VENKATA SHIVA KUMAR NAMBALLA
Mobile: 510-***-****
Email: ***************@*****.***
Technical Summary
* **** ***** ** ********** with demonstrated success in Network administration, Troubleshooting & fine-tuning of Firewalls, VPN Configuration, Troubleshooting Cisco, Juniper, Huawei, HP Routers and Switches, Cisco ASA Firewalls, Palo Alto Firewalls, Load Balancers.
Experience with Cisco ASA 5505 / 5510 / 5520 / 5540 firewalls and FWSM.
Worked on Palo Alto firewalls PA 5000, 7000, 3000 Series, juniper firewall series.
Deployed and maintained palo alto firewalls environment successfully from planning the network infrastructure, initial access into PAN, registering the PAN to creating documentation.
Implemented Security Policies appropriate for the network on inbound and outbound traffic using Security zones, outbound SSL Decryption, URL filtering.
Setting up virtual private network Global Protect (Client VPN) using IKE crypto profiles (sha, Aes, MD5), Virtual routers, Static Routes, Site-to-Site VPN Tunnels (VTI).
Implemented firewall features effectively such as 802.1Q and VLAN tagging, Sending Logs to Syslog, SNMPv3, Netflow, File Blocking, Anti-Virus Blocking, NAT.
Experienced with User Identification using Active Directory, Dual Internet using Policy Based Forwarding.
Implemented DoS Protection (Zone Protection), Virtual Wire (Transparent Firewall).
Implemented AAA in the palo alto networks through TACACS+, RADIUS servers.
Worked on High Availability (Active/Passive) HA1,2,3, Blocking applications based on App-ID such as Skype & BitTorrent Applications in the office environment.
Worked previously on Dynamic Block List, Vulnerability Protection (IPS), Custom IPS Signatures, Data Filtering, Packet capture.
Sound knowledge on kill chain and up to date with the latest security vulnerabilities and current scenarios.
Deployed Check Point Next- Generation Firewall for enterprise network security high-performance, multi-core capabilities (1400, 3000, 23000).
Experience with Cisco routers 800 / 1700/ 1800 / 2600 / 2800 / 3600 / 3800 /7200 series.
Experience with Cisco switches CE500 / C2950 / C2960 / C3560 / C3750 / ME3400 / C6500.
Deep knowledge on various firewall operating systems such as PAN OS, juniper OS, IOS.
Strong experience of troubleshooting and supporting LAN and WAN environments.
Excellent knowledge of supporting and troubleshooting routers and Cisco routers, switches, and firewalls.
Sound working experience of DHCP and DNS Servers.
Thorough knowledge of Routing protocols RIPV1,V2 / IGRP / EIGRP / OSPF / IBGP / EBGP / BGP.
Good knowledge on VLANs / STP / RSTP / Etherchannel / MST/ VRRP.
Worked on securing VLANs, switch access, IDS, IPS, TCP/IP, DNS, DHCP, WINS.
Plan, configure and install various network devices and services (e.g., routers, switches, firewalls, load balancers, VPN, QoS).
Perform network maintenance and upgrades including service packs, patches, hot fixes and security configurations.
Monitor performance and ensure system/connection availability and reliability.
Monitor network resource utilization, trending, and capacity planning.
Work within established configuration and change management policies to ensure awareness, approval and success of changes made to the network infrastructure.
Select and implement security tools, policies, and procedures in conjunction with the company’s security team.
Provide direct technical assistance and support to co-workers as needed.
Monitor, maintain and control network efficiency using appropriate tools.
Monitor, maintain and control network resource accesses by only authorized personnel.
Responsible for designing, implementing and maintaining a global network infrastructure. Global network includes internal offices and also hosted production customer facing locations.
Perform network security design and integration.
Troubleshoot and resolve end-user issues independently and efficiently
Create network documentation.
Manage projects and maintenance tasks using a ticketing system.
Monitor network usage, anticipate problems and suggest solutions.
Work closely with global colleagues to meet team goals and improve processes, practices and communications.
