We provide IT Staff Augmentation Services!

Network Security Engineer Resume

Middletown, NJ

PROFESSIONAL SUMMARY:

  • 6 years of experience in Designing, Implementing, Configuring, Testing and troubleshooting of networking systems on both Cisco and Juniper Networks.
  • Worked on Cisco 7200, 3800, 3600, 2800, 2600, 1800, ASR 1002, 1004 and 1006 series Routers, Cisco 6500, 5000, 4500, 3500 series Switches and Nexus 7706, 7009, 5000 and 2K Fabric Extenders (FEX) Layer 2 switches.
  • Hands - On Experience in Implementation, configuration & troubleshooting various Routing Protocols like RIP, EIGRP, OSPF, BGP
  • Extensive hands-on experience wif complex routed LAN and WAN networks, routers, switches, Firewalls, VOIP, servers and load balancers.
  • Strong experience wif Cisco ASA firewalls, ISE, Aruba Clear Pass, Extensive noledge and hands-on experience wif Brocade DSX and VDX. Strong experience wif F5 and Brocade ADX series load-balancer and Nexus series switches.
  • Experience in the setup of Cisco Virtual Switching System (VSS), ACL's, OSPF, EIGRP, and tunnel Installations.
  • Experience wif Network Automation using Python, shell scripting. Strong Experience wif Linux scripting - Python, Shell for Unit/Load/Performance/Regression/Integration testing.
  • Strong experience in creating execution of automation frameworks using Python, Shell, Deep noledge and hands on experience wif CyberArk- Privilege Identity Management.
  • Proficiency in configuration of VRF, VLAN setup on various Cisco Routers and Switches.
  • Experience in managing and troubleshooting network services, EIGRP, BGP routing protocol for MPLS VPN and DMVPN wif redundancy design, Cisco switches, wireless,RiverbedWANoptimizers.
  • Experience in physical cabling, IP addressing and subnetting wif FLSM & VLSM, configuring and supporting TCP/IP, DNS, installing and configuring proxies.
  • Good noledge on Blue coat ProxySG.
  • Experience deploying BIG-IP F5 LTM, GTM Load Balancers for load balancing and traffic management of business application.
  • Experience wif BIG-IP F5 load balancers, version 9.x, 10.x, 11.x, Citrix NetScaler's and Web Accelerators.
  • Worked on MX-80, MX-480, SRX-100, SRX-110, SRX-550 and EX-4200 Juniper devices.
  • Experience in design, installation, configuration, maintenance, migration and administration of Check Point FirewallR55 up to R77.
  • Experience wif setup, install, maintain and troubleshoot Cisco ASA, PaloAlto, Fortinet, IDS/IPS, Juniper Net screen and Checkpoint Firewalls.
  • Migrate and convert all traffic from end of life proxy platforms Solaris/Checkpoint, Solaris/Sun proxy and Net Cache to multiple Blue Coat Proxy SG units separating the traffic to point to specific lines of business designated proxies. dis is also non as One-to- Many proxy migration.
  • Sound noledge of virtual firewalls like checkpoint VSX, IDS, IPS as well as encryption techniques.
  • Plan, Site Survey, Design, Deploy, Implement Cisco wireless managed network infrastructure.
  • Experience wif Cisco Meraki wireless managed network infrastructure.
  • Knowledge on designing, implementing and troubleshooting complex layer 2 technologies such as VLAN, Trunks, VTP, Fabricpath, etherchannel, STP, RSTP, RPVST MST & port security along wif trouble- shooting of inter-VLAN routing and VLAN trunking using 802.1Q.
  • Hands-on experience working wif Cisco wireless LAN controllers and Access Points.
  • Wireshark, Infoblox and Cisco works to support 24 x 7 Network Operation Center.
  • Access control server configuration for RADIUS & TACACS+ and ISE.
  • Experience in implementation of Cisco ACS Servers & configuration of TACACS protocols. Enabled Autantications such as WPA2, PAP/CHAP, and AAA. Extensively used Route Reflectors, Route Influence by Attributes, Local Preference, Multi homing and Optimization of BGP.
  • Experienced in dealing wif the Enterprise level architecture for all network related issues. Experience in T1/E1/T3 technologies and different LAN&WAN technologies. Experience on Infoblox and windows server for DNS/DHCP IP management. Experience on creating Visio diagrams, LLD, HLD and runbooks for datacentre and branch networks.
  • Knowledge of advanced technologies like Multicasting, MPLS, MPLS-VPN and Riverbed Virtual Services Platform (VSP).
  • Knowledge of Cisco wireless systems, such as WCS, WiSM, and WLC.
  • Ability to Install, Manage & Troubleshoot Large Networks & Systems Administration on Windows & Linux platforms in Development, Lab & Production Environments.
  • Also worked wif the physical server migration to AWS data centre.
  • Experience on conducting Change Management on weekly/daily basis wifout any DOWNTIME/OUTAGE in LIVE NETWORK and managing Business Continuity Plans (BCP).
  • Excellent customer management/resolution, problem solving, debugging skills and capable of quickly learning, effectively analyses results and implement and delivering solutions as an individual and as part of a team.
  • Working Experience in SONET, DWDM & ATM Networks.
  • Good understanding and working noledge of ITIL standards.

