Experience Summary

• IT professional with 12 years of information technology infrastructure administration, information security policy compliance, and auditing.
• Demonstrated expertise in risk and technical vulnerability assessment and audits of network infrastructure.
• Proficient in developing reports, alerts and monitoring for Tripwire, SIEM, IPS/IDS.
• Private sector experience includes Federal Information Security Management Act FISMA , Department of Defense DOD , Health Insurance Portability and Accountability Act HIPAA AND DISA STIGS Security Technical Implementation Guide STIG Compliance.
• Proficient in utilizing Nessus Tenable, Retina, Solaris OS for addressing the PCI DSS and Compliance and Cryptographic Services
• Good experience in security planning, risk assessment, security test and evaluation ST E .
• Proficient in the training of senior management staff on vast spectrum of information technology related programs including, high-level FISMA, DISA, DOD compliance training and auditing.
• Skilled in translating complex business processes into solutions in an efficient manner.
• Detail oriented, good decision making and problem solving skills, excellent interpersonal and communication skills, ability to work in team and individual environment.
• Track record in providing leadership and guidance in the development and implementation of certification.

TECHNICAL SKILLS

PROFESSIONAL EXPERIENCE

Confidential

Title: Firewall Checkpoint / Network Security Engineer

Responsibilities

• Working with the FedEx Services, InfoSec, and Perimeter Security team.
• Responsible for Engineering, Design, Implementation, Operations Maintenance, and Business Support for FedEx's DMZ and ZMD firewall and VPN infrastructure.
• Responsible for over sighting of the regions in Africa-APAC, Europe-EMEA, and Latin America-LAC, North America.
• Leading supporting EMEA firewall team and requires maintaining EMEA compatible work hours per the FedEx US standards.
• Handling Checkpoint Firewalls and Nokia/Checkpoint Firewall appliances, Checkpoint Provider-1/Multi-Domain-Mgmt. platform
• Responsible for handling Checkpoint VPN / Crossbeam Hardware /Palo Alto Customer Interfacing
• Drive and coordinate firewall activities across wave migrations
• Resolve firewall issues and define solutions for separating DPC from client
• Help establish existing firewall rules to the new data centers
• Coordinate firewall activities across entities and 3rd parties
• Work with the application support teams, Enterprise Application Integration and Security SMEs
• Perform deep-dive analysis and requirement definition of all firewall requirements for each wave migration during the planning phase
• Provide firewall rules and requirements to perimeter firewall team
• Work seamlessly with the perimeter firewall team members
• Resolve issues during the physical wave migrations
• Work with the Technical Application SME Role Lead and drive application wave migration planning and execution
• Establishes logical groups of waves to migrate from source to target data centers
• Align and schedule resources to support the wave migration plan. Lead and represent client during the physical wave migrations. Resolve issues with the planning and execution of wave migrations
• Escalate issues, as necessary, to the Migration Leader. Communicate status of planning wave migrations
• Participate in Go/No-Go decisions
• Participate in wave migration check-point and/or status meetings
• Work with testing resources and application support teams to ensure application validation tests are planned appropriately for each application and those tests are completed during the migration activities
• Integrate with the Firewall/Network SME and other team members to ensure thorough planning and preparation is completed prior to the actual wave migration

Confidential

Title: Senior Security Engineer

Responsibilities

• Provided technical expertise and advice on all areas of security technology, including: network security, platform security, authentication/authorization systems, application security, security architecture, policy enforcement, and security frameworks as well as resolving day to day firewall implementation request. DISA STIGS Security Technical Implementation Guide STIG Compliance
• Utilized Solaris OS for addressing the PCI DSS and Compliance and Cryptographic Services.
• Analyzed and defined Firewall policies.
• Assisted with the setup, configuration, and architecture of a central Tripwire service.
• Researched, evaluated, designed, tested, recommended, and planned implementation of new and/or improved information security.
• Assisted in developing and maintaining effective disaster recovery plans, processes, and procedures for critical security systems.
• Responsible for implementing, compliance and design of RSA SecureID 7.1 within the Archer environment using Active Directory Admin and Dashboard.
• Worked with technology group to evaluate, select, install, and configure hardware/software systems to comply with established enterprise security standards and policies.
• Developed technical documentation to support the evaluation, selection, installation, and maintenance of F5 Load Balancer, BIGIP security technology systems and led the Cisco ASA PIX migration to Check Point R75.40 Provider1 Platform.
• Proactively protected the integrity, confidentiality, and availability of information processed by and/or in the custody of the organization.
• Kept abreast of industry trends, emerging technologies and available products/services.
• Conduct technical evaluations of IT systems by developing and documenting technical practices to comply with Corporate Information Security policies.
• Security NGX1 1.1 Check point Smart Console R70.20 R75.40, Smart Dashboard Check Point External Cluster, Smart View Tracker, Smart View Monitor, Smart Provisioning, Smart Update, Eventia Reporter Analyzer,Tufin Secure Tracker Radia client/Radia connect/Radia software manager, Extend 360 Diagnostic tool, Cisco System VPN Client 5.0, Palo Alto Firewalls, Cisco PIX, Blue Coat 9000-20 Proxy, Juniper Networks Firewall, Administer Policy Push To Firewall CMA's
• Developed reports, alerts and monitoring for Tripwire, SIEM, IPS/IDS.
• Responsible for implementing technical solutions to the client, in accordance with an agreed technical design. Occasionally responsible for providing a detailed technical design for enterprise solutions.
• Led medium to large technical projects.
• Worked with and under the direction of the Project/Technical Manager, solutions architect and with customer nominated representatives.
• Managed anti-virus deployment for the enterprise.
• Provided technical support and input on the application of technology to a defined business segment.
• Provided advice on solution and integration opportunities to defined segments.
• Created documentation using Visio diagrams and running Secure ID on VMware.

