SUMMARY

• 6+ years of experience in Networking and Security, widely in Network Security Products and Firewalls (Checkpoint, Palo Alto and Cisco ASA)
• Experienced in handling and installing Palo Alto Firewalls.
• Strong hands on and exposure to Checkpoint & Palo Alto on a regular basis.
• Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point R65, R70 & R77, Palo Alto and Cisco ASA
• Configure all Palo Alto Networks Firewall models (PA - 2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments.
• Knowledge on Juniper Net Screen Firewalls like, NS50, SSG 550M, SSG520M, ISG 1000, ISG 200 and Cisco PIX 535, 520, 515, ASA -5500 and 5505
• Knowledge in IPsec, Juniper SA Remote Access VPN and Juniper SA SSL VPN in a dual-factor integration
• Configuring site to site and clients to site VPN tunnels through multiple Cisco VPN concentrators and Checkpoint firewalls, and maintaining access policies for remote users
• Experience insecuritysolutions with products from Cisco (routers, switches, ACS); Juniper (Firewall); Palo Alto Networks(PanOS); NetApp (SAN &Snap Manager); Symantec (SEP & SEPM); McAfee (all products); Web Sense
• Experienced in installation and administration of Avaya S8xxx series Media Servers, Media Gateways, Avaya AES, Avaya CCE and Interaction Center for Email, Chat, SMS and CTI, Avaya Modular
• Knowledge of Avaya IR server, Voice Portal and VXML based IVR application for self-serve options and CRM integration for Computer Telephony (CTI).
• Configuration and maintenance of Checkpoint NGX R61, R65, R70, R75
• Knowledge in Juniper M Series & Juniper MX Series
• Worked on Network & Security Manager (NSM), Juniper Space and, STRM, Juniper UAC, Juniper Pulse
• Configuring, Administering and troubleshooting the Checkpoint and ASA firewall.
• Monitoring and troubleshooting traffic through Smart View Tracker.
• Advance knowledge of routing and switching protocols to include security policy setup, threat protection (IDS/IPS)
• Experience in F5 Load Balancing
• Configured IP addresses and subnet masks of workstations.
• Responsible for the network equipment maintenance and deployed upgrades to customer’s LANs, WANs and wireless networks.
• Knowledge of Intrusion Detection, DMZ, encryption, IPsec, proxy services, Site to Site VPN tunnels, MPLS/VPN, SSL/VPN.
• Providing support and troubleshooting the network Problem for the client.

TECHNICAL SKILLS

Hardware: SSL, CDP, Cisco routers & switches, 3COM Routers & switches, Barracuda, HP, Compaq

Firewall: Palo Alto PA-500, PA-2k, PA-3k & PA-5k series, Checkpoint NGX R65/R70/R75/R77 & Cisco ASA

Monitoring: Cisco Works 2000, Wire Shark, IDS/IPS

Operating Systems: Windows XP, Vista, Windows 7 & 8, UNIX, SPLAT

PROFESSIONAL EXPERIENCE

Confidential, Mount Laurel, NJ

Firewall Engineer

Responsibilities:

• Responsible for setting up the infrastructure environment with majority of Cisco & Palo Alto appliances apart from various other equipment.
• Provides design, installation, configuration, maintenance and administration of Checkpoint Firewall R71 up to R77 version.
• Configuration and administration of firewalls, which includes Checkpoint, Juniper, and Cisco ASA firewalls.
• Extensive experience architecting security solutions with multi-vendor IDS/IPS/Firewalls, UTM, SIM/SIEM, Virtualization Security & Monitoring solutions
• Researched, designed, and replaced aging Checkpoint firewall architecture with new next generation Palo Alto appliances, serving as firewalls and URL and application inspection.
• Implementation configuration and troubleshooting of Checkpoint Firewall R 77.
• Configuring VPN, clustering and ISP redundancy in Checkpoint firewall.
• Verify Firewall status with Checkpoint Monitor.
• Managing and administering Juniper SRX and Checkpoint Firewalls at various zones including DMZ, Extranet (Various Business Partners) and ASZ and internal.
• Monitor Checkpoint Tracker system logs daily for failures.
• Successfully installed Palo Alto PA-3060 firewalls to protects Data Center.
• Implemented Positive Enforcement Model with the help of Palo Alto Networks.
• Exposure to wild fire feature of Palo Alto.
• Worked with F5 Load balancing, IDS/IPS, Bluecoat proxy servers and Administrating.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Firewall Policy administration and work with user requests submitted by users.