TECHNICAL SKILLS:

Routers: CISCO 2600, 2800,3600,3800,4000,7200, CRS1000V, GSR 12000. Juniper Routers M320 and MX80.

Switches: CISCO 2924, 2950, 3560, 3750X, 3750G, 3650, 3850, 6500, 4507, 6807, Nexus 7k,5k,2k

Firewalls & Load Balancers: Juniper Netscreen 6500, 6000, 5400, Juniper SSG, SRX5600, SRX5800, Checkpoint (NGX R65, 3100, 5100, 5900), Cisco Firewalls (ASA 5505, 5506-X, 5585), Palo Alto Networks (PA series 2K, 3K and 5K), WAF, Cisco CSM, F5 Networks (BIG-IP).

IP Routing Protocols: BGP, OSPF, EIGRP, RIP v1 & v2, VRFs, Route redistribution, Route filtering, Summarization, Static route, RIP, RIP V2, EIGRP, OSPF, IS-IS, IGRP, HSRP, VRRP, GLBP, LACP, PAGP, DNS, SMTP, SNMP, FTP, TFTP, LPD/TDP, WEP, POP3 LADP, TNS.

Security Technologies: Cisco Pix Firewalls (525, 520, 515, 506), ASA 5510, 5580, 5555-X VPN, Cisco IOS Firewall feature set (IOS 12.X), Access Lists, SSH, IPSEC, 3DES, RAIDIUS/TACACS VPN site-to-site, GRE Tunnel, Cisco AnyConnect.

LAN/WAN Technologies: OC-12, OC-3, DS3, T-1, and ISDN PRI's and BRI's, Ethernet (Gigabit Ethernet, Fast Ethernet) FDDI, Token Ring, VLAN, Frame Relay, HSRP, VRRP, VSS, Multicast (PIM & IGMP) and MPLS.

Network Monitoring: Cisco Works, solar winds, Cisco WAN Manager, MPLS, HP Open view, Wireshark.

Features & Services: IOS and Features, HSRP, GLBP, IPAM IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP and FTP Management, Open Stack, IVR’s, HLD and LLD documents, Dell equal logics.

Operating Systems: Windows 7, Vista, XP, 2000, LINUX, Cisco IOS, IOS XR.

Languages: C, C++, SQL, HTML/DHTML, Python, Shell, Bash, Perl, Java, API, Ansible, JSON, SOAP, Ruby, or REST.

AAA Architecture: TACACS+, RADIUS, Cisco ACS.

Gateway: HSRP, VRRP, GLBPF.

