OBJECTIVE

• Seeking a position in networking & communication industry where I can utilize my skills towards growth of an organization

SUMMARY

• 5+ years of Experience in IT & Networking Administration including instalments and configurations of physical networks (servers, switches, routers, panels, ports & hubs).
• Cisco ASA, Palo Alto, Check Point and Juniper SRX Firewalls Administrator.
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP - BGP, OSPF, LDP, EIGRP, RIP, MPLS.
• Check Point firewall administrator. Analyze traffic flow as it travereses the firewall
• Stage Firewall policies and migrate them from one platform to another including Cisco ASA and router (7200/3800 and ASR 1000 series) access-list to Check Point.
• Exposure to LAN/WAN setup, installation, configuration and troubleshooting on Cisco Routers, Cisco Switches, Nexus Switches, Firewall, Proxy, VPN Concentrator.
• Hands-on experience in Planning of Corporate Firewalls architecture and implementing in distributed environment i.e. configuring & troubleshooting - Checkpoint, Cisco ASA and Palo Alto Firewall
• Experience installing, configuring, and troubleshooting Catalyst (2900, 3500, 3700 and 6500 Series), Nexus (5000, 2000 Series) Switches, and Routers (ASR 9K, 10K,2800, 3600, 4400, 7200 Series) using CLI and GUI.
• Experience configuring and troubleshooting OSPF, EIGRP, BGP, RIP, VLAN’s, Trunking, VTP, STP, PVST, RSTP, HSRP,802.1q, and Ether-channels.
• Worked on Palo Alto firewall and used panorama for centralized control of all the firewalls.
• Knowledge of OSI Model & TCP/IP networking standards with protocols such as SNMP, FTP, ICMP & IPv6.
• Experience with Next Generation Products such as Check Point IPS, Threat Emulation, URL-Filtering, ANTI-BOT, ANTI-VIRUS.
• Network security including NAT/PAT, ACL, HTTPS, Web Proxy, LDAP, VPN Concentrator, ASA/PIX Firewalls, Cisco IDS/IPS, AAA, Radius, TACAACS+, IPsec/SSL VPN and L4 - L7 protocol.
• Strong work experience with the following technologies MPLS, Q0S, VPN, WLAN and Multicast.
• Worked extensively on firewalls and VPN gateways including Checkpoint, Blue Coat Web Gateway, CISCO, Juniper, Fortigate GUI and Shell.
• Cisco ASA Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various plannednetworkchanges on thenetwork
• Hands on Experience in design, installation, configuration, maintenance and administration of Checkpoint Firewall R55 up to R77.20 version.
• Configuring/Managing Intrusion Prevention System (IPS) and Intrusion Detection System (IDS): Cisco IPS/IDS & Checkpoint UTM.
• Migrated multiple Cisco ASA 5580/5520 firewalls to Palo Alto 5060/500 firewalls.
• Integrating Check Point URL-Filtering and IDM with Active Directory database
• Experienced in DHCP, DNS, NIS, SMTP, IMAP, ODBC, FTP, TCP/IP, LAN, WAN, LADP, security management and system troubleshooting skills.
• Experience in implementing network security using NAT, PAT, ACL, IDS, IPS and ASA firewalls.
• Experience with Firewall migrations from PIX firewall to Cisco ASA, Juniper SRX firewall appliances and McAfee proxy servers.
• Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that come online or that may have been altered during various planned network changes on the network.
• Configure VRRP & GLBP and VLAN Trunking 802.1Q & ISL, STP, Port Security on Catalyst 6500 switches.
• Performed Network Security Assessment and implemented security features such as network filtering, SSH, AAA, SNMP access lists, VTY access lists and HSRP authentication.

TECHNICAL SKILLS

Operating Systems: Windows Server 2016/2012/2008, R2/ 2003/2000, Windows 10/ 8/7/Vista/XP / NT, Mac OS X, Microsoft Lync, Ubuntu. Linux

Languages: C, KEIL, Assembly language

Routing: OSPF, BGP, EIGRP, RIP, Route Summarization, Static Routing, FHRP, Tunneling, Equal and unequal cost load-balancing, NAT.

Switching: VLAN, VTP, STP, RSTP, Inter VLAN routing.

Security Policies: Port-security, ACL, EIGRP & OSPF authentication, VPN, IPS/IDS, BPDU guard, Firewalls.