Confidential, NYC, NY

Firewall Engineer

Responsibilities:

• Experience with converting Palo Alto VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Hands on experience and good working knowledge with Palo Alto Firewall policy provisioning.
• Configure network hardware (Cisco routers, switches, VPN gateways, firewall, IDS/IPS, etc), software, and links (IP VPN, Internet, etc.)
• Evaluated and recommended variousSIEMtools with their product overview, capabilities and business benefits.
• Configured Routing protocols such as RIP, OSPF, EIGRP, static routing and policy based routing.
• Configuring failover for redundancy purposes for the security devices. Implemented the stateful & serial failover for PIX/ASA firewalls, Palo Alto Clustering and load balancing features.
• Using Smart Update, User Management and Authentication in Palo Alto Firewall.
• Worked on configuring, managing and supporting Palo Alto Gateways.
• Regularly performed firewall audits around Palo Alto Firewall-1 solutions.
• Checking the connection establishment status, also the failover status and the VPN Phase 1 and Phase 2 issues.
• Configuration of F5's Big IP for Application Load Balancing.
• Installed and configured IDS/IPS.
• Experience in migration of VLANS.

Confidential, Dallas, TX

Network Engineer/Firewall Admin

Responsibilities:

• Administration and support of Checkpoint and for Client at data center.
• Firewall Policy provisioning and work with firewall requests submitted by users through Remedy system.
• Responsible for Checkpoint Firewall support and Troubleshooting, IOS Security Configurations, IPsec VPN Implementation and Troubleshooting, DMZ Implementation and Troubleshooting.
• Support FWSM Firewall Blade Module on 6513 Switches
• Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution
• Build Site to Site IPsec VPN tunnels between data center and various client locations in US with strong focus on data encryption.
• Analyze, troubleshoot, and remediate issues with theSIEM, frequently working with the support teams
• Provided day-to-day support to manage call center environment through Avaya PBX programming, Avaya telephone system, Avaya Voice Portal applications, and custom reporting on CMS, Modular Messaging with MSS, Avaya AES and Avaya IC for email, chat, SMS and CTI, Trunk management and Firmware upgrade on PBX
• Day-to-day maintenance and support for Avaya Call Center programming, Interactive Voice Response, CMS and Modular Messaging, Avaya AES and CCE for CTI, Avaya SES for SIP based Cisco phones, Trunk management and Firmware upgrade.
• Implementing Security Solutions in Juniper SRX and NetScreen SSG firewalls by using NSM.
• Juniper Firewall Policy management using NSM and Screen OS CLI.
• Daily technical hands on experience in the configuration, troubleshooting of Juniper SRX firewalls as well as experience working directly with customer in a service/support environment.
• Troubleshooting Firewall Connectivity related issues using Smart view tracker on Checkpoint, NSM Log viewer for Juniper Firewalls.
• Creating and provisioning Juniper SRX firewall policies.
• Setup Active/Standby High Availability for stateful failover and replication as well as ZERO DOWN TIME maintenance. Backup and Recovery of Firewall IOS as well as Configurations.
• Configure Cluster XL on Checkpoint security gateway. Verify state/connection table sync between gateways. Configure and support Nokia VRRP Cluster based HA of Checkpoint firewalls.
• Backup and restore of checkpoint Firewall policies as well as security gateway configurations.
• Bluecoat proxy administration for URL filtering and client policy provisioning.
• VLan design and implementation, Spanning Tree Implementation and support using PVST, R-PVST and MST to avoid loops in the network. Trunking and port channels creation.
• Key functions include Configuring and maintaining services, Access control lists, System Access, Authentication, and Authorization, Key Security tools installed, Auditing and reporting by Log reviews.
• Monitor the firewall security logs for the critical alerts or intrusions and fix the security holes in the network.
• Troubleshooting T1 Lines as well as bonded T1 lines for 3rd party Connections to the data center.
• Deployed Syslog servers to allow proactive network monitoring.
• Implemented VLANS between different departments and connected them using trunk by keeping one Vlan under server mode and rest falling under client modes.
• Configured Firewall logging, DMZs and related security policies and monitoring.
• Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.