SUMMARY:

• Self Managed, and Self Driven, Knowledge - Seeking Network Security Engineer and Checkpoint Wizard with extensive application, troubleshooting, scripting, systems administration, network and application security expertise.
• Excellent technical trainer with the ability to quickly absorb complicated information and explain it to others in a simple way.
• History of demonstrated ability in engineering, supporting, troubleshooting and presenting enterprise security solutions.

TECHNICAL SKILLS:

Security: IDS/IPS, Disk/Packet Encryption, Awareness Training, Forensics, Pen Testing, Auditing, Sourcefire, Check Point IPS

Firewalls: PIX, Check Point, Nokia, Juniper Appliance, VoIP, VPN, Clustering, QOS, VSX, Proxy, NAT, Provider-1, NSM, CSM, Sofaware, Edge

Cryptology: PKI, PGP, SSL, OpenSSL, SmartCards, RSA, IKE, RSA, htdigest, brute force tools and scripts, rainbow/hash tables

Microsoft: XP/7, Server 2000/2003/2008, Exchange Server, All Office Products

Linux: CentOS(4/5), RHEL(4/5), Fedora(11), Ubuntu/Debian, FreeBSD

Networking: Cisco Routers and Switches, VLANs, Advanced Routing, Switching, Strong Wireless Theory, SNMP, OSPF, Cabling, Planning, Mulitplexors and Demultiplexors

PROFESSIONAL EXPERIENCE:

Confidential, Indianapolis, IN

Sr. Network Security Engineer

Responsibilities:

• Daily PCI Compliance Consultant for firewall change approval process
• SME for Provider-1 and Check Point Installations for 300+ Enterprise and Satellite office firewalls
• Wrote custom Orion Script polling software in Perl to provide consolidated reports
• Wrote several task automation scripts in Expect, Perl, Batch and Bash
• Wrote several debugging and trace tools to assist network/security teams
• Updated and created visio diagrams on network flow to assist team with troubleshooting
• Wrote troubleshooting guide for jr engineers including explanations of CLI functions, diagrams, flowcharts
• SME, Plan, Upgrade, Install and Troubleshoot on a variety of equipment:
• Setup and implementation for backup plan for PCI compliance
• Check Point, Provider-1, Ubuntu, RHEL, Sofaware, Encryption, SNMP, Nessus Vulnerability exceptions, Juniper NSM, Log Rotations, Data backup and recovery plans
• Bluecoat, Palo Alto, ASA and Pix Rule implementation, migration and cleanup.
• Video training and lab demonstrations for Network and Security teams
• Troubleshooting tickets and Business as Usual operations
• 95% Remote work and self directed projects.

Confidential

Tufin Consultant

Responsibilities:

• TCSE functions: setup and install tufin cluster in virtual environment. Train Dell’s client on usage and reporting of Tufin and Check Point. Check Point Optimization Consulting.
• Provided video training of all complicated functions
• Setup scripting of various aspects of Tufin management
• 100% self directed project as primary consultant - resulted in Dell acquiring additional contracts from client

Confidential

Sr. Network Security Engineer

Responsibilities:

• PCI Compliance updates on Apollo Group Network, Consultant and Implementer
• Check Point SME for over interconnectivity 150 firewalls (Check Point, Juniper, ASA, PIX)
• Assist CCSIE team with Cisco/Check Point Interoperability
• BAU Juniper, SSL VPN, TACACS, Juniper, Bluecoat, F5, DNS and network troubleshooting
• Plan, Upgrade, Install, Check Point / Sofaware and edge UTM deployment
• Firewall rulebase changes, business as usual tickets and troubleshooting
• Merge/swap existing Juniper firewalls to Checkpoint firewall and Provider-1 management
• Physical data center move in London of 100 VPN tunnels each requiring physical hands on
• Sourcefire Management and Updates
• 25% Remote work and self directed projects

Confidential, Tempe AZ

Network Security Analyst

Responsibilities:

• NERC CIP (based on ISO 270002) Regulations training and implementation consultant
• Firewall Cluster Consulting and Check Point SME
• Check Point R65/R70 ClusterXL Firewall Admin, Upgrade and maintain Management HAProvides security incident response and forensic analysis of security events
• Periodic network pen testing using nmap and custom Perl scripts
• Vulnerability management for Check Point, Windows, and Cisco Servers and Equipment
• Cisco Configuration of Switches and Routers (ME3400, 3750, 4507, IE3000)
• Implement Sourcefire Monitoring and testing of Enterprise WAN
• Lead Q1 Labs Logging and Accountability objectives
• Network Monitoring using Q1 Labs, Sourcefire, IPSwitch/Whatsup, SYSLOG tools, and SNMP monitoring
• Jungle Mux/Demux, and Fiber Equipment Troubleshooting for Enterprise WAN
• Repair Various RF Comm Equipment such Zetron Paging Systems and HAM
• HSRP and EIGRP troubleshooting and monitoring
• Develop ESXi Lab to clone production environment and train/present to others
• Responsible for developing upgrade plan of various end of life HP servers
• Create standard security procedures for Communication Engineering Network
• Create and Lead Draft baseline security and performance procedures
• Assist with engineering, planning and maintenance of Enterprise WAN
• Engineer Sections of the WAN for substation connectivity and NERC CIP compliance
• Create training documentation for junior engineers about various technologies

Confidential, Frisco TX

Systems Engineer

Responsibilities:

• On Call for various networking, Microsoft, Linux, firewall, security and web development related issues
• SSL, SSH Keys, HTTP Basic Authentication and PGP email setups/troubleshooting
• Penetration Testing and Security Recommendations for 300+ nodes wireless and wired network.
• Troubleshoot and Setup MS Exchange 2007, Active Directory, Outlook, Microsoft VPN
• SQL /MySQL and IIS/Apache Website development on Debian and Windows Servers
• Perl, JavaScript, VBScript, Ajax, XHTML, XML troubleshooting and development
• Cisco VOIP, VPN Client, PIX firewall, switch and router configuration and troubleshooting
• Cisco & Polycom VoIP and Video conferencing setup, security and installation
• Data warehouse setup, troubleshooting and sales for multiple customers
• Level 3 technical support for all small business (up to 5000 employees) hardware
• SNMP monitoring via Solarwinds (Orion) products.
• VMWARE Workstation/ESX bench testing.
• Investigate customer needs and present proposals, follow up with sales
• Prepare presentations and reports for various clients on a regular basis
• Troubleshoot and implement hosted and on site exchange servers
• Windows and Linux based Server Administration, Setup and Deployment
• Networking and Business Computer Support Remote and on Site
• Systems Installation of rack mounted servers and Small Business data center Engineering 50% Remote work

Confidential, Dallas

Check Point, Level 2/3 Product Engineer

Responsibilities:

• IPS/IDS FreeBSD/CentOS product support team lead, including JBOSS Debugging and Troubleshooting
• Managing customer accounts as a Subject Matter Expert for Check Point Security Products
• SmartDefense (Check Point firewall A/V) and kernel level debugging.
• Provide level 2 technical support for Check Point firewall and networking issues.
• Level 2 VPN, Cluster, and Provider-1 Support Engineer for Check Point related products
• Level 3 Team lead for IPS-1, lead trainer for 10 peers on IPS-1
• Pre Shared Secret & IKE Troubleshooting on SmartCenter Servers & other Check Point Products
• Troubleshoot CA for digital certificate verification of SmartCenter Servers
• Smartcard and RSA troubleshooting for DoD Clients using Pointsec/Integrity
• Provide training and resources on a constant basis to new hires and peers.
• Windows Server 2003/2008 debugging, troubleshooting and setup
• RHEL Kernel debugging, and Check Point's variant (SPLAT, embedded RHEL)
• Routing and troubleshooting, involving BGP, OSPF, RIP, Cisco routers, VLANs.
• Wrote/compiled over 705 technical articles for the TAC.
• Extensive VMware Workstation and ESX simulations and setup to replicate customer issues.
• Wrote Access/Perl/MySQL db application For Pointsec team to search historical cases.
• Wrote flashcards for several Check Point certifications (850+ questions total).
• Average customer survey score of 4.78/5.00.