Network/security Engineer Resume
3.00/5 (Submit Your Rating)
Ronkonkoma, NY
TECHNICAL SKILLS
- Cisco 2800, 2900, 3700 series, Adtran 4660
- Fortinet 240D, 300D, 600D, Juniper SG140, Palo Alto 3050, McAfee Firewall Enterprise (510,S3008), Cisco ASA 5510, Sonicwall NSA 4500, Pro 3060, WatchGuard Firebox II, IPTables
- Steelhead Riverbed EX760L, 2050, Citrix Netscaler 7000, Cisco 2900, 3500,
- 3700, 4500 series, Adtran 1534, 1638, Juniper EX 4300 switches, Dell PowerConnect 5424,
- 6224, HP Procurve 4000m, 4100gl
- Cisco 5508, Sonicwall NSA 4500
- Cisco 1200, 3600i, Sonicwall NDR, Ni, Ne Sonicpoints, Zebra
- HP DL 3700, 380 G5, 360 G5 series, Dell PowerEdge 2900 series, IBM (Netfinity, X Series, E Series)
- Overland Snapserver: 520, 410, EMC Cx300 SAN and NS350 NAS, Dell PowerVault 220s, 124T
- Symantec End - point Protection, OSSEC
- Microsoft Active Directory, Novell eDir, Network Information Service (NIS), OpenLDAP, IBM Secure Directory Server
- VMWare ESXi, KVM, Parallels, VirtualBox
- Microsoft Exchange, Postfix, Sendmail
- Microsoft Windows, Linux (Ubuntu, RedHat/CentOS, SLES), Cisco IOS, Riverbed RIOS, McAfee Secure OS, Palo Alto PANOS, Adtran AOS, FortiOS, JunOS
- Cisco Unified Communications Manager, Rightfax
- Relational Database Management Systems (RDBMS): MySQL, PostgreSQL apt-get, dpkg, yum, rpm, apt zypper, GFI LanGuard 2014
- ISC BIND, ISC DHCP, VSFTP, FTP, Apache, FreeRADIUS, Squid, OpenSSH, OpenLDAP, NTP, Syslog
- TCPDump, Wireshark/Tshark, Ettercap, Xprobe, Snort, OpenVAS, Nmap, Ncrack, Hydra, Netcat, Network Miner, OSSIM, Ophcrack, IKEScan, Nikto, AleinVault
- Device42, PHPIPAM
PROFESSIONAL EXPERIENCE
Confidential, Ronkonkoma, NY
Network/Security Engineer
Responsibilities:
- Support corporate network and high-available production co-located PaaS (multitenant) environment
- B2B (IPSec) liaise for business partner PaaS network connections
- Production customer PaaS network environment build-outs
- Data-center Information Management (DCIM) database maintenance:
- Network hardware, Support Agreements, and IPv4 resource tracking
- Cable-routing System documentation
- Network Security Controls review and refinement:
- Dataset (SIEM) analysis for intrusion intelligence and event remediation
- Perform routine Network Vulnerability Assessments to identify security posture
- Routine Common Vulnerability and Exposures (CVE) database inquiry to identify OS/application vulnerabilities
- Provide risk mitigation and remediation recommendations
- Introduce network access security controls
- Participate in incident response team and disaster recovery exercises
- Oversee network projects:
- Review network hardware specifications; present selection to C-level personnel for consideration
- Confer with project stake holders to ascertain expectations
- Construct project documentation (gantt chart, change-logs etc)
- Reconfigured dense single broadcast domain into a three tier hierarchical design (access, distribution and core layers)
- Improved media access by classifying, prioritizing application traffic and defining COS/DSCP trust boundaries
- Reconfigured corporate wireless network into function based SSID/ VLAN with end-user EAP/RADIUS/LDAP authentication and guest portal authentication
- Simplified network node administration by introducing Authentication, Authorization and Accounting
- Improved security visibility/intelligence by introducing open-source SIEM
- Redesigned production co-located PaaS network environment to securely support multi-tenancy:
- Modified VMware hypervisor's virtual switching environment (re-configured physical adapters into many-to-one relationship with virtual distributed switch (vDS) via 802.3ad, 802.1q trunking and hypervisor port-group 802.1q tagging)
