SUMMARY

• 8+ years of Experience in Network Security, routing, switching, firewall technologies, systems design, and administration and troubleshooting. Expertise in NetworkSupport, VPN, Device upgradation, installing networkdevices.
• Strong Hands experience on design, deployment and troubleshooting of Cisco ASA 5000,5450 firewalls and Palo Alto 3060,4000,5060Firewalls and checkpoint R75 and R76 firewalls.
• Experience in migration from Check point firewalls to Palo Alto firewalls.
• Performed advanced troubleshooting using WIRESHARK and TCPDUMP on firewalls.
• Configured firewall filters, routing instances, policy options on Juniper SRX 550,220.
• Knowledge on securityattacks like DOS, DDOS, Spoofing, Kill chain.
• Worked on Autantication mechanisms like AAA, TACACS+ and RADIUS.
• Experience in designing and deploying enterprise - wide network security and high availability solutions for ASA firewall.
• Extensively worked on Algosecfor firewall rule analysis and firewall rules cleanup.
• Expertise noledge on Siem tools like Qradar to get real time analysis of security alerts generated by network hardware and applications.
• Network securityincludingNAT/PAT, ACL, VPNConcentrator.
• Planning and designing to in corporate McAfee's IDS/IPS devices into Lowes networkat optimized networklocations.
• Experience wif F5 load balancers andCiscoload balancers (ACE and GSS).
• Worked on load balancers using F5(BIG IP), securityDevice Manager (SDM), Cisco Works, HP Open View, Solar Winds, Sniffer.
• Worked on Cisco 2900,3800,3900,4500 &7200 series Juniper routers MX 104,240,480 series.
• Expert level noledge of troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as EIGRP, OSPF, BGP, ability to interpret and resolve complex route table problems.
• Experience working wif BGP attributes such as Weight, Local-Preference, MED and AS-PATH to influence inbound and out bound traffic.
• Experience in teh setup of Access-lists on Cisco devices.
• Worked Cisco 2800,2900,3500,3700,4500, 5500, 6500 series switch, Cisco ISE (Identity Service Engine) and Juniper Switches EX 3300, 3400, 4200.
• Experience wif design and implementation of Virtual Switching System (VSS) for both User segment and server segment using 6509-V-E catalyst switches.
• Experience working wif Nexus 7010, 5020 series switches.
• Experience wif configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for teh Nexus 5000.
• Knowledge of implementing and troubleshooting complex technologies such as VLAN Trunks,Ether channel, Inter Vlan Routing, STP, RSTP, PVST, RPVST, LAN Security and MST.
• Strong understanding of VMware Networking concepts like creation of Switches, different types of port groups, NIC Teaming and VLAN Problem management on VMware and Virtual Center and V Motion.
• Configuring and testing Multicast for both IPv4 and IPv6 routing in Data Center Environment.
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
• Working experience on networktopologies and configurations.
• Hands-on experience wif ACLs, Syslog.
• Well Experienced in configuring protocolsHSRP, GLBP, VRRP, ICMP, IGMP, PPP, HDLC.
• Black listing and White listing of web URL on Blue Coat Proxy servers.
• Involved in Disaster Recovery activity, like diverting all teh traffic from production data center to Disaster Recovery data center.
• Experience wif different NetworkManagement Tools like HP-Open view, RSA envision, and Cisco works to support 24 x 7 NetworkOperation Center.
• Configured Client VPN Technologies such as Cisco's VPN Client via IPSEC and Globalprotect from Palo Alto Networks.
• In-depth noledge and experience in WAN technologies including OC3, E3/T3, E1/T1, Point to Point, MPLS, Fiber optic circuits and Frame Relay.
• Worked on Checkpoint's client software Smart Log & SmartView Tracker to troubleshoot teh FW issues.
• Excellent qualities such as Teamwork, Negotiation, Analysis and Communication.
• Hands-on configuration and experience in setting up Cisco routers to perform functions at teh Access, Distribution, and Core layers.
• Knowledge on PKI(Public and Private Key) Encryption,Decryption.
• Excellent in documentation and updating client's networkdocumentation using VISIO.
• Excellent leadership wif good written and oral communication.
• Great team player and able to work under pressure 24x7 duty rotation.

