SUMMARY

• Experience in Checkpoint firewalls, Palo Alto Firewalls, Juniper Firewalls,
• McAfee Forcepoint, Cisco WSA/CWS, Cisco ASA, SSL VPN, Cisco Nexus, Cisco ACS, Cisco ISE, IPS, and Microsoft TMG.
• System Administration and with technical expertise in specializing in Cisco Environment in Data Centers, LAN / WAN Security, managing the complete system admin and technical support functions.
• Demonstrated abilities in large enterprise wide network design, implementation as well as administration support and network integration.
• Advanced knowledge, design, installation, configuration, maintenance and administration of Palo Alto Firewalls, Checkpoint Firewall R75 up to R77 version, VPN.
• Advanced Cisco Router, Switch, Firewall, VPN Concentrator, Clean Access, Wireless AP experience.
• Experience working on ArcSight ESM to handle daily Security Operations and needs for global customers.
• Advanced configuration of Cisco 2500/2600/4000/7000/12008/2900/3750/6509.
• Advanced troubleshooting of data circuits such ATM, SMDS, T1, Frame Relay, ISDN circuits.
• Has Experience working in Enterprise Data Centers with 50 + Firewalls.
• Checkpoint IP Appliances and SPLAT & Cisco ASA Firewalls.
• Proven success managing multiple Information Security Systems.
• Advanced knowledge, design, installation, configuration, maintenance and administration of Checkpoint Firewall R75 up to R77 version, Secure Platform Installation including, VPN.
• Advanced knowledge in Design, Installation and configuration of Checkpoint Provider Environment.
• Advanced knowledge in design, installation and configuration of Firewall ISG 1000/2000, SSG series and NSM Administration.
• Working knowledge on Cisco UCS servers to implement unified computing with networking and security.
• Drafted and installed Checkpoint Firewall rules and policies.
• Experience in Network Intrusion detection/Intrusion Prevention System and Firewalls.
• Experience working on Check Point vSEC for VMware NSX in a Software - Defined Data Center (SDDC).
• Working knowledge of Symantec Endpoint Protection, Upgrading packages, installing policies, cleaning the hosts and updating the ticket.
• Advanced knowledge in configuration and installation of IOS security features and IPS.
• Advanced knowledge in Cisco Switches and Routers Configurations.
• Advanced knowledge in TCP/IP suite and routing protocols, such as OSPF, BGP, and EIGRP.
• Advanced Knowledge in IPsec VPN design connection and protocols, IPsec tunnel configuration, encryption and integrity protocols.
• Demonstrated skills managing and analyzing servers, databases and security within a data center environment.
• Implementation and administration of Juniper WX/WXC devices for WAN Traffic acceleration.
• Configuration of VTP, VLANs, UDLD, BGP, OSPF, EIGRP, IGRP, RIP, MPLS, DLSw, GRE Routing, Troubleshooting, Monitoring and Maintenance.
• Comprehensive understanding of networking concepts pertaining to LAN and WAN, Information security, IT communication and maintenance in multi-platform environments.
• Familiar with Network virtualization concepts with VMware NSX.
• Experience in managing a team and the resources during Server Infrastructure migrations and platform upgrades.
• Excellent communication and presentation skills and a good team player, Extensive experience in working at 24x7 Support.
• Adapts to new systems and environments quickly, takes ownership of all duties, meeting management skills, Good work ethics, Group and individual based problem solving and decision making abilities.

TECHNICAL SKILLS

Networking: Conversant in LAN, WAN, Wi-Fi, DNS, WINS, DHCP, TCP/IP, ISCSI, ACLs, Fiber, Firewalls/IPS/IDS, NAT, PAT, VPN

Hardware: Dell, HP, CISCO, IBM, SUN, Checkpoint, SonicWall, Barracuda Appliances, SOPHOS email appliances, Arcsight ESM, Arcsight Express, Logger, Connector

Operating Systems: Windows, NT, MS-DOS, Linux, Microsoft Windows 2008 R 2/ 2008/20 NOS family, Microsoft Active directory 2008/2003/2000 , VMware ESX/ESXi server, Cisco ISO

Application Servers: DNS, DHCP, Windows Active Directory Services, FTP, SFTP, Microsoft Exchange 2003/2007/2010 , Microsoft SharePoint 2007/2010, Amazon AWS, Cisco UCS- B260 M4 blade, HP iLO