Firewall: Cisco PIX / ASA 55XX, IPS/IDS, Sophos UTM SG -230/330, Cisco FWSM, Cisco ASDM, Juniper SSG 550, Checkpoint Firewall, SonicWALL, Palo Alto PA -3050, Barracuda Next-Gen Firewalls,Cisco ASA

Monitoring: PuTTY, PuTTYgen, Solarwinds, Kiwi Syslog server, WinAgent TFTP server, Wireshark

Wireless communication: WI-FI, AM, FM, PM, 4G LTE, ALOHA, TDMA, FDMA, CDMA, RFID, FTP, HTTP

Other Tools: Syslog, GNS3, Cisco Packet Tracer, VMware, MATLAB, LINUX, Ettercap

Other terminology: DNS, DHCP snooping, TCP and UDP, Windowing, LAN, WAN

PROFESSIONAL EXPERIENCE

Confidential

Cyber Security Engineer

Responsibilities:

• Install, support and maintain hardware and software infrastructure supporting best practices, including routers, load balancers, switches, WIFI controllers and firewalls.
• Configuration of routing protocol such as RIP, EIGRP, OSPF and switching protocol like STP, RSTP.
• Implementing network security including NAT/PAT, ACL, VPN and Cisco ASA & Checkpoint firewalls.
• Worked on Cisco ASA writing the ACL's, Cisco IOS XS, and XR. Configuring Cisco ASA and Deploying AnyConnect VPN client
• Extensive Knowledge on the implementation of Cisco ASA 5500 series and checkpoint R 80 firewalls.
• Software and OS patching and hardening experience.
• Linux command line experience and work on inventory, patch, and upgrade both Windows and Linux based systems and applications.
• Have general storage experience.
• Perform in place upgrades and migrations of Check PointSecurityGateways from Check Point IP Appliances and SPLAT servers to 12k appliances running Gaia R75.40.
• Work with NAT and Access-list in Cisco ASA firewall to allow only authorized users
• Migrating a Cisco ASA Firewall Configuration From Old Syntax to New
• Working on Cisco ASA NAT conversion tool for converting to 9.X firmware from 8.2 Firmware
• Implementing VOIP products, solve different trouble tickets and solve hardware issues of consumers.
• Firepower Series using Cisco ASA for additional vulnerability scanning.
• Deploy new Check Pointsecuritygateways in thenetworkand build high availability running Gaia R76 and R77 on Check Point 15k, 12k, 4k and 2k appliances
• Stage Firewall policies and migrate them from one platform to another including Cisco ASA and router (7200/3800 and ASR 1000 series) access-list to Check Point.
• Implementing and managing websense software for securing and filtering enterprise wide web traffic.
• Performing network monitoring, providing analysis using Wireshark and Solarwinds and providing technical support
• Work with various Firewall Migration projects including in place upgrades and cross platform migrations from Cisco to Check Point and Cisco to Fortinet.
• Implementing and troubleshooting of VLANs, Subnetting of IP and managing IP allocation.
• Redistribution from RIP to OSPF and vice versa by implementing hub and spoke topology with a frame relay switch.
• Troubleshooting the issues in the network server and managing LAN and WAN to maintain maximum network uptime.
• Implementation, configuration and support of Check pointSecurityGateways for clients hosted at the data center.
• Hands-on experience on F5 LTM configuration
• Configure, maintain, and troubleshoot routers and switches.
• Implemented routing protocols like BGP,OSPF,EIGRP and redistribution from RIP to OSPF.
• Configuring security policies including NAT/PAT, VPN and ACL’s.
• Configure switching protocols like STP, RSTP and implemented security on switch by port security, BPDU guard.
• Configuring VLAN, Spanning tree, VTP, Etherchannel on switch.
• Implementation of DHCP, DNS, NTP, FTP, TFTP.
• Implementing redundancy gateway protocols which includes HSRP, VRRP and GLBP.

Confidential, NYC, NY

Network Security Engineer

Responsibilities:

• Configure high availability network with Cisco ASA 5525 with Firepower service, Cisco 3850 Switches.
• Hands-on experience in Planning of Corporate Firewalls architecture and implementing in distributed environment i.e. configuring & troubleshooting - Checkpoint, Cisco ASA and Palo Alto Firewall.
• Design, configured, secure Wireless network with Aruba 7030 Mobility controllers and Aruba 300 series Aps
• Build Check Point HA using Cluster XL and Management HA using Active/Standby
• Define, implement and maintain corporate security policies.
• Managing Firewall products - Checkpoint Appliance 2200 Gateways, Provider-1 and VSX environment. (R77.10 and 77.20) and ASA environments.
• Successfully migrated provider-1 and R77.10 environments to R77.20.
• Working on day to day firewall management activities like looking into troubleshooting tickets and firewall rule change requests.
• Configuration and implementation of Check Point Firewalls, IDS/IPS, Bluecoat Proxy.
• Maintained operational efficiency of client DLP programs.
• Reviewed business requirements and conducted task analysis.
• Planned and co-ordinate enterprise wide infrastructure projects with other IT teams and data center team.
• Implemented business procedures and DLP security programs.
• Suggested expansions for DLP programs as per business requirements.
• Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls (60+ firewalls) - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
• Actively use, smart view tracker, and Checkpoint CLI (tosecuritygateways) for troubleshooting. Perform advanced troubleshooting using Packet tracer and TCPdump on firewalls.
• Review and optimize firewall rules using Secure Track Tufin tool and run firewall audit reports.
• Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Experience with devices Palo Alto Network firewalls such as security NAT, Threat prevention & URL filtering.
• Planning, Designing & Implementing VPN connections using Checkpoint, ASA, Cisco PIX, and Cisco Routers using site-to-site VPN's.
• Extensive experience in Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point Next-Generation Firewalls R65, R70 & GAIA R77.30, Palo Alto Next-Generation firewalls, Bluecoat proxies and Cisco ASA/PIX.
• Work with Load Balancing team to build connectivity to production and disaster recovery servers through F5 Big IP LTM load balancers.
• Configure and troubleshoot Juniper EX series switches and routers
• Network security including NAT/PAT, ACL, and ASA/SRX Firewalls.
• Worked with Load Balancing team to build connectivity to production and disaster recovery servers through F5 Big IP LTM load balancers
• Installation and Configuration of Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy It also includes the configuration of port channel between core switches and server distribution switches.

