PROFESSIONAL SUMMARY:

• CCNA & PaloAlto certified Senior Network Security Engineer with 7 years of professional experience in routing, switching, firewall technologies, implementation and troubleshooting of complex network systems.
• Well Experienced in consulting of different security solutions for all phases of solution cycle: Planning, Architecture, Design, Implementation, Deployment, Troubleshooting & Support, Handover and Documentation
• Worked on security like Checkpoint, Cisco ASA , and Palo Alto firewalls .
• Deploy and configure Cisco routers a nd switches such as 2950, 2960 (Layer 2 switches), 3550, 3560, 3750, 4500, 6500, 7000 (Layer 3 switches), 3925, 3945, ISR and ASR (1001, 1002, 1004) and Cisco Nexus to meet business standards.
• Manage firewall/security systems by establishing and enforcing policies; defining and monitoring access.
• Monitor the SNOW (Service Now) Ticketing management system to manage client request or issues.
• Excellent knowledge of networking concepts - TCP/IP, DNS, DHCP, NAT/PAT, VLANs.
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols (RIP, OSPF, BGP, IGRP and EIGRP), Implementation of gateway redundancy by configuring HSRP, VRRP, GLBP
• Experience with SD-WAN deployment, worked with network engineer team to design and implement industry SD-WAN infrastructure to provide secure, carrier-independent WAN connectivity across the enterprise.
• Proficiency with enterprise networks using Palo Alto Firewalls, including Firewall Policy Rules, URL-Filtering, App-ID, User-ID, etc.
• Hands-on experience in design, configuring, supporting and administrating Data Centers, Cisco routers, switches, Nexus switches, Load balancers (F5) and NSX firewalls
• Hands on experience with different vendors such as Cloudgenix and Velocloud for SDWAN testing in POC lab setup with Hub-Spoke topology.
• Experienced LAN Switching technologies including a detailed understanding of all Ethernet standards. Ethernet Layer 1 wiring speed and duplex, CSMA/CD, basic switch port configuration
• Hands on experience with Aruba wireless controllers, Aruba Airwave, and Aruba ClearPass
• Experience with implementation of multiple web filtering and application control profile on the Fortinet firewall
• Knowledge of configuration Network infrastructure on Azure with VPC, Subnets, Internet gateway, NAT, Route table.
• Experience assessing, designing, and implement network and security solutions for corporate and Cloud-based network.
• Experience in Supporting and troubleshooting Checkpoint (R77 Gaia, R75.40, R70, R65, Provider-1, MDM/MDS, VSX, SPLAT and IPSO).
• Knowledge VMware vBlock and NSX technologies
• Hands-on configuration and experience in setting up Cisco routers, switches to perform functions at the Access, Distribution, and Core layers.

TECHNICAL SKILLS:

LAN & WAN Technologies: Routing, Switching, VPNs, PPP, Frame Relay, Subnetting, VLSM, IPV4 & IPV6, Ethernet, Fast Ethernet, and Gigabit Ethernet, VLAN, Inter-VLAN RoutingCisco devices Cisco routers & switches, ASA Firewall (8.2,8.6,9.3), Cisco IOS, IPS4200, Cisco (2K/5K) Cisco ACS (4.0+, 5.0+), Cisco Nexus (2k, 5k, 7k).Network Security IOS Router & Switch Security, Firewalls, Cisco IPS, ISE, ACS5.x, VPNs

Firewall: Cisco ASA, Checkpoint, Palo Alto Networks next-generation firewalls, Firewalls/VPNs, FortiGate

VPNs: IPSec VPN (Site-to-Site VPN), Remote Access VPN, DMVPN, SSL VPN

Switching and Security: STP, VTP, VLANS, PVST, RPVST, MST MAC ACL, Port Security, Port ACL, Private VLAN, DHCP Snooping, ARP inspection, Aruba, IP Source Guard, STP attack mitigations, 802.1x, SPAN, RSPAN.

