We provide IT Staff Augmentation Services!

Sr. Network Security Engineer Resume Profile

Objective:

To obtain a position as an Information Security Professional where I can utilize my strong technology and leadership background to facilitate technical growth and effective operations.

Employment History

Confidential

Sr. Network Security Engineer

  • Configure Juniper/Netscreen Firewalls in very complex environment
  • Managed firewalls using Palo Alto's Panorama Central Management Software
  • Used tools including Tufin and Splunk to monitor firewall traffic and troubleshoot network access
  • Configuration, implementation, and problem determination across the major firewall platforms and understanding each customer environment at a detailed level

Confidential

Sr. Security Analyst

Enterprise Vulnerability Management using Qualys

  • PCI and SOX Compliance, Reporting and Threat Management
  • Work with the System Engineers and Device Owners to help resolve confirmed or potential vulnerabilities
  • Project Management, case review, ticket creation, macro development, LDAP configuration, Active Directory AD Integration SSO , SSL standards.

Confidential

PKI Engineer /Sr. Information Security Professional

  • Venafi Encryption Director VED - Enterprise Key Certificate Management System. I support internal customers as they install and deploy certificates, automating the processes of procurement, enrollment, monitoring, renewal and/or retirement of certificates across heterogeneous environments.
  • Support both internally and externally hosted Certification Authorities CA's as well as SSL and Code Signing.
  • Install and configure Hardware Security Modules HSM's for highest level of private key protection and security.
  • Provide consulting to all lines of business's within the bank on security related topics to include certificates, multi factor authentication etc.
  • Participate in defining and developing the strategic plans, certificate renewal, CRL/AIA, encryption type/strength, etc.

Confidential

Sr. Information Security Professional

  • Responsible for IT Security services such as Vulnerability Scanning, Penetration Testing, AntiVirus, Security Assessments, Active Directory / Group Policy, Data Encryption, Intrusion Prevention Systems IPS , SEIM/SEM/SIM and Event Correlation, Enterprise Patching, Web Filtering, Application Security, Enterprise Monitoring, Active Directory Services, IIS, SharePoint, Single Sign On SSO using Kerberos/LDAP/SPN's, UNIX/WebLogic, PKI/Certificate Authority design and admin, Cisco ASA FW review and more.
  • Tools and applications include TippingPoint IPS, Sophos SafeGuard HD Encryption, Qualys Vulnerability Scanning, WebSense web filtering, patching w/ Shavlik NetChk Pro/ WSUS / Secunia, Retina, Metaspliot, TrendMicro Sophos AntiVirus, PowerShell and Visual Basic Scripting, Active Directory - DNS/Group Policy Admin/ADUC/Forest/Domain/FSMO design, Incident Response, VMware, Application Scanning, ISO 20001:2005 / SOX, HIPAA, GLBA, GAMP5, Host Validation FDA , Auditing, password vault, AD Security, working w/ Federal Agencies, etc.
  • Responsible for coordinating and leading information technology security activities across Gen-Probe worldwide which includes information technology IT risk management, IT security policies, IT security awareness, and IT security architecture.

Confidential

Information Security Specialist

  • TippingPoint IPS SMS Enterprise Management SMS, HA, ZPHA, TOS, TMC, Digital Vaccines, Quarantine, Custom Filters, L2FB, Segment Creation, Enterprise Design Deployment, Incident Management eg. Conficker, Virus, DNS exploits TP/3COM Expert Training Certification, etc
  • QualysGuard Vulnerability Scanning Internal External , Mapping, Asset Groups, PCI Compliance, Reporting and Remediation. Also used NexPose Rapid7 and others.
  • Web Application Scanning using HP WebInspect SPI Dynamics , IBM Appscan/WatchFire, Qualys WAS, Accunetix and others. Working with developers to fix code and explaining exploits. Work w/ SDLC.
  • Firewall rules review and oversight Apache, MS ISA, Cisco FWSM, Router ACL's, etc
  • Email Filtering Routing with IronPort, Tumbleweed SPAM, Antivirus, attachments, white/ black lists, etc
  • BlueCoat Proxy Administration, AD Authentication, Policy Creation Visual Policy Manager , Whitelists/Blacklists, Web Caching, exceptions, etc.
  • Microsoft Active Directory Security Administration, GPO Design, Domain Forest Trusts, Certificate Authority CA Admin, IPSec, Single Sign On SSO w/ LDAP/SSL w/ UNIX clients, Auditing, etc.
  • RSA enVision Administration, enterprise logging from Windows, UNIX, Cisco, etc , reporting, aggregation and correlation.
  • GuardianEdge Hard Disk Encryption Administration, AD integration, user management, data recovery.
  • Cisco WCS wireless integration, WPA, profile setup, VPN, Workstation Certificate.
  • Symantec AV Administration, enterprise management, definition updates and distribution, virus removal.

Confidential

Sr. Network Engineer / System Administrator 4

  • Responsible for the health and growth of Active Directory to include DNS management, GPO's, Policies, Directory Replication, Site-to-Site configuration/replication, Security management, Domain Controller build-outs and maintenance, DHCP creation and management, User and Group management, ILO/KVM support, LDAP expertise, packet analysis for network troubleshooting, IIS support and training of team members.
  • T-Mobile SME for Microsoft Operations Manager MOM . Enterprise monitoring of Domain Controllers, Exchange Servers, DHCP / DNS servers and SMS servers. Maintained the Web Reporting features to facilitate trending reports for all servers and services. Ran SQL scripts for grooming Reporting database.
  • Enterprise Public Key Infrastructure PKI design for T-Mobile network. This included building out a model that supported multi-level Certificate Authorities, Intermediate CA's and Issuing CA's. Designed IPSec Offline VPN certificates and designed other certificates and policies , auto-enrollment via Active Directory for domain clients, Web enrollment for non-domain members, Hardware Security Modules HSM's for highest level of private key protection and security.
  • Kerberos Authentication for non-domain clients. Implemented keytab files in association with their Service Principle Name SPN to allow UNIX hosts to authenticate with Active Directory. WebLogic setup configuration, J2EE/JRE/JVM/monitoring, etc.