Education Qualifications
Bachelors in computer science and engineering at Amity university, India
Masters in computer science at University of Illinois, Springfield.
Working Experience
1/2016 - 9/2017 Performant, Livermore, CA (currently working)
Network Systems Engineer.
Install and maintain Palo alto security firewalls infrastructure.
Implemented Security zones, Virtual routers, Static Routes, Security Policies, outbound SSL Decryption, URL filtering, Global Protect (Client VPN), Site-to-Site VPN Tunneling (VTI).
Implemented firewall features effectively such as 802.1Q and VLAN tagging, Sending Logs to Syslog, SNMPv3, Netflow, File Blocking, Anti-Virus Blocking.
Monitor performance and ensure system/connection availability and reliability.
Monitor system resource utilization, trending, and capacity planning.
Provide Layer-2/3 support and troubleshooting to resolve issues.
Experience with converting Checkpoint VPN rules over to the prime Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
Work within established configuration and change management policies to ensure awareness, approval and success of changes made to the network infrastructure.
Select and implement security tools, policies, and procedures in conjunction with the company’s security team.
Coordinate with vendors and other IT personnel for problem resolution.
Provide input on the creation of technical documents, including user’s manuals, training materials, and installation guides.
11/2013 – 12/2015 Corsica tech, NY
IT Network & Security Analyst
Configure and install various network devices and services (e.g., routers, switches, firewalls, load balancers, VPN, QoS).
Performed Network Security Assessment and implemented security features such as network filtering, encryption through SSH, AAA, implemented VPN’S, SNMP access lists, VTY access lists, EIGRP MD5 authentication, and HSRP authentication.
Engineer, design and configure firewall servers for local and remote access.
Engineer, design and install firewall hardware and topology.
Engineer, design, implement and support TCP/IP subnets.
Engineer, design, implement and support network firewalls.
Provide direct technical assistance and support to co-workers as needed.
Monitor, maintain and control network efficiency using appropriate tools and policies.
Monitor, maintain and control security standards for the local and wide area networks.
Monitor, maintain and control electronic messaging applications specific to E-Mail, instant messaging.
Monitor, maintain and control network resource accesses by only authorized personnel.
Monitor and maintain network server applications specific to the Internet, E-Mail and remote access.
12/2012 – 10/2013 Data Dimensions, Janesville, WI
Network Engineer
working with and designing network architectures with IP Routing protocols such as BGP, OSPF, EIGRP. Layer-2 switching technologies and related technologies like MPLS, HSRP, VSRP.
Responsible for designing, implementing and maintaining a global network infrastructure. Global network includes internal offices and also hosted production customer facing locations.
Perform network security design and integration.
Perform root cause analysis, diagnostics, monitoring on various production systems.
Troubleshoot and resolve end-user issues independently and efficiently.
Create network documentation.
Manage projects and maintenance tasks using a ticketing system.
Monitor network usage, anticipate problems and suggest solutions.
Work closely with global colleagues to meet team goals and improve processes, practices and communications.
Educate junior global network team members.
10/2011 – 09/2012 Progressive media solutions, Hyderabad, IN
Security and networking Analyst
Configured and maintained EIGRP, OSPF and BGP on Cisco Routers.
Performed network administration tasks such as creation and management of VLANS, Port security, Trunking, Inter-VLAN routing, and LAN security.
Design and Implement complex networks, routing, switching and troubleshooting issues across multiple routing and switching platforms.
Provide technical leadership to the enterprise for networking. Mentor and train others in addition to training for other technical groups.
Main tasks includes dealing with IPS, IDS, log management, and security assessment systems.
Assess threats, risks, and vulnerabilities from emerging security issues. Publish Security Updates newsletter for technical groups.
Draft enterprise security standards and guidelines for system configuration.
Managed process and acted in the lead role for computer security incident response team.
Perform and create procedures for system security audits, penetration-tests, and vulnerability assessments.
Develop scripts to maintain and backup key security systems.