SUMMARY

• Network Engineer with over 8 years of experience in the industry, which includes expertise in the areas of Routing and Switching.
• Experience in installing, configuring and troubleshooting of Checkpoint Firewall.
• Planning, Designing & implementing various solutions in distributed environment using Checkpoint, Cisco PIX & ASA, and Cisco Routers.
• Exposure to LAN/WAN setup, installation, configuration and troubleshooting
• Implementation traffic filters on Cisco routes using Standard, extended Access list.
• Expert Level Knowledge about TCP/IP and OSI models.
• Experience in Implementing Cisco Secure Access Control Server (ACS 3.0 & 4.0) for TACACS+/ RADIUS
• Extensive knowledge in different networking protocols DHCP, DNS, FTP.
• Knowledge of Terminal Server, Firewalls, Standard/ Extended ACL, Distribute - Lists.
• Expertise in maintaining stable STP topology using protocols such as Port fast, BPDU guard, root guard and UDLD.
• Good knowledge about spoofing attacks and mitigating them using DHCP snooping, IP source guard.
• Implementing security policies using ASA 55XX Firewall, IPS/IDS, Palo Alto firewalls, AAA Security (TACACS+, RADIUS) on different series of routers and switches.
• Experience in Deployed Check Point Provider-1 NGX and configured CMAs.
• Security experience in deploying VPN Solutions like IPSec (site-site and client-site) & SSLVPN implemented across multiple vendors.
• Experience in authentication protocols PAP, CHAP, 802.1x and Port Security and Configuring Security policies including NAT, PAT, VPN, Route-maps, prefix lists and Access Control Lists.
• Experience in Configuring Client-to-Site VPN using SSL Client on Cisco ASA 5520.
• Knowledge on Juniper SRX240, SRX220, and SRX550 series firewalls.
• Expert in implementing TCP/IP addressing scheme, LAN/WAN Protocols and IP Services to meet network requirements in Enterprise and Data Center Network.
• Experience in Network Management Tools and sniffers like SNMP, HP-Open view, Wireshark and Cisco works to support 24 x 7 Network Operation Center.
• Experience in physical cabling, IP addressing and subnetting with VLSM, configuring and supporting TCP/IP, DNS, installing and configuring proxies.
• Finely tuned analytical/critical thinking and debugging skills with excellent verbal and written communication skills.
• Excellent in documentation and updating client’s network documentation using VISIO.
• Highly motivated with the ability to work independently or as an integral part of a team and Committed to highest levels of professional.

TECHNICAL SKILLS

LAN Technologies: VLAN, VTP, Inter-VLAN routing, STP, RSTP, PVST, 802.1x

WAN Technologies: Frame Relay, ISDN, PPP, ATM, MPLS, Channel & Leased lines

Network Securities: NAT/PAT, VPN, L2/L3VPN, Filtering, Load Balancing, IDS/IPS, IPSec

Routing Protocols: RIP, IGRP, EIGRP, OSPF, BGP, IS-IS, HSRP, IPv6

Routed Protocols: TCP/IP, IPX/SPX

Infrastructure Service: DHCP, DNS, SMTP, POP3, FTP, TFTP

Network Management: SNMP, SSH, Telnet, ICMP, SSL

Firewalls: ASA, PIX, SRX, Watch guard, ASDM, CSM, Checkpoint

IP Telephony: VOIP, FXO/FXS/E&M/T1/ISDN/ PRI, Call manager Express.

Operating Systems: Windows Vista/XP/NT/2003, MS DOS, UNIX, Linux

Comm. Protocols: ARP, Wi-Fi, WiMax, 3G

Packages: Visual Studio 2008, OPNET, MATLAB, CAD, Flash, Dream weaver.

