SUMMARY:

• Work with business units to review, design, plan, manage and implement various security solutions to support the business needs, while providing the best balance of security and functionality.
• Continually review infrastructure and work with information technology groups to ensure that PCI - DSS and SOC-1 requirements are met.
• Assist in the gathering of evidence for PCI-DSS and SOC-1 compliance audits
• Monitored and supported high speed / low latency inter-state wireless network solution utilizing both Arista networks switches and Cielo wireless solutions for issues.
• Provided both on-site and remote support to various SMB customers, supporting desktop, server and network environments.

TECHNICAL SKILLS:

• Superior customer service experience and skills.
• Exceptional leadership and mentoring skills
• Strong analytical and problem resolution skills. To include the troubleshooting of hardware, software, network and security related issues.
• Extensive experience with the design, implementation and administration of various enterprise level security solutions to include corporate Next Generation firewalls, Web Application Firewalls, IDS/IPS, Network Access Control (NAC), Web filtering and SIEM solutions. (Vendor specific competencies include but not limited to Palo Alto Networks, Checkpoint, Cisco, Sophos, Imperva, F5, Sourcefire, Forescout, Bluecoat, WebSense)
• Extensive experience with the design, implementation and administration of various LAN, WAN, WLAN and WWAN infrastructures utilizing 3COM, Arista, Juniper and Cisco routers and layer 2/3 switches. Including various routing protocols such as BGP, EIGRP and OSPF.
• Skilled in network performance troubleshooting using a variety of tools such as Wired & Wireless Packet Capture (Netscout & Wireshark) and 802.11 Spectrum Analyzers.
• Experience installing, managing and troubleshooting VMWare ESX 3.5 - 5.5, Windows Virtual Server and Windows 2012 Hyper-V technologies.
• Extensive experience supporting and administering Windows 2000 - 2012 Active Directory and Exchange 5.5 - 2010.
• Expert knowledge of Windows operating systems to include most recent Windows server and client platforms as well as other operating systems.

PROFESSIONAL EXPERIENCE:

Confidential, Fort Worth, TX

Sr. IT Security Architect

• Work with business units to review, design, plan, manage and implement various security solutions to support the business needs, while providing the best balance of security and functionality.
• Continually review infrastructure and work with information technology groups to ensure that PCI-DSS and SOC-1 requirements are met.
• Assist in the gathering of evidence for PCI-DSS and SOC-1 compliance audits
• Work with analysts and other staff as technical escalation point for security related events and incidents.
• Design, Implement, manage and monitor enterprise wide firewall and VPN solutions consisting of a combination of Palo Alto networks, Cisco ASA and VMWare NSX and Pulse Secure.
• Manage and monitor other deployed security solutions such as Proofpoint PPS - Email Security, RSA - Data Loss Prevention (DLP), Tripwire - File Integrity Monitor, Imperva - Web Application Firewalls, Symantec Endpoint Protection, GFI and FireEye Anti-malware solutions for events
• Perform security log review and analysis utilizing LogRythm SIEM in addition to other threat analysis tools.
• Assist security analysts in review and response to security related tickets ranging from technical/security issues, web filtering, email security, etc…
• Perform security awareness training to all new hire employees and contractors.

Sr. Network Support Engineer

• Monitored and supported high speed / low latency inter-state wireless network solution utilizing both Arista networks switches and Cielo wireless solutions for issues.
• Provided both on-site and remote support to various SMB customers, supporting desktop, server and network environments.
• Assisted on-site network team with managing the business firewall utilizing Palo Alto network firewalls

Sr. Network and Systems Engineer

• Redesigned network infrastructure to support redundancy, load balancing and improved security based upon industry best practices and PCI-DSS guidelines.
• Redesigned Active Directory infrastructure to provide centralized authentication of systems and applications vs. local system authentication of same systems and applications.
• Designed and migrated network perimeter security from internet directly connected servers using and not using software firewalls, to having everything behind a single HA cluster firewall solution using Sonicwall firewalls and IPS.
• Proposed and implemented company’s first Antivirus solution utilizing Symantec Endpoint Protection.
• Implemented network monitoring and patch management solution utilizing Solarwinds Network Performance Monitor (NPM) and Solarwinds Patch Manager.
• Introduced and implemented change control/management framework for application and solution development.
• Responsible for ensuring PCI compliance by performing PCI Self-Assessment Questionnaire (SAQ) as well as perform monthly vulnerability testing and reporting to upper management using external 3rd party service.
• Work with vendors to review new solutions, best practices and cost reduction.

