SUMMARY

• Having almost 8 years of experience in routing, switching, firewall technologies, systems design, and administration and troubleshooting.
• Experience in Supporting and troubleshooting Checkpoint (R77 Gaia, R75, R70, R65, Provider - 1, VSX, SPLAT, Cluster XL, Smart Center Server, and Crossbeams) Juniper (SRX, JUNOS, ScreenOS, Netscreen SSG and NSM), Palo Alto (Pa-500, PA-3000 and Panorama) and Cisco firewall (ASA 5550, 5540, 5520, FWSM, VPN 3000 concentrator, PIX 535, CSM and ASDM) technologies.
• Strong hands on experience in installing, configuring and troubleshooting of Cisco 7600, 7200, 3900, 3600, 2900, 2600, 2500 and 1800 series routers, Nexus 3k, 5k series, Cisco Catalyst 6500, 4500, 3750, 2950 and 3500XL series switches.
• Performing migrations from Cisco PIX to ASA, Juniper SSG to SRX and Checkpoint to Palo Alto firewalls.
• Performed device upgrades, software upgrades on firewall devices and network devices.
• Exposure to LAN/WAN setup, installation, configuration and troubleshooting.
• Configuring Checkpoint Firewall in IPSO, Secure Platform and GAIA platforms.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP and RSTP, inter VLAN routing and ISL/802.1q.
• Expertise in Designing, implementing and configuring virtual device contexts (vDCs), virtual port channels (vPCs), and virtual routing and forwarding instances (VRFs).
• Experience in implementing site-to-site, remote access VPN, DMVPN Technologies using GRE, IPSEC & MPLS.
• Performing packet captures using Wireshark, TCPDUMP, FW Monitor, Snoop during troubleshooting.
• Perform firewall rule audit and optimization using Tufin, Firemon and Algosec.
• Experience of routing protocols like EIGRP, OSPF, RIP v2, and BGP.
• Installing and configuring F5 LTM load balancer in Active-Standby mode and Creating Virtual Servers, VIP’s and server pools based upon application requirements.
• Extensive experience with Cisco IOS, Windows client/server operating systems, Linux, Networking technologies, Firewalls.
• Experience in L2/L3 3 protocols like VLAN’s, STP, RSTP, VTP, MPLS and Trunking protocols.
• Good knowledge in LAN/WAN Technologies like DHCP, DNS, FTP, TFTP, HSRP, VRRP, ACL, NAT/PAT, IPsec and VPNs.
• Worked in OSI model, TCP/IP, UDP, IP addressing and Sub netting.
• Hands-on experience in the setup of HSRP, ACL, and tunnel installations.
• Extensive knowledge in different networking protocols DHCP, DNS, FTP, ARP and TCP/IP.
• Demonstrated success record in: Managing multiple tasks with proven ability to meet deadlines and proactively identifying the problem to solve complex technical issues.
• Highly enthusiastic, creative team player, project implementation, analytical, interpersonal and communication skills

PROFESSIONAL EXPERIENCE

Confidential, New Castle, DE

Network Security Engineer

Responsibilities:

• Implementing Security Solutions in Juniper SRX and Netscreen SSG firewalls by using NSM.
• Implementing and troubleshooting firewall rules in Checkpoint R77 Gaia, R75.40, VSX also managing 15k, 41k series checkpoint appliances, Open servers as per the business requirements.
• Performing creation and deletion user accounts and global group’s creation in global policy in Provider-1.
• Adding firewall rules in checkpoint smart dashboard as per user requirements.
• Knowledge on Checkpoint- management and logging server R75, R77 Gaia OS.
• Performing backups and upgrades from time to time on different type of firewalls mostly on Checkpoint and Cisco ASA firewalls.
• Adding zone based rules in Juniper SRX and netscreen SSG firewalls as per client requirements.
• Upgrading and applying hot fixes to checkpoint firewalls in the maintenance window.
• Hands-on experience on Cisco ASA Firewalls - ASA 5540, 5550, ASDM, CLI, Firepower, Sourcefire IPS/IDS.
• Built and manage firewall high availability using Checkpoint cluster XL.
• Building site to site VPN and any connect VPN connections using Cisco ASA firewalls.
• Lab Implementation of multiple security contexts in ASA firewalls and Checkpoints configures redundancy (Active-Active failover and active-standby failover) among them
• Troubleshooting the VPN tunnels by analyzing the debug logs and syslogs in firewalls.
• Performing Firewall rule audit and Firewall policy optimization using Tufin analyzer tool.
• Implementing and configuring F5 LTM’s for VIP’s and Virtual servers as per business needs.
• Configured ACLs in Cisco 5550 ASA firewall for Internet Access requests for servers, Protocol Handling, Object Grouping and NAT Control using Object NAT.
• Working on trouble tickets in remedy ticketing system which comes to our queue.
• Worked on the migration project of Converting old PIX firewalls into new ASA firewalls.
• Migrated Legacy Netscreen SSG firewalls to SRX firewalls for couple of environments.
• Adding Websites to the URL filtering block list in Bluecoat Proxies and upgrading firmware on the bluecoat proxies.
• Knowledge of modifying and maintaining the bluecoat Proxy Pac files.
• Maintenance of Cisco ACS server - Authenticating, Authorization and Accounting for several Network Devices in the environment
• Performing packet captures using TCPDUMP, fw monitor, Snoop, wireshark and other netwok monitoring tools.
• Used SIEM tool called Splunk SIEM tool to Analyse firewall logs and incident event analysis.
• Continually monitor, assess and improvenetworksecurity, test and implement new security technologies.
• Participate in all technical aspects of LAN, WAN, VPN and security Internet Service projects including, short and long term planning, implementation, project management and operations support as required.
• Participating in 24*7 on-call support and implementing changes in different time zones as per the client requirements.

