| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
EMAIL AVAILABLEPHONE NUMBER AVAILABLESenior Network Security EngineerProfessional Summary:8 years of experience working in large-scale environments on L1/L2 troubleshooting, Network Design, IDF and MDF architecture, Datacenter Architecture, Spine Leaf Architecture, and support roles, IOS upgrades, downtime procedures, Migration projects to different vendor equipment.Experience working in complex environments which includes Layer 2 Switching, L3 routing, Network security with perimeter and VPN firewalls, Load balancing and Access policies management in F5 and Wireless LAN Controllers.Experience in installing, configuring, and maintaining Cisco Switches (2960, 3500, 3750, 3850, 4500, and 6500) in enterprise Environment and Nexus 2k, 3k, 5k, 7k and 9k in Data Center Environment.Expertise in installing, configuring, and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 series).Experience in VSS, VRF, VPC, and VDC technologies. Experience working on Gateway redundant protocols HSRP, VRRP, and GLBP. Experience with Access, Distribution and Core Layer Architecture and Spine Leaf Architecture in Datacentre.Expertise in installing, configuring, and troubleshooting of Cisco Routers (3800, 3600, 2800, 2600, 1800, 1700, 800, ASR 9k) and Juniper Routers (E, J, M, and T-series).Experience and high-level technical knowledge in OSPF, EIGRP, RIP and BGP routing protocols. L1/L2 troubleshooting skills in Routing in complex environments. Worked with MPLS over BGP. Worked on upgrading Edge routers, failing over ISP circuits for maintenance. Knowledge in EVPN, VXLAN, VTEPS. Experience with Cisco ACI.Configured F5 LTM, series 5000 series for the corporate applications and high availability. Implemented LTM and GTM in DMZ and Internal network. Worked on software versions up to 12.1.2. Experience with upgrading software and hotfix. Experience with APM and ASM modules.Proficient in using Solar Winds Network Management tools like Network Performance Monitor (NPM), Net Flow Traffic Analyzer, Network Configuration Manager (NCM) and Cisco Prime.Experience with manipulating various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.Extensive implementation of Cisco ASA 5500 series - 5505, 5510, 5512-X with Firepower module. Palo Alto firewall policies, panorama, and Checkpoint firewalls NG, NGXExperience with PA PHONE NUMBER AVAILABLE and VM series firewalls for both Internet and internal traffic filtering. Experience with Panorama M100 series and maintaining up to 23 firewalls in large networks.Experience working with Aruba and Cisco Wireless LAN controllers, Configuring and Provisioning APs, Virtual APs, RTLS, Wireless SSIDs, remote and campus APs, upgrading WLC, worked in Active/Active local Controllers and Master controller. (Aruba 6000, 7200 controllers, Aruba AP65, 70, 124, 85, 125) system.Enhanced level of knowledge with, PPP, ATM, T1 /T3 Frame-Relay, MPLS. Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, and MPLS QOS.Hands on experience with Juniper SRX series firewalls 500 series.Experience with NAT/PAT, static and dynamic NAT, access lists, security zones, policies on SRX firewalls.TECHNICAL SKILLS:Networking TechnologiesLAN/WAN Architecture, TCP/IP, Frame Relay, VPN, VLAN, VTP, NAT, PAT, STP, RSTP, PVST, MSTPNetworking HardwareCisco Switches, Cisco Routers, ASA/Pix/Palo Alto/Fortinet/Juniper firewalls.Routing ProtocolsOSPF, ISIS, EIGRP, RIP, MPLS, IS-IS, BGP, MulticastingSecurity TechnologiesPAP, CHAP, Cisco PIX, Blue Coat, Palo Alto, ASA, Fortinet, CheckpointNetwork MonitoringSolar Winds, Wireshark, HRping, WhatsUpGold, InfobloxOperating SystemsWindows 7, Vista, XP, 2000, LINUX, Cisco IOS, IOS XR, IOS-XE, NX-OSLoad BalancersF5 Networks (BIG-IP)FirewallsJuniper Net Screen (500/5200), Juniper SRX (650/3600), Pix (525/535), ASA (5520/5550/5580), McAfee Web Gateway, Checkpoint, Palo Alto firewalls.AAA ArchitectureTACACS+, RADIUS, Cisco ACSProfessional Experience:Bank OF America, NYC, NY July 2022 - PresentSr. Network security EngineerResponsibilities:Experience working with Nexus 7010, 5548, 5596, 2148, 2248 devices. Worked on 40 gig and 100 gig switching chassis with QSFP. Worked on Cumulus Switching POC on Mellanox devices.Deploying and decommission of VLANs on core ASR 9K, Nexus 9K, 7K, 5K