SUMMARY

• Around 5+ years of experience in Network and Security Engineering and Administration.
• Experience in installing, configuring and troubleshooting of Checkpoint Firewall and Palo Alto series.
• Experience in adding Rules and Monitoring Checkpoint Firewall traffic through Smart Dashboard and Smart View Tracker applications.
• Having well hands on experience in configuring and managing Network security Firewalls (Cisco ASA/PIX, Check Point, Juniper SRX and SSG and Palo Alto), Blue Coat Proxies, Routers, Layer2 and Layer3 Switches and Load Balancer.
• Advanced knowledge in Design, Installation & configuration of Palo Alto & Checkpoint Provider Environment.
• Configured Client - to-Site VPN using SSL Client on Cisco ASA 5520 ver8.2.
• Configured ASA 5520 Firewall to support Cisco VPN Client on Windows 7/XP/Vista.
• Expertise in installing, configuring, and maintaining Cisco Switches (2900, 3500, 3700 series, 6500 series).
• Expertise in installing, configuring, and troubleshooting of Cisco Routers (3800, 3600, 2800, 2600, 1800, 1700, 800).
• Expert in administration of F5 Load Balancer.
• Worked on Load Balancer F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Capabilities include an extremely broad knowledge base and familiarity with the latest cutting-edge technologies including firewalls, VPN, IDS, and IPS.
• Configuring RIP, OSPF, EIGRP BGP, MPLS, QOS, ATM and Frame Relay.
• Administration and diagnostics of LAN and WAN with in-depth knowledge of TCP/IP, NAT, PPP, ISDN and associates network protocols and services.
• Configuring VLANs and implementing inter VLAN routing.
• Advanced Knowledge in IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols.
• Knowledge of Intrusion Detection, DMZ, encryption, IPsec, proxy services, Site to Site VPN tunnels, MPLS/VPN, SSL/VPN.
• Experience in managing and migration of large scale enterprise networks, extensive knowledge in developing test plans, procedures and testing various LAN/WAN products and protocols.
• Good knowledge on SIEM products like Arcsight and Splunk.
• Having experience in Data Centre environment and NOC.

TECHNICAL SKILLS

Cisco Products: Routers Cisco, L2 & L3 Switches

FIREWALLS: Palo Alto PA-500, PA-2k, PA-3k & PA-5k series, Checkpoint NGX R65/R70/R75/R77 & Cisco ASA

Switching technologies: VLAN’s, Inter-VLAN routing VTP, Ether channel (Static, PAGP, LACP) Spanning Tree Protocol (Common Spanning Tree, MSTP, PVST, RSTP), Basic Port Security, first-hop redundancy protocols (HSRP, VRRP, GLBP)

Routing Technologies: Static Routing, RIPv1, RIPv2, EIGRP, OSPF, BGP (Basics), TCP/IP, UDP, IP-sec, Basics of MPLS, Route Map, Route Filtering, Route Redistribution, Route Summarization, Access Lists

LAN/WAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, Token Ring Encapsulation, Frame Relay, Fiber Optic circuits.

Security: AAA rules, TACACS, RADIUS, Check point, ASA.

OS products: Windows (2000/2003, XP, vista, 7, LINUX).

Load Balancer: F5 Big-IP LTM

Infrastructure services: DHCP.

Documentation: MS office, MS VISIO, power point.

Network Monitoring: Orion Net flow Traffic Analyzer, Arcsight

Protocols & Standards: TCP/IP Protocol Suite, Ethernet, Token Ring, FDDI, OSPF, EIGRP, Rip, BGP, HSRP, L2/L3/L4/L7, Switching, VLAN’s, VTP, IPv4, IPv6, ATM, VoIP, LAN, SSL, SNMP V1, V2. T1, DS3.

