PROFESSIONAL EXPERIENCE

Confidential

Sr. Network /Security Engineer/SME

Responsibilities:

• Manage the TxDMV Enterprise Network Infrastructure include Network Security Operation
• Manage the TxDMV Security Devices (Cisco, Palo Alto Firewalls, Panorama, Skybox, ESA)
• Manage/define/maintain the TxDMV Security policies to assure the Infrastructure is robust
• Providing the SME to the TxDMV Network Infrastructure
• Receive and manage escalations from other teams as well as various monitoring tools involving service - affecting issues.
• As needed, implement approved routing policy changes/corrections to mitigate points of traffic congestion on the network due to planned or unplanned incidents.
• Troubleshoot, isolate and correct service-affecting issues on the network in areas including but not limited to: routing protocols, routers, switches, firewall administration, BGP,EIGRP, OSPF VPN
• Providing the assessment of the live TxDMV Enterprise Network Architect and deployment include CORE, 16 Regional Service Centers, 254 Counties, 515 Counties Offices, 2 Local Data Centers and IDFs
• Identifying the Root Cause of the Network/Security issues (major/minor) within the current deployment
• Documenting include Diagrams with plan of actions to improve the current designs/configurations
• Training the TxDMV Network Specialists II, III and IV on any Root Causes and solutions of the break/fix
• Providing presentation of the Deployments, configurations of the Regions and Counties Network.
• Providing analysis of the VoIP TxDMV Infrastructure
• Using the Palo Alto logs with other tools to monitor and perform threat hunting and report immediately to the Manager.
• Oversee and provide guidance in troubleshooting and solving complex network problems related to TxDMV incident and problem calls, and in the processing of service requests and tasks.
• Oversee performance tuning and capacity planning activities to enhance the performance of the network resources. Responsible for the upgrade, configuration, reliable operation and installation of Local Area Network (LAN), Wide Area Network (WAN) and Network Security
• Develop, analyze, and maintain system design procedures, documentation, test procedures, and quality standards. Recommends systems technology solutions for TxDMV enterprise-related hardware and software standards.
• Supporting the TxDMV Network Team to deploy the Network gateway for the RTS and Internet for every new County.
• Response quickly to any escalation requests via verbal or tickets.
• Coordinating with all the TxDMV Vendors for on-going projects.
• Participate with the State Engineer/ Partners to troubleshoot and resolve the Major Incident
• Assist the Enterprise to Hunt any threats in the Network to identify the Infected Endpoint(s) and provide immediate action to prevent the Identified Endpoint(s) to have conversation to the Malicious World by build the Security rules on the Firewall Edges
• Develop and provide analysis of custom reports using Panorama ACC & Custom reports features
• Response to any technical emergencies to restore the services.
• Providing on-call support after hour.
• Audit firewall rule base and identify specific remediation actions based on the following criteria:
• Unused rules, overly permissive rules and rules not adhering to client firewall rule policies.
• Plan, coordinate, and execute modifications to client's firewall rule base in a production environment without causing adverse impact to the enterprise.
• Work with internal teams to validate the proposed changes, coordinate testing, and ensure that our rules are configured to permit least privilege.
• Utilize our internal firewall policy management and logging tools to ensure our risk scores improve and our changes are non-impactful.

Confidential

Sr. Network Security Engineer/Cyber Security Fusion Centre

Responsibilities:

• Certificates - Public and Internal cert creation
• The task is strongly weighted toward firewall policy management.
• Mange Stateful and Next Generation Firewalls Cisco, Palo Alto and Checkpoint
• Establish a good working relationship with the customer’s network and Identity/Access teams.
• Execute changes for network, firewall, VPN, remote access technologies, as well as web content filtering.
• Administer Cisco security equipment, ensuring policies are efficiently managed to maintain optimal performance, and maintain the rule base as concisely as possible.
• Conduct periodic policy reviews, consolidating rules into groups, removing unused rules, ensuring that over-broad rules are reduced to the least access necessary, and that general firewall management is conducted according to customer and Confidential policy and best practices.
• Participate in change control/change management, reviewing and scheduling changes to reduce operational and IT security risks, ensuring configurations are managed within customer standards and best practices.
• Support after hours change windows.
• Support break fix activity on an on-call basis, performing incident triage, assignment, and necessary mitigation efforts.
• Ensure effective access control policies and procedures for VPN access are maintained.
• Provide regular reports on network and VPN performance, capacity, usage, life cycle state, and specific project work impacting network and VPN access.
• Perform root cause analysis on the firewall platforms in response to incidents or customer requests.
• Ensure firewall platforms are monitored for performance, uptime, and capacity on an ongoing basis.
• Document workflows, processes and procedures, past work, change tickets, and service request tickets.
• Manage Cisco network routers and switches including Patching, upgrading software, system and policy changes, capacity planning, monitoring, and break fix support.
• Manage Intrusion Detection and Prevention systems, WAN and LAN links, and web content filtering.
• Manage Cisco ISE authentication tool.
• Maintain good professional relationship with peers, customer stake holders excellent written and verbal communication skills
• Monitor the firewalls from the console/NMS tools and fix the issues immediately.
• Creation of firewall rules, applying security policies, Enabling logging profiles etc.
• Troubleshooting issues like high CPU, S2S VPN connectivity, Routing issues, traffic flow issues
• Handling incidents like device outage / unreachability.
• Ability to provide the RCA for major outages.
• Work as a key member of the Team with broad knowledge of currently supported firewall and VPN technologies.
• Support of firewalls to support functions like Partner Site to Site VPN connections, application deployments, lab separation and internet egress.
• Supports the firewall infrastructure. Be engaged with engineering for project related work or needed changes to environment as needed.
• Handling critical changes and Severity 1 tickets
• Coordinating with the Vendors and Customer during outbreaks
• Troubleshooting and resolution of Security incident
• Implement the approved change requests
• Work with customer and support on ad hoc requests
• Complete the assigned task within the SLA
• Prepare network or infrastructure Visio topology diagrams, write Standard Operating Procedures, maintenance plans and provide status reports as required, participate in data calls and other operational and maintenance tasks
• Troubleshoot network problems, network device configurations and coordinate with various department administrators to facilitate connectivity issue resolution