Sr. Information Security Lead

• Selected post company merger to start up new IT Infrastructure group responsible for all aspects of information security.
• Provide input regarding security related issues on all IT related projects.
• Responsible for developing and maintaining corporate information security policies and procedures.
• Responsible for working with other Audit and business owners to ensure Information Technology compliancy in relation to Sarbanes Oxley and HIPAA to include policy creations, auditing and reporting.
• Responsible for collecting and reporting weekly on security related events and security systems metrics to Sr. IT Management.
• Responsible for developing user training material and performing Information security related training classes to both current and new employees.
• Work with vendors to review new solutions, best practices and cost reduction.
• Responsible for performing and coordinating regularly scheduled internal and external penetration testing on various network hardware and systems.
• Responsible for performing regularly scheduled system vulnerability scans to verify and remediate security patch levels are current using a combination of tools such as GFI LANguard, Nessus and Windows Server Update Services (WSUS).
• Responsible for maintaining and administering infrastructure security devices such as Firewalls, Intrusion Prevention Systems (IPS), Antivirus and Network Access Control (NAC).
• Responsible for maintaining and monitoring email security using Proofpoint systems
• Responsible for maintaining and monitoring corporate IM and malware monitoring solution utilizing Facetime IM and UTG.

Network and Systems Lead

• Responsible for supervising a team of six in the day to day duties of maintaining the highest availability of the network infrastructure and systems support to over 1500 users including direct support to C-Level executives.
• Responsible for training and supervision of Jr. level administrators
• Responsible for collecting and reporting weekly on helpdesk and systems metrics to Sr. Management.
• Responsible for providing growth opportunities to direct reports by providing coaching, goal setting and other methods to help the Jr. Administrators grow personally and professionally.
• Responsible for developing user training material and performing training classes over various applications and systems.
• Work with vendors to review new solutions, best practices and cost reduction.
• Act as second and third tier resource to Jr. Administrators and Jr. Network engineer.
• Responsible for maintaining and monitoring email security using Proofpoint systems
• Responsible for maintaining and monitoring corporate IM and malware monitoring solution utilizing Facetime IM and UTG.
• Responsible for administering, maintaining and monitoring corporate email solution using Exchange 2007
• Responsible for project planning using Microsoft Project Server 2003 and 2007
• Responsible for administering, maintaining and troubleshooting corporate VMWare ESX environments
• Responsible for working with other Audit and business owners to ensure Information Technology compliancy in relation to Sarbanes Oxley and HIPAA to include policy creations, auditing and reporting.
• Responsible for maintaining and administering infrastructure security devices such as Firewalls, IPS and NAC.

Sr. Network Engineer

• Responsible for designing, documenting, implementing, maintaining and troubleshooting a complex LAN/WLAN/WAN infrastructure using various Cisco and Juniper routers and switches for over 27 locations including disaster recovery site supporting 1500 users over MPLS T1, DS3, point to point T1s and site to site VPN utilizing a combination of routing protocols such as BGP, EIGRP and OSPF.
• Responsible for installing and maintaining corporate WAN Acceleration and Optimization services utilizaing Riverbed appliances.
• Design and Maintain corporate Remote Access Solution utilizing Cisco 3000 Series VPN Concentrator, Checkpoint VPN-1 and Citrix Presentation Server 4.5.
• Administer and maintain corporate firewalls utilizing Checkpoint NGX (Crossbeam, UTM and Nokia platforms), Cisco PIX 515E, Cisco ASA 5500 Series.
• Maintain and Monitor corporate Network Access Control solution utilizing Forescout CounterAct.
• Maintain and Monitor corporate IDS/IPS solution (Sourcefire).
• Monitor and maintain corporate web filter solutions (Websense & Bluecoat SG)
• Provide input and recommendations to improve network performance, stability and security.
• Design, deploy and maintain corporate 802.11B/G/N Wireless infrastructure consisting of Cisco Aironet 1200 series and Aruba Light Wireless Access Points. Utilizing WEP and 802.1x security.
• Administer user network/email accounts on Windows 2003 Active Directory domain and MS Exchange 2003 using MS Outlook 2003 - 2007 clients.
• Administer and maintain corporate anti-virus and anti-spam solution using Trend Office Scan and Symantec Enterprise Protection.
• Provide tier 2 & 3 support and act as mentor to PC Techs & Jr. Admins
• Responsible for designing, documenting, implementing, maintaining and troubleshooting Citrix Server Farm utilizing Citrix Presentation Server 4.5 and Web Interface.
• Provide quarterly lunch and learn training sessions to users to teach them application and network/PC security best practices

