Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
asingh51091@gmail.com
917-251-1842
OBJECTIVE
Seeking a network security engineer position with a well-established company that will allow me to utilize my skills and
abilities to maximize the company's output and foster continuous learning.
PROFESSIONAL SUMMARY
Page 1 of 8
Experience in Deployed Check Point Provider-1 NGX and configured CMAs
Knowledge on Juniper SRX240, SRX220, and SRX550 series firewalls
Expertise in installing, configuring, and maintaining Cisco Switches (2900, 3500, 3700 series, 6500 series), Alcatel
Omniswitch 6k series, Omnistack 3k, 4k series and Aruba 3k, 6k series.
Expertise in installing, configuring, and troubleshooting of Cisco Routers (3800, 3600, 2800, 2600, 1800, 1700, 800)
Knowledge on Nexus 7000, Nexus 5000 and Nexus 2000 switches
PROFESSIONAL EXPERIENCE
Monitored and maintained client Firewall, intrusion detection systems and VPN systems including (Check Point
FW-1 / VPN-1 / Cisco PIX / Secure VPN / Secure IDS).
Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN
experience.
Administer the Optimization of Network Access Control System tools, specifically ForeScout CounterACT 7.0.0 and
Enterprise Management.
Perform maintenance upgrades, troubleshooting steps, and documentation on all aspects of the current and
future Cisco, Checkpoint, ForeScout, and NetOptics based network environments.
Execute continuous assessment of network health and security, to include remediation, using appropriate
software tools - SolarWinds and ForeScout NAC.
Provide advanced support for but not limited to CheckPoint Firewalls, IDS, ForeScout CounterACT 7.0, and VPN or
any future security technology.
Participated in the SOX testing of the General Computer Controls.
Executed regulatory reporting program compliance to ensure the adequacy of the financial and IT control
environment in conformity with PCAOB AS-5 and with conformity with SOX 302 AND 404 and enterprise COSO and
ICFR compliance.
Experience as a Network Security Administrator specializing Network security, Firewalls and provided support for a
Cisco VOIP Multi-cluster environment.
Experience in the setup of Access-Lists, and RIP, EIGRP, and tunnel installations and diagnosed and troubleshoot
daily VoIP and network issues.
Proficiency in configuration of VLAN setup on various Cisco Routers and Switches and also configured Cisco VOIP
sets; 7975, 7940, 7941, 7960, 7937/8831 polycom and 8841 SIP Devices.
Unpacked, racked, cabled, and installed hardware in data centers across the company campus, ensured initial
connectivity to devices such as network, server, cyber security, and Cisco VOIP systems.
Extensive experience with SIEM and log management products: LogMatrix, Juniper Networks, Nitro Security,
Novell, RSA enVision, ArcSight, Cisco, LogLogic, Symantec SIM, RSA Archer Symantec, LogRhythm, Alert Logic
Updated the IT applications for risk assessment mapping and ITGC control framework to comply with CoBit 5
standards.
Page 2 of 8
Design and deployment of corporate wide best practices, due diligence preparation for year one SOX 404
compliance and SEC filing of new registrant. Audits on various ERP systems.
Perform SOX IT and Internal Controls over Regulatory Reporting IT audits.
Reviewed Highmark's information technology infrastructure for compliance with PCI, COBIT, HIPAA, NIST, and ISO.
First line testing of applications implementation of internal and SOX controls in multiple control domains -
Foundation (BIA, CIA, TVA) IAM, Security Monitoring, Platform Security, IT resilience, Change Management and
record retention.
Implementing targeted controls for regulatory topic such as GDPR (cookie tracking, targeted marketing and big
data) and PCI-DSS.
Developed and reviewed information security controls based on ISO 270002 as part of a project to realign the IS
policy framework with industry standards.
Designed information security control procedures base on ISO 270002, NIST and PCI DSS in order to provide
Review of Policy Flow in both ForeScout and Checkpoint for upcoming Data Center WAN Migration requirements.
Implemented automatic email notification of the monthly statements for the customers using Java Mail
Anchored team formation and worked with technical on SDN/NFV, ONOS and Network Monitoring tools
SOX Risk Analysis Consultant ITGC, PCI, CoBIT 5 Risk and Remediation
Managed and matured information technology risk management processes, programs and strategies. Aligned
information technology activities with COBIT, NIST, PCI, and SOX, and FAA regulatory requirements and internal
governing enterprise risk management policies.
