PROFESSIONAL SUMMARY:

• Network Engineer wif Over 7+ years of experience in testing, troubleshooting, implementing, optimizing and maintaining enterprise data network and service provider systems.
• Implementation, Configuration and Support of Checkpoint (NGX R65, R70 and R71), Juniper Firewalls (SRX5400, SRX5600, and SRX5800), Cisco Firewalls (ASA 5505, 5506 - X, 5585), Palo AltoNetworks Firewall models (PA-2k, PA-3k, and PA-5 k).
• Provide scalable, supportable military grade TCP/IP security solutions along wif expert TCP/IP network designs dat enable business functionality.
• Administration, Engineering, and Support for various technologies including proficiency in LAN/WAN, routing, switching, security, application load balancing and wireless.
• Experience in Proliferating the query performance wif modification inT-SQL queries, removing unnecessary columns, eliminating redundant and inconsistent data, normalizing database, establishing necessary joins,creating usefulclustered indexandnon-clustered indexes.
• Worked on Juniper Net Screen Firewalls like, NS50, SSG 550M, SSG520M, ISG 1000, ISG 200 and Cisco PIX 535, 520, 515, ASA -5500 and 5505.
• Responsible for Checkpoint and Cisco firewall administration across global networks.
• Worked on Cisco Catalyst Switches 6500/4500/3500 series.
• Policy development and planning / programming on IT Security, Network Support and Administration.
• Creating Virtual Servers, Nodes, Pools and iRules on BIG-IP F5 in LTM module.
• Experience wif Firewall migrations from PIX firewall to Cisco ASA and Juniper SRX firewall appliances.
• Experience wif Bluecoat Proxy servers, LAN & WAN management.
• Experience in working wif Cisco Nexus Switches and Virtual Port Channel configuration.
• Experience wif Checkpoint VSX, including virtual systems, routers and switches.
• Experience in Network LAN/WAN deployment,
• Experience wif DNS/DFS/DHCP/WINS Standardizations and Implementations.
• Extensive understanding of networking concepts, (IE. Configuration of networks, router configuration and wireless security, TCP/IP, VPN, Content Filtering, VLANs, and routing in LAN/WAN, Ethernet Port, Patch Panel and wireless networks.)
• Configuration of Network and Security devices such as Cisco routers and switches (Cisco 7600/3500/Nexus 7K/5K), Firewall (Checkpoint R75/Gaia and Cisco FWSM), Load Balancers and DNS and IP Manager.
• Administration of production Windows Servers infrastructure dat includes Domain Controllers, IIS Web Servers, SharePoint, File and Print and FTP/SFTP servers.
• Proficient in installing and configuring Windows Server 2003, 2008, 2012 and Windows XP, 7 & 8 Professional Client Operating Systems
• Provides management level reporting of firewall and Intrusion Protection System (IPS) activity on a periodic basis.
• 24 x 7 on call support.

TECHNICAL SKILLS:

Domain Area: Network Designing, Network Troubleshooting, Network Security, etc.

Networking Equipment: Ciscoseriesrouters(2500, 2600, 2800, 3600, 3800, 7200, 7600)Ciscoseriescatalystswitches(1900,2900,3500,3750,4900,and 6500)JuniperMX10,MX40,SRX5400,5600,5800,Netscreen5400,6000,6500StaticRouting,RIPV1,V2;EIGRP,OSPF,BGP,MPLS,ACLs,RouteRe-distributionandSummarization,VRF

LAN Technologies: Ethernet/FastEthernet/GigabitEthernetnetworks,VLANS,VTP,STP(CST, PVST,RPVST+,RSTP),802.1q,ISL,Etherchannel,EVPL,HSRP,VRRP,GLBP,Cisco SLB,GSLB,F5loadbalancers.

