SUMMARY

• 7+ years of Experience in IT & Networking Administration including instalments and configurations of physical networks (servers, switches, routers, panels, ports & hubs).
• Cisco ASA, Palo Alto, Check Point and Juniper SRX Firewalls Administrator.
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP - BGP, OSPF, LDP, EIGRP, RIP, MPLS.
• Exposure to LAN/WAN setup, installation, configuration and troubleshooting on Cisco Routers, Cisco Switches, Nexus Switches, Firewall, Proxy, VPN Concentrator.
• Experience installing, configuring, and troubleshooting Catalyst (2900, 3500, 3700 and 6500 Series), Nexus (5000, 2000 Series) Switches, and Routers (ASR 9K, 10K,2800, 3600, 4400, 7200 Series) using CLI and GUI.
• Experience configuring and troubleshooting OSPF, EIGRP, BGP, RIP, VLAN’s, Trunking, VTP, STP, PVST, RSTP, HSRP,802.1q, and Ether-channels.
• Worked on Palo Alto firewall and used panorama for centralized control of all the firewalls.
• Knowledge of OSI Model & TCP/IP networking standards with protocols such as SNMP, FTP, ICMP & IPv6.
• Network security including NAT/PAT, ACL, HTTPS, Web Proxy, LDAP, VPN Concentrator, ASA/PIX Firewalls, Cisco IDS/IPS, AAA, Radius, TACAACS+, IPsec/SSL VPN and L4 - L7 protocol.
• Strong work experience with the following technologies MPLS, Q0S, VPN, WLAN and Multicast.
• Worked extensively on firewalls and VPN gateways including Checkpoint, Blue Coat Web Gateway, CISCO, Juniper, Fortigate GUI and Shell.
• Hands on Experience in design, installation, configuration, maintenance and administration of Checkpoint Firewall R55 up to R77.20 version.
• Configuring/Managing Intrusion Prevention System (IPS) and Intrusion Detection System (IDS): Cisco IPS/IDS & Checkpoint UTM.
• Experienced in DHCP, DNS, NIS, SMTP, IMAP, ODBC, FTP, TCP/IP, LAN, WAN, LADP, security management and system troubleshooting skills.
• Experience in implementing network security using NAT, PAT, ACL, IDS, IPS and ASA firewalls.
• Experience with Firewall migrations from PIX firewall to Cisco ASA, Juniper SRX firewall appliances and McAfee proxy servers.
• Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that come online or that may have been altered during various planned network changes on the network.
• Configure VRRP & GLBP and VLAN Trunking 802.1Q & ISL, STP, Port Security on Catalyst 6500 switches.
• Performed Network Security Assessment and implemented security features such as network filtering, SSH, AAA, SNMP access lists, VTY access lists and HSRP authentication.

TECHNICAL SKILLS

Operating Systems: Windows Server 2016/2012/2008 , R2/ 2003/2000, Windows 10/ 8/7/Vista/XP / NTMac OS X, Microsoft Lync, Ubuntu. Linux

Software: Microsoft Office / 11/10, Hyper-V, Microsoft Exchange Server, Outlook, Active Directory, Group Policy, RDP, PowerShell, Pearl, Sophos /Norton/MacAfee /Kaspersky Antivirus, Adobe Suite, Citrix, GoToMeeting, Camtasia, LogMeIn, VMware 5.5, NSX, TeamViewer, Norton Ghost, OpenDNS, FileMaker Pro, Sage50, Cloud Computing, Bloomberg Terminal, Mad Scan, Blackwood, Fusion, Light Speed, Air Watch, Google Apps.

Firewall: Cisco PIX / ASA 55XX, IPS/IDS, Sophos UTM SG -230/330, Cisco FWSM, Juniper SSG 550, Checkpoint Firewall, SonicWALL, Palo Alto PA -3050, Barracuda Next-Gen Firewalls.