Configure DHCP, HSRP, VRRP, VLANs, VTP, DHCP Snooping, Portfast, BPDU Guard, Root Guard, NTP, STP.
Create econnect rules for the internal network using bluecoat proxy
Configuring VPN, clustering and ISP redundancy in Checkpoint firewall
Migrations included and not limited to Cisco to Cisco and Cisco to Checkpoint and Checkpoint to Checkpoint
Hands on experience on different Cisco VC units like SX 80, MX-700, SX10, SX20, SX20Netc
Implementation of Cisco voice and video infrastructure, Telepresence video
Bluecoat Configuration modification for updates to rule sets .
Expert in F5 Networks configuration of devices such as LTMs, GTMs, Load Balancers, DNS/DHCP services.
Worked on F5 BIG-IP LTM 8900, Citrix NetScaler Configured profiles.
Worked on implementation of the basic F5 ASM, F5 Fire pass and VE, F5 APM.
Complete Devices installations, maintenance and perform regular upgrades and patch work on F5 load balancer
devices.
Designed and developed web UI screens using Angular-JS, Bootstrap, HTML, CSS and JavaScript
Configuring and troubleshooting F5 BIGIP LTM load balancing and implementing, Creating irules, Virtual servers,
Pools, Nodes with health, Profiles, SNAT, SSL, NAT, Traffic Policies and QoS.
Creating Virtual Servers, Nodes, Pools, Iapps and Irules on BIG-IP F5 in LTM module.
Configured High availability and implemented it on F5 Load balancer.
Hands on experience in SDN/NFV/ACI virtualization, Cloud technologies Orchestrators; OpenStack, Mirantis
VMware, Open day light(ODL).
Hands on experience in SDN/NFV virtualization, Cloud technologies Orchestrators; OpenStack, Mirantis VMware,
Floodlight, ONOS and open day light(ODL).
Page 3 of 8
Translate these configuration commands into a YANG model or potentially a vendor-specific model which allows a
Software Defined Network (SDN) like architecture.
Working in Nuage SDN (VSD/VSC/VRS/VCIN ) VMware-center-V-spher, VRO, VRA.
Bluecoat Troubleshoot for Root Cause Analysis to ensure limited downtime
Advanced knowledge in Linux and Unix Operating Systems, web security devices or proxy - Cisco WSA/CWS and
Bluecoat, understanding of global security policies
Working on Bluecoat proxy server, Tipping Point Intrusion Protection System management.
Implemented complete CISCO Voice Infrastructure Migration
Worked with web security gateway like bluecoat proxySG for content filtering, authentication and ICAP relay.
Create and consume RESTful API calls with AngularJS as a front end and Java as a back end using Apache karaf as a
microservice container for the OSGi framework
Implement Bluecoat policy after testing it on Lab environment.
Responsible for fiber optic and Cat5/Cat6 network installation and testing
Manually Installed McAfee NDLP Prevent 10.x ISO.file and configured in McAfee ePO server
Provided expertise with incident response, security event monitoring, vulnerability management, asset security
compliance and Data Loss Prevention utilizing McAfee Nitro (SIEM), McAfee ePO, McAfee DLP
Experience with Designing, Implementing and Troubleshooting Cisco Routers and Switches using
Managed McAfee EPO A/V environment using EPO console to pull reports to validate security protection
compliance via DAT file updates, and take appropriate action to correct issues found within the ePO environment
Support Bluecoat proxy migration to new platform for all Business and Datacenters in environment
Configure and maintain Bluecoat ASG500 gateways for all HTTP and HTTPS traffic traversing the PBGC network.
Effectively update the Visual Policy manager (VPM) as per required access by the client. Periodically upgrade
the bluecoat devices to desired feature set OS level as required.
Configuring Bluecoat Proxy and Cisco WSA for Web access, Web authentication and content filtering.
Black listing and White listing of web URL on Bluecoat Proxy servers.
Hands on experience on all software blades of checkpoint firewall
Configuring, maintaining and troubleshooting IPS and IPS-1 in Checkpoint
Experience testing Cisco & Juniper routers and switches in laboratory scenarios and then deploy
Migration experience with both Check Point and Cisco ASA VPN.
Proficient in design, implementation, management and troubleshooting of Check Point firewalls, Cisco PIX,
NetScreen Firewalls, Check Point Provider-1 / VSX, Nokia VPN, Palo Alto IDS, Foundry / F5 Load Balancers, and Blue
Coat PacketShaper systems.
Implementation & trouble shooting of vlans, high availability solutions like hsrp, ether channels, SSL vpns, access
control lists, NAT, PAT, routing solutions etc
Maintaining Corporate Firewalls by analysis of firewall logs and implementation of security firewall policies for
the migration of Datacenter
Configuring VPN, clustering and ISP redundancy in Checkpoint firewall
Implementation, configuration and support of Checkpoint and ASA firewalls for multiple clients
Experience working with migration from 6500 series devices to 4500 Series switches in Campus deployments at
Core, Distribution and Access Layers.
Developed the Java daily batch jobs in new Concurrent threading framework, Java collection APIs.
Page 4 of 8
Built and support VRRP / Cluster based HA of Checkpoint firewalls
Migration of servers from one datacenter to another, providing switch connections to the new servers, updating
Check Point Firewall rules for the new servers, A10 to F5 load balancers Migration
Worked on Layer2 switching technology implementation, operations included L2 and L3 switching and related
functionality. This also includes VLANs, STP, VTP, RSTP, PVST+, HSRP, VPC, VDC, OTV.
Moderate knowledge in configuring and troubleshooting Cisco Wireless Networks: LWAPP, WLC, WCS, Standalone
APs, Roaming, Wireless Security Basics, IEEE 802.11 a/b/g, RF spectrum characteristics.
Designed and deployed new Cisco catalyst 6513 and 6509 with dual Supervisor Engine 720 at both Distro and
Core layer.
Vlan design and implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to
avoid loops in the network. Trunking and port channels creation.
Good knowledge in ACL, NAT/ PAT, Ether Channel, IP Sec and VPNs. Experience in Troubleshooting for connectivity
and hardware problems on Cisco Networks.
Troubleshooting the VPN tunnels by analyzing the debug logs and packet captures.
Configuring failover for redundancy purposes for the security devices. Implemented the stateful& serial failover
for PIX/ASA firewalls, Check Point Clustering and load balancing features.
Periodical update of software on security devices depends upon the bugs fixed with the new software releases.
Converted Cisco ASA VPN rules over to the Palo Alto solution
Experience with converting Check Point VPN rules over to the Cisco ASA solution. Migration experience with Cisco
ASA VPN.
Backup and restore of Check Point and Cisco ASA Firewall policies.
Monitoring Traffic and Connections in Check Point and ASA Firewall.
Manage project task to migrate from Cisco ASA Firewalls to Check Point Firewalls.
Responsible for implementing and troubleshooting various Networking Devices such as Routers, Cisco Switch,
Cisco Firewall.
Responsible to provide network connectivity as and when new location comes in to the network.
Worked extensively in configuring, monitoring and troubleshooting Cisco's ASA 5500/PIX security appliance,
failover DMZ zoning & configuring VLANs/routing/NATing with the Firewalls as per the design.
Worked extensively in Configuring, Monitoring and Troubleshooting security appliance, Failover DMZ zoning & configuring
VLANs/routing/NATing with the firewalls as per the design
Worked on multi-vendor platform with checkpoint, Fortinet and Cisco firewalls requesting net flow for security
compliance, coding, and pushing firewall rules after approval and troubleshoot incidents as required
Experience with converting checkpoint VPN rules over to the Cisco ASA solution Migration with Cisco ASA VPN
experience .
DNS, DHCP, VRRP, HSRP, VLANs, and InterVLAN routing.
Worked on the Logging issues of the F5 load balancer and the process of the workflow with the syslog servers
making sure the communications through the switches and routers.
Page 5 of 8
Performed design, deploy, refresh and change control for Cisco ASA firewalls, routers and switches, F5 Networks
LTM and GTM load balancing.
Worked on three different SDN controller; Floodlight, ONOS and OpendayLight
Extensive knowledge in configuring F5 Big-IP LTM-3900, and 6900 Load balancers, as well as worked on the
implementation of iRules.
Have expert level of experience on F5 related stage and test device tickets for creating, upgrading and
modification on the virtual servers, pool members and custom related health monitors to satisfy client and
application team.
Developed rich UI using technologies like Google Web Toolkit(GWT) with AJAX, Action Script, Flash, JavaScript,
HTML, CSS, Struts Tile Framework.
Worked on an ONOS project controller.
Design and Architecture of F5 LTM, GTM, APM, ASM and application delivery network.
Configured F5 Big IPs with VIPs, Pool, IRules and SSL certificates to ensure traffic was load balanced.
Determining the functionality with the DNS naming conventions and migrations from old load balancing
environments to the F5 environment.
Perform Checkpoint and PIX firewall/IDS design, integration and implementation for Cyber Trap client networks .
Built Cloud infrastructure utilizing virtualization, SDN, NFV, Orchestration, Contrail, VMware, KVM, OpenStack
(Mirantis) and OpenFlow in multiple production-like lab environments.
Familiar with bluecoat ProxySG S200, S400.
Implementing of Secure Communications (IPSEC VPN), Branch to Branch VPNs, Third-Party remote access VPNs
(VPN Clients) using Cisco ASA 5500 series, Juniper SRX, Checkpoint Firewalls and Palo Alto Firewalls.
Perform QA Checks on block point builds of SPLAT and GAiA Checkpoint Firewalls running on HP Proliant Servers
Worked on the migration to new Checkpoint R7x firewalls from Cisco ASA firewalls.
Responsible for installation, troubleshooting of firewalls (Imperva Web app Firewalls, Checkpointfirewalls) and
related software, and LAN/WAN protocols.
Using SmartUpdate, User Management and Authentication in Checkpoint Firewall
Support and troubleshoot Cisco and Bluecoat proxy environments
Configured and installed Bluecoat Proxy SGs to a newly designed network scheme, from an inline perspective to a
WCCP load balanced network layout.
Experience in implementing Next Generation Firewalls (NGFW) such as Bluecoat Proxy such as Palo Alto networks
NGFW for URL filtering
Monitoring Traffic and Connections in Checkpoint and ASA Firewall
Maintained, configured, and installed Cisco and Juniper routers and switches: 7500/catalyst
6500/RV320/2960/catalyst 3550/12410, 12816, 1204 series, Nexus 7k and 5k, WLC, and ASA 5540
Upgradation configuration changes, implement the Firewall Rules, configure the NAT, implement the new VPN,
troubleshooting and handling the incident on number of vendor's Firewalls (ASA, Checkpoint) and other security
products.
Regular upgrade and maintenance of Infrastructure, Installing, configuring, and maintaining Cisco Switches (2900,
3500, 7600, 3700 series, 6500 series) Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800) Cisco
Router and Switches, Juniper Routers and Firewalls, Nexus 7k, 5k & 2k, f5 BIG IP, Palo Alto
Firewalls, Bluecoat Proxy and Riverbed Steelhead appliances
Configuration and maintenance security devices Checkpoint R77 Gaia, and Palo Alto.
Page 6 of 8
Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
Cisco ASA Firewalls, Palo Alto Networks Firewalls.
Installed and tested Cisco router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS
switching for stable VPNs.
Demonstrate deep expertise in technical and security process design, and ONOS project controller.
Performing scheduled backups and storage of Checkpoint management servers and firewall
Administering and installing Checkpoint Firewall rules and policies.
Configuration of Checkpoint Firewall as Standard and Distribution deployment to have the network secure and
also maintaining Site to Site VPN Connection through the Firewalls.
Leading onboarding calls with customers to address all technical consideration like Network related questions,
who are interested to following cloud service providers such as Microsoft Azure, Amazon Web Services, Cisco
WebEx, Sales Force, Box, Blue Jeans and addressing all technical networking questions.
Worked with converting Cisco ASA solution over to the Checkpoint VPN rules. Migration with both Checkpoint and
Cisco ASA VPN experience.
Hands on experience in installing and configuring Cisco and Juniper MX series routers.
Support Cisco 7000, 6509s, 3750, 3550, Juniper SRX 1400, M10i, MX-80, Alcatel SR 7750 ESS 7450 routers
Implement and support WAN / LAN services including IPsec VPN /SSL VPN Hub Spoke topology additionally
supporting OC12 circuits. Currently implementing a Cisco Single Cloud DMVPN Utilize Cisco Nexus 7000 routers for
core layer 3 services in a heterogeneous networking environment.
Configure policy-based and route-based firewall solutions on Juniper SRX1400, SSG5, Cisco ASA 5525
Datacenter Architecture design using VMWARE vSphere 5; 6 etc., Cisco UCS Servers;
Cisco HyperFlex, Nexus switches etc., EMC VNX etc.
Handled converting Checkpoint VPN rules to Cisco ASA solution.
End to End Integration automation with CISCO ACI SDN solutions.
Good understanding of Cisco DNA Automation.
Datacenter L4l& deployment using Cisco ASA/ASAv, VPX, SDX etc
Network management support for Cisco products
Working with Datacenter products such as vmware vSphere, vmware SRM, Cisco
UCS Manager, Cisco Nexus, EMC VNX, Recoverpoint etc.
Utilize troubleshooting tools to monitor, evaluate and optimize network performance. These tools include
Interface Ports Mirrors, RSPAN, IXIA ANUE NTO's, Wireshark, Gigastor, and INEOQUEST packet analyzers
Maintain firewall including manage multiple SSG5s, and Juniper SRX 110 CE firewalls
Troubleshoot issues related to Latency and MPLS advertisement.
Providing support to create Virtual Private Cloud (VPCs) and gateways in AWS console.
Maintain extensive Visio 2012 documentation that supports network operation including network diagrams, IP
addressing schematics, vendor agreements, network device and hardware backup configuration
Troubleshooting and communication with different team to resolve customers NetBond issues such as latency,
route missing, ExpressRoute mismatch.
Providing on-call 24*7 supports.
Page 7 of 8
Role: System Administration
Application Deployment and Support to E Biz Support Operations. To maintain a world class eBusiness & Application
Development, QA and support Infrastructure through robust processes, Open Standards, Best of the Breed software,
utilities and tools with the intention of providing a common end-user experience across the GECF eBusiness infrastructure.
24*7*365 eBusiness Operations Support for all eBusiness related issues.
Application Infrastructure support to Project Teams deploying on eBusiness platform.
Application performance testing, analysis/metrics management
Application deployment /build across multiple environments
Single Sign On (SSO) deployment/support across multiple environments Maintain digitized change control, escalation,
and user ticketing tools
Subject Matter Expert in network security, Cloud computing security and SDN security applications. Recognized as one
of the top security leaders at Cisco.
Assist with Functional Specifications development. Assist with Technical Specification development. Review / Approve
Application Infrastructure Architecture (3 hrs per Week)
Problem Resolution. Reports directly to the Project Manger Collections Technology GECF America. Contributing in
charting, building and sustaining the project team (4 hrs per week)
Be the escalation point for process related issues. Plan, schedule and conduct process monitoring. Provide technical
expertise on Siteminder, LDAP and WebLogic servers. (5 hrs per week)
Design / troubleshoot / support of windows 2000, Windows 2003/NT, Linux based systems. Application support for
Intel based Architectures. (5 hrs per week)
Implementing and configuring network services like DNS, DHCP, WINS and RAS for Network operations and remote
connectivity. Administered the users and groups using the Windows 2000 native tools (5hrs per week)
Customized system policies for user’s environment. Implementing Backup policies and restoring the data. ISP
Installation and Creating Web Sites. Configuring IIS 6.0 (6 hrs per week).
Replicating and Clustering in IIS 6.0. Fault Tolerance and Load Balancing.
Performance and stress Testing. Installation of operating system on INTEL machines.
Disk space partitioning as per the system and application requirement (4 hrs per week)
Setting up EEPROM PARAMETERS (BOOT PROM parameters). Installation and verify of systems packages. Installation
and verification of system patch’s. (5 hrs per week).
Managing and addition of new users using command line or using GUI Admin tool- Managing password policies
through the /etc shadow file. Monitoring the system access using command who, finger or last. (3 hrs per week)
Additional responsibilities taken fixing the Motherboard, Hardware for Dell Latitude D600/D610’s Laptops and
Application Troubleshooting for the escalated Issues.
Experience working with Cisco IOS, IOS-XR, NXOS for configuration & troubleshooting of routing protocols: MP-BGP,
OSPF, LDP, EIGRP, RIP, BGP v4, MPLS.
Hands-on experience with handling with daily RTB tickets and troubleshooting.
Used Cisco IOS to configure simple routed or switched LAN and WAN networks.
Implementation configuration and troubleshooting of Check Point Firewall R77.
Designed and configured testing changes/additions to the encryption infrastructure.
Ensured 24x7 uptime of encryption services.
Configured Junos OS on M20, M120, J series and MX series devices.
Page 8 of 8