SUMMARY

• 7 years of experience as a Network/Systems Administrator specializing in Cisco devices, Network security, Firewalls and VPNs, Cisco Routers, LAN/WAN connectivity, TCP/IP Windows XP, Windows Vista, NT/ System administration, communications.
• Experience Network Security, Juniper Firewalls, SSL VPN, Checkpoint, RSA, Cisco Nexus, Cisco ACE, Cisco Wireless
• Industry experience and certification for either CheckPoint or Cisco ASA firewall's Identity management - non-technical knowledge.
• Experience with network security design implementation Assessment, evaluation, design, and implementation of solutions related to following security areas: Large corporate firewall extranets, mail, Internet, internal enclave, PCI and Industrial control systems.
• Implemented firewalls using Cisco ASA, Cisco PIX, CheckPoint Provider-1 /SiteManager-1 NGX R65, Firewall-1/VPN-1 NGX R65 Gateways, Secure Platforms.
• Migration of all the PIX firewalls to ASA firewalls.
• Migration of Checkpoint R54 to SPLAT
• Proficient in setting up IT infrastructure including wide area networks (WAN) / local area networks (LAN), security management systems & networking devices administration.
• Extensive experience in Layer 3 routing and Layer 2 switching and dealt with router configurations like 7200, 3800, 2800 and switches 6500, 4500, 3700, 3750, 3900, 2900, 2960 and 3500XL, 3950 switch series.
• Proficient with Cisco routing and switching products, UNIX, Linux, shell scripting and routing protocols. Experience in tools like SNMP, AAA, RADIUS and designed VPN with IPSEC security layer.
• Proficient knowledge in InfoSphere Guardium Data Activity Monitor.
• Experienced in Database technologies (e.g, MySQL, SQL Management Studio R2008 etc.)
• Understanding of IPSEC & GRE tunnels in VPN technology implementation using Cisco IOS and have checkpoint firewall /VPN.
• Experience with Watchguard firewalls, Sidewinder firewalls, Stonegate firewalls and Opensource Linux/BSD based firewalls such as iptables, ipchains and pf.
• Hands on experience with the usage of diagnosis tools like Qkview, TCPDUMP for analyzing the real time statistics during the packet flow.
• Experience testing Cisco routers and switches in laboratory scenarios and deploy on site for production.
• Proficient in configuration of routing protocols like RIP, IGRP, EIGRP, OSPF multiple areas and BGP.
• Worked on MPLS-VPN designs and MPLS-QoS for the migration of Frame relay to MPLS system.
• Involved in designing L2VPN services and encryption system and other VPN with IPSEC based services.
• Expertise in IP sub netting and worked on various designing and allocation various classes of IP address to the domain.
• Involved in troubleshooting of IP conflict problems and worked on Gigabit Ethernet and Fast Ethernet connection and applied QoS for the bandwidth delay.
• Extensive experience taking copy of Cisco IOS on TFTP server and loading on back on routers and knowledge on HP openview software.
• Extensive troubleshooting experience in ISDN and telephony circuits CSU/DSU connections.
• Hands on experience on NAT (Network address translation) configurations and it’s analysis on troubleshooting issues related access lists (ACL).
• Involved in monitoring network traffic and its diagnosis using performance tools like Snort, Snortsnarf, ping tools, and packet player.
• Good knowledge on VOIP protocols like H.323, SIP, MGCP and SS7 and interfacing of TDM to VOIP system.
• Excellent communication and interpersonal skills, interfaces effectively with upper management, subordinates, vendors, co-workers & peers.
• Experienced in leading teams, with exceptional follow-up capabilities for completion of project within the agreed timeframe.
• Security Health Check & Gap Analysis done for pan India Network Devices.
• Planned and implemented WAN at 18 remote locations.
• Centralized Application Enabler for WAN sites thru Citrix Server.
• Conducting Internal Audit and Coordinating the External Audit
• Installation of Windows 2003 enterprise and standard editions, R2, Windows 2000 standard and advanced server editions.

TECHNICAL SKILLS

PROTOCOLS: OSI,TCP/IP,DHCP, UDP, RIP v1, RIP v2, IGRP, EIGRP, TACACS+, RADIUS, OSPF, BGP, SSH, TFTP, FTP, SMTP, NTP, LDAP, Active Directory, Kerberos, L2F, L2TP, PPP, Frame Relay, ATM, Sonnet, Fast/Gig Ethernet, HSRP, Token Ring, ISDN, AAA, DES, 3DES, AES, and MD5, VPN (IPsec and SSL),VRRP, HSRP, DNS (BIND, DJBDNS, Infoblox), CARP, SNMP.

NETWORK MONITORING Tools: HP openview, Cisco Works, Netscout, Ethereal, tcpdump, netcat, Sniffer, Snort& Snortsnarf, MRTG.

