SUMMARY

• 6 plus years of experience with demonstrated success in Network administration, Troubleshooting & fine - tuning of Firewalls, VPN Configuration, Troubleshooting Cisco, Juniper, Huawei, HP Routers and Switches, Cisco ASA Firewalls, Palo Alto Firewalls, Load Balancers.
• Experience with Cisco ASA 10 / 40 firewalls and FWSM.
• Worked on Palo Alto firewalls PA 5000, 7000, 3000 Series, juniper firewall series.
• Deployed and maintained palo alto firewalls environment successfully from planning the network infrastructure, initial access into PAN, registering the PAN to creating documentation.
• Implemented Security Policies appropriate for the network on inbound and outbound traffic using Security zones, outbound SSL Decryption, URL filtering.
• Setting up virtual private network Global Protect (Client VPN) using IKE crypto profiles (sha, Aes, MD5), Virtual routers, Static Routes, Site-to-Site VPN Tunnels (VTI).
• Implemented firewall features TEMPeffectively such as 802.1Q and VLAN tagging, Sending Logs to Syslog, SNMPv3, Netflow, File Blocking, Anti-Virus Blocking, NAT.
• Experienced with User Identification using Active Directory, Dual Internet using Policy Based Forwarding.
• Implemented DoS Protection (Zone Protection), Virtual Wire (Transparent Firewall).
• Implemented AAA in the palo alto networks through TACACS+, RADIUS servers.
• Worked on High Availability (Active/Passive) HA1,2,3, Blocking applications based on App-ID such as Skype & BitTorrent Applications in the office environment.
• Worked previously on Dynamic Block List, Vulnerability Protection (IPS), Custom IPS Signatures, Data Filtering, Packet capture.
• Sound noledge on kill chain and up to date with the latest security vulnerabilities and current scenarios.
• Deployed Check Point Next- Generation Firewall for enterprise networksecurity high-performance, multi-core capabilities (1400, 3000, 23000).
• Experience with Cisco routers 00/ 00 / 00 / 0 series.
• Experience with Cisco switches CE500 / C2950 / C2960 / C3560 / C3750 / ME3400 / C6500.
• Deep noledge on various firewall operating systems such as PAN OS, juniper OS, IOS.
• Strong experience of troubleshooting and supporting LAN and WAN environments.
• Excellent noledge of supporting and troubleshooting routers and Cisco routers, switches, and firewalls.
• Sound working experience of DHCP and DNS Servers.
• Thorough noledge of Routing protocols RIPV1,V2 / IGRP / EIGRP / OSPF / IBGP / EBGP / BGP.
• Good noledge on VLANs / STP / RSTP / Etherchannel / MST/ VRRP.
• Worked on securing VLANs, switch access, IDS, IPS, TCP/IP, DNS, DHCP, WINS.
• Plan, configure and install various network devices and services (e.g., routers, switches, firewalls, load balancers, VPN, QoS).
• Perform network maintenance and upgrades including service packs, patches, hot fixes and security configurations.
• Monitor performance and ensure system/connection availability and reliability.
• Monitor network resource utilization, trending, and capacity planning.
• Work within established configuration and change management policies to ensure awareness, approval and success of changes made to the network infrastructure.
• Select and implement security tools, policies, and procedures in conjunction with the company’s security team.
• Provide direct technical assistance and support to co-workers as needed.
• Monitor, maintain and control network efficiency using appropriate tools.
• Monitor, maintain and control network resource accesses by only authorized personnel.
• Responsible for designing, implementing and maintaining a global network infrastructure. Global network includes internal offices and also hosted production customer facing locations.
• Perform network security design and integration.
• Troubleshoot and resolve end-user issues independently and efficiently
• Create network documentation.
• Manage projects and maintenance tasks using a ticketing system.
• Monitor network usage, anticipate problems and suggest solutions.
• Work closely with global colleagues to meet team goals and improve processes, practices and communications.

