SUMMARY

• Over 9+ years of experienced in Networking, Design, implement and maintain firewalls.
• Review information security requirements, assess security risks, and define security requirements
• Experienced in Network deployments and Network security designs.
• Monitor, identify, report, and mitigate security weaknesses
• Configured RIP and EIGRP routing protocol in a complex network environment with the following attributes: Summarizing networks, passive interfaces, load balancing / load sharing, authentication, EIGRP over NBMA.
• Configured loopback addresses on routers and switches to provide stability for dynamic routing protocols
• Proficient with IP access lists, Cisco Discovery Protocol (CDP), Static Routing, Network Address Translation (NAT), VLAN Trunking Protocol (VTP), Spanning Tree Protocol (STP), InterVLAN routing, HSRP, Policy Based Routing, etc. troubleshooting to isolate, diagnose, and correct telephony related provisioning problems
• Demonstrated knowledge of telephony systems, applications and networks
• Perform risk assessments for clients and provide the findings and recommendations
• Communicate and manage client needs and expectations in all phases of their information security solutions
• Work with internal resources to ensure proper security controls are identified, implemented and tested
• Work independently with internal and external clients regarding security requirements for existing and future business
• Develop detailed technical recommendations to solve security issues
• Enforce Information Security policies and procedures
• Troubleshoots network access problems and implements network security policies and procedures.
• Ensures network (LAN/WAN, telecommunications, and voice) security access and protects against unauthorized access, modification, or destruction).
• Experience in Identifying and evaluating implementations of specific and general security tools (Secure Works, SharePoint, IDS, ASA, etc.)
• Expertise in F5 LTM and GTM Management
• Expertise in F5 BIG - IP LTM and Cisco CSS load balancers
• Experience in Citrix Netscaler MPX, VPX load balancer
• Experience with proficiency in deploying and maintaining security environments built around Cisco, Juniper and Check Point solutions.
• Designed wire line data network
• Identified necessary network changes, validated proposed changes through testing, developed and submitted detailed work plans. Interfaces with the Data Network
• Worked for STC Data Network Operations and Support Dept.
• Extensive experience using Cisco IOS on routers/switches.
• Implement complex Check Point firewall clusters, VPN devices, IDS/IPS solutions.
• Experience in FWSM Firewalls and ASA Firewalls.
• Installed and configured FWSM ASA PIX and CISCO Firewalls
• Experience with firewalls to include McAfee Web Gateway, Sidewinder and Cisco ASA products.
• Design, implementation and trouble shooting of Sidewinder firewalls and Cisco devices.
• Experience with Aruba wireless.
• Experienced with designing, deploying and troubleshooting Sidewinder firewalls, Cisco routers\switches, Cisco VPN devices, VLAN configurations, and mitigating security findings Experience in design & development of Access Control Lists (ACL) on network devices is desired.
• Experienced trouble shooting of Check point provider - Version R62 and R65
• Production support for major firewall platforms to include Cisco ASA, Juniper SSG and ISG products, Check Point NGX implemented on Secure Platform (SPLAT) and expert-level network.
• Experience with Check Point's Smart Center management station Tipping Point Intrusion Protection System management and configuration.
• Experienced with Firewall administration such as Juniper, Check Point or Cisco
• Extensive experience with Check Point and CISCO Security Firewall Configurations and network configurations.
• Strong TCP/IP understanding. Knowledge of debugging Check Point Firewall.
• Expert experience of firewalls and firewall management platform
• Must have extensive experience with Check Point, Palo Alto and Cisco ASA firewalls.
• Experience with configuring, supporting, and troubleshooting security products including Check Point, Juniper, Cisco, IDS solutions, and others
• Maintenance of network servers such as file servers, VPN gateways, intrusion detection systems, etc.
• Assist Infrastructure team with the implementation and maintenance of Cisco network equipment, VMware Infrastructure, Confidential Blade Server farm and Confidential SANs
• Experience with common exploitation and penetration testing tools.
• Developing strategies for and techniques to penetrate and take control of network and computer assets.
• Configuring and install hardware and software required to conduct network penetration testing.
• Experience in infrastructure strategies, hardware/software, security and networking products
• Experienced in Advising management of risk vs. cost, benefits and other impacts of infrastructure solutions
• Implemented traffic filters using Standard and Extended access-lists, Distribute-Lists, and Route Maps.
• Configure Cisco VPN 3000 Concentrator to allow VPN clients
• Implement CiscoSecure Access Control Server for Tacacs+/ Radius

TECHNICAL SKILLS

Cisco Routers: (1605, 2500, 3640, 4000, 7500, 6400, 7100, 7200)

Bay Routers: (28200/5000/350/252/250 )

Switches: Cisco (Catalyst 5000, 5500, 6000, 8500)

CSU/DSU: Kentrox

Load Balancer: Link proof, F5, WSD - Radware Inc.

