SUMMARY

• Cyber Security Professional with over 8 years of experience, passionate in assisting clients with identifying and mitigating cyber and physical security vulnerabilities
• Applied practical methodologies and manual testing methods to avoid false negatives and identify the true risks inherent in computer systems and networks
• Administration of LAN, WAN, Wireless and Security Technologies and Products including installations and configurations of physical networks (servers, switches, routers, panels, ports & hubs)
• Assisted in designing, development and implementation of security policies on an organization level information security and systems administration, technical support and consulting
• Implementation, trouble shooting, development and maintaining enterprise date network systems and Implementation of enterprise networks by dealing with Cisco routers, Cisco Catalyst switches, Cisco Firewalls, Load balancers.
• Expertise in deployment of Routers, Switches, Hubs, Firewalls, IDS, load balancers, VPN Concentrators
• Extensive experience in installation, administration and networking in various MS Windows OS environments
• Familiar with Remedy, Secure Computing's Sidewinder Firewall, Cisco PIX Firewalls and ASAs, SSGs, Firewall Switch Modules, BlueCoat Proxy devices, Wise Package Studio, Symantec Ghost and Antivirus
• Experience in Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions.
• Hands - on experience in maintaining 802.11 standards through WLC (Wireless LAN Controller), Datacenter equipment, Networks and Security administration including routers, switches, firewalls and VPNs
• Experience working with Cisco Switching, Routing, Reverse Proxy appliance and Security products

TECHNICAL SKILLS

Platforms: Windows XP, 7/8/10, Windows Server 2012 R2, Linux (Red Hat, Ubuntu, Backtrack & Kali Linux)Mac OS.

Languages: HTML, CSS, JAVA, PHP, SQL, JQuery, JavaScript, Swift(basic).

Software & Hardware: VMware, Virtual PC, LogMeIn, Microsoft Office, MS Project, Flash, Photoshop, GNS3Cisco Packet Tracer, SNMP Agent Simulator, NetBeans, Eclipse, Nessus, Grabber, W3af, SQLMapNetcraft, LanGuard, Putty, Wapiti, WebScarab, Vega, Grabber, Nexpose, SecureCheq, Qualys, OpenVASRetina, Nmap, Citrix, Arcsight, Securify, LAN / WAN Administration, VPN, TCP/IP, Cisco Routers & SwitchesVoIP telephony system, Wireshark/TCPView Packet Analysis, DNS Server, Ping, Tracert. Active DirectoryRemedy Ticket System, NetForensics

PROFESSIONAL EXPERIENCE

Confidential, Dallas, TX

Network Security Engineer

Responsibilities:

• Implementing new Firewalls requirements with use of PAN firewalls
• Configuring Site-to-Site IPSEC VPN and RA VPN for the Customers' requirements
• Reviewing the Change request plans created by L1 and L2 administrators
• Analyzing threat and vulnerability logs in firewall for vulnerability management
• Performing Vulnerability Analysis test for Firewalls and other network devices and providing the closures for vulnerabilities
• Primarily focused on Reverse Proxy management, operations, documentation, Reverse Proxy configuration and maintenance
• Worked on F5 load balancer deploying many load balancing techniques with multiple components for efficient performance
• Worked on Nexus 5k and 7k series switches
• Configuring and maintaining the firewall, analyzing the firewall syslog and performing rules reconciliations and capacity planning in every quarter year using Algosec
• Configuring Site-to-Site IPSEC VPN and RA VPN for the Customers' requirements
• Reviewing the Change request plans created by L1 and L2 administrators
• Analyzing Checkpoint IPS syslog and closing the vulnerabilities in the network
• Performing Vulnerability Analysis test for Firewalls and other network devices and providing the closures for vulnerabilities.
• Designing and implementing Wireless network in the Campus for both internal and project requirements.
• Configuring and Maintaining Cisco Wireless LAN controllers, Access points and Airtight Sensors and SpectaGuard
• Analyzing and closing the Vulnerabilities found in the Wireless using Airtight SpectaGuard. Implement URL filtering requests in Bluecoat Proxy SG for website blocklist and whitelist purpose.Conducted periodic reviews of Checkpoint firewall policies rule base for rules consolidation and cleanup in coordination with stakeholders using Firemon tool.
• Worked primarily as a part of the security team and daily tasks included firewall rule analysis, rule modification and administration.
• Managing and implementation of firewalls requests based on the requirements of various departments and business lines.
• Monitoring the network traffic with the help of Qradar and Cisco IPS event viewer. Co-ordinate with data center team for any kind new installations, remote support and device RMA’s.
• Implementing and troubleshooting network issues for various business lines and making sure everything is in place.
• Managing and providing support to various project teams with regards to the addition of new equipment such as routers, switches and firewalls to the DMZs.

