SUMMARY

• Cisco Certified Network Associate (CCNA) with around 5 years of experience in the areas of Routing, Switching and Network Security.
• Ample exposure to Network troubleshooting, maintaining Network devices, implementing and executing Network Projects under ITIL Standards.
• Good experience with configuring and troubleshooting various Cisco, Palo Alto, Checkpoint Firewalls and various security products.
• Worked in a Check Point Provider - 1/MDS environment with multiple CMA’s for Policy Provisioning.
• Experience working on Check Point Security gateways such as Check Point 12K, 13K, UTM Series as well as IP Appliances & SPLAT
• Operating Systems include R77.30, R77.10, R76, R75.47, R75.40, R75, R80, R80.10 and IPSO 4.x, 6.x.
• Firewall Policy Provisioning including creating objects, groups (network/services), and updating access-lists on Check Point gateways as well as apply static, hide NAT.
• Experience in setting up Check Point Virtualization using VSX, Cisco ASA Multiple Context.
• Proficient in CISCO IOS for configuration and troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS.
• Experience in Configuring and implementing F5 BIG-IP, LTM, GTM load balancers to maintain global and local traffic.
• Experience in L1/L2 troubleshooting Routing in complex environments. Worked on upgrading Edge routers, failing over ISP circuits for maintenance.
• Experience in Planning, Designing, Installing and Configuring of Cisco Routers (ASR 1000, 7600, 7200, 3900, 2900, 2800) & Cisco L2 & L3 Switches (Nexus 7000, 5000, 2000&IOS 6500, 4500, 3750 series).
• Expertise in installing, configuring and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 series).
• Expertise in installing, configuring and troubleshooting Juniper Routers (E, J, M and T-series).
• Proficient using the F5 based profiles, monitors, VIP’s, pools, SNAT, SSL offload, iRules, virtual servers, iAPPs.
• Experience deploying BIG-IP F5 LTM Load Balancers for load balancing and traffic management of business application.
• Extensive knowledge of deploying and troubleshooting TCP/IP, implementing IPv6, Transition from IPv4 to IPv6, Multilayer Switching, Multicasting protocols, UDP, Fast Ethernet, Gigabit Ethernet, Voice/Data Integration techniques.
• Configured F5 LTM, series 5000 series for the corporate applications and high availability. Implemented LTM and GTM in DMZ and Internal network.
• Experience working with Aruba and Cisco Wireless LAN controllers, Configuring and Provisioning AP's, Virtual AP's, RTLS, Wireless SSID's, remote and campus AP's, upgrading WLC, worked in Active/Active local Controllers and Master controller
• VPN technologies including both Site to Site & Remote Access including SSL VPN technologies like ANY CONNECT and GLOBALPROTECT on PAN devices.
• Experience in managing ASA/FirePOWER and FWSM using CLI, Cisco Adaptive Security Device Manager (ASDM), Cisco Security Manager (CSM), Firepower management center (FMC).
• Advanced troubleshooting experience and packet capture experience on gateways.
• Good experience with Firewall rule base Audit and Cleanup using Tools such as Tufin and FireMon and Vulnerability assessment using tools such as TippingPoint, Nessus and Qualys, and implementation of Security Policies.
• Have Experience in Data Center relocations and in place upgrades and migrations.
• Experience in various Network Monitoring, Packet Sniffing tools, Palo Alto firewall policies, panorama, Checkpoint firewalls NG, NGX.
• Proficient in troubleshooting network traffic and its diagnosis using tools like ping, trace route, Gigaton, Wireshark, TCP dump and Linux operating system servers.
• Experience working with multiple projects simultaneously.
• Experience creating Network documentation using MS VISIO.
• Ability to learn new technologies, flexible, adaptable and capable of working as an individual or in a group.

TECHNICAL SKILLS

CISCO ROUTERS: CISCO 1800, 2500, 2600, 3600, 3800, 7200, ASR 1000, 7600, 7200, 3900, 2900, 2800), Juniper Routers (E, J, M and T-series).

CISCO SWITCHES: CISCO 2960, 3500, 3750, 3850, 4500, 6500 and NEXUS 2k, 5k, 7k and Juniper EX Switches

ROUTING PROTOCOLS: RIP, OSPF, EIGRP, BGP, IS-IS, MPLS, Route Filtering, Redistribution, Static Routing.

SWITCHING TECHNOLOGIES: LAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing, Multi-Layer Switch, Multicast operations, Layer 3 Switches, Ether Channels

WAN TECHNOLOGIES: Frame Relay, ISDN, Fiber Optic Circuits, PPP, MPLS.

