We provide IT Staff Augmentation Services!

Lead Consultant Resume

New York, NY


Over 12 years of experience as a security professional, with a combination of risk management, information security, and IT consulting, to include the following: Information security role • IT leadership • Relevant experience in AWS Cloud Architecture, network firewall security, project management, with demonstrated achievements and progressive responsibilities


Confidential, New York, NY

Lead Consultant


  • Responsible for the architecting, design and deployment comprising of build release management, software configuration, design, development of multi - tier and web applications scalable using AWS services
  • Experience in various services via AWS management Console, AWS CLI and using Amazon Api using Java.
  • Involved in the design and deployment of various applications utilizing AWS stack including EC2, EBS, VPC, Route53, S3, RDSDB, DynamoDB, Lambda, ELB, CloudFront, CloudTrail, CloudWatch, Redshift and IAM
  • Technical acumen and customer-facing skills that will enable to effectively represent AWS within a customer’s environment, and drive discussions with senior leadership regarding incidents, trade-offs and risk management
  • Manage users, groups and roles in IAM, and create security groups for inbound/outbound access to instances
  • Created VPC’s, both public and private subnets and distributed them as groups into various availability zones
  • Created S3 buckets, with various life cycle policies to archive the infrequently accessed data to Glacier, EBS volumes for storing applications for EC2 instances when iSCSI mounted and snapshots to backup volumes to S3
  • Configured DNS with lookup zones using Route53, configured DNS failover and monitored health checks
  • Created and configured Elastic Load Balancers and Auto Scaling Groups to distribute the traffic and to have a cost effective, fault tolerant and highly available secure hosting environment.
  • Lead engineering design metrics of Check Point Security Solutions R77.30 and R80.10 GAIA software blades
  • Manage Checkpoint policies, security architecture via Provider-1, Check Point VSX firewall virtualization
  • Configuration of Cluster XL technology and IP clustering for high availability and Cluster Control Protocol (CCP)
  • Troubleshoot connectivity, debug processes, packet captures, fw monitor, tcpdump services that we manage
  • Support including IPS, Anti Bot, DLP, Sandblast, Endpoint Security and VPN
  • Other Firewall knowledge a plus (Cisco/Juniper/Palo Alto)
  • Advise client executive on their cloud strategy roadmap, improvements, alignment and further improvements
  • Manage MSSP team offshore SOC personnel, providing eye on the glass monitoring of malious threats via Splumk
  • ITIL Foundations Management processes

Confidential, Alpharetta, GA

Sr Security Engineer


  • Engineered, deployed Check Point Next Generation Firewall, R75 - R77 GAIA, VSX, VPN managed thru Provider-1
  • Provides installation, configuration, and administration of firewall rule sets, network traffic flows in an enterprise environment, involving network application flows between multiple hosts and geographic cations
  • Experience in deploying, configuring security solutions, related tools including Cisco ISE, Cisco ASA, VPN
  • ISE Threat Centric NAC with Sourcefire and Cisco Advanced Malware Protection (AMP) administration
  • Wired/Wireless, guest, profiling content aware policies, authenication/authorization policies, posture assessment, supplicant configuration, BYOD on-boarding and registration and deployment phases
  • Use of proxy Blue Coat to provid e filtering of web content, inspect encrypted traffic, and guard against malware
  • Confidential ESM and Confidential Logger to analyze logs from Checkpoint and BlueCoat security devices
  • Use of Remedy/ServiceNow change management system to closure

Confidential, PA

Sr Security Analyst


  • Checkpoint Firewall Administration and Operational support of topology, security and firewall policies
  • High level hands-on engineering of Checkpoint software blades, R77.30 via Provider-1
  • Tufin Secure Track for policy change management, policy analysis, auditing, compliance and reporting
  • VPN troubleshooting and debug, tunnel management configuration and encryption issues
  • Knowledge of Global policies, Cluster XL, Checkpoint IPS
  • Working knowledge with F5 Local Traffic Manager and various load balancing technologies

