We provide IT Staff Augmentation Services!

Network Security Engineer Resume

3.00/5 (Submit Your Rating)

Palo Alto, CA

PROFESSIONAL SUMMARY:

  • Overall 8+ years of Experience in Networking and Security, which Governs all the Configuration, Optimization, Upgrading, Troubleshooting and Maintain Complex Network Topologies with Profound experience on Security, Routing and Switching protocols.
  • Experienced in designing network infrastructure which includes Firewalls, Routers, Switches.
  • Worked on Confidential PA 3060, 5060 Firewall, ASA 55xx Firewall.
  • Confidential Network Security Device Configuration of Firewall Rules, QoS Rules, User ID agents, Policies , Packet Capturing.
  • Hands on designing security topologies using Confidential and various Endpoint Protection.
  • Configuring Rules in Confidential Firewalls & Analysis of logs using various tools like SIEM .
  • Expertise on centralized management system (Panorama) to manage large scale firewall deployments.
  • Monitoring Checkpoint Firewall traffic through Smart Dashboard and Smart View Tracker applications.
  • Experienced in Migration from Checkpoint and Cisco ASA Firewalls to Confidential .
  • Proficient knowledge on firewall Rule audit and optimization using Algosec.
  • Information protection solutions including profile to detect the pattern matching against Sensitive data and triggered DLP alerts and Security Auditing solutions from Symantec.
  • Hands on experience in implementing Authentications like RADIUS and TACACS+.
  • Maintained Blue coat proxy manager.
  • Strong in installing, configuring, and troubleshooting of Cisco 7600 series routers , Juniper routers M320 and SRX series routers.
  • Experienced in working with Cisco Switches, Nexus 7009, 7018, 5548P, 5596T, 2148T, 2224T, 6000 switches and Juniper EX Series.
  • Administering multiple Firewalls, in a managed distributed environment and knowledge on SIEM tools like QRadar.
  • Knowledge on mitigating various attacks like DOS, DDOS, KILLCHAIN, and ZERO DAY ATTACK.
  • Experience in adding Irules for customizing F5 load Balancers.
  • Maintained Load Balancer BIG - IP F5(LTM and GTM).
  • Worked on VPN tunnels ISAKMP, IPSEC .
  • Configured customized Redistribution among IGP & EGP routing policies,
  • worked on designing MPLS VPN networks.
  • DMZ zoning & configuring VLANs/Routing/NAT with the firewalls.
  • Worked on integration of feeds and features like different Flow Feeds (Net flow, Jflow etc.).
  • Worked on configuration & troubleshooting of routing protocols: OSPF, EIGRP, BGP.
  • In-depth knowledge on IP Addressing, VLSM, FLSM, Reverse & Forward proxy ARP, Ping Concepts.
  • Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, HDLC, STP, and RSTP, MSTP.
  • Extensive knowledge in devices using PANOS, Cisco IOS, JUNOS and NX-OS .
  • Network design and documentation using Microsoft Visio .
  • Knowledge on Incapsula to make DDoS Protection, Web Security and as load balancer.

TECHNICAL SKILLS:

F irewalls: Cisco ASA Appliances (5540, 5550), Confidential 3060,5060, check point R7X, R8X, Juniper SRX-550, SRX-220 .

Network Security: ACL, IPsec, VPN, Port-security, RSA, AAA and IPS/IDS

Router Platforms: Cisco 76XX,72XX series, Juniper M320, T640, SRX series.

Switches Platforms: Cisco 65XX, Nexus 6K,5K.

Load Balancer: BIG-IP F5, ACE 4710, Brocade.

Routing Protocols: EIGRP, OSPF, BGP, PBR, IS-IS.

L2 Protocols: VTP, STP, RSTP+, MSTP, PVST+, ISL, 802.1q, Inter VLAN routing Multi-Layer Switch, Multicast operations, Layer 3 Switches, VLANs, Ether-Channel, Transparent Bridging.

Redundancy Protocols: HSRP, VRRP, GLBP, VOIP, QOS, VSS, VMPS, PBR.

ACS management: RADIUS, TACACS+, and Digital Signatures.

Network Management: Network Troubleshooting, SSH, SNMP, ICMP.

WAN: Frame Relay, ISDN, PPP, ATM, MPLS, SSL.

LAN: Faster Ethernet, Gigabit Ethernet.

Servers: FTP, DHCP, DNS, HTTP, Syslog, TFTP, NTP.