PROFESSIONAL EXPERIENCE:

Confidential, Middletown, NJ

Network Security Engineer

Responsibilities

  • Design and deliver solutions for network related projects as well as part of Level-3 Network Operations Team.
  • Working wif Confidential &T Global network services (AVPN, ANIRA, MSS, Managed Firewalls, Hosting)
  • Junos Space administrator, which is a server dat monitors all Juniper switches on the network and alerts of outages and errors wifin remote switches
  • Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering using Route-maps.
  • Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices
  • Configure Class of service wif Class Maps and Policy maps wif 6COS traffic for as Per Confidential &T specifications.
  • Designed, Installation and configuration of MPLS circuits, VPN and SSL VPN connections on ASA, Juniper SRX devices.
  • Configuring Cloud platform (Virtual Networks Multi-site, Cross-site, VMs, VNETs, Azure, Load Balancers, Azure SQL, Service Bus, Azure API gateway/Management.
  • Worked on Palo Alto design and installation of Application and URL filtering, Threat prevention, Data Filtering.
  • Experienced wif Configuration and implementation of High Availability (A/P, A/A) on firewalls.
  • Experienced wif Wildfire, panorama feature of Palo Alto.
  • Hands-on experiences in configuring Cloud platform (Virtual Networks Multi-site, Cross-site, VMs, VNETs, Azure, Load Balancers, Azure SQL, Service Bus, Azure API gateway/Management
  • Configured switch ports connecting to the WAN and LAN networks wif separate subnets and VLAN's.
  • Troubleshoot wif field technicians on access points, Small cell switches issues and backhaul connectivity issues wif ISP.
  • Configured OSPF as the Routing Protocol between PE and CE routers.
  • Worked on MPLS enabled Backbone.
  • Involved troubleshooting and verifying test cases for OSPF, eBGP, iBGP, LDP, vPE/VLAN and security cases wif IXIA tool.
  • Configuration and troubleshooting of CSM, integration wif ASA devices.
  • Worked extensively in Configuring, Monitoring and Troubleshooting Cisco ASA 5500.
  • Provided proactive threat defence wif ASA dat stops attacks before they spread through the network.
  • Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA 5500 Firewalls, CISCO PIX 506, and PIX515.
  • Worked extensively on Cisco ASA 5500(5510/5540) Series, experience wif convert PIX rules over to the Cisco ASA solution.
  • Worked on data centre migration of existing PIX firewall to ASA firewall, PIX OS upgrade from 6.3 to 7.0.
  • Mapped, Network Diagrams and physical identification in MS Visio.
  • Updated documentation as necessary.
  • Preformed IOS upgrades on Cisco routers and switches.
  • Maintaining and load balancing: web server traffic for customers using F5 load balancers.
  • Worked as a team wif other engineers to design, install, implement, and configure ASR 9K Network for interconnectivity, and egress redundancy.
  • Designing Azure public and private peering and confidential Data encryption.
  • Experience wif setting up MPLS Layer 3 VPN cloud in data centre and working wif BGP WAN towards customer.
  • Involved in managing and troubleshooting network services, EIGRP, BGP routing protocol for MPLS VPN and DMVPN wif redundancy design,RiverbedWANoptimizers.
  • Troubleshoot basic BGP routing issues on Cisco 12xxx and Cisco CRS series.
  • Propose network redesign based on client hardware guidelines, network policies and individual site's unique characteristics.
  • Implementing, troubleshooting and maintaining AP, WLC, WCS, NCS.
  • Involved in designing and implementation of AWS network and connectivity between physical and AWS DC.

Environment: Cisco Nexus 9k, 7k, 5k, 2k series switches, Cisco Series 3650, 4500, 6500 (Sup Engine 720, 32, 2, 2A, 1), UCS-C, UCS-D, UCS-M, NICE, Aspect systems, AZURE/AWS, vPC, FEX, Microsoft Visio, OSPF, BGP, BIG-IP, MPLS, FHRP, HSRP, VRRP, LDP, vPE/VLAN and security cases wif IXIA tool. Working wif Confidential &T Global network services (AVPN, ANIRA, MSS, Managed Firewalls, Hosting), VMX, for AIC - ADIOD 2.5, and ADIG 3.0.2 vPE, AVPN, ANIRA, MSS, Managed Firewalls, Hosting.

