We provide IT Staff Augmentation Services!

Network Security Engineer Resume

Philadelphia, PA

SUMMARY

  • Cisco Certified Network Engineer having 8.3 years of experience in configuration, troubleshooting and maintaining security is seeking to work with the progressive organization where I can utilize my experience to achieve corporate goals.
  • Proficient with network hardware and technologies including routers, switches, firewalls, Ethernet, Fast Ethernet and Gigabit Ethernet.
  • Assisted in setting up and configuring the infrastructure environment with Cisco equipment and ASA.
  • Good at troubleshooting of NAT, PAT, DNS, DHCP and other IP conflict problems.
  • Experience in troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as EIGRP, OSPF and BGP.
  • Experience in layer - 3 Routing and layer-2 Switching. Dealt with Nexus models like 7k, 5K, 2K series, Cisco router models like 12k, 10k, 7200, 3800, 3600, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3750, 3500, 2900 series switches.
  • Protocols Awareness: OSPF, EIGRP, RIP, BGP, HSRP, ACL, VTP, NAT/PAT, CDP, SSH, HTTP, HTTPS, NTP, SNMP, ARP, STP (802.1D), SNMP, DNS & DHCP.
  • Automation in Python scripting language.
  • Hands on experience on Checkpoint Firewalls, ASA (5550) Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS). network
  • Extensive knowledge On Designing and implementation of complex Data Center, Virtualization and Borderless Networking solutions which includes Cisco Nexus 7000, 5000 & 2000 switches, 6500 switches Virtual switching system (VSS),Virtual port channel (VPC), Virtual Device Context (VDC),Routing and Switching, and BGP,OSPF,FHRP,EIGRP.
  • Working knowledge of transport connectivity such as T1, CAT5&6 Ethernet, DS1, DS3, Fiber, OC3 and OC12, OC48.
  • Providing daily Palo-Alto administration.
  • Making reports on network productivity, plans and issues on management.
  • Hands on Experience in installing Splunk systems on enterprise level, monitoring and securing the applications based on user authorization.
  • Experience in Active Directory in both windows and VM sphere.
  • Configuring Policies in Palo Alto Firewalls & Analysis.

TECHNICAL SKILLS

Lan Technologies: VLAN, VTP, IPsec, GRE, Inter - Vlan routing, STP, PVST, RSTP, 802.1x

WAN Technologies: Frame Relay, PPP, Ethernet, MPLS, VRF, VRF-Lite, WLAN, SSLVPN

Network Securities: NAT/PAT, Filtering, Load Balancing, ACL, Palo Alto, Cisco Firepower Cisco ACI.

Routing Protocols: RIP, EIGRP, OSPF, BGP, MP-BGP, HSRP, VRRP, PPP, PAP, IPv6, TCP/IP

Infrastructure Services: REST API

Network Managements: SNMP, SSH, Telnet, ICMP

Operating Systems: Windows 8.1/ 7 /Vista/XP/NT/2003, MS DOS, UNIX, Linux, Python

Languages/ Tools: C, C++, VBScript, Visual Studio 2008, MATLAB

PROFESSIONAL EXPERIENCE

Confidential, Philadelphia, PA

Network Security Engineer

Responsibilities:

  • Experience in multiple AWS zones, instances etc. for multiple vendors using the respective tools.
  • Working with both wired and wireless devices in the LAN and Wan environment. Experience with managing, upgrading, and administering switches and experience on Cisco Meraki cloud and installing and maintaining the API in the environment.
  • Experience with AWS and develop in cloud - based technologies. Experience with SDWAN technologies in the voice and network design.
  • Deploy new Splunk Systems and Monitor Splunk internal logs from the monitoring Console (MC) to identify and trouble shoot existing potential issues.
  • Configure SYSLOG servers for data onboarding.
  • Developed customized application configurations in SPLUNK to parse, index multiple types of log format across all application environment.
  • Providing Information Security Operations Center support analyze a variety of network and host based security logs (Firewalls, NIDS, HIDS,SYSLOG, etc)
  • Experience with Application Traffic Management LTM and GTM platforms including F5 and A10 products
  • Experience in working in panorama, Palo Alto user interface version 8.0.2 and VM-300 series firewalls
  • Upgrading the IOS on Network Devices including cisco 6800, 6500 and Palo Alto VM-300 devices
  • Design and implement Cisco ACI fabric networks with Nexus 9000 switches and APIC controller in a VMware envy using Cisco network and data center routers/switches Nexus 9000, 7000, 5000, 2000, and 1000v switches in VMware
  • Extensive knowledge on BGP peering and BGP attributes such as AS Path, Next Hop and Local Pref.
  • Configuring and installing the cisco routers and switches devices for organizations dealing with both network and storage. Like Cisco Firepower and Load balancing like F5 and Citrix load balancing and Configuring Fortinet series firewall in the industries for the remote sites and data centers like Cisco Nexus 9k,5k switches network infrastructure.
  • Working with Network Access Control(NAC) policies using MAC Authentication Bypass(MAB) protocol and IEEE 802.1x protocol.
  • Worked as F5 load balancer engineer involving complete support day in and out work on the F5 load balancers LTMs, GTMs, EMs, ASM, and Firepass in Datacenter and remote functions.
  • Experience with Network Redesign for Company Campus Locations and Moving from 6500 based Data Center to Nexus based Data Center
  • Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for datacenter access architecture.
  • Configuring OSPF and Static routing on JuniperM and MX series Routers
  • Deployed Cisco routers and ethernet switches to simulate EIGRP, OSPF, DHCP protocols.
  • Clear pass policy manager for adding devices and knowing the status of the device and onboarding the devices. Worked on provisioning, Master and local controllers.
  • Provided (ODL) Open daylight, Docker Swarm container support using LINUX and Heat Orchestration and controlling network flows for Automation update using Docker, Ansible Playbooks Yang model and NETCONF devops tools.

