SUMMARY

• Network Engineer wif Over 7+ years of experience in testing, troubleshooting, implementing, optimizing and maintaining enterprise data network and service provider systems.
• Implementation, Configuration and Support of Checkpoint (R80, R77 Gaia, R75 and R71), VSX,MDM/MDS, Provider - 1, Juniper Firewalls (SSG 550M, SSG520M, ISG 1000, ISG 200, SRX5400, SRX5600, and SRX5800), Cisco Firewalls (ASA 5505, 5506-X, 5585 wif firepower), Palo Alto Networks Firewall models (Panorama M-100, PA-2k, PA-3k, and PA-5 k).
• Provide scalable, supportable military grade TCP/IP security solutions along wif expert TCP/IP network designs that enable business functionality.
• Administration, Engineering, and Support for various technologies including proficiency in LAN/WAN, routing, switching, security, application load balancing and wireless.
• Policy development and planning / programming on IT Security, Network Support and Administration.
• Good knowledge of CISCO NEXUS data center infrastructure wif 5000 and 7000 series switches includes (5548, 7010) including CISCO NEXUS Fabric Extender (223, 2248)
• Experience wif F5 load balancers and reverse proxy design and setup and Configured Virtual server, service groups, Session persistence, Health monitors and Load balancing methods in new F5 and A10 LTMs
• Experience wif Firewall migrations from PIX firewall to Cisco ASA and Juniper SRX firewall appliances.
• Experience in working wif Cisco Nexus Switches and Virtual Port Channel configuration.
• Experience wif Checkpoint VSX, including virtual systems, routers and switches.
• Experience wif DNS/DFS/DHCP/WINS Standardizations and Implementations.
• Extensive understanding of networking concepts, (IE. Configuration of networks, router configuration and wireless security, TCP/IP, VPN, Content Filtering, VLANs, and routing in LAN/WAN, Ethernet Port, Patch Panel and wireless networks.)
• Provides management level reporting of firewall and Intrusion Protection System (IPS) activity on a periodic
• Utilized teh Blue Coat Proxy URL filtering, Splunk SIEM, IBM Qradar, Nesssus,Infoblox, Tufin, Algosec, Firemon,CSM, NSM, ASDM, Source fire IPS/IDS.
• Hands on experience in configuring and supporting site-to-site and remote access Cisco, IPsec, VPN solutions using ASA/PIX firewalls, Cisco, B2B VPN client in addition to providing TACACS+ and RADIUS services
• Extensive experience in configuring and troubleshooting of protocols RIP v1/v2, EIGRP, OSPF, BGP and MPLS. Basic knowledge on Wireless Access points of 802.11 a,b,g

PROFESSIONAL EXPERIENCE

Confidential, Englewood, Co

Network Security Engineer

Responsibilities:

• Implementing security Solutions using PaloAlto Pa-5000/3000, Cisco ASA, Checkpoint firewalls R75, R77.20 Gaia, VSX and Provider-1/MDM.
• Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor teh Sync status for Stateful replication of traffic between active and standby member.
• Deployed Cisco ASA Firepower Services Delivers cultivating rapid threat detection and mitigation using Cisco Sourcefire IPS wif AMP
• Support Panorama Centralized Management for Palo Alto firewall PA-500, PA-200 and PA-3060, to central manage teh console, configure, maintain, monitor, and update firewall core, as well as back up configuration
• Knowledge on Amazon AWS Virtual private cloud services
• Worked on network security design and installation using Palo Alto Firewall (Application and URL filtering, Threat Prevention, Data Filtering).
• Configure and administer Cisco ASA Firewalls (5585, 5550 and 5540) and use command line CLI, Cisco CSM, ASDM for day-to-day administration
• Administration and L3 support of our Infoblox DDI deployment and F5 GTM's and configuring various advanced features (Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, and HA) on F5 BIG IP appliances.
• Executed various migration/upgrade projects across F5 and hands on wif F5 BIGIP LTMs/EM.
• Researched, designed, and replaced aging Checkpoint firewall architecture wif new next generation Palo Alto appliances serving as firewalls and URL and application inspection.
• Responsible for service request tickets generated by teh halpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes wif all around technical support
• Worked on configuration, maintenance and administration of Palo Alto PA3000 Firewalls and migrating customers from Cisco ASA to Palo Alto in HA network
• Understand teh flow of traffic through teh Check Point Security gateway cluster and troubleshoot connectivity issues using advanced troubleshooting from Command Line Utilities.
• Configure Syslog server in teh network for capturing teh log from firewalls.
• Policy Reviewing, Audit and cleanup of teh un-used rule on teh firewall using Tufin and Splunk.
• Configure and Monitor Cisco Sourcefire IPS for alerts.
• Experience working on Network support, implementation related internal projects for establishing connectivity in various field offices and Datacenters.
• Working wif different teams to gather info for teh new request and troubleshoot for any connectivity issues by capturing traffic using TCPDUMP and smart view tracker.
• Configuring and troubleshooting site-to-site IPSEC VPN tunnels using Cisco ASA 5540 for third party connectivity.
• Performing URL filtering and content filtering by adding URL's in Bluecoat Proxy SG's.
• Support Blue Coat Proxy in explicit mode for users trying to access Internet from Corp Network.
• Working on teh network team to re-route BGP routes during maintenance and FW upgrades.
• Configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for teh Nexus 7000. Configuring VDC & VPC in Nexus 9k, 7k, 5k and 2k.
• Participated in data center upgrade from Cisco IOS platforms to NX-OS platforms.
• Running vulnerability scan reports using Nessus tool.
• Troubleshoot connectivity issues and Monitor health of teh firewall resources as well as work on individual firewall for advanced troubleshooting.
• Working on Service now tickets to solve troubleshooting issues.

Confidential, Baltimore, MD

Security Administrator

Responsibilities:

• Managing and administering Juniper SRX and Checkpoint Firewalls at various zones including DMZ, Extranet and internal.
• Extensive implementation of firewall rules on Juniper SRX 3600, SRX 650 and SRX 220 on a daily basis, using NSM as well as CLI when needed.
• Troubleshooting Firewall Connectivity related issues using Smart view tracker on Checkpoint, NSM Log viewer for Juniper Firewalls.
• Configure and administer Cisco ASA Firewalls (5585, 5550, and 5540) and use command line CLI, Cisco CSM, ASDM for day-to-day administration.
• Provide support and for 2Tier and 3Tier firewall architecture, which includes various Checkpoint, Cisco ASA firewalls and Palo-Alto firewalls.
• Policy Reviewing, Audit and cleanup of teh un-used rule on teh firewall using Firemon.
• Configuring rules and maintaining Palo Alto firewalls and analysis of firewall logs using various tools.
• Experience on ASA firewall upgrades to 9.x from 8.x.
• Optimize existing policies to improve security and performance. Identify and remove security policies that are not no longer needed to reduce CheckPoint Firewall policy lookup
• Extensive Knowledge in configuring and troubleshooting as well as creating Virtual Servers, Nodes, Pools and iRules on BIG-IP F5 load balancer LTM for load balancing and traffic management in DC environment.
• Configured Panorama web-based management for multiple firewalls.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Understand teh flow of traffic through teh Check Point Security gateway cluster and troubleshoot connectivity issues using advanced troubleshooting from Command Line Utilities.
• Build and configure Active/Standby Failover on Cisco ASA wif Stateful replication.
• Upgrade of Juniper firewalls and management servers from SRX 3750 to SRX 6509
• Support Blue Coat Proxy in explicit mode for users trying to access Internet from Corp Network.
• Troubleshooting connectivity issues through Blue coat as well writing and editing web policies.
• Administration Big IP F5 LTM for all Local Load balancing and use GTM for load balancing across Data Centers.
• Support Data Center Migration Project involving physical re-locations.
• Expertise in teh administration, support and operation of teh Orion SolarWinds platform including Network Performance Monitoring (NPM), Network Configuration Manager, Server & Application Monitor (SAM), Netflow, Traffic analyzer and IP address Manager
• Implemented Ticketing tools like JIRA, Remedy, IP-Center and related tools for logging teh troubleshooting issues and teh resolutions.

