SUMMARY

• Ensure the smooth operation of the organizations Network Security Platform, Create Rules on Firewalls, manage Company Data Centers Devices and Remote sites in order to provide maximum performance and availability for the systems users, clients and vendors.
• Responsible for designing, installing, maintaining and supporting key LAN/WAN/, Protocols (OSPF, BGP, etc.)Security infrastructures.
• Provide high - level technical support for Low Latency trading network platforms; create and maintain network documentation; maintain hardware and software standards; and work on projects as needed in order to upgrade to new and/or improve communication equipment and procedures.

TECHNICAL SKILLS

• Palo Alto ( M-100 version: 8.0, 8.0.7)
• Palo Alto ( PA-7080, 3020, 7050)
• Juniper SRX 5600 ( version: 13.3)
• F5
• Pulse Secure
• Net Screen OS 6.6 r19 Firewall ( NSM)
• Global Protect
• Splunk
• Azure
• Zscaller
• Aparture
• Url Filtering
• VPN
• Cisco ASA
• SEP ( Symantec End Point)
• Junos Space Security Director 15.2R1
• Junos Space 12.3 21.1

PROFESSIONAL EXPERIENCE

Confidential, Milwaukee, WI

CYBER SECURITY Engineer/Network Engineer

Responsibilities:

• Systems operations, analysis and incident response.
• Vulnerability Scanning and Management
• Enterprise System Monitoring, Analyzing, Detecting, and Defending Support Services;
• Security Incident Response and Reporting Services Support
• Security Environment Research and Development Support Services;
• Penetration Testing, Phishing Attack, and Cyber Security Training Services.

Confidential, Dallas, TX

Network & Cyber Security Engineer

Responsibilities:

• Daily Operation, isolate, analyze, troubleshoot Network connectivity issues
• Troubleshoot BGP flapping issues, OSP issues and any escalated issues
• Upgrade HW and SW Project based
• On Palo Alto Remove duplicate or unused firewall rules
• Migrate ASA to Palo Alto using Migration Tool
• Create and Add New Rules to Firewall based on Requests and Need.
• Troubleshoot VPN users VPN connectivity issues through Palo Alto
• URL filtering, add http & https on white list as well as SSL Decrypt
• Remove firewall rules for servers that has been decommissioned
• Identify owning business partners for all firewall rules currently missing that information
• Verify that all objects in a firewall rule are needed and remove any that are not
• Manage Firewall & Support (Palo Alto, Juniper SRX, Net Screen, ASA) Platforms.
• Actively participate in a 24x7 delivery team, occasionally on-call and weekend work.
• Manage assigned security platforms, following clients procedures if required, which includes:
• Device health and availability monitoring, Device health incident resolution and escalation
• Configuration changes and request processing, Palo Alto W upgrades
• ASA to Palo Alto Migration using Migration Tool, device tuning and patching, License management
• Major upgrade and enhancements review, Hardware replacement management
• Create and maintain operational documentation required for technology management processes or to maintain device health. Complete assigned projects on time and wif excellent quality.
• Operations delivery including driving automation, analytics, and advanced threat analysis.
• Participate in quarterly business reviews wif vendors and customers.
• Stay up to date the latest vendor updates, expansion opportunities, and technology directions for all assigned platforms. Self-improvement through education, training, and certifications.
• Testing Plan documentation, Implement, Support and troubleshoot Route/switch Networking Solutions, including Cisco Nexus, ASA Firewalls, F5, Palo Alto, NET -SCREEN Firewall.
• Troubleshoot Cisco routers, Switches, Nexus 9k, 5k, 7k, 2k, Upgrade Juniper switches SW, create MOPS to upgrade Data Center devices, troubleshoot VPN,ASA,PALO ALTO issues and many more.
• Deploy PAN 5000 series and 3000 series in data Center and sites. Migrate Cisco ASA Firewalls to Palo Alto Upgrade Palo Alto version 6 to IOS 7.1.9 to 8.6 .• Setup VPN tunnel and troubleshoot VPN related issues
• Proactively identify, analyze, and resolve network and system problems, performance issues, and resource allocation.
• Manage Orion Solar Winds

Confidential

Firewall Engineer

Responsibilities:

• Actively work Security support escalations, incidents/problems
• Take incoming support requests and open internal or external tickets
• Migrate end-device connection points to Cisco Nexus 9000 Series
• Monitor and maintain Firewalls (Cisco ASA, Juniper SRX, and Palo Alto 5050, 3060 series, Palo Alto IOS upgrade 7.1.9 to 8.0.6, F5 Load Balancer, Inventory Management, Handle Service Restoration, Service Request and change requests. Design, plan, install, test and support LAN and WAN network hardware and software as it pertains to routers, switches and monitoring software, wif specific experience in Cisco product lines
• Design, plan, implement, and maintain networking/ security components: Direct Connect, IGMP v2, V3, Routing, PIM Routing, subnet creation, IPS/IDS, and overall security of trading platforms.
• Establish and maintain appropriate security configurations and controls for all network components.
• Establish and maintain tools and procedures for regular and frequent monitoring of network alerts.
• Design, plan, install and maintain adequate disaster recovery capabilities to meet the production support needs of the business. Create and follow documentation for systems, processes and procedures appropriate for the role, which may include network device information, configuration & change management, security monitoring, disaster recovery, etc. Provide troubleshooting and support for network issues. Assume other duties/projects as they arise and be responsive to the department's needs.
• Worked on OSPF, EIGRP, BGP, static route advertisement, PIM MCAST.WAN connectivity such as T1/T3, MPLS, Colo cross-connects. Spanning-tree, VTP, Port Channels, Load balancing, SPAN, RRPP, ether channel bundles, F5 Load Balancer, DNS, HSRP.

