SUMMARY:

• Network Engineer with Over 7+ years of experience in testing, troubleshooting, implementing, optimizing and maintaining enterprise data network and service provider systems.
• Implementation, Configuration and Support of Checkpoint (NGX R65, R70 and R71), Juniper Firewalls (SRX5400, SRX5600, and SRX5800), Cisco Firewalls (ASA 5505, 5506 - X, 5585), Palo Alto Networks Firewall models (PA-2k, PA-3k, and PA-5 k)
• Checkpoint Firewalls, Firemon, VPN, Datacenter, Cisco, Nexus, ACS, WAN Optimization, Riverbed Cascade, Riverbed Profiler, Net flow, Planning, Budgeting, Supervising, Setting Standards, Documenting MOP, Managing Multiple Projects
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Maintain multi-vendor firewalls Palo alto 3k, 5k and 5k series firewalls, Checkpoint R77.30, R75, Cisco ASA 5540, 5585 firewalls with firepower
• Implementing firewall rules using Palo Alto panorama, Checkpoint smart dashboard, Provider- 1 and Cisco CSM
• Worked on Palo alto APP-ID, User-ID and other security profiles like Anti-virus, Threat Prevention, URL-filtering and Wildfire etc.
• Implement Zone Based Firewalling and Security Rules on the Palo Alto Firewalls
• Performing backups and upgrades from time to time on different type of firewalls mostly on Palo Alto, Checkpoint and Cisco ASA firewalls
• Performed firewall migration from Cisco ASA platforms to Paloalto firewalls using Paloalto conversion tool
• Worked on extensively on troubleshooting multiple issues and driving Incident calls to resolution by doing packet capture techniques and performing other troubleshooting scenarios.
• 24/7 call center technical support for field integration partners deploying Cisco and fireewall network equipment
• Configured and troubleshot access-lists, service policies, and NAT rules, network object groups, service object Groups on ASA 5585 and 5505 Firewalls.
• Deploying, configuring, and administering Checkpoint EndPoint firewalls and hands on Experienced firewall engineer with advanced knowledge of Checkpoint, Fortinet, Cisco ASA 5500 series, JUNOS and Palo Alto PA-200.
• Worked on Juniper Net Screen Firewalls like, NS50, SSG 550M, SSG520M, ISG 1000, ISG 200 and Cisco PIX 535, 520, 515, ASA -5500 and 5505.
• Responsible for Checkpoint and Cisco firewall administration across global networks.
• Worked on Cisco Catalyst Switches 6500/4500/3500 series.
• Experience in QOS on multicast VPN
• Experience with Firewall migrations from PIX firewall to Cisco ASA and Juniper SRX firewall appliances.
• Experience with Bluecoat Proxy servers, LAN & WAN management.
• Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.
• Experience with Checkpoint VSX, including virtual systems, routers and switches.
• Configuration of Network and Security devices such as Cisco routers and switches (Cisco 7600/3500/Nexus 7K/5K), Firewall (Checkpoint R75/Gaia and Cisco FWSM), Load Balancers and DNS and IP Manager.
• Responsible for configuring and deploying desktop/laptops for new faculty and students.
• Responsible for administration, configuration and troubleshooting computer systems and network.
• Played key role in management of IT department at Confidential, Ohio University.
• My experience in the industry makes me a very well-rounded candidate with knowledge and understanding in various fields of networking, and systems administration.
• Highly accomplished IT professional with progressive experience managing and monitoring functions of computer systems software, servers, storage devices, and network appliances to ensure high-availability of networks.
• Migration from Cisco firewalls to Palo Alto firewalls platforms PA 4000 and PA 500 and PA- 200 firewalls.
• Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.
• Proven record of success installing, integrating, and maintaining systems servers and applications, routers, switches and firewalls.
• Configured CISCO routers, switches, and firewalls, and maintaining them in accordance with established IP policies and procedures.
• Experience working on Juniper, Extreme, CISCO, and HP networks in an enterprise environment.
• Demonstrated ability to diagnose and resolve technical issues by introducing innovative solutions.
• Quality-driven administrator known for delivery of excellent IT service.

TECHNICAL SKILLS:

Routers: Cisco 7609, 2600, 2800, 3800, 3640, Cisco 3745, 7200 Series

Switches: Cisco 3500, 5000, 6500 Catalyst Series Cisco 7000, 2000 Nexus Series -2k,5k,7k

Cisco ASA: 5510, 5540, 5520, Checkpoint NGX (R65-R75,R 80.20), Checkpoint NGX R52, R54, R61, Palo Alto, SRX5800, SRX5400.

