Adnan Maredia

Professional Summary:

IT professional with 8 Years of extensive hands on experience in Networking Security and proven expert proficiency in designing, engineering, configuring, and maintaining of large enterprise firewalls

Skilled & technically proficient with multiple firewall solutions, network security, and information security practices

Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point Next-Generation Firewalls R65, R70 & GAIA R77.30, NetScreen Firewall,Palo Alto Next-Generation firewalls, Bluecoat proxies and Cisco ASA

Worked on different firewall & security appliance such as, Checkpoint 4400,4600,4800, 21700,Palo-Alto 200,500,3020,3060, 5020,5060,Panorama M-100,Cisco ASA 5505, 5510,5512-X,5500-X,5585-X, Cisco WSA S370,S680, Radware DefensePro IPS, Radware Appwall (WAF)

Experience on working with different migrations environment such as, Staging,Sandbox, Development, Production(Go live)

Managing and implementing remote firewall for State agencies using NSM, SPACE, SmartDashboard and CSM.

Advanced knowledge in Cisco ASA 5000 series and PIX installation, configuration and maintenance, configuration and installation of IOS security features and IPS module, security risk analysis, attack mitigation & penetration tests based on LPT methodology.

Advanced Knowledge in IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols

Maintaining Corporate Firewalls by analysis of firewall logs and implementation of security firewall policies for the migration of Datacenter

Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.

Extensive experience in Layer 3 routing and Layer 2 switching and dealt with router configurations like 7200, 3800, 2800 and switches 6500, 4500, 3700, 3750, 3900, 2900, 2960 and 3500XL, 3950 switch series.

Worked on different firewall & security appliance such as, Checkpoint 4400,4600,4800, 21700,Palo-Alto 200,500,3020,3060, 5020,5060,Panorama M-100/500, Juniper SRX 240, 650, 1400, 3400. Junos Space, Cisco Sourcefire, FireEye, Imperva (WAF).

Knowledge of Intrusion Detection and Prevention System, DMZ, encryption, IPsec, proxy services, Site to Site VPN tunnels, MPLS/VPN, SSL/VPN

Proficient in design, implementation, management and troubleshooting of Check Point firewalls, Check Point Provider-1 / VSX, Palo Alto IDS/IPS modules, Data Center Migration, Foundry/F5 Load Balancers, Cyber Security, Amazon Web Service (AWS),and Bluecoat URL filtering & Packet Shaper systems.

Advanced Knowledge in IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols.

Experience in Solarwinds Network Performance Monitor, Network Configuration Manager, Network Traffic Analyzer (NetFlow) and IP Address Manager.

Netflow and Application study and configuration using Solarwinds, VMWare and Cisco products

Proficient with Cisco routing and switching products, UNIX, Linux such as Kali, shell scripting and routing protocols.

Configuration and implementation of Cisco Firewall PIX/ASA

Experience on PCI and ISO compliant security implementations on the firewalls and perimeter devices

Configuration,implementation and maintenance of Cisco Catalyst Switches 3850, 3750-X and 2960X and working on VRF

Advance Knowledge in Penetration testing tools such as Metasploit, Nessus, Qualys, Nmap, Zenmap, AppScan, SQL Map, Burp Suite, IBM Appscan

Configured Check Point clusters with Nokia box and crossbeam.

Checkpoint – R75/R70/R65 with product like Nokia IP 390, 560, 690, 1280, 2450, 61000 etc.; in Provider-1 environment

Configured Cisco Routers and switches and dealt with the remote issues

Good knowledge and experience in Installation, Configuration and Administration of Windows Servers 2003/2008/2012, TCP/IP,Active Directory, FTP,SNMP,SMTP,DNS,HTTP,HTTPS,DHCP, TFTP, LDAP, Linux OS under various LAN and WAN environments

Experience in working with Nexus 7K, 5K and 2K series.

