SUMMARY

• Network Security Engineer wif over 7+ years of experience in design, installation, configuration, administration and troubleshooting of IPS/IDS, check point firewalls, LAN/WAN infrastructure and security using Cisco routers/Switches/firewalls/SIEM tools.
• Extensive experience as an IT Security Professional in IT Infrastructure, Information Security, Network Security, Enterprise Security, Project management.
• Advanced proficiency in designing, deploying, and maintaining perimeter security devices such as IPS, IDS, Radware, etc.
• Proficiency includes checking server and firewall logs, scrutinizing network traffic, establishing and updating virus scans, troubleshooting, analyzing and resolving security breaches and vulnerability issues.
• Knowledge in planning, design, implementing and troubleshooting complex networks and advanced technologies.
• Advanced knowledge, design, installation, configuration, maintenance and administration of CheckPoint Firewall R55 up to R70 version, SecurePlatform Installation, VPN.
• Advanced knowledge in design, Installation and configuration of IPS/IDS, FireAMP, Lanco and other security devices.
• Advanced knowledge in design, installation and configuration of CheckPoint Provider Environment, Juniper Netscreen Firewall ISG 1000/2000, SSG series and NSM Administration.
• Support Firewall Administrator (Cisco ASA and Checkpoint), on - call support for 30 Cisco and 2 Checkpoint firewalls, Cisco routers and level 3 switches.
• Drafted and installed Checkpoint Firewall rules and policies.
• Advanced knowledge in TCP/IP suite and routing protocols, such as OSPF, BGP, and EIGRP.
• One plus years of extensive experience wif SourceFire IPS/IDS.
• Advanced Knowledge in IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols.
• Advanced knowledge in IPS and IDS tools such as Cisco and ISS Site protector.
• Experience in Network Intrusion detection/Intrusion Prevention System and Firewalls.
• Experience in Implementing & managing Symantec Data Loss Prevention.
• Deployment of NAC - Network Access Control System. Knowledge in Proxy
• Possess in depth expertise in analysis, implementation, troubleshooting and documentation.
• Experience in implementing application security solutions and IPS Signature Analysis.
• Excellent problem solver wif strong “hands-on” technical knowledge and the ability to work well wif diverse teams and individually.
• Proven lead for complex projects delivered on time and wifin expectations.

TECHNICAL SKILLS

Firewalls: CheckPoint Firewall-1 and Provider-1, Raptor Eagle, Cisco PIX, IPFilter, iptables, Netfilter, Check Point, ISA 2004/2006

Network Intrusion Detection Systems (NIDS): Dragon, Cisco NetRanger, Snort, PSAD, Fwsnort, custom software, Lanco, SourceFire (3D9900, 3D8370, 3D8250, DC3000)

Virtual Private Networks: SKIP, IKE, IPsec, FWZ, SSL

Operating Systems: Windows 2000/2003, Solaris 9/10, Linux (RedHat), Backtrack 3.0

Database: Oracle 10g/9i, SQL Server 2005/2000

Protocols: TCP/IP, L2TP, PPTP, IPSEC, IKE, SSL, SSH, UDP, DHCP, DNS

Networking: Conversant in LAN, WAN, Wi-Fi, DNS, WINS, DHCP, TCP/IP, ISCSI, Fiber, Firewalls/IPS/IDSInternet Communications TCP/IP based communications (IPv4), Internet Routing, and DNS, Webserver communications, CGI development.

Hardware: Dell, HP, CISCO, IBM, SUN, CheckPoint, SonicWall, Barracuda Appliances, SOPHOS email appliances

Security Tools: Wireshark, MBSA, MS Visio, Apache, VMWare ESXi 3.5, VMware Server, Encase

PROFESSIONAL EXPERIENCE

Confidential, Framingham, MA

Network Security Engineer

Responsibilities:

