Hands-On Data Center
Resume:
PROFESSIONAL SUMMARY:
•Over *+ years of hands-on experience in designing, integrating, deploying, maintaining, supporting a broad range of Network and security infrastructure.
•Strong hands-on experience in layer-3 Routing and layer-2 Switching. Dealt with Nexus models like 9K,7K, 5K,2K series, Cisco router models like 7200, 4400, 3900, 3800, 2900, 2800, 1900, 1800 series and Cisco catalyst 6500,4500, 3750, 3500, 2900 series switches, WLC’s, WAP’s, Proxies.
•Experienced in Deploying Wireless Network Infrastructure and Wireless Survey Best Practices. Experience with Cisco wireless solutions including 2504, 5508, 5520, 8500 WLCs.
•Advanced knowledge in TCP/IP suite and IPAM, routing protocols, such as OSPF, EIGRP, ISIS, and BGP.
•Network protocols, Firewalls and Communication Network design.
•Advanced knowledge, design, installation, configuration, maintenance and administration of Juniper SRX Firewall, Juniper EX and Juniper MX devices.
•Proficient in design, implementation, management and troubleshooting of Check Point firewalls, Check Point Provider-1 / VSX, Palo Alto IDS/IPS modules, Data Center Migration, Foundry/F5 Load Balancers
•Experience in monitoring, debugging, and resolving Cisco infrastructure issues like routing, Network Hardware/Software failure, configuration, WAN outages, and performance issues.
•deployed the Firepower Management Center (FMC) and Firepower Threat Defense (FTD)
•Knowledge on Amazon AWS Virtual private cloud services.
•Implemented Zscaler products ZIA (Zscaler internet access) & ZPA (Zscaler private access) in Production
•Provided Desktop Support for internal users and Handled Service-Now tickets related to & Zscaler Proxy, Zscaler private access, Secure Pulse VPN and Aventail VPN along with the connectivity issues and escalating working with TAM whenever needed.
•Experience in Intrusion Detection, DMZ, encryption, Zscaler proxy service, SSL VPN, Port-security and policy-based routing.
•Working experience on Software Defined Network (SDN) controllers Cisco ACI, OpenDaylight and SDN
•protocols Openflow and Netconf, SD-WAN and Network Function Virtualization (NFV).
•Strong knowledge of API design such as Netconf, RESTful API as well as configuration management
•tools such as CHEF, Ansible
•Experience on Deploying, Scaling and troubleshooting many Datacenters across all of AWS network fabrics.
•Experience on AWS data backup (snapshot, AMI creation) techniques, along with data-at-rest security within AWS.
•Experience on Deploying the code to AWS instances and spin new instances when and where required.
•Experience on Developing an executable application that securely transfers files and creates folders in AWS S3.
•Experience in Creating Lambda functions in AWS for Application development to manage S3 security.
•Experience in Creatin Server-less Architecture for on-premises Application Migration to AWS cloud.
•Experience in creating AWS Architecture for availability, scalability and reliability using Auto Scaling.
•Experience in Creating and deployed 2-Tier Server less Architecture using AWS Lambda and API Gateway
•Experience in using the S3 and RDS to store Data, EC2 and AWS lambda for computation and Cloud watch to monitor.
•Working experience on Cisco Virtual Office solution.
•In-depth knowledge and experience on IP Addressing, Subnetting, VLSM, and ARP, Ping concept, working knowledge on OSI model, TCP/IP, 802.1q.
Separated the data model in a playbook or role from the execution layer (via Ansible modules) to manage heterogeneous network devices.
Developing secure communication with network hardware over SSH or HTTPS
Provided direct support for all hardware moves, add and changes for the VoIP devices and troubleshooting with customers onsite and remote.
Experience in performing system administration for Red Hat Linux, Microsoft Windows 2008 Enterprise Server, Windows 2003 Standard/ Enterprise Server, Windows 2000 Standard/ Advanced Server, Windows98/XP/Vista/7.
