SUMMARY

• Over all 8 years of experience in providing solutions, implementation, configuration and troubleshooting of Cisco Routers and switches, fine tuning of firewalls, VPN configuration, troubleshooting network related problems in Enterprise Network.
• Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Palo Alto and Checkpoint.
• Working noledge of F5 load balancer LTM.
• Experience in adding Policies in Palo Alto firewall PA - 500, PA-3020 using GUI 6.1.
• Exhibit strong communication, critical thinking, multitasking, and customer service skills
• In-depth noledge and hands-on experience in IP Subletting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 /FT3 / T3, Firewalls.
• Worked on layer 2securitylike portsecurity, Port Fast, DTP, DHCP Snooping, Dynamic ARP Inspection.
• Working noledge of solar wind Orion traffic monitoring tool and Splunk.
• Involved in teh redistribution into OSPF on teh core Palo alto firewall.
• Well experienced in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP, HDLC, PAP, CHAP, and SNMP.
• Experience in designing and deploying enterprise network security and high availability on Palo Alto NGFW's and Cisco ASA.
• Proficiency wif Cisco Security SDM, NAT/ACLs, AAA, Layer 2 Security, Layer 3 Security, IPS/IDS, Cryptography, VPN, IPsec.
• Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP dat required to be altered during various plannednetworkchanges on thenetwork.
• Replaced aging Checkpoint firewall architecture wif new next generation Palo Alto appliances serving as firewalls and URL and application inspection
• Knowledge and experience on Protocols such as TCP/IP, SNMP, ICMP, NAT, PAT.
• Extensive experience in WAN Technologies, Switching Technologies along wif Failover Mechanisms and Inter V lan Routing types.
• Management of each firewall is done remotely and onsite Confidential client sites.
• Excellent noledge and experience on different platforms like Cisco, Checkpoint, F5 Big-ip LTM load balancers, Bluecoat, Riverbed, Citrix, and VMware.
• Extensive experience in handling network failure issues.
• Experience wif products such as Cisco ISE, Cisco ASA 5500 series firewalls and Cisco ACE 4710 Load balancers.
• Hands on Experience configuring and testing F5 I Rules using Browser (IE), HTTP watch.
• Knowledge of implementing and troubleshooting complex L2/L3 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP, MPLS and MST.
• Experience wifPaloAltoNetworksNext Gen firewalls.
• Creating Virtual Servers, Nodes, Pools and I Rules on BIG-IP F5 in LTM module.

TECHNICAL SKILLS

Protocols & Standards: TCP/IP Protocol Suite, OSI Model, Ethernet, Token Ring, FDDI, OSPF, EIGRP, RIP, BGP, HSRP, L2/L3/L4/L7 Switching, VLAN's, VMPS, VTP, IPv4, IPv6, ATM, VoIP, LAN, SSL, SNMP V1, V2. T1, DS3.

Switches: Nexus 2K/5K/7K, Cisco Catalyst 2900, 3500, 3700,6500, 4500, 3850,3560, 3750, 2960

Switching: LAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switch, Ether channels, Transparent Bridging

Routers: Cisco 7600, 7200, 3800, 3600, 2900, 2800, 2600,1800,1700

Routing: OSPF, EIGRP, BGP, RIP v1/v2, PBR, Route Filtering, Redistribution, Summarization, and Static Routing

WAN: Metro Ethernet, MPLS/VPN, Frame Relay, ADSL, TDM (T1/T3), and OTV configuration.

LAN: Trunking Protocols, Link Aggregation, vPC/vPC+, VTP/STP, FCoE, Gigabit Ethernet.

Firewall Platforms: Checkpoint (NGX R65, 3100, 5100, 5900), Cisco Firewalls (ASA 5505, 5506-X, 5585),PaloAltoNetworks (PA series 2K, 3K and 5K) wif panorama 8.0, WAF

NetworkMonitoring Tools: CSMA/CA, Wire shark, Nmap, Nessus, HP OpenView, OpManager, PRTG Packet Sniffer Servers, CramerNetworkinventory and Activation Engine.

