SUMMARY:

• 6+ years of working experience in Network Infrastructure, Security which includes designing, deployment and providing network support, installation and analysis for a broad range of LAN / WAN protocols, routing, switching, configuring, implementation, troubleshooting of complex networking system. Working experiences with Routers, Switches, Load Balancers, Firewalls and Proxies.
• Performed network - engineering tasks like designing, planning in F5 LTM, GTM, EM, AFM & APM load balancing implementation and Deployed F5 Enterprise manager of 4000 series for the all cluster devices over the network.
• Designed, troubleshooted rule/layers on large Internet Facing Bluecoat proxy SG appliances, including configuration, setup, upgrade and replacements.
• Hands on experience on the Palo Alto firewall platforms PA-7050, PA-5050, PA-2000 series, PA-200, PA-500.
• Experience in CreatingCustom Antivirus, AntiSpyWare, Vulnerabilities profile per organization standards and apply them to security policies.
• Proven expertise in diagnosing and resolving complex hardware, software and networking issues, ensuring responsive 24/7 functionality and support for users across multiple locations.
• Strong knowledge in DNS, DHCP, IP addressing. Experience of IP Service - DNS, DHCP, IPAM and Active Directory DNS.
• Troubleshooting of LAN, WAN, WLAN &VoIP networking issues using Wireshark, TCP dump, Netflow, Syslog and other advanced tools and methodologies.
• Implementation and Integration of Servers (Windows, Linux and Unix), Security devices like Firewall, IPS, IDS, WAF, Nessus, BluecoatProxy, F5 IDM, Symantec Endpoint Protection).
• Configured L3 protocols (IP, BGP, OSPF, EIGRP, IGRP, RIP), redistribution, summarization, Filtration (using distribute list, route map, prefix list, access list).
• Worked on Cisco 2300, 4000, 6500 series Router and Cisco 1600, 2900, 6500 series switches.
• Implementing, maintaining and troubleshooting switching tasks such as VLANs, VTP, VLAN Trunkingusing ISL and 802.1Q, STP, RSTP, PVST+, EtherChannel using LACP and PAGP, Inter-Vlan routing.

TECHNICAL SKILLS:

Security/vulnerability tools: Checkpoint, Paloalto, Bluecoat proxy, CiscoASA, Nessus, Sourcefire, Rapid7, Websence

Protocols: TCP/IP, UDP, ARP, DNS, DHCP, SNMP, HTTP VPN PPTP, L2TP, Site to Site, IPSEC, SSL

Routing: RIP/RIP V2, OSPF, OSPFV3, EIGRP, BGP Switching VLAN, Dot1Q, VTP, STP, RSTP, PVST, PVST+, HSRP, GLBP, Port

Security Routers: Cisco 3600, 3800, 3900, 2900, 2500, 1600,1700,1800 Switches Cisco Catalyst 3560, 3750, 3850

Others: Windows Server 2008/2012, MS SQL, C and JavaScript

Operating System: Windows 7 and Windows 2012 server, Linux

PROFESSIONAL EXPERIENCE

Confidential, Chicago,Illinois

Senior Network Security Engineer

Responsibilities:

• Monitor and respond to network intrusions and vulnerability alerts raised by automated detection systems, internal and external reports and manual investigation, using tools such as: Solar Winds Network Monitoring, Source Fire IDS, Palo Alto and Checkpoint Firewall Administration.
• Develop F5 load balancer configuration for internal and external connections.
• Configuration and troubleshooting F5 LTM and providing level 2 and level 3 support for the customers.
• Extensively worked on virtual F5 LTM module on VMware for application testing.
• Design and deployed F5 LTM and GTM load balancer infrastructure per business needs from the ground up approach.
• Experience in managing the load balancers in a high-availability infrastructure.
• Configure and troubleshoot Bluecoat as forward proxy for all Web URL Filtering.
• Configure Bluecoat proxies using bluecoat director for content and URL filtering.
• Implementation and management of BlueCoat proxy servers to replace existing ISA Proxy servers layered with Websense content filtering.
• Adding Websites to the URL filtering blocklist in Bluecoat Proxies and upgrading firmware on the Blue coat proxies.
• Migration of ISA Proxy to Bluecoat ProxySG to ensure data security, integrity, and compliance.
• Analyze IDS alerts to assess, prioritize, and differentiate between potential intrusion attempts and false alarms.
• Administered IDS / IPS to maximize network security, pushing and updating policies, and analyzing traffic.
• Monitor IDS logs filtering potentially threatening activity from normal network traffic.
• Provide high-level reports on the overall status of the Source fire implementation and operations to client's executive and management staff during daily morning briefings
• Administrating PaloAlto Network Firewalls using Panorama Centralized Management Systemand troubleshooting firewall rules to prevent system problems.
• Migration and implementation of Palo Alto Next-Generation Firewall seriesPA-500, PA-3060, PA-5060, PA-7050, PA-7080.
• Troubleshoot traffic passing managed firewalls via logs and packet captures
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Managed multiple security devices to protect the Enterprise's network - Vulnerability Scanners, Malware Detection, Intrusion Detection; Host based Firewalls, SIEM, Web Application Firewall.
• Tripwire Enterprise Administrator, monitoring over 4000 systems daily to include servers, databases, virtual systems, and network devices.
• Perform vulnerability, configuration and compliance scan with Nessus to detect deficiencies and validate compliance of information systems configuration with organization's policies and standards.
• Proficient in understanding application level vulnerabilities like XSS, SQL Injection, CSRF, authentication bypass, cryptographic attacks, authentication flaws etc.
• Conduct network Vulnerability Assessments using tools to evaluate attack vectors, Identify System Vulnerabilities and develop remediation plans and Security Procedures.
• Identifying the critical, High, Medium, Low vulnerabilities in the applications based on OWASP Top 10 and prioritizing them based on the criticality.
• Developed reports and metrics for senior Compliance management and Core Compliance as required.
• Utilized application groups, SSL decryption, IPS, antivirus, anti-spyware, URL filtering, NAT, VPN, and the Reporting features of Palo Alto.

