Network Security Engineer Resume
Minneapolis, MN
SUMMARY
- Around 5+ years of experience in Network and Security Engineering and Administration.
- Experience in installing, configuring and troubleshooting of Checkpoint Firewall and Palo Alto series.
- Experience in adding Rules and Monitoring Checkpoint Firewall traffic through Smart Dashboard and Smart View Tracker applications.
- Having well hands on experience in configuring and managing Network security Firewalls (Cisco ASA/PIX, Check Point, Juniper SRX and SSG and Palo Alto), Blue Coat Proxies, Routers, Layer2 and Layer3 Switches and Load Balancer.
- Advanced knowledge in Design, Installation & configuration of Palo Alto & Checkpoint Provider Environment.
- Configured Client - to-Site VPN using SSL Client on Cisco ASA 5520 ver8.2.
- Configured ASA 5520 Firewall to support Cisco VPN Client on Windows 7/XP/Vista.
- Expertise in installing, configuring, and maintaining Cisco Switches (2900, 3500, 3700 series, 6500 series).
- Expertise in installing, configuring, and troubleshooting of Cisco Routers (3800, 3600, 2800, 2600, 1800, 1700, 800).
- Expert in administration of F5 Load Balancer.
- Worked on Load Balancer F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
- Capabilities include an extremely broad knowledge base and familiarity with the latest cutting-edge technologies including firewalls, VPN, IDS, and IPS.
- Configuring RIP, OSPF, EIGRP BGP, MPLS, QOS, ATM and Frame Relay.
- Administration and diagnostics of LAN and WAN with in-depth knowledge of TCP/IP, NAT, PPP, ISDN and associates network protocols and services.
- Configuring VLANs and implementing inter VLAN routing.
- Advanced Knowledge in IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols.
- Knowledge of Intrusion Detection, DMZ, encryption, IPsec, proxy services, Site to Site VPN tunnels, MPLS/VPN, SSL/VPN.
- Experience in managing and migration of large scale enterprise networks, extensive knowledge in developing test plans, procedures and testing various LAN/WAN products and protocols.
- Good knowledge on SIEM products like Arcsight and Splunk.
- Having experience in Data Centre environment and NOC.
TECHNICAL SKILLS
Cisco Products: Routers Cisco, L2 & L3 Switches
FIREWALLS: Palo Alto PA-500, PA-2k, PA-3k & PA-5k series, Checkpoint NGX R65/R70/R75/R77 & Cisco ASA
Switching technologies: VLAN’s, Inter-VLAN routing VTP, Ether channel (Static, PAGP, LACP) Spanning Tree Protocol (Common Spanning Tree, MSTP, PVST, RSTP), Basic Port Security, first-hop redundancy protocols (HSRP, VRRP, GLBP)
Routing Technologies: Static Routing, RIPv1, RIPv2, EIGRP, OSPF, BGP (Basics), TCP/IP, UDP, IP-sec, Basics of MPLS, Route Map, Route Filtering, Route Redistribution, Route Summarization, Access Lists
LAN/WAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, Token Ring Encapsulation, Frame Relay, Fiber Optic circuits.
Security: AAA rules, TACACS, RADIUS, Check point, ASA.
OS products: Windows (2000/2003, XP, vista, 7, LINUX).
Load Balancer: F5 Big-IP LTM
Infrastructure services: DHCP.
Documentation: MS office, MS VISIO, power point.
Network Monitoring: Orion Net flow Traffic Analyzer, Arcsight
Protocols & Standards: TCP/IP Protocol Suite, Ethernet, Token Ring, FDDI, OSPF, EIGRP, Rip, BGP, HSRP, L2/L3/L4/L7, Switching, VLAN’s, VTP, IPv4, IPv6, ATM, VoIP, LAN, SSL, SNMP V1, V2. T1, DS3.
PROFESSIONAL EXPERIENCE
Confidential, Minneapolis, MN
Network Security Engineer
Responsibilities:
- Works with client engineering groups to create, document, implement, validate, and manage policies, procedures, and standards that ensure confidentiality, availability, integrity, and privacy of information.
- Manage firewall policy lifecycle process from review, approval, implementation, publishing, verification and maintenance.
- Implemented upgraded firewall platform built on Checkpoint Firewall Technologies.
- Involved in Building, Configuring, maintaining, and troubleshooting network devices in the environment.
