We provide IT Staff Augmentation Services!

Network Security Engineer/analyst Resume

SUMMARY

  • 7 Years of IT experience on the field of computer security, computer networks, cyber security and system administration.
  • Experience with identity and access management strategies, architectures and implementation plans.
  • Experience with active directory administrations.
  • Experience with identity management/SSO/MFA solutions.
  • Experience with Identity Federation (SAML) configuration and integration across multiple trusted third parties, applications and systems.
  • Experience integrating provisioning and account management functions for a variety of disparate systems including but not limited to database systems, email systems, web application systems, operating system directories and other systems.
  • Experience with Microsoft Azure/0365 EOP, ATP, identity management, behavioral analysis, conditional access rules, DLP and threat detection toolsets.
  • Experience with firewall technologies - Palo Alto, Cisco ASA and Meraki.
  • Understanding of various regulatory requirements, i.e. PCI, SOX, GDPR, CCPA.
  • Understanding of change management and ITIL toolsets to work on incident, problem and change.
  • Experience in configuration and maintenance of router and switches.
  • Extensive understanding of networking concepts, i.e. Configuration of networks, router configuration and wireless security, TCP/IP, VPN, content filtering, VLANs and routing in LAN/WAN, ethernet port, patch panel and wireless networks.
  • Experience in configuring layer 2 technology including VLANs, Trunking, STP, PVST, MST, VTP.
  • Possesses proficient knowledge of layer 2 switching and layer 3 routing protocols, encryption protocols, communication protocols. Examples include but not limited to TLS/SSL, IPsec, SSH, PGP, VLAN, LLDP, LACP, ARP, 802.1x, DNS, AES, etc
  • Extensive knowledge in TCP/IP and OSI models.
  • Strong troubleshooting skills on Cisco LAN switch environments including WAN infrastructure.
  • Experience in implementing and troubleshooting OSPF, EIGRP, BGP routing protocols and policy-based routing.
  • Experience on use of SSH, SYSLOG, SNMP, NTP, NAT, PAT and dealt with DDOS attacks and flooding attacks.
  • Maintaining IT process and procedure documentation.
  • Monitor SIEM and IDP/IPS feeds to identify possible enterprise threats. Actively investigate, respond to and remediate security incidents.
  • Experience with DNS/DFS/DHCP/WINS standardizations and implementations.
  • Experience with encryption technologies DRM, PKI and secure coding techniques.
  • Strong understanding of virtualizations.
  • PowerShell, Python and Bash Scripting.
  • Excellent understanding of the software development life cycles.

TECHNICAL SKILLS

  • Log Management and SIEM - Splunk, IBM QRadar.
  • Wireshark.
  • Endpoint Security.
  • WSUS, SCCM, Active Directory, Group Policy Objects.
  • Nexpose, Tenable Nessus.
  • Metasploit, Backtrack, Kali, Burp Suite.
  • Cisco 3600, 7200, 7600.
  • Cisco catalyst 2960, 3560, 6500
  • Windows Server 2008/2012/2016.
  • Exchange, SharePoint.
  • PowerShell, Python and Bash.
  • C, C++, Java, Matlab

PROFESSIONAL EXPERIENCE

Network Security Engineer/Analyst

Confidential

Responsibilities:

  • Administer Active Directory, including Group Policy and NTFS security to create, deploy and maintain GPOs and network shares.
  • Administer Microsoft AX environments, Softeon, Microsoft Exchange, Clutch Portal, Counterpoint, Interaction administrator, Salesforce commerce cloud and Atlas client.
  • Okta Management
  • Create and configure user accounts within Okta for data access and administration.
  • SAML Integration with different applications like Adobe Creative Cloud, Dynatrace, Service-now for Single Sign-On.
  • Create and manage groups for efficient user and application association and provisioning.
  • Configure applications for secure employee access to corporate data.
  • Configure controls, such as password policies and multifactor authentication, for increased data security.
  • Troubleshooting various errors to resolve access issues.
  • Okta Mobile Setup and Administration
  • Setting of users in VPN client GlobalProtect.
  • Responsible for LDAP user and group creation, maintenance, and removal.
  • Responsible for modifying file server permissions as needed for user access.
  • Responsible for email distribution lists and shared mailbox creations.
  • Acknowledge and respond to security incidents reported or identified by MSS team.
  • Identifying phishing email and blocking it.
  • Conducting phishing awareness campaign on monthly basis using Cofense LMS .
  • Review the Nessus scan report and perform necessary action based on result.
  • Understand vulnerability management tools that perform internal and external vulnerability assessments.
  • Monitoring logs from various system, looking for security breaches indicated by abnormal patterns and alerts.
  • Deploy, manage and monitor IDS/IPS and WAF, to identify and assess network and application layer threats.
  • Responsible for granting, modifying, and removing user access for all enterprise applications.
  • Responsible for Identity Management/SSO solutions, Mobile Device Management solutions.
  • User access review for different applications on Quarterly/Monthly basis.
  • Maintains records of security events investigated and incident response activities, utilizing case management and ticketing systems.
  • Management of different applications like WhiteHat, Fastpath, Instart Bot Management, Prisma, Varonis and web monitoring tools like Dynatrace.
  • Administration and support of various operating systems.
  • Participate in various security audits, prepare necessary security documentation, SOPs and evidence during security audits.
  • Participate in an on-call rotation, respond to emergency calls during non-business hours.