In-depth knowledge of deploying and troubleshooting Cisco IOS LAN, WAN, QoS, Frame-Relay, Ether-channel, IP Routing Protocols - (RIPV2, OSPF, EIGRP & BGP), ACL's, NAT, VLAN, STP & VTP

Experience in Operate and analyze results from enterprise detection systems such as Cisco Sourcefire and Tripwire

Knowledge in Documenting and preparing the Process related Operational Manuals and worked on office 365

Ensuring network availability, vendor management, fault management

Strong ecommerce, general management, negotiation, inter-personal, communication and team building skills.

Technical Skills

Firewall Checkpoint R65/R70/R75/R77.30 GAIA/Firewall-1, Palo Alto, Cisco ASA, FortiGate, Panorama, Wildfire,Radware WAF

Protocols NAT, VTP, VLAN, TCP/IP, UDP, EIGRP, OSPF, RIP

Nexus Nexus 7000/5000 /2148

ANS F5 BIG-IP LTM 6900/6400, APM

Switches Cisco Catalyst VSS 1440 / 6807 / 4900 / 3850 / 3750-X / 2960X

Routers Cisco Routers ASR 1002 / 7606 / 7304 / 7206 / 3945 / 2951 / 2600

Operating Systems Linux, Windows XP/7/8, Windows Server 2003/2008/2012

Protocols TCP/IP, L2TP, PPTP, IPSEC, IKE, SSL, SSH, UDP, DHCP, DNS

Routing OSPF, EIGRP, BGP, RIP-2, PBR, Route Filtering, Summarization, Static Routing

Switching VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switching, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging

PROFESSIONAL EXPERIENCE

Arena Energy, Houston TX October 2016 – January 2017

Sr. Network Security Engineer

Responsibilities:

Configure, administer and document Palo Alto firewall infrastructure.

Worked on Migration from Sophos to Palo Alto firewalls for implementing NAT policies.

Firewall deployment, rules, migrations and firewall administration from SOPHOS to Palo alto next generation firewalls

Configured & maintained IPSEC Site-to-Site VPN.

Responsible for converting existing rule base onto new platforms.

Experience with working on Palo Alto centralized management GUI PANORAMA

Authenticate the changes at the weekly change review and application migration meetings.

Nabors, Houston TX Jan 2015 – October 2016

Network and Security Engineer

Responsibilities:

Designs, tests and deploys IT security systems, solutions and ecommerce environment.

Working on Service Now ticket management tool by providing support service to client by implementing and working on change request, Incident request and troubleshooting.

Configuration of checkpoint firewall mainly VSX according to client topology and checkpoints features such as Application & URL filtering, IPS, Identity Awareness, IPS, VPN.

Configuration of Palo Alto Next-Generation Firewall mainly VSYS according to client topology and working on Content-ID, User-ID, App-IP

Experience on working on Cisco IPsec VPN, SSL VPN and natting

Firewall technologies including general configuration, optimization, security policy, rules creation and modification of Check Point Next-Generation Firewalls GAIA R77.10, R77.20 & R77.30

Experience on working with checkpoint next-generation firewall on various modules such as SMART View Tracker, SMART View Monitor, SMART Update, SMART Log, And SMART Event.

Experience in Qualys policy compliance in detecting internal and external threats and vulnerability

Experience in working with designing, installing and troubleshooting of Palo Alto firewalls

Configuring Checkpoint and ASA for NAT (Static PAT/Manual NAT) to enable remote access for sites by doing Port redirection and configuring various VPNs like IPsec Site to Site, SSL VPN

Create policies, alerts and configure using SIEM tools (Splunk, SolarWinds, LogRhythm)

Expertise in the administration, support and operation of the Orion SolarWinds platform including Network Performance Monitoring (NPM), Network Configuration Manager, Server & Application Monitor (SAM), NetwFlow, Traffic analyzer and IP address Manager.

