Network and Security Engineer

CAREER HIGHLIGHT

• Experienced Professional with over 7 years of experience as a an IT Security Professional in IT Infrastructure, Information Security, Network Security, Enterprise Security, Project management.
• Strong knowledge based in the planning, design, and implementation of Information Systems and Network Technologies.
• Skilled technically proficient with multiple firewall solutions, network security, and information security practices.
• Proficiency includes checking server and firewall logs, scrutinizing network traffic, establishing and updating virus scans, troubleshooting, analyzing and resolving security breaches and vulnerability issues in a timely and accurate fashion, and conducting user activity audits when required.
• Designing, deploying and troubleshooting enterprise data network as Network engineer and expert in configuring and troubleshooting L2 protocols such as VLAN, VTP, ISL, 802.1Q, STP, RSTP, PVST, port security and Nexus Switches.

SUMMARY

• 7 years of experience in the planning, design, and implementation of Information Systems and Network Technologies.
• Experienced Checkpoint Firewall, Security and Network Administrator as well as a Cisco Certified Network Associate CCNA , routing and switching.
• Knowledge in planning, design, implementing and troubleshooting complex networks and advanced technologies.
• Advanced knowledge, design, installation, configuration, maintenance and administration of CheckPoint Firewall R55 up to R70 version, SecurePlatform Installation including GAiA, VPN.
• Advanced knowledge in Design, Installation and configuration of CheckPoint Provider Environment.
• Advanced knowledge in design, installation and configuration of Juniper Netscreen Firewall ISG 1000/2000, SSG series and NSM Administration.
• Drafted and installed Checkpoint Firewall rules and policies.
• Implementation and administration of Juniper WX/WXC devices for WAN Traffic acceleration.
• Advanced knowledge in Cisco ASA 5000 series and PIX installation, configuration and maintenance.
• Experience in Network Intrusion detection/Intrusion Prevention System and Firewalls.
• Experience in Implementing managing Symantec Data Loss Prevention.
• Experience in implementing application security solutions
• Advanced knowledge in configuration and installation of IOS security features and IPS.
• Advanced knowledge in Cisco Switches and Routers Configurations.
• Advanced knowledge in TCP/IP suite and routing protocols, such as OSPF, BGP, and

EIGRP

• Advanced Knowledge in IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols.
• Advanced knowledge in Linux and Unix Operating Systems.
• Knowledge of ISO / IEC 27001 and BS 17799 and LPT methodologies.
• Conduction of Security Awareness and Network training for NOC and SOC staffs.
• Excellent Analytical and Documentation skills.
• Experience in troubleshooting and application support.

TECHNICAL PROFICIENCIES

• Platforms/Applications: Windows Server NT4-2012, Exchange 5.5 2010, VMware VSphere/VCenter 4-5, MS Lync, BlackBerry BES 5.0.3, IIS 7.5, Microsoft SQL 2005 2012, SCCM , VERITAS Netbackup Backup Exec, TMG, Citrix XenApp/XenServer, MS VMM Hyper-V, Unix/Linux, PowerShell, MS Clustering, Enterprise Antivirus Disk Encryption solutions, Quest ActiveRoles, SCOM
• Networking: Conversant in LAN, WAN, Wi-Fi, DNS, WINS, DHCP, TCP/IP, ISCSI, Fiber, Firewalls/IPS/IDS,
• Hardware: Dell, HP, CISCO, IBM, SUN, CheckPoint, SonicWall, Barracuda Appliances, SOPHOS email appliances
• Operating Systems: Windows, NT, Windows 98/XP/2000/2003/2007, MS-DOS, Linux
• Firewalls: Check Point, ISA 2004/2006
• Protocols: TCP/IP, L2TP, PPTP, IPSEC, IKE, SSL, SSH, UDP, DHCP, DNS
• Routing: OSPF, EIGRP, BGP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static Routing
• Switching: VLAN, VTP, STP, PVST , RPVST , Inter VLAN routing Multi Layer Switching, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging
• Database: Oracle 10g/9i, SQL Server 2005/2000
• Security Tools: Wireshark, MBSA, MS Visio, Apache, VMWare ESXi 3.5, VMware Server, Encase

