Security Engineer Agent
Resume:
ARICHANDRAN VEERAN
E- Mail : adm8m1@r.postjobfree.com
Mobile : +1-813*******
ST Louis, Missouri, US
Objective
To offer my services to an organization that provides stimulating and professional environment. Where my abilities, education, training and skills can be used to enhance the efficiency and productivity of the organization while allowing growth in my skills. I am passionate to work on project planning and deployment.
Role of interest
Based on my Technical expertise, I wish to be the Company asset as Senior Security Specialist in IT (Network Planning and Designing).
Education
B.E with Specialization in Electrical and Electronics, Bharathiar University, India (April 2000)
Experience
Total of 20 years experience in Computer Networking
Since Oct 2017 working in Bayer/Monsanto as a Senior Security Engineer
0.8 years work experience in GE Digital as a Senior Manager IT Technology
1.3 years work experience at Lumeris as a Senior Security Engineer
0.7 Months work experience at Monsanto as a Senior Security Engineer
6.6 years work experience at TCS, USA as an Associate Consultant
1.6 years work experience at Almoayyed, Bahrain as Network Engineer
2 years work experience at Atrie Technology Ltd as Network Engineer
4.5 years work experience at Data Access India limited as Network Engineer
1.5 years work experience at R-Tech IT Solutions as System Administrator
Certifications
Checkpoint CCSA,CCSE,CCSM Course completed
Palo Alto Firewall course completed
CISSP Certified Information Systems Security Professional course completed
CCIE (Written) Cisco Certified Internet work Expert
CCSP 642-522 Securing Networks with Pix and ASA (SNPA)
642-532 Securing Networks using Intrusion Prevention Systems (IPS)
642-503 Securing Networks with Cisco Routers and Switches (SNRS)
642-513 Securing Hosts Using Cisco Security Agent (HIPS)
642-552 Securing Cisco Network Devices (SND)
CCNP 642-892 Building Scalable Cisco Internet works (BSCI)\
Building Cisco Multilayer Switched Networks (BCMSN)
642-825 Implementing Secure Converged Wide Area Networks (ISCW)
642-845 Optimizing Converged Cisco Networks (ONT)
CCNA 640-801 Cisco Certified Network Associate
Skills
Could AWS and Azure Direct Connection/VPN Tunnel, Cloud Guard
Security Devices Checkpoint Firewall (Appliance, Nokia, HP, Dell) Cisco ASA 5510/5520
with IPS Module, Cisco Pix 515/525/535, Juniper, Astaro, PFSence
Firewall, Cisco Secure ACS 4.0, Cisco IDS 4215, IPS 4210, Source Fire,
Tipping Point, Cisco ASDM
Load Balancer F5, Cisco 4710, Radware (LTM/GTM)
Routers Cisco 7200, 3945,3800,2800,1800 series.
3600/2600 series, 2500, 1700, 1600,800 series, Nortel, Maipu
Layer 2/3 Switches Nexus, 7K, 5K, 2K, Cisco Catalyst 6500/4500 series
Cisco Catalyst 3750, 3550,3500,2950,2900 series.
Tools Wireshark, Phython
Technical Experience
Bayer/Monsanto Crop Science – Senior Security Engineer (Data Center) (Since Oct 2017)
Primary Responsibilities(Data Center Move)
Migrated Checkpoint firewall from St.louis DC to ATOS DC which include 2 checkpoint management server and 50 checkpoint appliances
Upgraded the checkpoint firewall software from R77.30 to R80.20 Gaia - 60 appliances
Migrated site to site vpn tunnel from checkpoint to Cisco ASR around 100 tunnels and ASR to Checkpoint.
