- Well - rounded Network Security expert possessing over twenty years of professional IT engineering experience - specializing in Information security architecture & design, implementation, and optimization for complex, enterprise-class organizations.
- Highly experienced Security Consultant & passionate Technical Trainer with proven hands-on networking & security engineering skills.
- Strong operational & project management skills. Has built a reputation for displaying a strong character, mentorship, and exceptional delivery.
Hybrid Cloud Security & Automation
- Deploy Lab/Dev environment on AWS using Cloudformation templates, Infrastructure as code.
- Bootstrap VM-Series firewalls on AWS and Azure, package and configuration file versioning with git.
- Developed label-based micro-segmentation policies, orchestrated through vArmour, for deployment to VMware NSX-T DFW (Distributed Firewall).
- Completed Firemon Implemented, perform compliance checks, policy automation, and firewall rule remediation.
- Experience on-boarding cloud accounts into Prisima Cloud and configure Prisma Cloud settings.
- Experience connecting branch offices and remote users through Prisma Access.
Security Engineer Consultant
- Modernize and Remediate ICS / SCADA infrastructure to meet security compliance requirements.
- ICS Network segmentation and defense-in-depth strategies based on Purdue model.
- Lead OT initiatives - design and build LSVPN / Site-to-site VPN to secure OT communications.
- Developed streamlined process and configuration to deploy PA-220 to 140+ sites replacing EoL Cisco ASA’s.
- Experience with Microsoft 365 Communications DLP, Information Protections, and Office 365 APT.
Palo Alto Firewall Engineer
- Migrate Cisco Ironport security rules to PAN URL filtering, file blocking, and wildfire security profiles.
- Design and implement PAN user-ID, user-group mappings, and security policy rules enforcement.
Palo Alto Firewall Architect
- Palo Alto SME and architect for new SDDC implementation of PA-5260 HA pair & PA-5250 HA pair.
- Architect Multi-Vsys design to support multi-tenant, multi-VRF network centric ACI architecture.
- Design and implement mixed mode HA M-500’s to manage on-prem virtual systems, AWS, & Azure FW’s.
Palo Alto Firewall Engineer
- Palo Alto SME for new guest wireless and corporate services network implementation of a pair of PA-3060’s.
- Identify application traffic passing through Palo Alto firewall and create the appropriate App-ID policies.
- Design and configure Active/Active High Availability failover based on and customer considerations.
- Configuration of multiple Virtual Routers and OSPF instances for integration with multi-VRF design.
Senior Firewall Security Engineer
- Migrate a pair of ASA 5585’s & ASA 5555’s to PA-3060’s and PA-850’s.
- Threat Prevention analysis and basic tuning of Threat Prevention security profiles.
- Work with customers to determine which application traffic will be permitted and denied outside access.
- Map security zones to physical and virtual interfaces on the firewall.