PROFESSIONAL EXPERIENCE

Confidenital

Senior Security Architect /Engineer

RESPONSIBILITIES:

Provide security engineering for implementation in the CheckFree enterprise network. Designed and implemented code in multi-threaded C for IPv6 inspection and attack detection capabilities for an upcoming software release of the Dragon IDS/IPS. Included IPv6 packet header inspection, updates to various Dragon decoders, and the ability to decode IP-in-IP tunnels. Directed the software engineering effort for the Dragon IDS/IPS network sensor. Setting engineering priorities with an emphasis on attack detection through enhanced signature detection capabilities, system design, and technical direction of engineers who developed Dragon network sensor code. Developed a fully automated build system for the Dragon ISO appliance image. Complete rename of all firewall objects and rules Replacement of CheckPoint / Crossbeam firewalls with new Juniper SRX 5800 Firewalls Fulfill the implementation of the Juniper SRX infrastructure, troubleshoot the JUNOS operating system running on the firewalls, provide guidance, support and cross training to the team. Responsibilities included design, implementation, support and administration of multiple security products, including over 20 Crossbeam X-Series running CheckPoint Provider-1 and VSX, SourceFire, and ISS Realsecure. Daily responsibilities included design, implementation, support and administration of multiple security products, supporting the installed product base, and internal engineering teams. Designed, built, and implemented CheckPoint Firewall-1 VSX. Performed individual site evaluations, technical hands on design, installation and implementation of SecureTrack Managed the lab CheckPoint Firewall-1, Connectra R66, Tipping Point 200E, and SecureTrack solutions. Rebuilt and maintained the headquarters demonstration lab with the latest security hardware and software solutions from CheckPoint, Juniper, BlueCoat, TippingPoint, ForeScout, RSA, Designed, tested, deployed, and supported secure mail solutions for the entire company using ProofPoint Messaging Security Gateway Assisted in the design of key Managed Services, to further the goals of the company. Confidenital

Network and Security Engineer

RESPONSIBILITIES:

• Security Systems Software Development Designed, developed, and deployed custom data collection, monitoring, and configuration validation software for critical security and network infrastructure.
• Member of the Network and Security team responsible for managing the Security Environment
• Responsible for providing consultative, pro-active and sometimes reactive support to internal areas such as NOC, SOC and Solutions Architecture team.
• Managed, maintained, and implemented systems in all areas of the company Infrastructure and provided second level support to the Help Desk team, other infrastructure team members, and end users as needed
• Supported mission critical 24x7-365 Siebel/SQL servers, ensuring maintaining optimal uptime efficiency
• Managed a Nortel VPN system which provided access for remote employees and corporate VPN tunnels
• Responsible for managing the security tools such as CheckPoint Firewall, Nokia IP390, RSA Security, ISS Site Protector and Nortel Connectivity VPN Server.
• Designing of the VPN environment for saving budget with WAN circuits.
• Specialized in Network Security technologies Firewall, IPS/IDS, Content Filtering, Proxy and Cisco network products .
• Responsible for proposing the migration from CheckPoint R55 to R61 version making the Firewall environment totally up-to-date
• Provided Security Consulting to customers around border security, data security and intrusion detection
• Regularly performed firewall audits around CheckPoint Firewall-1 solutions for customers
• Provided tier 3 support for CheckPoint Firewall-1 software to support customers
• Conduction of Security Awareness and Network training for SOC and NOC staffs.
• Technical lead of field services team during the implementation phase.