and its downstream devices also configure 2k, 3k, 7k series RoutersExperience configuring VPC (Virtual Port Channel), VDC (Virtual Device Context) in Nexus 7010/7018Experience with configuring FCOE using Cisco nexus 5548Created documents for various platforms including Nexus 9k, 7k, ASR9k, and ASR1k enabling successful deployment of new devices on the network.Migrated to Juniper EX series switches from Cisco 3500 series and 6500 series switchesExperience with moving data centre from one location to another location, from 6500 based data centres to Nexus based data centre.Maintained multi-vendor firewalls Palo alto 3k, 5k and 5k series firewalls, Checkpoint R77.30, R75, Cisco ASA 5540, 5585 firewalls with firepowerUsed Tufin firewall optimization tool and Splunk to analyze logs and perform Firewall policy cleanup.Involved in deploying SDWAN with cisco infrastructureParticipated in troubleshooting SDN/SD-WAN deploymentsWorked on Azure DNS to configure custom domain names for the resources in your VNets. Finally, we will move on to learning how to set up both public and private DNS zones.Build, configure, test and provide production cloud systems support that may include duties such as deployment, configuration, monitoring and troubleshooting in Azure load balancers, firewall policies, VPN tunnels, DNS and Linux serversConfigure Azure DNS to handle name resolutionWorked on Zscaler Cloud proxies, Implementation of Policies, PZen Configuration, GRE tunnels to Cloud, PAC file configuration, DLP policies.Implement changes on switches, routers, load balancers (F5 and CSS), wireless devices per engineers instructions and troubleshooting any related issues.Configured Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000 to connect servers and storage devices.Experience with configuring Cisco 6500, 6800, 4500 VSS in Distribution layer.Configuring and managing F5 LTM (Local Traffic manager) in large scale environment.Configure and troubleshoot Juniper EX/SRX series switches.Network security including NAT/PAT, ACL, and ASA/SRX/Palo Alto/Fortinet Firewalls.Work with Load Balancing team to build connectivity to production and disaster recovery servers through F5 Big IP LTM load balancersInstall, manage and monitored Large scale Palo Alto Firewalls through Panorama.Worked with Palo Alto firewalls PA250, PA4050, PA3020 using Panorama servers, performing changes to monitor/block/allow the traffic on the firewall. Technical assistance for LAN/WAN management and complex customer issues.Remediation of firewall rules from checkpoint firewalls to Cisco ASA firewalls and their implementation.Worked on Python scripting for generation the firewall security policy through web visualization tool in checkpoint firewall.Strong hands on experience on, ASA Firewalls, Palo Alto Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL VPN, IPS/IDS, AAA (TACACS+ & RADIUS).Implemented Zone Based Firewalls and Security Rules on the Palo Alto Firewall. Exposure to wildfire feature of Palo Alto. Supported Blue Coat Proxy in explicit mode for users trying to access Internet from Corp Network.Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering). Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.Worked with the Python 2 & 3 versionDealt with Aruba wireless access points 200,300 series supporting 802.11 ac.Setting Aruba Access to link distribution switch system and then to WLAN controller.Installed and configured Meraki (MX80, MX60) Appliance via Meraki MX400 Cloud.Installed and configured Cisco Meraki (MR66, MR74, and MR84) wireless Access points in the warehouses.Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, prevention where needed.Norton Health, Norton, MA Oct 2021 Jun 2022Sr. Network security EngineerResponsibilities:Installed and configured LAN/WAN Networks, Hardware, Software, and Telecommunication services- Cisco Routers and Switches. Implemented IPv4 and IPv6 on PTX platforms.Worked on Cisco wireless LAN technologies, Integration with Cisco ISE. Worked on WLAN AP profiles, Authentication roles, RF properties, AP configuration, WLAN upgrades, Anchor controllers, Cisco prime.Implementation and administration of PKI to include Enterprise Root CA and Subordinate CA design.Worked on SD-WAN implementation for remote site connectivity using Viptela. Configuration