Routing and Security: OSPF, BGP, EIGRP, ISIS, VRF, VPN, RIP, IP MPLS, Redundancy (HSRP, VRRP, GLBP), NTP, SNMP, Route Filtering, Redistribution, Summarization, NAT/PAT, Port mapping, uRPF, Anti-Spoofing and Policing Traffic at Layer-3, Layer 2, AAA, Powershell

Documentation: MS Office, MS Visio

EDUCATION & CERTIFICATION

Bachelors of Computer Engineer,: Gujarat Technological University - 2013

Masters of Software Engineer,: California State University - 2015

PALO ALTO ACE (Palo Alto Firewall)

PROFESSIONAL EXPERIENCE:

Confidential, Atlanta, GA

Network Security Engineer

• Assisted the team with configuration, installation, and maintenance of WAN routers and switches in a large EIGRP domain with BGP routing into to the MPLS carrier’s networks.
• Create and maintain technical drawings and support documentation of the enterprise network infrastructure and perform capacity planning and application analysis for network performance and sizing.
• Planned and implemented EIGRP and EBGP peering relationship with other ISP.
• Responsible for managing the F5 Load balancer infrastructure of the client environment with F5 LTM, GTM. Involving all the task related to change, troubleshoot and migration activity as well as Implementation new Hardware
• Worked with SD-WAN deployment, worked with network engineer team to design and implement industry SD-WAN infrastructure to provide secure, carrier-independent WAN connectivity across the enterprise.
• PAN Next-Generation Firewall design, implementation, and support experience and PAN Management (Panorama) design, implementation, and support experience.
• Skilled with complex Palo Alto security design and integration with Cisco technologies and done with migration from Cisco ASA to PA (Palo Alto).
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall Analyze logs and make necessary network report using smart reporter console application.
• Analyzed logs and make necessary network report using smart reporter console application.
• Worked with F5 Local Traffic Managers (LTM) and Global Traffic Managers (GTM) in Active/Active and Active/Standby scenarios.
• Monitoring the network traffic with the help of QRadar and Cisco IPS event viewer.
• Designing, deploying and troubleshooting IP and wireless networks, which includes enterprise IP networking, Aruba ClearPass, Aruba AirWave
• Configured and troubleshoot Cisco firewalls (ASA 55xx series) through ASDM and CLI to update/implement ACL rules and troubleshoot the Virtual firewalls (Contexts) solutions in ASA.
• Worked on all Palo Alto Networks Firewall models (PA-3k, PA-5k) as well as a centralized management system (Panorama) to manage large scale firewall deployments and Configuring rules.
• Monitored network and server performance with monitoring tool like Solarwinds and PRTG.
• Worked with Cisco IPsec Remote Access VPN, Anyconnect VPN, Clientless SSL VPN, Site- to Site VPN.
• Switching task like created VLANS, configure trunk port on Fast Ethernet channel between switches.

Confidential, San Antonio - TX

Network Security Engineer

• Worked on Palo Alto security features including Threat Prevention, App-ID, Content-ID, SSL decryption, WildFire, Traps, URL filtering, GlobalProtect and Panorama.
• Advanced knowledge in the installation, configuration, maintenance and administration of Palo Alto Network firewalls, Panorama, Checkpoint and Fortinet Firewalls.
• Experience in Implementation and configuration of Palo Alto models, import existing device configurations into Panorama Palo Alto firewall and firewall deployments.
• Troubleshooting and configuring Palo Alto 5060, 3060 and Configuring rules and Maintaining Palo Alto Firewalls with IPS & Analysis of firewall logs and Responsible for administering (Create, modify & add) Palo Alto Firewall security policy and rule base.
• Configured IPsec tunnel between Branch-site and Site-site network. Configured DHCP on switches for dynamic IP address allocation for laptops, wireless AP, and IP phones.
• Manage Checkpoint firewall/security systems by establishing and enforcing policies; defining and monitoring access
• Perform network security utilizing VRF, Multiprotocol Label Switching (MPLS), access control list (ACL)
• Experience deploying BIG-IP F5 LTM, GTM Load Balancers for load balancing and traffic management of business application and Hands on experience in F5 load balancers, its methods, implementation and troubleshooting on LTMs and GTMs.
• Installed & Configured the F5 BIG-IP LTM, configured virtual servers and associate them with pools for Internal web servers and Load Balancing with F5 GTM and LTM across multiple data centers.
• Experience with LTM F5 component to provide High Availability with providing services across data centers.
• Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
• Worked & maintain the Cisco ASA infrastructure and Configuration of IPSEC and SSL VPN and troubleshoot firewall issues. Configure URL filtering to enable and/or disable user traffic access to web-sites.
• Experience in installation, configuration, maintenance troubleshoot and administration of Checkpoint GAIA Firewall R55 up to R77.20, Secure Platform Installation, VPN, DMZ, clustering, and HA, App Control and URL Filtering, Identity Awareness, IPS, Threat Prevention etc.
• Configured routing protocols such as OSPF, EIGRP, BGP protocol on Cisco devices.
• Worked with Cisco IPsec Remote Access VPN, Anyconnect VPN, Clientless SSL VPN, Site- to Site VPN.
• Setup and maintained CheckPoint Security policies including NAT, VPN and Secure Remote access.
• Configure, monitor and troubleshoot of Checkpoint and ASA firewall including ACL, NAT and policies and Configure and troubleshoot Checkpoint software blades such as Identity Awareness.
• Worked on Nexus7K, 5K, 2K series like 7010, 7018, 5020, 2148, 2248 switches for VPC, VDC & OTV.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree (STP, RSTP and MST) for creating Access/distribution and core layer switching architecture.

