Home

Dipak - Cyber Security

[email protected]

Location: Dallas, Texas, USA

Relocation: Open

Visa:

Dipak Vishwanath Gund Ph #: (234) 219-2017 ------------------------------------------------------------------------------------------------------------------------------- EXPERIENCE SUMMARY CCNA, & CCNP Security Certified IT Professional with 10+ years of experience in Network Security, network protocols, network Security firewalls, F5 Load balancer. Excellent experience in network planning, implementing, configuring, troubleshooting, and testing of networking system. Proficient in configuring and maintaining IPSEC and SSL VPNs on Palo Alto Firewalls and Checkpoint. SRX Firewall, Experience with Cisco Meraki wireless managed network infrastructure. Hand on experience in Network support to layer 2 switching, layer3 routing, firewall configuration and troubleshooting. Experience in working with L2 level Firewall implementation & Troubleshooting support for almost 300+ Multivendor Firewall include, Palo Alto, Juniper SRX, Checkpoint and VMware NSX, Cisco ASA Distributed Firewall. Advanced knowledge in design, installation & configuration of Palo Alto and Checkpoint Provide Environment. Skilled in configuring and maintaining IPSEC and SSL VPNs on Palo Alto Firewalls and Checkpoint Firewall. Experience working on network topologies and configurations, TCP/IP, UDP, Frame Relay, ATM, bridges, routers, hubs, and switches. Worked extensively on Palo Alto, Juniper Net screen and SRX Firewalls, & F5. Technical skills network equipment s and routing protocols: Hands on experience with Palo Alto, Checkpoint, SRX, and FMC, FTD, ASA firewalls. Hands on experience with F5 load balancers LTM/GTM and Citrix NetScaler. Good understanding and hands on experience with Cisco Switches and Routers. Good understanding and hands on working knowledge on OSPF, BGP, EIGRP. Good understanding Switching VTP, STP, VLAN, Tanking, HSRP, VRRP, GLBP. Good understanding of TCP/IP, DNS, DHCP, HTTP, HTTPS, VoIP, PPOE, ACLs, NAT. Good understanding and hands on working knowledge with LAN protocols and WLAN. Good understanding Cisco Switches and router, Alcatel-Lucent, Juniper Router, Ericson. Good understanding of DNS concepts and working experience with Infoblox. Good understanding of monitoring tools like NetScout, Netcool, SolarWinds, Good understanding E1, T1, STM, VCG, DS3, ATM. Fast, gig Ethernet, MRTG, CACTI, Good understanding of Site-to-Site VPN, IPSEC VPN, SSL, Certificates, IPS/IDS, Proxy. CERTIFICATION/TRAINING CCNA security (CSCO12969778) CCNP - Security Core (CSCO12969778) Palo alto (ACE) Exam - PAN-OS 8.1 Version Palo Alto (PCNSE)- PANW00100613 Check Point (CCSA) training completed. 100-200 F5 balancer LTM/GTM training completed. PROFESSIONAL EXPERIENCE Company: Netsync Network Solutions, Full Time Date: 07/2023 Current Title: Cyber Security L2+ Engineer. Configured Palo Alto firewalls, access policies, Application & URL filtering, Security Profiles, Global Protect VPN, Data filtering and file blocking. Responsible for policy configuration, static route, tcpduemp, fw-monitor, NAT (static, manual, hide), Cluster-XL Configuration (HA, Load-sharing), Anti-spoofing configuration. Site-to-site VPN. Checkpoint R76, R77.30 & R80.1 Configured FMC, FTD, Cisco ASA firewalls, Administered and maintained FortiGate firewall policies, VPN configurations, and security protocols. Implemented security measures to safeguard the network infrastructure from unauthorized access and potential cyber threats. Conducted risk assessments and recommended improvements to enhance overall network security posture. Collaborated with vendors and participated in the evaluation and selection of security tools and technologies. Led the design and implementation of Cisco Firepower Threat Defense (FTD) solutions for network security enhancement. Configured and managed Firepower Management Center (FMC) to provide centralized security policy management and monitoring. Conducted regular security assessments and implemented necessary adjustments to optimize threat detection and prevention. Created antivirus profiles and anti-spyware profiles. Added threat signature exception in the security profiles to ensure no downtime to users. Configured BGP on primary and Secondary ISP on Palo Alto. Updated Global protection VPN to new version and modified the portal to include access routes in the split tunnel configuration. Converted all firewall policies to use APP-ID. Updated hardware and software, performed regular data back-ups, and developed new processes which decreased the network downtime by 15%. Worked with different carriers, Ethernet switches and optical transport devices. Configured and troubleshot Cisco routers with BGP, OSPF, EIRGP and static routes. Proactively participated in weekly team meetings with managers, trained and coordinated IT interns, ensuring that all policies and procedures were followed. Responsible for engineering and configuring virtual server, pools, I-Rules, profiles, persistence and monitor on F5 LTM to match the configuration the application had on net scalar. Successfully migrated. Experience working on certificate management tools like Venafi, Imperva, to manage certificates on servers, F5 LTM. Company: Dallas College, TX Date: 09/2022 - 05/2023 Title: Network Support Assistant (Part Time in College Campus) Responsibilities Monitored, analyzed, and improved the company's network infrastructure, managed databases, and fixed any bugs and errors. Designed, implemented, and managed cloud-based network infrastructures on AWS, ensuring high availability, fault tolerance, and security for mission-critical applications. Collaborated with cross-functional teams to architect and deploy multi-tier applications on cloud platforms, optimizing performance and scalability while reducing costs. Implemented and maintained network security measures, including firewalls, IDS/IPS, VPNs, and SSL/TLS encryption, to safeguard data and mitigate potential threats. Conducted regular network performance assessments and capacity planning to proactively identify and resolve bottlenecks and optimize resource utilization. Updated hardware and software, performed regular data back-ups, and developed new processes which decreased the network downtime by 15%. Worked with different carriers, Ethernet switches and optical transport devices. Configured and troubleshot Cisco routers with BGP, OSPF, EIRGP and static routes. Proactively participated in weekly team meetings with managers, trained and coordinated IT interns, ensuring that all policies and procedures were followed. Company: Vodafone Shared Services, India Date: 07/2016 - 07/2023 Title: Firewall security implementation (From Sep 2021 to July 2023 on Sabbatical Leave.) Responsibilities Worked L2 level Firewall implementation & Troubleshooting support for almost 300+ Multivendor Firewall include, Palo Alto, Juniper SRX, Checkpoint and VMware NSX, Cisco ASA Distributed Firewall. Primary task to Firewall Rule, Static route, NAT implementation and redistribution of static routes into OSPF and BGP if required as per service design team. Provided on-call support for P1 and P2 incidents, we join troubleshooting call for non-working network problem related to Firewalls. Provided support for P1 with dedicated Cisco end-to-end network team till final resolution. Designed and implemented virtual environments for customers using Microsoft Hyper-V, Server 2012R2 and Windows Azure - server modernization. Implemented and supported new and existing customers on Microsoft Azure Active directory infrastructure and Microsoft IaaS, and PaaS. Checkpoint Firewall: Responsible for policy configuration, static route, tcpduemp, fw-monitor, NAT (static, manual, hide), Cluster-XL Configuration (HA, Load-sharing), Anti-spoofing configuration. Site-to-site VPN. Checkpoint R76, R77.30 & R80.1 Palo Alto: Responsible for policy configuration, static route, packet filtering, Anti-spoofing configuration. Site-to-site VPN, wildfire report checks. Dynamic block id, App id, Content id, User Id Global protection. Palo alto. Responsible for configuration, installation, and maintenance of Palo Alto, Checkpoint firewalls. Configured SSH proxy to prevent SSH tunneling. Implemented SSL forward proxy decryption profile to prevent malware being introduced into network. Troubleshot ACL-related issues, conducted packet analysis, and provided timely resolution to network incidents. Actively participated in network upgrades and expansions, integrating ACL policies into new network devices and ensuring seamless migration. Assisted in the development of network security best practices and documentation, contributing to the organization's security posture and knowledge base. Implemented Palo Alto Best practices such as Zone protection, Flood protection, Packet based protection. Extensive experience with the Palo Alto Panorama management console. Packet analysis with Wireshark. Configured Palo Alto firewalls, access policies, Application & URL filtering, Security Profiles, Global Protect VPN, Data filtering and file blocking. Responsible for policy configuration, static route, tcpduemp, fw-monitor, NAT (static, manual, hide), Cluster-XL Configuration (HA, Load-sharing), Anti-spoofing configuration. Site-to-site VPN. Checkpoint R76, R77.30 & R80.1 Created antivirus profiles and anti-spyware profiles. Added threat signature exception in the security profiles to ensure no downtime to users. Configured BGP on primary and Secondary ISP on Palo Alto. Converted all firewall policies to use APP-ID. Updated Global protection VPN to new version and modified the portal to include access routes in the split tunnel configuration. Juniper SRX Firewall- Configured Security zone, policy, NAT (source, Destination, Static & Overlapping NAT) global address-book, global address-set, interface configuration, host-inbound services, and protocol, OSPF and Static route configuration, Screen configuration & Routing-instances, HA Cluster configuration. SRX110, SRX240, SRX3600, SRX4600, SRX 5800 Responsible for engineering and configuring virtual server, pools, I-Rules, profiles, persistence and monitor on F5 LTM to match the configuration the application had on net scalar. Successfully migrated from BIG-IP 3600 to vCMP 5200v. Experience working on certificate management tools like Venafi, Imperva, to manage certificates on servers, F5 LTM. Worked on IPSEC tunnel troubleshooting and upgraded all tunnels to ikev2 version on both Palo alto and azure VM. Configured device, network, policy, and object related configurations on new Palo Alto. Enabled user-ID feature while creating policies based on users and groups rather than IP addresses. Configured BGP peering and BGP attributes such as AS Path, next hop, local preference, and med value. configured and tested active and backup ISP. Company: Burgeon IT LTD. Date: 01/2015 - 06/2016 Client: Infosys Ltd Pune Title: Network Security Engineer Responsibilities Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall. Executed changes on various Firewalls proxies and scripts over entire network infrastructure using Service Now ticketing tool. Experience with Cisco Meraki wireless managed network infrastructure. Troubleshot the VPN tunnels by analyzing the debug logs and packet captures. Advanced knowledge in design, installation & configuration of Palo Alto and Checkpoint Provide Environment. Configured and maintained IPSEC and SSL VPNs on Palo Alto Firewalls and Checkpoint. Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewalls. Integrated Panaroma with Palo Alto firewalls, for managing multiple Palo Alto firewalls with single tool. Configured SNMP on Palo Alto firewalls 3060, 5060, 7050 for receiving incident alerts and notification and wrote SSL decryption policies for decryption of traffic to provide Anti-virus, Malware protection. Configured policies, objects and applying NAT & Web Filtering on firewalls like Checkpoint, Palo Alto. Troubleshot protocol-based policies on Palo Alto firewalls and changing the policies as per the requirement and as per traffic flow. Used Smart Update, User Management and Authentication in Checkpoint Firewall. Active/Standby and Active/Active HA configuration on Cisco ASA Firewalls. Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 5000 and 2000. Extensive Knowledge in configuring and troubleshooting as well as creating Virtual Servers, Nodes, Pools, and I Rules on BIG-IP F5 load balancer LTM for load balancing and traffic management in DC environment. Tests security measures to reduce and mitigate risk. Actively probes the network for new threats and risks. Configured failover for redundancy purposes for the security devices. Implemented the stateful & serial failover for PIX/ASA firewalls, Clustering, and load balancing features. Performed network engineering, design, planning LTM & GTM, APM Load balancing implementation and scheduling infrastructure related tasks by coordinating with other teams. Responsible for maintaining the SSL certificates for various applications hosted on the F5s and servers on the hardware. Determined the functionality with the DNS naming conventions and migrations from old load balancing environments to the F5 environment. Company: TELESONIC network ltd Pune, India Date: 08/2009 - 01/2015 Title: Sr. Engineer Responsibilities Involved in troubleshooting and resolving all major network-related issues. Provided technical support of 1st & 2nd line troubleshooting of IPSEC, Bundle Ethernet, software upgradation, Hardware fault of network devices. Provided technical support for Access NOC Operations. Worked with different carrier Ethernet switches and optical transport devices. Configured and troubleshot Cisco routers with BGP, OSPF and static routes. Provided 24 X 7 Technical support, monitoring Cisco Routers & Cisco Switches, problem recognition and resolving the issue related to network. Provided First level troubleshooting for link down issues, if it is not resolved then escalating to concerned services providers like Virgin media, BT etc. For network connectivity issues. Provided MON (Major Outage Notification) to the customers. Responsible for in Band and out of Band management (OOB) of Network Nodes via Mirit server. Responsible for change management request planned outage coordination with Field engineer. Monitored remedy action from down line and different concern team. Strong skills in the areas of project management, people management, technical support, commissioning, troubleshooting. Ensured consistency of network configuration and configuration database. Responsible for incident management, remedy ticketing, FLT, NETCOOL, troubleshooting, Configured MRTG, cacti, etc. tools for bandwidth monitoring. Installed & commissioned new Access network sites (ALCATE-Lucent 7750, 7720,7210. Provided L3 Support to the Onsite team related flied issues (ADSL, DSLAM, MSAN, PSTN routers). Identified and resolved router/switch configuration problems based on troubleshooting and identifying the root causes of slow network performance issues at the. Responsible for alarm monitoring, coordination and escalation of aggregation switches and routers. EDUCATION Completed Degree in Cyber Security with 3.41 GPA Dallas University, TX, USA Bachelor s degree in Aurangabad University, India, Diploma (E & TC) Government Polytechnic Pune, India, Keywords: information technology ffive Idaho Texas