| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidate Candidate's Name
Email: EMAIL AVAILABLE PH: PHONE NUMBER AVAILABLENetwork Security EngineerPROFESSIONAL SUMMARY: IT professional with around 10+ Years of extensive hands-on experience in Networking Security and proven expert proficiency in designing, engineering, configuring, and maintaining of large enterprise firewalls Skilled & technically proficient with multiple firewall solutions, network security, and information security practices Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point Next - Generation Firewalls R65, R70 & GAIA R77.30, Net Screen Firewall, Palo Alto Next-Generation firewalls, Bluecoat proxies and Cisco ASA Engineering and configuring Virtual Server, Pools, iRules, Profiles, Persistence, and monitor on F5 LTM to match the configuration the Application had on NetScaler. F5 migration of applications to new BIG-IP VCMP infrastructure. Worked on different firewall & security appliance such as, Checkpoint 4400,4600,4800, 21700, Palo-Alto PHONE NUMBER AVAILABLE,3060, 5020,5060, Panorama M-100, Cisco ASA 5505, 5510,5512-X, 5500-X,5585-X, Cisco WSA S370, S680, Radware DefensePro IPS, Radware Appwall (WAF) Experience on working with different migrations environment such as, Staging, Sandbox, Development, Production (Go live) Managing and implementing remote firewall for State agencies using NSM, SPACE, Smart Dashboard and CSM. Experienced in STP (Spanning Tree Protocol), VTP (VLAN Trunking Protocol), HSRP (Hot Standby Router Protocol), VRRP (Virtual Router Redundancy Protocol). Advanced knowledge in Cisco ASA 5000 series and PIX installation, configuration and maintenance, configuration and installation of IOS security features and IPS module, security risk analysis, attack mitigation & penetration tests based on LPT methodology. Advanced Knowledge in IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols Expertly implemented and configured F5 R-Series devices to enhance network traffic management and optimize application delivery. Strengthened network security by deploying F5 R-Series Application Delivery Controllers (ADCs), implementing features such as web application firewall (WAF), and SSL/TLS encryption. Provided expert troubleshooting and support for F5 R-Series issues, reducing downtime and maintaining seamless network operations. Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience. Extensive experience in Layer 3 routing and Layer 2 switching and dealt with router configurations like 7200, 3800, 2800 and switches 6500, 4500, 3700, 3750, 3900, 2900, 2960 and 3500XL, 3950 switch series. Knowledge of Intrusion Detection and Prevention System, DMZ, encryption, IPsec, proxy services, Site to Site VPN tunnels, MPLS/VPN, SSL/VPN Collaborated with F5 Networks and other vendors to stay updated on the latest features, best practices, and technical support for F5 R-Series. Proficient in design, implementation, management and troubleshooting of Check Point firewalls, Check Point Provider-1 / VSX, Palo Alto IDS/IPS modules, Data Center Migration, Foundry/F5 Load Balancers, Cyber Security, Amazon Web Service (AWS), and Bluecoat URL filtering & Packet Shaper systems. Advanced Knowledge in IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols. Proficient with Cisco routing and switching products, UNIX, Linux such as Kali, shell scripting and routing protocols Proficient in managing NSX components, including NSX Firewall policies, to enhance network security and segmentation within virtualized environments. Configuration and implementation of Cisco Firewall PIX/ASA Responsible for providing direct Citrix Netscaler administration such as GSLB, SSL offloading, HA. Application load balancing. NetScaler Virtual appliances on XenServer, VMWare ESX & Microsoft server 2012 R2, Citrix Access Gateway, and configuring user performance for Citrix VDI & HDX environments though Citrix policies. Experience on PCI and ISO compliant security implementations on the firewalls and perimeter devices Configuration, implementation and maintenance of Cisco Catalyst Switches 3850, 3750-X and 2960X and working on VRF Configured Check Point clusters with Nokia box and crossbeam. Checkpoint - R75/R70/R65 with product like Nokia IP 390, PHONE NUMBER AVAILABLE, 2450, 61000 etc.; in Provider-1 environment. Knowledgeable in configuring and optimizing trunk links and port-channels for efficient data transfer. Implementing loop prevention techniques such as BPDU Guard and Root Guard to maintain network stability. Supporting the Citrix