Routing Protocols: RIP v1&v2, BGP, OSPF, EIGRP, HSRP, VRRP, GLBP, FTP, SMTP, SNMP

Switching Protocols: STP, RSTP, PVSTP, VTP, ARP, and VLAN.

IP Services: DHCP, NAT, VLAN, DNS, FTP, TFTP, LAN/WAN

WAN Technologies: ATM, ISDN, PPP, MPLS, ATT, 802.11, 802.11a, 802.11b, APLUS.

Remote access and siteto: site IPSec VPN, IPv6 transition techniques viz. Manual tunneling, GRE tunneling, 6to4 tunneling, NAT64 and ISATAP

Monitoring Tools: OPNET, GNS3 Simulator, Packet Tracer, Wire Shark, Solar Winds, What s Up IP, Nagios and Fluke Networks

Networking: TCP/IP, OSI Model, Socket Programming, LAN/WAN, Switches and Routers, IPV4/IPV6 Addressing & Subnetting, Ethernet, STP, VLAN, Trunking, DNS, DHCP, NAT, ACL, HTTP, ATM, ISDN, PPP, MPLS, ATT, 802.11, 802.11a, 802.11b, APLUS Web Services (REST & SOAP), Windows Servers 8 & 12

Tools: GNS3, Packet Tracer, Solar Winds, What s Up IP, VMware Workstation, Wireshark, Nagios and Fluke Networks

Languages: C, Python

Operating Systems: Windows XP, Vista, Windows 7, UNIX, SPLAT (Secure Platform), Linux

DOCSIS: Cisco, RCA, Com21, GI, 3Com, Samsung, and Toshiba

DLP: Websense, Symantec & McAfee

Cloud Environment: Amazon AWS

PROFESSIONAL EXPERIENCE:

Confidential

Network Firewall engineer

Responsibilities:

• Monitoring and troubleshooting traffic on PaloAlto-5020 firewall.
• Implemented firewall rules, policy packages, NAT rules and application-based URL filtering on Checkpoint firewall using R77 GAIA Smart Dashboard
• Proficient in manage and maintain Checkpoint Cluster XL, VSX, VPN-1 firewall along with experience in installation and configuration of Checkpoint security gateway, SmartConsole and SmartCenter server
• Creating and modifying rules and objects on PaloAlto-5020 firewall.
• Reporting on malwares and phishing alerts to the clients.
• Building configurations for Juniper MX 2010 and MX 2020 routers with features like port security, VLANS, VTP, PVST+.
• Monitoring on virus alerts from Symantec Endpoint compliance and reporting it to the client.
• Share the security advisories for the OEM products.
• Maintain multi-vendor firewalls Palo alto 3k, 5k and 5k series firewalls, Checkpoint R77.30, R75, R80.20Cisco ASA 5540, 5585 firewalls with firepower
• Implementing firewall rules using Palo Alto panorama, Checkpoint smart dashboard, Provider- 1 and Cisco CSM
• Worked on Palo alto APP-ID, User-ID and other security profiles like Anti-virus, Threat Prevention, URL-filtering and Wildfire etc.
• Implement Zone Based Firewalling and Security Rules on the Palo Alto Firewalls
• Performing backups and upgrades from time to time on different type of firewalls mostly on Palo Alto, Checkpoint and Cisco ASA firewalls
• Performed firewall migration from Cisco ASA platforms to Paloalto firewalls using Paloalto conversion tool
• Worked on extensively on troubleshooting multiple issues and driving Incident calls to resolution by doing packet capture techniques and performing other troubleshooting scenarios.
• 24/7 call center technical support for field integration partners deploying Cisco and fireewall network equipment
• Configured and troubleshot access-lists, service policies, and NAT rules, network object groups, service object Groups on ASA 5585 and 5505 Firewalls.
• Deploying, configuring, and administering Checkpoint EndPoint firewalls and hands on Negotiated Cisco Security ELA and built full implementation plan for CWS, CES, ISE, AMP, and Firepower.
• Configuring Checkpoint and ASA for NAT (Static PAT/Manual NAT) to enable remote.
• Experience in working with checkpoint, Palo Alto Next-generation firewall, Cisco ASA and Panorama M-100.
• Involved in Intrusion Detection, DMZ, encryption, IPsec, proxy services, Site to Site VPN tunnels, MPLS/VPN and implementing SSL with Websense
• Experience with TRITON- Web Security to serve as the configuration and management interface support for Websense software
• Experience on working with IPsec VPN, IDS/IPS, DLP, Application and URL filtering on checkpoint firewall module
• Experience on working with IPsec VPN, Security profiles and SSL decryption on Palo Alto firewall
• Monitored network activity within the Department of Education for intrusion and malware incidents using Surefire, Bluecoat, McAfee EPolicy, Symantec end point protection.
• Worked on integration with SNMP, RADIUS and Log Rhythm SIEM syslog server with Palo Alto and checkpoint firewall
• Experience in working on the Quarterly maintenance windows for failover, reboot of Checkpoint next-generation firewalls and Palo Alto firewalls, as well as other security devices
• Administer policy settings and upgrades to Forcepoint Triton APX Web, DLP, and Email applications
• Experience on working on Checkpoint firewall IDS/IPS module for setting up the upgradation of new signature patterns and monthly reporting for auditing purpose.
• Cisco ISE 1.3 Deployment and Profiling Policies Experience with Websense DLP web security gateway to provide security for outbound content over the web
• Prepare daily security management brief and advisories utilizing data from Tipping Point, Palo Alto, Websense Force point, Remedy and various security advisory sites.
• Worked on troubleshoot and packet capture analysis on Palo alto firewall and checkpoint firewall
• Check for the software compliance i.e. removes the non-compliant application used in organization.
• Create, modify, and troubleshoot the issues of users on PIM tool which give remote access to the server and network devices.
• Experience in configuring Juniper Layer 3 EX4200 & EX3200 switches. Design, implement and administer IPv4/IPv6 enterprise network infrastructure utilizing Juniper routers.
• Maintained Network Infrastructure/services designs including Network Segmentation, Group Identity Structures, and Layered Security Architecture.
• Built and Deployed workstations through System Center Configuration Manager (SCCM).
• Performed Network monitoring and troubleshooting.
• Well versed in the design and deployment of Cisco ACI solution.
• Updating maintain, & securing ASA Cisco Firewall and Juniper SRX Firewalls.
• Performed hardware and software troubleshooting on workstations.
• Adhered to and enforced strict DoD Security guidelines and best practices.
• Documented procedures, issues and resolutions in SharePoint.

Confidential, Elm Grove, WI

Network Security Engineer

Responsibility:

• Responsible to Install, Configure, Manage & Monitor Network and Security Infrastructure.
• Managed the network architecture consisting of Cisco 3750 stackable and 2960 switches in Core, distribution and access layers.
• Configuring Checkpoint and ASA for NAT (Static PAT/Manual NAT) to enable remote.
• Experience in working with checkpoint, Palo Alto Next-generation firewall, Cisco ASA and Panorama M-100.
• Worked on SIEM tool LogRhythm for reporting and data aggregation
• Experience on working with IPsec VPN, IDS/IPS, DLP, Application and URL filtering on checkpoint firewall module
• Experience on working with IPsec VPN, Security profiles and SSL decryption on Palo Alto firewall
• Expertise in Installation, configuration, maintenance and troubleshooting of Windows Servers, Hyper-V Virtual Machines and Microsoft Azure instances.
• Conducted periodic reviews of Checkpoint firewall policies rule base for rules consolidation and cleanup in coordination with stakeholders using Firemon tool.
• Maintained & monitored Cisco 2500 and 2600 series router.
• Configure and implement security solutions for various clients as per their requirements in Checkpoint R77, R75, R65, Provider-1, Palo Alto firewalls, Panorama, Cisco ASA firewalls, ASDM and in CSM.
• Working on tickets using Tufin Secure change to stage rules into checkpoint Firewalls.
• Responsible for installation, configuration of Checkpoint 12400, 12600, 21400 Appliances.
• Responsible for installation, configuration, maintenance and administration of Palo Alto firewalls PA-7000(7050, 7060), PA -5000, series (5060/5050/5020 ), PA 60/4050/4020 ) firewalls.
• Integrating Panorama with Palo Alto Firewalls, managing multiple Palo Alto Firewall using Panorama. Provides updates and upgrades to the Palo Alto Firewall and Panorama devices.
• Involved in upgrade of Panorama to version 8.1.1.
• Worked on the Checkpoint R80 in the lab environment. Building configurations for Juniper EX 3300 and EX 4200 switches with features like port security, VLANS, VTP, PVST+.
• Implemented Router Redundancy Protocols GLBP and HSRP.
• Implemented VLAN’s on layer 2 and layer 3 Switches.
• Implemented an efficient IP addressing scheme for organizations using VLSM and CIDR.
• Responsible for carrying out Network and IOS image upgrade.
• Well versed with Cisco's IOS operating systems, backup and retrieval of IOS and routing configuration.
• Installation of Palo Alto (Application and URL filtering, Threat Prevention, Data Filtering)
• Successfully installed Palo Alto PA-3060 firewalls to protects Data Center
• Implemented Positive Enforcement Model with the help of Palo Alto Networks
• Exposure to wild fire feature of Palo Alto
• Implementing vulnerability management Protocols in BCP (Business Continuity Process).

