Employer Detail:

Jason
832.478.7002
jason@cambaycs.com

Mohamed Aamir Bhaiji

Professional Summary

7+ years of IT experience in design, development, implementation,

troubleshooting and maintenance of complex Network & Security devices &
Network Security.
Expertise in network protocols, Firewalls and Communication Network design.
Experience with Troubleshooting tools for example protocol analyzers, load
generators & network traces.
Working knowledge of frame relay, MPLS services, OSPF, BGP and EIGRP routing
protocols, NATing, subnetting, also including DNS, WINS, LDAP, DHCP, http,
HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, STP (Spanning
tree Protocol), RTSP & Multicasting protocols
Well Experienced in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP,
HDLC, PAP, CHAP, and SNMP.
In-depth Cisco technology experience/knowledge in design, implementation,
administration and support.
Experience in installing, configuring and troubleshooting of Checkpoint Firewall
and Juniper SSG series.
Experience in adding Rules and Monitoring Checkpoint Firewall traffic through
Smart Dashboard and Smart View Tracker applications.
Well experienced in configuring gateway redundancy protocols like HSRP, GLBP,
PPP and SNMP.
Juniper: EX-4500, MX-480, M Series, SRX210, SRX240
Strong Hands on experience in installing, configuring and troubleshooting of
Cisco 7200, 3800, 3600, 2800, 2600, 2500 and 1800 series Routers, Cisco
Catalyst 6500, 4500, 3750, 2950 and 3500XL series switches.
Strong hands on experience in installing, configuring , and troubleshooting of
Cisco 7600, 7200, 3800, 3600, 2800, 2600, 2500 and 1800 series Routers, Cisco
Catalyst 6500, 4500, 3750, 2950 and 3500XL series switches.
Advanced knowledge of OSI model, TCP/IP, Internet technologies, system
security, firewall infrastructure, network architecture and Cisco network routing /
switching (Layer 2 and 3) experience, including LAN and WAN, design and
implementation which includes Layer 1 to Layer 7 experience.
Designing, Implementing and Troubleshooting Cisco Routers using Static, RIP,
IGRP, OSPF, EIGRP & experience with Checkpoint, Cisco PIX & ASA devices
Worked on Load Balancer F5 LTM, GTM series like 6400, 6800, 8800 for the
corporate applications and their availability
Network Security - Anomaly Detection in Attack Prevention System, Network and
Host IPS/IDS, Cisco PIX firewall, Vulnerability scanning, Penetration testing, Buffer
Overflows, Cross Site Scripting.

Employer Detail:
Jason
832.478.7002
jason@cambaycs.com

Technical Skills
Routing and Switching : Cisco Routers (7200, 3800, 3600, 2800, 2600, 2500,
1800, 1700 series) & Cisco Catalyst switches (6500, 4900,
3750, 3500, 2900 series)
Routing Protocols
: RIP, RIP V2, EIGRP, OSPF, IS-IS, IGRP, BGP and MPLS
Switching Protocols
: VTP, STP, RSTP, MSTP, VLANs, Ether Channel, LACP,
PAgP, VSS, vPC, MLS
Firewall Vendors : CheckPoint R65, R71, R75, Juniper & Cisco ASA/PIX, PaloAlto
Load Balancing Protocols: HSRP, GLBP, VRRP
IP Services Management: NAT, DHCP
URL Filtration
: Websense, Bluecoat
AAA Architecture : TACACS+, RADIUS
Monitoring Tools : Wire shark, TCP dump
Microsoft Software
: Microsoft Office, Visio.
Operating Systems
: Windows 9X, XP, Vista, Windows 2000, 2003 (Active
Directory), Linux
Certification
: Cisco Certified Network Associate (CCNA)
Professional Experience
Firewall Engineer
Apr 2015 -Present

UHG, Tampa, FL

Responsible for Cisco ASA firewall administration across our global networks
Support customer with the configuration and maintenance of PIX and ASA
firewall systems
Assist with various duties that will arise including: implementation, configuration,
management,
Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP),
Trunking (dot1q and ISL) and Ether channel.
Experience with setting up MPLS Layer 3 VPN cloud in data center and also
working with BGP WAN towards customer.
Implemented various EX, SRX & J series Juniper devices.
Implemented site to site VPN in Juniper SRX as per customer.
Experience with configuring Virtual Server and Configuring Load balancing
methods in F5 LTM.
Responsible for Cisco ASA firewall administration across our global networks
Experience configuring Virtual Device Context in Nexus 7010.
Configuring IPSEC VPN on SRX series firewalls.

Employer Detail:
Jason
832.478.7002
jason@cambaycs.com

Worked on security tools and software such as CISCO WSA, Qualys, Splunk, Solar
winds, Source fire
Experience with Firewall Administration, Rule Analysis, Rule Modification
Managing cabled LAN and wireless access, with switching technologies and
wireless technologies
Troubleshooting and monitored routing protocols such RIP, OSPF, EIGRP & BGP.
Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers
Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches
Installation and Configuration of Cisco Catalyst switches 6500, 3750 & 3550
series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists
implemented as per Network Design Document and followed the change process
as per IT policy It also includes the configuration of port channel between core
switches and server distribution switches
Experience with convert PIX rules over to the Cisco ASA solution.
Experience with communicating with different with different customers, IT teams
in gathering the details for the project.
Experienced on working with cisco switches 3850, CISCO 6880, Nexus 9k, 4500
access switches for deploying as well as configuring it, and installation of
malware detection Fire Eye.
Designed, validated and implemented LAN, WLAN & WAN solution to suite
client's needs.
Provided technical support to cloud computing customers.
Provided Load Balancing towards access layer from core layer using F5 Network
Load Balancers.
Implemented TCP/IP and related services like DHCP/DNS/WINS.
Configured and troubleshooting of HSRP on Cisco routers.