Security Engineer

Confidential, Long Beach, CA

Responsibilities:

  • Managing Microsoft active directory, ADFS, Azure AD.
  • User provisioning/deprovisioning.
  • Support and implement firewall security policies like firewall, windows firewall.
  • Configuring and managing SSO solutions using Okta.
  • Deploy, manage and monitor IPS, WAF, DLP, behavioral analysis, phishing email filters to identify and assess network and application layer threats.
  • Managing enterprise password vaults, vulnerability scanning and management, application whitelisting, network micro-segmentation and virtualization.
  • Monitor systems and network for security-related anomalies.
  • Security Operations responsibilities like vulnerability scanning and patch management, access control governance and oversight, exceptions tracking, security tool management, tuning and configuration.
  • Manage VPN solution.
  • Manages, monitors, and analyzes several security technologies to include defensive and offensive security solutions on the perimeter and internal networks such as firewalls, intrusion detection/prevention systems (IDS/IPS), data loss prevention.
  • Assist to network team to improve efficiency of network security operations.
  • Work with network team to perform tests and uncover network vulnerabilities.
  • Implement security policies to identify and blocking phishing emails, conducting campaign for phishing email awareness.
  • Responding to security incidents, reviewing logs and security alerts, handling security tickets and performing the incident response.
  • Participate in various security audits, prepare security documentation, SOPs and evidence during security audits.
  • Duties assigned by manager.

Network Security Engineer

Confidential

Responsibilities:

  • Responsible for implementing, engineering & level 2 support of existing network technologies / services & integration of new network technologies / services.
  • Building large scale network environment using routing protocols like OSPF, EIGRP, and BGP.
  • Configuring route redistribution between EIGRP and OSPF.
  • Involved in network designing, routing, DNS, IP subnetting, TCP/IP protocol.
  • Performing route filtering and route manipulation by applying distribute-lists, route-maps & offset lists.
  • Diagnose MPLS protocol problems including VRF and COS issues to full resolution.
  • Providing Layer-3 redundancy by implementing HSRP in the network.
  • Hands-on experience in implementation and troubleshooting of BGP version 4, OSPF, IPV4 and Ethernet Protocols.
  • Managing various VLANs, IP addressing for various subnets, VLAN trunking between various access-switches.
  • Used load balancers F5 Big-IP6900 and 3900 between the servers inside the network and in the server.
  • Performance fine tuning and maintaining customer network devices to provide high availability for the applications, proper bandwidth utilization and to avoid network congestion.
  • Configuring standard and extended access control Lists (ACLs) and firewalls.
  • Designing and implementing VPN and remote access support.
  • Worked on Cisco ASA 5580 and 5585 VPN Firewall for site to site VPN from Cisco ASA to Palo Alto.
  • Implemented Port Security - MAC limiting, DHCP Snooping and IP source guard on EX series switches to make the network invulnerable to attacks
  • Implemented static NAT and PAT for internet users.
  • Designed and implemented DMZ for FTP, web and mail servers with CISCO PIX 525 and PIX515E.
  • Supported remote location with site-to-site VPN, Remote access VPN such as IPSEC.

Network Engineer

Confidential

Responsibilities:

  • Configuring routers and sending it to technical Consultants for new site activations and giving online support at the time of activation.
  • Experience installing/troubleshooting VOIP phones for branch office.
  • Supporting Development team for the access to corporate network and outside world.
  • Providing access to specific IP, Port filter and port access.
  • Experience conducting desktop support and inventory control over different sites.
  • Experience in Cisco 2800 3700 series switches: physical cabling, IP addressing, WAN configurations (Frame-relay and ATM).
  • Conducting technical site surveys different branch and main office.
  • Performed troubleshooting, while maintaining trouble ticket tracking, following internal/external escalation procedures and customer notifications.
  • Configured Cisco Routers for OSPF, RIP, IGRP RIPv2, EIGRP, Static and default route.
  • Installing/troubleshooting PCs and Printers and Servers.
  • Configured the Cisco router as IP Firewall and for NATting.
  • Switching (Ethernet) related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.
  • Responsible for implementing QOS prioritizing voice traffic over a data.
  • Implemented SNMP on Cisco routes to allow for network management.
  • Completed the installation and configuration of T1, T3 & OC3 circuits.
  • Experience installing/troubleshooting with data cable and data communications equipment.
  • Troubleshoot TCP/IP problems, troubleshoot connectivity issues.

Hire Now