SUMMARY

• 7+ experience in Network Security Administration.
• Configuration of Palo Alto Firewall PA - 5k and CMS
• Advanced knowledge, design, installation, configuration, maintenance and administration of CheckPoint Firewall R55 up to R77, Secure Platform Installation, VPN
• In-depth knowledge of deploying and troubleshooting LAN, WAN, Frame-Relay, Ether-channel, IP Routing Protocols - (RIPV2, OSPF, EIGRP & BGP), ACL's, NAT, VLAN, STP, VTP, HSRP & GLBP
• Experience in adding Rules, Monitoring Checkpoint Firewall traffic through Smart Dashboard & Smart view Tracker apps
• Configured Client-to-Site VPN using SSL Client on Cisco ASA 5520.
• Network security including NAT/PAT, ACL, HTTPS, Web Proxy, LDAP, VPN Concentrator, ASA/PIX Firewalls, Cisco IDS/IPS, AAA, IPsec/SSL VPN and L4 - L7 protocol.
• Daily maintenance of Checkpoint Firewall.
• Checkpoint Firewall logs maintenance.
• Installation of Secure Platform.
• Checkpoint Firewall Policy maintenance.
• Providing support to Customers on servers, firewalls, SAN, NAS, Tape Library and Network related issues. Monitoring network through Network Monitoring Software.
• Resolve all Hardware, Network and Software related issue with in SLA time period.
• Follow-up with the customer to get confirmation of SLA penalty.

TECHNICAL SKILLS

Protocols: TCP/IP, RIP, OSPF, EIGRP, BGP, IPX\SPX, DHCP, DNS and PPP VTP, STP, ISDN

Routers: Cisco 3600 series, Cisco 2600 series, Cisco 1700 series, Cisco AS5200 series

Switches: Cisco 2900 series, Cisco 1900 series, Baystack T switch

OS: CISCO IOS 12.X, MS-DOS 6.22, Windows 95/97/98/Me, Windows NT4.0, Windows 2000,Windows 2000 Advance server, Windows XP, Windows 2003, Linux

Firewalls: Palo Alto PA 500/2k/3k/5k, Checkpoint R65/R70/R77/Firewall-1, Cisco ASA

Languages: C, C++

PROFESSIONAL EXPERIENCE

Confidential, Baldwin Park, CA

Network Security Specialist

Responsibilities:

• Working on the change management process to implement firewall security policies as per the business requests.
• Review incoming changes, Schedule and implement them during window time.
• Configuring and troubleshooting perimeter security devices such as Checkpoint NGX R77 Gaia, Provider-1/MDM, Secure Platform, Palo Alto and ASA Firewalls.
• Successfully installed Palo Alto PA-3060 firewalls to protect Data Center.
• Configuration, Troubleshooting and Maintenance of Palo Alto Firewall - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
• Implement security policies using ACL’s in ASA’s & Routers
• Configuring and troubleshooting IPSEC site to site VPNs using cisco ASA 5540 firewalls.
• Push firewall rules to live production environments during maintenance windows and open bridge conference call for testers to call in to test and troubleshoot.
• Up gradation and backup configuration of Checkpoint Firewall
• Build and deployment of Cisco ASA 5550 firewalls in a failover cluster to provide perimeter security for new client services
• Troubleshooting TCP/IP connectivity issues which occurs when hosting new applications into the production network.
• Utilizing Tufin and Splunk for analyzing and/or reporting tool to remediate idle firewall polices that were leaving the network open to unnecessary vulnerabilities.
• Handled more than 500+ security devices and upgrades.
• Worked extensively on addressing the audit issues and mitigating the failed controls.
• Worked for firewall rule analysis and firewall rules cleanup.

Confidential, Cincinnati, OH

Firewall Engineer

Responsibilities:

• Troubleshooting complex Checkpoint issues, Site-to-Site VPN related.
• Performed upgrades for all IP series firewalls from R65-R75.
• Configuring Multiple Contexts Configuring Active/Active failover, redundant interface on ASA.
• Configure & Installation of Firewall & IPS.
• Basic Understanding & Implementation of AAA.
• Implement IPsec Site-to-Site VPN & SSL VPN using CISCO ASA 5500 Series.
• Complete renaming of all firewall objects and rules.
• Internal and External audits related to PCI and SOX
• Configuring and resolving various OSPF issues in an OSPF multi area environment,
• Review and optimize firewall rules using Secure Track TuFin tool and firewall audit reports
• Worked on the migration to new Checkpoint R7x firewalls from Cisco ASA firewalls.
• Worked extensively on Cisco Firewalls, Cisco ASA 5500(5510/5540) Series and PIX (506E/515E/525/).
• Automation of security operations and optimizing the usage of infrastructure.
• Involved in migrating various versions of checkpoint to Provider -1 environment for around 40 Enforcement Modules.
• Day to day activity includes Change Implementation on firewalls, log analysis and troubleshooting of network access issues.

Confidential, Richmond, VA

Network Security Administrator

Responsibilities:

• Network security monitoring: analysis & identification of incident activities & system log files.
• Review Firewall release for any possible non-compliance or vulnerability
• Assist with development of security policies, standards and procedures
• Configuration and maintenance of Checkpoint NGX R65
• Implementing and Troubleshooting of VLAN.
• Implementing & Administration of Zoning Architecture project (Imp of various zone like Server, Intra & Internet Zone)
• Configuring routing protocols OSPF, EIGRP, RIP, MPBGP, LDP and BGPV4
• Troubleshoot traffic passing managed firewalls via logs and packet captures
• Deployed 7613 as PE and CE router and Configured and troubleshoot the Edge Routers.
• Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems
• Deployed and managed the Symantec Security Information Manager & administered industry best practices in flagship security operations center (SOC). Direct organizational projects to timely completion & spearhead network security audits/modifications for clients.
• Configuration and maintenance of Checkpoint R61 and Cisco ASA firewall.
• Implemented and integrated new security solutions into existing customer network infrastructures and coordinate network security audits and changes with clients.
• Configured site-to-site & client VPNs. Identify and resolve firewall and VPN connectivity issues.
• Managed VPN Sites (Checkpoint).

Confidential

Network Engineer

Responsibilities:

• Performed network troubleshooting, technical support, and recording of backup operations.
• Coordinated with higher-level support and external vendors for resolution
• Maintained all servers & network equipment with current stable firmware, IOS images & access control lists
• Worked on network-based IT systems such as racking, stacking, and cabling.
• Built and implemented clientless SSLVPN solution
• Work with the Proxy team to ensure restricted user internet access
• Responsible for the planning, deployment & ongoing support of Cisco ACS for authentication to all network equipment
• Configuring Network Printer
• Configuration of DHCP & DNS Services.