PROFESSIONAL SUMMARY

• Highly motivated, result oriented Engineer with around 7+ years of experience in Network & Security Implementation.
• Proficient in installing, upgrading, troubleshooting, configuring, and supporting variety of Network & Security Devices.
• Hands on Experience in design, installation, configuration, maintenance and administration of Checkpoint Firewall R55 up to R77.20 version, Secure Platform Installation, VPN.
• Providing support, configuration and maintenance of Checkpoint Firewall R71 - R77.20 on GAIA Platform.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Worked on Juniper SRX routers administration and Configured and set up Juniper SRX gateways.
• Worked on S2S VPNs Implementations.
• Implementing network security protocols, installing and supporting backup strategies, and planning/executing disaster recovery solutions.
• Real-time experience in designing and assisting in deploying enterprise wide Network SSL Security and High Availability Solutions for ASA.
• Ability to configure and monitor security tools such as security information and event management (SIEM) QRadar.
• Hands on Experience in TCP/IP suite and routing protocols, such as OSPF, BGP, and EIGRP.
• IP route redistribution; static routing configuration for network connectivity.
• Configure all Palo Alto Networks Firewall models and Panorama to manage large scale firewall deployments.
• Implementation of Checkpoint Firewall to protect and authenticate local-net and DMZ. Defined policies, NAT and anti-spoofing for internal, external networks as well as Internet gateways
• Configuring/Managing Intrusion Prevention System (IPS): Cisco IPS/Fortinet& Checkpoint UTM.
• Worked with McAfee SIEM and Development and configuration of arc sight express SIEM
• Detection/Prevention Systems (IDS/IPS), firewalls, Anti-Virus, and/or other security logging sources.
• Design and implement campus switch network with Cisco Layer 3 switches (3750, 4500, 6500 & Nexus 7000, 5000, 2000 series) in multi VLANs environment and inter-VLAN routing, HSRP.
• Strong communicator; able to interact effectively and positively with individuals of all technical abilities; An Out-of-the-Box Thinker, Believe in Team Work & Team Spirit, Decision Maker, Proactive, Customer Focused & Good Documentation / Presentation Skills.
• Perform capacity analysis of existing physical production environment using VMware capacity planner.
• Installation, Configuration, administration, and troubleshooting for VMware ESX servers.
• Worked on Linux.
• Analyzed the performance of the Linux system to identify memory, disk I/O and network problems.

TECHNICAL SKILLS

Routers: (1800, 2500, 2600, 2800, 3600, 3750, 3800, 3925, 7200, ASR 1004).

Cisco Switches: (2900,2960S,3500,3750,3850,4000,4500,5000,5800, 6500, Nexus 2k, 3k, 5kand 7k)

Routing Protocol: (BGP, OSPF, EIGRP, IGRP, IGMP, RIP), Routed Protocol TCP/IP, Multicasting (PIM).

Network Management Tools: SNMP, Syslog, Sniffer, and Wireshark, Cisco Prime, Solarwinds, Riverbed

LAN Protocol: VLAN, PVLAN, VTP, Inter-vLAN routing, ISL, STP, IS-IS, RSTP, MSTP, ISL PVST, LACP, HSRP, GLBP, VPC, VDC, Ethernet, Port security.

AAA Architecture: TACACS+, RADIUS, Cisco ACS.

Network Security: Palo Alto, ASA, Cisco FWSM/PIX/ASDM, Cisco NAC, IPsec, Nokia Checkpoint NG,IPS/IDS, Juniper SRX & VPN, Net screen,, Cisco PIX, Junos, Fortigate, Imperva (Web Application Firewall)

Application Protocols: DHCP, DNS, FTP, HTTP, SMTP, TFTP

Documentation: Microsoft Office, Visio

SIEM: Qradar, Splunk

PROFESSIONAL EXPERIENCE

Confidential, Bethpage, NY

Network & Security Engineer

Responsibilities:

• Handled more than 250+ security devices and upgrades.
• Hands on experience in Implementation, Troubleshooting &configuring Cisco ASA 5500-X Series.
• Troubleshooting the Virtual firewalls (Contexts) solutions in ASA.
• Worked on Cisco ASDM for configuring VPN on Cisco ASA Firewall.
• Worked for firewall rule analysis and firewall rules cleanup.
• Build and implement Cisco best practices configuration on all the network devices.
• Build and implement asset tags to all the network devices.
• Diagnose and remediate routing issues in the wan backbone.
• Assist in WAN and LAN infrastructure (Cisco).
• Configuring & Administration of the Checkpoint Firewall that includes creating Hosts, Nodes, Networks, Static & Hide NAT’s.
• Monitoring the network traffic with the help of Qradar and Cisco IPS event viewer.
• Experience in Routing and Switching, protocols including TCP/IP, OSPF, EIGRP, IGRP, RIP, static routing, familiar with BGP and MPLS and OSPF.
• Perform IOS up gradation on all the routers and Switches.
• Responsible for configure the dynamic routing from static routing.
• Possesses good knowledge of various other IT Infrastructure technologies (Data Center Services, Disaster recovery etc.).
• Experience on layer 3 routing and layer 2 switching.
• Experience with Cisco Nexus7000, 5000, 2000 series switches including VPC & VDC technologies.
• Hands on experience in configuring Cisco Catalyst 2960, 3750, 4500, 6500 and Nexus 3000, 5000, 6000, 7000 series switches and Cisco 2600, 2800, 3600, 3800, 7200, 7600 series routers, Load Balancers & Cisco Firewalls.
• Palo Alto design and installation which includes Application and URL filtering Threat Prevention and Data Filtering.
• Worked on Palo Alto PA-3000 and PA-5000 Series to manage network traffic flows using dedicated processing and memory for networking, security, threat prevention and management.
• Configured and installed IP Phones like 7940, 7942, 7960, 8841, 8851 and 8861 with the help of Cisco Unified Call Manager
• Knowledge on configuration of Cisco Voice Gateways router like 3945.
• Configure the network devices on the network monitoring and configuration management tools. (Cisco Prime, Riverbed and Solarwinds.)
• Expertise in the administration, support and operation of the Orion SolarWinds platform including Network Performance Monitoring (NPM), Network Configuration Manager, Server & Application Monitor (SAM), NetwFlow, Traffic analyzer and IP address Manager.
• Deployed Solar Winds Network Configuration Manager to detect real time changes on network devices.
• Responsible for developing and deploying SolarWinds which includes WAN/LAN and server monitoring, reporting, and alerting and Configure Orion alerts.
• Demonstrated experience and proficiency in the use of Cisco Prime Infrastructure.
• Update all the logical and physical network diagrams for data center, backbone and camps.
• Hands on experience in configuration of Raritan Power strips and Liebert 1000 and 3000 UPS.
• Demonstrated skills in Data Center Operations.
• Infoblox DNS IPAM for DNS/DHCP setup and management.
• Management of Infoblox Grid manger to manage DNS forward and reverse lookup zone.
• Responding and resolving change request action and incident tickets and outages.
• Experience with configuring Virtual Server and Configuring Load balancing methods in F5 LTM.
• Implementation and configuration of F5 Big-IP LTM-6400 load balancers

Confidential, South Deerfield, MA

Network Security Analyst

Responsibilities:

• Worked extensively on checkpoint R77.20 on Gaia and SPLAT, Cisco ASA, Palo Alto.
• Hands On experience in push Policy from Panorama to Firewall in Palo Alto.
• Configuration and Administration of Palo Alto PA-3020 HA and PA-5050.
• Firewall migration to Checkpoint to Palo Alto.
• Plan and execute routine, scheduled maintenance and health check tasks of leveraged and dedicated SIEM Environment.
• Administer Maintain, and Deploy Imperva web application firewall, Checkpoint IPS & VPN systems, and McAfee network based Data Loss Prevention (DLP) devices.
• Configured Policies on Juniper Net screen and SRX firewalls and Palo Alto as well.
• Worked on BCWF (Blue Coat Web Filter) and Worked with Blue Coat Proxy.
• Monitoring syslog to troubleshoot different Network Alerts.
• Strong working knowledge of Cisco ASAs including software versions 7.x, 8.x and 9.x.
• Collapsing the existing firewall rules and fine tuning the firewall policies for better performance.
• Worked extensively on firewalls and VPN, gateways, Checkpoint, CISCO, Juniper, Fortigate GUI and Shell.
• Setup, configuration and troubleshooting of Cisco and/or HP network equipment
• Experienced in DHCP DNS, AD, NIS, NFS, SMTP, IMAP, ODBC, FTP, TCP/IP, LAN, WAN, LDAP, HP Network, security management and system troubleshooting skills
• Experienced in configuration of application load balancer products such as F5 BIG-IP and WAN.
• Experienced with IDS/IPS technologies and vulnerability assessment tools & monitoring.
• Monitoring the Links with CLI Manager
• Assessing the usage of bandwidth with the help of graphs & forwarding the periodical reports
• Working experience with Fortinet firewall and designing.
• Support of firewall technologies includes Fortinet firewalls. Administration, troubleshooting and engineering background is required.
• New firewall design, installation, routing configuration & implementation. Manage and support Remote Access VPN setup for users and Juniper SSL VPN
• Configuration of New & Existing Network devices includes Cisco Routers, Switches, ASA and ACE’s.
• Third Party VPN migration from old data center to new data center and a complete Security Solution includes both URL filtering and advance Anti-malware protection.
• Support, implement and monitor network Management Toolsets: Solar winds Orion network performance monitor.
• Experience regarding security incident response team activities, providing and implementing risk mitigation to incidents and troubleshooting it.
• Taking backups of all network devices configurations on Weekly & Monthly basis.
• Implementing Brand new Cisco ASA Firewalls with updated Security Policies.
• Implementing VPN Routers and creating Site-2-Site and Client-2-Site VPN Tunnels.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution.
• Configuration and administration of Load balancers F5 Big-IP.
• Configuring failover for redundancy purposes for the security devices. Implemented the stateful & serial failover for PIX/ASA firewalls, Checkpoint Clustering and load balancing features.

