My goal is to obtain a position as a Network Security Professional/Palo Alto Network consultant
Sr. Network Security Contractor
- Configure and troubleshoot security policies and Confidential filtering on the Palo Alto Network Firewalls, a next generation firewall, for a major federal agency. As well as high availability configuration, Panorama, SSL decryption, threat prevention policies, wildfire inspection were implemented as well. Virus protection, vulnerability and malware inspection and protection with the Palo Alto firewalls were also created and used in the enterprise sized network for a national federal agency.
- Configuration of the Confidential Confidential firewalls and Firepower, and Sourcefire that involve access control lists to allow or to deny users from certain networks or systems for certain applications or ports. These issues are delivered through a ticketing system, as working in conjunction with Splunk and Elastic Syslog servers, and packet capture tools like Wireshark.
- Troubleshoot network engineering issues with routers, switches, IPS (intrusion prevention sensors), and Confidential and Palo Alto firewalls, which involves spanning tree, routing protocols, VPN systems, VLANS, and OS upgrade implementations.
- Configure Confidential Confidential for Confidential with devices and users to the network to allow users to with a privileged user account accessing devices and control their access, while also accounting for their actions with security logs.
- IT audit function such as preparing documentation for a near future NIST series 800 audits on a federal level, and the FISM regulation as well as ensure the required security controls are in place and this big data group is composed of different network and security elements being aggregated logs captured by Splunk and able to show these events in customized reports or on dashboards apps. I have completed Splunk power user training to help deliver more powerful searches and reporting.
- Develop network designs with architecture and implementation documents as well as developing verification methods to test the network solutions. These changes would follow change management policies that correspond to CMMI and ITIL standards.
- Performing IT infrastructure technical consulting by creating proof of concept projects in a test environment for different network and security solutions.
Sr. Network Security Contractor
- Analysis IDS/IPS sensors to ensure the policies and settings are in compliance with the clients’ proposed goals. Gathering technical information from network and security teams as well as convey security concepts and exploit information to managers for different clients nationwide. Performing other testing methods to support reports such as Wireshark packet captures.
- Perform fine tuning of IDS/IPS fine tuning of signatures in a change control type of process. Create client reports to present to management on audit’s findings, explain any technical subjects in the tuning report to technical engineers and management.
Sr. Network Security Architect Consultant
- Advise and train Confidential customer engineers in the integration of Confidential Technologies product called Privileged Access Manager (PAM) into their systems and network devices to secure passwords or other credentials for privileged accounts from being stored securely or transferred over the network securely. Assisting engineers in the testing of their systems to utilize the PAM security solution in an Agile environment as well as develop proof of concept security solutions.
- Work with engineers on how PAM would integrate with Palo Alto Network Firewalls using PAN - OS and Confidential firewalls, Confidential routers and switches. This task includes troubleshooting network security issues with firewall rules and policies to ensure that the necessary PAM traffic goes through the firewalls successfully. Reviewing network Confidential policies and security configurations.
- Reviewing and consulting clients’ IT security policies and strategies, network diagrams, network security analysis. Determining the best placement for the PAM appliance to be placed logically from a service engineer point of view for the Navy’s extensive NGEN and NMCI networks. Ensuring the security appliance would meet the compliance of Confidential Risk Management Framework (RMF) and Confidential certification.
Sr. Network Security Consultant
- I am a SME (subject matter expert) with Palo Alto Network Firewalls using PAN-OS and Confidential firewalls for a large financial Danish bank client. I have been inspecting the configuration of the firewalls to ensure they are configured correctly to enforce their corporate policies and the Agile framework.
- Reviewing and consulting clients’ IT security policies and strategies, review IT audit reports, network diagrams, network security analysis, review roles and responsibilities of the IT security team, work with their security tools, inspect security configurations to ensure standards are being utilize such as ITIL, NIST 800 controls, ISO 27001/2, and industry best standards.
- Writing reports on findings and get it merged into a team report on the IT security team to give future recommendations on staffing requirements, practices and procedure changes, as well as long term future goals of the IT security teams.
Sr. Network Security Architect Consultant
- Preparing and reviewing network security architect designs to implement Palo Alto Network firewalls into a large biotech corporate network LANs and WANs, working with remote parties and remote locations. Informing the client of the different features of the Palo Alto Network firewalls not found on the vendor’s firewalls, so they can in corporate possible future procedures and designs such as policies based on user-ids, DNS, identifying application traffic, single pass inspection of incoming network traffic and integrating these changes with the Confidential routers and switches.
- I am developing and reviewing architect designs, creating documentation needed for engineer teams to use for the migration from different vendor firewalls to Palo Alto Network Firewalls as well as network diagrams for the security solutions. The sites are worldwide, with different levels of experience of the onsite engineers and different network layouts, rule set evaluation, perform network security planning of firewall consolidation from different business units, with a future goal of creating a more uniform network design for the sites.
- I am a SME (subject matter expert) with Palo Firewalls, Panorama management software, and networks that attached to them to give advice to the network and security teams on different procedures with this documentation being put into a repository.
Sr. Network Security Consultant
- Working as a (SME) Subject Matter Expert in network security, especially in firewalls and IPS. On a daily basis I am working with Palo Alto Network firewalls and Confidential Confidential firewalls and Sourcefire IPS, configuring them for access policies, VPNs, SSL decryption policies, Brightcloud web proxy rule configurations, Wildfire service for network malware protection, ssl-decryption, user-id traffic synced with Active Directory with a multinational company with equipment in different time zones.
- Prepare inventories and IT audits of network security equipment, network security diagrams, as well as working with technical support of different vendors, complete trouble tickets dealing with network security, reporting to management on multiple incidents and projects. Use security industry standard tools to perform analysis and troubleshoot of security incidents.
Sr. Network Team Lead
- Administer and monitor Sourcefire intrusion prevention sensors (IPS) for a large Confidential satellite wired and wireless of voice voip and Juniper data networks to monitor security incidents, block or alert events related to malware, exploits and violations against the AUP (acceptable user policy). This task required reviewing intrusion detection sensor logs, appliance health events, performing in depth packet analysis of the events with Wireshark captures. It also included providing management on guidance on best practices, reporting with metrics and graphs to support the findings, and recommends future configuration changes. I also work with Airtight wireless IPS (WIPS) to check for rogue access points and other wireless attacks and Aruba wireless controllers’ to ensure they have a secure configuration as well as creating a wireless incident response policy and procedures documentation.
- Planned and implemented Palo Alto Network Firewalls into an inline network configuration, to work in conjunction with the IPS and monitoring and logging appliances.
- Provide network security through analysis of Palo Alto Firewall systems and Juniper firewalls by reviewing logs, maintain ACLs (access control lists), network trends providing future security recommendations to protect the network from malware, viruses, Trojan horses, preventing users from using P2P applications, support VPNs, Radius authentication servers, proxy server software such as Websense and Brightcloud webpage filtering service, as well as using the ACC (Application Command Center) to analyze traffic patterns and trends to make recommendations to the clients. With this tool, I can show traffic percentages of P2P, web browsing, voice, and other applications to show the clients. I used Riverbed CACE to perform network performance analysis.
- Perform vulnerability assessments audits on devices on the wired and wireless networks using Nessus auditing tool and provide audit reports to the system administrators and system owners as well as provide guidance on how to achieve successful audit results with mitigations. Perform tests with Metasploit and other penetration testing tools. Custom settings are used for Linux, Windows, VMware, SQL servers, public facing websites, working with PKI secured sites, Confidential 8500.2 STIG compliant policies to be loosely based on a NIPRnet network to provide a secure CND (Computer Network Defense). The systems are keeping in compliance with MacAfee EPO/HBSS acting as a HIPS agent, working in conjunction with the antivirus software.
- Troubleshoot and assist the network operations and engineering team with repairing network related issues, optimizing WAN traffic, escalating issues to the network security hardware vendors to work with their support engineers, providing network diagrams.