Confidential, Englewood, Ohio

Jr. Network Security Engineer

Responsibilities:

• Architecture, implement, and support the F5 BIG-IP infrastructure included LTM, GTM, APM, and ASM.
• Configured and troubleshooting the F5 LTM and APM and providing level 2 support for the customers.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• F5 build-out of the base F5 BIG-IP infrastructure, including the BIG-IP 10200v platforms and vCMP guest instances.
• Create VIP, Pool, Profiles, and custom monitor on the F5 LTM.
• Configured BlueCoat Proxy SG Web Application Reverse Proxy for securing and accelerate public web applications.
• Provides Bluecoat Proxy support services to Company's networks worldwide.
• Implemented URL filtering requests in Bluecoat Proxy SG for website blocklist and whitelist purpose.
• Support Bluecoat proxy migration to new platform for all Business and Datacentres in environment.
• Troubleshooting and resolving issues with BlueCoat reports, by recreating databases, recreating reports, performing functional builds
• Provides day to day support for firewall engineering and operations tasks and level 1 & 2 on-call technical support for the Firewall Engineering and Operations team; including assisting peers with issues and escalation.
• Manages, maintains and support Checkpoint Firewalls, IPS/IDS, and Endpoint servers, PKI and network security Infrastructure.
• Integrated Checkpoint firewall into client's existing network to provide security for applications and handled Incident tickets related to the issues in the Firewall along with the connectivity issues.
• Managed Check Point Firewalls from the command line using Putty sessions. (cpconfig and Sysconfig).
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Palo Alto rules.
• Designed and implemented domestic and international site-to-site VPN IPSec infrastructure to corporate remote offices.
• Monitored host based loaded signatures captured events utilizing Sourcefire IDS, utilized SourceFire IDS to begin analysis on events to determine if those events were false positive, false negatives or true incidents and begin the Incident Handling Process.
• Understanding of TCP/IP networking, IP routing, Server Load Balancing, and Network Security architecture and core technologies, Firewalls, ACLs, DNS, DHCP, IPAM, LDAP, NFS.
• Troubleshoot LAN/ WAN related network issues using Cisco works and Solar Winds and participate in 24x7 on-call.
• Experience with Network Monitoring Solutions (Nagios, Solar Winds, etc.).

Confidential

Network Engineer

Responsibilities:

• Reviewing & creating the firewall rules and monitoring the logs as per the security standards in Cisco Firewalls.
• Configuration and troubleshooting F5 LTM and providing level 2 and level 3 support for the customers.
• Collaborating with Application owners, Network Team, DNS Team, and Firewall Team, to migrate applications from Legacy NetScaler Load Balancer to New F5 BIG-IP Local Traffic Manager
• Configuring/Troubleshoot issues with the following types of routers Cisco (7200, 6500, 4500, 1700, 2600 and 3500 series), to include: bridging, switching, routing, Ethernet, NAT, and DHCP, as well as assisting with customer LAN /MAN, router/firewalls.
• Worked extensively on Cisco ASA 10/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.
• Implemented WebSense web filtering solutions, responsible for daily maintenance, logging analysis and troubleshooting.
• Performed network configurations and troubleshooting of OSPF, EIGRP and BGP routing protocols.
• Troubleshoot and provide rapid recovery on Enterprise LAN/WAN network on platform of 1000+ Cisco router and switches.
• Design and create dedicated VLANs for voice and data with for prioritizing VOICE over data on catalyst switches and basic VOIP configuration.
• Designed and implemented DMZ for Web servers, Mail servers &FTP Servers using Cisco ASA5500 Firewalls.
• Responsible for secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures.
• Responsible to support and manage various network platforms, including Cisco switches ( s) and routers, Cisco ASA and Checkpoint firewalls, F5 and Nortel load balancers, SSL accelerators and VPN devices.
• Participated in on call support in troubleshooting the configuration and installation issues.

Confidential

Jr. Network Engineer

Responsibilities:

• Installation and configuration of various Routers like 800, 1600, 2500, 2600 and configuration of various Cisco switches like 2960, 3560
• Build, rebuild, and troubleshoot IBM/Dell laptops, Compaq/Dell/IBM desktops and Servers with 2000pro, XP Pro, 2000/03 server.
• Troubleshoot and configured connectivity issues related to VPN, DHCP, DNS, Firewall DMZ.
• Implemented WAN, LAN, VOIP, Security solutions in health care, retail, manufacturing and financial services
• Configuring IPsec VPNs as per customer requirements with standard encryption and encapsulation.
• Reviewed network device configurations and recommend fixes using industry best practices.
• Install, configure, and troubleshoot wireless issues.