Virtualization: Wire shark, Solar Winds and NMAP, PANOS, IOS, NX-OS

WORK EXPERIENCE:

Network Security Engineer

Confidential, Confidential, CA

Responsibilities:

  • Confidential design and installation, which includes Application, User ID, URL filtering, Threat Prevention and Data Filtering.
  • Good knowledge on Confidential Certificate Signing Request, Certificate Authority.
  • Participated on Confidential INLINE PACKET inspection, GLOBAL PROTECTION using VPN, Always ON, On-Demand.
  • Successfully installed Palo Alto PA-3060, 5060 firewalls to protect Data Center and multiple remote locations.
  • Monitoring using Confidential ACC tool for activity within network.
  • Worked with Confidential Panorama management tool to manage Confidential firewall and store the data of all global networks from central location.
  • Troubleshoot traffic passing managed firewalls via logs and packet captures.
  • Involved in MIGRATION of Checkpoint to Confidential .
  • Worked on configuring and troubleshooting Nodes, Pools, Profiles, Virtual Servers, SSL Certificates.
  • Worked I Rules and Big-IP F5 on LTM and GTM load balancers to provide uninterrupted service to customers.
  • Maintained Brocard load balancer defining various algorithms.
  • Well knowledge on attacks like DOS, DDOS, KILLCHAIN, and ZERO DAY ATTACK.
  • Good knowledge on DOS mitigation, Multifactor Authentication, Zone Protection, intrusion detection and prevention.
  • Information protection solutions including Monitoring, DLP and Security Auditing solutions from Symantec, etc.
  • Worked with audit servers using Algosec and Network Racking/Stacking/Auditing HW.
  • Managed distributed environment on SIEM using QRADAR
  • Worked and Upgraded IOS on various Cisco ASA firewalls, Routers like 75xx, 72xx, Series, Juniper SRX-550, SRX-220 as well as switches like 3750, 45xx, 65xx, 45xx, 29xx, 35xx, 19xx Series .
  • Implementing Monitoring, Troubleshooting, traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).
  • Well knowledge in setting up MPLS Layer 3 VPN cloud in data center and working with BGP WAN towards customer.
  • Implemented various OSPF scenarios on networks consisting of 7600 routers.
  • Worked on OSPF link -state advertisement like LSA type 5, 6, 7 .
  • Actively working with Cisco IOS-XR on the ASR9000 devices for MPLS deployments in data center.
  • Configure, verify & troubleshoot single area & multi-area OSPFv2 for IPv4 & IPv6 ( excluding authentication, filtering, manual summarization, redistribution, stub, virtual-link, and LSAs )
  • Hands-on WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP, OSPF, EIGRP), and IP addressing.
  • Configured the devices with redundancy protocols like STP, VTP, PVST, MVST, RSTP and implemented on Nexus and Cisco Switches.
  • Used solar winds for various application monitoring NPM, NCM, SAM, Net flow traffic analyzer.
  • Knowledge in Incapsula and used for Web application security platform, Load balancing.

Network Security Engineer

Confidential, Milpitas, CA

Responsibilities:

  • Good knowledge on Confidential Certificate Signing Request, Certificate Authority.
  • Successfully installed Palo Alto PA-3060, 5060 firewalls to protect Data Center and provided L3 support for routers/ switches.
  • Worked with Confidential Panorama management tool to manage Confidential firewall.
  • Lunched FireEye to detect attacks on layers, through common attack vectors such as emails, webs, and all executable files.
  • Worked IRules and SNAT’s Big-IP F5 on LTM and GTM load balancers to provide uninterrupted service to customers.
  • Well knowledge on attacks like DOS, DDOS, KILLCHAIN, and ZERO DAY ATTACK.
  • Good knowledge on DOS mitigation, Multifactor Authentication, Zone Protection, intrusion detection and prevention.
  • Worked with audit servers using Algosec and Network Racking/Stacking/Auditing HW.
  • Managed distributed environment on SIEM using QRADAR
  • Implementing Monitoring, Troubleshooting, traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).
  • Implemented various OSPF scenarios on networks consisting of 7600 routers.
  • Actively working with Cisco IOS-XR on the ASR9000 devices for MPLS deployments in data center.
  • Configure, verify & troubleshoot single area & multi-area OSPFv2 for IPv4 & IPv6 ( excluding authentication, filtering, manual summarization, redistribution, stub, virtual-link, and LSAs )
  • Configured the devices with redundancy protocols like STP, VTP, PVST, MVST, RSTP and implemented on Nexus and Cisco Switches.

