Professional Systems, Cyber, Network, Enterprise Security Engineer with over 15 years of experience with extensive knowledge, excellent instinctive problem solving, and decision - making skills. Specialize in redundant services, SIEM active continues monitoring of HIDS, IDS, security audits, assessment, remediation, vulnerability analysis and management. Excellent ability to support a complex enterprise Cloud and On-Prem data center infrastructure environment, covering all aspects of enterprise infrastructure security, vulnerability scanning, assessment, remediation, policies and procedure, SIEM active continuous monitoring, network administration and support on hardware and software, such as AWS cloud services, Cisco ASA firewall & FirePower Management, Checkpoint & Juniper firewalls/IDP, Fatpipe & Silver Peak WAN traffic optimization devices, F5-BigIP and Fortinet Coyote load-balancer, LogRythm & Alien Vault SIEM monitoring and analysis, Cisco AMP & Kenna malware vulnerability assessment, Nessus and Qualys scanning, Aerohive wireless, 3cx VoIP, IP-Sec site-to-site and client VPN services. Competent in reviewing security architecture and design documents to ensure consistency, accuracy and compliance with the articulated security posture and industry standards and requirements. Comfortable with technical elements of network security and design, including TCP/IP, firewalls, routers and switches. Hands on experience in IT security administration and in-depth knowledge with TCP/IP addressing including CIDR VLSM, SUBNETTING and LAN/WAN technologies. NIST (rev 4) guidelines review in implementing security controls and systems hardening for improving security posture. Built home lab on Kali Linux, passion for newer cutting-edge technology in IT security, penetration, and web application security.
Confidential, Rockville, MD
Sr. Cyber Security/Infrastructure Engineer
- Managed and provided support on corporate and AWS cloud network infrastructure environment, covering all aspects of network security, switching, routing, content management, wireless, VoIP services, SIEM monitoring & analysis, site-to-site and client VPN tunnels using devices such as Cisco ASA 5525x, 5512x, 5506x, Checkpoint management server and 4800 firewall appliances, Fatpipe & Silver Peak WAN traffic optimization devices, F5 Big-IP 4200 & 3200 and Fortinet Coyote load-balancer, Cisco Cat 4500, 3850, 3750 & 2960 switches, Cisco CSR 1000, 3900 & 2960 routers, Aerohive Wireless, 3CX VoIP system,, Radius, Dyn DNS, LogRythm, Alien Vault and etc. Work in a team environment in managing day-to-day operations of configuring and troubleshooting corporate and client project locations site-to-site VPN tunnels and AWS cloud services. etc.
- Performed network devices and systems scans using Nessus and Qualys vulnerability scanners. Coordinated teams in recommending remediation and system hardening.
- Reviewed and audited firewall rules set and configuration to clean up rogue devices, consolidate redundant rules and tighten inbound and outbound traffic flows.
- Worked with other team members in reviewing security controls applicable to CNSI infrastructure environment using NIST guidelines.
- Utilized security monitoring tools, such as LogRythm SIEM, Cisco Firepower management server, Cisco AMP and Umbrella for security protection, monitoring and assessment.
- Led the team meetings on ticketing system updates and issue status reporting.
- Led a successful project of migrating security infrastructure devices from Checkpoint appliances to Cisco ASA 5525-X series devices including firepower module services in a high availability active/standby configuration.
- Led the effort in moving web content resources from public-facing servers to behind Coyote content management services for web applications and URI redirects. Web resources were moved from public-facing DMZ network to a private DMZ network to make internet inbound access more secure.
- Led the effort in configuring and implementing site-to-site VPN tunnels between CNSI corporate sites and AWS environment using IPSec policy-based and BGP route-based connections.
- Configured and provided support on secure access to AWS resources from Corp sites using AWS security services such as WAF, routing tables, security groups and NACL.
- Designed and implemented AWS transit VPC architecture solution for secure VPN access between Corp sites and various AWS VPCs to overcome AWS limitation of communication between on-prem and AWS resources using Cisco CSR Routers zone-based firewall solution.
- AWS Direct-connect 1-GB circuit services acquisition and implementation.
- Experience is Infrastructure Provisioning and Management with Cloud Formation. Installation, configuration and administration of packages for EC2 instances using Systems Manager. Prepared recommendations for reserved instances of existing EC2 instances based on the cloud watch CPU and Memory metrics from CloudWatch. Design roles and groups for users and resources using AWS Identity Access Management (IAM).
Confidential, Reston, VA
- Led the effort and provided support on Security modernization project
- Configured, collected, and analyzed firewall rules and objects data using Firemon security manager for traffic analysis and rule cleanup.
- Analyzed Solutionary ActiveGuard logs for vulnerabilities assessments. Performed QualysGuard scans and analyzed reports to identify security vulnerabilities and recommended appropriate measures for suspected systems.
- Provided admin support and troubleshoot services on Juniper SA platform for SSL VPN remote access.
- Prepared and documented Checkpoint firewall alerts implementation plan for performance monitoring and real-time alerts notification on WhatsUp monitoring system.
- Checkpoint firewall infrastructure upgrade from SPLAT R75.20 to Gaia 77.30 version on an open hardware platform in an enterprise-level multi-site high availability environment.
- Updated Firewall manual with admin tasks, troubleshoot commands and tips.
Confidential, Washington, DC
- Member of the operations security team. Responsible for managing and maintaining, upgrading, monitoring and providing support on Checkpoint firewalls, Checkpoint Endpoint VPN, Web Gateway proxy and PKI approximately 80 plus firewalls and VPN appliances enterprise infrastructure.
- Act as a lead in conducting periodic reviews of Checkpoint firewall policies rule base for rules consolidation and cleanup in coordination with stakeholders. Automated and manual tools were used to make devices act more efficiently in processing traffic flows.
- Participated in security incident response team activities, provided and implemented tactical risk mitigation to incidents.
- Worked with other team members to review security architecture and design documentation to ensure consistency, accuracy and compliance with security posture and industry standards.
- Actively protect the availability, confidentiality and integrity of customer, employees and business information.
- Provided administration and support on McAfee Web Gateway Proxy for content filtering and internet access to headquarter, remote site offices and VPN client users.
- Perform installation and configuration of enterprise-level Checkpoint firewall cluster and VPN appliances with various Checkpoint operating systems (Checkpoint 1, 2200, 1100, IP290, IP-390, IP-680 and UTM Edge appliances).
- Prepared detailed procedural documentation for firewall upgrades, implementation and testing.
- Day to day activities included by not limited to an extensive use of Checkpoint Smart Console suite (version 76 & 77.20) to manage policies and rule base of security control points, device mapping using NAT, object management, routes and other administrative tasks.
- Used troubleshooting applications and tools such as Checkpoint SmartView Tracker, SmartView monitor, Wireshark, TCPdump, Traceroute, Solarwinds, Netscout and Checkpoint command line utilities to identify and provided resolution to VPN circuits and all kinds of other firewall related connectivity issues.
- In support of BLS wide VPN technology, managed Checkpoint Endpoint secure management E80.50 system for secure client connected policy changes and implementation to workstations and laptops full data encryption and secured authentication to Windows Active Directory and other network resources on local and remote access.
- Provided support on Entrust PKI infrastructure system for BLS secure remote VPN two factor client authentications per government standard.
- Provided instructions and troubleshoot users’ access with firewall client and RSA SecurID authentication in accessing web application resources.
- Perform weekly backups and storage of Checkpoint management servers and firewall configurations. As a member of firewall security team, responsible for performing daily performance status report on all security devices.
- Worked on network device migration and provided support on HP, Cisco catalyst and Nexus switches.