Security Engineer
Resume:
DIGVIJAYSINH PARMAR
Chicago-*****
Email:*****************@*****.***
Linkedin: https://www.linkedin.com/in/digvijay-parmar-44b909106
Contact:+1-312-***-****
CAREER SUMMARY:
4+ yrs. of experience in a Network security Domain as a Network Security Engineer specializing in Network security, Firewalls.
Experience in installing, configuring and troubleshooting of Checkpoint Firewall
Experience in adding Rules and Monitoring Checkpoint Firewall traffic through Smart Dashboard and Smart View Tracker applications
Experience in the setup of Access-Lists, and RIP, EIGRP, and tunnel installations.
Proficiency in configuration of VLAN setup on various Cisco Routers and Switches.
Expertise in the analysis, implementation, troubleshooting & documentation of LAN/WAN architecture and good experience on IP services.
Highly experienced in VPN Implementation IPsec VPN and SSL VPN Server-to-Server and Client-to-Server.
Experienced in DHCP DNS, SMTP, FTP, TCP/IP, LAN, WAN, LDAP, security management, and system troubleshooting skills.
Configuration & troubleshooting of routing protocols: MP-BGP, OSPF, EIGRP, RIP, MPLS.
Experience in Configuring Checkpoint Clusters with GAIA OS
Experience in tools like SNMP, AAA, RADIUS and designed VPN with IPSEC security layer.
Expertise in IP sub netting and worked on various designing and allocation various classes of IP address to the domain.
Experience in authentication protocols PAP, CHAP, 802.1x and Port Security and Configuring Security policies including NAT, PAT, VPN, Route-maps, prefix lists and Access Control Lists
Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: OSPF, EIGRP, RIP, IGRP, BGP etc.
Knowledge on Nexus 7000, Nexus 5000 and Nexus 2000 switches
SKILLS:
CCNA &CCNP (Routing & Switching)
OSI model, LAN/WAN, Switch Trucking and Network Security.
Troubleshooting and monitoring layer 2 and layer 3 protocols like RIP, EIGRP, OSPF, STP, VTP, VLAN, HSRP, VRRP.
Hands on experience on Cisco routers and switches.
CCIE SECURITY (CISCO ASA & VPN,Firepower,NGIPS, ISE,Web and Email Security Technologies)
Evaluating hardware models of the Cisco ASA adaptive security appliance product line. Configuring firewall rules for optimal traffic flow between different zones like LAN, WAN, DMZ, VPN.
ASA Management, Static NAT, Dynamic NAT, NAT exemption, MPF, FTP advanced inspection.
ASA Active/Active failover, Active/Standby failover, Threat detections, Time based ACL.
Working with site-to-site VPNs using ASA and Cisco IOS features.
Implement ASA as a transparent firewall. & Implement High availability and context feature on ASA.
Implementing routers on network perimeter with Cisco IOS Software security features like Access control list.
Making Cisco IOS zone-based firewall to perform basic security operations on a network.
Configure security features on Cisco switches like port security, ARP inspection, DHCP snooping.
Cisco IPS, ISE & Cisco WSA (IronPort)
Sensor initialization, promiscuous mode, inline mode, signature tuning, blocking and rate filtering, Anomaly detection, virtual sensors, application inspection and logging.
WSA Management, Identities, Access Policies, HTTP Session Processing and Transparent Mode WCCP L2 & GRE mode, HTTPS dynamic policies.
CHECKPOINT (CCSE)
nitialize and configure R76 operating system. And Configure and tune the policy rules per need.
Configure and tune the policy rules per need. As well Taking backup of policies, snapshot.
Configure virtual system extension (VSX). And CLUSTER XL implementation.
Worked on SMART CONSOL TOOLS like SMART DASHBOARD, SMART MONITOR, SMART TRACKER.
Configure IPSEC site to site VPN, NAT rules and Routing.
FORTIGATE (FCNSA)
Initialize& troubleshoot FortiOS5.0. And Configure Security policies and backing up the config and policies.
Implement virtual domain (VDOM) feature. Deploy FortiGate as a layer 2 devices (Transparent mode).
Configured IPSEC SITE TO SITE VPN, Routing and NAT. And Configure FortiGate to provide high availability.
PALOALTO NETWORKS
Initialize and configure of PAN OS & Configure and modify interfaces, zones and security policies.
Configure and modify interfaces, zones and security policies. And Configure NAT and Routing.
Deploy the device in transparent mode. As well Configuring IPSEC site to site VPN.
EDUCATION AND PROFESSIONAL CERTIFICATIONS:
Masters in Network Security, DePaul University – Chicago, IL. (Expected in Dec 2017)
Bachelor of Science in Information Technology
Post-Graduation Diploma in Computer Applications
CERTIFICATIONS:
CCIE Security Certificate(W)
CCNP (R&S)
CCNA (R&S)
CCSE (Checkpoint Certified Security Expert)
ACE (Paloalto Networks)
PROFESSIONAL EXPERIENCE:
Capgemini – Bengaluru, India September 2014 – December 2015
Network Engineer Security
Security Device – Palo Alto/ASA Firewalls, Sourcefire IPS/IDS, Cisco Identity Services Engine (ISE), VPN
Configured Firewall and updated rules (Palo Alto/Cisco ASA)
Handling incident management and change management.
Configured, troubleshoot and maintain site to site IPSEC VPN connectivity between Checkpoint to Checkpoint and Checkpoint to ASA.
Managed, operated and analyzed results from Sourcefire (Cisco Firepower) & NGIPS.
Configured and performed troubleshooting routers and switches.
Updated routes and ACL (Access Control List)
Configuring iRules on network based F5 Load balancers with software module GTM
Experience with connectivity of Cisco Networking Equipment with F5 Load Balancer
Configuring, Administering and troubleshooting MPLS, Cisco routers and ASA firewall
Configuring BGP/OSPF routing policies and designs, worked on implementation strategies for the expansion of MPLS, DHCP and VPN networks
Technically supported in configuring, troubleshooting and analysis of customer’s networks related to Cisco Identity Services Engine (ISE)
Implementing and configuring F5 LTM's for VIP's and Virtual servers as per application and business requirements.
Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
Exposure to wild fire feature of Palo Alto.
Build Site to Site IPsec based VPN Tunnels between various client and business partner sites
Troubleshooting connectivity issues with in the server zones of the Data center (between application servers, database and web servers) as well as user requests and user connectivity issues from various branch locations, office locations and third party sites to data center.
Actively use, smart view tracker, and Checkpoint CLI (to security gateways) for troubleshooting.
Perform advanced troubleshooting using Packet tracer and tcpdump on firewalls.
Implement Cisco Secure Access Control Server (ACS) for TACACS+.
Networkers Home – Bengaluru Area, India November 2012 – August 2014
Network Security Engineer
Monitoring, Configuring, Implementing and Troubleshooting Network Security Issues.
Performed configuration and troubleshooting on Cisco devices.
Backup of IOS, configuration & hardening of Network devices. Handling incident management and change management.
Conducting knowledge sharing sessions for internal employees.
Support day-to-day administration system of various firewall devices including ASA, FWSM, as well as Cisco Routers and Catalyst Switches
Documentation of all customer's interactions.
Configured and maintain Cisco's Adaptive security appliance 5510 (ASA-5510).
Configured policies to allow users to access internet and configured NAT.
Configured VPN with different sites
Worked on Active/Standby FAILOVER for provide high availability.
Offering technical training to internal employees on ASA/VPNs.
Contact this candidate