SUMMARY

• Network Engineer with 7+ years of experience in testing, troubleshooting, implementing, optimizing and maintaining enterprise data network and service provider systems.
• Implementation, Configuration and Support of Checkpoint (NGX R65, R70, R71, R75 and R77), Juniper Firewalls (SRX5400, SRX5600 and SRX5800),Netgear Firewalls(fvs318,fvs336) Cisco Firewalls (ASA 5505, 5506 - X, 5585), Palo AltoNetworks Firewall models (PA-2k, PA-3k and PA-5 k).
• Provide scalable, supportable military grade TCP/IP security solutions along with expert TCP/IP network designs that enable business functionality.
• Administration, Engineering, and Support for various technologies including proficiency in LAN/WAN, routing, switching, security, application load balancing and wireless.
• Worked on Juniper Net Screen Firewalls NS50, SSG 550M, SSG520M, ISG 1000, ISG 200 and Cisco PIX 535, 520, 515, ASA -5500 and 5505.
• Extensive knowledge on Voice over IP's which includes H.323, MGCP, SIP, RTP, RTCP, SRTP,SDP.
• Experience in Deployed Check Point Provider-1 NGX and configured CMAs
• Install, configure, document, and maintain global enterprise LAN/WANsystems consisting of Brocade, Foundry, Cisco, Juniper, Palo Alto, Avaya, andRiverbedtechnologies.
• Policy development and planning / programming on IT Security, Network Support and Administration.
• Hands on experienced in SDN/NFV controllers Juniper Contrail, Cisco ACI,Open Day Light, Nokia Nuage.
• Experience withJuniperSRX 240 Firewalls,QFX,MX, EX SERIES
• Experience in configuring and Troubleshooting BIG-IP F5 load balancer LTM.
• Creating Virtual Servers, Nodes, Pools andiRules on BIG-IP F5 in LTM module.
• Experience with Firewall migrations from PIX firewall to Cisco ASA and Juniper SRX firewall appliances.
• Experienced working on network monitoring and analysis tools like SOLAR WINDS, CISCO works and RIVER BED and Wireshark, tcpdump, nslookup, Infoblox NETMRI.
• Experience in analyzing security logs generated by Intrusion Detection/Prevention Systems (IDS/IPS), firewalls, network flow systems, Anti-Virus, and/or other security logging sources.
• Monitor SIEM and IDS/IPS feeds to identify possible enterprise threats. Actively investigate, respond to and remediate security incidents.
• Proficiency in configuringCiscoASA 5540, 5580,AAAauthentication, Palo Alto Firewall
• Experience with Bluecoat Proxy servers, LAN & WAN management.
• Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.
• Experience with Checkpoint VSX, including virtual systems, routers and switches.
• Coordinate with customers to alert them of incoming DOS and DDoS attack on the OSI level ( level 3 and level 7 attacks)
• Experience with DNS/DFS/DHCP/WINS Standardizations and Implementations.
• Extensive understanding of networking concepts, (IE. Configuration of networks, router configuration and wireless security, TCP/IP, VPN, Content Filtering, VLANs, and routing in LAN/WAN, Ethernet Port, Patch Panel and wireless networks.)
• Experience with security tools from various vendors to include: Cisco, McAfee, Symantec, Sourcefire, ArcSight, Juniper, BlueCoat, Encase, FireEye.
• Experience with management platforms such as Panorama,NSX VMware, Juniper NSM and Smart center.
• Black listing and White listing of web URL on Blue Coat Proxy Servers.
• Administration of production Windows Servers infrastructure that includes Domain Controllers, IIS Web Servers, SharePoint, File and Print and FTP/SFTP servers.
• Experienced with routing protocols (RIPv1/2, IGRP, EIGRP, OSPF, BGP), switching (VLANS, VTP Domains, STP andtrunking),
• Extensive experience in Windows 2008 R2/2008/2003 Wintel Servers Confidential single or multi domain platforms.
• Proficient in installing and configuring Windows Server 2003, 2008, 2012 and Windows XP, 7 & 8 Professional Client Operating Systems
• IDS and IPS event management using CSM including signature updates for SSM Modules, IDSM.
• Provides management level reporting of firewall and Intrusion Protection System (IPS) activity on a periodic basis.
• 24 x 7 on call support.

