SUMMARY

• 7+ years of experience in Network/System Administration and Network Security Engineer/Information Security Analyst
• In - depth knowledge of deploying and troubleshooting LAN, WAN, Frame-Relay, Ether-channel, IP Routing Protocols - (RIPV2, OSPF, EIGRP & BGP), NAT, VLAN, STP, VTP, HSRP & GLBP
• Strong hands on experience in layer-3 Routing and layer-2 Switching. Dealt with Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500, 1800 series, Cisco catalyst 6500, 4500, 3750, 3500, 2900 series switches, Juniper routers E, J, M & T-Series and Juniper EX switches EX8200, EX4500, EX4200, EX3200, EX2500, EX2200 Series.
• Experience on Check Point Firewalls NG, NGX, NG R55, NGX 60, NGX R65, R70, R75,UTM
• Configured Check Point clusters with Nokia box and crossbeam.
• Checkpoint with product like Nokia IP 390, 560, 690, 1280, 2450, 61000 etc.; in Provider-1 environment.
• 3D Analysis, GAiA, Checkpoint VPN-1/ Firewall-1, Standalone & Distributed setup, Security management, Log server, secure platform (SPLAT), License management. Provider-1 and VSX gateways with cluster and Virtual firewalls models Smart-1, Power-1.
• Experience in deploying Check Point Provider-1 NGX and configured CMAs.
• Work exposure in QIP, Bluecoat Proxy, Bluecat IPAM & DNS services.
• Experience in deploying and maintain Cisco PIX and ASA firewalls
• Designed and implemented various project with Cisco PIX firewall. Extensively worked on Cisco PIX and 525.
• Migrated and implemented new solutions with Cisco ASA Firewall series 5505, 5510, 5512-X.
• Involved in troubleshooting network traffic and its diagnosis using tools like ping, traceroute, WireShark, TCPdump and Linux operating system servers.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX Security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Worked on F5 Local Traffic managers (LTM), Global traffic manager (GTM) of series 8900, 6400, 6800, 3400, 5100, 3600.
• Worked on Juniper Netscreen Firewalls like, NS50, SSG 550M, SSG520M, ISG 1000, and ISG 200.
• Deployed Netscreen firewalls ISG 1000, ISG 2000 for financial domains
• Deployed site-to-site VPNs over IPsec and GRE.
• Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
• Experience in configuring Client-to-Site VPN using IPSEC VPN on SRX series firewalls
• Experience in adding Rules and Monitoring Checkpoint Firewall traffic through Smart Dashboard and Smart View Tracker applications
• Experience in configuring, implementing and troubleshooting F5 load balancer in the enterprise network
• Proficient using the F5 based profiles, monitors, VIP's, pools, pool members, iRules for virtual IP's
• Deployed F5 Enterprise manager of 4000 series for the all cluster devices over the network for easier management of configurations like ssl certificates, disable and enable of nodes states.

TECHNICAL SKILLS

Routing Protocols: RIP, RIP V2, EIGRP, OSPF, IS-IS, IGRP, BGP, and MPLS

Switching Protocols: VTP, STP, RSTP, MSTP, VLANs, Ether Channel, LACP, PAgP, VSS, vPC, MLS

Load Balancing Protocols: HSRP, GLBP, VRRP

LAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Wifi, FDDI, Token Rings

WAN technologies: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1/T3 & SONET

Firewalls: Checkpoint, Juniper & Cisco ASA/PIX

Load Balancer: F5

Administration & Troubleshooting: CDP, TELNET, SSH, ICMP, PING and TRACEROUTE, SNMP and SYSLOG, CISCO IOS software and configurations

Programming: C & HTML

Documentation: MS Office & MS Visio

PROFESSIONAL EXPERIENCE

Confidential, Jersey City, NJ

Network Security Specialist

Responsibilities:

• Install/Replace/Turn-up/Configure Cisco and Juniper routers.
• Migrated ATM Network into MPLS IP Network on Juniper M & T series platform.
• Managed MPLS IP Backbone consisted of Juniper routers.
• Implemented various EX, SRX & J series Juniper devices.
• Implemented site to site VPN in Juniper SRX as per customer. Update data related to network configuration, setup and implementation of Juniper Topology.
• Upgraded Bluecoat proxy SGOS version.
• Implemented SOCKS proxy for specific customer requirement.
• Migrating Websense content filtering to Bluecoat.
• Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers.
• Firewall technologies including general configuration, optimization, security policy, rules creation and modification of Check Point Next-Generation Firewalls GAIA R77.10, R77.20 & R77.30.
• Experience on working with checkpoint next-generation firewall on various modules such as SMART View Tracker, SMART View Monitor, SMART Update, SMART Log, and SMART Event.
• Performed upgradation of checkpoint firewall from old platforms to new platforms R77.10 to R77.30.
• Firewall deployment, rules migrations, firewall administration and converting existing rule based onto new Checkpoint platforms.
• Configuration and Management of Cisco Nexus 7K and 5K Series Switches, Cisco 6500, 4500, 3750 series Switches, Cisco 2800, 2900, 7200 series routers, F5 Load Balancers.
• Also involved in Upgrading IOS on 1900, 2900, 3500 series Cisco Catalyst Switches and 2500, 2600, 3600 series Cisco Routers using TFTP.
• Extensively worked on layer 2 features like STP, VLAN, and VTP and implemented them on new switches and used to troubleshoot any issues.
• Worked on OSPF using features like TSA, SA, NSSA and route summarization. Configured EBGP/IBGP policies also tested BGP attributes
• Hands on experience on upgrading of JUNOS.
• Configured policies and troubleshooting on Juniper SRX 3600 to allow customer traffic.
• Worked on installation, maintenance, and troubleshooting of LAN/WAN (ISDN, MPLS, NAT, DHCP, TCP/IP).
• Also gave technical support in the issues which involved tasks of debugging OSPF and HSRP features.
• Dealt with configuring and troubleshooting EIGRP and OSPF protocols during the process of migration and establishing new client setups.
• Understand the JUNOS platform and worked with IOS upgrade of Juniper devices.
• Experience WAN technologies such as ETHERNET, PPP, HDLC.
• Configuration of Access Lists ACL (Standard, and Extended) to allow users all over the company to access different applications and blocking others.
• Develop network drawings and documentation utilizing Visio, Word, and Excel programs.

