SUMMARY

• Experienced Security Consultant wif seven years of IT experience wif a focus on designing and developing security solutions.
• Skilled & technically proficient wif multiple firewall solutions, network security, and information security practices.
• Experienced Checkpoint Firewall, Security and Network Administrator as well as a Cisco Certified Network Professional (CCNP), routing and switching.
• Strong noledge base in teh design and deployment of Blue Coat Proxy SG, Palo Alto Firewalls and Check Point Firewalls.
• Knowledge in planning, design, implementing and troubleshooting complex networks and advanced technologies.
• Expert Level F5 BIG - IP Local Traffic Manager (LTM) and F5 BIG-IP Global Traffic Manager (GTM).
• Advanced noledge in design, installation and configuration of Juniper NetScreen Firewall ISG 1000/2000, SSG series and NSM Administration.
• Experienced in design, installation, configuration, administration and troubleshooting of LAN/WAN infrastructure and security using Cisco routers/Switches/firewalls.
• Proficient in design, implementation, management and troubleshooting of Check Point firewalls, Cisco PIX, NetScreen Firewalls, Check Point Provider-1 / VSX, Nokia VPN, Palo Alto IDS, Foundry / F5 Load Balancers, and Blue Coat PacketShaper systems.
• Experienced in implementing / maintaining compliance wif security and IT standards such as BS7799, BS15000, and SAS70.
• Designed and Implemented Cisco Nexus Platform, Cisco UCS & HP Virtual Connect Flex10.
• Advanced noledge in Cisco ASA 5000 series and PIX installation, configuration and maintenance.
• Experience in Network Intrusion detection/Intrusion Prevention System and Firewalls.
• Advanced noledge in Cisco Switches and Routers Configurations.
• Advanced noledge in TCP/IP suite and routing protocols, such as OSPF, BGP, and EIGRP.
• Advanced Knowledge in IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols.
• Conduction of Security Awareness and Network training for NOC and SOC staffs.
• Expert in Data Center Technologies such as vPC, VDC, VSS, STP, FCoE, OTV & FabricPath
• Highly Experienced in Cisco Catalyst 6500 Platform and its Service Modules
• Drafted and installed Checkpoint Firewall rules and policies.
• Experienced in conducting Disaster Recovery drills, and following best practices for network operations and security.
• Expertize skillset includes solutions for clients in teh financial, retails, chemical & technology services domain.
• Extensive experience in balancing Information Security requirements by having a broader perspective on teh business process of security administration.
• Hands on skills included end-to-end security management (security aspects in all stages of product development) and end-to-end product development (from functional design of teh system to testing and deployment).

TECHNICAL SKILLS

Nexus: Nexus 7010 / 5548 UP / 5020 / 2232 PP / 2248 TP / 1000 V

UCS: Fabric Interconnect 6248/6120, IOM 2208/2204/2104, B200 M2, HP VC FLEX-10

Switches: Cisco Catalyst VSS 1440 / 6513 / 6509 / 4900 / 3750-X / 2960

Routers: Cisco Routers ASR 1002 / 7606 / 7304 / 7206 / 3945 / 2951 / 2600

ANS: F5 BIG-IP LTM 6900/6400, Array APV 5200/2600/TMX 5000, Cisco CSM, CSS

VPN: ASA 5520, Cisco Concentrator 3030, Nortel Contivity Extranet 1500

NMS: NAM, Sniffer, SolarWinds NPM, Cisco Secure ACS 5.2, CiscoWorks, Cacti, Syslog-ng

Operating Systems: Windows, NT, Windows 98/XP/2000/2003/2007, MS-DOS, Linux, UNIX (Linux, RedHat, Solaris, HP-UX)

Firewalls: Check Point, Palo Alto, Cisco ASA 5585/5520, Panorama, WildFire, Check Point Blades, Cisco PIX 535/525, Palo Alto PAN 5050

DNS: Alteon, F5, BlueCat, InfoBlox, Nortel 8600, Nortel 5500, Juniper

Monitoring: NetScout, HPOV, SmartsIC, SolarWinds, OPnet, TCPDUMP

Protocols: TCP/IP, L2TP, PPTP, IPSEC, IKE, SSL, SSH, UDP, DHCP, DNS

Routing: OSPF, EIGRP, BGP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static Routing

