• Senior member of Global Security team at Citigroup covering North America, Europe and Asia Pacific regions.
• Formulate firewall Security policy/Rulebase and manage firewall Security configuration as per the Business requirements and also perform Vulnerability Assessment for various businesses.
• Reviewed 1000+ Checkpoint firewall designs spanning 160+ countries as a subject matter expert in the Checkpoint domain in the last 5 years.
• Successfully designed and implemented End of life remediation projects for Checkpoint M2/M8 on SPLAT with Checkpoint 12200/12600 Gaia (Provider 1) and Juniper SRX firewalls with ZERO severity 1 or 2 outages.
• Interactions with the Security Architecture and Standards team in defining the standards and also reviewed the roll-out of new standards helping achieve optimization within Citi Technology Infrastructure.
• Manage a Team of over 25 Firewall Engineer and 200 Projects spread across the globe.
• Project Management and Running the huddle meetings for Global Security Build Team covering 200+ projects and over 25 Engineers.
• Audited the network/security infrastructure and mitigated security audit findings.
• Provided Level 3 troubleshooting support for new Firewall builds and EOL firewall replacements on Checkpoint, Juniper and Palo Alto
• Adhered to strict change control and change management policies to ensure compliance and best practices.
• Built new Sites for Citi that included reviewing the Bill of Materials, rack and stack, firewall initial installation, applying required configuration as per design, pushing policies and locking down the firewalls.
• Documented and updated technical diagrams, implementation/migration plans in a centralized database.
• Mentored new employees of the team and created best practices documents for their utilization.
• Coordinated activities with clients, business heads and operations personnel including the GCC (Global Command Center) and performed Change Management using ServiceNow.
- Senior Network Security Consultant at Citi Group
- Lead Network Engineer at Credit One
- Senior Network Engineer at Ingersoll
- Technology Specialist at Infosys Technologies
2 years, 5 months at this Job
• Plan and schedule to deploy a security product on more than 20,000 servers.
• Configuring and Implementing Security rules as per the business needs in Checkpoint R77 Gaia, R75.40, Provider-1/MDM/MDS, VSX, Palo Alto, Panorama, Cisco ASA and PIX firewalls.
• Work with business to find out what devices needs to be migrated and create new set of rules in appropriate environments.
• Working on day to day firewall management activities like looking into troubleshooting tickets and firewall rule change requests.
• Deleted unused Checkpoint policies, unused gateway objects, and unused VPN communities to clean up the Checkpoint firewall environment.
• Work on Checkpoint Platform including Provider Smart Domain Manager. Worked on configuring, managing and supporting Checkpoint Gateways.
• Checking firewall logs in checkpoint smart view tracker and doing packet capture in command line during troubleshooting via TCPDUMP, FW monitor and Zdebug drop commands.
• Experience configuring VPC, VDC and ISSU software upgrade in Nexus 7010.
• Extensive working knowledge in BGP, OSPF, EIGRP, RIP, IS-IS, HSRP, L2/3 VPNs in IOS, IOS XE, and IOS XR platforms.
• Advanced Knowledge in IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocol
• Configured Juniper MX480s, EX8200s, EX4500s, EX4200s, and SRX5800s from scratch to match design.
• Possess a good experience working with the Trouble Tickets on F5 Load balancers.
• Managing enterprise BGP setup by configuring and troubleshooting BGP related issues. Responsible for adding new BGP peers for remote branch offices and business partners.
• Involved in Configuring and implementing of Composite Network models consists of Cisco7600, 7200, 3800 series and ASR 9k, GSR 12K routers and Cisco 2950, 3500, 5000, 6500 Series switches.
• Configured networks using routing protocols such as OSPF, BGP and manipulated routing updates using route-map, distribute list and administrative distance for on-demand infrastructure.
• Working on the firewall rule optimization tool called Tufin to generate reports for usage reports along with Splunk for traffic analysis.
• Configured BIG IP (F5) Load balancers and also monitored the Packet Flow in the Load balancers.
• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
• Administration of ASA firewalls in the DMZ and FWSM in the Server Farm to provide security and controlled/restricted access.
