We provide IT Staff Augmentation Services!

Sr. Network Security Engineer Resume

Houston, TX

SUMMARY

  • IT Professional with 8+ years of experience in Designing, Implementing and Troubleshooting Networks and Enterprise Networks and Network Administration
  • Expertise in installing, configuring, and troubleshooting of Cisco Routers (7600, 7500, 7200, 3800, 3600, 2800, 2600, 1800, 1700, 8000)
  • Working knowledge of installing, configuring, and maintaining Cisco Switches (2900, 3500, 3700 series, 6500 series)
  • Good knowledge of Cisco Nexus 9K, 7K, 5K, 3K & 2K Switches.
  • Experience on Static routing, Default routing and dynamic routing protocols like EIGRP, OSPF, RIP, BGP and MPLS.
  • Knowledge of Spanning Tree Protocol (STP), Per VLAN Spanning Tree (PVST), Rapid STP (RSTP) and Rapid per VLAN Spanning Tree (PVST+)
  • Knowledge of WAN technologies such as T1, T3, DS3, OC3, OC12, SONET, Fiber and Frame relay, ISDN, ATM, PPP, HDLC
  • Extensive experience in upgrade, backup and password recovery of Cisco IOS.
  • Experience in configuring Virtual Local Area Networks (VLAN) with IEEE 802.1Q, VLAN Trunking protocol (VTP), shortest path bridging, Multiple VLAN Registration Protocol and VLAN Cross Connect (CC).
  • Experience on IPv4 & IPv6 Addressing, Fixed Length & Variable Length Subnet Masking (VLSM), OSI and TCP/IP models.
  • Experience in migration of IPv4 addresses to IPv6 addresses using mechanisms like Tunnel Broker, Transport Relay Translation (TRT), NAT64, DS - Lite and DNS64.
  • Experience in configuration of LAN protocols such as Ethernet and Fiber Distributed Data Interface (FDDI) on Cisco Switches.
  • Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 5000 and 2000 for the corporate applications and their availability.
  • Working knowledge ofnetworkmonitoring/management tools like Wireshark, TCP Dump, Cisco Prime, Net Flow, PRGT, Solar Winds.
  • Good knowledge on networking protocols like FTP, TFTP, Quality of Service (QOS), PAP, CHAP, HTTPS, ICMP, TCP, UDP

TECHNICAL SKILLS

Cisco Routers: 7600, 7500, 7200 VXR, 3800, 3700, 2800, 2600

Cisco Catalyst Switches: 6506, 6509, 4928, 4948, 4507, 4510, 3750, 3560, and 2960

Nexus Switches: Nexus5548, 5596, 7009, 7018, 9300, 9500

IP Routing Protocols: BGP, OSPF, EIGRP, IGRP, RIP v1 & v2, IS-IS

AAA: TACAS, RADIUS, CISCO ASA, cisco ACS

F5 Load Balancer: LTM, GTM, ASM, APM

MPL: SLDP, MPLS L3 and L2 VPN

Load Balancing: Cisco ACE 4700 series, F5 LTM

Firewalls: Cisco ASA 5500, Cisco PIX 500, Checkpoint r77, checkpoint r65, Palo Alto

LAN Switching: STP, IEEE 802.1Q, VTP, VLAN & Inter-VLAN routing, QoS

WAN/core: ATM, Frame-Relay, ISDN, PPP, HDLC

Optical infrastructure: SONET OC3-OC192, SDH, POS, PDH

IP Telephony: SIP, H.323, RTP, Voice Gateways, CCM, QoS

VoIP Devices: Cisco IP phones, Cisco 5500, 6500 series controller, Avaya 3000, 6000, 7200 Series Controllers

Quality of service: CBWFQ, RED/WRED

Wireless Technology: Cisco AP, LWAP, Access Points, WCS, Aruba

Ticketing software: Connect Wise, Remedy system

Management software: ESM, HP open view, Solar winds, PRTG Network Monitor

IPSEC/VPN Configuration: PIX to Router, Router to Router, PIX to VPN wildcard client, Router to VPN wildcard client, PIX to PIX, fully meshed configurations