Migrated ASA firewall from St.louis DC to ATOS DC for anyconnect remote access vpn – 6 Appliances
RE-IP project – configured multiple Data Center (IRV, RCH, SNG,SAO,ANT,CHV,STL) security appliance (Checkpoint, Cisco ASA, Cisco source fire )
Migrated Cisco Source fire Management server and IPS from St.louis DC to ATOS DC – 6 Appliances
Deployed more than 100 checkpoint appliances in existing manufacture sites with Terminal Servers
Installed and configured climate corp. firewall appliances
Advanced experience with performance tuning, install pack, update the patch with checkpoint firewall
Manage and expand enterprise level internal IT security, which include, Monitoring multiple checkpoint firewall through Splunk-Lea- loggrabber, intrusion detection, VPN, Solar winds for alerting systems, Algosec audit logs, firewall backup, disaster recovery and external IT vendor relationships
Work with project management professionals to develop and deploy large-scale projects for both
internal and external facing applications
Analyze existing network infrastructure and policies to identify opportunities to enhance security,
reliability, and functionality
Responsible for playing a strategic roll by developing the team into a group of highly technical engineers, in parallel implementing procedures and actions which will act as proactive measures in providing value to our customers
Responsible in resolving severity issues related to security for globally which involve checkpoint/ASA, VPN’s, etc
GE Digital, Altanta, GA – Senior Manager IT Technology(Data Center) (March 2017 – Oct 2017)
Primary Responsibilities
Managing GE Data Center globally which involved Cisco CSM, ASA, PIX, Checkpoint MDS, Checkpoint Gateways, Palo Alto, F5 Viprion/LTM/GTM, Cisco Nexus, routing and switching, VPN’s etc
Migrated Checkpoint firewall hardware and software to Checkpoint Appliance with R77.30 Gaia
Migrated F5 Hardware and Software with hot-fix.
Perform firewall migration and cutover projects between different technologies.
Developed, Implemented, maintained and oversaw enforcement policies, procedures, and associated plans for system security administration and user system access.
Extensive experience at conducting hands-on training on Network/Security fundamentals and
troubleshooting software and end user issues.
Lumeris Healthcare, St.Louis, MO – Senior Security Engineer(Data Center) (Nov 2015 – Jan 2017)
Primary Responsibilities
Migrated Checkpoint Management server – R77.20 Gaia
Migrated Checkpoint firewall hardware and software to Checkpoint Appliance with R77.20 Gaia
Migrated F5 Hardware and Software to F5 Viprion load Balancer
Migrated the Critical Application to AWS cloud
Manage the Riverport, vXchnge, Switch, India, Austion, Springfield Data Center
Responsible in resolving severity issues related to security for globally which involve checkpoint/ASA Firewall, F5 Load balancer/Viprion, AWS Cloud, Nexus, Cisco routing/switching, VPN’s, etc
Monsanto Company, St.Louis, MO Senior Security Engineer(Data Center) (April 2015 – Oct 2015)
Primary Responsibilities
Migrate the Checkpoint Firewall Hardware & Software to CP- R77.20 Gaia with Zero Impact.
Configure, administer, and document firewall infrastructure
Advanced experience with performance tuning, package installation, patch updates with checkpoint fw
Manage and expand enterprise level internal IT security, which include, Monitoring multiple checkpoint firewall through Splunk-Lea- loggrabber, intrusion detection, VPN, Solar winds for alerting systems, Algosec audit logs, firewall backup, disaster recovery and external IT vendor relationships
Work with project management professionals to develop and deploy large-scale projects for both
internal and public-facing applications
Analyse existing network infrastructure and policies to identify opportunities to enhance security,
reliability, and functionality
Responsible for playing a strategic roll by developing the team into a group of highly technical engineers, in parallel implementing procedures and actions which will act as proactive measures in providing value to our customers
Responsible in resolving severity issues related to security for globally which involve checkpoint/ASA, F5 Load balancer, Routing/switching, VPN’s, etc
Nielsen Company, TAMPA, FL - Network Security Specialist(Data Center) (Nov 2008 – Mar 2015)
We are part of the project and implementation team where we plan, design and implement new infrastructure for the client needs. This would include creation of new DCs, bringing up new site which includes firewall, load balancer, IPS, GSS, Layer 3 and layer 2 needs. We would coordinate with a design team and vendors to implement new sites, DCs etc. Infrastructure consists of Checkpoint/ASA-Pix/Juniper firewall, cisco concentrator/Juniper SSL VPN, Cisco/Radware/F5 load balancer, Cisco/Source fire/Tipping point IPS/IDS, GSS, Riverbed, Cisco Router, Nexus/Cisco/HP switches, Cisco/Aruba wireless access controller.
