Hybrid Cloud Security & Automation Resume

SUMMARY

Well - rounded Network Security expert possessing over twenty years of professional IT engineering experience - specializing in Information security architecture & design, implementation, and optimization for complex, enterprise-class organizations.
Highly experienced Security Consultant & passionate Technical Trainer with proven hands-on networking & security engineering skills.
Strong operational & project management skills. Has built a reputation for displaying a strong character, mentorship, and exceptional delivery.

PROFESSIONAL EXPERIENCE

Confidential

Hybrid Cloud Security & Automation

Responsibilities:

Deploy Lab/Dev environment on AWS using Cloudformation templates, Infrastructure as code.
Bootstrap VM-Series firewalls on AWS and Azure, package and configuration file versioning with git.
Developed label-based micro-segmentation policies, orchestrated through vArmour, for deployment to VMware NSX-T DFW (Distributed Firewall).
Completed Firemon Implemented, perform compliance checks, policy automation, and firewall rule remediation.
Experience on-boarding cloud accounts into Prisima Cloud and configure Prisma Cloud settings.
Experience connecting branch offices and remote users through Prisma Access.

Confidential

Security Engineer Consultant

Responsibilities:

Modernize and Remediate ICS / SCADA infrastructure to meet security compliance requirements.
ICS Network segmentation and defense-in-depth strategies based on Purdue model.
Lead OT initiatives - design and build LSVPN / Site-to-site VPN to secure OT communications.
Developed streamlined process and configuration to deploy PA-220 to 140+ sites replacing EoL Cisco ASA’s.
Experience with Microsoft 365 Communications DLP, Information Protections, and Office 365 APT.

Confidential

Palo Alto Firewall Engineer

Responsibilities:

Migrate Cisco Ironport security rules to PAN URL filtering, file blocking, and wildfire security profiles.
Design and implement PAN user-ID, user-group mappings, and security policy rules enforcement.

Confidential

Palo Alto Firewall Architect

Responsibilities:

Palo Alto SME and architect for new SDDC implementation of PA-5260 HA pair & PA-5250 HA pair.
Architect Multi-Vsys design to support multi-tenant, multi-VRF network centric ACI architecture.
Design and implement mixed mode HA M-500’s to manage on-prem virtual systems, AWS, & Azure FW’s.

Confidential

Palo Alto Firewall Engineer

Responsibilities:

Palo Alto SME for new guest wireless and corporate services network implementation of a pair of PA-3060’s.
Identify application traffic passing through Palo Alto firewall and create the appropriate App-ID policies.
Design and configure Active/Active High Availability failover based on and customer considerations.
Configuration of multiple Virtual Routers and OSPF instances for integration with multi-VRF design.

Confidential

Senior Firewall Security Engineer

Responsibilities:

Migrate a pair of ASA 5585’s & ASA 5555’s to PA-3060’s and PA-850’s.
Threat Prevention analysis and basic tuning of Threat Prevention security profiles.
Work with customers to determine which application traffic will be permitted and denied outside access.
Map security zones to physical and virtual interfaces on the firewall.