Engineer Security
Resume:
SASANK T
E-mail: aczd44@r.postjobfree.com
Phone #: 908-***-****
Summary
* ***** ** ********** ** design, implementation, trouble shooting, development and maintaining enterprise data network systems by dealing with Cisco routers, Cisco Catalyst Switches and Load Balancers in a Day-to-Day Schedule.
Installing & configuring firewalls like Checkpoint, Cisco ASA, Palo Alto and Juniper SRX/SSG firewalls.
Planning, Designing & Implementing VPN connections using Checkpoint, ASA, Cisco PIX, and Cisco Routers using site-to-site VPN’s.
Executing change requests to the firewall rule base.
Executing changes to the authentication configuration established at the user, client, and session levels.
Planning and executing changes and upgrades to firewall software, per licensing agreement(s).
Planning and executing changes and upgrades to the operating systems of servers directly supporting firewall components and functionality.
Installing, Configuring and troubleshooting of network devices CISCO Routers and CISCO Switches.
Experience with working on Juniper Routers like, M320 and MX80, MX960, MX480 -configure OSPF and route policies.
Extensive knowledge and experience of routing protocols RIP, OSPF, EIGRP and BGP.
Expertise experience in implementing and troubleshooting VLANs, VTP, STP, RSTP and 802.1Q.
Implemented redundancy with HSRP, VRRP, GLBP, and Ether Channel technology.
Expertise experience in designing, implementing and maintaining network devices, application and services: Cisco WAN/LAN routing and switching.
Redistribution of routing protocols, Route-maps (Policy Based Routing), ACL, NAT.
Excellent in troubleshooting issues on NAT configuration and access lists.
Implement Cisco Secure Access Control Server (ACS) for Tacacs+/Radius
Have an intense knowledge of working and security aspects of OSI and TCP/IP model.
Implementing and designing L2VPN services and encryption system and other VPN with IPSEC based services.
Dealt with SNMP tools for monitoring the network infrastructure.
Network Monitoring tools like Cisco Network Assistant, Solar winds, HP open view.
Extensive experience taking copy of Cisco IOS on TFTP server and loading back on routers.
Excellent problem solving, troubleshooting, and written documentation skills.
Implementation of HSRP, VRRP protocol on routers.
Efficient in preparing Technical Documentation using Microsoft VISIO/Office and also in preparing some presentations.
Technical Skills & Work Experience
Cisco router platforms: 2500, 2600, 2800, 2951, 3600, 3700, 3800, 3925E, 7200, 7609.
Routing Protocols: RIPv2, OSPF, EIGRP, and BGP.
Cisco Switch platforms: 2600, 2950, 2960, 3560, 3750, 4500, and 6500.
Switching Protocols: VTP, STP, RSTP, MST, VLANs
Security Protocols: IKE, IPsec.
Firewalls: Checkpoint(Provider-1,R60,R70,R75, R77Gaia), IPSO, Secure Platform (SPLAT), Cisco ASA(5510,5520,5550), FWSM, Cisco PIX(525,535), Juniper SRX and SSG, Palo alto Pa-200, 2k, 3k series, Panorama
Load Balancer: F5 LTM/Big-IP, GTM, Citrix NetScaler
LAN Technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, NAT/PAT.
Operating Systems: Windows 2000/XP/Vista, Linux, Unix, IPSO, SPLAT, IOS 8.x, 9.x, Screen OS, Jun OS, Pan OS
Network management Tools: Cisco Network Assistant, Tufin Secure Track, Firemon, PICCASSO, Remedy, Service Now, HP open view, Solar winds, Tcpdump, HP NAS, HPSM and Cyber Ark.
PROFESSIONAL EXPERIENCE
UCSF, SFO, CA
Role: ITS–Infrastructure Security Engineer April 2016- Present
Environment: Palo Alto, ASA, Juniper, Routing & Switching, F5 LTM/GTM.
Responsibilities:
Experience working on Network support, implementation related internal projects for establishing connectivity in various field offices and Datacenters.
Configuring and troubleshooting firewall security policies in Juniper SRX via CLI and NSM.
Implementing Firewall rules on the Palo Alto.
Monitoring and troubleshooting with the customer on the PAN’s.
