SUMMARY

• Innovative network security professional with progressive hands - on experience as a Security Engineer while demonstrating expertise with conducting threat investigations, vulnerability assessments and overall system security to ensure strong business continuity through administration of firewalls, incident response and malicious attack prevention procedures.
• Excellent verbal and written communication skills
• Strong ability to function independently or as a part of a large, integrated cross-functional team
• Strong knowledge of Panorama
• Strong knowledge of Cisco Networking (CCNA level)
• Strong knowledge of Amazon Cloud Services (AWS)
• Proficient in TCP/IP networking
• In-depth Knowledge of Routing and Switching including LAN, WAN, OSPF, RIP and BGP.
• Enthusiastic, eager and very personable
• Strong troubleshooting skills using wireshark, packet capture & tcpdump
• Experience working in a corporate global network environment with an emphasis on Network security
• Knowledge of Microsoft server products including Windows Server and Active Directory
• Strong analytical and technical problem solving skills
• Working knowledge of both json and yaml
• Working knowledge of Linux
• Working knowledge of Ansible and Ansible tower
• Client focused and biased in pursuit of business goals and objective
• Experience in software packages including MS Word, MS Excel etc

PROFESSIONAL EXPERIENCE

Cloud Network Security Engineer

Confidential

Responsibilities:

• Configure and deployed Palo Alto firewalls on AWS Cloud Environment
• Configure Security groups, security zones and interfaces on Palo Alto
• Adhered to service level agreements, processes and procedure
• Working knowledge of cloud infrastructure platforms such as CloudFormation and Terraform
• Recommended changes in firewall rules in support of project affecting the security infrastructure
• Reviewed firewall policy and performed impact assessment
• Strong working knowledge of AWS Networking such as VPC, EC2,Transit Gateway, Security Groups, VPNs, Cloudwatch
• Monitor firewall and security systems by establishing and enforcing policies: defining and monitoring access
• Manage remote firewall configuration via Panorama
• Resolve issues through troubleshooting and inspection of infrastructure
• Handle day-to-day network related tickets
• Part of an on-call rotation and performs after hour work as needed
• Hands - on automation experience: Ansible

Network Security Engineer

Confidential

Responsibilities:

• Create and maintain firewall security policies on Palo Alto firewall
• Configure Security profiles, security zones and interfaces on Palo Alto
• Troubleshooting customer ticket issues
• Configure High Availability and failover techniques that minimize interruption
• Create and maintain firewall security policies on Palo Alto firewall
• Configure and maintain routing on Palo Alto firewalls
• Configure Security groups, security zones and interfaces on Palo Alto
• Performed rule clean-up to improve firewall performance and integrity
• Configure and maintain IPSEC tunnel with remote sites
• Manage remote firewall configuration via Panorama
• Resolve issues through troubleshooting and inspection of infrastructure
• Configure next generation features such as URL filtering, Threat Prevention, VPN and Wildfire
• Configured firewalls to Performed Dynamic Updates by schedule

Network Security Engineer

Confidential

Responsibilities:

• Performed initial configuration and deployment of Palo Alto Network Firewall
• Configured zones, interfaces and virtual routers including rules on Palo Alto firewall
• Configured Stateful Failover of firewalls for High Availability
• Responsible for planning, design, implementation, organization and operation of Palo Alto Firewalls based perimeter security network
• Configured, maintained, and monitored Site-to-Site VPN tunnel, encryption of data packet and troubleshoot tunnel issues on Palo Alto firewall
• Configured Source NAT as well as Destination NAT policies as required on Palo Alto Firewall
• Performed policy optimization to identify Unused Applications, Unused Rule, and Port-based Rule periodically to fine tune overall security policy
• Installed, Configured, Maintained and Troubleshoot Palo Alto
• Performed Dynamic Update and Palo Alto operating Software upgrade as needed
• Configured and deployed the WF-500 wildfire appliance to monitor, identify and contain new network security threats to consistently update the firewalls with the latest threat updates.

Firewall Engineer

Confidential

Responsibilities:

• Implemented and configured security policies on Checkpoint firewall
• Configure and Troubleshoot Firewall cluster on Checkpoint, preventing single point of failure
• Configured Checkpoint Firewalls
• Monitored Checkpoint VPN tunnel activities with Smartview monitor and troubleshoot VPN issues using CLI
• Configured dynamic protocols RIP and OSPF on Checkpoint Firewall
• Committed to customers deliverables and met project deadlines
• Executed day-to-day operations and maintained all the systems/components involved in Network Security
• Consults with customers to identify data and network security requirements
• Configured and implemented IDS/IPS (Intrusion Detection System and Intrusion Protection System)
• Optimized Checkpoint firewall rules
• Configured Checkpoint Firewall Deployment, Upgrade, Backup, Troubleshooting and Policy Implementation
• Configured Best Practice Firewall Security Policies in accordance to the company's objectives, goals and regulations
• Configured and Troubleshoot Source NAT for Internet Bound Traffics on Checkpoint firewall
• Maintained accurate documentation of firewalls and network security support activities and upgrade processes
• Ensured proper log forwarding to remote server to achieve company-wide operation intelligence.

Network Administrator

Confidential - El Cajon, CA

Responsibilities:

• Deployed, installed and configured Windows servers at satellite campuses
• Provided router configuration and troubleshooting, correcting networking connectivity issues in routing and switching using a layered model approach as needed while working on new site integrations
• Manually updated and installed services packs, drivers and applications to improve computer efficiency and performance.
• Worked as a team member with other technical Staffs to ensure connectivity and compatibility between systems
• Documented network problems and resolutions for future reference