- Network Security Consultant at Microsoft
- Network Security Consultant at CareFirst BCBS, Owing Mills
- Sr.Network Engineer at South Jersey Industries
- Network Engineer at Philips
3 years, 3 months at this Job
- Bachelors - Computer Science
Project: IOT Extranet (Internet of Things) The project involves around IOT, security, wireless and support of Labs for Cisco Internet of things as part of the Research and Development Group. Rapid prototyping labs including Cisco 829 Fog router, Cisco 2504, Wirelss Lan Controller, Access point, Cisco 5505 adaptive security appliance. Group is Responsible deploying the solution for Cisco Partners. Responsibilities of a Learning Research and Development Group Security appliances frequencies. Implemented the Wireless LAN Controller and Autonomus viz Light weight Access poitns. proxy authentication for network users. LTE router Cisco ASA Firewall, Cisco FWSM, McAfee NSM, Symantec E-mail Gateway, McAfee mail Gateway & Symantec End Point Protection. access points, IPS smart homes and factories. Essentials backup and disaster recovery procedures as well as system hardening requirements, access control management, system logging and auditing of network devices and security appliances Authentication (Intrushield, TippingPoint, etc), IPS (Snort), and firewalls (Forcepoint Stonegate, ASA, PIX, and Netscreen), Fortinet (FortiGate firewall, FortiManager, FortiAnalyzer) and CheckPoint Firewall (SPLAT, GAIA)
• Design, deployment, and support of labs for Cisco Internet of Things educational experiences as part
• Rapid prototyping of Cisco educational lab systems including Cisco 829 Fog Router, Cisco 2504
• Wireless LAN Controller, Cisco 1702 Lightweight Access Point, and Cisco 5505/5506 Adaptive
• Deploying the call manager and sip proxies. setting up the Tele-presence units Dx80
• Design and implement the campus network. Implemented the OSPF throughout the network.
• implemented ether-channel and HSRP implementation in campus network for load balancing and high availability
• worked on the Rspberry PI project. prototyping the wifi hacking with linux Kali using Raspberry Pi
• Design and deploying the wireless campus network. Tested the 5 GHZ and 2.5 GHZ wireless
• implemented Dynamic Mulipoint VPN and easy vpn for multiple sites.
• Impleted Cisco Miraki firewall MX 64, MX 65 W. Configured Dual ISP paths. impelmeneted the web
• Implemented Cisco switches 2960, 3560, 3750, Cisco Router 1841, 2811, 3845, ASR 1002X, cisco 899
• Hands on Experience on Palo Alto Next Generation Firewalls and Panorama central Management Server,
• Design, Deploy & support labs for IOX for smart sensors. Like adrinos, chestnut etc
• Working on Digitization labs, designed and deployed the multiple sites using 2901, 4321, wlc,
• Customizable signatures on IPS, WSE. adding Application Visibility and Control and Web Security
• Implement network security including building firewalls, managing host security, file permissions,
• Deploying and monitoring devices using Fog director
• enabling context-based controls and the ability to filter web content using source fire
• Install, set-up, configure, and maintain security appliances according to the overall objectives and policies of the organization.
• Complete deployment of Wireless part on CIsco IR 829 router. Creating SSID, Tweaking
• Enable web users and authenticate remotely to access IR 829 Access point.
• Proficient in researching traffic patterns to identify false-positives and/or malicious traffic within IDS
Project: IOT Extranet (Internet of Things)
The project involves around IOT, security, wireless and support of Labs for Cisco Internet of things as part of the Research and Development Group. Rapid prototyping labs including Cisco 829 Fog router, Cisco 2504, Wirelss
Lan Controller, Access point, Cisco 5505 adaptive security appliance. Group is Responsible deploying the solution for Cisco Partners.
of a Learning Research and Development Group
frequencies. Implemented the Wireless LAN Controller and Autonomus viz Light weight Access
proxy authentication for network users.
