SUMMARY

• Dynamic and versatile Network Security Administrator/Engineer with outstanding knowledge, skills and expertise, dedicated and committed to providing excellent interconnectivity and networking services, network security and solving networking problems.
• Experienced network security engineer with proficiency in installing, upgrading, troubleshooting, configuring, and supporting variety of Network & Security Devices.
• Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Palo Alto and Checkpoint.
• Configure all Palo Alto Networks Firewall models (PA - 2k, PA-3k, PA-5k, PA-6k) as well as a centralized management system (Panorama) to manage large scale Firewall deployments.
• In-depth knowledge of network security architecture and protocols, security vulnerabilities, network security, and application security.
• Experience in adding Rules and Monitoring Checkpoint Firewall traffic through Smart Dashboard and Smart View Tracker applications
• Hands on experience in Implementation, Troubleshooting &configuring for Checkpoint R77. 40 with GAiA and SPLAT
• Using Smart Update, User Management and Authentication in Checkpoint Firewall.
• MaintainedBluecoatproxy manager.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Implemented application based policy and URL filtering, Threat prevention, Data filtering policies (Palo Alto, Juniper) with Multiple gateways in cluster for granting access to the business vendors.Good knowledge in SDN (Software defined networking)
• Good knowledge in Network function virtualization.
• Knowledge & experience in network protocols & packet analysis.
• Developed scripts on Linux and Windows.
• Experienced with Cloud based protocols S3, REST.
• Experienced with wide range of Linux and Windows File system.
• Knowledge on CPU and GPU based HPC's.
• Experienced in optimizing network performance using techniques such as caching, compression, acceleration.
• Experience with Quality of Service (QoS) and multicast video delivery.
• Familiar with Arcsight, Splunk, Netcool, DDOS Mitigation.
• Advanced knowledge in TCP/IP suite and routing protocols, such as OSPF, BGP, & EIGRP, ISIS
• MPLS, IPsec VPN design connection & protocols, IPsec tunnel configuration, encryption and integrity protocols.
• Experience in configuration and deployment of network security devices, including Firewalls, Intrusion Detection Systems, Network Intrusion Detection Sikhole/Honeypots, VPN, and Identity Gateways.
• Excellent troubleshooting skills; tenaciously committed to the thorough resolution of technical issues.
• Exceptional ability to grasp and master new technologies quickly and easily.

TECHNICAL SKILLS

Firewalls: Checkpoint, Palo Alto 3060,5060

Network Security: ACL, IPsec, VPN, Port-security, RSA, AAA and IPS/IDS

Router Platforms: Juniper M320, T640, SRX series.

Switches Platforms: Nexus 6K,5K and 2K series Juniper EX.

Load Balancer: BIG-IP F5, ACE 4710, Brocade.

Routing Protocols: EIGRP, OSPF, BGP, PBR, IS-IS.

ACS management: RADIUS, TACACS+, and Digital Signatures.

Network Management: Network Troubleshooting, SSH, SNMP, ICMP.

WAN: Frame Relay, ISDN, PPP, ATM, MPLS, SSL.

LAN: Faster Ethernet, Gigabit Ethernet.

Servers: FTP, DHCP, DNS, HTTP, Syslog, TFTP, NTP.

Virtualization: Wire shark, Solar Winds and NMAP.

PAN: OS, IOS, JUNOS, NX-OS

PROFESSIONAL EXPERIENCE

Confidential, Atlanta, Georgia

Firewall Security Engineer

Responsibilities:

• Configured, Installed and upgraded Palo Alto and Checkpoint Firewalls for managed client which included network/resource access, software, or hardware problems.
• Daily responsibilities included design, implementation, support and administration of multiplesecurityproducts like, SourceFire, and ISS Realsecure.
• Primary responsibility for the Core Security of the Network. Managing the entire Network Security Products deployed in the network such as Checkpoint (GAIA R 75.40/77.20 )
• Assisted in development of various security policies for Palo Alto Firewall, Checkpoint firewall, also assisted in installation, configuration, administration, monitoring, upgrading and downgrading of OS.
• Researched, designed, and replaced aging Checkpoint Firewall architecture with new next generation Palo Alto appliances serving as Firewalls and URL and application inspection
• Implemented changes on PA 2000/PA 4000/PA 5000/PA 6000, templates, object creation, planning, configuration changes, OS upgrades, CLI troubleshooting, and auditing all firewalls with Panaroma.
• Integrated Panaroma with Palo Alto firewalls, for managing multiple Palo Alto firewalls with single tool.
• Configured SNMP on Palo Alto firewalls 3060, 5060, 7050 for receiving incident alerts and notification and wrote SSL decryption policies for decryption of traffic to provide Anti-virus, Malware protection.
• Installation and deployment of data networks and troubleshooting to resolve any technical issues.
• Executed changes on various firewalls proxies and scripts over entire network infrastructure using Service Now ticketing tool.
• Worked in a team for migrating from Researched, designed, and replaced aging Checkpoint firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection ASA firewall to Palo Alto firewall to update infrastructure.
• Experience in Malware Detection and prevention using firewall & Fireeye Nx 7400.
• Hands on experience on TCP/IP suite and routing protocols, such as IP, IPv6, QoS, IGMP, TCP, UDP, ARP, NAT, DHCP, DNS, OSPF, BGP, & EIGRP, ISIS, MPLS, IGMP, IPsec VPN design connection & protocols, IPsec tunnel configuration, encryption and integrity protocols.
• Advanced knowledge in Design, Installation & configuration of Palo Alto & Checkpoint Provider Environment.
• Troubleshooting the VPN tunnels by analyzing the debug logs and packet captures.
• Configuring failover for redundancy purposes for the security devices. Implemented the stateful & serial failover for PIX/ASA firewalls, Clustering and load balancing features.
• Configuring and troubleshooting remote access and site to site-in ASA Firewalls.
• Experienced with Multimedia over Coax (MoCA)
• Primary responsibility is to design and deploy various network security & High Availability products like Checkpoint Secure Platform, JUNOS, and other security products
• Responsible to provide network connectivity as and when new location comes in to the network
• Done Technical documentation and Visio diagrams for all the above technologies for peer training and review.

