Objective

To operate in an environment where I can utilize my skills and talents as a Professional Network Infrastructure Engineer.

Experience

Confidential

Senior Security Escalation Engineer

• Primary responsibilities include ongoing management of the State of Georgia entire information security program for all agencies to ensure maintenance of data confidentiality, integrity and availability of all organizational systems.
• Configured url filtering on Palo Alto Firewalls for all agencies within State of Georgia.
• Managed and configure data filtering on Palo Alto Firewalls
• Assist in the development and execution of the enterprise information technology risk management program.
• Serve as a technology security liaison to executive management, system engineering and development teams to ensure compliance with security standards and policies.
• Configured Palo Alto Firewalls to proxy DNS queries based on domain.
• Provided recommendations and managed URL filtering on Palo Alto Firewalls for the State of Georgia.
• Created and managed policies around users and users group via Active Directory.
• Configured and deployed Palo Alto initial setup which included activating licenses and upgrading software on Palo Alto firewalls.
• Managed and configured all IPSEC site to site tunnels on Palo Alto devices between agencies within State of Georgia.
• Provide recommendations to the system owners on how to obtain and maintain system accreditation and security posture
• Leverage Defense in Depth principles in the development of security engineering designs and implementations.
• Created and configured Application Filters for Palo Alto security rules.
• Generated and submitted PDF summary, usage and user report for State of Georgia.
• Configured VWire and policies on Palo Alto firewalls interfaces for both untrusted and trusted zones.
• Reviewed and discussed threat map to view any and all global threats on Palo Alto Firewalls.
• Analyze existing and future security appliances, reviewing security architectures, and collaboratively develop engineering solutions that integrate information security requirements.
• Apply security risk assessment methodology to systems development, including assessing and auditing network penetration testing, antivirus deployment and technology risk analysis.
• Configured and managed appID on Palo Alto to assist with identifying specific application behaviors.
• Provide advice and insight into future State of Georgia information security technologies and the strategic drivers that will influence the technology choices.
• Communicates technology risk to State of Georgia agency leaders in non-technical terms to ensure understanding of risk and available options for remediation.
• Manages the identification of potential internal and external threats and risks that jeopardize the availability of IT systems and assists in the implementation of mitigation strategies and controls
• Develops effective working relationships with mid and senior level management throughout the company to obtain support and acceptance of security policies and practices, and develop support for policy enforcement
• Managed and configured userID for all State of Georgia agencies.
• Translate regulatory requirements and standards to IT policies, controls and processes.
• Document and communicate customer requirements/solution as input to State of Georgia on-boarding process, including agency project plans and communications with carrier partners to facilitate device transfers from IBM's network to AT T
• Provided advice, risk factors and implementation solution for all RFS Request for Service for State of Georgia external Partners and States.
• Implemented all security controls and traffic flow analysis for Cisco ASA and Check Point devices.
• Install, configured, managed and deployed all State of Georgia Cisco ASA devices
• Upgraded Check Point boot manager, Ipso version and CP applications.
• Worked daily with Check Point R70 thru R75.40 applications

Confidential

Network Security Engineer lll

• Provided network security customer support in a shared environment supporting multiple customers in a Fault Management and MACD Change Management operations support structure for new and pre-existing customers.
• Configured and managed Cisco ASA 5510 and 5525 firewalls.
• Configured and managed Cisco Pix 515E firewalls.
• Built customers CMA,CMHA and CLM containers within CheckPoint Firewall.
• Created Customers routing topologies, network,node, and content filtering within their policy.
• Built and managed customers rule base and address translation features within CheckPoint firewall.
• Configured and managed Crossbeam X40 and X80 APM's,CPM's and NPM's.
• Performed various CheckPoint NG troubleshooting and changes running on Sun, Nokia and Crossbeam platforms.
• Planned and implemented redundant, disaster recovery and high availability solution for critical systems.
• Assisted in the development, implementation and updates of operations standards for network security solutions and processes.
• Assisted in the documentation of current and future systems.
• Provided proof of concept testing and validation of network security design.
• Worked with internal customers to gather requirements and understand development goals in order to design a network security configuration closely integrated with the applications.
• Performed external customer changes and turnups on bridge calls and during scheduled maintenance windows.

