SUMMARY:

• As a 30+ year IT Professional I have worked for both Large and Small Industry Customers; from being a Sailor in the US Navy, a Network/Security Engineer with Intel, to a Cyber/Security Engineer working for Honeywell. Along the way I’ve been involved with the changes in technology diversity to the adherence of Standards supporting Infrastructures falling under NERC - CIP, FIPS, HIPPA and PCI-DSS Regulatory Compliance requirements each uniquely has. The evolution of what is a Network and how best to apply Security controls necessary to meet a Company’s needs has kept me involved in a large variety of environments enabling me to succeed at every opportunity.
• My background has prepared me to bring a level of Excellence that simply put, exceeds all others. By maintaining a broad depth of knowledge, not focusing 100% on a single technological area, I feel enables me to be more useful all around to an I.T. Team. I would want you to consider this as plus.
• I have as part of my background skills that go beyond the traditional requirements of the job to position us to strengthen not only the Infrastructure areas that need improvements but that will allow me to help with your Teams developmental goals.
• I am looking for the right opportunity that will enable me to be a Team level contributor, when needed, as well as to take a more active role in Team Development, Project Management and Process/Document improvement.

HARDWARE NEW TECHNOLOGIES:

• Cisco; Nexus, UCS, Firepower, Meraki.
• SDWAN; Viptela
• Sophos UTM; SG & SX firewalls
• VDI; VMWare View 6.0 & WorkSpot
• ITIL Based Management tools: SharePoint, ServiceNow, JIRA
• Monitoring tools; SolarWinds, Nagios, What’s up Gold
• SIEM Applications; Splunk & others

EXPERIENCE:

Confidential, Phoenix, AZ

Sr. Network Security Engineer

Responsibilities:

• Assigned primarily to the Network Team but also help with Security assessment and compliance to help drive Completion of numerous CIP activities and Projects identified as being needed from a resent PCI-DSS Compliance Audit.
• Currently working to complete several large scale re-work PCI-Segmentation Projects, with tasks including:
• Completing the implementation of Nexus 7K Cores with multiple VDOMs for Segregation of functions to pairs of 5K’s with multiple FEX connected 2Ks. This work is a parallel effort at both the Global Data Center location as well as the smaller DC at the Head Quarters location in Scottsdale.
• Tasked specifically with managing environment migrations of legacy network segments off Cisco 5585 ASA’s to new Fortinet Forti-gate firewalls.
• Work with Perimeter implementation of new Palo Alto UTM Firewalls for VPN, Vendor segments, UTM functions for the Security Team as well as newly planned internet circuits to augment existing MPLS WAN Circuits for Corporate traffic.
• Implemented new a Fortinet based Wireless solution w/Forti-gate Firewalls as the WAP Controllers.
• Assisting with Design Architect work for both the Network and the Security Teams so as to lead these Projects and help mentor the Teams.
• Completion of a Vipron-F5 Chassis deployment with leads to work migrating off individual ltm’s for internal VIP services is ongoing; to augment the ltm’s for exexternal VIP ltm’s.
• Work with developing road maps to transition Web services to a new AWS cloud service recently stood up and the migrations of Core service as well as working on the scope requirements for a forecasted DR component to be off-site.

Confidential, Scottsdale, AZ

Sr. Security Engineer & Administrator

Responsibilities:

• Currently working to lead the highly skilled Team of Firewall Engineers contracted to help CVS prepare for their up-coming PCI-DSS & HIPPA Compliance Audits.
• This work requires the management of allocated man-hours and the coordination of schedules with teams/individuals across multiple geographic sites & time zones.
• Key roles include but not limited to;
• Managing the Team of (7) Engineers work load to ensure that tasks assigned stay on track with the PMO’s schedule.
• Helping as well to complete the review/validation/mitigation of the existing 50K+ rules that cover the CVS Global Infrastructure.
• Performing analysis of the rules to determine which meet PCI and/or HIPPA Compliance.
• As SME work with a select group of Team members to partner with CVS Application Owners to develop and document each Application’s Communication flows.
• Developing Change Control work for items identified as either not compliant within their crafted nature or rules that violate Compliance.
• Implementation tasks associated with the CC RFC’s developed, with minimal impact to the 24-7 operability of the CVS Caremark Lines of business.
• Follow-up work includes performing IOS up-grades where devices are below N-1 with their current revision.
• Assisting with hardware refresh of soon to be EOL Cisco ASA 5K mode firewalls with newer ASA 5K-X models.
• This work will require site resources to help as “Remote-hands” to install/replace the units and help ensure that the pre-configured configurations restore service as normal for the specific sites.

Confidential, Scottsdale, AZ.

Network & Security Administrator

Responsibilities:

• As the Network and Security Admin had sole responsible for all aspects of Enabling and Securing the Networks. These included (2) Office locations and (2) Data Center locations.
• Completed a network re-design of both the Core/Distribution layer at the Primary Data Center location and the DR location to improve on redundancy and throughput between Application and Database systems that were previously segregated which posed a latency issue.
• At the Office location; Implemented a Distribution layer for separation of segments and changed out Access layer hardware that was non-Enterprise Category equipment so that development effort and general office Applications performed at expected levels.
• Wearing dual roles was responsible for all of the Day-to-day activities.
• Monitoring Networks performance and resolving issues seen or reported as well as keeping the Environments secure.
• Developed continuous improve plans necessary to EOL older hardware and did the implementations to replace & expand the infrastructures needs.
• As the Security Administrator my Primary focus was to prepare Confidential for their first independently administered Info-Sec/HIPAA Compliance Third-party Audit.
• Preparations for readiness included Internal & External PEN Testing be performed.
• Results enabled me to perform Mitigation activities to Firewalls & Routed networks.
• The following Tasks were instrumental to Confidential receiving a highly Successful Grade awarded & favorable Report findings delivered to the Honor Health Executive Staff and IT Management.
• Creates over 30+ different Policies & Procedures to align the Confidential Infrastructure elements with General Info-Sec Guidelines (NIST CyberSecurity Framework based) and for HIPAA compliance to align with the (3) areas; Physical, Administrative and Technical.
• Developed an auditing methodology used for performing assessments of the Info-Security state of Systems and Applications.
• Continuously monitoring of Logs and Firewall rule-sets were performed to determine if further improvement was needed; to better lock-down the Systems Infrastructure.
• Perform a final PEN test on Systems both vulnerable to Internet access as well as Critical Internal Database Systems known to hold ePHI information.
• Developed procedures to be used for add/move/change requests; thru the use of a create/schedule/review Change Control Board forum.
• Created a Change Request Template to mirror Changes created in ServiceNow.
• Implemented an ITIL based Change Control Implementation Plan review process.
• Helped prepare for a migration of Helpdesk Ticketing solution to ServiceNow.
• Continuously monitors Cyber Security Blogs and Agency awareness sites to maintain current view and understanding of malicious activities on-going that might effort the Security posture of the environments.
• Follow recommended up-grades procedures and ensure that appropriate patching needs are implemented to mitigate Vulnerabilities noted.

Confidential, Phoenix, AZ.

Sr. Network Security Engineer

Responsibilities:

• As a Senior Consultant my Roles and Responsibilities could change and/or be driven by the needs of the Client or a Specific business unit. I held multiple re-occurring roles and had to remain flexible to meet all requests depending on those needs.
• My key role outside of performing implementations and escalation support is to lead initiatives that enable TBC to gain additional customers thru development of defined core service offerings.
• As the Platform Architect for firewalls and associated layer 4-7 type appliances; I perform product evaluations, develop implementation plans and product support transition documentation.
• The need to align Product offerings against current Regulatory Compliance was always a TBC consideration.
• Special considerations were taken to ensure Products and Solutions were in adherence with PCI-DSS, HIPPA and FIPS Compliance.
• Work also includes being a key Network role in what hardware platforms TBC selected to standardize on while keeping these in line with the technology offerings in the following key areas; as a Service.
• Network Infrastructure.
• Security vulnerabilities Assessment and Detection.
• Virtual Desktop Infrastructure
• Software Defined WAN technologies.
• Participating in the proof of concept review & product testing.
• Developed the process documentation work for deployment steps.
• As Lead development Engineer for Level 1 & 2 Engineers and Operations Team staff.
• I spend as much time as was needed as a Mentor both technically and professionally to help define day-to-day workload requirements.
• Helped with Implementing a Ticketing tool (ServiceNow) for helpdesk, asset and Change Management.
• Worked with PMOs to allocate L1 & L2 Engineers for Project/task management.
• Created developmental training curriculum as needed to instruct team members on support roles related to monitoring and first level support task work.

Confidential, Phoenix, AZ

Network Architect

Responsibilities:

• As the Lead Network resource my primary role is to help define the resource roles needed for which Projects, as they vary from Project to Project.
• Develop and Manage resources tasked with completing the various LAN/WAN network designs, WAN/Cyber Security designs, product and process solution selections and continuation support for escalated case issues.
• Performs WAN Voice/Data optimization and analysis implementation procedures; and the support role documentation for technology integration.
• Lead as the SME the Engineers associated with product Sales & Marketing teams looking to introduce new clients or solutions required to gain new clients.

Confidential, Phoenix, AZ.

Sr. Network Security Engineer

Responsibilities:

• Responsibilities include but are not limited to review and validation of Cyber Security designs as well as Support for Customer using Honeywell Solutions for their Automation facilities PCN (Process Control Network) solutions and for their sites Security infrastructures.
• Performs product analysis, test and implementation documentation for technologies integration.
• Reviews Cyber Security assessments for Confidential compliance.
• Performed the analysis needed to make remediation and/or mitigation recommendations of the Customers Infrastructure against known vulnerabilities.
• Helps to maintain Government regulatory compliance for add/move/change processes.
• Key primary role as 3 rd level escalation technical support for Honeywell’s Global TAC centers for both Honeywell and customer related issues.

Confidential, Phoenix, AZ.

Cyber Security / Network Engineer

Responsibilities:

• A member of Confidential (Open Systems Services) as a Network Security Engineer working within the Confidential group as a consultant to customers that are in the automated manufacturing business that use Honeywell’s applications to manage their process.
• Responsible for implementation and customer support for their PCN and their site Security/Network infrastructures by performing network analysis and any add/move/change support work required.
• Performs Cyber Security assessments for Confidential compliance and the analysis associated to determine if there is the need for immediate change to mitigate vulnerability.
• Provides general process, procedure documentation and training curriculum development tasks associated; as needed.

Confidential, Scottsdale, AZ.

Network Security Engineer

Responsibilities:

• Work involved designs, implementations, add/move/change.
• Responsible for edge Security product test & evaluation; with follow up implementations into Production.
• Performed break-fix for the Phoenix Metro area corporate office, Call center, and Developmental Hosting as well as Production Hosting Data Center environments.
• Strong use and understanding of Cisco layer 2 switching, layer3 OSPF and BGP (w/MPLS), layer4 FWSM’s and ASA Firewalls as well as CSS/CSM/ACE Load balancer.
• Network related activities include; Project management of Data-Center build-outs, RFI/RFP development for new solutions and ITIL Change management process improvement/documentation development.