Cabling: CAT 5, CAT 5e, CAT 6, CAT 6a

Operating Systems: Windows Server/8/7/Vista/XP, Nexus OS, Cisco IOS-XR, Linux, UNIX (Mac OS)

Microsoft Office: Visio, Excel, PowerPoint, Word

Proxy: Websense, cisco CWS

PROFESSIONAL EXPERIENCE

Confidential - Houston, TX

Sr. Network Security Engineer

Responsibilities:

  • Effectively involved in configuring and implementing of composite Network models consists of Cisco 7600, 7200, 3800 Series Routers and Cisco 2950, 3500, 5000, 6500 Series switches.
  • Created objects and pushed polices on checkpoint firewalls.
  • Installed various checkpoint blades likes IPS, VPN.
  • Day-to-day work involved scheduling firewall policy provisioning and working with users to identify connectivity related issues and troubleshoot using both Smart Utilities and CLI.
  • Managing and administering Palo Alto and Checkpoint Firewalls at various zones including DMZ, Extranet (Various Business Partners) and ASZ and internal.
  • Implement IPSEC, SSL VPN solutions including Palo Alto Networks Global Protect with single and multiple.
  • Troubleshooting Firewall Connectivity related issues using Smart view tracker on Checkpoint.
  • Understand the flow of traffic through the Check Point Security gateway cluster and troubleshoot connectivity issues using advanced troubleshooting from Command Line Utilities.
  • Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for Stateful replication of traffic between active and standby member.
  • Involved in Switching Technology Administration including creating and managing VLANS’s, Port security, Trunking, STP, Inter-VLAN routing, LAN security etc.
  • Deployed Layer 2 security in Server Farms by configuring switch for 802.1x port based authentication.
  • Used any connect VPN for secure connections with the Cisco ASA Firewalls (5585, 5550, and 5540) and use command line CLI, Cisco CSM, ASDM for day-to-day administration.
  • Configured rules and maintaining Palo Alto firewalls and analysis of firewall logs using various tools.
  • Backup Cisco IOS to a TFTP server and Upgraded and restored a Cisco IOS from TFTP server.
  • Migrated Cisco catalyst switches into Nexus (9K series) switches.
  • Configured Nexus 9000, 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000 and Nexus 7000 to connect servers and storage devices.
  • Identify different types of NAT on Cisco ASA firewalls and apply them.
  • Firewall policy provisioning on Fortinet FortiGate appliances using FortiManager.
  • Support Blue Coat Proxy in explicit mode for users trying to access Internet from Corp Network.
  • Administration Big IP F5 LTM for all Local Load balancing and use GTM for load balancing across Data Centers.
  • Performed basic security and ACL administration on Juniper SRX firewalls.
  • Configured RIP, OSPF and Static routing on Juniper M and MX series Routers.
  • Use SPLUNK enterprise for monitoring and analyzing the data.
  • Configured IPsec VPN tunnels, site-to-site and remote VPN’s.
  • Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
  • Provided redundancy to the network by implementing hot standby routing protocol (HSRP) and Load sharing for effective utilization of routers.
  • Used BIG-IP Access policy manger (APM) as add on module in LTM.
  • Used BIG-IP Application Security Manager (ASM) for scanning the threats and inspecting the HTTPS traffic.
  • Used cisco ACE module for cisco 6500 switch and cisco 7600 router.
  • Worked on patches & packages installation on Linux/Unix Environment.
  • Used cisco ASR 1000 router for better stability and redundancy.

Environment: STP, RSTP, Cisco IOS-XR, Juniper SRX, Juniper EX, ASA, VTP, VOIP, DMZ, Palo Alto, check point, Port-Channel, BGP, OSPF, EIGRP, PPP, HDLC, iSCSI, SNMP, DNS, DHCP, solar winds, web sense, LINUX.