TECHNICAL SKILLS

Cisco router platforms: 2500, 2600, 2800, 3600, 3700, 3800, 7200, 7609

Cisco Switch platforms: 2900XL, 2950, 2960, 3560, 3750, 4500, and 6500.

Firewalls & Load Balancers: Cisco ASA 5585, 5550, 5540, Juniper SRX5400, 5600, 5800, Juniper Netscreen 6500, 6000, 5400. Juniper SSG Firewalls, Palo Alto PA- 2000/3000/4000/5000 , F-5 BIG-IP LTM (3900 and 8900), Blue Coat SG8100, AV 510, AV810.

Routers: Cisco routers (1900, 2600, 2800, 2900, 3600, 3800, 3900, 7200, 7600), Cisco L2 & L3,Cisco NCS 2k,4k,4216, Juniper routers (M7i, M10i, M320)

Switches: Cisco switches (3560, 3750, 4500, 4900 & 6500), Nexus (2248, 5548 &7010)), Cisco ASR 9000 series, Cisco ACE load Balancers

Routing: RIP, EIGRP, VRF, OSPF & BGP, Route Filtering, Redistribution, Summarization, Static routing

WAN Technologies: FRAME RELAY, ISDN T1/E1, PPP, ATM, MPLS, leased lines, DSL modems.

LAN Technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, NAT/PAT, FDDI. Cisco

Routing Protocols: RIP, OSPF, EIGRP, and BGP.

Switching Protocols: VTP, STP, RSTP, MSTP, VLANs, PAgP, and LACP.

Network management: SNMP,NETMRI,CiscoWorks LMS, HP OpenView, Cisco ISE, Zabbix,Solar winds, Ethereal.

Software: Microsoft Office Suite, MS SQL Server 2008, HTML.

Language: Unix, Turbo C / C++, basics in Perl and Shell scripting.

PROFESSIONAL EXPERIENCE

Confidential, Hoffman Estates, IL

Sr. Network Security Engineer

Responsibilities:

• Implementing security Solutions using PaloAlto PA-3000/5000, Cisco 5580/5540/5520
• Configuration and administration of firewalls, which includes Palo Alto and Cisco ASA firewalls.
• Researched, designed, and replaced Cisco firewall architecture with new next generation Palo Alto PA3000 and PA5000 appliances serving as firewalls and URL and application inspection.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using Panorama.
• Successfully installed Palo Alto PA-3000/PA-5000 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• As part of Security and network operations(NOC) team I was actively involved in the LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems)
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls and also implemented Zone Based Firewall and Security Rules on the Palo Alto Firewall.
• Configuration and Maintenance of Cisco ASA 5580-20, ASA 5540, ASA 5520, ASA 5510 series firewalls.
• Manage project task to migrate from Cisco ASA firewalls to Palo Alto firewalls.
• Planning, designing, configuring, testing, validating, implementing and deploying of Microsoft Local Administrator Password Solution (LAPS) across client's Active Directory with GPOs.
• Assist in the creation and maintenance of network andDataCenterdiagrams and detailed site documentation..
• Implemented procedures for measurement and optimization of performance of new and current systems and also prepared sample code and applications for displaying various outcomes of API applications.
• Working knowledge of VoIP based phone systems, H.323, G711, SIP, RTP, TDM, and PSTN.
• Worked on F5 solutions/support for migration work of applications and websites from Cisco CSS Load Balancers to the F5 BigIP Load Balancers.
• Developed and deployed an out of band network VPN solution to increase availability of the management network during DDoS attack.
• Configured the F5 LTM to operate correctly with Cisco ISE PSN nodes and Stayed within the provided budget to create the best lab test environment for ISE. Included the latest Cisco networking gear such as C220, ASA5555, 2960C and C3850-24xs. Ran fiber connections to external entities so that we can integrate with the lab ISE deployment.
• Build the rules for the application access across the IPSEC VPN tunnel
• Design, implement and manage security tools and systems such as IDS, IPS, VPN, WAF, DLP, AV, Cisco AMP, SEIM, Vulnerability.
• Worked on projects of Migrating from Netgear and checkpoints R65 and R77.10 to palo alto firewalls through Provider -1 Environment.
• Firewall policy provisioning on Fortinet FortiGate appliances using FortiManager.
• Conduct a variety of technical penetration testing engagements (external, internal, web application, cloud, social engineering, wireless, etc.) designed to identify where sensitive data can be obtained using unauthorized methods.
• Configure policies on the Bluecoat VPM, local database and PAC files to filter the traffic flow by creating custom rules,Wildfire,NSX, URL filters (PAN-DB) and routing policies.
• IPv6 is implemented Confidential a larger scale using cisco ASR 7200 and 9000 seriesrouters delivering flexible service.
• Stopped volumetric application and network DDoS attacks from disrupting production traffic through use of on-premises and cloud solutions from Level3, Arbor, and AWS CloudFront.
• Deployment and Management of Blue coat proxies in forward proxy scenario as well as for security in reverse proxy scenario.
• Set up and configure new 810 and 9000BlueCoatProxySG units to Bank of America standards, updating these standards when needed with A&E.
• Extensive knowledge of Cisco ISE, FirePower, Cisco AMP for endpoints, and/or FireEye.
• Worked onBlueCoatProxy SG to safeguard web applications in extremely untrusted environments such as guest Wi-Fi zones.
• Provide training and ongoing support to customers in best practices with configuring a next generation Palo Alto firewall including URL Filtering, Antivirus, Intrusion Prevention,Wildfire, and Application control.
• Troubleshooting of VIPs, SSL certificates, SSL offloading on F5 LTM's, worked on both the server ssl profiles and client ssl profiles.
• Provided administration and support on Blue coat Proxy for content filtering and internet access to primary, remote site offices and VPN client users
• Monitor Intrusion Detection Systems (IDS) console for active alerts and determine priority of response.
• Successfully deployed VIPRION 2400 with 2 blades and licensed the chassis with vCMP.
• Installed and configured F5 BIG-IP to provide Load Balancing for server across multiple datacenters.

Environment: Cisco ASA 5580/5540/5520 , Palo Alto PA-5000/3000, Big IP F5 LTM/GTM, Nexus switches, TCP/IP, VPN,wireshark,Cisco Sourcefire,Splunk,Bluecoat Proxy servers, IDS/IPS. SIEM and Monitoring.

Confidential, Richmond, VA

Sr. Network Security Engineer

Responsibilities:

• Implementing security Solutions using PaloAlto PA-5000/3000, Cisco 5580/5540/5520 , Checkpoint firewalls R70, R75, R77.20Gaia and Provider-1/MDM.
• Configuration and administration of firewalls, which includes Checkpoint, Juniper,NetGear and Cisco ASA firewalls.
• Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for stateful replication of traffic between active and standby member.
• Researched, designed, and replaced Checkpoint firewall architecture with new next generation Palo Alto PA3000 and PA5000 appliances serving as firewalls and URL and application inspection.
• Configuring rules and Maintaining NetGear and Palo Alto Firewalls & Analysis of firewall logs using Panorama.
• Successfully installed Palo Alto PA-3000/PA-5000 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• Worked on BGP routing protocol, configuring BGP sessions and troubleshooting on Nexus 1K, 5K, 7K, Juniper MX-960 routers and cisco ASR 1000, 7000, 9000 series routers.
• Assist in the creation and maintenance of networkandDataCenterdiagrams and detailed site documentation.
• Installed, configured new ISE nodes and connected them to external Active Directory services.
• Configured StealthWatch as a remote logging target on ISE to send pertinent data about people and devices that are connected to the network.
• Enhanced edge router's security by applying an ACL to mitigate common DDoS attack characteristics such as spoofed packets
• Implemented and Tested desktop virtualization and introduced VMware View to the client.
• As part of Security and network operations(NOC) team I was actively involved in the LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems)
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls and also implemented Zone Based Firewall and Security Rules on the Palo Alto Firewall.
• Created Switch Interconnect and Logical diagrams (Visio) for NAC Enforcement and Network Refresh activities.
• Planned, configured, and actively managed thecommunicationshardware infrastructure that included Cisco 3745/3845 Voice Gateways, VG248 Analog Gateways, CiscoUnifiedBorder Elements, and
• Collaborate with other engineers, vendors, and operations staff to ensure that the Infoblox infrastructure meets the needs of the business.
• Configuration and Maintenance of Cisco ASA 5580-20, ASA 5540, ASA 5520, ASA 5510 series firewalls.
• Coordinate with customers to alert them of incoming DDoS attack on the OSI level ( level 3 and level 7 attacks).
• Worked on Checkpoint Firewalls Clusters of both High-Availability and Load-Sharing
• Worked on projects of Migrating CMA R65 to R77 through Provider-1, MDS Environment.
• Integrate Content Management functionality into existing browser-based solutions through the use of REST APIs
• Administrative knowledge and operational understanding of F5 vCMPViprion.
• Supported and maintainedVoIPnetwork; and Configured Cisco 2800/3800 routers and Cisco Catalyst 3750/3550.
• PerformedFortinetFirewall OS upgrades viaFortinetManager.
• Conduct a variety of technical penetration testing engagements (external, internal, web application, cloud, social engineering, wireless, etc.) designed to identify where sensitive data can be obtained using unauthorized methods.
• Configure policies on the Bluecoat VPM, local database and PAC files to filter the traffic flow by creating custom rules,Wildfire, URL filters (PAN-DB) and routing policies.
• IPv6 is implemented Confidential a larger scale using cisco ASR 7200 and 9000 seriesrouters delivering flexible service.
• Experience in dealing with Windows Azure IaaS - Virtual Networks, Virtual Machines, Cloud Services, Resource Groups, Express Route, VPN, Load Balancing, Application Gateways, Auto-Scaling, Traffic Manager.
• Built Zabbix interface to monitor the network flow of the client
• Developed scalable modular software packages for various APIs and applications.
• Installed and configured high availability Big IP F5 LTM and GTM load balancers like 6600, 6800 to provide uninterrupted service to customer applications and monitoring the availability.
• Ensure routers, switches, firewalls, and wireless controllers integrate seamlessly after the ACS 4.4 to 5.5 migration by performing a phased deployment.
• Responsible forDatacenteroperations, monitoring and maintaining the network devices 24/7.
• IncorporateCiscoNexus 9000 NXOS toACIfabric to work in concert with existing Nexus 7000s and ASRs for MPLS
• Familiarity with scripting languages such as Python and Shell
• Experience with Azure PaaS Solutions like Azure Web Apps, Web Roles, Worker Roles, and SQL Azure and Azure Storage.
• Serving as PKI Registration Authority, responsible for creating, recovering, and revoking PKI credentials.
• Creating and Managing Virtual Machines in Windows Azure and setting up communication with the help of Endpoints.
• Experince on internal projects of Migrating Check Point Firewalls to palo Alto as 2k,3k firewalls through Provider -1 Environment.
• Worked on Zabbix to monitor hundreds of critical servers of over 40 partners
• Worked on F5 solutions/support for migration work of applications and websites from Cisco CSS Load Balancers to the F5 BigIP Load Balancers.
• Build the rules for the application access across the IPSEC VPN tunnel
• Experience with converting Cisco 6500 IOS to Cisco Nexus NX-OS in the data center environment.
• Install updates on new signatures.
• Working on day-to-day service tickets to solve troubleshooting issues.
• 24x7 support.

Environment: Cisco ASA 5580/5540/5520 , Checkpoint R70, R75, R77.20 Gaia, Palo Alto PA-5000/3000, Big IP F5 LTM/GTM,wireshark,CiscoSecureACS5.x, Nexus switches, CISCO ISE, TCP/IP, VPN, Cisco WSA, Bluecoat Proxy servers, Qradar,IDS/IPS. SIEM and Monitoring.