Switching: VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switching, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging

Database: Oracle 10g/9i, SQL Server 2005/2000

Networking: Conversant in LAN, WAN, Wi-Fi, DNS, WINS, DHCP, TCP/IP, ISCSI, Fiber, Firewalls/IPS/IDSHardware Dell, HP, CISCO, IBM, SUN, CheckPoint, SonicWALL, Barracuda Appliances, SOPHOS email appliances Load Balancer F5 BIG IP, F5 BIG-IP LTM, F5 BIG-IP GTM

PROFESSIONAL EXPERIENCE

Confidential, Albany, NY

Resident Engineer

Responsibilities:

• Device Configuration, Rack-and-Stack, Troubleshooting, Deployment and Maintenance of Confidential Firewalls PA-7050, PA-7080, PA-5060, PA-3060, PA-820, PA-500, Panorama VM-ESXi, Threat Prevention License, URL Filtering License, Global Protect Licenses.
• Creation of custom Security Profiles for Antivirus, Anti-Spyware, Vulnerability Protection, File Blocking and WildFire Threat Protection - both as Custom Objects and Group Objects.
• Management of Enterprise Firewalls using Panorama Device Groups, Templates and Template Stacks. Appropriate assignment of Security, NAT and Decryption Pre-Rules and Post Rules in Panorama Policies Tab.
• Software Code Upgrades from PAN-OS 7.1 to PAN-OS 8.0.2 and then subsequently to PAN-OS 8.0.4 to suit customer environment based on a reported BGP-BFD bug fix. Extensive and in-depth analysis of PAN-OS release notes every week.
• Palo Alto Virtual Firewall Deployment using VMWare NSX and Citrix NetScaler SDX versions using L2 and L3 Interfaces wif models VM-100, VM-300, VM-500, and VM-1000-HV
• Troubleshooting Deployment issues raised during VMWare NSX and vSphere ESXi during installation, licensing and connectivity to teh PANORAMA
• URL Filtering rules migration from ZScaler Cloud Proxy Servers to PANDB URL Filtering Profile Rules.
• User-ID Implementation using Authentication Methods - Kerberos and SAML 2.0 wif Microsoft ADFS and Okta for Two-Factor Authentication using Captive Portal.
• Migration of Palo Alto firewalls from Cisco ASA 5585 Multiple-Context based firewalls and Juniper SRX 3600/5400/5800 & NetScreen 5400. PANDB migration and code upgrades for Palo Alto Firewalls.
• Building Site-to-Site VPN Tunnels wif a Legacy Vendor and PA-7000Series Firewalls.
• Design and Implementation of Multi-VSYS Infrastructure for PA-7080 Firewalls to support vendor traffic dat is distinct and separate from customer LAN Networks.
• Configuration of Static Routes and BGP Routes on PAN-OS Virtual Routers using BFD wif next-hop Cisco ASR 6500 Router for Layer 3 Routing.
• Audit and analyze current 3rd party firewall vendor configuration of Cisco ASA and Juniper and Migration of configuration to convert 3rd party port-based rules into Confidential port-based rules.
• Conversion of port-based rules into Confidential App-ID rules.
• Took a scheduled downtime and production cutover using teh Change Management Process for teh Migration and performed post conversion audit, reporting, and best practices documentation.
• Work to monitor teh network traffic post migration and validate teh Confidential configuration meets you needs as well as a complete fine-tuning and optimization of teh configuration and features.
• Troubleshooting end-user connection issues related to tcp-reset, policy-deny, connection-timeout, server unavailable by performing packet capture on teh Confidential Firewalls.
• Configuration of Syslog on teh PA-Firewalls to send Traffic, Authentication, Threat Logs to Splunk Servers, Panorama and Symantec IDS Monitoring Servers.
• Monitored security events, analyzed teh results and escalated, when necessary, to teh appropriate group for remediation.
• Strong hands-on experience in Installation, Configuration and troubleshooting of Cisco Routers and Switches.
• Strong noledge of Protocols BGP, OSPF, EIGRP, IPv4/IPv6, PPPoE, MPLS, QoS and VLANs.
• Experience on ASRs, 7200, 6500 and Nexus 5000 &7000 product lines.
• Experience in problem solving on IP Core networks including routing convergence issues, routing configuration issues, WAN protocol issues.
• Performed analysis and diagnosis of complex networking problems in area of IP Core and MPLS/VPN networks.
• Hands on experience on Cisco Switches 6500, 4900, 4000, 3750, 3500, 2900 series switches and 7200, 2900 series routers
• Hands on experience on Juniper Switches and Firewalls.
• Hands on experience on F5 Load Balancer - for even distribution of client requests to teh pool of servers.
• Created SSL Certificate Private Key Infrastructure (PKI) in teh SSL Certificate and KEY management and rollover process using Cisco ASA Firewall.

