OBJECTIVE:

To obtain employment in an organization where I can maximize my skills and experience in service design and engineering of IT security systems.

SUMMARY:

• Bluecoat Proxy web content filtering and Bluecoat management director.
• Bluecoat Security Analytics (Solera).
• Radware CID (content inspection director), APPXcel and Alteon.
• Checkpoint Firewalls and Provider - 1 Multi Domain Systems. (Checkpoint Certified Security Admin.)
• Palo Alto Firewalls and Panorama Management software.
• Cisco ASA Firewalls.
• Watchguard Firewalls.
• Cisco Networking Principals and MPLS environment.
• PCI compliance information security requirements and implementation.
• TCP/IP protocols and applications.
• Layer 3 routing protocols (EIGRP, RIP, etc.)
• Layer 2 switching and VLAN concept.
• Wireless Network design and security.
• Windows Active Directory installation and management. (2003 & 2008).
• Microsoft Exchange server implementation and management (2003 &2007).
• OSI model concept.
• VMware ESXi and Microsoft Hyper - V Virtual Environment.
• Microsoft access databases and Visual Basic programming.
• Retail operation and retail technologies.

PROFESSIONAL EXPERIENCE:

Confidential

Cyber Security & Threat prevention Engineer

• Provide engineering and design for web content filtering, content inspection and malware protection services. .
• Utilize existing or create new process documentation appropriate for the technologies and services being transitioned into production.
• Certification testing and construct test cases and plans.
• Provide engineering peer reviews.
• Perform pre-deployment UAT and Lab testing for new services. Provide high level and low-level design documents to implementation team. Support and verify successful transition of services into production.
• Engage in various projects as cyber security and threat prevention resource and provide engineering solutions and designs.
• Support escalation calls and provide guidance to resolve production issues.
• Performed pre-deployment tests and created certification documents for following platforms and releases:
• Bluecoat ProxySG 6.5.6.5.
• Bluecoat Security Analytics 7.1.10.
• Bluecoat director 6.1.9.
• In collaboration with GlS (Global Information system), leaded the engineering efforts to review, audit and optimize existing proxy rules and policies, and also outline and define a global standard for proxy polices and configurations.
• Provided high level and low-level engineering design to deploy and integrate Radware Alteon devices in browsing environment.

Confidential, San Francisco, CA

Network Security Engineer

• Review the technical design of the solution proposed by internal security team.
• Design & implement the solution of Bluecoat proxy, checkpoint and Palo Alto Firewalls, and SourceFire.
• Create and deliver documentation that outlines the technical implementation, configuration. (Technical Document Specification, Pre-Deployment test, Deployment Plan)
• Provide best practices recommendation to the team when required.
• Participated in Internet Access Gateway Optimization Project and activities including upgrading and optimizing security gateways in 17 sites worldwide.
• Provided technical documentation and deployment plan for bluecoat director upgrade and high availability, Palo Alto firewall and Panorama upgrade and Websense web filter to bluecoat web filter migration.

Confidential, Chicago, IL

Network Security Engineer

• Working with other members of the team on migration of current Bluecoat proxy and checkpoint firewall platforms from Confidential Network to CapitalOne Network.
• Implementation of Bluecoat Proxies into CapitalOne environment from scratch.
• Joining crisis calls to troubleshoot any issues that arise as well as participate in helping with the separation of credit card network from Confidential Network.
• Supporting the current separation activities and helping to build tunnels and connections to new partners.
• Creating checkpoint policy files containing security and NAT rules based on new security requirements and Infosec requests.
• Supporting business as usual activities and troubleshooting any connectivity issue related to checkpoint firewalls and bluecoat proxies.
• Supporting and controlling the internetwork connectivity between Confidential Network and Capitalone using Palo Alto firewall technology.
• As a member of Network engineering team, successfully migrated the credit card network security infrastructure from Confidential network to CapitalOne Network.

Confidential,El Segundo CA

Level II Security Systems Engineer

• Provide support in life service security and network solutions (Checkpoint, Bluecoat, Cisco ASA)
• Troubleshoot customer problems within security and network domain.
• Review, advise and implement firewall and proxy changes in line with security policies and change control process.
• Produce checkpoint policy files containing security and NAT rules from scratch based on customer security requirements.
• Accurately log, update and close event management tickets in a quality and timely manner as per the documented processes and take the required corrective action where quality issues are identified.
• Undertake regular capacity management and security breach reports in line with agreed customer requirements.
• Produce and support firewall policies, functions and configuration to allow implementation of customer projects.
• Review incident & change queue and ensure tickets are reviewed promptly to meet agreed SLA’s.
• Handled the highest number of change and incident tickets within Global SOC in month on July.
• Attending the checkpoint training, taking the CCSA exam and obtaining the CCSA certificate.

Confidential, Carson CA

S y stems and Network Engineer

• Design and Implement a security infrastructure with emphasize on firewall, web content filtering, Anti Malware and Anti-Spam solutions.
• Provide a Network Security Design to meet the PCI Data security standards and protect the card holder data.
• Implementation, Design and supporting company’s Windows Active directory environment.
• Implementation, Design and supporting company’s E-mail system (Exchange 2007 with 250 mailboxes)
• Design, implement and manage WiFi connectivity in 25 retail locations.
• Performing quarterly internal vulnerability scans and addressing reported vulnerability issues.
• Coordinating the external vulnerability scans with a third party vendor and addressing any reported vulnerability issues.
• Collecting and organizing documents and evidences which can be presented as the proof of compliance during PCI audit.
• Designed and implemented company’s firewall solution and SSL VPN using checkpoint and Watchguard technologies.
• Designed and implemented company’s Web content filtering and monitoring solution.
• Implemented a VLAN configuration to segregate and protect the POS subnets.
• Involved in two PCI audits which led to obtaining ROC (Report of Compliance).
• Designed an automatic Internet connection redundancy using dynamic routing.
• Migrated company’s AD environment from windows 2000 AD to windows 2008 AD in two different phases.
• Migrated company’s e-mail system from exchange server 5.5 to Exchange server 2007.
• Implemented a secure WiFi connectivity in 25 retail location using 802.1 x authentications technology.