Confidential, Sandy Springs, GA

Device Mangement Engineer


  • Engineering, deployment of Checkpoint R65 - R77 in GAIA, SLPAT, Crossbeam and/or IPSO software platforms
  • Deployed, implemented and supported Cisco PIX, Cisco ASA, Netscreen
  • Conduct continuous monitoring and analysis of security threat information, event logs via Confidential QRadar use cases
  • Perform protocol and kernel analysis, raw packet IP captures using tcpdump, snoop, fw monitor
  • Provides protocol analysis using in-depth knowledge of protocols and open source tools
  • Participates in Global incident response and coordinate any security incidents on a 24/7 basis

Confidential, Stamford, CT

VP Global Security Operations


  • Develop, implement and monitor strategic, comprehensive information security risk management program to ensure the integrity, confidentiality and availability of information is owned, controlled or processed by the organization
  • Engineering Checkpoint software blades running on GAIA R77.10, and manage Juniper SRX firewall series platforms
  • Tufin Secure Track for policy change management, policy analysis, auditing and compliance, and reporting
  • Knowledge and experience with applying HFAs on Checkpoint software blades and product
  • Checkpoint IPS protections to identify and or prevent and mitigate malicious activity
  • VPN troubleshooting, debug, tunnel management configuration and VPN encryption issues
  • Conduct continuous monitoring and analysis of security threat information via Confidential ESM content development
  • Participates in Blue Team Incident Response team, coordinate with Cyber Security Incident Responder
  • Knowledge of Sarbanes-Oxley Act (SOX) and Payment Card Industry/Data Security Standard (PCI/DSS)

Confidential, Reston, VA

Professional Services Engineer


  • Design, implementation and deployment of Confidential Professional Services, solutions, architecture and upgrades
  • Installation, integration of Smart connectors, Databases, Manager, Console, Logger, Connector appliances
  • Develop and direct the development of content for a complex and growing Confidential infrastructure, including Use Cases, Dashboards, Active Channels, Reports, Rules, Filters, Trends, and Active Lists in support of SIEM initiatives
  • Life-cycle management of Confidential platforms to include coordination and planning of new eployments and upgrades

Confidential, Dunwoody, GA

Network Security Sr. Advisor


  • Bank of America Technology Group implementation and administration of Checkpoint FW-1 NGX R60 - R75, Provider-1, IPSO, Crossbeam
  • Juniper Network SRX services gateways, Netscreen SSG/ISG/NSM and Cisco PIX/ASA VPN
  • Deployed, implemented and supported Palo Alto and Sourcefire IPS
  • Troubleshoot issues with NAT, TCP/IP,, EIGRP, static routing and BGP, OSPF proxy ARP
  • Performed firewall rule modification, reviewed network traffic flows to filter required firewall rules to lock down application, and troubleshoot firewall problems over the enterprise environment
  • Strong knowledge of Linux, Unix, Windows, performs Unix and Perl scripting
  • Perform vulnerability and threat assessments using Nessus
  • Provides systems and network diagram documentation using Visio

Confidential, Omaha, NE

Security Engineer Analyst


  • Primary responsibility consists of implementation, administration, troubleshooting, Nokia IPSO 4.2 devices running Checkpoint NGX R65 instances, HA configuration, Checkpoint Provider-1 management environment
  • Comprehensive experience with site-to-site, client-to-site VPN encompassing IPSEC, IKE protocols
  • Administration, configuration of Juniper SSL/Network Connect VPN and Cisco PIX/ASA VPN
  • Enterprise web security protection with Blue Coat ProxySG integration, control and acceleration
  • Knowledge of TCP/IP, OSI layers, network protocol analysis, raw packet captures using tcpdump and fw monitor
  • TCP/IP network connectivity, utilizing troubleshooting commands tracert, netstat, traceroute, ping, nslookup, etc

Confidential, Nashville, TN

Information Security Engineer


  • Checkpoint FW-1 management servers, Nokia firewalls from NG R55 to NGX
  • Implemented replacement of Cisco PIX firewall with six pairs of Cisco ASA 5540 appliance
  • Performed HIPAA security audit of business facilities and system components, protected stored

Confidential, Sandy Springs, GA

Information Security Engineer


  • Responsible for the engineering, implementation, administration of Checkpoint NG AI, NGX, Nokia/Crossbeam

Hire Now