PROFESSIONAL SUMMARY:
** ***** ********** **********. ** expert in network architecture, network engineering, and network support, telecommunications, Cisco VOIP Networks, Telephony, Broadband and Internet Protocols (Application, Transport, Internet, and Link Layers) and training.
Experience with Cisco ASA Firewalls; Cisco with Nexus platform; Cisco ASR; Cisco 650x platform; Cisco ASA. F5 VIPRION, Palo Alto devices supporting VM environment experience;
F5 Big IP LTM/GTM; Cisco ACS, F5 Firepass; Zenoss; Algosec; Websense.
QRadar, Stealth Watch, Sourcefire, Palo Alto Firewalls. ITIL service management processes.
Responsible for design, implementation and maintenance of the security architecture in support of the global organization. Manage security technologies to support information security and risk management programs.
Provide high level support with internal audit, compliance, architects, analysts, administrators, and desktop support at corporate and remote locations regarding security, networking and technology. Continuity planning.
Detailed experience and understanding of information security, risk management, tools, technologies and security strategies.
As a veteran of the United States Army, instilled with a strong sense of leadership, responsibility and accountability.
EDUCATION AND CERTIFICATIONS:
Associate Degree: Electronics Engineering, Bell & Howell Institute of Technology
Computer Programming and Applications, Institute of Computer Technology
IPv6 Foundations Certification, US National Energy Testing Laboratory
CompTIA A+ Certification
VPN/Firewall Engineer
LAN Engineer
EXPERIENCE:
Federated investors, Southpointe, PA. 08/16 to 28/17
Senior Network Security Engineer Consultant
Analyzed and implemented FW change requests from internal teams and developed change control measure and documentation.
Designed and Architected LAN/WAN/Wireless networks as needed.
Ensured the availability of LAN/WAN/Wireless network infrastructure.
Implemented and maintained LAN/WAN/Wireless network monitoring tools to ensure optimal system utilization and performance.
Coordinated and collaborated with vendors to troubleshoot issues when needed.
Designed, implemented and monitored the LAN/WAN/Wireless network architecture.
Contributed and lead the technical network team in various accepted projects as needed.
Advanced understanding of Networking, TCP/IP, UDP based applications.
Knowledge and implementation of the OSI Model protocols HTTP, HTTPS, SMTP, FTP, TELNET, SSH, POP, POP3, DNS, UDP, Arp and TCP/IP?
Knowledge and experience with Routing protocols OSPF, BGP And RIP.
Working knowledge of switching in layer 2 and layer 3 VLANS.
Use of DHCP/DNS/FTP/HTTP protocols and Monitoring features Such as SNMP/NETFLOW.
NATTING and PAT functionality with Proxy and reverse Proxy (WAF) implementation.
Basic IPv6 and complete IPv4 Implementations.
Quality of Service (Qos), configuration and implementation.
High availability (HA) setup with JSRP and VRRP.
IPSEC VPN (Site to Site and Client to site).
Dynamic Routing with and Implementation of BGP and OSPF.
Unified threat management features such as Anti-Virus, Anti-Spam, and Web-filtering.
Application Layer Gateways and Layer 7 Troubleshooting.
GRE Tunneling and data encryption.
Deployed SRX Firewalls – SRX 100, SRX 110, SRX 210, SRX 220, SRX 240, SRX 550 and SRX 650 at the perimeter and in branch offices.
J Series Firewalls and Routers - J 2320, J2350, J4350 AND J6350.
Wireless Access Point AX 411 and Data Bridge CX111.
Maximized quality of work performed in technical project leadership and support in completing tickets and service requests as needed.
Architected, developed, improved, and grew the LAN/WAN/Wireless network infrastructure.
Provided and/ monitored 24/7 support of wireless LAN/WAN/Wireless network as required
Mentored other team members as appropriate for project needs..
Supervised the Enterprise Network Infrastructure consisting of over 3000 devices, including but not limited to Cisco switches, routers, Cisco Prime, ASA, Client, and wireless controllers; APC;F5 GTM; Juniper Routers, switches and Firewalls, Palo Alto firewalls, Panorama, Solarwinds, Citrix Netscaler Load balancer/DNS management entries and their subsystems to ensure seamless wired and wireless network service.