Experience with working on latest cisco switches like Nexus 2000, 5000, 6000 and 7000 series switches while implementing advanced features like VDC, VPC, OTV and Fabric Path.
Troubleshoot Data center network issues, Cross connectivity and WAN Backbone issues between Data centers.
Experience in cloud, wan optimization and application performance, and applications delivery, utilizing Riverbed's complete Applications Performance Infrastructure platform.
Used DHCP to dynamically assign reusable IP addresses to DHCP clients using Infoblox IPAM and resolved IP address conflicts.
Provide testing expertise for various technology environments. Responsible for developing, executing and evaluating Network test plans.
Strong troubleshooting skills using Packet capture in Cisco devices and FW monitor and TCP dump in Checkpoint devices and analyzing them in Wireshark & NetScout.
Experience in configuring and Troubleshooting BIG-IP F5 load balancer LTM & GTM.
Experience in Design and configuring of OSPF, BGP on Juniper Routers (MX960, MX480).
Demonstrated experience in developing, implementing, auditing Checkpoint firewall (R77.30) configurations and analyzing, optimizing rule sets.
Complete understanding of basic and advance F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 load balancer and general troubleshooting of the F5 load balancers.
Used Cisco ACI (Application Centric Infrastructure) SDN architecture to reduce operating costs, automate IT tasks, for greater scalability and visibility in a data center environment.
Experience with converting Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Palo Alto rules.
Experience in Physical cabling, IP addressing, configuring and supporting TCP/IP.
Hands on experience with ACI (Application Centric Infrastructure) with spine and leaf architecture.
Responsible for maintenance and utilization of VLANs, Spanning tree, HSRP, VTP of the switched multi-layer backbone with catalyst switches.
Hands on experience with packet sniffer, TCP DUMP and Wire shark for packet monitoring.
Written Python and Power shell scripts for the automation of deployments and integrating with the CI tool.
Deploy, scale and automate network across multiple global datacenters supporting Amazon Web Services (AWS).
Worked with I.T. Departments on "Best Practices" for Blackberry Server, Exchange/Active Directory Deployment, Windows 7 and Office 2010 Rollouts.
Great exposure to SDN and network function virtualization (NFV) technologies like Cisco ACI.
Troubleshooting and problem resolution of Virtualization (vSphere 4.1\5.1\5.5) Infrastructure.
Provided second/third level technical support for ACI (Application Centric Infrastructure) technologies
TECHNICAL SKILLS:
Networking Technologies
LAN/WAN Architecture, TCP/IP, VPN, VLAN, VTP, NAT, PAT, STP, RSTP, PVST, MSTP
Networking Hardware
Cisco Switches, Cisco Routers, ASA/Pix/Palo Alto/Fortinet/Juniper firewalls.
Routing Protocols
OSPF, ISIS, EIGRP, RIP, MPLS, IS-IS, BGP, Multicasting
Security Technologies
PAP, CHAP, Cisco PIX, Blue Coat, Palo Alto, ASA, Fortinet, Checkpoint
Network Monitoring
SolarWinds, Wireshark, HRping, Whatsupgold, Infoblox, Geoprobe, Iris scanner, TDR Viewer.
Operating Systems
Windows 7, Vista, XP, 2000, LINUX, Cisco IOS, IOS XR, IOS-XE, NX-OS
Cloud Technologies
AWS, Azure, Netconf, Cloud -Hosted PBX.
Routers
1800, 2611, 2800, 3600, 3845, 3900,4300, 4400, 4500, ASR 1000X, 7206VXR, Juniper M & T Series.
Load Balancers
F5 Networks (BIG-IP), NetScaler (Citrix)
Capacity & performance
Cascade Riverbed (Flow Monitor), WAN Killer
Switches
CISCO 2960,3750,3850, CAT 9300, CAT9400, CAT 9500,4500,6500,6800 Nexus 7k,5k,2k
Programming Languages
C, C++, Perl, Power Shell, Python, Restful
Simulation Tools
GNS3, VMware, OPNET IT GURU, OPNET Modeler, Cadence
Firewalls
Juniper Net Screen (500/5200), Juniper SRX (650/3600), Pix (525/535), ASA (5520/5550/5580), McAfee Web Gateway, Checkpoint, Palo Alto firewalls.
