Network Security
Resume:
Kinjal
acxpqo@r.postjobfree.com
SUMMARY
Network Engineering professional with around 7+ years’ experience in routing, switching, firewall technologies, Wireless technologies, implementation and troubleshooting of complex network systems. Primary duties involve network engineering, network administration, systems administration, and firewall administration.
Provide scalable, supportable military grade TCP/IP security solutions along with expert TCP/IP network designs that enables business functionality.
Hands-on experience, specializing in Cisco Environment in Data Center, systems, network and user administration, LAN / WAN and Security.
Administration, engineering, and support for various technologies including proficiency in LAN/WAN, routing, switching, security, application load balancing, and wireless.
Extensive hands on experience in installation, configuration, design and ongoing maintenance of Cisco routers like Cisco 3600 series and 3700 series, switches like Cisco 6500 series and Cisco 7600 series.
Extensive experience in Layer 3 routing and Layer 2 switching and dealt with router configurations like 7200, 3800, 2800 and switches 6500, 4500, 3700, 3750, 3900, 2900, 2960 and 3500XL, 3950 switch series.
Worked on Cisco Catalyst Switches 6500/4500/3500 series.
Responsible for Checkpoint and Cisco firewall administration across global networks.
Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point Next-Generation Firewalls R65, R70 & GAIA R77.30, Net Screen Firewall, Palo Alto Next-Generation firewalls and Cisco ASA.
Maintaining Corporate Firewalls by analysis of firewall logs and implementation of security firewall policies for the migration of Datacenter
Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
Knowledge of Intrusion Detection and Prevention System, DMZ, encryption, IPsec, proxy services, Site to Site VPN tunnels, MPLS/VPN, SSL/VPN.
Experience on F5 load balancer, BIG IP LTM,BIG IP GTM(DNS) and creating i-Rules using TCL.
Experienced in operations of transmission systems such as fiber optic and copper cable.
Knowledge of managing, maintaining, administering, troubleshooting high end network devices such as cisco routers switches and firewalls.
Policy development and planning/programming on IT Security, Network Support and Administration.
Knowledge of Checkpoint VSX, including virtual systems, routers and switches.
Experience in Network LAN/WAN deployment and Experience with DNS/DFS/DHCP/WINS Standardizations and Implementations.
Cisco ASA Firewalls, Palo Alto Networks Firewalls.
Network Administration, monitoring networks for vulnerabilities or intrusions.
Extensive understanding of networking concepts, (IE. Configuration of networks, router configuration and wireless security, TCP/IP, VPN, Content Filtering, VLANs, and routing in LAN/WAN, Ethernet Port, Patch Panel and wireless networks.)
Good knowledge and experience in Installation, Configuration and Administration of Windows Servers 2003/2008/2012, TCP/IP,Active Directory, FTP,SNMP,SMTP,DNS,HTTP,HTTPS,DHCP, TFTP, LDAP, Linux OS under various LAN and WAN environments.
Configured IP addresses and subnet masks of workstations.
Configured Cisco routers and switches to hosts or servers Configured mail exchange servers, and other servers on Microsoft Outlook, and Mozilla Setup email on mobile phones and email exchange servers such as POP, POP3, IMAP, and SMTP.
A broad understanding of computer hardware and software, including things such as installation configuration, management, troubleshooting, and support.
Experience in Active Directory, GPOs, File & Print Server, FTP, Terminal Server, NAT, and Exchange Mail Server.
Administration of production Windows Servers infrastructure that includes Domain Controllers, IIS Web Servers, SharePoint, File and Print and FTP/SFTP servers.
Extensive experience in Windows 2008 R2/2008/2003 Wintel Servers at single or multi domain platforms.
Proficient in installing and configuring Windows Server 2003, 2008, 2012 and Windows XP, 7 & 8 Professional Client Operating Systems.
Experience in Microsoft Office Suite, Visio and Outlook.
Highly motivated with the ability to work independently or as integral part of a team and committed to the highest levels of professionalism.
