SUMMARY

• 8 years of experience in Network & Security Implementation; Proficient in installing, upgrading, troubleshooting, configuring, and supporting variety of Network & Security Devices.
• Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point R65, R70 & R77, Palo Alto and Cisco ASA.
• Configure all Palo Alto Networks Firewall models (PA - 2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale Firewall deployments.
• Very Good Experience in LAN/WAN design/configuration & implementation with CISCO, Juniper, Alcatel, Calix C7, E5 and E7, Redback Se800, Adtran TA5000, TA3000, TA1200 and Foundry equipment, wireless network design/configuration & implementation, strong working knowledge on Wide Area Networks (WANs).
• Hands on experience on all software blades of Check Point Firewall.
• Experienced in Configuration, Management, Deployment and Troubleshooting of Checkpoint VSX
• Advanced knowledge in Cisco ASA 5000 series and PIX installation, configuration and maintenance, configuration and installation of IOS security features and IPS, security risk analysis, attack mitigation & penetration tests based on LPT methodology.
• Experienced with Cisco routers and switches, and a good understanding of IP subnetting and routing such OSPF and BGP.
• Advanced knowledge, design, installation, configuration, maintenance and administration of Checkpoint Firewall R55 up to R77, Firewall R55 up to R70 version, SecurePlatform Installation including, VPN.
• Implementing and maintaining F5 LTM Devices (Versions 9.x, 10.x and 11.x). Responsibilities include device builds for continuous application availability and Windows/Unix load balancing, code upgrades, and configuration management.
• Knowledge of Juniper Environment including SRX/Junos Space.
• Experienced with Juniper NetScreen firewalls (ScreenOS) and Juniper NSM.
• Worked on NXOS, IOS, and IOS-XR BXB to N7K-NXOS (MPLS) system test.
• Experienced with handling with daily RTB tickets and troubleshooting.
• Designed and configured testing changes/additions to the encryption infrastructure.
• Ensured 24x7 uptime of encryption services.
• Specialization on Symantec Endpoint Protection.
• Worked on NXOS, IOS, and IOS-XR and N7K-NXOS.
• Experience on Cloud Web filtering.
• Configuring and troubleshooting Cisco IOS, IOS-XE, IOS-XR, and NX-OS Networking Software.
• Good understanding ofSDLC and project management.
• Knowledge of server maintenance, including establishing Security Protocols, Configuring Network, and Troubleshooting Problems.
• Checkpoint IP Appliances and SPLAT & Cisco ASA Firewall.
• Advanced knowledge in TCP/IP suite and routing protocols, such as OSPF, BGP, & EIGRP, IPsec VPN design connection & protocols, IPsec tunnel configuration, encryption and integrity protocols.
• Demonstrate deep expertise in technical and security process design.
• Experience in configuration and deployment of network security devices, including Firewalls, Intrusion, Detection Systems, VPN, and Identity Gateways.
• Excellent troubleshooting skills; tenaciously committed to the thorough resolution of technical issues.
• Exceptional ability to grasp and master new technologies quickly and easily.

TECHNICAL SKILLS

Operating Systems: Windows XP/7/8, UNIX, Linux

AntiVirus: Mcafee solutions providing protection from Malwares.

Switches: Cisco Catalyst VSS 13 / 00 / 3750- X / 2960.

Routers: Cisco Routers ASR 06 / 06 / 51 / 2600.

Firewall: Palo Alto PA-500, PA-2k, PA-3k & PA-5k series, Checkpoint NGX R65/R70/R75/R77 & Cisco ASA, J, HP Helion VPC format.

Protocols: NAT, VTP, VLAN, L2TP, PPTP, RDP, TCP/IP, IPX/SPX, NetBEUI, UDP, ARP, NTP, EIGRP, OSPF, RIP, VoIP.

Cisco Switches: 6500e, 4500R, 4500R+e, NxOS 7k, 5k, 2900, 3750, 4500x

PROFESSIONAL EXPERIENCE

Confidential, San Jose, CA

Network Security Administrator

Responsibilities:

• Installation of Palo Alto (Application and URL filtering, Threat Prevention, Data Filtering).
• Successfully installed Palo Alto PA-3060 Firewalls to protect Data Center.
• Implemented Positive Enforcement Model with the help of Palo Alto Networks.
• Exposure to Wildfire feature of Palo Alto.
• Configuring rules and maintaining Palo Alto Firewalls & Analysis of Firewall logs.
• Implemented Zone-Based Firewalling and Security Rules on the Palo Alto Firewall.
• Researched, designed and replaced aging Checkpoint Firewall architecture with new next generation Palo Alto appliances serving as Firewalls and URL and application inspection.
• Troubleshooting the Juniper SRX100 and 110 series, Juniper Netscreen routers with Site-Site VPN, and firewalls for Supervalu Retail sites.
• Train the Customer's design, implementation and support personnel to configure and operate the Juniper Networks products.
• Responsible for the day to day operations of a large production F5 LTM/GTM load balancing environment.
• Build and Support of F5 BigIP Load Balancers 8900 and Viprions (Versions 9.x, 10.x and 11.x)
• Irule development in TCL for various F5 solutions (uri-based balancing to multiple pools, URL rewrites, redirects, cookie and header manipulation and management, etc.).
• Develop Engineering Documentations to record F5 environment and change processes LTM/GTM/iRules.
• Hands-on experience with bluecoat proxy.
• Migrated L3VPN Traffic from Juniper M320's to Cisco CRS-1 with minimum disruption.
• Experience with management of Juniper NetScreen firewalls (ScreenOS) and management via Juniper NSM.
• Hands-on experience with configuring F5 Loadbalancing.
• Configured and maintained IPsec and SSL VPN's on Palo Alto Firewalls.
• Experience working with Cisco IOS, IOS-XR, NXOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS.
• Hands-on experience with handling with daily RTB tickets and troubleshooting.
• Used Cisco IOS to configure simple routed or switched LAN and WAN networks.
• Implementation configuration and troubleshooting of Check Point Firewall R77.
• Designed and configured testing changes/additions to the encryption infrastructure.
• Ensured 24x7 uptime of encryption services.
• Configuring VPN, clustering and ISP redundancy in Check Point Firewall.
• Responsible for installation, troubleshooting of CheckPoint Firewall and LAN/WAN protocols.
• Responsible for managing Network & Security Engineering implementation.
• Firewall Policy administration and work with user requests submitted by users.
• Worked on software blades of Check Point Firewall.
• Prepared technical documentation of configurations, processes, procedures, systems and locations.

Confidential, San Antonio, TX

Network Security Engineer

Responsibilities:

• Configuring, administering and troubleshooting the Check Point, Palo Alto and ASA Firewall.
• Daily responsibilities included design, implementation, support and administration of multiple security products, running Check Point Provider-1 and VSX, SourceFire, and ISS Realsecure.
• Identified opportunities for implementation of network best practices, particularly F5 load balancer implementations.
• Provided operational and configuration support for F5 BigIP LTM 3400 series running OS 4.5
• Regularly performed Firewall audits around Check Point Firewall-1 solutions.
• Installed high availability Big IP F5 LTM and GTM load balancers to provide uninterrupted service to customers.
• Provided tier 3 support for Check Point Firewall-1 software to support customers.
• Using Smart Update, user management and authentication in Check Point Firewall.
• Migration with both Checkpoint and Cisco ASA VPN experience
• Experience in management of Checkpoint VSX environment and using VSX with Multi-Domain Security Management
• Experience in creating multiple policies and pushing them in to Checkpoint Firewall (Gateways) and hands on experience in managing the Checkpoint Management Server with SPLAT operating system
• Managed network security processes using ASA firewalls
• Implementation configuration and troubleshooting of Check Point Firewall R71.
• Experience with management of Juniper NetScreen firewalls (ScreenOS) and management via Juniper NSM
• Hands-on experience with bluecoat proxy.
• Hands-on experience with configuring F5 Load-balancing.
• Designed and configured testing changes/additions to the encryption infrastructure.
• Ensured 24x7 uptime of encryption services.
• Support design and planning of Juniper MX, SRX, and EX network products and associated solutions within the Customer infrastructure.
• Configuring rules and maintaining Palo Alto Firewalls & analysis of Firewall logs using various tools.
• Hands-on experience with handling with daily RTB tickets and troubleshooting.
• Adding security rules and pushing the security policy on Checkpoint.
• Perform Checkpoint and PIX Firewall/IDS design, integration and implementation for Cyber Trap client networks.
• Strong hands on and exposure to Checkpoint & Palo Alto on a regular basis.
• Collapsing the existing Firewall rules and fine-tuning the Firewall policies for better performance.
• Working with different teams to gather information for new request and troubleshoot for any connectivity issues by capturing traffic using TCPDUMP and SmartView Tracker.

