OBJECTIVE:

• Senior Security Engineer, responsible for designing, building, and managing Security Operations, & utilizing information security technical skills to provide security solutions to ensure a secured perimeter of all company assets and their proprietary information.

TECHNICAL SKILLS:

Security SKILLS: Project Management Process Control Security Data Center Security Security Awareness BCP & DRP Amazon Web Services Network Security Cloud Application Security Adaptive Security Appliance Access Control Network Design Next Generation Firewall Operational Security Incident Handling Identity Service Engine

PROFESSIONAL EXPERIENCE:

Sr Security Consultant

Confidential

Responsibilities:

• Experience with Implementation and support of Cloud based networking including security considerations
• Design and implementation of data center networks, including blade server environments, server virtualization,
• Experience with the design of physical networks including fiber and copper cabling
• Knowledge and experience with network management systems
• Designed, planned, and implemented network technology projects, using the following layer - 2 protocols: VLANs, Spanning-tree, HSRP; the following layer-3 protocols: EIGRP, BGP, OSPF Implement load balancer traffic using Cisco ACE, Foundry, and F5 load balancers LTM, GTM Cisco ASA 5525 setup for IDS, file filtering, anti-virus, anti-spam
• Familiarity with operating systems (Cisco IOS, LINUX, Windows) and scripting languages
• Upgraded the Firmware on the Chassis and upgraded the Base Code on the NGFW
• Integral Part of Security Operations team during a Cyber Security Incident
• Migrate ASA to Firepower
• Upgrade FMC cluster from 6.2 to 6.4
• Very Familiar with FMC/ASA configurations, to include ACL's, Rules, and monitoring
• Designed, Implemented and Monitored Mill Operations to add Isolation Firewalls in order comply with compliance.

Network CloudEngineer

Confidential

Responsibilities:

• Built East/West and South Bound Firewalls using AWS EC2 instances
• Scripting using TERRAFORM and JSON.
• Experience with Microsoft 365 and office 365
• Built and configured Microsoft Azure using Cisco ASA firewall platform.
• Built Data Center in the Cloud using VPC, public/private subnets
• Experienced with network segmentation, endpoint security
• Familiar with Web Application servers
• Encrypt data in transit using SSL/TLS, access control using IAM
• Secured data at rest, using security pillars from AWS Well Architected Framework
• Upgraded the Firmware on the Chassis and upgraded the Base Code on the NGFW
• Integral Part of Security Operations team during a Cyber Security Incident
• Architect, design, operations/support, and/or project implementation role for a large enterprise network
• Hands-on experience with Cisco network hardware including routers, switches, and security appliances
• Experience architecting and supporting networking infrastructure in Azure, AWS.
• Knowledge and experience with networking protocols and configurations including OSPF, BGP, HSRP, multicast, SIP, QoS, VLANs, and MPLS.
• Experience with Implementation and support of Cloud based networking including security considerations
• Design and implementation of data center networks, including blade server environments, server virtualization,
• Experience with the design of physical networks including fiber and copper cabling
• Knowledge and experience with network management systems
• Designed, planned, and implemented network technology projects, using the following layer-2 protocols: VLANs, Spanning-tree, HSRP; the following layer-3 protocols: EIGRP, BGP, OSPF Implement load balancer traffic using Cisco ACE, Foundry, and F5 load balancers LTM, GTM Cisco ASA 5525 setup for IDS, file filtering, anti-virus, anti-spam
• Familiarity with operating systems (Cisco IOS, LINUX, Windows) and scripting languages

Sr Security Engineer

Confidential, Atlanta, Georgia

Responsibilities:

• Built East/West and South Bound Firewalls using AWS EC2 instances
• Scripting using TERRAFORM and JSON.
• Experience with Microsoft 365 and office 365
• Built and configured Microsoft Azure using Cisco ASA firewall platform.
• Built Data Center in the Cloud using VPC, public/private subnets
• Experienced with network segmentation, endpoint security
• Familiar with Web Application servers
• Encrypt data in transit using SSL/TLS, access control using IAM
• Secured data at rest, using security pillars from AWS Well Architected Framework
• Upgraded the Firmware on the Chassis and upgraded the Base Code on the NGFW
• Integral Part of Security Operations team during a Cyber Security Incident
• Migrate ASA to Firepower
• Upgrade FMC cluster from 6.2 to 6.4
• Very Familiar with FMC/ASA configurations, to include ACL's, Rules, and monitoring
• Designed, Implemented and Monitored Mill Operations to add Isolation Firewalls in order comply with compliance
• Create the Security Strategy for protecting the new and existing infrastructure in the AWS Cloud
• Provide the Level 3 support for Troubleshooting complex issues that involve multiple layers and different Security Technologies
• Work closely with Application Owners to identify the security holes in the applications in the early stages to prevent the loophole propagation and recommend solutions
• Due to COVID - 19, to address the sudden requirement of surge in the number of WFH users, implement the VPN solution around the globe at Data Centers in North America, Asia, Europe and South America and increased the capacity by 400%
• Deploying security infrastructure (Firewalls, Vulnerability scanners, Web Gateways etc.) in AWS Cloud Configuring secured VPN set up through Cisco ACS (Access Control Server) and Cisco Firewall
• Utilizing FireEye NX for advanced Network protection and defying most advanced attack/breach techniques
• Configuring and Maintaining advanced and sophisticated next generation Cisco ASA 5525X Firewalls in the corporate network of more than 350 locations
• Managing Cisco Secure Access Control Server (Cisco ACS) to enhance visibility and control across the domain
• Managing Palo Alto Firewalls for enhanced protection and security of critical segment of enterprise
• Upgrade and Migration from Cisco to Palo Alto
• Upgrade and Migration from Palo Alto to Cisco
• Configuring and Maintaining firewall rules, NAT rules, and creating DMZ’s using both Cisco and Palo Alto firewall.
• Upgrade Palo Alto using Panorama
• Upgrade Cisco FTD’s using the Cisco FMC. Upgrade Cisco Chassis firmware.
• Configuring and regulating Wireless LAN Controllers for Vendor Wi - fi Network to employ MAC Address Filtering for facilitating a tough security posture at vendor network
• Creating secured VPN Tunnels for vendors at different locations to provide a secured remote access to vendor equipment

Lead Network Engineer (VOICE)

Confidential

Responsibilities:

• SIP trunk setup, New Site turn - up with SIP provider, Site conversion from T-1 to SIP
• Voice Mail setup, PIN resets. DRS backup/restore.
• Cluster wide upgrade, COP files, Device package installs.
• Deploy, and support Cisco Call Manager/Call Manager Express and Cisco Unity (VM/UM)/Unity Express solutions
• Configure and support Cisco VOIP phones voicemail and visual voicemail via Unity, installs, moves, adds, changes in Cisco VOIP environment.
• Provide operational support after the cut over with the goal of meeting and exceeding the SLA expectation of the customer.
• Working closely with the design Architect on gen 2 routers, 4k series, ASR Protocols - OSPF, BGP, EIGRP, HSRP, QoS, Private and Public networks, MPLS, Layer 2, VPM, DMVPN, Site to Site and client VPN Cisco based AP both autonomous and light weight, DCA
• Implementing Firewall changes using Cisco Fire Power platform
• Creating NAT. ACL, DMZ rules, using both ASA and Firepower
• Designed and implemented DMVPN solution
• Understanding of Heat Maps and site surveys, Ability to troubleshoot and debug through WLC
• Experienced in Firewall, ASA, Firepower, Create ACL's, understand NAT
• Ability to use wire shark, take captures, and analyze, Understand SNMP
• Used monitoring tools i.e., SolarWinds, NetIQ etc., Client, Prime Infrastructure 2016, Experience with Linux
• Experienced with Cisco routers/switches, frame relay, VPN, MPLS and structured cabling systems.
• Working knowledge of various WAN technologies; experience with Frame relay, VPN & MPLS in a multi-site network preferred.
• Able to configure and implement very complex WAN schemes.
• Experienced with TCP/IP, DNS, and addressing/subnetting. Working knowledge of OSPF, EIGRP, and BGP routing protocols. Working knowledge of QOS and layer 3 routing concepts.

Confidential, Johns creek, GA

Lead Network Engineer

Responsibilities:

• Cisco ASA 5525 setup for IDS, file filtering, anti - virus, anti-spam Very familiar with Cisco ACL s, NAT, DNS, DHCP.
• Experienced with designing and implementing network redundancy & load balancing.
• Designed HA configuration necessary to support an alternate Disaster Recovery data facility
• Spanning tree, Catalyst/Branch workgroup type switches, Troubleshooting, layer 3 routing, VTP/SVI
• Strong layer 3 routing across multiple platforms including ISR Gen 2 routers, 4k series, ASR
• Protocols - OSPF, BGP, EIGRP, HSRP, QoS, Private and Public networks, MPLS, Layer 2, VPM, DMVPN, Site to Site and client VPN
• Experienced in Firewall, ASA, Firepower, Create ACL's, understand NATs
• Ability to use Wireshark, take captures, and analyze, Understand SNMP
• Experienced in Whitelisting, Blacklisted, creating NAT, Inbound, Outbound firewall rules.
• Lead Migration from ASA to Firepower, intricate part of Data Center migration to T5
• Used monitoring tools i.e., SolarWinds, NetIQ etc., Client, Prime Infrastructure
• Experience with Cisco routers/switches, frame relay, VPN, MPLS and structured cabling systems.
• Experienced with VPN technologies and security protocols such as IPsec, ISAKMP, SSL, PKI, RADIUS, TACACS, EAP, LDAP
• Redesigned EZVPN solution with DMVPN using IPSEC/ISAKMP
• Working knowledge of various WAN technologies; experience with Frame relay, VPN & MPLS in a multi-site network preferred.
• Able to configure and implement very complex WAN schemes. experience with and knowledge of TCP/IP, DNS, and addressing/subnetting. Working knowledge of OSPF, EIGRP, and BGP routing protocols.
• Experienced in Service-Now and Remedy ticketing system.