Confidential

Security Engineer Level III

• Performed automated access provisioning across supported systems and applications along with defining and providing audit report.
• Monitored, reported and followed SOX compliances to Information Security policies.
• Investigated violations of Information Security Policies from Security and Associate analyst by analyzing forensic data and correlated events using standard security tools and processes.
• Experience performing system vulnerability assessments, penetration testing and host-based security auditing.
• Experience researching system vulnerabilities and developing mitigation and remediation strategies to address these concerns.
• Managed and supported Cisco IPS version 5.1.4 sensors, signature ID's and process.
• Managed and supported Websense version 6.2 on Windows platform integrated with Pix firewall.
• Managed and administered internet filtering and web security solution and controls.
• Managed and Supported Netforensics for correlating events and for data storage.
• Experience performing scans and system and network vulnerability assessments using Qualys products and applications.
• Experience using Encase software to aid with forensic testing for Legal and Corporate purposes.
• Developed SOP and MSB's security policies, standards and guidelines.
• Protected all Corporate critical information assets by staying inline with PCI requirements.
• Lead investigations of high-level complex violations of Information Security Policies and activity.

Confidential

Senior Global Communication Engineer

• Responsible for configuring, implementing, monitoring and troubleshooting Cisco 3002,3005,3015 and 3030 concentrators for remote and LAN-to-LAN global vpn jobsites.
• Managed and setup two-part vpn authentication, in which, the ACS server served as the database for user authentication and the head-end concentrator as the database for group authentication.
• Used web browser to log into concentrator and verify if tunnel is established for vpn connected sites.
• Configured, monitored and supported all ISDN sites with Cisco 800 series routers.
• Administrator of Netview, which included removing, modifing and adding new, sites, devices, and interfaces via AIX.
• Used Remedy v6.0 for generating change request, documenting and resolving new/pending request.
• Responsible for managing and setting up new site information for Concord reporting.
• Implemented, designed, monitored and supported fully mesh networks.
• Hands on experience configuring, managing and implementing Cisco's 3600, 1700 and 2600 routers.
• Hands on experience configuring, managing and implementing Cisco's 2950, 4006 and 6513 switches.
• Managed and administered internetwork that consisted of four T1's for dual atm and frame-relay interconnected circuit.
• Ordered and provisioned communication lines, which included: Frame-relay Application, ISDN Application, TPIPS Application and ADSl Application.
• Act as the technical interface for major IT projects to ensure effective system design and that standards are adhered to. Also in charge of high level estimates, ordering of comms line, creating solution design, billing and providing quote for certain link speed.
• Member of the Disaster Recovery Unit.
• Prevented, detected and resolved DDOS attacks.
• Configured and supported Pix 515E firewalls.
• Managed and created objects, policies and rules within CheckPoint firewalls.
• Applied ACL's to routers and layer 2/3 switches to permit/deny host, networks
• and ports.
• Used Nokia Voyager IP300 to perform routing changes, traffic management and interface configuration.
• Supported an array of technical functions associated with managing a highly available, customer focused Information Technology environment and worked to ensure that ITS service delivery objectives were met.
• Provided guidance to lower level engineers in addition to providing direct support to some or all of the following service delivery functions for voice and data networks: Network performance and tuning, network operating system maintenance and upgrades, configuration management, capacity planning, 2nd and 3rd level problem determination and resolution, on-call support for resolution or customer affecting problems.
• Configured changes as needed to ensure proper network performance and identified new products and tools needed to effectively support the environment.
• Constantly monitored the performance of the network environments including bandwidth, throughput, component utilization and error rates. As well as, developed performance monitoring tools and reports.
• Made recommendations for performance changes and implemented and monitored performance changes for effectiveness.
• Managed and mapped site locations via Solarwinds/Orion.
• Managed and added new users accounts via Cisco Works.
• Used Cisco Works as enterprise tftfp server.

