SUMMARY

• 7+ years of experience in Windows network administration, Cisco products, systems design, implementation and troubleshooting.
• Experience in Network Security, Citrix Netscaler VPX Load Balancer, checkpoint GAIA, checkpoint VSX, palo alto, blue coat, incident management, SourceFire Firepower7000/8000, Cisco Virtual NGIPS for VMware, ASA with Firepower.
• Cisco secure wireless network design implementation for 25 branch office networks, secure VPN integration with Cisco ACS.
• Experience deploying BIG - IP F5 LTM/GTM Load Balancers, F5 Firepass, Zenoss for load balancing and traffic management of business application.
• Experiencewith Cisco, SSL Security which includes designing, Deployment and providing network support, installation and analysis for a broad range of LAN / WAN protocols.
• Experience to run independently with Network Engineering like Routing/Switching and Protocols VPN along with ASA Firewall.
• In depth knowledge of networking requirements VLANs, trucking, multicast, VRFs, OSPF& BGP routing.
• Real world experience with firewalls from Check Point, Palo alto, Blue coat, Incident management.
• Hands On experience Cisco IOS/IOS-XR/NX-OS,for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS.
• In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Subnetting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits, Firewalls.
• Experience in Designing and assisting in deploying enterprise wide Network SSL Security and High Availability Solutions for ASA.
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 7010, 5000 series to provide a Flexible Access Solution for datacenter access architecture.
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
• Implementing traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).
• Responsible for Check Point and ASA firewall administration across global networks.
• Experience in successfully Design, installation, configure, troubleshoot and manage Checkpoint Solutions.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX SSL Security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.
• Wireless standards (802.11a, 802.11b, 802.11g, 802.11n, 802.11ac, 802.11ad) and 802.1X authentication.
• System administration in a mixed Solaris/Windows environment, tested pc configuration and trouble shooting
• Shell scripting, NIS, NFS, user, group, routing and DNS administration, Unix tools configuration

PROFESSIONAL EXPERIENCE

Confidential

Cisco Security & Firewall Engineer

Responsibilities:

• Design, Build, and Implement various solutions on Check Point Firewalls, Blue Coat Proxies, F5 Load balancers and F5 Local and Global Traffic Managers. palo alto, blue coat, incident management
• Performed Up gradation from old platforms to new platforms R62 to R75.20 etc.
• Deployed and managed Source fire devices where implemented access control policies, analyzed events and configured several basic rules
• Managed powerful features of the Cisco Source fire system including Foresight technology, in-depth event analysis, IPS tuning and configuration, and the Snort rules.
• Used Solar wind and Wire shark to perform network monitor like multivendor fault, performance, customized topology, deep packet inspection and analysis, network root monitoring etc.
• Managed SIEM software to provide real time analysis of security alerts generated by network system, used to log security data and generated reports for compliance purposes.
• Worked on Carbon Black as endpoint threat detection to prepare for a data breach through endpoint recording, customized endpoint detection, live response, remediation and threat banning.
• Managed VSX gateway, service provider, virtual system, customer management, multi domain server, context identification, VSX inspection module etc. on checkpoint VSX
• Created digital certificates which map public keys to entities, securely stores these certificates in a central repository and revokes them if needed by using PKI (Public Key Infrastructure).
• Managed Cisco ISE for network infrastructure supporting 802.1x wired, wireless and VPNs
• Assisted in developing capability to identify traffic patterns and behavioral trends of potential malicious wireless network traffic.
• Developed, integrated, and executed test plans for wireless assessments including scripts for automation
• Worked with clients to develop high level wireless strategies
• Performed assessments of existing client wireless network design and documented as required
• Worked with various wireless technologies and products (eg. 80.11, CDMA, HSPA, WiMAX)
• Performed assessments of Wireless LAN (WLAN) networks employing advanced security.
• Continuous monitoring of CPU utilization, link utilization, connection table utilization.
• Experience in different VPN platforms, IPSec, SSL & Web VPN. Mobile VPNs solutions from Cisco and Checkpoint.
• Worked with packet/protocol fault analysis for common IP and Ethernet protocols and troubleshooting wired and wireless connections using wireless traffic analyzers (Wireshark, TCPDUMP etc.)
• Used WIDS/WIPS technologies, VPNs, firewall theory, and packet analysis principles and techniques applied in securing operating systems and LAN/WAN networks.
• Used Cisco prime NCS to resolve access problems across wired and wireless networks to get users back online faster
• Checkpoint Connectra appliances-NGX R62 & R66
• Implemented clientless SSL vpn on ASA 5500-x platforms
• Worked on ASA and ASDM configuring the ACL’s and monitoring.
• Worked on ASA routed mode and transparent mode
• Worked on ASA 5500-x platform configuring the web, SSL, any connect VPN’s.
• Worked on AIP-SSM and CSC-SSM modules on ASA, ASA-botnet filter.
• Configuring failover and working on SSL-vpn when in active/standby failover on ASA.
• Creating Virtual IP address, Pools and Persistence profiles on F5 LTMs.
• Create complex iRules using TCL language for URL redirections, HTTP header-insertion and HTTP header modification.
• Creating Wide IPs with various load balancing methods like, Global Availability, Topology and Round Robin.
• Deployed LTMs and GTMs in DMZ environments with FIPS solutions.
• Perform SSL Offloading on LTMs and web accelerators with 2048-bits VeriSign certificates. Also, renewing certificates to ensure the security of websites.
• Engaged in various migration projects like migrating V 9.x load balancers to V 10.x.
• Migrated Firewall infrastructure from Check Point R65 to Netscreen ISG2000.
• Implement the firewall rules using Netscreen manager (NSM).
• Gathering details from customers and providing best security infrastructure solutions with F5 load balancers, Check Point/Netscreen firewalls and Blue Coat proxies
• Commissioning & de-commissioning with Cisco 7500, 7200, 6500 with SUP 720 module, 3550, 2950 switches for the Data Center migration & operations.
• Being part of L3 escalation team, receive the call from L2 team during the on call time.
• Performed daily system monitoring, verifying the integrity and availability of all hardware, server resources, systems, and key processes, reviewing system and application logs, and verifying completion of scheduled jobs such as backups on Unix System
• Applied OS patches and upgraded on a regular basis, and upgrade administrative tools and utilities, configure/add new services as necessary.
• Used Perl and Python on reading data from files, processing data and writing output to files.
• Used Bash to handle files likes moving, copying, renaming etc as well as using files as input for other programs or storing other program's output in files.
• Maintained Sun Solaris file server, which used Samba to serve files to mostly Windows 2000 clients

Environment: Cisco 6509/ 3750/3550/3500/2950 switches, Checkpoint firewalls, Net Flow, TACACS, EIGRP,RIP,OSPF,BGP,VPN,MPLS,CSM,SUP720, Ether Channels, Palo alto, Blue coat, Incident management, Sun Solaris, Linux, CentOS.

Confidential

Network Engineer

Responsibilities:

• Involved in Design, Build, and Implement various solutions on Check Point Firewalls, Blue Coat Proxies, F5 Load balancers, F5 Global Traffic Managers, Palo alto, Blue coat, Incident management.
• Configured and maintain Windows and VMware environments
• Provided 2nd tier support- troubleshoot technical problems
• Monitored, reconfigured and tuned hardware and software for performance improvements and future scalability.
• Worked with SAN attached clusters including boot from SAN and automated tasks through scripting.
• Implemented Penetration test on server, endpoints, web application, networks to identify security breaches, service interruptions, system vulnerabilities including OS, service and application flaws, improper configuration, risky end-user behavior etc.
• Performed Up gradation from old platforms to new platforms R62 to R75.20 etc.
• Continuous monitoring of CPU utilization, link utilization, connection table utilization.
• Experience in different VPN platforms, IPSec, SSL & Web VPN. Mobile VPNs solutions from Cisco and Checkpoint.
• Checkpoint Connectra appliances-NGX R62 & R66
• Implemented clientless SSL VPN on ASA 5500-x platforms
• Worked on ASA and ASDM configuring the ACL’s and monitoring.
• Worked on ASA routed mode and transparent mode
• Worked on ASA 5500-x platform configuring the web, SSL, any connect VPN’s.
• Worked on AIP-SSM and CSC-SSM modules on ASA, ASA-botnet filter.
• Configuring failover and working on SSL-VPN when in active/standby failover on ASA.
• Creating Virtual IP address, Pools and Persistence profiles on F5 LTMs.
• Create complex iRules using TCL language for URL redirections, HTTP header-insertion and HTTP header modification.
• Creating Wide IPs with various load balancing methods like, Global Availability, Topology and Round Robin.
• Perform SSL Offloading on LTMs and web accelerators with 2048-bits VeriSign certificates. Also, renewing certificates to ensure the security of websites.