Firewalls: Checkpoint, vSEC, VMware NSX, ISA 2004/2006/ ASA 5585/5520, FWSM, Palo Alto /Checkpoint 4200/Nokia IP-560, Cisco PIX 535/525, McAfee Forcepoint

Routing/Routers: OSPF, EIGRP, BGP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static Routing, Cisco Routers ASR 06 / 06 / 51 / 2600

Infrastructure Hardware: IBM, HP, Compaq, Dell desktops\laptops\servers, Cabling, Network printers, IP KVM Switches, Cisco Routers & Switches, Cisco Nexus, 802.11x Wireless gateways, Access Points, Network UPS, Storage Area Network, NAS, iSCSI SAN

Switching: VLAN, VTP, STP, Inter VLAN routing & Multi-Layer Switching, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging

Protocols: TCP/IP, L2TP, PPTP, IPsec, IKE, SSL, SSH, UDP, DHCP, DNS, BGP

VPN: ASA 5520, Cisco Concentrator 3030, Nortel Contivity Extranet 1500

Security Tools: Wireshark, MBSA, MS Visio, Apache, VMWare ESXi 3.5, VMware Server, Encase, Symantec Endpoint Protection

PROFESSIONAL EXPERIENCE

Confidential, RI

Responsibilities:

• Worked on HP Arcight products including ESM, Express, Loggers and Connectors.
• Performed data migration on Arcishght Express, ESM, Loggers and Connector appliances.
• Installed and Configured six Arcsight Express 6.5 boxes from scratch using RHEL 7.1 OS on HP iLO.
• Deployed manager, logger and http web as a service on Arcsight Express appliances.
• Migrated data from old Arcsight Express appliance to all the new Express appliances.
• Create packages on the console, exported them and imported/installed on the new appliances.
• Troubleshooted the dependency errors in the packages, added the fix and installed them to the appropriate Arcsight Express appliance.
• Configured Arcisght ESM appliance from scratch using CLI commands.
• Imported CA signed certificates on the appliances using keytool gui.
• Worked on FIM (File Integrity Monitoring) on Arcsight Express, created correlation rules, added filters, created reports that ran daily/weekly.
• Troubleshooted case customization issue on the Arcsight Express appliance, updated the case-ui.xml and other property files on the appliance.
• Performed data migration from logger to logger, connector to connector.
• Created storage groups on the logger, managed the storage size to migrate data from 8 loggers to 4 loggers.
• Forwarded events from logger to esm by providing ESM destinations on the connectors.

Confidential, Boston, MA

Information Security Engineer

Responsibilities:

• Implemented identity based access management using Checkpoint vSEC and VMware NSX in a cloud environment.
• Installed vSEC controller into Checkpoint management server to make it SDDC aware.
• Deployed gateways in VMware NSX, registered the service and established a communication between Checkpoint vSEC and NSX.
• Defined data center objects to connect NSX with vSEC controller to operate it on management server.
• Installed hotfixes and licenses using Smart Update to keep checkpoint products updated and working.
• Configured VMware NSX to redirect the traffic to Checkpoint vSEC.
• Created security groups in AWS and replicated them in the NSX.
• Worked on Amazon EC2 to create instances and the security groups including inbound and outbound rules.
• Managed web applications on AWS cloud to provide application based security on cloud storages.
• Replicated AWS security groups using service composer and added the security groups to the DFW rule base.
• Worked with Data Center team to deploy Citrix servers and the Cisco UCS servers to implement cloud based networking.
• Deployed Cisco UCS B260 M4 blade servers to establish a virtual environment in VMware.
• Segregated the NSX security groups based on the user based access control.
• Imported the NSX security groups in vSEC management server to control the user access using checkpoint firewall policies.
• Used Identity Awareness Checkpoint blade to achieve identity management in Checkpoint vSEC.
• Troubleshooting the Identity Awareness issues using pep and pdp commands
• Monitored logs using Smart Log and Smart View Tacker to find issues in the system.
• Created AD groups in Active Directory and fetched them in the vSEC management server.
• Defined rule base to control the access to the internal networks and other sensitive areas.
• Also worked on the checkpoint firewalls to secure the internal networks with the higly secure rule base.
• Troubleshooting random disconnect issues from the virtual desktops using Clish.
• Maintained connectivity between AWS cloud applications and virtual desktops with highly secure techniques.
• Allowed a secure communication between AWS SAS application and VDI clients to make sure the clients using virtual desktops get access to AWS server.
• Created OPSEC application to establish connectivity with Checkpoint support.
• Managed and maintained McAfee Forcepoint firewalls with new policies and updates.
• Worked on IPsec and defined VPN rules to establish a secure VPN tunnel in the system using IKE (Internet Key Exchange).
• Worked on Symantec Endpoint protection to keep employee workstations secure and updated.
• Installed packages on Windows, Linux and Mac clients and upgraded them in a silent install with maintenance window.
• Generate reports of Virus Definition, Site Health and clean the infected clients if encountered in the report.

