SUMMARY:

• 7 + years of experience in Networking, including hands - on experience in providing network support, installation and analysis for a broad range of LAN / WAN/MAN communication systems.
• Experience in Cyber Security/Network Security Architecture, Cyber Security Forensic (malware analysis/ identifying intelligence related activity)
• Developing strategies to enhance overall cyber security program. Maintaining and improving security posture for IT governance.
• Sharp expertize skills in Checkpoint and firm to run independently with Checkpoint and Network Engineering like Routing/Switching and Protocols VPN along with ASA Firewall.
• Advanced knowledge in Design, Installation and configuration of CheckPoint Provider Environment.
• Advanced knowledge in design, installation and configuration of Juniper NetScreen Firewall ISG 1000/2000, SSG series and NSM Administration.
• Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST. Implementation of HSRP, VRRP for Default Gateway Redundancy.
• Experience in testing cisco routers and switches in laboratory and deploy them on site production.
• Extensive experience in Configuration and deployment of network security devices, including firewalls, Intrusion, Detection Systems, VPN, Identity Gateways.
• In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Subnetting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits, Firewalls.
• Responsible for CheckPoint and Cisco ASA firewall administration across global networks.
• Drafted and installed Checkpoint Firewall rules and policies.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco\'s ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
• Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 5500(5510/5540) Series.
• Experience in Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions for ASA.
• Thoroughly experienced with Microsoft Windows XP Professional, 2000 Professional, Server 2000, and Server 2003.
• Extensive knowledge of PC setup and installation, as well as various peripherals, Compaq and Dell servers, and Cisco routers, switches, and security devices.
• Familiar with Remedy, Secure Computing’s Sidewinder Firewall, Cisco PIX Firewalls and ASAs, Juniper SSGs, Firewall Switch Modules, BlueCoat Proxy devices, Wise Package Studio, Symantec Ghost and Antivirus Servers, ClearCube Sentral Software 5.0, Microsoft Exchange, Active Directory, VMWare, WSUS, SMS 2.0 and 2003, IIS 6.0, Meditech, and Network Common Operational Picture (NetCOP).
• Conscientious individual that is goal-oriented, delivering high quality work and excellent customer service.

Firewalls : Checkpoint, Cisco Firewall Service Module, Cisco PIX, Cisco ASA, NetScreen

Intrusion Detection & Prevention: Enterasys Dragon NIDS, Snort, Cisco Secure NIDS, ISS Proventia Series, McAfee Intrushield, TippingPoint, Juniper

Operating System : Windows 2000/XP/Vista, UNIX

Networking Technologies : LAN/WAN, TCP/IP, WINS, DNS, DHCP, SMTP, Sendmail, NDS, ASDI, ISDN, ATM, Frame Relay, T1/T3, DSL, IPsec, GRE, VLAN, VTP, 802.1x, AAA, RADIUS, TACACS+, CA, HSRP, EtherChannel, Spanning-Tree, OSPF, EIGRP, RIP

Networking Hardware : Cisco Routers, Cisco Switches, Uninterrupted Power Supplies, Wireless Access Points, Workstations, Servers, Fluke Network Testers, and Network Toners (Inductive Amplifiers)

Cisco Hardware : 7200, 3800, 3600, 2800, 2600, 1800, 1700 Series Routers; 6500, 4500, 4000, 3500, 3600, 2960, 2950, 500 Series Switches; 535, 525, 520, 515, 506, 501 Pix Firewalls; 5505, 5510, 5520, 5540 ASA Firewalls; Firewall Services Module v3/4; 3000 Series VPN Concentrators; 4200 Series IPS Sensors; CSS 11500 Series Load Balancers; Cisco ACE XML Gateway

Security Software : AD, MS Exchange 2007, Hyena, Centrify, Symantic Enterprise Security Manager (ESM), Bindview, RSA SecurID, RSA Envision, IBM Proventia, Novell IDM, LDAP administrator, BMC BBSA, TrendMicro, Tripwire, Scriptlogic, Websense, IBM VSOC

Server Hardware : Dell, HP, Compaq, IBM, Cisco UCS

Platforms : Microsoft Windows XP/2000/NT, Red Hat Linux, Sun Solaris UNIX, FreeBSD, & Nokia IPSO

Virtualization: Server, Encase Microsoft Virtual Server 2005 R2, VMware.

Utilities: MS-Office 2010/07/03, Remedy, Heat, Peregrine Asset Center, ServiceNow, Lotus Notes, Ghost 8.0, Varonis

Languages: Shell Scripting, HTML

PROFESSIONAL EXPERIENCE:

Confidential, Houston, TX

Network Engineer

Responsibilities:

• Establish, maintain and monitor complete identity management, including authentication, access to systems and data, define specific access to network, files and database management systems. Systems include AD, RACF, Exchange 2007, Office Communicator, MCS Oracle, and Cisco VPN.
• Responsible for the collection and retention or documentation and execution of remediation plans as agreed to with the IT Management Team.
• Identify potential areas where existing data security policies and procedures require change.
• Maintain contact with vendors regarding security system updates and technical support of security products.
• Support security system upgrades and installations; assist with and coordinate installations and changes to automated operations.
• Coordinate between vendors, project team, and network team in order to implement Varonis software.
• Create a risk/issues log and a project run book with step-by-step documentation.
• Provide updates and modifications to project plan timeline.
• Open weekly changes with Change Control.
• Present weekly status reports to management regarding issues and progress.
• Run Varonis tool to clean up shares (open shares, stale data, PII data, individual ACLs, unresolved SIDs, etc.).
• Create and update Group policies.
• Perform server compliance audit for Windows/UNIX servers before moving into production using Symantec ESM, and BMC BBSA security tools.
• Install Symantec ESM and IBM Proventia software (manager & agents) on all servers.
• Deploy Centrify agent on Windows and UNIX/Linux/Solaris servers.
• Create and maintain user accounts using Novell Identity and Access Management software.
• Provide Level 3 support for information security related issues.
• Migrate accounts from NT domains to Windows Server 2003 domain using ADMT.
• Remote server administration of domains using Server 2003/2008, LANDesk 8, and DameWare.
• Remote Access support for ATT VPN accounts using RADIUS.
• Participate in a rotating 24/7 on call support team.