• Design and deploy multi-sensor Sourcefire Intrusion Prevention System covering public shared web hosting, corporate web storefront, three remote data centers, and public E-Commerce environments directly leading to a reduction in attack volume to near zero percentage wifin the first 4 months of implementation.
• Provide security oversight and best-practices advice for ongoing operations wifin other organizations.
• Assisting in the maintenance/development of security policies and procedures to support computer forensics and investigations as a part of Confidential SOC/NOC build-out.
• Installing and tuning of perimeter devices such as Radware, Terminal servers, Xstream40’s, and Copper/Fiber TAP’s.
• Work tasks also include operating and analyzing results from enterprise detection systems such as Orion, Radius/TACACS for user authentication, and several others.
• Configure, maintain, repair, and replace SourceFire 3D8350, 3D8370, and DC3500 appliances
• Upgrading Sourcefire IPS sensors and management appliances from V5.2 to V5.4.1.
• Provide status reports on security matters to develop security risk analysis scenarios and response procedures.
• Troubleshoot access issues, and configuring retail store firewalls.
• Analyze and review security threats from Firewall (FW), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Antivirus (AV), Radware, and other security threat data sources.
• Configure, manage, and upgrade FW, IDS, IVS, IPS, TAP’s, Xstream load balancers(XLB), Encryption and a wide variety of other security products/appliances.
• Create and maintain detailed network diagrams on the infrastructure of the company using Visio.
• Security monitoring process wif the halp of Log management tools (me.e. Splunk) and Security Information Event Management (SIEM) tools(me.e., Orion).
• Configure, deploy, and manage Radware DefensePro DDoS systems.
• Utilize network analysis tools such as tcpDump, WireShark, and lancope
• Identifying reported incident, analyze impact to Network Operations, and develop action plan to mitigate incident
• Creating changes adhere to the change management processes, using service-now tool.

Confidential, Milwaukee, WI

Network Security Engineer

Responsibilities:

• Security infrastructure engineering experience as well as a Microsoft Windows, UNIX, Checkpoint Firewalls, Juniper firewalls, PIX firewalls, Bluecoat Proxies, Juniper Intrusion Prevention devices, Certificate authority support, and wireless switch Security Management.
• Implementing and Managing VPN Networks of the Customer through Checkpoint R75 firewalls
• Responsibilities include monitoring, optimizing, problem resolution, root cause analysis, and managing all aspects of access to specified systems.
• Designing ruleset and analyzing Netflow wif profiling (me.e., Lancope) solution.
• Lead migration project of replacing Juniper SSG site-to-site VPN infrastructure to a Checkpoint 1100 global VPN mesh
• Design, write, and maintain common procedures, SLI's and EXEC's for installed operating systems.
• Organize, allocate, and supervise use of disk space for libraries, files, and common work space.
• Acted as a professional assistant/team member in hardware evaluation, configuration, and software evaluation projects.
• Management of IBM Siteprotector Intrusion Prevention & Detection System device for block the attack on the Network.
• Review, analyze, develop, install, and modify Security Tools and systems.
• Detect, diagnose, and report related problems.
• Executing security controls to prevent hackers from infiltrating company information or jeopardizing programs.
• Implementing SEU Update process and Signature Analysis Process for SourceFire 4.9.x.
• Maintain security systems and administers security policies to control access to systems.
• Maintain the company's firewall and utilizes applicable encryption methods.
• Identify opportunities and executes plans to improve workflow and understands and quantifies business impacts of those improvements for communication to management.
• Interface wif user community to understand security needs and implements procedures to accommodate them.
• Create information security documentation related to work area and complete requests in accordance wif company requirements.
• Working wif a team to implemented PCI environment for 25K users wifin 3 months
• Provide feedback on various projects across the organization that impacted compliance.

Confidential, San Jose, CA

Network Security Engineer

Responsibilities:

• Create and manage network, Exchange and Lotus notes accounts.
• Implemented terminal services on numerous servers for remote administration and application sharing.
• Create and manage user home directories and network shares.
• Setup and maintain network services: DHCP, WINS, DNS Public & Private and Print services.
• Maintain all hardware on Compaq, IBM and Dell servers and troubleshoot device conflicts.
• Install and configure Cisco 2500/2600/3600 routers.
• Created weekly reports on WAN utilization.
• Automated SFTP synchronization of client invoices to reduce manual intervention
• Added missing functionality to FTP and SSH and designed and coded additional enhancements.
• Troubleshoot all network connectivity and client connectivity issues.
• Implemented numerous Site to Site T1’s utilizing hardware from Cisco & Netopia
• Implemented and managed Norton’s corporate anti-virus solution.
• Managing Nokia (IPSO), Checkpoint (Splat, GAIA) Physical and VSX virtual Firewalls.
• Working on Checkpoint Firewall Clusters of both High-Availability and Load-Sharing.
• Migrate the company from bay networks 100mbit hubs to HP managed switches.
• Incorporated VLAN to segment traffic on managed switches.
• Tasks include policy changes/reviews, creation of network objects, use of TCP dump to troubleshoot access issues.
• Usage of firewall log for investigative and troubleshooting purposes.
• Promote security improvements to key areas of Service Delivery to ensure compliance and to strengthen controls.
• Support the owners of infrastructure platforms and tools in completion of Information Security Risk Management Plans and in preparing exception requests where required for areas of non-compliance.
• Installing service pack upgrades.
• Implement SecuRemote VPN for high speed remote access.
• Creation of site to site VPN tunnel and creation of rule base to support site to site.
• Create and maintain detailed network diagrams on the infrastructure of the company utilizing Visio.
• Implemented Secure FTP site utilizing SSL encryption.
• Manage APC Symetra UPS, and network shutdown client on all servers.
• Monitor VERITAS network backup solution for job completions.

