We provide IT Staff Augmentation Services!

Sr. Network Security Engineer Resume

Chicago, IL

SUMMARY:

  • With over 8 years of working experience with Cisco, Checkpoint, Palo Alto, Microsoft, Aruba Wireless, HP Switches, One Login, Avaya Voice, Dell SonicWALL Firewall, Bluecoat, McAfee, Tend micro, Barracuda Back up and AWS products.
  • Working experiences on administration AWS(Amazon Web Service) like creating instances, creating security groups, creating elastic IPs etc.
  • Extensive working knowledge of Cisco ASA 5500 series firewalls, Check Point and Palo Alto Firewalls.
  • Experience in Configuring and implementing VLAN, VTP domains, LAN switching and STP/RSTP
  • Good exposure on Cloud based technology Cisco Meraki (MDM)
  • Experience on Wide area application services (WAAS)
  • Managing and Administrating as a SME of Cisco IronPort (WSA, ESA)
  • Experiences of configuring Global Protect VPN(Palo Alto) services through One Login
  • Create user and roles, adding users into group, disable users and reset password in Active Directory.
  • Managing DNS and DHCP Servers.
  • Experience with Next Generation Firewall (Palo Alto and Fire Power)
  • Experience on adding user in One Login and granting access to different application via One Login
  • Monitoring logs on Cisco ISE for endpoint profiling and posturing by using 802.1x and MAB (MAC Authentication Bypass) method.
  • Aggregating switch links using LACP and PAGP protocols.
  • Implementation and Troubleshooting of WAN authentication protocols - PPP, CHAP and PAP.
  • IP addressing and IP address scalability by configuring NAT/PAT.
  • Experienced working on network monitoring and analysis tools like, SOLAR WINDS, CISCO works and RIVER BED and Wireshark.
  • Expert knowledge of Manual and Automated pentesting, vulnerabilities (WEB and Network).
  • Knowledge of Pentesting, vulnerability assessment solutions like Metasploit Framework, Nessus
  • Experience with Microsoft 365 Cloud, Exchange Online Protection (EOP) with creating polices, whitelisting or blacklisting email and IP addresses.
  • Experience with Blue Coat URL filtering with whitelisting and blacklisting URL, creating rules for content filtering.
  • Monitoring and troubleshooting Kemp Load Balancer.
  • Monitoring and updating Trend Micro for Exchange server.
  • Hands on experiences on McAfee EPO with deploying and removing agent on client’s machine, removing virus and manually updating DAT files.
  • Real time monitoring the network status and performance and managing configuration by using Cisco Prime

TECHNICAL SKILLS

  • CCIE Security (Perusing, Written Cleared)
  • CCIE Routing and Switching (Written only)
  • Checkpoint Certified Security Expert (CCSE)
  • Palo Alto Certified Network Security Engineer (PCNSE7)
  • Cisco Certified Network Associate (CCNA)
  • Cisco Certified Network Professional (CCNP)
  • Checkpoint Certified Security Administrator (CCSA)
  • Palo Alto Certified Accredited Configuration Engineer (ACE)
  • AWS certified Solution Architect
  • Juniper Network Certified Associate (JNCIA)

PROFESSIONAL EXPERIENCE

Confidential, Chicago, IL

Sr. Network Security Engineer

Responsibilities:

  • Cisco Prime for managing Cisco Devices.
  • Install, configure, and manage Palo Alto and Cisco ASA Firewalls
  • Configure Palo Alto Panorama Console to maintain and control all Infrastructure firewall templates
  • Install and configure Panorama
  • Install and configure Palo alto Migration tool for ASA to Palo Alto conversion Support vendor compliance with standards through the Engineering Technical Review process.
  • Working with Model 2k, 3k and 5k series.
  • Experience with Palo Alto software version 6x and 7x
  • Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
  • Managing Cisco IronPort (Web Security Appliance, WSA and Email Security Appliance) AnyOS upgrade, installing new appliances, configuring access policies, decryption policies, creating custom URL filtering, email message filtering, content filtering etc.
  • Configuring the Firewall rule on Palo Alto Upgrading software version, managing day to day operations based firewall rule request from Customer.
  • Configure NAT, security Profiles, Security Policies, Content filtering, site to site VPN.
  • Troubleshooting the Good exposure of Next Generation Firewall. Creating policy based on APP-ID in Palo Alto Firewall.
  • Exposure to wild fire feature of Palo Alto.

Confidential, Boston, MA

Sr. Network Security Engineer

Responsibilities:

  • Responsible for configuring and troubleshooting and resolving firewall software and hardware issues, including VPNs, connectivity issues, logging on Checkpoint Firewall.
  • Initial configuration, design and installation of Check Point firewalls for multiple locations.
  • Working experience with Checkpoint SPLAT and GAIA R 75, R 76 and R 77.
  • Configuration of security rules, NAT, Hide NAT, objects, objects groups, siste to site VPN.
  • Responsible for administration Amazon web service account(AWS) like creating instances, creating security groups, installing Apache to the instances, Creating Elastic IPs etc.
  • Responsible for troubleshooting and resolving firewall software and hardware issues, including VPNs, connectivity issues, logging, cluster configurations, and hardware installations for Checkpoint firewalls.
  • Working experience on Checkpoint IPS and URL filtering.
  • Handling incident and service request on day to day operations.
  • Use smartview tracker for troubleshooting various issues.
  • Experience with Provider-1 to manage multi domain firewalls.

