Cisco Switches, Cisco routers, Nexus 2k, 5k and 7k switches, and Juniper MX and EX Devices.
• Hands-on configuration and experience in setting up Cisco routers to perform tasks at the Access, Distribution, and Core layers.
• Worked on configuration and troubleshooting of routing protocols such as EIGRP, OSPF, and BGP.
• Enhanced level of noledge wif WAN technologies like E1/T1/E3/T3, HDLC, Frame-Relay and PPP.
• Advanced Knowledge in IPSEC VPN, DMVPN, SSL VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols.
• Experience in troubleshooting various layer 2 and 3 issues related to VRF. Configured Cisco 7600, 7200 series routers for MPLS VPN connectivity and VRF tables on Edge routers for customer usage of the MPLS network.
• Experienced in the setup of complex routed LAN and WAN networks, MPLS, DS3 wif Physical Labeling and IP Addressing
• Implemented traffic filters using Access list, route maps and policy based routing.
• Experienced in configuring and troubleshooting layer2 technologies such as VLAN Trunks, Inter-VLAN routing, STP, RSTP, PVST and MSTP
• Experienced wif layer 2 security features such as Private VLAN, VLAN ACL, Port security, CAM Table overflow, AAA (securing passwords), IP Spoofing, Rough DHCP & proxy Attacks Dynamic ARP inspection and STP Security features.
• Strong noledge in configuring redundancy protocols such as HSRP, VRRP on core switches & routers and ether channel technologies (LACP, PAGP).
• Good Level Knowledge about TCP/IP and OSI models.
• NOCs Network Management Systems, analyze problems, perform troubleshooting, communicate wif site technicians and other data engineers, and track problems through resolution.
• Knowledge wif 802.11x wireless technology.
• Knowledge in configuring Identity Service Engine such as AD and LDAP intergration, High availability, MAB, Dot1x, Dynamic VLAN, Web Authentication and Profiling.
• Experience wif the Python to automate.
• Experience in Azura Palo alto VM deployment.
• Expert in Managing IP address blocks, Address inventory, DHCP scopes for the inside network infrastructure and DNS through IPAM Infoblox.
• Efficient at use of Microsoft VISIO/Office for technical documentation and presentation tools.

TECHNICAL SKILLS:

Cloud Platform Experience: AWS (Amazon Web services)

Hardware Platform Experience: Routers- Cisco 7609, 2600, 2800, 2900, 3800, 3640, 3745, 7200, 810 series, Cisco ASR 1000 series, Juniper MX seriesSwitches- Cisco Nexus 9k/7k/5k/2k’s, 6500, 4500, 3750, 3560, 2900, Juniper EXVMware ESXi

Programming/Coding Skills: Firewalls- Cisco ASA 5540,5550 series, Juniper SRX, Check Point Gaia, Palo Alto

PROFESSIONAL EXPERIENCE

Sr. Network Security Engineer

Confidential, Woodland Hills, California

Responsibilities:

• Reviewing & creating the Firewall rules and monitoring the logs as per the security standards in Palo Alto Firewalls.
• Pushed Policies from Panorama to Firewall in Palo Alto, and also Configured and Maintained IPSEC and SSL VPN's on Palo Alto Firewalls.
• Palo Alto design and installation (Application and URL filtering, Security Policies, Threat Prevention, Data Filtering).
• Exposure to wildfire advance malware detection using IPS feature of Palo Alto.
• Configured High availability, User ID and AppID on Palo Alto firewall.
• Migration from Juniper, Cisco ASA to Palo Alto firewall..
• Implemented failover (Active-standby and Active-Active) and clustering wif ipv4 & ipv6 on ASA Firewall.
• Configured and implemented dynamic routing protocols, VPN, ACL and Object Groups on Cisco ASA Firewall.
• Implemented CTP using TACAS+ and RADIUS on Cisco ASA Firewall.
• Worked on software blades of Checkpoint firewall.
• Experience working wif Bluecoat WAN Accelerator, Bluecoat Packet shaper and Bluecoat Proxy.
• Experience in implementing the setup such as VPC, Routing through the AWS instance.
• Implemented On-Premises connectivity to VPC’s via VPN and Direct Connect.
• Implemented NAT and Security Groups for EC2 instances.
• Implementing NACL’s against subnets.
• Configured/implementing VPC peering when applicable.
• Administering multiple Firewalls, in a managed distributed environment and Monitoring the network traffic wif the halp of Qradar and Cisco IPS event viewer.
• Maintain, monitoring, and set up alerts for Solarwindsmonitoring for company
• Implementing, Managing and troubleshooting Aruba ClearPass Appliance along wif Designing.
• Worked wif implementation of Cisco Meraki wirelessenvironments.
• Configured the Clearpass servers to provide secure wireless connectivity for all corporate laptops using two factor, machine and user authentication.
• Involved in migration of F5 Local traffic managers of LTM 5100 series to LTM 6800 series for higher.
• Installing the F5 TMOS upgrades/downgrades, Hot-fix installations depending on Business need.
• Composition of Virtual Servers, Pools, Nodes in accordance to the application.
• Configured different load balancing methods on F5 LTM and worked on one-connect profiles, HTTP compression and several persistence profiles.
• Securing the applications from threats by offloading the SSL in ASM.
• Created many security policies depends on the requirement using Deployment wizard in ASM.
• Experience wif setting up MPLS Layer 3 VPN cloud in data center and also working wif BGP WAN towards customer.
• Worked wif Cisco Nexus Series 7000 series, 5000 series, and Fabric Extenders including new 5k/2k deployments and FEX migrations.
• Experience on managing Network-based Intrusion Detection/Prevention Systems (IDS/IPS).
• I have halped users to troubleshoot remotely, and over the phone resolving PC / network problems.
• Infrastructure and operational change management implementation of data center technologies.
• Documenting all networkchanges and upgrades using Visio and Excel.