Installation of Palo Alto (Web Application and URL filtering, Threat Prevention, Data Filtering)

Experience in Configuration, Management, Deployment, Optimization and Troubleshooting Checkpoint VSX

Performed upgradation of checkpoint firewall from old platforms to new platforms R77.10 to R77.30

Performed upgradation of Palo Alto firewall from old platforms to new platforms 6.1.5 to 6.1.10

Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall

Worked on network packet analyzer tools such as, Wireshark, Microsoft Network Monitor, Snort, Tcpdump

Monitoring syslog to troubleshoot different Network Alerts.

Experience in working with Cisco 5500-X Firepower and Cisco Sourcefire IPS & FireEye

Experience with working on Palo Alto centralized management GUI PANORAMA

Migration from Cisco to Palo Alto firewall & Cisco to Checkpoint firewall

Experience with working on Palo Alto Next-Generation firewalls security profiles and Cisco ASA VPN

Experience on working with migration with both Checkpoint and Palo Alto Next-Generation

Firewall as well as virtualization of firewall, both VSX and VSYS

Worked on security tools and software’s like Cisco WSA, Qualys, Splunk, Symantec Endpoint Protection, Bit9, HP Network Node Management

Upgrading Radware Appwall WAF (Web application firewall) and fixing hot fixes and patches.

Exposure to wild fire advance malware detection using IPS feature of Palo Alto

Worked on Bit9 Endpoint protection whitelisting tool for the security of Endpoint servers and implement daily report

Experience on working in datacenter and on different devices console

Maintain a thorough understanding of the basics behind the Internet and its workings (DNS, Security,IP Routing, HTTP, VPN)

Configured Site to Site IPsec VPN tunnels and Split tunnel to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.

Routing and Switch protocols: BGP,OSFP, VLAN,VTP, STP, RIP, RSTP

Firewall deployment, rules migrations, firewall administration and converting existing rule based onto new Checkpoint and Palo Alto Next-Generation Firewall platforms.

Responsible for planning, documenting and implementation of complex Firewall and VPN solutions

Represent the changes at the weekly change review and application migration meetings.

Qlik, Boston, MA Jan 2013 – Aug 2014

Firewall Specialist

Responsibilities:

Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point/Nokia Firewall VPN-1 FW-1 NGX R65, R70 & R75 Provider-1/Site Manager-1 R65, R70.30 & R75.40 Smart Domain Manager (SDM) command line & GUI.

Supports the implementation and ongoing operations of network access control devices to include firewalls, web proxies, and SSL VPN devices.

Experience with working on wireless site survey using Air-Magnet

Upgrading checkpoint Web application firewall and fixing hot fixes and patches.

Installation of checkpoint Next-Generation firewall GAIA R76/77.30 in Open Server, UTM

Configuration of checkpoint firewall mainly IPS (Intrusion Prevention System) module according to client topology and checkpoint MDS.

Experience on Endpoint security SME with McAfee Endpoint

Experience with working on Enterprise Desktop Administrator on Windows 7

Worked on Imperva Secure Sphere Web application firewall

Experience with using F5 Load balancer in providing worldwide data and file sharing, continuous internet connectivity, optimized web performance

Experience with working on Imperva web application firewall for granular correlation policies reduce false positives and Dynamic application profiling

Working on implementation and configurations of wireless points and wireless process

Cisco routing and switching technologies and devices LAN / WAN, VPN, Routing protocols, VLANs, Trunking, Cabling, Cisco IOS administration

Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks.

Configuring network devices for Syslog, SNMP, DHCP and DNS.

Responsible for developing and deploying SolarWinds which includes WAN/LAN and server monitoring, reporting, and alerting and Configure Orion alerts.

Experience on working with the TRAPS which is the Advanced Endpoint protection and Palo Alto Migration tool 3.0

Experience in working with Nexus 7010, 5020, 2148 devices.

