| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidate Candidate's Name iSenior Network Security Engineer EMAIL AVAILABLEPHONE NUMBER AVAILABLESUMMARY: 7+ years of experience in managing and securing complex LAN/WAN, wireless, and cloud infrastructures for large-scale enterprises, ensuring network resilience and security. Expertise in deploying and configuring Palo Alto Networks Firewalls (PA-5410, PA-7050), implementing Panorama for centralized management, which increased security visibility and reduced configuration time by 30%. Skilled in optimizing Cisco Nexus series (9300, 7010, 5600) to enhance network performance, resulting in a 25% improvement in multisite enterprise network efficiency. Managed Cisco routers (2300, 4000, 6500) and switches (1600, 2900, 6500) for seamless network operations and optimized infrastructure performance. Certified in CCNA, CEH, and AWS, with demonstrated ability to design AWS security roadmaps and integrate third-party tools, ensuring secure cloud environments and adherence to best practices. Proven success in automating network operations and security event resolution using Ansible and Python, improving incident response times by 40% and reducing manual intervention.
Hands-on experience with NAC solutions like Cisco ISE, ForeScout CounterACT, and Aruba ClearPass, enhancing network security compliance and minimizing unauthorized access. Proficient in configuring F5 Big-IP Load Balancers (3600, 4200, 6950, 8950), delivering seamless application performance across enterprise environments by balancing traffic loads effectively. Extensive experience in Infoblox DNS/DHCP troubleshooting in LAN environments by effectively managing network configurations and resolving issues proactively. Expertise in customizing FortiGate firewalls (4800F, 1800F, 3700F) for specific security needs, ensuring compliance with industry standards and reducing vulnerability risk by 20%. Collaborated with cross-functional teams to implement security solutions, delivering highly resilient and secure network infrastructures.TECHNICAL SKILLSLAN TechnologiesSMTP, VLAN, Inter-VLAN Routing, VTP, STP, RSTP, Light weight access point, WLC.LANEthernet (IEEE 802.3), Fast Ethernet, Gigabit Ethernet.Network Management ToolsWireshark, NetFlow Analyzer, NetScout, SNMP, Cisco Prime, Ethereal, HP OpenView, SolarWinds Orion, Cisco vManage, Tetration, Infoblox IPAM, Forti Manager.WirelessCisco Meraki, Aruba wireless, Cisco Wireless LAN Controller.FirewallFortinet (FortiGate) Firewall, Palo Alto PA-5410, PA-7050, PA-3220 Checkpoint, Cisco ASA, and Juniper SRX series.Load BalancersF5 Networks (Big-IP) LTM 6400, Viprion.Cloud & AutomationAWS, Ansible, Terraform, Python, AWS SIEM, Ansible Tower, NetmikoAWS Direct Connect, Route 53, CloudFormation.Security & VPNsIPsec VPNs, Cisco Firepower, ASA, and Checkpoint Firewalls, FortiGate Firewalls, Cisco TrustSec, Zscaler, Illumio ASP, Viptela SD-WAN, Cisco ACI.Professional Experience:United Airlines, Chicago, IL Nov 2023 - PresentSr. Network security EngineerResponsibilities: Implemented Zone-Based Security policies on Palo Alto firewalls (PA-5450, PA-3260, PA-7080), securing segmented network architecture and regulating traffic flow between zones. Managed multiple Palo Alto firewalls centrally using the Palo Alto Panorama M-500 centralized management appliances. Leveraged Palo Alto Networks' threat intelligence feeds to enhance Wildfire s effectiveness in identifying and blocking new and sophisticated threats.
