SUMMARY

• Network Engineer with 8 years of experience in testing, troubleshooting, implementing, optimizing and maintaining enterprise data network and service provider systems.
• IT Information security Analyst with 3.5 years’ experience in new Security Technology’s with testing, troubleshooting, implementing, optimizing, and maintaining enterprise data and network security.
• Strong Hands - on Web Applications security scanning tools, ThreadFix, Sonatype Nexus IQ server, Sonatype Nexus Firewall and Nexus repo manager, Jenkins, Fortify SSC, HCL AppScan, CheckMarx.
• In-depth noledge on monitoring enterprise network with Firemon Security Intelligence Platform, Blue Coat Security Analytics
• Implementation of Juniper Firewall, SSG Series, Netscreen Series ISG 1000, SRX Series.
• Expert Level Knowledge about TCP/IP and OSI models.
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS, switching (VLANS, VTP Domains, STP and trunking).
• Monitored Network Activity using Cisco Prime 2.2, Splunk, Ops Manager, IPAM, Wire Shark, Tufin Secure Track, ePo, HIPS.
• Having noledge and hands-on experience on IP Addressing, Sub netting, VLSM and ARP, reverse & proxy ARP, Ping Concepts.
• Hands on Experience in Bluecoat -Proxy set up, troubleshooting production issues and analysis.
• Provided administration and support on Bluecoat Proxy for content filtering and internet access between site and VPN client users.
• Review daily log data gathered from various resources such as sensors, alert logs, firewall logs, content filtering logs.

TECHNICAL SKILLS

Router platforms: Cisco 2500,3800, 7200, 7609, Juniper M7i, M10i, M320.

Switch platforms: Cisco 2900XL, 2950, 2960, 3560, 3750, 4500 and 6500, Nexus (2K, 5K, 7K and 9K).

Firewalls: Juniper Netscreen 6500, 6000, 5400, Juniper SSG, SRX5600, SRX5800, Checkpoint (NGX, R65, R70 and R71), Cisco

Load Balancers: F-5 BIG-IP LTM, 6800 AND 8900, Blue coat SG8100, AV 510.

Routing: RIP, RIPV2, EIGRP, OSPF & BGP, Route Filtering, Redistribution, Summarization, Static routing.

Switching: VTP, STP, RSTP, MSTP, PVSTP+, VLANs, PAgP, LACP, CEF, Multi-layer switching and ether channel.

WAN Technologies: FRAME RELAY, ISDN T1/E1, PPP, ATM, MPLS, LEASED LINES, DSL Modems.

LAN Technologies: Ethernet, Fast Ethernet, NAT/PAT, FDDI.

VOIP Devices: Cisco IP phones, Avaya

Network Management/Monitoring: SNMP, Cisco Works LMS, Netflow, MCM, Cisco Prime and Wireshark, Blue Coat Security Analytics

Carrier Technologies: MPLS, MPLS-VPN.

Redundancy protocols: HSRP, VRRP, GLBP.

Security Protocols: IKE, IPsec, SSL, AAA, Access-lists, prefix-lists.

Software: Microsoft Vision, Remedy, Service Now, MS SQL Server 2008, HTML, ThreadFix, CheckMarx, HCL AppScan, Micro Focus Fortify Software security center, Fortify Cloudscanner, Sonatype Nexus IQ server, Sonatype Nexus Firewall and Nexus repo manager.

PROFESSIONAL EXPERIENCE

Confidential

IT Infrastructure Security Analyst

Responsibilities:

• Blacklisting and Whitelisting of web links on Blue Coat Proxy servers.
• Worked on design, configuring, and managing of Blue Coat Proxy Servers.
• Performing URL filtering and content filtering by adding web links in Bluecoat Proxy SG’s.
• Providing support to our Enterprise Security architecture for Web Application Threadfix, Checkmarx, Fortify, Jenkins, HCL AppScan, Sonatype Nexus IQ server, Nexus Firewall and Nexus repo manager.
• Monitoring and maintenance support for all web application server’s Production and Development.
• Providing support for maintaining Cognizant Project production servers.
• Working with POC Zoran and maintenance support to Zoran Production servers.
• Monitoring entire enterprise IP’s through Blue Coat Security Analytics
• Managed successful delivery of massive security response portfolio including Splunk and Cisco ISE.
• Providing support for Bolden James Email Classification for our enterprise to monitor Critical and Confidential emails.
• Experience with SQL for extracting the data from SQL database, related to network issues.
• Application code review and remediation.
• Install LDAP proxy server for Islion Prod shares.
• Install & setup Centrify/Cyberark access manager in DMZ.
• EDI/COE server’s integration with Checkmarx.
• Work with Unix team for unlinking Legacy servers from IBM TIM.
• OBDC/RDP blocking.
• AppScan password Account Vaulting/Privileged Accounts/Service Accounts.
• Mainframe Account and Service Account Vaulting.
• Configuring and monitoring firewall changes in Firemon Security Intelligence Platform.

Environment: Big-IP F5 Load Balancer, Cisco Works; MS Visio, Checkpoint, Cisco ASA and Palo Alto firewalls, Blue Coat Proxy, Blue Coat Security Analytics, Threadfix. HCL AppScan, CheckMarx. Fortify, Jenkins, Sonatype Nexus IQ server, Sonatype Nexus Firewall and Nexus repo manager, Splunk, Service Now, Firemon Security Intelligence platform.

Confidential, Cambridge, MA

Network Security Engineer

Responsibilities:

• Worked primarily as a part of the security team and daily tasks included firewall rule analysis, rule modification and administration.
• Design, deployment and maintenance of security/network devices and datacenters of enterprise.
• Daily Firewall rule base changes on Cisco ASA and Checkpoint firewalls, Barracuda NG Firewalls.
• Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls (36+ firewalls) - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
• Successfully installed Palo Alto PA-5000, PA-3000 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls and configured and maintained IPSEC and SSL VPN's on Palo Alto firewalls.
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using Panorama.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Blacklisting and Whitelisting of web URL on Blue Coat Proxy servers.
• Worked on design, configuring, and managing of Blue Coat Proxy Servers.
• Performing URL filtering and content filtering by adding URL’s in Bluecoat Proxy SG’s.
• Managed successful delivery of massive security response portfolio including Splunk and Cisco ISE.
• Deploying Cisco ASA and Bluecoat ProxySG (Web Security Appliance) S170 for URL Filtering Policies.
• Configured Cisco ISE for Wireless and Wired 802.1x Autantication on Cisco Wireless LAN Controllers, Catalyst Switches, and Cisco ASA Firewalls.
• Support customer with the configuration and maintenance of PIX and Cisco ASA firewall systems.
• Creating object, groups, updating access-lists on Check Point Firewall, apply static, hide NAT using smart dashboard.
• Configuration and providing management support for Checkpoint Firewalls (R75, R76 and R77).
• Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/VPN-1.
• Built and support VRRP/Cluster based HA of Checkpoint firewalls.
• Worked on Checkpoint Firewall upgrade from R65 to R77.
• Configuring rules and Maintaining Barracuda NG Firewalls and performed OS upgrade and patching.
• Performed Validation of version end points and definition update on Barracuda NG Firewalls.
• Monitor and troubleshoot BGP, EIGRP, TI circuits, and cellular backup circuits via ICMP and SNMP ticketing systems. Cisco IOS upgrades.
• Working on Cisco 6509 and 4507 series switches for LAN requirements that include managing VLANs, Port Security and troubleshooting LAN issues.
• Implementation of various protocols like RIP, OSPF, BGP and STP.
• Adding agents (IDS/IPS) at Host and Network level to Sentinel.
• Working on Enterprise AV Solutions, IDS\IPS, Firewalls and SIEM (IBM QRadar\HP Arcsight) tools.
• Expertise in networking technologies like LAN, MAN, WAN and peripheral devices.
• Working with VPN tunnels, DS1, DS3 & T1 links.
• Develop Engineering Documentations to record F5 environment and change processes LTM/GTM/iRules.
• Used to handle efficiently a workload of nearly 60 Layer 3 MPLS VPN provision orders which included, MPLS network resource reservation & VPNV4, EBGP configuration checking, Troubleshooting of EBGP sessions with customer carriers in the MPLS cloud which is made up of routers Juniper and Cisco housed in different datacenters (Cisco 7609 and Juniper M320).
• Knowledge and experience with Citrix NetScaler Access Gateway and policy configurations.
• Configure trunk ports and implement granular control of VLANs and VXLANs using NX-OS to ensure virtual and flexible subnets that can extend further across the network infrastructure TEMPthan previous generation of switches.
• Implementation of Juniper Firewall, SSG Series, Net screen Series ISG 1000, SRX Series.
• Working on WebSphere application server to deploy java programs.
• Experience in VMware, Microsoft Active Directory, Puppet, security settings, group policies.
• Manage Active Directory (Windows 2003, Windows 2008 and Windows 2012 Domains).
• Citrix Netscalersetup and administration
• Created progressive new strategy proposals, resulting in two acquisitions for SSL-VPN secure remote access (Net6) and web optimization (Netscaler).
• Performed massive migration from MS ISA Forefront / TMG to NetscalerLoad Balancers.
• Utilized Citrix NetscalerVM for load balancing options across multiple development networks.
• Involved in migrating applications from Netscalerto F5 Big -IP environment.
• Basic and advance F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 and general troubleshooting of the F5 load balancers.
• Helped installed F5 VIPRION load balancers for one of our new datacenters.
• Experience with connectivity of Cisco Networking Equipment with F5 Load Balancer.
• Providing daily network support for national wide area network consisting of MPLS, VPN and point-to point site.

