SUMMARY

• Network Security Engineer with 8.5 years of experience in network design & maintenance, firewall administration, system administration and network administration
• Working in configuration and troubleshoot of CISCO Palo Alto 7080, 5430, 3400 and 2k for Panorama Next Generation firewalls.
• Experience on deploy and installation of CISCO Fortigate 50e, 60e, 100E, 200d, 310b, 301D and 1200D series firewalls with Forti Extender 40D, Forti Concentrator, Forti Authenticator.
• Experienced in configure and implementation of CISCO Nexus 9k, 7k, 5k and 3k datacenter switches along with Cisco Application Centric Infrastructure (ACI).
• Experience in planning, design and deployment of Silver Peak SD - WAN optimization technologies.
• Experienced on built and managed Azure cloud infrastructure using cloud orchestration capabilities.
• Working experience in designing, testing and programming of object oriented databases for network automation using Ansible scripting language.
• Experienced on configure and troubleshoot of Aruba 802.11n Infrastructure and its legacy technologies.
• Worked in implementation and configuring of F5 BIG-IP 2000, 3900, 5000, 6400, 6800 series LTM/GTM load balancer infrastructure.

TECHNICAL SKILLS

Networking Technologies: LAN/WAN, TCP/IP, Frame Relay, VPN, VLAN, VTP, NAT, PAT, STP

Networking Hardware: Cisco, Juniper Palo Alto/Fortinet/Checkpoint/Viptela, Meraki

Routing Protocols: OSPF, ISIS, EIGRP, RIP, MPLS, IS-IS, BGP, Multicasting, Static, STP, RSTP, VLANs, VTP, PAGP, LACP, HSRP, VRRP, GLBP, IPv4 and IPv6

Security Technologies: PAP, CHAP, Cisco PIX, Blue Coat, Palo Alto, ASA, Fortinet, Checkpoint

Routers: CISCO ASR/ISR 4300,4400,4500,2800,3800,7200, Juniper M & T Series

Switches: CISCO 2960,3750,3850,9200,9300, CAT 6800 Nexus 7k,5k,2k

Firewalls: Palo Alto, Juniper SRX, Cisco ASA, Checkpoint

Load Balancers: F-5 (BIG-IP), Cisco CSM

AAA Architecture: TACACS+, RADIUS, Cisco ACS, ISE

Wireless: WLAN Controllers 4404/5508/5760 and access points models 3500/3600/3700 series, Cisco, Meraki and Aruba

Simulation Tools: GNS3, VMware, OPNET IT GURU

Operating System: Windows, UNIX, LINUX, Cisco IOS, IOS XR, IOS-XE, NX-OS

PROFESSIONAL EXPERIENCE

Confidential, Alpharetta, GA

Sr Network Security Engineer

Responsibilities:

• Working in configuring, deploying and troubleshoot of Next Generation CISCO Palo Alto 7080, 5430 and 3400 Firewalls
• Experience monitoring multiple Cisco & Palo Alto firewalls environment with the help of various monitoring tools (SmartDashboard, SmartView Monitor, Smart view Tracker, Smart Log)
• Worked to setup and maintained Palo Alto security policies including NAT, VPN and Secure Remote access
• Experience working with Aruba and Cisco Wireless LAN controllers, Configuring and Provisioning AP’s, Virtual AP’s, RTLS, Wireless SSID’s, remote and campus AP’s, upgrading WLC, worked in Active/Active local Controllers and Master controller. Worked on RAP3 for remote access.
• Experience working incomplex environments which includes Layer 2 Switching, L3 routing, Network security with perimeter and VPN firewalls, Load balancing and Access policies management in F5/NetScaler. Experience with Aruba Wireless LAN Controllers. worked on configure and troubleshoot of FortiGate Firewall including 100E, 301D and 1200D series, F5 enterprise, Forti Extender 40D, Forti Concentrator, Forti Authenticator.
• Hands on experience on Checkpoint Firewalls, ASA (5550) Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS) network.
• Work with performing provisioning script for all the sites running in 6.4.4 codes on FortiGate firewall on Linux machine and uploading the network script on the JSON file and then retrieving the configuration from Forti Manager in order to sync Firewall with FMG to improve the network efficiency.
• Experience in ability to manage Azure Platform for server start / stop, monitoring, IPSEC Tunnel between Azure to Fortigate Firewall.
• Experience in performed site refreshes on Cisco switching and Meraki wireless infrastructure.
• Configured OSPF, BGP, VDC, Management VRF's, STP, Multicast, QoS, TACACS, SNMP traps, Net flow, WCCP Web Cache Communication Protocol access lists on and between the Nexus 7010 Core Routers and ASR 1006 CE Customer Edge Routers interconnectivity in the PWAZ.
• Worked on network team lead for Centralized Gateway with Inter-VXLAN Routing in the Core/Aggregation using Nexus 9K, 7k and 5k hardware.
• Experienced for creating solutions in Cisco ACI domain which includes Tennant, Application Profiles, EPGs, BDs, Contract policies, L3out, L2 extension and VM (Vcenter) integration.
• Experience with Cisco ACI and VXLAN Protocol, enabled VXLAN communication between two Data Centers to free-up space in one DC, thus allowing Vmotion using VXLAN.
• Working in plan, design, deployment, configuration and support of Data Centre Network Infrastructure, Cisco Application Centric Infrastructure (ACI), Cisco Equipment (including Nexus switches) as well as Virtualization, based on industry best practices.
• Work with configuration and installation of Juniper Routers MX 2800/3600/7200/7500 and EX 3750/4500/6500/7000 series switches.
• Experience in planning and design workshop with customer to design SD-WAN Silver Peak solution that works over any transport (Internet, MPLS, LTE, Metro-E) and elegantly integrates routing, security, segmentation, policy and orchestration
• Working on establishing and maintaining of setup to Build and deploy the application to the Cloud Azure.
• Hands-on experience in configuring Viptela devices and creating device and feature templates on vManage required for SD-WAN implementation.
• Managed DHCP, DNS and IP address thru Infoblox, and Admin for Internet sites access thru Zscaler.
• Experienced in Set up Cloud Center of Excellence and led the cloud security solution architecture requirements for Azure cloud.
• Experience for managing enterprise security tools for cyber defense, forensics and cyber investigations, DLP operations including endpoint, network, email DLP and CASB, CSPM solutions for Azure Cloud.
• Working with assisted in designing and programming of object oriented databases with Ansible and other languages.
• Experience on configuring Cisco and Aruba wireless access points and managing guest internet infrastructure.
• Working with configuring and troubleshoot of F5 (BIG-IP) LTM 2000, 3900, 6400, 6800 series load balancer.
• Experienced in designed, implemented, configured, and supported F5 BigIP, Ltm, 3Dns and Gtm local and global load balancing appliances in a highly demanding environment.
• Worked on managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.

Confidential, Lansing MI

Sr. Network Security Engineer

Responsibilities:

• Experienced in configure all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k and 7k) as well as a centralized management system (Panorama) to manage large scale firewall deployments
• Worked on monitored Palo Alto VPN tunnel activities with Smart View monitor and troubleshoot VPN issues with CLI.
• Experience with Administration of Aruba Wireless Controllers and Access points.
• Experience with optimize existing policies to improve security and performance. Identify and remove security policies that are not no longer needed to reduce Palo Alto firewall policy lookup.
• Work for configure, implementation and deployment of Fortigate Firewall (200d, 310b, 100d, 50e, 60e) series devices.
• Worked on Design implementation of new data center with products ranging from cisco, ASA with Firepower, Dell Switches, Cisco Meraki and VMware NSX.
• Worked on troubleshooting and configuration of Wireless Forti AP 421E and Wireless Bridge 222E by configuring the ports in WIFI as well as PBX VLAN respectively.
• Position the VMware and Dell partnership. Deliver the value proposition of new and updated products such as NSX, VSAN, vCloud Air and AirWatch to achieve customer outcomes.
• Experienced in configuring SSIDs on the FortiGate firewall and troubleshoot if user is unable to get internet or unable to connect to SSID.
• Worked on deploying and commission of core Nexus 9k, 7K, 5K and its downstream devices.
• Working experience in ACI (APIC Cluster deployment fabric discovery process, fabric policy, object workflow & tenants, EPG,l2 out,L3OUT)
• Experienced in ACI deployment scenario with APIC cluster in support of various designs (Stretched fabric, Multipod fabric)
• F5 GTM: Configuring and Managing F5 GTM for Data Centers, DNS Management and Integrated with DNS Vendors for DNS Security Management.
• Worked in Network LAN is implemented using Cisco ACI. There are 4X setups of ACI dedicated to each setup in the Data Centers. Each cloud setup has its own ACI POD in the environment. All ACI fabrics are isolated and have no physical direct connects between the setups
• Experience on Code Upgrade for Juniper Routers including MX7200, MX3900, MX2900 and MX 891 and Switches including EX6500, EX4500.
• Worked in design for the SD-WAN (Silver Peak), SD WAN optimization technologies for efficient delivery of the application data across LAN and WAN.
• Experienced in configured multi-account architecture, identity and access management, governance, data security, network design, and logging within provisioned Azure Landing Zones.
• Worked on IAM for creating roles, users, groups, and implemented MFA to provide additional security to Azure account.
• Worked with built and managed, stable & secure Azure cloud infrastructure/networking using cloud orchestration capabilities, scripting languages, and APIS to design, code, test, implement and support Infrastructure as Code (laCC).
• Experienced on intensive applications of Network automation tools and testing for network automation and configuration management using Ansible scripting.
• Experience is using Splunk to perform SIEM Intrusion Detection and read logs and write Windows scripts and alerts.
• Worked on implementation of WLAN Aruba Wireless Access Points and its Controllers at various corporate sites fort 802.11n Infrastructure and its legacy technologies
• Experience with configuring, troubleshoot and implementation of BIG-IP 5000 and 2000 series F5 load balancers.
• Experience in F5 BIG-IP LTM VIP configuration with health check. Extensive knowledge and experience with hosting SSL s on F5 platforms

Confidential, San Antonio, TX

Network Security Engineer

Responsibilities:

• Working on perimeter security devices like Firewall, WAF, Web Gateways, Email Gateways with multiple OEMs.
• Managed and maintained Fortinet Firewalls through IPv4 policies, traffic shaping, IPS, web filtering, interfaces, and routing.
• Worked with Host Master for shared web hosting and managed Web Application firewall (WAF), DNS and DHCP management using Infoblox and Analyzed networks using Wireshark.
• Involved in Meraki wireless device to install and configuration.
• Experienced on implementation of Fortinet Firewall Administration, hands on experience of Fortiwifi 60C, Fortigate 60D, Forigate 240D, Fortigate 300C, Fortigate 1000D, Fortigate 200E models.
• Experience with daily routine Task related to WebGateways, Email Gateways, Radware WAF, RSA 2FA.
• Working experience in IPsec and SSL VPN Configuration and implementations.
• Experience work with implemented IPS, DLP and UTM features on the firewall for added security purposes.
• Working for Cisco ACI, NXOS and IOS, QoS, data center network design, cloud infrastructure design and management, OSPF, BGP, VLAN Trunking.
• Worked on configured and supported site to site virtual private networks.
• Experienced in defining network policies and procedures, establishing connections.
• Experienced in managing wireless network, MAC filtering with different wireless network routers.

Confidential, Lancaster, PA

Network Engineer

Responsibilities:

• As Support Engineer I was responsible for entire IT infrastructure management ensuring defined SLA is met on a day to day basis, handling escalation and team mentoring.
• Working experience with installation and generation of SOP for Network, Firewall, Server.
• Experienced for Identifies, Diagnoses and Resolves Network and Windows Problems. Troubleshooting Computer Hardware Problem & Network Problem.
• Worked in configuring and maintaining Network Rack, Switch, Router Deployment of enterprise wide WIFI accessibility.
• Experienced in configuring and maintaining LAN and WAN links across multiple sites PAN India based on client needs.