Network Security Engineer
- Acquire Zscaler knowledge through self - paced learning in order to provide support for clients/customers
- Troubleshoot escalated client firewall issues to include Palo Alto, ASA, Fortinet, and Check Points
- Troubleshoot escalated client proxy issues to include Blue Coats and Zscaler
- Modify firewall and proxy configurations as necessary to establish optimal network performance
- Work with TAC support on escalated cases to ensure the quickest possible return to service
- Provide guidance to junior engineers to increase productivity and maintain appropriate workflow
- Cooperate with vendors in order to remediate parts or device failures
- Update or create knowledge base documentation
Sr Network Engineer
- Creating configuration templates for Cisco NCS 5501 and ASR 9001.
- Migrating from NX-OS devices to IOS-XR devices.
- Assisting with management responsibilities of MPLS environment.
- Point of contact for TAC cases to help resolve issues encountered during this upgrade/migration project.
- Working in a lab environment to test configurations, IOS upgrade procedures, and any other changes before implementing them into production.
- Creating and updating networking diagrams as needed.
Sr Professional Services Consultant - Networking/Security
- Work on a wide range of devices, to support the client’s need, which include: Catalyst 9000, 6000, 4000, 3750, 2900, ESW 520, ASA to FTD migration, etc
- Performs implementations of overall solutions for clients, including development of solution designs, implementation plans and documentation.
- Develops Confidential standards for scoping, documentation, and implementations.
- Leads project teams to deliver successful implementations.
- Performs expert integration and customized consulting services.
- Works directly with client to gather requirements, design solutions, build proof of concepts and implementations solutions.
- Delivers consultative-based knowledge transfer and documentation to Confidential ’ clients.
- Works with RMO and PMO in scheduling and managing engagements.
- Works with Confidential ’ clients to perform assessments, health checks, performance tests, and capacity planning.
- Responsible for product evaluation, process improvement, and practice refinement activities.
- Establishes relationships with clients by demonstrating strong listening skills.
- Builds credibility and trust by delivering what has been promised within established timeframes.
- Maintains focus on client satisfaction and expectation management.
- Mentors and trains team members on working in collaborative environment.
- Demonstrates and actively promotes an understanding and commitment to the mission of Confidential through performing behaviors consistent with the organization's values.
- Maintains a working knowledge of applicable Federal, State, and Local laws and regulations as well as policies and procedures of Confidential in order to ensure adherence in a manner that reflects honest, ethical and professional behaviors.
- Supports and conducts self in a manner consistent with customer service expectations.
Senior Advisor, Cybersecurity Engineering and Operations (Team Lead)
- Work with Major Incident Management and/or our vendor(s) to troubleshoot high visibility issues
- Work to resolve escalated and long-standing issues
- Work on updating documentation and creating more efficient processes
- Escalation point for my team on any issues they are facing
- Work with my team, through 1x1s and daily conversation, to help find gaps in their skillset to help them better support our environment
- Update and maintain firewall rules on Palo Altos (to include Panorama - 5060, 5020, 4060, 4020, 200, M-100)), Checkpoints (77.20 and 77.30), and Sonicwall (NSA 5600, NSA 250, Supermassive 9400, SMA 7200)
- Log into Cisco network equipment to help troubleshoot issues
- Upgrade device firmware and ROM to help resolve any vulnerabilities or security risks
- Spearheading the efforts, from a security standpoint, to cleanup any IP overlap in the environment (since Confidential purchased EMC)
- I am the direct contact point, from the security side, for any questions regarding this project
- Working diligently with the network team to verify IP network space, by monitoring traffic logs, and allocating the appropriate amount of new subnet space needed
- Troubleshooting connectivity issues, if any, after changes have been made on the network
- Adding, removing, and updating firewall rules, objects, and groups on Checkpoints, Palo Altos, and Sonicwall FWs as part of these reIP efforts
- Cleaning up any rules, objects, groups, etc that are no longer needed
- Used Cisco routers to verify what routes still existed on the network and where subnets were used on our network
- Assisting with other projects as they become available (GMS migration, documentation, etc)
Cyber Security Analyst
- Process requests to design, modify and grant security accesses, and other security requests.
- Perform role-based access support, troubleshooting end-to-end user errors and issues, and performs end-to-end support on a variety of information security systems software.
- Administer and maintain user access controls, processes, and procedures to prevent unauthorized access, modification, disclosure or misuse of Confidential resources. Performs research, analysis and troubleshooting to identify, resolve, and explain complex security issues.
