Lead Systems Engineer Resume
Cartersville, GA
SUMMARY
- Hands - on technical skills with 14 years of IT experience including architecture, design, implementation, and leadership
- Thrives on solving technical challenges
- Analyzes business needs in order to organize and prioritize tasks to help the business reach its goals.
- Open to fulfilling network and security leadership opportunities
TECHNICAL SKILLS
Firewalls: Palo Alto, ASA and PIX, Fortinet, Checkpoint, NetScreen, iptables, Access Control Lists
IPS/IDS: Palo Alto, Cisco SSM, Top Layer, SNORT, TippingPoint
Vulnerability Assessment: OpenVAS, AlienVault, Acunetix, Qualys, BackTrack/Kali
SSL VPN: Palo Alto, Cisco, F5, Juniper
Load Balancers: F5 LTM, A10, Citrix Netscaler, Zen
WAN Virtualization: Talari
WAN Optimization: Riverbed, Silver Peak, Meraki
Switches/Routers: Cisco, Nexus, Meraki, Juniper, Dell, HP
Wireless: Cisco Aironet
VoIP: NEC, Cisco CME and CUCM, Atligen, Mitel
Server Hardware: Dell, IBM, HP
Operating systems: Windows 3.x - 2012R2, Red Hat, Ubuntu
Virtualization: VMware and ESX,/ESXi 4.1/5.1/5.5, VCE Vblock
Languages: Bash, Perl, TCL
Recovery and Analysis: Solarwinds, Rancid, Cacti, Ntop, NfSen
PROFESSIONAL EXPERIENCE
Confidential, Cartersville GA
Lead Systems Engineer
Responsibilities:
- Manage network operations between the business and all Foreign, Domestic, and Data Center facilities
- Strategic analysis and planning for connectivity improvements across the enterprise
- Budgetary responsibilities for maintenance and support of all network hardware and in house monitoring systems
- Advise on improving and executing Information Security practices
- Vetting and executing upon vendor proposals to support expansion and improvement efforts
- Designed and implemented a centralized unified threat management solution using Palo Alto 5050s and GlobalProtect within the main data center facility, spoke design with Palo Alto 500s at each remote location
- WAN virtualization and aggregation using Talari Networks
- Completed platform upgrade and centralization for Riverbed 5055 and 1555 chassis across six North American locations
- Responsible for all LAN and WAN connectivity for six primary domestic sites along with 40+ distributors and warehouses spanning all of North America
- Responsible for the global WAN connection to the parent company in Japan
- Created a standardized LAN/WAN design consisting of multiple next - gen technologies for each location
- Manage third party, professional services engineers to provide assessments and device configurations to support warehouse connectivity and refreshing wireless connectivity for three primary locations
- Improved application availability (Home grown, Exchange, Lync) by upgrading F5 LTM code and respective iApps
- Expanded Cisco Nexus 7010 capability by upgrading from supervisor 1 to supervisor 2E and upgrading system/kiskstart images
- Collaboratedwith the Server Infrastructure team to support VCE Vblock upgrades
- Designed and implemented network connectivity and load balancing for a specialized VMware Horizon View client/server architecture
- Successfully completed an evaluation and proof of concept for multi-factor authentication using Duo Security on VMware Horizon, Palo Alto GlobalProtect, and Microsoft Remote Desktop
- Refine technical security implementations to better support SOX compliance
- Review and communicate latest, publicly disclosed vulnerabilities
Confidential, Marietta GA
Security EngineerResponsibilities:
- Manage an Information Security Management System based off ISO 27000 and NIST frameworks
- Direct an independent third party audit of the ISMS
- Manage and maintain Risk Management, Vendor Management, Incident Response, and BC/DR Programs
- Assess Security Compliance with contractual agreements
- RFP/Security Questionnaire review
- Gap analysis and action plans to meet PCI and SSAE 16 compliance
- Evaluate vendors to provide guidance in achieving PCI and SSAE 16 compliance
- Review and signoff of departmental Information Security Policies
- Maintain Physical Security and Access Control
- Conduct PCI and vulnerability scans using Qualys
- Assess technical security implementations to ensure compliance requirements are met
- Assist senior management with controls analysis to provide a strategic approach to implementing multiple security frameworks
- Review, maintain, and update policies and procedures in pursuit of ISO 27002, NIST, FISCAM, PCI, and SSAE 16 certifications
