SUMMARY

• 7 years of working experience in Network Infrastructure, Security which includes designing, deployment and providing network support, installation and analysis for a broad range of LAN/ WAN protocols, routing, switching, configuring, implementation, troubleshooting of complex networking system. Working experiences with Routers, Switches, Load Balancers, Firewalls and Proxies.
• Analyzed and automate malware/virus and threat metrics throughout our various tools: helping Incident Response team in building new rules in IPS,FireEye, RSA
• Security Analytics(SIEM), McAfee (NSM),Qradar, Splunk, McAfee ePO, IronPort AirTight and Archer GRC.
• AppliedSIEM, HBSS, IDS, IPS, SNMP monitoring tools, dynamic data analysis, vulnerability assessments and techniques.
• Expertise on FireEyeHX - administration/deployment of customized agents for endpoint IR and IOC identification.
• Responsible for performing administrator duties for Confidential InfosphereGuardium (V9.x, V10.x) on more than 130 appliances. This includes building and configuring new appliances as well as migration of V9.x appliances to V10.x.
• Helping application teams in on-boarding Splunk and creating dashboards, alerts, reports etc.
• Setup Splunk Forwarders for new application levels brought into environment.
• Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail andsummaryinformation utilizing McAfee ePolicy Orchestrator (McAfee ePO), McAfee Realtime, HP Network Node Manager (NNMI), andQRadar.
• MappingWirelessNetworks for clients for voice quality networks for large scale campuses.
• Analyzingwirelessinterference for client to insure quality network connectivity and bandwidth for large corporations to include 2,000+ employees over multiple company sites.
• Designingwirelessnetworks for large scale corporations, on large campuses, or 200,000+ square foot warehouses.
• Experience in analyzing user data requirements to work with system owners to integrate new ArcSight feeds.
• Expert in installingSPLUNKlogging application for distributed environment
• Performed network-engineering tasks like designing, planning in F5 LTM, GTM, EM, AFM & APM load balancing implementation and Deployed F5 Enterprise manager of 4000 series for the all cluster devices over the network.
• Designed, troubleshooted rule/layers on large Internet Facing Bluecoat proxy SG appliances, including configuration, setup, upgrade and replacements.
• Hands on experience on the Palo Alto firewall platforms PA-7050, PA-5050, PA-2000 series, PA-200, PA-500.
• Experience in CreatingCustom Antivirus, AntiSpyWare, Vulnerabilities profile per organization standards and apply them to security policies.
• Proven expertise in diagnosing and resolving complex hardware, software and networking issues, ensuring responsive 24/7 functionality and support for users across multiple locations.

TECHNICAL SKILLS

Security/vulnerability tools: Checkpoint, PaloAlto, CiscoASA, FireEye, Nessus, Sourcefire, Rapid7, Websence,Splunk, Guardium, Confidential Qradar

Switches: Cisco Catalyst 3560, 3750, 3850.

Routers: Cisco 3600, 3800, 3900, 2900, 2500, 1600,1700,1800.

Routing: RIP/RIP V2, OSPF, OSPFV3, EIGRP, BGP

Switching: VLAN, Dot1Q, VTP, STP, RSTP, PVST, PVST+, HSRP, GLBP, Port Security.

Protocols: TCP/IP, UDP, ARP, DNS, DHCP, SNMP, HTTP

LANWAN: Ethernet, Frame relay, HDLC, PPP

VPN: PPTP, L2TP, Site to Site, IPSEC, SSL

Operating System: Win 7 and Windows 2012 server, Linux

Others: Windows Server 2008/2012, MS SQL, C and JavaScript

PROFESSIONAL EXPERIENCE:

Confidential

Sr. Network Security Engineer

Responsibilities:

• Monitor and respond to network intrusions and vulnerability alerts raised by automated detection systems, internal and external reports and manual investigation, using tools such as: Solar Winds Network Monitoring, Source Fire IDS, Palo Alto and Checkpoint Firewall Administration.
• Actively usedSIEMtechnology for searching and monitoring real time events for network security and compliance
• Correlate activity across large-scaleFireEyedeployments to reveal multi-stage,multi-vector attack patterns
• Installed, configured and administered Splunk Enterprise Server and Splunk Forwarder on Redhat Linux and Windows servers.
• Implementation of Confidential Guardium Data Activity Monitoring (DAM) solution to increase security posture with protecting ePHI, PII, and PCI.
• Administers Guardium to detect threat vectors, vulnerabilities, and access to confidential data that may pose potential breach to Scripps data assets. Monitors internal access to data assets to determine potential theft.
• Develop F5 load balancer configuration for internal and external connections.
• Configuration and troubleshooting F5 LTM and providing level 2 and level 3 support for the customers.
• Initiated mobile lock down policy to maintainsecurityon tablets and cellphone devices.
• Maintained users and profiles onwirelessmobility servers.
• Extensively worked on virtual F5 LTM module on VMware for application testing.
• Design and deployed F5 LTM and GTM load balancer infrastructure per business needs from the ground up approach.
• Experience in managing the load balancers in a high-availability infrastructure.
• Configure and troubleshoot Bluecoat as forward proxy for all Web URL Filtering.
• Configure Bluecoat proxies using bluecoat director for content and URL filtering.
• Implementation and management of Bluecoat proxy servers to replace existing ISA Proxy servers layered with Websense content filtering.
• Adding Websites to the URL filtering blocklist in Bluecoat Proxies and upgrading firmware on the Blue coat proxies.
• Migration of ISA Proxy to Bluecoat ProxySG to ensure data security, integrity, and compliance.
• Analyze IDS alerts to assess, prioritize, and differentiate between potential intrusion attempts and false alarms.
• Administered IDS/IPS to maximize network security, pushing and updating policies, and analyzing traffic.
• Monitor IDS logs filtering potentially threatening activity from normal network traffic.
• Provide high-level reports on the overall status of the Source fire implementation and operations to client's executive and management staff during daily morning briefings
• Managed multiple security devices to protect the Enterprise's network - Vulnerability Scanners, Malware Detection, Intrusion Detection; Host based Firewalls, SIEM, Web Application Firewall.
• Tripwire Enterprise Administrator, monitoring over 4000 systems daily to include servers, databases, virtual systems, and network devices.