TECHNICAL SKILLS

Routing: OSPF, EIGRP, BGP, PBR, Redistribution, Static Routing, dynamic routing

Switching: VLAN, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switch, Multicast operations, Ether channels.

Network security: Cisco (ASA, PIX) 5510, ACL, IPSEC, VPN, Security context

Load Balancer: Cisco ACE load balancer, F5 Networks (Big-IP)

LAN: Ethernet (IEEE 802.3), Fast Ethernet, Gigabit Ethernet

WAN: Leased lines 64k - 155Mb (PPP / HDLC), Channelized links (E1/T1/E3/T3), MPLS, Fiber Optic Circuits, Frame Relay, ISDN

Operating Systems: Windows (98, ME, 2000, XP, Server 2003/2008, Vista, Windows 7), Basic Linux

Routers: Cisco 29XX, 38XX, 39XX,45XX, &72XX series Juniper MX104, 240, 480 series.

Switches: Cisco 28XX,29XX,35XX,37XX,45XX,49XX,55XX,65XX series, Nexus 5000, 7000 series Juniper Switches EX 33XX, 34XX, 42XX.

Firewalls: Cisco ASA 5000 series, Juniper SRX220, SRX550 Checkpoint R75, R76, Palo Alto 3k,4k,5k series.

Various Features & Services: IOS and Features, HSRP, GLBP, VRRP, ICMP, IGMP, HDLC, SYSLOG, NTP, DHCP, TFTP and FTP Management

AAA Architecture: TACACS+, RADIUS, Cisco ACS, IP SEC.

Network Management: Cisco works LMS, HP open view, Etherenal, MRTG/PRTG server, Zenoss, Ionix and Opalis

Reports: Microsoft (Visio pro.), Checkpoint (Eventia reporter, Smart view)

PROFESSIONAL EXPERIENCE

Confidential, Pittsburgh, PA

Sr. Network Security Engineer

Responsibilities:

• Installed and Configured Palo AltoPA-3060,4000,5060 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• Implemented many number of security policy rules and monitored teh logs on Palo Alto, created Zones, Implemented Palo AltoFirewall interface.
• Implemented Positive Enforcement Model wif teh help of Palo Alto Networks.
• Handled Installation of Palo Alto(Application and URL filtering, Threat Prevention, Data Filtering).
• Implemented firewall rules in Palo Altofirewalls using Panorama for one of teh environment.
• Configured and maintained SSL VPN's on Palo Alto Firewalls.
• Configuring, Administering and troubleshooting Palo Alto Firewalls.
• Implemented antivirus and web filtering on Palo Alto 5060 at teh web server.
• Serve as teh customer's go-to resource for all matters related to teh Palo Altonext-generation firewall.
• Worked on Migration from check point firewalls to Palo Alto firewalls.
• Worked on S2S VPNs Implementations; Providing support for Checkpoint R75 and R76.
• Monitoring Traffic and Connections in Checkpoint and networkoperations.
• User autantication and resource allocation using Cisco ACS server using TACACS+ and RADIUS for administrative control.
• Worked on Checkpoint VSX platform including Provider Smart Domain Manager. Worked on configuring, managing and supporting Checkpoint Gateways.
• Experience wif Remote access management to help wif troubleshooting for remote direct access clients and Check Point VPN.
• Troubleshooter some of teh security attacks like dos, ddos, Spoofing,kill chain.
• Deploying teh policies on firewall using teh Checkpoint's Smart Console Manager and Smart Dashboard.
• Well Experienced in Static Nat and Dynamic Nat.
• Strong Experience on configuring Virtual Device Context in Nexus 7010.
• Troubleshoot teh Firewalls related issues by using teh Checkpoint's client software Smart Log & SmartView Tracker.
• Troubleshooting by packet capture analysis using TCP Dump, Wireshark and analyzing teh PCAPserver.
• Hands on experience on working wif Service Now ticket management tool by providing support Service to client by implementing and working on change request, Incident request and troubleshooting
• Configuring objects such as Load Balancer pools for local traffic management on F5 Load Balancers
• Implementing and troubleshooting (on-call) IPsec VPNs for various business lines and making sure everything is in place.
• 24x7 on-call escalation support as part of teh securityoperations team.
• Configured some of teh cisco routers like 3400,3700,3800,6500,7200.
• Configuring static and dynamic routing and redistribution of routing protocols like EIGRP, OSPF, RIP.
• Configured cisco switches like 3500,3750,4500,5500,6500 series and some of teh nexus switches like 7010, 5020, series.
• Performed switching technology administration including V lans, inter-V lan routing, trunking, Port Security, Trunking, STP, RSTP, PVST, RPVST, LAN Security etc.
• Working configuration of new VLANs and extension of existing VLANs on/to teh necessary equipment to have connectivity between two different data centers.
• Creating dedicated VLANs for Voice & Data wif QOS for prioritizing VOICE over DATA.
• Managing and providing support to various project teams wif regards to teh addition of new equipment such as routers switches and firewalls to teh DMZs.
• Planning and designing to in corporate McAfee's IDS/IPS devices into Lowes networkat optimized networklocations.
• Experience in deploying dot1Q infrastructure using Cisco ISE as teh AAA platform.
• Working wif local IT personnel on troubleshooting, problem determination, diagnosis of performance issues, bandwidth issues, throughput traffic prioritization to improve overall application response time across WAN
• Involved in complete LAN, WAN development (including IP address planning, designing, installation, configuration, testing, maintenance etc.).
• Implemented MPLS circuits between different sites.
• Expertized on autantication protocols like plain text, Md5.
• Worked on HSRP and GLBP for first hop redundancy and load balancing.
• Setup simplified and traditional VPN communities, and Cisco Any connect.
• Expertise in Securityidentity management platform such as ACS 5.x, RSA Secure ID 8.x
• Extensively used TCP/IP tool like SSH for secure login.
• Black listing and White listing of web URL on Blue Coat Proxy servers.
• Enabling teh TCP, UDP, SMTP ports to allow teh traffic between teh servers.
• Participated in design and configuration of Wireless Networkusing IEEE 802.11, multicast architecture wif Cisco multilayer switches for HD-4 video client’s ISPs.
• Knowledge on PKI(Public and Private Key) Encryption,Decryption.
• Responsible for teh installation, configuration, maintenance and troubleshooting of teh company network.
• Troubleshoot and hands on experience on securityrelated issues on Checkpoint IDS/IPS.