Security: Anomaly Detection in attack prevention system, IPS/IDS, Penetration Testing and Web application testing, Buffer Overflows, Cross Site Scripting, Session Management, Cisco PIX, andSecurityattacks like DoS, DDoS, Spoofing, Nessus & Cisco IOS, Cisco Works

PROFESSIONAL EXPERIENCE

Confidential - Plano, TX

Network Security Engineer

Responsibilities:

• Researched, designed, and replaced aging Checkpoint firewall architecture wif new next generation Palo Alto appliances serving as firewalls and URL and application inspection.
• Worked on Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering)
• Successfully installed Palo Alto PA-3060 firewalls to protect Data Center and provided L3 support for routers/Switches/firewalls.
• Worked on converting Checkpoint VPN rules over to teh Cisco ASA solution. Migration wif Cisco ASA VPN experience.
• Implemented VLANS between different departments and connected them using trunk by keeping one VLan under server mode and rest falling under client modes.
• Built and support VRRP / Cluster based HA of Checkpoint firewalls.
• Worked on Checkpoint Platform including Provider Smart Domain Manager. Worked on configuring, managing and supporting Checkpoint Gateways.
• Provide support and for 2Tier and 3Tier firewall architecture, which includes various Checkpoint, Cisco ASA firewalls and Palo-Alto firewalls.
• Ensured all team members understand and are onboard wif teh SOC mission statement and goals.
• Ensured teh team TEMPhas quarterly/annual objectives and goals.
• Ensured teh team performs quality analysis ofsecurityevents via routine audits/coaching.
• Ensured all work wifin team is being recorded in a work order, copiously notated, and ensuring teh requests are addressed in timely fashion.
• Ensured SOP processes and procedures are accurate, efficient, update-to-date, and scalable.
• Deployed a Syslog server to allow proactivenetworkmonitoring.
• Ensured teh team provides customers accurate and insightful analysis ofsecurityevents in a timely manner.
• Configuration of Checkpoint R77.30 series firewalls and implementation for outbound traffic via blue coat proxy server.
• Worked on technical performance of advanced services (telephony, high speed data, and teh hybrid-fiber coaxial plant). F5 LTM: Configuration, Solution Designing and Managing F5 BIG IP LTM Load Balancer
• Worked on level-2 team on migration project of CMA's from one Provider-1 to other Provider-1.
• Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/VPN-1.
• Used McAfee ePolicy Orchestrator to monitor and identify potential intrusions and attacks for teh CyberSecurityOperations Center (CSOC).
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Daily analysis offnetworktraffic for trends and or malicious activities, created vulnerability report wif action plans.
• Evaluated teh capabilities of McAfeeNetworkAccess Control by constructing checks and benchmarks for McAfee products, WSUS servers, Internet Explorer proxies, and encryption status alerts.
• Deployed VMs in Windows Azure for testing in SIT & QA environments.
• Created VMs wif SQL Server 2012 in Windows Azure for QA test requirement. Utilized teh existing Ms VHDs for build VM for Dev Apps in Windows Azure.
• Used AD Domains and Virtual Networks in Windows Azure test environment.
• Implemented Zone Based Firewalling andSecurityRules on teh Palo Alto Firewall.
• Plans, coordinates, implements and supports teh LAN / WAN hardware, software and Internet /Intranet integrationnetworkconnectivity, diagnosenetworkfailures and resolve any problems.
• Adding and removing checkpoint firewall policies based on teh requirements of various project requirements.
• Primary responsibility for teh CoreSecurityof theNetwork. Managing teh entireNetwork SecurityProducts deployed in thenetworksuch as Checkpoint (GAIA R 75.40/77.20 ).
• Configuring VLAN, Spanning tree, VSTP, SNMP on Juniper EX series switches.
• Ensured all team members providing top notch customer service via routine audits/coaching.