Environment: Cisco 6509/ 3750/3550/3500/2950 switches, Checkpoint firewalls, Net Flow,TACACS,EIGRP,RIP,OSPF,BGP,VPN,MPLS,CSM,SUP720, Ether Channels, VMware

Confidential, Murrysville, PA

Network Administrator

Responsibilities:

• Configuration and Troubleshooting of core, distribution and access switches(Cisco 6500, 3750, 2950 series) in LAN and WAN network.
• Configuration and troubleshooting of Server Load Balancers such as CSS and F5 BigIP, firewalls Checkpoint.
• Planned and Migrated Intranet on to MPLS backbone from meshed NLD Architecture.
• Established eBGP peering with all PE core routers.
• Applied prefix-lists for controlling routing updates.
• Redistributed the required routes from Internal LAN into BGP and vice versa.
• Redistributed required routes from OSPF in to BGP. OSPF cloud is present in US and is connected to all our customers over Sprint’s Frame Relay backbone
• Fine-tuned OSPF metrics to avoid routing loops and ensure redundancy in case of link failures.
• Fine-tuned OSPF metrics to avoid routing loops and ensure redundancy in case of link failures.
• Traffic prioritization and shaping done with BGP attributes (Local preference and MED).
• Implemented HSRP between Core switches and backbone routers.
• Worked with service providers for resolving post migration issues.
• Troubleshooting and performing Changes with Firewalls such as.
• Hands on experience in Problem Management and Change management.
• Coordinating with Vendors like Virtela, Qwest, Level-3 (ISP), Verizon.

Environment: Cisco 3750/3550/3500/2960 switches and 3640/12000 /7200/3845/3600/2800/ ASA5510 routers, Checkpoint, Aruba Controllers 6000, 3600, 3400,650.

Confidential, Providence, RI

Network Operations Engineer

Responsibilities:

• Migrated to R70.1 in various Checkpoint IP series appliances from R65, R62, R60 and building the new SmartCenter server.
• Rule base verification and migration.
• Configuring the gateways in a HA cluster and clusterXLusing a single virtual IP address
• Worked on checkpoint UTM1, VPN1 and activating blade licenses to be used as Intrusion prevention and antivirus appliance.
• Implementation and configuration of ASA 5520 in failover along with the CSC module as per the customer requirement
• Implementation and configuration of ASA 5520 in failover with site site-to-site VPN and RA VPN; IPS
• Deployed BIG IP Enterprise manager to cluster all the F5 LTM, GTM, ASA, Netscreen devices for easier management and common configurations.
• Involved in migration of F5 Local traffic managers of LTM 5100 series to LTM 6800 series for higher
• Configuring & managing around 500+ Network & Security Devices that includes Juniper (NetScreen) Firewalls, F5 BigIP Load balancers and 3DNS, Blue Coat Proxies and Plug Proxies.
• Clean up all legacy devices and insure all systems in the environment have been cleaned up.
• Measure the application performances across the MPLS cloud through various routing and switching methods.
• Implementation of HSRP, DHCP, DNS, FTP, TFTP, MRTG.
• Designed, developed, maintained and supported wired and wireless networks.
• Configured L3 protocols (IP, BGP, OSPF, EIGRP, IGRP, RIP, ISIS), redistribution, summarization, Filtration (using distribute list, route map, prefix list, access list).
• Provides superior technical guidance and direction to customers and trading partners for issue resolution.

Environment: Cisco 3750/3550/3500/2960 switches and 3640/12000 /7200/3845/3600/2800/ ASA5510 routers, Checkpoint, Aruba Controllers 6000, 3600, 3400,650, Nexus7K/5K, 2248/3560/5020/6509.