- Outstanding capability to take the initiative; highly motivated; ability to interact with all levels of company personnel
- Ability to work productively in a fast paced environment; good oral and written skills; effective team player; excellent proofreading and editing skills; knowledge of diverse equipment; excellent customer relation skills; 18+ years of professional experience in the information technology industry comfortable working within a Enterprise Data Center/NOC; proven ability to learn quickly and become proficient in new products and technology dependable and detail oriented; effective technical troubleshooting knowledge.
Network Security Engineer
- Troubleshoot, configure, upgrade, maintain and monitor the F5 appliances (LTM, ASM) network architecture for performance, configurations, traffic flow and capacity/utilization.
- Development of processes and procedures to relate engineering documentation for troubleshooting to quickly identify security issues.
- Evaluate various modern technologies to optimize network efficiency and review/provide recommendations to improve the network routers/switches and load balancing functionality.
- Partner with the information security personnel to assess potential exposure to vulnerabilities, identify mitigation plans and ensure company compliance with enterprise guidelines and standards.
- Ensure high quality security service delivery through daily monitoring of vendor performance, responsiveness to security problems, crisis management, and adherence to service levels and security service improvement initiatives.
- Involved in the planning, implementation, upgrade and maintenance of the Windows Enterprise server environment.
Senior Security Engineer
- Experience with Network testing and Web Application Penetration, Vulnerability scanning (e.g. Qualys,Nessus) and/or FireEye.
- Implementing design changes and setting security parameters for customer networks.
- Collaborating with managers and technical staff to solve problems and develop technical requirements.
- Exercised multiple years of experience with design and engineering Load balancing solutions for multi - tiered applications deployed across multiple data centers and DMZ security constructs in the deployment of network and/or server hardware within both corporate IP Networks and DMZ Firewalled Zones, including design, specifying requirements, and troubleshooting network connectivity, routing, and firewall rules.
- In depth security engineering in traffic management solutions, including the design, low level engineering, and delivery of new hardware & virtual systems as well as application load balancing solutions for client applications across the pre-provisioned ADC infrastructure.
- Utilized comprehensive understanding of application load balancing strategies and advanced techniques for application delivery including but not limited to: SSL offload and implementation of SSL certificate/key, LTM Inbound SNAT configurations, outbound NAT server to IP mapping.
Network Security Engineer
- Knowledge of ADC F5 LTM and GTM hardware platforms including engineering design and deployment implementation guidelines.
- Functional understanding of diverse set of networked applications requiring application traffic management solutions, including HTTP, HTTPS, SSH, FTP, DNS, NTP, ANYCAST services, and others.
- Provided tier II/tier III operational support for F5 Application Security Manager (ASM) infrastructure.
- Understanding of LTM Inbound SNAT configurations and outbound NAT server to IP mapping required.
- Evaluates, recommends, and implements strategies for LAN/WAN hardware and software requirements and capabilities related to internal and external customer needs.
- Troubleshoot and provide remediation for ASM related application incidents as well as providing vendor oversight for F5 ASM related changes.
- Responsible for migration of Legacy platforms (ACE, CSM, etc,) and older version of BigIP to up-to-date F5 ADC PCI compliant systems.
- Understanding of application load balancing strategies and advanced techniques for application delivery
- Knowledge of F5 iRules (F5’s TCL scripting language) enabling customization of application load balancing solutions through the control and direct manipulation of the application traffic while maintaining admin experience with F5 configuration CLI including both BigPipe and Shell (TMSH)
- Maintains advanced knowledge in most areas of network hardware/software interconnections and interfaces (such as LAN/WAN equipment and services, switches, routers, firewalls, load balancers and VPN.
- Experience with packet capture analysis software and F5 Web Accelerator and Application Security Module (ASM).
Network Security Engineer
- Provide Tier 4 Engineering support to Operations and Enablement teams for the F5 Networks Application Security Module as a Web Application Firewall (WAF) implementation in both cloud and premise environments.
- Responsible for developing and implementing a F5 multi-tenant and premises based WAF solutions on platforms including F5 Viprion clusters, F5 BigIP 2K, 5K, and 7K series hardware to support the Managed Security Services business unit.
- Participate in the development and maintenance of WAF policies and deliver weekly status reports for applicable services.
- Contribute to process improvements as needed while eliciting requirements and designs for implementing application security solutions with other Security Engineers and application developers.
- Manage the implementation and maintenance of F5 ASM polices and provide consultation on projects requiring security operational support.