Confidential - Saline, MI

Network Security Administrator

Responsibilities:

  • Firewall Policy Provisioning and troubleshoot connectivity issues through firewall.
  • Worked on Check Point Security Gateways and Cisco ASA Firewall.
  • Firewall Clustering and High Availability Services using Cluster XL on Check Point.
  • Configuring and tweaking Core XL and Secure XL acceleration on Check Point gateways.
  • Troubleshoot User connectivity issues on Checkpoint and Cisco ASA using CLI utilities.
  • Packet capture on firewalls and analyzing the traffic using Wire shark utilities.
  • Troubleshot Clustering issues on Check Point and Sync issues monitoring and fix.
  • Upgrade of Checkpoint Gateways in Cluster with Minimal downtime.
  • Network Migration from RIP to OSPF and EIGRP.
  • Configuring Cisco ASA firewalls in Single and Multiple Context Mode firewalls.
  • Upgrade of Cisco ASA Firewall in Active/Standby mode with no down time.
  • Worked on cleanup of several legacy rules of ASA and created a migration path to Palo Altos, configured for Global protect VPN, User ID, Wildfire set up, SSL decryption, license and policy management on Palo Alto appliances.
  • Responsible to evaluate, test, configure, propose and implement network, firewall and security solutions with Palo Alto networks.
  • Worked with Palo Alto firewalls using Panorama performing changes to monitor/block/allow the traffic on the firewall.
  • Configuring VPN both B2B and remote access SSL and centralized policy administration using FortiManager, used Fortigate Clustering Protocol (FGCP).
  • LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems)
  • VLAN design and implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to avoid loops in the network.
  • Trunking and port channels creation.
  • Working with OSPF as internal routing protocol and BGP as exterior gateway routing protocol.
  • Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation on Cisco ASA Firewalls.
  • Configured Juniper MX480s, EX8200s, EX4500s, EX4200s, and SRX5800s from scratch to match design.
  • Managing and configuring 4 juniper SSL VPN appliances (SA-4500 & 4000) for TSNA and ATS customers.
  • In-depth knowledge of Cisco ASA and Juniper NetScreen Firewall security. Update data related to network configuration, setup and implementation of Juniper Topology.
  • Used Citrix NetScaler for secure applications and maintain load balancer.
  • Used cisco prime infrastructure for monitoring wired and wireless networks.
  • Deployed a Syslog server to allow proactive network monitoring.
  • Implemented VLANS between different departments and connected them using trunk by keeping one VLAN under server mode and rest falling under client modes.
  • Configured Firewall logging, DMZs and related security policies and monitoring.
  • Documentation and Project Management along with drawing network diagrams using MS VISIO.

Environment: CISCO routers and switches, Access Control Server, VLAN, Trunk Protocols, CISCO ASA, DHCP, DNS, Spanning tree, Juniper SRX 240, Juniper SSG series, Juniper MX, Nimsoft

Confidential - Secaucus, NJ

Network Engineer

Responsibilities:

  • Network Migration from RIP to OSPF
  • Configuring HSRP between the 3845 router pairs for Gateway redundancy for the client desktops.
  • Upgrade Cisco Routers, Switches and Firewall (PIX) IOS using TFTP
  • Designed and implemented Cisco VoIP infrastructure for a large enterprise and multi-unit office environment.
  • Met aggressive schedule to ensure a Multi-office reconfiguration project which was successfully delivered.
  • Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.
  • Supporting EIGRP and BGP based PwC network by resolving level 2 &3 problems of internal teams & external customers of all locations.
  • Configuring Big-IP F5 LTMs (virtual servers, pools, SNATs, health monitors, iRules) for managing the traffic and tuning the load on the network servers.
  • Upgrade Cisco Routers, Switches and Firewall (PIX) IOS using TFTP.
  • Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
  • Install and maintain Palo Alto firewall configuration to protect secure data as part of PCI and SOX compliance.
  • Updated the HP open view map to reflect and changes made to any existing node/object.
  • Handled SRST and implemented and configured the Gateways, Voice Gateways.
  • Configuring STP for switching loop prevention and VLANs for data and voice along with Configuring port security for users connecting to the switches.
  • Ensure Network, system and data availability and integrity through preventive maintenance and upgrade.
  • Implementation and Configuration ( Profiles, I Rules) of F5 Big-IP C2400 load balancers
  • Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-VLAN routing, LAN security.
  • Worked on the security levels with RADIUS, TACACS+.
  • Identify, design and implement flexible, responsive, and secure technology services
  • Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
  • Performed load balancing and application level redundancy by deploying F5 BIG-IP LTM 3900.
  • Configured switches with port security and 802.1x for enhancing customers security.
  • Monitored network for optimum traffic distribution and load balancing using Solar winds.
  • Validate existing infrastructure and recommend new network designs.
  • Created scripts to monitor CPU/Memory on various low end routers in the network.
  • Handled installation of Windows NT Server and Windows NT Workstations.
  • Used Cisco Cloud Web Security (CWS) to protect the infrastructure from threats.

