SUMMARY

• Experienced Professional with over 5+ years of experience as an IT Security Professional with expertise in Network Security viz. Routing, Switching, Firewall Technologies, System design, Implementation and Troubleshooting of Complex Network Systems
• Implemented firewalls using Cisco ASA, Cisco PIX, Checkpoint Provider - 1 /SiteManager-1 NGX R65, Firewall-1/VPN-1 NGX R65 Gateways, Secure Platforms.
• Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point Firewall Smart Domain Manager command line & GUI, Cisco ASA
• Seasoned professional in Checkpoint firewall policy administration and support between various zones
• Hands on Experience with Blocking of IP's on Checkpoint which are suspicious
• Experience in Checkpoint IP Appliances R65, R70, R75, R77 & Cisco ASA Firewalls
• Migration with both Checkpoint and Cisco ASA VPN (Checkpoint R75.30 to Gaia R77.30 GA version)
• Planning, Designing, Installing, Configuring of Cisco 6500, 4500, 2900, 3500, 3750 XL series switches, Nexus 5000 series switches, Cisco 1800, 2500, 2600, 2800, 3600, 3800, 7200 series Routers.
• Worked on migration from legacy PIX to new Cisco ASA appliances
• Worked with F5 Load balancing, IDS/IPS, Bluecoat proxy servers and Administrating.
• Excellent working knowledge of TCP/IP protocol suite and OSI layers.
• Proficient in configuration of routing protocols like RIP, IGRP, EIGRP, OSPF multiple areas and BGP.
• Involved in designing L2VPN services and encryption system and other VPN with IPSEC based services.
• Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
• Expertise in IP Subnetting and worked on various designing and allocation various classes of IP address to the domain
• Involved in Troubleshooting of DNS, DHCP and other IP conflict problems
• Good knowledge and experience in Installation, Configuration and Administration of Windows, HTTP, FTP, DNS, NTP, DHCP servers under various LAN and WAN environments
• Excellent customer management/resolution, problem solving, debugging skills and capable of quickly learning, effectively analyses results and implement and delivering solutions as an individual and as part of a team.
• Knowledge in Planning, Design, Implementing and Troubleshooting complex networks and advanced technologies.
• Strong knowledge base in the design and deployment of Blue Coat Proxy and Checkpoint firewalls.
• Hands on Experiences on McAfee EPO with deploying and removing agent on client's machine, removing virus and manually updating DAT files.
• Advanced knowledge, design, installation, configuration, maintenance and administration of Checkpoint Firewall R55 up to R70 version, Secure Platform Installation including GAIA, VPN.
• Advanced knowledge in Design, Installation and Configuration of Checkpoint Provider Environment.
• Experienced on Monitoring the Network performance based on company's Service Level Agreement (SLA).
• MCTS Windows Server 2008 Active Directory Configuration.
• Drafted and installed Checkpoint Firewall rules and policies.
• Experienced in handling and Installing Palo Alto Firewalls.
• Switches Experience in creating multiple policies and pushing them in to Checkpoint Firewall (Gateways) and hands on experience in managing the Checkpoint Management Server with SPLAT operating system
• Experience in advance features of VMware, VMotion, SVmotion, HA and DRS including vSphere Update Manager, VMware Data Recovery, vCenter Lab Manager and vCenter Orchestrator.
• Proficient on IPS, IDS, Tripwire tools for solving the issues and 24x7 monitoring.

TECHNICAL SKILLS

Operating Systems: Windows, Win Server 2003, working knowledge of Mac OS X and Linux

Routing: Cisco, OSPF, EIGRP, BGP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static Routing.