Confidential, Dallas, TX

Sr. Network Security Engineer

Responsibilities:

  • Keep Firewalls current within environment, including Threat and URL filtering content.
  • Administrating Cisco IronPort (ESA and WSA)
  • Creating policies, identification profile, content filtering on IronPort.
  • Managing IronPort from SMA.
  • Strategic development of Policy Rules, NAT, and Security profiles on firewalls using Panorama
  • Help implement Network Security policies
  • Ability to run Wireshark traces, and tcpdumps.
  • Cisco Prime for managing Cisco Devices.
  • Initial configuration, design and installation of Check Point firewalls for multiple locations.
  • Configuring Cisco Identity Service Engine(ISE) MAC Authentication bypass (MAB) and profiling, configuring dot1x and dynamic VLAN with MD5, configuring dot1x, with PEAP, dot1x PEAP with AD integration.
  • Configuring ISE with dynamic VLAN, DACL and PEAP.
  • Configuring ISE for wired local Web authentication(LWA), Central web authentication (CWA)
  • Patch installation and rollback for ISE.
  • Configuring AP from Cisco Wireless controller and upgrade OS from Wireless controller for AP.
  • Provide training to other team members on Bluecoat and Palo Alto.
  • Update IPS Signature on manually and monthly.

Environment: Checkpoint R 75, 76, 77. Cisco ASA 5525, Palo Alto 2000 and 4000 Series, Blue Coat Proxy-SG.

Confidential, Pontiac, MI

Sr. Network Engineer

Responsibilities:

  • VRF lite Implementation: Research and implementation of VRF lite on all customer ingress routers
  • Level 4 support: Primarily responsible for all escalations from level 3 engineering for issues impacting multiple customers with high business impact. Analysis, implementation, troubleshooting & documentation of LAN/WAN architecture and good experience on IP services.
  • Designing and implementing Cisco WAAS (WAN Acceleration and Optimization).
  • Configuration of Cisco WLC 5508, AP, upgrading firmware in WLC.
  • Manage Network and Network operating systems including: Servers, VMWare, Windows, file and print services
  • Manage ISE profiling configuration for wired and wireless network.
  • Cisco prime infrastructure for configuring Cisco devices.
  • Worked with different ISP globally for any WAN circuit and BGP routing issues. Opening up cases for CE routers, WAAS optimizer issues.

Environment: Cisco 6500/7500/7200 Routers, Cisco 3550/4500/6500 switches, LAN,WAN,OSPF,RIP,BGP,EIGRP,HSRP,PPP,VPN, Cisco ASA.

Confidential, NJ

Network and Security Support- Team Leader

Responsibilities:

  • 24x7 on-call escalation support as part of the security operations team.
  • Extensive hands-on experience with VSS technology with 6500 Switches.
  • Hands-on experience with McAfee EPO deploying agent either with EPO.
  • Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
  • Monitor logs, configuring 802.1x protocol to end devices. Checking profiling and posturing for end device in ISE portal.
  • Perform problem management and root cause analysis for P1/P2 incident.

Environment: Nexus 2k/5k, Cisco 6500/7500/7200 Routers, Cisco 3550/4500/6500 switches, LAN, WAN, OSPF, RIP, BGP, EIGRP,HSRP,PPP,VPN, Check point,Cisco ASA, McAfee EPO, Cisco ISE, EOP, Trend Micro, Kemp.

Confidential, Chicago, IL

Sr. Network Engineer

Responsibilities:

  • Troubleshooting issues related to Layer 1/2/3 skills like switching / routing, WAN /Hardware and critical network links by coordinating with the vendor.
  • Remediation of firewall rules from checkpoint firewalls to Cisco ASA firewalls and their implementation.
  • Extensive hands-on experience with complex routed LAN and WAN networks,routers and switches.
  • Hands-on experience with Ether Channel, Spanning Tree, Trunking, ACLs, Syslog. Experience in the setup of HSRP, Access-Lists, and RIP, EIGRP, and tunnel installations.
  • Proficiency in configuration of VLAN setup on variousCiscoRouters and Switches.
  • Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tools.
  • Upgrade Cisco 7200, 3600 Router IOS Software, backup Routers and Catalyst 2950, 2960, and 3560 switch configurations
  • Support 24x7 operations and answer calls from the customers on network emergencies and resolve issues
  • Configured VLANs, Private VLANs, VTP and Trunking on switches.
  • Troubleshoot and fix any backup and monitoring systems related issues in conjunction with Systems team and external vendors

Hire Now