Senior Network Security Architect Resume

SUMMARY

I am responsible for the recommendation and implementation of security best practices and solid security principles across any organization, to meet business goals along with organizational and regulatory requirements.
I am also proficient in performing security assessments/gap analysis using information security industry standards and implementing effective mitigation strategies to close critical loopholes to improve the security posture of an organization.

PROFESSIONAL EXPERIENCE

Senior Network Security Architect

Confidential

Responsibilities:

Enabled SSL inspection for all remote and on - prem users passing through the Zscaler explicit proxy to gain threat visibility and integration with Crowdstrike.
Team lead for the Security Visibility DPI project which consisted of using Gigamon to tap critical links and provide data to Armis collectors.
This data was passed on to the operations team to discover vulnerabilities in IOT devices connected to the United wired and wireless networks.
Responsible for design and engineering of all Palo Alto, Checkpoint, Cisco firewalls for Corporate, Airport, Hub sites, and Datacenters.
Drive strategy for digital business transformation of the legacy WAN internet architecture using a SD-WAN solution to reduce cost and optimize bandwidth.
Collaborate with Cyber Digital Risk teams on implementing the NIST Cybersecurity Framework guidelines in order to strengthen and protect the airline’s critical infrastructure.

Senior Security Engineer

Confidential

Responsibilities:

Maintained Proofpoint POD, PPS, TAP, TRAP, and IMD for preventing internal and external phishing, SPAM, and malware attacks for 140,000 mailboxes.
Monitor phishing email submissions for malware or imposter alerts detected by Proofpoint email security tool resulting in Search and Destroy Ops.
Conduct digital forensics analysis for high profile cases working in conjunction with Legal, Human Resources and Social Media teams seeing investigations to resolution using SIFT, Volatility, FLARE, and Cuckoo sandbox.
Assisted the Incident Response and Threat Intelligence teams with API integrations for various products including Demisto/TRAP, Wildfire/TAP, CrowdStrike/TAP in order to feed incident data to Anomali ThreatStream TIP.
Proactively hunt using threat intelligence tools such as Anomali ThreatStream, Cisco Threat Grid, Recorded Future, and DomainTools defending against malicious attackers worldwide.

Senior IT Security Architect

Confidential

Responsibilities:

Fine-tuned security policies using Cisco Umbrella’s Intelligent Proxy, in a Multi-org Console environment, by turning on SSL-Decrypt to allow for blocking of malicious URLs.
Enabled File Inspection to prevent malicious file downloads based on bad reputation and checksum.
Setup Splunk heavy forwarder to ship logs from identified critical infrastructure components to Guidepoint, a 24/7 VSOC service provider and MSSP.

Network Security Architect

Confidential

Responsibilities:

Designed and supported all firewall environments for Houston Methodist networks including Cisco ASA and Palo Alto. Fine-tuned firewall, IPS, URL filtering, and DLP rules.
Designed a multifactor authentication solution for SSL VPN allowing only authorized and compliant devices on the corp network.
Designed and implemented Cisco ISE NAC solution across all 8 hospitals, physician offices, Emergency Care Centers, and corporate offices to protect the enterprise network from non-compliant endpoints.

Network Engineer

Confidential

Responsibilities:

Managed a 400+ node Cisco MLS network in support of a 6000-user educational and clinical healthcare environment.
Converted the network from a HSRP Distribution / L3 Access to a Cisco VSS Distribution layer model, moving L3 from the Access to the Distribution Layers.
Served as an Information Security Administrator for UTHealth as part of the CSIRT (Cyber Security Incident Response Team), ensuring that compliance with organizational security requirements/standards were met.