Confidential, Chicago, Illinois

Jr. Network Security Engineer

Responsibilities:

• Configuration, Troubleshooting and Maintenance of Checkpoint Firewalls (20 firewalls) - IP395 and IP560.
• GRE Tunnel Configurations, VRF configuration and support on the routers.
• Experience on Checkpoint firewalls with R65, R70, R75, and R76 version IPSO 6.2 OS.
• Knowledge on Checkpoint- management and logging server R75, R77 Gaia OS
• Responsible for using cutting edge solutions for Data Loss Prevention DLP from RSA.
• Providing network security with ACL’s, CRYPTO, AES, DES, MTU, and VPN tunneling with phase1 ISAKMP, phase2 IPSEC,
• Managed ACL on both standard and extended modes and using variance for unequal cost path.
• Troubleshooting issues related to VLAN, VLAN- Trunking.
• Configure, verify & troubleshoot IPv4 and IPv6 static routing, STP related optional features, Port Fast, BPDU guard.
• Design and implementation of MPLS VPN, QoS for the architecture.
• Implementing traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using OSPF and BGP.
• Designed QoS policies for critical applications based on business requirements and traffic patterns.
• Hands-on WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP, OSPF, EIGRP), and IP addressing.
• Configuring and implementing F5 BIG-IP load balancers to maintain global and local traffic.
• Involved in the Redistribution into OSPF on the core ASA firewall.
• Configuration of policies, objects and applying NAT & Web Filtering on firewalls like Checkpoint, Palo Alto 3060, 5060 .
• Performed Network Security Assessment and implemented security improvements such as network filtering using Palo Alto URL filtering, Zone filtering etc.
• Maintained secure connection using SSH and making authentication MD5, Plain text in routing protocols like EIGRP, OSPF, RIP, HSRP, VRRP, GLBP
• Monitoring the connections using the management tools SNMP, Palo Alto Panorama and packet capture using wire shark.
• Used internal network monitoring tools to ensure network connectivity and Protocol analysis tools to assess the network issues causing service disruption.
• Configured site to site VPN technologies using IPSEC by providing IKEv1 and IKEv2 keys for secure connection.
• Designed stacking on switches and successfully done with VSS and port channel too.

Confidential

Network Engineer

Responsibilities:

• Acted as the Network Lead in designing the scope of projects, budgets and duration
• Performed daily vulnerability testing log filtering and load balancing
• Managed a team of ten security analysts who provide a security event analysis roll, level-one network security engineering support, and a switchboard function for the SOC
• Managed user accounts, groups, print queues and controlling access rights using Active Directory.
• Installed, configured, performed troubleshooting and deployed SP1 for Windows 2003 Servers.
• Performed day-to-day administration functions, backup & restoration, file server maintenance.
• Configured F5 BigIP to provide Load Balancing for server farm.
• Generate monthly report on the RSA authentication Server for the security team
• Performed support by identifying the root cause of the hardware issues with switches, routers.
• Create new user on ACS/RSA Server
• Troubleshoot VPN Issues
• Create VLANs and port channel

Confidential

Network Engineer

Responsibilities:

• Worked extensively with Client teams to find out requirements for their Network Requirements.
• Solely responsible for all IT decision making, support and administration at a site of more than 200 ‘demanding users’ in a fast paced architectural and engineering environment.
• Deploying the network infrastructure to meet the requirements.
• Created VLAN and Inter-Vlan routing with Multilayer Switching.
• Experience in gradation and substitution of system segments like NIC cards, show cards, RAM, console, mouse and different peripherals/gadgets.
• Empowered the team to be capable in providing level-one support for the Network Security Engineering team by providing formal hands-on training and by implementing step-by-step procedures
• Monitor performance of network and servers to identify potential problems and bottleneck.
• Performed administrative support for RIP, OSPF routing protocol.
• Administered and supported local/LAN printers, LAN IDs in Novell
• Administered/provided troubleshooting for Lotus Notes and MS Outlook.
• Provided technical support on hardware and software related issues to remote production sites.
• Responsible for LAN and internet connection file and print server.
• Support design and planning of Juniper MX, SRX, and EX network products and associated solutions within the Customer infrastructure.
• Maintained and installed new internet connections for customers.
• Handled installation of Windows NT Server and Windows NT Workstations.
• Handled Tech Support as it relates to LAN & WAN systems.