A Security Engineer with 27 Plus years of professional IT experience, 19 yrs specific to security. Primary purpose of advocating for security, privacy and compliance criteria within the company's global technology environment. Goal of enhancing the overall security posture of customers, systems and users. Providing network, systems, security experience, knowledge, and solutions in a system and network - diverse environment protecting confidentiality, integrity, and availability of information and information systems.
Hardware: Palo Alto PA Firewalls, Arbor Networks Pravail DDoS appliances, Cisco ASA, Tipping Point IPS, Juniper Netscreen/SSG/SRX Firewalls, Juniper Secure Access, Bluecoat Proxies, Sourcefire IDS/IPS, Various Dell, Compaq, IBM & ChatCom Wintel Servers, Nokia IP 440/530/380/330 , 710, Avaya G3 PBX, Intuity Audix, Enterprises servers/workstations, HP K-Class, Auspex File Servers, FDDI ring, Cisco 2500, 3000, 4000, 4500 & 7000 series routers, Cisco AS5200 & Shiva Lanrover, Cabletron & Bay Network Hubs, Nortel/Cisco VPN, Baystack switches, Digital StorageWorks, Symbios, & Clarion Disk Arrays, Quantum DLT4000 & 7000 Tape Jukeboxes, VAX 11-780/730/8250 , DEC Alpha 4000 & 5000 workstations, HP 712/60 & 382 workstations, HP-1000/9000 Unix servers, various vender PC’s, Apple Macintosh.
Operating Systems/Networks: RSA Envision, Juniper Junos, Symantec/Vontu DLP, Netscreen ScreenOS, Nokia IPSO, Checkpoint NG/NGAI/NGX, Windows 2003/2008/NT 4.0/2000/XP/ME/98/95, Windows Terminal Server NT 4.0/2000/2003/2008 , Citrix Metaframe 1.8/XP, Citrix Winframe, Citrix Nfuse 1.5/1.6, Cisco PIX, Gauntlet & Raptor Firewalls, HP-UX 10.x, Solaris 2.x, RedHat Linux,,MS-DOS, VAX/VMS, Digital Unix, NeetWare 3 & 4, LAN/WAN networks, Cisco IOS, TCP/IP, Ethernet, AppleTalk, SNMP, WINS, DHCP, DNS, NIS+, NFS, Sendmail.
Software: WatchTower SNMP, Tumbleweed Email encryption, McAfee Foundstone Analysis, Nokia Horizon Manager, Blackberry Enterprise Server, Lucent CVUIS, MS SQL 7/2000, Oracle 7/8 for NT/Unix, RightFax, ObjectFax, Great Plains, ADP Payroll, Tivoli, HP-OpenView, SunNet Manager, Optivity, CiscoWorks, SNMPC, MSOffice 97/2000/XP/2003, MSExchange 4.0/5.5/2000 , MS IIS 4.0/5.0, Apache, Veritas BackupExec, Legato Networker & ArcserveIT Backup Software, JDEdwards ERP, Sophos, Sybari, Panda, Trend, Norton & McAfee Antivirus Enterprise, Norton Ghost, Autoinstall, Snort, MRTG, CiscoWorks, ISS Real-Secure, Snort, Websense, SurfControl, Tipping Point, Snort, various security/audit tools, Scriptlogic, Qwest Spotlight, ipMonitor, Big Brother, SiteScope, VNC, PCanywhere, Java, html, Learn Link Distance Learning, Netscape Enterprise Internet/News Servers, various PC & Macintosh software.
Expert Security Engineer/Team Lead
- Involved with design, implementation and operational support of new and existing firewall deployments and projects related to modifying existing infrastructure and migrations.
- Applied Next Generation technology to better protect and control internal and external traffic using, UserID, App ID, Threat Security profiles, global protect, and URL filtering, leveraging new NGN environment.
- Acting Team lead on project migrations of firewalls from Checkpoint to Palo Alto, with a team of 10 other engineers.
- Provide SME day-to-day operational support for Checkpoint, Palo Alto and Juniper/Netscreen firewalls using Panorama and Smart Dashboard.
- Manage and implemented firewall policies using FireMon/Tufin/Algosec Security solutions to ensure proper security across policies.
- Asset with daily operational support, with dedicated IDS/IPS Cisco Sourcefire solutions along with Palo Alto Next Gen Treat/AV solutions.
- Provide design, architecture, evaluation and implemention of security products related to the firewall infrastructure.
- Assist with daily operations and troubleshooting, policy creation and migrations for Bluecoat and Cisco Ironport proxies to Palo Alto URL Web content solution.