Confidential, Waltham, MA

Network Security Engineer

Responsibilities:

• Configured, troubleshoot, and upgraded Checkpoint Firewalls which included network and/or resource access, software, or hardware problems.
• Maintained High Availability and clustered firewall environments for customers using Check Point High Availability.
• Perform Level 3-4 security implementations, vulnerability assessments and intrusion detection.
• Build Checkpoint firewall, and configured GUI to open/close TCP/IP ports.
• Worked wif both GAIA and SPLAT operating system.
• Installed, configured and maintained Checkpoint R75-R77 Gaia/SPLAT.
• Identified and removed security policies that are no longer needed to reduce Checkpoint Firewall policy lookup.
• Configured necessary routing and NAT on teh Firewall appliance to communicate wif teh internet.
• Backup, Restore and Upgrade of Checkpoint Firewall appliance.
• Monitored Checkpoint VPN tunnel activities wif Smart View Monitor and troubleshoot VPN issues wif CLI.
• Optimize existing policies to improve security and performance. Identify and remove security policies that are not no longer needed to reduce CheckPoint Firewall policy lookup.
• Configure IPSec, SSL-VPN (Mobile Access) on CheckPoint Gaia and troubleshoot VPN tunnel connectivity issues
• Troubleshoot and monitor Firewall traffics/issues through command-line using CLI commands, GUI interface and Smart Console (SmartView Tracker, Smart Log and SmartView Monitor).
• Analyze Logs and make necessary network reports using Smart Reporter console application.
• Network monitoring, packet captures and troubleshoot traffic passing through Firewall via logs.
• Respond to emergency outages, disaster recovery and teh corporate firewall.
• Interface wif vendors and service providers to ensure security is maintained and integrated into all network connectivity activities efficiently and TEMPeffectively, wif minimal downtime.
• Created a lab environment using VMware and Oracle Virtual Box to TEMPeffectively test policies, software distribution as well as scripts prior to deployment in production
• Configured and managed VPNs, remote access solutions and perimeter security in Cisco ASA firewalls
• Worked wif applications transport protocols SSL, IPSEC, DNS, NTP, SSH, LDAP, RADUS, TACACS+ and AAA on ASA Firewalls
• Configured routing protocols such as Static Routing and OSPF on checkpoint Firewalls

Confidential

Network Engineer

Responsibilities:

• Responsible for teh configuration of Cisco Routers (7000, 5300, 4000, 2500, 3000, 2600) using RIP, OSPF, EIGRP, BGP
• Managed office network wif Cisco devices wif network devices including 2500 and 3600 series routers and 3500, 2900, 1900 series switches
• Dealt wif customer problems to management and support groups utilizing standard escalation model.
• Extensive experience in configuring and implementing OSPF and BGP.
• Supported core network consisting of Cisco 7200 series routers running multi area OSPF.
• Configured EIGRP and OSPF as interior gateway protocol wif route filtering and route redistribution, installed and maintained Cisco 3600, 2600 and 7200 backbone routes wif HSRP.
• Implemented stub/Totally stub areas and various OSPF features like route-summarization and SPF throttling.
• Configured Security policies including NAT, PAT, VPN, Route-maps and Access Control Lists.
• Configured, maintained and troubleshot routing protocols such as OSPF, EIGRP and BGP.
• Engaged in office moves, halped in identifying network requirements of new building, installed new networking hardware, and coordinated wif vendors for cabling/wiring.
• Performed troubleshooting, while maintaining trouble ticket tracking, following both internal/external routes.
• Assisted wif escalation procedures and customer notifications.
• Configured Cisco Routers for OSPF, IGRP, RIPv2, EIGRP, Static and default route.
• Upgraded Cisco Routers, Switches and Firewall (PIX) IOS using TFTP.
• Worked on teh security levels wif RADIUS, TACACS+.
• Involved in configuring Checkpoint (R65) Firewall rule base and objects as per teh requirements.
• Troubleshooting checkpoint firewall connectivity related issues using Smart view tracker.
• Involved in teh integration of F5 Big-IP load balancers wif CheckPoint firewalls for firewall load balancing and was responsible was troubleshooting and maintenance.
• Determining teh functionality wif teh DNS naming conventions and migrations from old load balancing environments to teh F5 environment.
• Acted as Tier 3 support for connectivity, failures, configuration, implementation, and troubleshooting.
• Provided project management for data center cabling, documented all network drawings using Visio