Confidential, Richmond, VA

Network Security Engineer

Responsibilities:

  • Experience in working in panorama, Palo Alto user interface version 8.0.2 and VM - 300 series firewalls
  • Successfully installed Palo Alto PA-3020, PA-3060, and PA-5060 Firewalls to protect Data Centre and provided L3 support for routers/switches/Firewalls and implemented Zone Based security rules on the Palo Alto Firewall
  • Experience in dealing with the tools like Net Brian.
  • Perform advanced troubleshooting using Packet tracer and tcp dump on firewalls.
  • Experience in setting up the with SD-WAN technologies using Viptela.
  • Establishing and maintaining the servers and services in the datacenter and remote sites.
  • Using ticketing system in the network data captures with tools such as Wireshark, SolarWinds and Net brain.
  • Extensive knowledge on BGP peering and BGP attributes such as AS Path, Next Hop and Local Pref.
  • Experienced in handling Panorama firewall management tool to administer Palo firewalls
  • Experience in Linux virtualization environments.
  • Experience in site-to-site and remote access VPN solutions.
  • Working with Network Access Control(NAC) policies using MAC Authentication Bypass(MAB) protocol and IEEE 802.1x protocol.
  • Support customer with the configurations and maintenance of ASA Firewall systems.
  • Configured VLAN trucking Palo Alto with interface.
  • Automation scripting network scripting like python and troubleshooting any issues.
  • Configured OSPF redistribution and authentication with type 3 LSA filtering to prevent LSA flooding
  • Worked in setting up Azure Services viz. VMs, Storage Accounts, Vnet, Subnet
  • Experience in Azure network, VPN and Express route, Azure DNS, Traffic Manager, and Load Balancers
  • Azure Platform development and deployment Lifecycle
  • Worked on upgrading Aruba controllers and Access points in troubleshooting the onboarding devices with the networks.
  • Configuration of Nexus 9K, 7K, 5K switches.
  • Deployed Juniper switches EX4500 and EX4200, routers M7i and M10i.
  • F5 GTM Implementation and complete DNSMigration from Infoblox
  • Used Cisco ACI (Application Centric Infrastructure) for fabric implementation, operations, and integration with external bridged networks experience in installing, configuring, troubleshooting, and managing Cisco 7206VXR, 3925, 3845, 3650, 2620, 2960, 2901, 2811, 1900, 1800 series routers, and Cisco Catalyst 6500, 4500, 3750, 2960 series switches.

Confidential, San Antonio, TX

Network Engineer II

Responsibilities:

  • Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
  • Researched, designed, and replaced aging Checkpoint firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection
  • Provide support for security solutions related to Bluecoat Proxy, configuring solutions in the development, test and production environment
  • Involved in L1/L2 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, InterVlan routing, LAN security.
  • Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
  • Implemented and Tested desktop virtualization and introduced VMware View to the client.
  • Basic configuration of Nexus 9K, 7K, 5K switches.
  • F5 GTM: Configuring and Managing F5 GTM for Data Centers, DNS Management and Integrated with DNS Vendors for DNS Security Management.
  • Upgraded load balancers from Radware to F5 BigIP v9 which improved functionality and scalability in the enterprise. Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
  • Configuring IPSEC VPN on SRX series firewalls
  • Perform troubleshooting and resolved protocol issues involving TCP/IP, PPP, OSPF, BGP, MPLS.
  • Deploying and decommissioning the VLANs on core ASR 9K, Nexus 9K, 7K, 5K and its downstream devices.
  • Worked on the security levels with RADIUS, TACACS+.
  • Worked on blue coat proxy server as part of recent integration into the project.
  • Ensure Network, system and data availability and integrity through preventive maintenance and upgrade. Configuring and troubleshooting perimeter security devices such as Checkpoint NGX R77 Gaia, Provider - 1/MDM, Secure Platform, Palo Alto and ASA Firewalls.
  • Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering)
  • Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
  • Successfully installed Palo Alto PA 3060 firewalls to protects Data Center and provided L3 support for routers/switches/firewalls
  • Regularly performed firewall audits around Checkpoint Firewall-1 solutions for customers.
  • Provided tier 3 support for Checkpoint Firewall-1 software to support customers.
  • Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.
  • Deployment of Cisco 6500 switches in standalone and VSS modes with SSO and NSF
  • Supporting EIGRP, OSPF and BGP based network by resolving level 1 &2 problems of internal Sites.

Confidential

Network Engineer

Responsibilities:

  • Manage, configure, install and maintain over 7000 routers (Cisco 7600, 3700 and juniper routers) and switches (3560, 6500, 2950) across the nation from a central NOC.
  • Trouble shooting Software problems & connections.
  • Design and support of complex communication systems and networks, creation and maintenance of detailed schematics and technical documents.
  • Configured a home network where only users have access to home appliances, implementing main security goals - Authentication, Availability and confidentiality using windows server 2012.
  • Provide technical guidance in recommending hardware & software equipment
  • Inspected overall health of the network, server deployment throughout the company s LAN.
  • Performed tasks such as routing protocols, authorized directive services and maintenance of intrusion detection systems.
  • Primarily responsible to design and deploy network security & High Availability products information.
  • Responding to requests for problem resolution and processing service requests.
  • Identifying and resolve problems affecting system and troubleshooting network problems to replace cabling switching and routing issues.
  • Configuring and routing Cisco 7609, 7200, 3800 routers.
  • Troubleshooting Cisco catalyst 6500 series switches with SUP720 s.

Hire Now