SUMMARY:

CCNP and currently in the process of obtaining the CCIE. I have a strong passion for various network security devices and concepts. My long - term goal is to design and advise on network security solutions for enterprises. Some of my short-term goals are to progress in network and security-based technologies. I bring a solid work ethic, excellent troubleshooting skills, great written and verbal communication skills to effectively interact both internally/externally, and the ability to learn quickly in a fast paced environment.

EXPERIENCE:

Security Engineer

Confidential, Richardson, TX

Responsibilities:

• Design distributed deployment of ISE technologies including policies, s, 802.1x, guest access for wired and wireless solutions
• Implement 802.1x using EAP-MSCHAP and EAP-TLS for secure enforcement and accountability into enterprise network
• Analyze authentication flow by validating EAP and RADIUS flags at point of AAA transaction
• Configure various wired and wireless network authentication devices including switches and WLC for EAP and RADIUS communication on behalf of the client
• Deploy external authorities in ISE so that various system s can be enforced including EAP authentication and deployment trust
• Integrate Active Directory and LDAP servers with ISE so that central user and device database can be retrieved for ISE to use as criteria for AAA enforcement
• Ensure various probes are tuned based on design criteria in order to authenticate and authorize endpoints and devices accordingly
• Make use of TACACS+ device administration policies to define privilege level and permissions of network administrators and groups
• Deploy MAB for use with wired and wireless URL-redirects to guest portals which will CoA the newly profiled guest to its corresponding authorized access policy
• Ensure various logging techniques including reports, live logs, and syslog remote targets like Splunk are operating as expected
• Troubleshoot deployment replication scenarios from PAN, MnT, and PSN nodes
• Troubleshoot ISE backend sqlplus database via root and update stale entries accordingly
• Validate CPU/memory/disk/processes within ISE to ensure system is operating as expected
• Isolate potential faults in the network by means of ISE built-in tcpdump, NAD debugs, and endpoint Wireshark captures
• Utilize endpoint debugs, ise-psc.log, ise-prrt.log, and various other logs for determining root cause of issues with implementations and outages
• Integrate ISE with Confidential DNA and NGFW via pxGrid network for Trustsec SGT and SXP dynamic enforcement of network-based user authorization
• Utilize virtualization technologies such as vSphere in order to deploy various versions of ISE code ranging from 1.3 to 2.6
• Diagnose, interpret, find, and write bugs based on defects identified in ISE troubleshooting so that fixes may be implemented in subsequent releases

Security Engineer

Confidential, Grapevine, TX

Responsibilities:

• Make use of various Confidential ASA network tools including packet captures and packet-tracers to determine the ingress/egress relationship with various applications
• Design, implement, and verify Confidential Catalyst switching technologies including access/trunk links, VLAN assignment, 802.1Q Trunks, RSTP, MST, HSRP and EtherChannel
• Make use of switch troubleshooting methodologies including interpretation of mac-address tables, ARP tables, VLAN assignment, Trunk status, port-channel aggregation, and CDP
• Design, implement, and verify Juniper static, OSPF, BGP, Prefix List and Redistribution of routes to identify preferred next-hop communication per source or destination IP address requirements
• Make use of route troubleshooting methodologies including interpretation of internal OSPF, EIGRP, and BGP routing protocol requirements
• Analyze Layer 3 neighbor, topology, routing tables, and route maps for dynamic protocols in order to isolate the root cause of specific routing anomalies
• Determine gateway of last resort and review NAT policies applied to inbound and outbound communication
• Design, implement, and verify IPSec VPN operation based of Phase 1 and 2 internal mechanisms
• Design and implement Citrix Netscaler load balancing configuration for communications that require VIP, RNAT, and SSL technologies
• Apply nstcpdump packet sniffers to Citrix Netscalers to validate communication flow
• Implement and troubleshoot Confidential ASA management mechanisms including Syslog, SNMP, AAA, NTP, and remote access
• Analyze Confidential firewall enterprise ACLs to ensure that each rule is accounted for based on each applications design goals and requirements
• Design and implement OSI layer 1-4 connectivity for various applications including Active Directory, Threat Response, NTP, and Tufin
• Administer Tufin users and auditing processes for numerous Confidential Firewalls and their corresponding ACLs
• Make use of central management tools designed to provide auditing, provisioning, and compliance reporting
• Write scripts for various network devices based on design requirements for new and existing network and system applications
• Perform process change management providing configuration, verification, and back-out statements to be executed in corresponding change windows
• Peer review configuration, verification, and back-out statements scripted by colleagues
• Collaborate via in-person, outlook, and WebEx with project management and colleagues on various migration and implementation installments

Senior Security Analyst

Confidential, Denver, CO

Responsibilities:

• Provide consultation in network security for clients to secure their networks ranging from SOHO to large Enterprise
• Make use of TCP/IP networking skills to execute network troubleshooting in order to isolate and diagnose network problems varying from basic computer anomalies to firewall, routing, IPS, and IPSec VPN challenges
• Configure, manage, and implement unified threat management (UTM) devices and a large variety of other network products (Fortinet UTM’s, Confidential Switches, Confidential Routers, Confidential ASA, Modems, and Access Points)
• Design, implement and troubleshoot wireless network access and security including authentication, band, channel, and DHCP pool allocation
• Make use of Backbone Network Equipment such as Splunk, Windows Servers, WhatsUpGold, and IPSec VPN Concentrators
• Configure and mange FW, IDS/IPS, IVS, NAC, Encryption and a variety of other security appliances and software
• Troubleshoot WAN and LAN technologies to ensure various devices and technologies can effectively communicate securely
• Avert social engineering attacks against client and protect their CDE (Credit Card Data Environment) from potential breaches
• Enforce and comply with policies, procedures, and security practices while performing network security administration in environments conforming to PCI-DSS v3.0
• Analyze both logged traffic flow and real time flow to uncover root causes of issues arising from unknown factors with limited information
• Employ command line interfaces for various Fortinet, Confidential, Windows, and Linux Devices

Technical Adviser

Confidential, Denver, CO

Responsibilities:

• Probing to get information on the issue to isolate potential causes in order to narrow down the specific cause and achieve resolution through verification
• Provide the best customer experience possible while multitasking to ensure the issue is resolved accurately within SLA
• Analysis of the issue at hand to provide precise documentation in order to communicate effectively to team members the present issue at hand and to provide legal support
• Ensure security of customer information and accounts are met using factors of authentication
• Troubleshooting iPads, iPhones, iPods, Macs, Windows, iTunes
• Experienced with Network Configuration, Finder, Safari, Spotlight, System Ps, Jabber, Wi-Fi connections, Mountain Lion, Yosemite
• Experience with Network Configuration, Command Prompt, Net Bios, Control Panel, Administrative Tools, Disk management, Windows Explorer, Wi-Fi connectivity, task manager, Windows 8, Windows 7, Windows Vista, Windows XP, Outlook, Microsoft Word, Microsoft Excel