Implemented and troubleshoot firewall rules in Palo Alto firewalls using webUI.
Working with different teams to gather info for the new request and troubleshoot for any connectivity issues by capturing traffic using UI Monitoring tab.
Working knowledge of Tufin - Firewall Optimization tool to identify unused rules and move the rules to improve the firewall performance.
Worked with Firemon secure change to implement firewall rules.
Configuring and troubleshooting site-to-site IPSEC VPN tunnels on VPN Concentrator VPN3K, ASA firewalls for third party connectivity.
Submitting Remedy tickets for user auditing.
Monitoring/Review traffic logs (system logs) in Junipers, Palo Altos during troubleshooting.
Monitoring Alerts on Tipping point IPS/IDS and running reports using NESSUS scanning tool.
Worked on audit log analysis for firewalls.
Sony Corporation, San Diego, CA
Role: Network Security Engineer Mar 2015- Mar 2016
Environment: Check Point FirewallR77 Gaia, R75, Provider-1, Palo Alto, ASA,SPLAT, Routing & Switching, Juniper, F5 LTM/GTM
Responsibilities:
Implementing security Solutions using Checkpoint firewalls R77 Gaia, R75 and Provider-1.
Experience working on Network support, implementation related internal projects for establishing connectivity in various field offices and Datacenters.
Configuring and troubleshooting firewall security policies in Juniper SRX via CLI and NSM
Worked on the migration of Checkpoint to Palo Alto firewalls in one of the environment.
Implemented and troubleshooted firewall rules in Palo Alto firewalls using Panorama.
Working with different teams to gather info for the new request and troubleshoot for any connectivity issues by capturing traffic using TCPDUMP and smart view tracker.
Working on Tufin - Firewall Optimization tool to identify unused rules and move the rules to improve the firewall performance.
Worked with Tufin secure change to implement firewall rules.
Configure GLBP, VLAN Trunking 802.1Q, STP, and Port Security on Catalyst 6500 switches.
Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, InterVlan routing, LAN security.
Configuring and troubleshooting site-to-site IPSEC VPN tunnels on cisco routers, ASA firewalls for third party connectivity.
Configuring Big-IP F5 LTMs (virtual servers, pools, SNATs, health monitors, irules) for managing the traffic and tuning the load on the network servers.
Documentation involved preparing Method of Procedures (MOPs) and Work Orders. Also creating and submitting Remedy tickets for user auditing.
Monitoring Alerts on Tipping point IPS/IDS and running reports using NESSUS scanning tool.
Vasista- Hyd, India.
Role: Information Security Analyst-2, May 2013-Feb 2015
Environment: Cisco Routers 7200, 3800, 3700, 2800; Cisco Catalyst switches 6500, 4500, 3500, 2900; Checkpoint, Juniper, Cisco PIX Firewalls 535, 525; Cisco ASA 5550, 5520;VTP, VLAN and 802.1Q trunking; Routing Protocols OSPF, BGP; VPN, F5 Load Balancer, MS Visio
Responsibilities:
Configure firewall policies using Checkpoint R77 Gaia, R75, VSX, Provider-1, SPLAT, Crossbeam and Checkpoint Smart dashboard.
Worked on the data center consolidation project and taken care of all the incoming firewall request which are assigned.
Installed, configured and managed Cisco routers such as 7200 series, 3800 series, 3700 series, 2800 series and Cisco Catalyst switch series 6500, 4500, 3500, and 2900.
Good Knowledge on Access Control Lists, Juniper SRX and Cisco Firewalls –ASA and FWSM.
Implementing and managing Security solutions using NSM and ASDM.
Migrated from Cisco PIX 525 to Cisco ASA 5540 series firewalls and configured syslog messages.
Worked on the migration of Juniper SSG firewalls to SRX model.
Installation, Configuration and Administration of Cisco ASA 5520 series firewalls.
Involved in implementing VPN connectivity for new sites, includes client and site-to-site VPN’s.
Designed a reliable and fully redundant network implementing routing protocols OSPF and BGP.
Upgraded the data center network environment with Cisco ASA 5520. Configured Access Control Lists on Cisco Switches.
Managed and configured HSRP, VLANs, VTP, port security and 802.1Q trunking on Fast Ethernet channel between switches. Designed schemes for IP Addressing and sub-netting.