Confidential

Sr. Network Security Engineer

Responsibilities:

• Deploy and Manage Multi-Vendors of the Enterprise Perimeter Security Stacks include Cisco Routers, Switches, WSAs, ESAs, SMAs, F5-LTM, FireEye
• Provide a level of technical network security expertise to support enterprise network infrastructure.
• Top level of ticket support. Work to resolution and maintain a short MTTR (Mean Time to Resolution)
• Perform the architect review and provide remediate solutions
• Provide technical consultancy for cross-functional departments, and peer level engineers, and/or project management.
• Deploy, admin, monitor and maintain the ASA and Palo Firewalls
• Assist in design, and day-to-day operations with implementing all aspects of Cisco ASA firewalls.
• Consult to internal customers regarding application instabilities, network performance problems, and ideas for design improvements.
• Responsibility to provide future insights into leading edge technology in, or outside of firewall, security, or spanning space.
• Responsible for troubleshooting network and firewall problems, specifically Palo Alto and Cisco ASA’s.
• Maintaining familiarity with industry trends and security best practices.
• Build close relationships with peers within Enterprise Information Security.
• Follow up on problem management and investigate workarounds and permanent fixes for reoccurring incidents
• Responsible for the planning, design, implementation, organization and operation of Palo Alto Firewalls based perimeter security network and network security devices including but not limited to 7000, 5000 and 3000 series FW’s. The job also involves
• Configuring and managing Cisco Firewall infrastructure in an enterprise environment
• Configuring and managing Cisco Web Security Appliance (WSA) in an enterprise environment
• Configuring, deploying, managing, and maintaining security equipment and related applications and platforms
• Network design and troubleshooting specificity as it applies to interoperability of security systems with the network.
• Understanding of available redundancy solutions for firewalls and networks.
• Monitors network security by analyzing Intrusion Detections reports, firewall logs and other sources.
• Monitors security bulletins and alerts from all Partners’ network system vendors. Evaluates vulnerability impact and formulates and executes risk mitigation plans.
• Responds to network security incidents. Works along with resource owners during and after security breaches recommends best practices and assesses the scope of damage and risk to vital network resources.
• Maintains an understanding of current issues in the realm of network security.
• Participates in Information Security Team on call rotation to troubleshoot major network system issues.
• Manage and maintains security infrastructure and applications including firewalls, IPS, end-point protection, and other security related applications
• Implement, and maintains security policies and procedures
• Provide the SME) for security policy and procedure, security design and implementation, and incident response and mitigation
• Evaluate new and existing security policies and tools in order to recommends improvements.
• Stays current on the latest security issues and emerging threats.
• Participate in vulnerability assessment activities.
• Mentor less experienced team members.
• Collaborate with other internal teams to increase efficiencies and reduce risk to the environment
• Work with the client to proactively reduce risk inside the environment
• Manages Security policies and procedures, Incident response planning and execution/security operations
• Participate for Security design reviews (applications) and Security tool evaluation and implementation
• Mange Daily security operations, Tool administration and Vulnerability management
• Maintain a thorough understanding of (Network services, (i.e., IPAM, DNS/DHCP, NTP, SNMP), Network Security, IP Routing, VPN,
• LAN/WAN technologies)
• Participates in after hours and weekend work to perform tasks that cannot be done during business hours.

