Summary
Overview
Work History
Education
Skills
Accomplishments
Additional Information
Languages
Timeline
Generic

Amena Fatima

Chicago,IL

Summary

8+ years of practical experience in the IT field as a network engineer, with proficient hands-on experience in the areas of Wi-Fi portfolio, Routing, Switching and Troubleshooting Strong knowledge in configuring and troubleshooting routing protocols like OSPF, VOIP, IPT, IS-IS, SNMP, EIGRP and BGP. Experience in deploying applications through Microsoft azure. Implementation, working analysis, troubleshooting and documentation of LAN, WAN & WLAN architecture with excellent work experience on IP series. Certified Amazon Web Services engineer with 2 years of experience in Cloud computing, Infrastructure Solutions and services, Data center virtualization and Database Services. Deep technical experience with architecture, design and hands-on diverse technology platforms including different Cloud Platforms (AWS/Azure), Virtualization, Database Technology Working knowledge with Load Balancers F5 LTM like 2200, 4200v, 7050 for various applications. Knowledge of troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as EIGRP, OSPF, BGP, MPLS ability to interpret and resolve complex route table problems. Experience in Design, configuration, and support of Cisco Nexus Platforms (Nexus 2000/5000/7000/9000). Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MST. Strong practical experience in IP addressing, Sub-netting, VLSM and ARP, proxy ARP, and ping concepts. Expertise in troubleshooting and configuring DNS, DHCP, TFTP, TELNET, SSH, FTP and NFS. Excellent hands-on experience in designing and implementing IP addressing that includes both IPV4 and IPV6 Implementation of Access lists, route maps, and distribute lists. Strong fundamental knowledge in implementing Layer-2 level technologies including VLAN's, VTP, STP, RSTP and Trunking. Working knowledge of Firewall, AAA, TACACS/RADIUS, and IPSEC. Proficient with TCP/IP, OSI models and Cisco IOS. Experience with Security policy configuration including NAT, PAT, VPN, SSLVPN, Route-maps and Access Control Lists. Strong experience on Juniper SSG series Firewalls and Checkpoint R75, 76 Firewalls, Juniper SRX 240 Firewalls. Experienced Information Security Engineer with 5-year history of managing security of physical and cloud infrastructure. Adept at identifying security risks and improving security architecture designs. Proven to maintain efficiency in high-stress situations. IT professional with 5 years of experience developing and implementing security solutions in fast-paced environments.

Overview

7
7
years of professional experience

Work History

Sr.Network Security Engineer

Safelite Group
Columbus, Ohio
04.2021 - Current
  • I am currently working on IOS upgrade on multiple devices which includes Routers
  • (ASR / ISR) , Switches ( 2960 , 3850 , 9236 , 3180 , 3760 , 4900 , 6500) and Nexus
  • 9k , 7k , 5k
  • I also configure and Troubleshoot Routing protocols like BGP , OSPF & EIGRP
  • Configuration and installation of LAN switches and wireless network
  • Monitor Network Traffic and fixing errors
  • (Routing and Switching)
  • Managing VTP domains , DHCP Pools , Creating VLANS , Port channels
  • I also manage ACI Infrastructure based on 4.2 Version , includes creating/managing
  • Bridge Domains EPGs , Assigning Static ports in EPGs , Applying contract and
  • Subjects on EPGs
  • I also work on Cherwell tool to manage day to day incidents and change management services
  • Working on Cisco ISE to authorize users based on protocols PEAP and EAP-TLS, also manage and monitor user's access privileges
  • I also work on Aruba and Cisco WLC ( AP Provisioning , User Troubleshooting , wifi Troubleshooting)
  • Configured VLAN's on Switches for Wireless Access Points
  • Provided day-to-day support in the maintenance and troubleshooting of OSPF at the core layer
  • Configuration and installation of LAN switches and wireless network infrastructure equipment and cabling all uplink and user network connections
  • Working on Cisco ISE to authorize users based on protocols PEAP and EAP-TLS, also manage and monitor user's access privileges
  • I also manage DNS Infrastructure based on Infoblox ( Creating PTR , A-record ,
  • DHCP Services , IPAM Tools , Add Network , CNAME Record , MX Records , Add
  • Hosts , Fixed Addresses , Txt Record and CSV Import) and devices based on Solarwinds/ Orion
  • I am responsible to create/mange Policies , groups , objects , HA , Site to Site VPN
  • I am also responsible to Install , Configure , manage and Fix Palo Alto Firewall Technologies
  • I am also managing Antivirus , Intrusion prevention other than VPN ( VPN pool and gateway information, integration of RSA for VPN authentication, defined rules for non-console administrative access, implemented and tested non-console admin rules for firewalls
  • Maintain List of firewall rules allowing TCP 80 on T1 DMZ firewalls (Unencrypted HTTP should be blocked against external access
  • Experienced provisioning SD-WAN service as automated failover solution for MPLS VPN by Cisco Meraki MX 80 Firewall.

Network Security Engineer

Raza Communications
Chicago, IL
09.2020 - 04.2021
  • Worked on providing management connectivity, HA configuration, setting up RSA for MFA, license and updates management, VSYS support, L3, aggregate Ethernet and sub interfaces configuration, configuration of BGP on both Nexus and Palo Alto, moved SVI (server VLAN) interfaces from ASA core to Palo Alto
  • Worked on data center segmentation project to create segmentation between the user and server traffic by deploying Palo Alto firewalls (5250s) in the datacenter including cabling to the Nexus 9K, 7K VDCs and HA
  • Validated routing throughout the environment and created test plans for failover including using link monitoring and path monitoring
  • Experienced provisioning SD-WAN service as automated failover solution for MPLS VPN by Cisco Meraki MX 80 Firewall
  • Cisco ACI fabric networks, including python automation
  • Worked on incorporate Cisco Nexus 9000 NXOS to ACI fabric to work in concert with the existing Nexus 7000s and ASRs for MPLS implementation
  • Designed the ACI fabric to ensure each tenant/host is secured and has separated from other tenants/hosts
  • Used of L3/L2 outs via common tenants to reduce TCAM and RAM utilization
  • Created ACI migration plan (brownfield) create L2/L3 transitions
  • Map traffic flows for EPGs and BDs
  • Handled drivers for ML2 and GBO Open Stack integrations
  • Advanced knowledge in the installation, configuration, maintenance and administration of Palo Alto Network firewalls, Panorama, Checkpoint and Fortinet Firewalls
  • Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE
  • Handling Checkpoint and Checkpoint firewalls appliances, Checkpoint Provider-1/Multi-Domain-Mgmt
  • The, Check point Smart Console R70.20 & R75.40, R77.10, R77.20
  • Selecting appropriate AWS service to design and deploy an application based on given requirements
  • Provided day-to-day support in the maintenance and troubleshooting of OSPF at the core layer
  • Working on Cisco ISE to authorize users based on protocols PEAP and EAP-TLS, also manage and monitor user's access privileges
  • Implementation of Juniper Firewall, SSG Series, Net screen Series ISG 1000, SRX Series
  • Upgraded the existing Panorama to V8
  • Integrating the new firewalls to Panorama and responsible for working on change tickets for existing 3250 Palo Firewalls in the environment
  • Collected data to determine which permit rules to create between the user and server VLANs based on the logs
  • Experience in developing cloud strategies, roadmaps, architecting (hands-on) new cloud solutions end to end or enterprise level AWS/Azure migrations
  • Designing and deploying dynamically scalable, highly available, fault tolerant and reliable applications on AWS
  • Migrated complex, multi-tier applications on AWS
  • Defined and deployed monitoring, metrics and logging systems on AWS
  • Migrated existing on-premises applications to AWS
  • Configuration and installation of LAN switches and wireless network infrastructure equipment and cabling all uplink and user network connections
  • Secure Email Gateway, Web Marshal proxy gateway and Secure Connect Fortinet Firewalls Provide Level 3 support for Aruba WLAN mobility controllers, Access Points and Aruba Instant Access Points
  • Developed and implemented Python scripts to automate retrieval, parsing and reporting of configuration parameters from Network Devices connected to customer networks
  • Experience using Source fire IPS and Firesight management console
  • Deployed Nexus switches 2248, 5548, 7018 and implemented features like FEX Links, VPC, VRF, VDC, and OTV, Fabric Path
  • Experience with Cisco ACI (Application Centric Integration) technology implementation
  • Created VSYS Builds from Checkpoint to Palo Alto Panorama Database Zone, Access Zone
  • Performed Routing protocol migration from EIGRP to OSPF to allow for optimal performance inside a 100% cisco environment.
  • Conversions to BGP WAN routing
  • Which will be to convert WAN routing from OSPF to BGP OSPF is used for local routing only which involves new wan links
  • Determined the VPN connectivity requirement for users, VPN pool and gateway information, integration of RSA for VPN authentication, defined rules for non-console administrative access, implemented and tested non-console admin rules for firewalls
  • Used routing protocols (OSPF) internal and BGP to connect to ISP
  • Created script in python for calling REST APIs
  • Review and analyze events from logs and Source Fire IDS/IPS
  • Experience working with Nexus 7018/7010, 5020, 5548, 2148, 2248 devices
  • Experience working with OTV & FCOE on the nexus between the datacenters
  • Worked on creating SNMP, Syslog, Email profiles, log forwarding, data filtering profiles according to the client’s requirement
  • Worked with the Info security team to closely monitor threats, incident handling, working with the network administration team to provide them with the remediation steps
  • Updated configuration standards to meet the PCI DSS compliance requirement
  • Made config changes to the existing firewalls in the CDE to the configure standards to make them PCI compliant
  • Environment:​ Firewall migration, Rule cleanup, Firewall remediation, F5 Cisco ISE, Ticketing change management

Sr. Network Security Engineer

Bank of the west
Omaha, Nebraska
10.2019 - 08.2020
  • Worked on Firewall Enhancements (1450, 1550 and 1590)
  • On call Support for installation of Check point Firewalls
  • Work on Checkpoint Platform including Provider Smart Domain Manager
  • NSX Firewall for VMware-enhance firewall policies enforcing stricter access control
  • Configuration and installation of LAN switches and wireless network infrastructure equipment and cabling all uplink and user network connections
  • Configuring and troubleshooting static and dynamic DNS servers
  • Reviewed and optimized firewall rules using Netscout firewall monitoring tool by creating customized firewall audit reports
  • Network Segmentation
  • Worked on tickets for Granting Access to vendors and Users
  • Checkpoint Firewall
  • Troubleshooting and policy change requests for new IP segments that come on line
  • Escalating customer problems to management and support groups
  • Monitor Network Traffic and fixing errors
  • (Routing and Switching)
  • Reviewed Firewall policy and clean-up
  • Upgrading or Changing Vlan IP's for onsite firewall
  • Maintain List of firewall rules allowing TCP 80 on T1 DMZ firewalls (Unencrypted HTTP should be blocked against external access
  • Experience with convert Checkpoint VPN rules over to the Cisco ASA solution
  • Migration with Cisco ASA VPN experience
  • Configured VLAN's on Switches for Wireless Access Points
  • Monitored Network Management System and responded to events, alarms and trouble tickets
  • Included network services such as DNS, email, web, Servers, VPN and Firewall
  • Recommend and design equipment configurations for LAN/WAN/VOIP deployment on Cisco, Adtran, Fortinet, F5, Radware, and Bluecoat
  • Configured and maintained Fortinet Firewall systems, on Fortinet 100, 500 and 1500D
  • Also maintained 99% uptime on Firewalls, as well as full and complete intrusion detection and prevention systems

Network Security Engineer

Raza Inc
Chicago, IL
06.2018 - 10.2019
  • Worked on cleanup of several legacy rules of ASA and created a migration path to Palo Altos, configured for Global protect VPN, User ID, Wildfire set up, SSL decryption, license and policy management on Palo Alto appliances
  • Reviewed and optimized firewall rules using Netscout firewall monitoring tool by creating customized firewall audit reports
  • Migrated datacenter firewall rules based on Zenoss Analysis/query and Reports
  • Staged, planned and deployed Palo Alto 5060 within Data Centers
  • Worked with Palo Alto firewalls using Panorama performing changes to monitor/block/allow the traffic on the firewall
  • Cisco Meraki Appliance MX (400, 80, 60) and Meraki wireless Access points (MR66,MR18),
  • Installed and configured Meraki (MX80,MX60) Appliance via Meraki MX400 Cloud
  • Troubleshooting Cisco APs and Meraki appliances
  • Fortinet firewall deployment for multiple locations
  • Responsible to evaluate, test, configure, propose and implement network, firewall and security solutions with Palo Alto networks
  • Installed and configured Cisco Meraki (MR66, MR18) wireless Access points in the warehouses
  • Instituted a vulnerability management program to scan and report on all machines for vulnerabilities on the network using various vulnerability management tools on a weekly schedule to meet external audit requirements
  • Provided in depth analysis using but not limited to Vitalnet, NetQoS, Net screen Manager (NSM), Wireshark, Netcool Monitoring and Infinistream Management Console
  • Installed and configured Cisco Nexus 9k/7k/5k/3k switches for VPC, Vlans, MST and 802.1q for Top of the Rack switches and Distribution layer switches
  • Configuring HP procurve switches and Microtik routers by providing VPN access and setting pools for dedicated tunnel for internal customers
  • Worked on Palo-alto configuration for L2, L3 deployment on Vendor-list firewall
  • Experience on configuring fiber-optic between 2 data centers with 10GB of bandwidth availability
  • Configured active directory domain, DNS and DHCP on Windows 2012 R2 standard
  • Experience with products such as Cisco ISE, Cisco ASA 5500 series firewalls and Cisco ACE 4710 Load balancers
  • Palo Alto/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network
  • Extensive work with MPLS, configuring BGP, policy-based routing, redistribution, VPN etc
  • Worked on troubleshooting of tickets in complex LAN/WAN infrastructure using packet captures, protocol analyzers, syslog servers etc
  • Worked on CA spectrum network monitoring tool
  • Configure and maintain site to site VPN using Netscreen firewalls
  • Configuration of Arista DCS7300, 7010, MX960s to replace end-of-life devices
  • Manage Arista core and distribution environment
  • Defined and deployed monitoring, metrics and logging systems on AWS
  • Migrated existing on-premises applications to AWS
  • Managed Cisco PIX firewall for ACL and VPN
  • Also worked with the physical server migration to AWS data center
  • Involved in designing and implementation of AWS network and connectivity b/w physical and AWS DC
  • Installed Arista core and distribution solution to replace current Cisco environment
  • Working experience on tools and devices like Source Fire, Cisco ASA, Cisco ISE
  • Corrected configuration issues and implemented best practices for configuration of VDC, VPC, VRF, FEX
  • Environment: Architectural layout, Firemon, Unused rule and policies, Qos, Monitoring, VOIP, PBX, HP procurve switches.

Network Engineer

IMI Mobile
, India
06.2012 - 10.2015
  • Created effective network security by migrating from Check Point FW-1 NG to ASA 5510 Firewalls
  • Working with CISCO Nexus 7000, Nexus 5000, and Nexus 2000 platforms
  • Experience with convert Checkpoint VPN rules over to the Cisco ASA solution
  • Migration with Cisco ASA VPN experience
  • Involved in configuring Juniper SSG-140 and Check point firewall
  • Has a good experience working with the Trouble Tickets on F5 Load balancers and ASA Firewalls
  • Working with Cisco Nexus 2148 Fabric Extender and Nexus 5500 series to provide a Flexible Access Solution for datacenter access architecture
  • Performed network troubleshooting, second level technical support, and tape backup operations
  • Served as a main escalation point of contact for level II personnel
  • Configured Wireless Access Points in order to control them with RADIUS server
  • Coordinated with higher-level support and external vendors for resolution
  • Configured VLAN's on Switches for Wireless Access Points
  • Monitored Network Management System and responded to events, alarms and trouble tickets
  • Included network services such as DNS, email, web, Servers, VPN and Firewall

Education

Master of Science - Computer Science And Information Technology

University of Cumberlands
Kentucky
04.2018

Bachelor of Science - Information Technology

JNTU
Hyderabad
05.2012

Skills

  • Security vulnerability assessment
  • Cloud implementation
  • Wireshark software
  • Security infrastructure architecture
  • Qualys Cloud Platform
  • Cisco Platforms Nexus 9K 7K, 5K, 2K and 1K, Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900, 6807 series)

    Juniper Platforms SRX, MX, EX Series Routers and Switches

    Networking Concepts Access-lists, Routing, Switching, Subnetting, Designing, CSU/DSU, IPSec,
    VLAN, VPN, WEP, WAP, VoIP, Bluetooth, Wi-Fi

    Firewall ASA Firewall (5505/5510/5520), Checkpoint (R75/R76), Palo Alto (2k, 3k,
    5k), Juniper SRX (240)

    Network Tools Solarwinds
    ,
    SNMP, Cisco Works, Wireshark, Netcool, Netbrain

    Load Balancers Cisco CSM, F5 Networks (Big-IP)

    WAN technologies Frame Relay, ISDN, ATM, MPLS, leased lines

    LAN technologies Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port-
    channel, VLANS, VTP, STP, RSTP, 8021Q

    Security Protocols IKE, IPSEC, SSL-VPN

    Switching Protocols STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP,
    TACACS, Radius, AAA, IPv4 and IPv6

    Routing Protocols IGP(RIP V1 & RIP V2, OSPF, IGRP,EIGRP), EGP(BGP & IS-IS)

    Monitoring ORION

    Wifi Aruba & Cisco WLC

    Ticketing Tools Cherwell & Service NEO

    Operating System Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix

Accomplishments

  • Collaborated with team of 20 in the development of Firewall.
  • Resolved product issue through consumer testing.
  • Used Microsoft Excel to develop inventory tracking spreadsheets.
  • Supervised team of 8 staff members.

Additional Information

  • Installing and Configuring Cisco switches 2960, 3560, 4500, 6500, 4900, 2900, 3750, Nexus 5000, Nexus 7000,Nexus 9000 WS-C4948, Juniper EX, QFX and MX series. Hands-on expertise with routers 2800, 2900, 3800, 3900, 7200, 7600, ASR9010, ASR1002 and Juniper ACX, EX 4300, MX 480, MX960 series. Working Knowledge on Devices like Juniper SRX 210, 240 and 550.
  • in SONET, DWDM & ATM Networks. Working Knowledge of SD-WAN technologies Such as Meraki, OpenStack and Silverpeak. Technical support for improvement, up-gradation & expansion of the network architecture. Good understanding and working knowledge of Protocols like IEEE 802.1, IEEE 802.3& IEEE 802.11, 802.1x, EAP, PEAP & EAP-TLS. Hands-on experience of Python scripting, automation using Python, string parsing, libraries, API's, regexp and more. Familiar with security products such as Cisco ISE Expertise on various Operating Systems and software's like Win8, Win7, Win 2008, Win Vista, Ubuntu, Kali Linux, Red Hat Linux, Asterisk and MS Office Suite. Working Experience in VMware ESX 5.x, VMware Workstation, VMware vCenter Server, Microsoft SharePoint, System Center 2012 R2. Worked on security products such as Cisco ISE. VoIP Installation and troubleshooting, configuring Cisco Phones and setting up VoIP, IPT over VLAN. Recommend and design equipment configurations for LAN/WAN/VOIP deployment on Cisco, Adtran, Fortinet, F5, Radware, and Bluecoat. Advanced knowledge in the installation, configuration, maintenance and administration of Palo Alto Network firewalls, Panorama, Checkpoint. Comprehensive understanding of OSI Model, TCP/IP protocol suite (IP, ARP, ICMP, TCP, UDP, SNMP, FTP, TFTP). Working Experience on web content filter and gateways like Blue Coat, Websense. Working Experience on Network Scanning, Management, Alerting &Logging tools like Solar Winds, PRTG, and Wireshark. Adept in preparing technical documentation and presentations using Microsoft Visio/ Office. Moderate knowledge in implementing and configuring F5 Big-IP LTM-6400 load balancers. In depth knowledge of ISP grade layer 3 networks.

Languages

English
Full Professional

Timeline

Sr.Network Security Engineer

Safelite Group
04.2021 - Current

Network Security Engineer

Raza Communications
09.2020 - 04.2021

Sr. Network Security Engineer

Bank of the west
10.2019 - 08.2020

Network Security Engineer

Raza Inc
06.2018 - 10.2019

Network Engineer

IMI Mobile
06.2012 - 10.2015

Master of Science - Computer Science And Information Technology

University of Cumberlands

Bachelor of Science - Information Technology

JNTU

Similar Profiles

CREATE PROFILE
Amena Fatima