- Assist Systems Engineering with OS configuration and deployment for Ubuntu, CentOS, RHEL 5/6 via ESX
- Configure and maintain SELinux, iptables, rsyslog, and auditd
- Lead operational security efforts to provide logging, monitoring, and reporting of compliance to security controls for Application Administration, System Administration, and Database Administration
- Analyze network configuration and utilization to recommend the best secure solution
- Author design documentation that offer solutions to improve communications security and increase systems availability
- Maintain current connectivity infrastructure consisting of WAN/LAN, VoIP, and Wireless across multiple corporate sites as well as client hosted solutions
- Support secure connectivity through site to site VPNs, SSL/IPSec client based VPNs, and layered authentication mechanisms
- Work with multiple departments to solidify endpoint security
- Improve and maintain physical security controls
- Provide guidance to Application Engineering with respect to secure configurations
- Conduct periodic application vulnerability scans
Confidential, Atlanta GA
Senior Network Engineer
Responsibilities:
- Assist with developing and managing a migration strategies for office and data center relocation
- Design network connectivity to meet security and business requirements
- Configure and deploy network infrastructure for office relocation and data center migrations
- Deploy Ubuntu systems with Open Source tools to footprint and benchmark network infrastructure
- Design and implement multi - tiered networks based on business function and need
- Lead efforts to evaluate network hardware from multiple vendors to meet business requirements
- Design and reconfigured the disaster recovery network to meet security and business requirements
- Assist with consolidating multiple VoIP platforms into an interconnected, single vendor solution
- Participate in a 24x7 on-call rotation for break/fix scenarios
- Help establish security and engineering policies
- Assist with pursuing HIPAA accreditation
- Design and implement a European data center and associated disaster recovery site
- Coordinate network security project initiatives across multiple departments, assisting with management of resource allocation
- Mentor and train Tier 1 and Tier 2 I.T. support personnel
- Assist server administrators with deploying and configuring RHEL and OEL virtual servers via ESX
- POC for ARIN and RIPE
Confidential, Atlanta GA
Senior Network Security Engineer
Responsibilities:
- Assist project managers with identifying key people and prioritizing milestones for network security related initiatives
- Design, implement, and maintain corporate network solutions
- Administer multi - platform firewall and VPN
- Configure and maintain IPSEC, GRE, and SSL VPN architectures
- Review firewall and IPS logs
- Implement and maintain OSPF and BGP routing and peering
- Configure and maintain router, switch, and server load balancer/content switches
- Advisory role with respect to PCI and SOX at the network level
- Enforcement of Information Security policies
- Participate in a 24x7 on-call rotation for break/fix scenarios
- Perform after hours/non-peak changes
- Review and process work requests
- Assist with cross departmental and enterprise projects
- Author documentation for projects and standard operation procedures
- Mentor and train peers as well as employees outside of the department
Confidential, Harrisburg PA
Systems Administrator
Responsibilities:
- Troubleshoot and maintain a Windows and SCO Unix network
- Manage services for workstations, servers and terminals
- Configure and operate Optical Character Recognition (OCR) systems
- Perform data conversions for cross platform compatibility
- Configure and implement critical data backups
- Provide insight for infrastructure planning and purchasing
- Identified over $1,000,000 in collectible accounts by the end of the three month contract
Confidential, Harrisburg PA
District Technical Support Specialist
Responsibilities:
- Administer and maintain 14 district and branch office multi - protocol networks
- Troubleshoot LAN/WAN connectivity, hardware, and in house applications
- Maintain and service all printers
- Manage VPN connections with company headquarters and the IRS
- Configure network wiring and infrastructure for each office
- Implement and deploy critical software updates/patches
- Inventory all computer hardware and licensed third party software