Confidential, Dodgeville, WI
Sr. Security Engineer
- Responsible for design, implementation, and operational support of Juniper SRX Firewalls, Palo Alto Firewalls, Cisco ASA Firewalls, Akamai WAF, Junos Space and Palo Alto Panorama Firewall Management.
- Provide management of SourceFire 3D Intrusion Prevention systems thru out the enterprise infrastructure.
- Manage, deploy and provide operational support of Arbor Pravail DDoS appliances?
- Provide design, implementation, and support of RSA Data Loss Prevention suite within the Enterprise.
- Maintain Enterprise log management using RSA Envision SIEM for detection of potential threats. Analyze events and make recommendations to management, and mitigate discovered threats.
- Assist Threat Management for the enterprise by performing vulnerability assessments, accessing risks, investigated incidents, from emerging security issues providing mitigation and forensic analysis, with tools such as Nessus.
- Part of a team that provides development of security strategies, roadmaps, and architecture standards and operation procedures.
Confidential, Columbia, MD
Sr. Security Engineer
- Responsible for architecting solutions, deployments, and operation support of Juniper Netscreen/SRX Firewalls, Netscreen Security Manager, Checkpoint NG/NGX and Palo Alto firewalls.
- Responsible for architecting solutions, implementation, and operational support of enterprise IPS/IDS systems including HP/TippingPoint IPS, Juniper IDP, Checkpoint IPS and Sourcefire 3D.
- Provided Threat Management for the enterprise by developing and performing vulnerability plans, assessments, accessing risks, investigating incidents, and remediation from emerging security issues to ensure compliance during auditing periods, with tools such as Nessus, Beyond Security, Nexpose, and Metasploit
- Implement and maintain various Juniper VPN solutions (IPSEC/SSL) for clients & associates.
- Implemented and maintain log management using ArcSight SIEM, Juniper STRM, Cisco MARS to detect threats and potential risks. Analyze data from these events to make recommendation to all levels of management, and to mitigate discovered threats.
- Responsible for architectural design, deployment, and operations of Cisco, and Bradford Networks, Network Admission Control (NAC).
- Implemented, and administer Bluecoat Web Content filtering Proxy for all locations.
- Performed implementation and support of F5 Big-IP LTM/GTM devices for system load balancing.
- Responsible for overall support of Symantec Endpoint Protection, McAfee EPO Anti-Virus, and Cisco Security Agent (CSA).
- Designed and implemented various end-point security solutions such as Tripwire, Pointsec encryption, and application white listing from Bit9.
- Designed, implemented and provide operational support of Symantec/Vontu Enterprise Data Loss Prevention solution to protect corporate confidential data.
- Provided backup to Network Engineer with basic maintenance of Cisco network switches and routers.
- Lead the development of security strategies, security roadmaps, architecture standards and operational procedures.
- Performed evaluation, prioritizing, recommended various security technology for management to assist with budgeting, purchasing thought the year.
- Developed various SOP’s, training, guides to help with mentoring of junior staff for day-to-day security operation tasks.
Confidential, Owings Mills, MD
Sr. Network Security Engineer
- Responsible for architecting solutions, deployment, and day-to-day support of Network Security Infrastructure of multi-layered defense devices, to include Checkpoint//Nokia/Juniper SSG firewalls, Netscreen Security Manager, Tipping Point IPS, Bluecoat proxies, email encryption, VPN, SSL VPN, vulnerability systems, SEM, anti-virus, and SNMP monitoring.
- Perform vulnerability assessments, access risks, investigated incidents, from emerging security issues providing mitigation and forensic analysis.
- Provides Security consulting services to various groups in order to review hardware/software architectures for potential risks, as well as develop solutions for new projects. Work with Business and IT groups to ensure project goals and deadlines are met without introducing risk into the environment.
- Provided test, development, deployment, and research in support of hardware/software of the security infrastructure.
- Perform troubleshooting of TCP/IP connectivity through security devices by performing network traces, tcdumps, snoop, analyzing data and implementing resolutions.
- Implemented and maintained log management using Arcsight SEM to detect threats or potential issues. Analyzed data from these events to make recommendation to all levels of management, and to mitigate discovered threats.
- Implement and maintain various VPN solutions for vendors, clients & associates.
- Assisted in the design, implementation, and maintenance of controls, procedures, and policies to ensure confidentiality of electronic systems.
- Responsible for design and migration to Juniper Netscreen SSG500 series firewalls from Nokia/Checkpoint.
- Deployed NSM (Network Security Manager) for management of Netscreen firewalls.
- Responsible for deployment and management of approx. 35 NS-5GT firewalls for remote telecommuters.