NetScaler F5 platform, configuring, implementing, and troubleshooting Citrix NetScaler. Configured Cisco Routers and switches and dealt with the remote issues Good knowledge and experience in Installation, Configuration and Administration of Windows Servers 2003/2008/2012, TCP/IP, Active Directory, FTP, SNMP, SMTP, DNS,HTTP,HTTPS,DHCP, TFTP, LDAP, Linux OS under various LAN and WAN environments Experience in working with Nexus 7K, 5K and 2K series. Successfully managed and optimized Cisco wireless networks to ensure reliable connectivity and performance. In-depth knowledge of deploying and troubleshooting Cisco IOS LAN, WAN, QoS, Frame-Relay, Ether-channel, IP Routing Protocols - (RIPV2, OSPF, EIGRP & BGP), ACL s, NAT, VLAN, STP & VTP Knowledge in Documenting and preparing the Process related Operational Manuals and worked on office. Collaborating with Application owners, Network Team, DNS Team, and Firewall Team, to migrate applications from Legacy NetScaler Load Balancer to New F5 BIG-IP Local Traffic Manager Ensuring network availability, vendor management, fault management Strong ecommerce, general management, negotiation, inter-personal, communication and team building skills.TECHNICAL SKILLS:Firewall: Checkpoint R65/R70/R75/R77.30 GAIA/Firewall-1, Palo Alto, Cisco ASA, FortiGate, Panorama, Wildfire, Radware WAFProtocols: NAT, VTP, VLAN, TCP/IP, UDP, EIGRP, OSPF, RIPNexus: Nexus 7000/ 8ANS: F5 BIG-IP LTM 6900/6400Switches: Cisco Catalyst VSS 50- X / 2960X Routers: Cisco Routers ASR / 2600Operating Systems: Linux, Windows XP/7/8, Windows Server 2003/2008/2012 Protocols: TCP/IP, L2TP, PPTP, IPSEC, IKE, SSL, SSH, UDP, DHCP, DNSRouting: OSPF, EIGRP, BGP, RIP-2, PBR, Route Filtering, Summarization, Static RoutingSwitching: VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switching, Multicast operations, Layer 3 Switches, Ether channels, Transparent BridgingPROFESSIONAL EXPERIENCE:Walmart, Bentonville, AR February 2023 to PresentSenior Lead Network Security EngineerResponsibilities: Implementing security Solutions using Palo Alto Pa 5000/3000, Cisco ASA, Checkpoint firewalls R75, R77.20 Gaia, VSX and Provider-1/MDM. Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for Stateful replication of traffic between active and standby member. Deployed Cisco ASA Firepower Services Delivers cultivating rapid threat detection and mitigation using Cisco Sourcefire IPS with AMP Support Panorama Centralized Management for Palo Alto firewall PA-500, PA-200 and PA 3060, to central manage the console, configure, maintain, monitor, and update firewall core, as well as back up configuration Knowledge on Amazon AWS Virtual private cloud services Worked on network security design and installation using Palo Alto Firewall (Application and URL filtering, Threat Prevention, Data Filtering) Configure and administer Cisco ASA Firewalls (5585, 5550 and 5540) and use command line CLI, Cisco CSM, ASDM for day-to-day administration Administration and L3 support of our Infoblox DDI deployment and F5 GTM s and configuring various advanced features (Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, and HA) on F5 BIG IP appliances. Executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM. Researched, designed, and replaced aging Checkpoint firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection. Worked on configuration, maintenance and administration of Palo Alto PA3000 Firewalls and migrating customers from Cisco ASA to Palo Alto in HA network Configure Syslog server in the network for capturing the log from firewalls. Configure and Monitor Cisco Sourcefire IPS for alerts. Experience working on Network support, implementation related internal projects for establishing connectivity in various field offices and Datacenters. Working with different teams to gather info for the new request and troubleshoot for any connectivity issues by capturing traffic using TCPDUMP and smart view tracker. Configuring and troubleshooting site-to-site IPSEC VPN tunnels using Cisco ASA 5540 for third party connectivity. Performing URL filtering and content filtering by adding URL s in Bluecoat Proxy SG's. Support Blue Coat Proxy in explicit mode for users trying to access Internet from Network. Working on the network team to re-route BGP routes during maintenance and FW upgrades. Configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 7000. Configuring VDC & VPC in Nexus 9k, 7k, 5k and 2k. Participated in data center upgrade from Cisco IOS platforms to NX-OS platforms. Running vulnerability scan reports using Nessus