- Review firewall and IPS security system logs with Splunk log management for unauthorized access attempts into the network which is wired and wireless topology. Confirm finding by using multiple investigation tools to avoid false positive events, such real time network scans, reviewing logs in real time, and providing results in a reports to management and system owners for action to remove the devices. These logs can also assist me with performing diagnostic testing to identify if a service is running at optimal levels.
- Personally responsible for designing, engineering and implementing a NMS (network monitoring) Solarwinds solution to monitor over 4000 nodes over satellite modem links with ICMP, SNMP, WMI, and custom MIBs or scripts from a network performance and availability stance as well as to give different internal IT groups (security, systems operations, network engineering, NOC, satellite modems, wireless groups) real time status of their devices. Working with different group managers to get their operational requirements was performed as well as evaluating different vendor solutions and working with vendor’s staff. These tools to allow the groups’ managers and personnel to troubleshoot their issues more effectively, perform network analysis, alerts and notifications to appropriate personnel, as well the ability to more accurate reporting to management.
- Working with Confidential SPAWAR to ensure the CMMI process is followed in relations to security practices and changes planned on the operational network and work with Confidential corporate networks to assist in the Certification and Accreditation Process by complying with Confidential 8500.2 IA controls to get a MAC (mission assurance category) level site certification through the Confidential process and STIG complaint. This process is ongoing and will require auditing the organization for baseline IA controls through interactions with the system owners and audits performed on certain systems, as well as performing ASIs (authorized service interruptions), system engineering and implementation of security or networking projects.
Network Security Auditor Consultant
- Working as a (SME) Subject Matter Expert in information assurance, advised and trained the IAM (Information Assurance Manager) and other personnel in the implementation and troubleshooting of Fortigate firewalls, IPS, HBSS, Hercules Remediation server, Retina vulnerability analysis, wireshark, nmap, disaster recovery procedures, and Active Directory. This duty also involved writing descriptions and justifications for products for the purchasing manager for the military procurement process.
- Architected security plans and documented the implementation of the Fortigate firewalls, IPS, Hercules Remediation server, network monitoring software Solarwinds suite using SNMP utilizing MS SQL server as a backend database, network traffic analyzer, configuration management, ip address manager, log consolidation and analysis.
- Working as Subject Matter Expert in networking and network security implemented and troubleshot Confidential layer 2 & 3 switches, vlans, VPN issues, designed future network projects that involved new core switches and Confidential Confidential TACACS+ server along with enforcing SSH as well as creating a STIG compliant baseline configuration with non-compliant services turned off, and best security practices based on the Confidential, manufacture’s documentation such as Confidential and Fortigate, and SANS.
- Working with Confidential Communications School in a Military and a Confidential environment, preparing for the network infrastructure as a whole to complete the Confidential process by following Confidential requirements such as Gold Disk audits and manual implementation, Confidential 8500.2 IA controls, and preparing the needed documentation for the Xacta process.
Confidential, San Diego, CA
IT Auditor/Penetration testing
- Working within a Confidential environment of the NMCI network with the Confidential Company supporting Marines and the Dept. of Navy’s intranet by performing Information Assurance security IT audits for Certification and Accreditation of projects in development or that are being submitted to be certified for Confidential process for NIPRnet and SIPRnet networks.
- Working with networking devices from Confidential switches, routers, IPS, IDS, firewalls, HBSS, TACLANE encryption hardware, Linux/Solaris, and Windows virtual VMware image and real workstations and servers the Certification Testing & Evaluation process and performing IT audit on the equipment, penetration testing, searching for vulnerabilities in the configuration and OS or firmware.
- Creating reports with Eeye Retina, Gold Disk, Xacta, Wireshark and other tools, explaining in detail to the client groups about the exploits found through Remedy ticket systems, and help them research the vulnerabilities, and mitigate them correctly so the solution will be certified in a future scan.
Sr. Security Penetration Tester
- Performed wireless site surveys with Confidential Spectrum Expert to troubleshoot 2.4 and 5.8 spectrum. Giving advice on AP placements, lowering interference sources, configuration of wireless controllers, performed wireless security site surveys.
