SUMMARY

• 7+ Years of IT Experience with expertise in Network Security.
• Strong knowledge based in the planning, design, and implementation of Information Systems and Network Technologies.
• Certified cloud based Salesforce developer - 401.
• Experienced in handling and installing Palo Alto Firewalls.
• Proficient in design, implementation, management and troubleshooting of Check Point firewalls like R61/65/R70/R75/R77, Nokia IP 1280, 2450, 61000, Cisco PIX, Check Point Provider-1 / VSX, Nokia VPN, Palo Alto-3060/5020 IDS, Foundry / F5 Load Balancers, and Blue Coat Packet Shaper systems.
• Configure all Palo Alto Networks Firewall models (PA-3000, PA-5000 etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments.
• Experience in Network Intrusion detection/Intrusion Prevention System and Firewalls.
• Advanced knowledge in Switches and Routers Configurations.
• Experienced in implementing / maintaining compliance with security and IT standards such as BS7799, BS15000, and SAS70.
• Experience in Deployed Check Point Provider-1 NGX and configured Checkpoint VSX.
• Experienced on Juniper Net screen Firewalls like, NS50, SSG 550M, SSG520M and ISG 1000.
• Proficient at establishing User Tunnels in Nortel VPN Routers, implementing network security protocols, installing and supporting backup strategies, and planning/executing disaster recovery solutions.
• Hands on experience in Implementation, Troubleshooting &configuring for Checkpoint R77. 30 with GAIA and SPLAT.
• Worked on Juniper SRX routers administration and Configured and set up Juniper SRX gateways.
• Design and configuring of OSPF, BGP on Juniper Routers (MX960, MX480) and SRX Firewalls (SRX240, SRX550).
• Experience in Configuring Checkpoint Clusters with Nokia IPSO and GAIA OS.
• Hands-on configuration and operational experience working on Checkpoint Firewalls (Nat policies, VPN Configurations, policies) in both standalone and HA mode.
• Experienced with Cisco routers and switches, and a good understanding of IP sub netting and routing such OSPF, BGP, HSRP, VLAN and MPLS.
• Knowledge of Server Maintenance, including establishing Security Protocols, Configuring Network, and Troubleshooting Problems.
• Thoroughly familiar withCheckpointmodels, capabilities, and architectures.
• Experience with Aruba RF F5 Big IP, Juniper firewalls design and analysis support.
• Advanced Knowledge in IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols.
• Knowledge of virtual firewalls like checkpoint VSX, IDS, IPS as well as encryption techniques.
• Has extensive knowledge in implementing and configuring BIG-IP LTM-6400, 8900load balancers.
• Knowledge about Cybersecurity threats and defense mechanisms
• Knowledge on ON target and Remedyticketingtool
• Experience with complex Voice over Internet Protocol (VoIP).
• Knowledge of DNS, Active Directory and Certificate Services (PKI).
• Experience in managing and migration of large scale enterprise networks, extensive knowledge in developing test plans, procedures and testing various LAN/WAN products and protocols
• Knowledgeable in TCP/IP & OSI model, IPv4 & IPv6, NAT/PAT, TACACS+, OSPF and QoS.

TECHNICAL SKILLS

Firewall: R61/R65/R70/R75/R77, Provider-1 firewallCisco ASA,VSXFirewalls ISG 1000/2000, Checkpoint Secure Platform (SPLAT) Checkpoint NG FP3 - NGX R75.40 Checkpoint GAiA, Checkpoint SG and SmartAppliances, Palo Alto - 3060/5020

Routers: Cisco 2600, 2800, 3600, 4400, 7200, 7609 Series, CUCM, CUPS

Switches: Cisco 2900, 3500, 3700, 5000, 6500 Catalyst Series, Cisco 7000, 5000, 2000 Nexus Series