AAA Architecture
TACACS+, RADIUS, Cisco ACS
Features & Services
IOS and Features, HSRP, GLBP, VRRP, IPAM IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP and FTP Management, Open Stack, IVR’s, HLD and LLD documents, Dell equal logics
Education:
Masters in Information Technology management and Administration services .
Bachelors in computer science and engineering, Sathyabama University, Chennai.
CERTIFICATION:
(CCNA) – Cisco Certified Network Associate
(CCNP) – Cisco Certified Network Professional
(PCNSE) – Palo Alto Certified Network Security Engineer
(JNCIA) – Juniper Certified Network Associate
PROFESSIONAL EXPERIENCE:
CLIENT: Verizon Jan 2025- Present
Location: North Carolina
Role: Network VoIP engineer
Responsibilities:
Managed and troubleshot VoIP and cellular network issues for Verizon’s wholesale business clients, ensuring seamless connectivity and minimal service disruptions.
Performed in-depth RAN (Radio Access Network) troubleshooting, including LTE, 5G NR, and legacy CDMA/GSM technologies, to optimize network performance.
Monitored and diagnosed SIP signaling failures for VoIP services using Wireshark, Geoprobe, and IRIS Scanner, ensuring optimal call routing and performance.
Executed break/fix procedures for VoIP and cellular infrastructure, repairing or replacing hardware in compliance with data center and network standards.
Conducted root cause analysis on recurring VoLTE call failures, dropped calls, and handover issues, collaborating with cross-functional teams for permanent solutions.
Ensured compliance with on-site deployment, integration, installation, and configuration of Verizon’s Meraki Platform, Cisco Switches, and PBX Systems to maintain production workloads.
Designed and implemented VLANs, ACLs, IP addressing, and QoS (DSCP, LLQ) policies to optimize voice and data traffic across Verizon’s network.
Designed, deployed, and maintained enterprise-wide Aruba Wireless networks, optimizing coverage, security, and performance using Aruba Central/AirWave.
Managed and configured Cisco ASA and Palo Alto firewalls, including NAT, ACLs, VPNs (IPSec, SSL), next-gen security policies, and threat prevention for enterprise security.
Designed and implemented hybrid cloud networking solutions in AWS, Azure, and Google Cloud, integrating VPN, Direct Connect, ExpressRoute, and security groups for secure connectivity.
Participated in DOCSIS planning and deployment operations, designing and integrating communication architectures, topologies, hardware, and signaling links.
Validated and confirmed network changes and upgrades on multi-vendor equipment, including Arris, Casa, Cisco, Juniper, and Alcatel-Lucent during maintenance windows.
Created and deployed Methods of Procedure (MOPs) using Python, Lynx, and Bash for automation and efficiency in network configurations.
Maintained Cisco networking devices, VoIP gateways, firewalls (SIP ALG, ACLs), and Crestron audio systems to ensure network security and operational stability.
Provided 24/7 monitoring and tiered support for enterprise LAN/WAN infrastructure, troubleshooting BGP, OSPF, EIGRP, RIP, IS-IS, HSRP, and MPLS.
Assisted Cell Site Technicians in troubleshooting and optimizing base station equipment, antennas, and fiber backhaul for improved cellular performance.
Investigated and resolved SIP trunking issues between Verizon and third-party carriers to ensure seamless interconnectivity.
Supported Hyper-V, VMware ESX, Active Directory, and Windows Server troubleshooting, ensuring minimal downtime for hosted infrastructure.
Installed, configured, and maintained ESXi 6.0/6.5 hosts on HP ProLiant and Dell Rack servers, supporting cloud and on-prem environments.
Conducted drive testing and RF analysis to measure signal strength, interference, and call performance in problem areas.
