Security Administrator And Dc Network Technician Resume
5.00/5 (Submit Your Rating)
OBJECTIVE:
- Improve, reduce cost and initiate solutions in IT using my technical knowledge and management skills. I have a deep passion for areas of information security / information assurance.
PROFESSIONAL EXPERIENCE
Confidential
Security Administrator and DC network technician
Responsibilities:
- Solved 103 catalog tasks, 45 change tasks, 65 incidents, 24 network tasks per Service - now
- Worked in network and load balancer queue
- Created network, security, 3rd party rack inventory and diagrams
- Solved F5 issues during disaster recovery datacenter exercise
- Huge ammount of work in clearing, sorting and arranging datacenter and racks
- Fixed IDF racks and 2 branch offices
- Worked in Solarwinds Orion, InfoBlox IPAM, CyberArk Pass Vault, Venafi Cert Authority
- Configuring F5 LTM in 4 environments
- Configuring VIPs, pools, members, iApps, certs
- Clarified and created cabling color standard and labeling standard
- Fixed problems from previos generations in datacenter and storage
- Suggested multipe improvements with solutions, new persective to improve data center
Confidential
System administrator
Responsibilities:
- Utilized security tools Nessus, OpenVAS, Qualys, Retina Community, Metasploit, Rapid7 Nexpose to recognize vulnerabilities and implement fixes.
- Provide weekly & monthly critical updates to stakeholders
- Providing security utilizing Mic. NPS, Cisco ACS and ISE (AAA, Guest Access, policy, profiling)
- Deployed and managed Checkpoint R77/R80 cluster solution with different blades
- Reviewed CheckPoint firewall cluster with regulatory compliance for ISO 27002 and NIST 800-41
- Designed, installed, configured, maintenaned and administrated CheckPointFirewall, Secure Platform Installation including GAiA
- Implementation and troubleshooting regular firewall connectivity issues L2 and L3 issues
- Hold experience on latest Checkpoint vendor products and in a distributed environment
- Drafted and installedCheckpointFirewallrules and policies
- Design and creation offirewalldiagram using MS-Visio
- Performance tuning incheckpointfirewallusing multi-queue, coreXL and secureXL.
- Complete rename of allfirewallobjects and rules
- Regularly performedfirewallaudits aroundCheckPointFirewall
- Firewallimplementation,firewallmanagement, network management and troubleshooting connectivity, routing, and configuration issues with routers, switches, firewalls
- Installing, Upgrading and configuring (Checkpoint)firewall
- Manage enterprise equipment to include: addition, modification and/or deletion offirewallrules
- Rebuilt and maintained the demonstration lab with software solutions fromCheckPoint
- Migration offirewallrules from Cisco ASA toCheckpoint.
- Troubleshooting of network connectivity and establishedfirewallrules.
- Utilizing Netflow, VOIP, QoS, VTP/STP, DHCP, DNS, Internet Security
- Deployed cluster solution and managing VMware ESXi solution with vCenter managing platform
- Deployed and managing Cisco CUCM and Unity solution for local branch office of 10 phones
- Deployed and managing iSCSI and NFS storage solution
- Managed all aspects of network (Cisco routers, SSL VPN, Cisco PoE, HP/Dell gigabit switches, Cisco Wi-Fi AP, terminal servers, UPS)
- Managed server farm of 55 virtual servers (Mic. AD, Exchange, helpdesk, monitoring, security)
- Configured Palo Alto FW (IDS/IPS, traffic-shaping, threat forensics, IPS, VPN, app. control)
- Configured Cisco ASA FW (IPS, SSL VPN, threat detection, cluster, statefull packet inspection)
- Deployed monitoring solutions Cacti, Nagios, SolarWinds & PRTG
- Configure, secure Win, Linux - CentOS, Red Hat, FreeBSD, Ubuntu) & 15 network devices
- Adding Splunk search heads for multiple indexers, used Hot, Warm, Cold buckets for indexing and searching of the data,
- CreatedSplunksaved searches, event types and macros, reports, scheduled searches, alerts & dashboards, maintaining apps
- Deployed and using Splunk, SumoLogic, Papertrail, Graylog & syslog-ng for data collection
Confidential
Team Leader
Responsibilities:
- Managing team of 13 direct reports on global level for 93 F5/Cisco/Juniper SSL VPN for Confidential (GE) businesses with over 41,000 concurrent users and across 330 000 employees globally in world
- Evaluating CheckPoint Threat Intelligence Report for top attacks and breaches
- Meet or regular basis with Checkpoint account manager for GE presenting new features.
- Continue to work in security field and collaborating with several other IT risk teams.
- Backup of Zscaler global team leader (GE Web Content Filtering)
- Providing support of 6 SafeNet Network HSM (ex Luna SA) servers for encryption key safety.
- Using Ansible in F5 APM networking space and preparing for EX407.
