Karthikeyan

karthiksubramaniam797@gmail.com

773-455-4279

Chicago, IL

Chicago, IL 60602

Principal Network Security Engineer

22 years experience

Recommendations

Average rating

180

Profile views

Summary

Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA) and Certified in Risk and Information Systems Control (CRISC) with over 17 years of experience.
Detailed knowledge of security controls, technologies and best practices.
Broad experience in design and deployment of security solutions protecting networks and information systems for diverse companies and organizations.
Very Passionate Sr Network Security Engineer having worked in projects that include Data Center refresh, Campus Redevelopment, Firewall and F5 Installations, with 17 years of experience in routing, switching, Network Security-Next-Gen Firewalls, Load Balancers, Wireless and VOIP systems design, administration and troubleshooting. Excellent communication skills with the ability to interface at all levels. A proactive team player who also can work independently.
Experience working in large-scale environments on L1/L2 troubleshooting, Network Design, IDF and MDF architecture, Datacenter Architecture, Spine Leaf Architecture and support roles, IOS upgrades, downtime procedures, Migration projects to different vendor equipment.
Experience working in complex environments which includes Layer 2 Switching, L3 routing, Network security with perimeter and VPN firewalls, Load balancing and Access policies management in F5 and Wireless LAN Controllers.
Experience in installing, configuring, and maintaining Cisco Switches (2960, 3500, 3750, 3850, 4500, and 6500) in enterprise Environment and Nexus 2k, 3k, 5k, 7k and 9k in Data Center Environment.
Expertise in installing, configuring and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 series).
Experience in various public cloud networking and firewalls
PaloAlto Firewalls in AWS and Azure. Configuring Security Groups, ACL, VPV/VNets on public cloud platforms.
Experience in VSS, VRF, VPC, and VDC technologies. Experience working on Gateway redundant protocols HSRP, VRRP, and GLBP. Experience with Access, Distribution and Core Layer Architecture and Spine Leaf Architecture in Datacenter.
Expertise in installing, configuring, and troubleshooting of Cisco Routers (3800, 3600, 2800, 2600, 1800, 1700, 800, ASR 9k) and Juniper Routers (E, J, M, and T-series).
Experience and high-level technical knowledge in OSPF, EIGRP, RIP and BGP routing protocols. L1/L2 troubleshooting skills in Routing in complex environments. Worked with MPLS over BGP. Worked on upgrading Edge routers, failing over ISP circuits for maintenance. Knowledge in EVPN, VXLAN, VTEPS. Experience with Cisco ACI.
Configured F5 LTM, series 5000 series for the corporate applications and high availability. Implemented LTM and GTM in DMZ and Internal network. Worked on software versions up to 12.1.2. Experience with upgrading software and hotfix. Experience with APM and ASM modules.
Worked on APM module with integration with RADIUS server and RSA secure ID for applications that require 2-factor authentications.
Proficient in using SolarWinds Network Management tools like Network Performance Monitor (NPM), NetFlow Traffic Analyzer, Network Configuration Manager (NCM) and Cisco Prime.
Proficient using the F5 based profiles, monitors, VIP's, pools, SNAT, SSL offload, iRules, virtual Servers, IAPPS. Migration experience from ACE to F5.
Experience with manipulating various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
Extensive Knowledge of the implementation of Cisco ASA 5500 series
5505, 5510, 5512-X with Firepower module. Palo Alto firewall policies, panorama and Checkpoint firewalls NG, NGX. Experience with convert Checkpoint VPN rules over to the Cisco ASA solution.
Experience with Bluecoat and McAfee Web Gateway Proxies. For URL filtering and SSL Decryption, traffic flows from trust to untrusty and vice versa.
Experience with PA 200, 500, 3020 and VM series firewalls for both Internet and internal traffic filtering. Experience with Panorama M100 series and maintaining up to 23 firewalls in large networks.
Experience working with Aruba and Cisco Wireless LAN controllers, Configuring and Provisioning AP's, Virtual AP's, RTLS, Wireless SSID's, remote and campus AP's, upgrading WLC, worked in Active/Active local Controllers and Master controller. (Aruba 6000, 7200 controller, Aruba AP65, 70, 124, 85, 125) system.
Worked on SolarWinds NPM, NCM, IPAM, Windows DHCP and DNS. Infoblox as DHCP and DNS server.
Experience working with Avaya and Cisco VOIP environments with assigning VOICE VLANS, troubleshooting call quality and basic level proficiency in QoS. Worked on DSCP code markings for VOIP traffic.
Involved in troubleshooting network traffic and its diagnosis using tools like ping, trace route, Gigaton, Wireshark, TCP dump and Linux operating system servers. Implementing, maintaining and Troubleshooting & implementation of VLAN, STP, MSTP, RSTP, PVST, 802.1Q, DTP, HSRP, VRRP, GLBP, LACP, PAGP, AAA, TACACS, RADIUS, MD5, VTP & SVI.
Enhanced level of knowledge with, PPP, ATM, T1 /T3 Frame-Relay, MPLS. Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, and MPLS QOS.
Experience with H.323 and SIP, Voice VLANS, DSCP marking for VOIP traffic.
Hands on experience with Juniper SRX series firewalls 500 series.
Experience with NAT/PAT, static and dynamic NAT, access lists, security zones, policies on SRX firewalls.
Experience with next gen firewall technology like URL Filtering, SSL Forward Proxy, APP ID, Threat ID etc. on Palo Alto and checkpoint firewalls.
Experience with creating virtual servers and application load balancing, upgrading software versions, redirect rules on NetScaler and experience migrating from NetScaler's to F5.

Experience

Education

Electrical and Electronics Engineering

Bharathiar University 2004

Role: Senior Network Security Engineer

State farm, Bloomington

Certifications

Certified Information Systems Security Professional CISSP

Certified Information Systems Auditor CISA

Certified in Risk

Certified Information Systems Security Professional (CISSP# 426097)

Certified Information Systems Auditor (CISA# 15125427)

Certified in Risk and Information Systems Control (CRISC# 1722045)

ITIL v3 Foundation

Cisco Certified Network Associate Security

Cisco Certified Network Associate

PaloAlto Networks Accredited Configuration Engineer

Skills

Network Security

2018

Firewall

2018

Risk Analysis

2014

UNIX

2014

Cisco

2022

Compliance

2018

IPsec

2018

Endpoint Security

2014

Juniper

2014

Provisioning

2014

VPN

2018

Vulnerability Assessments

2014

Vulnerability Managment

2014

Load Balancing

2022

Network Infrastructure

2018

Cisco ASA

2018

Cisco Security Agent

2018

Data Center

2018

Infrastructure Security

2018

Security Engineer

2018

Routers

2007

Disaster Recovery

2007

MPLS

2007

Network Engineer

2007

Switches

2007

BGP

2005

FTP

2007

LAN

2007

OSPF

2005

Audit

2014

Patch Management

2014

Solaris

2014

ASP

2018

Checkpoint Firewall-1

2018

Process Improvement

2018

SSL

2018

Technical Support

2018

ISDN (Integrated Services Digital Network)

2007

Avaya

Banking

2005

Blue Coat

CA Technologies

Cabling

2005

CISA

DHCP

2007

DS1 DS3

2007

EMS

Gateways

2005

HP OpenView

2005

ITIL

iWeb

JCE

Linux

Microsoft OS Server

2007

Network Management

Novell Intranetware

2007

PRIME

Proxy Server

2007

Python

Risk Management

Scripting

System Design

Systems Integration

Troubleshooting

VSS

Windows

Winstall

2007

Wireless

Wireshark

ACL

AWS

CISSP

Database Upgrades

EIGRP

HSRP

MS Azure

Network Design

Public Cloud

Shipping

SolarWinds

VoIP

VRF

Languages

English, Fluent/Bilingual