- Performed security penetration testing on network equipment and servers using SAINT security tool checking for vulnerabilities and performing exploits on specific systems.
- Consulted with remote projects on Confidential products such as Confidential Confidential firewalls, IPS, NAC and Confidential servers, security on switches and routes and other products such as wireless systems in pre-sales calls.
- Consulted on remote projects about best practices and give professional estimates on project deadlines to be given to the project manager, other engineers and the customer.
Confidential, Cypress, CA
Sr. Network Security Implementation Consultant
- Installed hardware and software such as Confidential appliance, a monitoring system with support of PCI compliance, combined with Confidential Security Manager (CSM) to manage switches, routers, PIX, Confidential Confidential firewalls, AIM SSM IPS modules and other Confidential devices, setup for role-based access for a granular control of the Confidential devices, configured different types of VPNs. Tuning of the IPS signatures to create an accurate alert log of attacks. Many of the devices being implemented are going to live production networks some with NAT/PAT, ospf, rip, bgp, and other routing protocols.
- Configured, installed with advance features set, and troubleshot hardware of many different Confidential models of switches, firewalls, IPS modules, routers, stackwise switches, wireless LAN controller (WLC), wireless control system, these processes include IOS upgrades and data migrations projects.
- Administered Network Admission Control (NAC) of out-of-band and in-band which authenticates with Single Sign On (SSO) with AD server using validation rules that were configured, installed and configured Confidential Security Agent and server to check for security policies such as no unauthorized USB devices. Also implemented Confidential with Radius/TACACS+ with some projects using RSA Securid tokens.
- Implemented a large wireless network using access points, WLCs, Confidential and WCS to administer wireless devices securely with protocols such as EAP TLS, WPA TKIP, and authenticating to the Confidential, perform wireless site surveys.
- Design and create implementation plans for the hardware and software applications, and providing documentation and Visio diagrams for the plans. There is a need to work cohesively with many different types of clients in different industries, working independently, technical project lead, or part of the technical team for different projects simultaneously and working on project critical deadlines.
Sr. Network Administrator
- Oversee network operations of the FOBHUB and the supported Forward Operations Base (FOB)s, developing network practices to be adopted by the team, implementing security on devices, resolving issues together with the satellite communication (SATCOM) WAN/Promina team, Army battalions 25th, 335th, Unmanned aerial vehicle (UAV)s units, 82nd Airborne, other military clients, dealing with NIPRnet, SIPRnet, Centrix on network issues, assisting them in ASIs maintenance windows that concern the FOB network connectivity or security, working with Satellite WAN links using Satellite Radyne modem dmd20, IGX phone switch troubleshooting, streaming video, using Symantec Antivirus server, in a 24/7 environment. Ensure information assurance and vulnerability policies developed by the military follow the DITSCAP/ Confidential process.
- Assisting FOB personnel and FOB Hub junior team members with implementing tasks regarding networking, network security, WAN/LAN administration such as vlans, TACACS+, access lists, ip subnetting, EIGRP, class maps, Confidential device logins, Confidential Voip phones, DNS, Windows server and MS Exchange administration, creating documentation and Visio diagrams.
- Prepared lesson plans and SOP (standard operating procedures) for my team members for troubleshooting scenarios for the current environment with editing done to for troubleshooting scenarios for the current environment.
- Monitoring with Solarwinds, SNMP server, and Spectrum server and perform troubleshooting of Confidential routers and switches, serial interfaces with Prominas switches, Confidential Content engine, Websense, connectivity of servers and workstations, developing Confidential hardware/IOS upgrade/network planning.
- COMSEC key material changes and troubleshooting, military hardware encryption such as KIV-19, KIV-7 bulk and Taclanes KG-175, software encryption, cryptography, Confidential VPN networks and Pix firewall requests and troubleshooting, gre tunnels, and SSH, MAC address security and other security measures on the Confidential devices, and DISA security procedures, using Harris Stat and ISS Internet Scanner.