Security Engineer
Resume:
CAREER HIGHLIGHT
Experienced Professional with over 7+ years of experience as a an IT Security Professional in
IT Infrastructure, Information Security, Network Security, Enterprise Security, Project
management.
Strong knowledge based in the planning, design, and implementation of Information Systems
and Network Technologies.
Skilled & technically proficient with multiple firewall solutions, network security, and
information security practices.
Proficiency includes checking server and firewall logs, scrutinizing network traffic, establishing
and updating virus scans, troubleshooting, analyzing and resolving security breaches and
vulnerability issues in a timely and accurate fashion, and conducting user activity audits when
required.
Designing, deploying and troubleshooting enterprise data network as Network engineer and
expert in configuring and troubleshooting L2 protocols such as VLAN, VTP, ISL, 802.1Q, STP,
RSTP, PVST, port security and Nexus Switches.
SUMMARY
7+ years of experience in the planning, design, and implementation of Information Systems and
Network Technologies.
Experienced Checkpoint Firewall, Security and Network Administrator as well as a Cisco
Certified Network Associate (CCNA), routing and switching.
Knowledge in planning, design, implementing and troubleshooting complex networks and
advanced technologies.
Advanced knowledge, design, installation, configuration, maintenance and administration of
CheckPoint Firewall R55 up to R70 version, SecurePlatform Installation including GAiA,
VPN.
Advanced knowledge in Design, Installation and configuration of CheckPoint Provider
Environment.
Advanced knowledge in design, installation and configuration of Juniper Netscreen Firewall
ISG 1000/2000, SSG series and NSM Administration.
Drafted and installed Checkpoint Firewall rules and policies.
Implementation and administration of Juniper WX/WXC devices for WAN Traffic acceleration.
Advanced knowledge in Cisco ASA 5000 series and PIX installation, configuration and
maintenance.
Experience in Network Intrusion detection/Intrusion Prevention System and Firewalls.
Experience in Implementing & managing Symantec Data Loss Prevention.
Experience in implementing application security solutions
Advanced knowledge in configuration and installation of IOS security features and IPS.
Advanced knowledge in Cisco Switches and Routers Configurations.
Advanced knowledge in TCP/IP suite and routing protocols, such as OSPF, BGP, and
EIGRP.
Advanced Knowledge in IPSEC VPN design connection and protocols, IPSEC tunnel
configuration, encryption and integrity protocols.
Advanced knowledge in Linux and Unix Operating Systems.
Knowledge of ISO / IEC 27001 and BS 17799 and LPT methodologies.
Conduction of Security Awareness and Network training for NOC and SOC staffs.
Excellent Analytical and Documentation skills.
Experience in troubleshooting and application support.
TECHNICAL PROFICIENCIES
Platforms/Applications: Windows Server NT4-2012, Exchange 5.5–2010, VMware
VSphere/VCenter 4-5, MS Lync, BlackBerry BES 5.0.3, IIS 7.5, Microsoft SQL 2005–2012,
SCCM, VERITAS Netbackup & Backup Exec, TMG, Citrix XenApp/XenServer, MS VMM &
Hyper-V, Unix/Linux, PowerShell, MS Clustering, Enterprise Antivirus & Disk Encryption
solutions, Quest ActiveRoles, SCOM
Networking: Conversant in LAN, WAN, Wi-Fi, DNS, WINS, DHCP, TCP/IP, ISCSI, Fiber,
Firewalls/IPS/IDS,
Hardware: Dell, HP, CISCO, IBM, SUN, CheckPoint, SonicWall, Barracuda Appliances, SOPHOS
email appliances
Operating Systems: Windows, NT, Windows 98/XP/2000/2003/2007, MS-DOS, Linux
Firewalls: Check Point, ISA 2004/2006
Protocols: TCP/IP, L2TP, PPTP, IPSEC, IKE, SSL, SSH, UDP, DHCP, DNS
Routing: OSPF, EIGRP, BGP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static
Routing
Switching: VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi Layer Switching,
Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging
Database: Oracle 10g/9i, SQL Server 2005/2000
Security Tools: Wireshark, MBSA, MS Visio, Apache, VMWare ESXi 3.5, VMware Server, Encase
PROFESSIONAL EXPERIENCE
Yankee Candle South Deerfield, MA
Senior Security Architect /Engineer June 2013-
Sep 2014
RESPONSIBILITIES:
Provide security engineering for implementation in the CheckFree enterprise network.