Major Projects
Provider 1 /Firewall Hardware/Software Refresh
Successfully replaced Checkpoint R65 Provider1 to R77.20 & Migrated more than 500 firewalls
from R65 to R77.20 Gaia across the globe it includes Checkpoint Appliance, HP, Dell & Nokia
firewalls.
Migrated 100 Firewalls hardware refreshed from Nokia/HP to latest checkpoint Appliance/Dell.
50 Firewalls software upgrade from R65 to R77.20 Gaia.
Performed the clustering for LATAM, Europe regions for automatic failover of firewalls
Answer’s firewall ip redesigned for Production, QC, LAB setup due to lack of ip & configured
load balancer & firewall accordingly.
Implemented firewall hardware & configuration for NFSLAB project.
Rebuild the new Provider-1 from existing production firewall modules since Provider-1 hardware
got crashed.
Data Center Movement from Columbia DC to Reston Office
Phase 1: 2 WAN firewalls, 2 Main Firewalls, 2 WAN routers, 2 Internet Router, 2 Riverbeds, 2 WAN EXT
switches, 4 Internal Stack Switches
Phase 2: 10 Firewalls, 8 Cisco load balancers, 2 6509 Switches, 2 - 4500 switches, 41 Access switches,
Load Balancer Hardware Refresh
Migrated 40 Radware to Cisco 4710 load balancer for multiple business units base on business
requirement like Sticky/Session based, html page, port based, active/active, active/standby
configuration
(AOD, Kraft, TIBCO, DRFCL, IShared prod/QC, Buzz metric, Bases Work Bench, Congnos,
Ad view, NOL, ODD, ADF,C-DAR etc.)
F5 LB configured for direct access project
IPS/IDS Hardware Refresh
6 Source fire IPS migrated from tipping point, monitoring DMZ & Internet traffic flow.
Data Center Switch Refresh
Migrated Nexus 7k, 5k, 2k switches from old legacy cisco 6500 & 4500 series switches, moved
multiple server platforms to Nexus (Windows/Unix/Netezza/datacom/ESX-Cluster)
Oldsmar End User Refresh
Core Switch refreshed from 6509 to 4510
Installed Checkpoint 13500 firewall & attached to P1
LAN switch refreshed from HP/Nortel to cisco 3750 stack switch (200 Switches)
Refreshed cisco wireless controller & 210 access point with Legacy Aruba devices
IBOPE Client Integration
Install Checkpoint Appliance & configure cluster in Lebanon, Millan, Lugano
Establish site to site VPN tunnel between 56 client locations to Nielsen & configure redundant link between IBOPE Mexico to Nielsen.
Email Cloud
Installed & configured cisco load balancer with DMZ, Internal context between two data center
Require firewall port opened between servers, data center & Microsoft office.
ODD
Installed & Configured Cisco load balancer with Sticky based connection
Allowed firewall port in Juniper, pix, checkpoint firewall from SSL VPN, digital line, external
clients
Private Verizon DRFCL project
Installed & configured check point 4407 firewalls
Installed & configured cisco 3750, ASR & establish GRE tunnel between ASR to Verizon Router
for DRFCL data collection units.
GTAM
Installed & configured Checkpoint firewall 2205.
Installed & configured Cisco3750-G & 2901 router.
Other Responsibilities
Responsible in resolving severity issues related to Network for Nielsen Network globally which
involve Checkpoint/Pix/Juniper Firewall, Cisco/Radware/F5 Load balancer, Routing/switching,
VPN’s, GSS etc
Backup auto failover from MPLS to VPN configured and implemented successfully for Nielsen
for major region.
Involving firewall change implementations, VPN Creations, Syslog, bandwidth monitor via HP-
Open view.