Assisted with firmware upgrades, software patches, and security updates for Verizon’s SBCs, firewalls, and networking equipment.
Ensured E911 compliance under Kari’s Law and RAY BAUM’s Act, troubleshooting location-based emergency call routing.
Configured and maintained JUNOS-based SRX firewalls and MX/EX routing infrastructure for secure and optimized network performance.
Managed network monitoring tools to track performance across Windows, Linux, Solaris, HP, AIX, and UNIX OS environments.
Designed and maintained F5 BIG-IP LTM, GTM for high-availability application delivery, SSL offloading, and DDoS mitigation.
Developed custom playbooks in Ansible for network configuration management, backup automation, and device compliance enforcement.
Designed network failover and disaster recovery strategies, ensuring 99.99% uptime using redundant network paths, BGP peering, and load balancing solutions.
Performed data center walkthroughs, verifying alerts for PDUs, HVACs, and RPPs, ensuring environmental stability.
Organized and labeled Ethernet and fiber cabling for better tracing, troubleshooting, and improved efficiency in network operations.
Assisted the Datacenter Inventory and Asset Management Team in shipping, receiving, and inventory tracking to manage high work volumes.
Collaborated with Windows, Linux, and server teams, ensuring smooth IT operations and effective troubleshooting across all departments.
Maintained up-to-date knowledge of Verizon’s ticketing system, cellular network configurations, and emerging wireless technologies to enhance operational efficiency.
Client: Ernst & Young
Location: Roseville, CA May 2023– Dec 2024
Role: Network Data center engineer
Responsibilities:
Understanding customer requirements and application dependencies to provide the network solution with scalability.
Produced technical solution for Palo/Cisco firewall issues across the Network.
Performed firewall object clean-up to find and delete the duplicate objects using FireMon tool to standardize the firewall environment.
Created security and NAT policies to allow requested communication for palo alto firewalls using Panorama management server.
Created security policies to allow requested communication for cisco ASA and FTD firewalls using cisco firepower management server (FMC).
Troubleshooting connectivity issues if any communication drops on firewalls in path (Palo and Cisco).
Worked on Load balancer (Big-IP) requests to modify/update/config the VIPs, Pools and pool members as per customer requirement.
Worked on issues with IPS/IDS servers, Zscaler and bluecoat proxies.
Worked on Azure AD SAML authentication for ZScaler authentication and AD group-based policies.
Worked on Zscaler over the user web traffic, when the user is outside of the corporate network (off network)
Worked on Zscaler for our Internet traffic cloud proxy solution, all our corporate traffic is redirected to Zscaler to provide the security to all the internal APP's and internet traffic.
Worked on Zscaler Cloud based web security to manage the corporate web traffic.
Configuration of checkpoint firewall mainly VSX according to client topology and checkpoints features such as Application & URL filtering, IPS, Identity Awareness, IPS, VPN.
Installation and Configuration of Cisco Catalyst switches 6500, 3850 & 2960, 9300 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy it also includes the configuration of port channel between core switches and server distribution switches This included Meraki MX/MS/MR/Z3 devices and design/configuration Cloud solutions - AWS setup and deployment for SDWAN solutions.
Worked on SSL certificate requests to update/renew the client/server SSL certificate for F5.
Worked on configuration changes for switches part of server migrations.
Currently training on automating AWS tasks using Terraform.
Monitoring enterprise network using monitoring tools SolarWinds and Netconf.
Experience with AWS (VPC, Transit Gateway, EC2, CloudFormation Stacks, Cloud Watch logs, Cloud Trail, IAM policies, Route 53, Direct Connect, Global Accelerator, CloudFront, Network Load Balancers and Application Load Balancers).
Design and implementation of Restful API for retrieval and modification of nGeniusOne site records
Integrated Restful API to python automation script.
Deployed the Nexus 9000 Application Virtual switch to support network telemetry applications and
9000 Core with VPC and 3172 TOR.
Removed inactive network stores from database.
Created script that generate report of outdated networks in nGeniusOne database.