Environment: Juniper routers and switches, Cisco routers 7200; Cisco Catalyst switches 6500, 4500, 2950; Cisco PIX Firewalls 535, 525 Routing Protocols OSPF, BGP; STP, VTP, VLAN; VPN, MPLS, HSRP, GLBP, Big-IP F5 Load Balancer, Cisco Works; MS Visio, Checkpoint, Cisco ASA and Palo Alto firewalls, Blue Coat Proxy.

Confidential, Woodland, TX

Network Engineer

Responsibilities:

• Experience configuring Catalyst (2900, 3500, 3700 and 6500 Series), Nexus (7000, 5000 and 2000 Series) Switches, and Routers (2800, 3600, 4400 Series) and Wireless AP's (1260, 3600) using CLI and GUI.
• Supporting EIGRP and BGP based network by resolving level 2 &3 problems of internal teams & external customers of all locations.
• Deployment of data center LAN using Nexus 7k, 5k, 2k switches.
• Configuration 7500, 7200 with OSPF and catalyst 6505, 4500, 3550 switches with various VLAN.
• Configuration and troubleshooting of Cisco 7500, 7200vxr, 3800, 3600, 2900, 2800, 2600,1800,1700 routers.
• me was involved in migration projects, which involves replacing legacy devices to new Nexus devices and introduced VPCs in the new architecture.
• Worked on Nexus platform 7k series, 5K series (5548, 5020 and 5010), 2248 and successfully implemented VSS on the Cisco catalyst switches.
• Configuration of Cisco unified computing system (UCS) and using UCS manager perform operation such as device discovery, inventory, configuration, diagnostics, monitoring, fault detection, auditing, and statistics collection.
• Administering and evaluating firewall access control requests to ensure that these requests are compliant with client's security standards and policies.
• Successfully installed Palo Alto PA-3060 firewall tan configured and troubleshot using CLI and worked with Panorama management tool to manage all Palo Alto firewall and network from central location.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Administer Palo Alto Firewalls to allow and deny specific traffic and to monitor user usage for malicious activity and future QoS.
• Configuring rules and Maintaining Palo Alto Firewalls& Analysis of firewall logs.
• Configuration of Palo Alto Next-Generation Firewall mainly creating security profiles and VSYS according to client topology.
• Configuration and installation of Palo Alto Networks 5050 application firewalls (NGFW).
• Expertise in Palo Alto design and installation for Application, URL filtering, Threat Prevention and Data Filtering.
• Maintained and updated Active Directory for autantication purposes.
• Configuration and troubleshooting F5 LTM, GTM series like 6600, 6800 for different applications and monitoring the availability.
• Used FireEye to detect attacks through common attack vectors such as emails and webs.
• Gained experience on working with migration to Check Point and Palo Alto next generation firewalls.
• Implemented and administered Websense Web Security Gateway for web content filtering and DLP.
• Improved network and system security through setup and ongoing maintenance of Riverbed IPS and FireEye.
• Firewall deployment, rules migrations, firewall administration and converting existing rule based onto new Checkpoint and Palo Alto Next-Generation Firewall platforms.

