We provide IT Staff Augmentation Services!

Security Engineer Resume Profile

4.00/5 (Submit Your Rating)

SUMMARY

Highly talented engineer over 10 years experience across multiple areas of IT, including project management, team leadership and significant technical expertise in design and implementation of IT solutions. Consistently demonstrated the ability to rapidly analyze, understand complex problems and provide smart solutions to emergent requirements. Proven skills to effectively manage a 10 person technical team oversee day to day operations. Established track record of end-to-end project management and exceeding customer expectations from determining initial requirements and budget constraints to delivering tailored solutions on schedule and providing follow up life-cycle maintenance.

  • Skills: Project Management, Team Leadership, Strategic Analysis, Process Improvement, Performance Analysis
  • Operating Systems: Windows, Linux, Unix, Red Hat, Solaris, FreeBSD
  • Servers: ISC BIND DNS, ISC DHCP, Radius, Apache HTTP
  • Programming: Perl, C/C , Java, SQL, Shell
  • Routing Protocols: BGP, OSPF, EIGRP, RIP
  • LAN Technology: STP, HSRP, 802.X, TCP/IP, IPv6, VoIP
  • Network Hardware: Cisco 6500, 4500, 7600 switches, routers, FWSM, ASA, wireless controllers, load balancers, Juniper EX, Juniper SRX, Avaya S8700 Media Servers, Avaya G650/G350 Media Gateways
  • Network Security: TippingPoint IPS, Cisco Firewalls, VPN, BlueCoat PacketShapers, Snort
  • Network Tools: CA Spectrum, CA E-Health, OpenNMS, Solarwinds, Wireshark, NetFlow, SNMP

PROFESSIONAL EXPERIENCE

Confidential

Senior Network Security Engineer

  • Working for USDA/OCIO/ITS/IOD/NOB supporting the Foreign Agricultural Service
  • Coordinate cross-functional teams in the DC region to provide primary network and security design services for global intranet. Perform Telecommunications troubleshooting and analysis, maintenance, and configuration of Cisco switches, and service modules in a LAN and WAN environment. Plan of Action and Milestone POAM remediation and reporting vulnerability remediation and audit responses. Ensure the rigorous application of information security/information assurance policies, principles, and practices in the delivery of telecommunications services. Develop and maintain a comprehensive Contingency Plan and Disaster Recovery Plan for the Telecommunications environment.

Highlighted projects:

Migrated client from legacy Cisco network to Juniper high speed core

Worked with customer to define requirements for security and availability of new network. Coordinated with team to develop configurations for Juniper EX and SRX series core switches and Cisco 2960s series access switches. Deployed networking hardware according to project plan and provide coordination of end user transition. Provided routine status updates to management and reported on potential risks during project lifecycle.

Redesign continuing operations networking environment

Held discussions with application and user support teams to identify deficiencies with the disaster recovery hot site. Optimized traffic routing by coordinating the installation of additional point to point links, security and routing policy updates between the FAS and their externally hosted data center services network. Configured updates to existing Cisco routers, switches and firewalls to deliver requested enhancements.

Develop secure VPN access to remote data center

Organized resources between the application, network and hosting providers to engineer connectivity to new remote server farms. Designed Juniper policy based IPSEC VPN to selectively control egress and ingress to the remote site. Coordinated deployment between internal, service provider, and remote datacenter teams to meet timelines set by government client.

Confidential

Network Engineer, OIT-NTS-Design and Development

Managed the University of Maryland backbone IT infrastructure, including maintaining and delivering new capabilities in network security, software integration and systems administration. Worked directly with various customers to define requirements, schedule and budget. Conducted systems engineering, detailed design, integration, test and delivery of new systems. Provided 24x7 on call support for mission critical applications.

Highlighted projects:

  • Implemented network security framework for the UMCP Department of Transportation Services
  • Worked directly with customer to design and implement a robust network security framework that met and exceed availability and integrity requirements for mission critical business application servers. Deployed an enterprise level Cisco Firewall to provide transport layer network security and a Cisco VPN to allow administrators remote encrypted access to sensitive resources. Developed a process strategy of least privilege to protect IT investments. Trained incumbent systems administrators in firewall design, vulnerability scanning with Snort and updating user access controls policies in Active Directory.
  • Served as network security expert on State of Maryland audit compliance team
  • Reviewed UMCP security systems with external IT auditors during three year State of MD policy FIMSA and NIST based audit and compliance cycle. Coordinated internal response among system administrators to remedy audit findings quickly while minimizing impact to daily operations. Solutions included updating system patches, disabling unnecessary services, tightening user access controls, expanding monitoring/auditing capabilities or writing technical briefs justifying acceptable risk or false positive findings. Evaluated progress of compliance tasks and provide regular activity reports to management.
  • Developed of secure video network for UMCP Department of Public Safety
  • Worked closely with the Public Safety department to define requirements, design and deliver a separate public safety network to run parallel to UMCP's consumer network. Designed an eloquent solution, leveraging existing networks, while meeting the customer's security requirements by developing a peering point to bridge between the two networks to supply secure video services to locations they were unable to reach independently.

