SUMMARY

• A Network Engineer with around 8 years of experience in designing, troubleshooting and administration of networks in LAN/WAN environment.
• Comprehensive understanding of the technologies involved with network security vendor firewall products (Cisco PIX / ASA, CheckPoint, Juniper NetScreen/SRX and Palo Alto)
• Strong hands on experience in installing, troubleshooting, configuring of Cisco 7200, 3800, 3600, 3400, 2800, 2600, 2500 and 1800 series Routers, Cisco Catalyst 6500, 4500, 3750, 2950 and 3500XL series switches.
• Experience with working on Juniper Routers like, M320 and MX80, MX960, MX480 - configure OSPF and route policies.
• Proficient in Cisco IDS/IPS, Cisco PIX 525,535, ASA 5520, 5540, 5550, Checkpoint NGX R65, R70,R75, R77 Gaia, VSX, Provider-1/MDM/MDS, SPLAT, Nokia IPSO
• Juniper Netscreen Firewall, Juniper SRX, Palo Alto Pa-500, Pa-3000, Panorama, Snort IDS, Syslog analysis and Windows/Linux/Unix Security configurations.
• Experience in working with Juniper M-Series routers, SRX 240/550/1400/3400, SSG 140/550M firewalls, NSM, JUNOS and Screen OS.
• Proficient in Manage and maintain Check Point Cluster XL, VSX, VPN-1 firewall, strong abilities in installation and configuration of Check Point security Gateway, SmartConsole and SmartCenter server.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs.
• Strong knowledge in troubleshooting, implementing, Optimizing and testing of static and dynamic routing protocols such as RIPv2, EIGRP, OSPF, BGP. Ability to interpret and resolve complex route table problems.
• Hands on experience working with Cisco Nexus 7K, 5K & 2K Switches.
• Advanced knowledge, design, installation, configuration, maintenance and administration of Checkpoint Firewall R55 up to R77 gaia
• In-depth knowledge of deploying and troubleshooting LAN, WAN, Ether-channel, IP Routing Protocols - (RIPV2, OSPF, EIGRP & BGP), ACL's, NAT, VLAN, STP, VTP, HSRP & GLBP
• Expertise in the analysis, Implementation, troubleshooting & Documentation of LAN/WAN architecture and good experience on IP services.
• Extensive Knowledge of deploying & troubleshooting TCP/IP, Implementing IPv6, Transitions from IPv4 to IPv6, Multilayer switching, UDP, Fast Ethernet, Gigabit Ethernet, Voice/data integration techniques.
• Troubleshooting of VLAN’s, VTP, Trunking, Encapsulation, Inter-VLAN routing, redistribution and authentication issues. Implementation and troubleshooting
• VRRP, interface-tracking and load-balancing. Implementation of secure switched environment which includes enabling port security and configuration of ACL’s among others.
• Experience in implementing Cisco ASA 5500 series, Checkpoint R75 Firewalls and security policies in highly secured and redundant networks.
• Experience deploying BIG-IP F5 LTM Load Balancers for load balancing and traffic management of business application.
• Implementation traffic filters on Cisco routes using Standard, extended Access list.
• Planning, Designing, Implementation of small, medium organizations including LAN, VLAN, WLAN and WAN on wired and wireless networks.
• Experienced in network documentation using Microsoft Visio.
• Experience in creating and managing project schedules and project deadlines using Microsoft project 2007.
• Network Monitoring using SNMP and other management tools such as SPLUNK, IBM Qradar, wireshark, Tufin, Algosec, Solarwinds, Remedy, Service Now, HSPM, HP NAS and Cyber Ark.
• Black listing and White listing of web URL on Bluecoat Proxy servers.
• Have some knowledge on Imperva Web application firewalls and Fortinet firewalls.

PROFESSIONAL EXPERIENCE

Confidential, Irving, TX

Security Analyst

Responsibilities:

• Handling Break/Fix situations, monitor, configure, policy creation on Checkpoint's Smart Center Server running on Secure Platform and Gaia.
• Successfully installed Palo Alto PA 3060 firewalls to protects Data Center
• Configured Juniper SRX and SSG firewalls using NSM, SPACE and via CLI.
• Successfully installed Palo Alto PA-3050, PA-5050 firewalls to secure zones of network.
• Responsible for firewall rule set migration from Cisco ASA to newly implemented Palo Alto.
• Experience on Check Point R65, R70, R75, R77 Gaia, Provider-1 and VSX firewalls.
• Worked on the migration of Juniper SSG firewalls to SRX firewalls.
• Experience in management of Checkpoint VSX environment and using VSX with Multi-Domain Security Management
• Experience in creating multiple policies and pushing them in to Checkpoint Firewall (Gateways) and hands on experience in managing the Checkpoint Management Server with SPLAT and Gaia operating system.
• Configuring Juniper Netscreen and SRX Firewall Policies between secure zones using NSM (Network Security Manager)
• Knowledge in VSX Clusters creation, VSX routing concepts and VSX traffic flow monitoring
• Responsible for setup and configuration of Site to Site VPN's, and remote access VPN's using Cisco ASA 5540 and 5550.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• PCI and ISO compliant security implementations on the firewalls and perimeter devices
• Bluecoat proxy server's setup, configuration, upgrade and Troubleshooting with optimization of WAN Application, SSL traffic, Web traffic, URL filtering & Content filtering.
• Configure different Palo Alto Networks Firewall models (PA-2k and PA-5k) as well as a centralized management system (Panorama)
• Monitoring alerts using Symantec Anti-virus, IBM Qradar SIEM and work with SOC team in remediating them.
• Worked on Tufin firewall optimization tool in disabling unused rules on the firewalls.
• Configuring Reverse Proxy, URL filtering and content filtering using Bluecoat proxy SG devices.