- Re-engineered IPv4 address space: introduced CIDR/super- netting to satisfy the demand for unique address space per customer
- Implemented ingress network address translation (NAT) to alleviate customer address space conflicts
- Introduced distribution layer Internal Segmentation Firewall to enforce east/west security policies and mitigate web-tier to data-tier HTTP attacks (cross-site scripting etc)
- Introduced network performance monitoring for visibility into traffic flows and bandwidth usage (nfsen/nfdump and MRTG)
Confidential, New York, NY
Network Security and Systems Administrator
Responsibilities:
- Installation, configuration and monitoring of physical security systems (proximity readers and CCTV)
- Proactive risk/vulnerability network assessment
- Firewall administration (ASA 5500 series)
- Administered centralized Anti-virus/IDS solution (Symantec End-point Protection)
- Developed granular role-based access-controls for user-accounts via group policy (Active Directory)
- Implemented server, desktop logging solution and routine security audit reporting to management
- Administered cloud-based backup solution and performed disaster/data recovery exams (Iron Mountain eVault)
- System administration in ESXi environment (virtual guests: RedHat 6, Windows Server 2008)
- Solved automated, centralized deployment of Iron Mountain's PC Backup agent via GPO (Group Policy Object)
- Solved Symantec End-point Protection (SEP) policy distribution to Apple OSX clients
- Identified layer 3 VLAN routing security misconfiguration
Confidential, Holtsville, NY
Network Engineer
Responsibilities:
- Recommend network hardware to Director of Information Technology
- Liaise with product manufacturer and service provider
- VoIP administration
- H.323 and MGCP gateway configuration/administration
- Satellite office SRST configuration/administration
- CUCM configuration/administration (call routing, SIP trunk, soft/hard phone definitions)
- SuSE/CENTOS Linux system administration (virtual guest and physical)
- OS installation\upgrade, Package/patch management (Yum Zypper,
- NIC load-balancing
- LVM storage management
- OS Hardening:(IPTables, TCP Wrappers)
- LAN/WAN administration
- WAN optimization (Steelhead 2050 and EX760L)
- Switch, Firewall and Router IOS upgrades
- ACL modifications/creation, VLAN and stack administration
- Static and Dynanic route administration (EIGRP, BGP)
- IPSec and SSL VPN administration (ASA 5510)
- 802.11a/b/g/n administration
- Monitoring
- Performance monitoring (Solarwinds NPM, OpenNMS, ntop)
- Asset Tracking/Documentation
- Catalog hardware in RDBMS (MySQL)
- Network documentation and configuration maintenance and version control (RCS)
- Incident Reporting/Security Auditing
- Systems log analysis (wevtutil, sed|gawk|grep)
- Vulnerability Assessments (Nmap, OpenVAS, Nikto, Retina)
Privacy Policy
Resume Categories
- .NET Developers/Architects Resumes
- Java Developers/Architects Resumes
- Informatica Developers/Architects Resumes
- Business Analyst (BA) Resumes
- Quality Assurance (QA) Resumes
- Network and Systems Administrators Resumes
- Help Desk and Support specialists Resumes
- Oracle Developers Resumes
- SAP Resumes
- Web Developer Resumes
- Datawarehousing, ETL, Informatica Resumes
- Business Intelligence, Business Object Resumes
- MainFrame Resumes
- Network Admin Resumes
- Oracle Resumes
- ORACLE DBA Resumes
- Other Resumes
- Peoplesoft Resumes
- Project Manager Resumes
- Quality Assurance Resumes
- Recruiter Resumes
- SAS Resumes
- Sharepoint Resumes
- SQL Developers Resumes
- Technical Writers Resumes
- WebSphere Resumes
- Hot Resumes
