SUMMARY

Network Security professional with over 17 years of extensive hands on experience in developing, implementing and debugging of security, routing and management of network schemes to meet high level of reliability required to support critical computer applications. I also have Simultaneous multi - project exposure with minimal supervision delivering services in stressful business critical enterprise environment. Strong background in Juniper, Cisco, Check Point and Palo Alto firewalls technology including Bluecoat Proxy, BIG IP along with routing and routed protocols. I also have a very in-depth knowledge of site security evaluations and penetration testing.

TECHNICAL SKILLS:

Hardware: Juniper SSG550M, 5200/5400, ISG 1000, ISG 2000, SRX3600, SRX 5600, Blue Coat ProxySG 8100, 500/600, ASG-S400, Blue Coat Director, Blue Coat Reporter, BlueCoat MMA (Sandbox), Cisco PIX, ASA-X (all models) and FSM, HP9000(700,800, 5000, 3000 series), Cisco 7600 Series Routers, Extreme Summit, Black Diamond and XoS Series Switches, Palo Alto 2000/3000/5000 series, Panorama, Sidewinder 2100 and 2150 Clusters, Nortel 4500 series, Baystack 450/5520/8610 switches, Juniper MX and M Series Routers. Riverbed Stingray, CheckPoint 4200/VM, Confidential Sonic Walls, Cisco Content switches 11506, F5 BIGIP, Cyberoam CR35wINg SA 2000/4000/6000 SSLVPN Appliances (Junos Pulse) Aruba wireless AP and Controllers...

Software: Netscreen Security Manger (NSM), Solar Winds, OPAS, Remedy, Proteus, Entuity, Voyance Control, Wireshark, BlueCoat SGOS 5.4,FWTK, HP OpenView, Duo Security Two Factor Authentication SSH, Windows NT/XP/7/8, Office 2010-2013, Epicenter, Q-Radar, RUM,RMON, Splunk6.2, Snort, Firemon Security Manger 7.2, Untanlge, PRTG Network Monitor, Pan 6.0, Wildfire, SpiceWorks, Skybox 7.0-8.0 FirePower Services.

Pen Testing: Kali Linux, Nessus, Nagios XI, Cain & Abel, TFTK, Metasploit, Hack-O-Rama, Armitage, RAT, Netcat, Rootkits, Binde/Wrapper, Ettercap, Macof, Xplico, ARPSpoof, T-Sight, SSLStrip

Protocols: TCP/IP(IPv6), BGP,MPLS, OSPF, RIP, EIGRP, NAT, IPSEC, SSH, SSL, IP Multicast.

Compliance: PCI-DSS, Sarbanes Oxley and HIPPA

EMPLOYMENT HISTORY:

Confidential

Security/Firewall Design Senior Architect

Responsibilities:

• Network Consultant / Engineer in the migration of all Empereon’s existing Sonic wall and legacy network to all ASA ( Firepower/IPS and Firesight design ) I’m responsible cleanup, best practices, moving to all traffic to the new platforms for 8 data Centers U S wide.
• Have In-depth deployment, configuration and Management experience of with their Sonic Walls and ASA 5555, 5516, 5512’s
• Involved in testing, configuring HA testing and complete setup of ASA firewalls as well to provide high availability, load sharing and uninterrupted access to network resources.
• Implement, Configuration and design of Firemon in efforts to implement strict compliance (PCI) on all firewalls transitioned moving forward so they meet all PCI audit compliances .
• Review and remediation process for large Firewall policy rule-set to adhere with the firm’s internal security audit standards

Confidential

Security/Firewall Design Senior Architect

Responsibilities:

• Lead Migration Engineer in the migration of all (Columbia Pipe Line ) now Trans Canada Checkpoint firewalls to Palo Alto 5060’s in numerous locations throughout the US.. I’m responsible cleanup, best practices, moving to App-ID and total configuration for these locations.
• Have In-depth deployment, configuration and Management experience of with their Checkpoint and Palo Alto Products
• Involved in testing, configuring HA testing and complete setup of Palo 5060’s firewalls as well to provide high availability, load sharing and uninterrupted access to network resources.
• Main player on planning and execution to bring into Confidential ’s strict compliance (PCI) on all firewalls transitioned from Nisouce/ IBM domestic and internationally.
• Review and remediation process for large Firewall policy rule-set to adhere with the firm’s internal security audit standards
• Work with multiple project management team to procure necessary hardware, software, standards and even on-boarding procedures of resources to be correctly sized to support expected loads.

