SUMMARY

• Checkpoint and Cisco Network Administrator and Firewall Specialist with over 7 years total IT experience specializing in network support and security. Provided remote and onsite day - to-day firewall/VPN support for customer environments including Cisco PIX/ASA, Juniper Netscreen, Palo Alto and Checkpoint. Performed and reviewed firewall policy, workflow and system settings following established change process. Assisted in the development of DLP alerts and IPS alerts to maximize information value from each system. Maintains required communication and analytical skills.
• Experience regarding security incident response team activities, Providing and implementing risk mitigation to incidents and troubleshooting it.
• Experience in working & leading a group in tactical planning & design implementations of network setup.
• Provide support and solutions for IronPort Email Security Appliances
• Experienced in handling and installing Checkpoint Firewalls.
• Implemented firewalls using Cisco ASA, Cisco PIX, Checkpoint Provider-1 /SiteManager-1, R75 Gaia, Secure Platforms.
• Good Knowledge about Palo-alto & juniper firewall technologies.

TECHNICAL SKILLS

Routers: Cisco 7609, 2600, 2800, 3800, 3640, Cisco 3745, 7200 Series

Switches: Cisco 3500, 5000, 6500 Catalyst Series Cisco 7000, 2000 Nexus Series

Routing Protocols: BGP, OSPF, EIGRP, VRRP, HSRP, GLBP, and RIP

Switching Protocols: STP, RSTP, PVSTP, VTP, ARP, and VLAN

IP Services: DHCP, NAT, VLAN, DNS, FTP, TFTP, LAN/WAN

Firewalls: Palo Alto 500, 2k, 3k, 5k & 7050, Checkpoint R65/R70/R75/R76/R77, Cisco ASA

Hardware: Sonic Wall, SSL, CDP, HP / Compaq / Dell / IBM Servers, Ironport

Operating System: Windows XP, Vista, Windows 7, UNIX, SPLAT (Secure Platform), Linux

PROFESSIONAL EXPERIENCE

Confidential, SFO, CA

Network Security Engineer

Responsibilities:

• Fine tuning of Firewall policies based on Information security policy.
• Configuration and Maintenance of Checkpoint R65, R75.40 Gaia Firewalls.
• Successfully installed Cisco ASA firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls (160+ firewalls) - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
• Checkpoint VSX design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Experience with Layer 2 and layer 3 MPLS segregation
• Monitoring, update, backup configuration files, Create and modify rules and filters to Secure Mail and Web Gateway (CISCO IronPort, TredMicro).
• Configure and install new infrastructure based on LAN WAN and wireless based environment.
• Exposure to wild fire feature of Palo Alto.
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, and BGPv4.
• Ironport email security appliance and Forefront online protection for Exchange used to block inbound spam and virus attacks along with maintaining filters for both white and black lists.
• Responsible for the daily operation of Cisco Ironport appliances which route and filter nearly 2 Million emails on a daily basis.
• Develop and implement the company’s security policies, and rules implementation. Coordinated lab testing of new software to ensure stable implementation.
• Deploying and decommissioning Cisco switches and their respective software upgrades.
• Experience in Configuring, upgrading and verifying the NX-OS operation system.
• Implemented DHCP, DNS, IPAM configuration on the servers to allocate, resolute the IP addresses from Subnet.

Confidential, Austin, TX

Network Administrator

Responsibilities:

• To troubleshoot the connectivity on Layer 3 and Layer 2 in case there are access problems for customers (VPN, IVPN, and MPLS VPN).
• Identify and resolve problems on high end Switches, Routers (Juniper & CISCO ASR).
• To troubleshoot the various last miles, which involve Broadband, Leased lines, ISDN.
• To troubleshoot the latency issues faced by the customers and providing best path in reaching their destinations across the world.
• Resolve problems related to IronPort’s proprietary Antispam rulesets and SenderBase Reputation Scoring as well as any security related issues involving encryption.
• Implementation & troubleshooting of VLANS, high availability solutions like hsrp, ether channels, access control lists, NAT, PAT, routing solutions etc.
• Experience in Changing traffic patterns using cisco SDN technology
• Experience in VSX Clustering in virtual environment and its design planning.
• Drafted and installed Palo Alto Firewall Rules and Policies.
• Troubleshoot and maintenance of checkpoint R75 Gaia firewalls.
• Configuring routing protocols such as BGP, OSPF, RIP, and EIGRP for customer.
• Configuring IPSEC and GRE tunnels for VPN customers.
• Configuring L2 path for Bridged mode customer (VPN, IVPN and MPLS).
• Configuring Access-Lists for implementing security and applying rate-limit in last mile.
• Firewall and router configuration changes as per the business requirement.

Confidential, San Jose, CA

Firewall Engineer

Responsibilities:

• Project based engagements that involve migration of incumbent firewall to Palo Alto Networks solutions
• Conversion of multiple vendors' firewall configurations (Cisco/Juniper) into PAN-OS configuration
• Remote and on-site engagements as required by project scopes
• Support incident management processes and security monitoring alerts
• Develop and maintain operating guidelines and procedures in support of corporate policies, standards and guidelines.
• Determine appropriate levels of security configuration, controls and monitoring.
• Overall central management of firewall and web filtering solutions
• Respond to trouble tickets, perform troubleshooting on perimeter security devices
• Support of hardware/software maintenance to include troubleshooting, installation and upgrades, Tier 3 support.

Confidential

Network and System Administrator

Responsibilities:

• Installed, configured and maintained the company server and network infrastructure.
• Configured and administered Domain Controllers; DNS and DHCP Servers; File servers; IIS, Wamp and WordPress Web Servers; an Antivirus Server; in-house Hyper-V Environment.
• Physical network cabling and small rack setups with unmanaged switches; software firewall setups; server setups; Support LANs, WANs, network and Internet systems.
• Diagnose hardware and software problems, and replace defective components.
• Perform data backups and disaster recovery operations.
• Perform routine network startup and shutdown procedures and maintain control records.