Confidential

Senior Network/NOC Engineer

• Checkpoint, Cisco Secure PIX 525/525 firewalls
• Used Spectrum as a primary source of monitoring all power and telco related outages on the network.
• Configured Cisco 2500, 1700, 3600, AS 5300, 1760, 4505, 7202 and VPN 3002 and 5000 series router and concentrators.
• Monitored and upgraded router IOS from tftp sever which helped in preventing router cpu crashes.
• IPSEC implementation and configuration
• MPLS setup and implementation
• Configured and setup Cisco 2950 series switches for handling and supporting both voice and data usage across the network via trunking.
• Protected Company network from intrusion and teardrop attacks w/ the aid of IDS and Secureview.
• Stored router configuration to Cisco Works.
• Setup, monitored and documented any alarms reporting from ONI device used for Company Disaster Recovery program.
• Configured and setup Cisco VPN concentrators w/ IPSEC or PPoE .
• Used Remedy and HelpQ ticketing system to proactively report and document any network or customer outages.
• Always opened Cisco TAC case online or via phone pertaining to device unit or part replacement.
• Configured all routers and switches with TACACS
• Sniffed traced and captured network traffic that helped troubleshoot network problems.
• Reported all 3 high priority problems to Manager within 15 minutes as part of companies LSA.
• Kept documents on all serial numbers of parts to help with department inventory.
• Configured serial interface's to correspond with all site turn-ups.
• Configured all routers with - no proxy arp, ip cef , reverse unicast path and OSPF md5 authentication command to aid with network security project.
• Gave morning reports and alerted team on any projects are opened tickets that were worked during my shift
• Interacted with all customers

Confidential

Senior NOC Engineer

• Provide both campus and global network infrastructure management in an enterprise Nortel/Bay environment.
• Nortel PassPort Advanced Remote Node ARN - Advanced configuration and setup for Coca-Cola's small to medium sized remote sites with a combination of new IP and legacy equipment AS400, VAX Systems, etc. . Have used for T1/E1, FT1/FE1, and 56/64 CSU/DSU connectivity.
• Checkpoint, Cisco Secure PIX 525/525
• IPSEC and SSL VPN configurations
• Configured serial interface's to correspond with all site turn-ups.
• Nortel Backbone Link Node configuration and setup for advanced IP backbone routing.
• Nortel Accellar 1200 management and setup for small remote site routing for Frame-Relay and T1 connectivity
• HP OpenView and Nortel's Optivity for network management operation and management.
• Diagnosed and resolved network outages inclusive of WAN circuits, Bay Network Backbone and remote-class routers BCN, BLN, Accellar 1200's, Passport
• 8010's, and Bay 5000's and 5005's and AN , verifying circuit and interface availability, verifying successful Hub and Concentrator connectivity, and copper and fiber cable reliability.
• Responsible for Entex and Motorola Mutiplexers used in Europe and Latin America in support of Voice and Data traffic from those locations back to Coca-Cola headquarters in Atlanta.
• Responsible for Auto Dial Backup Services for all supported remote sites.

Confidential

Senior Network Engineer LAN/WAN

• One year as an I.T. Manager, which included day to day operational support, and involvement and design of internetworks.
• Interdomain consolidation project- Managed team of six Cisco and Network Engineers in rollout of CISCO 7500 routers using OSPF protocol to better manage company's existing interdomain and also give them faster access to the cloud .
• DNS request entries of A-Records, CNAME Records, MX Records, PTR Records, NS Records, SOA Records, and creation of entire DNS zone files including zone file transfers, DNS cutovers, etc.
• Maintained hubs, TCP/IP configurations, and Managed company-wide network.
• CISCO Router 1005/2500/2505/2610/3600/4700/7000 Series setup, configuration, monitoring RIP/IGRP/EIGRP/BGP-4/eBGP/iBGP/EGP Network Addressing, Subnetting expert TCP/IP-TCP, UDP, DNS, IP, ARP, FTP, SMTP, POP3, ICMP, RIP, OSPF, HTTP, SPX Network Security-IP ACCESS LISTS- Standard, Extended, SAP FRAME RELAY monitoring-IP, DECnet, AppleTalk, XNS, Novell IPX, CLNS, ISO, Banyan Vines, Transparent Bridging FECN/BECN X.25, LAPB, NRM, ARM, ABM MPLS, IS-IS.
• CISCO Catalyst 5000 Series setup, configuration LAN Segmentation expert to increase bandwidth Inter-Switch Link and IEEE 802.1Q VLAN Trunking, BPX/MGX Switching
• ISDN BRI/PRI Troubleshooting and monitoring RAS implementation Dial-On-Demand Routing
• Designed and setup OSPF intranetwork for mobile and neighboring offices in a hierarchy of areas. Designated the Mobile office LAN as area 0.0.0.0 The Backbone .
• Managed day operational support, maintained Cisco 4000 series and Cabletron Smart Switch routers, used Cisco eight and four port serial port adapters to provide network administration that included flexible options for a broad range of density. Designing of routed and switch network. Private network consisted of Ascend pipeline 75 as well as usage of Intergear hubs. Integrated NT and Unix servers.
• Supported remote Nortel/Bay BLN routers with the aid of Site Manager for learning routes that were being listened too and learned from neighboring downstream routers.
• Configured Nortel/Bay DMZ routers for the purpose of implementing them as dedicated routers.