Confidential, Irving, TX

Network Engineer

Responsibilities

  • Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls - PA200, PA2000 series, PA3000 series, PA4000 and PA5000 series as well as a centralized management system (Panorama) to manage large scale firewall deployments.
  • Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5585 Security appliance.
  • Implementing security migrations from Cisco ASA firewalls to Pa-5000/3000 series firewalls.
  • Vendors Network connectivity investigation, Creating Firewall Rule Change Requests mostly in Cisco ASA to PaloAlto firewalls.
  • Assist customers wif correcting configurations of firewalls for various issues to include basic configuration, Global Protect VPNs, IPSEC VPNs, security policies, NAT policies.
  • Improve perimeter security by configuring Palo Alto firewall devices application level security.
  • Failover DMZ zoning & configuring VLANs/routing/NATing wif the firewalls as per the design.
  • Experience wif Palo Alto Network firewalls such as security NAT, Threat prevention & URL filtering.
  • PAN-DB migration and code upgrades for Palo Alto Firewall.
  • Good understanding of industry standard security frameworks.
  • implemented Azure VM storage good understanding on Implementing images and disks Configure, monitor Azure VM networking resiliency
  • Configuration and troubleshooting of Firewalls ASA 5520, ASA 5510.
  • Configured inside ACL, outside ACL, inside, outside interfaces, NAT and PAT policies.
  • Configure, manage, and maintain security tools for DHHS including Palo Alto firewalls 3K, 5K, 7K, FirePOWER (Sourcefire), Bluecoat, FireEye.
  • Design and Configuring of OSPF, BGP on Juniper Routers (MX960, MX480) and SRX series firewalls (SRX240, SRX550).
  • Extensive azure experience. Recent successful migration of on premise applications to Azure.
  • Mapped workloads to the capabilities of Microsoft Azure for public, private and hybrid clouds. The roles and responsibilities include
  • Designed and configured Azure Virtual Networks (VNets), subnets, Azure network settings, DHCP address blocks, DNS settings, and security policies and routing.
  • Deployed Azure IaaS virtual machines (VMs) and Cloud services (PaaS role instances) into secure VNets and subnets.
  • Designed VNets and subscriptions to confirm to Azure Network Limits.
  • Implemented antivirus and web filtering on Juniper SRX 240 Confidential the web server.
  • Deployed the Nexus 9000 Application Virtual switch to support network telemetry applications.
  • Deploy Nexus 9k Core wif VPC and 3172 TOR.
  • Incorporate Cisco Nexus 9000 NX-OS to ACI fabric to work in concert wif existing Nexus 7000s and ASRs for MPLS.
  • Integration of services appliances to Cisco ACI fabric dat includes storage, Load balancers, application delivery controllers and firewalls.
  • Planning and Development of a migration strategy to ACI from the exiting fabric path design.
  • Configure IPv6 access lists and assign IPv6 addresses to dual stacked devices as part of an agency-wide migration from IPv4 to IPv6.
  • Configured OSPF as the IGP for both intra and inter datacenter connectivity wif OTV running over the WAN for extended layer 2 network and used Localized HSRP for gateway redundancy and to aid workload mobility.
  • Installation and administration of VMware ESX, ESXi Servers using vCenter Server.
  • Experience wif Cisco UCS, Virtual Infra on VMware, Installation, Upgrades and Patching.
  • Deployed BIG IP Enterprise manager to cluster all the F5 LTM, GTM, ASA, Netscreen devices for easier management and common configurations.
  • Involved in migration of F5 Local traffic managers of LTM 5100 series to LTM 6800 series for higher.
  • Implemented F5 hardware refresh of older 3600 hardware to Viprion.
  • Installed high availability Big IP F5 LTM and GTM load balancers to provide uninterrupted service to customers.
  • Experience in handling various trouble tickets, firewall rule changes, assisting other teams to bring the device to production, making DNS changes in InfoBlox and routing changes.
  • Serve as part of a team of network engineers responsible for network upgrade from Cisco Layer 3 Catalyst switches to Juniper Layer 3 EX4200 & EX3200 switches across multiple sites.
  • Involved in the migration of EIGRP to OSPF in the environment as to support the new implementation of Juniper Devices in the network.
  • Configured Juniper MX480s, EX8200s, EX4500s, EX4200s from scratch to match the design.

