OBJECTIVE

• To obtain Network Engineer position to utilize my engineering education and experience with strong organizational skills in contribution of organizational goals and objectives. Well versed in Cisco and Palo Alto with hands - on experience and design.

TECHNICAL SKILLS

Network Security: Cisco ASA, Palo Alto, Firepower, AWS, Prisma Access, Prisma Cloud

Cloud: AWS, Azure

Endpoint Security: Cisco ISE, Network Access Control

PROFESSIONAL EXPERIENCE

Confidential, Chicago

Sr. Network Security

Responsibilities:

• Deployment of Prisma Access, Prisma Cloud.
• Hands-on experience on Palo Alto Firewall, PAN OS 7-10.
• Experience on Cisco ASA 5K and FIREPOWER s 4K.
• Extensive Knowledge on the implementation of Cisco ASA 5500 series and checkpoint R 75 firewalls.
• Remediation of firewall rules from checkpoint firewalls to Cisco ASA firewalls and their implementation.
• AWS Cloud, VPC, EC2, Firenet, PaloAlto Deployment.
• BIG IP (F5) Load balancers and monitored the Packet Flow in the load balancers.
• Adding security policies and security rules in Palo Alto.
• Hands On experience in push Policy from Panorama to Firewall in Palo Alto.
• Experience with Cisco ASA 5500, 5550, 5585, and Palo Alto 5000 series with PAN.
• Deployment of Wireless, Wired solution, configuration, and upgrade of Cisco ISE.
• The configuration of the access layer switches with new-style authentication (IBNS-2.0) to support HTTPS redirect for BYOD.
• Troubleshooting of protocol-based policies on Palo Alto firewalls and changing the policies as per the requirement and as per traffic flow

Confidential, CA

Sr. Network Security

Responsibilities:

• Extensive knowledge in configuring and deploying Next Generation Firewalls including Palo Alto
• Profound working knowledge of administration and management of Palo Alto firewalls using centralized Panorama M-100 and M-200 devices
• Deployment of Prisma Access (Palo Alto Cloud Solution)
• Prisma Cloud integration with QRadar and AWS for webhooks.
• Provisioning Prisma Cloud (Palo Alto).
• Configure, Manage and Monitor Palo Alto firewall models (Specifically the PA-5050 and the PA-5260).
• Implement advanced Palo Alto Firewall features like URL filtering, User-ID, App-ID, Content-ID on both inbound and outbound traffic.
• Deployed Palo Alto firewalls through L2 and L3 interfaces on models such as VM-300, VM-500, and VM-1000-HV.
• Leveraged Palo Alto Networks’ Wildfire inspection engine to prevent Zero-Day attacks.
• Responsible for providing support for network core and lan infrastructure platforms, systems, and tools and providing documentation and guidance to tier 1 and tier 2 support teams.
• Implementing Cisco’s legacy cloud infrastructure “Application Centric Infrastructure” on Nexus platforms (including but not limited to 9K) to provide updated technological solutions to customers.
• Deployment of new technologies which includes the Spine-Leaf Architecture (Cisco ACI), Endpoint Groups, Switch Profiles, Interface Profiles and Fabric Wide Configurations for stabilizing the Network Infrastructure.
• Assist in troubleshoot the problems reported to the NOC and provide root cause analysis on escalated issues.

Confidential, CA

Sr. Network Security Engineer

Responsibilities:

• Worked as part of delivery team where my daily tasks included code upgrades, prefix-list addition, and access-list addition using python script and on Linux platform based on tickets generated by customers.
• Worked on BGP routing protocol, configuring BGP sessions and troubleshooting on Nexus 1K, 5K, 7K, Juniper MX-960 router and cisco ASR 1K and 7K. E.g. ASR 1002, ASR 1006.
• Working on configuration of new VLANs and extension of existing VLANs on/to the necessary equipment to have connectivity between different data centers.
• Implementing IPv6 addressing scheme for routing protocols, VLANs, subnetting and mostly during up gradation of cisco ISR routers 2900/3900 and switches.
• Configuration and deployment of cisco ASA 5540 firewall for internet Access requests for servers, Protocol Handling, Object Grouping.
• Have been working with SOC team monitoring IDPS (Intrusion detection/prevention sensors) as primary responders.
• Have been involved in migrating policies from Checkpoint to Palo Alto
• Design, WAN link using PPP Multilink and by implementing Cisco WAAS.
• Implemented standard configuration template scripts in various network devices for SNMP v2, logging, and NTP.
• Have been working on Global ITIL Network Support.
• Has a good experience working with the Trouble Tickets on Cisco ACE/F5 Load balancers.
• Configured pools, virtual servers, nodes on different BIG-IP F5 load balancers and assisted in modifications of virtual server configuration on existing applications.

Confidential, NC

Network security Engineer

Responsibilities:

• Worked primarily as a part of the security team and daily tasks included firewall rule analysis, rule modification and administration
• Installing and configuring new cisco equipment including Cisco 1900, 2900, 3900 series routers, Cisco catalyst switches 6807, Nexus 7010, Nexus 5500 and Nexus 2k as per the requirement of the company
• Adding and removing checkpoint firewall policies based on the requirements of various project requirements
• Fortinet Firewall management.
• Also involved in Configuration of Nexus 7010 including NX-OS Virtual Port Channels, Nexus port profiles, Nexus Version 4.2 and 5.0, Nexus VPC peer links.
• Worked on load balancers like F5 10050s, 10250v, GTM 2000s, 2200s to troubleshoot and monitor DNS issues and traffic related to DNS and avoid DDoS
• Experience in configuring and troubleshooting Palo Alto Network Firewalls
• Configures firewalls (Cisco 5500 series, Palo Alto firewall, Sonic WALL), intrusion detection systems (OSSEC, Snort) and other network security devices.
• Deployment of Palo Alto firewall into the network. Configured and wrote Access-list policies on protocol-based services
• Cisco Secure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN 3000 Concentrator.