Wireless, WAN and Cloud Technologies: 802.11 Standards, TCP/IP, OSI Layer, Fiber Optics, T1/E1, DWDM, OC192

Amazon Web Services: Airmon-ng

Communication Concepts: VoIP

Monitoring Tools: Platforms

Applications: VPN, Multicasting, IPSEC VPN, TLS, SSLCisco IP Phones, Asterisk server, SIP, RTP

Zenoss, Netcool, Solarwinds: Cisco IOS, NX-OSWindows XP, Vista, 7, 8, 10 and LINUX

PROFESSIONAL EXPERIENCE:

Network SecurityEngineer

Responsibilities:

• Implementing security Solutions using PaloAlto Pa-5000/3000, Cisco ASA, Checkpoint firewalls R75, R77.20 Gaia and Provider-1/MDM.
• Experience working wif Nexus 7018/7010, 5020, 5548, 2148, 2248 devices
• Experience wif configuring Nexus2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus5000
• Perform Firewall upgrades wif minimum or no downtime.
• Work in a Checkpoint VSX environment wif Virtual firewalls.
• Configure High Availability Checkpoint ClusterXL on VSX as well as perform Upgrades.
• Experience working in Provider-1 Environment wif Multiple CMA’s and dozens of gateways. Optimizing Firewall Policy, grouping objects, verify NAT and clean-up of unused firewall rules. Building of New Check Point Security Gateways and performing in place upgrades.
• Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for stateful replication of traffic between active and standby member.
• Responsible for installation support of Avaya VOIP Avaya Voice products to end user customers.
• Utilizing both SIP & H.323 connectivity via MPLS & TDM Carrier Services.
• Administration of Avaya telephones, IP Softphone One - X clients and features
• Assist in network design, deployment, and maintenance of network hardware. (E.g. Layer2/Layer3 switches, CWDM/DWDM multiplexers and SFP+ optics etc.).
• Understand the flow of traffic through the Check Point Security gateway cluster and troubleshoot connectivity issues using advanced troubleshooting from Command Line Utilities.
• Work wif Site to Site VPN including building new tunnels as well as support existing tunnels
• Configure LTM system/F5Loadbalancers. Configuration changes toF5GTM devices
• Migration of servers from one datacenter to another, providing switch connections to the new servers, updating Check Point Firewall rules for the new servers, A10 to F5 load balancers Migration.
• Use Provier-1 /Multi Domain Security MDS platform wif several hundreds of gateways administered through group of CMA’s / Smart Centers.
• Use both Automatic and Manual NAT on Check Point Security Gateway and troubleshoot NAT. Use Tools such as Tufin for Firewall Policy optimization and rule base Clean up.
• Work wif Cisco ASA Firewalls as well as Fortinet FortiGate Appliances.
• Manage Cisco ASA Firewalls using CLI, CSM (Cisco Security Manager)
• Build and configure Active/Standby Failover on Cisco ASA wif stateful replication.
• Configure and tweak the inspection policies on Firewall to allow legacy application traffic. Understand different types of NAT on Cisco ASA firewalls and apply them.
• Worked on Checkpoint Firewalls, Juniper (SRX, SSG/ISG), Blue coat proxy, Palo Alto firewalls.
• Installed and configured Checkpoint via GAIA, R55 and NGX R60, R75, R77.3, 77.2
• Implementing High Availability both Active/Passive and Active/Active using NSRP in Juniper firewalls.
• Having Data Center Design Experience, installing and Configuring Network Devices in a Data Center including patching the cables in the Patch Panel. Design and implemented Network.
• Implemented SNMP on Cisco routes to allow for network management. Completed the installation and configuration of T1, T3 & OC3 circuits.
• Implementation of High Availability by creating the HA zones for Netscreen firewalls using NSRP and also supporting the cluster pairs.
• Managing the firewalls in Juniper management environment NSM 2010.x, 2012 Jun OS Space 13.x,14.x.
• Configuring and troubleshooting Juniper MX series high performance Ethernet service routers for advanced QoS and low latency.
• Firewall policy provisioning on Fortinet FortiGate appliances using FortiManager.
• Support Bluecoat proxy in explicit mode for users trying to access internet from corp network.
• Administer and support Big IP LTM for all Local Load balancing and GTM for load balancing between DC Experience in Configuring, upgrading and verifying the NX-OS operation system.
• Vulnerability assessment using tools such as Nessus and Qualys, and implementation of Security Policies. Knowledge in design and deploy of F5 LTM, GTM, APM, ASM solutions.
• Support routing protocols including BGP and OSPF routing, HSRP, load balancing/failover configurations, GRE Tunnel Configurations, VRF configuration and support on the routers.
• Support Data Center Migration Project involving physical re-locations.
• Design and configuring Overlay Transport Virtualization (OTV) on Cisco NX-OS devices like Nexus 7000. Created well-defined requirements documentation and process for F5 LTM, GTM, ASM, APM deployment.

