PROFESSIONAL SUMMARY

Self Managed, and Self Driven, Knowledge-Seeking Network Security Engineer and Checkpoint Wizard with extensive application, troubleshooting, scripting, systems administration, network and application security expertise. Excellent technical trainer with the ability to quickly absorb complicated information and explain it to others in a simple way. History of demonstrated ability in engineering, supporting, troubleshooting and presenting enterprise security solutions.

SKILLS SUMMARY

WORK HISTORY

Confidential

. Network Security Engineer

• 50-100 changes daily on various firewalls and proxies and scripts over entire Citi Group infrastructure
• Palo Alto Rule changes PA-2000/PA-4000 , templates, object creation, planning, configuration changes, OS upgrades, CLI troubleshooting, audits all single managed, no Panorama
• Cisco ASA, PIX phase out to Palo Alto, Check Point and Juniper replacements.
• Juniper NSM and Juniper CLI for SSG and SRX, Juniper SSL-VPN, OS upgrades, CLI changes, scripting, troubleshooting, configurations, rule re-ordering and optimizations
• Checkpoint R65, R71 and R75 Provider-1 on Multiple CMAs updates, configurations, OS upgrades and CLI troubleshooting, rule re-ordering and optimizations
• Bluecoat Proxy single managed deployments hand writing various change scripts and verifying peer scripts, CLI troubleshooting did not use Bluecoat Director
• Extensive Linux Bash and Perl Tk/Tcl Regular CLI on windows/linux/solaris Scripting for task automation
• Technical documentation and Visio diagrams for all of the above technologies for peer training and review
• Daily change management tools using Archer, Service Now and internal tools
• 75 remote work 85 changes, 15 troubleshooting/archictecture/SME discussion

Confidential

Sr. Network Security Engineer

• Palo Alto, ASA and Pix Rule implementation, migration and cleanup to Check Point Provider-1
• VPN troubleshooting, configuration, and deployment for remote offices
• Daily PCI Compliance Consultant for firewall change approval process and Security Policy creation
• SME for Provider-1 and Check Point Installations for 300 Enterprise and Satellite office firewalls
• Troubleshooting by packet flow and packet capture diagnostics to reverse engineer web applications
• Provide documentation of how various applications worked after reverse engineering
• Wrote custom Orion Script polling software in Perl to provide consolidated reports
• Wrote several task automation scripts in Expect, Perl, Batch and Bash
• Wrote several debugging and trace tools to assist network/security teams
• Updated and created visio diagrams on network flow to assist team with troubleshooting
• Wrote troubleshooting guide for jr engineers including explanations of CLI functions, diagrams, flowcharts
• SME, Plan, Upgrade, Install and Troubleshoot on a variety of equipment:
• Setup and implementation for backup plan for PCI compliance
• Check Point, Provider-1, Ubuntu, RHEL, Sofaware, Encryption, SNMP, Nessus Vulnerability exceptions, Juniper NSM, Log Rotations, Data backup and recovery plans
• Bluecoat Director installation, configuration, deployment
• Video training and lab demonstrations for Network and Security teams
• Troubleshooting tickets and Business as Usual operations
• 95 Remote work and self directed projects. 15 Change Implementation, 85 Architecture/Research.

SecureWorks/Accuvant, Tufin Consultant

• TCSE functions: setup and install tufin cluster in virtual environment. Train Dell's client on usage and reporting of Tufin and Check Point. Check Point Optimization Consulting.
• Provided video training of all complicated functions
• Setup scripting of various aspects of Tufin management
• 100 self directed project as primary consultant - resulted in Dell acquiring additional contracts from client

