SUMMARY:

• An effective communicator with excellent analytical & problem - solving skills.
• With over 8 years’ experience in Networking & Security Technical Support, with expertise in working with Cisco and Checkpoint products.
• Insightful experience in planning, design, installation and configuration of networks and Security configurations of various network devices.
• Configure and manage firewalls.
• Established secure internet access for multiple private networks using NAT on PIX firewalls & Checkpoint
• VPN establishment using IPSEC, GRE tunnels on Firewalls
• Installing and configuring of check point firewalls.
• Troubleshoot Data Center Automation using methods such as REST API implemented by scripting Python.
• Multi-protocol network experience including MPLS, ExtraHop, Azure, ALTRIA, WSU,palo alto, TLS, EGP (BGP) and IGP (OSPF, EIGRP), TCP/IP,SSL, UDP, SSH, DHCP, RIP, VRRP, HSRP, VLAN, STP, SolarWinds, VxLAN, SCCM, Port Security, ORACLE, Unix/Linux, 802.1q and SNMP, Kafka, Identity Federation services, wireless (802.11), NAT/PAT.
• Deploy and manage with advanced security and network management tools like Aruba ClearPass Policy Manager, Aruba Airwave, and cloud-based Aruba Central.
• Work performed involves SME input and support on F5 and Cisco ACE load balancer, Virtualization, day in and day out work on the F5 Application Delivery Controllers ( LTM's, GTM's, Azure, SCCM, Port Security, ASM's, SolarWinds, WSUS,Cisco ACE modules and 4710 appliances).
• Configuration of URL Filtering on ASA & Checkpoint Firewalls.
• Configuration of Site to Site VPN on Cisco Firewalls & Checkpoint.
• Failover configuration on Cisco ASA &Checkpoint Firewalls.
• Configuration of F5 Load Balancers (LTM Module).
• VPN: Remote access VPN, Site to Site VPN in Checkpoint, Fortigate and ASA.
• T/S Tools: TCP dump, ORACLE, Azure, SCCM, Fw-monitor Wireshark.
• Cluster: Active-Active, Active- Standby concepts.

AREAS OF EXPERTISE:

• Knowledge on troubleshooting Leased Lines & ISDN Circuits.
• Configuration & troubleshooting of switches &Routers and firewalls
• Router hands on experience in configuration & trouble shooting
• Configuration & troubleshooting Routing protocols like RIP, ELK,EIGRP, OSPF
• Knowledge on switches, VMARE,VLAN, Azure, ALTRIA,SCCM, SolarWinds, Port Security, Extrahop,
• Virtualization, Trunking etc.
• Hardware replacement & spare management during the device failure. Ability to work in a team & interact with 3rd party suppliers & vendors
• Testing of hardware & software and ensure correct configuration changes.
• To upgrade the IOS in different routers & switches with TFTP server.

SKILL:

Switches: Cisco (1900, 2900,3500 and 6500)

Routers: Cisco (1750, 1800, 2800, 3700,3800,7200 series)

Pix Firewall: PIX 501,506E,515E, ASA 5510,5520,5540,5580

Checkpoint: NG R65, R72, R75, R7, 2200 (SPLAT, IPSO and Gaia)

Protocols: RIP, IGRP, EIGRP, OSPF, BGP and IPSec

Load Balancers: Kemp, A10, F5 (LTM) 11.x IOS

Network Monitoring Tools: HP Open View. OP Manager & Remedy, viz, HP Open NMS Ticketing Tool

Security Monitoring Tools: Sentinel Check Point Provider (R65), Nessus, SQL, SCCM, palo alto, Port Security, Elk, Virtualization, Check Point Smart View Tracker Designing addressing scheme to customer specific LAN/WAN environment.