tool. Troubleshoot connectivity issues and Monitor health of the firewall resources as well as work on individual firewall for advanced troubleshooting. Working on Service now tickets to solve troubleshooting issues.Delta Airlines, Atlanta, GA August 2021 to January 2023 Network Security Engineer/ Firewall EngineerResponsibilities: Designs, tests and deploys IT security systems, solutions and ecommerce environment. Working on Service Now ticket management tool by providing support service to client by implementing and working on change request, Incident request and troubleshooting. Configuration of checkpoint firewall mainly VSX according to client topology and checkpoints features such as Application & URL filtering, IPS, Identity Awareness, IPS, VPN. Configuration of Palo Alto Next-Generation Firewall mainly VSYS according to client topology and working on Content-ID, User-ID, App-IP Experience on working on Cisco IPsec VPN, SSL VPN and natting Firewall technologies including general configuration, optimization, security policy, rules creation and modification of Check Point Next-Generation Firewalls GAIA R77.10, R77.20 & R77.30 Experience on working with checkpoint next-generation firewall on various modules such as SMART View Tracker, SMART View Monitor, SMART Update, SMART Log, SMART Event. Experience in Qualys policy compliance in detecting internal and external threats and vulnerability Configuring Checkpoint and ASA for NAT (Static PAT/Manual NAT) to enable remote access for sites by doing Port redirection and configuring various VPNs like IPsec Site to Site, SSL VPN Installation of Palo Alto (Web Application and URL filtering, Threat Prevention, Data Filtering) Experience in Configuration, Management, Deployment, Optimization and Troubleshooting Checkpoint VSX Performed upgradation of Palo Alto firewall from old platforms to new platforms 6.1.5 to 6.1.10 Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall Worked on network packet analyzer tools such as, Wireshark, Microsoft Network Monitor, Snort, Tcpdump Migration from Cisco to Palo Alto firewall & Cisco to Checkpoint firewall Experience with working on Palo Alto Next-Generation firewalls security profiles and Cisco ASA VPN Experience on working with migration with both Checkpoint and Palo Alto Next-Generation Worked on security tools and software s like Cisco WSA, Qualys, Splunk, Symantec Endpoint Protection, Bit9, HP Network Node Management Upgrading Radware Appwall WAF (Web application firewall) and fixing hot fixes and patches. Exposure to wild fire advance malware detection using IPS feature of Palo Alto Maintain a thorough understanding of the basics behind the Internet and its workings (DNS, Security, IP Routing, HTTP, VPN) Configured Site to Site IPsec VPN tunnels and Split tunnel to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls. Routing and Switch protocols: BGP, OSFP, VLAN, VTP, STP, RIP, RSTP Firewall deployment, rules migrations, firewall administration and converting existing rule based onto new Checkpoint and Palo Alto Next-Generation Firewall platforms. Responsible for planning, documenting and implementation of complex Firewall and VPN solutions Represent the changes at the weekly change review and application migration meetings.State of VA, Fairfax, VA April 2019 to July 2021Senior Network Security EngineerResponsibilities: Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point/Nokia Firewall VPN-1 FW-1 NGX R65, R70 & R75 Provider-1/Site Manager-1 R65, R70.30 & R75.40 Smart Domain Manager (SDM) command line & GUI. Experience in a Unix/Linux environment and expertise in several flavors of Linux including Red Hat, CentOS, Gentoo Linux and Ubuntu Supports the implementation and ongoing operations of network access control devices to include firewalls, web proxies, and SSL VPN devices. Experience with working on wireless site survey using Air-Magnet Upgrading checkpoint Web application firewall and fixing hot fixes and patches. Installation of checkpoint Next-Generation firewall GAIA R76/77.30 in Open Server, UTM Configuration of checkpoint firewall mainly IPS (Intrusion Prevention System) module according to client topology and checkpoint MDS. Experience on Endpoint security SME with McAfee Endpoint Experience with working on Enterprise Desktop Administrator on Windows 7 Worked on Imperva Secure Sphere Web application firewall Experience with working on Imperva web application firewall for granular correlation policies reduce false positives and Dynamic application profiling Cisco routing and