LAN TECHNOLOGIES: Ethernet Standards, VLAN, Inter-VLAN, VTP, STP, RSTP, SMTP, Ether Channel, Port Fast.

LOAD BALANCERS: F5 Networks (BIG-IP), CISCO CSM.

SECURITY/FIREWALL: IPSec, CISCO (ASA, PIX), SSL-VPN, PALO ALTO(5K,3K,2K), CHECKPOINT

APPLICATION LAYER PROTOCOLS: SNMP, Telnet, SSH, DHCP, DNS, ARP, HTTP, FTP, TFTP.

OPERATING SYSTEMS: Windows (98, ME, 2000, XP, VISTA, Windows 7, 8, 10), LINUX/UNIX

NETWORK MANAGEMENT: Wireshark, SNMP, CISCO Works, TCP DUMP, PUTTY, VM WARE, MS OFFICE

PROFESSIONAL EXPERIENCE

Confidential, CHARLOTTE, NC

NETWORK SECURITY ENGINEER

RESPONSIBILITIES:

• Installation and configuration of Cisco ASA Firewalls including X series 5585X running 9.8 IOS.
• Installation and configuration of Cisco Meraki devices including MX 220, MX 84, MX 80, MX 64, MR52
• Configure High Availability using Active/Standby mode with stateful replication and Configure Active-Active failover in Multiple Context Mode ASA.
• Experience working with both Pre-8.3 and Post 8.3 NAT and objects and inspection policies.
• Implementation experience on IPsec Site to site and Remote access VPN (ANYCONNECT) on ASA.
• Build Site to Site VPN with 3rd party and ensure proper NAT and Access list is in place.
• Troubleshooting Phase 1 and Phase 2 issues on the B2B VPN Tunnels between various business partners.
• Troubleshoot VPN Connectivity related issues on different firewall vendors related to encryption, crypto ACL, NAT and routing.
• Maintain, update and tune IPS signatures through Cisco Security Manager.
• Firewall Policy provisioning on PAN devices using PANORAMA MGMT platform.
• Configuring App-ID, Content-ID and User-ID on Palo Alto Firewall.
• Configuring Palo Alto Firewalls with multiple zones based on traffic segregation requirements and Configuring App-ID, Content-ID and User -ID on Palo Alto Firewalls.
• ASA firewall upgrades and migration from one platform to another.
• Perform Upgrade of PAN OS on Palo Alto Firewalls.
• Security Policy configuration and Policy administration on Palo Alto firewalls.
• Implementation and configuration of Cisco L3 switches 3750, 4500, 6500 in multi VLAN environment with the use of inter-VLAN routing, dot1Q trunk, ether channel.
• Installation of new firewalls as well as perform in place upgrades. Hardening the Fortinet and Check Point firewalls before moving them to Production.
• Performing troubleshooting on slow network connectivity issues, routing issues that involves OSPF, BGP and identifying the root cause of the issues.
• Experience working with Fortinet Firewall series FortiGate 3800, 3700, 3200, 3100,2500 & 2000.
• Firewall Policy Provisioning and troubleshooting firewall connectivity related issues using Fortinet Forti Manager.
• Implementing the Policy Rules, DMZ and Multiple VDOM’s for Multiple Clients of the state on the FortiGate Firewall.
• Design, Implementation and support of Check Point Security Gateways and manage them through Provider-1/MDS.
• Experience working with Check Point Gaia R80.10, R77.30, R77.10, R76, R75.47 and R75.40.
• Configure and troubleshoot Check Point software blades such as URL Filtering, IPS, Identity Awareness and AMP Services (Anti Malware Protection).
• Troubleshooted and worked with Security issues related to CISCO ASA/PIX, IDS/IPS and Juniper Firewalls.
• Perform Security gateway and Smart Centre upgrades and ensure the Smart centre has the highest package (follow Check Point recommendation).
• Configuring and tweaking CoreXL, SecureXL and Check Point IPS Blades for false positives and Alerts.
• Experience in a Check Point VSX environment with Virtual firewalls including Virtual System Load Sharing.
• Setup Active/Standby High Availability for stateful failover and replication as well as ZERO DOWN TIME maintenance. Backup and Recovery of Firewall IOS as well as Configurations.
• Export Firewall configurations including objects and policies using Check Point web visualization tool.
• Day to Day operational support for user requests being submitted through Service Manager ticketing system.