CERTIFICATION:
Cisco Certified Network Associate – CCNA
Cisco Certified Network Professional – CCNP
Checkpoint Certified Security Administrator - CCSA
TECHNICAL SKILLS:
Operating Systems: Win XP, Win 7, Win 8, Win Server 2003, working knowledge of Mac OS X and Linux
Routing: Cisco 2600, 2800, 3600, 3700, 3800 Series Routers, OSPF, EIGRP, BGP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static Routing.
Switching: Cisco 6500, 4500, 3700, 3750, 3900, 2900, 2960, 3950 switch series, VLAN, VTP, STP, PVST+, Inter VLAN routing & Multi-Layer Switching, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging
LAN Technologies: Ethernet, Fast Ethernet, Gigabit Ethernet (10GbE), FDDI, CDDI, Token Ring, ATM LAN Emulation.
WAN technologies: Frame Relay, ISDN, PPP, MPLS, leased lines and exposure to PPP, HDLC, DS1, DS3, OC3, OC12, OC48, T1/T3 and E1/E3
Firewalls: Palo Alto, Checkpoint & Cisco ASA/PIX.
IP SERVICES: L2TP, PPTP, IPSEC, IKE, SSL, SSH, UDP, DHCP, DNS, NAT, VTP, VLAN, TCP/IP, UDP, EIGRP, OSPF, RIP, Familiar with MPLS, Familiar with IPv6.
AAA Architecture: TACACS+, RADIUS, Cisco ACS.
Miscellaneous Knowledge: F5 LTM,F5 GTM, HIDS/HIPS firewall, NIDS, CSA,DLP, Juniper, Cisco UCS, VPNs, SSH, Telnet, IPsec VPN, Site to Site and Remote Access VPNs, Load Balancing, VMware, Hyper-V, ESX, Parallels (Mac OS), Wireshark, Packet Tracer, GNS3, Putty.
PROFESSIONAL EXPERIENCE:
Veritas, Texas Jul 2016 – Till date
Sr.Network Security Engineer
Veritas Technologies LLC is an American international software company that was founded in 1983 as Tolerant Systems, renamed Veritas Software Corp. in 1989, merged with Symantec in 2005. The company specializes in storage management software including the first commercial journaling file system, VxFS, VxVM, VCS, the personal/small office backup software Backup Exec and the popular enterprise backup software, NetBackup.
Responsibilities:
Experience working with Cisco IOS-XR on the ASR9000 devices for MPLS deployments.
Experience with migrating from OSPF to BGP WAN Routing protocol.
Implemented Site-to-Site VPNs over the internet utilizing 3DES, AES/AES-256 with PIX Firewalls.
Network Redesign for Small Office/Campus Locations. This includes changes to both the voice and data environment.
Installation and Configuration of Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy It also includes the configuration of port channel between core switches and server distribution switches.
Experience with setting up MPLS Layer 3 VPN cloud in data center and also working with BGP WAN towards customer.
Experience with moving data center from one location to another location, from 6500 based data center to Nexus based data center.
Experience in communicating with different customers, IT teams in gathering the details for the project.
Configuration 7609, 7606 with OSPF and catalyst 6505, 4500, 3550 switches with various VLAN.
Configuring, upgrading and deployment of Nexus 7010, 5596 and 2248.
Designing and installing new branch network systems. Resolving network issues, running test scripts and preparing network documentation. .
Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS switching for stable VPNs.
Redesign of Internet connectivity infrastructure for meeting bandwidth requirements
Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst 6500 switches.
Optimized performance of the WAN network consisting of Cisco 3550/4500/6500 switches by configuring VLANs.
Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers.
Experience with Juniper SRX 240 Firewalls.
Experience in WAN technologies like T1/T3, DS3, STM1 and STM4 circuit types.
Configured Security policies including NAT, PAT, VPN, Route-maps and Access Control Lists.
Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
Create i-Rules (F5) to change behavior of traffic in a network and manage ICAPv1 enable host with solution as DLP (data loss prevention).
Used API to investigate and inspect data on Palo Alto firewall and have knowledge about Palo alto XML.
Worked on Cisco Routers, Active /Passive Hubs, Switches, Cisco PIX Firewall, Nortel VPN Concentrators TCP/IP, NAT and Checkpoint ESX/GSX firewall.