Confidential

Sr. Network Security Engineer

• PCI Compliance updates on Apollo Group Network, Consultant and Implementer
• Check Point SME for over inter-connectivity 150 firewalls Check Point, Juniper, ASA, PIX
• Updates at OS level, firmware and application level on Check Point, Juniper, Cisco, Sourcefire Devices
• Review of various packet capture to assist with troubleshooting and reverse engineering legacy web applications
• Assist in development of various Security Policies
• Assist CCSIE team with Cisco/Check Point Interoperability
• BAU Juniper, SSL VPN, TACACS, Juniper, Bluecoat, F5, DNS and network troubleshooting
• Plan, Upgrade, Install, Check Point / Sofaware and edge UTM deployment
• Firewall rulebase changes, business as usual tickets and troubleshooting
• Merge/swap existing Juniper SSG and Cisco PIX firewalls to Checkpoint firewall and Provider-1 management
• Physical data center move in London of 100 VPN tunnels each requiring physical hands on
• Sourcefire Management and Updates
• 25 Remote work and self directed projects

Network Security Analyst

• NERC CIP based on ISO 270002 Regulations training and implementation consultant
• Firewall Cluster Consulting and Check Point SME
• Check Point R65/R70 ClusterXL Firewall Admin, Upgrade and maintain Management HAProvides security incident response and forensic analysis of security events
• Periodic network pen testing using nmap and custom Perl scripts
• Vulnerability management for Check Point, Windows, and Cisco Servers and Equipment
• Cisco Configuration of Switches and Routers ME3400, 3750, 4507, IE3000
• Implement Sourcefire Monitoring and testing of Enterprise WAN
• Lead Q1 Labs Logging and Accountability objectives
• Network Monitoring using Q1 Labs, Sourcefire, IPSwitch/Whatsup, SYSLOG tools, and SNMP monitoring
• Jungle Mux/Demux, and Fiber Equipment Troubleshooting for Enterprise WAN
• Repair Various RF Comm Equipment such Zetron Paging Systems and HAM
• HSRP and EIGRP troubleshooting and monitoring
• Develop ESXi Lab to clone production environment and train/present to others
• Responsible for developing upgrade plan of various end of life HP servers
• Create standard security procedures for Communication Engineering Network
• Create and Lead Draft baseline security and performance procedures
• Assist with engineering, planning and maintenance of Enterprise WAN
• Engineer Sections of the WAN for substation connectivity and NERC CIP compliance

Confidential

• Primary Security Consultant for Corrugated Services, Inc.
• On Call for various networking, Microsoft, Linux, firewall, security and web development related issues
• SSL, SSH Keys, HTTP Basic Authentication and PGP email setups/troubleshooting
• Penetration Testing and Security Recommendations for 300 nodes wireless and wired network.
• Troubleshoot and Setup MS Exchange 2007, Active Directory, Outlook, Microsoft VPN
• SQL /MySQL and IIS/Apache Website development on Debian and Windows Servers
• Perl, JavaScript, VBScript, Ajax, XHTML, XML troubleshooting and development
• Cisco VOIP, VPN Client, PIX firewall, switch and router configuration and troubleshooting
• Cisco Polycom VoIP and Video conferencing setup, security and installation
• Data warehouse setup, troubleshooting and sales for multiple customers
• Level 3 technical support for all small business up to 5000 employees hardware
• SNMP monitoring via Solarwinds Orion products.
• VMWARE Workstation/ESX bench testing.
• Investigate customer needs and present proposals, follow up with sales
• Prepare presentations and reports for various clients on a regular basis
• Troubleshoot and implement hosted and on site exchange servers
• Windows and Linux based Server Administration, Setup and Deployment
• Networking and Business Computer Support Remote and on Site
• Systems Installation of rack mounted servers and Small Business data center Engineering