Worked on RSA authentication manager and Cisco NSA (Network Admission control) to authenticate users and devices to the network

Experience in working with designing, installing and troubleshooting of Palo Alto firewalls

Advance Knowledge on Lancope Stealth watch system for monitoring, analyzing and responding In-depth network activities

Worked on Windows Management Interface (WMI)

Experience with working on Amazon Web Service (AWS) environment for cloud computing

Experience with connectivity of Cisco Networking Equipment with F5 Load Balancer

Configuration and troubleshooting of Next-Generation Firewalls ASA 5520, ASA 5510, Nokia Check Point VPN 1 NGX R55/R65/R70

Advance knowledge on design, implementation and maintenance of QoS for LAN and WAN networks

Performed upgradation from old platforms to new platforms R65 to R77.30

Configuration and troubleshooting of Site to Site as well as Remote Access VPN on Cisco ASA and Checkpoint firewall MDS.

Worked on Migrating from ASA 5540 to ASA 5585

Experience with working on Microsoft Active Directory

Experience with Using GTM, APM & LTM F5 component to provide 24“7 access to applications

Worked on PCI-DSS of DELL secure works and also on ISO 27001 compliance

Configuring Checkpoint and ASA for NAT (Static PAT/Manual NAT) to enable remote access for sites by doing Port redirection and configuring various VPNs like IPsec Site to Site, SSL VPN

Worked on implementation strategies for the expansion of the MPLS VPN networks

Worked on Intrusion prevention system (IPS) SME with McAfee IPS

Installation of Palo Alto (Web Application and URL filtering, Threat Prevention, Data Filtering)

Successfully installed Palo Alto Next-Generation PA-3060, PA-5060 firewalls to protect Data Center with the use of IPS feature

Worked on Kali Linux and automated security tool such as Client Fortify, IBM Asppscan

Experience with Cisco ASA firewall Cisco security Manager (CSM) and migration from Cisco to Palo Alto

Experience with network based F5 Load balancers with software module ASM, APM & AFM

Experience in working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a flexible Access Solution for a datacenter access architecture

Worked on network packet analyzer tools such as, Wireshark, Microsoft Network Monitor, Snort

Implemented Positive Enforcement Model with the help of Palo Alto Networks

Configure Cisco switch ME 3800X and 3600X

Knowledge on enterprise security standard such as OWASP

Configuration of DNS, RADIUS and KERBEROS

Experience in handling Infoblox tool for DHCP and DNS

Worked on McAfee ESM (Enterprise Security Manager) & IPS appliance which handled both SIEM/Correlation and Log Management.

Exposure to wild fire advance malware detection using IPS feature of Palo Alto

Maintained and Configured Checkpoint VSX with firewall virtualization and checkpoint clusters

Configuring rules and Maintaining Palo Alto Firewalls with IPS module & Analysis of firewall logs

Advanced knowledge of Windows 7, Windows 10 and Office 365

Worked on automating process for migration of security policy using Palo Alto Migration tool 3.0 and Symantec Endpoint Protection

Experience on Cyber Security & Penetration Testing tools such as, Metasploit, SQL Map,Appscan, Burp Suite, Nmap, Nessus Vulnerability Scanner and familiar with shell scripting

Worked on SIEM tolls such as Splunk, SolarWinds, LogRhythm

Experience with Qualys Guard Vulnerability Management

Experience in handling and installing FortiGate next generation firewall and FortiWeb Web Application firewall 400C, 1000D, 3000E

Strong Knowledge on DNS Administration using BT Diamond and Aruba wireless LAN

Worked on bluecoat proxy to optimize WAN Performance by analyze and scan malwares to protect the infrastructure and URL filtering

Advance knowledge on Network segmentation and checkpoint Next-generation firewall GAIA R77.30 host migration as well as the QoS of the LAN network

Worked on configuration of Cisco Catalyst Switch 3850

Worked on bluecoat proxy to provide both client and server with web service encryption and decryption and digital signature authentication.

Configuring F5 Load Balancers: Adding virtual IPs, nodes, pools and health monitoring.

Lionbridge Technologies, Mumbai Jan 2008 – Dec 2012

Network Engineer

Responsibilities:

Planning and designing of corporate Firewalls architecture by implementing it in distributed environment.

Maintaining Corporate Firewalls & Analysis of firewall logs

Experience with working on some ecommerce technologies

Experience on Check Point Next-Generation Firewalls R65, R70, R75.