Confidential, Chicago, IL

Network Security Consultant

Responsibilities:

• Monitored and maintained client Firewall, intrusion detection systems and VPN systems including (Check Point FW-1 / VPN-1 / Cisco PIX / Secure VPN / Secure IDS).
• Implementation, support and administration of multiple security products running Check Point Provider-1.
• Migration experience with both Check Point and Cisco ASA VPN.
• Configuring, Administering and troubleshooting the Checkpoint and ASA firewall
• Configure and troubleshoot Remote access and site to site-in Checkpoint & ASA firewalls
• Hands on experience and good working knowledge with Checkpoint Firewall policy provisioning
• Installed and Configured Checkpoint Firewall in Internet Edge
• Configured and Deployed Checkpoint VSX
• Troubleshooting the VPN tunnels by analyzing the debug logs and packet captures.
• Configuring failover for redundancy purposes for the security devices. Implemented the stateful& serial failover for PIX/ASA firewalls, Check Point Clustering and load balancing features.
• Periodical update of software on security devices depends upon the bugs fixed with the new software releases.
• Work on Check Point Platform including Provider Smart Domain Manager.
• Worked on configuring, managing and supporting Check Point Gateways.
• Configuring and troubleshooting remote access and site to site-in Check Point & ASA Firewalls.
• Configuring, administering and troubleshooting the Check Point and ASA Firewall.
• Hands on experience and good working knowledge with Check Point Firewall policy provisioning.
• IPSO versions and Check Point SW are currently being remediated to current target version of IPSO 6.1 Build 38, running Check Point R65 Build 63, currently remediating running in Active/Active Cluster mode into VRRP high availability setups.
• Knowledge in implementing and configuring F5 Big-IP LTM-6400 load balancers.
• Experience with converting Check Point VPN rules over to the Cisco ASA solution. Migration experience with Cisco ASA VPN.
• Backup and restore of Check Point and Cisco ASA Firewall policies.
• Monitoring Traffic and Connections in Check Point and ASA Firewall.
• Manage project task to migrate from Cisco ASA Firewalls to Check Point Firewalls.
• Worked extensively in configuring, monitoring and troubleshooting Cisco's ASA 5500/PIX security appliance, failover DMZ zoning & configuring VLANs/routing/NATing with the Firewalls as per the design.
• Responsible for implementing and troubleshooting various Networking Devices such as Routers, Cisco Switch, Cisco Firewall.
• Responsible to provide network connectivity as and when new location comes in to the network.

Confidential, Phoenix, AZ

Network and Security Engineer

Responsibilities:

• Planning, Design and Implementation of IP Network using different Subnetting techniques and VLSM techniques for conserving the IP address for small to medium branch office network.
• Configured Cisco switches 2900, 3700, Routers 2600, 3600 including different technologies for VLAN, Inter VLAN routing, VLAN Access control list, STP, PVST+, VLAN Trunking protocols, Ether channel configuration port aggregation and link aggregation using PAGP and LACP protocols.
• Implemented different routing protocols OSPF, BGP, EIGRP and redistribution of different routing protocols into different areas of networks.
• Installation and maintenance of Computer Hardware such as Network Cables, NIC cards etc.
• Windows server 2003 management, user management, permission assigning, sharing.
• Installation of OS and software on various platforms and ensuring data back-up.
• Computer hardware installation and maintenance.
• Extensively used Dreamweaver, Photoshop.
• Created, changed and deleted user accounts per request.
• New website hosting in IIS, FTP website setup, website editing and maintenance.
• Actively participated in code review sessions, ensuring data back-up and hardware check.
• Provided training, technical support and assistance to faculty.

Confidential

Network Support

Responsibilities:

• Responsible for Check Point and Cisco PIX 525 Firewall administration across global networks.
• Provided desktop support including creating images specific to client requirements and dealing with issues pertaining to hardware and application.
• Provided technical support on hardware and software related issues to remote production sites.
• Participate in on-call responsibilities in support of a seamless production environment.
• Responsibilities included configuration and installation of software and hardware.
• Performed routine network maintenance checks as well as responsible for gathering and compiling data for special projects as well as preparing weekly status reports.
• Involved in effective communication with vendors, peers and clients in resolution of problems and equipments.
• Performed the installation, configuration and testing of LAN/WAN devices.
• Manage printers, copiers, and other miscellaneous network equipment.
• Handled the tasks of documenting network problems and resolutions for future reference.
• Performed the tasks of developing and maintaining procedures for backup and recovery, virus scanning and access control.