Confidential

Sr. Network Engineer / Infrastructure Engineer

  • Responsible for building out and deploying Windows 2003 Server in an enterprise environment. I was responsible for configuring GPO, OU, DNS, IP Sites, MOM, SMS, NetQoS, SharePoint and MS SQL.
  • Technical support and design of MS SharePoint Portal Services SPS / Windows SharePoint Services WSS on production portal sites. Included SSL, Certificates, security, network design DMZ, Firewall and Exchange OWA/OMA , Load Balancing, SAN/Clustering, etc. Also managed OWA environment, Directory Synchronization between sites Aelita/Quest , integration with SmartPhone technologies.
  • Use Microsoft Operations Manager MOM and Systems Management Server SMS to manage enterprise servers. Using these tools allowed for centralized administration and troubleshooting for the entire enterprise.
  • Managed MS Exchange Server 2003 Enterprise environment to include F/E and B/E Clustering Failover and SAN connectivity. Troubleshoot SAN connectivity and configuration.
  • Responsible for the day-to-day Infrastructure Requests to include SMS Portal Admin, OWA / Mobility / SmartPhone support, server configuration, Terminal Services, DNS, WINS, patch management/service packs, AD admin, configuring RAID arrays, Domain Certificate SSL Registrations, BigIP F5 VPN configurations, Blade servers, Cisco routers, switches, ISA Server Design, PBX Phone system support TeleVantage , etc.

Confidential

Sr. Network Security Engineer

  • Trained clients on technologies including Windows NT/2000, DNS, legacy OS's Win3.x/DOS/Win9x , IPSec, L2TP/PPTP, DNS, RRAS, Active Directory Services OU's, Sites Domains , MS Exchange, IIS/Web hosting, Security, switching, routing / submitting, VLAN's, x.500, LDAP, VTP, ISA Firewall, encryption, Novell Netware server and clients and many other technologies.
  • Symantec Firewall VPN, Symantec AntiVirus Enterprise Gateway, NetRecon, SonicWall Firewall/VPN, McAfee, Veritas Backup, BlueSocket wireless LAN solutions.
  • Configured MS ISA Firewall for perimeter security while allowing internal servers Web, Mail, etc to be published through the firewall.
  • Configured MS Exchange 2003 w/ OWA and SSL for remote users wanting encryption/security.
  • Install and configure Windows 2003, Active Directory configuration.

Confidential

Technical:

  • Windows 2003 training and migration. Also, MS Exchange 2003 migration w/ the updated OWA features.
  • Provided onsite consulting for various clients on Active Directory design, RRAS, Novell migrations to Win NT Win2K, router/ hub/ switch configuration, DNS, TCP/IP, Backup services, Disaster Recovery.
  • As a Microsoft Certified Trainer, I trained MCSE students on Active Directory, DNS, Security, Fault Tolerance, Backup, Disaster Recovery, OU, Site and Domain architecture, TCP/IP, NTFS / ACL's, etc.
  • Provided network consulting to clients. Experience with Firewalls, Email Systems, Novell, Cisco and other 3rd party solutions.
  • Business Leadership:
  • Created partnerships with Microsoft as a MS Solutions Partner and Certified Training Educational Center.
  • Managed 15 full time staff employees and several contracting engineers for various projects.
  • Experienced with SLA's, helpdesk environments, escalation and tiered support models.

Confidential

Senior Network Engineer

  • Administering NT domains, accounts, fault tolerance, re-subnetted network TCP/IP to allow for future growth, MS Exchange administration and intersite connectivity,
  • Migrating a Novell Netware LAN to Windows NT LAN configuring 600 IPX clients and MS clients WfWG 311, MS-DOS, Win 95, NT Workstation 4.0 for mid-migration solutions,
  • Router, Switch and node 3COM, CISCO, etc. configuration and management, trained users on MS applications, Network Administration, helpdesk etc.
  • Configured several Compaq rack-mount servers w/ RAID arrays, UPS's, SCSI controllers, etc.
  • Network Traffic Analysis MS Network Monitor, Network General Sniffer , NT Domain Admin.,
  • Compaq server and workstation configuration SSD's, SCSI controllers, RAID, rack mount build-outs, etc

Confidential

Windows NT Support Engineer, Corporate Network Support

  • Provided technical support for Windows NT Servers, Domains and Workstations, configured DHCP, WINS, RAS, Blue Screens, packet analysis MS Network Monitor , deployment and general troubleshooting.
  • Trained NT engineers on networking, TCP/IP, RAS, WfWG 3.11 connectivity, fault tolerance, remote debugging, sniffer tracing, backup and printing, and blue screens .
  • Wrote the first MS-DOS and Windows examination questions for the Microsoft Certification Program MCP . Test : 70-30 - MS Windows 3.1 Admin. and several following MS certification exams.
  • MS-DOS/Windows 286/386, Win 3.0, Win 3.1, WfWG 3.11, Win3.x Mentor CSE, December,
  • 1991 to 1992 Mentor, September, 1991
  • Held SECRET Security Clearance

Hire Now