Periodic Firewall, Load balancer, Router, Switch hardening and firewall rules audit.
Working with ISP(AT&T/Equant-Orange/Quest) for new MPLS/Internet implementations.
IT Infrastructure Service delivery to provide support to all the business processes in resolving day-
to-day network related issues faced by the internal users and third party client.
Handling Severity Issues on Network Interruption which affects Business /Client Deliverables and
working towards its Effective Resolution
Carry out onsite Due Diligence and study of a new opportunity by traveling to customer s office
premises.
Responsible for Network upkeep, troubleshooting network problems and provide solution within
specific timeframe.
Plan and augment network capacity based on the demand from business.
Handling Globally 5 Data Centers which includes 1000 plus sites
Almoayyed –Bahrain, U.A.E as Network Engineer(Data Center) (Mar 2007 – Oct 2008)
Almoayyed is one of the leading conglomerates in the kingdom of Bahrain with diverse business interests in fields of Information Technology, The Systems Application International LLC, Dubai; UAE is the premier infrastructure solutions provider.
Project Details
Global Banking Corporation
Designing the switched Network and configuring 6509E for Intervlan Routing.
Implementing switch security by STP, VTP and configuring Port Security
Securing Configuring Ether channel to connect to the edge switches connected through Fiber.
Deploying Cisco ASA 5520 with IPS for Access Control and Intrusion Detection.
Installing IEV to monitor the events caused by triggering the IPS Signatures
Installing CSMARS and Adding ASA, Routers, IPS and Servers for event correlation.
Configuring Router for ADSL connectivity and Net flow to detect anomaly detection.
Solidarity
Installed and configure ASA 5520 Security Appliance with standard and extended access-lists and policy-based filters with object-groups.
Configuring stateful failover for redundancy
Installed and configured IPS Module to detect network attacks signatures.
Configured IPSEC VPN tunnels between ASA and Check Point using IKE pre-shared keys, 3DES and MD5 algorithm in ESP tunnel mode.
Configure Remote Access VPN for Remote users.
Install and Configure VPN Management Solution 2.3
Managing and Monitoring IPS and ASA 5520 through VMS2.3
Connecting different Branches through Lease line.
Providing internet connection to users through ADSL Connection.
Configuring Policy Based Routing to distribute traffic between 2 ADSL Lines
Configuring Frame-Relay for branches in Saudi Arabia and Oman.
Implementing Qos and Traffic Shaping for Frame-Relay after monitoring the bandwidth and Network with the Sniffer.
Gulf Air
Provided Consultation to Gulf Air for Deploying IDS 4260 Appliances in Load balancing and Failover Mode by configuring them through inline Vlan Pair Mode after analyzing their existing setup.
Provided Consultation for replacing PIX Firewall with ASA 5520 in failover.
Traffic capturing and analysis throughout their core Network
Configuring PIX firewall 515E for Failover.
Configuring Juniper Firewall for International Offices across the world to connect the Central Office Bahrain
Monitoring Sonic Wall firewall for SSL VPN
Shamil Bank
Designing the Switch Network and Configuring 6500 Series Switch as a core Switch.
Configuring HSRP to provide redundancy to the VLANs
Implementing VLANs and Configuring 6500 Series switch for inter vlan Routing
Connecting ATM Machines through Frame-Relay.
Interconnecting 10 Branches through Lease Line and Providing Backup through ISDN.
Installing and Configuring IDSM-2 Module into 6500 Series Switch
Upgrading IDS 4215 and IDSM-2 module for 6.0.
Updating signatures on these devices through cli via FTP to protect against attacks
Installing and Configuring VMS 2.3 to Manage IDS 4215, IDSM-2, and PIX Firewall.
Installing and Configuring Cisco Works 6.1 to Manage routers and Switches.