  Worked with Symantec Data loss prevention, DLP, monitoring and managing

• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs
• Build IT security infrastructure including Checkpoint, Juniper and Palo Alto firewalls
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall
• Maintained, configured, and installed Cisco and Juniper routers and switches: 7500/catalyst 6500/RV320/2960/catalyst, 6880/ /12410, 12816, 1204 series, Nexus 7k and 5k, WLC, and ASA 5540.
• Configured Intrusion Detection, DMZ, encryption, IPsec, proxy services, Site to Site VPN tunnels, MPLS/VPN, SSL/VPN.
• Worked on DNS server for maintaining database servers and IP addressing.
• Good in representing network layouts and designs with Microsoft VISIO.
• Ensuring the quality of implementation is as per the client and industry standard.
• Adhering to the client schedules and milestones.
• Responsible for the up-to-date Network health (wired and wireless) including Security, Performance and Reliability.
• Full responsibility for the implementation of LAN/WAN and support of IP routing.
• Performed key role in trouble-shooting hardware, software and network problems to maximize the network performance.

Confidential

Network support Engineer

Responsibilities:

• Configured RIP and EIGRP on 2600, 2900 and 3600 series Cisco routers
• Implemented VTP and trunking protocols (802.1q and ISL) on 3560, 3750 and 4500 series Cisco Catalyst switches.
• Upgrade Cisco 7200, 3600 Router IOS Software, backup Routers and Catalyst 3560, 4500 switch configurations.
• Staging firewall rules in Checkpoint smart dashboard during the day time to install during window time.
• Solving Problems on a case-by-case basis with deep understanding of networking/firewall concepts particularly in Checkpoint devices, experience with NSM and Provider 1 management stations.
• Checking firewall logs in checkpoint smart view tracker and doing packet capture in command line during troubleshooting.
• Implemented two factor authentications for the third party vendor connections who connects to Citi network.
• Auditing user accounts in Checkpoint Provider-1 on a monthly basis to remove unnecessary and ex-employee user accounts.
• Implement URL filtering requests in Bluecoat Proxy SG for website blacklist and whitelist purpose.
• Configured EIGRP for Lab Environment.
• Implemented ISL and 802.1Q for communicating through VTP.
• Working with Client teams to find out requirements for their Networks.
• Deploying the network infrastructure to meet the requirements.
• Created VLAN and Inter-VLAN routing with Multilayer Switching.
• Providing technical consultancy for better application response using QOS.
• Monitor performance of network and servers to identify potential problems and bottleneck.
• Performed RIP, OSPF, BGP EIGRP routing protocol administration.
• Installed Wireless Access Points (WAP) at various locations in the company.
• Maintained redundancy on Cisco 2600, 2800 and 3600 router with HSRP.
• Worked on installation, maintenance, and troubleshooting of LAN/WAN (ISDN, Frame relay, NAT, DHCP, TCP/IP)
• Configured Access List (Standard, Extended, and Named) to allow users all over the company to access different applications and blocking others.
• Configured STP for loop prevention and VTP for Inter-VLAN Routing.
• Performed maintenance and troubleshooting of connectivity problems using PING, and Trace route.
• Provided Network and Security Architecture and Operations support services for Windows 2008 based web, application and database servers.
• Provided technical support on hardware and software related issues to remote production sites.
• Support 24x7 operations and answer calls from the customers on network emergencies and resolve issues.