Experience on working on Cisco IPsec VPN, SSL VPN and NATing.
Firewall technologies including general configuration, optimization, security policy, rules creation and modification of Check Point Next-Generation Firewalls GAIA R77.10, R77.20 & R77.30.
Experience on working with checkpoint next-generation firewall on various modules such as SMART View Tracker, SMART View Monitor, SMART Update, SMART Log and SMART Event.
Experience with working on Palo Alto centralized management GUI PANORAMA.
Migration from Cisco to Palo Alto firewall & Cisco to Checkpoint firewall.
Experience with working on Palo Alto Next-Generation firewalls security profiles and Cisco ASA VPN.
Experience on working with migration with both Checkpoint and Palo Alto Next-Generation.
Having Data Center Design Experience, installing and Configuring Network Devices in a Data Center including patching the cables in the Patch Panel.
Hands-on experience in the network management of circuits using TDM and Frame Relay network, performing configuration and provisioning management, fault management and performance monitoring.
Environment/platform: 6500/3750/3550/3500/2950 switches, Juniper (M320, T640), Cisco 7200/3845/3600/2800 routers, TACACS, EIGRP, RIP, OSPF, BGP, VPN, MPLS, Ether Channels, NMN (Network Node Manager),checkpoint, Palo alto,F5 load Balancer.
Comcast, PA May 2015 – Apr 2016
Internet Service Provider
Network Security Engineer
Comcast Cable is one of the nation's largest video, high-speed Internet and phone providers to residential customers under the XFINITY brand and also provides these services to businesses. Leveraging Internet Protocol (IP) technology and Comcast’s cloud-enabled servers and network, the X1 enables customers to get integrated search, personalized recommendations and apps on TV.
Responsibilities:
Responsible for entire LAN and WAN maintenance and troubleshooting of the company network. Involved in the Team of Data Center Operations to perform duties like administration and deployment of Cisco Routers and Switches according to the organization requirements.
Performed network administration tasks such as creation and management of VLANS, Port security, Trunking, RPVST+, Inter-VLAN routing, and LAN security.
Implementing anti-threat applications such as firewalls, antivirus software and spyware-detection programs using Network Access Control (NAC).
Established IPSEC-VPN tunnels with ASA 5500 series Firewall between some branch offices & headquarters.
Worked with Cisco Catalyst 6500, 4500, 4900 switches and Cisco 2800, 3600, 3800, 7200 & 7600 series Routers.
Assist in Design and deployed F5 LTM load balancer infrastructure per business needs from the ground up approach.
Coordinated with the Service provider and 3rd party Vendor to resolve high priority issue.
Managed the security infrastructure of the service provider which includes ASA 5585, 5540, 5520, Cisco IPS 4270 and Cisco ACS 4.2 & 5.2.
Implemented and monitored the network using network sniffing and scanning tool as Wireshark.
Involved in troubleshooting VLAN, RSTP, & Switch Trunk issues.
Involved in Network Designing, Routing, DNS, IP Subnetting, TCP/IP protocol.
Worked with Routing Protocols of EIGRP and BGP.
Implemented security measures using ACL and configured NAT according to the connectivity requirement.
Configured PVSTP+ for loop prevention and VTP for Inter-VLAN Routing.
Implemented traffic filters using Standard and Extended access-lists.
Worked on commissioning and decommissioning of the MPLS circuits for various field offices & POPs.
Maintain a thorough understanding of the basics behind the Internet and its workings (DNS, Security, IP Routing, HTTP and VPN).
Configured Site to Site IPsec VPN tunnels and Split tunnel to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.
Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point/Nokia Firewall VPN-1 FW-1 NGX R65, R70 & R75 Provider-1/Site Manager-1 R65, R70.30 & R75.40 Smart Domain Manager (SDM) command line & GUI.
GRE tunneling & Site-to Site VPN configuration between other two sites in USA.
Worked on the security levels with RADIUS, TACACS+.
Serving as a key player between customer and AAA solar electric providing steps for network recovery. Implemented redundancy for Routers, Switches and Firewalls.
Set up and troubleshoot secured wireless access points (WAP) and wireless LAN controller (WLC) for broadband internet.