Confidential, Englewood, Ohio

Jr. Network Security Engineer

Responsibilities:

• Designing, installing and deploying FireEye for centralized Network monitoring and management against cyberattacks
• Worked on Incident Response tools such as: Redline, Google Rapid Response (GRR) FTK, EnCase, Blacklight, FakeNet, pestudio,FireEyeHXand AX, etc
• Share the latest local and global threat intelligence acrossFireEyecyber security products.
• Used Guardium interface to create custom reports and policies for database monitoring.
• Utilizing Splunk andFireEyealerts, provided remediation efforts for routine incidents
• Architecture, implement, and support the F5 BIG-IP infrastructure included LTM, GTM, APM, and ASM.
• Configured and troubleshooting the F5 LTM and APM and providing level 2 support for the customers.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• F5 build-out of the base F5 BIG-IP infrastructure, including the BIG-IP 10200v platforms and vCMP guest instances.
• Create VIP, Pool, Profiles, and custom monitor on the F5 LTM.
• Configured Bluecoat Proxy SG Web Application Reverse Proxy for securing and accelerate public web applications.
• Provides Bluecoat Proxy support services to Company's networks worldwide.
• Implemented URL filtering requests in Bluecoat Proxy SG for website blocklist and whitelist purpose.
• Support Bluecoat proxy migration to new platform for all Business and Data centers in environment.
• Troubleshooting and resolving issues with Bluecoat reports, by recreating databases, recreating reports, performing functional builds
• Provides day to day support for firewall engineering and operations tasks and level 1 & 2 on-call technical support for the Firewall Engineering and Operations team; including assisting peers with issues and escalation.
• Manages, maintains and support Checkpoint Firewalls, IPS/IDS, and Endpoint servers, PKI and network security Infrastructure.
• Integrated Checkpoint firewall into client's existing network to provide security for applications and handled Incident tickets related to the issues in the Firewall along with the connectivity issues.
• Managed Check Point Firewalls from the command line using Putty sessions. (cpconfig and Sysconfig).
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Palo Alto rules.
• Designed and implemented domestic and international site-to-site VPN IPSec infrastructure to corporate remote offices.
• Monitored host based loaded signatures captured events utilizing Sourcefire IDS, utilized Sourcefire IDS to begin analysis on events to determine if those events were false positive, false negatives or true incidents and begin the Incident Handling Process.
• Understanding of TCP/IP networking, IP routing, Server Load Balancing, and Network Security architecture and core technologies, Firewalls, ACLs, DNS, DHCP, IPAM, LDAP, NFS.
• Troubleshoot LAN/ WAN related network issues using Cisco works and Solar Winds and participate in 24x7 on-call.
• Experience with Network Monitoring Solutions (Nagios, Solar Winds, etc.).

Confidential

Network Engineer

Responsibilities:

• Reviewing & creating the firewall rules and monitoring the logs as per the security standards in Cisco Firewalls.
• Configuration and troubleshooting F5 LTM and providing level 2 and level 3 support for the customers.
• Collaborating with Application owners, Network Team, DNS Team, and Firewall Team, to migrate applications from Legacy NetScaler Load Balancer to New F5 BIG-IP Local Traffic Manager
• Configuring/Troubleshoot issues with the following types of routers Cisco (7200, 6500, 4500, 1700, 2600 and 3500 series), to include: bridging, switching, routing, Ethernet, NAT, and DHCP, as well as assisting with customer LAN /MAN, router/firewalls.
• Worked extensively on Cisco ASA 10/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.
• Implemented WebSense web filtering solutions, responsible for daily maintenance, logging analysis and troubleshooting.
• Performed network configurations and troubleshooting of OSPF, EIGRP and BGP routing protocols.
• Troubleshoot and provide rapid recovery on Enterprise LAN/WAN network on platform of 1000+ Cisco router and switches.
• Design and create dedicated VLANs for voice and data with for prioritizing VOICE over data on catalyst switches and basic VOIP configuration.
• Designed and implemented DMZ for Web servers, Mail servers &FTP Servers using Cisco ASA5500 Firewalls.
• Responsible for secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures.
• Responsible to support and manage various network platforms, including Cisco switches ( s) and routers, Cisco ASA and Checkpoint firewalls, F5 and Nortel load balancers, SSL accelerators and VPN devices.
• Participated in on call support in troubleshooting the configuration and installation issues.

Confidential

Jr. Network Engineer

Responsibilities:

• Installation and configuration of various Routers like 800, 1600, 2500, 2600 and configuration of various Cisco switches like 2960, 3560
• Build, rebuild, and troubleshoot Confidential /Dell laptops, Compaq/Dell/ Confidential desktops and Servers with 2000pro, XP Pro, 2000/03 server.
• Troubleshoot and configured connectivity issues related to VPN, DHCP, DNS, Firewall DMZ.
• Implemented WAN, LAN, VOIP, Security solutions in health care, retail, manufacturing and financial services
• Configuring IPsec VPNs as per customer requirements with standard encryption and encapsulation.
• Reviewed network device configurations and recommend fixes using industry best practices.
• Install, configure, and troubleshoot wireless issues.