Firewalls: Checkpoint R21, R75, R77.20, Cisco ASA 8.2

PROFESSIONAL EXPERIENCE:

Confidential, Northlake, IL

Data Center Tech/Network Engineer

Responsibilities:

• Experience in Networking, Network Security, Administration, Design, Project Implementation, Handling Customer connectivity, Troubleshooting Network issues, ExtraHop, ALTRIA, Azure, SolarWinds, Adhering to Security Policy, SME, Adhering to the committed Service Metrics.
• Implementing changes on Checkpoint Firewalls R65, R70 and R75.
• Establishing Site to Site Tunnel from Checkpoint Firewall & Cisco Routers.
• Establish Site to Site Tunnel between Cisco routers.
• Troubleshooting client connectivity issues related to firewalls and routers
• Trouble shooting Site to Site VPN/direct/remote access connectivity issues with clients.
• Installation of new firewalls.
• Installing Updates / Hotfix for checkpoint firewalls.
• Monitoring health of firewalls.
• Configuring and Managing Firewall Clusters.
• Providing Level 3 support in handling Client Connectivity issues.
• Adhering to the committed SLA with Customers & OLA with internal Peer Groups.
• Designed and implementation for Cisco Catalyst and Nexus, ORACLE, Azure, Cisco ACI, ALTRIA,SCCM, ExtraHop, Port Security, Unix/Linux, WSUS,Cisco ASA,TLS, Identity Federation services, SME, Kafka, Palo Alto Firewall, Checkpoint
• Hands-on experience in Catalyst Switches C6500, C4000, SolarWinds, C3000, C2900, and Nexus 4k, 5k, 9k.
• Experience with Networking Software Systems IOS, WSUS, IOS XR, Nessus, IOS XE, Virtualization, VMARE, NX-OS and core technologies Cisco ACI, VxLAN, Azure, SCCM, SolarWinds, ALTRIA,SME, ExtraHop, ORACLE, Port Security, VMARE, FCoE, LISP, Tripwire,SSL, Clusters,Cisco ONE.
• VXLAN Implementation on Cisco Nexus 9000 Series Switches
• Preparing new connectivity proposals and implementing new connectivity.
• Preparation & Implementation of Network Proposals based on the Project needs.
• Coordination with various peer groups & customer for implementation of new connectivity.
• Working with Delivery team to prepare the Questionnaire related to Network Security & Client Connectivity.
• Participating in Conference calls with customers for issues related to client connectivity
• Performing Back-up/failover test for different connectivity models.
• Supporting L1 and L2 team for troubleshooting client connectivity issues.
• Other experiences.
• Windows server administration.
• Managing Active directory, DNS server, Virtualization, SolarWinds,Tripwire,ALTRIA,SME, Elk,DHCP server, palo alto, ExtraHop, Kafka, VMARE, Nessus, SSL,File server, SCCM, Cisco ACI, Print server, Web servers, and Database servers.
• Managing the network infrastructures, Clusters, switches and Routers, link and firewall for ODC's.

Confidential, Sterling, VA

Network and Security Associate

Responsibilities:

• Planning, Controlling Infra Management System of NOC.
• Monitoring and securing Global NOC of all branches of Franklin branches in entire world.
• Troubleshooting and new installation of Router, ORACLE, SolarWinds, SME, SCCM, ExtraHop, Switch & ASA Firewalls.
• Maintaining weekly report of Commissioned, Upgraded, Downgraded and Terminated leased lines.
• Responsible for Level 2 activities.
• Effective Security Monitoring requires knowledge of data classification, systems vulnerability to threat, intent of threat, user authorization, existing security exception, policy, function of sensor.
• Design, Implement and Troubleshoot Highly Available and redundant topologies vPC, ALTRIA, SME, palo alto, WSUS,fabric path, STP, VXLAN, OTV, EVPN, PTP, NTP, DNS, DHCP, VLAN.
• Troubleshooted and configured VLAN, VTP, ORACLE, Azure, ALTRIA, Cisco ACI,, SCCM, nessus, ELK, Port Security, Virtualization, dot1Q, Clusters, Unix/Linux, LACP, VMARE, PVST+/RPVST+/MST, SSL, SME, SPAN, RSPAN,
• Deployed and Troubleshoot Complex Layer 3 Technologies, ExtraHop, Port Security, Azure, OSPF, ISIS, BGP, IBGP, PBR, BFD, OTV, Kafka, LISP, PIM, IGMP, RP, BSR, ACL's, DAI, IP source guard, Netflow
• Deployed OSPFv2 and OSPFv3 for IPv4 address-family, IPv6 address-family for large-scale data center
• Monitor Sentinel Console for unusual traffic and Understanding of Suspicious Vs Malicious Events. Configured and troubleshoot IPv4, Static NAT, dynamic NAT, SME,SCCM, Azure, SolarWinds,Tripwire,policy-based NAT, PAT, NAT ALG consolidate Unix/Linux systems into minimal hardware to reduce maintenance and cooling costs. Manage the incidents, Requests, Tasks, IT assets and Configuration Items using JIRA.
• Experience with 802.11a/g/n/ac Cisco WLC,nessus, Azure, Cisco ACI, Clusters, Port Security, CAPWAP, Unix/Linux, LWAPP, Cat3, be able to use tools such as Cisco Prime Infrastructure, Air Magnet suite to design and support WLANS.
• Experience with L2/L3 and wireless security features including Access-lists, WPA/WPA2,Elk, VMARE, Kafka, CCKM, TLSDSSL,,AES-CCMP, CCKM, 802.1X/EAP, PEAP, Cisco ACI, SME, SolarWinds, RADIUS and TACACS.
• Hands-on experience and well versed in utilizing networking tools and applications, such as Cisco Works, SolarWinds.
• Troubleshoot Network monitoring SNMP traps, NetFlow and MPLS OAM and Ethernet OAM
• Responsible for Cisco ASA, Palo Alto Firewall and Checkpoint firewall administration across our networks.
• Configured HA features on Cisco ASA and Cisco Firepower Threat Defense (FTD)
• Proper utilization of the core functionalities and utilities of Sentinel console to detect threats. This is ensured by use of appropriate active views (e.g.; Black list IP addresses) to for quick detection and response.
• Implement Network Security policies such as URL Filtering, Counters and Logs.
• Design and maintain Firewall and VPN infrastructure.
• Implementation of Network Address Translation (NAT), SCCM, Azure,Tripwire,VMARE, palo alto, ORACLE, Virtualization, Port Address Translation (PAT) using NAT Src, NAT-Dst, Elk, Port Security, MIP and VIP.

