Uploaded File
add photo
Nisheel
Nisheelrao7@gmail.com
516-467-6790
Jacksonville, FL 32205
Sr. Network Security Engineer
12 years experience W2
1
Recommendation
Average rating
133
Profile views
Summary

  • 7 + years of Networking experience of Migration, Installation, Administration, Planning, Implementation of various computer networks with Cisco Routers & Switches, Checkpoint Security Gateways, Cisco Firewalls as well as F5 devices.
  • Experience of routing protocols like EIGRP, OSPF, RIP, and BGP.
  • Worked on Cisco 7200, 3800, 3600, 2800, 2600, 1800 series Router and Cisco 2900, 3500, 4500, 5500, 6500 series switch.
  • Extensive hands-on experience with complex routed LAN and WAN networks, routers and switches.
  • Hands-on experience with Ether Channel, Spanning Tree, Trunking, ACLs, Syslog.
  • Hands-on configuration and experience in setting up Cisco routers to perform functions at the Access, Distribution, and Core layers.
  • Experience in the setup of Access-Lists, and RIP, EIGRP, and tunnel installations.
  • planning procedures to ease VoIP and Video Processing implementations and/or upgrades
  • Configured syslogs and traps on Windows, Cisco and Juniper devices to provide proactive health information to Solarwinds collection server.
  • Proficiency in configuration of VLAN setup on various Cisco Routers and Switches.
  • Experienced in trouble-shooting both connectivity issues and hardware problems on Cisco based networks.
  • Highly qualified and extensively trained IT professional with Hands-on experience.
  • Good Knowledge on Software development.
  • Software Development experience with Java, c++.
  • Experience in implementing and supporting Forward/Reverse Web Proxy using Bluecoat.
  • Experience in implementing and support of IDS/IPS from Checkpoint, Cisco, Sourcefire.
  • Build and support B2B VPN tunnels with Business Partners and troubleshoot ISAKMP and IPsec phase
  • Experience with Cisco ASA VPN Platform covering high end devices including ASA Firewalls including ASA 5585X, ASA 5580, 5540, 5520.
  • Experience working with Cisco Nexus Switches as well as Catalyst Switches and IOS Routers.
  • Experience in NAT and Secure NAT (SNAT) configuration on the LTM
  • Experience with 802.11x wireless technology
  • Experience in configuring Virtual Local Area Network (VLAN), spanning tree protocol (STP), VLAN Trunking Protocol (VTP), Dynamic Trunking Protocol (DTP), Per VLAN spanning Tree (PVST) and 802.1x authentication in access layer switches.
  • Experienced in troubleshooting both connectivity issues and hardware problems with Cisco based networks.
  • Worked on the OSI model, TCP/IP, UDP, IP addresses and Sub netting.
  • Strong knowledge in HSRP, VRRP redundancy Protocols.
  • Configuration and Implementation of Cisco Firewall PIX/ASA
  • Handled Load Balancing using F5 Networks.
  • Experience in Network Management Tools and sniffers like SNMP, HP-Open view, Wireshark and Cisco
  • Excellent leadership with good written and oral communication.
  • Great team player and able to work under pressure 24x7 duty rotation.

Experience
Sr. Network Security Engineer
Information Technology
Jan 2015 - Oct 2016
  • Installation, configuration and support of Checkpoint Security Gateways and Cisco ASA Firewalls.
  • Optimize firewall policies by grouping objects and re using existing object groups etc.
  • Firewall Policy provisioning and work with firewall requests submitted by users through change system
  • Day-to-day work involves Firewall policy provisioning on the Checkpoint Gateways in perimeter and internal / extranet zones configured in Provider – 1 environment.
  • Work in a Provider-1 / MDS environment with multiple CMA’s and Multiple Access Policies
  • Manage global objects, global Policies shared amongst gateways spread across CMA’s
  • Tweaking policies to optimize application traffic and applying bypass rules as applicable for non-optimized traffic
  • ITIL based support structure including Incident, Change and Problem Management.
  • Developed and implemented Solarwinds NPM and NCM for organizations' national network.
  • Checkpoint firewalls Administration and Support using Smart Center servers
  • Use Customer Management Add-On (CMA) to edit and push security policies applicable to specific zone, gateway etc.
  • Implementing, Supporting and Troubleshooting Procter & Gamble Cisco VOIP, Video Processing multisite​ infrastructure all over the world
  • Work with VoIP and Video Processing deployment team to ensure the product and features integrate seamlessly with the network design
  • Configure Persistence Profile for session sticky based on Source and cookie
  • NAT and Secure NAT (SNAT) configuration on the LTM
  • Advanced NAT including identity NAT, Static, Policy and Global implementation on Checkpoint firewalls
  • Backup and Recovery of security gateway configurations as well as firewall policy.
  • Configuring and troubleshooting Smart center HA as well as backup of firewall policies and database versions
  • Configure Cluster XL on Checkpoint security gateway. Verify state/connection table sync between gateways. Configure and support Cluster based HA of Checkpoint firewalls.
  • Configure and support IDS/IPS on Cisco IDSM-2 Modules as well as AIP-SSM Modules on ASA Firewalls.
  • Actively Responsible for ASA 8.x, 9.x and Cisco FWSM 3.x upgrades and network refresh projects and Troubleshooting, IOS Security Configurations, IPSEC VPN Implementation and Troubleshooting, DMZ/ASZ Implementation and Troubleshooting.
  • Configure IPS in both inline mode and Promiscuous mode
  • Software Development experience with Java, c++.
  • Maintain, update and tune IPS signatures through Cisco Security Manager
  • Use CSM for IPS management, deployment, and event correlation
  • Create and test initial Cisco IPS configurations for new devices/services
  • Tweaking Events/Alerts and false positives. Optimizing IPS Sensor performance
  • Configuring, monitoring and troubleshooting Anomaly Detection Service on IPS
  • Configuring and tuning IPS blade on Checkpoint firewall
  • Bluecoat Proxy SG devices remote administration using Bluecoat Director
  • Configuration of Proxy SG Visual Policy Manager and Content Filtering Services
  • Administering policies for both HTTP and HTTPS traffic. URL categorizing and administration of user access based on Active Directory groups.
  • Identify Firewall Ports required for application using CSM as well as CLI logging feature as well as use Packet Tracer to verity Access Policy, NAT and Routing
  • Work with Users to troubleshoot the connectivity issues at Level 3
  • Support routing protocols including BGP and OSPF routing, HSRP, load balancing/failover configurations, GRE Tunnel Configurations, VRF configuration and support on the routers.
  • Documentation and participate in meeting with clients and business partners to understand the requirements.

Environment: Cisco Routers, Cisco Switches, Checkpoint, BGP, OSPF, RIP, STP, Packet Tracer, HSRP, Bluecoat Proxy, ASA Firewalls, Access Points, Solar winds, ACLs, Cisco IPS, GRE Tunneling, VoIP, Firewalls, Load Balancers, DMZ, SNMP, VPN, VLAN, SNAT, C++.

Cisco Cisco ASA Security Engineer Network Design Network Security Switches Routers BGP OSPF HSRP Blue Coat Firewall ACSLS IPS VoIP VPN Load Balancing SNMP VLAN C++ Gateways SolarWinds MS Active Directory IDS IPsec NAT Provisioning Cisco Security Agent Project Management Java Database Backups Database Design Database Upgrades HA ITIL VRF
Remove Skill
References
Average Rating

1 recommendation
Network and Security Engineer
Information Technology
May 2014 - Dec 2014

Responsibilities:

  • Responsible for managing and supporting Network and Security at the Data center.
  • Level 3 support for Firewall and Network security related events
  • Firewall policy provisioning on the Checkpoint Gateways as well as Juniper and Cisco ASA Firewalls.
  • Troubleshooting Connectivity issues through Check Point Command line as well as smart utilities.
  • Worked with Juniper Screen OS firewall devices on a daily basis which includes NetScreen-500, NetScreen-5400, SSG520M and SSG550M and Jun OS firewalls like Juniper, ARUBA, SRX 650 .
  • Creating policies, address/service objects and groups, create NSRP clusters, both active/passive and active/active Configuring static and dynamic routing on Juniper Firewalls.
  • Regularly used NSM to manage firewalls, create rule bases, address and service objects build VPN's with VPN Manager, RMA/import or reactivate devices, create NSRP cluster and import cluster members.
  • Troubleshooting the new connections on Juniper, Aruba Firewalls to assure connectivity is properly established using get tech and other get commands as needed, debugs, snoop, and external packet captures.
  • Worked in a Provider-1 / MDS environment with multiple CMA's and Multiple Access Policies
  • Tweaking policies to optimize application traffic and applying bypass rules as applicable for non-optimized traffic use objects groups and shared policies.
  • Installation Configuration and Troubleshooting of Checkpoint Security Gateways in the network.
  • Configure Check Point High Availability using Cluster XL, VRRP as well as Smart Center HA.
  • Perform Advanced NAT including identity NAT, Static, Policy and Global implementation on Checkpoint Security Gateways as per the requirement between various zones
  • Upgrade Checkpoint Security Gateways as well as Backup and Recovery of security gateway configurations and firewall policy
  • Build and configure Checkpoint Security Gateways from ground up and ship it to remote office locations.
  • Using CLI for troubleshooting and OS Upgrades (Zero Down Time Upgrades)
  • Worked on multiple softwares tools like Orion Solarwinds, Riverbed Cascade Analyzer, Cisco CSM, and Intermapper
  • Configure stateful Failover of firewalls (Active/Active & Active/Standby) for high availability
  • Troubleshooting of traffic using Packet Capture and analyze using Wire shark
  • Simulate traffic through firewall using Packet Tracer and validate it against NAT, Routing and ACL.
  • Use Policy based framework for application inspection configuration.
  • Deployed Syslog servers to allow proactive network monitoring.
  • Software Development Experience.
  • Configuring Perimeter firewall and support Site-to-Site VPN tunnels.
  • Configured Client VPN technologies including Cisco's VPN client via IPSEC.
  • Configured Firewall logging, DMZ, ASZ and related security policies and monitoring.
  • Develop network solutions that are practical, cost-effective, and ensure proper security standards
  • Use Advanced NAT on the firewall for Policy based traffic including identity NAT, Policy Static etc.
  • Layer 2 Administration including creating of VLANs and Spanning tree tuning for the network and routing between VLANs. Work with Dynamic Routing Protocols including EIGRP, RIP, OSPF and BGP.
  • Using Service Now for ITIL Based Service Management. (Incidents, Problem and Change Management)
  • Maintaining and updating the Documentation on SharePoint Portal including updating of diagrams using MS Visio.

Environment: Cisco, Juniper Routers & Switches, EIGRP, RIP, OSPF, BGP, IPsec, VLAN, DMZ, ASZ, Checkpoint, VPN, SNMP, Juniper Firewalls, NetScreen, Junos OS, ASA Firewalls, NAT, Solarwinds, Wire shark, Java, Aruba.

Security Engineer Network Monitoring Network Security Cisco Cisco ASA Juniper Routers Switches EIGRP OSPF BGP IPsec VLAN Data Center VPN SNMP Firewall Junose NAT SolarWinds Wireshark Java Provisioning Virtual Router Redundancy Protocol Project Management Database Backups Database Upgrades MS SharePoint ITIL
Remove Skill
Network Engineer
Information Technology
Apr 2013 - Apr 2014
Responsibilities:
• Configuration and administration of Cisco and juniper Routers and Switches.
• Leveraged two Fabric Nexus 2232 Extenders and two 2248 Fabric Extenders, making them 'Dual-homed' to both N5Ks and implementing Enhanced Virtual Port-Channel (EvPC. )
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, and BGP v4. Configured IP access filter policies.
• Configuration 7609, 7606 with OSPF and catalyst 6505, 4500, 3550 switches with various VLAN
• Configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 7000.
• As a Part of break fix replaced and configured installed F5 load balancers models like 8950, 8800. Was Part of F5 LTM migration team.
• Administration and diagnostics of LAN and WAN with in-depth knowledge of TCP/IP, NAT, PPP, ISDN and associates network protocols and services.
• Configuring site to site to VPN connectivity.
• Assisted the team in VOIP network management and troubleshoot.
• Upgrading Cisco IOS to the Cisco routers and switches.
• Worked on Data, VOIP, Security as well as wireless installations and technologies.
• Configuring IP SLA monitor to track the different IP route when disaster occurs.
• Configuring RIP, OSPF and Static routing on Juniper Routers.
• Configuration and troubleshooting of Cisco catalyst 6509,7613 with supervisor cards
• Installing and configuring F5 Load balancers and firewalls with LAN/WAN configuration.
• Configuring and monitoring users by using TACACS+ Server
• Involved in installation and configuration of Cisco 3500 and 6500 series switches and Nexus Platforms
• Experience working with Juniper EX-Series Ethernet Switches
• Experience with Checkpoint Firewall policy provisioning
• Experience configuring and deployment of ERX310
• Experience with Installation on PIM modules on J-Series routers
• Experience with Firewall Administration, Rule Analysis, Rule Modification
• Troubleshoot traffic passing managed firewalls via logs and packet captures
• Monitored and managed network resources using HP Open view by implementing policies and creating custom events. Environment: 6500/3750/3550/3500/2950 switches, Juniper (M320, T640), Cisco 7200/3845/3600/2800 routers, VoIP, SNMP, TACACS, EIGRP, RIP, OSPF, BGP, VPN, MPLS, Ether Channels.
Network Engineer Network Protocols Routers Switches Cisco Firewall Juniper TCP/IP VPN VoIP NAT VLAN BGP EIGRP LAN MPLS OSPF WAN
Remove Skill
Network Engineer
Information Technology
Oct 2012 - Apr 2013
Responsibilities:
• Installation, Configuration and support of Checkpoint Security Gateways and Cisco ASA Firewalls
• Firewall Policy provisioning and Administration support of Checkpoint Security Gateways and Cisco ASA and Juniper firewalls.
• Work on day-to-day firewall change requests (use HP Service Manager ticketing system).
• Understand the user requirements and convert them into firewall change requests, schedule them for provisioning during approved change window.
• Support access list, NAT and routing on firewalls. Work with users to identify firewall ports required and provision them through the change management system.
• Troubleshooting end user connectivity issues through the firewalls and network.
• Configure and test Active/Standby Failover on Checkpoint Security Gateways, Cisco PIX and ASA Firewalls.
• Perform IOS upgrades during scheduled maintenance window.
• VLAN design and implementation, Spanning Tree Implementation and support using PVST, R-PVST. Trunking and port channels creation.
• IPsec VPN Implementation and Troubleshooting between various 3rd parties and remote locations. These tunnels were built on Checkpoint Security Gateways
• Day to day to changes on the 3rd party infrastructure involving Checkpoint Security Gateways VPN appliances
• Key functions include Configuring and maintaining services, Access control lists, System Access, Authentication, and Authorization (AAA), Key Security tools installed, Auditing and reporting by Log reviews.
• Monitor the firewall security logs for the critical alerts or intrusions and fix the security holes in the network.
• Primarily responsible for proactive, incident and problem management.
• Layer 2 and Layer 3 support using Cisco 3600/2600/2500 routers and 4500/3500/2900 Switches
• Built IPsec based Site-to-Site VPN tunnels between various client locations.
• Debugging abilities at lower levels of OSI layer (Switching, Network and Transport Layer).
• Ether Channel, LACP configuration and troubleshooting.
• Troubleshooting Active Directory, DNS, and DHCP related issues.
• BGP implementation with testing of Failovers at various layers of network on regular basis.
• Run Compliance reports for audit and go through the firewall remediation procedures.
• Schedule and participate in weekly meetings with various teams involved in the project to discuss the bottlenecks if any and contribute to design a solution framework. Maintain Configuration, Documentation (VISIO's) and Records Management Environment: Cisco Routers, Cisco Switches, Checkpoint, Cisco PIX, ASA Firewalls, Juniper Firewalls, VPN, PVST, R-PVST, VLAN, IPsec, MS Visio, Ether Channel, LACP, DNS, DHCP, AAA, STP.
Cisco Cisco ASA DNS Firewall Gateways Juniper Network Engineer Routers Switches VLAN VPN BGP DHCP NAT MS Active Directory IPsec Database Design Database Upgrades
Remove Skill
Network Engineer
Information Technology
May 2010 - Sep 2012
Responsibilities:
• Worked on Cisco Layer 2 switches (spanning tree, VLAN).
• WAN Infrastructure running OSPF & BGP as core routing protocol.
• Support various Routers like 2600/3600/7200 series routers.
• Tested authentication in OSPF and BGP.
• Configured and troubleshoot OSPF and EIGRP.
• Troubleshooting IOS related bugs based on past history and appropriate release notes.
• Work on different connection medium like Fiber and Copper Connectivity.
• In-depth expertise in the implementation of analysis, optimization, troubleshooting and documentation of LAN/WAN networking systems.
• Planning and configuring the routing protocols such as OSPF, RIP, and Static Routing on the routers.
• Performed and technically documented various test results on the lab tests conducted.
• Planning and configuring the entire IP addressing plan for the clients' network.
• Assist the certification team and perform configuration of LAN\WAN technologies such as Ethernet, Fast Ethernet, and Gigabit Ethernet.
• In-depth expertise in the implementation of analysis, optimization, troubleshooting and documentation of LAN/WAN networking systems.
• WAN Infrastructure running OSPF as a core routing protocol.
• Follow process & procedures for change & configuration management.
• Supported nationwide LAN infrastructure consisting of Cisco 4510 and catalyst 6513.
• Deployed the switches in high availability configuration with HSRP.
• Support various Series of Cisco Routers like 7200/7600 series.
• Support Complex 6500 /5500 Series Switches.
• Network Monitoring using tools like Cisco Works 2000.
• Created Lab demonstrations for new technology deployments with loaner equipment from various vendors and presented the findings to upper management. Environment: Routers 2600, 3600, 7200, Switches 6500, 5500, RIP, EIGRP, OSPF, HSRP, LAN/WAN, Ethernet, STP, VLAN, VPN.
BGP Cisco EIGRP LAN Network Engineer Network Monitoring OSPF Routers Switches VLAN WAN Fiber Optics HSRP
Remove Skill
Jr. Network Engineer
Information Technology
Jun 2009 - Apr 2010
Responsibilities:
• Designed and implemented remote dial up solution for clients
• Installed and configured workstations for IP based LAN's
• Installed and configured DHCP Client/Server
• Configured and managed networks using L3 protocols like RIPv2,
• Configured VLANs, Private VLANs, VTP and Trunking on switches.
• Configured L2 and L3 security features on devices
• broad Hands on Experience in Inter-V LAN routing, redistribution, access-lists and dynamic NAT
• Efficient in cabling as per co-location contracts with loop-back testing, including all DS1, DS3, T1, T3, CAT 6 and CAT 5 connections as per defined cabling procedures Environment: Cisco Routers & Switches, VLAN, VPN, DHCP, Trunking, RIPv2, Inter-VLAN, NAT, CAT5, 6, L2, L3 security.
Cisco LAN NAT Network Engineer Routers Switches VLAN VPN DHCP Database Design
Remove Skill
Edit Skills
Non-cloudteam Skill
Education
Electronics and Communication Engineer
JNTU
Certifications
Cisco Certified Network Associate CCNA
Checkpoint Certified Security Administrator CCSA
Provider-1 with multiple CMA
Skills
BGP
2016
6
Cisco
2016
6
Routers
2016
6
Switches
2016
6
VLAN
2016
6
OSPF
2016
5
LAN
2014
4
NAT
2016
4
Network Engineer
2014
4
VPN
2016
4
Database Design
2016
3
EIGRP
2014
3
Firewall
2016
3
HSRP
2016
3
WAN
2014
3
Cisco ASA
2016
2
Database Upgrades
2016
2
DHCP
2013
2
Fiber Optics
2012
2
Gateways
2016
2
IPsec
2016
2
Juniper
2014
2
MS Active Directory
2016
2
Network Monitoring
2014
2
Network Security
2016
2
Security Engineer
2016
2
SNMP
2016
2
SolarWinds
2016
2
VoIP
2016
2
ACSLS
2016
1
Blue Coat
2016
1
C++
2016
1
Cisco Security Agent
2016
1
Database Backups
2016
1
HA
2016
1
IDS
2016
1
IPS
2016
1
ITIL
2016
1
Java
2016
1
Load Balancing
2016
1
MPLS
2014
1
Network Design
2016
1
Network Protocols
2014
1
Project Management
2016
1
Provisioning
2016
1
TCP/IP
2014
1
VRF
2016
1
Cisco FirePOWER
0
1
Data Center
2014
1
DNS
2013
1
Junose
2014
1
MS SharePoint
2014
1
Virtual Router Redundancy Protocol
2014
1
Windows
0
1
Wireshark
2014
1