SUMMARY

• Technically inclined, methodical, and results - oriented professional with broad-based experience in all aspects of network and information security.
• Adept at administering and troubleshooting network systems and servers, as well as executing network security and system upgrades.
• Well-versed in analyzing technical and client requirements; identifying and resolving complex technical issues; delivering first-rate client services; and coordinating team efforts to attain organizational goals.
• Effective at building positive rapport and working collaboratively with key stakeholders, clients, management, and other professionals of all levels.
• Articulate communicator; bilingual in English and French.

PROFESSIONAL EXPERIENCE

Confidential

Lead Information Security Specialist

Responsibilities:

• Take charge of developing and executing policies for web, email gateway, and data loss prevention (DLP), and evaluating reports from Crowdstrike, Forcepoint, and Mimecast.
• Hold accountability for all log reviews/reporting, network security troubleshooting, and incident responses from Crowdstrike, Forcepoint, SecureWorks, Vipre, and Mimecast.
• Conduct analysis of all Active Directory audit reports; Secureworks threat intelligence information; and external daily threat reports from reputable outside sources such as SANS, CERT, RSA and FSISAC and others.
• Apply all changes on endpoint protection including asset value (AV) reports and remediation; vulnerability management using Digital Defense’s Frontline; and audit finding reports remediation along with other teams.
• Responsible for creating updating and the evaluation of new patch management; policy information security policies and directives; firewall rules for all access to company’s network; and standard operating procedures (SOP), reference documents, and request forms.
• Develop methodology to integrate threat intelligence from multiple feeds to the Checkpoint firewall.
• Conduct all Qualys scans for Metro and collaborate on all Cybersecurity investigation or troubleshooting related to these scans.
• Handle all preparations for the DOB and NCUA audit materials or information related to Information Security.
• In charge of creating monthly Information Security report and present it to Metro’s Enterprise-Wide Operation Committee.
• Handle security incidents response and investigations, bi-yearly penetration testing, and report preparation.

Confidential

Senior Network/Security Engineer

Responsibilities:

• Utilized SecureID token for remote access VPN users to configure RSA server and ASA 5515x integration for two factor authentication.
• Administered the design, configuration, troubleshooting, and media access control (MAC) of all network devices such firewall, routers, and switches
• Performed integration of two AWS Virtual Private Cloud (VPC) to Active Directory through primary and secondary VPN to three sites and remote access network for telecommuters
• Initiated configuration and deployment of Cisco ASA 5515x Firewall and 3850 Switch to upgrade existing networking environment
• Managed all daily troubleshooting issues for Active Directory, networking, and AWS VPC environments
• Oversaw security incident handling and response and all security remediation for all vulnerabilities, as well as assessed all weekly security scans
• Led the design, configuration, and troubleshooting of Active Directory environment and all VMware infrastructures

Confidential

Network Engineer

Responsibilities:

• Used Juniper firewall and enterprise-level security tools to resolve and monitor network security
• Assumed responsibility in configuring and executing the following:
• SSL VPN for vendors and other news bureaus. remote access VPN for all staff and consultants.
• Cacti to monitor all VPN, firewall, switches, and routers.
• New WAN router and new wireless network in multiple locations.
• Clustered juniper firewall for the headquarter and the production network; and
• Site-to-site VPN to all company sites and backup site-to-site VPN for a dark fiber connection between the production site and the main office
• Conducted the monitoring, troubleshooting, and configuration of all Cisco 6500 cores and IDF switches.
• Partook in researching and facilitating new technology and best practices.

Confidential

Network Engineer

Responsibilities:

• Conceptualized, configured, and administered the bank’s network involving 15 locations.
• Carried out development of a more scalable IP scheme by readdressing the whole network, as well as reconfiguration of core network/switching using 3850s to ensure better redundancy and security.
• Performed configuration and installation of ASA 5515x and maintenance of ASA 5520/5510/5515 x.
• Administered and executed all firewall update and/or patches; updated and managed McAfee web gateway, email gateway, and SIEM; and assisted in designing and maintaining Active Directory structure.
• Facilitated configuration and implementation of VPN network for all ATMs using both ASA 5510 and Cisco Meraki; DHCP server enterprise-wide; and all IPS report while monitoring all alarms and security incident handling.