Senior Network Security Engineer
AWCC
Total years of experience :9 years, 2 Months
PacketFence, Juniper, TrendMicro TP and Nessus for network security hardening and optimal operations.
• Planned, configured and optimized the network and security solutions for Business Applications such as Fortinet NGFW, TrendMicro Tipping Point IPS, F5 ASM (WAF), F5 LTM, and AWS ELB.
• Operated and designed the data center and network infrastructure technologies such as Cisco ACI, Nexus, VMWare NSX-T, Cisco routers, switches, Juniper EVPN, VXLAN, and F5 LTM.
• Configured the daily changes on Palo Alto NGFW and Juniper SRX firewalls in terms of advance security policies, NAT and Site-to-Site VPN.
• Build and optimize the F5 ASM policy for different application as well allowing legitimate traffic on ASM.
• Hosted new applications/services on F5 by configuring the Virtual System, Pools, SNAT, iRule, and profiles.
• Troubleshoot the users concern with help of captured logs on different solutions and getting the user traffic (packet capture) for issue analyzing and identifying the cause.
• Deployed and operated the ManageEngine Desktop central endpoint security solution for end-user security.
• Followed daily tasks and updated the tickets with progress on Jira IT service management software.
• Executed the implementation of remote access VPN requirements on PaloAlto GlobalProtect VPN solution.
• Prepared scripts for new deployments as well as for daily operation task via Python and Ansible.
• Used the Netmiko, Paramiko, Genie, NCClient, request, Regular Expression and other libraries on scripts.
• Prepared the variety of Ansible inventory file and playbooks and automated the creation/modification of security policies, device backup, Banner, user/password, and other tasks on different network devices including the Juniper XRS, MX, QFX, EX, Cisco devices, as well Dell MX7K switches and others.
• Deployed and maintained the business application on cloud environment by utilization of multiple AWS services such as EC2 instances, ELB, Route53, S3 buckets, security groups, NACL, and NAT.
• Maintained the user access as well as the billing records on AWS Cloud environment.
• Deployed the Juniper SDWAN solution called Juniper Mist, and integrated 50 plus branch networks for the intention of central management, easy monitoring, configuration automation, and operation efficiency.
• Designed and configured the Juniper Data Center solution, utilized the MPBGP, EVPN, VXLAN, and MC-LAG.
• Maintained the UBNT wireless network consist of controller, AP, M5 P2P devices, with PacketFence integration.
• Ensured that configurations are identical on all devices of both primary (DC) and standby (DR) data centers.
• Performed the troubleshooting and configuration of Routing Protocols and Switching technologies such EIGRP, OSPF, Static Routes, Redistribution, VLAN, Trunking, ARP, VACL, HSRP, VRRP, SPAN, etc.
• Implemented DMVPN & IPSec over Microwave, Fiber, and VSAT links to ensure redundancy and integrity.
• Deployed the Cisco ACS 5.3 (ISE) and integrated the AD, ASA, ISR, Catalyst SW, Nexus, WLAN, etc.
• Maintained the Palo Alto NGFW for the web traffic management of end-users.
• Integrated various nodes and services with SolarWinds SIEM and utilized for diagnoses and issue resolution.
• Utilized different tools for troubleshooting such as Wireshark, logs, debug, ipconfig, etc.
• Maintained the wireless network consist of UBNT Wireless LAN controller, UBNT Access Points, and M5.
• Provided support to resolve the network issues of remote networks distributed throughout the country.
• Configured the Cisco ASA 5525 Firewall for the hub and remote region networks using S2S IPSec VPN.
• Utilized different tools for network and security troubleshooting tools such as; Wireshark, Nmap, nslookup, TCPdump, debug, Splunk events, logs, ping, traceroute, and Cacti.
• Cooperated with Network, System, Avaya Telephony, and VSAT teams, while reported to NOC Manager.
• Executed the daily changes of PaloAlto firewall in terms of rules, objects, events, and CLI troubleshooting.
• Migrated the services from Cisco ASA firewalls to Checkpoint and Juniper SRX firewalls for remote offices.
• Configured and patched Windows, Linux, network, and virtualized systems to eliminating vulnerabilities.
• Optimized the network bandwidth and server loads by monitoring and eliminating unnecessary payloads.
• Operated the monitoring servers of SolarWinds, PRTG, Huawei U2000, and Cacti.
• Maintained the VPN connections with client networks using the Cisco ASA 5508-X firewall.
• Provided support to resolve the network issues of remote networks distributed throughout the country.
• Provisioned the network connectivity to the new services hosted by system team.
• Configured the Cisco Switches, Cisco Routers, and Cisco ASA Firewalls for the newly deployed sites.
• Ensured that the network devices configuration are backed up periodically, and maintained the record.
• Installed and maintained the wireless network devices including Access Points, and Point to Point antenna.
• Recorded the daily activity progress on ticketing system and reported to supervisor.
• Monitored the network equipment and services ensuring the optimal network performance.
Network Security Core Network Juniper Network Information System Security