Confidential

Enterprise Arch & Infra Engineer

Responsibilities:

• I was tasked with the setup, configuration and install of 16 Palo Alto 5060’s and 3020’s globally by March 31st.
• Also develop scripts for Panorama templates and configuration to improve proficiency in deployments.
• Responsible of complete setup, staging and configuration of each device into Panorama
• Also tasked with creating new scripts to improve performance, defining regions globally .
• Assist in troubleshooting efforts during and after deployments.
• Also tasked in consolidating, summizerations and eliminating ACL’s globally on routers

Confidential

Senior Firewall Security Engineer

Responsibilities:

• Troubleshooting .design and maintaining everyday connectivity and operations on the network.ASA(10%), Juniper SRX (5%), CheckPoint (10%) and Palo Alto (75%) firewalls for multiple data centers.
• Maintain and implement firewall rules and policies.
• Working with BU (business units) network connectivity and security needs.
• Working with NSM, CMS and PAN to configure and maintain a nationwide firewall implementation
• Taking care of networking trouble tickets (ITGs).
• Special projects as requested and needed.

Confidential

Network/ Security Design Senior Advisor

Responsibilities:

• Active participant in all aspects of global deployment of Dells firewalls ASA and Netscreen and Palo Alto, configured in accordance with strict standards to meet a variety of auditing requirements on 200+ firewalls.
• Have In-depth deployment, configuration and Management experience of Netscreens (Screen OS/), Cisco (Pix and ASA) in numerous environments.
• Integration of Netscreen and Cisco firewall into a routed network architecture configured to participate in MPLS routing and provide path redundancy.
• Involved in testing, configuring HA on Netscreens Palo Alto and ASA firewalls as well as Cisco and Juniper routers to provide high availability, load sharing and uninterrupted access to network resources.
• Significant player on plan execution to bring into Dells strict compliance all firewalls inherited from acquisitions of other domestic and international business organizations.
• Review and remediation process for large Firewall policy rule-set to adhere with the firm’s internal security audit standards
• Worked with project management team to procure necessary hardware and software to be correctly sized to support expected loads.

Network/Security Design Engineer

Confidential

Responsibilities:

• My duties include serving all military functions in regards to changes, troubleshooting and customer support of LAN/WAN activity to ensure continuous availability and accessibility of the organizations needs.
• I help customer in defining customer requirement for new and modified systems and services based upon analysis of business needs and best security practices.
• I plan and coordinate systems design, acquisition, testing, installation and support. I configure front-end processors, switches, routers, monitor network performance and troubleshooting;
• Install network software fixes and upgrades. I also develop technical standards and requirements for the acquisition of network hardware, software and services.
• Maintain continual vigilance against threats to network confidentiality, integrity and availability. I also apply a comprehensive knowledge and skill in applying network design and architecture principles and concept sufficient to establish connectivity between remote sites
• Troubleshoot network problems and outages; and develop and implement configuration management plans for complex networks.

Devices include Firewalls: ASA 5550, Juniper ISG1000’s, Sidewinder 7 Firewalls, Sidewinder G2 Firewalls .

Routers: Cisco 7600 Series Routers, Juniper MX and M Series Routers

Switches: Catalyst 6500, 3560, 2960 Series Switches

Load Balancers: Riverbed Stingray, F5 Big-IP and Cisco Content switches 11506

Proxy: Blue Coat

Senior Network Engineer

Confidential, Oklahoma

Responsibilities:

• Significant contribution of data center migration for the state of Oklahoma involving Extreme infrastructure to Juniper solution consisting of switches, routers and firewalls and divestiture projects requiring multi-team coordination to ensure minimal business disruptions and meeting established deadlines.
• Assisted in the design, install and configuration of the Lottery commission, Secretary of State office and numerous other state agencies during my tenure during my 8 years at the state of Oklahoma
• Configured NATs, site-to-site VPN between numerous sites across the world on Ciso and Juniper firewalls / routers.
• Involved in the upgrade of numerous Extreme, 3 Com, Juniper, Cisco infrastructures and had a active daily role in creating global objects, routing decisions, policies, security evaluations, and constant troubleshooting in efforts to keep minimal downtime and the customers happy.
• Audited and configured policies and access lists on the firewalls to permit the minimum access required for operations.
• Production support for issues affecting B2B, Internet and VPN infrastructure, routing, traffic and log analysis.
• Worked on IP Multicast monitoring and troubleshooting on Netscreen firewalls.