As a Network Security Engineer.I've achieve below industry certification. Cisco ccna, Cisco ccna security, Checkpoint CCSA, Palo Alto Ace
- Network Security Engineer at IBM
- Engineer at IBM
- Senior Network Engineer at HELLMANN WORLDWIDE LOGISTICS
- CFO at HELLMANN WORLDWIDE LOGISTICS
10 years at this Job
- Associate of Applied Science - Applied Science
- Bachelor of Science - Information Technology
Network Security Engineer with experience in Cisco technologies and expertise in the configuration of enterprise level next-generation firewalls including Palo Alto, Checkpoint and Fortinet. Capable of designing, deploying, maintaining and trouble-shooting several network security operating platform implementations.
- Network Security Engineer at Comet
- Help Desk at GSU Pullen Library
6 years at this Job
- BA - English Language & Literature
Changed positions within the company to Network Security Engineer.
Additional Skills include:
• Created security related policies and procedures
• Familiarity with Security Assessments
• Worked with cause and corrective action plans for remediation
• Some familiarity with HIPAA, SOX, PCI, NIST documentation and frameworks
• Mobile Iron MDM - Installation, Implementation, Configuration of Servers, Policies, Configuration payloads, User and Device Groups, and final Deployment to devices (Windows, Android, iOS, and Mac OS)
• McAfee Application Protection - Installation, Configuration, Deployment, and creating policies for Application Whitelists
• McAfee DLP - installation, Implementation, Configuration, Deployment, and creating policies for the Mac OS and Windows OS
• McAfee IPS - Implementation, Configuration, Deployment, Updating, monitoring, alert analysis, and packet analysis
• Nessus Vulnerability Scanner - Installation, Implementation, Configuration of the server, along with Scanning, and maintaining systems
• McAfee Vulnerability Manager - Configuring scans, reports, etc.
• Administering McAfee ePO (ePolicy Orchestrator)- Includes the following: - Updating systems with Automatic Tasks - Configuring policies, exclusions, exceptions - Agent/Software Deployment - Agent handlers - Managing Repositories - Queries, reports, and dashboards - Troubleshooting - Updating software
- Network Security Engineer at Volt - Formerly VMC Consulting
- Network Administrator at VMC Consulting
- Technical Lead, System Administrator at VMC Consulting - Moved position within company in 2013
- IS Coordinator/Purchasing Agent at Mesilla Valley Hospital
4 years at this Job
- Degree not completed - Communications and Technology (ICT)
- - Business
Copper River IT: July 2015 to Present, Senior Network Security Engineer
• Complete a global network infrastructure upgrade of a major DOD agency utilizing the following elements; new implementation of NAC (Network Access Control) with layer-2 and layer-3 enforcement
• Cisco to Juniper firewall and switch migration, new WAN acceleration implementation, new SSL VPN implementation, new SAN implementation, new Virtualized Server Environment implementation, Physical to Virtual migration, Disaster Recovery design, implementation, planning, and testing
• Complete core routing infrastructure upgrade for a major backbone network supporting a multitude of federal agencies; technologies including MPLS, VRF, OSPF, IPv6, BGP, etc.
• Lead team in coordinating and deploying all new device installations, management handovers, and base line device qualifications.