Confidential, NY

Network Security Analyst/Engineer

Responsibilities:

• Prepared and processed device configuration changes such as rule additions and modifications, NAT and PAT creations, site-to-site and client-to-site VPNs, and various OS level CLI changes such as Nokia CLISH configurations for routing, Proxy ARP, and interface/VLAN modifications
• Migrated 150 plus Windows, UNIX, Linux, IBM i2 and AS400 from flat L2 to new L3 infrastructure.
• Designed, configured, deployed and upgraded PIX, ASA and Zone based firewalls.
• Designed and deployed nodes in complex routing environments utilizing OSPF and BGP.
• Designed, configured and managed backup VPN solutions for important MPLS BGP sites.
• Deployed and administrated Cisco VPN Concentrators for enterprise remote connectivity.
• Configured, deployed and administrated various types of Cisco router and switches to accommodate expanding environment.
• Monitored Network activity utilizing Spectrum and SolarWinds.
• Participated in Enterprise disaster recovery exercise conducted at Sterling Forest and SunGuard.
• Documented and enhanced network visibility by creating detailed Visio diagrams.
• Conducted disaster recovery at Sterling Forest and SunGard.
• Contributed in an Incoming Call Rotation to assist clients in troubleshooting various network and security related issues using packet captures for live traffic analysis and log monitoring for traffic pattern analysis
• Planned, designed, installed and maintained the network security equipment.
• Provided daily troubleshooting help with firewalls, VPN connections, IAVA/Anti-virus updates, IOS upgrades and general network security issues.
• Provided management and troubleshooting of all network Bluecoat proxy devices.
• Troubleshoot application load balancing issues on Cisco CSS and ACE platforms.
• Designed, configured and administrated Silver-Peak WAN Optimization devices.
• Conducted POC for application visibility utilizing OpNet ACE Live and nGenius NetScout appliances.

Confidential, Pittsburgh, PA

Senior Network Engineer /Administrator

Responsibilities:

• Provided 3rd level support for network, security and application related issues.
• Managed trouble issues based on end-to-end application connectivity.
• Configured devices with EIGRP, BGP, and OSPF.
• Configured and administrated more than 200 Riverbed Steelhead for application Optimization.
• Administrated Cisco VPN concentrators for remote access.
• Monitored and troubleshoot application response time issue with nGenius / NetScout platforms. Perform network application analysis with Omni peak, Ethereal, WireShark, and Sniffer.
• Configured and administrated MPLS & VPN routers.
• Administrate and troubleshot DMZ application connectivity through PIX & Check Point NG-R55 platform.
• Administrated and troubleshot application load balancing with Cisco CSS platform.
• Administrated Opsware for configuration management.
• Administrated SNMP reach ability with VitalNet, nGenius & SolarWinds application.
• Participated 26 Disaster Recovery contingency exercises at SunGard on yearly basis.
• Administrated Cisco Catalyst 6xxx, 4xxx, 3xxx, 29xx, 19xx series switches.
• Administrated Cisco 7xxx, 40xx, 3x, 2xxx series routers.
• Administrated DHCP and DNS with Lucent QIP.
• Document Process and procedures using MS Word, Project, and Visio.

Confidential

Network Administrator/Engineer

Responsibilities:

• Managed and installed multiple Exchange servers.
• Installed and configure various routers and switches for production and test networks.
• Updated and managed Microsoft Exchange certificates.
• Managed various VPN concentrators for production and test networks.
• Administered Windows 2000 domain via Active Directory.
• Administered user’s network permissions using Active Directory.
• Managed e-mail accounts using Microsoft Exchange Administrator.
• Performed mailbox restores using EXMerge software.
• Provided tier 3 support to the network helpdesk.
• Created numerous network user accounts.
• Provided end user support for 1000+ users.
• Configured access control servers for test networks.
• Installed and configured LAN/WAN hardware of all types.
• Provided troubleshooting for various desktop problems.
• Implemented training methods for newly assigned helpdesk technicians.
• Configured and managed Cisco 3550, 3750, and 2 6513 switches.
• Configured and installed Cisco 3800 series routers.
• Configured Cisco 2500 series routers for test environments.
• Configured ASAs to be used as a backup site to site VPN tunnel.
• Installed and configured wireless access points.
• Provided Active Directory administration.
• Provided IP address management.
• Installed secondary SMS sites for 4 market-wide hospitals.
• Provided market network support for 4 smaller hospitals.
• Responsible for security updates for all PCs and servers on the network.
• Deployed updates, installed software, and imaged machines via SMS 2003.
• Responsible for enterprise wide backup.
• Administered enterprise antivirus solution.
• Assisted in the consolidation of Radiology image network and the main hospital network.
• Implemented a network monitoring system.
• Implemented a WSUS server.
• Implementing NAS/SAN solution enterprise wide storage.
• Provided and administered remote access via RSA SecurID.
• Responsible for server upgrade from 2000 server to 2003 server, and pc upgrade from 2000 to XP
• Managed 35 Windows servers.
• Created various network procedures.