Deployed AWS Transit Gateways for multiple projects for the communication between VPCs and for the traffic inbound/outbound Internet. Eliminating VPC peering connections with Transit Gateway for Equal Cost Multi Path and Scalability.
Designing and supporting the consolidation of data centers utilizing Cisco 6500, Nexus 2K, 5K and 7K infrastructure.
Configure and maintain all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale Firewall deployments.
Hands on experience on all software blades of Check Point Firewall. 24x7 on-call step-up support as a part of the safety operations team.
Hands on experience with Cisco Meraki switching and wireless LAN. Switching, VLANs, spanning tree, 802.1q, channeling
Worked on the installation of Meraki MR42E and MR53 wireless access points for cloud management.
Configured Ansible to support several sources like environment variables, command-line options, playbook keywords, and variables.
Responsible for Palo Alto and Cisco ASA firewall, FortiGate administration across global networks. Experience with Palo Alto 5K series firewalls. Worked on URL Filtering, SSL Forward Proxy, SSL Decryption, APP ID, Threat ID on Palo Alto Firewalls.
Working closely with knowledge center management to investigate the information center sites for cabling necessities of assorted network instrumentation.
Migration from Checkpoint firewall cluster to Cisco ASA 5580 firewalls in a failover pair configuration.
Provided application-level redundancy and accessibility by deploying F5 load balancers long-term memory.
Experience with converting Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience.
Provided Level-3 Network support for Cisco Switches and Cisco ASA 5500 Series Security.
Implemented Site-to-Site VPNs over the Internet utilizing 3DES, AES/AES-256 with ASA Firewalls.
Experience in converting PIX rules over to the Cisco ASA solution.
Experience with Azure cloud connectivity using express routes. Configured express routes and NSG in could security.
Experience with azure cloud security center, cloud application security.
Experience with azure AD for authentication to cloud apps using SAML
Experience with ZSCALER cloud proxies ZIA and ZPA. Worked on setting up tunnels to ZSCALER ZENS, zero trust network access.
Experience with palo alto and checkpoint firewalls with next gen firewall features that includes app id, threat id, URL filtering, user id, SSL decryption.
Experience with f5 and AVI networks for application load balancing.
Experience in configuration and maintenance of Call Manager, CUC,IP Phones, IP Communicators, troubleshooting user related issues, proactive and reactive monitoring of VOIP Server and VOIP Gateways.
Experience with data center technologies that include spine leaf, cisco ACI, Arista cloud vision. Well versed with Nexus family switches to implement vpc and vdc.
Experience with Versa SD WAN for remote site connectives over mpls network, configuration of routing and application policies in SD WAN.
Experience with network segmentation using Illumio and palo alto firewalls for traffic filtering and applying policies on illumio central manager. Worked on configuring policies in illumio for east west and north bound traffic flows using tags.
Implementation of SDWAN, Meraki and AWS transit gateway.
Designing and assisting in deploying enterprise-wide Network Security and High Availability Solutions for ASA.
Worked extensively in Configuring, observation and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover demilitarized zone socialization & configuring VLANs/routing/NAT.
Managing a TACACS server for VPN user authentication and network devices authentication.
Performed Imperva Secure Sphere DAM on WAF Health Checks.
Managing and providing support to numerous project groups with regards to the addition of recent instrumentation like routers switches and firewalls to the DMZs.
Implementing traffic engineering on existing Multiprotocol Label Switching (MPLS) network and Open Shortest Path First (OSPF).
Provided redundancy in a very multi homed Border Gateway Protocol (BGP) network by tuning AS-path.
Handling enterprise outages effectively and driving towards the resolution. Coordination of fault escalations in conjunction with the first high-level technical management of high priority or technically complicated calls.
.
Earlier efforts included verification of DOCSIS upstream logical channels, proprietary RF spectrum.
management algorithms, system high availability, etc.
Proficient with container systems like Docker and container orchestration like EC2 Container Service, Kubernetes, worked with Terraform.