Network Security Engineer

Confidential, Atlanta, GA

Responsibilities:

  • Day-to-day work involves changes in the Checkpoint Firewall using the Smart Dashboard software and connecting via Smart Center management.
  • Creating object, groups, updating access-lists on Check Point Firewall, apply static and hide NAT using smart dashboard.
  • Configuration of policies, objects and Web Filtering on firewalls like Checkpoint, Confidential 3060, 5060 .
  • Performed Network Security Assessment and implemented security improvements such as network filtering using Confidential URL filtering, Zone filtering etc.
  • Firewall policy administration and support on Checkpoint as well as Cisco ASA
  • Monitoring the connections using the management tools SNMP over Solar winds, Confidential Panorama and packet capture using wire shark.
  • Configuring and implementing F5 BIG-IP load balancers to maintain global and local traffic.
  • Support routing protocols including BGP and OSPF, EIGRP, RIP routing, HSRP, VRRP, load balancing GLBP /failover configurations.
  • Worked on Cisco Routers like 3945 and 2911,75xx, 28xx series, and Nexus, cisco Switches like 45xx, 29xx, 35xx, 19xx, 38xx series.
  • Responsible for using cutting edge solutions for Data Loss Prevention DLP.
  • Information protection solutions including DLP and Auditing.
  • Providing network security with ACL’s, CRYPTO and VPN tunneling with phase1 ISAKMP, phase2 IPSEC ,
  • Design and implementation of MPLS VPN, QOS for the architecture.
  • Implementing traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using OSPF and BGP.
  • Hands-on WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP, OSPF, EIGRP), and IP addressing.
  • Configured site to site VPN technologies using IPSEC by providing IKEv1 and IKEv2 keys for secure connection.

Sr Network Engineer

Confidential, Canonsburg, Pennsylvania

Responsibilities:

  • Setup the IPsec VPNs with the third-party clients to allow the access to data feeds in the Corporate network
  • Implement Checkpoint firewall using VPN, VSX technology.
  • Configuring the WAN network with using individual zones and monitoring with zones.
  • Support routing protocols including BGP and OSPF routing, HSRP, load balancing/failover configurations,
  • GRE Tunnel Configurations, VRF configuration and support on the routers.
  • Setup the IPsec VPNs with the third-party clients to allow the access to data feeds in the Corporate network
  • Implemented on Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500)
  • Troubleshooting connectivity issues on the firewall using smart view tracker, monitor health of the appliance using smart view monitor etc.
  • WAN Technologies (PPP, Frame Relay, ATM, ISDN, Site to Site VPN).
  • Configured ASA 5540 to ensure high-end security on the network with ACLs and Firewall.
  • Responsible for Checkpoint and Cisco ASA firewall administration across global networks and Migration of Juniper.
  • Router redundancy configuration (HSRP, VRRP and GLBP).
  • Proficient in setting up MPLS Layer 3 VPN cloud in data center and working with BGP WAN towards customer.

Jr Network Engineer

Confidential

Responsibilities:

  • Hands-on WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP, OSPF, EIGRP), and IP addressing.
  • Configured and resolved various OSPF issues in an OSPF multi area environment.
  • Involved in the configuration & troubleshooting of routing protocols: BGP, MP-BGP, OSPF, EIGRP.
  • Troubleshoot traffic passing managed firewalls via logs and packet captures.
  • Configuring FTP server for inside/outside users & vendors and Used various scanning and sniffing tools like wire shark.
  • Install and managing devices including Cisco Nexus and Catalyst Layer 2 switch 29XX, 3750X series and Routers.
  • Layer 2 switching technology architecture, implementation and operations including L3 switching and related functionality. this includes the use of VLANS, STP, VTP and their functions as they relate to networking.
  • Redistributing from EIGRP to OSPF and vice versa by implementing hub and spoke topology with a Frame Relay Switch in between.
  • Deployed 7613 as provider edge PE and costumer edge CE router and Configured and troubleshoot the Edge Routers.
  • Configuring the (SA) Stub Areas, (ABR) Area Border Router, (ASBR)Autonomous System Border Router and virtual links
  • Configuring authentication of both the modes like PLAIN TEXT and MD5 (message digest) and resolving the auto summarization on layer 3 devices
  • Implement Cisco Secure Access Control Server (ACS) for TACACS+, RADIUS

Jr Network Engineer

Confidential

Responsibilities:

  • Designing private network and maintaining the hardware, software installation & configuration.
  • Designing and implementation of routing policy for customer internet route with link utilization.
  • Configuring the routes like default, static routing and dynamic routing in the devices.
  • Involved in Local Area Network design, troubleshooting and maintenance as per requirement.
  • Creating and Maintaining the network stability on VLAN, LAN and WAN.
  • Troubleshooting issues related to VLAN, VLAN- Trunking, and STP.
  • Involved in implementation of Trunking Encapsulation IEEE 802.1Q and ISL on Cisco catalyst switches L2, L3 .
  • Designing the VLAN along with INTER- VLAN routing.
  • Configuring Cisco routers 26xx series using OSPF and EIGRP.
  • Configuration to different applications with RSTP, VTP, VTP Pruning.
  • Redistributing from OSPF to RIP and vice versa by implementing hub and spoke topology with a Frame Relay Switch in between.
  • Troubleshooting TCP/IP problems troubleshoot connectivity issues in multiprotocol Ethernet.
  • Configuring static Nat, dynamic Nat and Nat pooling.
  • Designed the network with sustainable IP using SUBNETTING like FLSM, VLSM.

We'd love your feedback!