Resume

Sign in

Network Security Engineer

Location:
Brampton, ON, Canada
Posted:
October 14, 2018

Contact this candidate

Resume:

PHONE: +1-289-***-****

E-MAIL: ac7dlt@r.postjobfree.com

ADDRESS: *** ****** **, ********, ** L6X 3S2, CANADA

OWOLABI ABIODUN EMMANUEL

CAREER SUMMARY

Emmanuel is a technology enthusiast with deep industry experience in designing, implementing, supervising, and managing advanced IP networking and security infrastructure. With several years of quality trainings and experience from System integrators, customers, and OEM environments; I have successfully completed many high-end projects while growing my career. I have extensive knowledge of network and security technologies including but not limited to OSPF, EIGRP, RIP, BGP, IS-IS, OTV, vPC, LISP, LACP, VDC, Fabricpath, STP, NAT, PBR, ACLs, 802.1x, AAA, Identity based security, BYOD, IP Telephony and collaboration, WLAN, Disjointed Layer 2, Virtualization, IPSec VPN, GRE over IPSec, Domain based VPN, SwitchPort Monitoring (SPAN), IPS, Cryptography, PKI, Certificate Signing, HTTPS Inspection, URL Filtering, Application Control, Threat Prevention and many more. Additionally I possess a lot of troubleshooting skills with in-depth experience in solving network issues using tools like Wireshark, debugs, fw monitor (Check Point), packet tracer (Cisco), device logs etc. Generally I am very vast in design, implementation and troubleshooting.

PROFESSIONAL QUALIFICATIONS AND SKILLS

Checkpoint Certified Security Master (CCSM)

Checkpoint Certified Security Expert (CCSE)

Checkpoint Certified Security Administrator (CCSA)

ISO certified Lead Cyber Security Manager

Certified Algosec Network Security Administrator (CASA)

ITIL Foundation Certified in IT Service Management

Cobit5 Foundation Certification

Cisco Data Center Support Specialist

Cisco Unified Fabric Support Specialist

Cisco Certified Network Professional - VOICE (CCNP-V)

Cisco Certified Network Associate VOICE (CCNA-V)

Cisco Certified Network Associate (CCNA)

Cisco Advanced Wireless LAN Field Specialist (CQS)

Proficient use of Wireshark, strong network diagnostic & troubleshooting skills, Linux proficiency, proficient use of Microsoft office package including Word, Excel, Outlook, Power Point, and Visio.

Strong analytical and reporting skills; advanced knowledge of Excel spreadsheet to analyze data and conversion to attractive graphical representation for management views.

Advanced network design and planning skills with the ability to create conceptual and logical diagrams using Microsoft Visio.

KEY CAREER ACHIEVEMENTS (PROJECTS SUCCESSFULLY HANDLED)

MTN Communications: Design/Implementation of Check Point Carrier Grade Firewalls (44K/64K)

Worked with Check Point Professional Services in the design & deployment of 2x Check Point 44k & 2x 64K modular carrier grade Firewalls at two different Data Centers.

Implementation of multi-chassis port bundling with Cisco Nexus 7k using LACP.

Implementation of Virtualized firewall instances on 44k/64k using Check Point VSX (Virtual System Extensions) technology.

Activation and configuration of software blades including Firewall, IPS, Anti-Bot, Anti-Virus, Identity Awareness, Application Control, URL Filtering, Monitoring.

Union Bank: Data Center Virtualization Project Using Cisco/VMware/EMC Vblock & F5 Solutions

Implementation of 4x Cisco Nexus 7009 switches (2 at HQ and 2 at DR site) with several Virtual Device Contexts (VDC) used to serve major segments of the Bank’s network, particularly to provide robust transport layer infrastructure for the Vblock solution.

Overlay Transport Virtualization (OTV) was implemented to extend selected layer 2 networks from HQ to DR.

Disjointed Layer 2 network was implemented for perimeter network segments like DMZ & Card Data Environment (CDE) to virtualize applications in these segments using Vblock without compromising security isolation requirements of the segments.

Configuration of Cisco ASR1002X Routers at HQ/DR and implementation of DMVPN over GRE tunnels to provide secure backhaul links to branches from HQ/DR. Implementation of Checkpoint

& Cisco Firewalls at HQ & DR for internet and extranet connections.

Implementation of F5 Networks BigIP solution for application traffic load-balancing at HQ & DR. Implementation of Checkpoint Threat Emulation 1000 Appliance to combat Advanced Persistent Threats (APT).

Union Bank: Advanced Cisco Collaboration & Enterprise Wireless LAN Implementation

Implementation of Cisco Unified Communication Manager (CUCM) version 11.5 as call control software.

Implementation & Integration to CUCM, of other Cisco collaboration platforms including Cisco Telepresence, Cisco IM & Presence (Jabber), Cisco WebEx.

Integration Cisco ISR 4300 as Primary Voice gateway using H323 protocol, this gateway has 2x E1 lines. Integration of Cisco 2901 ISR as secondary Voice gateway using H323 protocol.

Integration of Unify (Siemens) OpenScape IP Telephony platform to CUCM using Cisco CUBE technology deployed on the H323 gateways.

Implementation of Enterprise wireless network using Cisco 8540 Wireless LAN Controller. Cisco 3700 & 3800 series Wireless Access Points (APs) were provisioned on the WLC in FlexConnect mode which allow the APs to switch data traffic locally and tunnel control traffic back to the WLC.

Three (3) SSIDs were created one for employees’ domain Laptops, one for employees’ personal devices (BYOD), and one for Consultants & Guests.

.Cisco Identity Services Engine (ISE) 2.1.0 was deployed to enforce secure access to the wireless network using advanced Authentication Authorization & Accounting (AAA) policies pushed to the WLC. The WLC was configured as a Network Access Server (NAS) on ISE using RADIUS protocol.

Union Bank: Micro-Segmentation Solution using VMware NSX Software

Installation of NSX Manager VM and integration with vCenter.

Preparation of ESXi hosts for DMZ & Card Data Environment (CDE) Network segments

Implementation of micro-segmentation of DMZ & CDE workloads using NSX Firewall Policies.

Union Bank: Network Access Control (NAC) Solution using ForeScout CounterACT Appliance

Implementation of ForeScout Network Access Control (NAC) Solution for Union Bank of Nigeria Plc that allows real-time detection and prevention of rogue devices on the Bank’s network.

It was also used to enforce some of the Bank’s IT security policies including USB lockdown, Systems must be joined to the Bank’s Active Directory (AD) domain, Anti-Virus & Patches must be up to date.

Petroleum Equalization Funds Management Board PEF(M)B: LAN, WAN, VPN, IP TELEPHONY

Advanced Campus Network with Cisco 4500 Core Switches, IP Telephony, Voicemail, Audio/Video Conferencing.

Cisco Unity Express (Voicemail), Cisco Auto-Attendant with custom IVR workflow and greeting.

Implementation of BillyBlue call details monitoring and billing solution.

Dual-Cloud Dynamic Multi-point Virtual Private Network (DMVPN) with IPsec Encryption across 62 locations.

Cisco Wide Area Application Services (WAAS) for remote site traffic optimization (62 locations).

Multi-homed Internet Connection with Policy Based Routing (PBR). Firewall implementation with Cisco ASA5510.

Content Security implementation with Cisco Security Services Module 20 (CSC-SSM20).

Ministry of Foreign Affairs: Advanced Routing, Switching, & Security Implementation

Implementation of Advanced Hierarchical Network & Security solution with dual Cisco ASA5510, dual ASA5520

Content Security implementation with Cisco Security Services Module 10 (CSC-SSM10)

Implementation of Cisco Intrusion Prevention System (IPS), Microsoft Threat Management Gateway 2010 (TMG)

Network security boundaries implementation (Inside, VLANs, Server Farm, DMZ, Outside)

Network Convergence with RIP and OSPF. Policy Based Routing, IP SLA with Object Tracking

Internet Connection policy routing, multi-homing, SNMP and other advanced Network Services & Features.

Nigerian Breweries PLC: Multi-Site Cisco Unified Communication Project

Implementation of multi-site IP telephony and Unified Communication of data, voice, and video across 12 regional offices using Cisco Unified Communication manager as call control software while other collaboration applications like Cisco Unified MeetingPlace, Cisco Unity Connection, and Cisco Contact Center Express were integrated for various services such as audio/video conferences.

Security and Exchange Commission: Contact Center and Call Billing Project

Implementation of BillyBlue call billing solution.

Enhancement of Cisco Contact Center Express IVR workflow with custom recording.

Nigerian Air force Headquarters: LAN, WLAN, Security (Juniper & Cisco), IP Telephony Project

Campus Network Implementation using Collapsed Network Core/Distribution model using stacked Cisco3750.

Network Security policy configuration using Juniper Firewall.

Campus Wireless LAN with layer 2 roaming capabilities using Cisco Aironet 1142 series.

Cisco Unified Communication implementation using Cisco Unified Communication Manager software.