Deploy, scale and automate network across multiple global datacenters supporting Amazon Web Services (AWS).
Knowledge and skill on 802.11 a/b/g/n LAN normal for wireless Technology.
Used Cisco ACI Fabric which is based on Cisco Nexus 9000 Series Switches and the Cisco Application Virtual Switch (AVS).
Environment: Nexus 2k/5k/7k, Cisco 6500/7500/7200 Routers, Cisco 3550/4500/6500 switches, Juniper SRX100, Fortinet Next Generation Fire Walls, LAN, WAN, OSPF, RIP, BGP, EIGRP, HSRP, VPN, Checkpoint, Cisco ASA, AWS, TCL, Riverbed, Clustered SQL server 2014/2012/2008R2/2008/2005, DC migration, Active-Active& Active-Passive Clustering, Windows 2012/2008R2/2008/2003
Client: Chase July 2022 – Jan 2023
Location: Chicago, IL
Role: Network Engineer
Responsibilities:
Daily analyzing network traffic and looking for trends, malicious activities, created vulnerability report with action plans.
Primary responsibility for the Core Security of the Network. Managing the entire Network Security Products deployed in the network such as Checkpoint (GAIA R75.40/77.20).
Configuring VLAN, Spanning tree, VSTP, SNMP on Juniper EX series switches.
Researched, designed, and replaced aging Checkpoint firewall architecture with new next generation Palo Alto appliances serving as firewalls.
Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering)
Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
Successfully installed Palo Alto PA-3060 firewalls to protect Data Center and provided L3 support for routers/Switches/firewalls.
Experience with converting Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience.
Ensured all team members understand and are onboard with the SOC mission statement and goals.
Ensured the team has quarterly/annual objectives and goals.
Ensured the team performs quality analysis of security events via routine audits/coaching.
Ensured the team provides customers accurate and insightful analysis of security events in a timely manner.
Installation, configuration, and troubleshoot on Riverbed Steelheads.
Ensured all team members providing top notch customer service via routine audits/coaching.
Ensured all work within team is being recorded in a work order, copiously notated, and ensuring the requests are addressed in timely fashion.
Ensured SOP processes and procedures are accurate, efficient, update-to-date, and scalable.
Administration of Juniper SSL VPN, Web sense Web Security and Iron port.
Evaluated the capabilities of McAfee Network Access Control by constructing checks and benchmarks for McAfee products, WSUS servers, Internet Explorer proxies, and encryption status alerts.
Deployed VMs in Windows Azure for testing in SIT & QA environments.
Create VMs with SQL Server 2012 in Windows Azure for QA test requirement.
Setup AD Domains and Virtual Networks in Windows Azure test environment.
Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
Exposure to wildfire feature of Palo Alto.
Configure and install Aruba wireless controllers 7210 and access points.
Built alert & monitoring scripts for applications & servers using Python & Shell Script
Adding and removing checkpoint firewall policies based on the requirements of various project requirements.
Provide support for 2Tier and 3Tier firewall architecture, which includes various Checkpoint, Cisco ASA firewalls and Palo-Alto firewalls.
Configuration of Checkpoint R77.30 series firewalls and implementation for outbound traffic via blue coat proxy server.
Extensive implementation of firewall rules on Juniper SRX 3600, SRX 650 and SRX 220 on a daily basis, using SPACE as well as CLI when needed.
Worked with level-2 team on migration project of CMA's from one Provider-1 to other Provider-1.
Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/VPN-1.
Used McAfee ePolicy Orchestrator to monitor and identify potential intrusions and attacks for the Cyber Security Operations Center (CSOC).
Deployed a Syslog server to allow proactive network monitoring.
Implemented VLANS between different departments and connected them using trunk by keeping one VlAN under server mode and rest falling under client modes.
Built and support VRRP / Cluster based HA of Checkpoint firewalls.
Bluecoat Administration - Blocking/Unblocking URL's.
Worked on Checkpoint Platform including Provider Smart Domain Manager. Worked on configuring, managing and supporting Checkpoint Gateways.
