| 20,000+ Fresh Resumes Monthly | |
|
|
| | Click here or scroll down to respond to this candidateCandidate's Name
Sr. Network Security EngineerVisa: GCEmail: EMAIL AVAILABLESUMMARYProficient in network planning, implementation, configuration, troubleshooting, and testing on Cisco and Juniper Networks.Proficient in deploying and managing Zscaler's web proxy solutions, ensuring seamless and secure internet access for the organization.Skilled in handling escalated issues related to routing, switching, and WAN connectivity using ticketing systems like Remedy.Experienced with various firewall technologies including Checkpoint, Palo Alto, Cisco ASA, and Fortinet, with capabilities in installation, upgrade, monitoring, and patch management.Experience working on Azure Cloud services, Azure storage, Azure active directory and Azure Service Bus. Managing Client's Microsoft Azure based PaaS and IAAS environment.Implemented and managed SASE solutions within enterprise networks, leveraging SD-WAN and cloud security services.Designing and implementing Confidential Azure Solutions across a range of cloud models like: IaaS, PaaS, SaaS,Performed Corporate-Wide implementation of Single Sign On configuring OKTA SSO including AD agents and IWA agents, attribute mapping from AD- Okta.Specialized in managing and upgrading Checkpoint software, including version 81.20.Proficient in configuring and managing SyslogNG for centralized logging across distributed systems.Strong knowledge of routing protocols such as EIGRP, OSPF, RIP, BGP, as well as TCP/IP and subnetting with VLSM.Utilized Qrada for log management and analysis to gain insights into application performance and user behavior.Deployed SevOne performance monitoring solution to monitor network infrastructure and ensure optimal performance.Worked on Three mergers/acquisitions and helped with onboarding users and integrating their apps with SSO and Active Directory.Maintain, manage, optimize, and troubleshoot all routing and routing protocols (IPv4 and IPv6) along with troubleshooting of any connectivity, latency or unavailability issues using Remote Desktop, Xceedium, SpectrumExperienced in designing, configuring, and troubleshooting security policies, firewalls, and failover mechanisms on Palo Alto networks.Familiarity with network management tools and sniffers like SNMP, HP-OpenView, Wireshark, and Cisco Works.Designed and implemented network topology maps in Spectrum to visualize network relationships and dependencies.Designed and Implemented Okta integration with several Confidential applications including JIRA, SharePoint.Managed and monitored AlienVault SIEM sensors, policies, alerts for suspicious activities.Knowledgeable in advanced technologies such as VOIP, H.323, SIP, QOS, Multicasting, MPLS, and MPLS-VPN.Provided advanced monitoring and tooling of Electrical Substations systems, hardware devices SCADA and ICS enterprise applications.Skilled in Splunk Enterprise Security application, 802.11x wireless technology, and F5 Big-IP LTM-6400 load balancers implementation and configuration.Familiarity with Cisco Nexus data center infrastructure and virtual firewalls like Checkpoint VSX, IDS, IPS, as well as encryption techniques.Knowledgeable in AWS implementations.TECHNICAL SKILLS:ProtocolsRIP, RIP V2, EIGRP, OSPF, IS-IS, IGRP, HSRP, VRRP, GLBP, LACP, PAGP, DNS, SMTP, SNMP, FTP, TFTP, LPD/TDP, WLAN, PHONE NUMBER AVAILABLEe, WEP, POP3 LADP, TNS.LAN TechnologiesWorkgroup, Domain, HSRP, DHCP, Static, VLAN, STP, VTP, Ether Channel, Trunks.WAN TechnologiesLeased Line, Frame Relay, ISDN, PPP, HDLC, ATM, SONET, Metro Ethernet.Network ProductsCISCO Routers 1700, 1800, 2500, 2600, 2800. CISCO High End Router 3600, 3800, 7200, 12010. CISCO Switches 1900, 2950, 2960. CISCO Campus Switches 3550XL, 4984 Core Catalyst 4503, 4507 RE, Catalyst PHONE NUMBER AVAILABLESecurity & VPNPIX 500 Firewall, ASA 5505 Firewall, AIP SSM, CSC SSM, FWSM, FortiGate, CISCO CSM, ACL- Access Control List, IPS/IDS, NAT, PAT, CISCO ACS, Check point (3200, 5800, 15400 and 15600)sonicwall, RSA SecureID, SRX, SSG series firewalls, Cisco ISEAuthenticationRADIUS, TACACS+, Digital certificatesMonitoring ToolsWireshark, Nmap, Nessus, OpManager, PRTG Packet SnifferServersDomain servers, DNS servers, WINS servers, Mail servers, Proxy Servers, Print Servers, Application servers, FTP servers, Avocent Console server.Operating