Environment: Cisco firewalls PIX (515E / 525), ASA ( 20), Switches like 6513, 6509, 3700, 3750, 3560E, Routers like 1800,3800, 7200 Series Checkpoint Firewalls R75 (SPLAT), Azure, Unix/Linux, SME, HP Open NMS, Sentinel are monitoring tools and Infra is ticketing Tool.

Confidential

Security Engineer

Responsibilities:

• Installing and Configuring of Cisco Routers (1800, 2800, 3800, 7200.) using RIP, EIGRP, and knowledge on OSPF.
• VPN establishment using IPSEC, GRE tunnels in Cisco routers.
• HSRP, VRRP implementation on routers.
• Troubleshooting of Enterprise application response problems & connectivity issues.
• Installing and configuring of Cisco L2 & L3 Switches (2900, 3560, and 3750).
• Configuring STP, VLAN, SCCM, TLS,nessuis, Azure, Cisco ACI, VMARE, ORACLE, SolarWinds, WSUS, palo alto, Elk,Unix/Linux, VTP and troubleshooting.
• Inter VLAN routing and per VLAN for block, architecture to reduce broadcast affects.
• Installing & configuring firewalls like ASA, Cisco Pix, ExtraHop, Port Security, Clusters and Check point.
• Troubleshoot and repair of network outages using Fluke Opti view, Sniffer, Telnet, SSH,SSL, ping, traceroute.
• Acted as the liaison between the customer and Tier3 UNIX Support to schedule system downtime for HP boxes that require hardware repair
• Coordination and migration of approximately 700 servers and applications to new network infrastructure
• Assisting in Network Security issues relating to Internet or network hacking and misuse
• Experience with Cisco ASA firewall Cisco security Manager (CSM) and migration from Cisco to Palo Alto
• Verifying & configuring the rule-sets on firewalls. (Firewall Change Request processing).
• Cisco ASA Firewall with Firepower Installation, Tripwire, Azure, SME, SolarWinds, SCCM, Extrahop, Virtualization, Firepower Management Center, AMP and IPS with FMC
• Verifying & Configuring the Rules in firewalls. (Firewall Change Request processing.
• Configuring Network Address Translation (NAT) according to the connectivity requirements.
• Upgrading the Firewall Versions to the Latest versions / IOS.
• Troubleshooting problems related to WAN and firewalls, Clusters Different desktop VPN connectivity issues.
• Installing and configuring of check point firewalls and pushing the policies.

Environment: Cisco firewalls PIX (515E / 525), ASA ( 20), ExtraHop, Azure, SolarWinds, Cisco ACI, SCCM, ORACLE, WSUS, Switches like 6513, 6509, 3700, 3750, 3560E, Routers like 1800, 3800, 7206 Cisco Secure ACS (AAA server), Elk,Unix/Linux, Tripwire, Open NMS, MRTG, monitoring tool and Remedy & AOTS ticketing Tool.