Confidential, Laurel, MD
Manager of Information Systems / Sr. System-Security-Network Engineer
- Manage the design, planning, implementation, configuration, & administrative maintenance for a continuously evolving & growing Customer Care Center heterogeneous network infrastructure, both for local and remote locations.
- Responsible for managing a support staff of 8 to provide administrative support of a Windows NT Domain consisting of over 60 NT 4.0/2000/HP-UX/Solaris Unix/Linux servers in support of file, print, thin client, email, intranet, extranet, backup, SQL/Oracle database, fax, Lucent CentreVu Services & remote access services for over 1800 users.
- Act as corporate Network Security Engineer by developing, implementing & maintaining various network security solutions to ensure corporate security, to include corporate wide Checkpoint Firewall’s, VPN, desktop management security, virus/spam/content protection management, and network security intrusion detection systems.
- Authored local implementation & support of various Network solutions to include Windows 2000, 2000 Terminal Services with Terminal Server Advanced Client & Citrix Metaframe 1.8/XP, Nfuse, Clustered Exchange Servers, Enterprise backups, HP Openview Network Management, Blackberry, Fax, and various Web Server solutions.
- Provide implementation, configuration, installation and maintenance support of various Cisco Routers & Bay Network Switches, within the local & wide area network environments.
Confidential, Baltimore, MD
Lead NT Systems Administrator
- Solely responsible for providing installation, configuration, consolidation & administrative support of a Windows NT Domain consisting of over 25 NT 4.0 servers in support of file, print, thin client, email, intranet, backup, distance learning & remote access services for over 900 users across a wide area network.
- Responsible for installation, upgrading, & administrative support of a Thin Client architecture consisting of a 18-server farm running Microsoft Windows Terminal Server & Citrix Metaframe 1.8.
- Implemented & maintain software solution to provide asset, virus & software distribution management.
- Responsible for system administration & configuration support of MS Exchange 4.0 & 5.5 environment.
- Perform server system implementation & support of company’s JDEdwards ERP package.
- Assisted in configuration, and maintenance of Cisco Routers, switches, and firewalls within the WAN environment.
Confidential, Rockville, MD
Computer Systems Administrator
- Solely responsible for the migration, integration, configuration & administrative support of Windows NT workstations & servers into the existing network environment.
- Provided system administration support of a heterogeneous environment consisting of Windows NT, Solaris, Digital Unix, Linux, & Macintosh platforms for over 200 users.
- Responsible for the integration, configuration, maintenance, and support of the company's backup architecture.
- Provide administration, & support of Storage Raid configurations of over 450GB's for NT/Unix platforms.
- Assist with configuration and maintenance of Cisco & Bay network Switches, Hubs, & routers.
- Utilize HP Openvue, SunNet Manager & Optivity Management Software to provide high availability of the network.
- Responsible for maintaining Cisco Pix/Gauntlet Firewalls for perimeter network defense.
Confidential, Leesburg, VA
Computer Systems Administrator
- Provided installation, configuration, and maintenance of Cisco Routers for the LAN.
- Maintained 60+ UNIX Sun Sparc 20 workstations running Solaris 2.x, with an Auspex File Server.
- Provided system administration, account maintenance, backups, system configuration, logging and maintenance.
- Assisted with support of Clarion Storage Raid solution of over 100GB's.
- Utilize Tivoli Management & HP OpenVue products to provide high availability of systems.
Confidential, Rockville, MD
UNIX/NT Systems Specialist/Satellite Network Controller
- Maintained multiple HP workstations running HP-UX 9.1 & PC-Linux over a Wide Area Network.
- Installed, integrated & maintained multiple Windows NT workstations with existing UNIX workstations.
- Provided system administration, user support, system configuration, and wrote scripts to automate tasks.
- Responsible for control access & restoral of TVFM, TDMA, VSAT, Voice, Data, and Video transmissions.
Confidential, Ft. Meade, MD
Senior Computer Systems Analyst
- Responsible for the operations, maintenance, and configuration of multiple HP Defense Satellite Communications Network Computer Control systems over a Satellite based Wide Area Network.
- Applied scientific engineering theories, methods, and techniques in the investigation and solution of complex software, hardware and network analysis problems.
- Performed back-ups, software integrity checks, and system calibrations, technical analysis of secondary equipment.
Confidential, Glen Ellyn, IL
Assistant Production Manager/Programmer
- Applied data conversion techniques to disk based conversion equipment, customizing the system software.
- Managed and participated in digitization of printed material using intelligible optical character recognition scanners.
- Developed and applied desktop publishing techniques to maintain image integrity.
- Developed, installed, and maintained Local Area Network comprising of NetWare 3.0, Windows.