SUMMARY

• Network Security Professional with 6+ years’ experience in researching, implementing and administering network security solutions. Skilled in supporting and troubleshooting operational issues related to network security Infrastructure.
• Designing, Implementation and Operations of enterprise data networks as Network Security Administrator.
• Strong hands on experience in installing, configuring, and troubleshooting of Cisco 7600, 7200, 3800, 3600, 2800, 2600, 2500 and 1800 series Routers, Cisco Catalyst 6500, 4500, 3750, 2950 and 3500XL series switches.
• Implemented Positive Enforcement Model with the help of Confidential .
• Innovated with support of Palo Alto for remote and mobile users and for analyzing files for malware in a separate (cloud - based) process that does not impact stream processing.
• Assist customer team with the design and placement of Confidential devices.
• Installation, configuration and maintenance of Palo Alto, Cisco ASA 5500, Juniper SRX Firewalls.
• Experience in installing, configuring and troubleshooting of Checkpoint Firewall and Juniper SSG series.
• Worked on Palo alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Configure all Confidential Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale Firewall deployments.
• Hands on experience in configuring and supporting site-to-site and remote access server, IPSec, VPN solutions using ASA/PIX firewalls, Cisco and VPN client.
• Experience in site to site VPN configurations using Cisco ASA 5500 series firewalls
• Responsible for Checkpoint and Cisco ASA firewall administration across global networks.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Implemented traffic filters using Standard and Extended access-lists, Distribute-Lists, and Route Maps.
• Work experience on Bluecoat Proxy SG for Content filtering and URL filtering.
• Worked on network topological and configurations, TCP/IP, UDP, Frame Relay, Token ring, ATM, bridges, routers, and Switches.
• Experience in configuring Client-to-Site VPN using IPSEC VPN on SRX series firewalls
• Experience in adding Rules and Monitoring Checkpoint Firewall traffic through Smart Dashboard and Smart View Tracker applications
• Experience in configuring, implementing and troubleshooting F5 load balancer in the enterprise network
• Worked on blue coat proxy server as part of recent integration into the project
• Experience with Bluecoat Proxy servers, LAN & WAN management.
• Excellent working knowledge of TCP/IP protocol suite and OSI layers.
• In-depth knowledge and hands-on experience on IP Addressing, Sub netting, VLSM, Summarization and ARP, reverse & proxy ARP and Ping Concepts
• Excellent customer management/resolution, problem solving, debugging skills and capable of quickly learning, effectively analyzes results and implement and delivering solutions as an individual and as part of a team.

TECHNICAL SKILLS

Routers: (1800, 2500, 2600, 2800, 3600, 3750, 3800, 7200).

Cisco Switches: (2900, 3500, 4000, 4500, 5000, 5800, 6500, Nexus 2k, 3k, 5kand 7k), MSFC, MSFC2.

Routing Protocol: (BGP, OSPF, EIGRP, IGRP, IGMP, RIP), Routed Protocol TCP/IP, Multicasting (PIM).

WAN Technology: Frame Relay, WiSM Module in 6509, X.25, L2VPN, L3VPN, E1/T1/DS1/DS3,MPLS

Operating systems: Linux, UNIX, DOS, Windows XP/2007/8, Windows 2003 server and Windows 2008 server

Firewalls: Check Point R65/R70/R75, ISA 2004/2006, Palo Alto PA-500/PA-2K/PA-3K/PA-5K, ASA 5585/5520/5510

PROFESSIONAL EXPERIENCE

Confidential, Trevose, PA

Network & Firewall Administrator

Responsibilities:

• Working with engineering team to create, document, implement, validate, and manage policies, procedures, and standards that ensure confidentiality, availability, integrity, and privacy of information.
• Implemented Positive Enforcement Model with the help of Confidential .
• Experience with Firewall Administration, Rule Analysis, Rule Modification.
• Implementing and troubleshooting Firewall rules in Palo Alto Pa-5000 series using Panorama, Checkpoint VSX, R75.40, R76 and R77.20 as per Business Requirements.
• Implementing and troubleshooting firewall rules in Checkpoint R75.40and R77 Gaia as per the business requirements.
• Experience with configuring Virtual Server and Configuring Load balancing methods in F5 LTM.
• Application (Layer 7) Firewall. Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers.
• Implemented F5 GTM configurations with adherence to company global IT and InfoSec standards and industry best practices.
• Involved in configuring Juniper SSG-140, Cisco pix firewall and Check point firewall.
• Worked on Migrating from ASA 5540 to ASA 5585.
• Created Virtual Contexts, Vlans, and Interfaces in ASA 5585.
• LAN base as well as Cable base failover configuration on Cisco firewall.
• Configuring Vlans, Self IP's& Routes on F5 load balancers.
• SSL offloading on F5 LTM's, worked on both the server ssl profiles and client ssl profiles.
• Experience with devices Palo alto Network firewalls such as security NAT, Threat prevention & URL filtering.
• Reviewing & creating the FW rules and monitoring the logs as per the security standards in Checkpoint and Net screen Firewalls.
• Execute the Incident Management process tasks in adherence with global and local requirements
• Configuring and troubleshooting Cisco ASA firewalls, Palo Alto and Checkpoint Firewalls. .
• Assist with various duties that will arise including: implementation, configuration, management.