Configured GlobalProtect VPN on Palo Alto firewalls, ensuring secure, encrypted communication between remote devices and the corporate network. Enforced security policies on FortiGate firewalls (1000F, 3700F, 4200F, 7121F), fortifying network security and preventing unauthorized access. Configured FortiManager to deploy dynamic security protocols on FortiGate firewalls, utilizing threat intelligence from FortiAnalyzer. Enforced version control of firewall policies using FortiManager, ensuring uniformity and compliance across network infrastructure. Integrated and fine-tuned security profiles on Fortinet firewalls, incorporating antivirus, intrusion prevention, and web filtering functionalities, thus bolstering threat detection and prevention capabilities. Configured and optimized encrypted tunnels (IPsec) within the SD-WAN environment to ensure secure communication between branch offices and data centres. Deployed analytics tools within vManage to proactively troubleshoot network issues and optimize SD-WAN performance. Collaborated with cross-functional teams to ensure smooth migration and integration of SD-WAN Viptela solutions. Configured and managed tenant policies within Cisco ACI, ensuring the secure isolation and segmentation of network resources for various business units or applications. Defined security domains in Cisco ACI, defining policies and controls to enforce security measures and manage communication between distinct network segments. Integrated to the formulation of security policies and protocols for AAA users within Cisco ACI, aligning them with industry standards and organizational security requirements. Conducted risk assessments and implemented safety protocols on Cisco Firepower 4112 and 4115 to evaluate and report security incidents. Deployed Cisco Secure firewalls (3105, 3110, 3120), increasing network safeguards and reducing unauthorized access attempts by 50%. Configured routing and security policies on Cisco Meraki (MX65, MX64, MX68), prioritizing applications and optimizing bandwidth utilization. Enhanced visibility and collaboration throughout the safety ecosystem by integrating ISEC with additional safety measures and administration structures. Developed routing rules and AWS Route 53 health checks to optimize traffic flow and ensure smooth failover processes. Designed structures for AWS Cloud Formation to specify and supply AWS infrastructure as code guaranteeing consistent and scalable installations. Configured AWS Direct Connect to meet compliance and data residency standards, securing sensitive data through dedicated network connections. Automated SIEM log parsing with Python, reducing incident resolution time by 40% and improving overall security event detection. Configured Cisco ISE for device profiling, radius, device posture checks, user identity, network segmentation, and device compliance. Managed IP address spaces and subnet allocation using Infoblox IPAM, planning efficiently for network growth. Worked with Cisco TAC to develop cutting-edge amenities testing methodologies in order to promptly detect and resolve intricate network issues affecting Cisco Nexus switches. Developed and tracked backup plans for Cisco Nexus (9300, 9400, 9500), ensuring connectivity and mitigating downtime. Configured Cisco routers with IPsec VPNs to secure remote site management and protect data from unauthorized access. Designed flexible network architectures using Cisco routers (8100, 8200, 8600) to ensure seamless communication across core infrastructure. Improved operational efficiency by automating network tasks (firmware updates, restores, device installation) with Ansible. Implemented central administration platforms with Juniper SRX 1600 and SRX 2300 to simplify the execution of policies and enable visibility across various devices. Installed and managed Illumio ASP, implementing micro-segmentation for enhanced security in multi-cloud and hybrid environments. Configured and maintained Illumio segmentation rules to regulate east-west traffic, reducing the attack surface in cloud services and data centers.Ivision, Atlanta, GA Aug 2022 Oct 2023Sr. Network security EngineerResponsibilities: Implemented Palo Alto Panorama M-100 management server to establish centralized management of Palo Alto firewalls, including PA-5410, PA-5430, PA-7050, PA-3250 models. Worked on the management of Palo Alto firewalls, such as using Panorama servers for monitoring and implementing traffic flow controls. Set up rules and maintained Palo Alto firewalls, such as analysing firewall logs with various tools to identify and resolve security-related events. Integrated Palo Alto Wildfire to enhance advanced threat detection and analysis capabilities, strengthening the organization's response to sophisticated cyber threats. Implemented configuration settings for logging and reporting features on FortiGate devices, facilitating network activity monitoring, security event analysis, and compliance report generation. Managed and maintained the performance and security of Fortinet FortiGate 3700F and 3500F firewalls, along with Forti Analyzer and Forti Manager, ensuring optimal functionality. Integrated threat detection capabilities by integrating threat intelligence feeds with FortiGate firewalls, pre-emptively safeguarding against emerging threats. Configured the FortiGate firewall infrastructure efficiently, configuring devices from the FortiGate 4200F and 4400F series, aligning them with network diagrams and security standards. Implemented and managed VPN configurations on Viptela SD-WAN, including the establishment of secure communication channels for remote sites and cloud resources. Deployed and oversaw SD-WAN solutions, with a particular emphasis on Viptela technology, to streamline network performance and improve connectivity across the board. Worked collaboratively with vBond Orchestrator to establish secure and efficient connectivity for branch offices, ensuring the smooth and dependable deployment of SD-WAN. Integrated seamless communication between BD Subnets and external networks, fostering efficient connectivity with resources beyond the Cisco ACI fabric. Implemented the Cisco ACI architecture, leveraging the Border and Leaf-Spine topology to establish a scalable and efficient network connectivity framework. Managed the allocation of subnets within Bridge Domains in Cisco ACI, ensuring optimal assignment and uses of IP addresses to accommodate diverse applications and services. Deployed and configured AWS Cloud Watch to monitor and collect metrics from various AWS resources, providing real-time insights into system performance. Managed AWS Cloud Front cache settings to improve content delivery optimization. Implemented cache behaviors and employed strategies for cache invalidation to seamlessly update dynamic content. Implemented