Confidential, Austin, TX

Responsibilities:

• Managing security devices (ASA, Checkpoint and Juniper SRX) for Projects
• Provide L1 and L2 assistance to the Cisco firewall, IPsec VPN, IPS/IDS installed networks, including troubleshooting the networks belonging to Enterprise level customers
• Implementing firewall rules using checkpoint smart dashboard, Palo Alto panorama, Cisco ASDM and NSM.
• Managed and ran reports for usage reports for unused rules on Firemon Optimization tool.
• Experience in Configuring Checkpoint Firewall Rule Base and manage multiple firewall policies using MDM.
• Gathering information and co-ordinate with business before we migrate checkpoint to Palo Alto firewalls.
• Created configurations and troubleshoot issues on Juniper SRX firewalls using CLI and NSM.
• Good Exposure on VPN’s for building Site-Site connections using different vendor firewalls.
• Configure Palo Alto Firewall models as well as a CMS (Panorama) to manage large scale firewall deployments.
• Converted checkpoint firewalls to Palo alto firewalls
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Configured and maintained URL filtering on Palo Alto Firewalls
• L3 Support engineer for Checkpoint firewalls based environment
• Worked on Cisco ASDM for configuring VPN on Cisco ASA Firewall
• Firewall security policy administration, monitoring, and logging functions.
• Configuration of security policies for security infrastructure using proper change management process
• Monitor the Firewalls policies and VPN configuration and Debug/logs Analysis for Complex Issues
• Good knowledge of CheckPoint Smart Dashboard, SmartView Tracker, SmartView Monitor
• Managing the configuration of checkpoint firewall through smart dashboard R77 Gaia

Confidential, Bowling Green, KY

Network Engineer

Responsibilities:

• Support customer with the configuration and maintenance of Checkpoint R70 firewall products.
• Involved in design and deploying various network security & High availability products like Cisco ASA and other security products.
• Maintaining firewall rule and troubleshooting using checkpoint smart console products.
• Managed and Upgraded IOS codes on Cisco ASA firewalls.
• Implementing and troubleshooting firewall rules and performed packet captures to solve network issues.
• Applied code patches and code upgrades on the checkpoint firewalls.
• Created VLAN and Inter-Vlan routing with Multilayer Switching. Manage installations, configuration and administration of Cisco equipment in IT architecture of organization.
• Configure IT LAN/WAN elements and held responsibility of maintaining and monitoring performance of network
• Provide Tier2 technical support; assist users facing network problems. Perform advanced troubleshooting, diagnostics and provide tier/level-1 solutions to network failures
• Network infrastructure support to routing and switching equipment’s.
• Troubleshoot and resolved dynamic routing, Ethernet switching and host connectivity issues in a window and network environment
• Troubleshoot wiring problems and serial communication lines
• Develop, plan and maintain documentation necessary for operation in support of LAN to WAN connectivity
• Maintain excellent communication with the IT Manager on all tasks and projects.

Confidential

Network Support Engineer

Responsibilities:

• Upgrade Cisco 7200, 3600 Router IOS Software, backup Routers and Catalyst 3560, 4500 switch configurations
• Involved in installing and configuring PIX 515E firewall.
• Support 24x7 operations and answer calls from the customers on network emergencies and resolve issues
• Install and manage Cisco Catalyst 3500XL, & 2960 series Switches and Cisco 1800, 3900 series routers
• Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tunings AS-path.
• Worked on Juniper J series j230, M 320 routers and EX 3200 series switch.
• Implemented Hot Standby Router Protocol (HSRP) by tuning parameters like preemption.
• Hands on Experience in Inter-vlan routing, redistribution, access-lists and dynamic NAT’ing
• Log messages using Syslog server and analyze the issues related to high CPU utilization and parameters that can degrade performance of the network
• Involved in all technical aspects of LAN and WAN projects including, short and long term planning, implementation, project management and operations support as required
• Conduct through analysis, problem solving, and infrastructure planning
• Provide assistance to Network Manager and serve as Secondary Network support.
• Troubleshoot and fix any backup and monitoring systems related issues in conjunction with Systems team and external vendors
• Created & documented wiring and network diagram using MS- Visio.