Cisco ASA Firewall, Cisco FWSM, McAfee NSM, Symantec E-mail Gateway, McAfee mail Gateway & Symantec End Point Protection.
access points, IPS smart homes and factories.
backup and disaster recovery procedures as well as system hardening requirements, access control
management, system logging and auditing of network devices and security appliances
(Intrushield, TippingPoint, etc), IPS (Snort), and firewalls (Forcepoint Stonegate, ASA, PIX, and Netscreen), Fortinet (FortiGate firewall, FortiManager, FortiAnalyzer) and CheckPoint Firewall
- Senior Network Security Consultant at Vitapoly / Cisco
- Senior Network Consultant at Friendly consultant Inc
- Senior Network Consultant at Tech Mahindra
- Senior Network Consultant at Tech Mahindra
2 years, 10 months at this Job
Contracted Network / Security Support ) Analyzed malware behavior, infected network patterns and infected packets and configured IDS to stop the threats. Implemented complete overhaul of network including dual OC48's, Juniper SRX and integrated existing customers with Thumbs Up Group's existing Cisco Routing and switching, by doing complex NAT. Enhanced corporate security by re-engineering the enterprise LAN / upgraded existing WAN links. Increased visibility (and accountability) of the LAN by successfully deploying Cisco ISE appliances (while migrating existing authentication systems (Radius/Tacacs+)). Analyzed approximately 10 classified network security intelligence reports, on a daily basis Stayed current on daily 0day threats by reviewing CVE's and exploits on packetstorm. Virtualized and expanded data-center presence by replacing outdated Core and Aggregation layer devices with Cisco Nexus 2k, Nexus 5500 series, and Nexus 7k switches as well as Cisco Advanced Security Appliance (ASA) 5585 devices. Established and maintained security baselines by coordinating weekly change management meetings. Added wireless redundancy and removed rogue access points by performing 802.11 site survey(s). Increased connectivity and the security of data to and from the primary customers by building 20+ IPSEC VPN tunnels to various clients, as well as to remote offices.
- Network Security Consultant at Thumbs Up Group
- Contracted Network Engineer at AT&T
- Contracted IT Network Engineer at ETV Software
- Network Specialist at New York State Division of Criminal Justice Services
5 years, 5 months at this Job
- BS - Computer Science
DTS offers a full range of security solutions to meet the specific needs of wireless and wired operators across GCC. I joined as resident Network Security Consultant at Emirates Integrated Telecommunications Company (Du) since April 2013, promoted to Technical Manager after successfully completing complex projects on time. My responsibilities included: * Managing technical team on delivery and training * Preparing technical network & security designs documents with various team * Migration planning, deployment and limited Operations * Integrate solution in network with minimum outage * WAN Threat assessment and remedy
- Network Security Consultant at Emirates Integrated Telecommunications Company
- Senior Network Security Consultant at Data Telecom Security - DTS Solutions
- Security Solution Engineer at Nokia Siemens Networks (NSN)
- Sr. Network Engineer at Almoayed Group W.L.L
6 years, 2 months at this Job
• Design, install, configuration of Checkpoint R80.10 firewall solution within the East Liberty Honda Auto Plant.
• Worked with other consultants and engineers with Honda in order to build a firewall security policy from scratch.
• Performed day-to-day log monitoring and reporting.
• Monitor firewall for any performance issues and make recommendations regarding future growth.
- Senior Network Security Consultant at Honda/Eplus
- Senior Network Security Consultant at BB&T Bank/Xoriant
- Security Analysis/Engineer at Exelon Corporation/TekSystems
- Senior Resident Engineer/Team Lead at HP/Avaya/Nortel Networks
3 months at this Job
- Information Technology degree
- Computer Science degree
• Implementing security policies as per the requirements on Checkpoint provider 1, Cisco ASA 5505/5510/5520, Checkpoint crossbeams, Palo Alto and Fortigate firewalls.
• Working with Cisco TAC on escalated issues. Conducting root cause analysis on major network security incidents.
• Coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring activities using the ArcSight ESM and Splunk platforms.
• Gathered security related data from ArcSight system to formulate report for clients.
• Hands-on with Cisco Security Manager and Cisco Event viewer for troubleshooting.
• Configured, troubleshoot, and upgraded Checkpoint Firewalls, which included network and/or resource access, software, or hardware problems.
• Worked on deploying/securing web server on Azure using Checkpoint CloudGuard.
• Opened, resolved, or updated Tier II Support tickets for various firewalls and provide regular status reports of tickets.
• Responsible for configuring and troubleshooting website/URL restrictions in the firewall.
• Designed & implemented Overlay Network Management Network to manage all our production devices with TACACS+ and Solar winds NPM.
• Palo Alto installation, rule changes PA-4000/PA-5000, templates, object creation, planning, configuration changes, OS upgrades.
• Setup monitoring ports and conducted packet capture with Wireshark for troubleshooting.
