PROFESSIONAL SUMMARY:

• 7+ years of experience in Network and Security engineering and Network Infrastructure, routing, switching, firewall technologies, system design, implementation, troubleshooting of complex network systems, enterprise network security, wireless design, and data network design, capacity management and network growth.
• Advanced knowledge of OSI model, TCP/IP, Internet technologies, system security, firewall infrastructure, network architecture and Cisco network routing / switching (Layer 2 and 3) experience, including LAN and WAN, design and implementation which includes Layer 1 to Layer 7 experience
• Strong experience in Network security using Juniper SRX, ASA Firewall, Checkpoint, Palo Alto, Cisco IDS/IPS and IPSEC/SSL VPN.
• Worked on different firewall & security appliance such as, Checkpoint 4400,4600,4800, 21700,Palo - Alto 200,500,3020,3060, 5020,5060, Panorama M-100/500, Juniper SRX 240, 650, 1400, 3400. Junos Space, Cisco Sourcefire, FireEye, Imperva (WAF).
• Manage, operate, and analyze data from corporate security systems including Sourcefire IDS.
• Expertise in network protocols, Firewalls and Communication Network design.
• Migrated and implemented new solutions with Juniper SRX 240, 650, 1400, 3400.
• Configuring Site-Site VPN on Juniper Firewall with SRX 1400, 3400.
• Managed multiple security devices in order to protect the Enterprise’s network - Vulnerability Scanners, Malware Detection, Intrusion Detection; Host based Firewalls, SIEM, Web Application Firewall
• Implemented Juniper FW Interface, NAT and VLAN using Junos Space..
• Advanced knowledge, design, installation, configuration, maintenance, migration and administration on Juniper SRX device.
• Experienced in handling Junos Space Network management to administer Juniper devices.
• Checkpoint VPN-1/ Firewall-1, 3D Analysis, GAiA, Standalone & Distributed setup, Security management, Log server, Secure platform (SPLAT), License management.
• Advanced knowledge, design, installation, configuration, maintenance and administration of Juniper SRX Firewall, Juniper EX 2500, 4500 and Juniper MX 240,480 devices.
• Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA(TACACS+ & RADIUS)
• Hands on experience with packet sniffer, TCP DUMP and Wireshark for packet monitoring.
• Configuring & Managing LAN, WAN, VPN and Firewall of Juniper MX Routers for End Users and VLAN on Juniper EX series switch 2500, 4500.
• Work experience on Bluecoat Proxy SG for Content filtering and URL filtering.
• Proficient in design, implementation, management and troubleshooting of Check Point firewalls, Check Point Provider-1 / VSX, Palo Alto IDS/IPS modules, Data Center Migration, F5 Load Balancers, Blue coat URL filtering.
• Experienced in Deploying Wireless Network Infrastructure and Wireless Survey Best Practices
• Basic knowledge of CISCO ACE and F5 Load Balancers.
• Advanced knowledge in TCP/IP suite and routing protocols, such as OSPF, EIGRP, and BGP.
• Knowledge of Python and Linux shell scripting language.
• Knowledge in Documenting and preparing the Process related Operational Manuals.
• Finely tuned analytical/critical thinking and debugging skills with excellent verbal and written communication skills.
• Highly enthusiastic, creative team player, project implementation, analytical, interpersonal and communication skills

TECHNICAL SKILLS

Firewalls: Juniper SRX, Cisco ASA, Palo Alto, Checkpoint

Juniper Routers: 40, 80, 240, 480, 980

Juniper Switches: 2200, 2500, 3300, 4200, 4500, 8200

Nexus Switches: 7000, 5500, 5000, 2000

Other Hardware: F5 BIG-IP LTM Load Balancer, 7960 IP Phone

Networking: TCP/IP, UDP, ICMP, LAN, WAN, DHCP, DNS, FTP, TFTP, SNMP, ARP

Other Protocols: HSRP, GLBP, VRRP, QoS/CoS, VoIP, IPv4, IPv6, IP SLA

Security: ACL, NAT/PAT, ASA (5505, 5510) FirewallLoad Balancer: F5 Networks (Big-IP) LTM 6400, 1600

Routing: EIGRP, OSPF, RIP, BGP, MPLS, PPP

Switching: VLAN, VTP, STP/RSTP, Ether-Channel (PAgP, LACP), CEF

Operating Systems: Win XP, Win 7, Win 8, Win Server 2003, working knowledge of Mac OS X and Linux

Applications: Wire shark, PRTG, VMware, MS Visio, MS Office, Adobe Photoshop and Illustrator

