SUMMARY

• Over 7+ years of Experience in planning, designing and implementing in the field of Data Communications and Networking.
• Experience in installing, configuring and troubleshooting of Checkpoint Firewall.
• Experience in adding Rules and Monitoring Checkpoint Firewall traffic through Smart Dashboard and Smart View Tracker applications.
• Experience in Implementing Check Point Firewalls NG, NGX, NG R55, NGX 60, NGX R65, R70, R75, R77.
• Worked on Juniper Net screen Firewalls like, NS50,SSG 550M, SSG520M, ISG 1000, ISG 200 and Cisco PIX 535, 520, 515, ASA - 5500 and 5505.Expertise in installing, configuring, and maintaining Cisco Switches (2900, 3500, 3700 series, 6500 series)
• Expertise in installing, configuring, and troubleshooting of Cisco Routers (3800, 3600, 2800, 2600, 1800, 1700, 800)
• Experience in Configuring Checkpoint Clusters with Nokia IPSO and GAIA OS.
• Check Point Enterprise Firewall and End-Point Infrastructure Design and Deployment in large and branch office networks.
• Global Provider-1 Deployment and Smart Centre consolidation.
• Hands-on configuration and operational experience working on Juniper (SSG&ISG), SRX, Checkpoint Firewalls( Nat policies,VPN Configurations, policies) in both standalone and HA mode.
• Security experience in deploying VPN Solutions like IPSec(site-site and client-site) & SSL VPN implemented across multiple vendors.
• Experience in autantication protocols PAP, CHAP, 802.1x and Port Security and Configuring Security policies including NAT, PAT, VPN, Route-maps, prefix lists and Access Control Lists.
• Managed and deployed Cisco PIX and ASA firewalls. Designed and implemented various project with Cisco PIX firewall. Extensively worked on Cisco PIX 506/515E and 525.
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: OSPF, EIGRP, RIP, IGRP, EIGRP BGP etc.
• Implemented security policies using SSL,VPN,IPS/IDS.
• Experience in Configuring Client-to-Site VPN using SSL Client on Cisco ASA 5520.
• Knowledge on Nexus 7000, Nexus 5000 and Nexus 2000 switches.
• Good knowledge about spoofing attacks and mitigating them using DHCP snooping, IP source guard.
• Experienced in SOC at both technical and organizational levels.
• Hands-on experience on SOC using data processing technology.
• Experienced in monitoring various websites, data centers, data centers using ISOC.
• Experienced in SIEM technologies and machine data platforms like splunk and elastic search.
• Experience in implementing and troubleshooting layer 2 technologies such as VLAN Trunks, VTP, and Ether channel, STP, RSTP and MST. Implementation of HSRP, VRRP for Default Gateway Redundancy.
• Experience in testing checkpoint and other FWM in laboratory and deploy them on site production.
• Worked with F5 Load balancing, IDS/IPS, Bluecoat proxy servers and Administrating, autantication controls (Radius, TACAACS+)
• Experience with Load Balancers for administrating and monitoring global & local traffic using F5 BIG IP LTM.
• Experience working on network monitoring tools like, SOLAR WINDS, CISCO works, Wireshark and splunk.
• Excellent in documentation and updating client’s network documentation using VISIO.
• Highly motivated with the ability to work independently or as an integral part of a team and Committed to highest levels of professional.

TECHNICAL SKILLS

Protocols: RIP, RIP V2, EIGRP, OSPF, IS-IS, IGRP, HSRP, VRRP, GLBP, LACP, PAGP, DNS, SMTP, SNMP, FTP, TFTP, LPD/TDP, WLAN, 802.11/802.11 e.

LAN Technologies: HSRP, VLAN, STP, VTP, Ether Channel, Trunks.

WAN Technologies: Leased Line, Frame Relay, ISDN, PPP, HDLC, ATM, Metro Ethernet.

Network Products: CISCO Routers 1700, 1800, 2500, 2600, 2800. CISCO High End Router 3600, 3800, 7200, 12010. CISCO Switches 1900, 2950, 2960. CISCO Campus Switches 3550XL, 4984 Core Catalyst 4503, 4507 RE, Catalyst 6500/6503/6507.

Security & VPN: PIX 500 Firewall, ASA 5505 Firewall, FWSM,, CISCO CSM, ACL- Access Control List, IPS/IDS, NAT, PAT, CISCO ACS, Check point, RSA SecureID, SRX,SSG series firewalls.

Monitoring Tools: Wireshark, Nmap, Nessus, OpManager, PRTG Packet Sniffer

Operating Systems: Windows NT 4.0 (Desktop/Server), Windows 2000/2003/2008 server, Windows XP/7, LINUX, Solaris, Red Hat, Active Directory, UNIX,junos.