Confidential

Title: Information Security Assurance Analyst

Responsibilities

• Responsible for planning, implementing, upgrading, and monitoring security measures for the protection of computer networks and information.
• Ensured that appropriate security controls were in place that would safeguard digital files and vital electronic infrastructure.
• Responsible for computer security breach and viruses.
• Wrote and maintained information security policies and audits, investigation support policy, while supporting the perimeter firewall by updating its rules when requested.
• Analyzed and defined Firewall policies.
• Worked with general computer controls, application control, compliance testing, project management, SAP OM/PA modules, ISO/IEC 27000 Information Security Management Standards, NSA Infuse Assessment Methodology, Change Management, Configuration Management, Release Management, Capacity Management, Media Protection, Availability Management, Security Management, System and Information Integrity, Security Maintenance, Contingency Planning Policies and Procedures, Access Control, Audit and Accountability.
• Worked with the following software tools: Nesses Tenable, Retina Tenable Penetrating Tools, Vulnerability Scan Penetrating Tools, SIEM, IPS/IDS, Rapid7-NeXpose Security Awareness and Training, Privacy Impact Assessment, ITIL Implementation, Intrusion Detection Systems, Incidence Response, Physical Security, Computer Security, Environmental Security, Network Security, System Security, Media protection, Security NGX1 1.1 Check point Smart Console R70.20 R75.40, Smart Dashboard Check Point External Cluster, Smart View Tracker, Smart View Monitor, Smart Provisioning, Smart Update,Eventia Reporter Analyzer, Radia client/Radia connect/Radia software manager, Extend 360 Diagnostic tool, Cisco System VPN Client 5.0, Cisco PIX Deployment, F5 Load Balancer and BIGIP Security Technologies.
• Managed anti-virus deployment for the enterprise.
• Responsible for data privacy in relation to collection and dissemination of data, technology, the public expectation of privacy, and the legal and political issues surrounding them. Data Masking, Data Loss Prevention, Contact Compliance. SMART technology utilized to enable PC's to predict the future failure of hard disk drives.
• Assisted with migrations and upgrades.
• Trained users and promote security awareness to ensure system security and to improve server and network efficiency.
• Coordinated the implementation of computer system plans with establishment personnel and outside vendors.
• Created a migration plan, and implemented the migration project to upgrade to the current version of the security authentication solution.
• Built documentation using Visio diagrams and running Secure ID on VMware.
• Proficient in developing reports, alerts and monitoring for Tripwire, SIEM, IPS/IDS.
• Private sector experience includes Federal Information Security Management Act FISMA , Department of Defense DOD , Health Insurance Portability and Accountability Act HIPAA AND DISA STIGS Security Technical Implementation Guide STIG Compliance.
• Proficient in utilizing Nessus Tenable, Retina, Solaris OS for addressing the PCI DSS and
• Implemented the architecture for 500 RSA Secure ID and Tokens.
• Worked with Blue Coat Proxy to actively utilized and monitor the Web Security and WAN Optimization.