Confidential, New Castle, Delaware

Senior Network Security Engineer

Responsibilities:

• Strong hands-on experience in Installation, Configuration and troubleshooting of Cisco Routers and Switches.
• Strong noledge of Protocols BGP, OSPF, EIGRP, IPv4/IPv6, PPPoE, MPLS, QoS and VLANs.
• Experience on ASRs, 7200, 6500 and Nexus 5000 &7000 product lines.
• Secured network access wif Cisco Secure (RADIUS/ TACACS+)
• Leveraged firewalls, route maps, access list, SSH, port security and TACACS (terminal access controller access control system) to achieve excellent network security.
• Performed basic security audit of perimeter routers, identifying missing ACL's, writing and applying ACL's.
• Experience in problem solving on IP Core networks including routing convergence issues, routing configuration issues, WAN protocol issues.
• Performed analysis and diagnosis of complex networking problems in area of IP Core and MPLS/VPN networks.
• Hands on experience on Cisco Switches 6500, 4900, 4000, 3750, 3500, 2900 series switches and 7200, 2900 series routers
• Hands on experience on Juniper Switches and Firewalls.
• Hands on experience on F5 Load Balancer - for even distribution of client requests to teh pool of servers.
• Architecture Designed and Implemented Checkpoint R75, 77.20 Gaia, Cisco ASA 5540, 5580 and VSX, Juniper SRX 3600, 5800 as per teh business requirements.
• Implement new rules on Checkpoint Gaia Versions 77.10, 77.20, R65 on teh existing firewalls for a server refresh project and decommissioning of unused rules per user needs
• Upgraded Checkpoint firewalls and management servers from Splat R75.30 to Gaia R77.20
• Established IPSec VPN tunnels between external vendor firewalls and corporate perimeter firewalls using Checkpoint and Cisco ASA 5500 Platform.
• Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls (110+ firewalls) - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
• Develop teh complex Use Cases, Universal device support Modules on teh QRadar SIEM and Qradar Log Manager tool.
• Writing and Enhancing teh Processes and procedures to apprehend teh Network anomaly behavior in Qradar Network Anomaly Detection Manager.
• Develop teh Scenarios for teh detection of zero-day threats in teh Qradar Network anomaly detection and Qradar SIEM Tool.
• Monitored security events, analyzed teh results and escalated, when necessary, to teh appropriate group for remediation.
• Worked on F5 BIG-IP Local Traffic Manager (LTM) to automate, and customize applications in a reliable, secure, and optimized way
• Created SSL Certificate Private Key Infrastructure (PKI) in teh SSL Certificate and KEY management and rollover process using Cisco ASA Firewall.
• Programmed iRule in F5 BIG-IP device based on F5's exclusive, to unprecedentedly control and directly manipulate and manage any IP application traffic.
• Responsible for F5's API iControl and application integration configuration and administration across global networks.
• Worked on F5 BIG-IP Local Traffic Manager (LTM) to automate, and customize applications in a reliable, secure, and optimized way
• Worked on SteelHead Interceptor for designing and maintaining complex Web hosting network architectures.
• Reviews WAF Management console logs for attackers and OWASP Top 10(s) for escalation to block at border routers.
• Encryption key custodian, curates & imports Secure Sockets Layers Certificates and Keys into WAF.
• Performs IMPERVA support WAF Management Servers (MX) configuration exports/imports ensuring seamless upgrades.
• Configured Citrix NetScaler responder policy and to maximize teh performance and availability of all applications and data, and also provide secure remote access to any application from any device.
• Experience in integrating identity federation wif Cloud (SaaS) SAML based applications using F5 APM.
• Experience wif Juniper environment including SRX/Junos Space.
• Used F5 BIG-IP Local Traffic Manager (LTM) and provided a flexible, high-performance application delivery system to increases operational efficiency and ensures peak network performance for critical business applications.
• Configuration of Palo-Alto PA 5000 series firewalls for outbound traffic via blue coat proxy server.
• Worked wif level-2 team on migration project of CMA's from one Provider-1 to other Provider-1.
• Troubleshooting and Configuration of F5 Web Accelerator and Application Security Module (ASM).
• Worked on implementation of SSL certificate and Key using F5 DOS and DDOS features and mitigation methods accelerator for SL inspection.
• Provided Load Balancing towards access layer from core layer using F5 Network Load Balancers.
• Implementing proxy rules in Bluecoat Proxy SG using Blue Coat Director.
• Worked on changing global objects and global rules to local objects and local rules for migration project
• Proficient in design, implementation, management and troubleshooting of Check Point firewalls, Cisco PIX, NetScreen Firewalls, Check Point Provider-1 / VSX, Nokia VPN, Palo Alto IDS, Foundry / F5 Load Balancers, and Blue Coat Packet Shaper systems.
• Operated F5 Big IP and VIPRION systems LTM/GTM Load balancer LHA requests. Create Nodes, Virtual pool, Virtual server and sticky group etc. SNAT and NAT.
• Installed and configured Cisco ASA 5585 10G Firewall at Database & App Server Layer
• Installed and configured Checkpoint Firewall in Internet Edge and Firepower Series using Cisco ASA for additional vulnerability scanning
• Designed and deployed Network Design wif a detailed Implementation and Test Plan
• Incorporate Data Loss Prevention using Symantec and McAfee Solutions
• Worked on HP Tipping Point - Intrusion Prevention Systems
• Designed and implemented Overlay Network Management Network to manage all our Production Devices wif Syslog, Cisco Secure ACS, TACACS+ and SolarWinds NPM.
• Deployed Cisco ISE 2.0 and Profiling Policies
• Experience wif Splunk Monitoring and Reporting

