Palo Alto Network Systems
Resume:
ADEOYE ADEJUWON OLADOKUN
Reno NV 89521
ad4xtr@r.postjobfree.com
Olu Oladokun – Candidate Summary:
Over 14 years of Relevant Experience / Cisco/Juniper/Palo Alto Firewall/Checkpoint Shop
Over 10 years of SME Experience with Cisco Network systems / Wireless and Unified Wireless
Expert knowledge of Cisco AP’s and Cisco 9800 WLC Network Centralized Security concepts and Policy
Advanced hands-on-experience with F5 BIG IP DNS, ASM, APM LTM on v13 code
Expert knowledge, design and deployment of Cisco Unified Communications Systems, CUCM 8.6, Unity 8.6 and Cisco Telepresence.
Expert knowledge of enterprise security policies and concepts with Implementation
Expert hands-on-experience with Juniper MX router, Palo Alto Firewall and EX switches
Expert hands-on-experience with Ansible and Terraform HCL in AWS and Oracle Cloud deployments.
Expert knowledge of Crypto VPN over IPSEC tunnel encryption with AES-256 & PFS group 5 thru 14
Expert Knowledge of Ikev2 on Cisco ASA SSL Remote Access and Router configurations
Expert knowledge of VoIP, Video over IP, EoIP
Advanced hands-on-experience Planning, Configuration and Deployment of 802.1x using ClearPass v6.7
Expert knowledge FWSM’s Cisco ASA 5585X and 5550, 5545x, 5525x with AIP-SSM-10,20 and 40 modules
Expert hands-on-experience with DMVPN TUNNEL networks design, deployment and troubleshooting
Expert hands-on-experience with tuning and writing IPS signatures
Advanced hands-on-experience with F5 LTM and GTM. ASM and APM configurations and rollout.
Expert hands-on-experience with Splunk 7.2. Splunk Enterprise Certified Architect and Security Admin.
Expert hands-on-experience with FortiGate Firewalls 3800D and 6500F and Palo Alto Firewall.
Expert hands-on-experience with Cisco ACI running version 5.2.7F
Aruba 7200 Wireless LAN Controller and Access-Points wih ClearPass for Authentication
Aruba Access-Points deployment AP-225 and Aruba AP-335 Access Point
Expert hands-on-experience with Checkpoint VSX and Checkpoint Hyper V, Checkpoint NGX
Advanced hands-on-experience with Checkpoint R80 standalone and distributed firewalls
Expert hands-on-experience with migration of Cisco ASA to Checkpoint Gaia R80.30 using Smartmove.
Expert hands-on-experience with Cisco Call Manager version 9.6.2 & 10.2, Cisco Unity connection Server version 10.2 and UCCX
Expert hands-on-experience with procurement, design, setup and integration of the following systems CUCM, CUCS and UCCX
Holds an Active Full DoD Secret and Top-Secret Clearance
Holds Security+, CISA- ISACA, CISM- ISACA, CEH, ITILv4, CASP+, Exp Date 10/2027
Active Cisco Certifications
oCCNA
oCCNP-Security
oCCNP- Service Provider
oDevNET Professional
Holds Splunk Certified Architect and Security Admin
oLicense Cert 787
Holds Active Juniper Certifications
oJNCIP – Security
Holds Active Checkpoint Certifications
o(CCSA) R80.20 Exp Date 05/2026
o(CCSE) R80.20 Exp Date 05/2026
Holds Active Fortinet Certifications
o(NSE 7) Enterprise Firewall Exp 07/2027
Holds Active Palo Alto Certifications
o(PCNSE) Exp Date 08/2023
Excellent Communication Skills
US Citizen / Avail ASAP
EDUCATION
BS Computer Science- University of Hertfordshire, England - 05/1994
Diploma in Computer Electronics Technology, CISSP
Juniper JunOS, Juniper MX Router Training
Project Management Professional (PMP Trained)
Certified Fast lane & Taclane Type 1 Encryption Cryptograph Security Administrator
CLEARANCE:
ACTIVE FULL DOD SECRET AND TOP-SECRET CLEARANCE/SSBI
WORK EXPERIENCE
Lumen
Senior Fortinet Firewall Engineer
Aptask 04/2022 – 03/15/2024
Senior Fortinet Firewall Engineer
Design and Deployed Fortinet 60E, 200E 300E & 500E firewalls and managed them using Forti Manager. Daily configuration and rollout of changes on the Fortinet Firewall 61F Firewalls. Setup of routes, BGP rules on the Fortinet Firewalls. Monitoring and configuration of Meraki Switches to support client device connections across thousands of Stores. Deployed them across the enterprise to over 3000 remote locations. FMG / Forti Analyzer provided real-time syslog monitoring, event logging and analysis.