Network Engineer/Administrator

• Provide resolution to escalated customer service or technical related issues.
• Provide input and recommendations to improve network performance, stability and security.
• Administer, document and troubleshoot LAN/WAN environment using various Cisco 1600 - 2600 series routers, 3002 VPN clients, 2900 series switches for over 20 locations supporting 500 users over several different WAN infrastructures to include Point to Point T1, Point to Point/Point to Multipoint Frame-Relay and Point to Point over MPLS utilizing using a combination of routing protocols such as BGP, EIGRP and RIP v2.
• Administer and maintain corporate firewalls utilizing Cisco PIX 506E - 515E and Sonicwall.
• Maintain and monitor performance of corporate VPN solution utilizing a Cisco PIX, Cisco VPN Concentrator and Windows 2003 RAS/PPTP server.
• Maintain corporate 802.11B/G WiFi infrastructure using Cisco Aironet, Linksys and DLink wireless access points.
• Administer and maintain corporate terminal servers utilizing Windows 2000/2003 Terminal Services.
• Administer user network/email accounts on Windows 2003 Active Directory domain and MS Exchange 2003 using MS Outlook 2003 clients.
• Administer and maintain corporate anti-virus and anti-spam solution using Symantec Antivirus Server.
• Administer, maintain & support Blackberry Enterprise Server and Blackberry Handhelds using 3.6 and 4.0 software.
• Maintain corporate 802.11B/G WiFi infrastructure using Cisco Aironet and DLink wireless access points.
• Provide general networking support to remote home-office users.

Sr. Network Administrator

• Supervise and assist with day to day operations of network data center and staff as well as provide leadership and mentorship to Jr. Network Administrators, PC Technicians and Helpdesk personnel.
• Provide project management and technical consultation on all PC and network related projects.
• Provide resolution to escalated customer service or technical related issues.
• Provide input and assist in the creation of IT policies and procedures.
• Administer, and troubleshoot Data & VoIP LAN/WAN environment using Cisco 2900 - 4000 series switches and 1700 series routers using various methods protocols such as VLans, EIRGP, and HSRP.
• Monitor and troubleshoot server and network environment using Cisco Works, What’s Up Gold, Etherpeak, Airopeak and PRTG/MRTG.
• Maintain department 802.11B/G WiFi network using Cisco Aironet wireless access points.
• Administer and maintain company firewall and VPN solutions using Checkpoint Firewall NG + AI and Netscreen (Juniper) 5GTe solutions to maintain overall network security and remote connectivity.
• Administer and maintain remote and local client access solution utilizing VPN technologies and Citrix Metaframe XP/Terminal Services in a multi server farm.
• Administrate user network/email accounts on Windows NT/2000/2003 Active Directory domains and MS Exchange 5.5/2000/2003 using MS Outlook 2000, 2002 and 2003 clients.
• Administrate and maintain corporate anti-virus and anti-spam solution using Trend NeatSuite products.
• Performed daily duties of maintaining Windows NT/2000/2003 network and workstations. Network backups, print server, etc...Troubleshoot and resolve network and client hardware and software related issues
• Administer, maintain & support Blackberry Enterprise Server and Blackberry Handhelds using 3.6 and 4.0 software.
• Develop research and test new ideas, products and procedures to improve the efficiency of the IT department and city employees.