Load Balancer: F5-Big-Ip, LTM, Ax10

Communication Protocols: TCP/IP, UDP, DHCP, DNS, ICMP, SNMP, ARP, RARP

Routing Protocols: BGP, OSPF, EIGRP, VRRP, HSRP, GLBP, RIP, QoS

Switching Protocols: STP, RSTP, PVSTP, VTP, ARP, VLA

IP Services: DHCP, NAT, VLAN, DNS, FTP,SFTPTFTP, LAN/WAN

WAN Technologies: ATM, ISDN, PPP, MPLS, ATT, 802.11, 802.11a, 802.11b, APLUS

Network Technologies: IPsec, GRE, NAT/PAT, ACL, IPv4, IPv6

VPN SOLUTION: Cisco & Nortel VPN Clients, ASA SSL VPNs, Nortel Connectivity 600, Nortel 5000 VPN Routers

Operating Systems: Windows XP/7/8, Linux, UNIX, DOS, Windows 2003/2008 server

Tools: SNMP, Syslog, Juniper NetScreen Security Manager NSM Sniffer, Wireshark, Bluecoat Packet shaper

PROFESSIONAL EXPERIENCE

Confidential, Minnesota

Network Security Administrator

Responsibilities:

• Strong hands on and exposure to Checkpoint R77.30 & Palo Alto 5020 on a regular basis.
• Configuration and Administration of Palo Alto Networks Firewall to manage large scale firewall deployments.
• Researched, designed, and replaced aging Checkpoint firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering)
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools
• Configuration, support and administration of Palo Alto and Checkpoint and to migrate all gateways and management servers to new hardware and software - Checkpoint SG appliances running GAiA OS and Checkpoint R75.40
• Upgrade ofCheckpointfirewallsand management servers from Splat R75.30 to Gaia R77.20.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Successfully installed Palo Alto PA-3060 and PA-5020 and firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• Configuring Palo Alto Firewalls (PA 3020 and PA 5020) with Panorama.
• Generating User Activity and Application Reports on PA-5020 Firewalls
• Implemented Positive Enforcement Model with the help of Palo Alto Networks
• Configuring rules and Maintaining Palo AltoFirewalls& Analysis offirewalllogs
• Administering multiple Firewall of Juniper/Net Screen, in a managed distributed environment.
• Advanced knowledge in design, installation and configuration of Juniper Net Screen Firewall ISG 1000/2000, SSG series and NSM Administration.
• Configured Policies on Juniper Net screen and SRX firewalls and Palo Alto as well.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls and Checkpoint
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall
• Exposure to wild fire feature of Palo Alto.
• Implemented Positive Enforcement Model with the help ofPaloAltoNetworks.
• Reviewing & creating the FW rules and monitoring the logs as per the security standards in Checkpoint
• Monitoring Traffic and Connections in Checkpoint.
• Designed application mapping and application delivery usingF5BIG IP LTM
• Exposure on Network monitoring tools - Nagios / Solar Winds
• Configuring VPN, clustering and ISP redundancy in Checkpoint firewall.
• ManagesBlueCoatProxy/ Anti-Virus / Director appliances
• Established IPSec VPN tunnels between branch offices and headquarter usingCheckpoint Firewall
• Set up a DMZ lab for multivendor testing consisting of Checkpoint, Palo Alto as well as Tipping point IPS appliances.
• Configuring F5 Load Balancers: Adding virtual IPs, nodes, pools and health monitoring.
• Implemented and troubleshot of the CSD-Network Managed Services (NMS) to provide administration support.
• Used Wireshark and packet analyzer for packet capture and analysis and traffic monitoring.
• Worked extensively on firewalls and VPN gateways Checkpoint, CISCO, Juniper, Fortigate GUI and Shell.
• Installed and configured Solar winds’ Orion Network Performance monitoring for network infrastructure monitoring purposes.
• Provide Tier1 technical support, with voice over internet protocol (VOIP).
• Troubleshooting ofDNS, DHCP, Wintel, and UNIX server connectivity issues.
• Sound knowledge of EIGRP/ BGP/ OSPF & Firewall / VPN / SSL VPN concepts.
• Sound knowledge of VLAN / STP / RSTP / VRF / Static routing / Dynamic Routing / HSRP / VRRP / MST / Ethernet channel.
• Configuration the access-list rules, network object-service group based on well-known port the port i.e. FTP/SFTP, SSH, HTTPS/HTTPS (SSL) and etc
• Built and support VRRP / Cluster based HA of Checkpoint firewalls.
• Perform QA Checks on block point builds of SPLAT and Gaia Checkpoint Firewalls running on HP ProLiant Servers
• Capable of developing and implementing newITILframework and procedures as well as improvements to existing policies and procedures.
• Security monitoring process with the help of Log management tools (i.e. Splunk) and Security Information Event Management (SIEM) tools
• Utilize network analysis tools such as tcpDump, WireShark, QRadar, andArcSightSIEM