Confidential, Union, NJ.

Network Security Engineer

Responsibilities:

• Day-to-day work involves scheduling firewall policy provisioning and working wif users to identify connectivity related issues and troubleshoot using both Smart Utilities and CLI.
• Experience wif working on latest cisco switches like Nexus 2000,5000,6000 and 7000 series switches while implementing advanced features like VDC, VPC, OTV and Fabric path.
• Planned and Migrated Intranet on to MPLS backbone from meshed NLD Architecture. Monitoring and troubleshoot servers, link, ISP, Router/firewall/Switches, storage
• Responsible for alerting all the L1 issues L2 will be working on to get the issues fixed.
• Established eBGP peering wif all PE core routers. Applied prefix-lists for controlling routing updates. Redistributed the required routes from Internal LAN into BGP and vice versa
• Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new WAN links.
• Assistance wif creation of implementation plans of new F5 management network. Experience in information security F5 APM Reverse proxy, Fortinet.
• Performed F5 appliance (LTM, APM, and ASM) maintenance and system upgrades including hot fixes and security configurations.
• Thorough understanding of F5 hardware platforms including virtualization segregation and distribution at the hardware, software, and partition level.
• Fine-tuned OSPF metrics to avoid routing loops and ensure redundancy in case of link failures. Responsible for monitoring and reporting error incidents for remote location servers.
• Create tickets for cloud database servers using Maxima Cloud and MS. Leigh tools.
• Monitoring Network infrastructure using SNMP tools HP NNM, Dynatrace, Solar-winds and OpNet.
• Work wif ONOS to break free from the operational complexities of proprietary interfaces and protocols. Measure the application performances across the MPLS cloud through various routing and switching methods.
• Experience in Network LAN/WAN deployment. Expert in Monitoring, implementing Network Access Control (NAC) configurations on switch port.
• Experience in T1 /E1/T3 technologies and different LAN & WAN technologies.
• Responsible for all WAN circuit installations wif VPN/GRE tunnels, AT&T, Level 3 and maintain the WAN fiber ring network and Cisco CWDM equipment
• Implementation of HSRP, DHCP, DNS, FTP, TFTP, ARP
• Designed, developed, maintained and supported wired and wireless network.
• Configuring WEP WPA2 security protocols for wireless network environment.
• Configured L3 protocols (IP,BGP,OSPF,EIGRP,IGRP,RIP,ISIS), redistribution, summarization, Filtration (using distribute list, route map, prefix list, access list).
• Troubleshoot and Worked wif security issues related to Cisco ASR 9K, Checkpoint, IDS/IPS and Juniper Netscreen, SRX 5600, 3400, 1500 etc., Palo Alto PA-5K, 3K series.
• Involved in configuring Policies on Juniper SRX, Check Point and Palo Alto. Involved in configuring and maintaining IPsec and SSL VPN's on Palo Alto Firewalls.
• Worked as L1 network (NOC) Engineer support and responsible for escalation of Redstone ISP issues. Network Monitoring using tools like Cisco Works 2000, HP Open view.
• Responsible for all WAN circuit installations wif VPN/GRE tunnels, AT&T, Level 3 and maintain the WAN fiber ring network and Cisco CWDM equipment.
• Created Lab demonstrations for new technology deployments wif loaner equipment from various vendors and presented the findings to upper management.
• Responsible for maintaining Active Directory applications.
• Installing, testing, configuring & deployment of 3750x switch and L3 switch catalyst 6509E. Virtual Switching System (VSS) implementation on 6509s (VS-S2T-10G SUP).
• Configuring VLAN's, trunking and routing part for Cisco 6506, 6509, 3750, 2980,2948. Worked on EIGRP routing protocol on the VSS core.
• Configuring WAN router 3845.using Python scripting Testing the network performance and analyzing.
• Understanding the fiber layout and design.
• Communicating wif the site manager in the different state brewery for upgrading the particular area. Estimated Project costs and created documentation for project funding approvals.
• Managed various teams involved in site surveys, cabling specifications, Network equipment installation and configuration.