Scripting Language: C, Perl, HTML

Firewalls: Check Point Nokia Firewalls IP350,IP550 & IP750, Juniper Netscreen, Firewalls ISG 1000/2000, Cisco PIX 505/515E/525 & ASA 5500 Series

PROFESSIONAL EXPERIENCE

Confidential, Salem, Oregon

Sr. Network Security Engineer

Responsibilities:

• Analyzing firewall change requests and integrating changes into existing firewall policies while maintaining security standards.
• Production support for major firewall platforms to include Cisco ASA implemented on Secure Platform (SPLAT) and expert-level network.
• Responsible for Cisco ASA firewall administration across our global networks.
• Establishing VPN tunnels using IPSec encryption standards and also configured and implemented site-to-site VPN, Remote VPN
• Troubleshoot network access problems, Strong TCP/IP understanding, Debugging Check Point Firewall and Implemented traffic filters using Standard and Extended access-lists, Distribute-Lists and Route Maps. Working with various agency employers to resolve service disruption issues and break-fix issues.
• Implementation and configuration of ASA 5520 in failover along with the CSC module as per the customer requirement Created vPC’s between downstream devices between core and Aggregation Switches and between Aggregation and Fabric Interconnect.
• Worked on AIP-SSM and CSC-SSM modules on ASA.
• Worked on ASA-botnet filter.
• Configured Cisco Nexus switches 7000, 5000, 2000 series.
• Worked with ongoing management and supported network infrastructure in a large environment. Assisting in configuration of Multi-Domain Security P-1 server and consolidation of CMA's
• Worked on Bluecoat proxy server, Tipping Point Intrusion Protection System management, and reporting tools Orion and Algosec
• Worked on LTM Inbound SNAT configurations and outbound NAT server to IP mapping.
• Created VDC’s and vPC’s and ensure dat those vPC’s are formed between VDC’s.
• Worked on Bluecoat proxy server, Tipping Point Intrusion Protection System management, and reporting tools Orion and Algosec
• Building address list and Deploying in BIG-IQ LTM and building virtual servers in BIG-IP LTM module and importing the virtual servers in BIG-IQ and troubleshooting the logs using Qradar.
• Performed PCI/SOX audits on firewall rulebases with compliance team.
• Worked on configuring /modifying load balancing options & features to include One Connect, Persistence, SSL offload functions, HTTP profiles, etc. Virtual servers, POOLs, TCP profiles, needed.
• Experienced with open source network attack tools, network probe and mapping tools, network protocols, automated vulnerability scanners, and network traffic routing.
• Provide 24/7 support and documenting network Security designs and Microsoft Visio diagrams.

Confidential, Winston-Salem, NC

Responsibilities:

• To ensure dat the day-to-day Security Operations runs smooth. Change management and 3rd level Incident management being the primary responsibility, participate directly as well as take escalations from the team members as and when required.
• Change Management: Need to make sure dat all the change designs and implementations are completed and tested as per the schedule required by the customers.
• Migrated to R70.1 in various Checkpoint IP series appliances from R65, and building the new Smart Center server. Worked on ASA and ASDM configuring the ACL’s and monitoring.
• Analyzing situations assess risk and determine appropriate actions necessary to complete requests or support the infrastructure.Configured Checkpoint Firewall as Standard and Distribution deployment to has the network secure and also maintaining Site to Site VPN Connection through the Firewalls. Handling 8 to 10 gateways using a Smart Center Server as a management StationRule base verification and migration
• Configuring the gateways in a HA cluster and clusterXL using a single virtual IP address
• Monitoring the HA state constantly using the smart dashboard and cphaprob state command.
• Worked on checkpoint UTM1, VPN1 and activating blade licenses to be used as Intrusion prevention and antivirus appliance.
• Implementation and configuration of ASA 5520 in failover with site site-to-site VPN and RA VPN
• Implemented clientless sslvpn on ASA 5500-x platforms
• Worked on ASA routed mode and transparent mode Create complex iRules using TCL language for URL redirections, HTTP header-insertion and HTTP header modification.
• Creating Wide IPs with various load balancing methods like, Global Availability, Topology and Round Robin.
• Worked on ASA 5500-x platform configuring the web, ssl, anyconnect VPN’s.
• Configured and troubleshoot Cisco PIX, ASA, FWSM, ACE, Nexus 1000v, and Juniper platforms in a multi-tenant infrastructure.
• Deployed BIG IP 8900 provisioning with LTM module.
• Involved in migration of F5 Local traffic managers of LTM 5100 series to LTM 8900 series
• Configuring & managing around 500+ Network & Security Devices dat includes Juniper (Net Screen) Firewalls, F5 BigIP Load balancers and 3DNS, Blue Coat Proxies and Plug Proxies.
• Handling SSL offloading issues, HTTP monitors, and DNS allocation for the newly built applications.
• Deployed LTMs and GTMs in DMZ environments with FIPS solutions.
• Perform SSL Offloading on LTMs and web accelerators with 2048-bits VeriSign certificates. Also, renewing certificates to ensure the security of websites.
• Created HSRP between Switches with various priorities.
• Troubleshoot and Worked with Security issues related to Cisco ASA/PIX, Checkpoint, IDS/IPS and Juniper Netscreen firewalls.
• Implementation of HSRP, DHCP, DNS, FTP, TFTP, MRTG
• Designed, developed, maintained and supported wired and wireless networks.
• Involved in Configuring and implementing of Composite Network models consists of Cisco 7600,2600,3800 series routers and Cisco 2950, 3500,5000, 6500 Series switches.
• Create vPC domain, design double-sided vPC, design vPC peer-keepalive, vPC peer- link, andvPC member port, and configure single and dual home fex.
• Clean up all legacy devices and insure all systems in the environment has been cleaned up.
• Measure the application performances across the MPLS cloud through various routing and switching methods.
• Configured L3 protocols (IP, BGP, OSPF, EIGRP, IGRP, RIP, ISIS), redistribution, summarization, Filtration (using distribute list, route map, prefix list, access list).