• Replaced, configured, provide SME solutions to existing Net Screens with SRX firewalls on client’s network
• Subject matter expert for federal government customer’s network layout
• Integrated Fore Scout appliance in Federal customer enterprise network
• Support Juniper customers as the highest escalation point
• Implemented Palo Alto firewall for Private sector customer
• Configured content management, content-id, user-id, nat and VPNs in support of Palo Alto customer
- Network Security Engineer at Copper River IT
- Sr. Network Engineer at Lockheed Martin
- Technical Lead Engineer - DTRA at Lockheed Martin
- Senior Staff Network Engineer at Lockheed Martin
3 years, 4 months at this Job
- Bachelor of Science - Information Technology
- Associates - Applied Electronics
In my current role, I work as the Network Security Engineer for DriveShack. I am responsible for the Network and System Technologies at each DriveShack location and I work as the primary network resource to support the operation teams at each facility. I am responsible for implementation, configuration, design, and management of Cisco Catalyst 3850 and 9k switches, Firepower2110 Firewall Appliances, FMC, ISE, Umbrella, Meraki Wireless System, Vision Director, Windows Server 2008 R2, 2012 R2, and 2016, and VMWare ESXi and vCenter. I deployed PRTG as the Network Monitoring solution and syslog server for all locations. I work with AWS deploying EC2 instances for DriveShack cloud computing and S3 cloud storage solutions. I have also migrated DriveShack Public DNS over to AWS Route53. I also manage Microsoft Active Directory, DNS, and DHCP services for each DriveShack facility.
- Network Security Engineer at Drive Shack
- Network Engineer V at Insight Global - ATOS/Walt Disney World
- Network Engineer at Motorola Solutions
- Network Engineer at Blue Cross Blue Shield of South Carolina
6 months at this Job
- Associates Degree of Applied Science in Computer Networking Systems - Applied Science
Network Design and implementation for various customers and verticals. Network Security analysis, design and remediation for various customers and verticals. Data Center, Security, Wan and Internet Edge. Support and design for various items such as IWAN, dmvpn, vrf-lite, Nexus/VPC, VSS etc.
- Senior Network Security Engineer at Redhawk Network Security
- Senior Network Engineer Consultant at Cerium Networks
- Professional Services Consultant at Mountain States Networking/Converge One
- Network Engineer Consultant - Nike at Nike/Xerox
1 year, 9 months at this Job
• Deployed OCONUS supporting USSOCOM as Network Security Engineer working with Audio Visual Systems to include Digital Video Broadcast Return Channel Satellite (DVB-RCS), CISCO Switches, Routers and computer network end devices, Cinemassive Displays and providing electronic equipment and systems maintenance.
• Deployed overseas supporting USSOCOM forces repairing communications, multiplexers, routers, telephones, antenna systems, computer networks and Network Administration for computer networks and troubleshooting IP problems with Wireshark in forward deployed Area of Responsibility. Projects duties including integrating telecommunication and IP networking support planning, development, programming, networking, and implementation of concepts.
- Telecommunications Network Security Engineer at SalientCRGT
- Field Service Representative (FSR) at BAE Systems
- Senior Electronics Technician at BOSH Global Service
- Electronics Technician/System Analyst at BAE Systems
4 years, 4 months at this Job
- MS - Cyber Security
- BS - Information Technology
- AAS - Electronics Technical Studies
The Network Security Engineer is responsible for planning, engineering and support of the IT network, including LAN/WAN and security hardware. · Designs, implements, and upgrades IT telecommunications networks. · Maintains policies, procedures and standards for IT infrastructure network deployments. · Maintains a data repository, knowledge base and documentation of designs, information and processes related to IT network and security systems and devices that support the business. · Responds to issues in a timely manner, communicates necessary information to relevant support teams and impacted staff, and documents resolution. · Acts in a support, including after hours on-call rotation, to ensure platform is operational. · Provides education, mentoring and documented procedures to support teams. · Oversees day-to-day operation of the platform. · Consistent exercise of independent judgment and discretion in matters of significance. Regular, consistent and punctual attendance. Must be able to work nights and weekends, variable schedule(s) as necessary
- Network Security Engineer at Rise Broadband
- System Administrator at Netsic Systems
- VoIP Technician at Comcast Business
- Desktop Support Specialist at MBS Direct
5 months at this Job
Mather, CA Apr 2015 - Present
Sutter Health is one of California's most comprehensive healthcare systems. Headquartered in Sacramento, Sutter Health leads the transformation of healthcare to achieve the highest levels of quality, access and affordability.
