Network Engineer Security
Resume:
THARUN
ac5ifo@r.postjobfree.com
PROFESSIONAL SUMMARY:
Network Engineer with 8+ Years of experience in networking, security, installing, configuring and maintaining network devices.
Good understanding of networking concepts such as TCP/IP protocols, VLANs, IP address management and network security.
Experience in Cisco Routing, Switching and Security with strong Cisco hardware/software experiences with Cisco Routers such as 1900, 2900, 3900, Cisco ASR-1k/9k, Cisco Multilayer Switches 4500, 6500, Cisco Nexus 2k/5k/7k/9k.
Strong understanding of current and future technologies including TCP/IP, IPv4/v6, RIP, EIGRP, OSPF, BGP, Frame Relay, ACL, VPN, Wireless LAN and configuration of VLANs.
Expertise in Configuration of VLANS, using Cisco Multilayer switches and supporting STP, RSTP, PVST, RPVST along with troubleshooting of inter-VLAN routing and VLAN Trunking using 802.1Q.
Experienced in Palo Alto Firewalls, Juniper Firewalls, Checkpoint firewalls, Fortinet Firewalls, Cisco WSA/CWS, Cisco ASA, SSL VPN, Cisco Nexus, Cisco ACS, Cisco ISE and IPS.
Hands on with Blue Coat URL filtering with white listing and blacklisting URL, creating rules for content filtering.
Configure and implement Network Infrastructure monitoring, alerting, backups, and system management solutions built on Linux Firewall and ACL security implementations.
Created Route maps on F5 BIG-IP GTM to link various VIPs from different F5 BIG-IP LTM to GTM.
Good Knowledge and experience working with F5 BIG-IP command line interface (CLI) and Traffic Management Shell (TMSH).
Administrated a network using Network Access Control List (NAC) to enhance security of the LAN network.
Expertise in Endpoint Security Antivirus with SEPM (Symantec Endpoint Manager).
Expertise in URL filtering with forcepoint, Email and websecurity with Cisco Ironport.
Proficient in using firewall technologies including general configuration, security policy, rules creation and modification of Cisco ASA, Juniper SRX and checkpoint.
Experience with Cisco IOS, cat OS, Cisco IOS XR and JUNOS.s
Proficiently implemented traffic filters using Standard and Extended access-lists, Distribution lists, Route-maps and Route Manipulation using offset-list.
Basic experience in CISCO source fire and its products.
Expertise in IP Sub netting and worked on various designing and allocating various classes of IP address to the domain.
Configured Infoblox failover using Infoblox DHCP that is based upon ISC DHCP modes on F5 management system.
Expertise knowledge in scripting (Perl/Bash/Python),VMware, ticketing tools like ServiceNow, Remedy and network security including NAT/PAT, ACL, VPN and IPSEC on DMVPN.
Extensively worked on Cisco catalyst 6509 and implemented VSS along with VDC and VPC on Nexus 5505, 7009 switches.
Experience in configuring and troubleshooting Netscaler,BIG-IP F5 load balancer LTM.
Managed the firesight devices along with security tools like Symantec,macfee.
In-depth understanding of UDP and TCP protocols.
Responsible for check point and Cisco ASA firewall administration across global networks.
Used python programming and language to develop an efficient and working network in the company.
Designing, Develop and Execute Test-Cases using C++ and python.
Worked on Load balancer F5 LTM,Citrix Netscalar,GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
Established relationships and network connectivity with vendors via site to site VPN.
In-depth knowledge in Tier-2 ISPRouting policies, Network Architecture, IP Subnetting, VLSM, TCP/IP, NAT, DHCP, DNS, Firewalls.
Adept in handling network monitoring tools such as Wireshark, Net flow, SNMP and SYSLOG.
Highly motivated with the ability to work independently or as an integral part of a team and committed to highest levels of profession.
Experience on project management, implementation and customer requirements.
TECHNICAL SKILLS:
Network Hardware devices
Cisco routers (1900, 2600, 2800, 2900, 3600, 3800,3900, 7200, and 7600), Firewalls, Cisco ASA,Palo alto, Checkpoint, Catalyst Switch (2900XL, 2950, 2960, 3560, 3750, 4507, and 6500, 9500, and 9300) Nexus switch (2248, 5548 &7010) and Bluecoat Proxy Servers.
Protocols
Routing (RIP, EIGRP, OSPF, OSPFv2, BGP, Static Routing), MPLS, Summarization, Redistribution, Switching (VLANS, Trunking, Inter-VLAN, STP, RSTP), NTP servers, DNS, UDP, TCP/IP, TFTP server, IEEE 802.1Q and Multi-layer switching.
Security
Network Access Control list (NAC), address filtering, TACACS+/Radius, Port Security, IPsec, SSH and Cisco Access Points.
Load balancers
F-5 BIG-IP LTM (3900 and 8900), F-5 GTM, and Palo Alto- 3060/2050.