Confidential

Systems Engineer

• WAN Design, LAN Capacity Planning LAN/WAN Help Center
• Responsible for the daily operations of the Help Center. This consisted of over 7,000 employees and trouble resolution of the customer's network. Basically supporting problems with LAN connection and computer errors. Usage of Remedy to log problems and then respond and complete in a timely matter. Experience with SMS and installed cables for LAN and voice ISDN, T-1 connections using 110 and 66 blocks. Used Cisco Compression Service Adapters to perform hardware assistance for high performance using Cisco 7500 series high - end routers. Performed a high-end level of network protocol analysis on Ethernet, token ring, FDDI, and used Network General Sniffer for pro-active and re-active troubleshooting of the network.
• Nortel BayStack 450 Switch- Configuration, setup, and management for high-speed multi-protocol switching and LAN Segmentation and subnetting.
• Expert with saving and managing bandwidth for more efficient operation and performance for Local Area Networks LAN and Metropolitan Area Network MAN .
• Nortel Backbone Link Node BLN -Extensive experience in the setup, management, and configuration for routing traffic on smaller WAN subnets that does not require a capacity of over 30 circuit connections at one time. Have used for FDDI, ATM, Frame-Relay, and Point-To-MUX connectivity.
• Nortel Backbone Concentrator Node BCN Router- Setup, configuration, and management for routing a high volume of WAN traffic with multiple data protocols and topologies. High-level of experience using this router for ATM, FDDI, Frame Relay, SMDS, and Point-To-MUX WAN circuits.
• Lucent Technologies AP1000 IP Services Router-
• Advanced configuration and setup for Metro-Optical network edge IP services. Advanced IP routing for:
• Access Ranging from ISDN to OC3.
• Multi-IP routing protocols: IP, RIP, RIP2, OSPF, BGP-4, IGMPv2, policy forwarding, static routing.
• Multi-WAN protocols: FR, ISDN, PPP, Multilink PPP, SMDS, and ATM.
• Multi-WAN and LAN interface support: 10/100 Ethernet, MSSI, HSSI, T1/E1, ISDN, Frame-based DS3, ATM DS3, and ATM OC3.
• Tunnel services: IPSec, L2TP, IP-IP, GRE.
• Dynamic key management - IKE.
• Stateful packet filtering firewall.
• Denial of service protection

Technical Summary

• Routers: Cisco, Cabletron, Ascend, Nortel Bay Networks , and Riverstone.
• Platforms: Windows NT, Windows 95/98, Unix, XP, ME
• Hubs and Switches: Cabletron Smart Switch Router, Bay Networks - 8600,AN, BLN, BCN, 28115, 28114, BPX, Cisco - 4000, 2500, 7500 series, Linksys - TX4 port
• Protocol: TCP/IP, UDP, RIP, OSPF, BGP, FRAME RELAY, ATM, IPX/SPX, ICMP, IGRP
• Analysis: SYSLOG, SNMP, SNIFFER, SMS, FIREWALLS, REMEDY, HEAT, Vantive, Site Manager, Spectrum
• Topologies and Telephony: Ethernet, Token Ring, T-1/E-1, T-3, DS-3, ISDN, FDDI
• Network Management: HP Openview, Cisco Works
• Programs: C , DCL Coding