PROFESSIONAL EXPERIENCE

Confidential, Livermore, CA

Network Systems Engineer

Responsibilities:

• Install and maintain Palo alto security firewalls infrastructure.
• Implemented Security zones, Virtual routers, Static Routes, Security Policies, outbound SSL Decryption, URL filtering, Global Protect (Client VPN), Site-to-Site VPN Tunneling (VTI).
• Implemented firewall features TEMPeffectively such as 802.1Q and VLAN tagging, Sending Logs to Syslog, SNMPv3, Netflow, File Blocking, Anti-Virus Blocking.
• Monitor performance and ensure system/connection availability and reliability.
• Monitor system resource utilization, trending, and capacity planning.
• Provide Layer-2/3 support and troubleshooting to resolve issues.
• Experience with convert Checkpoint VPN rules over to the prime Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Work within established configuration and change management policies to ensure awareness, approval and success of changes made to the network infrastructure.
• Select and implement security tools, policies, and procedures in conjunction with the company’s security team.
• Coordinate with vendors and other IT personnel for problem resolution.
• Provide input on the creation of technical documents, including user’s manuals, training materials, and installation guides.

Confidential, NY

IT Network & Security Analyst

Responsibilities:

• Configure and install various network devices and services (e.g., routers, switches, firewalls, load balancers, VPN, QoS).
• Performed NetworkSecurity Assessment and implemented security features such as network filtering, encryption through SSH, AAA, implemented VPN’S, SNMP access lists, VTY access lists, EIGRP MD5 autantication, and HSRP autantication.
• Engineer, design and configure firewall servers for local and remote access.
• Engineer, design and install firewall hardware and topology.
• Engineer, design, implement and support TCP/IP subnets.
• Engineer, design, implement and support network firewalls.
• Provide direct technical assistance and support to co-workers as needed.
• Monitor, maintain and control network efficiency using appropriate tools and policies.
• Monitor, maintain and control security standards for the local and wide area networks.
• Monitor, maintain and control electronic messaging applications specific to E-Mail, instant messaging.
• Monitor, maintain and control network resource accesses by only authorized personnel.
• Monitor and maintain network server applications specific to the Internet, E-Mail and remote access.

Confidential, Janesville, WI

Network Engineer

Responsibilities:

• working with and designing networkarchitectures with IP Routing protocols such as BGP, OSPF, EIGRP. Layer-2 switching technologies and related technologies like MPLS, HSRP, VSRP.
• Responsible for designing, implementing and maintaining a global network infrastructure. Global network includes internal offices and also hosted production customer facing locations.
• Perform network security design and integration.
• Perform root cause analysis, diagnostics, monitoring on various production systems.
• Troubleshoot and resolve end-user issues independently and efficiently.
• Create network documentation.
• Manage projects and maintenance tasks using a ticketing system.
• Monitor network usage, anticipate problems and suggest solutions.
• Work closely with global colleagues to meet team goals and improve processes, practices and communications.
• Educate junior global network team members.

Confidential

Security and networking Analyst

Responsibilities:

• Configured and maintained EIGRP, OSPF and BGP on Cisco Routers.
• Performed networkadministration tasks such as creation and management of VLANS, Port security, Trunking, Inter-VLAN routing, and LAN security.
• Design and Implement complex networks, routing, switching and troubleshooting issues across multiple routing and switching platforms.
• Provide technical leadership to the enterprise for networking. Mentor and train others in addition to training for other technical groups.
• Main tasks includes dealing with IPS, IDS, log management, and security assessment systems.
• Assess threats, risks, and vulnerabilities from emerging security issues. Publish Security Updates newsletter for technical groups.
• Draft enterprise security standards and guidelines for system configuration.
• Managed process and acted in the lead role for computer security incident response team.
• Perform and create procedures for system security audits, penetration-tests, and vulnerability assessments.
• Develop scripts to maintain and backup key security systems.