SUMMARY

• Network Security Engineer with tested and proven proficiency on large scale Network and Security Infrastructures.
• Over 6+ years of experience in Engineering, Implementation, Operation and Support of Network and Security infrastructures, a steadily progressing interest and expertise in different fields around the Information Technology Industry.

TECHNICAL SKILLS

• Routers (Cisco 7200, 3600, 2600, 2800, 1800, 1700), Cisco Catalyst Switches (6500 “with Sup 720”, 4500, 3700, 3500, 2900).
• Cisco Firewalls, PIX (535, 525, 520, 515, 506), ASA 5500, FWSM, VPN Concentrator 3000 series, Cisco IOS Firewall feature set (IOS 12.X).
• Juniper NetScreen Firewalls (NS - 5GT, NS-204, NS-208, NS-500, SSG 520, ISG 1000). Juniper SSL VPN SA-4000.
• Security products like IPS/IDS and SIEM
• Cisco NAC (CAS, CAM), Wireless (WLC, WCS), CS-MARS and 802.1x / network access control.
• F5 BIG-IP LTM and Loadmaster (KEMP Technologies) load balancers,
• AWS (Amazon Web Services) design and architecture (EC2, VPC, VPN, S3, Route53, IAM)
• Manage Cisco Works LMS for Cisco LAN Management, and provide periodic reports.
• STM, T-1, E-1, Ethernet (Gigabit Ethernet, Fast Ethernet) FDDI,
• Routing Protocol (BGP4, OSPF, EIGRP, IGRP, RIP), Routed Protocol (TCP/IP, IPX/SPX).
• Implemented QoS using FIFO, Weighted Fair Queuing, Priority Queuing, Custom Queuing, RSVP, RED and CAR.
• Implemented SNMP on devices for network management.
• Implementation, Upgrade and Management of HP Openview Server for network management (NNM).
• Implemented traffic filters using Standard & Extended access & distribute-Lists, Route-maps & PBR.
• Implementation of HSRP, NSRP, DHCP, DNS, FTP, TFTP, MRTG.

PROFESSIONAL EXPERIENCE

Confidential, Bakersfield, CA

Network Security Admin

Responsibilities:

• Configure and troubleshoot security policies and URL filtering on the Palo Alto Network Firewalls, a next generation firewall. As well as high availability configuration, Panorama, SSL decryption, threat prevention policies, wildfire inspection were implemented as well. Virus protection, vulnerability and malware inspection and protection with the Palo Alto firewalls were also created and used in the enterprise sized network.
• Configuration of the Cisco ASA firewalls and Firepower, and Sourcefire that involve access control lists to allow or to deny users from certain networks or systems for certain applications or ports. These issues are delivered through a ticketing system, as working in conjunction with Splunk and Elastic Syslog servers, and packet capture tools like Wireshark.
• Troubleshoot network engineering issues with routers, switches, IPS (intrusion prevention sensors), and Cisco and Palo Alto firewalls, which involves spanning tree, routing protocols, VPN systems working with VRF(virtual routing forwarding), VLANS, Cyber Security consulting on certain project and OS upgrade implementations.
• Configure Cisco ACS for AAA with devices and users to the network to allow users to with a privileged user account accessing devices and control their access, while also accounting for their actions with security logs.
• Performing IT infrastructure technical consulting by creating proof of concept projects in a test environment for different network and security solutions.
• Analysis IDS/IPS sensors to ensure the policies and settings are in compliance with the clients’ proposed goals. Gathering technical information from network and security teams as well as convey security concepts and exploit information to managers for different clients nationwide. Performing other testing methods to support reports such as Wireshark packet captures.
• Perform fine tuning of IDS/IPS fine tuning of signatures in a change control type of process. Create client reports to present to management on audit’s findings, explain any technical subjects in the tuning report to technical engineers and management.
• Reviewing and consulting clients’ IT security policies and strategies, review IT audit reports, Cyber Security consulting in regards to their policies, network diagrams, network security analysis, review roles and responsibilities of the IT security team, work with their security tools, inspect security configurations to ensure standards are being utilize such as ITIL, NIST 800 controls, ISO 27001/2, and industry best standards.
• Writing reports on findings and get it merged into a team report on the IT security team to give future recommendations on staffing requirements, practices and procedure changes, as well as long term future goals of the IT security teams.

Confidential

Network Security Engineer

Responsibilities:

• Preparing and reviewing network security architect designs to implement Palo Alto Network firewalls into a large biotech corporate network LANs and WANs, working with remote parties and remote locations. Informing the client of the different features of the Palo Alto Network firewalls not found on the vendor’s firewalls, so they can incorporate possible future procedures and designs such as policies based on user-ids, DNS, identifying application traffic, single pass inspection of incoming network traffic and integrating these changes with the Cisco routers and switches.
• Creating documentation needed for engineer teams to use for the migration from different vendor firewalls to Palo Alto Network Firewalls as well as network diagrams for the security solutions. The sites are worldwide, with different levels of experience of the onsite engineers and different network layouts, rule set evaluation, perform network security planning of firewall consolidation from different business units, with a future goal of creating a more uniform network design for the sites
• Working in network security, especially in firewalls and IPS. On a daily basis worked with Palo Alto Network firewalls and Cisco ASA firewalls and Sourcefire IPS, configuring them for access policies, VPNs, SSL decryption policies, Brightcloud web proxy rule configurations, Wildfire service for network malware protection, ssl-decryption, user-id traffic synced with Active Directory with a multinational company with equipment in different time zones.
• Prepare inventories and IT audits of network security equipment, network security diagrams, as well as working with technical support of different vendors, complete trouble tickets dealing with network security, reporting to management on multiple incidents and projects. Use security industry standard tools to perform analysis and troubleshoot of security incidents.
• Implemented Palo Alto Network Firewalls using PAN-OS and Cisco firewalls for a large financial Danish bank client. I have been inspecting the configuration of the firewalls to ensure they are configured correctly to enforce their corporate policies and the agile framework.