Confidential, Milwaukee, WI

Information Security Analyst

Responsibilities:

• Day to day activities included by not limited to an extensive use of Checkpoint Smart Console suite (R75x, R76x,Gaia R77x& VSX) to manage policies and rule base of security control points, device mapping using network address translation, objects management, routes and other administrative tasks.
• Implementing Security Solutions in Juniper SRX and Netscreen SSG firewalls by using NSM.
• Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls (160+ firewalls) - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
• Implemented firewall rules in Palo Alto firewalls using Panorama for one of the environment.
• Monitoring and troubleshooting traffic on PaloAlto 5020 firewall.
• Maintained and Configured Check Point VSX with firewall virtualization.
• Policy provisioning, access to specific segments of the networks through Cisco ISE.
• Configure 802.1x on both Cisco ACS and Cisco ISE.
• Engineered, configured and deployed routers using Cisco ISE
• Configure and Monitor Cisco Sourcefire IPS for alerts.
• Performing creation and deletion user accounts and global group’s creation in global policy in Provider-1.
• Utilizing Tufin and Splunk firewall analyzing and/or reporting tool to remediate idle firewall polices that were leaving the network open to unnecessary vulnerabilities.
• Used troubleshooting applications and tools such as Checkpoint SmartView Tracker, SmartView monitor, Wireshark, Tcpdump, Traceroute, Solarwinds, Netscout and command line utilities to identify, report and provide resolution to all kinds of firewall and VPN related connectivity issues.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Upgrading IOS on the routers, troubleshootingnetworkoutages.
• Implementing and configuring F5 LTM’s and GTM’s for VIP’s and Virtual servers as per business needs.
• Working on trouble tickets in service now (SNOW) ticketing system which comes to our queue.
• Continually monitor, assess and improvenetworksecurity, test and implement new security technologies.
• Participate in all technical aspects of LAN, WAN, VPN and security Internet Service projects including, short and long term planning, implementation, project management and operations support as required.
• Participating in 24*7 on-call support and implementing changes in different time zones as per the client requirements.

Confidential, Tampa, FL

Network/Security Engineer

Responsibilities:

• Implementation of Site to Site VPN’s for Confidential using Juniper NSM.
• Configuring and troubleshooting issues with VPNs
• Involved in Migration of SSG firewalls to Juniper SRX firewalls.
• Migrated Check Point 680 to juniper SRX 650
• Worked on Oscillator cards and changed on SRX 3600 Firewall
• Daily technical hands on experience in the configuration, troubleshooting of Juniper SRX and SSG firewalls as well as experience working directly with customer in a service/support environment
• Managing and implementation of remote firewalls for Confidential using NSM
• Extensive implementation of firewall rules onJuniper SRX 3600,SRX 3400, 650 SRX and SSG140on a daily basis, using NSM.
• Implemented Juniper SRX FW Interface, MIP and VLAN using NSM
• Configuration of new Juniper SRX firewalls for remote site implementation
• Daily exposure to IP based network security protocols with Juniper SRX and SSG firewalls, Operating Systems and security configurations LAN/WAN/Security solutions.
• Manage as well as remotely implement, all remote firewalls for Citi bank’s branchesusing checkpoint SmartDashboard
• Implemented Checkpoint GAIA R76 Interface, NAT and VLAN using SmartDashboard
• Extensive implementation of firewall rules on R76 GAIA on daily basis using SmartDashboard
• Configuration, troubleshooting Checkpoint Firewall using R76 SmartView Tracker and Monitor .
• Strong Knowledge and extensive experience on enterprise change management process and tools.
• Create change request for configuration changes on firewall.
• Responsible for Juniper SRX firewall management and operation across our global networks
• Hands on experience with handling all production and non-production issues
• Configure IPSEC VPN (Site -Site to Remote Access) on SRX series firewall.
• Performed Troubleshooting and monitored routing protocols such Static Routing, OSPF and BGP
• Responsible for procurement and installation of Hardware, network drives and other IT infrastructure and documented the design, implementation and troubleshooting procedures with Method of Procedure (MOPS).
• Documented all the work done by using Visio, Excel and MS word