PROFESSIONAL EXPERIENCE

Confidential, Minneapolis, MN

Network Security Engineer

Responsibilities:

• Works with client engineering groups to create, document, implement, validate, and manage policies, procedures, and standards that ensure confidentiality, availability, integrity, and privacy of information.
• Manage firewall policy lifecycle process from review, approval, implementation, publishing, verification and maintenance.
• Implemented upgraded firewall platform built on Checkpoint Firewall Technologies.
• Involved in Building, Configuring, maintaining, and troubleshooting network devices in the environment.
• Interacting with management during high severity incidents and Understanding the priority and impact of issue and providing solutions accordingly within the SLA.
• Interacting with vendors (Checkpoint, Bluecoat, Palo Alto, Cisco etc.) and other technical teams (Global Network Team) with regards to the trouble incidents and giving resolutions.
• Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
• Worked extensively on checkpoint R77.20 on GAiA and SPLAT, Cisco ASA.
• Involved in configuring Checkpoint firewall and applying rules to pass servers and switches through firewall.
• Involved smart view tracker to check the firewall traffic.
• Experience with deployment of Palo Alto firewalls for different NAT, Skype traffic
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution.
• Migration with both Checkpoint and Cisco ASA VPN experience.
• Responsible for Check Point and Cisco ASA firewall administration across our global networks.
• Coordinated and scheduled the delivery of F5 Professional Service implementations and consulting engagements.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Experience working with Nexus 7010, 5548, 5596, 2148, 2248 devices.
• Involves in various internal projects like upgrading checkpoint version, Cisco and Juniper firewalls IOS up-gradation and End of Life device up-gradation and many more.
• Extracting and analyzing logs from SIEM tools (Arcsight and Splunk) for troubleshooting or Audit purpose.
• Experience with setting up MPLS Layer 3 VPN cloud in data center and also working with BGP WAN towards customer.

Confidential, Wisconsin

Network and Security Engineer

Responsibilities:

• Configuration and troubleshooting of Firewalls like Cisco ASA 5520, ASA 5510 and Nokia Check Point VPN-1 NGX R55/R65/R70 firewalls.
• Manage firewall policy lifecycle process from review, approval, implementation, publishing, verification and maintenance.
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Configuration and troubleshooting of Site to Site as well as Remote Access VPN on Cisco ASA and Check Point firewalls.
• Configure and troubleshooting HA Cluster on Checkpoint Firewall.
• Enabling and configuring IPS features on various Cisco and Checkpoint firewalls as per the customer requirements.
• Implementing the Access-list on day to day basis as per customer’s change requests.
• Worked as a Tier 2 Firewall Support Engineer; configuration of Cisco and Checkpoint Firewalls as part of the Change Management Team.
• Configuration of NAT & PAT for customer network.
• Handling network devices such as Switches (Cisco Catalyst 2900 and 3500 series), Routers (Cisco 2600, 2800 and 7200 series), Firewalls, Load balancers etc.
• Configuring IP, RIP, EIGRP, OSPF and BGP in routers.
• Implemented Voice VLANS, UDP, SIP, RTP and provide QOS by DSCP and IP Precedence.
• Troubleshooting day-to-day problems regarding network security and routing issues with customer connectivity.
• Configuration and Troubleshooting site to site and remote VPN connectivity for remote customer.
• ACL configuration on Cisco Router, ASA/PIX, checkpoint and Juniper firewalls.
• Install and configuring Cisco IPS/IDS module on Cisco ASA and Routers.
• Designing, configuring and troubleshooting ASA failover for the customer network.
• Network routing configuration and troubleshooting using dynamic protocols like OSPF, BGP and static routes.

Confidential

Network Engineer

Responsibilities:

• Work internally with a team of technical personnel in the configuration, installation and maintenance of corporate LAN, WAN, Wireless and virtualized network environments
• Proactively monitoring company’s network links on 24x7 shifts.
• Involved in implementing network service requests for giving access to all types of remote end connections behind firewalls.
• Support for new store rollout, circuit and wan installations
• Configured and supported multiple remote site installations
• Raising Incident and follow up with service provider vendors for link/network related issues.
• Creating Incident and Providing Level 1 support for the users related to network issues.
• Initial mounting of devices to datacenter rack, Installation and configurations of network devices.
• Creation & Configuration of VLANs and Ports assignment to VLANs on Cisco Switches 3550, 2950.
• Configuring ACL on L3 devices.
• Configuration of static routes and floating static routes.
• Implementing HSRP, VRRP, VLAN, INTER VLAN in Switches.
• Support for new store rollout, circuit and wan installations.
• Configured and supported multiple remote site installations.
• IP Address management using IPAM.
• Maintain and troubleshoot Hub and spoke frame relay with EIGRP.