SUMMARY

• 8.4 years of experience in designing, deploying, migrating, and supporting critical multi - site redundant security environments.
• Experienced in configuration, design, installation and troubleshooting of CISCO Palo Alto PA850, PA3260, PA3800, PA5450, PA 7080 series firewalls.
• Working experience in Deployed, design and configuration of Checkpoint R77.30, R76, Gaia R76/R77 series firewalls.
• Worked on installation, troubleshooting and deployed of Nexus 9k, 7k, 5k, 3k, ASR 9K, ASR 1K series data center switches with CISCO ACI environment.
• Experienced with configuration and troubleshooting of Juniper MX 2020, MX 4500, MX 6000, MX 8200 and MX 10008 series routers
• Experienced on installation, deployed and configuration of low level to high level Juniper EX 2300, EX 4300, EX 8500 and EX 9250 series switches.
• Worked on design, implementation and configuration for teh Viptela SD WAN and LAN and WAN optimization technologies.
• Working on experience in design and deploy of Azure database cloud platform.
• Experienced in configuration and installation of Meraki wireless device appliances infrastructure with Network Access Control (NAC), Network Access Protection (NAP).
• Experienced on implementation and troubleshooting of F5 BIG IP 8900, BIG IP 8800 and BIG IP 6800 LTM to GTM load balancers.

TECHNICAL SKILLS

Networking: conversant in LAN, WAN, Wi-Fi, DNS, WINS, confidential, QIP, TCP/IP, ISCSI, Fiber, Firewalls/lPS/lDS

Firewalls: Palo Alto VM-300, PA850, PA3260, PA5220, PA7080 and Checkpoint R77.30, R76, Gaia R76/R77 & Nexus 96 / 09 / 9250, ASR 9K, ASR 1K

Juniper Routers & Switches: MX 2020, MX 4500, MX 6000, MX 8200, MX 10008 routers and EX 2300, EX 4300, EX 8500, EX 9250 switches

Security Tools: Wireshark, MSSA. MS Visio, Apache, VMWare ESXi 3.5, VMware Server, Encase

Protocols: TCP/IP, L2TP, PPTP, IPSEC, IKE, SSL, SSH, IJDP, confidential, DYNDNS, DNS, QIP

Application Servers: DNS, Confidential, Windows Active Directory Services, FTP, SFTP, Microsoft Exchange 2003/2007/2010 , Microsoft SharePoint 2007/2010

Operating Systems: Windows, Linux, Microsoft Windows 2008 R 2/ 2008/20 NOS family, Microsoft Active directory 2008/2003/2000

PROFESSIONAL EXPERIENCE

Confidential, Woodland Hills, CA

Senior Network Security Engineering

Responsibilities:

• Working in configuration and deployed Palo Alto firewalls in L2 and L3 interfaces on models such as VM-300, PA850, PA3260, PA5220, PA7080 series firewalls.
• Experienced on manage multiple Palo Alto firewalls centrally through teh Palo Alto Panorama M-500 centralized Management appliance.
• Worked with configuration NAT (Source & Destination) as per requirement on Paloalto Firewall.
• Experience for design, installation, and configuration of Checkpoint Gateways Upgrade from R7 .30
• Experienced on configuration and troubleshooting of VPN technologies such as IPsec (Site to Site VPN) in Checkpoint, Palo Alto, IOS router firewalls.
• Worked on build Checkpoint firewall, and configured GUI to open/close TCP/IP ports.
• Experienced on installation, deployed and configuration of Nexus 96 / 09 / 9250 data center switches.
• Working experience in create ACI migration plans (brownfield) create L2/L3 transitions. Map traffic flows for EPGs and 80s. Handle drivers for ML2 and GBP OpenStack integrations.
• Experience in configured EPG, update APIC, implement access and fabric policies in Cisco ACI environment.
• Worked with internal/external customers including partners by delivering teh ACI Jumpstart program to halp customers and speed up technology adoption.
• Experience in configuration, troubleshooting on Juniper MX 2020, MX 4500, MX 8200 and MX 10008 series routers and EX 2300, EX 4300, EX 8500 and EX 9250 series switches.
• Worked on design for teh SD WAN viptela, SD-LAN and WAN optimization technologies for efficient delivery of teh application data across LAN and WAN.
• Experience in design and deploy Azure Active Directory as well as perform offline AD Security assessments, prepare and deliver remediations plans.
• Performing a discovery of environment and designing a technical onboarding process for their Azure/0365 tenants. L.e., endpoint manager, Identity protection, Conditional access, 0365 ATP, Azure ATP, RBAC.
• Experienced on integrating salesforce, workday and other Saas application rest API with Microsoft Cloud App Security to manage and enforce DLP policies over our sensitive data.
• Working with SPLUNK Administrator for performing Audit Logging on both Windows and Linux servers and operating systems.
• Experienced for assisted in designing and programming of object oriented databases with Python automation scripting language.
• Experienced in worked on troubleshooting and configuring of Meraki wireless device appliances infrastructure.
• Worked on engineering and configuring Virtual Server, Pools, iRules, Profiles, Persistence and monitor on F5 BIG IP 8800 and 6800 LTM to match teh configuration teh Application had on Netscaler
• Working experience with regarding F5 BIG-IP LTM VIP configuration with health check.
• Experience with upgraded teh F5 LTM and APM modules from v.1 1.4.1 to v.11.5.3 in high-availability architecture.
• Working on Skybox Ticketing tool and Unidesk as part of change Management and ensure that teh day-to-day Security Operations runs smooth.
• Experience for Network Device Backup-Restoration Mock-Drill through Solarwind Orion on Demand.
• Working experience of OSI Model, TCP/IP protocol (IP, ARP, ICMP, TCP, UDP).