of Application policies, vEdge, vManage, vSmart and vBond in Viptella.Routing protocol configuration such as OSPF, IS-IS, EIGRP and BGP, Router redundancy configuration (HSRP, VRRP and GLBP) and Wireless LAN (Access point, LWAPP).Experience with network management protocols/tools (TACACS, NTP, SNMP, SYSLOG) Working experience on complex Palo Alto Firewalls Environment.Experienced on working with Palo Alto Next Generation firewall with security, networking, and management features such as URL filtering, Anti-virus, IPsec VPN, SSL VPN, IPS, Log Management.Experience working with Juniper devices like EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX650, SRX240 and Juniper J series j230, M 320 and MX960 routers.Resolved Customers request to create firewall policies for Cisco ASA, juniper SRX, Fortinet and NX-OS.Infrastructure configuration and troubleshooting for Windows Azure environments.Monitoring and troubleshooting traffic on Palo Alto firewall through Panorama. Creating and modifying rules and objects on Palo Alto firewall through Panorama.Strong experience in Networking, including hands-on experience in providing network support, installation and analysis for a broad range of LAN/WAN communication systems.Involved in the Team of Data Centre Operations to perform duties like administration and monitoring of Cisco Routers and Switches according to the organization requirements.Configuring and implementing Remote Access Solution: IPsec VPN, AnyConnect, and SSL VPN.Integrate services appliances to Cisco ACI deployments to include Application Delivery Controllers and FirewallsInvolved in Network Designing, Routing, DNS, IP Subnetting, TCP/IP protocol.Worked with Cisco Catalyst 6500, 4500, 3750, 3500, 2960 switches and Cisco 2800, 3600, 3800, 7200, 7600 and ASR 1000, 2000.3000,7000,9000 series Routers.Designed and implemented a set of tools to provide fully automated configuration of F5 Networks BIGIP load balancing systems.Configured & maintained IPSEC Site-to-Site VPN using cisco IOS.Designed perimeter security policy, Implemented Firewall ACL's, allowed access to specified services, Configured Client VPN technologies including Cisco's VPN client via IPSECExperience with converting Cisco 6500 IOS to Cisco Nexus NX-OS in the data center environment.Install and maintain the wireless infrastructure (Aruba) Configuration of SSID, VLAN binding, security managementImplemented firewall rules using Palo Alto panorama, Checkpoint smart dashboard, Provider- 1 and Cisco CSMWorked on configuring/troubleshooting Zscaler related issues. ZIA admin and ZCCWorked on Palo Alto APP-ID, User-ID and other security profiles like Anti-virus, Threat Prevention, URL-filtering and Wildfire etc.Responsible for installation, configuration, maintenance and administration of Palo Alto firewalls PA-7k, PA-5k and PA-2K firewalls.Assigning RADIUS and TACACS for new deployments in production environment. AAA for users to implement changes on production devices. Most of these devices are cisco propriety.Built alert & monitoring scripts for applications & servers using Python & Shell Script.Verizon, NYC, NY July 2019 Sep 2021Network security EngineerResponsibilities:Worked primarily as a part of the security team and daily tasks included firewall rule analysis, rule modification and administrationWorked on configuring and troubleshooting of routing protocols such as OSPF and BGP for effective communication. Maintain LAN communication between Servers/Workstations.Remediation of firewall rules from checkpoint firewalls to Palo Alto firewalls,Installing and configuring new juniper EX, MX, SRX series firewalls to meet day to day work.Key contributions include troubleshooting of complex LAN /WAN infrastructure that include routing protocols EIGRP.Responsible for turning up new BGP peering and customer sessions, as well as debugging BGP routing.Managed, operated, and analyzed data from corporate security systems including Source fire IDS.Configured and managed Cisco access layer routers and switches.Ensured that data center stayed as immaculate as possible to prevent unnecessary damage to computer.Designed WAN structure to prevent single point of failure in case of link failure.Maintenance and Troubleshooting of connectivity problems using Ping, Trace route.Configured