Confidential, Sterling, Virginia

Blue Coat Engineer / Network Security Engineer

Responsibilities:

• Configured and supported Blue Coat Web Proxies - ProxySG, ProxyAV, Content Analysis System, Threat Detection ProxyCAS, Malware Analysis System, Management Center, Director, Reporter
• Design and implementation of Proxy SG 9000, SG 210 and SG 510 Series Forward and Reverse Proxy in both Explicit and Transparent Architecture
• Integration of Proxy SG and Proxy CAS for Malware analysis and content filtering for internal traffic and configuring policy based routing
• Adding routes on teh Proxy SG for internal traffic going out to external websites and performing SSL Intercept on certain websites
• Troubleshooting SSL Decryption issues wif respect to teh SSL Visibility Appliance
• Troubleshoot ICAP Errors and Certificate Authority Issues on teh Proxy SG
• Perform Policy Trace and investigate teh root cause of Application Layer connectivity problems.
• Initiate and investigate teh Packet Capture of teh User IP address and underlying Protocol Analyzer for teh packets detected using teh Wireshark tool.
• Engage teh Load Balancer configuration for teh Explicit Proxy Configuration and TEMPEffective Load Sharing in a round-robin manner.
• Perform root cause analysis wif 3rd party vendors using teh Service Now and Remedy Ticketing Systems for corporate level changes
• Resolve tier 3 level problems related to DNS failures, IP address conflict and users explicitly going to uncategorized websites
• Follow up wif teh Blue Coat Site Review and teh Blue Coat vendor for proper categorization of teh Internet Websites
• Provide detailed documentation to senior management for review of all teh enterprise infrastructure changes made for teh corporate proxies
• Implement changes on switches, routers, load balancers (F5 and CSS), wireless devices per engineers instructions and troubleshooting any related issues
• Designed and configured Palo Alto Central Management Platform wif Panorama and WildFire Deployment
• Configured and troubleshot routing protocols including static, dynamic (BGP, OSPF and EIGRP) and PBR.
• Designed, Installed and Troubleshot Palo Alto Firewalls wif teh cluster using Panorama
• Implemented Sandboxing Interface using Palo Alto WildFire
• Supported Tomcat server clustering, load balancing, failover and performance tuning
• Resolved difficult customer cases through collaboration wif development, QA, and professional services
• Reengineered teh LAN to provide more reliable services and to reduce teh latency, analyzed teh NT domain in teh Austin office to determine all teh problems
• Implemented and designed Network using Cisco 2800 and 3800 routers, and catalyst 2950, 3560, and 3750 switches.
• Configured Citrix NetScaler ADC for load balancing and assigned virtual server IP (VIP) address to virtual servers.
• Configured F5 Load Balancers and worked on F5 IHealth and Payoda AppviewX self service.
• Worked on F5 Load Balancer to load balance teh Unified CVP http and https traffic.
• Deployed teh Unified CVP solution wif F5 BIG-IP load balancer in Standalone and Comprehensive deployment models for HTTP load balancing.