SystemsWindows NT 4.0 (Desktop/Server), Windows 2000/2003/2008 server, Windows XP/7, LINUX, Solaris, Red Hat, Active Directory, UNIX, Junos.LanguagesC, Perl, and PythonStorage (SAN & NAS)EMC, HP, NetApp: VNX, VMAX, XTREMIO, 3Par and EVACertified coursesCCNACCNPPROFESSIONAL EXPERIENCEDeutsche Bank, Manhattan NY Jun 2023- PresentSr. Network Security EngineerManaged and upgraded Check Point and Palo Alto firewall infrastructure, ensuring minimal downtime and compliance with industry standards.Managed and executed multiple Checkpoint software upgrades to version 81.20, ensuring seamless transitions with zero downtime.Developed detailed upgrade plans addressing system compatibility, security considerations, and business continuity.Conducted pre-upgrade testing and post-upgrade validation to ensure system integrity and performance.Coordinated upgrade schedules with stakeholders, minimizing business disruptions.Interfaced with change management teams, obtaining necessary approvals, and adhering to established protocols.Maintained thorough documentation of upgrade processes and generated comprehensive reports on upgrade outcomes.Create and maintain comprehensive documentation for network security configurations, policies, and procedures. Generate reports to provide insights into network security status and incidents.Experience wif deployments of various systems to Azure wif Azure CLI, PowerShell, ARM Templates and TerraformDeveloped automated alerting mechanisms based on SyslogNG events to enhance system monitoring and troubleshooting.Managed policy and network configurations for Palo Alto, Checkpoint, Cisco ASA, and Fortinet firewalls.Installed Checkpoint 5K, 6K, 12K and 13K firewalls in active passive clusters from scratch and performed upgrades, troubleshooting, analyze, upgrades, hot fixes, and maintenance.Collaborate with IT and security teams to integrate NAC with other security systems and technologies.Develop, document, and maintain network security policies and procedures, ensuring they align with best practices and regulatory requirements.Performed administrative tasks with Palo Alto Networks (Panorama) including Security, NAT policy definitions, application filtering, Regional based rules, URL filtering, Data filtering, Threat Prevention, file Blocking and User based policies.implemented and managed Palo Alto Firewalls, with expertise in Panorama for efficient cluster management in large setups.Deployed Network-Based Anti-virus, URL Filtering, and DLP solutions on Next-generation Firewalls.Performed real-time proactive Security monitoring and reporting on various Security enforcement systems, such as Splunk (SIEM), Anti-virus, Carbon Black, Malware Analysis, Firewalls, IDS& IPS, Web Security etCollaborated with cross-functional teams to integrate SevOne with other monitoring tools and IT infrastructure for comprehensive visibility and control.Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels and Spanning tree for creating Access/distribution and core layer switching architecture.Assisted teams to deploy firepower solution to the existing security setup.Capital group Remote Jan 2022- May 2023Sr. Network Security EngineerWorked on L2/L3 technologies, such as: SVI, LACP, VPC, VPC+, VRF, VLAN, RIP, OSPF, EIGRP, HSRP, VRRP, OTV, Fabric Path and MPLS technologies.Performed daily maintenance activities, including log maintenance, reporting, and auditing of firewall infrastructure.Troubleshot network issues, scheduled upgrades, and conducted hardware refresh projects to optimize network performance.Maintained, deployed, upgraded, and troubleshooted cloud platform network infrastructure for both cloud-native and non-cloud-native solutions.Designed and developed automation scripts to deploy and manage cloud-based infrastructure and applications using Python and PowerShell.Conducted extensive testing and validation processes pre- and post-upgrade to address compatibility issues and confirm functionality.Managed and adjusted upgrade schedules in response to business needs and unforeseen challenges.Participated in change review meetings, securing necessary approvals and ensuring compliance with change management protocols.Documented all upgrade activities and produced detailed reports summarizing the processes and lessons learned.Implemented Zone-Based Firewalling and Security Rules on the Palo Alto