Environment: Juniper SRX5400, SRX5600, and SRX5800 and Palo Alto PA-3060 & 5050 Firewalls, Bluecoat Proxies, Juniper IPD, Juniper NSM, Panorama, F5 LTM, GTM 6600, 6800, Nexus (2K, 5K, 7K and 9K), Splunk, Cisco ISE, Websense, Solar Winds NPM.

Confidential

Network Engineer

Responsibilities:

• Day-to-Day work involves scheduling firewall policy provisioning and working with users to identify connectivity related issues and troubleshoot using both Smart Utilities and CLI.
• Managing and administering Juniper SRX and Checkpoint Firewalls at various zones including DMZ, Extranet (Various Business Partners) and ASZ and internal.
• Implementing Security Solutions in Juniper SRX and NetScreen SSG firewalls by using NSM.
• Juniper Firewall Policy management using NSM and Screen OS CLI.
• Daily technical hands on experience in the configuration, troubleshooting of Juniper SRX firewalls as well as experience working directly with customer in a service/support environment.
• Troubleshooting Firewall Connectivity related issues using Smart view tracker on Checkpoint, NSM Log viewer for Juniper Firewalls.
• Install, configure, manage and troubleshoot Cisco SourceFire IPS appliances and defense Center.
• Creating and provisioning Juniper SRX firewall policies.
• Worked with JUNOS OS on Juniper Routers and Switches.
• WebsenseWeb Security Gateway Installation, Upgrade & Configuration 8.4.
• Successfully installed Palo Alto PA-3060 firewalls to protect Data Center and providedL3support for routers/switches/firewalls.
• Configured Panorama web-based management for multiple firewalls.
• Configuring rules and Maintaining Palo Alto Firewalls& Analysis of firewall logs using various tools.
• Understand the flow of traffic through the Check Point Security gateway cluster and troubleshoot connectivity issues using advanced troubleshooting from Command Line Utilities.
• Adding and removing checkpoint firewall policies based on the requirements of various project requirements
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience
• Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for stateful replication of traffic between active and standby member.
• Install and configure Bluecoat Proxy SG in the network for web traffic management and policy configuration.
• Use Tools such as SKYBOX for Firewall Policy optimization and rule base clean up.
• Build and configure Active/Standby Failover on Cisco ASA with stateful replication.
• Experience on ASA firewall upgrades to 9.x.
• Understand different types of NAT on Cisco ASA firewalls and apply them.
• Configure and administer Cisco ASA Firewalls (5585, 5550 and 5540) and use command line CLI, Cisco CSM, ASDM for day-to-day administration.
• Configuring and deploying Cisco ASA 5505; Cisco 594/294; I500 web sense manager at customer locations with minimum downtime possible.
• Active/Standby and Active/Active HA configuration on Cisco ASA Firewalls.
• Configuring rules and maintaining Palo Alto firewalls and analysis of firewall logs using various tools.
• Work with Software Distribution teams to develop and execute Custom Prop for Endpoint systems
• Became a trusted strategic voice in the company, leveraging a deep understanding of clients to help guide Web sense product and business.
• Manage and monitor security rules and policies for Endpoint Protection
• Firewall policy provisioning on Fortinet FortiGate appliances using FortiManager.
• Support Blue Coat Proxy in explicit mode for users trying to access Internet from Corp Network.
• Support the One to Oneproxymigration project from legacy, end of life and proxiestoBlueCoatProxySG units.
• Configuration, operation and troubleshooting of BGP, OSPF, EIGRP, RIP, VPN routing protocol in Cisco Routers &L3Switches.
• Configured MPLSL3and L2 VPNs for customers.
• FWSM configurations in single/multiple context with routed and transparent modes.
• Convert and migrate from Solaris/lanpoint and NetCacheproxy platforms toBlueCoatProxySG.
• Troubleshooting connectivity issues through Blue coat as well writing and editing web policies.
• Involved in Upgrading bluecoat proxy servers from SG s to SG B.
• Administration Big IP F5 LTM for all Local Load balancing and use GTM for load balancing across Data Centers.
• Support Data Center Migration Project involving physical re-locations.
• 24 x7 on call support