Switching: Cisco, VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switching, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging

LAN: Ethernet, Fast Ethernet, Gigabit Ethernet, FDDI, CDDI, Token Ring, ATM LAN Emulation

Security/Firewalls: NAT/PAT, Ingress & Egress Firewall Design, VPN Configuration, Internet Content Filtering, IDS/IPS, URL Filtering, SSL, IPSEC, IKE, Static, Dynamic, Reflexive ACL, and Cisco ASA Firewalls, IPSEC & SSL VPNs, IPS/IDS

IP SERVICES: DHCP, NAT, VLAN, DNS, FTP, TFTP, LAN/WAN

PROFESSIONAL EXPERIENCE

Confidential, Chicago, IL

Network Security Engineer

Responsibilities:

• Auditing of Checkpoint firewall, preparation of network diagram using Visio.
• Provide security engineering for VSX Implementation in checkpoint environment.
• Implementing and troubleshooting firewall rules in Cisco ASA 5540, 5580, Checkpoint R77.20 Gaia and VSX as per the business requirements
• Worked on Gaia Versions 77.10, 77.20, R65 implementing new and additional rules on the existing firewalls for a server refresh project
• Configuration and providing management support for Cisco ASA and Checkpoint Firewalls (R75, R76, R77)
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
• Manage and configure Juniper SSG, Palo Alto, Barracuda series firewalls/Web Filter andBlueCoatEnterprise Proxy appliances.
• Successfully installed Palo Alto PA-3060 firewalls to protects Data Center
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs
• Established IPsec VPN tunnels between branch offices and headquarter using Cisco ASA Firewall
• Server load-balancing utilizing F5 LTM-BigIP, including, AFM, APM and ASM modules.
• Configure, administer, and document firewall infrastructure, working with Cisco ASA, Check Point for Data Centers.
• Expertise in TCP/IP, DNS, DHCP, Content Load Balancing.
• Worked on F5 Local Traffic managers (LTM), Global traffic manager (GTM) of series 8900, 6400, 6800, 3400, 5100 and 3600
• Update patches on Servers Working Experience with Active Directory Components (AD Users and Computers, DNS, DHCP and WINS etc.).
• Ensure that all system in the domain have McAfee Antivirus Protection Installed.
• Configuring & managing Network & Security Devices that includes Cisco Routers & Switches, Nexus Switches, Juniper and Palo Alto Firewalls, F5 BigIP Load balancers, Blue Coat Proxies and Riverbed WAN Optimizers
• Consistently resolving critical business effective network operations issues within SLA time frames.
• Worked with F5 Load balancing, IDS/IPS, Bluecoat proxy servers and Administrating
• Monitoring of managed Security Devices and incident response reporting as per criticality level ranging from P1 to P4.
• Worked on Infoblox for creating the DNS entries, A records and CNAMEs.
• Implementing & troubleshoot Checkpoint firewalls and management console.
• Preparation of all Branches Link up time/down time report to maintain SLA with Customer.
• Vender selection for different services from RFP to SLA level.
• Configured automated OS migrations using automated scripts in PowerShell. Standardized network cable runs for VMware hosts across multiple data center.
• Performing Checkpoint deployment, maintenance, installing bug fix and code upgrades using Smart Upgrade andmaintaining timely backups.
• Managing and Monitoring Checkpoint Next Generation features; Application/URL Filtering, Identity Awareness, IPS, Anti-Bot, Anti-Malware, Threat Prevention URL Filtering on Checkpoint firewalls.
• Configure and troubleshoot Remote access and site to site-in Checkpoint & Palo alto firewall.
• Configuring and troubleshooting DNS and DHCP servers.
• Creation of automated security testing scripts using Python and PowerShell for open port scanning, brute force attacks, botnets, NMAP port scanners and others
• Configuring and managed DNS and Active Directory.
• Installation and Administration of Anti-Virus Server, McAfee server virus.
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Extensively Worked on F5 load Balancers.
• Responsible for setting up Web Application Firewalls (WAF) like SQL injection, http conversation.
• Exposure to wild fire feature of Palo Alto.