Confidential

Network Security Admin

Responsibilities:

• Administer and monitor Sourcefire intrusion prevention sensors (IPS) for a large DOD satellite wired and wireless of voice voip and Juniper data networks to monitor security incidents, block or alert events related to malware, exploits and violations against the AUP (acceptable user policy). This task required reviewing intrusion detection sensor logs, appliance health events, performing in depth packet analysis of the events with Wireshark captures. It also included providing management on guidance on best practices, reporting with metrics and graphs to support the findings, and recommends future configuration changes.
• Worked with Airtight wireless IPS (WIPS) to check for rogue access points and other wireless attacks and Aruba wireless controllers’ to ensure they have a secure configuration as well as creating a wireless incident response policy and procedures documentation.
• Planned and implemented Palo Alto Network Firewalls into an inline network configuration, to work in conjunction with the IPS and monitoring and logging appliances.
• Provide network security through analysis of Palo Alto Firewall systems and Juniper firewalls by reviewing logs, maintain ACLs (access control lists), network trends providing future security recommendations to protect the network from malware, viruses, Trojan horses, preventing users from using P2P applications, support VPNs, Radius authentication servers, proxy server software such as Websense and Brightcloud webpage filtering service, as well as using the ACC (Application Command Center) to analyze traffic patterns and trends to make recommendations to the clients. With this tool, I can show traffic percentages of P2P, web browsing, voice, and other applications to show the clients. I used Riverbed CACE to perform network performance analysis.
• Perform vulnerability assessments audits on devices on the wired and wireless networks using Nessus auditing tool and provide audit reports to the system administrators and system owners as well as provide guidance on how to achieve successful audit results with mitigations. Perform tests with Metasploit and other penetration testing tools. Custom settings are used for Linux, Windows, VMware, SQL servers, public facing websites, working with PKI secured sites, DOD 8500.2 STIG compliant policies to be loosely based on a NIPRnet network to provide a secure CND (Computer Network Defense). The systems are keeping in compliance with MacAfee EPO/HBSS acting as a HIPS agent, working in conjunction with the antivirus software.
• Troubleshoot and assist the network operations and engineering team with repairing network related issues, optimizing WAN traffic, escalating issues to the network security hardware vendors to work with their support engineers, providing network diagrams.
• Review firewall and IPS security system logs with Splunk log management for unauthorized access attempts into the network which is wired and wireless topology. Confirm finding by using multiple investigation tools to avoid false positive events, such real time network scans, reviewing logs in real time, and providing results in a reports to management and system owners for action to remove the devices. These logs can also assist me with performing diagnostic testing to identify if a service is running at optimal levels.

Confidential

Network Security Contractor

Responsibilities:

• Documented the implementation of the Fortigate firewalls, IPS, Hercules Remediation server, network monitoring software Solarwinds suite using SNMP utilizing MS SQL server as a backend database, network traffic analyzer, configuration management, ip address manager, log consolidation and analysis.
• Working in networking and network security team that implemented and troubleshot Cisco layer 2 & 3 switches, vlans, VPN issues, designed future network projects that involved new core switches and Cisco ACS TACACS+ server along with enforcing SSH as well as creating a STIG compliant baseline configuration with non-compliant services turned off, and best security practices based on the DOD, manufacture’s documentation such as Cisco and Fortigate, and SANS.
• Consulted with remote projects on Cisco products such as Cisco ASA firewalls, IPS, NAC and MARS servers, security on switches and routes and other products such as wireless systems
• Consulted on remote projects about best practices and give professional estimates on project deadlines to be given to the project manager, other engineers and the customer.

Confidential

Network Admin

Responsibilities:

• Installed, configured, and assisted in designing of LANS, WANS, VPNs connections with switches and routers which includes configuring the networking protocols of RIP and OSPF, VLANS, IP numbering, security access lists, firewalls, and VOIP networks with a network with over 100 Cisco and non Cisco networking devices some ranging from switches 2900 to several 6500 and routers 1800 to 7200.
• Created and administered a secure Apache Webserver for the documentation and procedures for networking team, which uses HTTP, Perl, Modperl, PHP, SSL, SecureID login, using Open Source software.
• Ensure that hardware is in compliance with patches and security issues with mailing lists and research. Ensure network security by looking at access logs, using ACS, and getting security audits.
• Working on the government installation I have been cleared by NASA with a national agency check to expire in the year 2008 and have gone to several remote installations for network projects.
• Another one of the duties that I personally performed is oversee support contracts with Cisco of our hardware and software IOS images inventory, assisting with NASA’s internal inventory as well.