- Interacting with management during high severity incidents and Understanding the priority and impact of issue and providing solutions accordingly within the SLA.
- Interacting with vendors (Checkpoint, Bluecoat, Palo Alto, Cisco etc.) and other technical teams (Global Network Team) with regards to the trouble incidents and giving resolutions.
- Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
- Worked extensively on checkpoint R77.20 on GAiA and SPLAT, Cisco ASA.
- Involved in configuring Checkpoint firewall and applying rules to pass servers and switches through firewall.
- Involved smart view tracker to check the firewall traffic.
- Experience with deployment of Palo Alto firewalls for different NAT, Skype traffic
- Experience with convert Checkpoint VPN rules over to the Cisco ASA solution.
- Migration with both Checkpoint and Cisco ASA VPN experience.
- Responsible for Check Point and Cisco ASA firewall administration across our global networks.
- Coordinated and scheduled the delivery of F5 Professional Service implementations and consulting engagements.
- Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
- Experience working with Nexus 7010, 5548, 5596, 2148, 2248 devices.
- Involves in various internal projects like upgrading checkpoint version, Cisco and Juniper firewalls IOS up-gradation and End of Life device up-gradation and many more.
- Extracting and analyzing logs from SIEM tools (Arcsight and Splunk) for troubleshooting or Audit purpose.
- Experience with setting up MPLS Layer 3 VPN cloud in data center and also working with BGP WAN towards customer.
Confidential, Wisconsin
Network and Security Engineer
Responsibilities:
- Configuration and troubleshooting of Firewalls like Cisco ASA 5520, ASA 5510 and Nokia Check Point VPN-1 NGX R55/R65/R70 firewalls.
- Manage firewall policy lifecycle process from review, approval, implementation, publishing, verification and maintenance.
- Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
- Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
- Configuration and troubleshooting of Site to Site as well as Remote Access VPN on Cisco ASA and Check Point firewalls.
- Configure and troubleshooting HA Cluster on Checkpoint Firewall.
- Enabling and configuring IPS features on various Cisco and Checkpoint firewalls as per the customer requirements.
- Implementing the Access-list on day to day basis as per customer’s change requests.
- Worked as a Tier 2 Firewall Support Engineer; configuration of Cisco and Checkpoint Firewalls as part of the Change Management Team.
- Configuration of NAT & PAT for customer network.
- Handling network devices such as Switches (Cisco Catalyst 2900 and 3500 series), Routers (Cisco 2600, 2800 and 7200 series), Firewalls, Load balancers etc.
- Configuring IP, RIP, EIGRP, OSPF and BGP in routers.
- Implemented Voice VLANS, UDP, SIP, RTP and provide QOS by DSCP and IP Precedence.
- Troubleshooting day-to-day problems regarding network security and routing issues with customer connectivity.
- Configuration and Troubleshooting site to site and remote VPN connectivity for remote customer.
- ACL configuration on Cisco Router, ASA/PIX, checkpoint and Juniper firewalls.
- Install and configuring Cisco IPS/IDS module on Cisco ASA and Routers.
- Designing, configuring and troubleshooting ASA failover for the customer network.
- Network routing configuration and troubleshooting using dynamic protocols like OSPF, BGP and static routes.
Confidential
Network Engineer
Responsibilities:
- Work internally with a team of technical personnel in the configuration, installation and maintenance of corporate LAN, WAN, Wireless and virtualized network environments
- Proactively monitoring company’s network links on 24x7 shifts.
- Involved in implementing network service requests for giving access to all types of remote end connections behind firewalls.
- Support for new store rollout, circuit and wan installations
- Configured and supported multiple remote site installations
- Raising Incident and follow up with service provider vendors for link/network related issues.
- Creating Incident and Providing Level 1 support for the users related to network issues.
- Initial mounting of devices to datacenter rack, Installation and configurations of network devices.
- Creation & Configuration of VLANs and Ports assignment to VLANs on Cisco Switches 3550, 2950.
- Configuring ACL on L3 devices.
- Configuration of static routes and floating static routes.
- Implementing HSRP, VRRP, VLAN, INTER VLAN in Switches.
- Support for new store rollout, circuit and wan installations.
- Configured and supported multiple remote site installations.
- IP Address management using IPAM.
- Maintain and troubleshoot Hub and spoke frame relay with EIGRP.