OBJECTIVE:

• Improve, reduce cost and initiate solutions in IT using my technical knowledge and management skills. I have a deep passion for areas of information security / information assurance.

PROFESSIONAL EXPERIENCE:

Confidential, Detroit, MI

Implementation Security Engineer

Responsibilities:

• Working for company specialized in only security services
• Working for customer who is one of largest in financial industry
• Configuring R77 and R80 Checkpoint FW
• Utilizing R77 and R80 Checkpoint management consoles
• Utilizing Juniper NSM management server and configuring FW
• Familiar with Symantec DLP solution
• Member of implementation team
• Preparing for CISSP and Checkpoint exams

Confidential, Southfield, MI

Security Administrator and DC Network Technician

Responsibilities:

• Solved 103 catalog tasks, 45 change tasks, 65 incidents, 24 network tasks per Service - now
• Worked in CyberArk Pass Vault, Solarwinds Orion, InfoBlox IPAM, Venafi Cert Authority
• Worked in network and load balancer queue
• Created network, security, 3rd party rack inventory and diagrams
• Solved F5 issues during disaster recovery datacenter exercise
• Huge ammount of work in clearing, sorting and arranging datacenter and racks
• Fixed IDF racks and 2 branch offices
• Configed F5 LTM in 4 environments
• Configued VIPs, pools, members, iApps, certs
• Clarified and created cabling color standard and labeling standard
• Fixed problems from previos generations in datacenter and storage
• Suggested multipe improvements with solutions, new persective to improve data center
• Familiar with Nexus 7K and other DC switches.

Confidential, West Bloomfield, MI

System administrator

Responsibilities:

• Providing security visibility with SIEM Qradar, Security Onion
• Utilized security tools Nessus, OpenVAS, Qualys, Retina Community, Metasploit, Rapid7 Nexpose to recognize vulnerabilities and implement fixes.
• POC Mic. NPS, Cisco ACS and ISE (AAA, Guest Access, policy, profiling)
• Deployed and managed Checkpoint R77/R80 cluster solution with different blades
• Reviewed CheckPoint firewall cluster with regulatory compliance for ISO 27002 and NIST
• Implementation and troubleshooting regular firewall connectivity issues L2 and L3 issues
• Hold experience on latest Checkpoint vendor products and in a distributed environment
• Drafted and installedCheckpointFirewallrules and policies
• Design and creation offirewalldiagram using MS-Visio
• Performance tuning incheckpointfirewallusing multi-queue, coreXL and secureXL.
• Regularly performedfirewallaudits aroundCheckPointFirewall
• Firewallimplementation,firewallmanagement, network management and troubleshooting connectivity, routing, and configuration issues with routers, switches, firewalls
• Installing, Upgrading and configuring (Checkpoint)firewall
• Migration offirewallrules from Cisco ASA toCheckpoint.
• Troubleshooting of network connectivity and establishedfirewallrules.
• Utilizing Netflow, VOIP, QoS, VTP/STP, DHCP, DNS, Internet Security
• Deployed cluster solution and managing VMware ESXi solution with vCenter managing platform
• Deployed and managing Cisco CUCM and Unity solution for local branch office of 10 phones
• Deployed and managing iSCSI and NFS storage solution
• Managed all aspects of network (Cisco routers, SSL VPN, Cisco PoE, HP/Dell gigabit switches, Cisco Wi-Fi AP, terminal servers, UPS, Cisco Umbrella)
• Managed server farm of 55 virtual servers (Mic. AD, Exchange, helpdesk, monitoring, security)
• Configured Palo Alto FW (IDS/IPS, traffic-shaping, threat forensics, IPS, VPN, app. control)
• Configured Cisco ASA FW (IPS, SSL VPN, threat detection, cluster, statefull packet inspection)
• Deployed monitoring solutions Cacti, Nagios, SolarWinds & PRTG
• Configure, secure Win, Linux - CentOS, Red Hat, FreeBSD, Ubuntu) & 15 network devices
• Deployed and using Splunk, SumoLogic, Papertrail, Graylog & syslog-ng for data collection