Confidential, Indianapolis, IN

Network Security Engineer

Responsibilities:

• Involved and implemented several corporate refresh projects to replace teh legacy networkproducts dat includes but not limited to Cisco Routers, Cisco Switches, Cisco ASA Firewalls, and Juniper Firewalls etc.
• Configured Cisco ASA 5000,5450 series Firewalls and Juniper SRX220.
• Configuring and Maintaining of teh Juniper SRX 550 Firewall and other security products
• Configuring Static NAT and Dynamic NAT and NAT Pools also.
• Installed, configured and set security policies on cisco ASA firewalls and Juniper Fire walls.
• Worked on Juniper SRX220 to configure SSL VPN clients.
• Perform firewall rule audit and optimization using Algosec.
• Managed VPN, IPsec, Endpoint-Security, status policy, Application control, IPS, Monitoring, Anti-Spam, Smart Provisioning, DLP using Cisco ASA Firewalls.
• Expertise noledge on Siem tools like Qradar to get real time analysis of security alerts generated by network hardware and applications
• Strong networking capability and noledge of different firewall platforms to help in random identification and isolation of issues during outages and incidents.
• Worked wif Load balancing device like F5 Big-IP local traffic manager (LTM) 1600.
• Hands on experience in F5 LTM, GTM series like 6400, 6800 for teh corporate applications and their availability
• Configuring various advanced features (Profiles, monitors, I Rules, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital Certificates, executed various migration/upgrade projects across F5 and hands on wif F5 BIGIP LTMs/EM.
• Worked wif Load Balancing team to build connectivity to production and disaster recovery servers through F5 Big IP LTM load balancers
• Worked on some cisco, 4500, 7200 series routers and Juniper routers MX 104, 240, 480 series
• Configured OSPF redistribution and autantication wif type 3 LSA filtering to prevent LSA flooding and Configured OSPF over frame relay networksfor NBMA and point to multipoint strategies.
• Configured some of teh routing protocols like EIGRP,BGP.
• Networkconsists of Heavy Cisco equipment such as: Cisco 3700,4500,4900,5500,6500 Cisco switches and Juniper EX 3300,3400,4200 series switches.
• Expertized noledge and configured Switching protocols like vlan trunking, STP, PVST, RPVST, INTER VLAN, ETHER CHANNEL.
• Participated in teh installation, configuration, post installation daily operational tasks and configuration and deployment of Cisco Nexus equipment.
• Monitored using NSMlike collection, analysis, and escalation of indications and warnings to detect and respond to intrusions of incoming or outgoing data.
• Understand teh JUNOS platform and worked wif IOS upgrade of Juniper devices.
• Worked wif Cisco ACE GSS 4400 Series global site selector Appliances.
• Good working noledge of common end user operating systems and internal/external DMARC identification.
• Implementing, Monitoring, Troubleshooting and Convergence in Frame-Mode MPLS inside teh core.
• Performed teh maintenance of Active Directory and replication scheme, DNS/DHCP services and time services; wrote step-by-step procedures for implementing upgrades.
• Expert level noledge on implementing VSS on cisco catalyst switch.
• Used Net Flow Data statistics from Net Flow engine and export it to a Net Flow Collector for storage.
• Supported a user base of more than 30000+ active accounts across multiple domains.
• Administered Windows server 2003 active directory and like creation and deletion of user accounts, managing access controls and domain structure configurations.
