Jarrett A. Hinds
*** ****** ****** \ WAXAHACHIE TX 75167
PHONE: 469-***-**** - EMAIL: *******@*****.***
SUMMARY:
Accomplished Information Technology professional offering years of experience of demonstrated success implementing strategic IT deployments that improve business functionality with positive impacts to both the bottom line and overall security posture. Experienced leader with proven ability to steer and motivate teams to maximize productivity while maintaining compliance to security standards. Technology savvy self-starter, exceptional at moving into new environments while leveraging existing experience to quickly become subject matter expert on new technologies. Possesses outstanding communication and collaboration skills providing ability to bridge the gap between senior management, networking and security groups allowing all to work in concert effectively. FAMILIAR TECHNOLOGIES:
• BlueCoat Proxies
• Distributed Denial of Service Attacks
• Network Based Anomaly Detection
• Packet & Netflow Analysis
• Checkpoint Firewalls
• Fortinet Firewalls
• Juniper Firewalls
• TippingPoint IDS/IPS
• IDS/IPS
• Cisco ISE
• Aruba
• Cisco ACS
• Arbor Networks
• Cisco Devices
• TCP/IP Networking
• Network Engineering
CURRENT CERTIFICATIONS:
• Certified Information Systems Security Professional (CISSP) PAST CERTIFICATIONS:
• PCI SSC Certified Internal Security Assessor (PCI ISA)
• Cisco Certified Networking Associate (CCNA)
• Cisco Certified Design Associate (CCDA)
• Certified Checkpoint Security Engineer (CCSE)
• Certified Checkpoint Security Associate (CCSA)
EMPLOYMENT:
Bank of America – Dallas/Addison, TX January 2001 – Present
(Telecommute from May 2008 - Present)
Roles there include:
Network Security Engineer – Service Transition & Integration - Sustained Engineering June 2014 – Present
• Provided SME support for network security devices including Checkpoint, Fortinet and Juniper firewalls as well as BlueCoat Proxies, TippingPoint/Sourcefire IDS/IPS devices, Aruba ClearPass, Cisco ACS and ISE for AAA and 802.1x services.
• Developed and provided deep firewall policy analysis process for complex DMZ engineering projects
• Assisted in multiple DMZ design projects as network security SME
• Participated in 24/7 on call rotation to support network security devices
• Provided escalated troubleshooting for regular triage calls during large enterprise impacts and attacks utilizing Splunk logs, firewall logs, live packet captures and Wireshark results to solve complex network security issues.
• Reviewed and approved all high-risk changes for enterprise-wide firewall, proxy, IDS/IPS and AAA infrastructure
• Developed and administered Firewall Baseline Compliance Remediation program to improve infrastructure stability. Network Manager – Healthcare/Government Network Team August 2012 – June 2014
• Managed team of geographically dispersed network engineers that designed, deployed and administered Cisco routers, switches, ASA’s, CheckPoint Firewalls, F5 Load Balancers and other network and security devices.
• Team worked with and provided 24/7 network support for IRS, State/City of New York, Healthlogic and Works.com
• Managed $5 million annual budget encompassing all network infrastructure for ten sites across the country
• Performed all network engineer duties and responsibilities including firewall, router/switch and VPN duties as needed PCI Assessor – Enterprise PCI Adherence Team April 2011 – August 2012
• Led eighteen lines of business through their Self-Assessment Questionnaires and Reports on Compliance.
• Acted as subject matter expert for annual PCI compliance assessments for eighteen lines of business.
• Verified evidence such as network diagrams, firewall policy, vulnerability and application scan reports, etc.
• Leveraged previous experience to recommend compensating controls as needed.
• Worked as liaison to the bank’s baseline and standard committee adding PCI requirements to them.
• Provided training to Bank employees on the PCI Data Security Standard, requirements and processes. Information Security Engineer – Intelligence Engineering Team January 2009 – April 2011
• Successfully defended Bank of America from multiple large scale security attacks in the course of this role.
• Successfully evaluated and deployed multi-layer Distributed Denial of Service (DDOS) Detection and Mitigation system protecting Bank’s Ecommerce environment from several types of security attacks.
• Acted as subject matter expert for all security incidents affecting Ecommerce environment.
• Continually performed policy management and tuning for all network security monitoring tools including: IBM/ISS IDS, SourceFire IDS, TippingPoint IPS, Arbor PeakflowX, Arbor PeakflowSP, Arbor Threat Management System, Imperva Web Application Firewalls and other in-house developed security monitoring tools.
• Engineered Smart Connectors and use cases via Arcsight ESM to receive information from various intelligence sources including IDS, Firewalls, Vulnerability scanners, Proxy logs and several other sources to produce actionable security events that notified the Level 1 analysts when remediation was required.
• Continued to provide training to multiple teams on DDOS Detection and Mitigation, IDS Monitoring, Network-based Anomaly Detection, TCP/IP Fundamentals, Bank of America Network Architecture, etc. Senior Security Analyst – Security Monitoring & Containment Team October 2007 – January 2009
• Acted as subject matter expert on Bank’s network as it pertained to security for the team.
• Acted as Level 3 escalation for Level 1 and Level 2 analysts on our biweekly on call rotation
• Developed and performed daily security monitoring functions as part of Security Monitoring team including tools such as ISS IDS, SourceFire, Arbor PeakflowX, Arbor PeakflowSP, Online Fraud Detection, Honeypots, and other in-house developed monitoring tools.
• Provided training to multiple teams on Bank Network Architecture, Netflow for Security Monitoring, and Arbor PeakflowX, as well as general Security Monitoring concepts Specialist – Security Monitoring Research & Development Team November 2005 – October 2007
• Championed R&D sharing conferences between the R&D team and R&D teams from strategic business partners
• Collaborated with R&D Think Tank to research and/or create innovative security monitoring solutions
• Led project evaluating worth of NetFlow for security monitoring which resulted in a major deployment
• Performed several security monitoring tool evaluations including products from companies such as ISS, Arbor, Mazu, Q1, Intrusic, Packet Motion, Cisco IPS, Arcsight, etc. Strategist – Vulnerability Management Strategy Team January 2005 – November 2005
• Proactively managed budget for Security Engineering team to maximize spending on security initiatives
• Developed and maintained three-year strategy plan for Information Security within Bank of America
• Coordinated with vendors and business partners to align technology with plan
• Acted as liaison between Global Wealth Investment Management, Information Security and Security Engineering Manager – Network Security Compliance & Architecture Team January 2004 – January 2005
• Expanded size and scope of previous team and included these new functions
• Successfully tracked compliance on more than 30,000 Cisco network devices and 800+ Checkpoint firewalls.
• The group is also responsible for representing the Enterprise Security Architecture of the Vulnerability Management Team to all lines of business. A consulting role that is first line of contact for IDS, Network Perimeter Security, Firewalls, and Desktop Security (desktop firewalls, anti-virus, etc.) architecture.
• Heavily involved in monitoring new technology projects for compliance with the Bank’s network security policies and architectural standards.
• Utilized an in-house application to verify baselines and standards are met on all flavors of Cisco network equipment, including Cisco routers, switches, VPN Concentrators, and PIX Firewalls. Manager - Remote Access Compliance Team October 2003 – January 2004
• Managed entire Remote Access/VPN infrastructure to ensure that Bank Security Policies were being followed
• Group was responsible for enterprise wide deployment of approximately 45,000 Personal Firewall/HIDS Team Lead – Virtual Private Networking Team October 2002 – October 2003
• Oversaw progress of approximately 60 VPN projects at any given time
• Group was responsible for enterprise wide deployment of approximately 30,000 Personal Firewall/HIDS
• Designed and deployed encrypted network solution for Outsourcing/Offshoring initiative Senior VPN Engineer – Virtual Private Networking Team January 2001 – October 2002
• Lead design engineer on the largest Site to Site VPN deployment using Cisco VPN devices (at the time)
• Worked on team that designed several enterprise class VPN solutions that provided connectivity for thousands
• Developed designs for the majority of VPN solutions within the Bank including VPN Teleworker Service Offering for the Bank that is still in use today
Positions Prior to Bank of America:
CapRock Communications – Addison TX October 2000 – December 2000 Network Engineer (Contract)
• Led the development Security Strategies for customer network
• Resolved complex networking issues in large multi-vendor WAN environments on a daily basis
• Provided Third-level support for all customer networks including Frame Relay and VPN connections
• Supported over seventy remote sites on Cisco-equipped network Genuity (formerly BBN / GTE Internetworking) – Las Colinas, TX February 2000 – October 2000 Senior Network Security Consultant
• Lead on ISP's out of band network providing resolution to complex routing issues on Frame Relay network
• Developed security strategies including TACACS authentication, Firewalls and VPN connectivity for network
• Supported over seventy remote sites on Cisco-equipped network Check Point Software – Grand Prairie, TX June 1999 - December 1999 Senior Firewall Technical Advisor
• Resolved complex networking issues in large heterogeneous customer environments on a daily basis
• Helped design Network Security implementations for customers using Check Point’s VPN-1/FireWall-1 software
• Consulted Network Engineers on proper implementation, installation and configuration of Firewall/VPN software EDUCATION:
BlueCoat Proxy Training May 2017
Cisco AAA ACS & ISE Training November 2016
Fortinet Fortigate Firewall/VPN/IPS/Proxy Training April 2016 F5 Networks Virtualized Clustered Multiprocessing Load Balancer Training December 2014 PCI Security Standards Council Internal Security Assessor (ISA) Training May 2012 Arbor Advanced DDOS Mitigation Techniques November 2010 Identifying Web Application Attacks October 2010
Citrix Netscaler Load Balancer & Web Application Firewall Training August 2010 TippingPoint Advanced IPS Training September 2009
Imperva Web Application Firewall Training July 2009 Arcsight ESM Training April 2009
Arbor Networks PeakflowSP Training July 2008
Arbor Networks PeakflowX Training May 2007
CISSP Bootcamp July 2004
Bank of America Leadership of Excellence Management Training June 2003 Cisco VPN Training May 2003
Building Scalable Cisco Networks June 2000
Designing Cisco Networks Course May 2000
Essentials of Firewalls, Fundamentals of Unix, Fundamentals of Encryption June 1999 Nokia Router Configuration, Nortel Accelerated Router Configuration May 1999 Introduction to FireWall-1, Advanced Configuration of FireWall-1 April 1999 Introduction to Cisco Router Configuration March 1999