PROFESSIONAL EXPERIENCE:

Security Consultant

Confidential, Arlington, TX

Responsibilities:

• Support and administration for all PAM (Privileged Access Manager) PCI related requirements
• Administration for Beyond Trust and Cyber Ark PCI related requirements and duties

Security Consultant

Confidential, Arlington, TX

Responsibilities:

• Support for all Checkpoint firewalls on R77.10, .20, and .30
• Support for all Checkpoint Provider - 1 environments
• Led all firewall remediation efforts for PCI requirements
• Implementation, support and upgrades for Blue Coat Proxy SG510, and 810
• Led remediation for all PCI related infrastructure
• Documented all PCI related configuration documentation for completed ROC

Confidential, Arlington, TX

Security Consultant

Responsibilities:

• Responsible for daily support of Imperva SecureSphere WAF v11.5, for alerts, support and administration
• SME for Threat stream, Bit9, Splunk, Q-Radar
• Support for all security related issues throughout the corporate SaaS environment

Confidential, Arlington, TX

Security Consultant

Responsibilities:

• Support and upgrades for all Checkpoint firewalls on the client global network
• Firewall versions are R75.40 and R77.20 Support for 200 Checkpoint firewall models, which are 12600, 21400, and 4800
• Support for all Provider-1 infrastructure and corporate domains
• All firewall configurations with HA failover
• All URL filtering for corporate environment enforced with Checkpoint URL filtering service in R77.20
• Disaster Recovery testing for firewalls and infrastructure
• Full testing with application owners, application testers, and technical teams
• Support for all PCI related initiviatives
• Worked with PCI stakeholders, and led internal project team to deliver ROC on time

Confidential, Irving, TX

Security SME and Security Project Manager

Responsibilities:

• I pulled firewall and router configurations with Firemon, along with editing all company PCI documentation to meet PCI DSS standards
• I led QSA observations for all processes, procedures, and reports for all tasks and requirements Perform remediation tasks for firewalls, routers, and IPS infrastructure
• Met with Vice-Presidents, and Senior Vice-President's weekly, to ensure all PCI audit timelines and deliverables were met
• I was personally responsible for ensuring that all PCI audit project documentation was uploaded to SharePoint, and that all tasks, and responsibilities were updated and tracked in QuickBase
• I tracked all PCI project timelines in MS Project, and distributed it to senior management, the security team, and the QSA auditors
• Corporate URL filtering enforced with WebSense Security and Web Filtering
• Client compliance settings, policies, and infrastructure analyzed and compared for PCI DSS 3.0 audit Fireeye 7400 NX series appliances used for threat detection, management, and analysis

Confidential, Arlington, TX

Security Consultant

Responsibilities:

• Support and upgrades for all Checkpoint firewalls, and datacenter migrations
• All Checkpoint environments have an HA Provider-1 Smart 50 appliance for redundancy
• Each checkpoint environment contains 100 firewalls running in an HA configuration
• All firewalls are upgraded to R75.45 from their original firewall revisions
• Company URL filtering enforced with WebSense Security and Web Filtering suite
• Support and administration for Imperva G4 Securesphere WAF.

Confidential, Arlington, TX

Security Consultant

Responsibilities:

• Supported, designed, and upgraded all Checkpoint firewalls running R75.40 Support for all Provider-1 environments with 150 Checkpoint gateways
• All firewalls are in an HA configuration running on Checkpoint 21400 UTM's

Confidential, Bloomington, Illinois

Security Consultant

Responsibilities:

• Designed and implementation of sixteen 61000 blade system firewalls, and fifty 21400 firewalls for perimeter and segmentation of the network
• PCI DSS 20 and SOX requirement and mitigation support Ongoing support for the firewalls, and company applications
• The firewalls are on R7540, with a Provider-1 environment
• All firewalls are running in a HA configuration All management stations are Smart-100 devices in an HA configuration
• Vulnerability assessments done with Nessus, Internet Scanner, and Languard, for support of all compliance regulatory requirements
• Used Splunk within the corporate network for log analysis, alerts, and as a aggregation tool
• Full Disaster Recovery testing with application owners, application testers, and technical teams
• Fail-Over for all critical applications and infrastructure
• Firewall analysis for active/passive fail-over as well as support throughout full testing cycles

Confidential, Arlington, TX

Security Consultant

Responsibilities:

• Provided support for all Checkpoint and Cisco environments
• Provided 1 management upgrades from R65-R75
• All gateways are in an HA clustered configuration running VRRP
• Performed upgrades for all IP series firewalls from R65-R75
• The upgrades are to meet regulatory requirements for PCI audit remediation
• PCI DSS and SOX requirement and mitigation support

Confidential, Arlington, TX

Security Consultant

Responsibilities:

• Provided support for all firewall related activities and upgrades for the Checkpoint environment from R60 to R70, R71, and R75
• Supported for Confidential /Checkpoint firewalls in a P-1 environment with 300 firewalls
• Supported for all migrations, upgrades, PCI and SOX audit requirements, and vulnerability assessments
• Supported for all Juniper firewalls and related environments PCI DSS and SOX requirement and mitigation support

Confidential, Thornton, Colorado

Security Consultant

Responsibilities:

• Performed upgrades on all Checkpoint firewalls, and support for client services
• Firewalls are R65 and R70 clusters
• Administration of Juniper firewalls at corporate and Confidential locations

Confidential, Springfield, Massachusetts

Security Consultant

Responsibilities:

• Performed Checkpoint firewall upgrade of 50 firewalls from R55 to R65
• The firewalls were on Confidential IP 1220 platforms
• Administered Juniper 50, 200, 500, and SSG 520 firewalls
• Upgraded and administered 75 Fortinet 5000A and 100A firewalls
• Administration and management of all firewall environments for MassMutual clients was one of the daily tasks
• Management of each firewall is done remotely and onsite at client sites
• Network documentation was done with MS Access, Visio, and Power Point
• Microsoft Project was used to ensure that all project timelines were adhered too Security Management Tool was used to tailor company security policies
• All Juniper firewalls are managed through NSM Site to site vpn for all b2b and vendor tunnels with Checkpoint and Cisco vpn's
• McAfee was the anti-virus used at the desktop and server levels within Confidential
• All DMZ and intranet traffic was segmented with firewalls and acl's to ensure security to company resources
• PointSec was the encryption software used to encrypt all laptops for protection for Confidential users
• SOX audits were the driving force behind the firewall upgrades and network segmentation
• SOX vulnerability assessments where done on a monthly basis using Languard and Internet scanner
• Each assessment is tailored for SOX compliance, and is one of many layers in the risk mitigation arena and compliance framework
• Administration of Sidewinder firewalls at Confidential locations
• Supported Pointsec encryption products for the MassMutual corporate network
• Tailored policies and support around company business requirements

Confidential, Little Rock, AR

Security consultant

Responsibilities:

• Administered 24 firewalls running Checkpoint R60
• Upgraded the firewalls to R62, and all firewalls were running on Confidential IP 1220 firewalls
• Implemented two Site Protectors, Proventia G devices for Confidential client
• Administered Juniper firewalls consisting of 75, 100, and 200, firewalls
• Implemented Blue Coat SG510 and 810 appliances, and Blue coat reporter for the corporate network
• Checkpoint firewall upgrade from R55 to R65 on Confidential 390 appliances for headquarters and Confidential sites
• Risk assessments where done using Nessus, and Internet scanner, on a monthly basis to help ensure that risks to the network are mitigated in a timely manner for all Confidential client networks

Confidential, Houston, TX

Security Project Manager/ Security Engineer

Responsibilities:

• In charge of development of security solutions, and the evaluation of products suitable for security within all Confidential networks
• Over 15 years’ experience in Information Security related technologies, with experience in Cisco routing; Checkpoint firewall, and, IDS systems, Proxy Systems such as Bluecoat, Wireless LANS, Wireless IDS systems and vulnerability scanning systems and services in a corporate environment

Confidential, TX

Interim Security Manager

Responsibilities:

• Lead firewall team in multiple locations, for change management, firewall security related duties and IDS support
• All firewalls are Checkpoint R62, IPSO 42 IDS infrastructure is Proventia G appliances
• Confidential access support with Nortel Contivity appliances
• Risk assessments and vulnerability scans where done on a semi-weekly basis using Languard, and Internet Scanner, to ensure company resources are secure

Confidential, Arlington, TX

Security Engineer/Project Manager

Responsibilities:

• Firewall administration and configuration on Pix 515E, 525, and Checkpoint IP 1220 firewalls for Confidential clients

Confidential, Memphis, TN

Security Engineer/Project Manager

Responsibilities:

• Performed security audits on corporate network in support of NERC requirements
• Upgraded all Checkpoint firewalls to IPSO 38 NGAI R55
• Also administered Cisco PIX 520 and 515E firewalls running IOS 63 as well
• Used Languard to scan hosts for vulnerabilities, and used App Detective to scan for vulnerabilities on all databases
• Cisco IDS was also used for IDS
• Did a major DMZ upgrade using F5 load balancers, Blue Coat reverse proxies, Checkpoint firewalls, and Firepass vpn solution as well
• Support for all security related needs at the Confidential headquarters

Confidential, Woodland Hills, CA

Senior Security Engineer

Responsibilities:

• Put processes and procedures in place to start a new security department
• Wrote all IDS and Firewall assessments, testing methodologies, and setup all internal infrastructure for the new Enterprise Security Department
• Administered Juniper 50, 75, and 100 firewalls to segment off network traffic and applications for the corporate network
• Performed firewall testing utilizing Ixia Load, Ixia Chariot, and Ixia VPN for performance testing
• Other vendors used for testing consisted of Blade Software's Firewall Informer, and IDS Informer
• All of these where utilized to test for performance, conformance, and stress testing of the production infrastructure

Confidential, Bellevue, WA

Security Engineer

Responsibilities:

• All firewall rule pushes, firewall design, documentation, and troubleshooting
• Within the corporate network
• Firewalls consisted of Checkpoint IP 1260's, and 650's, in a Provider -1 environment
• Alteon load balancers where utilized as well

Confidential, Greenville, SC

Security Project Manager/ Security Engineer

Responsibilities:

• In charge of Internet Access, Security, Auditing, and all E-commerce Infrastructure
• The following are different platforms that where utilized to enforce security and handle the day-to-day infrastructure requirements: Permeo Security Server 41, and 42, Alteon Content Cache, 305, and 310, Alteon Ace
• Director 400, all used in load balancing and clustering
• Administered Nortel Contivity appliance for Confidential access to company resources for employees
• Web Trends 70, and 80, Checkpoint Firewalls running NG on 330, 440, and 650's, and Confidential Horizon Manager to handle all administration
• Administration with Pix 520 firewalls as well
• LAN/WAN design, administration, implementation, installation and maintenance of the corporate network
• The environment also consisted of UNIX, (AIX, Solaris, HP-UX, Linux Red hat, and Free BSD which had to then be hardened and secured using Bastille, or other unix hardening software)

Confidential, Los Angeles, CA

Security Engineer

Responsibilities:

• Emphasis on Firewalls, host penetration, IDS, vulnerability assessments, and security baselining
• SMS design and implementation of 5000 pc's, 50 servers, and all Y2K applications, consisting of Windows XP Pro, Windows 2000 Pro, Advanced Server, and Active Directory Structure as well

Confidential, Dallas, Texas

Senior Data Security Manager

Responsibilities:

• Designed, implemented, and managed the network security system for a company, which provides application, services to Fortune 500 clients and government agencies nationwide
• Administered corporate firewalls, Intrusion Detection Systems (IDS), host penetrations, vulnerability assessments, forensics, risk management, and related security issues
• Planned and managed an annual operating budget for equipment and payroll costs
• Training/Staff Development: Recruited, hired, trained, supervised, developed, and evaluated performance of 10-12 technical personnel in the Network Operations Center (NOC)
• Ensured staff achieved 999% uptime to comply with Service Level Agreements (SLAs)
• Migrated 50 servers from NT 40 to Windows 2000
• Migrated 1000 desktops using Active Directory as well
• Used SMS to push out the rollout

Confidential, Irving, Texas

Senior Data Security Specialist

Responsibilities:

• Recruited by management to design and implement a multi-layered security system for a major global Confidential of electronic products
• Managed and supervised installation and staffs on-site at facilities throughout North America, South America, and Asia
• Wrote documentation for security processes which conform to the ISO 17799 standard
• Administered all corporate Checkpoint and Pix Firewalls
• Monitored IDS consoles/agents and all Confidential capabilities, including Secure Identifications and
• Virtual Private Network (VPN) connections

Confidential, Texas

Firewall Security Project Manager

Responsibilities:

• Recruited by management to design and implement a global security portal for use by employees in all corporate facilities and vendors worldwide
• Consulted with department managers on a daily basis to anticipate, review, and resolve technical issues arising day-to-day business operations
• Confidential access administration with Nortel Contivity appliance
• Designed, implemented, and administered 4 Confidential IP 650s and four Pix 520's Administered 2 Ace Servers (1 Solaris and 1 Netscape Proxy Server)
• Monitored firewall logs for intrusions and the Cisco Netranger IDS for intrusion detection
• Created all accounts for Internet access and Secure ID's for Confidential access Documented, wrote, and implemented all rules to allow or restrict access to the corporate network by 50,000+ users and vendors worldwide

Confidential, Fort Worth, Texas

Security Engineer

Responsibilities:

• Researched and resolved technical issues to expedite the installation of the security system and ther issues involved with an enterprise network
• Managed, trained, developed, and evaluated performance of 25 Systems Engineers and contract technical employees
• Administered and maintained all changes to the corporate firewall of a major stock brokerage firm (Q-Investment) to ensure compliance with Y2K standards
• Detected and resolved Y2K issues
• Added security patches and hot fixes
• Monitored all CERT advisories
• Analyzed host penetration scans
• Conducted vulnerability assessments
• Administered the NT Server
• Trained Systems Engineers in the administration of
• Checkpoint Firewalls
• Also served as Security Engineer