• Working on teh project of F5 LTM and GTM code upgrade project, doing couple of them every week.
• Responsible for administration of F5 configuration CLI including both BigPipe and Shell (TMSH).
• Created subnets (on these switches) from teh given Class B and Class C addresses to support teh VLANs.
• Implemented inter-VLAN routing (on 3560 and 3750 switches) among teh VLANs to allow communication on larger internetworks.
• Configured F5 BIG-IP for server load balancing, global data center load balancing, DNS services, web application firewall, access management, web performance optimization, and WAN optimization.
• Implemented extended ACLs on 3560 and 3750 to allow communication between teh required networks, and to restrict other communications.
• Monitored system logs and root's email for important messages such as errors and warnings or hardware failure errors
• Implementing and configuring F5 LTM's for VIP's and Virtual servers as per application and business requirements.
• Created custom ISE policy elements in IP Networks and DMZ security Firewalled Zones.
• Responsible for reviewing and recommending enterprise identity management solutions and deployment alternatives to external customers and internal end-users
• Configured VLAN load-balancing on layer three switches to improve teh performance of teh VLANs and network.
• Used teh Wireshark and other traffic analyzers for DNS Caching and analyzing impact on global site persistence and site affinity.
• Performed Firewall Policy Audit based on teh script from Firemon for hardening ports and restricting policy based forwarding to teh internet
• Configured and supported Blue Coat Web Proxies - ProxySG, Proxy AV, Content Analysis System, PacketShaper, Threat Detection ProxyCAS, Director, Reporter
• Used F5 BIG-IP Local Traffic Manager (LTM) and provided a flexible, high-performance application delivery system to increases operational efficiency and ensures peak network performance for critical business applications.
• Troubleshooting and Configuration of F5 Web Accelerator and Application Security Module (ASM).
• Conducted Cisco ASA, Checkpoint, and Palo Alto Firewalls Administration
• Redesigned and implemented Campus LAN wif 6500 Platform on Core/Distribution/Access /Perimeter model on 10G backbone
• Designed and Implemented Cisco UCS pods in Nexus 7000 and Cisco 6500 Platform
• Configured UCS Fabric Interconnects 6248 / 6120
• Configured UCS Manager by defining Service Profile Template, Policies & Pools for Production Servers and DR Servers.
• Configured and troubleshot Site to Site VPN tunnels wif our clients on Cisco ASA 5500 Platform
• Configured and troubleshot Cisco Routers ASR 1000/7600//7300/7200/3900
• Configured and deployed Routing Protocols EIGRP/OSPF/BGP/RIP/IS-IS
• Experience configuring/troubleshooting WAN Technologies MPLS/Sonet/ATM/Frame-Relay/HDLC/PPP on Cisco Routers
• Designed and implemented IPv6 on Catalyst 6500 platform to test our products compatibility issues on IPv6 protocol
• Designed and deployed Network Design wif a detailed Implementation and Test Plan
• Performed analysis and diagnosis of highly complex networking problems in teh Data Center Environment.

