Summary

• Around 7 years of experience in guiding implementation of leading-edge technology solutions that drive business growth in network, systems architecture, configuration management, and systems administration.
• Extensive experience in cloud computing MSP, ASP, and SaaS companies in ensuring security without compromising availability or performance.
• In-depth knowledge and proven expert proficiency in designing, engineering, configuring, and maintaining of large enterprise firewalls.
• Knowledge in planning, design, implementing and troubleshooting complex networks and advanced technologies.
• Advanced knowledge, design, installation, configuration, maintenance and administration of CheckPoint Firewall R55 up to R70 version, Secure Platform Installation, VPN.
• Advanced knowledge in Design, Installation and configuration of CheckPoint Provider Environment.
• Advanced knowledge in design, installation and configuration of Juniper Netscreen Firewall ISG 1000/2000, SSG series and NSM Administration.
• Proven hands-on experience with firewalls and a comprehensive knowledge of IP networking and network security including Intrusion Detection, DMZ, encryption, IPsec, PKI, VPNs, MPLS/VPN, Site to Site VPN tunnels, SSL/VPN, proxy services, and DNS.
• Advanced knowledge in Cisco ASA 5000 series and PIX installation, configuration and maintenance.
• Advanced knowledge in configuration and installation of IOS security features and IPS.
• Experienced with Cisco routers and switches, and a good understanding of IP sub netting and routing such OSPF and BGP
• Expertise in Windows NT/2000/2003 Active Directory design, deployment and troubleshooting. Exchange 2000/2003, WINS/DHCP/DNS, Citrix Presentation Server, Web Interface, Citrix, TCP/IP, Wireless.
• Advanced knowledge in Cisco Switches and Routers Configurations.
• Advanced knowledge in TCP/IP suite and routing protocols, such as OSPF, BGP, and EIGRP.
• Advanced knowledge of analyzing and implementing complex firewall rules on Checkpoint firewalls and/or Fortigate security devices, MPLS, ATM and Frame-Relay technology.
• Advanced Knowledge in IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols.
• Knowledge of Server Hardware: IBM X Series Servers, IBM Baldecenter HS20/HS 40 and HP Proliant Servers.
• Knowledge of Server Maintenance, including establishing Security Protocols, Configuring Network, and Troubleshooting Problems.
• Demonstrated ability to analyze network traffic flows to reverse-engineer the required firewall ports and rules to allow secure access of applications.
• Advanced knowledge in Linux and Unix Operating Systems.

TECHNICAL SKILLS

EXPERIENCE

Network Security Engineer

• Initial configuration, design and installation maintenance of multiple CheckPoint-1 firewalls on various environments of CheckPoint-1 2000 firewalls for multiple locations.
• Monitored and troubleshoot production and corporate network issues. Network environment includes Cisco 7200, 2500 routers, 5500, 4000, 2900 switches and NT nodes
• Implemented VLAN, VTP domain, trunking and Ether Channel on Cisco 5500 switches.
• Assisted in installation and managed Radware Web Server Directors.
• Provided training and prepared documents for new employees in operations department
• Troubleshoot network connectivity issues such as DNS, WINS and DHCP
• Performed and managed system backup using Backup Exec on production systems
• Installed external storage raid servers for corporate and production use
• Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices.
• Experience configuring Virtual Device Context in Nexus 7010
• Experience in Configuring, upgrading and verifying the NX-OS operation system.
• Worked on Aruba Wireless LAN Implementation for 11n Infrastructure Across the Corporate Network.
• Troubleshoot the Network Issues onsite and remotely depending on the severity of the issues.
• Familiar with various MSIT Tools to check Networking Connectivity, Testing, Configuration and Adding or Removal of IP address blocks, Decoming or Adding the Devices.
• Provided daily troubleshooting help with firewalls, VPN connections, IAVA/Anti-virus updates, IOS upgrades and general network security issues.
• Provided management and troubleshooting of all network Bluecoat proxy devices.
• Responded to RCERT and GNOSC/TNOSC directives for potential network equipment vulnerabilities.