Environment: VSTP, VRRP, SNMP, VLAN, WAP, UNIX, Linux, F5 Load Balancer, FTP, BPDU Guard, Wi-Fi, CSOC, WSUS, ASR9000 Devices, Check Point Firewall (GAIA R75.40/77.20), VPN, Palo Alto Firewalls, Juniper Firewalls.
Client: Emerson Electric Co Aug 2021 - May 2022
Location: San Jose, CA
Role: Network Engineer
Responsibilities:
Managed and developed network projects designed to strengthen network continuity and deploy security elements to meet and exceed contract requirements, including system analysis & troubleshooting.
Implemented Active-Passive cluster setup between two Juniper SRX’s and Active-Active pair on Juniper MX 960 Routers for high availability.
Created new redundant ethernet interfaces with enabling LACP and created new VLAN’s under each reth interfaces.
Configured Connectors along with Zscaler TAM and DAS team.
Good Knowledge on Checkpoint Firewall/Cisco ASA/Zscaler proxy/Fortinet
Support for Zscaler Web Security Service.
Replacing Checkpoint VPN and Bluecoat proxy with Zscaler and worked on implementing Zscaler in Production.
Configured the tunnels to Zscaler portal from the Cisco Meraki core Switches.
Used Zscaler to implement proxy solution. Liaison between security staff at web hosting company, monitored threats and traffic on Palo Alto NGFW.
deployed the Firepower Threat Defense (FTD) on both physical and virtual appliances using ASA hardware platforms (ASA 5500-X series) and Firepower 2100,4100 and 9300 platforms.
deployed the hardware as well as on virtual platforms using the FMC hardware models – 1000,2500,4500, Virtual platform- VMware, AWS, KVM.
Installation of Palo Alto (Web Application and URL filtering, Threat Prevention, Data Filtering) Experience in Configuration, Management, Deployment, Optimization and Troubleshooting Checkpoint VSX.
Implemented new eBGP relationship between Juniper QFX Spine switches and Firewalls for route advertisement.
Good understanding of AWS EC2 instances, VPCs, VPC Peerings, Direct Connect, VPN, Load balancing techniques in AWS.
Experience on working with migration with both Checkpoint and Palo Alto Next-Generation Firewall as well as virtualization of firewall, both VSX and VSYS Worked on security tools and software’s like Cisco WSA, Qualys, Splunk, Symantec Endpoint Protection, Bit9, HP Network Node Management
Utilized Restful API feature on nGeniusOne to update database automatically.
Setup resource groups, Vnets, NSGs, Vnet Peerings, Network Load Balancers in Azure Cloud.
Created Security groups and NACLs at EC2 instance and subnet levels respectively.
Setting up account/user permissions, group policies and Multi factor authentication for additional security in IAM on AWS console.
Responsible for handling Tier-3 service tickets generated by the helpdesk during its life cycle - troubleshooting, maintenance, upgrades, patches, fixes (On-call support).
Currently trying to implement Gateway Load Balancers (new service) in the existing architecture to eliminate the VPN tunnels between the firewalls in Transit VPC and TGWs.
Manipulated traffic inter VPC and Internet traffic using VPC route tables and transit gateways route tables.
Implemented and maintained Direct Connections between On Prem and AWS VPCs for the MPLS connectivity.
Implemented and maintained Client VPN endpoints for the access between On Premise and AWS VPCs.
Implemented NACLs for filtering traffic in VPC and Security Groups for filtering traffic at the instance levels.
Created and maintained Network Load Balancers for Layer 4 traffic and Application Load Balancers for the Layer 7 Traffic. Created multiple target groups using path-based routing on the ALB.
Created AWS resources using CloudFormation Templates Stacks.
Setting up IPSEC Site to Site VPN tunnels both with multiple vendors which includes route based and policy based on the Checkpoint Firewalls. VPN tunnels between the AWS Transit Gateway and the Checkpoints.
Configured and troubleshooting
Contact this candidate