Environment: Palo Alto Firewalls - PA200, PA2000, PA3000, PA4000, PA5000 series, Cisco's ASA 5585, Global Protect VPNs, IPSEC VPNs, security policies, NAT & PAT policies, DMZ zoning, FirePOWER (Sourcefire), Bluecoat, FireEye, OSPF, BGP, BIG-IP, MPLS, FHRP, HSRP, VRRP, LDP, vPE/VLAN and security cases wif IXIA tool, VMware ESX, ESXi Servers, Juniper Layer 3 EX4200 & EX3200 switches, Big IP F5 LTM and GTM load balancers, Cisco UCS, Virtual Infra, of VMware ESX, ESXi Servers.

Confidential, Bothell, WA

Network Engineer

Responsibilities

  • Provided support to Cisco network consisting of a high speed, high availability core over five campuses wif more TEMPthan 2000 cisco devices by performing onsite installations, technical administration, upgrades and troubleshooting.
  • Provided support for complex layer 2, layer 3 issues and other services (STP, VLAN, IPsec, VPN, NAT, MPLS, BGP, EIGRP, OSPF).
  • Participated in L2/L3 Switching Technology Administration, creating and managing VLANs, Port security, Trunking, STP, Inter-VLAN routing, LAN security and server management.
  • Worked on RADIUS, TACACS+ autantication serves and DNS, DHCP servers.
  • Modified internal infrastructure by adding switches to support server farms and added servers to existing.
  • Completed service requests on IP readdressing, bandwidth upgrades, IOS/platform upgrades.
  • Worked on cisco routers series 7200, 6500, 4500, 1700, 2600 and 3500 series to perform bridging, switching, routing, Ethernet, NAT, and DHCP, customer LAN /WAN support.
  • Experience wif SQL for extracting the data from SQL database, related to network issues.
  • Worked extensively on Cisco ASA 5500 (5510/5540) Series.
  • Experience working wif Active Directory (as a centralized system) to automate network security management and user data.
  • Worked wif Aruba Access point as a Public Wi-Fi and successfully implemented Wireless Access Point (WAP).
  • Experience wif deployment and testing of code updates for wireless systems, such as WCS, WiSM, and WLC
  • Experienced in working wif Session Initiation Protocol (SIP), Trunking for voice over IP (VoIP) to facilitate the connection of a Private Branch Exchange (PBX) to the Internet.
  • Good Understanding and Knowledge of components and experience wif Cisco UCS administration.
  • Experience wif x86 / x64 Intel, HP, Dell & CISCO UCS hardware like rack-mounted and blade servers.
  • Experience in Server building both physical & virtual, troubleshooting, capacity planning, application.
  • Monitoring, patch management, password and security management.
  • Experience and implementation of services like NFS, SSH, DNS, DHCP, LDAP, APACHE.
  • Experience working wif Apache & IIS web servers.
  • Ability to provide 24x7 support, resolve complex issues and perform in a fast-paced environment.

Environment: Palo Alto Firewalls - PA200, PA2000, PA3000, PA4000, PA5000 series, Cisco's ASA 5585, Global Protect VPNs, Session Initiation Protocol (SIP), Trunking for voice over IP (VoIP), Cisco UCS administration, NFS, SSH, DNS, DHCP, LDAP, APACHE, WCS, WiSM, and WLC, bridging, switching, routing, Ethernet, and DHCP, RADIUS, TACACS+, Aruba Access point, Wireless Access Point (WAP), VLANs, Port security, Trunking, STP, Inter-VLAN routing, LAN security and VLAN, IPsec, VPN, NAT, MPLS, BGP, EIGRP, OSPF.