Confidential, Atlanta, GA

Network operations engineer

Responsibilities:

• Maintaining mission-critical networks and ensuring the IT operations of the customers to be uninterrupted.
• Responsible for day to day Operation management of Cisco Devices, Traffic management and monitoring.
• Helpdesk Management with the halp of call management system, to ensure the supportbeing provided by the support engineers meets the end-user needs.
• Interaction with vendors and service providers ensuring dat hardware or software problems were deal with efficiently and TEMPeffectively, with a minimal downtime.
• Monitoring, testing and verifying for any backdoors or loopholes in the running mission.
• Migrated Firewall infrastructure from Check Point R65 to Netscreen ISG2000.
• Implement the firewall rules using Netscreen manager (NSM).
• Manage the Netscreen SSG550 and ISG1000 and 2000 firewalls with the NSM.
• Design the firewalls changes using various NAT types in Netscreen firewalls like, MIP, VIP etc.
• Setup the IPSec VPNs with the third party clients to allow the access to data feeds in the Corporate network
• MPLS Circuits implementation between the different sites.
• Implemented VLAN’s with Spanning tree and HSRP for redundant paths.
• Installed and configured Cisco ASA firewalls.
• Planned and implemented various security projects including (Intrusion Detection Systems deployment, network monitoring, and network architecture).
• Implement Cisco Secure Access Control Server (ACS) for TACACS+.
• Implementation of F5 Load balancers.
• Configured IPsec site-to-site VPN connection between Cisco VPN 3000 Concentrator and Cisco 3800 Router/ Microsoft VPN Server in order to access certain limited network resources from customer locations.
• Deploying VPNs (hands-on) to provide remote users with network access connect geographically separated branches into a unified network & enable the remote use of applications dat rely on internal servers.
• Worked on Checkpoint Firewall policy provisioning
• Involved in Firewall Administration, Rule Analysis, and Rule Modification.
• Troubleshoot traffic passing managed firewalls via logs and packet captures.
• Configured and resolved various OSPF issues in an OSPF multi area environment.
• Layer 2 switching technology architecture, implementation and operations including L2 and L3 switching and related functionality. This includes the use of VLANS, STP, VTP and their functions as they relate to networking infrastructure requirements including internal and external treatment, configuration and security.
• Worked withCheckpoint FW1 NG, PIX, and Netscreen firewalls.
• Reproduced customer problems in the lab, “Root Cause” analysis of problems & verification of the solutions in dat lab Performed packet level analysis tools to quickly solve and correct network problems.
• Monitoring Network infrastructure using SNMP tools like HP Openview.
• Network Packet Analyzer tools using Etheiral Airmagnet for wireless network.

