| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
phone number: PHONE NUMBER AVAILABLE(h) PHONE NUMBER AVAILABLE (cell)
email: EMAIL AVAILABLE
Objective
Seeking a position in the field of Information Security, to utilize and advance in technical knowledge, training, and work experiences that includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to remain accessible and productive to its intended users.
Professional Summary
10 years+ working knowledge in the information security field.
Firewall technologies including general configuration, Creating objects, rules & policies on Checkpoint s VPN-1 FW-1 NGX R65, R70 & R75 Provider-1/Site Manager-1 R65, R70.30 & R75.40 Smart Domain Manager, Check Point/Nokia & GAIA Firewall VPN-1 FW-1 NGX R77.10, R77.20 Smart Domain Manager command line & GUI.
Experienced with Palo Alto Networks firewalls/IDS which includes Installation/Initial Configurations.
Experience with The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organizations proactively protect customer account data.
Experienced with Routing, layer 2 & layer 3 Switching and Protocols.
Understanding of IP Security, VPNs, Encryption and Authentication.
Knowledge of firewall rule creation & pushing policy in enterprise environment, IP traffic flow, analyzing & capturing of live traffic using Tcpdump, Snoop, Wire shark & FW monitor.
Experienced with troubleshooting access issues across multiple firewalled isolated network compartments during application migrations.
Windows Server 2008 R2, Windows 7, 8.1 & 10. Linux Red Hat, SuSE & BSD, Oracle Solaris 10 & 11.2, MAC Book Pro OS X Yosomite, AS/400.
Knowledge of VMWARE vSphere Client & vCenter Server v5.5 and Wintel.
Strong knowledge of the TCP/IP protocol stack, DNS, DHCP, FTP, TFTP & SNMP
Strong knowledge of Network Access Control Server, RSA SecurID two-factor authentication, digital certificates & logging.
Excellent documentation, communication and interpersonal skills.
Excellent analytical and problem solving skills.
Technical Skills
Cisco PIX 501, 506e, 515, 520, 525 firewall.
Cisco ASA 5500 series firewall appliances.
Junos SRX240, NetScreenOS 208, ISG 2000 & NSM environment.
Check Point/Nokia & GAIA VPN-1 FW-1 NGX R77.10, R77.20 Provider-1/Site Manager-1 R77.10 Smart Domain Manager command line & GUI
Understanding F5 Big IP series load balancers.
Understanding of McAfee IPS
Software
Terminal emulator application which can act as a client for the SSH, Telnet, rlogin, and raw TCP computing protocols and as a serial console client: PuTTY, SecureCRT.
Packet analyzer, also known as a network analyzer, protocol analyzer, or packet sniffer: Tcpdump, Sniffer, Wire shark, FW monitor (Checkpoint).
Vulnerability Assessment Tools: Nessus, ISS Internet Scanner (Application-level vulnerability assessment), ArcSight & Sourcefire AMP (Advanced Malware Protection).
Two- factor Authentication: Smartcards, RSA SecurID, Safe Net 3300.
Network Performance Monitor: Solarwinds, Netcool.
AlgoSec Security Management Suite: provides IT security and operations teams with visibility and control of network environments through the intelligent automation of firewall policy management.
Checkpoint Provider-1/Smart-1 infrastructure for management, Palo Alto Firewall.
Microsoft Visio 2010, DNA (Domain Name Automation).
Virtual Change for global Change Management.
Net info (Device management, Circuit Management, Component Linking, Collection Reports, Document Management & IP Allocation). VI editor, NPMS-Network Project Management System.
RSA SecureID Authentication Manager.
Professional Experience
Client: Citi Group, Irving TX July 2016-October 2016
Cyber Security Engineer with Perimeter Security Operation Team
Duties include supporting security infrastructure, which includes firewall, proxy and remote access systems. Investigation, documentation and resolution of outages to critical business systems that may be caused by firewall, proxy, or remote access systems.
Escalation of issues to, and tracking of progress in conjunction with Clients engineering teams, vendors, or other technical resource teams.
Worked incidents tickets of the level 2 team which include scheduling multiple changes, software upgrades and configuration activities to resolve.
Creating, validating & Installing of Firewall policies of Checkpoint Secure Platform Pro & Gaia,
Juniper SRX, Juniper Netscreen firewalls, Bluecoat Proxy, Palo Alto Networks firewalls (Panorama Central Management) & Cisco ASA with AnyConnect client.
