OBJECTIVE:

• Improve, reduce cost and initiate solutions in IT using my technical knowledge and management skills. I have a deep passion for areas of information security / information assurance.

PROFESSIONAL EXPERIENCE

Confidential

Security Administrator and DC network technician

Responsibilities:

• Solved 103 catalog tasks, 45 change tasks, 65 incidents, 24 network tasks per Service - now
• Worked in network and load balancer queue
• Created network, security, 3rd party rack inventory and diagrams
• Solved F5 issues during disaster recovery datacenter exercise
• Huge ammount of work in clearing, sorting and arranging datacenter and racks
• Fixed IDF racks and 2 branch offices
• Worked in Solarwinds Orion, InfoBlox IPAM, CyberArk Pass Vault, Venafi Cert Authority
• Configuring F5 LTM in 4 environments
• Configuring VIPs, pools, members, iApps, certs
• Clarified and created cabling color standard and labeling standard
• Fixed problems from previos generations in datacenter and storage
• Suggested multipe improvements with solutions, new persective to improve data center

Confidential

System administrator

Responsibilities:

• Utilized security tools Nessus, OpenVAS, Qualys, Retina Community, Metasploit, Rapid7 Nexpose to recognize vulnerabilities and implement fixes.
• Provide weekly & monthly critical updates to stakeholders
• Providing security utilizing Mic. NPS, Cisco ACS and ISE (AAA, Guest Access, policy, profiling)
• Deployed and managed Checkpoint R77/R80 cluster solution with different blades
• Reviewed CheckPoint firewall cluster with regulatory compliance for ISO 27002 and NIST 800-41
• Designed, installed, configured, maintenaned and administrated CheckPointFirewall, Secure Platform Installation including GAiA
• Implementation and troubleshooting regular firewall connectivity issues L2 and L3 issues
• Hold experience on latest Checkpoint vendor products and in a distributed environment
• Drafted and installedCheckpointFirewallrules and policies
• Design and creation offirewalldiagram using MS-Visio
• Performance tuning incheckpointfirewallusing multi-queue, coreXL and secureXL.
• Complete rename of allfirewallobjects and rules
• Regularly performedfirewallaudits aroundCheckPointFirewall
• Firewallimplementation,firewallmanagement, network management and troubleshooting connectivity, routing, and configuration issues with routers, switches, firewalls
• Installing, Upgrading and configuring (Checkpoint)firewall
• Manage enterprise equipment to include: addition, modification and/or deletion offirewallrules
• Rebuilt and maintained the demonstration lab with software solutions fromCheckPoint
• Migration offirewallrules from Cisco ASA toCheckpoint.
• Troubleshooting of network connectivity and establishedfirewallrules.
• Utilizing Netflow, VOIP, QoS, VTP/STP, DHCP, DNS, Internet Security
• Deployed cluster solution and managing VMware ESXi solution with vCenter managing platform
• Deployed and managing Cisco CUCM and Unity solution for local branch office of 10 phones
• Deployed and managing iSCSI and NFS storage solution
• Managed all aspects of network (Cisco routers, SSL VPN, Cisco PoE, HP/Dell gigabit switches, Cisco Wi-Fi AP, terminal servers, UPS)
• Managed server farm of 55 virtual servers (Mic. AD, Exchange, helpdesk, monitoring, security)
• Configured Palo Alto FW (IDS/IPS, traffic-shaping, threat forensics, IPS, VPN, app. control)
• Configured Cisco ASA FW (IPS, SSL VPN, threat detection, cluster, statefull packet inspection)
• Deployed monitoring solutions Cacti, Nagios, SolarWinds & PRTG
• Configure, secure Win, Linux - CentOS, Red Hat, FreeBSD, Ubuntu) & 15 network devices
• Adding Splunk search heads for multiple indexers, used Hot, Warm, Cold buckets for indexing and searching of the data,
• CreatedSplunksaved searches, event types and macros, reports, scheduled searches, alerts & dashboards, maintaining apps
• Deployed and using Splunk, SumoLogic, Papertrail, Graylog & syslog-ng for data collection

Confidential

Team Leader

Responsibilities:

• Managing team of 13 direct reports on global level for 93 F5/Cisco/Juniper SSL VPN for Confidential (GE) businesses with over 41,000 concurrent users and across 330 000 employees globally in world
• Evaluating CheckPoint Threat Intelligence Report for top attacks and breaches
• Meet or regular basis with Checkpoint account manager for GE presenting new features.
• Continue to work in security field and collaborating with several other IT risk teams.
• Backup of Zscaler global team leader (GE Web Content Filtering)
• Providing support of 6 SafeNet Network HSM (ex Luna SA) servers for encryption key safety.
• Using Ansible in F5 APM networking space and preparing for EX407.
• Working on F5 APM solutions, Cisco ASA, Juniper SA solutions in IPSEC / SSL area.
• Reaching 75 % technical L3/4 resource during my work hours.
• Owns Problem Management for VPN in ITIL framework.
• Accomplishing 80% favorable survey for VPN solution.
• Each month delivering 1 automation job.
• Reducing changes by automation for 20 % from RITM to CHG.
• Working with different team on DLP solution in VPN space
• Evaluating and testing Palo Alto firewall
• Utilizing PMP knowledge and Agile in daily work
• Working with ISO/IEC 2700x specifically with 27033-5
• Evaluating “Strategic Intelligence Update” for Aviation/ Energy/Financial/Health and Transportation regarding breaches, compliance & laws
• Following with US cert vulnerabilities & Alerts
• Evaluating logs for PII and assessment in accordance with NIST 800-92 (log management)
• Performing yearly audit for company ISO 27002 & FISMA (NIST SP800-53r4) regarding global VPN concentrators
• Working with OPS tools like ITIL service-now, IPAM, ScienceLogic EM7, Splunk, NetQoS lanscope, spectrum, HPNA, MRTG, workfront, slack, github, scalr, relic, tableau, trello, skype for business, padlet, yammer, Jabber, Sococo, Skype for Business, GitHub, Box, Confluence
• Created Splunk searches, email reports, dashboards, driving mgmt. of team Splunk apps
• Monitoring global VPN Concentrators thru Splunk dashboard for all syslog alerts

VPN OPS Service Manager & VPN OPS Team Leader

Responsibilities:

• Managed team on Global level for F5 APM SSL VPN for Confidential (GE) businesses with over 41,000 concurrent users and across 330 000 employees globally in world.
• Continue to manage team of Juniper/Cisco L2 and L3 teams with total of 21 people and 2 offshore leaders
• Successfully patched servers when vulnerabilities were found like CVE-2016-0800
• Successfully transition VPN OPS support from several vendors to one vendor providing better ADIR and P50 INC resolutions.
• Successfully transition OPS responsibility from Juniper VPN to F5 VPN APM
• Worked on daily basis with IT risk compliance changes and CVE, worked on SOC2 compliance, help built remote access control standards for VPN space
• Led team who implemented 280 VPN changes in 2015 and 445 in 2016 with 100% FTR and compliance.

Network projects lead and VPN run team leader

Responsibilities:

• Continude to manage team of Juniper L2 and L3 teams with total of 21 people
• Led backup process for Internetworking devices: all types of firewalls, IPS, proxy and load balanc.
• Helped with transitioning all internetworking devices from one vendor to another and assisting with new cloud proxy solution
• Worked on analyzing and improving proactive automation standards
• Implemented PMP and Lean six sigma ideologies into assigned projects
• Worked actively on IT Infrastructure Library (ITIL) as incident, problem, change, config. & release mgmt.

VPN Network OPS team lead

Responsibilities:

• Managed 2nd world biggest implementation of SSL VPN solutions for Confidential (GE) businesses with over 22,000 concurrent users and across 300 000 employees globally in world.
• Managed team of L2 and L3 with total of 21 people
• Supported diverse GE business lines and VPN services
• Worked actively on satisfying several security audits and their compliance
• Worked actively on IT Infrastructure Library (ITIL) as incident, problem, change, config mgmt.
• Improved work instructions and statements for work standard operating procedures
• Troubleshooted as Tier 4 level 50 Juniper SA 6000/6500 SSL VPN devices

Confidential

Sr. Security / network engineer

Responsibilities:

• Familiar with CheckPoint Provider-1 R-65 (MDS) and CMAs for 6 world-wide regions with additional Provider-1 as redundancy and 2 separate logging modules (servers) for DHL customer
• Managed 4 Checkpoint NGX R-60/61 firewalls (creating rules, groups, VPNs) plus 6 NGX R62/65
• Managed 2 CheckPoint SmartCenters (Security Management Servers) R-60 for firewalls
• Achieved SAS-70 Type II (ISAE 3402/SSAE) for audited networks in company
• Worked with Qualys vulnerability management and policy compliance solution, including Splunk
• Maintained and configured 11 Juniper firewalls including ISG-2000 with virtual firewalls
• Managed and configured 4 Juniper SSL VPN appliances (SA-4500 & 4000) for TSNA and ATS customers and with NSM worked on Cisco FW solution with DMZ server plus VPN access, clusters for Internet, DMZ
• Managed one reverse proxy BIG-IP F5 for Internet sites
• Managed three McAfee Web gateways/proxy with URL/Anti Malware/SSL and FTP Web threats
• Designed and implemented Wi-Fi with 2 controllers AIR-WLC4404-100 & 21 AIR-LAP1242AG
• Maintained 171 Cisco equipment