- 10 + years of experience performing Network Operations and Support including troubleshooting LAN/WAN environments.
- 7+ years performing network security support and engineering.
- Extensive experience with Checkpoint firewalls (splat, Gaia and ipso).
- Experience with Juniper NetScreens/SRX firewalls, Palo Alto firewalls, Tipping points.
- 3+ years of experience working with Cisco routers and switches (Cisco IOS) and with various network management tools.
- 2+ years of experience using the “zero trust network architecture” in building, designing and maintaining PCI compliant environments and devices.
- In - depth understanding of the different components in a zero trust network approach such as the segmentation gateway, centrally managed console, explicitly defined RBAC, MCAPs, DAN and a DAV
- Strong working experience with various Operating Systems including Microsoft, Linux Red Hat, Ubuntu, and Free BSD.
- Experience with solar winds as well as multiple customized tools in different client environments.
- Bilingual - fluent in French.
Tools: Symantec Endpoint Security, McAfee EPo, McAfee HIPS, Godaddy SSL s, verisign s, SecureAuth 2-factor authentication, f5 load balancers, Checkpoint IPS, Checkpoint SSL VPN, Juniper SSL VPN, Checkpoint Identity awareness, LDAP, SIEM Qradar log collector, Nessus/Coal fire Vulnerability Scanners, SecureCRT, Juniper NSM, Solarwinds, Ciscoworks, TippingPoint IDS, Citrix Netscalers, Wireshark, pcaps, SecureCRT, Juniper Clusters, Checkpoint HA clusters, Palo Alto clusters, Proxy servers, f5 Big IP.
Sr. Network Security Engineer
- Configure and support Cisco, Checkpoint, SonicWALL, Palo Alto, Juniper, Crossbeam, Tipping Point, and McAfee IPS.
- Solid understanding of TCP/IP protocol stack and experience with various network protocols
- Integrate information security solutions into existing enterprise networks and troubleshoot complex network issues
- Develop, test and roll-out of new service lines
- Implement security protocols and design concepts
- Support Linux/Unix Operating System and Enterprise level firewall.
- Discuss technical requirements for contracted services with customers.
- Implement security devices on customer’s network according to their specification and change control windows. This includes the configuration and installation of firewalls, IDS/IPS, log collection appliances, etc.
- Assist in the creation and maintaining of provisioning tools and automation scripts.
- Research new security products.
- Create and deliver provisioning to peers and SOC personnel.
- Lead and contribute to projects of varying scales such as upgrades, migrations and new offerings.
- Mentor new and existing Provisioning Engineers and provide on new service lines as needed.
- Interact and worked with different vendor R&D teams to build and test new fixes and patches.
- Build and maintained different log monitoring/gathering and finger printing tools such SIEM Qradar, SDAs and Eventia suite.
Senior Network Security Engineer- Team Lead
- Provided technical leadership to the enterprise for the information security program.
- Extensive knowledge in reviewing security logs for potential intrusion detection, true/false positives and DDOS attacks.
- Build and maintained a zero trust PCI compliant network using vendor technologies like Palo Alto next generation firewall and checkpoint FW-1 security suites.
- Configured, installed and maintained security infrastructure, including Firewalls (Checkpoint R65, R71, R75, R76, R77, Juniper and Palo Alto), routers, switches, IPS, IDS, VPNs, Qradar log management, and security assessment systems.
- Supported provider-1 and VSX (R65, R71, R75, R76, and R77)
- Assessed threats, risks, vulnerabilities and emerging security issues.
- Published security updates newsletter for technical groups.
- Drafted enterprise security standards and guidelines for system configuration.
- Managed process and acted in the lead role for computer security incident response team.
- Performed and created procedures for system security audits, penetration-tests (coal fire), and vulnerability assessments.
- Developed scripts to maintain and backup key security systems.
- Recommended preventive, controls to ensure the appropriate level of adherence to the goals of the overall information security department.
- Participated in forensic analysis and recovery
Datacenter Network/Operations Engineer
- Rack and stack of UCS, Quads, switches and console routers.
- Installed, rebuilt and troubleshot UNIX base UCS.
- Troubleshot various network issues.
- Troubleshot VLAN related issues with different departments such as NOC.
- Troubleshot complex network environments.
- Supported Checkpoint firewall versions such as: NGX65, R70, R71, R75 etc.
- Experience with clustering high availability and load sharing.
- Experience with site to site and remote access VPNs.
- Supported LDAP and Identity awareness.
- Supported IPS, IDS and URL filtering.
- Installation and upgrading of all versions of Checkpoint firewalls.
Server Build Engineer
- Assisted in the design and maintain LAN &WAN and troubleshoot IP protocols.-
- Experience with IPSEC site to site VPNs, SNMP based monitoring systems.
- Experience with Confidential custom build ticketing system.
- Experience with Microsoft, centos, Red hat, Ubuntu and Free BSD operating systems.
- Performed cabling and patching network cables (straight through, cross over).
- Maintained multiple Checkpoint firewalls
- Configuration, design and installation of Checkpoint firewalls for multiple locations
- Implemented extended access list, NAT, EIGRP and on Cisco routers.
- Initial configuration, installation and management of Arrow Point load balancing devices.
- Building, racking and stacking of servers and other network equipment.
- Troubleshoot all IPMI and network connectivity related issues.
- Port speed upgrades on network devices.
- Investigated Raid and Temperature alerts on network equipment
- Troubleshot network connectivity issues such as DNS, WINS and DHCP.
- Setup and managed internal DNS server running BIND 8 on Linux red-hat 5.2.
- Performed and managed system backup using Backup Exec on production systems.
- Installed external storage raid servers for corporate and production use.
- Collected and generated weekly statistical data for company executives and network management.
- Provided hardware and software support to corporate users and IT staff.
- Experience with racking and configuring Cisco routers (26xx, 28xx, 36xx, 38xx) and switches (29xx, 35xx, 37xx)
- Monitoring campus networks.
- Experience with client OS such as VISTA XP & windows 2007.
- Experience with server 2003 AD & group policies.
- Experience with computer hardware (Rams, motherboards) and racking up severs.
- Working knowledge of Red Hat Linux (installation, group policies).