Performed PANOS Upgrade from version 5.0->6.0->6.1.0->6.10 following Citi standard MOP
Performed -Initial Configuration, Web GUI Setup, HA Interface Configuration, SSH Access to Panorama
Policies (Rules) & Policies (Threat Prevention Features).
Client: Kaiser Permanente August 2015-April 2016
Nix Firewall Engineer
Join Kaiser s Digital Technologies and Operations (DTO) team, which is focused on standardization, automation and continuous improvement for more nimble deployments to the next generation of kp.org on heavily virtualized Linux environments.
Duties include but not limited to increase compliance for Payment Card Industry (PCI) Data Security Standard (DSS) by segmenting the Network and enforcing IP filter host firewalls.
Configuring & Implementing of IP filter on Host-based Firewall under Red hat Enterprise Linux & Oracle Enterprise Linux (OEL7) for another layer of security to maintain PCI DSS. The PCI DSS security requirements apply to all system components included in or connected to the cardholder data environment. The cardholder data environment (CDE) is comprised of people, processes and technologies that store, process, or transmit cardholder data or sensitive authentication data.
Responsible for assessment of firewall configuration, designing /creating/modifying firewall rules/policies, implementing/documenting and testing.
Client: CenturyLink Technology Solutions May 2015-July 2015
Firewall Engineer/Security Architect
Joined as a Firewall Engineer/Security Architect, duties includes analyzing information security systems And applications and recommendation and developing security measures to protect information against
Unauthorized modification or loss.
Vendors Network connectivity investigation, Creating Firewall Rule Change Requests mostly in
Cisco ASA and Checkpoint firewalls.
Upgraded a few ASAs and merge into different contexts.
Responsible for assessment of firewall current configuration files for performance/optimization/vulnerabilities.
Responsible for Vendors Network connectivity investigation, Creating Firewall Rule Change Requests mostly in Cisco ASA and Checkpoint firewalls.
Responsible for Designing, testing, and inspecting data communications systems.
Client: JPMC Paymentech, Dallas TX March 2015-April 2015
Firewall Engineer
Joined as a Firewall Engineer in their ENT Security Architecture Team.
Duties include Firewall Planning, Staging & Troubleshooting.
Vendors Network connectivity investigation, Processing Firewall Rule Change Requests.
Used IT Service Management tool for changes & approval process.
Followed standard Change Implementation procedures per ITSM to meet customer s SLA
Exposure of large complex Checkpoint, Cisco ASA & Palo Alto firewalls Environment.
Exposure of large ESXi host using vCenter Server.
Creating objects, rules & policies on Checkpoint R77.10 Smart Dashboard & P1 R77.10 &
Palo Alto Networks firewalls with Panorama, Central Management which allows firewall administrators to push (deploy) policies/rules, software or update packaged from a central location.
Responsible for assessment of firewall configuration, designing /creating/modifying firewall rules/policies, implementing/documenting and testing as per vendors requirements following standard procedures.
Client: HP ENTERPRISE SERVICES, Plano TX Oct 2012 Oct 2014
Firewall Engineer
Joined as a Firewall Engineer in their AMS IT SMART Team.
Duties include Firewall Design, Planning & Deployments.
Vendors Network connectivity investigation, validation & Support in a Managed Service Environment.
Exposure of large complex Checkpoint, Cisco ASA & Juniper firewalls in a Managed Service Environment.
Creating objects, rules & policies on Checkpoint/HP D1, D2, and D3 Appliances.
Exposure of Tipping Point device for real-time network protection, visibility and centralized management and analytics.
Responsible for assessment of current firewall configuration, designing /creating/modifying firewall rules/policies, implementing/documenting and testing as per vendors requirements following standard procedures.
Client: CITI GROUP, Irving TX Mar 2012 Oct 2012
Technology Consultant Global External Security Integration Team
Worked closely with Global External Security Integration Team, responsible for the configuration, deployment, and integration of perimeter devices such as firewalls and remote access infrastructure into Citi globally supported platforms.
Job requirements include competence in the supported technologies to include knowledge and experience in the OSI model, networking and TCP/IP, competence in Linux/UNIX commands and a strong background with troubleshooting utilizing the CLI across various firewall platforms i.e.
oCheckpoint, Cisco ASA Firewalls, Catalyst 6509 Switch/Routers, Palo Alto & Juniper SRXs.
oSSL VPN's using Juniper SA6500's.
oRouted/Routing Protocols: BGP, OSPF, and MPLS
oSourcefire AMP for Endpoint (Advanced Malware Protection).
Responsible for the configuration, deployment, and integration of perimeter devices such as firewalls and remote access infrastructure into Citi globally supported platforms.
