TECHNICAL SKILLS

• AWS WAF
• AWS Shield distributed denial - of-service (DDOS) service
• Google Cloud Platform (GCP)
• Google Cloud Armor cloud security
• Google Cloud Armor WAF
• Imperva Incapsula cloud WAF
• Imperva SecureSphere WAF
• Akamai Kona WAF Site Defender cloud security
• Akamai Site Shield origin defense
• Akamai Content Delivery Network (CDN) cloud environments
• Akamai Luna Control Center cloud security management
• F5 ASM WAF
• Kubernetes
• Bind & SSL Labs
• Qualys vulnerability vulnerability scanning & threat management
• Zed Attack Proxy Project (ZAP) web application security scanner load balancing, application delivery & application security
• F5 LTM, GTM, Cisco, Nexus, Alteon, Juniper routing & switching
• Cisco CSM and F5 migrations n prem and cloud public key infrastructure (PKI)
• Cisco ASA, Pix, FWSM, Juniper SRX firewall, Arcsight, Splunk

PROFESSIONAL EXPERIENCE

Cloud Security Engineer

Confidential, San Jose CA

Responsibilities:

• Configure AWS WAF web ACL’s
• Configure AWS WAF conditions
• Configure AWS WAF rules
• Configure AWS WAF actions
• Configure Google Cloud Platform
• Configure Google Cloud Armor DDOS Defense
• Configure Google Cloud Armor IP deny/allow lists
• Configure Google Cloud Armor Rich Rules Language
• Configure Google Cloud Armor Geo-based Access Control
• Migrate cloud hosted web apps from Imperva Incapsula WAF to Akamai Luna CDN & Akamai Kona WAF
• Test Akamai Luna changes using local host file entries prior to cutover from Imperva Incapsula
• Configure Akamai Luna cloud property groups, cloud property hostnames & cloud edge hostnames
• Configure Akamai Luna cloud CP codes
• Activate Akamai Luna cloud staging & cloud production property group versions
• Configure Akamai Luna cloud content compression
• Configure Akamai Luna cloud static content criteria & behaviors
• Configure Akamai Luna cloud dynamic content criteria & behaviors
• Configure Akamai Luna cloud performance & behaviors
• Configure Akamai Luna cloud custom rules
• Create Akamai Kona Site Defender cloud security configurations
• Tune Akamai Kona Site Defender WAF cloud security policies
• Configure match target criteria for hostnames in Akamai cloud
• Configure Akamai Kona Site Defender WAF DDOS mitigation

WAF Engineer

Confidential, Atlanta GA

Responsibilities:

• Act as the lead F5 WAF architectural, engineering & operational subject matter expert for the Bank
• Complete operational, engineering & architectural F5 ASM WAF changes
• Direct application owners & software developers how to onboard their web apps into application firewalls
• Analyze the application firewalls and their interactions inside and outside the Bank from all sides
• Allay WAF related concerns posed by project management, executive management & technical staff
• Make sure necessary conditions are in place to ensure successful application deployments into F5 ASM WAF
• Provide incident response guidance for mitigating security incidents
• Perform and communicate analysis of intrusion events
• Provide threat analysis to application teams as requested
• Notified the SOC whenever there was WAF functionality impact

Lead WAF Security Engineer

Confidential, Chicago IL

Responsibilities:

• Migrated F5 ASM WAF policies to Imperva SecureSphere
• Opened F5 ASM WAF & Imperva SecureSphere WAF technical support cases
• Configured Imperva SecureSphere Operations Manager (SOM)
• Configured Imperva SecureSphere Gateways
• Reconfigured WAF devices to allow traffic blocked by false positives
• Review F5 ASM security policy settings
• Attend regular WAF operational, architectural & engineering meetings
• Deploy web applications into Imperva SecureSphere
• Tune Imperva SecureSphere WAF web application profiles
• Remove applications from Imperva SecureSphere Management Server
• Create Imperva SecureSphere MX server groups, profiles & web applications
• Mitigated zero day attacks using Imperva SecureSphere & F5 ASM
• Updated WAF attack signatures
• Managed certificates for F5 and Imperva devices
• Tuned F5 ASM WAF and Imperva SecureSphere WAF policies
• Write environment specific F5 WAF operational documentation
• Ensure the WAF protects against zero day vulnerabilities as they are discovered
• Drive all technical aspects of the adoption of F5 ASM web application security
• Taught Security Operations Center (SOC) engineers web application security log analysis
• Define the WAF configuration standards, best practices, and approaches that should be taken
• Configured payment card industry (PCI) web application security safeguards

F5 ASM WAF Engineer

Confidential, Atlanta GA

Responsibilities:

• Provide training to F5 ASM WAF project management
• Follow up with F5 ASM technical support staff for support issues
• Create technical plans necessary for successful F5 ASM WAF deployment
• Provide senior technical leadership regarding F5 ASM web application firewall engineering
• Make recommendations to stakeholders regarding the varying WAF configurations possible
• Trained security engineers how to operate WAF devices
• Provide technical guidance to all levels and groups of leadership and technical staff
• Suggest web application firewall process improvements
• Explain advantages and disadvantages to stakeholders of the varying WAF configurations possible
• Give direction to app owners regarding their app's F5 ASM onboarding
• Direct application testing for comprehensive policy learning
• Communicate with application owners and project management regarding potential F5 ASM issues