• Implementing, Troubleshooting CheckPoint GAIA R75.40, R77.20, R77.30 managing CheckPoint Firewalls using CheckPoint Management Server.
• FortiGate firewall administration, upgrades, backups, configuration, and diagnostics.
• FortiManager administration, operation and integration.
• Implemented the Policy Rules, DMZ and Multiple VDOM's for Multiple Clients of the State on the Fortigate Firewall.
• Implemented and migrated policies from Fortigate to Palo Alto using Palo Alto migration tool.
• Configured Palo Alto firewalls in Active/Active and Active/Passive modes.
• Designing and Implementation experience in building DMZ, and integration of firewalls with Gateway Anti-Virus and web Filtering applications from TrendMicro and Websense.
• Troubleshoot and Worked with Security issues related to Cisco ASA/PIX, Checkpoint, IDS/IPS and Juniper Netscreen firewalls.
• Juniper NSM and Juniper CLI for SSG and SRX, Juniper SSL-VPN, OS upgrades, CLI changes, scripting, troubleshooting, configurations, rule re-ordering and optimizations.
• Responsible for integrating all network and security devices with Algosec for cleanup and optimize firewall policy.
• Adhere to the change and release management process through Service Next tool.
• Aided in troubleshooting potential network issues in rolling out ISE.
• Deploy ISE technology in infrastructure to establish secure and authenticated network with profiling and certificate-based authentication.
• Adding/removing endpoints, GWLAN WLC, guest accounts, MAC whitelisting in ISE.
• Adding/removing devices from ISE in TACACS and creating authorization policy in ISE.
• Integrating active directory with Cisco ISE and certificate addition for guest services.
• Upgrading ISE nodes to latest version and clearing cache buildup using Cisco TAC support.
• Troubleshooting and resolving issues through splunk - log monitoring, search poling.
• Level 3 firewall Break-fix support - received and acted pages from Level 2 and corrected faults.
- Senior Network Security Consultant at Stamford Health
- Network Security Engineer at Delta Airlines
- Firewall Administrator at Spica Computers LLC
- Network Engineer at Paychex Inc
1 year, 8 months at this Job
- MS in Computer Science - Security
- BE in Computer Science - Relevant
Africa, Australia, Canada, Europe, Americas)
• Drive strategic partnerships engagements on cybersecurity and network transformation to executive management, train customers on emerging technologies, research and simplify complex design challenges, build road-maps on improving equipment and governance issues.
• Lead architectural design or advance services projects for several big industry or firms including but not limited to: Aerospace, (1 of the Big-4) Deloitte Consulting, World Wide Technology, Catholic Health Initiatives, Global Telecommunication Providers, Nuclear Power Plants - CIP, Agriculture-Smart Ag, Tech Innovators, etc.
• Lead Pre and Post Sales engagements and provide several key deliverables such as HLD, LLD, As-built, Test Plan Procedures, Executive Summary, Research Lab Testing, Day-1 support, Upgrades/Migrations, AWS Hybrid Cloud Designs, Job interviews, Training, Statement of work creation/revision/review, site analysis, purchase analysis, site remediation, etc.