Confidential

• IPS/IDS FreeBSD/CentOS product support team lead, including JBOSS Debugging and Troubleshooting
• Managing customer accounts as a Subject Matter Expert for Check Point Security Products
• SmartDefense Check Point firewall A/V and kernel level debugging.
• Provide level 2 technical support for Check Point firewall and networking issues.
• Level 2 VPN, Cluster, and Provider-1 Support Engineer for Check Point related products
• Level 3 Team lead for IPS-1, lead trainer for 10 peers on IPS-1
• Pre Shared Secret IKE Troubleshooting on SmartCenter Servers other Check Point Products
• Troubleshoot CA for digital certificate verification of SmartCenter Servers
• Smartcard and RSA troubleshooting for DoD Clients using Pointsec/Integrity
• Provide training and resources on a constant basis to new hires and peers.
• Windows Server 2003/2008 debugging, troubleshooting and setup
• RHEL Kernel debugging, and Check Point's variant SPLAT, embedded RHEL
• Routing and troubleshooting, involving BGP, OSPF, RIP, Cisco routers, VLANs.
• Wrote/compiled over 705 technical articles for the TAC.
• Extensive VMware Workstation and ESX simulations and setup to replicate customer issues.
• Wrote Access/Perl/MySQL db application For Pointsec team to search historical cases.
• Wrote flashcards for several Check Point certifications 850 questions total .

Confidential

• Debian Hosting Security management for 205 websites CMS and eCommerce Solutions
• SSL Self Signed/Purchased certificates for eCommerce Servers and Secure CGI Scripts
• SSH, SFTP and HTTP Auth digest/basic Setup and Script management for Apache
• HTTP debugging for client applications, packet level and header inspection
• RHEL cpanel and plesk support and Debian CLI server farm maintenance
• Security Scans on Apache2/Debian Systems at Rackspace Hosting Servers
• Wordpress, Joomla, Xcart, Drupal - Setup and Optimization, Managed Hosting
• Linux Server 2000/2003/2008 troubleshooting, support, installs, setup for small businesses
• Virtualization projects and cloud hosting for many clients
• Lead software development/data entry team for a custom CMS
• Linux/Perl/PHP/MySQL Database Programming focused on Content Management Systems.
• Cold calling and walk-in business sales, with face-to-face consulting.
• Home and business networking, spyware removal, security, VPN setup, Networking and Server Repairs
• Designed Announcer software in Perl that tracks and assists 80 Radio DJ's.
• Automated text message alerts and emails for various time sensitive projects using Perl/MySQL
• Programming Retainer Contracts with Various Local Businesses in Phoenix Area and overseas
• Security Consultant Retainer for international clients Bolivia, Canada, Nigeria, Various US states
• Programming and Consulting for True Web Presence
• Programming and Consulting for 4x Consulting
• Programming and Security Consulting for Poynter Scifres, LLC in Dallas, TX
• Programming and Security Consulting for Boka Powell, Inc in Dallas, TX
• Programming and Security Consulting for Zerorez Dallas, TX
• Various jobs from Elance, guru, rent-a-coder and forums for web dev and linux hosting setup/configurations
• Wordpress Installations and custom plugin coding in PHP, Perl, MySQL and JavaScript
• Web development and hosting for MAPTAB, LLC in Mesa, AZ
• Manage and train 2 employees for security, search engine optimization and web development

Confidential

• Computer security officer responsible for 800 User Windows NT network.
• Lead Technician/Trainer for groups of up to 20 soldiers on SATCOM methods/theory
• Responsible for 4 technicians to troubleshoot fixed station SATCOM facility 24/7
• Crypto Key Management, Disposal and Implementation for Voice and Data Communications
• Circuit level maintenance and adjustments for RF and Fiber Equipment.
• Troubleshooting DS1/DS3, multiplexers, voice and data channels, HV RF amps,
• CSU/DSU, modems, generators, battery backups
• Passed Top Secret background check, held active Secret clearance for 16 years
• Responsible for 80 of the outbound SATCOM traffic for USARMY in Korea.

Confidential

E-5 Sergeant in 3 years, Leadership and Development course, Combat Medic, Master Fitness Trainer, 31S20P SATCOM Operator/Maintainer , electronics repair, RF theory, cryptology 1140 hours of training, 4 years field experience , Top Secret Clearance expired now , Hawkeye and various weapons awards, Parachutist badge, Leadership and Military Electronics related courses 640 hours of additional self-paced courses , various tour, merit and service awards. Honorable discharge and service.