Tools: SYSLOG, CSM, HPSM, WhatsUp Gold, Cisco Works, IXIA, Spirent

PROFESSIONAL EXPERIENCE

Confidential, New York, NY

Sr.Network security Engineer

Responsibilities:

• Experienced in installation, configuration and maintenance of Cisco Router, Catalyst Switches and Cisco ASA Palo Alto PA Series Firewalls.
• Configuration and maintenance of OSPF protocol which was the enterprise IGP. Configuration included deploying of new branch locations or new network devices in the existing infrastructure. Creating Stub Areas & configuring Summarization for effective Routing.
• Using PBR with Route Maps for route manipulation/filtering. Troubleshooting routing issues like suboptimal routing and asymmetric routing
• Provided technical support for full setup, debugged the problems of OSPF, switching and HSRP.
• Switching related tasks included implementing VLANs, VTP and configuring and maintaining multi VLAN environment and inter-VLAN routing on Fast-Ethernet channel.
• Implemented and used SDM to configure Cisco IOS security features and network connection.
• Network Segmentation-application migrations for enterprise Private Data Firewall and data behind ASA 5585-Xs
• Configured Object Grouping, Protocol Handling and Code up gradation on ASA Firewalls.
• Implementation and maintained intrusion detection/ prevention (IDS/IPS) system to protect enterprise network and sensitive corporate data. For Fine-tuning of TCP and UDP enabled IDS/IPS signatures in Firewall.
• Design, implement and provide second level support for hostload-balancingsolutions at SWA.
• Configuration the access-list rules, network object-service group based on well-known port the port i.e. FTP/SFTP, SSH, HTTPS/HTTPS (SSL) and etc
• Worked with different vendors and implement Site-to-Site VPNs over the Internet.
• Negotiate VPN tunnels using IPSec encryption standards and also configured and implemented site-to-site VPN, Remote VPN.
• Working knowledge of the UNIX and CLI based command to implement the networking tools.
• Configured and monitored Firewall logging, DMZ’s and related security policies.
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches, fixes, and all around technical support.
• Configuration of ACLs in Cisco 5540 series ASA firewall for Internet Access requests for servers in LAN and DMZ and also for special user requests as authorized by management.

Confidential, Virginiabeach,VA

Sr.Network Security Engineer

Responsibilities:

• Worked with Checkpoint FW1 NG, ASA, and Netscreen firewalls.
• Configuration and Installation of Firewall Service Module in 6500 switches.
• Managing and implementation of PORs (port open requests) based on the requirements of various departments and business lines.
• Work with SDC security team to resolve technical problems.
• Worked on Solsoft Policy Server for shared services to push the rules.
• Handled deployment and management Checkpoint GAIA, R75, R71, R65 and Cisco ASA 5500 series.
• Designing, installing and configuring Checkpoint firewalls - NGX R65 in active/active mode.
• Installing and configuring TACACS/RADIUS
• Creating IPSEC, GRE tunnels, Frame-relay in Cisco routers.
• Installing & configuring firewalls - Checkpoint NG & NGX, Cisco ASA, Netscreen, ISA, and iptables.
• Rule base verification and migration on Checkpoint firewalls.
• Implement the firewall rules using Netscreen manager (NSM).
• Worked on ASA routed mode and transparent mode
• Worked on Configuration and troubleshooting of VLANs, STP, VTP, UDLD, Trunking, DNS, DHCP, Ether Channels, Access Lists, NAT, PAT, MPLS and static routing.
• Worked on configuring and troubleshooting Nodes, Pools, Profiles, Virtual Servers, SSL Certificates, iRules, and SNATs on the F5 Big IPs using the Web GUI and CLI.
• Configuring and troubleshooting Access-lists, Service Policies, and NAT rules.
• Measure the application performances across the MPLS cloud through various routing and switching methods.
• Creating Virtual IP address, Pools and Persistence profiles on F5 LTMs.
• Perform SSL Offloading on LTMs and web accelerators with 2048-bits VeriSign certificates. Also, renewing certificates to ensure the security of websites.
• Create complex iRules using TCL language for URL redirections, HTTP header-insertion and HTTP header modification.
• Engaged in various migration projects like migrating V 10.x load balancers to V 11.x.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree creating Access/distribution and core layer switching architecture.
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
• Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers and Support Cisco Nexus (7000, 5000, 2000 series) Switches.
• Commissioning & de-commissioning with Cisco 7500, 7200, 6500switches for the Data Centre migration & operations.
• Wrote and maintained corporate virus, firewall, and security policies for multi-site company network connected via VPN running Checkpoint firewall 1 NG.
• Creating Network uptime report and sending to the management as per weekly schedule.