VPN: Cisco ASA 5500 Series, IPsec, L2L, L2TP, SSL, DMVPN, GRE VPN tunnels, Digital Certificates, PPTP, RA, Cisco CSR and Cisco ASAv configuration on AWS and Azure. AWS VPC, (configured on Sophos UTM, Cisco ASA 5500 Series as well), Cisco VPN 3000 Concentrator, PIX

Networking: LAN / WAN, Cisco Meraki, VoIP, P2P, DHCP, DNS, TCP/IP, NAT /PAT, ASDM, Cisco IOS, Nexus platforms and NX-OS, ACL and Firewall Rules, CDP, LLDP, Telnet, SSH, SAN, VLAN-Trunking, QoS, FTP, SFTP, TFTP, SMTP, ATM, FRAME RELAY, PAP/CHAP, Raid, AWS-VPC, Citrix NetScaler, SNMP, HTTP/s, Switches, Routers and Firewall, Network Printer, Data Center design including power distribution, cooling requirements, server rack layout and low voltage cabling Cat5E/Cat6 Cabling and Terminations, Line Verification Testing, IP Camera Installation

Routing and Switching: BGP, EIGRP, OSPF, RIP, MPLS, HSRP, VRRP, GLBP, PPP, HDLC, Frame Relay, IPv4, IPv6 VLAN. VTP, STP, MST, VLSM, RPVST, Ether Channel, IGMP, MDM

Monitoring Tools: SolarWinds, PRTG, Wireshark, MRTG, HP Network Automation, iperf, Cacti, RANCID

Other: Apple iPhone, Android, Tablets, Blackberry, HTC, Windows Phone (GSM, CDMA)

PROFESSIONAL EXPERIENCE

Confidential, NYC, NY

Network Security Engineer

Responsibilities:

• Configure high availability network with Cisco ASA 5525 with Firepower service, Cisco 3850 Switches.
• Design, configured, secure Wireless network with Aruba 7030 Mobility controllers and Aruba 300 series APs
• Define, implement and maintain corporate security policies.
• Managing Firewall products - Checkpoint Appliance 2200 Gateways, Provider-1 and VSX environment. (R77.10 and 77.20) and ASA environments.
• Successfully migrated provider-1 and R77.10 environments to R77.20.
• Working on day to day firewall management activities like looking into troubleshooting tickets and firewall rule change requests.
• Configuration and implementation of Check Point Firewalls, IDS/IPS, Bluecoat Proxy.
• Maintained operational efficiency of client DLP programs.
• Reviewed business requirements and conducted task analysis.
• Planned and co-ordinate enterprise wide infrastructure projects with other IT teams and data center team.
• Implemented business procedures and DLP security programs.
• Suggested expansions for DLP programs as per business requirements.
• Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls (60+ firewalls) - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
• Review and optimize firewall rules using Secure Track Tufin tool and run firewall audit reports.
• Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Experience with devices Palo Alto Network firewalls such as security NAT, Threat prevention & URL filtering.
• Extensive experience in Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point Next-Generation Firewalls R65, R70 & GAIA R77.30, Palo Alto Next-Generation firewalls, Bluecoat proxies and Cisco ASA/PIX.
• Work with Load Balancing team to build connectivity to production and disaster recovery servers through F5 Big IP LTM load balancers.
• Configure and troubleshoot Juniper EX series switches and routers
• Network security including NAT/PAT, ACL, and ASA/SRX Firewalls.
• Worked with Load Balancing team to build connectivity to production and disaster recovery servers through F5 Big IP LTM load balancers
• Installation and Configuration of Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy It also includes the configuration of port channel between core switches and server distribution switches

Confidential, NJ

Network Security Engineer

Responsibilities:

• Providing day to day network support to clients on various types of networks.
• Working on core Network design and implementation, Network security, maintain, monitoring.
• Configure/Troubleshooting VPN IPsec/ L2L/SSL With Cisco ASA 550X, Juniper, Palo Alto, Sophos, Dell SonicWALL.
• Day-to-day work involves scheduling firewall policy provisioning and working with users to identify connectivity related issues and troubleshoot using both Smart Utilities and CLI.
• Implemented the necessary changes such as adding, moving and changing as per the requirements of business lines in a data centre environment.
• Configured rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Worked on the flow of traffic through the Check Point Security gateway cluster and troubleshoot connectivity issues using advanced troubleshooting from Command Line Utilities.
• Managed the SIEM infrastructure. Installation & Administration of SIEM solution ArcSight Logger & Connector
• Appliance and assisted Level 2 Analyst teams.
• Initial set-up, installation and implementation of new SIEM solution (QRadar). Migrating existing Reports and Alerts from RSA envision to QRadar. Aggregate, correlate, and analyze log data from network devices, security devices and other key assets using QRadar.
• Created SIEM dashboard for QRadar and reconciliation with Storage, Database Server, Workstation and Server and Network Devices.
• Displayed competency in setting up multiplexed audio/video distribution system for CNBC/Bloomberg, Benzinga, and Trade The News broadcasting.
• Setup and maintained Check Point security policies including NAT, VPN and Secure Remote access.
• Configured all Palo Alto Networks Firewall models as well as a centralized management system (Panorama) to manage large scale firewall deployments.
• Setup and maintained Check Point security policies including NAT, VPN and Secure Remote access.
• Administered Big IP F5 LTM for all Local Load balancing and use GTM for load balancing across Data Centres.
• Configured & managed around 500+ Network & Security Devices that includes F5 BigIP Load balancers and 3DNS, Blue Coat Proxies and Plug Proxies.
• Configured BGP/OSPF routing policies and designs, worked on implementation strategies for the expansion of MPLS, DHCP and VPN networks.
• Improved network operations efficiencies through evangelizing adoption of standards based fault diagnosis, method of procedure for implementation & standardization of configurations for new & existing deployments
• Communication of security controls, risk statements, and countermeasures that meet the requirements of the business as well as the information security policies.
• Prepared management and executive reports to convey the results of assessments and strategic initiatives.