OPerating Systems: Windows NT/200/2003, UNIX, SPLAT (Secure Platform), Linux, RedHat, Debian,Cisco IOS

FIREWALLS: Checkpoint NGX (R65-R75), Cisco PIX 515E,Cisco PIX 535 Firewall, Cisco ASA 5510,Cisco ASA 5520,Cisco ASA 5540,Cisco ASA 5550, Cisco ASA, Cisco FWSM, Check Point NGX R52, R54, R61, R62, R65, R 75,Nokia IP690, Nokia IP530, Checkpoint provider 1, Checkpoint Firewall 1, SPLAT.

ROUTERS: Cisco 2811, Cisco 6509-E (Multi-layer Switch), Cisco7200, Cisco3800, Cisco 3640, and Cisco 3745.

SWITCHES: Cisco Multi-layer Switch 6500, Catalyst 4500, Catalyst3750, Catalyst2900 and Catalyst 3500XL.

VOIP: SIP H.323, MGCP, TDM, SS7, Avaya Voice gateways.

LAN/WAN TECHNOLOGIES: T1, DS3, OC3, SONNET, MPLS, DSU/CSU

NETWORK EQUIPMENT: CISCO 2950,3500,4500,6500 series Switches, CISCO 800, 1600, 2500, 2600,3700,3800,7200 series Routers, Cisco wireless access points.

HARDWARE PLATFORM: Cisco Routers, Ethernet Switches, F5 LTM, GTM

PROFESSIONAL EXPERIENCE

Confidential, Redmond, WA

Sr. Network Security Engineer

Responsibilities:

• Configuration and Maintenance of ASA, ASA 5540, ASA 5520, ASA 5510, PIX 535, FWSM Firewalls.
• Migration of Two Major data Centers
• Installation of Cisco ASA 5500 series firewalls, Cisco 3500, 4500, 6500 series switches.
• Experienced in JavaScript for web applications.
• Installation and administration of Checkpoint R 75.40 Firewall.
• VLAN and Port channel configurations on Cisco 4500 and 6500 series switches
• OSPF configuration
• Firewall Log monitoring using RSA Envision and Q RADAR
• Site to site VPN implementation on ASA Firewalls
• SSL VPN configuration on F5 Firepass 4300
• ASA software upgrade on Failover setup.
• PIX to ASA Migration.
• Installation and administration of Cisco 2800,3800,7200 series Routers
• Best practice implemented on Cisco Routers and Switches.
• Fine tuning of Firewall policies based on Information security policy.
• Network documentation using Confidential Visio 2007.
• Network sniffing using Wiresharc.
• Building, configuring, maintaining, troubleshooting the firewalls. Develop and implement the company’s security policies, and rules implementation. Coordinate lab testing of new software to ensure stable implementation.
• Planned, installed, monitored and was the single point of contact for all intrusion detection for client systems. Monitored and maintained client firewall, intrusion detection systems and VPN systems including (Checkpoint FW-1/VPN-1/Cisco PIX/SecureVPN /SecureIDS).
• Perform Checkpoint and PIX firewall/IDS design, integration and implementation for Cyber Trap client networks.
• Provide Information Security Risk Assessment and consulting for internal projects.
• Coordinate with network operations center (NOC) for change notifications, alerts and escalation of security incidents.
• Provide support to help desk for complex/major network problems. Build the rules for the application access across the IPSEC VPN tunnel.
• Configure IPSEC VPN tunnels between Checkpoint and other non-Checkpoint endpoint devices using IKE preshared keys, 3DES and MD5.
• Perform packet trace, packet analysis, (using Iris, Ethereal and Ether peek) on IDS systems to determine validity of attack alarms.
• Perform daily network operations, on-call, and other duties and tasks as required.
• Monitor the ticket queue for incoming tickets, update tickets in accordance to Service Level Agreement (SLAs) requirements and, escalate based on severity levels using AxiosAssyst.
• Perform network security, administration, analysis, and problem resolution for networks, including NT 4.0, Windows 2000, UNIX (Solaris & BSD), CISCO, TCP/IP, and Checkpoint firewalls.
• Implemented enterprise wide network infrastructure and ecommerce support solutions including, network intrusion detection, encryption and monitoring.
• Performed business migration planning including location change, platform introduction and integration.

Environment: Juniper JUNOS platform including SRX Firewalls, Network & Security Manager (NSM), Juniper Space and, STRM, Juniper UAC, Juniper Pulse

Confidential, Chicago, IL

Network Security Engineer

Responsibilities:

• Experience in Network Security, Juniper Firewalls, SSL VPN, Checkpoint, RSA, Cisco Nexus, Cisco ACE, Cisco Wireless.
• Strong knowledge in Juniper JUNOS platform including SRX Firewalls, Network & Security Manager (NSM), Juniper Space and, STRM, Juniper UAC, Juniper Pulse
• Experience designing, implementation and troubleshooting of Juniper platform.
• Strong knowledge in Checkpoint Platform including Provider Smart Domain Manager with experience in design, implementation and managing Checkpoint Gateways.
• Strong knowledge and understanding with IPsec, Juniper SA Remote Access VPN, and SourceFire intrusion prevention systems
• Strong knowledge in configuration and troubleshooting Juniper SA SSL VPN in a dual-factor integration environment.
• Experienced with RSA Authentication Manager and Risk based authentication platform. Ability to troubleshoot and management of RSA infrastructure
• Experienced with Juniper Steel Belted RADIUS, with ability to implement and troubleshoot.
• Experience with Cisco Load Balancers and ACE modules
• Expertise in Routing & Switching technologies to provide advanced troubleshooting and escalation support with Cisco Nexus 7K/ 5K Products
• Experience in working with large enterprise Network environment with Active / Active Data Centers
• Ability to lead large and complex projects
• Familiarity with management tools such as CiscoWorks, Concord eHealth, HP NNM and Gigamon
• Good documentation skills and ability to conduct Proof of Concept testing and ability to create complex test plans based on project needs
• Worked with project teams and provide high/low level recommendation.
• Experience with analyzing traffic and utilizing packet sniffer utilities (i.e. Wiresharc, Netscout)
• Ability to deliver projects independently
• Ability to present to stakeholders and technical teams on projects recommendations and approach.

Environment: Juniper JUNOS platform including SRX Firewalls, Network & Security Manager (NSM), Juniper Space and, STRM, Juniper UAC, Juniper Pulse.

Confidential, San Diego, CA

Network security Engineer

Responsibilities:

• Firewall Policy Implementation on Checkpoint R62 and R65 using Provider 1.
• Migrated Nokia IP 300 to Checkpoint NGX R65 SPLAT
• Site to site VPN implementation on Checkpoint Firewall R62 with 3DES encryption over IPsec.
• Log analysis
• Firewall log monitoring using Cisco MARS.
• Configuration and Maintenance of ASA 5550, ASA 5510, PIX 535, PIX 515E, FWSM Firewalls and Cisco IPS 4240 using Cisco Security Manager (CSM).
• Implemented Firewall in multiple context mode.
• Implemented clustered firewall.
• Expertise in VPN configuration, routing, NAT, access-list, security contexts, and failover in ASA firewalls.
• Administration of Cisco Secure Access Control Server 3.3.
• TACACS+ Configuration
• On call support for NOC.
• Administration Cisco 6500, 2600 series switches.
• Administration of Cisco 3700 series Routers.
• PCI Firewall auditing and documentation.
• Network diagram preparation using Visio 2003.
• Firewall Backup.

Environment: Juniper JUNOS platform including SRX Firewalls, Network & Security Manager (NSM), Juniper Space and, STRM, Juniper UAC, Juniper Pulse.

Confidential

Sr. Network Engineer

Responsibilities:

• Provided technical support and problem resolution for network issues and performed troubleshooting, issue isolation and corrective action to restore service to customers and trading partners
• Provided deep analysis of network infrastructure and implements IP networks to support operations for new and existing business
• Participated in network engineering/operations planning sessions
• Provided assistance and consulting to other groups and departments in support of improving customer service and provides 7X24 on-call pager support based on a rotation schedule.
• Participated in cross-functional meetings for service enhancement opportunities, tools development, and reporting enhancements
• Provided training or tutoring to new employees or other departments.
• Analyzed reports and key network health indicators to identify exception conditions; takes corrective action to resolve issue
• Executed plans for network systems support and monitoring tools
• Managed inter-and intra-departmental issues through effective problem solving.
• Managed multiple priorities based on severity or urgency of issue
• Provided Technical expertise and consulting to internal and external customers.
• Drives continuous improvement by leading efforts to improve the existing network architecture, monitoring tools and alarming capability and recommends changes to enhance quality of service
• Ensured that detailed network documentation is maintained accurately
• Provided input to Manager for budget planning purposes
• Communicated with Network Operations Center and Customer Service Hotline for information gathering and customer status updates during trouble resolution
• Worked closely with customer’s technical resources and management to resolve issues
• Provided updates and information as necessary to all levels of management
• Quantified and described complex technical issues to customers and internal personnel to promote quicker issue resolution
• Ensured trouble tickets from Hotline and Network Operations Center are prioritized and addressed within severity guidelines by the department
• Provided superior technical guidance and direction to customers and trading partners for issue resolution
• Ensured reported issues and service interruptions are addressed within severity level guidelines
• Provided guidance and expertise to support personnel in the resolution of complex service issues
• Ingenuity
• Possessed technical expertise that is applied to resolve trouble reports and complex service issues
• Can quickly move from one issue to another, analyzing and localizing problem to quick resolution
• Evaluated configurations and network designs, helps develop methods for proactive monitoring and trending

Environment: Juniper JUNOS platform including SRX Firewalls, Network & Security Manager (NSM), Juniper Space and, STRM, Juniper UAC, Juniper Pulse.