PROFESSIONAL SUMMARY

*+ years of professional experience with specialization in Datacenter management. Experience in network designing, implementation and troubleshooting of complex infrastructure which includes firewalls, routing and switching on enterprise networks.

Skills Overview:

•Expert level Knowledge in configuring and troubleshooting of Palo Alto PA 3020, 5250 Juniper SRX-550, SRX-220, ASA 55xx, Checkpoint R77 firewalls.

•Experienced in Migration from Checkpoint to Juniper and Cisco ASA Firewalls to Palo Alto.

•Worked with CISCO ASA content security and control Security Services Module(CSC-SSM) and Advanced Inspection and Prevention security Service Module(AIP-SSM).

•Expert level knowledge in Palo Alto Network Security Device Configuration of Security Rules, QoS Rules, User ID agents, Packet Capturing and analyzing logs using various tools like NMAP, Solar Winds, Wireshark,Qradar and Splunk.

•Experience in maintaining of Check Point Firewall in a Distributed Deployment and High Availability Redundancy Scenario.

•Proficient in implementation of filters using standard and Extended access-lists,Time-based access-lists, Route Maps.

•Good knowledge on Intrusion Detection & Prevention (IDS / IPS), Data Leakage Prevention (DLP), Security Information and Event Management (SIEM).

•In-depth understanding in implementing and configuring F5 Big-IP LTM and GTM of Load Balancers.

•Configuring of Virtual Servers, Pools, Nodes and balancing methods SSL offloading, Cert management and Troubleshooting experience on F5.

• Working Experience on web content filter and gateways like Bluecoat proxy manager and Reporter.

•Strong knowledge of TACACS+, RADIUS and AAA Authentication servers.

•Hands on experience in deployment of GRE tunneling, SSL, Site-Site IPSEC VPN and DMVPN.

•Experience in configuring routing protocols and deployment of OSPF, EIGRP, BGP and policy based routing over routers from different vendors.

•Extensive knowledge in network designing, including Wide Area Networking (WAN), Local Area Networking (LAN), Multiple Protocol Labeling Switching (MPLS)..

•Actively worked on Switching tasks that includes VTP, ISL/ 802.1q, Ether Channel, Port Security, STP and RSTP.

•Strong hands on experience in installing, configuring and troubleshooting of Cisco 7600, 7200, 3900, 3600 series routers, Cisco Catalyst and Nexus series switches.

•Hands on Experience in Linux administration and AWS basics.

• Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tools.

TECHNICAL SKILLS

Networking Concepts

OSI Model, TCP/IP, UDP, IPV4, IPv6, Subnetting, VLSM

Routing Protocols

RIP, IGRP, EIGRP, OSPF, BGP, Static Routing, Route Filtering, Redistribution, Summarization

Gateway Load Balancing

HSRP, VRRP, GLBP

Infrastructure services

DNS, ICMP, SNMP, ARP, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP and FTP

Switch Technologies

VLANs, VTP, STP, RSTP,PVST+, DTP, MLPPP, IEEE 802.1q, MPLS, ISL and dot1q, SMTP, VLAN, Inter-VLAN Routing, Light weight access point

WAN Technologies

Frame Relay, PPP, HDLC, (E1/T1/E3T3)

Security

VPN, NAT/ PAT, access-lists, IPSEC, Juniper SRX, TACACS+, RADIUS

Firewall

Cisco PIX, ASA, Juniper Secure Access VPN Appliance, Checkpoint and Palo Alto

Network Management Tools

Wireshark, Net flow Analyzer, Cisco Works, Ethereal, SNMP, and HP open view, OPNET, Tufin, Websense, Blue coat proxy,Qradar

Load Balancers

Cisco CSM, F5 Networks (Big-IP) LTM 8900

Operating Systems

Microsoft Windows Server 2003/2008/2012, Windows XP/Vista/7/8, Linux

Other Technologies

VISIO, VMware, Mat Lab, GNS3, Microsoft Word, Excel, SQL

Scripting Languages

C,C++,unix, Linux, JAVA, JAVA servlets,JAVA script, VB scripting

PROJECT EXPERIENCE

Client: Katalyst Technologies January 2017 to Present

Location: Santa Ana, CA

position: Network Security Engineer

Responsibilities:

Palo Alto installation, configuration, administration, monitoring and implementing the policies in Palo Alto 3020 and 5250.

Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).

Deployed Palo Alto for web filtering and application control.

Manage Palo Alto Firewalls using Panorama configuring Device Groups and Templates.

Configured and monitored Firewall logging, DMZ's and related security policies.

Implementing QoS on PE and CE as per BTs templates and upgrading bandwidth and QoS as per client requirement. .

Active participation in the migration of cisco ASA 5040 to Palo alto.

Extensive Knowledge on the implementation of Cisco ASA 5500 series and checkpoint R 75 firewalls.

Experience in Network Management Tools and sniffers like HP-Open view, Wireshark and Cisco works to support 24 x 7 Network Operation Center.

Experience in configuring, deploying and deployment of Cisco Security Manager (CSM) for management of ASA [ ] Firewall series

Implemented the policy rules and DMZ for multiple clients of the state on the Checkpoint firewall.

Experience in analyzing security logs generated by IDS/IPS, firewalls, network flow system, anti-virus and other security log sources.

Syn Mitigation, DDoS attacks prevention, Adaptive system testing, ACL's, floods and layer 7 refection attacks .

Excellently used Qradar to research and monitor incident management and incident resolution issues.

