OVERVIEW:

Fourteen years of experience in network & security engineering and architecture with all aspects of data networking in the largest, most advanced & complex enterprise internetworks in the world. Skilled in risk analysis, risk management, threat and vulnerability management, privacy protection, IT Security Compliance, and overall information risk management.

SUMMARY:

• Highly skilled in F5 ASM web application security testing and tools
• Highly skilled in load balancing, application delivery, application security, routing & switching
• Highly skilled in F5, Cisco, Nexus, Nortel, Alteon, Juniper configuration & troubleshooting
• Highly skilled in Cisco CSM and F5 migrations
• Highly skilled in Cisco ASA, Pix, FWSM, Juniper SRX firewall configuration
• Familiar with Nessus, SNORT, security vulnerability assessments, penetration testing, Splunk
• Familiar with Citrix Netscaler, Cisco GSS, Cisco GSLB, Cisco ACE, Cisco CSS, Cisco IPS & IDS, Checkpoint
• Familiar with Rapid 7 Source Fire, Bluecoat, Encase Forensic Guidance Software
• Familiar with Cenzic Hailstorm, Whitehat Sentinel, Imperva SecureSphere
• Familiar with ISO 27002 code of practice for information security management
• Familiar with industry compliance requirements (PCI, HIPAA, FFIEC, GLBA, SOX, SAS70)

EXPERIENCE:

Application Security Engineer

Confidential

Responsibilities:

• Deploy F5 ASM security policies across the enterprise
• Generate reports to analyze security threats detected
• Provide security guidelines to web and systems administrators
• Update security signatures
• Enforce security policies and enforce wildcards
• Put security policies in block mode or transparent mode depending on application needs
• Train and educate staff members about the web application firewall
• Copy security policies between different application firewall environments
• Backup security policies
• Document security policy configuration and the reason it needed to be configured as such
• Monitor traffic patterns to see if any traffic violates the security policy
• Provide threat analysis to application teams as requested

F5 Application Delivery & Security Engineer

Confidential, Owings Mills, MD

Responsibilities:

• Configure ASM policies for web applications
• Coordinate meetings with application teams to explain ASM security policies
• Train application teams on F5 ASM features and functionality
• Update F5 ASM security signatures
• Collaborate with application developers to determine the best ways to protect their applications
• Re - configure security policies depending on vulnerabilities detected
• Provide recommendations to management regarding threat detection
• Enforce strict policy rules against new threat vectors in Web 2.0 technologies
• Secure all parameters from client-side manipulation
• Validate all log-on parameters and application flows to prevent forceful browsing
• Allow or disallow incoming connections based on countries, regions, or states based on geolocation information
• Generate capacity / utilization F5 reports
• Migrate applications from IBM Apache WAC proxy, on WebSphere and WebSeal to F5 LTM
• Migrate applications from Cisco CSS to F5 LTM
• Configure F5 LTM virtual servers, nodes, pool members, monitors, certificates for new or migrated applications
• Pre-configure the LTM with virtual servers & ARP disabled, minimizing time needed during cutovers
• Verify DNS and instruct DNS administration to make any resolution changes needed internally or externally
• Conduct cost/benefit analysis associated with changing virtual ip addresses for migrating applications
• Drive the F5 application migration project & handle any nontechnical, project management related items needed

F5 ASM Web Application Firewall Architect

Confidential, Plymouth, MN

Responsibilities:

• Handle technical configuration for F5 Application Security Manager (ASM) design and operational changes
• Wrote the F5ASM Run Support Technical Book on version 11 best practices and policy for internal use
• Train engineering staff how to configure the F5 ASM Web Application Firewall (WAF)
• Configure new positive and negative model security policies for the F5 ASM WAF
• Stage & tighten security policies for the F5 WAF
• Researched new information security exploits
• Developed solutions to secure critical network resources
• Set & reset staging - tightening periods
• Configure attack signatures
• Configure http classes in the LTM
• Participated in upgrade of F5 ASM modules from version 10 to version 11
• Complete all technical configuration involving all aspects of F5 ASM security policies in all stages
• Host & manage application security policy tuning sessions
• Configure the WAF to defend against the open source web application security project (OWASP) top ten
• Use RSA Envision Security Incident Event Management (SIEM) Arcsight servers to look at logs
• Instituted & completed the F5 ASM Pilot
• Operationalized the F5 ASM Pilot
• Make enforcement decisions, analyze and appropriately configure the following security policy elements:
• RFC Violations -
• Cookie not RFC-compliant
• Evasion technique detected
• HTTP protocol compliance failed
• Mandatory HTTP header is missing
• Access Violations -
• Access from disallowed geolocation
• Access from disallowed user
• Access from malicious ip address
• CSRF attack detected
• CSRF authentication expired
• Illegal entry point
• Illegal flow to URL
• Illegal HTTP status in response
• Illegal meta character in parameter name
• Illegal meta character in URL
• Illegal method
• Illegal session ID in URL
• Login URL bypassed
• Login URL expired
• Request length
• Request length exceeds defined buffer size
• Length Violations
• Illegal cookie length
• Illegal header length
• Illegal POST data length
• Illegal query string length
• Illegal request length
• Illegal URL length
• Input Violations
• Brute Force: Maximum login attempts are exceeded
• Disallowed file upload content detected
• Failed to convert character
• Illegal attachment in SOAP message
• Illegal dynamic parameter value
• Illegal query string or POST data
• JSON data does not comply with format settings
• Web scraping
• XML data does not comply with format settings
• Modified domain cookie(s)
• Data Guard: Information leakage detected
• Evasion Techniques
• Directory traversals
• IIS backslashes
• Bare byte decoding
• Apache whitespace
• HTTP Protocol Compliance
• POST request with Content-Length: 0
• Header name with no header value
• Body in GET or HEAD requests
• Bad multipart parameters parsing
• No Host header in HTTP/1.1 request
• CRLF characters before request start
• Content length should be a positive number
• Unparsable request content

F5 Engineer

Confidential, Columbia, SC

Responsibilities:

• Upgraded F5 LTM load balancers from version 10 to version 11 images
• Applied cumulative hotfix to version 11 images on F5 LTM load balancers
• Configured new load balancing instances, pool members, virtual servers on F5 LTM
• Configured monitors on F5 LTM
• Reconfigured F5 LTM virtual server session keepalive settings depending on server needs
• Installed and configured Access Policy Manager (APM) on F5 BIG IP load balancers
• Changed load balancing configuration to different service ports on F5 LTM load balancers
• Wrote irules on F5 LTM load balancers
• Wrote firewall rules & static NATS via CLI on ASA & Pix firewalls for new F5 external load balancing
• Synchronized configurations across active/standby F5 LTM load balancers
• Used F5 Enterprise Manager to manage F5 GTM and LTM load balancers
• Reconfigured load balancing on F5 LTM virtual servers for application driven updates
• Verified existing Cisco Nexus disaster recovery infrastructure configuration
• Created visio documentation for Cisco 7k, 5K, & 2K implementation

Network Architect

Confidential, Springdale, OH

Responsibilities:

• Reconfigured WAN EIGRP connectivity and links on Cisco router and switch physical interfaces connecting branch Confidential sites to hub Confidential sites, reducing the EIGRP broadcast domain to allow for faster routing decisions
• Redesigned EIGRP switched virtual interface (SVI) connections on EIGRP WAN routers and distribution switches to physical interfaces to reduce network latency
• Technically reviewed other engineers' Cisco network changes prior to their execution
• Mentored and trained junior engineers
• Updated static routes in Nokia IPSO 4.2 via command line (clish), and Cisco ASA 5520 firewalls using Cisco Security Manager
• Rerouted traffic on legacy routers to new links and devices for decommissioning of those legacy routers
• Attended biweekly change approval board (CAB) meetings
• Attended biweekly design review meetings
• Updated Visio diagrams

Network & Security Engineer

Confidential, Nashville, TN

Responsibilities:

• Make firewall changes in Juniper SRX 240 firewalls
• Make load balancing & application delivery changes in in F5 Big IP load balancers using Global Traffic Manager (GTM) and Local Traffic Manager (LTM) version 10
• Configured new load balancing pools with the F5 LTM
• Configured new load balancing profiles using the F5 LTM
• Configured load balancing modes, monitors, persistence (source address and cookie) on the F5 LTM
• Troubleshooted F5 LTM load balancing issues
• Migrated server farms from the Cisco CSM load balancer to the F5 Big IP load balancer
• Configure and install Cisco switches
• Configure Cisco Pix 535's, Cisco FWSM's, and Cisco ASA single & multi context firewalls using command line and PDM 3.0(4), ASDM 5.0 & ASDM 7.0
• Analyze syslogs to assist server admins in troubleshooting application flows, destination ports and correct prefixes
• Troubleshoot site to site VPN tunnel between the Tennessee Bureau of Investigation (TBI) & North Data Center
• Installed additional contexts on Cisco FWSM
• Streamline & modify existing, difficult to manage ACL s with PDM to make them easier to manage
• Lock down existing firewall access to increase security & delete unneeded ip any any rules
• Configure, modify & troubleshoot load balancing & server farms on Cisco content switch module load balancer (CSM)
• Renew existing & configure new Entrust certificates (L1B, L1C) on the Cisco Secure Sockets Layer Module (SSLM)
• Participated in the installation, configuration, and post installation daily operational tasks and configuration of the largest dual data center deployment of Cisco Nexus equipment in the country as of January 2010
• Configured Nexus 7010's from scratch including but not limited to:
• NX OS virtual port channels (VPC's)
• NX OS version 4.2 and version 5.0(3) vrf context management
• Nexus port profiles
• Nexus vdc's
• Nexus vpc peer links
• Configure, modify & troubleshoot legacy Nortel Alteon 8600XL blade switches, Baystack modular switches
• Configure, modify & troubleshoot Cisco core, distribution & access 6509 s & 7609's
• Synchronize identical firewall rulesets across redundant data centers

Telecom Design Engineer

Confidential, Herndon, VA

Responsibilities:

• Configured the 2nd Wimax Switch Center (WSC) for Confidential s new 4G mobile Wimax IP network in the first test location BAWA (Baltimore & Washington) connecting:
• Wimax Backhauls
• Wimax Aggregators
• Nokia ASN (Access Service Network) Gateway
• Motorola ASN Gateway consisting of Foundry Switch, Redback FA (Foreign Agent), CAP - C
• Starent ST-40 3G/4G Home Agent using side-arm DPI & GEO failover functionality
• Samsung ACR (Access Control Router) with combined ASN & FA components in 1 platform
• Confidential OSSN (Outside Sales Network)
• CDN (Content Distribution Network)
• Cisco 12416 SL Hybrid PE Routers
• Configured Spirent Test Center and conducted testing
• Configured BGP, OSPFv3, and ISIS on Cisco 7609's

Senior Network Engineer

Confidential, Champaign, IL

Responsibilities:

• Designed and built new Cisco datacenter physical and logical network infrastructure to host Sprint s new 4th generation wireless customers interactive web based online billing database (Ensemble) for the migration of 30 million customer accounts.
• Monitored & queried Unix file systems to check Pix firewall logs on Confidential Perimeter firewall modules.
• Used Cacti, Multi Router Traffic Grapher (MRTG), HP Openview, Ciscoworks & SolarWinds
• Configured Cisco content services module (CSM) load balancers, Cisco firewall switch modules, Cisco Pix 535 firewalls, Cisco 7206 VXR VPN routers, Cisco 6500 series blade switches, and a few Catalyst 5500 s
• Routing & network protocols configured and supported include BGP, OSPF, EIGRP, HSRP, PPTP, QOS, SSH, Telnet, 802.1Q, MPLS, ATM, frame relay, HDLC
• Supported a mission critical, production infrastructure in a fast paced environment where outages were measured in seconds
• Reviewed detailed engineering change scripts, executed change and validation procedures & provided feedback for improvements in engineering design meetings
• Attended change control meetings and represented the network team, explaining the impact and need to implement technical changes to the director on call and to obtain approval to implement these changes
• Worked shifts in the command and control center (CCC) as needed to maintain network monitoring coverage
• Designed Cisco router & switch configurations
• Created & maintained Visio network diagrams outlining interconnections and merged existing Visio diagrams to reflect changes
• Modified access control lists (ACL s) on Cisco firewalls
• Added, removed, and created streams & serverfarms on the Cisco content services module (CSM) load balancers