Firewalls/Security: Cisco Pix Firewall 520/515, Checking Point, TACASA/RADIUS, Tipping Point.

Servers: Dell Power edge (6350, 2450, 4350), Compaq (Proliant 6500, 8000, 85000, CL380), Confidential (e-200, e-800, ih-3000, ih-6000HP), Digital, IBM, Acer, Sun (E6500, E450, Ultra 10, Ultra 5), RaQ 2- Linux Box

Workstation Tools: Exceed, MS suite, Citrix clients

NETWORKING: Switches, Routers, Hubs, Servers, Cables, Racks, Firewalls, LAN, WAN, TCP/IP, DNS, UDP, Latency, VoIP, QoS, EIGRP, BGP, OSPF, NHRP, ATM, PPP, MPLS

PROFESSIONAL EXPERIENCE

Confidential, Irving, Texas

Network Engineer

Responsibilities:

• Perform risk assessments for clients and provide the findings and recommendations
• Communicate and manage client needs and expectations in all phases of their information security solutions
• Work with internal resources to ensure proper security controls are identified, implemented and tested
• Work independently with internal and external clients regarding security requirements for existing and future business
• Develop detailed technical recommendations to solve security issues
• Enforce Information Security policies and procedures
• Designed wire line data network
• Identified necessary network changes, validated proposed changes through testing, developed and submitted detailed work plans. Interfaces with the Data Network troubleshooting to isolate, diagnose, and correct telephony related provisioning problems
• Demonstrated knowledge of telephony systems, applications and networks
• Design, implement and maintain firewall systems and firewall policies.
• Review information security requirements, assess security risks, and define security requirements
• Network deployments and Network security designs.
• Monitor, identify, report, and mitigate security weaknesses
• Upgrade Aruba wireless from series WLAN controller.
• Very Good Experience with Check Point Provider - Version R70 and R75.
• Performed trouble shooting of Check point provider - Version R70 and R75.
• Production support for major firewall platforms to include Cisco ASA, Juniper SSG and ISG products, Check Point NGX implemented on Secure Platform (SPLAT) and expert-level network.
• Troubleshoots network access problems and implements network security policies and procedures.
• Ensures network (LAN/WAN, telecommunications, and voice) security access and protects against unauthorized access, modification, or destruction).
• Experience in FWSM Firewalls and ASA Firewalls.
• Installed and configured FWSM ASA PIX and CISCO Firewalls
• Configured with F5 Load balancers in Failover for Load balancing and SSL handling
• Configured F5 BiGip to provide Load Balancing for server farm.
• Experience with configuring VIPs on F5 and Citrix load balancer which include creating policies and creating redirection rules.
• Hardware migration from Citrix Netscaler NS 7000 to MPX 9500
• Involved in setting up new Citrix Netscaler SDX 15000
• Configure SSL certificate install and configure on loadbalancer.
• Hardware migration from Citrix Netscaler NS 7000 to MPX 9500
• Experienced in F5 GTM Traffic Management (GTM)
• Experience in Identifying and evaluating implementations of specific and general security tools (Secure Works, SharePoint, IDS, ASA, etc.)
• Experience working on Nexus 2k,5k,7k.
• Experience with Check Point's Smart Center management station Tipping Point Intrusion Protection System management and configuration.
• Experienced with Firewall administration such as Juniper, Check Point or Cisco
• Extensive experience with Check Point and CISCO Security Firewall Configurations and network configurations.
• Strong TCP/IP understanding. Knowledge of debugging Check Point Firewall.
• Experience with configuring, supporting, and troubleshooting security products including Check Point, Juniper, Cisco, IDS solutions, and others
• Administered F5 BIG-IP load balancer
• Installed Configured and administered McAfee Sidewinder Security Appliance and Smart Filter web content filtering software.
• Experience with firewalls to include McAfee Web Gateway, Sidewinder and Cisco ASA products.
• Design, implementation and trouble shooting of Sidewinder firewalls and Cisco devices.
• Experienced with designing, deploying and troubleshooting Sidewinder firewalls, Cisco routers\switches, Cisco VPN devices, VLAN configurations, and mitigating security findings Experience in design & development of Access Control Lists (ACL) on network devices is desired.
• Maintenance of network servers such as file servers, VPN gateways, intrusion detection systems, etc.
• Experience installing, configuring and supporting Cisco network equipment including routers, switches, WAP, etcA and networking with a solid familiarity with Microsoft Windows and Linux operating systems.
• Experience with open source network attack tools, network probe and mapping tools, network protocols, automated vulnerability scanners, and network traffic routing.
• Experience with common exploitation and penetration testing tools.
• Configuring and install hardware and software required to conduct network penetration testing.
• Experience in infrastructure strategies, hardware/software, security and networking products
• Routing Protocol (BGP4, OSPF, EIGRP, IGRP, RIP, IS-IS, NLSP), Routed Protocol (TCP/IP, IPX/SPX). Implemented QoS using FIFO, Weighted Fair Queuing, Priority Queuing, Custom Queuing, RSVP, RED, and CAR. Implemented SNMP on devices to allow for network management
• Implementation of Confidential Openview Server for network management.
• Implemented traffic filters using Standard and Extended access-lists, Distribute-Lists, and Route Maps.
• Configure Cisco VPN 3000 Concentrator to allow VPN clients