Client: HP ENTERPRISE SERVICES, Plano TX Nov 2010 Mar 2012
Technology Consultant / Infrastructure Build Team
Duties include replacement of Crossbeam C-Series Firewalls to Checkpoint/HP D2 Appliance & Decommissions. Creating Engineering Work Orders (EWO), ICTD (Internal Cost/Technical Detail) and RA (Risk Assessments).
Responsible for delivering of assigned tasks within the delivery cycle of a project. Understand a broad spectrum of HP technology in order to deliver part of a detailed technical design, which meets customer requirements i.e. installing new systems applications; updating applications, firmware, and drivers; creating boundaries for as well as performing configuration and testing activities; applications programming for assigned modules within a larger program; assisting in the preparation of technical presentations and demonstrations; and participating in customer meetings.
Client: DYNEGY INC., Houston TX Aug 2010 Oct 2010
Network & Data Security Consultant
Provided professional services on deploying Checkpoint endpoint security device UTM-1 NGX R65 & R70 Software blade on Plant Control Network to provide user authentication, segment the admin network and various control networks.
Duties includes Administration/maintenance/upgrades HFA s, Configuring & troubleshooting of DMZ, Extranet & Intranet, Creating objects, rules & policies on Checkpoint s SecurPlatform / Securplatform Pro.
Network Performance Monitoring using Solar Winds Orion, HP Tipping point and Checkpoint s UTM- R70 Software Blade for IDS/IPS and Security Management.
Client: VERIZON, Grapevine TX Jun 2009 - May 2010
Network / Firewall Administrator
Assigned to Verizon DNA Firewall team. Duties includes following:
Firewall support of VOL & VMN, troubleshooting of firewall issues related to the function of the group. Review, analyze, and implement firewall rules, policy pushes via an established MOP/Script during maintenance windows to maintain the integrity of verizon s network. Perform Checkpoint firewall rule cleanup as required and participate in troubleshooting calls.
Central Office firewall consolidation-followed MOP to perform CO conversion of a Netscreen 208 managed firewall in the central offices to layer II for the CO firewall consolidation effort which requires knowledge of the NetscreenOS command line & GUI
Central Office to centralized firewall conversions of AI Intel platform & Motorola running on Checkpoint s NGX R60/NG FP3 to layer II & layer III mode following MOP which requires advanced knowledge of Checkpoint firewall NG FP3, R60, R61, R65 & R71 Provider-1/Site Manager-1 command line & GUI
New Network Element Turn-ups, Creating central & NAT policy in Juniper ERX/E320 & Checkpoint Environment, pushing policies to the appropriate firewalls in distributed environment, Sending change notifications to appropriate groups, coordinating with Network Operation team & NNMC doing pre/post conversion connectivity test to make sure Network is live, Monitoring & Troubleshooting firewall issues if outages occurs due to the firewall conversions in layer II/layer III mode. Tracking Centralized Firewall Conversions in Excel Spread Sheet.
Client: AT&T Uverse, Plano, TX Dec 2008 Jun 2009
Technical support Analyst II
Assisted Field techs with installation of FTTN/FTTP, High Speed Internet, and IPTV & VOICE over IP Phone, VRAD and Cross Box issues.
Provided advanced technical support on operation or maintenance of personal computers and/or peripherals using documented procedures and available tools.
Solid understanding of home networks. Order management, responsible for overseeing, tracking and monitoring customer complex order issue if needed, escalating to appropriate team.
SOLEXT INC., Dallas, TX Jan 2007 Nov 2008
Network Consultant
Setting up networking equipment, i.e. Routers, switches, firewalls (Cisco Pix Firewall Version 8.0), Configuring, Monitoring & Troubleshooting Cisco Pix Firewall using ASDM (Cisco Adaptive Security Device Manager), installing O/S, upgrading patches in TCP/IP Classful/CIDR LAN/WAN environment.
Troubleshooting network connectivity issues & setting up client to site IPSec point to point VPN with Cisco VPN client. Setting up workstations, Network printers and IP phones. Managing Web Server & Exchange Server on Windows Server 2003 Active Directory environment.
Client: IBM GLOBAL SERVICES Aug 2006 Oct 2006
Network Specialist
Provided network services and complex troubleshooting in a large Shared Network with Checkpoint/Nokia Firewall, Cisco switches, including 29xx series, 60xx and 45xx series Cisco routers, Cisco Pix and IOS Firewall environment.
