SUMMARY:

• Network/Security Engineer with over 7 years of experience in design, installation, configuration, administration, troubleshooting and security using Cisco routers/Switches/firewalls.
• Worked on checkpoint firewalls, Palo - Alto firewalls, cisco ASDMs, A10 load balancers, F5 GTMs in migrating traffic.
• Experience working with Cisco Routers, Catalyst Switches, Cisco Firewalls and F5- Load balancers.
• Good experience on checkpoint firewalls (R75.40, R77.30). Created objects, services, rules depending on the customer requirement.
• Proficient in Manage and maintain Check Point VPN-1 firewall, strong abilities in installation and configuration of Check Point security Gateway, Smart Console and Smart Center server.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs.
• Hands on experience in configuring and supporting site-to-site and remote access server, IPSec, VPN solutions using ASA/PIX firewalls, Cisco and VPN client.
• Experience deploying BIG-IP F5 LTM Load Balancers for load balancing and traffic management of business application.
• Experience in Black listing and White listing of web URL on Bluecoat Proxy servers.
• Proficiency includes checking server and firewall logs, scrutinizing network traffic, establishing and updating virus scans, troubleshooting, analyzing and resolving security breaches and vulnerability issues.
• Advanced knowledge in Cisco ASA 5000 series and PIX installation, configuration and maintenance.
• Experience in layer-3 routing and layer-2 switching . Nexus model like 7k,5k,2k series, Cisco router model likes 7200, 3800, 3600, 2800, 2600 series and Cisco catalyst series switches 6509, 6513, 3500, 5500, 5000, 2900. 
• Strong knowledge in troubleshooting, implementing, Optimizing and testing of static and dynamic routing protocols such as RIPv2, EIGRP, OSPF, BGP.
• IP Routing, Configuring routing protocols such as EIGRP/BGP , IP Subnetting , VLAN Management and tagging, VLAN Interface/SVI, management interface, IEEE 802.1Q Virtual LAN Trunking on Ethernet network , VTP, STP, DTP , Network address allocation and assignment, AT&T MPLS, DHCP/DNS, 802.11, Site-to-site VPN configuration, IPSec, GRE 
• Performance testing on 802.11 n/ac WLAN systems at the 2.4 GHz and 5 GHz bands. 
• Maintaining and updating inventory of all network hardware, Management and Monitoring by use of SSH, Syslog, SNMP.
• Expertise working on security policies likes NAT, PAT, VPN, Route-maps and Access Control Lists (ACL).
• Knowledge of Intrusion Detection, DMZ, encryption, IPsec, proxy services, Site to Site VPN tunnels, MPLS/VPN, SSL/VPN.
• Experience in windows server 2008, 2012 R2 and Microsoft Active Directory .
• Hands on experience with Sourcefire .
• Experience working on Solarwinds Orion (SNMP) for Network performance management.
• Experience in troubleshooting network traffic and its diagnosis using tools like ping, traceroute, Wireshark, TCPdump, and Linux operating system servers.
• Conducted training for candidates for CCNA, CCSA and F5 - Big IP LTM.
• Excellent customer management/resolution, problem solving, debugging skills and capable of quickly learning, effectively analyzes results and implement and delivering solutions as an individual and as part of a team.

TECHNICAL SKILLS:

Cisco Platforms:  Cisco 7200, 2800, 2600, 3800, 3600(ISO - Version 12.0, 12.2), Cisco Catalyst 6509, 6513, 3500, 5500, 5000, 2900(IOS- Version 12.4), Cisco nexus data centre switches 7000, 5000 (NX- OS version 5.1, 5.2)

Load Balancer:  Cisco CSS, F5 Networks (Big-IP), A10

Firewalls:  Checkpoint NGX (R65-R77.30), Check Point NGX R52, R54, R61, R62, R65, R 75, 76, 77, Checkpoint provider 1, Checkpoint Firewall 1, SPLAT, Cisco ASA/PIX, Palo Alto PA-5K/4K/3K/2K, PA-200/500

WAN Optimization: Cisco WAAS, PPP Multilink.

PROFESSIONAL EXPERIENCE:

Confidential, Houston, Tx

Network Security Engineer

Responsibilities:

• Responsible for setting up the infrastructure environment with majority of Cisco & Palo Alto appliances apart from various other equipment.
• Researched, designed, and replaced Checkpoint firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection.
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering)
• Successfully installed Palo Alto PA-3060 firewalls to protects Data Centre and provided L3 support for routers/switches/firewalls
• Implemented Positive Enforcement Model with the help of Palo Alto Networks.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall
• Exposure to wild fire feature of Palo Alto.
• Maintained and managed networks running EIGRP and BGP routing protocols.
• Regularly performed firewall audits around Checkpoint Firewall-1 solutions for customers.
• Provided tier 3 support for Checkpoint Firewall-1 software to support customers.
• Work on Checkpoint Platform including Provider Smart Domain Manager. Worked on configuring, managing and supporting Checkpoint Gateways.
• Installed HA Big IP F5 LTM and GTM load balancers for uninterrupted service to the client and customers.
• Worked on configuration of Virtual IPs and servers on F5 and also designed application deliver and application mapping using F5-Big IP LTM.
• Create, change, and delete user accounts per request via MS Active directory and MS Exchange
• Provided tier 2 and tier 3 Active Directory (AD) support
• Installation and support LAN, WLAN, WAN . Network devices configuration and deployment as per company standard. Design and deploy networks . 
• Access Point refresh and implementation at various sized branches and locations.
• Created change controls through Remedy ticketing system.

Environment:

• Cisco Routers series 2800, 3800 and 7200.
• Cisco Switches catalyst 2900, 3500, 4500 and 6500 series, Nexus Switches 2k, 5k, 7k; F5 load balancer; Check Point Firewall, Palo Alto Firewall.
• Routing Protocols: RIPv2, EIGRP, OSPF, BGP 
• Switching Protocols: STP, VTP, VLAN, RSTP 

Confidential, Alpharetta, GA

Network Security Administrator

Responsibilities:

• Implemented and troubleshooting the Virtual firewalls (Contexts) solutions in ASA, Configuring access-list on CISCO ASA Firewall.
• Manage firewall policy lifecycle process from review, approval, implementation, publishing, verification and maintenance.
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Configuring various advanced features, Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIGIP appliances.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls
• SSL termination and initiation, Persistence, Digital Certificates, Executed various migration/upgrade projects across F5 and hands on with F5 5100 (D51), 6400 (D63) BIG-IP LTMs/EM.
• Responsible by controlling the Network and security device login by using the Cisco ACS server with RADIUS and TACACS+ protocol
• Adding security rules and pushing the security policy on Checkpoint firewalls using smart dashboard.
• Used Bluecoat Proxy SG Appliances to effectively secure Web communications and accelerate delivery of business applications.
• Third Party VPN migration from old data center to new data center and a complete Security Solution includes both URL filtering and Anti-malware protection.
• Designed and implemented Windows networks and Active Directory (AD) and security group hierarchy based on delegation requirements.
• Configured and managed Riverbed Steelhead to accelerate active directory   performance, optimize file sharing, web, emails and voice video to an oversea office.
• Maintained, upgraded, configured, and installed Cisco routers, Cisco Catalyst Switches and Load Balancer F5.
• Designing, Implementing and Troubleshooting Cisco Routers and Switches using different routing protocols like OSPF, EIGRP, BGP, ISIS & MPLS L3 VPN and VRF.
• Implement LAN protocols like STP, RSTP, VTP, VLAN and WAN protocols like Frame relay, PPP, port channels protocols like LACP, PAGP.
• Participated in all technical aspects of LAN, WAN, VPN and security internetworking projects including, short and long term planning, implementation, project management and operations support as required.
• Implemented and integrated new security solutions into existing customer network infrastructures and coordinate network security audits and changes with clients.

