SUMMARY:

Over thirty years of solid technical experience around network designprocurement, implementation, testing, maintenance, and network analysis using the most advanced network management tools available. Has demonstrated technical abilities to perform complex troubleshooting tasks at all levels of the Enterprise and Data Centers including WANs, MANs and LANs. Great oral, written communication and team building skills through full spectrum leadership, extensive international experience.

MANAGEMENT SKILLS:

• Management experience at the Personal, Project, Product and Program levels.
• Managed over 40 IT Security staff, as well as represented and negotiated Telecommunication Project aspects all over Europe and Latin
• America. Personally managed Telco distributors and customers all over the world in 8 different languages including Telenordia in Sweden and Finland, BT
• Comunicaciones in Spain, PT Austria in Vienna - Austria, Teledenmark in
• Copenhagen-Denmark, Viag interkom in Germany, Albacom in Italy, Cegetel in
• France, Telnor and Telfort in Norway, Sunrise in Switzerland, BT Syncordia /
• Docklands and BT in the UK, and others in the Asia-Pac rim.
• Also managed 15 engineers in a world wide NOC operations center for the Confidential
• DCMA and DLA networks.

FINANCIAL SKILLS:

• Founded and project managed the CPE Helpdesk for Global accounts for Confidential equipment resale as well as AVAYA and NORTEL in the excess of 40 million dollars.
• Interacted with all company financial groups including worldwide sector CFOs to sign off on margin analysis spreadsheets and provided customer support on a 24/7 basis. Interacted with Confidential for the purchase and distribution of high end backbone products such as Catalysts and ATM BPX/MGX/IGX switches.
• While acting as an exec VP of operations I was involved in all aspects of financing to maintain cash-flow and profitability while minimizing cost. ROI and TCO analytical performance evaluation on short and long term projects.
• Managed budgets and financial goal expectations through pro-active methods.

EXPERIENCE:

Confidential, Melville, New York

Global Security manager

Responsibilities:

• In charge of the Security Operations team: (23 level II and III security SMEs)
• :Level III network/security architecture, design and implementation
• Palo Alto firewall support including 3020s, 5060s and other models all across the world
• Fire Eye and Gigamon 10 gb tap implementations from NetOptics taps
• AlgoSec firewall compliance tool daily operations
• SkyBox firewall tool being installed to replace AlgoSec
• Confidential ASA 5520 and 5512 support throughout 150 MPLS circuits around the world
• Juniper VPN and NMS console for support of client access VPN
• RSA console and support for fob and remote vpn users
• Qradar syslog implementation and support at four data centers across the world
• F5 GTM support for US data centers and Oevel Belgium
• ProofPoint email cloud solution support
• McAfee ePO console and support
• CheckPoint firewall support and migration to Palo Alto firewalls underway
• Zscaler forward and reverse proxy support with complex PAC file
• PCI firewall zone support
• SOX 404, GRC governance and SOC type I and II reporting
• Regulatory controls for compliance and risk
• 24x7 world wide support to all sites including US, America, EMEA, Africa, Asia Pacific, and eighteen buildings in New York

Confidential

IT Security manager

Responsibilities:

• In charge of six Security Tower teams: (29 level II and III security SMEs)
• Solutions architect and business transformation initiatives
• Corporate reporting and liason with several executive members
• Security Operations lead and responsible for all priority one through four incidents
• Service Now expert and CMDB cloud integration/encryption
• Threat analysis for potential internal/external attacks ( ddos, mitm, honey pots, optical bypasses, VSS, IPS and DLP, PII data)
• Splunk and SIEM (24x7syslog and Cyber threat analysis and support)
• NERC/CIP, FERC and NRC for several teams and electrical generation transmission regulatory compliance
• Juniper firewall support to multiple Nuclear and Fossil electric plants with IPSEC through MPLS connections including security zones architecture
• F5 Load balancers and Netscaler Citrix support
• Smith Micro vpn concentrators suppot
• Mcafee web gateway support of white, black lists, ssl 3.0, dtls,etc
• NSM support to all Juniper netscreen firewalls
• CheckPoint gateways running IPSO R75.20. R75.40 and lately upgraded to Gaia R77.30 Smart center
• SOX controls and audits to Grant Thornton for SOC1 type I and II plus SOC 2 type I and II evidence gathering
• Nessus penetration testing and CVE remediation
• Storm, disaster recovery and business continuity plans
• Aruba and Confidential corporate wireless support

Confidential, Tampa, Florida

Senior Network Engineer Architect

Responsibilities:

• In charge of enterprise CheckPoint and Confidential ASA firewall clusters
• Design of ingress architecture from partners and internet access to Confidential Nexus 7k core with multiple VDCs, VRFs, SVIs and VPCs.
• F5 load balancer (3600 and 4200) architecture and support for more than 300 websites with LTM, ASM and GTM cluster deployment in two data centers, VIPRION hardware or stand alone HA clusters
• Bluecoat proxy servers implementation with WCCP and explicit proxy architecture (SG600s)
• Confidential ASA PCI architecture implementation and support for multiple access, personal and phone vpns with DTLS, many ipsec tunnels to multiple partners
• Solarwinds NMS for fast polling cycle to all devices including Netflow
• Tivoli TEM to important Applications, dhcp servers, dns servers, linux and Windows servers running on ESX hosts and VMWARE environment
• Network Instruments multiple 10 Gb packet sniffer with Gigastor, Netbrain network map tool to all network traffic real time analysis
• IPAM ip solutions using QIP and Bluecat servers
• McAffee SIEM security log server, IPS, IDS, DLP, for intrusion detection and forensic analysis
• Other tools, Confidential ACE TACACS and ISE Identity Services Engine, Tripwire and Skybox security, VM VBLOCK blade architecture