Management tools
Cisco Prime, SNOW, Wireshark, Riverbed Shark, OPNET Modeler, Putty, Secure CRT, Telnet, VMware, Solarwinds, MS Office and Visio.
Antivirus & Endpoint protection
Symantec Enterprise Edition,MacAfee Enterprise Edition
CERTIFICATIONS:
CCNA - Cisco Certified Network Associate
CCNP – Cisco certified Network Professional
PALOALTO ACE certified.
EDUCATION:
Bachelor of Engineering (Electronics and communications engineering) from Osmania university.
PROFESSIONAL EXPERIENCE:
United Nations, NY Mar 2016 to Present
Network Security Engineer
Worked as a security engineer for migrating the Cisco and FortiGate firewalls to next generation Palo Alto firewalls.
Worked with Palo Alto firewalls using Panorama servers and performed changes to monitor/block/allow the traffic on the firewall.
Responsible to evaluate, test, configure, propose and implement network, firewall and security solution with Palo Alto networks.
Performed security audits on Cisco ASA, FortiGate and Palo Alto firewalls in Network and secured the network by bringing it to the present security standards.
Troubleshooting and implementing changes on Cisco, Checkpoint, FortiGate firewalls, F5 load balancers, Blue Coat proxies, and Juniper SSL/VPN devices.
Migration of the firewall from Cisco ASA to Palo Alto firewalls using migration tool from PAN.
Managed firewall design with network access control, Large Scale VPN deployment, automated firewall Policy deployment utilizing Panorama to build and edit templates for remote sites.
Provided administration and support on Bluecoat Proxy for content filtering and internet access to head quarter, remote site offices and VPN client users.
Successfully installed Palo Alto PA-3020, PA-3060,PA-5060 Firewalls to protect Data Centre and provided L3 support for routers/switches/Firewalls and implemented Zone Based security rules on the Palo Alto Firewall.
Scheduling of Weekly scans and monitoring, generating Vulnerability reports and sharing to appropriate groups or owners for Remediation along with recommendations.
Load Balancing using F5 Networks Big IP and configured the Automatic policy builder using the deployment wizard tool in Application Security Manager.
Created Route maps on F5 BIG-IP GTM to link various VIPs from different F5 BIG-IP LTM to GTM.
Configuring & managing Network & Security Devices that includes Cisco Routers & Switches, Nexus Switches, Juniper and Palo Alto Firewalls, F5 BigIP Load balancers, Blue Coat Proxies and Riverbed WAN Optimizers.
Performed complete setup of new F5 BIG-IP LTM, GTM and APM device, including license activation, VLANs configurations, Device certificates etc.
Performed numerous SSL certificate renewals for customer VIPs, maintaining and renewing of all Load Balancers Device certificates.
Performed hardware refresh on existing F5 BIG-IP Load Balancers to replace with new F5 BIG-IP devices and bought the F5 devices into the network in an uninterrupted manner.
On a daily basis, worked on clearing existing tickets regarding firewall policies, proxies, weekly policy updates and documenting these events and changes.
Expanded Data Loss Prevention (DLP) program to include all the high-risk applications, protocols, platforms, and devices.
Responsible for the daily monitoring and investigation of violated Data Loss Prevention (DLP) policies using the Forcepoint Triton Security Gateway.
StateFarm, Bloomington, IL July 2014 to Feb 2016
Network Engineer
As a Network Engineer worked with teams supporting Cisco routers, Switches, Firewalls,F5 Load Balancer and Bluecoat Proxy Servers.
Responsible for entire LAN and WAN/WLAN maintenance and troubleshooting of the company network.
Involved in the Team of Data Center Operations to perform duties like administration and deployment of Cisco Routers and Switches according to the organization requirements.
Handling Incident tickets, Service requests and Change requests raised by the customers through REMEDY tool.
Extensive working knowledge in Security tools to maintain the client domain Infrastructure clean from the threats, virus and malware using tools like mcafee,Symantec.
Day-to-day work involves scheduling firewall policy provisioning and working with users to identify connectivity related issues and troubleshoot using CLI.
Experience with designing and implementation of Virtual Switching System (VSS) for both User segment and server segment using catalyst switches.
Responsible for troubleshooting Cisco ISE and new added devices on network based on policies on Cisco ISE.
Configured F5 GTM solutions, which includes Wide IP, Pool Load Balancing Methods, probers and monitors and created complex rules utilizing TCL scripting to perform load balancing decisions.
Configuring & managing Network & Security Devices that includes Cisco Routers & Switches, Nexus Switches, Juniper and Palo Alto Firewalls, F5 BigIP Load balancers, Blue Coat Proxies and Riverbed WAN Optimizers
Providing Daily network support for Wide Area Network consisting of MPLS, VPN and point-to-point site.
Extensively worked on Cisco catalyst 6509 and implemented VSS along with VDC and VPC on Nexus 5505, 7009 switches.
Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000.
Installing, configuring Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design.