Confidential, Wisconsin

Network Security Engineer

Responsibilities:

• Primary responsibility for the Core Security of the Network. Managing the entire Network Security Products deployed in the network such as Checkpoint (GAIAR61/ R75.40/77)
• Experience onCheckpointfirewalls with R65, R70, R75, and R76 version IPSO 6.2 OS
• Worked oncheckpointprovider R71, R75.40 and R77 GAIA and secured policies and blocked websites using URL filtering, application identification and threat prevention
• ImplementedCheckpointFW Interface, NAT and VLAN using R77 GAIA Smart Dashboard.
• Migrated firewalls from ASA to Palo Alto.
• Worked on the migration to new Checkpoint R61/R75.40 firewalls from Cisco ASA firewalls
• Implementingproxyrules inBluecoatProxySG using blue coat director.
• Bluecoat (SG810) Administration - Blocking/Unblocking URL's
• Extensive knowledge and Implementation on Firewalls design (e.g. Checkpoint R71, R77, and McAfee), IPSec VPN and working experience on IPS / IDS.
• Blue Coat Web Proxies - Proxy SG, Proxy AV, Content Analysis System, Packet Shaper, Threat Detection Proxy CAS, Director, Reporter.
• Deploying Cisco WSA and Bluecoat ProxySG (Web Security Appliance) S170 for URL Filtering Policies.
• Good experience on Secure Application design in DMZ related infrastructure.
• Installed and ConfiguredCheckpointFirewallin Internet Edge
• Good experience and understanding on F5 Load balancers (LTM, GTM) and Proxy devices (Bluecoat).
• New firewall design, installation, routing configuration & implementation. Manage and support Remote Access VPN setup for users and Juniper SSL VPN
• Complete renaming of all firewall objects and rules.
• Configured and maintained DNS, Mail andFTP/SFTPservers and its related applications.
• Experience in adding Rules and MonitoringCheckpointFirewall traffic through Smart Dashboard and Smart View Tracker applications.
• Review and optimize firewall rules using Secure Track TufinISIMtuff tool and firewall audit reports
• Daily responsibilities included design, implementation, support and administration of multiple security products running CheckPoint Provider-1 and VSX, Source Fire, and ISS Real secure.
• Provide best practice security consulting for multiple compliance initiatives, with a focus on highly resilient solutions.
• Maintained checkpoint 41000 and 61000 systems, Participated in the OS and firmware upgrade of the 61K.
• TroubleshootVoIPrelated issues such as call setup failure, one way audio, voice quality, and phone registration
• Creating technical implementation plans, project plans, and worked closely with internal and external customers to supply solutions that fulfill their needs.
• Regularly performed firewall audits around Checkpoint Firewall-1 solutions for customers.
• Troubleshoot and hands on experience on security related issues on Checkpoint and Palo Alto Firewalls.
• Implementation of Checkpoint VSX, including virtual systems, routers and switches.
• Implementing and configuring Checkpoint VSX for security gateways.
• Work with Tier1 technology to provide VoIP support.
• VoIP - Monitor and maintain all IP Telephony installations
• Proficient in design, implementation, management and troubleshooting of Check Point firewalls, Cisco PIX, Net Screen Firewalls, Check Point Provider-1 / VSX, Nokia VPN, Palo Alto, IDS, F5 Load Balancers, CISCO ASA, and Juniper SRX.
• Wireless - Internal and Guest Wi-Fi infrastructure including configuration, Maintenance and regular administration.
• ImplementedMPLSVPNsolution for IP backbone of 2.5G mobile Network successfully.
• Installed and configured DNS on servers.
• Provided tier 3 support for CheckPoint Firewall-1 software to support customers
• Strong working knowledge of Checkpoint VSX virtual firewall.
• Configuring Bandwidth allocations (QoS) inCheckpointFirewalls.
• Strong knowledge and understanding with IPsec, Remote Access VPN, and Source Fire intrusion prevention systems.