Fortinet/ Palo Alto Firewall Administration, creating objects, pushing rules and policies using Forti Manager
Creation of Meraki Switch Templates / Stacks in Cisco Client Meraki Portals
Collaboration and working with the Network team to ensure the Firewalls are properly configured and functioning with the Cisco routers in VRF mode.
Pentagon Federal Credit Union
Senior Network/Firewall Engineer
Prism 06 /2021 – 01/01/2023
Senior Firewall Engineer
Fortinet/ Palo Alto Firewall Administration, creating objects, pushing rules and policies using FortiManager
Cisco ISE 2.7 Management and WIFI Deployment with Posture.
Cisco ISE PSN and PAN configuration and upgrade. Global Firewall policies for Cisco ISE
Cisco ISE integration with Cisco WLC and Microsoft AD External Groups
Aruba ClearPass CPPM deployed in a 3 hub cluster to support Enterprise WIFI Campus with AP-225 and 335
Configure and deploy Security Profiles using UTM in Fortinet Firewalls
F5 VM LTM and GTM configuration and management.
Cisco ASA 5585x-SSP20 firewalls for Remote access VPN as well as Site-to-Site VPN IPsec VPN tunnels
Cisco Firepower 4150 running FTD and register with FMC for Firewalls and rules pushed to NGFW.
Scripting Changes on the firewalls and pushing those changes to the differing ADOMS
Administering Forti-Analyzer
Guest WIFI and PROD WiFi configuration and deployment of Cisco 9800 Wireless Lan Controller
Fortinet NGFW 7000 series firewalls with multiple VDOMS in at least 10 ADOMS
Global Database clean-up
Panorama with Palo Alto 7050 Chassis firewall running 100Gig line cards
Advanced level hands on experience with Palo expedition to covert ASA Firewall rules to Palo Alto
Expertise with Palo Alto firewall HA configuration and deployment.
B2B IPsec VPN tunnels built using Palo Alto firewall on PA-3560 and PA-3250 firewalls
SSL Termination and URL Filtering with Palo Alto firewalls
Wireless AP and DHCP server configured on FortiGate FW’s and Meraki Switches
Cisco ACI configuration and management. Cisco APIC’s and Orchestrator. Creation of Bridge Domains, VRF and EPG using Multi-site Orchestrator. Managing the Application Profiles as well as deploying changes to the different sites configured as templates in ACI. Extension of VLANS across Multiple Sites for easy of Management.
Automation using Ansible scripts to deploy Cisco routers and Switches and Firewalls
Automation scripts to automate deploying firewall rules.
Fortinet API to schedule and deploy firewall rules.
Creation of Port-Channels and vPC using Cisco ACI APIC for different tenants
Creation and association of Port-Channels and vPC’s with EPG’s
Indotronix
Senior Security Engineer
Unisys 06 /2019 – 05/2021
Senior Network Architect/Engineer
Design and Deployed Fortinet 60E, 200E 300E & 500E firewalls and managed them using FortiManager. Daily configuration and rule changes on the Checkpoint R77 and R80 Firewalls. Setup of routes, NAT and VPN tunnels on the checkpoint Firewalls. Smart Dashboard login and editing of rules, cloning object and adding new objects on a daily basis. Head End Firewalls were dual Fortinet 6000F firewalls. Deployed them across the enterprise to 100 remote locations. FortiAnalyzer provided real-time syslog monitoring, event logging and analysis. Using FortiAnalyzer, I was able to visualize threats across the network. Fortinet Fort iView was also used to provide real-time dashboards to the NOC. Monitoring the network and providing network NetFlow reports using SolarWinds, GigaVue, Cisco NAM3.0 and traffic analysis using Wireshark and TCPDUMP.
Fortinet/ Palo Alto Firewall Administration, creating objects, pushing rules and policies using FortiManager.