• Technical P.S projects key highlights includes but not limited to: ◦ Virtualization/SDN: VMware NSX 6.2 Design/Deploy, vCenter 6.0, AWS Advance Network w/ Hybrid Cloud Direct Connect & IPSEC, XMPP and Cloudvision. NSX Micro-segmentation DFW and Palo-Alto VM, VXLAN, zScaler, Cloudflare, Cisco Umbrella or Akamai DNS Security ◦ Data Center: Cisco ACI and Nexus 9000, Nexus 7-5-2K, OTV, Arista Networks 7150/EOS-VM Spine/Leaf with ZTP, DNS/DHCP/IPAM, LB's (F5 BigIP LTM, Netscaler, ELB, BlueCoat & Barracuda Proxy), Yang, NetConf, YAML, Python, JSON, Linux Bash/Script ◦ Firewalls: Cisco ASA5555, FirePower ASA5585-X, Cisco FTD/FMC/StealthWatch, FortiGate 6.x SD-WAN/FortiDDoS/FortiOS/FortiAP/FortiVoice/FortiSwitch, Palo Alto 5050/VM100 with VMware NSX, Checkpoint 5100, zScaler Cloud Firewall, Meraki Firewall ◦ Security: Base installs and implementations on FortiNAC, Meraki Mobile Device Management and Cisco ISE using 802.1x (Authentication, Authorization and Secure Group Tagging), NGIPSv, WSA, FireAMP, Cisco Cloud Security DLP, FlexVPN, GetVPN, AnyConnect IPSEC and SSL VPN, Certificate-based VPN, Zone Base Firewall w/ Viptela ◦ Route/Switch: Cisco iWAN w/ WAAS, MPLS, L2VPN, L3VPN, DMVPN Phase 3 w/ pre-share and PKI certificates, Cisco Viptella Administration, APIC-EM 1.6, SilverPeak, VMware NSX 6.2 ESG/DLR/Cross V-Center, Greenfield/Brownfield/Sandbox designs, Cisco ASR9K and Cisco CRS/16 on "IOS-XR", 7609/Catalyst 65xx/6880-x's VSS/9300, ISR, 3800 on IOS, Viptella SD-WAN, Meraki ◦ Tools: Cisco Prime & ISE Administration, ASDM, ACS, LiveAction, APIC-EM 1.6, DynaTrace DC-RUM, Solarwinds, Splunk, PANOS, InfoBlox, FortiManager, FortiAnalyzer, Riverbed SteelCentral Controller, Postman Rest Client, NSX Central CLI, Python with Paramiko,
- Global Network Security Consultant (Work from home) at Asia-Pac
- Network Architect/Consultant - CIP Power Grid at IBM Global Technology Services
- Senior Network and Security Engineer at World Fuel Services, Inc
- Network expert at Citrix Systems, Inc
1 year, 11 months at this Job
- B.S of Science in Information Technology - Information Technology
- B.S of Science in IT Security - IT Security
- High School Diploma
proprietary gaming apps
• Designed, configured, and hardened highly available network for a gaming cafe
• Perform penetration testing for server and client application security
• Install and configure cloud based network monitoring. Train staff on troubleshooting methods.
• Technology used: Windows 7 and 10, VirtualBox, Kali Linux, Metasploit, AWS, Ubiquiti UNMS,
proprietary gaming apps
- Network Security Consultant at ELLPROP
- Technology Director at CAML ACADEMY
- Computer Science Program Director at STAR INTERNATIONAL EDUCATION
4 months at this Job
- BS in Computer Science - databases
- - Biology and Chemistry
- - General Studies
I work with the SOC, Cyber Security and Managed Security Services (MSS) teams to evaluate, test and bring into production a full spectrum of solutions to combat security threats worldwide. I am responsible for the strategic day to
day build, configuration, management, and maintenance of various virtual and physical NAC appliances and firewall
technologies including Palo Alto, Fortigate and Barracuda. I have experience in both AWS and Azure cloud platforms
with a focus on networking and security build and MAC through console or code deployment. I assist the SOC and MSS with both their network connectivity and monitoring through several
managed security services including Nessus, trend, and Zenos. I am responsible for assisting in troubleshooting existing
client cloud networks as well as assisting in the engineering of cloud architectures for new clients.
● Successfully support clients including Nuclear Regulatory Commission, EPA, Veterans Affairs, Army, Navy, FCC, FDIC, USAID, DOD, DIA and many other governmental and military agencies.
● Assisted with architectural design and engineering of over a dozen cloud environments within AWS & Azure Government and Commercial.
● Configure and install firewalls, routers, switches, and NAC appliances while considering optimal hardening, monitoring, and maintenance of those devices.
● Develop, review, implement, and test firewall/ACL rules and NAC policies.
● Validate ACLs/firewall rule set and NAC policy effectiveness, and optimize configurations to improve security posture and/or performance.
● Understanding of layered based fire-walling
● Configuring NAT, ACLs, S-to-S, P-to-S VPNs, AnyConnect configurations and Remote Access VPNs, SSL Certs, service policies, HA Pair
● Troubleshooting by packet flow and packet capture diagnostics
● Firewall zone, policy, application, service, port, interface, IP and rules-based management.
● Current Public Trust, Secret and Top Secret clearances.
- Senior Network Security Consultant at CGI Federal
- Owner Manager at Webb Communications LLC
- Customer Support/TechNet Supervisor/ Data & Telephony Project Manager at Cameron Communications
- Voice and Data Systems Manager at Hovensa
3 years, 5 months at this Job
- BS - Computer Science