and supervised AWS Direct Connect to establish secure and dedicated network connections between on-premises data centres and AWS resources. Configured to documenting F5 VIPRION configurations, security policies, and incident response procedures to facilitate knowledge sharing and serve as a reference for the future. Deployed F5 Viprion Enterprise Manager for all-cluster devices across the network, focusing on the 4000 series. Developed, implemented, and supervised the F5 VIPRION 2400, 4400, and 4800 platform, crafting high-performance and scalable application delivery solutions in line with business requirements. Integrated Ansible Tower for network administrator planning, role-based authorization, and job declaring through centralized technology administration. Added the capacity to react swiftly to network problems by developing Python-based devices for real-time tracking of networks, log analysis, and identifying anomalies. Improved access and identification of threats in both wireless and wired settings by integrating Aruba networks with currently installed safety structures, such as firewalls and SIEMs. Used Netmiko to streamline monitoring and reporting, real-time collection and analysis of data for network efficiency and safety tracking is now possible. Implemented secure network structures with Arista switches, mainly the 7170, 7500R, and 7280R3, in conjunction with architects of interfaces. Set up and maintained redundant links with ISPs through BGP peering sessions on Cisco routers, increasing internet access and dependability. Installed IP SLAs (Service Level Agreements) on Cisco routers to track metrics related to services, measure network reliability, and make sure SLAs are followed. Designed and put into use to allow MPLS connections between distant client locations and various endpoint routers, especially the Cisco ASR 9922, 9912, and 9910. Implemented and delivered thorough training sessions on the utilization of ISEC tools, ensuring IT teams acquired proficiency in their utilization. Designed and implemented Network Access control functionality with Cisco ISE and Fore Scout CounterACT. Created and managed the Infoblox Grid equipment to guarantee excellent network availability and dependability for DNS and DHCP support. Implemented comprehensive security controls using Illumio into the architecture of the data center to ensure overall security and deter threats. Improved network security against various threats was possible through the development, upkeep, and supervision of the Cisco Secure Firewall models 4245, 3120, and 3130. Configured and upgraded the Cisco Firepower 4125, 1150, and 4100 systems' software to ensure that the hardware complies with the vast majority of contemporary security requirements. Installed, and delivered ongoing maintenance for Cisco Nexus series including 7010, 7018, 5548, and 5600 enhancing the performance of multisite enterprise networks for clients across Pennsylvania. Configured Nexus 5020 with several distribution Virtual Device Contexts utilizing EIGRP to ensure efficient route propagation among network devices. Integrated Cisco Nexus switches with security appliances like firewalls, intrusion detection/prevention systems (IDS/IPS), and authentication servers to enforce network security policies. Implemented Juniper SRX 5800, SRX 5400, and SRX 4600 devices with additional security solutions like antivirus and malware detection tools, establishing comprehensive layered security defences.ADP, NYC, NY Aug 2020 July 2022Network security EngineerResponsibilities: Configured Checkpoint firewalls to authenticate users based on user identity, user group, session and client PC Auth. Responsible for configuring IPSec VPN tunnels, IP communication and routing OSPF, EIGRP, BGP. Replaced Checkpoint, Pulse VPN and Blue Coat proxy with Zscaler and worked on implementing Zscaler in Production. In-depth understanding in implementing and configuring F5 Big-IP LTM 3600, 4200, 6950 and 8950 Load Balancers. Configured NetScaler to implement load balancing and distribute traffic across servers, thereby enhancing application performance and reliability. Installed and configured tasks for diverse router models including 800, 1600, 2500, and 2600 series, as well as the setup of various Cisco switch models such as 2960 and 3560. Implemented site-to-site VPNs over the internet using 3DES, AES/AES-256 with Cisco ASA firewalls. Integrated Terraform with version control systems like Git for efficient collaboration and change management of infrastructure code. Used Wireshark for protocol analysis, dissecting packets to understand communication patterns and diagnose network anomalies across protocols like TCP, UDP, HTTP, and DNS. Configured and administered security rules and policies to permit and deny user traffics based on company security policy on Palo Alto firewalls PA-3250 and PA-3220. Deployed, configured, and managed the SolarWinds Orion platform for comprehensive network and infrastructure monitoring, providing visibility into the IT environment. Installed Tetration sensors to collect and analyse data extensively, offering deep insights into application behavior and dependencies. Implemented the Cisco TrustSec framework to enforce scalable and dynamic access control policies across the network infrastructure. Provided best practices for cable management to ensure a tidy and organized cabling infrastructure, reducing signal interference and simplifying troubleshooting. Configured intelligent traffic steering policies within Silver Peak to optimize network traffic routing, ensuring efficient resource utilization.Navajana Technologies, India Mar 2018 June 2020Network Support EngineerResponsibilities: Deployed, configured, and administered Cisco Switching at branch Offices and Routing to Data Centers, Other Branches, and headquarters using Cisco Appliances/Hardware. Deployed and configured WF-500 Wildfire appliance to monitor, identify, and contain new security threats, ensuring continuous firewall updates with the latest threat intelligence. Integrated Cisco Security Manager with Cisco ACS Server 4.1, BlueCoat, Cisco SSL VPN, and Clean Access, enhancing centralized security management. Implemented Cisco WLC and Access Points, generating wireless heat maps to optimize coverage and improve network performance. Configured and managed TCP/IP routing protocols (EIGRP, OSPF, BGP) to optimize network performance and ensure reliable communication across network segments. Extensive experience with RIP, OSPF, BGP, and EIGRP, overseeing routing protocol installation, configuration, and ongoing maintenance. Managed DNS and DHCP with tools like Infoblox, ensuring seamless IP address allocation and domain resolution.EducationBachelor's in Information Technology , Mahatma Gandhi Institute of Technology, Hyderabad-India. |