PROFESSIONAL EXPERIENCE

Confidential

Network Security Engineer/ Firewall Engineer

Responsibilities:

• Designs, tests and deploys IT security systems, solutions and ecommerce environment.
• Working on Secure Change/Remedy ticket management tool by providing support service to client by implementing and working on change request, Incident request and troubleshooting.
• Configuration of Juniper and Palo Alto firewall according to client topology and features such as Application & URL filtering, Security Profiles, VPN, Data filtering and file blocking. Antivirus
• Configuration of Palo Alto Next-Generation Firewall mainly VSYS according to client topology and working on Content-ID, User-ID, App-IP
• Experience on working on Cisco IPsec VPN, SSL VPN and natting
• Firewall technologies including general configuration, optimization, security policy, rules creation and modification of Palo Alto and Juniper Firewall
• Experience in Qualys policy compliance in detecting internal and external threats and vulnerability
• Worked on IBM QRadar SIEM tool for network/log monitoring an troubleshooting.
• Experience in working with designing, installing and troubleshooting of Palo Alto firewalls
• Create policies, alerts and configure using SIEM tools (Splunk, IBM QRadar)
• Installation of Palo Alto (Web Application and URL filtering, Threat Prevention, Data Filtering)
• Experience in Configuration, Management, Deployment, Optimization and Troubleshooting Juniper Firewall
• Performed upgradation of Palo Alto firewall from old platforms to new platforms 6.1.5 to 6.1.10
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall
• Worked on network packet analyzer tools such as, Wireshark, Microsoft Network Monitor, Snort, Tcpdump
• Experience with working on Palo Alto centralized management GUI PANORAMA
• Experience with working on Palo Alto Next-Generation firewalls security profiles and Cisco ASA VPN
• Experience in working with Cisco 5500-X Firepower and Cisco Sourcefire IPS & FireEye
• Experience on working with migration with both Juniper and Palo Alto Next-Generation.
• Worked on security tools and software’s like Cisco WSA, Qualys, Splunk, Symantec Endpoint Protection, QRadar.
• Upgrading Impervav WAF (Web application firewall) and fixing hot fixes and patches.
• Exposure to wild fire advance malware detection using IPS feature of Palo Alto
• Experience on working in datacenter and on different devices console
• Maintain a thorough understanding of the basics behind the Internet and its workings (DNS, Security, IP Routing, HTTP, VPN)
• Configured Site to Site IPsec VPN tunnels and Split tunnel to peer with different clients. Routing and Switch protocols: BGP,OSFP, VLAN,VTP, STP, RIP, RSTP
• Firewall deployment, rules migrations, firewall administration and converting existing rule based onto new Checkpoint and Palo Alto Next-Generation Firewall platforms.
• Responsible for planning, documenting and implementation of complex Firewall and VPN solutions
• Represent the changes at the weekly change review and application migration meetings.

Confidential, Jersey City, NJ

Firewall Specialist

Responsibilities:

• Manages, maintains and support Juniper, Palo Alto Firewalls, IPS/IDS, Endpoint Security products, PKI and network security Infrastructure.
• Designed and implemented an enterprise wide Intrusion Detection system utilizing IBM/ISS Proventia IPS sensors and IBM/ISS SiteProtector
• Ability to configure and monitor security tools such as security information and event management (SIEM).
• Extract the logs, Perform real time log analysis using SIEM technologies and Forensics Analysis of logs as per the request.
• Engineered Juniper infrastructure which consists of 500+ firewalls running different flavors of Juniper hardware (SRX-240, 650, 1400, 3400, 3600) and vSRX.
• Configured, installed and maintained McAfee endpoint security on management and policy servers.
• Migration and implementation; new solutions with Juniper firewall administration across our global network.
• Responsible for planning, documenting and implementation of Juniper Firewall and VPN solutions
• Experience on working with Juniper SRX and Palo Alto Next Generation firewall with security, networking, and management features such as URL filtering, Anti-virus, IPsec VPN, SSL VPN, IPS, Log Management etc.
• Provide initial fault isolation, proactive maintenance and monitoring of Company’s Network Equipment. Perform monitoring and support of internal network security.
• Configure all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments
• Installation of Junos SPACE Network management for creating policy, Application and URL filtering
• Exposure to wild fire advance malware detection using IPS feature of Palo Alto
• Successfully installed Palo Alto Next-Generation PA-3060, PA-5060 firewalls to protect Data Center with the use of IPS feature.
• Configured Site to Site IPsec VPN tunnels to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Juniper SRX 3400 series firewalls.
• Implemented Positive Enforcement Model with the help of Palo Alto Networks
• Checkpoint log server upgrade from R71.40 to R75.40 to take advantage of Smart logs.
• Firewall management server redesign and consolidation to one management server environment.
• Configuring Site-Site VPN on Checkpoint Firewall and Palo Alto firewall.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Palo Alto rules.
• Experience with Cisco ASA firewall Cisco security Manager (CSM) and migration from Cisco to Palo Alto
• Experience on Palo Alto Advanced Endpoint Protection (TRAPS) and Migration tool 3.0
• Worked on Blue coat Proxy SG 600, 900 appliance for content filtering, Blue coat policy align with corporate security policy with VPM (Visual Policy Manager).
• Worked extensively on policy construction, policy optimization on Blue coat SG appliance.
• WAN Optimization using Blue Coat Packet Shaper appliance for monitoring, traffic shaping and compression for better bandwidth utilization.
• Worked on Sourcefire for virus detection and source vulnerability detection.
• Bluecoat Administration - Blocking/Unblocking URL's.
• Experience with using F5 Load balancer in providing worldwide data and file sharing, continuous internet connectivity, optimized web performance.
• Working knowledge of frame relay, MPLS services, OSPF, BGP and EIGRP routing protocols, NATing, sub-netting, also including DNS, WINS, LDAP, DHCP, http, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, STP (Spanning tree Protocol), RTSP & Multicasting protocols
• Experience with Using GTM, APM & LTM F5 component to provide 24“7 access to applications
• Worked on Sourcefire for application control, malware detection and URL filtering.
• Third Party VPN migration from old data center to new data center.
• Cyber Security assessment using traffic analysis tools (i.e. WireShark, TCPDump, etc.)
• Creating object, groups, updating access-lists on Check Point Firewall, apply static, hide NAT on smart dashboard.

Confidential, Newark NJ

Network Security Administrator

Responsibilities:

• Provides day to day support for firewall engineering and operations tasks and level 1 & 2 on-call technical support for the Firewall Engineering and Operations team; including assisting peers with issues and escalation.
• Handled Incident tickets related to the issues in the Firewall along with the connectivity issues.
• Operate and analyze results from enterprise detection systems such as Cisco Sourcefire and Tripwire
• Integrated Checkpoint and Juniper firewall into client’s existing network to provide security for applications
• Complex troubleshooting to include network protocol and log analysis, raw data captures, and the correlation of disparate events spanning multiple devices and platforms.
• SIEM tuning and log analysis of alerts.
• Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Juniper firewall working with Junos SPACE.
• Experience on working with Junos SPACE GUI 2.0
• Configuration of checkpoint firewall according to client topology.
• Configuring Virtual Chassis for Juniper switches EX-4200, 4500, SRX Firewalls.
• Experience in working with designing, installing and troubleshooting of Palo Alto firewalls and Juniper SRX Firewalls.
• Configuring Routing Protocols - EIGRP, RIP, OSPF, BGP, and Static & Default.
• Experience on designing and troubleshooting of complex BGP and OSPF routing problems.
• Configuring VLANs, VTP, Spanning tree, Ether Channel, Inter VLAN Routing and port security.
• Installing and configuring Juniper switches EX 2500, 3300, 4200, 4500, 6200 series.
• Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls.
• Configuration and troubleshooting of Firewalls ASA 5520, ASA 5510, Nokia Check Point VPN­1 NGX R55/R65/R70
• Performed upgradation from old platforms to new platforms R65 to R75.45
• Configuration and troubleshooting of Site to Site as well as Remote Access VPN on Cisco ASA and Check Point firewalls.
• Worked on Migrating from ASA 5540 to ASA 5585.
• Configuring and providing management support for using Panorama (M100, M500) and Juniper using Junos Space Network Director.
• Configuring failover and working on ssl-vpn when in active/standby failover on SRX firewall.
• Negotiated VPN tunnels using IPSEC encryption standards and also configured and implemented site-to-site VPN, Remote VPN.
• Creating Virtual IP address, Pools and Persistence profiles on F5 LTMs
• Configuring rules and Maintaining Palo Alto Firewalls with IPS module & Analysis of firewall logs.
• Experience with Blue Coat appliance such as SG, malware analysis, SSL visibility appliance for deep traffic inspection, web security and WAN optimization.
• Packet analysis using Network Diagnostic tools (Wireshark, TCPdump, WinDump)
• Experience with network based F5 Load balancers with software module Access Policy Manager (APM) & Checkpoint Load Sharing on checkpoint clusters.
• Push the firewall rules on various versions of Nokia boxes and cross beam from Provider -1 NGX CMAs
• Configuration of IPSEC L2L and SSL VPN connectivity for the projects
• Experience in working with designing, installing and troubleshooting of Palo Alto firewalls
• Managing of CISCO ASA 5550 Firewall in Active/stand-by mode.
• Worked on Palo Alto central management, policy control, Logging & reporting
• Migration from Juniper, Cisco ASA, Checkpoint to Palo Alto firewall.
• Utilized Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), sniffers and malware analysis tools.
• Designed and deployed Sourcefire Network intrusion devices in multiple datacenters
• Designed and deployed multi-sensor Sourcefire Intrusion Prevention System covering public shared web hosting.
• Working and commenting on global firewall polices