Designed and implemented code in multi-threaded C for IPv6 inspection and attack detection
capabilities for an upcoming software release of the Dragon IDS/IPS.
Included IPv6 packet header inspection, updates to various Dragon decoders, and the ability to
decode IP-in-IP tunnels.
Directed the software engineering effort for the Dragon IDS/IPS network sensor.
Setting engineering priorities with an emphasis on attack detection through enhanced signature
detection capabilities, system design, and technical direction of engineers who developed
Dragon network sensor code.
Developed a fully automated build system for the Dragon ISO appliance image.
Complete rename of all firewall objects and rules
Replacement of CheckPoint / Crossbeam firewalls with new Juniper SRX 5800 Firewalls
Fulfill the implementation of the Juniper SRX infrastructure, troubleshoot the JUNOS operating
system running on the firewalls, provide guidance, support and cross training to the team.
Responsibilities included design, implementation, support and administration of multiple
security products, including over 20 Crossbeam X-Series running CheckPoint Provider-1 and
VSX, SourceFire, and ISS Realsecure.
Daily responsibilities included design, implementation, support and administration of multiple
security products, supporting the installed product base, and internal engineering teams.
Designed, built, and implemented CheckPoint Firewall-1 VSX.
Performed individual site evaluations, technical hands on design, installation and
implementation of SecureTrack
Managed the lab CheckPoint Firewall-1, Connectra R66, Tipping Point 200E, and SecureTrack
solutions.
Rebuilt and maintained the headquarters demonstration lab with the latest security hardware
and software solutions from CheckPoint, Juniper, BlueCoat, TippingPoint, ForeScout, RSA,
Designed, tested, deployed, and supported secure mail solutions for the entire company using
ProofPoint Messaging Security Gateway
Assisted in the design of key Managed Services, to further the goals of the company.
Cargill Inc, Wayzata, MN
Network and Security Engineer July 2011- May 2013
RESPONSIBILITIES:
Security Systems Software Development; Designed, developed, and deployed custom data
collection, monitoring, and configuration validation software for critical security and network
infrastructure.
Member of the Network and Security team responsible for managing the Security Environment
Responsible for providing consultative, pro-active and sometimes reactive support to internal
areas such as NOC, SOC and Solutions Architecture team.
Managed, maintained, and implemented systems in all areas of the company Infrastructure and
provided second level support to the Help Desk team, other infrastructure team members, and
end users as needed
Supported mission critical 24x7-365 Siebel/SQL servers, ensuring & maintaining optimal
uptime & efficiency
Managed a Nortel VPN system which provided access for remote employees and corporate
VPN tunnels
Responsible for managing the security tools such as CheckPoint Firewall, Nokia IP390, RSA
Security, ISS Site Protector and Nortel Connectivity VPN Server.
Designing of the VPN environment for saving budget with WAN circuits.
Specialized in Network Security technologies (Firewall, IPS/IDS, Content Filtering, Proxy and
Cisco network products).
Responsible for proposing the migration from CheckPoint R55 to R61 version making the
Firewall environment totally up-to-date
Provided Security Consulting to customers around border security, data security and intrusion
detection
Regularly performed firewall audits around CheckPoint Firewall-1 solutions for customers
Provided tier 3 support for CheckPoint Firewall-1 software to support customers
Conduction of Security Awareness and Network training for SOC and NOC staffs.
Technical lead of field services team during the implementation phase.
Merck Pharma-NC
Security Administrator / Windows 2003 Administrator Dec 2009-June 2011
RESPONSIBILITIES:
Utilize Security Information and Event Manager (SIEM) to Identify, track and manage security
incidents throughout the Petersburg Public Schools enterprise.
Determine if security incidence occurred; examine all available information and supporting
evidence related to an incident or event.