Confidential - San Diego, CA

Network Engineer

Responsibilities:

• Configuring Routers as of client requirement which includes routing protocols such as RIPv2, EIGRP and OSPF.
• Technical support for field engineers during installation.
• Implement Security using access-list, route maps & NAT depending upon the network requirement.
• Hands on experience in Juniper Firewall and experience in ScreenOS and Junos OS commands.
• Responsible for implementation and troubleshooting of network connectivity at all the locations.
• Responsible to provide network connectivity as and when new location comes in to the network.
• Troubleshooting hardware and network related problems.
• Configured and managing site-to-site VPN tunnel in Checkpoint R75.10 Firewall.
• Configured and managing Remote Access VPN on Checkpoint Firewall.
• Upgrading the existingCheckpointR70 toCheckpointR75.10.
• Creating object, groups, updating access-lists on Check PointFirewall, apply static, hide NAT using smart dashboard
• Configuration ofCheckpointR75 Firewall Rules and Application and URL Blades and VPN\IPSEC Set up IPSEC Tunnels and VPN. Upgrade when needed.
• Support Video On Demand content, transcode and package processing per platform requirements while delivering files through FTP, SFTP
• VerifyFirewallstatus withCheckpointMonitor.
• Worked onCheckpointFirewalls Clusters of both High-Availability and Load-Sharing
• Maintained aCheckpointNG Firewall infrastructure
• Designing, installing and configuringCheckpointfirewalls - NGX R65 in active/active mode
• Subnetting networks. Troubleshooting DHCP and DNS Servers.
• Performed upgrades on allCheckpointfirewalls, and support for client services
• Installed high availability Big IPF5LTM and GTM load balancers to provide uninterrupted service to customers.
• Managing Checkpoint (NGX 70) on SPLAT platform, Standalone and HA mode implementation, Hide NAT and Static NAT configuration as per clients requirement.
• Managed multiple ISP providers to insure adequate provisioning of connectivity services (Ex: Circuit termination, MPLS,QoS, etc.). This included refresh of WAN routers and modification of the routing design.
• Support complex solution for user MPLS, VoIP, SIP, or any IP transport.
• Configured and administered Windows server 2008 R2 Active Directory.
• Responsible for the setup of user accounts, organizational units, and security groups, setup group policy for users OS Windows XP, 7, and 8.

Confidential

Network Support Engineer

Responsibilities:

• Provides technical support to all areas of Network Administration, Telecommunications, Systems and Network Architecture, and Personal Computer Administration.
• Maintaining of Cisco Adaptive Security Appliances (ASA firewall) for LAN, WAN and Internet connectivity.
• Manage Local Area Network by Maintaining VLANs and Wireless Aps (TP Link devices).
• Setup and configure network monitoring and management systems, which include Cisco Works 2000 to manage Cisco devices.
• Troubleshoot network connectivity issues such as DNS, WINS and DHCP.
• Develops and maintain IT security policy related to LAN and WLAN.
• Operated the router-point-defense Intrusion Detection System for the data network (ASIMS Director, Net Ranger Director, and via Firewall VPNs).
• Helped standardize workstations and file servers including: hardware software, naming conventions, and IP addresses.
• Implemented file system, firewall security and disaster recovery strategies.
• Designed and implemented Windows networks and Active Directory (AD) and security group hierarchy based on delegation requirements.
• Installed external storage raid servers for corporate and production use.