switching technologies and devices LAN / WAN, VPN, Routing protocols, VLANs, Trunking, Cabling, Cisco IOS administration Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks Experience in working with Nexus 7010, 5020, 2148 devices. Worked on RSA authentication manager and Cisco NSA (Network Admission control) to authenticate users and devices to the network Experience in working with designing, installing and troubleshooting of Palo Alto firewalls Advance Knowledge on Lancope Stealth watch system for monitoring, analyzing and responding In-depth network activities Worked on Windows Management Interface (WMI) Experience with working on Amazon Web Service (AWS) environment for cloud computing Experience with connectivity of Cisco Networking Equipment with F5 Load Balancer Configuration and troubleshooting of Next-Generation Firewalls ASA 5520, ASA 5510, Nokia Check Point VPN­1 NGX R55/R65/R70 Advance knowledge on design, implementation and maintenance of QoS for LAN and WAN networks Performed upgradation from old platforms to new platforms R65 to R77.30 Configuration and troubleshooting of Site to Site as well as Remote Access VPN on Cisco ASA and Checkpoint firewall MDS. Worked on Migrating from ASA 5540 to ASA 5585 Experience with working on Microsoft Active Directory Experience with Using GTM, APM & LTM F5 component to provide 24“7 access to applications Worked on PCI-DSS of DELL secure works and also on ISO 27001 compliance Configuring Checkpoint and ASA for NAT (Static PAT/Manual NAT) to enable remote access for sites by doing Port redirection and configuring various VPNs like IPsec Site to Site, SSL VPN Worked on implementation strategies for the expansion of the MPLS VPN networks Worked on Intrusion prevention system (IPS) SME with McAfee IPS Installation of Palo Alto (Web Application and URL filtering, Threat Prevention, Data Filtering) Successfully installed Palo Alto Next-Generation PA-3060, PA-5060 firewalls to protect Data Center with the use of IPS feature Worked on Kali Linux and automated security tool such as Client Fortify, IBM Asppscan Experience with Cisco ASA firewall Cisco security Manager (CSM) and migration from Cisco to Palo Alto Experience with network based F5 Load balancers with software module ASM, APM & AFM Experience in working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a flexible Access Solution for a Datacenter access architecture Worked on network packet analyzer tools such as, Wireshark, Microsoft Network Monitor, Snort Implemented Positive Enforcement Model with the help of Palo Alto Networks Configure Cisco switch ME 3800X and 3600X Knowledge on enterprise security standard such as OWASP Configuration of DNS, RADIUS and KERBEROS Experience in handling Infoblox tool for DHCP and DNS Worked on McAfee ESM (Enterprise Security Manager) & IPS appliance which handled both SIEM/Correlation and Log Management. Exposure to wild fire advance malware detection using IPS feature of Palo Alto Maintained and Configured Checkpoint VSX with firewall virtualization and checkpoint clusters Configuring rules and Maintaining Palo Alto Firewalls with IPS module & Analysis of firewall logs Advanced knowledge of Windows 7, Windows 10 and Office 365 Worked on automating process for migration of security policy using Palo Alto Migration tool 3.0 and Symantec Endpoint Protection Worked on SIEM tolls such as Tufin, SolarWinds, LogRhythm Experience with Qualys Guard Vulnerability Management Strong Knowledge on DNS Administration using BT Diamond and Aruba wireless LAN Advance knowledge on Network segmentation and checkpoint Next-generation firewall GAIA R77.30 host migration as well as the QoS of the LAN network Worked on configuration of Cisco Catalyst Switch 3850 Configuring F5 Load Balancers: Adding virtual IPs, nodes, pools and health monitoring.US Bank, Minneapolis, MN November 2016 to March 2019 Network Security ConsultantResponsibilities: Planning and designing of corporate Firewalls architecture by implementing it in distributed environment. Maintaining Corporate Firewalls & Analysis of firewall logs Experience with working on some ecommerce technologies Experience on Check Point Next-Generation Firewalls R65, R70, R75. Worked on Juniper NSM central management software Worked on Imperva web application security for Logging, Monitoring, Data leak prevention, network and platform security. Configuring Juniper NetScreen Firewall Policies between secure zones using NSM (Network Security Manager) PCI and ISO compliant security implementations on the firewalls and perimeter devices Migration from Cisco to Palo Alto firewall Experience on McAfee Endpoint security & IPS Strong Knowledge under enterprise security standards such as SANS and web application security using Burp Suite Advance knowledge of Amazon Web Services (AWS) with broad IT infrastructure services, Deep visibility into compliance and governance and Hybrid Cloud capabilities Verifying & configuring the rule-sets on firewalls. (Firewall Change Request processing). Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs Experience with LTM & GTM F5 component to provide high availability with providing services across data centers. Managing and implementation of remote firewalls for State agencies using NSM, SPACE, CSM and Smart Dashboard Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs Build IT security infrastructure including Checkpoint, Juniper and Palo Alto firewalls Designed and configured the commands for QoS and Access Lists for Nexus 5K and 2K. Worked on configuration and maintenance of Cisco Catalyst Switch 3850, 3750-X, 2960X Migration with both Checkpoint and Cisco ASA VPN experience Experience with Juniper environment including SRX/Junos Space. Worked on vulnerability scanning tool such as Nessus and Qualys Guard Worked on McAfee Network Security Platform where incident response were managed using SIEM Experience in management of Checkpoint VSX environment and using VSX with Multi-Domain Security Management (SDM) Performed other related duties as assigned or requested in compliance with ISO 27001 and 9000 (International Standards Organization). usAdminister, Maintain, and deploy Juniper IPS & VPN systems Configuring VLAN, Spanning tree, VSTP, SNMP on Juniper EX series switches Managed network security processes using ASA firewalls and worked on Cisco Scan Safe (CWS) Experience with APM, LTM & GTM F5 component to provide high availability with providing services across data centers Configuring and troubleshooting Access-lists, Service Policies, and NAT rules, Network Object Groups, Service Object Groups on ASA 5585 and 5505 Firewalls. Strong knowledge regards to design, plan and optimize the quality of service (QoS) related to the traffic prioritization and inception to delivery Worked on Cyber Security & penetration testing tool such as Ettercap, Nmap Managing and implementation of remote firewalls for State agencies using NSM, SPACE, CSM and Smart Dashboard Experience with working on maintaining, installing and handling policies on Palo Alto Firewall PA-200TCS, Hyderabad, India July 2013 to October 2016Network Engineer Responsibilities: Migration of RIP V2 to OSPF, BGP routing protocols. Configured EIGRP for Lab Environment. Cisco routing and switching technologies and devices LAN/ WAN, VPN, Routing protocols, VLANs, Trunking, Cabling, IOS administration Advance Knowledge in Cyber Security and Ethical hacking Implemented ISL and 802.1Q for communicating through VTP. Configure Cisco routers 1900 and switches 2960. Experience with Cisco IOS and NS-OS. Configuring Port Mirroring, VLAN, SMTP, STP, RSTP, SNMP, and Routing Policies on switches Working with Client teams to find out requirements for their Network Requirements. Installed and Configured DNS server and Checkpoint Firewall with IPS feature in Internet Edge. Designing solutions for frozen requirements using Cisco Routers and Switches. Deploying the network infrastructure to meet the requirements Proficient in VPN technology and TCP/IP protocols Dynamic routing protocol configuration (RIP, RIP V2). Troubleshooting network problems and working knowledge of HTTP, SNMP, HTTPS, SMTP, DNS, DHCP, etc. Knowledge in Dynamic routing protocols Implementation & trouble shooting of complex WAN, LAN, VLANS, private VLANS, high availability solutions like HSRP, VRRP, GLBP, ether channels, site- to- site VPN, access control lists, NAT, PAT, routing solutions etc. Maintaining all the network devices routers, firewall, switches Incorporated VLANS to segment traffic on managed switches. Installing service pack upgrades. Use of TCP Dump to troubleshoot access issues. Configuring VRRP, Static route, BGP, Routing policies, ACL Implemented Secure Remote VPN for high-speed remote access. Managed network connectivity and network SSL Security, between Head offices and Branch office Responsible for Internal and external accounts and, managing LAN/WAN and checking for SSL Security Settings of the networking devices (Cisco IOS, Router, switches) coordinating with the system/Network administrator during any major changes and implementation
|