Managing firewall rules on Juniper and Cisco Firewalls.
Design and Implementation of Cybearoam, Cisco (ASA & Nexus) and Juniper firewalls.
Experience working with the Cisco routers and switches such as Nexus series.
Configuring of IP Allocation and subnetting for all applications and servers and other needs throughout company using FLSM, VLSM addressing.
Configuration of SNMP and NTP on Router and Switches.
Manage Cisco Routers and troubleshoot layer1, layer2 and layer3 technologies for customer escalations.
Monitored all equipment’s using NetQos, Solar Winds.
Provided 24/7 rotational on call supports for branch offices.
IP Allocation & Maintenance for users and other needs throughout company.
Environment/platform: Cisco 6500/3750/3550/3500/2950 switches, Cisco 7200/3845/3600/ 2800 routers, Cisco ASA,Checkpoint firewall, STP, RSTP, Cisco IOS-XR, VTP, VOIP, DMZ, HSRP, Port-Channel, BGP, OSPF, EIGRP, PPP, HDLC, SNMP, DNS, DHCP.
New York Institute of Technology, New York Dec 2014 – Apr 2015
Private University
Graduate and Technical Assistant
Responsibilities:
Responsible for the installation, operation, and maintenance of computer systems and other technologies, such as communication systems and Distance learning Communication.
As an assistant configured hardware and software, setting up peripherals such as printers, routers, learning and technical equipment, and providing daily support for computer network users.
Worked at a help desk, answering calls and e-mails regarding the computer network or communication systems.
Responsible for writing reports, tracking inventory, evaluating new technologies, negotiating contracts with vendors, and developing contingency plans in case of network failure.
Worked with technology such as Web design or Internet security.
Help Student advisor in their work, administering tests or exams and assisting a faculty instructor with a large Computer Network class by teaching students in recitation, laboratory, or discussion sessions.
Researched and helped professor in their research projects and made proper documentation for them.
Worked as a technical support to create connected campuses by use of wireless system.
Resolved networking and machine issues related to distance learning communication.
Environment/platform: Windows, Linux, Routers, Switches, Web security technology.
Juniper Networks, CA Aug 2012 – Aug 2014
Network Engineer
Responsibilities:
Migration of RIP V2 to OSPF, BGP routing protocols.
Configured EIGRP for Lab Environment.
Cisco routing and switching technologies and devices LAN/ WAN, VPN, Routing protocols, VLANs, Trunking, Cabling, IOS administration
Advance Knowledge in Cyber Security and Ethical hacking.
Implemented ISL and 802.1Q for communicating through VTP.
Configure Cisco routers 1900 and switches 2960.
Experience with Cisco IOS and NS-OS.
Configuring Port Mirroring, VLAN, SMTP, STP, RSTP, SNMP, and Routing Policies on switches.
Working with Client teams to find out requirements for their Network Requirements.
Installed and Configured DNS server and Checkpoint Firewall with IPS feature in Internet Edge.
Designing solutions for frozen requirements using Cisco Routers and Switches.
Deploying the network infrastructure to meet the requirements.
Proficient in VPN technology and TCP/IP protocols.
Dynamic routing protocol configuration (RIP, RIP V2).
Troubleshooting network problems and working knowledge of HTTP, SNMP, HTTPS, SMTP, DNS, DHCP, etc.
Implementation & trouble shooting of complex WAN, LAN, VLANS, private VLANS, high availability solutions like HSRP, VRRP, GLBP, ether channels, site- to- site VPN, access control lists, NAT, PAT, routing solutions etc.
Maintaining all the network devices routers, firewall, switches
Incorporated VLANS to segment traffic on managed switches.
Installing service pack upgrades.
Use of TCP Dump to troubleshoot access issues.
Configuring VRRP, Static route, BGP, Routing policies, ACL
Implemented Secure Remote VPN for high speed remote access.
Managed network connectivity and network SSL Security, between Head offices and Branch office
Responsible for Internal and external accounts and, managing LAN/WAN and checking for SSL Security Settings of the networking devices (Cisco IOS, Router, switches) coordinating with the system/Network administrator during any major changes and implementation.