Confidential - Denver Colorado

Integration Architect- Data Center Migration

Responsibilities:

• ASA Migration to Palo Alto, Palo Alto SW Upgrade 7 to 8.0
• Monitor and manage corporate security devices and applications including Firewalls, Intruder Prevention Systems, Patch management Systems, Certificate Authority, Proxy Servers, Anti-Virus, Email Filters and Web Content Filters.
• Configure and support anti-virus software
• Configure and manage the essential features of Palo Alto Networks next-generation firewalls
• Configure and manage Global Protect to protect systems located outside of the data center perimeter
• Configure and manage firewall high availability
• Monitor network traffic using the interactive web interface and firewall reports
• Configure, support, and troubleshoot Checkpoint firewalls and Palo Alto firewalls
• Implementing and troubleshooting Panorama M-500 appliances Comfortable accessing and utilizing CLI functions of a Palo Alto Firewalls and Panorama management system.
• Provide expert support, analysis and research into complex problems and processes relating to deployed Palo Alto Networks equipment implementing and supporting various Palo Alto Firewall modules such as Wildfire, Threat Prevention, URL Filtering and Antivirus Firewall Life Cycle Management
• Implementing Application Identification(APP-ID) objects implementation experience wif Global Protect for large scale Remote Access user base managing and optimizing Logging of Firewall traffic and Rule Base activity
• Network Routing protocols such as OSPF and BGP configuration and troubleshooting
• Familiar wif Penetration Testing, Vulnerability Analysis, and Threat Research valuable. ability to identify root causes of issues and provide solutions

Confidential, Austin, TX

Network Engineer

Responsibilities:

• Provisioned Palo Alto Firewall, implement and troubleshoot.
• Firewall Security
• Provided Global support for Confidential /Pay Pal Back Bones (MPLS based) Infrastructure and remote locations (Core, Aggregation & Access) SRX Firewall, Juniper MX 480, 960, MPLS L2VPN/L3VPN
• Isolated, identified, analyzed and troubleshot BGP, OSPF, IS-IS, RSVP related issues
• Troubleshot network systems and performance, Servers and remediating issues professionally and concisely. Supported for advanced level and on-call support for large variety of networks, systems
• Maintained, configured and supported networking devices (Juniper MX 480, SRX, Layer 2 switches), fibers, circuits, Juniper SRX and Palo Alto Firewall administration and Support, Software upgrade.
• Juniper Net screen on SRX platforms, JUNOS Space and Spotlight, juniper
• Installation, configuration, policy management andtroubleshooting on Palo Alto Pan OS and Panorama platforms. SW Upgrades through PAN

Confidential, Richardson, TX

Advance Support Engineer

Responsibilities:

• Write MOPS ( Method of procedures) for clients Migration Projects Hardware, SW, Routers, Switches, Wireless
• Provided third level support troubleshooting issues affecting several Cisco Clients ( Confidential, Sprint, T-Mobile, Verizon and Global Network).
• Worked in the Lab group where I participated on Design, Implement and Support Data Center Centers Technologies and Wireless: VOIP, Wireless, Nexus 5k, 7k, UCS, ASR 5k, 55k, 9k, Catalyst Switches 6500, Cisco routers.
• Configured and implemented CISCO WIFI/ wireless solutions.
• Supported and Troubleshot AP communication, RF interference, and channel problems.
• Performed analysis and diagnosis of highly complex WIFI problems.
• Provided great noledge of wireless communications, protocols, QoS, airtime fairness end point troubleshooting, security and wireless configuration; had a great understanding of networking technologies such as TCP/IP, DHCP, TFTP, VLAN, QoS, VoIP, and various WAN technologies.
• Configured and troubleshot WLAN security features.
• Installed, configured, and troubleshot WLAN hardware OS/firmware upgrades.
• Used WLAN Protocols: 802.11a, 802.11b, 802.11g, 802.11n; Wireless Security: WEP, EAP, LEAP, WPA, TKIP, PEAP, WPA2 Wan Support.
• Designed, engineered, analyzed, configured, and troubleshot Cisco client’s network infrastructure and services, including Cisco switches, routers, LAN/WAN, firewalls, Wi-Fi and VPN devices, WAN protocols, and routing protocols such as EIGRP, OSPF, BGP etc.
• Performed ASR 9K, ASR 5K, ASR 55K Migrations/Configurations, etc.
• Contributed and maintained detailed noledge base and documentation for IT infrastructure.
• ASR9K - Configured OSPF between IOS XR core routers, including using network type point-to-point for all Ethernet interfaces. Deliver MOP and assist Clients for Maintenance Windows.
• Validated on ASR FULL OSPF neighbors in the core, configured IPv4 static routes, and then redistributed them into the OSPF process, configured a prefix-set and RPL route-policy.
• Utilized the RPL route-policy to only allow specific static routes to be redistributed into the OSPF process (and blocked the other static routes into OSPF).
• Re-started the OSPF process and verified that all the OSPF neighbors came back up FULL.
• Configured OSPF on ASR9K’s and the CRS’s core interfaces by placing physical or logical interfaces under the OSPF process.
• ASR9K SW Upgrade SW installation and upgrade process on the ASR9K.
• Upgraded ASR9K through TurboBoot and the mini pie.
• Installed SW on IOS XR wif following steps: install add, install activate, install commit, download SW packages to an XR platform using FTP, SFTP or TFTP and copied SW to the ASR9K using FTP and performed Post Upgrade SW verification.
• Started out wif ASR9K or CRS system running 4.1.1 SW, then added and activated 4.1.2 SW via “install source hard disk.
• During Maintenance Window, remotely provided Solutions and implantation of backbone routers, regional core routers, regional aggregation, cell site back haul, Evolve Packet Core ( EPC), MME, SGSN, PDSN wif
• (ASR 5K, 55K, LTE running on 7600 gears, and DNS, etc. and other network connected devices while isolating faults. Provided Vmware, Install, Support (VCP 5).
• Provisioned, implemented and tested firewall rules, Support VPN tunnel communication/rule requests.
• Service web proxy whitelist and blacklist requests, Handle incident response on IPS intrusion events.
• Front-line IPS signature tuning, Perform new host/new service vulnerability scans.
• Monitored and remediated malware/viruses not quarantined by antivirus.
• Reviewed, analyzed and acnoledged daily/weekly/monthly security reports.
• Performed Time Management, Meetings, Provide Training, Multi-tasks, prioritize activities based on business need and production availability requirements.
• Managing and troubleshooting all escalated calls from Global Cisco Clients.
• Interacting wif clients, understanding their needs & providing technical support to clients by remotely accessing their networks & troubleshooting the issues raised.
• Trouble shooting Router Link related issues, Managing and troubleshooting all escalated calls from Field engineers
• Support Cisco ASA for Several Cisco Clients while at Cisco in Advance Support Team
• Configured, supported PIX (506, 515, 525, 535), ASA (5505/5510) Firewalls.
• Implementing security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
• Dealt wif monitoring tools like network packet capture tools such as Wire-shark, etc.
• Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate.
• Network redesign for branches / Campus Locations, Changing both the voice and data environment. Replacing branch hardware wif new 2851 routers and 2960 switches.
• Performing security audits of perimeter routers, identifying missing ACL’s.
• Troubleshooting of complex LAN/WAN infrastructure, including routing protocols EIGRP, OSPF ISIS & BGP.
• Lab testing & validation prior to implementation of Nexus 7K, 5K & 2K connecting to blade servers.
• Settings of the networking devices (Cisco Router, switches) co-coordinating wif client system/Network Engineers during implementation.
• Working on troubleshooting of complex LAN/WAN infrastructure.

Confidential, TX

Network Engineer

Responsibilities:

• Design, Implementation and Support
• Escalation Point for Network Operation and tutor junior engineers
• Provided day-to-day support, training, and technology implementation as well as long-term project management for Confidential Managed customer networks.
• Conceptualized and implemented systems upgrades.
• Worked wif clients to analyze current network needs and identify areas in need of improvement.
• Researched and deployed innovative usage of technology to improve client productivity and efficiency.
• Managed team of NOC and network engineers to meet needs of customers.
• Drafted technical documentation on projects, specifications, solutions and problems.
• Palo Alto administration, SW upgrades and Support and troubleshoot.
• Sonnet DWDM support and implementation.

Confidential

Network Integration Architect

Responsibilities:

• Coordinated the efforts to decommission multiple unneeded datacenters.
• Lead Network Engineer on Infrastructure as a Service (IaaS) implementation
• Worked closely wif the design, integration, and validation teams and design tests
• Collected, compiled, and analyzed data and establish system requirements
• Analyzed, reviewed, tested, implemented, and validated system integration
• Prepared technical instructions, technical designs, and documents related to system integration
• Reviewed system requirement, and developed, and conducted testing plans
• Assisted clients in installing and maintaining integration support
• Design and integration of Confidential remote site network infrastructures nationwide
• Contributed in the total re-IP addressing of two class-A networks, dividing the IP ranges into two.
• Involved in the analysis and creation of standards for network topologies used across the company.
• Design and integration of remote site network infrastructures Nationwide
• Design, Implement, Support Aruba Controllers and Aps.
• Troubleshoot VPNS site to Site issues and Remote VPN, DNS, DHCP, BGP, OSPF, EIGRP,
• Network Operation Support wif User daily issues, slow network connectivity issues,
• Monitoring Tool: Orion Solar Wind. Ticketing: Remedy