Confidential, Columbia, SC

Sr. Network Engineer

Responsibilities:

• Daily technical hands on experience in the configuration, troubleshooting of Juniper SRX firewalls as well as experience working directly with customer in a service/support environment.
• Troubleshooting Firewall Connectivity related issues using Smart view tracker on Checkpoint, NSM Log viewer for Juniper Firewalls.
• Expert working knowledge including the ability to setup, configure, upgrade, manage, and troubleshoot switches; enterprise VPN solutions; Juniper SRX firewalls as well as NetGear Firewalls.
• Assisted customers to solveCiscoIOSarchitecture issues including memory leak, high CPU, router/switch kernel panic on variousCiscoplatforms..
• Deployment and Management of Blue coat proxies in forward proxy scenario as well as for security in reverse proxy scenario.
• Worked on BGP routing protocol, configuring BGP sessions and troubleshooting on Nexus 1K, 5K, 7K, Juniper MX-960 routers and cisco ASR 1000, 7000, 9000 series routers.
• Developed Windows services to store SQL Server data in to Cloud base data warehousing by using Microsoft Azure and Amazon Web Services (AWS) RedShift.
• Worked on data center by patching fiber cables to QFX10K series and put new blade for new service for server and configured them.
• Implemented Security in Web Applications using Azure and Deployed Web Applications to Azure.
• Design, Implement & troubleshooting of Juniper switches, routers, Wireless and Firewalls EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240, SRX 3600/650, WLM1200, WLA632, WLA 532, WLC2800 and JunosVwireless Lan controller.
• Worked onBlueCoatProxy SG to safeguard web applications in extremely untrusted environments such as guest Wi-Fi zones.
• PerformedFortinetFirewall OS upgrades viaFortinetManager.
• Designed, configured and deployed Amazon Web Services (AWS) for a multitude of applications utilizing theAWSstack (Including EC2, Route53, S3, RDS, Cloud Formation, Cloud Watch, SQS, IAM), focusing on high-availability, fault tolerance, and auto-scaling.
• Performing URL filtering and content filtering by adding URL’s in Blue coat Proxy SG’s.
• Conduct a variety of technical penetration testing engagements (external, internal, web application, cloud, social engineering, wireless, etc.) designed to identify where sensitive data can be obtained using unauthorized methods.
• ExperienceQFX5100, SRX 1500, 5400, MX 480, EX 4300 Series Routers and Switches, Aruba wireless 7200 series.
• Successfully deployed VIPRION 2400 with 2 blades and licensed the chassis with vCMP
• Configuring & Managing LAN, WAN, VPN and Firewall of Juniper MX Routers for End Users
• Ensure identity management systems align withCiscohardware and software and follows TACACS+ and/or RADIUS standards by utilizingCiscoAccess Control Server as an Authentication, Authorization, and AccountingAAAserver.
• Intergrade remote access VPNs and wireless scanners with theCiscoACS server in a redundant manner minimizing the risk when outages occur.
• Worked with networking teams in configuringAWSDirect Connect to establish dedicated connection to datacenters andAWSCloud.
• Used Python to interface with the UI and manage the storage and deletion of content.
• Managing the delegation of control on the ActiveDirectory to various team as per their job functions
• Managing and administering Juniper SRX and Checkpoint Firewalls Confidential various zones including DMZ, Extranet (Various Business Partners) and ASZ and internal.
• Utilizing Aruba's built in analytical, management and security features to troubleshootwirelessissues.
• Work with team of developers on python applications for RISK management.
• Implementing Security Solutions in Juniper SRX and NetScreen SSG firewalls by using NSM.
• Monitoring Cisco FirePower (Threat Detection System), ASA traffic logs, Manage SIEM, access control list, VPN connection reports, and routers/switches change events.
• Deploy, patch, and synchronize a cluster ofCiscoACS 5.5 servers with VMware spanning geographically diverse data centers.
• Part of the migration from "network centric" model to an application policy model infrastructure, create plans in includeACI, Hybrid Cloud and use of containers and orchestration tools
• Thoroughly familiar with the architecture and implementation of TCP/IP networks with specific knowledge ofVoIP, QoS, VPN Tunneling,VoIPSecurity, IP routing, IP traffic filtering (access lists), DNS, DHCP and the ability to understand Sniffer trace data;
• Knowledgeable inVoIPprotocols (SIP, RTP, TFTP, and related Protocols) and their performance on the USDA/FNS network.
• Rebuilt old HQ and Airway offices with core and distribution with newJuniperQFXcore switches and EX4300 distribution switches.
• Configure B2B VPN with various business partners and 3rd parties and troubleshoot VPN Phase 1 and Phase 2 connectivity issues including crypto map, encryption domain, psk etc.
• Provided administration and support on Blue coat Proxy for content filtering and internet access to primary, remote site offices and VPN client users
• Follow information security policies, methods, standards, NIST standards, and practices to organize information systems, IT reference material, and interpret regulations.
• Monitor Intrusion Detection Systems (IDS) console for active alerts and determine priority of response.