Confidential

Lead Network Support Engineer

Responsibilities:

• Designed, planned, and implemented network technology projects, using the following layer - 2 protocols: VLANs, Spanning-tree, HSRP; the following layer-3 protocols: EIGRP, BGP, OSPF Implement load balancer traffic using Cisco ACE, Foundry, and F5 load balancers LTM, GTM Cisco ASA 5525 setup for IDS, file filtering, anti-virus, anti-spam
• Very familiar with Cisco ACL s, NAT, DNS, DHCP.
• Experienced with designing and implementing network redundancy & load balancing.
• Designed HA configuration necessary to support an alternate Disaster Recovery data facility
• Completed tasks in ensuring router, switches, end-user computers and servers were compliant with the Department of Defense RMF compliance
• Recommended procurement, removals, and modifications to network components.
• Trained in analyzing network characteristics (traffic, connect time, transmission speeds, packet sizes, and throughput, etc.)
• Experienced in installation planning, transition, and cutover of network components and site configurations.
• Provide operational support after the cut over with the goal of meeting and exceeding the SLA expectation of the customer.
• Trained in analyzing network characteristics (traffic, connect time, transmission speeds, packet sizes, and throughput, etc.)
• Experienced in installation planning, transition, and cutover of network components and site configurations.
• Familiar in the daily use of several Cisco Networking devices, Cisco IOS, and IP routing protocols.
• Analyzed user needs to determine functional and cross-functional requirements.

Confidential, Duluth, Georgia

Sr voice engineer

Responsibilities:

• Advise, solution and facilitate cutting over ITAR client Freddie Mac off of their existing Nortel CSS1000
• PBX onto the Cisco Hosted Collaboration Solutions (HCS) Call Manager Prime.
• This includes providing and supplying Cisco with the base Call Manager configuration that was designed by the Architect to build out all 14 national sites.
• Creating the user templates, CSS, Feature Groups and unity configurations, non - user data configurations and VG 350 configuration.
• This loader file is provided to our Cisco approved onboarding vender VOSS who loads the data into the Hosted cluster using a Cisco approved tool called CUCDM to provision Call Manager.
• Work closed with our network vendor AT&T, making sure all site surveys and telephony diagrams are in line with the data used to coordinate a successful cut over. Manage all Cisco IP Phone MAC s, making sure that all devices are shipped to the location ahead of the deployment schedule and that all equipment is accounted for and configured.
• On the night of the cut I work with the FE on site and our SIP provider IP Flex to make sure that all T1 s are cut over and are operational and all DID s have successfully moved over to the SIP provider. Facilitate UAT testing to confirm that all services are fully operational.
• Provide solutions to the clients call routing issues, Unity Voicemail, Jabber presence and Hunt Group configurations. Assist with educating the client on how to use and understand their new VOIP solution and how to use it effectively within there secure network infrastructure.
• Provide operational support after the cut over with the goal of meeting and exceeding the SLA expectation of the customer.
• Working closely with the design Architect on phase 2 deployments which will include: Video capabilities expanded wireless capabilities, SBC implementation for more call control, Jabber IM and Extension Mobility. Joint Cyber, Command, Control, Communications, Combat SystemsDSCI Enterprise Services Voice Engineer (Kabul Cluster)

Confidential

Network/Voice Engineer

Responsibilities:

• Managed multiple firewalls to include ASA 5520 and Taclanes for Black Core.
• Collapse multiple networks, to include creating new IP scheme, new VLAN scheme, new dial plans and dial patterns for the New Kabul Compound.
• Create multiple dial plans, route filter, route groups, lists and patterns. Create multiple Call pickup groups, partitions and calling search spaces.
• Deploy, and support Cisco Call Manager/Call Manager Express and Cisco Unity (VM/UM)/Unity Express solutions
• Configure and support Cisco VOIP phones voicemail and visual voicemail via Unity, installs, moves, adds, changes in Cisco VOIP environment.
• Design disaster recovery systems backups for multiple clusters throughout Afghanistan.
• CUCM v 4.12(c) & 6 to 7.0 via Windows 2003 Server Remote Desktop Connection VPN
• System administration to CUCM / CUCME / IPCC through Call Manager & UNITY
• Configured CUCM, routers, switches, terminal servers & voice gateways, call routing and signaling Implement H.323 and Media Gateway Control Protocol gatekeepers to set IP Phone features, Enabled Call Admission Control, automated alternate routing & extension mobility environment placed on - net / off-net phone calls, media resources Established SRST over the PSTN, In-bound / outbound calling telephony network template for deployment CoS, DID, H.323, RTP, OSPF, MGCP, SIP, SCCP, MLPS, CODECs G.703, G.711, G.729, G.732 and ISDN PRI voice protocols, convergence QoS, weight of bandwidth traffic calculations LAN/WAN operation design T1 voice and data transport, using frame relay and private line networks PRIs to CUCE Video H.261 protocols and equipment, IPv4 / IPv6 addressing and router components and functionally completion to Voice Mail & IP Hosting.
• Installed and configure ARI deployment for Cisco Unified Intelligent Contact Manager ICM Provisioned, Test & turn-up CUCME. AGCO Corporation Sr Network Engineer (1 year) Duluth, Georgia HQ
• Responsible for maintaining and operating switches and routers, implemented plan to ensure job proficiency/aptitude. Installed and Setup SolarWinds to Monitor availability and reliability of LAN/WAN circuits
• Experienced with designing and implementing network redundancy & load balancing using F5, Checkpoint, Cisco 3750 in a HA configuration necessary to support an alternate Disaster Recovery data facility.
• Experienced with Cisco VPN setup and maintenance using Microsoft, Cisco and Checkpoint products.
• Enabled the deployment of new, innovative products like Push-to-Talk, VOIP, Picture/Video Messaging (MMS), Video to handset
• Implement Cisco Call Manager, Unity, Presence and CUCCX for North America.
• Provide break-fix solutions for voice, fax and data environments.
• Exceptional troubleshooting skills to determine root causes of outages and other scenarios.
• Experience with EIGRP, BGP, SIP registration and SIP trunking.
• Working knowledge of PRI, FXS, FXO and VPN configuration.
• Experience configuring NAT and PAT routing solutions.
• Migration from Nortel PBX to Cisco Unified Call Manager 8.0.
• Design and Implement Cisco Wireless network in North America and Canada.
• Test and implement dial plans for fast dialing throughout North America.
• Design, configure and maintain all networking equipment for North America, Canada and Mexico.
• Configure Cisco and Juniper routers, switches and firewalls.
• Manage all of Cisco equipment maintained with Cisco Smartnet contracts.
• Maintain Visio network diagrams for the AGCO network for North America, Canada and Mexico.
• Team lead on designing, implementing and provisioning AGCO new Cisco Internet Protocol Telephony System (IPTS) for North America, Canada and Mexico.
• Team lead on planning, designing and implementing migration plan to move existing users from

Confidential, Atlanta,GA

Network Engineer

Responsibilities:

• Deploy, and support Cisco Call Manager/Call Manager Express and Cisco Unity (VM/UM)/Unity Express solutions
• Configure and support Cisco VOIP phones voicemail and visual voicemail via Unity, installs, moves, adds, changes in Cisco VOIP environment.
• Design disaster recovery systems backups for multiple clusters throughout Afghanistan.
• CUCM v 4.12(c) & 6 to 7.0 via Windows 2003 Server Remote Desktop Connection VPN install configure and maintain Cisco ASA firewalls
• System administration to CUCM / CUCME / IPCC through Call Manager & UNITY
• Configured CUCM, routers, switches, terminal servers & voice gateways, call routing.
• Implement H.323 and Media Gateway Control Protocol gatekeepers to set IP Phone features, Enabled Call Admission Control, automated alternate routing & extension mobility environment placed on - net / off-net phone calls, media resources Established SRST over the PSTN, In-bound / outbound calling telephony network template for deployment CoS, DID, H.323, RTP, OSPF, MGCP, SIP, SCCP, MLPS, CODECs G.703, G.711, G.729, G.732 and ISDN PRI voice protocols, convergence QoS, weight of bandwidth traffic calculations LAN/WAN operation design T1 voice and data transport, using frame relay and private line networks PRIs to CUCE Video H.261 protocols and equipment, IPv4 / IPv6 addressing and router components and functionally completion to Voice Mail & IP Hosting.
• Installed and configure ARI deployment for Cisco Unified Intelligent Contact Manager ICM Provisioned, Test & turn-up CUCME