R80 Checkpoint Firewall upgrades and patching.
R77 Checkpoint Firewall HA setup and deployment. Using
R71.30 Checkpoint Firewalls using Provider-1 to make daily changes.
Deploying new CMA firewalls for new zones and customers on the network.
SD-WAN and Cloud NGFW using Forcepoint 3400 series and 6200 Series.
Palo Alto Firewall Management Platform to manage 500 firewalls across 10 ADOM’s. Policy Management, Vulnerability Management. VPN and Palo Alto Firewall policy management automation
Configure Forcepoint IPS using Forcepoint Security Management Center (SMC)
Design, implement, and support various Identity and Access Management (IAM) solutions
Conduct in depth technical IAM research, assessments and performance analysis to support and design technical automated IAM strategies
Lead scalability and performance planning for future IAM needs
Review and adjust existing IAM processes (provisioning, de-provisioning, re-certifications, etc..) to ensure that they are aligned with industry best practices
Provide guidance and support for management of non-human accounts
Lead technical project execution to identify and close gaps between proposed and implemented designs
Guest WIFI and PROD WiFi configuration and deployment of Aruba Wireless Controller 7200.
Configuration of Cisco ASR-9K, ASR-1k routers for VRF and Dynamic routing protocols such as BGP/EIGRP/OSPF.
Level 3 escalation POC for troubleshooting Cisco ASR routers and Datacenter switches on the network
Serve as SME on identity & access management within enterprise partnering with all lines of business to identify systems and identify repositories to be managed by identity and access management solutions
Lead operational and strategic planning of new authentication tools and systems, and ensure alignment of heavily used and complex applications. Partnering with business technology leads, and working with application developers to integrate commonly used applications into the identity infrastructure
Responsible for creation of role based access policies & risk profiles for associated applications
Business analysis functions to make sure solution meets both the needs of the business and risk organization requirements
Work with internal audit to develop certification campaigns and attestations to support applications governed under MAR (initially)
Develop cost benefit and risk analysis models to assist with new development efforts
Lead the implementation and use of technologies related to discovery, reporting, and control, of confidential data in on premise files shares, Microsoft Office 365, internet file storage facilities, and Amazon AWS storage environments
Develop least privilege model for the primary Active Directory infrastructure as well as critical applications, and ensure product and tooling enforces policies and controls from a technological level
Benchmark, analyze, report, and make recommendations for the improvement and growth of A+E’s technology infrastructure, operations, services, and systems
Lead the implementation and use of technologies related to discovery, reporting, and control, of confidential data in on premise files shares, Microsoft Office 365, internet file storage facilities
Internal audit around active directory controls
Train and share knowledge with IAM team
Defense Manpower Datacenter (DMDC)
Lead Sr. Network Engineer
DirectViz 06 /2017 – 06/2019
Team Lead Senior Network Architect/Engineer
Lead Network Engineer working on customer projects designing and supporting mission critical state projects with administration and maintenance of Cisco ASA-5585x, Cisco ASA-5555x and ASA-5545x firewall appliances, 3945, ASR-1001, Cisco 6509-E, 6513-E, Level-3 3850, 3750X, 3560G, 2960G, switches. Design and deployment of Aruba Wireless LAN Controller to manage provide guest wireless access to all DMDC users using BYOD network devices and remote access. Design and Deployed Fortinet 60E, 200E 300E & 500E firewalls and managed them using FortiManager. The Core using Juniper MX routers, as well as Juniper SRX firewalls for external IPsec Site-to-Site VPN tunnel Connections. Head End Firewalls were dual Fortinet 6000F firewalls. Deployed them across the enterprise to 100 remote locations. FortiAnalyzer provided real-time syslog monitoring, event logging and analysis. Using FortiAnalyzer, I was able to visualize threats across the network. Fortinet Fort iView was also used to provide real-time dashboards to the NOC. Monitoring the network and providing network NetFlow reports using SolarWinds, GigaVue, Cisco NAM3.0 and traffic analysis using Wireshark and TCPDUMP.
SDWAN and Cloud Computing AWS and VMware NSX for the DOD Next Generation computing
Imperva WAF configured and deployed for DMDC Cloud critical Application security
Replacing MPLS WAN network connections with SDN Network Virtualization
Virtualization of routing, firewalls and switching and Imperva WAF.