Confidential, WI

Network Security Engineer

Responsibilities:

• Configuration and Troubleshooting L3 switches with VLAN, STP, SPAN, ETHERCHANNEL, HSRP, VRRP and GLBP
• Assisted in troubleshooting complex layer 1, 2 and 3 connectivity using Wire Shark protocol analyzer and recommended solution for better performance
• Upgrading checkpoint security gateways in cluster with minimal downtime.
• Working with Cisco ISE / FWSM
• Planning, design, implementing and troubleshooting on Checkpoint and Cisco ASA Firewall.
• Managing F-5 LTM, GTM, APM, ASM Administration, creating virtual servers, mapping pools, iRules and Profiles. SSL traffic offloading, also managed PCI Security Audit with F5 ASM.
• Configuring HA on checkpoint security gateways using cluster XL and VRRP.
• Worked on security tools and software such as CISCO WSA, Qualys, Splunk, Solar winds, Source fire, SIEM
• Palo Alto design and installation which includes Application and URL filtering Threat Prevention and Data Filtering.
• Blue Coat Web Proxies - ProxySG, Proxy AV, Content Analysis System, Packet Shaper, Threat Detection ProxyCAS, Director, Reporter
• Worked with the customer and ASM engineering to improve maintenance procedures and techniques in order to optimize equipment performance.
• Monitor devices in Netcool and Event Manager
• Worked primarily as a part of the security team and daily tasks included firewall rule analysis, rule modification and administration.
• Adding and removing checkpoint firewall policies based on the requirements of various project requirements.
• Implemented Positive Enforcement Model with the help of Palo Alto Networks.
• Administer Checkpoint firewalls with cluster gateways including pushing policies and processing user requests to allow access through the firewall using Smart Dashboard and identify unused rules and schedule change to mark it for permanent deletion at later point of time.
• Configuration and implementation of Check Point Firewalls, IDS/IPS, Bluecoat Proxy, CISCO ASA.
• Checkpoint Firewall Log review and analysis and troubleshoot connectivity issues.
• Working with Cisco Catalyst/Nexus/UCS/MDS, and F5’s including ASM’s
• Perform SSL Offloading on LTMs and web accelerators with 2048-bits VeriSign certificates. Also, renewing certificates to ensure the security of websites.
• Maintained high availability of resources with F5 BIG-IP load balancer based on different load balancing.
• Configured and maintained IPSEC and SSL VPN's onPaloAltoFirewalls.
• Configuration and troubleshooting of Firewalls ASA 5520, ASA 5510, Nokia Check Point VPN1 NGX R55/R65/R70.
• Managed and maintained various web content filtering solutions including Web Sense and Blue Coat.
• Performed up gradation from old platforms to new platforms R65 to R75.45
• Created multiple policies and pushed them in to Checkpoint Firewall (Gateways) and the Checkpoint Management Server with SPLAT operating system.
• Configuration and troubleshooting of Site to Site as well as Remote Access VPN on Cisco ASA and Checkpoint firewalls.
• Provided proactive threat defense with ASA that stops attacks before they spread through the network.
• Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Migrated Cisco ASA firewall to next generation Palo Alto firewalls
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP IPv4/IPv6 and configured IP access filter policies.
• Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems.
• Troubleshoot on security related issues on Cisco ASA/PIX, Checkpoint and IDS/IPS.

Confidential

Network Specialist Executive

Responsibilities:

• Trouble shooting using various command tools on CISCO routers and network segments at various OSI layers. Maintenance of Cisco 2500, 4000, 6500 series routers.
• Manage service providers’/vendors relationships from a project and technology perspective.
• Worked with the basic communication Protocols like TCP/IP
• Proactive monitoring including a weekly review of log files, reports, weekly Knowledge Base updates, etc. to determine the health and performance of Secures appliances.
• Routing and Switching issues including OSPF, RIP, VLAN's.
• CMS and Security Reporter are couple of Security applications supported.
• Creation and implementation of Filters on the Routers for Security purpose.
• Remotely Configuring the Network.
• Support and maintain networking devices, cabling and standalone systems as part of job duties. Maintain systems up to date with the latest OS patches. Install different software on the systems. Install and managing network devices including Hubs, Switches
• Monitor Routers and Internet Connectivity.
• Implement network monitoring tool for monitoring servers, routers other network resources.
• Adding and deleting users and granting user level.
• Resolving VPN &MTU issues.
• Resolving Network Problem related to connectivity and assessing resources.
• Responsible for ensuring each reported problem is resolved in timely manner.
• Patching all Windows servers and workstations with Company standards.
• Configuring & administering Domain Naming Server (DNS), Dynamic Host Configuration Protocol (DHCP), Distributed File System (DFS), Internet and Remote Access Service (RAS).