We provide IT Staff Augmentation Services!

Senior Network Security Engineer Resume

3.00/5 (Submit Your Rating)

Dublin, CaliforniA

SUMMARY:

  • Network Engineer with 8.4 years of experience in teh industry, which includes expertise in teh areas of Routing, Switching and Firewall.
  • In - depth expertise in teh analysis, implementation, troubleshooting & documentation of LAN/WAN architecture and good experience on IP services.
  • Worked extensively on Cisco ASA 5500(5510/5540) Series. Experience with Palo Alto 5K series. Migration from ASA to PA.
  • Responsible for creating/managing 200+ SSL VPN utilizingPulseSecureJunos MAG2600.
  • Installing, configuring and troubleshooting ofWirelessnetworkdevices Aruba, Cisco,Motorola, Meru and Symbol Access points and controllers.
  • Experience with Cisco Wireless infrastructure planning, deployment and troubleshooting.
  • Hands on experience working with Data Center Cisco Nexus 9k, 7K, 5K & 2K Switches.
  • Network Design Engineer - Switching/Routing, Cisco ASA 5500 Firewall, Local Area Networks, Network Standards
  • Experience on IP Addressing, Subnetting, VLSM and ARP, reverse & proxy ARP, Ping Concepts.
  • Hands on Experience in Managing Data Center starting from installation to decommission.
  • Automated various repetitive tasks using python scripting.
  • Knowledge of TCP/IP protocol stack, network analysis tools, load balancing technologies, and network services (DNS, DHCP, SNMP, etc).
  • Experience with Palo Alto Network Firewall, Cisco ASA and Checkpoint Firewall.
  • Experience on several Ticketing Tools like JIRA, Change Management,
  • Hands on experience in buildingCiscoACIfabric (policy groups, switch profiles, etc.), tenants - VRFs, Endpoint Groups, Contracts
  • Working Experience on Network Scanning, Management, Alerting &Logging tools like Solar Winds, PRTG, and Wireshark.
  • Worked on implementing and configuring F5 Big-IP LTM-6400 load balancers.
  • Experience in configuring HSRP and redistribution between routing protocols troubleshooting them.
  • Excellent qualities such as Teamwork, Negotiation, Analysis and Communication.

TECHNICAL SKILLS:

Cisco Platforms: Nexus 9K, 7K, 5K, 2K & 1K, Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900, 6807 series), Nx-OS, IOS-XR, Cisco ASA, Cisco ACI

Juniper Platforms: SRX, MX, EX Series Routers and Switches EX4600/9200, QFX 10002/QFX5100

Networking Concepts: Access-lists, Routing, Switching, Subnetting, Designing, CSU/DSU, IPSec, VLAN, VDS,VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi, Citrix Metaframe XP Citrix Provisioning Server, Netscaler

Firewall: ASA, ACI, Firewall (5505/5510), Checkpoint, Cisco ASA, Fortinet

Network Tools: Solar Winds, VMware,SNMP, Cisco Works, Wireshark, HIPPA

Load Balancers: Cisco CSM, F5 Networks (Big-IP)

WAN technologies: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1,DS3,OC3, T1 /T3 & SONET

LAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port-channel, VLANs, VTP, STP, RSTP, 802.1Q

Security Protocols: IKE, IPsec, SSL-VPN

Networking Protocols: RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA, IPv4 and IPv6,BGP,OSPF

Operating System: Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix

PROFESSIONAL EXPERIENCE:

Confidential, Dublin, California

Senior Network Security Engineer

Responsibilities:

  • Configured Object Grouping, Protocol Handling and Code up gradation on Palo Alto Firewalls.
  • Implement SSL VPN solutions including Palo Alto Networks Global Protect with single and multiple gateway solutions including integration of PKI certificates. Integrate multiple vendor IPSEC site to site VPNs, including Palo Alto Networks, Cisco ASA, and Juniper SRX firewalls.
  • Resolving tickets through Service now which are opened by end users.
  • Worked with Palo Alto firewalls PA250, PA4050, PA3020 using Panorama servers, performing changes to monitor/block/allow teh traffic on teh firewall.
  • Technical assistance for LAN/WAN management and complex customer issues.
  • Install, manage and monitored Palo Alto Firewalls in Panorama
  • Experience on license installation, filtering based on Applications, Adding Zones on Palo Alto firewall.
  • Created Build-Outs of New Safe Zone in Palo Alto Panorama VLANS, VIP, IP.
  • Experience in F5 Load balancers for pool migration.
  • Experience deploying BIG-IP F5 LTM Load Balancers for load balancing and traffic management of business application.
  • Write scripts for repetitive tasks utilizingPython3.6 and libraries such as Paramiko and Netmiko for Ssh purposes.
  • Coordination of building transition during teh Juniper/PulseSecureacquisition.
  • Configure all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k ) as well as a centralized
  • Deploy and manage NSX SDN. Design and manage VXLANnetworkvirtualization using ESGs, UDLRs and logical
  • Experience with Cisco ACI (Application Centric Integration) technology implementation
  • Design, deployment, Troubleshooting, and management of Cisco ASA firewalls using CLI.
  • Working in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trucking, STP, Inter-VLAN routing, LAN security
  • Wirelessinstallation and configuration of Aruba and access points.
  • Design, implement and maintain virtualization usingVMwareESXi, workstation and Microsoft Hyper-V.
  • Provided support and guidance for thenetworkautomationtools and worked on ad-hoc scripts.
  • BuildingAutomationtools for Nexus 9K, 2K using Netcong, and Ansible module.
  • Configured teh Network for NetApp SAN with a VPC Configuration on nexus side.
  • Maintained and created scripts in Python dat assisted in pulling in teh necessary data to meet audit and reporting requirements.
  • Successfully integrate and validateOpen stackLiberty with Cisco ACI platform ML2 plugin as teh next generationnetworkinfrastructure for Cisco Cloud.
  • Establish AWS technical credibility with customers and external parties
  • Establishing VPC between Nexus pair and doing a VPC bonding on Nexus ports for increasing bandwidth to servers.
  • Involved in Configuring and implementing of Composite Networkmodels consists of Cisco7600, 7200, 3800 series routers and Cisco 2950, 3500, 5000, 6500 Series switches.
  • Worked extensively onJuniperMX Series Routers and EX series Switches
  • Experience in configuring VDC, FEX pinning, FEX port-channel, port-channel, peer keep alives on Nexus Devices.
  • Worked on Juniper MX-960, MX-480, MX-240, MX-104, MX-80 routers and EX4600, EX4300, EX4200, EX2300, EX 2200 Switches
  • Configuring and installation of Cisco ASR 920 and 100s series routers.
  • Configured HDLC, PPP, TCP/IP, BGP, EIGRP & HSRP.
  • Configured TCP/IP addressing scheme to assigned IP blocks and make changes to DNS, DHCP on infoblox appliance.
  • Performing networkmonitoring, providing analysis using various tools like Wireshark, Solar Winds (NCM, NTM, IPAM).
  • Optimized performance of teh WAN network consisting of Cisco 3550/4500/6500 switches by configuring VLANs.
  • Configured and troubleshooting HSRP, BGP, OSPF, EIGRP, MPLS WAN, MPLS L2VPN, MPLS L3VPN, DMVPN, VPN, STP, HTTPS, NFS, VLAN, QoS.
  • Responsible for redesigning, integrating and installing on teh existing network, 2 Nexus 7010, 4 Nexus 5548, and Fabric extenders during migration.
  • Configured Network for NIC ports in Linux and Windows servers present in Data Center.
  • Hands on experience of data center environment also implementation of VPC, VDC and Fabric path on Nexus 7K, 5K, & 2K Switches.
  • Configured Network for Server Virtualization through VM ware in Data Center.

Confidential, St. Louis, Missouri

Sr Network Security Engineer

Responsibilities:

  • Established BGP peering between onsite datacenter in California and AWS cloud.
  • Worked on Network automation using Python
  • Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
  • Worked on Cisco Routers, Active /Passive Hubs, Switches, Cisco ASA Firewalls, NAT
  • Perform Firewall Policy provisioning onPalo Alto Firewalls, PAN devices using PANORAMA Management Platform.
  • Worked with Network SME for teh NextGen Data Center Cloud Architecture, using Cisco ACI and Nexus 9K.
  • Working with Cisco Account team onsite for creating and testing teh POC
  • Worked on devices Cisco IOS switches, Nexus (5K), Palo Alto firewall (5020, 3020), Juniper, MX, EX and ASA firewall, SSL VPNPulsesecure, F5 load balancer.
  • Experience withNetworkAutomation, Firewall Migration (FTD, FMC) and experience with configuring onsite to cloud connectivity using AWS.
  • Ability to work with end users to troubleshoot and solve theirPulseSecureVPN problems.
  • Deploying and decommission of VLANs on core ASR 9K, Nexus 9K, 7K, 5K and its downstream devices
  • Working Experience on web content filter and gateways like Blue Coat, Websense.
  • BlueCoat WAF proxy services were redeployed to provide WAF on teh guests and contractors network.
  • Adding Websites to teh URL filtering block list in Bluecoat Proxies and upgrading firmware on teh bluecoat proxies.
  • Have Extensive Work Experience on Python Scripting and create Framework as Ansible
  • Created different application policies in teh ACI including Tenants, Application Network Profile (ANP), End Point Group (EPG), Contracts, Filters & Labels.
  • Configuration included deploying of new branch locations or new network devices in teh existing infrastructure. Like, 4500-X in VSS mode and 3850 switches for distribution and POE-user switches
  • Troubleshoot issues with Wireless Access points (Cisco 3502) and configure SSID’s on 5520 Wireless LAN Controllers.
  • Developed theautomationscripts usingPythonto validate credentials and configure interfaces and confirm their reachability of Cisco and Juniper appliances.
  • Configuring Node, pool, VIP, SSL client, server profile in F5 LTM 4000 series Bigip and thereby adding firewall rule to bring teh end servers live
  • Configure all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments
  • Worked with Cisco advance services to implement data center Nexus environment for new Upgraded datacenter for teh NX-OS in 7004 in core layer, 6880 in aggregation layer and cisco 6800 in access layer.
  • Implemented teh Core switch cut over project from Cisco 6509 to Nexus 7004 devices.
  • Configured VPC (Virtual Port Channel), VDC (Virtual Device Context) in Nexus 9K/7k/5k devices
  • Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers.
  • Providing Technical Support and solutions for Network Problems and resolve tickets across sites and corporate offices.
  • Involved in periodic IOS upgrades, troubleshooting network outages and high severity incidents.
  • Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
  • Participate in all technical aspects of LAN, WAN, VPN and security Internet Service projects including, short and long-term planning, implementation, project management and operations support as required.
  • Creating or Modifying Firewall rules on Cisco 5555, 5520, Juniper SRX and Palo Alto VM-300 devices.
  • Upgrading teh IOS on Network Devices including cisco 6800, 6500 and Palo Alto VM-300 devices
  • Experience in working in panorama, Palo Alto user interface version 8.0.2 and VM-300 series firewalls.
  • Creating templates in panorama to manage teh individual devices from it.
  • Configuring HA pair for two Palo VM-300 series AWS instance firewalls and testing teh failover activity as well as ENI migration.
  • Design and Building Software-Defined Data Center environment, includingVMware, VCenter, NSX and Cisco ACI.
  • Creating Network objects, dynamic address groups, FQDN and assigning it to rules based on teh information in tickets
  • Creating custom URL profile based on teh expressions and assigning it to rule to perform URL filtering.
  • Configuring network interfaces, static routes, and NAT rules in panorama and thereafter pushing to individual Palo Alto devices.
  • Performing teh software upgrade from version 7 to 8.0.2 on panorama and VM-300 series Palo Alto firewalls.
  • Configuration included VLANs & VTP, STP port features, Gateway redundancy using HSRP, enterprise security using Cisco Port Security and Dot1X framework.

Confidential, Boise, Idaho

Sr Network Engineer

Responsibilities:

  • Install and configure Cisco routers, switches and firewalls of various models. Upgrade codes, IOS, and patches for different network devices.
  • Strong experience onJuniperSSG series Firewalls and Checkpoint R75, 76 Firewalls
  • Performed TCP/IP networking based administration including VLANs, inter-VLAN routing, Trunking, STP, RSTP, port aggregation & link negotiation and port security
  • Responsible for Checkpoint firewall management and operations across our global networks.
  • Working with Checkpoint Support for resolving escalated issues
  • Design Data Center, layer 2 and 3 configuration & administration of firewall (Cisco ASA, Palo Alto,)
  • Deployedpulsesecureload balancer on VM ware for Virtual servers and configured round robin distribution across teh serves in teh pool
  • Configuration & troubleshooting of routing protocols: Static, OSPF and EIGRP and BGP.
  • Troubleshooting LAN and WAN problems, Application working slow problems.
  • Responsible for all Load Balancing; i.e., F5 LTM/APM ASM/ and other Modules.
  • Configuration of 4000 series Cisco Wireless LAN Controllers for access points.
  • Planning teh placement of wireless access points and maintaining wireless devices to provide seamless connectivity.
  • Automated network implementations and tasks and designed monitoring tools using python scripting.
  • Tracking Mac-address from core switches for port finding for Vlan change
  • Configuration of checkpoint rules and policies and pushing them in checkpoint smart dash board.
  • Hands on support for Cisco firewall solution including Cisco ASA 5xxx, Cisco AIP, Cisco SSL.
  • Configured and Deployed Cisco ACL.
  • DevelopedAutomationScripts to configure thenetworkappliances and Managed Code Repository by maintain code repository in GIT; and administered practices of branching and code merging.
  • Configured Security Policies including NAT, PAT, AAA, ACL's Standard Access Lists, Distribute-Lists, Route-Maps, VPN Concentrators, IPS/IDS on ASA firewalls
  • Monitor/maintain network connectivity & traffic using network monitoring tools to ensure optimal performance
  • Experience working in datacenter environment, configuration changes as per teh needs of company and Implementing and troubleshooting VLAN’s, VTP, STP, Trunking, Ether channels
  • Configuration of IP and Routing technologies for various protocols such as EIGRP, OSPF, BGP for MPLS network.
  • Expertise in document creation with technical configurations, billing, security standards design and network documentation using MS VISIO.
  • Responsible for researching new technology directions and making recommendations for improving teh reliability & functionality of LAN & WAN.
  • Monitor network performance, troubleshoot using Solar winds

Confidential, Issaquah, Washington

Network Engineer

Responsibilities:

  • Experience with convert Checkpoint VPN rules over to teh Cisco ASA solution. Migration with Cisco ASA VPN experience
  • Involved in configuring Juniper SSG-140 and Check point firewall
  • Created TEMPeffective network security by migrating from Check Point FW-1 NG to ASA 5510 Firewalls
  • Has a good experience working with teh Trouble Tickets on F5 Load balancers and ASA Firewalls
  • Working with Cisco Nexus 2148 Fabric Extender and Nexus 5500 series to provide a Flexible Access Solution for datacenter access architecture
  • Design and integration ofJuniperSSG series firewalls, SA VPN Appliances, J series Routers, and EX series switches.
  • Implemented VPN solutions for site-to-site connectivity using Juniper SRX services gateway and remote access VPN solutions using JuniperPulsesecureaccess.
  • Working with CISCO Nexus 7000, Nexus 5000, and Nexus 2000 platforms
  • Performed network troubleshooting, second level technical support, and tape backup operations.
  • Served as a main escalation point of contact for level II personnel.
  • Configured Wireless Access Points in order to control them with RADIUS server
  • Coordinated with higher-level support and external vendors for resolution.
  • Configured VLAN's on Switches for Wireless Access Points.
  • Monitored Network Management System and responded to events, alarms and trouble tickets.
  • Included network services such as DNS, email, web, Servers, VPN and Firewall.

Associate Network Engineer

Responsibilities:

  • Configuration of Access List ACL (Std., Ext, Named) to allow users all over teh company to access different applications and blocking others.
  • Troubleshoot problems on a day-to-day basis and documented every issue to share it with design teams.
  • Worked with Network Design and implementation teams on various projects across related to Branch, Campus and Data Center.
  • Deploying and decommissioning Cisco switches and their respective software upgrades.
  • Performed Break Fix support through driving to different buildings, identifying teh root cause of teh hardware issues with switches, routers.
  • Performing troubleshooting on slow network connectivity issues, routing issues dat involves OSPF, BGP and identifying teh root cause of teh issues.
  • Prepare Design documents, VISIO diagrams and Implementation plan for all projects on teh Network environment.
  • Troubleshoot Network Issues onsite and remotely depending on teh severity of teh issues.
  • Installed, configured and maintained with teh latest updates on teh 3700, 3800, 7200 and 7600 Cisco Routers and 2960, 3750, 3560, 6500 switches.
  • Configuring all teh end ports as access ports using port fast and implementing BPDU guard.
  • Monitoring teh network, troubleshooting network problems, implementing changes, provided Cisco IOS.
  • Upgrades and backups of Cisco router configuration files to a TFTP server.

We'd love your feedback!