Checkpoint Firewall version R71.30, R77.30 and R80.30. Smart Console / Smart Dashboard access
Checkpoint Provider 1 access to launch CMA access to over 200 Virtual Firewalls.
Fortinet FortiManager 6.0.3 and 6.0.4 for management of the 100 remote locations running Fortinet firewalls
ClearPass 3-way cluster geographically diverse across the Continental united states. Publisher and 2 Subscribers
Advanced Knowledge Cisco NGFW ASA, and Cisco FTD using Firepower 2100, 4100,9300
Advanced knowledge and experience with Cisco Firepower 9300 and 4120 Fire Sight.
Advanced knowledge with configuring dynamic routing protocols EIGRP, BGP.
Create and maintain application integrations
Cisco ASA and Firepower Remote Access SSL and
Identify improvements and efficiencies in the areas of on call support, notifications, and escalations using xMatters or equivalent software
Automate processes, reducing the amount of time spent on day-to-day issues or manual overhead
Deploy policies and other monitoring components into the production environment
Cisco
AS Security
GDH Consulting 06 /2016 – 06/2017
Network Consultant Engineer
Network Consulting Engineer working on customer projects designing and supporting mission critical state projects with administration and maintenance of Cisco ASA-5585x and ASA-5545x Palo Alto firewall appliances, 3945, ASR-1002, ASR1004 and Cisco 6509-E, 6513-E, Level-3 3850, 3750X, 3560G, 2960G, switches. Design and deployment of Cisco WLC 5508, 4404, 4402, to manage provide wireless access to all remote users using Cisco network devices and remote access. The Design, Installation and Deployment of Cisco ISE 2.2 & Cisco TrustSec, for IP security services. Design, Configuration and implementation of Cisco ISE for clients including using Posture and as Radius and Tacacs+ services.
Expert Knowledge ASA-5520, ASA-5550, ASA-5585X, and Juniper SRX1400 Firewalls
Expert knowledge and experience with Cisco NGFW Firepower 2100, 4100, 9300 and 4120 Fire Sight.
Expert knowledge with configuring Cisco ISE 2.2.
Expert knowledge and configuration of Palo Alto Firewalls. Configuring HA, routes, Policies and UTM
Designing and Implementing Cisco ISE 2.2 for Cisco Customers and clients with over 50,000 nodes
Writing HLD, LLD, CRQ, NRFU and Test-Plans for Cisco ISE Implementations
Hands on experience with PXGrid.
IBM
Focused HR Solutions LLC. 12 /2015 – 06/2016
Juniper Network/Security Engineer
JNCIA-Junos, JNCIS-ENT, JNCIP-ENT, JNCIP-SEC
Responsible for designing, deployment of Juniper network devices in support of IBM Cloud customer’s networks. Hand on configuration of over 1014 juniper network devices across the enterprise. IT Global Support Solutions. During the duration of this contract, I was in charge of Design and deployment of Juniper network devices, to manage access to all network devices and remote access.
Daily Hands-on working experience with the Juniper SRX Firewalls 240, 650 and 1400 series
Daily Hands-on working experience with the Juniper EX Series Switches and Palo Alto Firewall.
Daily Hands-on working experience with Juniper MX routers and routing protocols.
Daily hands-on working experience with IBM QRadar SEIM
Daily hands-on working experience with IBM SIGI 5.2.2.0
Manage, Upgrade, Configure F5 Load-Balancers
Configure irules, CNAMEs, A-Records, Reverse lookups
Configure using GUI as well as TMOS
Configure and manage multiple F5’s using GTM and LTM
Configure F5 High-Availability
Configure 2-FA Authentication using F5
Standup VDI environment using F5 load-balancer
IDS/IPS syslog review and parsing on a weekly basis
Experience with tuning and writing IPS signatures mirroring the AIP-SSM-IPS module signature on the firewalls
Ability to write queries in QRadar to pull customer reports and mine data for weekly reports
Daily Hands-on working experience with the Juniper MX Series Routers
Python scripting excellence.
Advanced hands-on working experience with setup and troubleshooting of VPN Secure tunnels
Advanced hands-on working experience with Juniper Zone Policy configurations
Advanced hands-on configuration of BGP routing using the MX routers
Advanced hands-on configuration of EX-series 4200, 4300 and QFX3500 devices.