Confidential, Irving, TX

Network Security Engineer

Responsibilities:

• Implemented and troubleshooting the Virtual firewalls (Contexts) solutions in ASA, Configuring access-list on CISCO ASA Firewall.
• Worked on the migration of Juniper SSG firewalls to SRX firewalls.
• Configure juniper routers/firewalls (M and SRX) - setup authentication, IPsec VPNs, NTP, SNMP, DHCP helper, RADIUS, and firewall filters.
• Implementing NAT technologies on CISCO ASA Firewall and Checkpoint firewalls.
• Providing support, configuration and maintenance of Checkpoint Firewall R71, R75 on SPLAT Platform.
• Manage the Net screen SSG550 and ISG1000 and 2000 firewalls with the NSM.
• I worked with the different models Cisco ASA, checkpoint and Juniper ScreenOS and JunOS firewall devices on a daily basis:
• Responsible by controlling the Network and security device login by using the Cisco ACS server with RADIUS and TACACS+
• Adding security rules and pushing the security policy on Checkpoint firewalls using smart dashboard.
• Using SmartUpdate, User Management and Authentication in Checkpoint Firewalls.
• Actively responsible for PIX 7.x/8.x, ASA 8.x and Cisco FWSM 2.x/3.x upgrades and network refresh projects and Troubleshooting
• IOS Security Configurations, IPSec VPN Implementation and Troubleshooting, DMZ Implementation and Troubleshooting.
• Migrations included and not limited to Cisco to Cisco and Cisco to Checkpoint and Checkpoint to Checkpoint
• Monitoring Traffic and Connections in Checkpoint and ASA Firewalls.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design
• Configured redundant interfaces, DHCP server, DHCP relay, ntp settings, and sub interfaces on firewalls
• Perform advanced troubleshooting using Packet tracer and tcpdump on firewalls.
• Used Bluecoat Proxy SG Appliances to effectively secure Web communications and accelerate delivery of business applications.
• Adding Websites to blocked list on the bluecoat proxies based upon business requirements.
• Experience supporting load-balancer solutions with F5, Cisco Ace or Citrix NetScaler.
• Configure Cisco IPsec VPN clients to have enterprise VPN connectivity and also troubleshoot issues with Cisco VPN client connectivity issues.

Confidential

Network Security Engineer

Responsibilities:

• Monitored and maintained client firewall, intrusion detection systems and VPN systems including (Checkpoint FW-1 / VPN-1 / Cisco PIX / Secure VPN / Secure IDS)
• Implementation, support and administration of multiple security products running CheckPoint Provider-1
• Migration with both Checkpoint and Cisco ASA VPN experience
• Experience with convert PIX rules over to the Cisco ASA solution.
• Configuring failover for redundancy purposes for the security devices.
• Implemented the Stateful & serial failover for PIX/ASA firewalls, Checkpoint Clustering and load balancing features
• Using SmartUpdate, User Management and Authentication in Checkpoint Firewall
• Worked on configuring, managing and supporting Checkpoint VSX firewalls.
• Regularly performed firewall audits around CheckPoint Firewall-1 solutions.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500.
• Implemented and troubleshooting the Virtual firewalls / multiple context solutions in ASA.
• Implemented Fast Ether Channels between switches to increase backbone bandwidth
• Creating Private VLANs & preventing VLAN hopping attacks & mitigating spoofing with snooping & IP source guard

Confidential

Network Engineer

Responsibilities:

• Maintenance responsibilities include software & hardware installation & configuration
• Replacement of the older routes and switches, with new routers and switches by configuring set up.
• Assigned a task to set up their LAN. Worked on the entire project from cabling to IP addressing assignment.
• Configured 2600 series routers with OSPF protocol.
• Configured and maintained Cisco 2500, 4000, 7000 and 7500 Series Routers as well as Catalyst 5000 and 5500 Series switches.
• VLAN Configuration to different applications with RSTP, STP, VTP. Switching related tasks includes implementing VLANs and configuring ISL trunk on Fast-Ethernet channel between switches.
• Performed troubleshooting tasks on routing and switching an isolated the problem and finding the cause.
• LAN/WAN hardware including Ethernet Hubs, Cisco Switches, switch panel's installation, configuration and troubleshooting.
• Routing related tasks included providing Cisco router configuration and change management, providing technical support for Cisco Router configurations and installation for customer. Configuring IP RIP, EIGRP, OSPF and BGP.
• Troubleshoot TCP/IP problems; troubleshoot connectivity issues in multiprotocol Ethernet, Environment.
• Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution