Network Security Engineer
Resume:
RESUME
Mr. Li Hsu
Rockwall (Dallas), TX *****
Phone 469-***-****) Email: ac3vdh@r.postjobfree.com
Education Texas A&M University B.S. Computer Science 1990 Texas A&M University B.B.A. Finance 1988
Certifications Check Point CCSE & CCSA 1998
Certified ISO 9000 Auditor
Experience State Farm Mutual Insurance 3/2017 – Present Position: Information Security Analysts – Data Loss Prevention (DLP) Group Responsible for managing Data Loss Prevention for State Farm Corporate Networks
• Performed Vulnerability Analysis on Hadoop, MySQL, MS SQL and Oracle Databases
• Monitored daily Symantec DLP Logs and Incidents
• Reviewed and Implemented Security Policy Changes for Symantec DLP
• Created Q-Radar SIEM Reports for Symantec DLP Incidents
• Performed Audits for DLP Group
• Liaison duty with State Farm departments on DLP Policy changes and issues AAFES (Army Air Force Exchange Service - Department of Defense 7/2016 - 2/2017 Position: Contractor Security Engineer-IT Governance SOC Group Responsible for managing Logrhythm SIEM Application Server
• Monitored Security Logs on Cisco Switches, Routers, Firewalls, WAPS and VPN devices
• Monitored Security Logs on Vcenter., ESXi Hypervisors, AIX, Linux, and Windows Servers
• Developed Log Parsers for Logrhythm Security Monitor agents.
• Created Logrhythm Daily/Weekly Activity Summary Reports for SOC Team
• Created Logrhythm Alarms and Alerts for ESXi Hypervisors, Cisco Routers, ASA and FWSM Firewalls
• Performed maintenance, upgrades and patching on Logrhythm Compucom 7/2014 – 5/2016
Position: PCI Security Analysts-L3 Engineer
Responsible for managing PCI 2.x,3.x Compliance for Network Security Devices and Windows/Linux/Unix Servers.
• Performed Vulnerability Remediation on Linux Servers & Network Appliances for PCI Compliance
• Created and Maintained Hardened Windows and Linux Server VM Templates & Network Appliances
• Performed PCI Audit Compliance Vulnerability Scans on Windows/Linux Servers and Network Devices
• Managed Patching and Vulnerability Remediation on Windows/Linux Servers
• Performed PCI Audit Compliance on Virtual Appliances and Cisco Network Switches and Routers
• Performed P2V (Physical To Virtual) of Windows/Linux Servers
• Managed EIQ SIEM/FIM application on Windows/Linux/Unix Servers for PCI Compliance
• Managed Symantec SEP and McAfee VSE on Windows/Linux /Unix Servers for PCI Compliance Dell-Credant Technologies 8/2005 –2/2014
Credant Technologies-Acquired by Dell in 12/2012 and renamed DDPE (Dell Data Protection Encryption) Positions: Security Sales Engineer, Quality Assurance and Level 3 Support Engineer Responsible for providing Pre Sales Technical and Business Development support for Commercial and Government Accounts for Credant-DDPE Enterprise software. Credant-DDPE is an Enterprise Class file based software encryption application designed for protecting data on mobile devices.
• Pre Sales and Level 3 Technical Support
• Implemented Credant-DDPE for Professional Services in PKI/CA Enterprise Networks
• Created Documentation and Knowledge Base Articles for Credant-DDPE
• QA testing on DDPE and Dell Cloud Client products.
• QA integration testing with FTK and Encase Enterprise Forensics
• Performed Forensic Analysis for Civil and Criminal Cases involving files encrypted with DDPE Openservice, Inc. 2/2004 – 8/2005
Position: Systems Engineer
Engineer responsible for providing Pre Sales Technical and Business Development support for Commercial and Government Accounts for Security Threat Manager (STM) and Nerve Center products in the US South Central & Latin America Region. STM is a 3rd generation class Security Information Management
(SIM) product designed for Real Time Threat Management and Forensics, collecting and correlating events from Network, Security, and Application Devices providing alerts and compliance reporting for Sarbanes-Oxley, HIPAA, Gramm-Leach-Bliley, SEC17a-4, and VISA CISP.
Performed Pre Sales and End-User Support for Security Threat Manager (STM) and Nerve Center products.
Implemented Security Threat Manager for Professional Services Group. in PKI/CA Enterprise Networks
Training Instructor for Security Threat Manager.
Performed Competitive Analysis and Evaluation of competing Security Information Event Management
(SIEM) products.
Assisted Software Development and QA Team in the testing of Security Threat Manager Citadel Security Software 12/2002 - 2/2004
Position: Sr. Security Engineer
Engineer responsible for providing Pre Sales Technical and Business Development support for Fortune 500 and Federal Government Accounts for Hercules Vulnerability Remediation Management product. Hercules is a 1st to Market comprehensive software security product designed to automate remediation of vulnerabilities on Windows, Solaris and Linux desktops and servers.
Performed Pre-Sales, Training and End-User Support for the Hercules Vulnerability Remediation product.
Performed Vulnerability Assessment and Remediation on Windows and UNIX Desktop/Servers for Commercial and Government organizations/agencies to meet compliance with HIPAA, Sarbanes-Oxley and Gramm-Leach-Bliley legislation mandating security compliance.
Performed Competitive Analysis and Testing/Evaluation of competing Vulnerability Remediation products.
Assisted Software Development and Quality Assurance Engineers in development and testing. Intrusion.com 7/1999 – 11/2002
Position: Network Security Engineer
Engineer in charge of Technical and Business Development Support for Network Security Products Asia Pacific and Latin-South America Region.
Provided technical and business development support to VARs, System Integrators and Distributors on Network Security products.
Performed Deployment and Support of Firewalls and VPN solutions for multi-national Corporations.
Performed Deployment and Support of Network and Host Based Intrusion Detection Systems for Telecommunication, Internet, Application, and Managed Service Provider firms.
Product Development Engineer responsible for testing, evaluation and integration of network security products covering Firewalls, VPN, Intrusion Detection, Reporting, Anti-Virus, Auditing, High-Availability/Fault Tolerance, and URL Filtering.
Presented information security seminars and training for Systems Integrators and VARs/Reseller channel partners.
Developed Training Courseware and User Documentation for Network Security Products.
Performed Network Security Audits and Threat Assessments.
Performed Deployments of Web Servers, E-Commerce and Database Servers on Solaris, IBM-AIX, HP-UX, and Windows NT/2K OS running Apache, IIS 4/5, and IBM Websphere.
Performed Deployments of Firewalls, VPN, and Encryption/Authentication (PKI, X.509) applications for SOX, and Health Care Providers in accordance with HIPAA.
Performed Collection, Analysis, and Data Modeling of Computer Users and Network Security Events for Network Security Intrusion Detection Management Systems. ODS Networks, Inc. 2/1994 – 6/1999
Position: Security Sales Engineer
Engineer in charge of Technical and Strategic Business Development Support for LAN Switch/Routing products for Asia Pacific and Latin-South America region.
Managed and performed Network Project design and installations in Asia Pacific and Latin- South America for Federal/Local Government Agencies, Airports, Automotive, Banks and Financial Institutions.
Training Instructor for Hubs, Switches, Routers, and SNMP/RMON based Network Management System.
Engineering Team responsible for the design and implementation of the Kuala Lumpur- Malaysia- International Airport Network.
Developed Education Training Manuals and Courseware for Network Switching and Management Products.
Summary of Hardware and Software IT Technology Platform Experience Network Security • Firewalls-VPN: Checkpoint, Sonicwall, Symantec, Sidewinder, Watchguard, Netscreen/Juniper, Cisco IOS/PIX/FWSM, ASA, ASA X FirePower, Lucent, Microsoft ISA. Palo Alto, IDS-IPS: Real Secure, McAfee, Cisco Secure, Tippingpoint, Enterasys, SNORT, Toplayer, FireEye
Scanners-Auditing: ISS Scanner, Cybercop, Kane Secure Analyst, NMAP, Foundstone Harris STAT, MBSA, Nessus, Vigilante Securescan, nCircle, Qualys and Tripwire URL Filters: Websense, Surfcontrol
Anti-Virus: Trend-Micro, F-Secure, Symantec, McAfee, Sophos, Kaspersky, Panda High Availability/Clustering/Load Balancing: Stonebeat, Rainfinity, F5 Patch Management: Patchlink, Bigfix, SMS 2.0, Ecora, HFNetChk, ConfigureSoft, Hercules Authentication-Encryption: PKI, X.509, WEP, WPA, WPA2, WPS, SSL TLS SIEM: Arcsight, EIQ, Logrhythm, Nitro, Q-Radar, Splunk Network Technology Network Management: HP Openview, IBM Netview, Citrix Metaframe, Nerve Center, SMARTS
Cisco Routers: 700, 800, 1600, 1700, 1800, 1900, 2500, 2600, 2800, 3000, 4000, Cisco Catalyst Switches: 7000, 5000, 6500
Cisco Nexus Switches: 3000, 7010, 7018
Cisco Wireless Controllers: CT2504, CT5508
Cisco WAPS: 2702
Ethernet/Fast Ethernet/Gigabit Ethernet, Token Ring, FDDI, HPPI, ATM, Frame Relay, Broadband-DSL, ISDN, T1/T3
Computer Platforms SUN SPARC/ULTRA SPARC/Enterprise-Sunfire Workstations and Servers IBM RISC 6000 Workstations and Servers
HP PA-RISC Workstations and Servers
IBM AS 400/OS390 Mainframes
SGI MIPS R4000 Crimson, Onyx
Cisco UCS 6100
Operating Systems UNIX: SUN Solaris, HP UX, IBM AIX, SGI IRIX, SCO, BSD Linux: Redhat, Oracle Linux, Debian, Knoppix, Ubuntu, CentOS, Suse, Android 3.x – 6.x Windows: NT, XP, 95, 98, ME, 2000, 2003, 2008, 2012, 2016, Vista, Windows 7.x-8.x, 10.x Novell: Netware 3.x – 6.x
Apple: Mac OS Jaguar, Tiger, Leopard, Snow Leopard, Lion, Mt. Lion, Maverick, Yosemite, El Capitan, Sierra
Apple Iphone iOS: 3.x-10.x
Cisco IOS: 8.x-12.x, 15.x
Database Microsoft: SQL 7, SQL 2000, SQL 2005, SQL 2008, SQL 2012, SQL 2014, SQL 2016 Oracle: 8.x-12.x, MySQL: 4.x-5.x
IBM: IMS, DB2
Apache: Hadoop
RIAK
Postgresql
Database Security • IBM Infosphere Guardium
Oracle Database Vault (ODV)
Microsoft MS SQL 2016 Always Encrypted
Virtualization • Vmware: Vsphere 4.x, 5.x, 6.x; Workstation 5.x-12.x, Vmware Fusion Microsoft: Hyper-V, Parallels Desktop
Web Servers MS IIS 4x-8x, Apache 1.x-2.x, IBM WebSphere, BEA Weblogic Forensics • Access Data FTK 3.x-4.x, Guidance Software-Encase 5.x-7.x Network Storage • Nimble, EMC VMAX
Contact this candidate