Confidential, Chicago, IL

Network Engineer/Administrator

Responsibilities:

• Experience with configuring, supporting, and troubleshooting security products including Check Point, Juniper, Cisco, IDS solutions, and others
• Installed Configured and administered McAfee Sidewinder Security Appliance and Smart Filter web content filtering software.
• Experience with firewalls to include McAfee Web Gateway, Sidewinder and Cisco ASA products.
• Configuring and install hardware and software required to conduct network penetration testing.
• Experience in infrastructure strategies, hardware/software, security and networking products
• Experienced in Advising management of options, risk vs. cost, benefits and other impacts of infrastructure solutions
• Experience in setting technical standards for network infrastructure, security baselines, policies and procedures
• Ability to access Information Security Risks, understand business needs, and apply defined information security policies and architectures in order to develop effective solutions
• In-depth knowledge of IP routing, virtual routing and forwarding(VRF) and routing protocols
• Well versed in different vendors L2/3 switch hardware architectures
• Detailed knowledge and hands-on experience of Layer 2 protocols includes Spanning Tree Protocols, VLAN Tagging(802.1Q), Link aggregation (IEEE 802.1AX)
• Hands-on experience with design and implementation of large IP networks
• Hands-on experience with design and implementation of network security infrastructure (firewalls, IPS)
• Hands-on experience in datacenter environment (LAN/WAN/security/application)
• Experience with security as a discipline, with focus on IPSec, Access Control, Firewalling, IDS/IDP
• Hands-on experience with Cisco equipment, Juniper equipment, CDN platforms; test platforms: Spirent
• Experienced in pertaining to both security software (IOS-s) and hardware in Juniper and Cisco Routers and Switches.
• Managing Network consisting of more than 100 servers with Novell Netware, Windows NT, UNIX, Winframe, AS400, Cisco Routers and more than 1500 client.
• Also provided help in Medical Billing, In-house financial applications, Lytech Coding system
• Implementation and administration of Check Point Firewalls & network Management
• Implementation and maintenance of Backup Exec 8.0 on departmental server.
• Diagnose and solve Frame relay / T1 lines, CSU/DSU and routers connectivity problems.
• Provided Security and Network performance audits periodically using Sniffer Distributed suite 3.x, Cybercop Scanner 5.x and Cybercop Monitor 1.x.
• Configuring and managing network traffic using 3COM SNMP and access list.
• Manage Cisco Router, 2900xl switches and 3Com hubs configuration for WAN and LAN interfaces.
• Implemented traffic filters using Standard and Extended access-lists, Distribute-Lists, and Route Maps.
• Configure Cisco VPN 3000 Concentrator to allow VPN clients