Confidential, Boston, MA

Network Security Engineer

Responsibilities:

• Designs, tests and deploys IT security systems and solutions.
• Supports the implementation and ongoing operations of network access control devices to include firewalls, web proxies, and SSL VPN devices.
• Deploy and support Checkpoint Provider 1.
• Develop security engineering requirements, standards and guidelines, processes and procedures.
• Implementing and managing Checkpoint Provider 1.0 Scalable security management for multi-domain environments.
• Worked on various platforms of Checkpoint like - Nokia, Checkpoint (SPLAT)
• Continuous monitoring of CPU utilization, link utilization, connection table utilization
• Upgrading checkpoint firewall and fixing hot fixes and patches.
• Installation of checkpoint firewall R70, R71 in Open Server, UTM
• Configuration of checkpoint firewall according to client topology.
• Worked with Sourcefire customers as a Services Consultant on new deployments as well as tuning/troubleshooting engagements.
• Configuration and troubleshooting of Firewalls ASA 5520, ASA 5510, Nokia Check Point VPN1 NGX R55/R65/R70.
• Performed upgradation from old platforms to new platforms R65 to R75.45
• Configuration and troubleshooting of Site to Site as well as Remote Access VPN on Cisco ASA and Check Point firewalls.
• Worked on Migrating from ASA 5540 to ASA 5585.
• Created Virtual Contexts, Vlans, and Interfaces in ASA 5585.
• LAN base as well as Cable base failover configuration on Cisco firewall.
• Configure and troubleshooting HA Cluster on Checkpoint Firewall.
• Implementing the Accesslist on day to day basis as per customer's change requests.
• Worked on ASA routed mode and transparent mode
• Worked on AIP-SSM and CSC-SSM and ASA-botnet filter
• Configuring failover and working on ssl-vpn when in active/standby failover on ASA
• Negotiated VPN tunnels using IPSEC encryption standards and also configured and implemented site-to site VPN, Remote VPN.

Confidential, New York

Network Engineer

Responsibilities:

• Involved in designing, configuring, implementing, maintenance and troubleshooting issues relating to routers and switches in LAN, WLAN and WAN.
• Designed and deployed networks as per the company's requirement. Handled different tasks such as network address assignment, assignment of routing protocols, etc.
• Handling the network infrastructure LAN/WAN, migration & configuration of network client workstations.
• Addressing performance bottlenecks & ensuring maximum network efficiency and uptime.
• Planning designing, Installation, configuration and maintenance of 802.11a/b/gWireless Networks and Wireless Access points.
• Configured Wireless Control System 5.0 for Wireless Networks.
• Installed and Configured Wireless LAN Controller 4402 and 1200s (LWAP) Cisco Access Point.
• Configured Secured Authentication using LEAP/WEP and PEAP/WPA & WPA2.
• Implemented, Monitored and troubleshoot the protocols EIGRP, OSPF and Static Routes.
• Worked extensively on lab build for POC and pilot on migrating/upgrading Cisco ACS 5.x to for TACACS+ and 802.1x Authentication on Network Devices.
• Experience in configuration of Cisco Wireless LAN Controllers and Wireless Security PEAP/WPA, LEAP/WEPand various EAP over PEAP Protocols including EAP-TLS, EAP-TTLS, EAP-PEAP-MSCHAP, EAP GTC etc.
• Configuration and maintenance of Voice Processing Systems (VOIP) including PBXfor PanasonicKX-TVA-50 VPS and KX-TDA 200 - Console/GUI/connections for daily office usage.
• Installation, Management and Maintenance of VPN Servers for Remote access, Site to Site VPN access and Dial up VPN access.
• Implemented traffic filters using Standard and Extended Access Control lists. Handled Route-map, Redistribution list & access-list configurations.
• Access distribution and core layer switching architecture, created VLANS, Firewall Services Module (FWSM) and STP configuration.
• Addressing issues like routing problems, route announcements/advertisements, and security access issues.
• Used tools Wireshark, Packet Sniffer and Microsoft Network Analyzer for monitoring Local Area Network connections (LAN's) and Wide Area Network Connections (WAN) for Network connection and failure issues.

Confidential

Network Operational Engineer

Responsibilities:

• Troubleshooting network problems and working knowledge of HTTP, SNMP, HTTPS, SMTP, DNS, DHCP, etc.
• Knowledge in Dynamic routing protocols.
• Implementation & trouble shooting of complex WAN, LAN, VLANS, private VLANS, high availability solutions like HSRP, VRRP, GLBP, either channels, site- to- site VPN, access control lists, NAT, PAT, routing solutions etc.
• Maintaining all the network devices routers, firewall, switches.
• Incorporated VLANS to segment traffic on managed switches.
• Installing service pack upgrades.
• Use of TCP Dump to troubleshoot access issues.
• Configuring VRRP, Static route, BGP, Routing policies, ACL.
• Implemented Secure Remote VPN for high speed remote access.
• Managed network connectivity and network SSL Security, between Head offices and Branch office.
• Responsible for Internal and external accounts and, managing LAN/WAN and checking for SSL Security Settings of the networking devices (Cisco IOS, Router, switches) coordinating with the system/Network administrator during any major changes and implementation.