STP for loop prevention and VTP for Inter-VLAN Routing.Worked on load balancers like F5 10050s, 10250v to troubleshoot and monitor DNS issues and traffic related to DNS and avoid DDoSInstalled and configured SSH (Secure Shell) encryption to access securely on Ubuntu and Red hat Linux.Deployment of Palo Alto firewall into the network. Configured and wrote Access-list policies on protocol-based services.Configured network access servers and routers for AAA security (RADIUS/ TACACS+)Implementing and troubleshooting (on-call) IPsec VPNs for various business lines and making sure everything is in placeImplemented Zone Based Firewalling and Security Rules on the Palo Alto Firewalls.Managed the security infrastructure of the service provider which includes Fortinet Firewalls, Cisco ASAs, Juniper SRX, and Palo Alto.Implemented IPSEC Site-to-Site in Cisco ASA.Performed firewall migration from Cisco ASA platforms to PaloAlto firewalls using PaloAlto conversion toolWorked on extensively on troubleshooting multiple issues and driving Incident calls to resolution by doing packet capture techniques and performing other troubleshooting scenarios.Configured and troubleshot access-lists, service policies, and NAT rules, network object groups, service object Groups on ASA 5585 and 5505 Firewalls.Performed backups and upgrades from time to time on different type of firewalls mostly on Palo Alto, Checkpoint and Cisco ASA firewallsInstalling and configuring new cisco equipment including Cisco 1900, 2900, 3900 series routers, Cisco catalyst switches 6807, 7010, Nexus 5500 and Nexus 2k as per the requirement of the company. Problem Solving and maintain documentation throughout the project life cycle.Navajana Technologies, India Mar 2017 June 2019Network Support EngineerResponsibilities:Installing and configuring juniper M series router along with juniper switches QFX seriesWorking Knowledge of frame relay, MPLS services, IPSec VPN's, OSPF, BGP and EIGRP routing protocols, Netting, sub-netting, also including DNS, WINS, LDAP, DHCP, TCP/IP, UDP, SNMP, OSPF, IPSEC, PPP, VLAN, VTP, STP (Spanning tree Protocol), RSTP & Multicasting protocols.Installed, configured and maintained several Cisco DMVPN routers servicing smaller sites, several Edge routers running BGP to Internet service providers.Experience on F5 load balancer to maintain balance in the network system with application specific usage.Experience with Firewall administration, Rule analysis, Rule modification.Troubleshoot traffic passing managed via logs and packet capturesResponsible for reviewing current and planned network designs, particularly F5 load balancer implementations. Identified opportunities for implementation of network best practices.Played responsible role for implementing, engineering, & level 2 support of existing network technologies / services & integration of new network technologies / servicesSecurity experience in deploying VPN Solutions like IPsec & SSL VPN implemented across multiple vendors.Deployed VPNs (hands-on) to provide remote users with network access connect geographically separated branches into a unified network & enable the remote use of applications that rely on internal servers.Used SIEM tool called Splunk SIEM tool to analyze firewall logs and incident event analysisWorked with Cisco Layer 3 switches 3560, 3750, 4500, 6500; Cisco Nexus 5000 and 7000 in multi VLAN environment with the use of inter-VLAN routing, 802.1Q trunk, and ether channel.Key contributions include troubleshooting of complex LAN /WAN infrastructure that include routing protocols EIGRP, OSPF & BGP.Performed route filtering and route manipulation by applying distribute-lists, route-maps & offset lists respectively.Configured and deployed BIG-IP LTM 8900 for providing application redundancy and load balancing.Involved in design, implementation and configuration of HSRP for load balancing on L2 switches on different location of office on the switched networkIdentify opportunities and solutions for improving efficiencies with emerging technologies, including Cisco routers/switches and wireless systems.Deployed 7613 as PE and CE router and configured and troubleshoot the edge routersGenerating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problemsEducationBachelors in computer science Engineer |