Environment: Juniper (SRX, JUNOS, ScreenOS, NetScreen SSG), Big IP F5 LTM/GTM, Nexus switches, TCP/IP, VPN,wireshark,Cisco Sourcefire,Splunk,Bluecoat Proxy servers, IDS/IPS. SIEM and Monitoring.

Confidential, Irvine, CA

Network Security Engineer

Responsibilities:

• Day-to-Day work involves scheduling firewall policy provisioning and working with users to identify connectivity related issues and troubleshoot using both Smart Utilities and CLI.
• Managing and administering Juniper SRX and Checkpoint Firewalls Confidential various zones including DMZ, Extranet (Various Business Partners) and ASZ and internal.
• Implementing Security Solutions in Juniper SRX and NetScreen SSG firewalls by using NSM.
• Juniper Firewall Policy management using NSM and Screen OS CLI.
• Hands on experience with Cisco Unified Applications like (CUCM, CUC, CER, UCCX, Presence, WebEx, Wireless, Video, etc.)
• Daily technical hands on experience in the configuration, troubleshooting of Juniper SRX firewalls as well as experience working directly with customer in a service/support environment.
• Troubleshooting Firewall Connectivity related issues using Smart view tracker on Checkpoint, NSM Log viewer for Juniper Firewalls.
• Successfully architected and implemented new state of the art Headquarters using all Juniper MX Routers, SRX Firewall,QFXand EX switches,Bandwidth consisted of several 10Gb
• Experience in IPSEC/IP-VPN services via routers and concentrators. Cisco WAVE Wireless, Identity Service Engine (ISE)
• Operate and manage routers, firewalls, load balancers, and Public-key infrastructure (PKI).
• Working experience of IPSec, SSL VPN and PKI technologies.
• Network consisted ofJuniperMX104, SRX3600, QFX3600, EX4300, EX2200,JuniperMAG SSL VPN with two FA
• Configure and administer Cisco ASA Firewalls (5585, 5550 and 5540) and use command line CLI, Cisco CSM, ASDM for day-to-day administration.
• Active/Standby and Active/Active HA configuration on Cisco ASA Firewalls.
• Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for stateful replication of traffic between active and standby member.
• Configuring rules and maintaining Palo Alto firewalls and analysis of firewall logs using various tools.
• Experienced with DOD, DISA STIG, and DIAVoIPsecurity requirements. Extensive experience with transport network system and protocols like OSPF, BGP, MPLS
• Solved problems on case-by-case basis with deep understanding of networking/firewall concepts, particularly withFortinetdevices.
• Worked on configuration, maintenance and administration of Palo Alto PA3000 Firewalls and migrating customers from Cisco ASA to Palo Alto in HA network.
• Configuring rules and Maintaining Palo Alto Firewalls& Analysis of firewall logs using various tools.
• Experience in cloud security assessments like Azure and AWS environments.
• Understand the flow of traffic through the Check Point Security gateway cluster and troubleshoot connectivity issues using advanced troubleshooting from Command Line Utilities.
• Use Tools such as SKYBOX for Firewall Policy optimization and rule base Clean up.
• Build and configure Active/Standby Failover on Cisco ASA with stateful replication.
• Knowledge of federal Information Security frameworks, including FISMA and NIST Risk Management Framework.
• Use a smartcard management system to perform PKI certificate issuance, certificate updates certificate revocation and restoration, smartcard distribution and smartcard status updates.
• Manage certificates within a private Enterprise-wide PKI.
• Considered go-to employee for any challenging and outside the box network designs for Aruba's Global Team
• Hands on experience as well as competitive sales training on Aruba's full product line including; AP- 100/110/175/130/ , ArubaOS AP's,ArubaInstant Controller-less AP's,ArubaMeshOS multi-radio mesh platform.
• Working knowledge of Cloud providers such as Amazon AWS, Microsoft Azure, Google Cloud Platform services etc
• Configure and tweak the inspection policies on Firewall to allow legacy application traffic.
• Understand different types of NAT on Cisco ASA firewalls and apply them.
• Understanding of security standards and frameworks such as NIST 800 and/or ISO 2700x.
• Firewall policy provisioning on Fortinet FortiGate appliances using FortiManager.
• Support Blue Coat Proxy in explicit mode for users trying to access Internet from Corp Network.
• Troubleshooting connectivity issues through Blue coat as well writing and editing web policies.
• Involved in Upgrading bluecoat proxy servers from SG900-10s to SG 9000-20B.
• Involved in performing research, analysis, and assessment of compliance with federal regulations related to Medicare, Medicaid, HIPAA
• Administration Big IP F5 LTM for all Local Load balancing and use GTM for load balancing across Data Centers.
• Provide documentation and training to Service Desk and user communities; documentation includes PKI policies, PKI procedures, operational support guides, and user guides.
• Work directly with insurance companies to determine patient specific coverage and understand current HIPAA laws.
• PerformedFortinetFirewall OS upgrades viaFortinetManager.
• Support Data Center Migration Project involving physical re-locations.
• 24 x7 on call support.

