Firewall Engineer Resume
NY
SUMMARY
- Experienced Professional with over 6+ years of experience as an IT Security Professional with expertise in Network Security viz. Routing, Switching, Firewall Technologies, System Design, implementation and troubleshooting of complex network systems.
- Implemented firewalls using Cisco ASA, Cisco PIX, Check Point Provider - 1 / Site Manager-1 NGX R65, Firewall-1/VPN-1 NGX R65 Gateways, Secure Platforms.
- Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point Firewall Smart Domain Manager command line & GUI.
- Seasoned professional in Check Point Firewall policy administration and support between various zones.
- Hands on Experience with blocking of IP's on Check Point which are suspicious.
- Experience in Check Point IP Appliances R65, R70, R75, R77 & Cisco ASA Firewalls.
- Migration with both Check Point and Cisco ASA VPN (Check Point R75.30 to Gaia R77.30 GA version).
- Proficient in configuration of routing protocols like RIP, IGRP, EIGRP, OSPF multiple areas and BGP.
- Involved in designing L2VPN services and encryption system and other VPN with IPSEC based services.
- Expertise in IP subnetting and worked on various designing and allocation various classes of IP address to the domain.
- Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
- Good knowledge and experience in Installation, Configuration and Administration of Windows, HTTP, FTP, DNS, NTP, DHCP servers under various LAN and WAN environments.
- Excellent customer management/resolution, problem solving, debugging skills, able to quickly learn and apply new technologies and adapt to new environments, teamwork skills and committed to delivering error free solutions.
TECHNICAL SKILLS
Routers: Cisco (1800, 2500, 2600, 2800, 3600, 3750, 3800, 7200).
Cisco Switches: (2900, 3500, 4000, 4500, 5000, 5800, 6500, Nexus 2k, 3k, 5kand 7k), MSFC, MSFC2.
Routing Protocols: (BGP, OSPF, EIGRP, IGRP, IGMP, RIP), TCP/IP, Multicasting (PIM).
Management Tools: SNMP, Syslog, HP Open View NNM, Sniffer, and Wireshark
LAN Protocols: VLAN, PVLAN, VTP, Inter-VLAN routing, ISL, dot1q, STP, IS-IS, RSTP, MSTP, ISL PVST, LACP, HSRP, GLBP, VPC, VDC, Ethernet, Port security.
WAN Technology: Frame Relay, WiSM Module in 6509, X.25, L2VPN, L3VPN, E1/T1/DS1/DS3, MPLS
Network Management: SNMP v2, v3, Cisco Works, 3Com Network Analyzer, MRTG, Solarwinds, and Orion
AAA Architecture: TACACS+, RADIUS, Cisco ACS.
Operating Systems: Linux, UNIX, DOS, Windows XP/2007/8, Windows 2003 server and Windows 2008 server
Firewalls: Check Point R65/R70/R75, ISA 2004/2006, Palo Alto PA-500/PA-2K/PA-3K/PA-5K, ASA 5585/5520/5510
Network Security: Knowledge of Firewall, ASA, Cisco FWSM/PIX/ASDM, Cisco ISE, Sourcefire IPS/IDS, Cisco NAC, IPsec, Nokia Check Point NG,IPS/IDS(Snor), VPN
Application Protocols: DHCP, DNS, FTP, HTTP, SMTP, TFTP
Documentation: Microsoft Office, Visio
PROFESSIONAL EXPERIENCE
Firewall Engineer
Confidential
Responsibilities:
- Implemented and troubleshot firewall rules in Cisco ASA 5540, 5580, Check Point R77.20 Gaia and VSX as per the business requirements.
- Worked on Gaia Versions 77.10, 77.20, R65 implementing new and additional rules on the existing firewalls for a server refresh project.
- Upgrade of Check Point firewalls and management servers from Splat R75.30 to Gaia R77.20.
- Replaced aging Checkpointfirewallarchitecture with next generation Palo Alto appliances serving as firewallsand URL and application inspection.
- Established IPSec VPN tunnels between branch offices and headquarter using Cisco ASA Firewall.
- Responsible for Check Point, Cisco ASA and Palo Alto firewalls configuration and administration across global networks.
- Provided support for 2Tier and 3Tier firewall architecture, which includes various Check Point, Cisco ASA firewalls and Palo-Alto firewalls.
- Configured and maintained IPSEC and SSL VPN's on Palo AltoFirewalls.
- Configuration of Palo-Alto PA 5000 series firewalls for outbound traffic via Blue Coat proxy server.
- Worked with level-2 team on migration project of CMA's from one Provider-1 to another Provider-1.
- Troubleshooting and Configuration of Cisco ASA 5580, 5540, FWSM, firewalls for all the agencies connecting to Citynet.
- Implemented proxy rules in Bluecoat Proxy SG using Blue Coat director.
- Worked on changing global objects and global rules to local objects and local rules for migration project.
Firewall Administrator
Confidential, NY
Responsibilities:
- Participated in planning, designing, installing and configuring new Firewall policies.
- Staged firewall rules in Check Point smart dashboard during the day time to install during window time.
- Configuration and Maintenance of Check Point R65, R75.40 Gaia Firewalls.
- Created and tested Cisco router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS switching for stable VPNs.
- Troubleshooting of protocol based policies on Palo Altofirewallsand changing the policies as per the requirement and as per traffic flow.
- Configuration of ACLs in Cisco 5580 series ASA firewall for Internet Access requests for servers in LAN and DMZ and also for special user requests as authorized by management.
- Implemented Zone BasedFirewalland Security Rules on the Palo AltoFirewall.
- Monitored firewall logs in Check Point smart view tracker and captured packets in command line during troubleshooting.
- Configuration and Maintenance of ASA 5540, ASA 5520, ASA 5510, PIX 535, FWSM Firewalls.
- Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX SSL Security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
- Worked on the project of F5 LTM and GTM code upgrade.
- Successfully installed Palo Alto PA 3060firewallsto protect Data Center and provided L3 support for routers/switches/firewalls.
- Implemented and configured F5 LTM's for VIP's and Virtual servers as per application and business requirements.
- Fine tuning of Firewall policies based on Information security policy.
- Designed and deployed Partner IPSEC VPN tunnels.
- Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4.
Network Support Executive
Confidential
Responsibilities:
- Troubleshooting using various command tools on Cisco routers and network segments at various OSI layers and maintenance of Cisco 2500, 4000, 6500 series routers.
- Managed service providers/vendors relationships from a project and technology perspective.
- Worked with the basic communication protocols like TCP/IP.
- Proactively monitored including a weekly review of log files, reports, weekly Knowledge Base updates, etc. to determine the health and performance of Secures appliances.
- Worked on Routing and Switching issues including OSPF, RIP, VLAN's.
- Created and implemented filters on the Routers for security purposes.
- Remotely configured the Network.
- Supported and maintained networking devices, cabling and standalone systems as part of job duties. Installed different software on the systems. Installed and managed network devices including Hubs and Switches.