Confidential

Network Engineer

Responsibilities:

• Provided Technical support in terms of upgrading, improving and expanding the network.
• Providingtechnicalproposals, detailed RFP responses, and presentation, installing and configuring ASA firewalls, VPN networks and redesigning customerarchitectures.
• Maintain effective communications with vendors, peers and clients in resolution of trouble-tickets, equipment.
• Troubleshoot Hardware, Cisco IOS, and install/configure Cisco routers and switches.
• Manage and coordinate all infrastructures related to moves,adds, and changes.
• Configuring ACL to allow only authorized users to access the servers.
• Participated in on call support in troubleshooting the configuration and installation issues.
• Installation, Maintenance, Troubleshooting Local and Wide Areas Network by usingISDN, VMARE, Clusters,Frame relay, Kafka, DDR, NAT, ExtraHop, SolarWinds, Cisco ACI, Azure, SCCM, DHCP, Port Security, Virtualization, WSUS,Unix/Linux and TCP/IP.
• Provided 1st level UNIX support to the design community and PC support to the corporate community
• Provided licenses in the UNIX environment to Rational Rose users
• Used DHCP to automatically assign reusable IP addresses to DHCP clients
• Taking network devices backup & restoring when required
• Troubleshooting LAN and Cabling. Installing Network printers
• Troubleshooting the latency issues in the WAN network.
• Providing 24x7 technical supports to complete team. Management of NetOps server for providing uninterrupted services to customers.
• Configured SNMP on all the network devices and added them to SolarWinds for
• Web ServersLoad Balancing with F5 BIG-IP.
• Implement and maintain Local/Wide Area Network over 13 branches.
• Configured RIP, OSPF and Static routing on Juniper M and MX series Routers.
• Worked in Configuration and extension of VLAN from one network segment to other segment between different vendor switches (Cisco, Juniper).
• Design and implement Catalyst/ASA Firewall Service Module for various LAN’s.
• Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP.
• Configured Client VPN technologies including Cisco’s VPN client via IPSEC.
• Configure switch VLANs and inter-switch communication. Build and setup network Laboratory.
• Actively involved in troubleshooting on network problems with Wire shark, identifying and fixing problems.

Confidential

Network Engineer

Responsibilities:

• Worked primarily as a part of the security team and daily tasks included firewall rule analysis, rule modification and administration
• Remediation of firewall rules from checkpoint firewalls to Cisco ASA firewalls, installing and configuring new juniper EX, MX, Unix/Linux, SRX (Next-Generation Firewall) series firewalls to meet day to day work.
• Adding and removing checkpoint firewall policies based on the requirements of various project requirements.
• Also involved in Configuration of Nexus 7010 including NX-OS Virtual Port Channels, Nexus port profiles, Nexus Version 4.2 and 5.0, Nexus VPC peer links.
• 5. Worked on load balancers like F5 10050s, 10250v, GTM 2000s, 2200s to troubleshoot and monitor DNS issues and traffic related to DNS and avoid DDoS.
• Deployment of Palo Alto firewall into the network. Configured and wrote Access-list policies on protocol-based services.
• Extensive experience in configuring and implementing OSPF and BGP.
• Supported core network consisting of Cisco 7200 series routers running multi area OSPF.
• Configuration of EIGRP and OSPF as interior gateway protocol with route filtering and route redistribution, installed and maintained Cisco 3600, 2600 and 7200 backbone routes with HSRP
• Implement Cisco Secure Access Control Server (ACS 3.0) for TACACS+/ RADIUS
• Implementation of TCP/ IP and related Services-DHCP/ DNS/ WINS
• Maintain and configure Cisco ACS devices to support AAA security for both external remote access and internal wireless connectivity.
• Maintained and provided support for LAN/WAN infrastructure as needed. This included working on specific hardware such as switches, routers, PIX, wireless APs, ExtraHop, SolarWinds, SCCM, VPN Concentrators, frame relay, ORACLE, Elk,IPsec VPN and other entities.
• User admin on the firewalls, adding and deleting users as they come and go.
• Installed and configured workstations for IP based LAN.
• Installed and configured DHCP Client/Server.