Established the monitor routes on Checkpoint Firewall that allows the F5 LTM to monitor the backend nodes or server.

Automation of Tufin using python scripting.

Configuring VLANs/routing/NATing with the firewalls as per the network design.

DesigningF5 solutions/support for migration work of applications and websites from Cisco CSS Load Balancers to the F5 BigIP Load Balancers.

Used solarwinds for monitoring and troubleshooting network devices in different time zones .

Switching tasks include VTP, ISL/ 802.1q, IPSec and GRE Tunneling, Ether Channel, Trunking, Port Security, STP and RSTP.

Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed.

Worked on remedy ticketing tool for handling different priority level tickets.

Client: Rapid 7 April 2015 to December 2016

Location: Austin, TX

position: Network Security Engineer

Responsibilities:

Worked with Juniper Net Screen 500/5200 and Juniper SRX 650/3600.

Migrating from Checkpoint R77 Firewalls to Juniper Firewalls.

Designed and configured OSPF, BGP on Juniper Routers and SRX Firewalls.

Creating rules on the checkpoint firewall for a NAT to the VLAN IP and to allow the IPsec traffic.

Configuration and integration of Cisco Wireless LAN Controllers WLC with ISE for performing Dot1x authentication to Wireless users.

Installation and configuration of Checkpoint NG R55 & NGX R60.

Used Jflow for working with feeds and flow feeds. Used Snort and sniffer trace for Monitoring and maintenance LAN/WAN.

Worked on Big IP F5 Load Balance: setting up, surveillance and configuration of F5 load balancer (using LTM & GTM).

Setup and maintained checkpoint security policies including NAT/VPN and secure remote access.

Utilizing Tufin and Splunk firewall analyzing tool to remediate idle firewall policies that leave the network open to unnecessary vulnerabilities.

Experience with network security protocols such as IPSEC tunnels, GRE tunnels, NAT (PAT), ACLs and VPN.

Managing URL Content Filtering on Websense Proxy.

Adding exemption, editing policy groups on Websense Management Server.

Adding/removing ARM bypass rules on Websense appliances.

Participated in the installation, configuration, post installation, daily operational tasks and configuration and deployment of Cisco Nexus equipment 7010, 5596 and 2248.

Researched, resolved and documented Syslog generated errors as escalated.

Configuring IP, RIP, EIGRP, OSPF and BGP in routers.

Upgrading of network connectivity occasionally between the branch office and the regional office through multiple link paths and routers running HSRP, EIGRP with unequal cost load balancing to build flexible network.

Implementation of ACLs and authentication (EIGRP, BGP) to ensure high reliability on the network.

Client: MindTech August 2013 to December 2014

Location: Hyderabad, India

position: Network Engineer

Responsibilities:

Experience on a mesh 6500 and 5500 series routers and switches to support the core trading system.

Involved in Upgrades and backups of Cisco router configuration files to a TFTP server.

Implementing and maintaining backup schedules as per the company policy.

Experience working with High performance data center switch like nexus 7000 series.

Manage Cisco Routers and troubleshoot layer2 and layer3 technologies for customer escalations.

Created engineering configuration, Security Standards, documenting processes and Network documentation using Microsoft Visio .

Implemented the concept of Route Redistribution between different routing protocols

Switching related tasks included implementing VLANS, VTP, STP and configuring on Fast Ethernet .

Planning and implementation of Subnetting, VLSM in order to conserve IP address

Monitored all Cisco equipment's using Cisco Works.

Monitoring alerts & events in Cisco IPS.

Monitoring network devices using HP Network Node Manager.

Performed on-call support for installation and troubleshooting of the configuration issues.

Researched, resolved and documented Syslog generated errors as escalated.

Worked on installation, maintenance, and troubleshooting of LAN/WAN (ISDN, Frame relay, NAT, DHCP, TCP/IP). Configured Access Lists (Standard, Extended, and Named) to allow users all over the company to access different applications while blocking others.

Client: Aricent Technologies March 2011 to July 2013

Location: Hyderabad, India

position: Network Engineer

Responsibilities:

Involved in the configuration & troubleshooting of routing protocols such as MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, and IP access filter policies

Creating a priority list of what type of attacks to focus on vs. what can be accomplished and identifying timeline on how to accomplish all the functionality ASM can provide.

Conducted testing (R&S) validations, reviewed network configuration, and made recommendations for core infrastructure design of the Nexus enterprise infrastructure.

Configured HSRP to provide high availability.

Agile Project management was implemented using JIRA and Clarity tool used for the Lifecycle Project Management

Involved in the configuration & troubleshooting of routing protocols such as MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, and IP access filter policies.

Configured and connected to the MPLS the new L2 switches for the network expansion.

Implemented monitoring system for multicast traffic in the IPTV backbone and the MPLS Network.

Carried out Cisco/Juniper Metro-access and Pre-Aggregation Routers Testing, validation, selection & successful integration in IP/MPLS Mobile Backhaul greenfield network

Work with the data center planning groups, assisting with network capacity and high availability requirements.

Configured network access servers and routers for AAA Security (TACACS+).

Involved with the Systems team to Install, configure, & maintain AD, DNS, DHCP on Windows Server, and also configured a FTP server.

Troubleshooting of TCP/IP problems and connectivity issues in multi-protocol Ethernet environment.

EDUCATION

MASTERS OF SCIENCE (Computer science):UNIVERSITY OF ILLINOIS AT SPRINGFIELD

BACHELORS OF TECHNOLOGY(Computer science): JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY

Contact this candidate