CONFIDENTIAL

Network and Security Engineer / Architect

• Responsible for proposing the migration from CheckPoint R55 to R61 version making the Firewall environment totally up-to-date helped the team to migrate the Firewall platform to Provider-1.
• Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices.
• Experience configuring Virtual Device Context in Nexus 7010
• Experience in Configuring, upgrading and verifying the NX-OS operation system.
• Member of the Network and Security team responsible for managing the Security Environment.
• Experience on Check Point Firewalls NG, NGX, NGX R65, R70, R75.
• Experience in creating multiple policies and pushing them in to Checkpoint Firewall Gateways and hands on experience in managing the Checkpoint Management Server with SPLAT operating system.
• Introduced content management using squid and squidguard proxy servers to allow internal end users internet access while still being able to monitor and report on usage.
• Performed system and network audits against FISMA and FIPS200 regulatory requirements
• Managed Juniper Netscreen Firewalls and Intrusion Prevention and Detection IDP Devices
• Allocated on customer site I was responsible for replacing the WebSense content filtering by BlueCoat Proxies.
• Responsible for elaborating and applying the Internet security policies based on local Latin America culture for less effect as possible to the end-users.
• Elaboration of whole project documentation and customization of the internet environment for critical applications.
• Configuration and maintenance of Checkpoint NGX R61.
• Configuration and maintenance of Juniper Net Screen SSG -550.
• Configuring routing protocols OSPF, EIGRP, RIP, MPBGP, LDP and BGPV4.
• Worked on Cisco 871 DSL, IAD, 1800, 1900, 3900, 7200 series routers.
• Responsible for managing the security tools such as CheckPoint Firewall, Nokia IP390, RSA Security, ISS Site Protector and Nortel connectivity VPN Server.
• Managed 35 LAN Administrators and helped support application built with PowerBuilder and FileNet.
• Helped standardize workstations and file servers including: hardware software, naming conventions, and IP addresses. Implemented file system, firewall security and disaster recovery strategies.
• Helped in the design configuration, monitoring and optimization of Active Directory and helped with the configuration of the Active Directory Infrastructure solutions.
• Designed and implemented Windows networks and Active Directory AD and security group hierarchy based on delegation requirements.

CONFIDENTIAL

Network Specialist/ Network Consultant

• Design and implement the company's LAN and WAN network infrastructure.
• Operated the router-point-defense Intrusion Detection System for the data network. ASIMS Director, Net Ranger Director, and via Firewall VPNs
• Collected and monitored network defense metric per the MNAP
• Configured production and test firewalls as requested by deployed units
• Configuring multiple Cisco 6509 with MSFC2, 3500, 2948G-L3 switches, 2600 and 3600 routers, Frame relay, dedicated T1s and ISDN lines Implement network security for remote access.
• Configuring site to site and clients to site VPN tunnels through multiple Cisco VPN concentrators and Checkpoint firewalls, and maintaining access policies for remote users.
• Setup and configure network monitoring and management systems, which include CiscoWorks 2000 to manage Cisco devices.
• Upgrade multiple Checkpoint firewall 3.0 to version 2000 and NG on distributed NT environment and Nokia Appliance. And manage network security policies which includes access control, NAT, content security and authentication
• Implement Cisco Secure Intrusion Detection Sensors, IDSM and CSPM to monitor network activities
• Configure and maintain Windows NT/2000 environment services, including Active Directory, DFS, WINS, DNS, DHCP, file replications and logon scripts.
• Grew user base from 3 users to over 2000 dial-up and web hosting users.
• Responsible for configuring, maintaining and securing mixed UNIX and NT servers to provide Internet service to dial-up and DSL customers
• Configuration and maintenance of ACL lists on Cisco routers
• Responsibility includes regular maintenance, security patch update and troubleshooting.
• Setup Cisco Local Director for load balancing of several corporate websites
• Implement WebShield SMTP mail gateway for mail relay and email virus scanning.
• Actively involved in PSM VMware vSphere4/ESX4, Win2003/2008R2 Server deployment in DR environment

CONFIDENTIAL

Network Engineer

• Worked on a countrywide Project of deploying BITs Branch IT Support fast IT action/reply on Branch complains/problems. Presented and implemented the idea to have a Regional Support instead of Centralized Support for rapid action on Branch's issues with respect to the provided SLA by vendors.
• Provide technical support to all areas of Network/System Administration and Personal Computer Administration.
• Manage Local Area Network by Maintaining VLANs and Wireless Aps TPLink devices .
• Deploy network security measures via Kaspersky anti-Virus Updates and Sonic Firewall.
• Enhance Network ability and robust nodes by implementing new Network typologies.

CONFIDENTIAL

Network Engineer/ Administrator

• Provides technical support to all areas of Network Administration, Telecommunications, Systems and Network Architecture, and Personal Computer Administration.
• Maintenance of IP Telephony based on Cisco Unified Communication Manager 8.5 in publisher/subscriber environment.
• Maintain and keep eye on NMS for monitoring of MIS network devices.
• Maintaining of Cisco Adaptive Security Appliances ASA firewall for LAN, WAN and Internet connectivity.
• Develops and maintain IT security policy related to LAN and WLAN.