Provided network team leadership; trained and mentored network staff in all aspects of the network infrastructure.
Completed annual performance evaluations for Network Staff
Provided 24/7 support for all network issues and customer concerns.
Performed capacity and project planning for all Network and Security Equipment, and IP Address space within the data centers and remote locations
Supported, configured and maintained Network infrastructure for the Local and Wide Area Networks connecting the Federated, Bloomberg, and Argos boards applications, and fund Networks and remote locations.
Maintained and configured network switches, firewalls and routers.
Provided day to day Firewall operations management
Norwin Technologies, Danvers, MA. 04/16 to 07/16
Senior Network Architect Consultant (remote)
Design and plan the Network security infrastructure.
Performed design methodology, implemented and performed troubleshooting networking infrastructure activities for all local and remote locations and the data center infrastructure utilizing various networking tools.
Perform Firewall Administration of Juniper, Cisco and Palo Alto Firewalls.
Analyze and implement FW change requests from internal teams and developed change control measures.
Designed and Deployed LAN/WAN/Wireless networks
Involved in network and security-related hardware training for the security team as needed
Assisted in deploying and maintaining Network security infrastructure.
Created and presented SOWs.to clients and other stake holders.
Provided network team leadership; trained and mentored clients and staff
QVC, West Chester, PA 05/15 to 03/16
Senior Network Security Consultant
Participated in the maintenance of a large enterprise firewall infrastructure consisting of over 400 firewall appliances and dozens of IPsec VPN's. Implemented firewall related provisioning requests including new firewall permit policy. Contained new network security threats through careful implementation of firewall policy.
Troubleshooted network communication problems as they relate to firewalls. Correlated and detected network events to identify potential problems or root causes. Assisted application and system owners in troubleshooting problematic network dependent applications.
Served as an escalation point and mentor for more junior team members.
Participated in a formal incident rapid response process for high priority incidents.
Implemented firewall change in the context of incident resolution, problem management, service requests and project completion
Developed and maintained network documentation. Developed and Implemented Network diagrams in Visio and Red Seal.
Professional level understanding of Ethernet and the surrounding technology such as Spanning Tree Protocol (802.1w, 802.1d).
Professional level understanding of OSPF and BGP routing protocols.
Implemented firewall change in the context of incident resolution, problem management, service requests, and project completion. Collaborates and works with the network engineering teams to improve the security posture and network topology of the firewalls.
Collaborates and works with the application teams to improve the security posture of web applications.
Developed and maintained design and operational documentation for WAF technology and Network Firewalls consistent with an ITIL aligned operational model.
Developed and maintained security standards, procedures, and policies surrounding WAF technology (Akamai Kona), and Network firewalls (Cisco ASA, Juniper, Palo Alto) in coordination with Application, Information Security, and Networking teams.
Was assigned the role of the SME for all questions, concerns, and issues with WAF technology and Network Firewalls within the company.
Thorough understanding of dynamic routing protocols such as OSPF, IBGP, and IS-IS.
Demonstrated a strong understanding of firewall topology and zone based methodology.
Expertise in Check Point, ASA, PIX, and Palo Alto Firewalls. Developed and presented Network and Data-flow diagrams.
Documented,, implemented, and maintained an Enterprise Network Firewall environment.
Diagnosed data exceptions, recommended and developed controls to ensure accuracy
Supported new security appliance, (web application firewalls) used to protect the online E commerce entry points. Designed and implemented Enterprise Network Firewalls in the Retail and E-Commerce industries.
Responsible for designing, implementing, and maintaining an enterprise WAF solution within a Fortune 50 E-Commerce environment.
Designed and Implemented WAF solutions within the Retail and E-Commerce industry
Possesses Wireless/BYOB Network Design and Implementation Project experience.
Understands Apache and Database Administration. Experienced in designing and implementing load balancing solutions for large enterprises.
Has understanding of basic and advanced F5 load balancer configurations, and general troubleshooting of the F5 load balancers.
Familiarity with packet capture tools (TCPdump / Wireshark, Splunk, Puppet, Cisco Prime, Red Seal, SolarWinds).
Responsible for analyzing application data flows and designing firewall & load balancer policies that support application requirements.
Developed and implemented Firewall, Switch, Router and Server, (Unix/Windows) Configuration standards.
National Energy Testing Laboratory, DOE, South Park, PA 08/13 to 04/15
Team Lead Network / Telecom Senior Network Engineer
Managed the Network and Telecom Teams across all five (5) sites for the National Energy Testing Laboratory (NETL)/Department of Energy.
Developed, standardized and implemented Vendor policies and strategies for better Inventory deliverables and procurement actions.
Effectively managed Thirty-nine (39) IT Projects with a 99.96% on-time completion rate.
Created and maintained program schedules and milestone tracking.
Assisted Program and Area Managers on the creation and management of the Design and Development Plan. Designed, implemented and managed security technologies to achieve and support information security and risk management programs.
Provide high level support with internal audit, compliance, architects, analysts, administrators, and desktop support at corporate and remote locations regarding security, networking and technology. Worked with the Cyber Security Team to develop, document, and implement Continuity Planning. Executed and oversaw regular security vulnerability assessments.
Reviewed security vulnerability assessment results and provided comprehensive reports to management. Prioritized and managed resolution of identified vulnerabilities.
Implemented ITIL best practices.
Enhanced Data Loss Prevention utilizing file fingerprinting. Configured Secure Web Gateway event reporting. Tested and implemented a wide range of security technologies, such as network security appliances.
Identified and configured management systems, anti-malware (malicious software) solutions and automated policy compliance and server/desktop security tools.
Planned, developed, installed and configured the Checkpoint R76 EPO management Console.
Developed the ADFS Server build Initiative and network diagraming in preparation for Office 365 Project. Developed and implemented Radio (FM) Frequency Policies and Procedures.
Developed and implemented the Radio Repeater hardware/software installation and upgrade
Developed and implemented Firewall Change Control Policies and Forms.
Laid out in detail the Contractor Access Project for access to the Internal Network.
Managed the Nessus Tenable PCI Perimeter Scanner.
Ensured that security programs were in compliance with laws, regulations and policies to minimize or eliminate risk and audit exposures.
American Eagle Outfitters, Warrendale, PA 06/13 to 08/13 IT Enterprise Network Security Administrator Consultant
Planned and developed, installed and configured the Checkpoint R76 EPO management Console. Developed and implemented Contractor Password policies.
Managed the Nessus Tenable PCI Perimeter Scanner. Managed user accounts for the Aruba Wireless Network Access points.
Provided Metrics reporting of scanned and un-scanned IP addresses and sub nets using CSV files and excel spreadsheets. Collaborated across multiple functions to ensure adherences to quality standards and internal processes.
Laid out in detail the Contractor Access Project for access to the Internal Network
Enhanced Data Loss Prevention utilizing file fingerprinting. Developed and Configured Secure Web Gateway event reporting.
Administered, developed, documented, and trained essential personnel on the IT Network Security systems including Security Information & Event Monitoring (SIEM), Internet Content Filtering, Anti-malware, End User Data Protection, Mobile Device Management (MDM), for the BYOD Initiative and Mobile Application Management (MAM),
Bank of New York Mellon, Pittsburgh, PA 11/12 to 03/13 Vice President - Risk Management - Security of the Enterprise Network LAN/WAN
Carried out supervisory responsibilities in accordance with the organizations policies and applicable laws. Responsible for planning, development, procurement and implementation of servers, workstations, routers and switches for the testing lab environment in order to test, increase consistency and reliability.
Established formal change management processes and executed through that process
containment. Identified emerging technologies to be assimilated, integrated, and introduced within the bank, to insure that the bank is adequately safeguarded against emerging Cyber-Security threats.
Managed acceptance criteria throughout the translation of requirements into design and delivery, as well as ongoing scope containment. Maintained the effectiveness of enterprise-wide information security strategies including related programs, processed and initiatives.
Supervised the provisioning and de-provisioning of access to network systems, applications and data in-line with IT security policies.
Instrumental in the development, implementation, and enforcement of corporate-wide information security policies, procedures and standards.
Consulted with business and operational infrastructure personnel regarding new and existing technologies, appropriate security architectures, practices and procedures.
Conducted training and documentation support to all personnel.
Planned and assisted installation and troubleshooting of firewalls and configuration.
Responsible for interfacing with various internal and external clients, and audit agencies, to establish communication, cooperation and compliance of information security standards and requirements.
Managed Firewall/Intrusion Detection System hardware and software.
Assessed the vulnerability of IT systems using penetration testing and vulnerability Risk Assessment. Identified, proposed, scheduled, budgeted, align relevant resources, executed, and reported on the LAN/WAN Networks and IT Security.
Installed and configured the Juniper Intrusion Prevention System (IPS).
Installed and configured the BlueCoat proxy server for F5 implementation.
Performed Incident Reporting & Analysis of Tufin, Algosec, RedSeal, Skybox, BlueCoat, Juniper, Cisco Routers, Switches, IPS, NIPS systems.
Continued testing and configuration of the Websense (content) Servers.
Performed Review of escalated incident tickets and coordinated with all areas of Risk Management for the implementation of concise solutions.
Responsible for assessing security risks of Network topologies.
Administered, developed, documented, and trained IT personnel on the IT Network Security Systems including Security Information & Event Monitoring (SIEM), Internet Content Filtering, Anti-malware, Anti-SPAM, Anti-Virus, End User Data Protection, Mobile Device Management (MDM), and Mobile Application Management (MAM).
Analyzed interconnecting Networks and Remote servers/access points for regulatory compliance of BNY Mellon policies and procedures. Proposed and implemented risk mitigation activities. Team lead for the Brazilian Bank F5 Rollout for the Risk Management team. Assistant for the BYOD Mobility project. Assisted Project Managers in developing risk assessment, mitigation, and reporting throughout the various projects.
Select Dental Associates, Pittsburgh, PA 09/12 to 10/12
Consultant: Network Architect / Developer
Designed, developed and installed LAN as well as peripherals associated in the office environment. Installed and configured the HP Proliant Server for MS Server 2008 with patches and updates. Developed and customized formulas for MS Access databases and MS Excel spreadsheets. Developed, wrote, scripted and installed specific Visual Basic operations for the office practice. Responsible for troubleshooting and instruction of Network routers cabling and associated hardware. Documented all phases of installation, backup, repair, and software update procedures and standards.
Department of Defense/United States Central Command, Tampa, FL 05/05 to 03/12
Network / Telecommunications Consultant / Lead Trainer
Managed 3 subordinate supervisors who in turn, supervised a total of 31employees in Systems and Networks, Information Systems Operations, Application Programming, and Telecommunications. Directly responsible for the overall direction, coordination, and evaluation of new equipment to fielded military units during combat operations.
Executed Avaya S8710 to CUCM migration for 400 users at a time. Installed, programmed and maintained Avaya Call Manager 3 system. Installed, programmed and maintained Avaya Call Management System 13.
Installed and programmed Spectrum Wallboards. Installed and programmed 25 JNN site Avaya Call Manager Networked Systems for the United States Army.
Administered, maintained, and improved IT Network Role-Based Access Management Program. Administered, maintained, and improved the Network IT Privileged Access Management (PAM).
Developed for Project Managers Network Design, Cost, Delivery, Implementation, Training, and Reporting throughout all phases of Network Design and Installation for CENTCOM in Iraq.
Developed project scope and implementation schedules and tracked progress to ensure that all benchmarks and milestones were achieved on a timely basis
Developed and trained soldiers and civilian Contractors critical Incident Response Processes (IRP) in reaction to Network anomalies.
Provided understanding and knowledge of routing protocols such as OSPF, BGP, and RIP, EGRIP. Provided training and materials for data networking including: TCP/UDP, ICMP, ATM, Frame Relay, VPN, and VLANs, routing, bridging, and switching in a LAN/WAN environment.
Provided students with a working knowledge of IP networking including VoIP, COS, QOS, and sub-netting across an MPLS network. Configured EVDO as a backup using HWICs Cisco card in Edge Networks. Provided training and understanding of MUXs, DACs and PSAXs.
Performed Telephone installation, troubleshooting and maintenance for CENTCOM Global
Supervised 32 installation and maintenance technicians in the United States and Iraq.
Provided support to a 400 seat location by phone or in person as needed to minimize downtime to resolve user concerns with specific applications
Installs, troubleshoots and maintains the CISCO VoIP Network Routers, Switches and Cisco Unified IP Phones – 7960/7962 series.
Develops, Installs, troubleshoots and maintains DNS and Active Directory Networks and Services. Planned and assisted installations, transitions, cutovers of network components and capabilities.
Installs, troubleshoots, develops, and maintains and writes CISCO ASA Firewall Contexts.
Responsible for troubleshooting and instruction of Network routers cabling, phone cabling and associated hardware.
Maintained Voice and Data products with DSL/T1 circuits, CPE, VOIP, LAN/WAN, Internet, MPLS and IP networking configuration, and fault isolation procedures.
Maintained confidential or sensitive information in accordance with prescribed Government regulations (i.e. ITAR/ FAR).
Installs, troubleshoots and maintains the JNN shelters and associated Battalion Node cases.
Designs and optimizes network topologies and site configurations
Analyzes network characteristics (traffic, connect time, transmission speeds, packet sizes, and throughput, etc. Recommends procurement, removals and modifications to network components. Provided Systems, Training, Management, Support and Documentation for HP OpenView and Solaris based systems in a Combat environment.
Responsible for set up, execution, migration, updates, and expert training for U.S. Military in VOIP Networks, IP Telephony, Broadband Telephony, Broadband Phone.
Responsible for set up, execution, migration, updates, and expert training for U.S. Military in using SNPMc, Active Directory, HP OpenView, CISCO IOS, CISCO Call Manager, Juniper Firewalls (Netscreen), Juniper IDS, and other Hardware/Software products in conjunction with HP Server/Workstation Products in order to provide best in class Network support in critical areas of Secured Government Networks.
Responsible for set up, execution, migration, updates and expert training for U.S. Military in Internet Protocols at the Application Layer: DHCP,DNS, FTP, HTTP, LDAP, BGP, NTP, OSPF, RIP, SNMP, SSH, Telnet, SSL, POP.
Responsible for set up, execution, migration, updates and expert training for U.S. Military in Internet Protocols at the Transport Layer: TCP, UDP, SCTP, DCCP.
Responsible for set up, execution, migration, updates and expert training expert training for U.S. Military in Internet Protocols at the Link Layer: ARP, RARP, Tunnels, PPP, Ethernet, DSL, ISDN, FDDI.
Conducts research to develop and revise training courses and prepare appropriate training materials.
Prepares, Writes, and modifies training materials. Trains personnel through formal classroom courses, workshops and seminars. Develops computer based training materials and courses
Established company infrastructure to support and guide individual Military Units in computing and information technology efforts.
Czar Firearms Ford City, PA 10/2011-5/2017
Chief Information Officer – Complete Enterprise Network LAN/WAN
Responsible for planning, development, procurement and implementation of Servers and Workstation
* Migrated Mailboxes to new Exchange Server increase consistency and reliability
* Upgraded Workstation clients to Windows XP Professional
* Reconfigured and updated existing Network and Kiosks Hardware for compatibility
Recommended procurement, and modifications to network components
* Negotiated all Network and System Component Pricing
* Conducted Maintenance and Support for Operating System, Web software, Point of Sale Software
Conducted Training and Documentation Support to all personnel
Planned and assisted Installation and Troubleshooting
Determined Enterprise Network Security strategy, solutions, and ongoing technology enhancements
* Determined the best troubleshooting Methodologies for Network routers, WIFI, cabling and associated hardware
Assisted the Video Surveillance Contractors with Cabling, Setup and Placement of Cameras and Recording Equipment of the Company location and Stock
Provided IT Network Security engineering for Network projects
Managed Firewall/Intrusion Detection System hardware and software
Installed and configured the Checkpoint Intrusion Prevention System (IPS)
Installed and configured the BlueCoat proxy server
Performed Incident Reporting & Analysis
Provided Technical leadership and mentoring to all employees
Performed Review of incident tickets and coordinated with management for the implementation of solutions
Utilized Active Directory Domain Controller Promoter in order to view the steps and review results of install
Utilized Fine-grain Password Policies (FGPP) in order to create different password policies in the same domains
Configured and managed Enterprise Admin and Domain Admin groups
Utilized Kerberos protocol and server/client applications
Mercy Hospital, Pittsburgh, PA 11/10 to 03/11 Consultant: Senior Technician / Lotus Notes Administrator
Responsible for Lotus Notes Upgrade from 6.5 to 8.5. Responsible for planning, development, implementation to execute the Lotus Migration to version 8.5.
Migrated Mailboxes to new system over a four stage process to reduce downtime.
Upgraded Admin Client to 8.5.
Reconfigured and updated existing Network and workstations for compatibility.
Active Directory Domain Services Administration.
Installed and configured Windows Server 2008. Installed and configured Windows Internet Security Acceleration Server 2008. Installed and configured the HP ProCurve J9022A Switch.
Reconfigured and updated existing Network.
Pennsylvania Army National Guard, Ft. Indiantown Gap, PA 01/89 to 05/09 Network (UNIX/Win2000 Server) Systems Administrator / Developer
Developed NT 2000 Network design for the Soldier Readiness Program.
Designed, tested, implemented, provided “bug” fixes, workarounds, virus identification and removal, upgrades, documentation, and assisted with UNIX and PC based Network LAN and WAN based installations and designs in the testing, and production areas for the Military.
Called upon for an on-call “up-to-the-minute” service support and expertise of Windows NT 4.0, Server 2000, 2003 and Windows 95/98/2000
Responsible for troubleshooting Network Management Programs, CiscoWorks, Tivoli, Visio and Checkpoint and Juniper firewalls. Responsible for troubleshooting Network routers, cabling and associated hardware. Installed, designed, delivered, maintained, repaired and upgraded IBM Compatible PCs Networking, TCP/IP, Token Ring, Ethernet Ring, FDDI, Peer to Peer, DLE Client Server.
As the Non-Commissioned Officer in Charge, responsible for the training, development and well-being of 60 soldiers.
Provided Systems, Training, Management Support and Documentation for HP OpenView in order to manage the Network for deploying soldiers
Worked with Engineering to provide unique solutions to users and supervisors.
Knowledgeable in inventory, parts, setup, design, training, debugging, troubleshooting, scripting, documentation, implementation from start to completion and reports account logistics.
Designed, tested, implemented and documented revised UNIX/NT based LAN network installations and upgrades complete with multi-purpose kits utilizing “off the shelf” availability.
United States Army, Iraq 12/03 to 01/05
Active Duty Call Up: Network (Win2000 Server) Systems Administrator/Developer
Systems Administrator Solaris workstations, Sun/Solaris 450 Enterprise Server. Solaris Based Blue Force Tracker Systems Administrator/Tester. Apache Web Server Administrator.
Developed Win XP Network. Designed, tested, implemented, provided “bug” fixes, workarounds, virus identification and removal, upgrades, documentation, and installed PC-based Network LAN and WAN.
Used and developed critical SQL, and PERL scripts for the Unix "Backbone" Servers that provided all Network services to include video teleconference, System Backups, E mail, Mission Timestamps, etc.
Responsible for troubleshooting Network phone cabling and associated hardware.
Responsible for troubleshooting Network routers, cabling and associated hardware.
Designed, delivered, and installed, maintained, repaired and upgraded IBM Compatible PCs Networking, TCP/IP, Ethernet Ring, and Client Server.
Provided Systems, Training, Management, Support and Documentation for HP OpenView and associated MIBs, Network Discovery and SNMPc traps, including MIBs for CiscoWorks.
Called upon for on-call “up-to-the-minute” service, support and expertise of Windows XP, Server 2000/2003 and Windows 95/98/2000.
Awarded The Order of Saint Barbara Medal.
ADDITIONAL EXPERIENCE:
Buchanan Ingersoll, Pittsburgh, PA 09/01 to 01/02
Financial Systems Database Administrator//HP-UNIX Systems Database Administrator
Wesco Distribution, Pittsburgh, PA 03/00 to 09/01
Security Systems Administrator
Marconi Communications (formerly FORE Systems), Warrendale, PA 03/94 to 03/00
Level II Technical Systems Engineer
Delphi Information Systems, Pittsburgh, PA 10/91 to 03/94
Senior UNIX/Microsoft Helpdesk Hardware Technician