Configured & managed Network & Security Devices that includes Cisco Routers & Switches, Nexus Switches, Juniper and Palo Alto Firewalls, F5 BigIP Load balancers, Blue Coat Proxies and Riverbed WAN Optimizers.
Managed VPN, IPSec, Endpoint-Security, status policy, Application control, IPS, Monitoring, Anti-Spam, Smart Provisioning, and DLP using Checkpoint Firewalls.
Performed troubleshooting, while maintaining trouble ticket tracking, following internal/external escalation procedures and customer notifications.
PSEG, NJ July2012 to June 2014
Network Engineer
Responsibilities:
Troubleshooting the latency issues in the WAN network.
Participated in on call support in troubleshooting the configuration and installation issues.
Ensure all elements with 100 % uptime, Ensure redundancy for all Critical network elements in LACP mode.
Configured Routing protocols such as OSPF, BGP static routing and policy based routing.
Monitoring the WAN links using Solar winds and what's up gold.
Continually monitor, assess and improve network security test with the help of Solar winds.
Provided deployment guidelines for inserting new IP technology and upgrades into MPLS on backbone network.
Switching related tasks included implementing DHCP,VLANS, VTP, RSTP and Port security.
Experience in configuring Site-to-site and remote access VPN solutions.
Ensure all Network elements are deployed as per deployment template and standard configuration template.
Worked with vendors Cisco, Huawei in validating hardware and software features.
Providing 24x7 technical supports to complete team. Management of Netops server for providing uninterrupted services to customers.
Ensure network is migrated to MPLS architecture up to Core switch level.
Configured Client VPN technologies including Cisco's VPN client via IPSEC.
Developed route redistribution mechanism between BGP and OSPF for large scale networks.
Configuring IP sec VPNs as per customer requirements with standard encryption and encapsulation.
Documentation of Network details, reporting the Network health status to respective teams for action.
Configured SNMP on all the network devices and added them to Solarwinds for monitoring.
Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP and RSTP, MSTP, LACP.
Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst 6500 switches.
Dealt with the configuration of Standard and Extended ACLs for Security.
Worked along with the team in resolving client raised incident tickets using service now tool.
Monitoring &Troubleshooting Cisco core Routers (7200, 3600, 1700 and 1600) and Switches. (Cisco 2900, 6500, 3500, 3700 and 3Com Switches)
Configuring ACL to allow only authorized users to access the servers.
To ensure high availability of system resources to the end users and to maximize the uptime of doing the necessary work to diagnose, detect and rectify the faults in time.
Coordinating the technical activities with their vendors & Telco to keep the systems and network uptime to 98% and submission of monthly reports on the project.
Iris info Solutions, Hyderabad, India Oct 20111to June 2012
Network Engineer
Responsibilities:
The network infrastructure for Cisco platform for more than 300 devices i.e. 2800, 3600 series Routers and switches for office and for various Customers.
Migration of RIPv2 to OSPF, BGP routing protocols.
Designed Configured, Installed, and Maintained and provided T-Shoot.
Troubleshoot problems on a day to day basis and providing solutions that would fix the problems within their network.
Designing Solutions for frozen requirements using Cisco Routers and Switches.
Configured EIGRP for Lab Environment.
Maintained Redundancy on Cisco 2600, 2800 and 3600 routers with HSRP.
Created VLAN and Inter-VLAN routing with Multilayer Switching.
Played role as VMware/windows admin to provide L1&L2 supports in complex environment.
Designed and installed Vmware site recovery manager.
Designing Solutions for frozen requirements using Cisco Routers and Switches.
Implemented ISL and 802.1Q for communicating through VTP.
Working with client team to find out requirements for their network.
Configured RSTP, LACP and VTP on Cisco devices.
Installing, Configuring Cisco Catalyst switches 6500, 3750 and 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control Lists implemented as per Network Design.
Experience in deploying EIGRP/BGP redistribution and the changing the metrics for the primary and back up.
Fourth tier troubleshooting, support and implementation for DNS/DHCP.
Involved in Troubleshooting IP addressing Issues and Updating IOS Images using TFTP.
Performed DHCP,RIP and OSPF Routing Protocol Administration.
Other responsibilities included documentation and support other teams.
Rocana Software Solutions,Hyderabad, India July 2009 –Sep 2011
Network Administrator
Responsibilities:
Worked with upgrade, replacement of NICs, display cards, RAM, peripheral devices.
Worked on DNS,DHCP protocols.
Worked in Network building and Network infrastructure management team.
Experience with Remedy ticketing system in resolving tickets related to routing and Switching.
Handled installation, configuration and troubleshooting of operating systems NT/2000, XP, and Solaris.
Remotely testing links up to 1.5 Mbps using tools like REACTS.
Configured and installed Cisco routers 2500, 2600, 3601 and 4000 series.
Recovered lost passwords and created standard access-lists and extended access list for new users.
Monitoring network performance to improve the backup strategy using Netrep, Solar winds.
Contact this candidate