Logically determine scope of security event and the potential impact to schools and network;
recommend appropriate course of action for managing security incidents and participate in the
confinement, resolution and remediation of security incidents.
Installing, Upgrading and configuring (Checkpoint) firewall.
Manage enterprise equipment to include: addition, modification and/or deletion of firewall
rules; proxy rule sets that are an exception to global baseline
IPS/AV signature updates; RADIUS/RSA user and group management; remote VPN
assistance / VPN Management/Monitoring / creation of user accounts/tokens for remote access
VPN
Monitor Service Center queues for customer reported requests or incidents; access tickets for
applicability and assign to subject matter expert, as required.
Research security tools and security alerts, when requested, and share research within group;
communicate with school administration and other team members regarding security status and
participate in the mitigation of incidents as required
Provide technical support and assistance to schools and departments in the selection,
installation, operation, and maintenance of computer hardware and software. Nortel - switches,
routers, TLS, upgrades.
Firewall implementation, firewall management, network management and troubleshooting
connectivity, routing, and configuration issues with routers, switches, firewalls.
Installed and maintained Windows 2003 Server.
Installed Medical practice software.
Remote Administrator for Cisco Pix firewall
Remote Support for Medical practice applications
Perform operating system, network and application vulnerability assessments to identify
security exposures in the environment.
Established protocols for backups, server space management, security, virus protection and
other procedures essential to eliminating downtime or data loss.
Environment: MacAfee ePO 4.0, MacAfee DLP, Check Point NGX R65 & R54, Nortel, Websense Web
Security, Script Logic, Tenable Security Center.
SWADESH Entertainment, India
System Analyst/ Administrator July 2008 - Nov
2009
RESPONSIBILITIES:
Practices including: Network/Security, Anti-Virus Administration, Intrusion Detection
Monitoring, System access ID and log-on procedures and policies, file transfer and encryption
protocols
Automate the process of vulnerability management and policy compliance across the enterprise,
providing network discovery and mapping, asset prioritization, vulnerability assessment
reporting and remediation tracking according to business risk.
Security audit log monitoring and management, Integration of security logs and categorization
which meets compliance.
Install and maintain security infrastructure, including Firewall, IDS/IPS, log management, and
Security Information Event Management tools.
User management and implementation of security policies.
Auditing and Implementing base line standards for the all security devices.
Responsible for performing Root Cause Analysis in response to major security incidents to
avoid or minimize damages to Enterprise.
Audit, enforce and document compliance with internal security policies and external
regulations.
Administration of security systems, information systems and technology infrastructure.
Provide level 2 security incident response for select host and network security events.
Monitoring security devices and Monitor all aspects of security related events within network
including firewall logs, IDS events, Windows security event logs, Antivirus reports and RSA
Secure ID tokens.
Document and perform system upgrades, regular product updates, emergency patch
applications, and define monitoring requirements.
Environment: Qualys Guard, Loglogic, ISA 2004, Check Point, MBSA, Source Fire, Symantec,
CoreImpact.
INMANTECH INFO, India
Network, Server and Firewall Administrator April 2007 - June
2008
RESPONSIBILITIES:
Level 3 support Firewall Administrator (Cisco ASA and Checkpoint)
Team member for support of over 1,000 Cisco and Checkpoint Firewalls
Drafted and installed Checkpoint Firewall rules and policies
Level 3 firewall Break-fix support - received and acted pages from Level 2 and corrected faults
Root Administrator Unix, Linux, (Log servers for Cisco devices-After 2004)
Level one support for Oracle Unix servers (Before 2004)
Junior UNIX Administrator at General Motors Tech Center Warren. Monitored and reported
errors for more than 50 Sun Solaris and HPUX servers
Handled Cisco firewall/router, Cyber Cafe and Windows 2003 Terminal Server/Windows 2008
administration
Configured and managed a network of WYSE 60 thin client computers using Microsoft
Terminal server technology
Installed and maintained Windows 2003 Server for office network of 7 Computers
Installed Medical practice software
Used TightVNC to remotely solve server problems
Remote Administrator for Cisco Pix firewall
Remote Support for Medical practice applications
Contact this candidate