Configured Site-to-Site GRE over IPSEC VPN using Cisco SDM feature for easy deployment at various locations
Configured and implemented security policies on Firewalls FWSM.
Implementation and configuration of F5 Big-IP LTM-6400 load balancers.
Implemented the Cisco Secure Access Control Servers for AAA security to offer centralized command and control for all user authentications.
Implemented redundancy paths by using HSRP protocol.
Responsible for layer 2 security, securely managed all switches and routers and deployed a syslog server to allow proactive network monitoring.
UHG (United Health Group) – Hyderabad, India.
Role: Network Support engineer Mar 2011-Apr 2013
Environment: Cisco routers 7200, 3800, 3700 and 2800, Cisco catalyst series switches 6500, 4500, 3750 and 2950T
OSPF, BGP, Checkpoint, Cisco ASA, F5, VLANs, STP, 802.1q trunking, Frame Relay, NAT, MPLS, Site to site VPN, Wireshark.
Responsibilities:
Installing & configuring firewalls like Checkpoint NG & NGX R65 and Cisco ASA5520.
Performed PIX firewall to ASA firewall migration.
Implemented Security solutions in Check point Smart dashboard and ACL’s in Cisco ASA firewalls.
Configuring and troubleshooting of routing protocols such as OSPF and BGP for effective communication.
Implement VLAN’s and access lists (ACL) and troubleshoot IP addressing issues and Update IOS images and other hardware installations.
Dealt with NAT configuration and troubleshooting issues related to access lists.
Installing and configuring the VPN’s for the clients (site to site) using IPsec and GRE.
Monitoring Network infrastructure using SNMP tools like HP Openview.
Providing Network Support in the design and implementation of P2P over T1s Frame Relay, IP over Frame Relay, MPLS over Frame Relay and DSL over ATM, Gigabit Ethernet and VRF.
Responsible for managing and configuring Layer 2 and layer 3 devices for customer’s network.
Configuring and troubleshooting Vlan, Spanning Tree, VTP, HSRP, and Trunking.
Making configuration change recommendation for routers, switches and firewalls.
Managing and working with VPNs within the organization and to third-party entities.
Performing an analysis of source host and destination path by tracing it through the network router and switches as well as the firewalls it passes.
Attending the managerial and Technical meetings to discuss the current progress of the project.
Creating a detailed design drawing of the sites, which are under up-gradation and getting it validate from the technical design team.
Nimble Soft Solutions Pvt Ltd (Hyderabad, India)
Role: Network Engineer Dec 2007 – Feb 2011
Environment: Cisco routers 3800, 3600, 2800, 2600, Cisco catalyst series switches 2950, 3500, 3750 and 4500
RIP, OSPF, BGP, GLBP, HSRP, NAT, DHCP server.
Responsibilities:
Installation and Configuration of Cisco routers 2600 series, 2800 series, 3600 series, 3800 series
Installation and Configuration of Cisco Switches 2950, 3500, 3750 and 4500.
Experience in routing protocols like OSPF, BGP, and standby protocols like HSRP and VRRP application in the routers
Designed VLAN’s, access lists (ACL), troubleshooting IP addressing issues and Updating IOS images and other hardware installations.
Experience in troubleshooting VLAN, STP (Spanning tree protocol), & Switch Trunk and IP subnet issues.
Dealt with NAT configuration and its troubleshooting issues related access lists and DNS/DHCP issues within the LAN network.
Involved in Configuration of Access lists (ACL) on checkpoint firewall for the proper network routing for the B2B network connectivity.
Provisioning and troubleshooting Ethernet services, Gigabit networks and Connectivity issues with WAN types (T1, E1, DS3, and Frame relay) data circuit debugging
Dealt with the escalation problems from Leve1, Leve2 & level 3 for routing, switching and WAN connectivity issues using ticketing system Remedy
Certification
Cisco Certified Network Associate (CCNA) - (Cisco ID: CSCO12936452).
Educational Qualifications
• Bachelor’s degree in Computer Science and Information Technology from JNTU - 2007
Linkedin: https://www.linkedin.com/in/sasank-tummalapalli-751566129
Contact this candidate