Confidental

Network Support Engineer

Responsibilities:

• Responsible for Internal and external accounts and, managing LAN/WAN and checking for SSL Security Settings of the networking devices (Cisco Router, switches) co-coordinating with the system/Network administrator during any major changes and implementation.
• Performance monitoring of various applications and web servers to maintain quality of service and network stability.
• Manage service providers/vendors relationships from a project and technology perspective.
• Worked with the basic communication protocols like TCP/IP
• Cisco IOS experience on 3600/7200 class hardware in complex WAN environment and experience on Cisco OS and IOS on CAT6500 in a complex data center environment
• Hands on experience installing Sup720 for Cisco 6509-E series and its Gigabit Ethernet port deployment in core network.
• Install Packet Shaper as QOS system to monitor and manage network traffic
• Provide initial fault isolation, proactive maintenance and monitoring of Company’s Network Equipment. Perform monitoring and support of internal network security.
• Worked with business partners to establish and maintain 70+ VPN connections, primarily Cisco and Palo Alto.
• Planned, tested and evaluated various equipment's, systems, IOSs and procedures for use within the Network / security infrastructure.
• Configured Terminal Services for Remote Administration.
• Provided technical guidance for optimal performance and tuning of LAN and WAN technologies using Juniper Device.
• Implementing, configuring, and troubleshooting various routing protocols like RIP, EIGRP, OSPF, and BGP.
• Implementation of Wireless access points to newly opened branches and existing branches.
• Support customer with the configuration and maintenance of Palo Alto firewall systems.
• Supported Data Center migration and consolidation project. VLAN trucking 802.1Q, VLAN Routing on Juniper EX 2500, 4500 switches.
• Worked on Cisco Routers, Active /Passive Hubs, Switches, Cisco PIX Firewall, Cisco ASA, NOKIA Firewalls, Nortel VPN Concentrators TCP/IP, NAT and Checkpoint ESX/GSX firewall.
• Experienced in trouble-shooting both connectivity issues and hardware problems on Cisco based networks.
• Maintaining & Troubleshooting L2 LAN switches
• Troubleshoot connectivity issues involving VLAN's, OSPF, QoS etc.
• Support, monitor and manage the IP network.
• Configuring RIP, EIGRP protocols and IP sub netting
• Implementation & trouble shooting of complex WAN, LAN, VLANS, private VLANS, high availability solutions like HSRP, VRRP, GLBP, ether channels, site- to- site VPN, access control lists, NAT, PAT, routing solutions etc.
• Installing, Configuring, Administering and supporting the Windows 2003 Server, Windows 2003 Server, Windows 2000 Server, Windows 2000 Advanced Server, IDS server, SQL Server and Active Directory
• Managing Cisco Layer 2, Layer 3 switches & Routers on the network.
• Resolving routing and switching related real time performance issues.
• Able to write Windows/Unix/Python script to automate administration.
• Experience in working with Nexus 7010, 5548, 5020, 2148, 2248 devices.
• Implementation of Juniper EX 2500 4200, 4500 switches and Juniper MX 960, 2010 and routers to new sites.
• Propose network redesign based on client hardware guidelines, network policies and individual site's unique characteristics.
• Configuration & Management of VLANs, 802.1q trunks, VTP, Security policies.
• Cisco switches - 2900x, 3500x, 4500x, 6500x for user connectivity with redundant connectivity with Core Switches.
• VLAN, STP, Ether Channel, port activation/de-activation, port security, Inter VLAN routing on Switches.
• Installing and configuring Cisco Routers 800, 1800, 1900, 2600, 2800, 3600, 3800, 3900 series.
• Designed and deployed networks using dynamic routing protocol (EIGRP, OSPF and BGP-4, RIP).
• Conducted and implement Network and software installations and upgrades.