Confidential, Philadelphia, PA

Network/ Security Engineer

Responsibilities:

• Designing and implementing new Firewalls requirements for Customers such as Cisco PIX, ASA, Checkpoint UTM, Fort iGATE and Juniper SSG and SRX Firewalls.
• Configuring Juniper NetScreen Firewall Policies between secure zones using NSM (Network Security Manager)
• Configuring and maintaining the firewall, analyzing the firewall syslog and performing rules reconciliations and capacity planning in every quarter year using Algosec.
• Configuring Site to Site IPsec VPN and RA VPN for the Customers' requirements.
• Worked on NSX - Networking and Security Virtualization Product.
• Implemented VXLAN and configured with VCNS and NSX platform.
• Worked with VMware NSX with deployment of Greenfield environment and managing and troubleshooting issues with NSX.
• Designed and Implemented Multi-VC support with Primary and Secondary NSX.
• Involved in modeling of Primary, secondary and tertiary structure for the vSEC fixed platform using PDMS design.
• Installed and configured an ArcSight ESM SIEM tool from scratch & observed device Integration of multiple Log sources with the ArcSight Connector appliance.
• Administered connectivity between ArcSight systems with client consoles, connectors.
• Reviewing the Change request plans created by L1 and L2 administrators.
• Created on-demand & daily reports for Global customers using HP ArcSight, reviewing raw log files, data correlation, and analysis.
• Performed incident management using SNOW Remedy for Global Security teams of HCL & Creating custom rules, filters & deploying them over SIEM tool.
• Analyzed logs from various security appliances using HP ArcSight ESM console, ArcSight Logger and troubleshooted L1 connectivity of logging issues through RDP.
• Created filters, active channels, queries and rules in ArcSight console.
• Configured reports in ArcSight ESM and ArcSight Logger as per the Customer requirement.
• Performed basic monitoring of all the logs coming from the clients on Arcsight console.
• All Firewall and Wireless devices backup has been automated using Shell Scripting and also automated change request expiry alert in the firewall rules.
• Implemented Guest WIFI solution using Web-authentication method and Cisco ACS.

Confidential, Houston, TX

Security Engineer

Responsibilities:

• Worked as a systems engineer to implement vendor projects using multiple firewalls like checkpoint security firewall, Juniper and Palo Alto.
• Configured Palo Alto Firewall models as well as a CMS (Panorama) to manage large scale firewall deployments.
• Involved in Palo Alto design and installation which includes Application and URL filtering Threat Prevention and Data Filtering.
• Attending remote support to client testing of projects, upgrading firewalls.
• Installing new policies of the firewall, configuring it and protecting it.
• Configured VPNs like SSL, IPsec, Site to Site VPNs, VPN configuration in AAA and routing in ASA.
• Worked on various network monitoring tools like Wireshark and logging monitoring traffic to monitor the ongoing data packets.
• Also implemented the L3 and L2 security.
• Manage Cisco ASA & Checkpoint Firewalls as per users change management forms.
• Monitoring Cisco ASA, Checkpoint Firewalls, WAN Links on (WhatsUp Gold)
• Submit all security devices reports on daily & weekly basis respectively.
• Backup of all security devices.
• Make the log reports for various attacks detail on network from IBM's Site Protector Software.
• Installed smart connectors on both Arcsight ESM 5.0 and 6.8 console and migrated different customer data and reports from Arcsight ESM 5.0 to Arcsight ESM 6.8 console.
• Worked on VCNS to configure Virtual Firewall, Edge technologies (NAT, PAT, SSL VPN, Site to Site VPN, Load balancers), Endpoint.
• Provide daily administration and management of the Cisco Identity Service Engine, the Cisco WLC 5500 wireless system and the global 802.1x wired/wireless environment.
• Architect, implement, support and document ISE and wireless environments; audit the existing installation and make recommendation for improvements;
• Provide support of general wireless issues; monitoring and administration of global ISE and WLC deployment.
• Perform business continuity plans, vulnerability Assessment of firewalls, routers and switches, rules reconciliation and log analysis of the firewalls. Perform security audits.
• Work on the devices like Cisco routers (2600 series), Firewalls ASA (5505, 5510, 5520), PIX, Checkpoint (R55, R65, UTM Edge N), Juniper (Junos SRX 210 and NetScreen SSG 140), L2 (2950, 2960, 3750) and L3 switches (6509E, Nexus 7k), Nexus 5k and 2k, Cisco NAC Servers, Cisco Access Points (Aironet), Airtight Sensors, Airtight WIPS Server, Cisco Wireless Controller, Avaya IP Phones. Configured all the network devices like Access Switches (2960 in stacking), Core Switches (Cisco 6509-E in VSS), Routers (Cisco 2900), Firewalls (ASA 5555-x in A/A mode), (ASA 5545-x in A/S mode) and Cisco Nexus 5K and 2K switches for datacenter.