Environment: Net Flow, TACACS, EIGRP, RIP, OSPF, BGP, VPN, MPLS, CSM, SUP720, Ether Channels, Cisco 7200/3845/3600/2800 routers, Fluke and Sniffer, Cisco 6509/ 3750/3550/3500/2950 switches, Checkpoint firewalls (SPLAT), Cisco CWS

Confidential

Network Engineer

Responsibilities:

  • Configured OSPF on CISCO devices with multiple routing processes and redistributed them. Tested and hands on experience in multi area OSPF topologies.
  • Configuring, managing and troubleshooting networks using routing protocols like RIP, EIGRP and OSPF (Single Area and Multi Area).
  • Assisted with troubleshooting all network issues with routers and switches when necessary and consulted with on call tech as needed for client.
  • Monitor, troubleshoot, test and resolve Frame Relay, ATM, MLPPP, PPP, and Dial-up.
  • Configuring/Troubleshoot issues with the following types of routers Cisco (7200, 6500, 4500, 1700, 2600 and 3500 series), to include: bridging, switching, routing, Ethernet, NAT, and DHCP, as well as assisting with customer LAN /MAN.
  • Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550.
  • Installation and Configuration of various types of Personal Computers and Printers. Installation of different operating systems on Intel based PC's.
  • Configuring VLANs, VTP’s, enabling trunks between switches.
  • Assisted in network engineering efforts consistent with the infrastructure of an Internet Service Provider and support of such network services. Helped in designing and implementation of VLAN for the new users.
  • Plans, coordinates, implements and supports the LAN / WAN hardware, software and Internet /Intranet integration network connectivity, diagnose network failures and resolve any problems.
  • Troubleshoot Frame Relay; T1, T3, IP and OSPF related router and circuit issues.
  • Documenting and Log analyzing the Cisco PIX series firewall.

Environment: Cisco 2990/3550/6550 switches, Cisco 7200/3845/3600/2800 routers, EIGRP, RIP, OSPF, BGP, VPN, Ether Channels, Sniffer

Confidential

Network Engineer

Responsibilities:

  • Provide high level technical support, including identifying and resolving problems on Cisco supported products for e-Commerce infrastructure. This included external routing and internal/intranet routing for DMZ servers.
  • Implemented cable multi-service operator (MSO) to capture traditional Telco subscribers with IP telephony and provide relevant QOS.
  • Configured EIGRP, BGP, and MPLS.
  • Configured Firewall, QOS by SDM and provide security by Prefix list, Access- List and By Distribution List.
  • Moved Core switches and several non-Cisco devices under strict deadlines to maintain network functionality
  • Configured Access layer switches.
  • Implemented new ultra-secure networks in multiple data centers that included Cisco, Juniper security devices.
  • Designed VLAN’s and set up both L2 and L3 logical to have it communicate to the Enterprise network.
  • Scheduled preventive maintenance for fire-protection systems, including new protocols.
  • Utilize MS Windows, Word, and Excel for reporting/documenting process.
  • Satisfactorily Resolved Problems in timely manner with focus on providing a high level of support for all customers.

Environment: Cisco 2950 switches and Cisco 3825 Routers, EIGRP, BGP, MPLS, VLAN, QOS

Hire Now