- Schedule and conduct self-assessments of business applications to ensure compliance with published policies and standards. Collects, compiles, and generates information security reports on system and network accesses. Reports and prepares briefing packages for presentation to customers and management.
- May process digital forensic investigation requests from internal departments to assist with investigations and presents findings and/or perform digital forensic investigations utilizing nationally accepted standards, applicable laws and regulations, company policies and best practices.
- Identify and analyze business practice violations of information security policy and standards.
- Participate in multiple projects as a team resource. May provide audit support.
- Document procedures, executes and improves operational processes.
- Participate in the evaluation, development, implementation, integration and administration of internal and external business solutions that meet customer needs.
- Independently monitor and respond to operational security issues related to Network Security systems in both Palo Altos (both Panorama and the individual firewalls) and ASAs.
- Applies troubleshooting knowledge to identify root cause and suggest steps to take for resolution and work with appropriate Confidential resources to deliver timely resolution to issues that are identified.
- Acquires and applies broad knowledge of the business, its products, and processes.
- Serves as a daily on-call resource to work daily incidents, major incidents, and work with vendors to reach desired resolutions
Network Firewall Engineer
- Added, removed, and updated firewall rules, objects, and groups on Checkpoints (77.20 and 77.30), Palo Altos, and Sonicwall FWs to help with device hardening to prevent potential attacks and remove unnecessary access through the firewall
- Configured Sonicwall FWs (SuperMassive 9600, 5600, and 250M) and implement in production environment
- Configured and tested Site-to-Site VPN functionality on Sonicwall edge devices (250Ms) to provide a secure tunnel to the internet, while preventing internal access, for vendors visiting on-site.
- Migrated Checkpoint and Palo Alto FW rules, objects, and groups to Sonicwall FWs and performed FW replacements
- Troubleshot VPN/FW incidents that enter our team queue in Remedy
- Monitored traffic on Checkpoint, Palo Alto, and Sonicwall firewalls and provide verification to users if traffic is being allowed or denied
- Added and monitored firewalls in Solarwinds
Senior Network Engineer
- Updated, removed, and created new Policies on both Cisco and Palo Alto firewalls (Panorama) to help increases the overall security of the network
- Cleaned up unused Policies, Addresses/Address Groups, and Services/Service Groups on the Palo Altos for better readability, to create an efficient running configuration, and reduce resources used on the data and control planes
- Configured and supported Cisco ASAs
- Worked with both standard and extended Cisco ACLs
- Understanding of routing protocols
- Configured switching protocols (VTP, STP, CDP, VLANs, Trunking) when necessary
- Troubleshot T1 circuits when necessary
- Configured network devices (switches, and routers)
- Supported end users via phone, email, or face to face
- Taught course work as it applies to the appropriate curriculum.
- Used additional instructional resources such as guest speakers, field trips, films, and handouts to enhance the learning process.
- Held conferences with students on an as needed basis.
- Maintained classroom in good physical order.
- Entered classroom at designated time with all necessary materials. Begins and ends class on time.
- Prepared lesson plans, handouts, and other curriculum-related materials.
- Wrote progress reports.
- Worked additional time weekly, as required, for individual student needs outside the classroom.
- Corrected students’ assignments and tests and returns them promptly.
- Attended formal and informal staff and faculty meetings.
- Informed supervisor of unsatisfactory academic progress, discipline or attitude problems, and occurrences that warrant discussion.
- Worked as a part of the academic team to improve student attendance, retention, and graduation rate
- Actively participated to promote student retention.
Senior Network Engineer
- Troubleshot Site-to-Site VPN issues
- Updated and created new Site-to-Site VPN tunnels with vendors for secure transfer of data
- Installed and configured routers, switches, and ASA firewalls
- Configured IPSec, and GRE tunnels
- Maintained Cisco ASA firewalls, routers, and switches
- Analyzed network traffic for irregular traffic patterns and the ability to remediation those irregularities
- Ensured that all network devices and resources are being properly monitored
- Supported the network infrastructure on a 7x24 basis should a sev1/2 incident arise (when on call)
- Managed projects
- Answered technical support incidents/questions and assist other tech leads as needed with tickets
- Conducted root cause analysis and develop corrective actions
- Responsible for environment security
- Troubleshot any reported problems
- Assisted the other leads as needed with workload and general support