Confidential, NY

Firewall Administrator

Responsibilities:

• Implementation, configuration and support of Checkpoint and ASA firewalls for clients.
• Firewall Policy administration and work with user requests submitted by users. Use HP Service Manager Ticketing System for change and incident management.
• Work actively on Fortinet UTM firewall administration using FortiManager
• Cisco ASA Firewall configuration and troubleshooting.
• Troubleshooting connectivity issues within the server zones of the Data center (between application servers, database and web servers) as well as user requests and user connectivity issues from various branch locations, office locations and third party sites to data center.
• Engaged in conducting client walkthroughs, Identifying security incidents by analyzing network traffic and logs data in SIEM tool.
• Security Monitoring (Log Analysis) in SPLUNK. And ArcsSight.
• Cleared Backlogging (Cache files) in Arcsight console and also performed the troubleshooting of the connector to resolve and maintain the connector s health.
• Fine tuned the out-box-rules, Reports and Dashboards in Arcsight to meet customer needs.
• Integrated multiple data feeds from local network devices and forwarded it to HP ArcSight ESM/Express through ArcSight Logger and ArcSight Connector Appliances for analysis by SOC.
• Worked on Trends, Filters, Dashboards, Active Channels, Active lists & SOC advisories in Arcsight ESM.
• Assess the vulnerability of the events and prioritize the events based on severity and event count.
• Actively use, smart view tracker, and Checkpoint CLI (to security gateways) for troubleshooting.
• Perform advanced troubleshooting using Packet tracer and TCPDump on firewalls.
• Built and support VRRP / Cluster based HA of Checkpoint firewalls.
• Firewall Policy Optimization
• Troubleshoot and hands on experience on security related issues on Cisco ASA/PIX, Checkpoint, IDS/IPS, Palo Alto and Juniper Net screen firewalls.
• Perform Firewall OS upgrades using CLI, Splat and Voyager GUI.
• Backup and restore of checkpoint Firewall policies.
• Black listing and White listing of web URL on Blue Coat Proxy servers.
• Configured rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Review Firewall rule conflicts, unused rules and misconfigurations and clean up.
• Checkpoint firewall policy administration and support between various zones.
• Upgraded and converted 6 HA Checkpoint SPLAT pairs to Palo Alto.
• Architected and designed were on the network to place (multiple) IDS, FireEye and DLP devices.

Confidential

Systems Administrator/ Support Admin

Responsibilities:

• Systems Administrator builds and support.
• Managed network engineers for in house development and support of production IT environment.
• Provided all data and network security. Designed and built all remote office connectivity.
• Worked closely with database developers to build and assist with database servers.
• Designed and built front end solutions for most major database manufacturers
• Responsible for supporting all hardware and software engineers.
• Performing all Microsoft and Linux server builds for cooperate network and labs.
• Build and maintain all WAN connectivity for remote offices with a global Checkpoint firewall infrastructure.
• Worked on ArcSight in a 24x7 environment, used log monitoring, security information management, security device management and global threat monitoring.
• Security Incident Management and Log Analysis in ArcSight SIEM tool.
• Captured Intrusion attempts through the analysis of logs from Operating Systems, Network and security devices with the help of ArcSight SIEM tool.
• Analyze the logs in real time and thus helps the organization to detect and prevent security incidents arising from the threats.
• Implemented various security devices, servers, data bases and application in ArcSight SIEM tool
• Support all sales staff worldwide for remote connectivity.
• Maintain all Cisco switches and routers for maximum uptime.