- Technically inclined, methodical, and results - oriented professional with broad-based experience in all aspects of network and information security.
- Adept at administering and troubleshooting network systems and servers, as well as executing network security and system upgrades.
- Well-versed in analyzing technical and client requirements; identifying and resolving complex technical issues; delivering first-rate client services; and coordinating team efforts to attain organizational goals.
- Effective at building positive rapport and working collaboratively with key stakeholders, clients, management, and other professionals of all levels.
- Articulate communicator; bilingual in English and French.
Lead Information Security Specialist
- Take charge of developing and executing policies for web, email gateway, and data loss prevention (DLP), and evaluating reports from Crowdstrike, Forcepoint, and Mimecast.
- Hold accountability for all log reviews/reporting, network security troubleshooting, and incident responses from Crowdstrike, Forcepoint, SecureWorks, Vipre, and Mimecast.
- Conduct analysis of all Active Directory audit reports; Secureworks threat intelligence information; and external daily threat reports from reputable outside sources such as SANS, CERT, RSA and FSISAC and others.
- Apply all changes on endpoint protection including asset value (AV) reports and remediation; vulnerability management using Digital Defense’s Frontline; and audit finding reports remediation along with other teams.
- Responsible for creating updating and the evaluation of new patch management; policy information security policies and directives; firewall rules for all access to company’s network; and standard operating procedures (SOP), reference documents, and request forms.
- Develop methodology to integrate threat intelligence from multiple feeds to the Checkpoint firewall.
- Conduct all Qualys scans for Metro and collaborate on all Cybersecurity investigation or troubleshooting related to these scans.
- Handle all preparations for the DOB and NCUA audit materials or information related to Information Security.
- In charge of creating monthly Information Security report and present it to Metro’s Enterprise-Wide Operation Committee.
- Handle security incidents response and investigations, bi-yearly penetration testing, and report preparation.
Senior Network/Security Engineer
- Utilized SecureID token for remote access VPN users to configure RSA server and ASA 5515x integration for two factor authentication.
- Administered the design, configuration, troubleshooting, and media access control (MAC) of all network devices such firewall, routers, and switches
- Performed integration of two AWS Virtual Private Cloud (VPC) to Active Directory through primary and secondary VPN to three sites and remote access network for telecommuters
- Initiated configuration and deployment of Cisco ASA 5515x Firewall and 3850 Switch to upgrade existing networking environment
- Managed all daily troubleshooting issues for Active Directory, networking, and AWS VPC environments
- Oversaw security incident handling and response and all security remediation for all vulnerabilities, as well as assessed all weekly security scans
- Led the design, configuration, and troubleshooting of Active Directory environment and all VMware infrastructures
- Used Juniper firewall and enterprise-level security tools to resolve and monitor network security
- Assumed responsibility in configuring and executing the following:
- SSL VPN for vendors and other news bureaus. remote access VPN for all staff and consultants.
- Cacti to monitor all VPN, firewall, switches, and routers.
- New WAN router and new wireless network in multiple locations.
- Clustered juniper firewall for the headquarter and the production network; and
- Site-to-site VPN to all company sites and backup site-to-site VPN for a dark fiber connection between the production site and the main office
- Conducted the monitoring, troubleshooting, and configuration of all Cisco 6500 cores and IDF switches.
- Partook in researching and facilitating new technology and best practices.
- Conceptualized, configured, and administered the bank’s network involving 15 locations.
- Carried out development of a more scalable IP scheme by readdressing the whole network, as well as reconfiguration of core network/switching using 3850s to ensure better redundancy and security.
- Performed configuration and installation of ASA 5515x and maintenance of ASA 5520/5510/5515 x.
- Administered and executed all firewall update and/or patches; updated and managed McAfee web gateway, email gateway, and SIEM; and assisted in designing and maintaining Active Directory structure.
- Facilitated configuration and implementation of VPN network for all ATMs using both ASA 5510 and Cisco Meraki; DHCP server enterprise-wide; and all IPS report while monitoring all alarms and security incident handling.