Confidential

Title: Network Security Engineer/Project Manager GNOC Axiom Consulting-Contractor

Responsibilities

• Responsible for implementation, compliance and design of ASA RSA SecureID 7.1 within the Archer environment using Active Directory Admin.and Dashboard.
• Utilized the Blue Coat Proxy Web Security, SIEM, SOC, Malware Tracking, Rapid7-NeXpose, and Tuffin, IPS/IDS, Nessus Tenable, Retina, Solaris OS for addressing the PCI DSS and Compliance and Cryptographic Services.
• Led VPN Check Point Firewall Network Engineer team, Quality Assurance Admin, COT Implementation Engineer, Radius Controller, Policy Creation, Investigation Support Nessus/Tenable Penetrating Tool, Vulnerability Scanner Penetrating Tool.
• Supported all aspects of the replacement issues, Admin RSA RADIUS, RSA API, RSA AMBA, PCI, IDS/IPS. DISA STIGS Security Technical Implementation Guide STIG Compliance
• Cisco VPN administration, RSA/VPN infrastructure for IT employees supporting end users, Granting access, revoking access, resetting pins, basic troubleshooting and system administration processes such as backups and restored and assigned system admin rights, Cisco Call Manager, Cisco VOIP, Avaya, Interactive Voice Response IVR , Telephony Migration Active Directory Technical Support.
• Created MOP Method of Procedures VPN/RSA Configuration and Troubleshooting. DC Power Plant, HVAC Systems, Generators.
• Split tunneling with policy based routing, VSAT Technology.
• Troubleshot VPN/Connectivity issues. DMZ Computer Security Admin, RSA VPN Migration Hard Token and Soft Token Replacement.
• Installed New Cisco Any Connect Secure Mobility Client Software.
• Installed New RSA Soft Token Client and starting New VPN Client Logon, Cisco Load Balancer and F5LB, BIGIP Technologies, Internet Protocol, Network Integration.
• Validated correct software installation.
• Deleted current tokens and imported new tokens.
• Logged on to VPN with new tokens.
• Authenticated and Launched the Token Code Process that included the PIN 6 Digit Token code. Also launched the Cisco any connect Secure Mobility Client. Message Lab Migration Building documentation using Visio diagrams and running Secure ID on VMware.
• Opened, documented, troubleshot, resolved and closed incidents tickets in Developing BMC Remedy.
• Troubleshot PIN Management, RSA Servers and VPN Gateway Management Administer the RSA Security Console.

Confidential

Title: Network Security Engineer/Project Manager

Responsibilities

• Supported Microsoft Windows Desktop, Helpdesk Technical Support 24/7, Tier 2 and Tier 3. Lead network server connections/ Nortel IP Telephony for AT T, Sprint, Verizon, Wind stream and Microsoft 365 clients.
• Worked on the migration project from Microsoft 2003 to Microsoft 365 In the Cloud by implementing migration of all mailboxes to the CLOUD Cutover, Exchange Hybrid Deployment, Exchange Migration Batch, Configure Connection Settings, Uploading CSV File, Running the migration, Removing the On Premises Exchange, Cisco Load Balancer, COT Implementation Engineer, Lead Helpdesk Support, IP, Network Integration.
• Trouble ticket management- Created, resolved, escalated or re-assigned ticket to self in order to address technical issues within developing BMC Remedy System in specified SLA timeframes.
• Dual role as Microsoft Lead Trainer for 4-week training new hire BPOS certification course.
• Worked with Check Point, Smart Console R70.20 R75.40, Smart Dashboard Check Point External Cluster, Smart View Tracker, Smart View Monitor, Smart Provisioning, Smart Update, Eventia Reporter and Analyzer, SIEM, IPS/IDS.
• Created documentation using Visio diagrams and running Secure ID on VMware.

Confidential

Title: Network Engineer/Project Manager

Responsibilities

• Responsible for daily operations and maintenance of LAN site Windows NT, MS Windows Desktop.
• Installed and configured the facility switches and routers to connect to WAN.
• Ordered and installed site software.
• Team Lead for electronic testing and configuration of electronic devices.
• Supervised network admin, Blue Coat Proxy, Tuffin, Check Point Firewall.
• Facilitated training sessions and made group presentations to one hundred plus staff members.

Confidential

Title: Cable Station Network Engineer/Project Manager GNOC

Responsibilities

• Operated and maintained traffic engineering cable systems at a 24/7 landing stations of underwater fiber optic and terrestrial telecommunication networks. DC Power Plant, HVAC Systems, generators.
• Managed power feed equipment for various customers like Brazilian Telecom, AT T and Telecom Italia.
• Periodically installed and performed cross connections and testing new cable system T-1s, T-3s DWDM of SDH and SONET circuit design , BGP, MPLS, OSPF, VSAT, Check Point Firewall, Avaya SIP IVR Telephony, Cisco, Created MOP Method Of Procedures for SONET and DWDM Network Systems, split tunneling with policy based routing.
• Key point of contact with the Global Network Operations Center GNOC . Blue Coat Proxy, Check Point, Utilized SMART technology that enables the PC to predict the future failure of hard disk drives.
• Responsible for maintaining equipment with capital value in excess of 100 Million.