Confidential, NYC, NY

Network Administrator

Responsibilities:

• Served in computer maintenance, performed all types of hardware, software maintenance and engineering in addition to systems selection, backup and technical support.
• Installed and configure NETGEAR VPN firewalls and wireless routers.
• Installing, configuring & Windows 2008 servers of DHCP, FTP, WSUS, Web Server and SQL Database Server.
• Implemented F5 9.1.0 LTM for new install servers.
• Creating and managing the users, groups, GPO in the Active Directory.
• Implemented, Managed ISA server 2004 Firewall with web filtering and Remote Access VPN.
• Implemented and managed McAfee Antivirus EPO Server and clients for LAN security
• Monitoring of Internet usage, Antivirus statistics and reporting to Project Manager.
• Responsible & managing Online Trading applications, Servers & Connectivity with stock exchanges, providing remote support to end clients and branch users.
• Installation and Configuration of networks, router configuration and wireless access point/router with security, TCP/IP, VPN, Content Filtering, Access Control Lists on router/switches, VLANs (port mapping, naming etc.), and routing IP address in both LAN/WAN and wireless networks.)
• Investigated user problems, determined possible solutions, oversaw software, installation and upgrades.
• Creating a backup job and also took backup of data center on daily, weekly and monthly basis.

Confidential, Pittsburg, PA

Network Engineer / System Administrator

Responsibilities:

• Support, monitor and manage the IP network.
• Performance monitoring of various applications & web servers to maintain quality of service & network stability.
• Maintained core switches, creating VLAN’s and configuring VTP.
• Designed IP Addressing schemes, VLAN tables and Switchport assignments, Trunking and Ether-channel implementation.
• Preformed installation, cabling and cable testing.
• Gained hands on experience with VLSM, STP, VTP, VLAN Trunking.
• Installed and set up Cisco routers and switches per deployment plans.
• Applied access lists and NAT configurations based on implementation guidelines.
• Managed and developed network projects designed to strengthen network continuity and deploy security elements in an attempt to meet and exceed contract requirements, including system analysis and troubleshooting.
• Implemented QoS for Voice traffic.
• Planned and executed the migration from PSTN to IP Telephony, CUCME and 7960 IP Phones.
• Designed and implemented IT security policies and networked backup systems.
• Reviewed, approved, procured various IT hardware and software products to fulfill strategic and operational needs of various departments.
• Managed Windows Server 2003, Exchange Server and Active Directory.
• Created account groups and managed group members.

Confidential, Allentown, PA

System Administrator/Desktop Support

Responsibilities:

• Rendered technical support to more than 200 users in key areas of network and desktop application, installation, and maintenance, as well as in resolving the operating system-related issues.
• Performed troubleshooting and maintenance of Active Directory user rights and permissions, which involved adding or removing and disabling or enabling user accounts utilizing Microsoft Exchange 2007.
• Carried out key tasks associated with the virus and spyware removal; patch update for Windows and other applications; and Ghost imaging software utilization.
• Utilized technical proficiency in administering and supporting all facets of Microsoft Office, Outlook, and third-party applications along with Symantec End-Point antivirus, and Open Domain Name System (DNS) filtering.
• Capitalized on industry expertise in processing the standardization and updating of Cat5 line drops, patch panel terminations, header termination, Cisco Adaptive Security Appliance (ASA), and switch configuration.
• Made use of Citrix, TeamViewer, join.me, and LogMeIn in delivering procedural and technological solutions to remote users.