OBJECTIVE:

Improve, reduce cost and initiate solutions in IT using my technical knowledge and management skills. I have a deep passion for areas of information security / information assurance.

PROFESSIONAL EXPERIENCE:

Confidential, Southfield, MI

F5 security administrator and DC network technician

Responsibilities:

• Solved 103 catalog tasks, 45 change tasks, 65 incidents, 24 network tasks per Service - now
• Worked in network and load balancer queue
• Created network, security, 3rd party rack inventory and diagrams
• Solved F5 issues during disaster recovery datacenter exercise
• Huge ammount of work in clearing, sorting and arranging datacenter and racks
• Fixed IDF racks and 2 branch offices
• Worked in Solarwinds Orion, InfoBlox IPAM, CyberArk Pass Vault, Venafi Cert Authority
• Configed F5 LTM in 4 environments
• Configued VIPs, pools, members, iApps, certs
• Clarified and created cabling color standard and labeling standard
• Fixed problems from previos generations in datacenter and storage
• Suggested multipe improvements with solutions, new persective to improve data center

Confidential, West Bloomfield, MI

System administrator

Responsibilities:

• Providing security visibility with SIEM Qradar, Security Onion
• Utilized security tools Nessus, OpenVAS, Qualys, Retina Community, Metasploit, Rapid7 Nexpose to recognize vulnerabilities and implement fixes.
• Provide weekly & monthly critical updates
• Providing security utilizing Mic. NPS, Cisco ACS and ISE (AAA, Guest Access, policy, profiling)
• Deployed and managed Checkpoint R77/R80 cluster solution with different blades
• Reviewed CheckPoint firewall cluster with regulatory compliance for ISO 27002 and NIST
• Designed, installed, configured, maintenaned and administrated CheckPoint Firewall, Secure Platform Installation including GAiA
• Implementation and troubleshooting regular firewall connectivity issues L2 and L3 issues
• Hold experience on latest Checkpoint vendor products and in a distributed environment
• Drafted and installed Checkpoint Firewall rules and policies
• Design and creation of firewall diagram using MS-Visio
• Performance tuning in checkpoint firewall using multi-queue, coreXL and secureXL.
• Complete rename of all firewall objects and rules
• Regularly performed firewall audits around CheckPoint Firewall
• Firewall implementation, firewall management, network management and troubleshooting connectivity, routing, and configuration issues with routers, switches, firewalls
• Installing, Upgrading and configuring (Checkpoint) firewall
• Manage enterprise equipment to include: addition, modification and/or deletion of firewall rules
• Rebuilt and maintained the demonstration lab with software solutions from CheckPoint
• Migration of firewall rules from Cisco ASA to Checkpoint.
• Troubleshooting of network connectivity and established firewall rules.
• Utilizing Netflow, VOIP, QoS, VTP/STP, DHCP, DNS, Internet Security
• Deployed cluster solution and managing VMware ESXi solution with vCenter managing platform
• Deployed and managing Cisco CUCM and Unity solution for local branch office of 10 phones
• Deployed and managing iSCSI and NFS storage solution
• Managed all aspects of network (Cisco routers, SSL VPN, Cisco PoE, HP/Dell gigabit switches, Cisco Wi-Fi AP, terminal servers, UPS, Cisco Umbrella)
• Managed server farm of 55 virtual servers (Mic. AD, Exchange, helpdesk, monitoring, security)
• Configured Palo Alto FW (IDS/IPS, traffic-shaping, threat forensics, IPS, VPN, app. control)
• Configured Cisco ASA FW (IPS, SSL VPN, threat detection, cluster, statefull packet inspection)
• Deployed monitoring solutions Cacti, Nagios, SolarWinds & PRTG
• Configure, secure Win, Linux - CentOS, Red Hat, FreeBSD, Ubuntu) & 15 network devices
• Adding Splunk search heads for multiple indexers, used Hot, Warm, Cold buckets for indexing and searching of the data,
• Created Splunk saved searches, event types and macros, reports, scheduled searches, alerts & dashboards, maintaining apps
• Deployed and using Splunk, SumoLogic, Papertrail, Graylog & syslog-ng for data collection

Confidential, Van Buren Township, MI

Edge VPN OPS Automation Team Leader

Responsibilities:

• Managing team of 13 direct reports on global level for 93 F5/Cisco/Juniper SSL VPN for Confidential (GE) businesses with over 41,000 concurrent users and across employees globally in world
• Evaluating CheckPoint Threat Intelligence Report for top attacks and breaches
• Meet or regular basis with Checkpoint account manager for GE presenting new features.
• Continue to work in security field and collaborating with several other IT risk teams.
• Backup of Zscaler global team leader (GE Web Content Filtering)
• Providing support of 6 SafeNet Network HSM (ex Luna SA) servers for encryption key safety.
• Using Ansible in F5 APM networking space and preparing for EX407.
• Working on F5 APM solutions, Cisco ASA, Juniper SA solutions in IPSEC / SSL area.
• Reaching 75 % technical L3/4 resource during my work hours.
• Owns Problem Management for VPN in ITIL framework.
• Accomplishing 80% favorable survey for VPN solution.
• Each month delivering 1 automation job.
• Reducing changes by automation for 20 % from RITM to CHG.
• Working with different team on DLP solution in VPN space
• Evaluating and testing Palo Alto firewall
• Utilizing PMP knowledge and Agile in daily work
• Working with ISO/IEC 2700x specifically with 27033-5
• Evaluating “Strategic Intelligence Update” for Aviation/ Energy/Financial/Health and Transportation regarding breaches, compliance & laws
• Following with US cert vulnerabilities & Alerts
• Evaluating logs for PII and assessment in accordance with NIST (log management)
• Performing yearly audit for company ISO 27002 & FISMA (NIST SP r4) regarding global VPN concentrators
• Working with OPS tools like ITIL service-now, IPAM, ScienceLogic EM7, Splunk, NetQoS lanscope, spectrum, HPNA, MRTG, workfront, slack, github, scalr, relic, tableau, trello, skype for business, padlet, yammer, Jabber, Sococo, Skype for Business, GitHub, Box, Confluence
• Created Splunk searches, email reports, dashboards, driving mgmt. of team Splunk apps
• Monitoring global VPN Concentrators thru Splunk dashboard for all syslog alerts