Environment: Juniper (SRX, JUNOS, ScreenOS, NetScreen SSG), Cisco (CheckPoint, ASA Firewalls), Palo Alto Firewalls, Big IP F5 LTM/GTM, TCP/IP, FortiGate.

Confidential

Network Engineer

Responsibilities:

• Troubleshoot problems on a day to day basis &provide solutions that would fix the problems within their Network.
• Part of Network Operation Center NOCoffshore support team from India supporting HP Data Center 24x7. L2 support for Cisco PIX and ASA Firewalls.
• Schedule changes and work through maintenance requests over weekends.
• Perform daily maintenance, troubleshooting, configuration, and installation of all network components.
• Assisted in troubleshooting LAN connectivity and hardware issues in the network of 100 hosts.
• Maintained redundancy on Cisco 2600, 2800 and 3600 router with HSRP.
• Hands on experience in Cisco Routers and Switches.
• Configuration of CISCO Routers (2600, 2800 Series) and 3550, 4500 series switches.
• Creating groups, users and policies in Active Directory.
• Established operational best practices and SOP for UC/VoIPdeployment, support, break-fix, and management (monitoring, inventory, sparing, etc.).
• Troubleshoot and support Cisco Core, Distribution and Access layer routers and switches.
• Built IPSec based Site-to-Site VPN tunnels between various client locations.
• Identify and create both functional and technical requirements for UC andVoIPnetwork management.
• Maintenance and Troubleshooting of connectivity problems using Ping, Trace route.
• Managed the IP address space using subnets and variable length subnet masks (VLSM).
• Point-to-Point, Frame Relay, T3, ATM, WAN troubleshooting.
• LAN cabling in compliance with CAT5 standards.
• Troubleshooting Active Directory, DNS, and DHCP related issues.

Environment: Cisco 2600/2800 routers, Cisco ASA, TCP/IP, VLSM, AD, DNS, Switching/Routing.