SUMMARY

• 7+ years of experience as a Network & Security Engineer in Administration of LAN, WAN, Wireless and Security Technologies and Products including installments and configurations of physical networks (servers,switches, routers, panels, ports & hubs).
• Highly self - motivated person with excellent communication skills and quest for learning new technologies
• Configuring Checkpoint Firewall in IPSO, Secure Platform and GAIA platforms.
• Configuring, Administering and troubleshooting the Checkpoint and ASA firewall.
• Excellent analytical and problem-solving skills.
• Perform Custer configuration, backup and restore the current Gateway installation
• Analyzing the IPS logs and adjusting the protect mode.
• Using SmartUpdate, User Management and Authentication in Checkpoint Firewall.
• Ability to quickly evaluate project needs and provide appropriate solutions in a timely fashion.
• Good understanding of OSI Layers and TCP/IP models, IP Addressing and Sub netting.
• Strong working experience with Layer-2 & Layer-3 Protocols: VLANs, EtherChannel&Trunking, all STP, VTP, HSRP, VRRP, GLBP, CoS
• Strong working experience with Static, RIP, EIGRP, OSPF & BGP Routing protocols.
• Design, implement and managing Wide Area /Local Area Networks and Networking Devices administration
• Knowledge of IP networking and network security
• Knowledge on virus prevention
• Configure and troubleshoot Remote access and site to site-in Checkpoint & ASA firewalls.
• Configure and Troubleshoot IPSec S2S, Remote Access and SSL VPN on ASA firewall and Checkpoint Firewalls.
• Expert Level CheckPoint Firewalls Administrator.
• Network Topology Configuration Expert.
• Monitoring Traffic and Connections in Checkpoint and ASA Firewall.
• Hands on experience on all software blades of checkpoint firewall.
• Analyzing the malware, which are not detected by Antivirus and deleting.
• Knowledge of Intrusion Detection, DMZ, encryption, IPsec, proxy services, Site to Site VPN tunnels, MPLS/VPN, SSL/VPN.
• Knowledge on Cisco Routers & Catalyst Switches and HP & Cisco servers.
• Experience with security device management and smart center management
• Experience with application protocols
• Clear Quest and Clear case Tools: All Microsoft Office Software.
• Working experience with A10 and F5 Load Balancer
• Vendor coordination for all Network, Security and Wireless services
• Capture and Analyze the logs using Wireshark, Netflow, Syslogs.

TECHNICAL SKILLS

Routing / Switching: BGP, MPLS, configuration, OSPF, RIP.

Switches: Cisco Catalyst VSS 13 / 00 / 3750- X / 2960

Routers: Cisco series 2800, 3200, 3600, 3800, 7200, 7600, ASR1002, ASR1004.

Firewall: Checkpoint R65/R70/R75, Cisco PIX & Cisco ASA.

Server Applications: VMWare, MS SQL, ConnectWise, Remedy, SonicWall SGMS, MS ISA, MS Exchange, MS IIS, MS SharePoint, MS Proxy, MS SMS, Backup Exec, Symantec AV, Trend Micro AV, Avast AV.

Operating Systems: Windows XP, Vista, Windows 7 & 8, Terminal Server, Citrix, Windows 2003 & 2008.

VPN: (IPsec, Remote access SSL, VPN), Access-lists, Regular expressions, content based filtering, Failover, Load Balancing IDS, IPS, PPTP L2TP, Packet filtering etc.

Networking Concepts: NAT, ACCESS-LIST, MPLS, DHCP Server Failover, Load Balancing.

Protocols: TCP/IP, UDP, POP3, IMAP, SMTP, NTP, FTP.