Confidential, Irvine, Ca

Network Engineer

Responsibilities:

• Configuration and Administration of Cisco and Juniper Routers and Switches.
• Configuring RIP, OSPF, EIGRP BGP, MPLS, QOS, ATM and Frame Relay.
• Administration and diagnostics of LAN and WAN with in-depth knowledge of TCP/IP, NAT, PPP, ISDN and associates network protocols and services.
• Configuring VLANs and implementing inter VLAN routing.
• Upgrading and troubleshooting Cisco IOS to the Cisco Switches and routers.
• Configure and troubleshoot Juniper EX series switches and routers.
• Configuring Site to Site to VPN connectivity.
• Configuring and troubleshooting Dell, HP, servers in Data Center.
• Implementation of HSRP, IPSec, Static Route, IPSEC over GRE, Dynamic routing, DHCP,DNS,FTP.TFTP,RAS
• Involved in configuring Cisco Net flow for network performance and monitoring.
• Involved in configuration of Cisco 6500 switches
• Configuring IPSLA monitor to track the different IP route when disaster occurs.
• Involved in Implementing, planning and preparing disaster recovery.
• Involved in configuring Juniper SSG-140.
• Involved in configuring Cisco pix firewall.
• Involved in configuring checkpoint firewall.
• Involved smart view tracker to check the firewall traffic Troubleshooting hardware and network related problems.
• Configuration and Installation of Cisco firewalls Pix and ASA (PIX 510, 515E, 525 and ASA 5520, 5540).
• Configuration and Installation of Firewall Service Module in 6500 switches.
• Implement firewall policy changes after the appropriate review and approval process TEMPhas been completed.
• Create end-user VPN account with appropriate access after appropriate approval TEMPhas been issued.
• Monitor traffic and access logs in order to troubleshoot network access issues;
• Upgrade firewalls in accordance with change management procedures.
• Gather information for specific technologies as to function and deployment configurations.
• Write technical documents describing implemented technologies and architecture.
• Create suggested solutions for technical problems or Make all changes in accordance with change management procedures.
• Experience with Solsoft Policy Server for shared services.
• Customer call log update through Remedy Software.
• VPN Configuration between Site-to-Site and Site-to-Remote.
• Experience with BASE (Basic Analysis and Security Engine) and the Snort intrusion detection system (IDS).

Confidential

Network security

Responsibilities:

• Checkpoint Firewall configuration and Maintenance Support of state network firewalls and end-user Virtual Private Network (VPN).
• Evaluate Agency requests for changes to firewall policy to determine technical feasibility and to determine where to deploy the policies in the state's firewall infrastructure.
• Configuration and Installation of Cisco firewalls PIX 501 and ASA 5520.
• Configuration and Installation of Cisco Routers 3845.
• Configuration and Installation of Cisco Switches 3560G and 2960G.
• VLANS, STP configuration in Cisco 2960G
• HSRP Configuration implemented in Cisco 3560G.
• MPLS configuration in Cisco 3845 for L3 Circuits.
• Create end-user VPN account with appropriate access after appropriate approval TEMPhas been issued.
• Monitor traffic and access logs in order to troubleshoot network access issues.
• Cisco IOS Architecture for Cisco 3845 router, Cisco 3560 and ASA 5520.
• Gather information for specific technologies as to function and deployment configurations.
• Write technical documents describing implemented technologies and architecture.
• Provides consultation to business area management and staff at the highest technical level for all aspects of LAN/WAN design and configuration in multi-server environment.
• Experienced in DLP system which is designed to detect potential data breach and prevent them by monitoring, detecting and blocking sensitive data while in endpoints, data storage
• VPN Configuration between Site-to-Site and Site-to-Remote.
• Implemented firewall policy changes after the appropriate review and approval process TEMPhas been completed.
• Monitoring Network infrastructure using Cisco Network Assistant.

Confidential

Network Technician

Responsibilities:

• Maintenance responsibilities included software & hardware installation & configuration
• Maintaining and creating login credentials, privacy settings and user privileges for the employees in the company.
• Replacement of the older routes and switches with new routers and switches with the configuration set up.
• Assigned a task to set up their LAN. Worked on the entire project from cabling to IP addressing assignment.
• Configured 2600 series routers with OSPF protocol.
• Configured and maintained Cisco 2500, 4000, 7000 and 7500 Series Routers as well as Catalyst 5000 and 5500 Series switches
• VLAN Configuration to different applications with RSTP, STP, VTP.
• Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.
• Performed troubleshooting tasks on Routing and switching and isolated the problem and finding the cause.
• LAN/WAN hardware including, Ethernet Hubs, Cisco Switches, switch panel’s installation, configuration and troubleshooting, Frame-Relay configured support.
• Routing related tasks included providing cisco router configuration and change management, providing technical support for Cisco Router configurations and installation for Customer. Configuring IP RIP, EIGRP, OSPF and BGP.
• Redistributing from OSPF to RIP and vice versa by implementing hub and spoke topology with a Frame Relay Switch in between
• Troubleshoot TCP/IP problems; troubleshoot connectivity issues in multi protocol Ethernet, Environment.
• Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution,
• Overlapping Address Translation.
• Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay).