Security Engineer
Resume:
Duane Toler, CCNA, CCSE
Holly Springs, NC 27540
*******@*****.***
Objective
I am seeking employment opportunities in the field of development Network Security to continue extending my skills and
knowledge for the company.
Operating Systems
Windows 2000 Professional/Server Linux (Red Hat, Fedora, Slackware)
Software Packages
Linux iptables firewall
Check Point Firewall 1, SecurePlatform
Check Point SecureClient Sendmail, IMAP, POP 3 mail servers
SVN source code control PGP, GNU Privacy Guard, OpenSSH, X.509 PKI cryptography
Bugzilla tcpdump (Linux), snoop (Solaris), Ethereal/Wireshark
Microsoft Exchange C, PHP, Perl, JavaScript programming languages
Openswan VPN Snort Intrusion Detection System
Apache HTTP server
Nagios network monitoring system
MySQL database server RRDtool
Ntop, iptraf network analyzers OpenWRT Linux
Networking and Skills
Thorough knowledge of OSI model and TCP/IP protocol suite
Experience with IP Routing Protocols (RIP, EIGRP, OSPF)
IP super netting, sub netting and VLSM skills
Strong skills with host based and network based security design and deployment
Expertise with IPsec encryption
IPsec based VPNs and interoperability with Linux/Openswan, Netscreen, Check Point, Cisco IPSec
Maintaining security between multiple networks using Linux, Check Point and Netscreen firewalls
Monitoring and analyzing network traffic using tcpdump, Ethereal/Wireshark, iptraf, and Ntop
Experience building and working with Ethernet and 802.11 wireless topologies and protocols
Configuration and Installation of Cisco IOS equipment (routers, switches, access points)
Experience configuring OpenWRT Linux on embedded devices (Linksys WRT54G and NSLU2)
Experience installing and configuring ISDN, DSL, T1, Frame Relay, wireless technologies and protocols
Installing and configuring firewalls for Linux, Windows, and Solaris platforms
Configuring Linux and Windows NT/2000 on variety of equipment (desktops, servers, notebooks, embedded devices)
Proficiency with Linux and Solaris security
Experience performing security reviews of internal and external network systems
Experience with programming in C and PHP, expertise with Perl, Bash (including sed and awk)
Employment
February 2004 to present
Webfargo Data Security, Inc.
Durham, NC
Senior Security Engineer
Primary contact responsible for all customer support issues and Nagios alerts
Responsible for writing monthly firewall security reports
Responsible for writing weekly IDS reports
Maintain system operations for all company servers, client firewalls, and IDS systems in disparate locations
Maintain Openswan VPN access to datacenter systems
Experience with Sarbanes Oxley policies and documentation protocols
Provide network and security consultation and best practices recommendations to help clients
develop security policies
Installed and managed Check Point firewalls (single gateway and high availability clusters)
Configured ISP redundancy on several firewalls, including clusters, for backup Internet access
Audit firewall rules for updates and improvements
Troubleshoot numerous firewall connectivity problems with remote clients
Configured Check Point VPN 1/Endpoint SecureClient for remote users
Wrote custom IDS web interface (perl, XML)
Wrote custom firewall and IDS reports (perl, XML)
Wrote custom software to collect statistical information from client firewalls and routers (rrdtool, perl, XML)
Implemented new firewall log database and secure access using Check Point OPSEC SDK (C, bash, perl)
Designed web based security center for firewall clients (perl)
Built custom Fedora images for IDS servers
Installed Bugzilla and Subversion (SVN) for source code control and issue tracking
Installed and configured a distributed Nagios network monitoring system for internal hosts, client firewalls,
and IDS systems
Integrated numerous system processing results into Nagios event handlers (firewall backup jobs, database
integrity, etc.)
Installed and configured Cisco 3750 switch stack clusters
Installed and configured various Cisco access routers for a variety of circuits
Configured host based security and access control on routers and switches
Configured central syslog server for individual client networks for all network equipment
Created and maintained X.509 local certificate authority
Issued and maintained company wide X.509 CA certificates for universal access to all company services
(Including VPN, SMTP, POP 3, Apache, Nagios, SVN, Bugzilla, web based security center, IDS systems,
e mail authentication and encryption)
March 2002 to February 2004
AT&T
Morrisville, NC
Network Security Engineer
Member of the Internet Investigation and Security Services team
Responsible for enforcing AT&T Acceptable Use Policy for all customers and nodes
Handled daily e mails from third party reports of Internet abuse
Worked with team members to design automated system for dial up user abuse cases
Wrote initial prototype system of automation using Perl for handling common bulk abuse cases
Interacted with various levels of upper management for periodic status updates and reporting
Assisted other team members with wireless network setup and security
Designed and tested X.509 certificate based VPN and authentication across wireless segment
Worked with security team to test network security strength
January 2002 to March 2002
Independent contractor
Research Triangle Park, NC
Worked as independent contractor for former Utenzi clients
Worked with new clients for network security and general consulting
Assisted clients with network design upgrades of their Cisco routers and switches
Performed upgrades of Check Point firewalls
Advised clients on security policies and practices
Configured remote access for users using Check Point SecureClient
May 2001 to January 2002
Springboard Managed Hosting (formerly Utenzi)
Cary, NC
Security Engineer
Installed and maintained Check Point firewalls for datacenter and hosted clients
Worked with Network Operations team to redesign core network for redundancy
Worked with Network Operations team to update datacenter network infrastructure
Installed new firewalls between service networks (mail/dns, backup system, office/administration)
Maintained existing firewalls and security services for clients during company transition period
April 2000 to May 2001
Utenzi (formerly InterLan Technologies)
Research Triangle Park, NC
Field Security Engineer
Built, configured, and installed Check Point firewalls for datacenter and managed hosting clients
Implemented Network Intrusion Detection System
Designed prototype system for Distributed Intrusion Detection System using Linux and Snort
Designed Solaris and Linux host based security procedures
Worked with management and colleagues to create an Incident Response Team
Assisted recoveries from break ins and consult with customers to prevent future intrusions
Audited firewalls for potential security flaws
June 1999 to April 2000
Banknote Corporation of America, Inc.
Browns Summit, NC
MIS Manager
Built new network to replace Year 2000 non compliant equipment, software, and servers
Increased network security with server based OS security and Linux perimeter firewall
Installed new VLAN switches to improve network backbone performance
Managed installation of new Internet services using Linux and Cisco equipment
Deployed new computers, servers, and Linux firewall for branch office
Connected remote office location to main office via VPN
December 1998 to June 1999
ATP, Inc.
Research Triangle Park, NC
Network Technician
Installed Linux firewall
Designed new IP strategy with hierarchical addressing
Implemented basic network services (DNS, WINS)
Administration of Windows NT servers, Netware server, Exchange server, Proxy server, Linux firewall
Proposed several network design structures for backbone, clients, and Internet presence
Implemented two new network designs (Internet and local intranet)
Installed new VLAN switch into new network design
August 1997 to November 1998
Burlington Insurance Group
Burlington, NC
Network Administrator
Engineered secondary network for Year 2000 support for 10 nodes in test environment
Responsible for Internet/Intranet security using Check Point Firewall 1
Maintained Internet DNS servers, Internet E mail servers
Administration of NT/Novell network for 150 nodes in production environment
PC/Hardware Specialist
Gained knowledge of network equipment, traffic monitoring, and network security
Installation and administration for Windows NT 4.0 Servers, Novell Netware server,
Fax Server, Microsoft SNA Server, Exchange Server, Remote Access Server
Used Linux for various network testing, system recovery and general knowledge
Assisted migration from Token Ring to Fast Ethernet
Responsible for configuring 22 laptops, 150 PCs, 15 servers
Training/Education
Research for IPv6 deployment
Check Point Certified Security Expert (CCSE)
Check Point Certified Security Administrator (CCSA)
Cisco Certified Network Associate (CCNA)
Research for 802.1q VLAN technology
Completed "TCP/IP on Windows NT 4.0" training class
Completed "Windows NT Server 4.0 Enterprise Technologies" training class
Completed Computer Graphic Design/Art & Animation courses
Contact this candidate