VPN OPS Service Manager & VPN OPS team leader

Responsibilities:

• Managed team on Global level for F5 APM SSL VPN for Confidential (GE) businesses with over 41,000 concurrent users and across employees globally in world.
• Continue to manage team of Juniper/Cisco L2 and L3 teams with total of 21 people and 2 offshore leaders
• Successfully patched servers when vulnerabilities were found like CVE
• Successfully transition VPN OPS support from several vendors to one vendor providing better ADIR and P50 INC resolutions.
• Successfully transition OPS responsibility from Juniper VPN to F5 VPN APM
• Worked on daily basis with IT risk compliance changes and CVE, worked on SOC2 compliance, help built remote access control standards for VPN space
• Led team who implemented 280 VPN changes in 2015 and 445 in 2016 with 100% FTR and compliance.

Network projects lead and VPN run team leader

Responsibilities:

• Continude to manage team of Juniper L2 and L3 teams with total of 21 people
• Led backup process for Internetworking devices: all types of firewalls, IPS, proxy and load balanc.
• Helped with transitioning all internetworking devices from one vendor to another and assisting with new cloud proxy solution
• Worked on analyzing and improving proactive automation standards
• Implemented PMP and Lean six sigma ideologies into assigned projects
• Worked actively on IT Infrastructure Library (ITIL) as incident, problem, change, config. & release mgmt.

VPN Network OPS team lead/Tier 4 support

Responsibilities:

• Managed 2nd world biggest implementation of SSL VPN solutions for Confidential (GE) businesses with over 22,000 concurrent users and across employees globally in world.
• Managed team of L2 and L3 with total of 21 people
• Supported diverse GE business lines and VPN services
• Worked actively on satisfying several security audits and their compliance
• Worked actively on IT Infrastructure Library (ITIL) as incident, problem, change, config mgmt.
• Improved work instructions and statements for work standard operating procedures
• Troubleshooted as Tier 4 level 50 Juniper SA 6000/6500 SSL VPN devices

Confidential, Troy, MI

Sr. Security / network engineer

Responsibilities:

• Familiar with CheckPoint Provider-1 R-65 (MDS) and CMAs for 6 world-wide regions with additional Provider-1 as redundancy and 2 separate logging modules (servers) for DHL customer
• Managed 4 Checkpoint NGX R-60/61 firewalls (creating rules, groups, VPNs) plus 6 NGX R62/65
• Managed 2 CheckPoint SmartCenters (Security Management Servers) R-60 for firewalls
• Achieved SAS-70 Type II (ISAE 3402/SSAE) for audited networks in company
• Worked with Qualys vulnerability management and policy compliance solution, including Splunk
• Maintained and configured 11 Juniper firewalls including ISG-2000 with virtual firewalls
• Managed and configured 4 Juniper SSL VPN appliances (SA-4500 & 4000) for TSNA and ATS customers and with NSM worked on Cisco FW solution with DMZ server plus VPN access, clusters for Internet, DMZ
• Managed one reverse proxy BIG-IP F5 for Internet sites
• Managed three McAfee Web gateways/proxy with URL/Anti Malware/SSL and FTP Web threats
• Designed and implemented Wi-Fi with 2 controllers AIR-WLC & 21 AIR-LAP1242AG
• Maintained 171 Cisco equipment

Confidential, Troy, MI

Network technical team leader

Responsibilities:

• Oversaw all aspects of network including policies, audits, physical and logical security controls, as well as staff education to ensure the adequacy of network best policies

Confidential, Auburn Hills, MI

Sr. Security / network engineer

Responsibilities:

• Maintained 350 devices (5400 users) at 56 sites (routers, switches, VPN, ACS, IDS, AS)
• Configured firewall rules on 6 Cisco firewalls & 8 BIG-IP F5
• Configured and maintained Riverbed Management Console 8000 and Stealhead 5520
• Managed 4 Adonis DNS servers (external, internal)

Confidential, Farmington Hills, MI

Network engineer

Responsibilities:

• Managed Voice and LAN for 2000 users at 2 geographic locations (Arizona and Michigan) 135 switches, managed 30 Wi-Fi Access Points

Confidential, Auburn Hills, MI

Network Technician

Responsibilities:

• Troubleshooted VoIP, Cisco routing/switching problems and Microsoft issues

Confidential

Network associate

Responsibilities:

• Improved functionality at LAN/WAN infrastructure, designing, planning and implementation network devices and solutions, Checkpoint, Cisco Call Manager, Cisco FW solution, etc…

Confidential

System administrator

Responsibilities:

• Finished training to lead platoon, led platoon in daily training regarding physical preparation, communication, strategies