Cisco Unity Connection (Voicemail) implementation.

Implementation of IEEE 802.1x for LAN Access, Dual-homed Internet connection using Policy based Routing (PBR)

Diamond Bank: Network Security Project (Cisco ASA Firewalls & IPS, Cisco 6513 Modular Switch)

Design & Implementation of Advanced Network Security using Cisco ASA5540 with Intrusion Prevention System (AIP-SSM-40). Signature Update, Failover, and Security Policies.

Edo State Government: Routing, Switching, Security across LANs & WANs

Implementation of Advanced Routing/Switching/Security solution across Ministries, Departments, & Agencies (MDA) over Optical Fiber using Cisco 3750G, 3560G, 2960 Switches and Cisco ASA Firewall.

Signal Alliance: VPN & WLAN

Remote Access Cisco VPN Solution, Wireless LAN with Identity based Authentication, Cisco UCS C210 Servers.

Other big designs handled

Cisco Nexus 7k & Fabric Extenders for Sterling Bank’s Data Center.

Design of City Wide Wireless Network for Rivers State Government.

WORK EXPERIENCE

Check Point Software Technologies [April 2018 till date]

Lead Security Engineer (Network & Infrastructure)

Developing new customers and increasing partners’ competence by conducting regular security technology presentations, seminars, and partner training. Achieved 120% new customer development target within my first six months.

Bringing new deals and upsell opportunities by offering customers professional consulting on advanced next generation security designs covering Network, Cloud, Endpoint and Mobile.

Growing the business by providing technical pre-sales support for Account Managers (AMs) & Channels Managers.

Convincing customers and boosting their confidence in Check Point Products by conducting Security Demos / PoCs, thereby leading to increased sales opportunities.

Conducting Cyber Security Workshops for customers leading to sales pipeline expansion and meeting targets.

Conducting security assessment / checkup for customers to help identify vulnerabilities and propose appropriate security solution. The values derived from the assessments helped to win deals especially in competitive opportunities.

Mitigating zero day threats and unknown malware by designing and implementing threat Prevention (Check Point Sandblast) solutions for customers.

Designing cloud security solutions, hence helping customers to achieve same level of security in the cloud as obtainable on-premise.

Providing post-sales implementation & technical support, I helped customers to troubleshoot issues across multiple platforms like switches, routers, firewalls. I worked with Check Point TAC to troubleshoot and fix customer issues. This helped to reduce turnaround times for issues resolution and boosted customer confidence in the product and the OEM.

Union Bank Plc. [July 2013 – March 2018]

Senior Network Security Engineer

Designed advanced, smart, agile Network & Infrastructure Security solution for the Bank.

Carried out advanced network and security implementations including HQ campus LAN and WAN connections to branches using DMVPN. Advanced Campus Wireless network design and implementation

Implemented various technologies and was responsible for administering various platforms including Cisco Nexus7k, Cisco Nexus 5K, Cisco Nexus 2K, Cisco Catalyst switches (6500, 4500, Cisco 3850, Cisco 3750, etc.), Cisco 7600, Cisco 4300 ISR, Cisco 2900 ISR, Cisco ASR1002-X, Cisco ACS 5.8,Cisco Unified Communications Manager (CUCM), Cisco Identity Services Engine (ISE), Cisco WLC 8540, F5 LTM/GTM, Checkpoint security gateways (15600, 4800, 12000), Check Point Smart1 Management servers, Checkpoint Threat Emulation Appliance 1000, Huawei DWDM, Palo Alto PA5220 etc.

Managed Cisco Nexus 7009 switches and all the Virtual Device Contexts (VDCs) achieving 99.99% available connectivity to key network segments of HQ and DR. Achieved Uplinks redundancy using virtual Port Channels (vPC)

Achieved Layer 2 extension to DR site using Overlay Transport Virtualization (OTV) technology. This allowed seamless migration of workloads between HQ & DR without any hassle.

Deployed, administered, and managed Checkpoint and Cisco Firewalls, securing the Bank's applications and services by creating strict firewall permissions on need-to-know basis.

Ensured timely resolution of issues by working with technology OEMs (Checkpoint, Cisco etc.) to troubleshoot and promptly resolve connectivity issues.

Achieved security compliance requirements of regulatory bodies by provisioning firewall policies in line with regulatory standards like PCIDSS.

Improved performance and security of Firewalls & networking devices such as Routers, Switches, and Access Control Servers by performing regular software Updates and Upgrades.