Environment: Juniper routers and switches, Cisco routers 7200; Cisco Catalyst switches 6500, 4500, 2950; Big-IP F5 Load Balancer, Cisco Works; MS Visio, Checkpoint, Cisco ASA and Palo Alto firewalls, Blue Coat Proxy, Cisco PIX Firewalls 535, 525 Routing Protocols OSPF, BGP, STP, VTP, VLAN, VPN, MPLS, HSRP, GLBP.

Confidential

Network Engineer

Responsibilities:

• Configuring/Troubleshoot issues with the following types of routers Cisco (7200, 6500, 4500, 1700, 2600 and 3500 series), to include: bridging, switching, routing, Ethernet, NAT, and DHCP, as well as assisting with customer LAN /WAN
• Configured and troubleshoot Juniper Ex 4500 and series switches and Juniper ACX series routers.
• Involved in the deployment of Content Delivery Networks (CDN).
• Experience with SQL for extracting the data from SQL database, related to network issues.
• Experience working with Network-attached storage (NAS) to provide Local Area Network (LAN) nodes with file-based shared storage through a standard Ethernet connection.
• Configuring HSRP between VLANs, Configuring Ether-Channels and Port Channel on Cisco6500 catalyst switches.
• Cisco Secure Access Control Server (ACS) for Windows to autanticate users that connects to a VPN 3000 Concentrator.
• Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPsec/GRE to GET VPN.
• Assisted in MPLS migrations, implemented a backup for the existing WAN connection using site-to-site IPsec VPN tunnels.
• Worked on migration of existing PIX firewall to ASA firewall and with converting PIX rules over to the Cisco ASA solution.
• Worked extensively on Cisco ASA 10/5540) Series.
• Involved in Configuration of Access lists (ACL) on ASA firewall for the proper network routing for the B2B network connectivity.
• Experienced in securing configurations of SSL/VPN connections, troubleshooting Cisco ASA firewalls and related network security measures.
• Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation.
• Experience working with Active Directory (as a centralized system) to automate network security management and user data.
• Worked with Aruba Access point as a Public Wi-Fi and successfully implemented Wireless Access Point (WAP).
• Experienced in working with Session Initiation Protocol (SIP) trunking for voice over IP (VoIP) to facilitate the connection of a Private Branch Exchange (PBX) to the Internet.

Environment: Cisco Catalyst 2960/3750/4500/6500 Series Switches, Linux, Cisco 2800/2900/3000 Series ISR's and Cisco 3640/ 0/3845/3600/2800 routers, SQL, Cisco ASA 5500, Juniper Ex switches, Active Directory, Juniper ACX series routers, Windows Server 2003/2008, ACL, SIP, RIP, OSPF, MPLS, BGP, EIGRP, Wi-Fi, LAN, MacAfee, WAN, WAP, IDS, IPS, Aruba WLAN, VPN, HSRP.