Network Security Engineer

Sep 2014 - Mar 2015

State Farm, Bloomington, IL

Ensure overall security posture across network environment, enforcing security

policies, defining and monitoring access, identifying, reporting, investigating and
responding to security breaches and network incidents related to ASA, Tripwire
and SourceFire IPS.
Responsible for the introduction and implementation of new Intrusion Detection
and Prevention System software such as SourceFire, Review and analyze events
from logs, generate reports.
Monitoring traffic, Analyzing Application usage and resolving the issues with it on
the IPS/ SourceFire.
Generating Malware Reports and troubleshooting it on SourceFire.
Generating Hidden Rules, Unused Rules, Traffic Flow Analysis and Complexity
Report on all the Firewalls using Firemon Security Manager.

Employer Detail:
Jason
832.478.7002
jason@cambaycs.com

Migrated to R70.1 in various Checkpoint IP series appliances from R65, R62, R60,
etc. and building the new Smart Center server.
Worked on checkpoint UTM1, VPN1 and activating blade licenses to be used as
Intrusion prevention and antivirus appliance.
Installing & configuring firewalls - Checkpoint NG & NGX, Cisco ASA (5500), Cisco
Pix, ISA, and IP tables.
Migrated and implemented new solutions with Cisco ASA Firewall (5500) series.
Configured Site to Site IPsec VPN tunnels to peer with different clients and each
of client having different specifications of Phase 1 and Phase 2 policies using
Cisco ASA 5500 series firewalls.
Deployed BIG IP Enterprise manager to cluster all the F5 LTM, GTM, devices for
easier management and common configurations.
Configure and administer network devices consisting of F5 load balancers,
Bluecoat proxies, Juniper SRX's, PaloAlto Network Firewalls, and Checkpoint
Firewalls
Designed, developed, maintained and supported wired and wireless networks.
Configured L3 protocols (IP, BGP, OSPF, EIGRP, IGRP, RIP, ISIS), redistribution,
summarization, Filtration (using distribute list, route map, prefix list, access list).
Periodically or as and when required, revisit the process and improve it, covering
any existing gaps and making it more robust as well as practical.

Security/ Network Engineer

2012 Aug 2014

Motorola, Chicago, IL

Mar

Provides day to day support for firewall engineering and operations tasks and
level 1 & 2 on-call technical support for the Firewall Engineering and Operations
team; including assisting peers with issues and escalation.
Complex troubleshooting to include network protocol and log analysis, raw data
captures, and the correlation of disparate events spanning multiple devices and
platforms.
Experience in different VPN platforms, IPSec, SSL & Web VPN. Mobile VPNs
solutions from Cisco and Checkpoint.
Experience with convert Checkpoint VPN rules over to the Cisco ASA solution.
Configured CISCO Routers (3700 & 3900) and 2900, 3550, 5000, 5500 series
switch.
Configured and Support Cisco Nexus (7000, 5000, 2000 series) Switches.
Configured and implemented MPLS, MP-BGP and Multicasting networks.
Hands on experience on upgrading of JUNOS.
Security & Internal LAN Management: VPN tunneling setup for FTP access and
remote access, configure hardware Firewall/Gateway for intrusion protection,
packet filtering, NAT and Web protection policies.
Implementing security Solutions using PaloAlto Pa-5000/3000, Cisco ASA,
Checkpoint firewalls R75, R77.20 Gaia and Provider-1/MDM.

Employer Detail:
Jason
832.478.7002
jason@cambaycs.com

Network Cabling, dressing, labeling and troubleshooting various network drops

onsite. Developed documentations, system standards within organization.
Configure and Monitor Cisco Sourcefire IPS for alerts.
Understand the JUNOS platform and worked with IOS upgrade of Juniper devices
Designed, implemented, and managed network security countermeasures
including firewalls and intrusion detection/prevention systems such as: Palo Alto,
Pfsense, and Cisco's SourceFire.
Responsible for service request tickets generated by the helpdesk in all phase
such as troubleshooting, maintenance, upgrades, patches, fixes.
Provided system documentation for all network issues and resolution for future
references.

Network Engineer
Mrigko System, India
Dec 2009 Feb 2012
Configuration, monitoring, troubleshooting & maintenance of Multi-vendor
complex IT network infrastructure (Hardware and links for Data, Voice & VC
services)
Configuration, monitoring, troubleshooting, OS up-gradation & EOS (End of
Support) refreshment of network devices (i.e. Cisco1800, 1900, 2800, 3700,
3800, 3900, 4500, 3400, 3750, ASA 5500, bluecoat 7500 packet shaper etc.)
Change request creation and processing for new requirement or day to day
Operations.
Performing Service Activation & Deactivation of Network devices as per process.
Processing of firewall requests & issues as per users requirement.
Monitoring of mission critical packet shaper partitions & sharing reports with
management, up-gradation & creation of new partitions as per requirement.
Management & updating of network inventory, physical and logical diagram.
Timely execution of new projects with high user satisfaction.
Actively organize review meetings with management to discuss ongoing & future
plans.
Monitor & Track timely closure of incidents within SLA with positive users
feedback.
Review team performance timely and help them improve.
Emphasize on SLA & handle third level of escalation for the customer issue.
Strong involvement in physical asset verification, audits & compliance.