Worked on Juniper NSM central management software

Worked on Imperva web application security for Logging, Monitoring, Data leak prevention, network and platform security.

Configuring Juniper NetScreen Firewall Policies between secure zones using NSM (Network Security Manager)

PCI and ISO compliant security implementations on the firewalls and perimeter devices

Migration from Cisco to Palo Alto firewall

Upgradation of Checkpoint MDS to support mobile access blade on Checkpoint Web application firewall

Experience on McAfee Endpoint security & IPS

Strong Knowledge under enterprise security standards such as SANS and web application security using Burp Suite

Advance knowledge of Amazon Web Services (AWS) with broad IT infrastructure services, Deep visibility into compliance and governance and Hybrid Cloud capabilities

Strong knowledge under Imperva web application firewall for monitoring for In-depth analysis of attacks and SIEM tools such as Splunk for analysis and log monitoring

Verifying & configuring the rule-sets on firewalls. (Firewall Change Request processing).

Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs

Experience with network based F5 Load balancers with software module Access Policy Manager (APM) & Checkpoint Load Sharing on checkpoint clusters

Bluecoat proxy server’s setup, configuration, upgrade and Troubleshooting with optimization of WAN Application, SSL traffic, Web traffic, URL filtering & Content filtering.

Experience with LTM & GTM F5 component to provide high availability with providing services across data centers.

Experience using Nessus & Qualys Tool for networking discovery and mapping, asset prioritization, vulnerability assessment and tracking.

Managing and implementation of remote firewalls for State agencies using NSM, SPACE,CSM and SmartDashboard

Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs

Build IT security infrastructure including Checkpoint, Juniper and Palo Alto firewalls

Designed and configured the commands for QoS and Access Lists for Nexus 5K and 2K.

Worked on configuration and maintenance of Cisco Catalyst Switch 3850, 3750-X, 2960X

Migration with both Checkpoint and Cisco ASA VPN experience

Experience with Juniper environment including SRX/Junos Space.

Worked on vulnerability scanning tool such as Nessus and Qualys Guard

Worked on McAfee Network Security Platform where incident response were managed using SIEM

Experience in management of Checkpoint VSX environment and using VSX with Multi-Domain Security Management (SDM)

Worked on Cyber Security & penetration tool such as Armitage, Nmap, AppScan, SQL Map

Worked on Panorama which is the centralized management system of Palo Alto firewall

Performed other related duties as assigned or requested in compliance with ISO 27001 and 9000 (International Standards Organization).

Experience in creating multiple policies and pushing them in to Checkpoint Firewall (Gateways) and hands on experience in managing the Checkpoint Management Server with SPLAT operating system & maintaining checkpoint clusters

Administer, Maintain, and deploy Juniper IPS & VPN systems

Configuring VLAN, Spanning tree, VSTP, SNMP on Juniper EX series switches

Experience with System Center Endpoint Protection 2012 and Websense Triton Administration

Managed network security processes using ASA firewalls and worked on Cisco Scan Safe (CWS)

Experience in Installation and Configuration of FortiGate 5000, 3000, 900 series firewalls

Experience with APM, LTM & GTM F5 component to provide high availability with providing services across data centers

Configuring and troubleshooting Access-lists, Service Policies, and NAT rules, Network Object Groups, Service Object Groups on ASA 5585 and 5505 Firewalls.

Having experience in Bluecoat proxy server’s firmware upgrade, URL filtering and content filtering

Strong knowledge regards to design, plan and optimize the quality of service (QoS) related to the traffic prioritization and inception to delivery

Worked on Cyber Security & penetration testing tool such as Ettercap, Nmap

Experience with connectivity of Cisco Networking Equipment with F5 Load Balancer

Managing and implementation of remote firewalls for State agencies using NSM, SPACE,CSM and SmartDashboard

Experience with working on maintaining, installing and handling policies on Palo Alto Firewall PA-200

Contact this candidate