Network Security Engineer
• Projects involve bringing new sites to Sutter Health WAN with the siteto site VPN solution, deploying different vendor firewalls like Check Point, Cisco ASA, PaloAlto Firewalls & Bluecoat proxy based on Sutter Health standards.
• Incident management with a user base of over 6000 users and vendor management with over 40+ vendors, while performing root cause analysis of problems and incidents requested by the users and vendors.
• Work on strict SLAs while handling incidents related to communications involving Routing and Switching, Firewalls, Vulnerabilities, Site to Site VPN, Remote Access VPN, Proxy Servers, IDS and IPS.
• Migration of the infrastructure to the new data center in a remote location, maintaining zero-downtime.
• Support Tenable Security Center/ Nessus Scanner as an auditing tool for known hosts on a network or for a "catch-all" for when we are doing black box testing.
• Network sweeps, Network/host auditing (NIST, DoD, etc), Vulnerability Scans.
• Governance, monitoring, compliance and vendor risk assessment.
• Work with audit teams to scope assessments and update system security plans of applicable responsibilities under SOC.
• Develop Information Security Policy and Standards and assist with various aspects of cybersecurity covering
• Support the Endpoint Management Program by maintaining endpoint compliance within the corporate environment for off-site and on-site compliance.
• Administer Palo Alto firewalls PA250, PA4050, PA3020 using Panorama servers.
• Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), sniffers and malware analysis tools.
• Attend regular CAB calls, as part of the ITIL process to represent the emergency changes to be performed each day and standard changes for the following week.
• Perform regular hardening and maintain audit readiness and infrastructure compliant with security standards.
• Firewall cleanup analysis and implementation using Tufin Policy Orchestration and Secure Track tool.
• Detailed log analysis of user activity logs and infrastructure health logs using Splunk, Hewlett Packard Enterprise (HPE) - ArcSight Data Platform and ArcSight Enterprise Security Management Accomplishments:
• Performed the major data center migration from NY to VA & TX remote locations.
• Designed and implemented the Sutter Health's core network and WAN circuitry with a collapsed core design using: Ethernet MPLS links, 6500, 4500, 4500x, BGP, OSPF.
• Designed the new security infrastructures in VA and TX locations while expanding the current infra.
• Continuous analysis of Network and Security needs and contributing to the designintegration and installation of hardware and software.
• IP addresses allocation for all the networking devices including switches, routers, firewalls and F5load balancers through DNS entry using Infoblox.
• ConfigureF5 Big IPs with VIPs, Pool, iRules and SSL certificates to ensure traffic is load balanced.
• Migration from Cisco ASA to Palo Alto firewalls platforms PA 4000 and PA 500 and PA 200 firewalls.
• Migrated various L2L customer VPNs from Cisco ASA to Checkpoint firewalls.
• Monitored and provided reports of system Internal Risk Control Self Assessments (RCSA) in compliance with policies and standards.
• Full-connectivity upgrade of Check Point clusters from R75.40VS to R77.30 with zero downtime.
• Performed direct and intermediate upgrades of Cisco ASA firewalls from versions like v8-v9/ v7-v8-v9.
• Worked on AnyConnect VPN firewalls while altering the trusted domain configurations as the new domains were adding up to the corporate network.
• Analyzed traffic pattern and implemented URL filtering on Palo Alto Firewalls.
• Configured the Bluecoat Proxy SG 900 and SG 600 for Internet Content filtering and Web URL categorization with whitelisting/ blacklisting of URL's, updating the PAC file to monitor web traffic.
• Configured Cisco ACS and TACACS+ with Active Directory integration for the authentication of Cisco and Check Point firewalls.
• Configured AD authentication on Bluecoat proxy appliances using LDAP.
• Configured log exporters on firewalls and bluecoat proxies while integrating them with Splunk to perform detailed log analysis.
• Site-to-Site VPN tunnels with multiple 3rd party vendors to provide Network connectivity and services.
• Performed risk analysis by analyzing threat logs & providing immediate action to suppress the threat.