Confidential, Philadelphia, PA

Network Specialist

Responsibilities:

• Designed and implemented Cisco VoIP infrastructure for a large enterprise and multi-unit office environment. Met aggressive schedule to ensure a Multi-office reconfiguration project which was successfully delivered.
• Responsible for service request tickets generated by the halpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes wif all around technical support.
• Supporting EIGRP and BGP based PwC network by resolving level 2 &3 problems of internal teams & external customers of all locations.
• Expert level skills in Objects creation such as Table, Normalization, Indexes, Stored Procedures, Cursors, Triggers and other SQL joins and query writing.
• Configuring Big-IP F5 LTMs (virtual servers, pools, SNATs, health monitors, irules) for managing the traffic and tuning the load on the network servers.
• Upgrade Cisco Routers, Switches and Firewall (PIX) IOS using TFTP.
• Updated the HP open view map to reflect and changes made to any existing node/object.
• Handled SRST and implemented and configured the Gateways, Voice Gateways.
• Configuring HSRP between the 3845 router pairs for Gateway redundancy for the client desktops.
• Configuring STP for switching loop prevention and VLANs for data and voice along wif Configuring port security for users connecting to the switches.
• Ensure Network, system and data availability and integrity through preventive maintenance and upgrade.
• Implementation and Configuration ( Profiles, I Rules) of F5 Big-IP C2400 load balancers.
• Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-Vlan routing, LAN security.
• Worked on the security levels wif RADIUS, TACACS+.
• Completed service requests (i.e. - IP readdressing, bandwidth upgrades, IOS/platform upgrades, etc.)
• Identify, design and implement flexible, responsive, and secure technology services.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Performed load balancing and application level redundancy by deploying F5 BIG-IP LTM 3900.
• Configured switches wif port security and 802.1x for enhancing customers security.
• Monitored network for optimum traffic distribution and load balancing using Solar winds.
• Validate existing infrastructure and recommend new network designs.
• Created scripts to monitor CPU/Memory on various low end routers in the network.
• Installed and maintained local printer as well as network printers.
• Handled installation of Windows NT Server and Windows NT Workstations.
• Handled Tech Support as it relates to LAN & WAN systems.

Confidential, Portland, OR.

Network Administration

Responsibilities:

• Firewall Clustering and High Availability Services using Cluster XL on Check Point.
• Installed Solar winds Network Performance Monitor wif traffic analysis, application & virtualization management, configuration management and other modules additionally installed.
• Tuned modules, customized the specific platforms used and trained staff. Support other smaller customer sites on similar analyze-recommend-implement site-wide upgrades and troubleshoot issues.
• Firewall Policy Provisioning and troubleshoot connectivity issues through firewall.
• Configuring and tweaking Core XL and Secure XL acceleration on Check Point gateways.
• Troubleshoot User connectivity issues on Checkpoint and Cisco ASA using CLI utilities.
• Packet capture on firewalls and analyzing the traffic using Wire shark utilities.
• Troubleshot Clustering issues on Check Point and Sync issues monitoring and fix.
• Upgrade of Checkpoint Gateways in Cluster wif Minimal downtime.
• Vulnerability Management using Security Information & Event Management
• Implemented Active/ Standby HA configuration on Cisco ASA Firewalls.
• Monitoring network platforms include IBM TivoliNetcoolmanagement systems, Siebel CRM, WebTop, utilizing HP Service Manager 9 logging tools.
• Configuring Cisco ASA firewalls in Single and Multiple Context Mode firewalls.
• Network design and administration experience.
• LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems)
• Vlan design and implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to avoid loops in the network. Trunking and port channels creation.
• Working wif OSPF as internal routing protocol and BGP as exterior gateway routing protocol.
• Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation on Cisco ASA Firewalls.
• Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay).
• Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.
• Documentation and Project Management along wif drawing network diagrams using MSVISIO.