- Working on F5 APM solutions, Cisco ASA, Juniper SA solutions in IPSEC / SSL area.
- Reaching 75 % technical L3/4 resource during my work hours.
- Owns Problem Management for VPN in ITIL framework.
- Accomplishing 80% favorable survey for VPN solution.
- Each month delivering 1 automation job.
- Reducing changes by automation for 20 % from RITM to CHG.
- Working with different team on DLP solution in VPN space
- Evaluating and testing Palo Alto firewall
- Utilizing PMP knowledge and Agile in daily work
- Working with ISO/IEC 2700x specifically with 27033-5
- Evaluating “Strategic Intelligence Update” for Aviation/ Energy/Financial/Health and Transportation regarding breaches, compliance & laws
- Following with US cert vulnerabilities & Alerts
- Evaluating logs for PII and assessment in accordance with NIST 800-92 (log management)
- Performing yearly audit for company ISO 27002 & FISMA (NIST SP800-53r4) regarding global VPN concentrators
- Working with OPS tools like ITIL service-now, IPAM, ScienceLogic EM7, Splunk, NetQoS lanscope, spectrum, HPNA, MRTG, workfront, slack, github, scalr, relic, tableau, trello, skype for business, padlet, yammer, Jabber, Sococo, Skype for Business, GitHub, Box, Confluence
- Created Splunk searches, email reports, dashboards, driving mgmt. of team Splunk apps
- Monitoring global VPN Concentrators thru Splunk dashboard for all syslog alerts
VPN OPS Service Manager & VPN OPS Team Leader
ConfidentialResponsibilities:
- Managed team on Global level for F5 APM SSL VPN for Confidential (GE) businesses with over 41,000 concurrent users and across 330 000 employees globally in world.
- Continue to manage team of Juniper/Cisco L2 and L3 teams with total of 21 people and 2 offshore leaders
- Successfully patched servers when vulnerabilities were found like CVE-2016-0800
- Successfully transition VPN OPS support from several vendors to one vendor providing better ADIR and P50 INC resolutions.
- Successfully transition OPS responsibility from Juniper VPN to F5 VPN APM
- Worked on daily basis with IT risk compliance changes and CVE, worked on SOC2 compliance, help built remote access control standards for VPN space
- Led team who implemented 280 VPN changes in 2015 and 445 in 2016 with 100% FTR and compliance.
Network projects lead and VPN run team leader
ConfidentialResponsibilities:
- Continude to manage team of Juniper L2 and L3 teams with total of 21 people
- Led backup process for Internetworking devices: all types of firewalls, IPS, proxy and load balanc.
- Helped with transitioning all internetworking devices from one vendor to another and assisting with new cloud proxy solution
- Worked on analyzing and improving proactive automation standards
- Implemented PMP and Lean six sigma ideologies into assigned projects
- Worked actively on IT Infrastructure Library (ITIL) as incident, problem, change, config. & release mgmt.
VPN Network OPS team lead
ConfidentialResponsibilities:
- Managed 2nd world biggest implementation of SSL VPN solutions for Confidential (GE) businesses with over 22,000 concurrent users and across 300 000 employees globally in world.
- Managed team of L2 and L3 with total of 21 people
- Supported diverse GE business lines and VPN services
- Worked actively on satisfying several security audits and their compliance
- Worked actively on IT Infrastructure Library (ITIL) as incident, problem, change, config mgmt.
- Improved work instructions and statements for work standard operating procedures
- Troubleshooted as Tier 4 level 50 Juniper SA 6000/6500 SSL VPN devices
Confidential
Sr. Security / network engineer
Responsibilities:
- Familiar with CheckPoint Provider-1 R-65 (MDS) and CMAs for 6 world-wide regions with additional Provider-1 as redundancy and 2 separate logging modules (servers) for DHL customer
- Managed 4 Checkpoint NGX R-60/61 firewalls (creating rules, groups, VPNs) plus 6 NGX R62/65
- Managed 2 CheckPoint SmartCenters (Security Management Servers) R-60 for firewalls
- Achieved SAS-70 Type II (ISAE 3402/SSAE) for audited networks in company
- Worked with Qualys vulnerability management and policy compliance solution, including Splunk
- Maintained and configured 11 Juniper firewalls including ISG-2000 with virtual firewalls
- Managed and configured 4 Juniper SSL VPN appliances (SA-4500 & 4000) for TSNA and ATS customers and with NSM worked on Cisco FW solution with DMZ server plus VPN access, clusters for Internet, DMZ
- Managed one reverse proxy BIG-IP F5 for Internet sites
- Managed three McAfee Web gateways/proxy with URL/Anti Malware/SSL and FTP Web threats
- Designed and implemented Wi-Fi with 2 controllers AIR-WLC4404-100 & 21 AIR-LAP1242AG
- Maintained 171 Cisco equipment