Confidential, Syracuse, NY

Network Engineer

• Optimized performance of the WAN network consisting of Cisco 3550/4500 switches by configuring VLANs and Experience in configuration and deployment on DHCP/DNS.
• Manage Cisco ASA firewall/security systems by establishing and enforcing policies; defining and monitoring access
• Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-Vlan routing, LAN security.
• • ACL consolidation for Cisco PIX and Cisco ASA and Fortinet Firewalls ( 2 x 100 D).
• Cisco routers 1200, 1600, 2500, 3600, and 7500 series, with Cisco pix firewall, Cisco catalyst switches 2900,4000,5000,6500, 6509, 7609 series; VLAN management, trunking and ether channeling, Ethernet, fast-Ethernet, gigabit Ethernet and FDDI technologies. Cisco ASA Firewalls 8.2, 8.3, 8.4, Cisco IOS Zone Policy Firewall.
• Configured TCP/IP, LAN switching, Spanning-Tree and various Cisco IP routing protocols RIP, BGP, EIGRP and OSPF and Managing Cisco switches and Routers on the network.
• Configured, tested, troubleshoot and maintained network connectivity in a LAN/WAN environment and it service running routing protocol on cisco device.
• Effectively consulted on various designs with clients ranging from firewall installation, security practices, load-balancing in different modes and VPN methods
• Drafted and installed Checkpoint Firewall rules and policies
• Provided network Installation and firewall support to various internal groups for upgrades and migrations.
• Actively use, smart view tracker, and Checkpoint CLI to security gateways for troubleshooting.
• Configured inter-VLAN routing and Layer 2 security features and implemented Cisco best practices configuration network devices and act on Layer 2 switches 3750, 4500X, in multi-VLAN environment.
• Experience in configuring and maintain Cisco Catalyst 2960s, 3750, 4500 series switches and Cisco 3800, 3925, 7200, 7600 series routers & Configured VLANs with HSRP on Cisco Switches and upgrade.

Confidential

Network Engineer

• Configured TCP/IP, LAN switching, Spanning-Tree and various Cisco IP routing protocols RIP, BGP, EIGRP and OSPF and Managing Cisco switches and Routers on the network.
• Setting up of the networking devices (Cisco Router, switches) co-coordinating with the system/Network administrator during implementation.
• Maintenance and configure TCP/IP, IP routing protocols, Nortel Succession platforms, Ethernet Switching, VLANs, Cisco, and Juniper router.
• Monitor and responsible for access control to the Data Center to prevent unauthorized access.
• Worked on F5 GTM, configure Wide IPs and pools to load balance the client traffic between the two data centers
• Worked Palo Alto and Checkpoint Next Generation firewall. Implement the firewall rules using Net Screen manager (NSM).
• Planned, designed and Configuration of various Policy, Profile Authorizations, End device Profiling, User Identities and AD mapping with various attributes and levels of authorizations and Network Access.
• Configured, tested, troubleshoot and maintained network connectivity in a LAN/WAN environment and it service running routing protocol on cisco device
• Drafted and installed Checkpoint Firewall rules and policies
• Optimized performance of the WAN network consisting of Cisco 3550/4500 switches by configuring VLANs and Experience in configuration and deployment on DHCP/DNS.
• Provided network Installation and firewall support to various internal groups for upgrades and migrations.
• Actively use, smart view tracker, and Checkpoint CLI to security gateways for troubleshooting.
• Configured inter-VLAN routing and Layer 2 security features and implemented Cisco best practices configuration network devices and act on Layer 2 switches 3750, 4500X, in multi-VLAN environment.