Confidential, Minneapolis, MN

Network Security Engineer

Responsibilities:

• Maintaining Checkpoint security policies including NAT, VPN and Secure Remote access, Configuring IPSEC VPN (Site-Site to Remote Access).
• Maintained Corporate Firewalls & Analysis of firewall logs using various tools.
• Implementation and troubleshooting of ASA firewall
• Adding security policies and security rules on checkpoint and ASA firewall.
• Taking backup of checkpoint configuration, security policies, logs with policy package management, database revision controls, upgrade export and import, snapshot procedure on regular basis.
• Responsible for designing and implementation of customer’s network and Security infrastructure.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
• Provided Load Balancing towards access layer from core layer using F5 Network Load Balancers.
• Configured Routing protocols such as RIP, OSPF, EIGRP, MPLS static routing and policy base routing.
• Experience on Checkpoint Smart Domain Manager NGX R60 & R70.
• Log analysis using Checkpoint Smart view tracker and SPLUNK.
• Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst 6500 switches.
• Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs
• Involved in Troubleshooting of DHCP and other IP conflict problems.
• Performed Switching Technology Administration including VLANs, inter-VLAN Routing, Trunking, STP, RSTP and Port Aggregation & Link Negotiation.

Confidential, Milwaukee, WI

Network Engineer

Responsibilities:

• Provides day to day support for firewall engineering and operations tasks and level 1 & 2 on-call technical support for the Firewall Engineering and Operations team; including assisting peers with issues and escalation.
• Configured VLAN’s, Private VLAN’s and enabling inter-VLAN routing.
• Configuring routing protocols like EIGRP, OSPF & BGP and troubleshooting layer3 issues.
• Responsible for designing and implementation of customer’s network and Security infrastructure.
• Worked on Cisco 7200, 3800, 3600, 2800, 2600, 1800 series Routers and Cisco 2900, 3500, 4500, 5500, 6500 and Nexus 5K series switches
• Conducted and implement Network and software installations and upgrades.
• Configured Remote User VPN, Site to Site VPN, and Remote Access VPN, Easy VPN, SSL VPN for Client based and Clientless applications.
• Design and configuring of OSPF, BGP on Juniper Routers (MX960, MX480) and SRX Firewalls(SRX240, SRX550)
• Blocking malicious sites as required by the information security system using Bluecoat Proxies
• Content filtering using Bluecoat ProxySG
• Creating VPLS connection between H and NE40's depend on customer services such as (Internet, VoIP, L2vpn, L3vpn, Ibgp and Ebgp)
• Implementation of Cisco ACS server & integration with RSA for two factor authentication
• Worked on Disaster Recovery (DR) test plan and build an IPSEC tunnel site to site.
• Advanced knowledge, design, installation, configuration, maintenance and administration of Checkpoint Firewall R55 up to R77.
• Configured layer 2 and layer 3 Switch port, L3 router interface, VLAN interface, VRRP on cisco and juniper devices.
• Rollout of RSA 6.0 Ace Server and Client for Windows Logon & VPN Authentication.
• Configured OSPF redistribution and authentication with type 3 LSA filtering to prevent LSA flooding

Confidential

Network Engineer

Responsibilities:

• Worked on network-based IT systems such as racking, stacking, and cabling.
• IOS upgrading of 1900, 2900, 3500 series Cisco Catalyst switches and 2500, 2600, 3600 series Cisco routers using TFTP.
• Served as a main escalation point of contact for level I team.
• Coordinated with higher-level support and external vendors for resolution.
• Maintained all servers & network equipment with current stable firmware, IOS images & access control lists.
• Installation and Configuration of Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy.
• Experience with setting up MPLS Layer 3 VPN cloud in data center and also working with BGP WAN towards customer.
• Monitoring customer network (Internet, VoIP, L2vpn, L3vpn, IBGP and EBGP).
• Giving support and configuring Cisco Routers such as 800, 2801, 2850, 2950
• Maintained and configured all Extended Access Lists securing VLAN 802.1q trunks to W2003/8 servers, STP, OSPF, Port-Channels, Classes, Group, Objects, Load-Balancing, ACS, Wireless setup for corporate office and stores.
• Implemented strategies for operating systems, virus protection, mail systems and Internet services.
• Performed scheduled Virus Checks & Updates on all Servers & Desktops.