Confidential, Albany, NY

System Administrator

Responsibilities:

• Implementing the necessary changes such as adding, moving and changing as per the requirements of business lines in a data center environment.
• Adding and removing checkpoint firewall policies in SPLAT/IPSO R75, VSX firewalls based on the requirements of various projects.
• Participated on the migration project of PIX to ASA firewalls.
• Cisco ASA Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Building site-site VPN connections for third party connectivity using ASA Firewalls.
• Auditing user accounts in Checkpoint Provider-1/MDM on a monthly basis to remove unnecessary and ex-employee user accounts.
• Deploying Security Solutions in Juniper SRX and Netscreen SSG firewalls by using NSM.
• Implement URL filtering requests in Bluecoat Proxy SG for website blocklist and whitelist purpose.
• Conducted periodic reviews of Checkpoint firewall policies rule base for rules consolidation and cleanup in coordination with stakeholders using Firemon tool.
• Worked primarily as a part of the security team and daily tasks included firewall rule analysis, rule modification and administration.
• Managing and implementation of firewalls requests based on the requirements of various departments and business lines.
• Monitoring the network traffic with the help of Qradar and Cisco IPS event viewer.
• Co-ordinate with data center team for any kind new installations, remote support and device RMA’s.
• Implementing and troubleshooting network issues for various business lines and making sure everything is in place.
• 24x7 on-call escalation support as part of the security operations team.
• Working configuration of new VLANs and extension of existing VLANs on/to the necessary equipment to have connectivity between two different data centers.
• Managing and providing support to various project teams with regards to the addition of new equipment such as routers, switches and firewalls to the DMZs.
• Implementing IPsec and GRE tunnels in VPN technology.

Confidential

Information Systems Security Engineer

Responsibilities:

• Conducted in-depth monitoring of network gateways for malicious code, virus messaging, and network intrusion attempts.
• Manages and delivers high quality work products/deliverables that includes NetForensics investigations, Symantec virus log maintenance, and system security event reports
• Identifies problems and brings them to supervisor’s attention with sufficient lead time to avert crises.
• Responsibility for monitoring the NetForensics event console for all suspicious activity
• Delivers additional insight to team lead in regards to tuning the event console
• Create vulnerability assessment and mitigation reports based on system analysis using nmap, Shadow, LanGuard, Nessus, and Retina
• Makes use of the following tools for job performance: NetForensics (Event Monitoring), Symantec Reporting Tool (Virus Reporter/Logs), Putty (ssh command), Nessus, LanGuard, Shadow, nmap (Vunerability scan tools). functions as CIRT in gathering all information needed to block ports that are producing suspicious/ malicious traffic on the network
• Responsible for performing investigations/analysis in order to determine if an event(s) is a false positive, configuration issue, or an incident via usage of correlation tools Arcsight and Securify
• Troubleshot server issues, in the event a loss of communication occurs. In Active Directory/ Microsoft Exchange user groups, responsible for creating new users, completing user transfers as well as deleting users
• Responsible for monitoring and troubleshooting all enterprise backup systems via Symantec Backup Exec suites for data security purposes
• Assisted with software maintenance, tuning, updates and operation of security software and hardware
• Responsibility to provide escalation reports to senior level management in the event systems fail and troubleshooting has not resolved technical issues.
• Responsibility to produced detailed error reports and comprised comprehensive solutions for solving various problems.
• Responsibility for providing weekly status updates from all team members to project manager, as well as, coordinate work structure breakdown for success with deadlines.
• Monitor all call queues to minimize the volume of open tickets.
• Escalate issues that cannot be handled at the desk level and to properly notify the appropriate teams of a high severity or critical situation.
• Installed, configured, and troubleshot all hardware, software, peripherals and network issues to provide accurate resolutions.
• Installation, testing and maintaining of various types of software for end-users
• Configuring network printers with JetAdmin and Novell utilities to be accessible to the network
• Responsible for desktop/laptop support in a user environment of 130 users
• Investigates network traffic by reviewing logs from (firewalls, Intrusion Detection Systems (IDS), Security Monitoring Tools and Intrusion Prevention Systems (IPS), and Virtual Private Networking (VPN)