PROFESSIONAL EXPERIENCE

Confidential

Network Security Engineer

Responsibilities:

• Worked on the HP Split major project to divide the company into HPE and HPI.
• Responsible for Design and Implement security, Network and Monitoring System infrastructure.
• Design, convert, deploy enterprise security architecture and policies.
• Traffic monitoring, incident response, management and remediation.
• Establish security policies, standard, guidelines and processes.
• Worked on Checkpoint R70 and R71 as well as configuring virtual FW.
• Experience with Fortinet Firewall, Forti Manager and Forti Analyzer.
• Installing Fortinet Firewall on remote sites and configuring as HP policy and user needs.
• Working with HP Service Manager to design and implement request tickets for firewall changes as well as monitoring such changes to provide reliable services to HP users and HP Partners.
• Working with Firemon Tool to analyze firewall policies and data analysis.
• Working with Site to Site and remote access VPN as well as troubleshooting.
• Using tools like WireShark, tcpdump, fwmonitor and diag sniffer to analyze traffic and troubleshoot.
• Working on Major incident to troubleshoot and help to find the root cause of traffic disruption and help to fix such issues.
• Working with Bluecoat Proxies and autocache.
• Troubleshooting issues realated H3C and Cisco Routers and switches.
• Working on the project for Payment Card Industry.

Confidential, Tulsa, OK

Checkpoint Engineer

Responsibilities:

• Setting up Checkpoint devices, configuring, maintaining and troubleshooting.
• Worked on IPSO and secure platform. Nokia hardware platforms like IP360 & IP560.
• Experience with Data Loss Prevention (DLP) Software.
• Configured and upgraded Nokia &Checkpoint devices. Worked on R65, R70, and R71& R75 platforms.
• Trouble shooting the issue in Checkpoint Firewall R75 in UTM, open server and Nokia IP appliance.
• Security audit to customer like vulnerability assessment and Penetration testing.
• Worked on Cisco FWSM.
• Working experience with A10 and F5 Load Balancers.
• Configured Checkpoint Cluster XL, VRRP for redundant setups.
• Upgraded the platforms using the checkpoint upgrade tools.
• Troubleshooting access issues by taking tcp dumps and fw monitor captures on the device.
• Experience with Active Directory.
• Experience with NetScreen.
• Implementation and configuration of IDS and IPS.
• Controlling, monitoring and troubleshooting LAN, WAN and VoIP technologies.
• Configuring ipsec/gre tunnels, access-lists, routing protocols as per client requirements. Troubleshooting issues related to ipsec/gre tunneling, eigrp, ospf, isis, bgp, hsrp and wccpconfigs.
• Configuring and troubleshooting Palo Alto.
• Experience with BlueCoat proxy.
• Familiar with PCI.
• Experience with Disaster Recovery.
• Experience with ISP carriers.
• Experience with firewall NAT/PAT.
• Experience with network layers L1, L2, L3 and L4.
• Using HP Service Manager for logging internal tickets and updating them at regular intervals.
• Understanding and troubleshooting BGP, OSPF, MPLS
• Managing /maintaining/configuring DNS records using the Cisco Network Registrar.
• Configuring Virtual IP.

Confidential, Milwaukee, WI

Firewall Administrator

Responsibilities:

• Adding and removing checkpoint firewall policies based on the requirements of various project requirements.
• Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/VPN-1
• Migrated previous corporate Checkpoint 4.0 Firewall-1/VPN-1 on Windows NT
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA 5500 Firewalls.
• Worked on Cisco Firewall ASA 5500(5510/5540) Series. Performed Security operations in terms of pushing new policies and deploying new rules. Performing security troubleshooting in terms of checking ACLs and ACEs and traffic flow analysis using packet capture features.
• Configured and deployment of routing protocols OSPF, EIGRP & BGP over Cisco Routers in Production environment.
• Experienced working knowledge with 1800, 2800, 2500, 2600, 2800, 3600, 3800, 3900, 7204, 7606 series Routers.
• Worked on Cisco 6509, 6513 and 4510 switches for LAN requirements that include managing VLANs, Port Security and troubleshooting LAN issues.
• Performed LAN operations and troubleshooting which involves working on VLANs, inter-VLAN routing, Trunking, STP, RSTP, port aggregation & link negotiation.
• Implemented redundancy with HSRP, Ether channel technology (LACP, PAgP) etc.
• Implemented new DMZ and data isolation and also worked on ASA virtualization using ASA Device Context.
• Worked on F5 BIG-IP LTM 8900, configured profiles, provided and ensured high availability.
• Worked on F5 and CSM load balancers deploying many load balancing techniques with multiple components for efficient performance.
• Troubleshooting issues related to Layer 1/2/3 skills like switching / routing, WAN /Hardware and critical network links by coordinating with the vendor.
• Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate Authority for purpose of scaling.
• Managing and providing support to various project teams with regards to the addition of new equipment such as routers, switches and firewalls to the DMZs.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
• Troubleshoot the Network Issues onsite and remotely depending on the severity of the issues.
• Performed Break Fix support through driving to different buildings, identifying the root cause of the hardware issues with switches, routers.
• Design, implementation and operational support of routing/switching protocols in complex environments including BGP, OSPF, EIGRP, Spanning Tree, 802.1q, etc.

Confidential, Irving, TX

Network Administrator

Responsibilities:

• Efficient follow-up on escalated fault tickets to ensure timely response to customer.
• Setup the new switches and harden the switch configuration as per the company policy.
• Performing initial Problem determination & assigning higher team to get the issue fixed.
• Experience with Active Directory.
• Implementation configuration and troubleshooting of Checkpoint firewall R 65.
• Adding security rules and pushing the security policy on Checkpoint.
• Taking Backup of Checkpoint configuration, security policy, logs with Policy package management, Database Revision Control, Upgrade export and import, Snapshot Procedures on regular basis.
• Configuring security Policy, Network objects user's objects.
• Configuring Network Address translation (Static Nat, Dynamic Nat).
• Security logs analysis sent by security devices like Checkpoint Smart-View Tracker.
• Configured VLAN with inter-VLAN routing.
• Assigning VLAN's to specific Switch Interfaces.
• Creation and Updating the VLAN's as per the requirement.
• Installation of Cisco Routers, Switches. Hands on Switching & Routing.
• Worked on Cisco FWSM.
• Experience with Disaster Recovery and Business Continuity processes.
• Configuring ports.
• Working experience with A10 and F5 Load Balancers.
• Configuration & troubleshooting of Dynamic & Static Routing Protocols (EIGRP, ISIS, OSPF & Static Routes)
• Controlling, monitoring and troubleshooting LAN, WAN and VoIP technologies.
• Configuration of VLANS & HSRP in the switches.
• Maintaining/updating site network diagram on regular basis.
• Maintaining of Weekly and Monthly Report.
• Configured Linux Kernel Firewall using iptables.
• Experience with firewall NAT/PAT.
• Managed disk file systems, server performance, users creation and granting file access permissions
• Recreating customer environments, as necessary, for troubleshooting and resolution of complex issues.
• Follow Escalation matrix for problem resolution as per define SLA.
• Experience with network layers L1, L2, L3 and L4.

Confidential

Technical Support

Responsibilities:

• Responsible for LAN and internet connection file and print server.
• Maintained and installed new internet connections for customers.
• Configured all devices for remote sites/plants, vendors and added new equipment to RADIUS and worked with MPLS-VPN and TACACS configurations.
• Created load balancing policies using BGP attributes such as Local Preference, AS-Path, MED, Community etc.
• Validate existing infrastructure and recommend new network designs.
• Created scripts to monitor CPU/Memory on various low end routers in the network.
• Installed and maintained local printer as well as network printers.
• Handled installation of Windows NT Server and Windows NT Workstations.
• Handled Tech Support as it relates to LAN & WAN systems.
• Maintained redundancy on Cisco 2600, 2800 and 3600 router with HSRP.
• Real time monitoring and network management using Cisco Works LMS.
• Provided technical support on hardware and software related issues to remote production sites.Re-punching of around 200 points done on jack panel, managing of Network Cables in the Server room.