Environment:

• F5 load balancer: Palo Alto Firewall, Cisco ASA Firewall, Cisco Access Points. 
• Routing Protocols: RIPv2, EIGRP, OSPF, BGP 
• Switching Protocols: STP, VTP, VLAN, RSTP. WAN Protocols: Frame relay, PPP
• Communication Protocols: MPLS 
• Redundancy Protocols: HSRP, VRRP 
• Authentication: RADIUS, TACACS 
• Firewall Security Protocols: NAT, PAT, IPsec, VPN 

Confidential, San Jose, CA

Network Security Engineer

Responsibilities:

• Worked primarily as a part of the security team and daily tasks included firewall rule analysis, rule modification and administration.
• Adding and removing Checkpoint firewall policies based on the requirements of various project requirements.
• Administer Checkpoint firewalls with cluster gateways including pushing policies and processing user requests to allow access through the firewall using Smart Dashboard and identify unused rules and schedule change to mark it for permanent deletion at later point of time.
• Checkpoint Firewall Log review and analysis and troubleshoot connectivity issues.
• Configuring HA on Checkpoint security gateways using cluster XL and VRRP.
• Upgrading Checkpoint security gateways in cluster with minimal downtime.
• Perform SSL Offloading on LTMs and web accelerators with 2048-bits VeriSign certificates. Also, renewing certificates to ensure the security of websites.
• Knowledge in implementing and configuring F5 Big-IP LTM-6400 load balancers.
• Performed upgradation from old platforms to new platforms R65 to R75.45
• Created multiple policies and pushed them in to Checkpoint Firewall (Gateways) and the Checkpoint Management Server with SPLAT operating system.
• Configuration and troubleshooting of Site to Site as well as Remote Access VPN on Checkpoint firewalls.
• Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP IPv4/IPv6 and configured IP access filter policies.
• Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems.

Environment:

• Firewall Checkpoint (R65, R75.45), SPLAT.
• Load Balancer F5-Big-Ip, LTM, Ax10 
• Routing Protocols BGP, OSPF, EIGRP, LDP
• Switching Protocols STP, RSTP, PVSTP, VTP, ARP, VLAN 
• IP Services DHCP, NAT, VLAN, DNS, FTP, TFTP, LAN/WAN 
• WAN Technologies ATM, ISDN, PPP, MPLS
• Network Technologies IPsec, GRE, NAT/PAT, ACL, IPv4, IPv6 
• Software Sniffer Pro, Trunking and STP 
• Operating Systems Windows XP/7/8, Linux

Confidential

Network Support Engineer

Responsibilities:

• Switching tasks include VTP, ISL/802.1q, IPSec and GRE Tunneling, VLANs, Ether Channel, Trunking, Port Security, STP and RSTP
• Maintaining, monitoring and updating Solarwinds server and analysed packet across the network.
• New firewall design, installation, routing configuration & implementation. Manage and support Remote Access VPN setup for users and field locations with Nortel VPN Captivity Switch, RSA Secure IDS two-factor authentication and Juniper SSL VPN.
• Demonstration with SourceFire Network Security Solutions
• Monitor the ticket queue for incoming tickets, update tickets in accordance to Service Level Agreement (SLAs) requirements and, escalate based on severity levels using AxiosAssyst
• Configuring, supporting, and maintaining routers, switches, network appliances, firewalls, concentrators, and other communication devices
• Responsible for SharePoint Server 2012 for entire Managed Network Security Services
• Providing VPN and SSH access as per role and considering security breaches. Performing Firewall rule analysis and make decisions on risk to customer network
• Experience with designing, deploying and troubleshooting LAN, WAN, Frame-Relay, and Ether-channel
• Experience in Configuring and implementing VLAN, VTP, LAN switching, STP and 802.x authentication in access layer switches
• Troubleshoot; coordinate with Application Systems and Network Operations Engineers, and Help Desk, to resolve problems
• Performed various projects while successfully migrating data to new systems and remote locations.

Environment:

• Cisco Routers series 2800, 3800 and 7200. Cisco Switches catalyst 2900, 3500, 4500 and 6500 series
• Routing Protocols: RIPv2, EIGRP, OSPF, BGP 
• Switching Protocols: STP, VTP, VLAN, RSTP 
• MS Visio, Cisco IOS, NX-OS, Solarwinds.