NEVADA ARMY NATIONAL GUARD
CARSON CITY JFHQ/J6
Celefsson & Olufsson Telecommunications Inc. 06 /2011 – 12/2015
Network/Security Engineer Architect
Designing and supporting mission critical state projects with administration and maintenance of Cisco ASA-5540 and ASA-5520 firewall appliances, 3845, 3945, ASR1004 and Cisco 6509-E, 6513-E, Level-3 3850, 3750X, 3560G, 2960G, switches. Design and deployment of Cisco WLC 5508, 4404, 4402, to manage provide wireless access to all remote users using Cisco network devices and remote access. The Design, Installation and Deployment of Cisco CUCM 8.6 & Unity Connection 8.6, for IP telephony services. Design, Configuration and implementation of Cisco FWSM v4-1.3.
Expert Knowledge ASA-5520, ASA-5550, ASA-5585X, and Juniper SRX1400 Firewalls
Expert knowledge and experience with Cisco Firepower 9300 and 4120 FireSight.
Expert knowledge with configuring Cisco ISE.
Daily reporting using Nitro Security SEIM from all 32 locations in and around Nevada Enterprise
Expert Knowledge of Network Infrastructure Design & Management
Implemented and Managed Cisco Nexus 7010, 7700 and Nexus 5596UP Switches configured with FEX 2248 extenders
Expert knowledge and configuration of IPSEC DMVPN’s and Crypto Tunnels
Cisco ISE NAC design and implementation on the Nevada Army National Guard.
Expert integration experience of Cisco Unity Connection with Microsoft Exchange
Expert experience with the installation and implementation of Cisco Telepresence Manager. Expert integration experience with Cisco Call Manager 10.2
Expert hands-on-experience with Cisco Call manager setup of device such as Voice Gateways, Phones, Gatekeepers and Voice Trunk setups
Supported resolution and root cause analysis of incidents or problems escalated from the Network
UNITED STATES DEPARTMENT OF ARMY
FORT-DETRICK DOIM/NEC
Aleut Corporation 01 /2010 – 05/2011
Network Engineer Level V Architect
Designing and supporting mission critical projects with administration and maintenance of Cisco ASA-5540 and ASA-5520 firewall appliances, 3845, 3945, 7206 VXR’s and Cisco 6509-E, 6513-E, Level-3 3750G, 3560G, 2960G, switches. Procurement and Configuration of all these devices, in support of the troops at Fort-Detrick and Department of Army requirements. Design and deployment of Cisco ACS, to manage access to all network devices and remote access. Installation and Deployment of Cisco NAM-2, to manage and monitor the LAN and WAN. Design, Configuration and implementation of Cisco FWSM v4-1.3.
Expert Knowledge ASA-5520, ASA-5550, ASA-5585X, and Net screen Firewalls
Expert Knowledge of Network Infrastructure Design & Management
Lead engineer managing and maintaining Arc Sight SEIM for the Army Enterprise.
Daily scrub providing threat reports to the daily SOC meetings.
Expert knowledge and configuration of IPSEC DMVPN’s and Crypto Tunnels
Expert knowledge of Microsoft Visio. I used it for detailed documentation of the Network topology
UNITED STATES DEPARTMENT OF ARMY
COMTECH MOBILE DATACOM
Hire Strategy Corporation
Senior LAN/WAN Security Network Engineer SME, 09 /06 – 10/2010
Designing and supporting mission critical projects with administration and maintenance of Cisco ASA-5510 and ASA-5520 Firewall appliances, 3845, 3725, 2621XM routers and Cisco 6509, 6513, Level-3 3550, 2950, switches.
Configuring all these devices, in support of the troops in IRAQ via; Department of Army requirements.
Design and deployment of Cisco ACS, to manage access to the router and switches.
Installation and Deployment of Cisco Security Manager, to manage and monitor the ASA Firewalls.
Expert Knowledge ASA-5520, ASA-5510, PIX, and Net screen Firewalls
Expert Knowledge of Network Infrastructure Design & Management
Expert knowledge and configuration of IPSEC VPN’s
Expert Design and deployment of Cisco Security Manager for management of ASA-5520
Expert design and deployment CISCO MARS Global Controllers and Local Controllers
Expert hands-on-experience with running reports from the Cisco Unified reporting for Monthly utilization reporting
UNITED STATES DEPARTMENT OF STATE
Strategic Business Systems
Senior LAN\WAN Network Architect-level III, 09 /04 – 09/06
Supporting mission critical projects with administration and maintenance of Cisco 7606, 3745, 3725, 2621XM routers and Cisco 6509, 6513, 4506, Level-3 3550, 2950, switches. Configuring Alteon 3408 and 184 Load-balancers, Net screen 5200 Firewalls.
Configuring Safenet and Nortel Contivity encryptors for WAN links all over the world at Consulates and Embassies. Provisioning of WAN links using commercial provides in the USA and overseas.
Leading projects from inception to fruition on Top Secret Fast lane and Taclane installation, configuration; and administration. Working with PVC/PVP’s and SVP/SVC.
Testing of network devices for proper configuration and trouble-shooting problems involving ACL’s and other Network access issues. Expert knowledge; of Cisco routers and Switches, incorporating them with CRYPTO’s for secure WAN connections.
Certified Fast lane & Taclane Security Administrator experienced with Firefly key and TEKS and PPK filling. Hands on experience working with TacLane KG-194, KG-175’s and Fast Lane KG-75A. Configuring ATM protocols, such as ILMI’s, working with OC3’s, OC12’s and OC192’s.
Using DTD’s to fill Encryption key sets such as Firefly Vector sets and PPK’s onto FastLane Crypto and Taclane’s. Configuring Safenet and Nortel Contivity encryptors for WAN links all over the world at Consulates and Embassies. Provisioning of WAN links using commercial provides in the USA and overseas. Creation and implementing of VLAN architecture for network segmentation and Security.
Design and implementation of a WAN VPN IP Converged Security structure in 260 countries using Nortel’s Suite of products including Contivity encryptors encrypting GRE tunnels pushing IP SEC traffic, Cisco 7206 VXR routers with gre tunnels.
Expert TCP/IP knowledge.
Routing protocols such as EIGRP, OSPF and BGP expert knowledge
Installation of Nortel Meridian 1, Succession, Call Pilot, Meridian Mail, ITG, OTM, BCM, and Symposium
Expert Knowledge in Nortel VOIP installation and integration
Hands on working knowledge of Symposium TAPI upgrade to Nortel recommended Communication Control Toolkit
Packetizes and compresses voice and modulates fax for transmission over existing IP WAN.
With IP Trunk's support of ISDN, MCDN and H.323 signaling features, helping customers be able to take advantage of productivity enhancers such as network-wide Calling Party Name and Number display.
Cisco MARS design, configuration and deployment into the network for proactive security threat analysis, network topology discovery and dynamic threat mitigation action. Cisco MARS was used for security log collection, it was used to visualize the path of security breaches and threats. I also used Cisco MARS in conjunction with Cisco Security Manager.
Centralized access to powerful Enterprise IP Telephony applications like Call-Pilot messaging and attendant services used network-wide through support of ISDN and H.323 signaling.
Enabling networking of services to tie together distributed sites served by Meridian 1, Communication Server 1000, and Business Communications Manager (BCM) systems.
IP Trunk utilizing ISDN D-channel signaling, H.323 protocol, and standard TCP/IP packets, while allowing seamless networking between Meridian 1 Systems in our enterprise network.
UNITED STATES DEPARTMENT OF ARMY/PENTAGON
Cherry Road GT
Senior Cisco Network Engineer CCNP, 03 /04 – 05/05
Supported mission critical projects with administration and maintenance of Cisco 7606, 3745, 3725, 2621XM routers and Cisco 6509, 6513, 4506, Level-3 3550, 2950, switches
Configuring Alteon 3408 and 184 Load-balancers, Net screen 5200, Palo Alto Firewalls. Configuring Safenet and Nortel Contivity encryptors for WAN links all over the world at Consulates and Embassies. Provisioning of WAN links using commercial provides in the USA and overseas. Leading projects from inception to fruition on Top Secret Fast lane and Taclane installation, configuration; and administration. Working with PVC/PVP’s and SVP/SVC.
Testing of network devices for proper configuration and trouble-shooting problems involving ACL’s and other Network access issues.
Expert knowledge; of Cisco routers, Switches and Cisco PIX, Palo Alto Firewalls, incorporating them with CRYPTO’s for secure WAN connections.
Certified Fast lane & Taclane Security Administrator experienced with Firefly key and TEKS and PPK filling. Hands on experience working with TacLane KG-194, KG-175’s and Fast Lane KG-75A. Juniper M-series routers (M-series) and Netscreen Firewalls. Configuring ATM protocols, such as ILMI’s, working with frame-relay circuits, T1’s, DS3’s, OC3’s, and OC12’s. Using DTD’s to fill Encryption key sets such as Firefly Vector sets and PPK’s onto FastLane Crypto and Taclane’s.
Working Knowledge of Nexus repository Manager.
Expert knowledge of Microsoft Visio. I used it for detailed documentation of the Network topology
Configuring Safenet and Nortel Contivity encryptors for WAN links all over the world at Consulates and Embassies. Provisioning of WAN links using commercial provides in the USA and overseas. Creation and implementing of VLAN architecture for network segmentation and Security. Design and testing and implementation of IBGP routers and EBGP routers to support critical DOD network sustainability for the Department of Army. MPLS re-configuration of multiple Top Secret locations for redundancy and failover.
UNITED STATES DEPARTMENT OF ARMY/CENTCOM
TLA Associates
Senior Cisco Network Architect Engineer CCNP, 03 /04 – 11/04
Supported mission critical project with administration and maintenance of Cisco 7606 routers and Cisco 6509 switches.
Configuring Alteon 3408 and 184 Load-balancers, Net screen 5200 Firewalls. Mission critical high-tech initiatives essential to National Security.
Configuring and administering Cisco PIX Firewalls 535’s for forwarding traffic. Leading projects from inception to fruition on Top Secret Fast lane and Taclane installation, configuration; and administration. Working with PVC/PVP’s and SVP/SVC. Testing of network devices for proper configuration and trouble-shooting problems involving ACL’s and other Network access issues. Expert knowledge; of Cisco routers and Switches, incorporating them with CRYPTO’s for secure WAN connections.
Certified Fast lane & Taclane Security Administrator experienced with Firefly key and TEKS and PPK filling. Hands on experience working with TacLane KG-194, KG-175’s and Fast Lane KG-75A.
Configuring ATM protocols, such as ILMI’s, working with OC3’s, OC12’s. Using DTD’s to fill Encryption key sets such as Firefly Vector sets and PPK’s onto FastLane Crypto and Taclane’s.
UNITED STATES DEPARTMENT OF TREASURY
Senior Security Engineer CISSP, 10/03 – 03 /04
Research, Scanning, Testing and evaluating several network system designs for conformity to NSA and DISA guidelines. DITSCAP, NIACAP, NISPOM and NIST 800 series use to evaluate Treasury agencies for Proper configurations on Net screen Firewalls, Citrix, UNIX and Windows servers.
Security testing and evaluation, of several platforms during Certification and Accreditation. Scanning the various servers using tools such as Ness us, Retina and Net tool for vulnerabilities and open ports. Writing SSAA’s, Security plans, risk assessments, get-well plans and disaster recovery plans for several Dept of Treasury agencies in addition to recommendations for improvement. Developing Scanning, testing and evaluation documents for several projects while reporting directly to the DAA and CIO.
Active US Dept of Treasury Clearance and Active DOD Secret Clearance.
EXXONMOBIL CORP
Senior LAN/WAN Cisco Engineer, 08/99 – 10/03
Monitoring of network with HP Open View Network Node Manager platform while also incorporating Cisco Works 2000 real-time application for configuration and maintenance of a large switched based local area network and of a large international wide area network.
Worked with multiple carriers to resolve point-to-point and multi-point frame-relay problems, integration, installation, maintenance and analysis of new network devices into existing infrastructure.
Design, configuration and implementation of DNS Servers on Cisco routers, switches and Window NT/2000 servers.
Hands on experience configuring, Cisco 5500, 5509, 5000, 6500 chassis switches as well as Cisco routers 7000, 7010, 4000, 7505VXR AS5200 and 2600 series. Expert knowledge of Multiple layer switching (MPLS) supporting over 300 6500 switches on the LAN.
Worked in a large network of about 300 5509 and 5500 Cisco Switches as well as 30 high end Cisco routers.
Very in depth knowledge designing and configuring Tacacs+ on
Contact this candidate