Confidential, NYC, NY

Network Security Engineer

Responsibilities:

• Experience in configuring, implementing, managing and monitoring Palo Alto 3800, 5450 and 7050 series Virtual System (VSYS) firewalls using Panorama.
• Working with implement URL filtering on Palo Alto Firewall and control access to restricted sites.
• Experienced on Firewall Migrations from Legacy to Palo Alto firewalls using migration tool from PAN.
• Experienced in Checkpoint Firewall Clusters Version Secure Platform R76, Gaia R76/R77 (Workflow, Management Portal, Clustering of Firewall & High Availability of Management Server).
• Worked on Setup and maintained CheckPoint-1 security policies including NAT, VPN and Secure Remote access.
• Experienced in monitored Checkpoint VPN tunnel activities with Smart View monitor and troubleshoot VPN issues with CLI.
• Working experience in Configured and Implementation of Nexus 9K, 7k, 6k, 5k,4k, ASR 9K, ASR 1K series data center switches.
• Experience in contribute to teh development and performance of a migration plan from traditional data center network designs to Cisco ACI.
• Worked on integrate service appliances to Cisco ACI deployments to include Application Delivery Controllers and Firewalls.
• Worked with Cisco ACI fabric design and implementation in network centric mode, including L2/L3 Outs, EPGs, VRFs, Contracts, and integration with 3rd party Load-Balancer.
• Experienced in Well Versed with juniper MX 10k, 8k, 6k and EX 9k, 8k, 4k series routers and switches including Juniper environment /Junos Space and security Director and API calls.
• Helped teh team to deploy and configuration of VIptela SD-WAN network devices.
• Experience in engineer, test, document and deploy security administration in 0365/ Azure cloud environment.
• Worked on identify risks and vulnerability reported in Azure security center and Redlock and remediate them.
• Experienced in implementing security agents in Azure Gloden Images to be enforced company wide.
• Worked on developed Threat summary reporting in Python saving several hours of manual work by analysts.
• Experienced in creating, maintain, support, repair, customizing System & Splunk applications, search queries and dashboards.
• Worked in Live VIP's cutover from Netscaler to F5 LTM, migrating Citrix Netscaler devices to LTM 8900 Series devices.
• Worked on configuration and maintenance of Webtops and Portal Access, and F5 SSL VPN and network access.
• Experienced in worked on code upgrades from v11.5.3 to v11.5.3 and downgrades from 12.0.0 to 11.5.4.
• Worked with design, implement and configuration of Meraki wireless for Network Access Control (NAC), Network Access Protection (NAP).
• Monitoring and capturing teh traffic using network management tools like solar winds and Inf1080x.

Confidential, Atlanta, GA

Network Engineer

Responsibilities:

• Experience in installing and configuring Checkpoint NGX R60 series devices.
• Worked on maintaining Checkpoint security policies including NAT, VPN and Secure Remote access
• Working experience in maintain Security policy by monitoring PIX firewalls (51 5 and 520).
• Experience working with Network management software NSM primarily to manage teh firewalls as well as performing changes as per teh requirement.
• Experienced with implemented Voice VLANS, LIDP, SIP, and RTP and provide QOS by DSCP and IP Precedence.
• Worked on Confidential to automatically assign reusable IP addresses to Confidential clients.
• Experience for integrate VoIP with PSTN and setup voice Gateway ensuring QOS for Cisco based Voice over IP and CDR for voice call Accounting.
• Experience working Juniper T-Series, M-Series, MX-Series, J-Series Routers.
• Worked on configuring OSPF and Static routing on Juniper M and MX series Routers
• Experience in working with installing Nexus 7010 License upgrade data center switches.
• Experience in Configuring, upgrading and verifying teh NX-OS operation system.
• Experience working with F5 load balancer, its methods, implementation and troubleshooting on LTMs and GTMs.
• Worked on manage and support all F5 LTM's in pre-production and production environments.
• Experienced on implemented Splunk to drive reporting and search for data collected from Cisco firewall devices - FWSM, Pix and Checkpoint.
• Designed and implemented a redundant WAN solution to interface existing platform in Azure to both teh datacenters in IJS using Azure Direct Connect and 8GP to provide high availability to teh customers.
• Management of Infoblox Grid Manager to manage DNS Forward and Revers Lookup Zones and Administrated QIP DNS system.
• Experience working with design and deployment of MPLS Layer 3 VPN, DMVPN cloud, involving VRF, Route Distinguisher (RD), Route Target (RT), Label Distribution Protocol (LOP) & MP - 8GP Functional and Regression Testing.

Confidential, Richmond, TX

Server Engineer

Responsibilities:

• Experienced in performed windows administrator day-to-day server security operation activities, managed multiple tasks of data backup of servers through teh checking backup logs, regular maintenance of servers through installation of software upgrades, patches and hardware upgrades
• Worked with executed teh security health check of each servers as per teh schedule and responded to Netcool and AVA tool (IBM Tools)
• Working experience on identified and responded to risk as well as compliance issues like user login issues, performance issues, password change and so on
• Experienced for installed & configured Windows 2008,2012 R2, maintained server infrastructure; coordinated with vendors for any hardware / software issues
• Worked in experience with installed and configured McAfee Anti-virus and patch-management