Confidential

Network Engineer

Responsibilities

  • Implemented network solutions for EDS customers. Deliverables include a formal written proposal, detailed price quote, and network diagrams of the proposed solutions.
  • Design and coordinate implementation for customer access to a large-scale predominately Cisco-based router network.
  • Functions include determining hardware requirements, completing design and equipment documentation, developing IP addressing schemes, implementing router configurations and coordinating installations.
  • Part of team dat designed network infrastructure in over 50 metro-areas utilizing WAN connectivity, wireless technologies, and dark fibre to provide Internet connectivity to partner ISP's and customers.
  • Responsible for global routing policy utilizing BGP4 and OSPF, IP Addressing strategy, capacity planning & developing new services.
  • Performed configuration and troubleshooting of Frame Relay on routers (2500, 2600, 3600, 4000, 7200 and 7500) which involves LAN/WAN topologies and routing protocols (EIGRP, OSPF, BGP) and security such as ACL, QoS, SNMP, ISDN, NAT, PAT, CISCO FIREWALL Ethernet, Spanning Tree, VLANs, Frame-Relay, MPLS, TCP/IP, IPSec PIX.
  • Provided input and support for troubleshooting of IP technologies, including but not limited to Network connectivity, IP addressing (CIDR and VLSM), Routing Protocols (BGP, OSPF, HSRP, static routes), VPNs, Firewalls and QoS.
  • Provided trunking on switches (Cisco 6500, 3500, 4500, 5500) and allowed VLANs on the trunks and spanning tree.
  • Supported and provided troubleshooting and redistributed for EIGRP and OSPF routing on Cisco 7500, 7200, and 3600 equipment.
  • Re-engineered BGP routing (Route Maps, AS-Path prepend, MED, Local Preference) to load balance traffic across multiple ISP's links.

Environment: Cisco routers 2500, 2600, 3600, 4000, 7200 and 7500, LAN/WAN topologies, routing protocols EIGRP, OSPF, BGP, ACL, QoS, SNMP, ISDN, NAT, PAT, CISCO FIREWALL Ethernet, Spanning Tree, VLANs, Frame-Relay, MPLS, TCP/IP, IPSec PIX, CIDR and VLSM, Route Maps, AS-Path prepend, MED, Local Preference, VPNs, Firewalls and QOS.

Confidential

Network Engineer

Responsibilities

  • Configuration and administration of Cisco Switches and Routers.
  • Installed and maintained network hardware and software.
  • Responsible for installing, maintaining and supporting computer communication networks wifin the organization.
  • Involved in configuring trunk port between two switches.
  • Support to plan and execute LAN (VLAN Management) and WAN management activity.
  • As a LAN Support point of contact give response to initial trouble calls.
  • Directly worked wif customers to offer Level 2, Expertise in handling routers, servers, and switches.
  • Responsible for support and upgrades of a 250-user network.
  • Assists in LAN Design & support.
  • Performed onsite data center support dat includes monitoring of systems alarms, electrical power, server administration and network alerts.
  • Provided customer support including daily backup procedures, testing network connections, equipment installation and turn-up, and remote hands assistance.
  • Undertook troubleshooting of network connectivity problems and day-to-day operations.
  • Experience in configuring and troubleshooting EIGRP, OSPF & BGP Routing protocols.
  • Developed maintenance and operating standards for computer hardware and software.
  • Experienced wif physical layer interfaces and cabling standards.
  • Planned and implemented IP address schemes and subnet masks.
  • Patch and test cables for new and existing sites.
  • Troubleshooting and supporting multiple OS and hardware environments.
  • Maintained detailed time-based incident logs and technical checklists.
  • Responsible for documenting network related issues.

Environment: Cisco Switches and Routers, execute LAN (VLAN Management) and WAN management, Wireshark and day-to-day End user and Data Center support, LAN & WAN Administration, EIGRP, OSPF & BGP Routing protocols, IP address schemes and subnet masks.

Hire Now