SUMMARY

• Network Security Specialist with expertise in build, operations with 6+ years of rich experience in IT Networks and Security, Troubleshooting, Design and implementation.
• Experience in configuring and supporting VPN on Cisco VPN concentrators and 2811 routers.
• Worked, configured and supported server/ application load balancing using ACE & F5.
• Highly experienced in VPN implementation IPsec VPN and SSL VPN Server - to- Server and Client-to Server.
• Installation, administration, migration and support of Windows NT4.0, Windows 2000, 2003, 2008 and 2012, Win 7/ W2K Professional/Home, Windows 98, Windows XP.
• Checkpoint, Fortigate, Cisco ASA, Cisco PIX and Palo Alto Firewalls Administration Experience in Checkpoint firewall administration and troubleshooting.
• Experience in configuring, implementing, managing, and monitoring Palo Alto Virtual System (Vsys) firewalls using Panorama.
• Deployed panorama M- Series appliance M-100 & M-500.
• Experience in Palo Alto Firewall post migration support & policy/rules configurations
• Worked on F5 Local Traffic managers (LTM),
• In-depth knowledge and proficient using the F5 based profiles, monitors, VIP’s, pools, pool members, iRules for virtual IP’s and on scripting the iRules using TCL and PERL for HTTP redirection.
• Experience in Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions for ASA.
• Hands on Experience with F5 Big-IP LTM, ASM, Edge Gateway, APM for application delivery services.
• Excellent knowledge and experience on different platforms like Cisco, Checkpoint, F5 Big-IP LTM load balancers and VMware.
• Fortimangager/Fortianalyzer Experience - used these tools during the process of installing and maintaining the firewalls.
• Specifically, will be used Fortimanager to push out the firewall rules.
• Flexible and adaptable working capability as an individual or in a group.

TECHNICAL SKILLS

Security & VPN: PIX 500 Firewall, ASA 5505 Firewall, AIP SSM, CSC, SSM, FWSM, ACL-Access Control List, IPS/IDS, NAT, PAT, Cisco ACS

Operating Systems & Tools: Cisco IOS, Windows NT 4.0 (Desktop/Server), Windows 2000/2003/2008 Server, Windows XP/Windows 7/8, LINUX, Solaris, Active Directory, Apache Server

Network Security: ACL, IPsec VPN, Port-security, AAA, Zone-Based Firewalls, IOS based router security firewalls, IDS/IPS, Palo Alto firewalls,WAF, Zscaler

Load Balancer: Cisco ACE, F5 LTM (2000s, 5250v, 10250v) and GTM (4200v).

Monitoring Tools: SolarWinds

Ticketing Tools: Service now,HPSM

Firewall: Checkpoint R75, R77 Gaia, Provider-1/MDS and VSX,ASA(5510,5520, 5540) PIX, FWSM.Palo Alto Panorama, PA-500, PA-3060, Fortiagte, Imperva WAF

PROFESSIONAL EXPERIENCE

Confidential

Senior Network and Endpoint Security Engineer

Responsibilities:

• Tracked and monitored incoming security complaints by using Service now ticketing tool
• Expertise in analyzing information system needs, evaluating Environment and Infrastructure requirements, custom designing solutions, based on and related to Client Business.
• Paloalto Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network
• Having team meetings with USA colleagues, taking approvals from CAB meetings
• Raising tickets with TAC team, arranging meetings with vendor for resolution on the tickets raised by customers.
• Participating with team for migration of the firewalls.
• Co-ordinating with Team for resolution of any P1/P2 issues
• Weekly coordination with SOC team to work on new IOC’s to block malware IP’s/URLs on firewall
• Configuration including layer 2/3 troubleshooting, device replacements RMA support.
• Experience on Solarwinds Monitoring tool to monitor health status of security devices and perform basic troubleshooting

Confidential

Senior Software Engineer

Responsibilities:

• Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
• PaloAlto devices upgradation
• Troubleshooting and maintenance of Cisco ISE nodes, adding new Mac address
• Created/modified necessary profiles that allowed authorized devices on to the network
• Configuration and troubleshooting on VPN (pulse secure)
• Pulse Secure VPN Gateway Upgrading to 9.1R4.2 (build 5035) from 9.0R3.4 (build 64053).
• Adding websites in Imperva(WAF)
• To remediate vulnerabilities on security devices
• Attending CAB meetings
• Upgrading Panorama and Log collectors
• Deployment and decommission of firewall devices

Confidential

Network Security Engineer

Responsibilities:

• Rule coding, Analyzing Logs on Checkpoint firewall and Fortigate firewall.
• Configuring, Administering and troubleshooting the Checkpoint and Fortigate firewall.
• Maintaining virtual firewalls and creating new bongs for the checkpoint VSX cluster firewalls.
• Worked on R77.30 Gaia, R80.10 implementing new and additional rules on the existing firewalls for a server refresh project

Confidential

Network Security Engineer

Responsibilities:

• Working with international clients (U.S & U.K)
• Working in team to Migrate 20K+ server & application.
• Responsible for changes & troubleshoot issue during POCs & Waves.
• Handle ARISTA Multilayer Switches 7280R-C36, 7500R-36CQ, 7160-48TC6, 7010T
• Responsible for implementing firewall technologies including general configuration, optimization, security policy, rules creation and modification of Palo Alto Firewalls.
• Responsible for Palo Alto firewall administration across our global networks.
• Taking the Configuration Backups of all the Fortigate Firewalls, Routers and Switches on weekly basis.
• Configuring and upgrading on multiple Fortigate firewalls and integrating to Fortimanager and Fortianalyser.
• Cisco ASA/Fortigate and Paloalto Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Rule coding, Analyzing Logs on Checkpoint firewall and Fortigate firewall.
• Configuring and troubleshooting IPsec VPN on ASA Firewall, Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Palo Alto Rule changes PA-2000/PA-4000, templates, object creation, planning, configuration changes, OS upgrades, CLI troubleshooting, audits all single managed.
• Responsible for the planning, design, implementation, organization and operation of Palo Alto Firewalls based perimeter security network and network security devices including but not limited to 7000, 5000 and 3000 series FW’s.
• Implementing regulatory systems in accordance with IT security.
• Assisted various technical groups and resolved all issues that occurred in network and other systems.

Confidential

Network Security Engineer

Responsibilities:

• Experienced in Configuring Checkpoint Firewall (Version R75, R77) and CISCO ASA firewalls as Standard and Distribution deployment to have the network secure and maintained Site to Site VPN connection through the Firewalls.
• Experience on Check Point Firewalls NG, NGX, NG R55, NGX 60, NGX R65, R70, R75,UTM and Cisco ASA 5505, 5510, 5540, 5500 series.
• Worked on F5 LTM like creation of VIP, Pool and Nodes. And joining troubleshooting calls related to application issues installed on F5 lb.
• Checking Logs and performing regular archives in F5 load balancers monthly.
• Working on maintenance related activities of webservers and keeping websites under maintenance with the help of BIG-IP.
• Worked on various platforms of Checkpoint like - Nokia, Checkpoint (SPLAT) and handled the migration to Checkpoint Provider 1 platform.
• Rule base verification and migration on Checkpoint firewalls, Performed PCI/SOX audits on firewall rule bases with compliance team.
• Worked on F5 LTM like creation of VIP, Pool and Nodes. And joining troubleshooting calls related to application issues installed on F5 lb.
• Perform SSL Offloading on F5 LTMs. Also, renewing certificates to ensure the security of websites.
• Check and take action on network latency, CPU utilization, load balances, Bandwidth utilization and address spoofing.
• VPN user creation in checkpoint firewalls.
• Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
• Participation on Various troubleshooting calls related to firewall issues like Failover, Nat, Acl and connectivity issues.
• Participation with customer call for VPN connectivity establishment and for joint troubleshooting.
• Assist with resolving security issues, outages or compromises. Provide Customers with timely status update on service disruptions and issues.
• Responsible for solving Incidents and service requests raised in BMC Remedy.
• ProvideON-CALLsupport for criticalincident (P0/P1) provide RCA.
• Working onStandardizednetwork security setupto provide vulnerable free and stable network security
• Performing critical changes on Data center devices.