Firewall, centrally managed all Palo Alto Firewalls PHONE NUMBER AVAILABLE using Palo Alto Panorama M-500/M-600 management server.Deployed and configured web proxies and isolation techniques to secure internet traffic and prevent cyber threats.Configured Palo Alto Next-Generation Firewall under multi-VSYS forms according to client topology to support migrated topologies.Managed Checkpoint firewalls (R77.30 and R80.10) through MDM- Configured HA pairs, security policies and rules in security and application bladesWorked extensively on Cisco ASA 5500PHONE NUMBER AVAILABLE Series, experience with conversion of PIX rules over to the Cisco ASA solution.Troubleshoot & Conduct Webex meeting, Jabber, Lync. Video Endpoints. TMS.Designed and implemented Okta SSO and Okta MDM from ground up with 150+ SAML applications. Worked with more than 40 different groups to integrate their applications to SSO.Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA, and other technologies.Implementing cloud access security broker (CASB) solutions to act as central control points to set policy, monitor behavior, and manage risk across all cloud services simultaneously.Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trunking, deployed port security, when possible, for user portsDesigning F5 solutions/support for migration work of applications and websites from Cisco CSS Load Balancers to the F5 BigIP Load Balancers Configured policies and rules on Palo ALTO (PA 5020, PA 5050, PA 7050)Installed and configured the F5 BIG-IP LTM, configured virtual servers, and associated them with pools for internal web servers.Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.Knowledge in Design, Installation configuration of Palo Alto Checkpoint Provider Environment.Responsible for Check Point and Cisco ASA firewall administration across global networks.Maintain Splunk systems documentation, including SOP's and design documents Integration of systems and application tools with Splunk.Involved in Configuration of Access lists (ACL) on ASA and Sonicwall firewall for the proper network routing for the B2B network connectivity and added exposure to ASA fire power.Amadeus Revenue Integrity, Tucson AZ May 2021 to Dec2021Network Security EngineerExperience with configuring Cisco 6500 Virtual switching system in Distribution layer of the Data center network.Proficient in configuring Cisco 6500 Virtual switching system in the Distribution layer of the Data center network.Provided escalation support for network infrastructure issues, following up to ensure timely resolution.Administered and upgraded Checkpoint firewall systems, ensuring high availability and robust security.Collaborated with cross-functional teams to plan and execute firewall upgrades, including comprehensive pre-upgrade testing and post-upgrade validation.Managed change schedules and coordinated with stakeholders to mitigate operational impacts.Developed and maintained detailed documentation of all upgrade procedures and outcomes.Assisted in the implementation and configuration of VPNs, firewall policies, and intrusion detection/prevention systems.Implemented security policies on Cisco ASA 5500 Series and Palo Alto Internet firewalls, including ACL, IPSEC, SSL, VPN, and IPS/ Proficient in VPN technologies and well-versed in Zero Trust Networking principles.Designed F5 solutions and supported migration work of applications and websites from Cisco CSS Load Balancers to the F5 Big IP Load Balancers.Configured VLANs, Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.Documented network changes, topology diagrams, and implementations through MS VISIO tool.Configured routing protocols like OSPF, EIGRP, and BGP on Nexus 7000, 5000, 2000, Cisco 6500 series multilayer switches.Utilized Panorama to configure Palo Alto Firewalls, including user group rules with AD integration in Firewall rules.Configured Site-to-Site VPNs, Remote access ANYCONNECT services, and maintained HP Tipping point IPS inline network.Monitored network performance, device status, and Virtual environments through SolarWinds tool.Provided technical support for wireless network users and conducted indoor and outdoor site surveys.Deployed windows and Linux Virtual machines through VMware vSphere tool and administered windows and Linux servers.Generate detailed reports on network security posture and compliance status using