Other projects:

  • Provided network security expertise as member of Change Management advisory board. Review proposed IT system changes for State of MD audit compliance, soundness of implementation plan and impact on critical services.
  • Served as a key player in UMCP's Disaster Recovery Planning committee. Conducted risk assessment analysis activities according to NIST SP 800-30. Maintained, reviewed and updated documentation on network service recovery strategies for a remote warm site.
  • Consulted with UMD departments deploying new IT services and provide system security recommendations governed by NIST SP 800-41 for network and user access controls.
  • Designed and deployed redundant Cisco remote access VPN services to enhance availability and integrity of critical UMCP resources.
  • Managed, monitored and upgraded University wide network security system consisting of 17 TippingPoint IPS intrusion prevention system probes, 11 Cisco Firewalls and 3 Blue Coat Packet Shapers.
  • Coordinated with Windows and Unix server teams to assess/monitor system security using Snort, TippingPoint IPS probes, tcpdump and NetFlow.
  • Mitigated threats to system security of Windows and Unix application servers through patches, removing unneeded services, auditing user accounts, and reviewing network security policies with guidance from NIST SP 800-123 and 800-44.
  • Lead system integration engineer for adapting the Compco's Mysoft IT Management software with existing processes utilized by the Order and Process Management office to maintain 700,000/month catalog of billed services to the Campus community.
  • Implemented the ITIL Configuration Management process by organizing systems information into an MSSQL database for integration with Numara Footprints.
  • Managed and monitored the health of Radius, TACACS, DNS, DHCP, MRTG, NetFlow, Syslog, SQL, and Rancid servers.
  • Configured and maintained CA Spectrum and CA E-Health Network Management tools.
  • Designed Firewall security services for UMCP IBBR department
  • Created a new VLAN secured with router ACLs for a high performance computing research cluster.
  • Troubleshoot OSPF and BGP routing stability issues and core network performance of 6500 series switches and maintained exterior BGP security under NIST SP 800-54 standards.

Confidential

IT Coordinator, OIT-NTS-Network Implementation and Management

Governed the daily processes of the Network Operation Center. Supervised a staff of 10 technicians to monitor and maintain the health of the 40,000 node campus wide Ethernet LAN architecture, resolve tier II customer incidents and coordinate network services maintenance.

Highlighted projects:

  • Defined and implemented VoIP E911 management processes
  • Worked with the UMCP Department of Public Safety to determine requirements for an E911 system, a critical public safety application that provides location information for 911 calls made from an IP based telephone network. Implemented network auditing tools and procedures that allow non-technical customer service agents to aggregate VoIP changes received from field technicians into MSSQL based location database. Processes implemented exceeded original timeline requirements for processing location updates and allowed field technicians to maintain efficiency in deploying new telecommunication services.
  • Developed tools to audit UMCP Physics Departmental network usage
  • Worked with customer to identify and evaluate concerns over growing IT related expenses. Identified capability issues centered around lack of ability to audit IT invoices and verify line items on an individual basis. Designed and implemented software tools to allow administrators to monitor network utilization by IP address and physical location. Product allowed efficient auditing of network services and allowed the Department to disconnect unneeded equipment yielding a 25 monthly reduction in network operating budget.

Other responsibilities:

  • Updated technician workflow to align with ITIL Incident Management by coordinating the deployment of Numara Footprints.
  • Utilized OpenNMS to monitor network infrastructure of approximately five thousand cisco switches, routers, wireless access points, firewalls and apc ups devices.
  • Trained team members to utilize additional networking tools such as Wireshark and Iperf to provide superior customer support and reduce the number of incidents that needed escalation to tier III.
  • Consulted with other UMD departments to provide recommendations on local LAN design, networking equipment and security best practices.

Confidential

Network Technician, OIT-NTS-Network Implementation and Management

  • Resolved networking related trouble tickets for a 40,000 node LAN network across the University of Maryland campus. Reliable team member with important contributions to internal capability development, communications and customer support.
  • Configure, install, manage and troubleshoot Cisco switches and wireless access points.
  • Setup vlans, vtp, trunking, etherchannel and stp between switches.
  • Provide traffic monitoring and optimization using network protocol analysis software.
  • Resolve DNS and DHCP client and server side issues.
  • Respond to work order system to terminate new client connections, both copper and fiber optical based Ethernet.
  • Identify and repair cable plant issues using Fluke network tools.

Confidential

Network Analyst

Managed a small office wireless LAN. Provided desktop support functions for a group of ten offices. Submitted proposals for future network capacity upgrades and provided additional computer support as needed.

We'd love your feedback!