Increased employees productivity and improved internal processes by deploying and managing smart technologies like Enterprise wireless networks, Remote and mobile VPNs, Bring-You-Own-Device (BYOD), Cisco enterprise collaboration solution, Network Fail-over automation and more. These led to substantial cost savings and increased revenue for the Bank.

Minimized downtime by proactively monitoring all technology solutions for which I was responsible. Promptly escalated observed issues before the occurrence of an actual failure or outage.

Showed values of deployed technologies by providing regular reports to management.

Published several value-added-services (web applications) for the Bank in a secure fashion.

Improved the security posture of the Bank by educating DevOps & project team members, ensuring they securely build applications for the Bank, declining to push applications to production until all security concerns are addressed.

Achieved high level of reliability through effective communication with team members and management. In a short while, I became very resourceful that many colleagues sought me first before others and I was privileged to contribute to major technology decisions being taken in the Bank.

Carried out reviews and analysis of Firewalls policies using Algosec Firewall Analyzer (AFA). This helped to easily optimize Firewall policies.

Evaluated Firewalls compliance with industry standards like PCIDSS & ISO27001 using AFA, hence maintaining compliance always

Monitored Firewall changes in real time, flagged insecure changes for remediation, and ensured vulnerabilities are not accidentally or unintentionally left on the firewalls. This helped to always maintain a secure network.

Carried out several other tasks that improved general network and security services in the Bank.

Signal Alliance Ltd [November 2011 – June 2013]

Head, Network Infrastructure Unit

Achieved sales targets, gained a lot of experience while designing and implementing advanced enterprise business IT solutions including Routing & Switching, Network Security, Unified Communications, and Unified Wireless Network Solutions.

Always satisfying customers by making correct and fault-proof network technology decisions as required to be deployed in customer environments.

Increased company competence by managing and training engineers, and maintaining company required certification levels.

Developed a high quality team of network engineers responsible for implementing advanced enterprise information communication network solutions for customers.

Developed new customers and maintained existing customers through initiatives like educating them of new technologies at company organized technology seminars, always listening to them and providing solutions to their issues.

Management and technical administration of outsourced projects.

Signal Alliance Ltd [July 2009 – October 2011]

Cisco Technology Solutions Architect and Lead Engineer

Led the technical functions in the sales of several Cisco solutions and met target regularly; hence I was promoted in October, 2011 to head the unit due to my performance. I even got best staff award in 2012.

Handled the pre-sales role of Cisco Wireless technologies being proposed to customers.

Conducted a lot of Site Surveys for Advanced Routing/Switching/Enterprise Wireless solutions, designing the architecture, and generating the Bill of Materials (BOM) which brought sales that increased company annual revenue.

Met sales targets by conducting enterprise network assessments, providing technical & financial Proposals in response to customer requests in a timely fashion, never missing a deadline.

Fixed customer network issues using advanced troubleshooting, analytical and diagnostic skills.

Signal Alliance Ltd [October 2008 – July 2009]

Technical Support & Network Engineer

Adequate Pre-sales and Field Experience in Cabling Solutions (Fiber & UTP) for small, medium and enterprise Networks, Design and Analysis, implementations.

Cabling project management and administration with reporting.

Network Active Device Quoting, Procurement, and Delivery to end user.

EDUCATION & TRAININGS

Global Knowledge, Dubai, UAE [November 2017]

VMware NSX for Internetworking Experts

Arrow Education Services, London, United Kingdom [July 2017]

Checkpoint Certified Security Master Course

Global Knowledge, Dubai, UAE [November 2016]

Implementing Cisco Collaboration Devices

Fastlane ICT Consultancy Services, London, United Kingdom [February 2015]

Implementing Cisco Nexus 7000 Switches

Trasys Group, Brussels, Belgium [December 2014]

Certified Algosec Security Administrator (CASA) Training

Digital Encode Ltd, Lagos, Nigeria [August 2014]

Penetration Testing Training

Cohort Technologies, Basingstoke, United Kingdom [November 2013]

ForeScout CounterACT Network Admission Control (NAC) Training

NIL Data Communications, Johannesburg, South Africa [November 2012]

Cisco Wide Area Application Services (WAAS) Training

Cisco Systems Inc., Lagos Nigeria [2012]

Implementing Cisco Unified Fabric with Nexus 7K & 5K

University of Ilorin. [March 2003 – May 2008]

B.Engr. (Hons.) Electrical Engineering - Second class Honours

KarROX Technologies Limited, Lagos State, Nigeria. [October 2006]

Microsoft Certified Systems Engineer (MCSE)



Contact this candidate