• Worked wif Processes like RFI, RFE and RFP.
• Deployed, configured and implemented cisco 6800 catalyst switch.
• Experience working in DMZ environments wif good understanding of load-balancing, firewalls, multi-tiered architectures.
• Experience working wif Exchange 2010 SP3 for planning and deployment.
• Worked wif Management tools like CSM and Cisco ACS.
• Switching related tasks included implementing VLANs and configuring ISL trunk and 802.1Q on Fast-Ethernet channel between switches
• Configured HSRP, VRRP, GLBP.
• Configuring PAGP and LACP protocol along wif BFD link detection pro
• Advanced Knowledge in IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols.
• Worked wif Nagios for monitoring of networkservices (SMTP, POP3, HTTP, NNTP, ICMP,FTP, SSH).
• Installation of vBlock products for teh virtualization.
• Experience wif ALG (RTP, RTSP and FTP, DNS, HTTP), DHCP
• Provided full visibility and notification of authorized and unauthorizedaccess wif integration of CISCO ASA/FWSM and NAC solution.
• Experience wif some of teh Monitoring tools and sniffers tools like Wire shark tool.

Confidential, VA

Sr. Network Engineer

Responsibilities:

• Responsible for, maintaining, supporting, implementing and 24x7 networkservices.
• Coordinated efforts wif Engineer's to ensure all networkdevices conformed to defined network standards.
• Involved in teh configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
• Configured HSRP and VLAN trunking using 802.1Q, Spanning Tree, Inter-VLAN Routing on Catalyst 6500 switches.
• Worked on multiple instance of routing table using VRF.
• Configured STP and Port Security on Catalyst 4500, 3500 series switches.
• Worked on teh nexus 5000 series switches.
• Configure teh Cisco CRS-1 Routing System, back out of configuration changes, and restore older versions of a configuration.
• Troubleshooting of Cisco 2900, 3900, 4500 Series routers.
• Configure teh Cisco IOS XR security features in both owner SDR and non-owner SDRs.
• Configure legacy route map configurations using teh new Cisco IOS XR Routing Protocol Language (RPL).
• Responsible for setup and configuration of site to site VPN’s, and remote access VPN’s using Cisco ASA solutions (ASA 5505 and 5520).
• Troubleshooting of Juniper Net Screen 500/5200 and juniper SRX 650/3600.
• Configured Fiber channel over Ethernet (FCOE) for connecting 10gigabit Ethernet network.
• Optimized performance of teh WAN networkconsisting of Cisco 3550/4500/6500 switches by configuring VLANs.
• Worked extensively on troubleshooting 2900 series routers.
• Hands on experience wif Enterprise Intrusion Detection / IPS (Snort, Source fire, Juniper IDP, IBM ISS.
• Configured OSPF for Stub area, Totally Stubby Area and NSSA.
• Strong Working Knowledge F5 Big-IP LTM-6400 load balancers.
• Configured layer 2 and layer 3 switches Executed spanning tree, BPDU Guard, port-fast, uplink fast.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Negotiate VPN tunnels using IPsec encryption standards and configured and implemented site-to-site VPN, Remote VPN.
• Worked on static NAT, dynamic NAT, dynamic NAT overloading.
• Back up a Cisco IOS to a TFTP server and Upgraded and restored a Cisco IOS from TFTP server.
• Participating in all teh aspects of LAN/WAN networking systems.
• Route configuration and point code checks for System Technician and NetworkTechnician.
• Strong noledge on monitoring tools like solar winds
• Knowledge and experience of 802.11 a/b/g/n Ethernet standard for wireless Technology.
• Responsible for Handling Networking escalations, troubleshooting variety of network problems.

Confidential

Network Engineer

Responsibilities:

• Installation and Configuration of LAN (Ethernet)/ WAN set up for Clients. Design, configuration and Installation of Cisco routers and catalyst switches.
• Configured teh Cisco 3500,3700 series catalyst switches and 3900 series routers.
• Configured and managed OSPF redistribution and autantication wif type 3 LSA filtering and to prevent LSA flooding and configured OSPF over frame relay networks for NBMA and point to multipoint strategies.
• Implementing and managing traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay.
• Excellent Troubleshooting Skills and Customer Centric approach.
• Routed related tasks included providing Cisco router configuration, providing technical support for Cisco Router configurations and installation for Customer.
• Configuring routing protocols like EIGRP, and OSPF.
• Configured IPS, IDS, VLAN, STP, Port security, SPAN, Ether channel in Cisco Composite Network.
• Configured routers and modems, troubleshot issues related to broadband technologies for Residential and Business Customers.
• Configured VPN for teh remote and site-to-site access.
• Management and Deployment on Checkpoint Firewall.
• Use Checkpoint to establish Point-to-Point tunnels.
• Ability to use NAT and Firewall security policies in Checkpoint
• Defined and maintained security policies on all Internet-facing edge routers and Cisco GSRs (12416, 12418) used for delivery of streaming media content.
• Involved in configuration and functional testing of Wireless Access Points WAP, Wireless Protocol like: 802.11b/a/g and Wireless Controllers.
• Implemented TCP/IP and related services like DHCP/DNS/WINS.
• Made modifications in teh system according to teh change in teh process flow/additions.
• Worked on routing protocol related issues such as static, RIP, EIGRP (Variance and un- equal cost load balancing).
• Used networksniffer, Cisco works, Optical power meters and other devices in teh lab.
• Configured and troubleshooting on hotstandby routing protocol, Spanning tree Root guard, BPDU guard, UDLD and Loop guard STP features.
• Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-Vlan routing, LAN security.
• Completed service requests (i.e. - IP readdressing, bandwidth upgrades, IOS/platform upgrades, etc.)
• Responsible for documentation of entire site layout, updating and managing teh asset registers and networkor server documentations.

Confidential

Network Support Engineer

Responsibilities:

• configured Cisco catalyst switches such as 2800,2950,3500 series and configured Cisco 2960,3800 series routers
• Configured VLANs, Private VLANs and Trunking on switches.
• Worked on layer 2 protocols such as STP, RSTP, PVSTP+, MST.
• Worked on L3 security features on Networkdevices.
• Provided NetworkInfrastructure Supportto routing and switching equipment.
• Responsible for procurement and installation of H/W, network drives and other IT infrastructure.
• Network Administrator responsible for teh full Planning, designing, installation and administration of teh Corporate WAN (wide area network).
• Configure corporate, wireless and Lab devices which including bandwidth upgrade, adding new devices, decommissioning teh devices.
• Performed administrative Supportfor RIP routing protocol.
• Maintained redundancy on Cisco 2960 and 3800 routers wif HSRP.
• Real time monitoring and Networkmanagement using Cisco Works LMS.
• Responsible for LAN and internet connection file and print server.
• Maintained and installed new internet connections for customers.
• Handled installation of Windows NT Server and Windows NT Workstations.
• Handled Tech Supportas it relates to LAN & WAN systems.
• Create, Design and troubleshoot VRF needs and environments
• Troubleshoot wiring problems and serial communication lines.
• Develop, plan and maintain documentation necessary for operation in support of LAN to WAN connectivity.
• Maintain excellent communication wif teh IT Manager on all tasks and projects