Confidential, DAYTON, NJ

Network Security Engineer

Responsibilities:

• Providing day to day network support to clients on various types of networks.
• Working on core Network design and implementation, Network security, maintain, monitoring.
• Configure/Troubleshooting VPN IPsec/ L2L/SSL With Cisco ASA 550X, Juniper, Palo Alto, Sophos, Dell SonicWALL.
• Hands on Experience with blocking of IP's on Checkpoint that are suspicious. Responsible for Checkpoint firewall management and operations across our globalnetworks.
• Day-to-day work involves scheduling firewall policy provisioning and working with users to identify connectivity related issues and troubleshoot using both Smart Utilities and CLI.
• Implemented the necessary changes such as adding, moving and changing as per the requirements of business lines in a data centre environment.
• Configured rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Worked on the flow of traffic through the Check Point Security gateway cluster and troubleshoot connectivity issues using advanced troubleshooting from Command Line Utilities.
• Managed the SIEM infrastructure. Installation & Administration of SIEM solution ArcSight Logger & Connector
• Extensive Packet level debugging and troubleshooting onCheckpoint Firewallsto resolve numerousnetworkissues. Analyzed the Policy rules, monitor logs and documented theNetwork/Traffic flow Diagram of theCheckpoint Firewalls placed in the Data Center with MS Visio.
• Appliance and assisted Level 2 Analyst teams.
• Initial set-up, installation and implementation of new SIEM solution (QRadar). Migrating existing Reports and Alerts from RSA envision to QRadar. Aggregate, correlate, and analyze log data from network devices, security devices and other key assets using QRadar.
• Created SIEM dashboard for QRadar and reconciliation with Storage, Database Server, Workstation and Server and Network Devices.
• Displayed competency in setting up multiplexed audio/video distribution system for CNBC/ Confidential, Benzinga, and Trade The News broadcasting.
• Setup and maintained Check Point security policies including NAT, VPN and Secure Remote access.
• Managed VPN, IPSec, Endpoint-Security, status policy, Application control, IPS, Monitoring, Anti-Spam, Smart Provisioning, DLP using Checkpoint Firewalls
• Configured all Palo Alto Networks Firewall models as well as a centralized management system (Panorama) to manage large scale firewall deployments.
• Setup and maintained Check Point security policies including NAT, VPN and Secure Remote access.
• Installed, configured and setsecuritypolicies on cisco and checkpoint firewalls, VPN.
• Administered Big IP F5 LTM for all Local Load balancing and use GTM for load balancing across Data Centres.
• Configured & managed around 500+ Network & Security Devices that includes F5 BigIP Load balancers and 3DNS, Blue Coat Proxies and Plug Proxies.
• Configured BGP/OSPF routing policies and designs, worked on implementation strategies for the expansion of MPLS, DHCP and VPN networks.
• Improved network operations efficiencies through evangelizing adoption of standards-based fault diagnosis, method of procedure for implementation & standardization of configurations for new & existing deployments
• Communication of security controls, risk statements, and countermeasures that meet the requirements of the business as well as the information security policies.
• Prepared management and executive reports to convey the results of assessments and strategic initiatives.

Confidential

Network Engineer

Responsibilities:

• Install, support and maintain hardware and software infrastructure supporting best practices, including routers, load balancers, switches, WIFI controllers and firewalls.
• Configure, maintain, and troubleshoot routers and switches.
• Analyzed and resolved a high percentage of initial customer contact in the areas of PC/LAN.
• Actively managed IP Communications, audio/video conferencing, mobility, presence.
• Responsible for the analysis/troubleshooting VoIP networks.
• Extensive experience in configuring and implementing OSPF and BGP.
• Supported core network consisting of Cisco 7200 series routers running multi area OSPF.
• Configured EIGRP and OSPF as interior gateway protocol with route filtering and route redistribution, installed and maintained Cisco 3600, 2600 and 7200 backbone routes with HSRP
• Implemented stub/Totally stub areas and various OSPF features like route-summarization and SPF throttling.
• Hands-on experience with WAN technologies like T1/T3, DS3, STM1 and STM4 circuit types
• Configured Security policies including NAT, PAT, VPN, Route-maps and Access Control Lists.
• Implemented Cisco Secure Access Control Server (ACS 3.0) for TACACS+/RADIUS
• Knowledge with redistribution of routing protocols and Frame-Relay configuration
• Handled Network Migration from RIP to OSPF.