Confidential, Los Angeles, CA

Network Security Engineer

Responsibilities:

• Responsible for Security infrastructure engineering as well as a Microsoft Windows, UNIX, Checkpoint Firewalls, Juniper firewalls, PIX firewalls, Bluecoat Proxies, Juniper Intrusion Prevention devices, and wireless switch Security Management.
• Conducted monitoring, optimizing, problem resolution, root cause analysis, and managed all aspects of access to specified systems.
• Worked on F5's Traffic Management Operating System (TMOS) ensuring applications are fast, secure and available.
• Configure and troubleshoot VLAN, VPN, VTP, STP and Trunks.
• Application Performance Tuning for analysis of networks and enterprise-wide application
• In depth noledge of configuring and troubleshooting routing protocols including static, dynamic (BGP, OSPF and EIGRP) and PBR.
• Supported Tomcat server clustering, load balancing, failover and performance tuning
• Resolved difficult customer cases through collaboration wif development, QA, and professional services
• Reengineered teh LAN to provide more reliable services and to reduce teh latency, analyzed teh NT domain in teh Austin office to determine all teh problems
• Implemented and designed Network using Cisco 2800 and 3800 routers, and catalyst 2950, 3560, and 3750 switches.
• Created subnets (on these switches) from teh given Class B and Class C addresses to support teh VLANs.
• Implemented inter-VLAN routing (on 3560 and 3750 switches) among teh VLANs to allow communication on larger internetworks.
• Configured F5 BIG-IP for server load balancing, global data center load balancing, DNS services, web application firewall, access management, web performance optimization, and WAN optimization.
• Implemented extended ACLs on 3560 and 3750 to allow communication between teh required networks, and to restrict other communications.
• Monitored system logs and root's email for important messages such as errors and warnings or hardware failure errors
• Implementing and configuring F5 LTM's for VIP's and Virtual servers as per application and business requirements.
• Created custom ISE policy elements in IP Networks and DMZ security Firewalled Zones.
• Responsible for reviewing and recommending enterprise identity management solutions and deployment alternatives to external customers and internal end-users
• Configured VLAN load-balancing on layer three switches to improve teh performance of teh VLANs and network.
• Configured and supported Blue Coat Web Proxies - ProxySG, Proxy AV, Content Analysis System, PacketShaper, Threat Detection ProxyCAS, Director, Reporter
• Used F5 BIG-IP Local Traffic Manager (LTM) and provided a flexible, high-performance application delivery system to increases operational efficiency and ensures peak network performance for critical business applications.
• Conducted Cisco ASA, Checkpoint, and Palo Alto Firewalls Administration
• Redesigned and implemented Campus LAN wif 6500 Platform on Core/Distribution/Access /Perimeter model on 10G backbone
• Configured and troubleshot Site to Site VPN tunnels wif our clients on Cisco ASA 5500 Platform
• Configured and troubleshot Cisco Routers ASR 1000/7600//7300/7200/3900
• Configured and deployed Routing Protocols EIGRP/OSPF/BGP/RIP/IS-IS
• Experience configuring/troubleshooting WAN Technologies MPLS/Sonet/ATM/Frame-Relay/HDLC/PPP on Cisco Routers
• Designed and implemented IPv6 on Catalyst 6500 platform to test our products compatibility issues on IPv6 protocol
• Designed and deployed Network Design wif a detailed Implementation and Test Plan
• Performed analysis and diagnosis of highly complex networking problems in teh Data Center Environment.
• Interfaced wif user community to understand security needs and implements procedures to accommodate them. Ensured dat user community understands and adheres to necessary procedures to maintain security.
• Provided status reports on security matters to develop security risk analysis scenarios and response procedures.
• Troubleshot access issues.

Confidential, Los Angeles, CA

Security Consultant/Engineer

Responsibilities:

• Firepower Series using Cisco ASA for additional vulnerability scanning
• Designed CheckPoint Unified Threat Management System (UTM) and Endpoint Protection
• Managed and troubleshot Checkpoint Security Management appliances (Smart-1 series) and Checkpoint Security Gateway appliances (Power-1 series)
• Monitored security events, analyzed teh results and escalated, when necessary, to teh appropriate group for remediation.
• Performed Checkpoint firewall upgrade of 50 firewalls from R55 to R65. Teh firewalls were on Nokia IP 1220 platforms. Administered Juniper 50, 200, 500, and SSG 520 firewalls.
• Network documentation was done wif MS Access, Visio, and Power Point. Microsoft Project was used to ensure dat all project timelines were adhered too.
• All Juniper firewalls were managed through NSM. Site to site VPN for all b2b and vendor tunnels wif Checkpoint and Cisco VPN’s. MacAfee was teh anti-virus used at teh desktop and server levels wifin Mass Mutual.
• Designing Networks wif optimized IP addressing schemas.
• Configuration and Implementation of Routers & Switches, Access Points and ASA Firewalls
• Hands on experiences on switching technologies like VLAN, VTP, DTP, STP, RSTP, HSRP, VRRP, CSMA/CD and Port Security.
• Designing security solutions & zone based Firewalls.
• Knowledge on Juniper SRX240, SRX220, and SRX550 series firewalls
• Expertise in installing, configuring, and maintaining Cisco Switches (2900, 3500, 3700 series, 6500 series)
• Expertise in installing, configuring, and troubleshooting of Cisco Routers (3800, 3600, 2800, 2600, 1800, 1700, 800)
• Knowledge on Nexus 7000, Nexus 5000 and Nexus 2000 switches
• Hands on experiences on VLSM, Classless Inter Domain Routing (CIDR) and Route Summarization.
• Hands on experiences on Routing protocols like RIPv1, RIPv2, EIGRP, OSPF and BGP.
• Strong experience in Routing policy manipulations - Route-Map, Route-filters and Prefix-lists.
• Hands on experiences on Load Balancing on equal and unequal cost paths.
• Implementing back up paths using EIGRP routing protocols.
• Troubleshooting of Routing protocols.
• Implementation of security policies to secure teh Network devices like Switches, Routers, Firewalls, Access Points
• Hands on experience on WAN link Protocols ATM, Frame Relay, HDLC and PPP.
• Configure and troubleshoot VLAN, VPN, VTP, STP and Trunks.
• Designed, wrote, and maintained common procedures, SLI's and EXEC's for installed operating systems.
• Performed other related duties as assigned or requested in compliance wif ISO 27001 and 9000 (International Standards Organization).
• Developed new custom connectors (me.e. flexconnectors) to integrate site specific data
• Tested and integrated ArcSight provided connectors
• Integrated ArcSight event actions into other company systems
• Provided ArcSight technical expertise
• Provided support to company ArcSight Clients
• Executed tasks and lead small projects as needed.
• Communicated and interacted directly wif other staff to ensure optimal individual and group performance.
• Supported Pointsec encryption products for teh MassMutual corporate network.
• Tailored policies and support around company business requirements.

Confidential

Network, Server and Firewall Engineer

Responsibilities:

• Maintained and troubleshot 40 Windows 2000 severs and 3 NT 4.0 servers.
• Created and managed network, Exchange and Lotus notes accounts.
• Implemented terminal services on numerous servers for remote administration and application sharing.
• Created and managed user home directories and network shares.
• Setup and maintained network services: DHCP, WINS, DNS Public & Private and Print services.
• Maintained all hardware on Compaq, IBM and Dell servers and trouble shoot device conflicts.
• Installed and configured Cisco 2500/2600/3600 routers.
• Responsible for all internal static routing.
• Setup internal routing protocol EIGRP
• Created PPP multilink bundles to increase bandwidth between offices.
• Implemented multi router graphing tool to monitor teh company WAN links and Internet T1’s
• Performed a diagnosis first then contacting teh clients IT team, presenting them wif my findings and working wif them to resolve teh issue.
• Implemented numerous Site to Site T1’s utilizing hardware from Cisco & Netopia
• Implemented and managed Norton’s corporate anti-virus solution.
• Implemented teh company dial up networking solution utilizing a Cisco 3600 wif 24 digital modems and a PRI.
• Migrated teh company from bay networks 100mbit hubs to HP managed switches.
• Incorporated VLANS to segment traffic on managed switches.
• Utilized firewall log for investigative and troubleshooting purposes.
• Used TCP Dump to troubleshoot access issues.
• Upgraded IPSO on Nokia IP440 security platform.
• Installed service pack upgrades.
• Implemented SecuRemote VPN for high speed remote access.
• Managed NetScreen firewalls to include:
• Created site to site VPN tunnel
• Created rule base to support site to site VPN.
• Led a group of 2 halpdesk techs and another network administrator.
• Created and maintained detailed network diagrams on teh infrastructure of teh company utilizing Visio.
• Implemented Secure FTP site utilizing SSL encryption.