Network Security Engineer

Confidential, Quincy, MA

Responsibilities:

• Installed and configured ASA5520 in customer locations.
• Responsible for maintaining Active Directory applications.
• Planned, designed, and configured ASA 5580 Firewalls wif software version 8.0, Cisco Load balancers, VPN concentrators, and implemented QoS and performing traffic engineering.
• Worked in configuring, Monitoring and Troubleshooting Cisco's ASA 5500 security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing wif the firewalls as per the design.
• Involved in the Migrated of Checkpoint to Cisco ASA firewalls.
• Knowledge on Juniper SRX 240 Firewalls.
• Administering multiple firewall of Juniper/ NetScreen, in a managed distributed environment and Policies between secure zones using NSM (Network Security Manager).
• Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls.
• Implement URL filtering requests in Bluecoat Proxy SG for website blacklist and whitelist purpose.
• Extensive experience in designing and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Configured HSRP, VRRP for High availability on Core Switches.
• Monitored the ticket queue for incoming tickets; updated tickets in accordance to Service Level Agreement requirements and escalated based on severity levels using Remedy.
• Created Standard and extended access lists on Firewalls and Cisco ISR's to allow SNMP, NTP and logging servers traffic.
• Hands on experience on F5 Load balancers.
• Experience in creating Virtual servers, Pools, nodes and rules on BIG-IP F5 in LTM module.
• Experience working wif high availability and implemented it on F5 load balancer.
• Migrated Frame-relay based branches to MPLS based technology using Multi-layer stackable switch like 6500 series and 2800 series routers.
• Configuring High availability on Cisco WLC's, adding Access points on Cisco wireless controller.
• Experienced in configuring L3 protocols (IP, BGP, OSPF, EIGRP, IGRP), redistribution, summarization, Filtration (using distribute list, route map, prefix list, access list).
• Experienced on OSPF using features like TSA, SA, NSSA and route summarization. Organized EBGP/IBGP rules also implemented BGP attributes such as Local preference, MED, AS-PATH Prepend, Community and Weight.
• Deployed the switches in high availability configuration wif HSRP.
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features
• Network documentation using Microsoft Visio.

Network Engineer

Confidential

Hyderabad, India

• Managing and upgrading IOS image files and taking configuration back-up.
• Extensive technical experience working wif VPN technologies (IPSEC, SSL VPN, WebVPN, AnyConnect, DMVPN).
• Providing technical consultancy for better application response using QoS.
• Configured HSRP, VRRP, GLBP and VLAN Trunking (802.1Q & ISL), VTP, STP, RSTP, PVST+, Port Security on Catalyst 6500 switches.
• Designed ACLs, VLANs, Inter-VLANs, troubleshooting IP addressing issues and taking back up of the configurations on switches and routers.
• Configured OSPF on CISCO devices wif multiple routing processes and redistributed them. Tested and hands on experience in multi area OSPF topologies.
• Done troubleshooting of TCP/IP problems and connectivity issues in multi-protocol Ethernet environment.
• Performed lab testing for network connectivity.
• Experienced in trouble-shooting both connectivity issues and hardware problems on Cisco based networks.
• Build and maintain Visio documentations for Clients.
• Working on HP open view map for Network Management System and Ticketing.
• Working on securitylevels wif RADIUS, TACACS+.
• Administration and L3 support of our Infoblox DDI deployment and F5 GTM's and configuring various advanced features (Virtual servers, Nodes, Pools, Profiles, monitors, iRules, Persistence, SNATs, and HA) on F5 BIG IP appliances.
• Installed, configured and maintain wif the latest updates on the Cisco Routers Switches.
• Configured VPC, FEX and VDC's on Nexus 5K.

Network Support Analyst

Confidential

Responsibilities:

• Installation, configuration and maintenance of Windows Servers 2003 and 2008
• Responsible for maintaining Active Directory applications
• Installation and configuration of DNS, DHCP, IIS WEB and FTP servers
• Responsible for report generation of Daily, weekly to tape, differential and incremental, and Monthly backups of remote database servers.
• Through presentations at client sites, enabled them to meet various technical standards related to IPv6 and their technology enhancements
• Experience testing and troubleshooting layer1 circuit, layer 2 devices and WAN connections establishment and protocol debugging.
• Worked as L1 network (NOC) Engineer support and responsible for escalation of Redstone ISP client’s issues.
• Worked on Routers Cisco 2620, 3750 and 2950 Switches & Link sys wireless access points.
• Experience in WAN connectivity using Cisco routers by using T1, T3 and frame relay connections and its troubleshooting issues.
• Knowledge in OSPF, EIGRP and RIP
• Preparation of all Branches Link up time/down time report to maintain SLA wif Customer
• Build and maintain Visio documentations for Clients
• Use of TCP Dump to troubleshoot access issues.
• Installing service pack upgrades.
• Configuring Port Mirroring, VLAN, STP, RSTP, SNMP, and Routing Policies on switches
• Maintaining all the network devices routers, switches