Confidential - SAN ANTONIO, TX

NETWORK ENGINEER

RESPONSIBILITIES:

• Configuring and troubleshooting of CISCO 2800, 2900, 3900, 7200, 7600 series routers.
• Deploying and decommissioning CISCO switches and their respective software upgrades.
• In-depth expertise in the implementation of analysis, optimization, troubleshooting and documentation of LAN/WAN networking systems.
• Assist the certification team and perform configuration of LAN/WAN technologies such as Ethernet, Fast Ethernet, Gigabit Ethernet (1, 10 and 40).
• Worked on CISCO Layer 2 switches (spanning tree, VLAN).
• Configure the CISCO CRS-1 routing System, back out of configuration changes and restore older versions of a configuration.
• Configured various routing protocols such as RIP, OSPF, EIGRP, BGP static routing.
• Worked on BGP attributes, Local Preference, cut over to redundant ISP during maintenance.
• Planning and configuring the routing protocols such as OSPF (area types, LSA types, neighbour ship issues), RIP and static routing on the routers.
• Deploying and decommission of VLANs and core NEXUS 7000 and its downstream devices.
• Maintained complex LAN/WAN networks with several VLANs and provided support for routing protocols and provided secure sessions over internet using IPSec and SSL encryption.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• To secure configuration of load balancing in F5, SSL/VPN connections.
• Worked on configuring objects such as F5 Load balancer pools, members, SSL profiles for LTM on F5 load balancers.
• Managed the F5 BIG-IP LTM/GTM appliances to include writing iRules, SSL Offload and everyday tasks of creating WIP and VIPs.
• Performing troubleshooting on slow network connectivity issues, routing issues that involves OSPF, BGP and identifying the root cause of the issues.
• Dealt with the Aruba wireless access points, WLC. Worked on 802.11a, b, g, n protocols. Worked on upgrading the controllers. Configured various authentication methods and RF properties for the SSID’s and AP groups. Experience with RTLS.
• Building the VPN tunnel and VPN encryption.
• VLAN design and implementation, Spanning Tree Implementation and support using PVST, R-PVST and MST to avoid loops in the network. Trunking and port channels creation.
• Installation and configuration of CISCO VPN hardware, software client and ASA firewall. Experience with GRE, IPSEC, NAT, PAT, ACL.
• Knowledge of Juniper environment including SRX/Junos space.
• Configured and set up of Juniper SRX firewalls for policy management and Juniper SSL VPN’s.
• Design and implement DMZ for FTP, Web and Mail Servers with CISCO PIX 506, PIX 515.

Confidential

NETWORK ENGINEER

RESPONSIBILITIES:

• Designed secure data architectures for remote monitoring health sensor network.
• Engineered innovative framework that will secure data in process, in motion and at rest.
• Designed algorithms, cryptographic models and requirements for a secure sensor network.
• Researched mobile systems/pervasive computing on the data passage for sensor networks.
• Gathered security requirements for efficient cloud data storage.
• Performing troubleshooting on slow network connectivity issues, routing issues involves OSPF, BGP and identifying the root cause of issues.
• Worked on Aruba Wireless LAN implementation for 11n Infrastructure across the corporate network.
• Design, implementation and operational support of routing/ switching protocols in complex environments including BGP, OSPF, EIGRP, spanning tree, 802.1q.
• Configure Corporate, Wireless and Lab Devices which includes Bandwidth Upgrade, Adding new Devices, Decom the Devices.
• Primary point of contact for all Security IAPP (Internal Assessment Processes and Procedure).
• Experience with CISCO Works LAN Management Solution.
• Tested intrusion prevented capabilities of web filtering and VPN.
• Designed test plans on various routing, switching, IP networks and MPLS.
• Expanded LAN to accommodate 200 plus users. Coordinated installation and repair work. Diagnosed and corrected clients network related issues.
• Responsible for viewing all new and existing applications, servers, projects and databases in need of system upgrades, service packs, security releases.
• Implementation of network which includes configuration of routing protocols, Leased lines, ISDN lines, VLANs, IOS installations.
• Troubleshoot the Network issues onsite and remotely depending on the severity of the issues.
• Deploying and decommissioning the VLANs on core ASR 9k, Nexus 7K, 5k and its downstream devices.
• Performing the ACL requests changes for various clients by collecting source and destination information from them.
• Performed OSPF, BGP, DHCP Profile, HSRP, IPv6, Bundle Ethernet implementation on ASR 9K redundant pair.
• Experience in creating MOPS (Method of procedures) and got approved from peers for performing configuration changes.