Confidential

Senior Network Engineer

Responsibilities:

• Provide remote support 8 DC Centers and one lab (TX, CA, WA, NYC, GA and IL )
• Manage, support day to day activities Corp LAN/WAN, POP Data Centers, Prod Data Centers and Engineering LAB. Support all requirements; act as central point of contact and escalation for other team members.
• Manage network security and policies.
• Operates a company’s internal data communications systems, including LAN / WAN and Wireless
• Plans, designs and implements networked systems, including configurations, supporting/troubleshooting network problems and coordinating with vendors for installation of such items as routers, bridges, concentrators and switches. Working on project implementation.
• Responsibility for managing all IT network switches, routers, firewalls, VPN tunnels, and wireless access points and Console Servers.
• Responsible for ensuring that Confidential &T Wi-Fi network delivers extremely high availability while scaling with the needs of the business.
• Responsible for initial setup, ongoing maintenance, and troubleshooting for all network issues, VPNs, and GRE tunnels with partners and vendors.
• Manage, monitor and update the security compliance on all Production/Lab Network Devices
• Working with the Vendors such as Cisco, Palo, Emerson to resolve any critical issue and bring back the network healthy including hardware and software.
• Reconcile the routes to implement the BGP-Multi routes for balancing the traffic sharing
• Solves problems causing network outages including identifying issues with hardware, operating system, application and capacity.
• Acts as the owner of a problem through resolution. Analyzes issue and takes actions to resolve problems (including Root Cause Analysis and Problem Remediation).
• Drafts, updates and follows detailed work instructions relating to network maintenance.
• Takes a new perspective to solve complex problems. Works independently and receives minimal guidance. Acts as a resource for colleagues with less experience. May direct the work of other staff members.
• Trouble shoot network issues Confidential remote locations (8 Data Centers)
• Provide after-hour, weekend, holiday maintenance and support as required in addition to work week
• Utilize SolarWinds to monitor and evaluate network stability, utilization, throughput and latency
• Utilize Splunk to troubleshooting the Firewall Traffic, Network issue.
• Utilize Cisco ACS to monitor the prod Devices, User log include Authentication, Authorization and Accounting
• Researches and recommends technology to improve the current systems.
• Participate in identification of root cause analysis, resolution, outage mitigations, testing and implementation of vendor/IT fixes or design changes.
• Provide tech-support to the remote-hand assistant(s) to replace any faulty hardware or upgrade Hardware(s)
• Test any IOS upgrade on the Lab Gear before Appling on the prod Network gear
• Work on the project
• On-call for escalated issues.

Confidential

Senior Network Engineer

Responsibilities:

• Lead the deployment of Lab network initiatives
• Work with technical and managerial leaders to assist with establishing policies and procedures
• Act as subject matter expert in one or more key network engineering disciplines
• Assists in the development and maintenance of network communications
• Uses knowledge of LAN/WAN systems to help design and install internal and external networks
• Tests and evaluates network systems to eliminate problems and make improvements
• Successfully execute work within multiple simultaneous high level projects
• Recommend upgrades, patches, and new applications and equipment
• Successfully execute work within multiple simultaneous high-level projects
• Perform in-depth analysis of monitored systems to detect trends and trouble areas, and recommend remediation as necessary
• Recommend upgrades, patches, and new applications and equipment
• Play a technical role in supporting various technical and business initiatives
• Install and maintain network hardware solutions
• Deploy, manage and maintain network infrastructure
• Monitor network systems to ensure optimal operating environments and capacity usage
• Execute work in small to medium size projects

Confidential, TX

Enterprise Network Analyst

Responsibilities:

• Experienced with Cisco iOS and most of the Cisco Hardware Platforms.
• Maintained, troubleshot and leveled 1/2 support of availability Network Infrastructure.
• Implemented. divided and conquered in OSI model to troubleshoot any issue in the Network
• Conducted root cause analysis on Network incident according to the OSI model
• Utilized information gathered from the Remedy Tickets and other sources to analyze and troubleshoot any LAN/WAN issue(s)
• Used Cisco iOS troubleshoot command to analyze any issue relates to the slow VLAN, connectivity, find the correct IP subnets that assigned to the VLAN (s)
• Investigated the MAC in Switch MAC table
• Reported to L3 Level Analyst(s) when needed the Technical Support and solve problem ASAP
• Practiced network asset management, including maintenance of network component inventory and related documentation and technical specifications information.
• Monitored and maintained the ExxonMobil all DATA Closets to make sure those Cisco Network facilities are in good function. Report to the Team lead if any malfunction happens
• Participated in monthly team meeting for the technical issue(s) and other issue(s) related the Work order(s), Incident(s) and Task(s)
• Join the Virtual training such as remedy software, 802.1x presentation by the L2 team, IPV6 technology presentation, Router and Switch configuration, common issue of the Cisco devices
• Installed and maintained Cisco Router & Switch 4506 Series, 6500 Series, Nexus Switch 5000, ASA 5520 and 5545-X, Cisco AIRONET 1200 AG Series, Voice gateway MP-VG-124.
• Maintain, monitor and analyze all the issues of the Exxon Network Infrastructure
• Troubleshooting IP Phone Registration Problems such as Local to the IP Phone, VLAN or switch mismatches,