Dome Cafe – Australia
Configuring site-to-site IPSEC VPN between Pix Firewall and Router on overlapped networks between Bahrain and Australia (Perth)
Configuring café network by interconnecting Micros POS, Great Plains to application servers at Perth
Providing internet access in the café through wireless by installing wireless AP
Isolating wireless users with server by configuring secondary ip addresses and access-lists
Arabian Gulf University
Designing the Switch Network and configuring 4500 series as core switch
Implementing Vlans and configuring Inter-vlan Routing on 4500 Switch.
Configuring Port Security, DHCP Snooping and mitigating against VLAN Hopping Attacks.
Configuring router for Frame-Relay internet Connectivity and Providing Perimeter Security.
Installing and Configuring ASA 5520 with Active/Passive Failover.
Installing and Configuring VMS 2.3 for the management of ASA 5520 and HIPS.
Installing Cisco Security Agents on 10 servers including MAIL Server, WEB Servers, and Distance Learning server.
Utmost Electronics (ON-SITE PROJECT IN DUBAI)
Configuring site-to-site IPSEC VPN between Pix Firewall and Router on overlapped networks between Dubai and Bahrain
Implementing VLANs, Interconnecting different Branches through Lease Line and Providing Backup through ISDN.
Atrie Technology Bangalore, India as Network Engineer (Jan2005 - Feb2007)
Atrie Technology is a professional MUX, Router, switch, modem, Converter manufacturer dedicated to the Data communications industry for over a decade and Focused to Design, Manufacture of Data com and telecom products viz, Leased Line modems, Ethernet switches, Enterprise routers, VOIP product and Wireless LAN as well as development of infrastructure for telecommunication and IT Industry. Atrie’s Research and Development (R&D) is based in Taiwan
Job Responsibilities
Configured and installed Maipu Routers MP800, MP17XX, MP26XX, MP36XX Series
Configured and installed Maipu L2/L3 switches
Configured and installed Maipu DXC 9400, MP3600 Series
Configured and installed IP DSLAM 2048, 2024 Series
Configured and installed Atrie Ws 3000, 4000, 4000RE, 5000, 5000B, 5100, 5300 modems
Configured and installed Atrie Ws 144LCD, 288LCD, 336RE analog modems
Configured and installed Atrie Interface Converter 610, 620, 630, 3000C
Configured and installed Atrie WLB 1402, 2000 Wireless Access Point
Coordinated with DXC, Router, switch, modem configuration and Leased line users for their connectivity
Data Access India Ltd(NOW) – Chennai, India(Data Center) (Aug 2001- Dec2004)
Data Access India Ltd is a joint venture of PCCW, Hong Kong and SPA Enterprises, India, offering ISP and ILD services in the brand name of NOW ISP. SPA Enterprises has business interests spanning media, telecommunications and IT enabled services as well as development of infrastructure for telecommunication services, across 5 continents
Job Responsibilities
Configured and installed CISCO Routers 7206VXR, 2600, 2500,1700, 800 Series
Configured and installed CISCO Switches 1900, 2924, 2950, 2948G-L3
Configured and installed RAD, ASCOM, RAISE COM Modems and WAN PRO 2000 Router
Configured and installed Dialup and ISDN Equipments
Coordinated with ISDN and Leased line users for their connectivity
Implemented network products using Hubs, Switches, Patch Panels and Patch Chords
Configured DHCP server, Proxy server to share the internet connectivity for more systems
Implemented and Maintain the Data circuit and Local Area Network
Knowledge of TCP/IP Protocols and Subnettings
Installation, Configuration and Maintenance of Indian Airlines call center Lucent Definity
R-Tech IT Solutions Chennai, India – System Admin (Apr 2000 – Jul 2001)
Job Responsibilities
Implemented and Maintained in Microsoft Windows NT/2000 Server
Implemented and Maintain the Data circuit and Local Area Network
Configured and installed Dialup and ISDN Equipments
Configured Network printer
Operating System Installation, troubleshooting hardware and peripheral devices
Assembling various kinds of chipsets and Motherboards
Have involved in designing the network and supervising the installation of network
Personal Profile
Passport No H6949349
Visa Status Green Card
Nationality Indian
Languages Known English, Tamil, Kannada
Contact this candidate