Firemon/AlgoSec.Gandhi Info Aug 2017 Aug 2020Network Security EngineerConfiguring, Maintaining the Routers and Switches and Implementation of RIP, EIGRP, OSPF, BGP routing protocols and troubleshooting Remote infrastructure management of offices in different locations nationwide.Upgraded, patched, and maintained Check Point and Palo Alto firewalls, ensuring security and performance.Coordinated with cross-functional teams to implement network changes, aligning with organizational goals.Conducted network analysis and optimization to enhance overall network efficiency and security.Participated in special projects and additional duties as required, contributing to the organization's security posture.Installing, configuring, and maintaining Cisco Switches (2900, 3500,7600, 3700 series, 6500 series) Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800)Built site-to-site IPSec VPNs over Frame-relay & MPLS circuits on various models of Cisco routers to facilitate adding new business partners to new and existing infrastructures.Configured RIP, PPP, BGP and OSPF routing.Responsible for Checkpoint firewall management and operations across our global networks.Working with Checkpoint Support for resolving escalated issuesData center migration was involved in Access, Distribution and Core layers.Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.Experience with configuring Virtual Server and Configuring Load balancing methods in F5 LTMExperience with design and implementation of Data center migration.Expert in configuring Cisco Routers, Catalyst Switches, Nexus Switches.Upgrade Cisco 6500, 3750, 2960s, Nexus 5000, Nexus 2000, Nexus 7000 switch IOS softwareWorked extensively with Nexus 7000, 5000, 2000, Cisco 6500 series multilayer switches, Cisco 2960s series switches and Cisco 3560/3750s switches.Strong Knowledge in working with F5 Load Balancers and their Implementation in various Networks.Identify, design and implement flexible, responsive, and secure technology services.Implemented Positive Enforcement Model with the help of Palo Alto Networks.Innovated with support of Palo Alto for remote and mobile users and for analyzing files for malware in a separate (cloud-based) process that does not impact stream processing.Establish AWS technical credibility with customers and external parties.Help customers build scalable, resilient, and high-performance applications and services on AWS.Develop/capture/document architectural best practices for building systems on AWS.Release management of all significant public EC2 launches.Offered users with wireless network technical support and handled indoor and outdoor site surveys.Experience with Firewall Administration, Rule Analysis, Rule ModificationDeployed the switches in high availability configuration with HSRP.Configured UDLD, port-fast, uplink fast and other spanning tree features.Apec Infotech Mar 2015 July 2017Network EngineerImplementation and maintenance of network architecture for LAN/WAN.Installation of new software releases and system upgrades. Evaluated and installed patches resolved software related problems. Performed system backups and recovery.Configuration and installation of Cisco router.Implement and configured HSRP on core switching and for VPN redundancy, HSRP on different location of office on the switched network and managing the entire multilayer switched network.Maintenance of DNS, DHCP, Active Directory, Replication other services on the Windows Server 2000 2003 network.Configuration and testing of Multicast routing in Data Center Environment.Troubleshoot and Worked with Security issues related to Cisco ASA/PIX, Checkpoint, IDS/IPS and Juniper Net screen firewalls.Troubleshooting Security issues on Cisco ASA, Checkpoint, ID/IPS and Juniper Net screen firewalls.Performed new additions VIPs, Pools, Virtual Servers, and Monitors to the F5 Big IP LTM load balancer.Configured EBGP/IBGP/VRFS policies also tested BGP attributes such as Local preference, MED, AS-PATH, Community and Weight.Troubleshooting in inter-vendor Palo Alto environments.Bluecoat WAN acceleration appliance hardware/software troubleshooting and configuration.Installed and maintained routers and switches in various network configurations supported VLANs, Qos, VoIP, and advanced access-lists.Replacement of old 6500 and WAN routers from DR testing site and Installed Nexus 7K and ASR 1006 routers. |