Environment/Platform: Cisco routers 1900 and switches 2960, 802.1Q, LAN/WAN, VLANS, NAT, PAT, SSL, ACL, VRRP, EIGRP, VPN technology.
SPiDiGO, Ahmedabad, India Jul 2011 – Jul 2012
Broadband and Internet services
Junior Network Engineer
Responsibilities:
Designed, validated and implemented LAN, WLAN & WAN structure to suite client’s needs.
Cisco ASA 5505, 5510 design, implementation, configuration and troubleshoot. Basically creating Lan Firewall, VPN, access-list, remote VPN.
Installed, configured (through CLI & SDM) and managed CISCO routers and Catalyst switches.
Performed Troubleshooting and monitored routing protocols such OSPF, EIGRP & BGP.
Configured ACL & NAT through CLI.
Experience with protocols such as Frame Relay, IEEE 802.11 and VLAN, OSPF and BGP, DNS, DHCP, FTP, NTP, SNMP, SMTP and TELNET.
Involved in writing troubleshooting guidelines for MPLS VPN.
Involved in customer escalations and troubleshooting issues related to connectivity, STP, VLAN, Trunking, VTP, Layer 2/3 switching, Ether channels, Inter-VLAN routing, log messages, high CPU utilization and parameters that can degrade performance of network.
Configured VLANS on multiple catalyst switches performed troubleshooting on TCP/IP network problems, Administered Frame-Relay and networks.
Provided technical support and problem resolution for the LAN and its environment by analyzing the problem, identifying the cause and circumstances of the problems and finding a solution to the identified problem.
Add, delete, and modify rules on Checkpoint firewalls.
Planning and designing of corporate Firewalls architecture by implementing it in distributed environment.
Maintaining Corporate Firewalls & Analysis of firewall logs.
Experience with working on some ecommerce technologies.
Experience on Check Point Next-Generation Firewalls R65, R70, R75.
Set up Internet, implementing Networking products like Servers, Proxy servers, Switches, Firewalls, Routers.
Environment/Platform: CISCO 2600, 2800 and 3800 series routers, CISCO 3700 and 2950 switches, Mikrotik, Netscreen, Netrep, Solar winds, Checkpoint, IEEE 802.11,Windows server NT /2000 Windows XP.
Ashtech Infotech Pvt. Ltd., Ahmedabad, India Jan 2009 – Jun 2011
System Integration and Services Organization
Network Administrator
Responsibilities:
Responsibilities include technical documentation of all upgrading devices in the network.
Attending meetings and technical discussions related to NOC changes.
Monitoring the NMS system for different Network Alerts.
Set up of distributed core LAN using Cisco 6500 series switches.
Coordinating with service providers for WAN link outages.
Performed switching technology administration including VLANs, inter-VLAN routing, Trunking, STP, RSTP, port aggregation & link negotiation.
Experience in configuring and troubleshooting EIGRP, OSPF & BGP Routing protocols.
Network Cabling, dressing, labeling and troubleshooting various network drops onsite.
Experienced in Planning and Organizing Change Managements.
Maintenance/updating of Network diagrams.
Worked on Network Operations using Ticketing system.
Commissioning of New Links By coordinating with Service providers.
Ensure standard Router and Switch Configurations are maintained.
Responsible for Capacity planning, Contingency planning & disaster recovery.
LAN Segments monitoring/Trouble shooting LAN related issues.
Carryout periodic backup of Router/Switch configurations.
Planning and Implementing New Infrastructure in the Data Center.
Analyzing the Bandwidth Utilization of the Links.
Troubleshooting on the devices by remote login to determine the RFO (Reason for outage) and RCA (Root cause analysis) to minimize the consequences of malfunctions.
Environment/platform: Cisco 7200/3845/3600/2800 routers, TACACS, EIGRP, RIP and Vulnerability Assessment tools like Nessus, Red Hat, Solaris, Juniper VPN’s and SSL.
EDUCATION:
Master of Science in Electrical and Computer Engineering
Specialization in Computer Networks and Security
Bachelor of Engineering in Electronics and Communication Engineering
Majors are Digital communication and Computer Architecture and Networking
Contact this candidate