Confidential, Dayton,FL

Information Security Analyst

Responsibilities:

• Filtration (using distribute list, route map, prefix list, access list).
• Implementation of HSRP, DHCP, DNS, FTP, TFTP, MRTG
• Trouble shooting LAN issues, and performing changes on Switches, Routers, and Palo Alto, ASA Cisco and Netscreen firewalls.
• Manage the Netscreen SSG550 and ISG1000 and 2000 firewalls with the NSM.
• Design the firewalls changes using various NAT types in Netscreen firewalls like, MIP, VIP etc.
• Setup the IPSec VPNs with the third party clients to allow the the access to data feeds in the network.
• Debug the IPSec VPN tunnel issues and identify the potential problem and fix them.
• Configured L3 protocols (IP, BGP, OSPF, EIGRP, IGRP, RIP, ISIS), redistribution, summarization
• Co-Ordinate with the vendors/carriers for any WAN related issues.
• Monitoring and keeping track of the Network traffic analysis through the routers using MRTG.
• Traffic prioritization and shaping done with BGP attributes (Local preference and MED).
• Implemented HSRP between Core switches and backbone router.
• Monitoring and keeping track of the Network traffic analysis through the routers using MRTG.
• Maintained good Customer Relation Skills & Troubleshooting skills in a production based environment.
• Involved in group & individual presentations to corporate clients about the company’s internet based products like leased lines and modular routers.
• Documenting and Log analyzing the Cisco ASA 5500 series firewall
• Provided testing for network connectivity before and after install/upgrade
• Switching related tasks included implementing VLANS and configuring trunk on Fast-Ethernet and Gigabit Ethernet channel between switches.
• Performed troubleshooting, while maintaining trouble ticket tracking, following internal/external.
• Understand the network architecture thoroughly and suggest the possible design changes in the network.
• Implement the critical changes over the weekend to mitigate the high risk.
• Participate in the peer review calls to review the changes of the other engineers.
• Worked primarily as a part of the security team and daily tasks included firewall rule analysis, rule modification and administration.
• Dealt with applying crypto maps and security keys for the branches, ISAKMP (Internet security association key management protocol) for establishing Security associations (SA) cryptographic keys to branches in internet cloud environment.
• Using CA(Certificate authority server) developed RSA keys for secured communication with encryption algorithm (DES) and authentication method (RSA)
• Configuring F5 load balancers to provide various load balancing solutions for various web and applications and Apps.
• Configuring Netscreen 204 providing additional security to the inside interface of Cisco ASA for the Transport database servers.
• Configuring a one-to-one Static NAT for F5 load balancer in ASA.
• Opening specific ports for LDAP and database access.

Confidential, SiliconValley,CA

Network Engineer

Responsibilities:

• Configuration and Administration of Cisco and Juniper Routers and Switches.
• Configuring RIP, OSPF, EIGRP BGP, MPLS, QOS, ATM and Frame Relay.
• Administration and diagnostics of LAN and WAN with in-depth knowledge of TCP/IP, NAT, PPP, ISDN and associates network protocols and services.
• Configuring VLANs and implementing inter VLAN routing.
• Upgrading and troubleshooting Cisco IOS to the Cisco Switches and routers.
• Configure and troubleshoot Juniper EX series switches and routers.
• Configuring Site to Site to VPN connectivity.
• Configuring and troubleshooting Dell, HP, servers in Data Center.
• Implementation of HSRP, IPSec, Static Route, IPSEC over GRE, Dynamic routing, DHCP,DNS,FTP.TFTP,RAS
• Involved in configuring Cisco Net flow for network performance and monitoring.
• Involved in configuration of Cisco 6500 switches.
• Configuring IPSLA monitor to track the different IP route when disaster occurs.
• Involved in Implementing, planning and preparing disaster recovery.
• Involved in configuring Juniper SSG-140.
• Involved in configuring Cisco pix firewall.
• Involved in configuring checkpoint firewall.
• Involved smart view tracker to check the firewall traffic Troubleshooting hardware and network related problems.
• Configuration and Installation of Cisco firewalls Pix and ASA (PIX 510, 515E, 525 and ASA 5520, 5540).
• Involved in configuring and troubleshooting Next Generation Firewalls like Palo Alto Firewalls for intrusion prevention
• Configuration and Installation of Firewall Service Module in 6500 switches.
• Implement firewall policy changes after the appropriate review and approval process has been completed.
• Create end-user VPN account with appropriate access after appropriate approval has been issued.
• Monitor traffic and access logs in order to troubleshoot network access issues;
• Upgrade firewalls in accordance with change management procedures.
• Gather information for specific technologies as to function and deployment configurations.
• Write technical documents describing implemented technologies and architecture.
• Create suggested solutions for technical problems or Make all changes in accordance with change management procedures.
• Experience with Solsoft Policy Server for shared services.
• Customer call log update through Remedy Software.
• VPN Configuration between Site-to-Site and Site-to-Remote.
• Experience with BASE (Basic Analysis and Security Engine) and the Snort intrusion detection system (IDS).

Confidential

Network Specialist

Responsibilities:

• Assisted in troubleshooting LAN connectivity and hardware issues in the network of 100 hosts.
• Studied and analyzed client requirements to provide solutions for network design, configuration, administration, and security.
• Configure,administer, and document firewall infrastructure, working with Checkpoint.
• Involved in troubleshooting IP addressing issues and Updating IOS images using TFTP.
• Maintained redundancy on Cisco 2600, 2800 and 3600 router with HSRP.
• Monitor performance of network and servers to identify potential problems and bottleneck.
• Performed RIP & OSPF routing protocol administration.
• Interacted with support services to reduce the downtime on leased lines.
• Troubleshoot problems on a day to day basis & provide solutions that would fix the problems within their Network.
• Maintenance and Troubleshooting of connectivity problems using Ping, Trace route.
• Daily responsibilities included monitoring remote site using network management tools, assisted in design guidance for infrastructure upgrade & help LAN administrator with backbone connection and connectivity issue Other responsibilities included documentation and support other teams.

Confidential

Network Engineer

Responsibilities:

• Assisted in troubleshooting LAN connectivity and hardware issues in the network.
• Studied and analyzed client requirements to provide solutions for network design, configuration, administration, and security.
• Involved in troubleshooting IP addressing issues and Updating IOS images using TFTP.
• Monitor performance of network and servers to identify potential problems and bottleneck.
• Performed RIP & OSPF routing protocol administration.
• Interacted with support services to reduce the downtime on leased lines.
• Troubleshoot problems on a day to day basis; provide solutions to fix the problems.
• Applying policy rules in Checkpoint firewall
• Implemented WAN/Core based on ATM & Frame Relay on Optical Sonnet infrastructure.
• Designed a test manual and automated test cases are perform the over Network testing tool IXIA and Spirent.
• Automate test cases for carrier grade, provider Edge and Core Routers. Validate the IP/MPLS features are consistent with client’s design and behave as expected in a multi-vendor, scaled environment
• Configure the access-list and patch on the Juniper router and Firewall for customer support.
• Maintenance and Troubleshooting of connectivity problems using Ping, Trace route.
• Managed the IP address space using subnets and variable length subnet masks (VLSM).
• Worked along with the team in ticketing issues; responsibilities included documentation and support other teams.