Confidenital

Security Administrator / Windows 2003 Administrator

RESPONSIBILITIES:

• Utilize Security Information and Event Manager SIEM to Identify, track and manage security incidents throughout the Petersburg Public Schools enterprise.
• Determine if security incidence occurred examine all available information and supporting evidence related to an incident or event.
• Logically determine scope of security event and the potential impact to schools and network recommend appropriate course of action for managing security incidents and participate in the confinement, resolution and remediation of security incidents.
• Installing, Upgrading and configuring Checkpoint firewall.
• Manage enterprise equipment to include: addition, modification and/or deletion of firewall rules proxy rule sets that are an exception to global baseline
• IPS/AV signature updates RADIUS/RSA user and group management remote VPN assistance / VPN Management/Monitoring / creation of user accounts/tokens for remote access VPN
• Monitor Service Center queues for customer reported requests or incidents access tickets for applicability and assign to subject matter expert, as required.
• Research security tools and security alerts, when requested, and share research within group communicate with school administration and other team members regarding security status and participate in the mitigation of incidents as required
• Provide technical support and assistance to schools and departments in the selection, installation, operation, and maintenance of computer hardware and software. Nortel - switches, routers, TLS, upgrades.
• Firewall implementation, firewall management, network management and troubleshooting connectivity, routing, and configuration issues with routers, switches, firewalls.
• Installed and maintained Windows 2003 Server.
• Installed Medical practice software.
• Remote Administrator for Cisco Pix firewall
• Remote Support for Medical practice applications
• Perform operating system, network and application vulnerability assessments to identify security exposures in the environment.
• Established protocols for backups, server space management, security, virus protection and other procedures essential to eliminating downtime or data loss.

Environment: MacAfee ePO 4.0, MacAfee DLP, Check Point NGX R65 R54, Nortel, Websense Web Security, Script Logic, Tenable Security Center.

Confidenital

System Analyst/ Administrator

RESPONSIBILITIES:

• Practices including: Network/Security, Anti-Virus Administration, Intrusion Detection Monitoring, System access ID and log-on procedures and policies, file transfer and encryption protocols
• Automate the process of vulnerability management and policy compliance across the enterprise, providing network discovery and mapping, asset prioritization, vulnerability assessment reporting and remediation tracking according to business risk.
• Security audit log monitoring and management, Integration of security logs and categorization which meets compliance.
• Install and maintain security infrastructure, including Firewall, IDS/IPS, log management, and Security Information Event Management tools.
• User management and implementation of security policies.
• Auditing and Implementing base line standards for the all security devices.
• Responsible for performing Root Cause Analysis in response to major security incidents to avoid or minimize damages to Enterprise.
• Audit, enforce and document compliance with internal security policies and external regulations.
• Administration of security systems, information systems and technology infrastructure.
• Provide level 2 security incident response for select host and network security events.
• Monitoring security devices and Monitor all aspects of security related events within network including firewall logs, IDS events, Windows security event logs , Antivirus reports and RSA Secure ID tokens.
• Document and perform system upgrades, regular product updates, emergency patch applications, and define monitoring requirements.

Environment: Qualys Guard, Loglogic, ISA 2004, Check Point, MBSA, Source Fire, Symantec, CoreImpact.

Confidenital

Network, Server and Firewall Administrator

RESPONSIBILITIES:

• Level 3 support Firewall Administrator Cisco ASA and Checkpoint
• Team member for support of over 1,000 Cisco and Checkpoint Firewalls
• Drafted and installed Checkpoint Firewall rules and policies
• Level 3 firewall Break-fix support - received and acted pages from Level 2 and corrected faults
• Root Administrator Unix, Linux, Log servers for Cisco devices-After 2004
• Level one support for Oracle Unix servers Before 2004
• Junior UNIX Administrator at General Motors Tech Center Warren. Monitored and reported errors for more than 50 Sun Solaris and HPUX servers
• Handled Cisco firewall/router, Cyber Cafe and Windows 2003 Terminal Server/Windows 2008 administration
• Configured and managed a network of WYSE 60 thin client computers using Microsoft Terminal server technology
• Installed and maintained Windows 2003 Server for office network of 7 Computers
• Installed Medical practice software
• Used TightVNC to remotely solve server problems
• Remote Administrator for Cisco Pix firewall
• Remote Support for Medical practice applications