• Hardening on all firewalls and other security appliances to be audit ready and meet Sutter Health's Security Compliance standards.
• Enforcing the Network Security Policy (Built using Tufin APG) and complying with the requirements of internal & external audits and recommendations.
• Use of ITSM based tool Remedy to investigate day-to-day problems, tickets, change requests and change tasks related to production changes on the firewall.
• Representing the team in CAB meetings on a daily to the weekly basis for the Standard Firewall changes approval which needed to be deployed.
- Network Security Engineer at Sutter Health
- Network Security Consultant at Alaska Airlines
- Network Engineer at AMDOCS
- Network Executive at Yash Technologies
3 years, 9 months at this Job
• Working as Network Security Engineer CISCO Wireless and Check Point Firewall.
• Configuring policies, Firewall Rules , Web filtering using checkpoint smart dashboard and Initial configuration of Palo Alto Firewall.
• Configured and performed software upgrades on Cisco Wireless LAN Controllers 5508 for Wireless Network Access Control integration with Cisco ISE.
• Troubleshooting, Analyzing network connectivity and Application and URL filtering using Smart track viewer and Smart track monitor
• Design and Implementation of 802.1x Wired/Wireless User Authentication using Cisco ISE Radius Server.
• Designed & Deployed Cisco ISE 1.2/1.3 for Enterprise RADIUS Authentication with Active Directory, RSA SecurID, Proxy Radius Services to Cisco ACS, RADIUS and TACACS.
• Configuration & Maintenance of Cisco ISE for Certificate based authentication for BYOD, Guest authentication and Corporate Mobile Device Authentication using Xenmobile MDM
• Design and Implementation of 802.1x Wired/Wireless User Authentication using Cisco ISE Radius Server.
• Designed & Deployed Cisco ISE 1.2/1.3 for Enterprise RADIUS Authentication with Active Directory, RSA SecurID, Proxy Radius Services to Cisco ACS, Juniper Steel Belted Radius and Radiator Radius.
• Configuration &Maintenance of Cisco ISE for Certificate based authentication for BYOD and Corporate Mobile Device Authentication using Xenmobile MDM
• Worked on NX-OS series 2000,3000,4000,5000,6000,7000 switches by configuring and upgrading in data centers
• Worked on upgrading Cisco ISE 3300 Appliances and 1.0.4 Cisco ISE software on VMware's.
• Performed IOS Software upgrades on switches 6500, 3750 and 4500s and Cisco ASR for compatibility with Cisco ISE 1.0.3/1.0.4 setup.
• Configured 6500, 3750 and 4500 for Network Access Solution integration with Cisco Identity Service Engine on ESX 5.0 VMware and physically with Cisco ISE appliances.
• Planning, designing and Configuration of various Policy Configurations, Profile Authorizations, End device Profiling, User Identities, Cisco ISE and AD mapping with various attributes and levels of authorizations and Network Access.
• Planning, designing and configuration of various Cisco ISE strategies (Standalone, Distributed Setups).
• Worked Extensively on Access Control Policies consisting of VLAN switching through SNMP, Applying downloadable ACLs through Cisco ISE, and Configuring Standard and Extended ACLs locally and on the upstream switch's for Cisco ACS
• Worked extensively on device profiling, authentication and authorization mechanisms using AAA, RADIUS, 802.1X, Policy buildups for Posture Compliance Policies and Rules for Checking the devices coming ontoNetwork, Remediation Process, Access and Controls, and Segmenting the Global Networks for NAC Solutions for both Cisco and Forescout NAC Appliances.
• Worked extensively on designing PKI Infrastructure for EAP-TLS Protocol using certificate based authentication.
• Extensively worked on Microsoft Certificate Authority Server for ROOT/Intermediate Issuance of certificates, securing the certificate exportability.
- Network Security Engineer at Cargill
- WAN Engineer at VMware
- NAC Administrator at Catalant
- Computer Systems & Network Administrator at Amdocs
1 year at this Job