Environment: VSTP, VRRP, SNMP, VLAN, WAP, UNIX, Linux, F5 Load Balancer, FTP, BPDU Guard, Wi-Fi, CSOC, WSUS, ASR9000 Devices, Check Point Firewall (GAIA R 75.40/77.20 ), VPN, Palo Alto Firewalls, Juniper Firewalls, NATing

Confidential - Middletown, NJ

Network Security Engineer

Responsibilities:

• Experience wif MPLS connectivity using VRF's and have broad noledge on multi-protocol label switching for MPLS-VPN and traffic engineering MPLS-TE.
• Responsible for Configuration of Palo Alto 5050 devices wif layer 7 filtering of traffic traversing teh internet.
• Experience on engineering and implementation of Nexus 7K/5K/2K top of rack architecture for a Scalable Production Multi-Tenant environment using VPC, VDC & VRF in a DC Core/Aggregation layer in a production and DR Data center.
• Implemented site to site VPN in Juniper SRX as per customer requirements.
• Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Replaced teh Legacy 3750 stack wise wif Juniper EX 4200 switches in teh LAN Environment
• Worked on Cisco ASA 5580, Juniper NS5400, and Juniper SRX550. Implemented cluster and configuration of SRX-100 Juniper firewall
• Experience wif setting up MPLS Layer 3 VPN cloud in data center and also working wif BGP WAN towards customer
• Designed and implemented new MCN -III MPLS Cloudnetworkat select Data-centers using latest Cisco ASRs and Nexus 9K switches and Optimizing BGP routing wif select Wide-Area carriers Confidential & Confidential, XO and Verizon.
• Worked wif engineering team to resolve tickets and troubleshoot L3/L2 problems efficiently.
• Implemented various EX, SRX & MX series Juniper devices.
• Experienced in configuring Cisco ASAs in various contexts and modes to have thenetwork secure. Maintained IPSEC and SSL VPN tunnels through teh Firewalls
• Troubleshooting of Cisco ASR 1K, 7200, 3925E and 2951E Routers and Cisco 6500, 4510, 4500-X, 4948, 3560X, 3750X and 2960S Switches for deployment on productionnetwork.
• Worked as a part of data center deployment where we converted from Cisco 6500 to Nexus 7010.
• Deploying and managing SD-WAN solutions (Viptela, Nokia) for large-scale enterprises
• Implemented Positive Enforcement Model wif teh halp of Palo Alto Networks
• Expert noledge of Cisco ACI, NxOS and IOS, other SDN products, QoS, data centernetworkdesign, cloud infrastructure design and management, OSPF, BGP routing.
• Expertise in installing, configuring and troubleshooting Juniper EX Switches EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 series.
• Worked on design and deployment of MPLS QOS, MPLS Multicasting per company standards
• Building teh VPN tunnel and VPN encryption.
• Installed and configured Cisco ASA 5500 series firewall and configured remote access IPSEC VPN on Cisco ASA 5500 series
• Experience in configuring VPC (Virtual Port Channel), VDC(Virtual Device Context) in Nexus 7010/7018
• Apply Cisco ISE configuration to switches
• Configured Easy VPN server and SSL VPN to facilitate various employees' access internal servers and resources wif access restrictions
• Configured EBGP load balancing and Ensured stability of BGP peering interfaces
• Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering using Route-maps.
• Working on Solar wind and Wire shark in theNetworkManagement, Monitoring and Support.
• Worked on F5 BIG IP LTM 3600 load balancers to configure Nodes, Pools and VIP's on a need basis.
• Migrated, created, and managed pools and clusters in F5 Bigwig GTM 3DNS load balancers across multiple Datacenters.
• Installing, Configuring and troubleshooting Cisco Routers (ASR1002X, 3945, 3845, 2800, 3600) and Switches to perform functions Confidential teh Access, Distribution, and Core layers.
• Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices

Confidential

Network Engineer

Responsibilities:

• Experience in working wif Cisco Nexus 5000 series switches for data center.
• Configured OSPF on CISCO devices wif multiple routing processes and redistributed them. Tested and hands on experience in multi area OSPF topologies.
• Assisted in network engineering efforts consistent wif teh infrastructure of an Internet Service Provider and support of such network services. Helped in designing and implementation of VLAN for teh new users.
• Installation and Configuration of various types of Personal Computers and Printers. Installation of different operating systems on Intel based PC's.
• Installed Hard disks, Floppy drives, CD Drives, Sound Blaster cards, CPU, Memory, Power supply unit, Network card, Video graphics card, Hard disk controller card on PC systems.
• Configured VLANs wif 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Monitor, troubleshoot, test and resolve Frame Relay, ATM, MLPPP, PPP, and Dial-up.
• Configuring/Troubleshoot issues wif teh following types of routers Cisco (7200, 6500, 4500, 1700, 2600 and 3500 series), to include: bridging, switching, routing, Ethernet, NAT, and DHCP, as well as assisting wif customer LAN /MAN, router/firewalls.
• Wrote IOS and CAT OS upgrade procedures and Pre/Post checks for customer production upgrades.
• Excellent Troubleshooting Skills and Customer Centric approach.
• Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches Confidential access level to 2950, 3550.
• Configuring Vlan’s, VTP’s, enabling trunks between switches.
• Provided estimated bandwidth requirements for data replication, to best determine adequate timing for migration service levels
• Configuring HSRP between VLANs, Configuring Ether-Channels, Port Channel on 6500 catalyst
• Switches Replace branch hardware wif new 2851 routers and 2960 switches.
• Implemented Cisco Wireless Access Points and WLC’s Confidential various corporate sites fort 11n Infrastructure and its legacy technologies.
• Troubleshooting of personal computers. On line Support to customers concerning their computer problems.
• Configuring, managing and troubleshooting networks using routing protocols like RIP, EIGRP and OSPF (Single Area and Multi Area).
• Assisted wif troubleshooting all network issues wif routers and switches when necessary and consulted wif on call tech as needed for client.

Environment: Cisco 2950 switches and Cisco 3825 Routers, EIGRP, BGP, MPLS, VLAN, QOS

Confidential

Network Engineer

Responsibilities:

• Responsible for implementing Qos prioritizing voice traffic over a data.
• Implemented SNMP on Cisco routes to allow for network management. Completed teh installation and configuration of T1, T3 & OC3 circuits.
• Troubleshoot TCP/IP problems, troubleshoot connectivity issues.
• Configured teh Cisco router as IP Firewall and for NATting.
• Worked wif teh Help Desk for circuit troubleshooting to give Support to teh Tech persons Confidential teh site.
• Configuring routers and sending it to Technical Consultants for new site activations and giving online support Confidential teh time of activation.
• Supporting Development team for teh access to corporate network and outside world. Providing access to specific IP, Port filter and port access.
• Experience in Cisco 7200, 7600 routers, Cisco series switches: Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay and ATM).
• Performed troubleshooting, while maintaining trouble ticket tracking, following internal/external escalation procedures and customer notifications. Configured Cisco Routers for OSPF, RIP, IGRP RIPv2, EIGRP, Static and default route.
• Switching (Ethernet) related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.
• Installed and configured PIX 520, 525, 535 series firewalls, configured standard and extended access-lists and policy- based filters.
• Configured ASA 5510 appliance and VPN.

Environment: TCP/IP networks, Cisco Works 2000, VLAN, VTP, STP, Trunks H/W, network drives, DSL, T1 Lines LAN, WAN, VLANs, IP Access List, Cisco 2620, 3750, 2950 and Link sys.