Senior Network Engineer Architect and Analyst

Confidential

Responsibilities:

• Support daily operations to the Nexus switch fabric and architecture designs for LACP trunking plus port activations support
• Worked on Confidential ASA 5505. 5510, 5540 & 5585 ASDM and cli
• CheckPoint R75 Smartdashboard, Sonic Wall FWs and SRX 240 support
• Creating and supporting Checkpoint rules in different zones, edm ext,edm internal, idmz, rdmz, pdmz,
• Support of all FWSM firewall modules on core switches to support hundreds of pci segments in different contexts managed by ASDM and CSM security manager
• Support of all CSS content switches in multiple locations, writing content rules, and services activated or suspended through HSE hosting solution engine by hundreds of users worldwide
• Running complex packet captures with Netscout Inifinistream and packet flow switches PFS aggregated from 1 to 10Gb feeds to 40 Gb access to the sniffer
• Management and support of Juniper SRX firewall/router platforms
• Sevone Network management tool report and snmp poller
• Voyence network compliance tool management and reporting
• QIP Lucent IP/DNS management solution to all sites, VIPS,RIPS, etc
• Anue port mapper solution to filter traffic at 10Gb speeds through optical taps

Confidential

Senior Network Engineer Architect and Analyst

Responsibilities:

• Architect network enterprise solutions for multiple network technologies
• Configuration and maintenance of F5 load balancers LTM 3400 and 3900 ASM 3400, Enterprise manager and link controllers
• Checkpoint R75 enterprise console for IP395s, UTMs and Power 1 Firewall configuration and maintenance
• Juniper MX, SRX, M, T series router configurations and maintenance
• Juniper NSM, SPACE router network management solutions
• Confidential catalyst 6509s, NAM, 3750, 2960 POE, 2811 fw, 1841 routers
• Confidential wireless CSM and Flex 7500 controlling hundreds of APs all over the US
• Tripwire enterprise security tool administration and architecture
• PCI architecture and vlan segmentation designs
• COOP site design and cloud failover
• Loglogic, Orion Network Management via SNMP, Netflow, Trap events & syslog
• IBM I series AS400 mini computer client/server configuration for vpls layer II traffic encapsulated in gre/ipsec tunnels from all stores to HQ
• Iprism proxy server configuration and maintenance

Confidential

Senior Network Engineer Architect and Analyst

Responsibilities:

• Architected TNMA/NMS with the use of Netcool MOM (manager of managers udp 162 traps to Omnibus/Object server and webtop)
• Netcool Reporter/Impact server/MTOSI DISA adaptor and rule filters
• Performance management SNMP/NetFlow NetQoS Reporter Analyzer, Harvesters, NetFlow managers, DSA database, RA NPC (Network Performance Center) single sign on Portal
• NetQoS SuperAgent server performance and packet analysis through GigaStor and Observer software
• NetQoS NetVoyant SNMP poller for network analysis and statistics
• Packet Design REX Route Explorer BGP/EIGRP/ISIS/OSPF modeler and network simulation
• Confidential Network Configuration Manager for all router configuration management and policy enforcement
• ArcSight Security manager for IDS, PIX and SideWinder Firewall event correlation to feed root cause engine in the manager of managers
• OPNET VNE, SP GURU, NET DOCTOR, ACE and NetMapper network modeling and simulation via SNMP data collected in NetVoyant
• Remedy ITSM 7.0, integration to ticketing-inventory system
• Tier I service provider network management with DISA tier 0 backbone
• Layer II Promina satellite tactical and strategic deployment managed by Panaview and Maxview software COTs & GOTs solutions
• Supporting over 4000 SIPR/NIPR/CENTRIX/RIPR global connections over many diverse paths and routing schemas to the AOR

Confidential, Alexandria, Virginia

Senior Network Engineer / Manager

Responsibilities:

• Supervised fifteen WAN engineers in support of the DCMA worldwide operations
• Reporting through Concord Ehealth and Spectrum SNMP console
• Confidential shop with catalysts 6509, 6513 and 6500 CAT OS and IOS
• DISA information systems network service provided links Tier 0
• OC-12, OC-48 links between main data centers across CONUS
• CONUS, OCONUS 24x7 support from the NOC with rotating pagers
• WAN links accelerated with Riverbed WAN accelerators
• BGP/OSPF redistribution and route reflector/confederation failure backup
• ATM/Frame Relay to multiple sites in OCONUS, Hawaii, Germany, etc
• SONET/SDH connections between core sites and low latency SLAs
• Multiple telecomm carrier diversity and tactical satellite data comms