Confidential, Van Buren Township, MI

Edge VPN OPS Automation Team Leader

Responsibilities:

• Managing team of 13 direct reports on global level for 93 F5/Cisco/Juniper SSL VPN for Confidential (GE) businesses with over 41,000 concurrent users and across employees globally in world
• Evaluating CheckPoint Threat Intelligence Report for top attacks and breaches
• Meet or regular basis with Checkpoint account manager for GE presenting new features.
• Continue to work in security field and collaborating with several other IT risk teams.
• Backup of Zscaler global team leader (GE Web Content Filtering)
• Providing support of 6 SafeNet Network HSM (ex Luna SA) servers for encryption key safety.
• Using Ansible in F5 APM networking space and preparing for EX407.
• Working on F5 APM solutions, Cisco ASA, Juniper SA solutions in IPSEC / SSL area.
• Reaching 75 % technical L3/4 resource during my work hours.
• Owns Problem Management for VPN in ITIL framework.
• Accomplishing 80% favorable survey for VPN solution.
• Each month delivering 1 automation job.
• Reducing changes by automation for 20 % from RITM to CHG.
• Working with different team on DLP solution in VPN space
• Evaluating and testing Palo Alto firewall
• Utilizing PMP knowledge and Agile in daily work
• Working with ISO/IEC 2700x specifically with 27033-5
• Evaluating “Strategic Intelligence Update” for Aviation/ Energy/Financial/Health and Transportation regarding breaches, compliance & laws
• Following with US cert vulnerabilities & Alerts
• Evaluating logs for PII and assessment in accordance with NIST (log management)
• Performing yearly audit for company ISO 27002 & FISMA (NIST SP r4) regarding global VPN concentrators
• Working with OPS tools like ITIL service-now, IPAM, ScienceLogic EM7, Splunk, NetQoS lanscope, spectrum, HPNA, MRTG, workfront, slack, github, scalr, relic, tableau, trello, skype for business, padlet, yammer, Jabber, Sococo, Skype for Business, GitHub, Box, Confluence
• Created Splunk searches, email reports, dashboards, driving mgmt. of team Splunk apps
• Monitoring global VPN Concentrators thru Splunk dashboard for all syslog alerts

Confidential, Troy, MI

Continued Sr. Security / network engineer

Responsibilities:

• Familiar with CheckPoint Provider-1 R-65 (MDS) and CMAs for 6 world-wide regions with additional Provider-1 as redundancy and 2 separate logging modules (servers) for DHL customer
• Managed 4 Checkpoint NGX R-60/61 firewalls (creating rules, groups, VPNs) plus 6 NGX R62/65
• Managed 2 CheckPoint SmartCenters (Security Management Servers) R-60 for firewalls
• Achieved SAS-70 Type II (ISAE 3402/SSAE) for audited networks in company
• Worked with Qualys vulnerability management and policy compliance solution, including Splunk
• Maintained and configured 11 Juniper firewalls including ISG-2000 with virtual firewalls
• Managed and configured 4 Juniper SSL VPN appliances (SA-4500 & 4000) for TSNA and ATS customers and with NSM worked on Cisco FW solution with DMZ server plus VPN access, clusters for Internet, DMZ
• Managed one reverse proxy BIG-IP F5 for Internet sites
• Managed three McAfee Web gateways/proxy with URL/Anti Malware/SSL and FTP Web threats
• Designed and implemented Wi-Fi with 2 controllers AIR-WLC & 21 AIR-LAP1242AG
• Maintained 171 Cisco equipment

Confidential, Troy, MI

Network technical team leader

Responsibilities:

• Maintained 350 devices (5400 users) at 56 sites (routers, switches, VPN, ACS, IDS, AS)
• Configured firewall rules on 6 Cisco firewalls & 8 BIG-IP F5
• Configured and maintained Riverbed Management Console 8000 and Stealhead 5520
• Managed 4 Adonis DNS servers (external, internal)