- Responsible for regularly recurring review of F5 Big-IP system events utilizing the BigIQ management platform and communication to the Operations team about anomalous events observed.
- Acts as SME for questions or issues related to F5 suite of products while developing and maintaining WAF security design documentation.
- Implementing customer high availability F5-ADC solutions on the vCMP platform for ASM, LTM, & GTM, as well as physical BigIP hardware platforms in both the Lab testing and Production environments.
- Planned, organized, and implemented the organization’s high availability disaster recovery site, located in remote location.
- Assisted in upgrading the enterprise Active Directory environment utilizing Windows server 2k3 to Windows Server 2k8/2012.
- Implementation, administration, and upgrading of corporate virtualization systems from VMware 5.1 to VMware 5.5 w/ Operations Manager.
- Setup multiple SAN instances including IBM StorWize, EMC VNX and Sphinx hardware to be allocated for data retention and virtualization environments.
- Maintained and installed new and existing network infrastructure devices residing on an HP Procurve network backbone.
- Built new backup and recovery environment utilizing the Symantec Backup Exec 2014 platform.
- Provides technical and administrative support for the enterprise network utilizing primarily Cisco & Dell / Force 10 Network equipment utilizing protocols including EIGRP, BGP, TCP/IP, IP/VPN, ACL, and VoIP
- Supports business initiatives by providing network design, implementation and support for LAN/WAN, MPLS & IPSec vpn.
- Maintains advanced knowledge of the existing hardware and software in use to maximize network performance.
- Works with various vendors to troubleshoot connectivity issues (layer 1, 2 & 3) & implement corrections.
- Monitors the network via Solar Winds, syslog, and various ancillary tools providing proactive interaction to alleviate interruptions for routers, switches, bridges, WAP’s. etc. by various manufactures (Cisco, Force10)
- Provide backup assistance to Security Architect. BigIP F5, minor modifications to Cisco or SonicWall firewall.
- Provide configuration and technical support for both production and development servers, operating systems and software applications.
- Designs and manages the internal Cisco LAN, WAN, and ARUBA wireless networks for both corporate and retail sites.
- Configures, manages and provides technical support for the virtual environment, including hosts, operating systems and storage utilizing VMware 5.5.
- Configures, manages and provides technical support for the Check Point and Watch Guard firewalls, IPS, and other security systems.
- Performed routine system maintenance for Brocade Fabric switches, including port configuration and allocation, link aggregation & port channel configuration, and fiber connects to infrastructure equipment.
- Involved in the day-to-day system administration, support, tracking, and performance monitoring of all internal Windows Active Directory/Domain servers, utilizing Solar Winds NCM, APM, and NPM.
- Responsible for designing, installing, configuring, analyzing, and maintaining the organization’s local and wide area networks, servers, systems, storage, firewalls, messaging infrastructure, and subsystems.
- Oversees the network/server infrastructure and provides direction and instruction to technicians relating to network installation and configuration.
- Configure authentication, authorization, accounting access for various customers using, Microsoft and UNIX platforms running TACACS and RADIUS servers.
- Responsible for administration and maintenance of complicated data center and remote sites involving detailed BGP, HSRP, VRF, and VRRP configurations.
- Provide level 3 technical support in an environment consisting of Windows 2k3/2k8 servers and approximately 2000 end users/computers, including executives and upper level management.
- Installed and implemented wireless network solutions in HQ and remote offices using Cisco WLAN products.
- Program and install new telephony systems with the Avaya Telecom and Cisco UCM (Call Manager) software and hardware (Cisco Nexus 2K, 5K).
- Determine root cause of user reported problems, including network, VOIP telephone system, PC, server, and application issues in an enterprise NOC environment.
- Performed configuration and maintenance of the F5 Big-IP load balancers to ensure high availability and stability in a complex, large scale environment.
- Familiar with enterprise level circuit technologies including Frame-Relay, MPLS, and point-to-point circuits for speeds of T1 to OC3.
- Configured and deployed Cisco Routers (1800, 2700, 2800, 2900, 7000 series) and Cisco Switches (3000, 4000, 6000 series).
- Responsible for supporting the build-out and operations of large-scale networking infrastructure within strategic and legacy Services Datacenters running advanced protocols such as BGP, OSPF and EIGRP.
- Utilized F5 BIG-IP Local Traffic Manager (LTM) to optimize network infrastructure to deliver availability, security, and performance for critical business applications.
- Involved in the day-to-day system administration, support, tracking, and performance monitoring of all internal Windows Active Directory/Domain servers, utilizing Solarwinds and HP Openview.