Confidential, Bentonville, AR

Network Administrator

Responsibilities:

• Experience in setting technical standards for network infrastructure, security baselines, policies and procedures.
• Hands-on experience with design and implementation of network security infrastructure (firewalls, IPS)
• Hands-on experience in datacenter environment (LAN/WAN/security/application)
• Experience with security as a discipline, with focus on IPSec, Access Control, Firewalling, IDS/IDP
• Hands-on experience with Cisco equipment, Juniper equipment, CDN platforms; test platforms: Spirent
• Experienced in pertaining to security software (IOS-s) and hardware in Juniper and Cisco Routers and Switches.
• Develop and document infrastructure support policies and guidelines
• Educate and mentor IT support staff as needed, including requisite training on technology and governance
• Research and stay current on Infrastructure best practices and function as a subject matter expert in this area
• Work with outsource vendor to drive sound architectures, engineering designs, and configuration templates
• Engage in complex production impacting technical issues and work to troubleshoot and restore service
• Configure, design, evaluate, and integrate information security solutions into client sites
• Experienced in Design, implement and maintain firewall systems and firewall policies
• Experienced with Check Point (CCSA/CCSE) and CISCO Security Gateways/Appliances
• Experienced with Firewall administration such as Juniper, Check Point or Cisco
• Extensive experience with Check Point and CISCO Security Firewall Configurations and network configurations.
• Strong TCP/IP understanding. Knowledge of debugging Check Point Firewall.
• Designed and Configuring the WAN infrastructure, consisting of multiple T1 and T3 lines, Cisco routers, Cisco switches, Load balancers, Dell and Sun servers.
• Optimized performance of the WAN network consisting of Cisco 4500/5500 switches by configuring VLANs.
• Experienced with Cisco catalyst switches 5xxx,4xxx, 29xx,19xx and RSM and Cisco Routers 7500,7200,4000,3600,2600,2500
• Implementation of Checkpoint Firewall 4.1 to protect and authenticate local-net and DMZ. Defined policies, NAT and anti-spoofing for internal, external networks as well as Internet gateways.
• Experience in full life cycle, including coding standards, code reviews, source control management, build processes, testing, and operations.
• Experience with Provider One or Check Point's Smart Center management station Tipping Point
• Experience with common network management protocols/tools (TACACS, NTP, SNMP, SYSLOG, etc)
• Designed and Configured Web Server Farms, to increased performance through intelligent traffic, Bandwidth management and enhanced application security using WSD.
• Configured Web Trends for Real-time web traffic analysis and ecommerce Analysis
• Enabled remote users to access corporate LAN with VPN connectivity.
• Evaluating and creating a plan to deploy Windows 2000 Advanced server in a separate domain (Active Directory Services), to be integrated into existing environment once the production environment is ready to migrate to Windows 2000 ADS model. Installed and configure BackOffice 4.5 on this server.
• Provide 24/7 support and documenting network designs, Microsoft Visio diagrams and Implementation process

Network Engineer

Confidential - Newark, New Jersey

Responsibilities:

• Working with Network Design and implementation teams on various projects across related to Brach, Campus and Data Center.
• Implemented and maintained various WAN equipment such as Cisco 2800, 3800 and 7200 routers, ASR 1006.
• Experience working with Cisco 3750, 4948, 2811, 2600, 7200, 6500, series switches. Designing and deployment of Partner IPSEC VPN tunnels.
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4.
• Used network simulation software such as IxNetwork, and test case automation software, such as Ixia and Spirent, network analysis like Scapy and Wireshark
• Development of Perl scripts for tools and process automation.
• Designing, coding, and testing of software in Perl, including back-end and front-end (UI) code.
• Deploying and commission of core ASR 1K, Nexus 7K, 5K and its downstream devices.
• Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
• Experience in working with Python ORM (Object Relational Mapping) code Library including Django, SqlAlchemy ORM to switch an application between various relational
• Design, installation and configuration of JSC, TDWC and Tivoli Workload Scheduler on Solaris, Linux and Windows servers/clients.
• Configured CIDR IP RIP, PPP, BGP, MPLS and OSPF routing.
• Performing the ACL requests change for various clients by collecting source and destination information from them. Performed Break Fix support through driving to different buildings, identifying the root cause of the hardware issues with switches, routers.
• Design, implementation and operational support of routing/switching protocols in complex environments including BGP, OSPF, EIGRP, Spanning Tree, 802.1q, etc.
• Performing troubleshooting on slow network connectivity issues, routing issues that involves OSPF, BGP and identifying the root cause of the issues.
• Upgraded load balancers from Radware to F5 BigIP v9 which improved functionality and scalability in the enterprise.
• Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs
• Configuring various advanced features (Profiles, monitors, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital Certificates,
• Build and maintain SQL scripts, indexes, and complex queries for data analysis and extraction.
• Perform quality assurance and testing of SQL server environment.
• Executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
• Built database Model, Views and API's using Python for interactive web based solutions.
• Configured layer 2 and layer 3 switching and routing protocols such as MPLS VPN, OSPF, BGP, MP-BGP, MPLS, onJuniper4200, MX960 andCisco2800, 2500 and 3700'sroutersfor AboveNet's Metro Ethernet IP product suite.
• Configuring all the end ports as access ports using port fast and implementing BPDU guard.
• Installed and configured VPN IPSec for remote users using Cisco VPN Client and Cisco Secure ACS.
• Experienced with MPLS over VPN to provide best service to customers.

Confidential, South Portland, ME

Network Associate

Responsibilities:

• Involved in configuring Cisco routers and switch administration, familiar with enterprise level Cisco Routers such as 7200 series, 3800 series, 3700 series, 2800series, and Cisco catalyst series switches like 6500, 3750, and 4500.
• Configuring and troubleshooting of routing protocols such as OSPF and BGP for effective communication.
• Installing & configuring firewalls like Checkpoint NG & NGX.
• Implement VLAN’s and access lists (ACL) and troubleshoot IP addressing issues and Update IOS images and other hardware installations.
• Experience in troubleshooting VLAN, STP (Spanning tree protocol), & Switch Trunk and IP subnet issues.
• Dealt with F5’s load balancing products in managing the key role issues.
• Dealt with NAT configuration and troubleshooting issues related access lists and DNS/DHCP issues within the LAN network.
• Managing and configuring Cisco Switches and Firewalls independently.
• Coordinated with senior engineers with BGP/OSPF routing policies and designs, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Provisioning and troubleshooting Ethernet services, Gigabit networks and Connectivity issues with WAN types (Frame relay).
• Installing and configuring the VPN’s for the clients (site to site) using IPSec and GRE.
• Monitoring Network infrastructure using SNMP tools like Confidential Open view.
• Involved in Configuration of Access lists (ACL) for the proper network routing for the B2B network connectivity.
• Worked with customers in troubleshooting issues related to connectivity, STP, VLANs, Inter-VLAN routing, VTP, Ether channels, Layer 2/3 switching, log messages.
• Possess excellent verbal and written communication skills and experience developing and maintaining technical procedure and documentation.
• Dealt with redundant pair issues during the deployment of 6800 LTM Box
• Deployed the iRules using TCL for the Enterprise Intranet work for the VLAN based applications and their load balancing between datacenters.
• Involved in iRules management like loading rules, writing iRules syntax using TCL language and iRule extension to TCL
• Worked on configuring /modifying load balancing options and features to include OneConnect, Persistence, SSL offload functions, HTTP profiles, etc. Virtual servers, POOLs, TCP profiles, updating and renewing SSL certificates with SAN certs as required and applying standard iRules as needed.
• Worked on LTM Inbound SNAT configurations and outbound NAT server to IP mapping.
• Worked on building Global Traffic Manager and Iquery functionality between LTM and GTM for a HA design.
• Dealt with F5 GTM solutions, including WideIP and Pool Load Balancing Methods, probers and monitors to ensure that the day-to-day Security Operations runs smooth.
• Created several iApps on APM for Citrix and VMWare proxy.
• Implemented and supported SSL VPN network tunnels on F5 APMs.
• Implemented and supported security policies in ASM for securing LTM VIPs.
• Change management and 3rd level Incident management being the primary responsibility, participated directly as well as take escalations from the team members.
• Measured the application performances across the MPLS cloud through various routing and switching methods.