Confidential, NJ

Network Security Engineer

Responsibilities:

• Rollout of RSA 6.0 Ace Server and Client for Windows Logon & VPN Authentication
• Designed & Deployed upgrade of all remote offices from checkpoint 4.1 to NG R55
• Upgraded company from mixed hardware platform Nokia & Intrusion to 100% intrusion PDS (Linux) appliances
• Designed and implemented DMZ for organizations public services
• Monitoring and maintenance of Snort/SourceFire v4.1 IPS.
• Implementation and Maintenance of Cisco IPS.
• Tasks include but not limited to policy changes/reviews, creation of network objects, accounts, etc.
• Creation of all Site to Site rules and access.
• Working wif the Project teams to architect DMG and Vender supported environments in Virtusa.
• Detect and take countermeasures for banking trojan's and session hijacking malware attacks.
• Operate and analyze results from enterprise detection systems such as Sourcefire, Tripwire, and several others.
• Usage of firewall log for investigative and troubleshooting purposes.
• Implemented Checkpoint SecuRemote VPN for high speed remote access
• Migrated VPN to a Meshed topology.
• Working wif a team for developing a compliance program across PCI systems and applications to ensure year-round compliance.
• Implemented Front Bridge messaging solution for organization.
• Re-designing company’s primary network from a VPN network to a private point to point.
• Implemented Companies backup network utilizing AT&T MPLS
• Implemented VRRP for router and T1 redundancy at remote sites
• Implemented OSPF routing protocol.
• Provide backup support to the Windows Administrator.

Confidential

Security Analyst/Engineer/Consultant

Responsibilities:

• Provide support for all Checkpoint and Cisco environments. Provider 1 management upgrades from R65-R75.
• Performed upgrades on all Checkpoint firewalls, and support for client services.
• Firewalls are R65 and R70 clusters. Administration of Juniper firewalls at corporate and remote locations.
• Configuration of security policies in Net screen and Checkpoint.
• Reviewing & creating the FW rules and monitoring the logs as per the security standards in Checkpoint and Net screen Firewalls.
• Provide support for all firewall related activities and upgrades for the Checkpoint environment from R60 to R70, R71, and R75. Support for Nokia/Checkpoint firewalls in a P-1 environment wif 300 firewalls.
• Deployment of Data loss prevention across the network - Data in motion, Data in Use & data at Rest servers.
• Network Access Control - Implementing a secure solution to identify network devices and profiling the Network devices to allow or disallow access based on the device type
• Signature Updates Deployment on the Management Components and all the Individual IPS/IDS devices.
• Intrusion Prevention System - IDS/IPS (IBM ISS IPS) Implementation and Upgrade for SiteProtector.
• Refining IPS Policy and Creating Rules according to the Security Standard.
• Contact wif the various projects and team regarding the rules, monitoring the Logs and document, disable or refine the rules as per the clients’ requirement.
• Auditing the rules based on security standards and refining it.
• Conducting Training for the Team Members.
• Experience in audit for ISO27001 & BS7799 standards, Information System Audit Process, compliance assessment, Business Continuity and Disaster Recovery.
• Vulnerability assessment, penetration testing, Risk assessment, Threat management, Security advisories, compliance audits, IT security assessment.
• Symantec Antivirus server console Management, Support for Symantec Enterprise product.

Confidential

Security Administrator

Responsibilities:

• Installing, Upgrading and configuring (Checkpoint) firewall.
• Firewall implementation, firewall management, network management and troubleshooting connectivity, routing, and configuration issues wif routers, switches, firewalls.
• Perform operating system, network, and application vulnerability assessments to identify security exposures in the environment.
• IPS/AV signature updates; RADIUS/RSA user and group management; remote VPN assistance
• Management/Monitoring / creation of user accounts/tokens for remote access VPN
• Monitor Service Center queues for customer reported requests or incidents; access tickets for applicability.
• Analyze, define and implement processes for user administration (request and required approvals) and security administration.
• Established protocols for backups, server space management, security, virus protection and other procedures essential to eliminating downtime or data loss.
• Perform on-going security maintenance and administration
• Analyze network and system logs and assist in security data analysis
• Implemented Internet proxy/firewall and monitoring solution
• Monitoring and reporting on IPS and IDS devices
• Antivirus Management
• Hardening (securing) of servers.
• Configured servers for DHCP and DNS services.
• Coordinating all security related issues and wif Internal Infrastructure Team, validating the Expectation Request and approving.
• Managed, installed and configured Windows 2000/NT Servers.
• Created user and computer accounts on the Active directory server.