Confidential, Framingham, MA

Firewall Administrator

Responsibilities:

• Responsible for installation, troubleshooting of firewalls (Cisco firewalls, Checkpoint R70.50-75.50 firewalls) and related software, and LAN/WAN protocols.
• Proficient in design, implementation, management and troubleshooting of Check Point firewalls, Cisco PIX, Net Screen Firewalls, Check Point Provider-1 / VSX, Nokia VPN, Palo Alto, IDS, F5 Load Balancers, CISCO ASA, and Juniper SRX.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Day to day activity includes Change Implementation on firewalls, log analysis and troubleshooting of network access issues
• Extensive experience with the Palo Alto Panorama management console.
• Hands On experience in easily import existing device configurations into Panorama.
• Troubleshooting the VPN tunnels by analyzing the debug logs and packet captures.
• Experience with Cisco ISE and ASA deployment, configuration and maintenance.
• Development and configuration of SIEM systems tools like Solar winds, Splunk.
• Adding security rules and pushing the security policy on Checkpoint and Fortinet consolidated.
• Audit firewall logs on a regular basis and investigate any suspicious activities.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500 security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.
• Hands on experience in Juniper Firewall and experience in ScreenOS and Junos OScommands.
• Hands On experience in maintain the Fortinet infrastructure and Configuration of IPSEC VPN and troubleshooting in Fortinet firewall.
• Used Bluecoat Proxy SG Appliances to effectively secure Web communications and accelerate delivery of business applications.
• Adding Websites to blocked list on the bluecoat proxies based upon business requirements.
• Deploying IDS/IPS in Promiscuous mode and inline mode as per the requirement and monitoring the network traffic & customizing the signatures
• Maintain current patches, updates, and virus and malware protection for responsible applications.
• Configuring network devices for Syslog, SNMP, DHCP and DNS.
• Firewalls/VPNs (Cisco) Authentication solutions including Cisco ACS and RSA
• Worked with Symantec Data loss prevention, MacAfee Data loss prevention endpoint (DLP), monitoring and managing.
• Configured redundant interfaces, DHCP server, DHCP relay, NTP settings, and sub interfaces on firewalls.
• Work on Checkpoint Platform including Provider Smart Domain Manager. Worked on configuring, managing and supporting Checkpoint Gateways.
• Experience deploying BIG-IP F5LTM Load Balancers for load balancing and traffic management of business application.
• Hands on Experience of Juniper environment including SRX/Junos Space.

Confidential

Network Engineer

Responsibilities:

• Creating Private VLANs & preventing VLAN hopping attacks & mitigating spoofing with snooping & IP source guard.
• Responsible for Configuring of firewalls, routers & switches to meet business needs.
• Monitoring and troubleshooting traffic through Smart View Tracker.
• Configured VLANs with HSRP on Cisco 6506 Switches.
• Creating and modifying rules, Diagnose and resolve LAN/WAN problems.
• Ensure LAN/WAN environment is secure and appropriate recovery and redundancy issues are addressed.
• Designed and implemented various Routing protocols such as OSPF, EIGRP, RIP, and BGP across networks in multiple locations.
• Configuring Cisco 1841, 2821, 2851, 3745 Routers, Cisco 3560, 3750 Switches.
• Log Management and audit Co-ordination for Network security equipment.
• Experience of Intrusion Detection, DMZ, encryption, IPsec, proxy services, Site to Site VPN tunnels, MPLS/VPN, SSL/VPN.
• Configure TCP/IP, LAN switching, Spanning-Tree and various Cisco IP routing protocols RIP, BGP, EIGRP and OSPF and Managing Cisco Layer 2, Layer 3 switches & Routers on the network.
• Designed and deployed networks using dynamic routing protocol (EIGRP, OSPF and BGP-4, RIP).
• Worked with network services like DNS, DHCP, DNS, IP4, IPsec, and VPN.
• Maintain and troubleshoot switch applications and Network connectivity including DNS, DHCP, LAN and TCP/IP issues.
• In-depth knowledge and hands-on experience on IP Addressing, Sub netting, VLSM and ARP, reverse proxy& proxy ARP and Ping Concepts.
• Carry out the upgradation of the network as per the business requirements.