Troubleshooting of firewall issues i.e. review, analyze, and implement firewall rules per IBM global change management process. Review and analyze firewall logs and syslogs, Cisco AAA. Services with TACACS. Used Cisco Security Manager (CSM) to setup VPN, Used Cisco Firewall Service Module (FWSM), which is an integrated firewall and switching module based on the Cisco PIX to monitor and performance management. Cross geo tickets, implement logical changes, implement physical changes, update business as usual support documents as per change as required. 24x7 on call support.
Client: CADBURY SCHWEPPES May 2006 Jul 2006
Network Security Analyst
Administering Firewalls i.e. Cisco/Checkpoint, Evaluate firewall access control requests to ensure they conform to Company's security standards and policies, application security reviews using vulnerability assessment tool i.e. ISS Internet Security Systems (IBM s) for application level vulnerability assessment & Solar Winds for performance monitoring.
Audit firewall logs on a regular basis and investigate any suspicious activities. Used Bluecoat Proxy SG Appliances to effectively secure Web communications and accelerate delivery of business applications.
Used Cisco IronPort email security appliances for email encryption.
Troubleshoot; coordinate with Application Systems and Network Operations Engineers, and Help Desk, to resolve problems. Thoroughly document all work. Maintained security awareness by preparing periodic reports Pertaining to security issues and the status of them with the PCI DSS, a multifaceted security standard that includes requirements for security management, policies, procedures, and network architecture.
Handling Break/Fix situations, monitor, configure, policy creation on Checkpoint s Smart Center Server running on SecurPlatform (Linux BSD) with NG AI R55 & NGX R60-61 environment.
New firewall design, installation, routing configuration & implementation. Manage and support Remote Access VPN setup for users and field locations with Nortel VPN Contivity Switch, RSA SecurID two-factor authentication and Juniper SSL VPN.
Client: FIRST AMERICAN, Dallas TX Sept 2005 Feb 2006
Network Security Analyst
Administering multiple Firewall of Juniper/NetScreen, in a managed distributed environment. Fulfilling routine change requests of Net Screen OS Firewall and resolving trouble tickets, maintain and monitoring firewalls using scanning software Nesses.
Providing VPN and SSH access as per role and considering security breaches. Performing Firewall rule analysis and make decisions on risk to customer network.
Modifying/creating new policy compliance for the connection of new sites to the customer network, troubleshooting network outages including IPSec & SSL VPN issues which includes Cisco, Nortel Contivity and Juniper SSL. Resolving security/non-security issues that arise during and after business hours regarding high priority outages.
Client: AEGON DIRECT MARKETING SVCS, Plano TX Jan 2005 - Jun 2005
Data Security Administrator
Responsible for responding to client security requests for access to LAN and Mainframe-based (AS/400) resources. This includes managing user s home directory, workgroup file & share permissions, create/delete/modify user accounts in Active Directory Users and Computers, create/delete/modify Exchange 2000/2003 accounts & Distribution lists.
Manage daily account disable report for Terminated employees, grant/remove RAS access and creating new folders/groups/permissions within the DFS structure guidelines and compliance mandates such as HIPAA, SOX and PCI
CHECK POINT SOFTWARE TECHNOLOGIES, INC. Grand Prairie, TX Sep 2000 Jul 2004
Technical Advisor
Worked for world s leading network Security Company as a network security analyst to provide technical advice to customers on the application and integration of Checkpoint s firewall and security products.
Provided advanced level global support for Check Point / Nokia Internet security products. Extensive hands on experience in installing, configuring, managing and troubleshooting Check Point firewalls in various environments and on all supported operating systems including high availability and load balancing clusters and VPN configurations.
Windows/UNIX/Linux operating system hardening.
Assisted customer with configuring and troubleshooting NAT issues i.e. static Nat (One-to-one) and Hide NAT (One-to-many).
Assisted customers with Client-to-site & Site-to-site VPN connectivity issues between Checkpoint and other vendor network security devices such as: Cisco IOS, Pix Firewall, Net Screen etc.
Utilized various packet and network inspection tools to troubleshoot issues down to the packet level. Created problem reports, developed & maintained technical documentation.
Utilized network analysis tools: Ethereal, Protocol Analyzer & Sniffer.
Education / Awards / Certifications
Jahangir Nagar University. Savar, Bangladesh
Bachelor's Degree
Major: Geography Minor: Statistics GPA: 3.7 out of 4.0
Richland College. Dallas, Texas US.
Completed some College Coursework
Major: Computer Networking
MCP+I, MCSE, A+, CCNA, CCSA, CCSE, CCSE+, JNCIA, CISSP exam pending. |
