Project Manager Engineer
Resume:
MARK WADE HERRETH
************@*****.***
Education:
Graduate from University of Phoenix with Associate's Degree in Information
Technology. Graduate from University of Phoenix with Bachelor's Degree in
Information Security
Graduate from University of Phoenix with Master's Degree in MIS.
Romack Corp.
Security Consultant
7/15/2014-Current
Support and upgrades for all Checkpoint firewalls on the client global
network. Firewall versions are R75.40 and R77.20. Support for 200
Checkpoint firewall models, which are 12600, 21400, and 4800. Support for
all Provider-1 infrastructure and corporate domains. All firewall
configurations with HA failover. All URL filtering for corporate
environment enforced with Checkpoint URL filtering service in R77.20.
Titan Solutions
Security SME and Security Project Manager
2/3/14- 6/3/2014
I led the 2014 PCI audit for the Zale Corporation, and acted as the
security SME as well. I pulled firewall and router configurations with
Firemon, along with editing all company PCI documentation to meet PCI DSS
2.0 standards. I led QSA observations for all processes, procedures, and
reports for all tasks and requirements. Perform remediation tasks for
firewalls, routers, and IPS infrastructure. Met with Vice-Presidents,
and Senior Vice-President's weekly, to ensure all PCI audit timelines and
deliverables were met. I was personally responsible for ensuring that all
PCI audit project documentation was uploaded to SharePoint, and that all
tasks, and responsibilities were updated and tracked in QuickBase. I
tracked all PCI project timelines in MS Project, and distributed it to
senior management, the security team, and the QSA auditors. Corporate URL
filtering enforced with WebSense Security and Web Filtering. Client
compliance settings, policies, and infrastructure analyzed and compared for
PCI 2.0 DSS audit. Fireeye 7400 NX series appliances used for threat
detection, management, and analysis.
ICONMA
Security Consultant
4/15/13-12/20/13
Support and upgrades for all Checkpoint firewalls, and datacenter
migrations. All Checkpoint environments have an HA Provider-1 for
redundancy. Each checkpoint environment contains 100 firewalls running in
an HA configuration. All firewalls are upgraded to R75.45 from their
original firewall revisions. Company URL filtering enforced with WebSense
Security and Web Filtering suite. Triton management server and components
analyzed and compared for SOX audit.
HP
Security Consultant
3/15/13-8/1/13
Support, design, and upgrades, for all Checkpoint firewalls running R75.40.
Support for all Provider-1 environments with 150 Checkpoint gateways. All
firewalls are in an HA configuration running on Checkpoint 21400 UTM's.
State Farm
Security Consultant
12/27/11-2/15/13
Design and implementation of sixteen 61000 blade system firewalls, and
fifty 21400 firewalls for perimeter and segmentation of the network. PCI
DSS 2.0 and SOX requirement and mitigation support. Ongoing support for
the firewalls, and company applications. The firewalls are on R75.40, with
a Provider-1 environment. All firewalls are running in a HA configuration.
All management stations are Smart-100 devices in an HA configuration.
Vulnerability assessments done with Nessus, Internet Scanner, and Languard,
for support of all compliance regulatory requirements. Use of Splunk 6.1
within the corporate network for log analysis and aggregation tool.
Hewlett-Packard
Security Consultant
7/1/11-!2/10/12
Provide support for all Checkpoint and Cisco environments. Provider 1
management upgrades from R65-R75. All gateways are in an HA clustered
configuration running VRRP. Performed upgrades for all IP series firewalls
from R65-R75. The upgrades are to meet regulatory requirements for PCI
audit remediation. PCI DSS and SOX requirement and mitigation support.
Sunguard
Security Consultant
1/5/10-6/1/11
Provide support for all firewall related activities and upgrades for the
Checkpoint environment from R60 to R70, R71, and R75. Support for
Nokia/Checkpoint firewalls in a P-1 environment with 300 firewalls.
Support for all migrations, upgrades, PCI and SOX audit requirements, and
vulnerability assessments. Support for all Juniper firewalls and related
environments. PCI DSS and SOX requirement and mitigation support.
First Data
Security Consultant
8/15/09-1/1/10
Performed upgrades on all Checkpoint firewalls, and support for client
services. Firewalls are R65 and R70 clusters. Administration of Juniper
firewalls at corporate and remote locations.
MassMutual
Security Consultant
8/8/08-7/15/09
Performed Checkpoint firewall upgrade of 50 firewalls from R55 to R65. The
firewalls were on Nokia IP 1220 platforms. Administered Juniper 50, 200,
500, and SSG 520 firewalls. Upgraded and administered 75 Fortinet 5000A
and 100A firewalls. Administration and management of all firewall
environments for MassMutual clients was one of the daily tasks. Management
of each firewall is done remotely and onsite at client sites. Network
documentation was done with MS Access, Visio, and Power Point. Microsoft
Project was used to ensure that all project timelines were adhered too.
Security Management Tool was used to tailor company security policies. All
Juniper firewalls are managed through NSM. Site to site vpn for all b2b
and vendor tunnels with Checkpoint and Cisco vpn's. Mcafee was the anti
virus used at the desktop and server levels within Mass Mutual. All DMZ
and intranet traffic was segmented with firewalls and acl's to ensure
security to company resources. PointSec was the encryption software used
to encrypt all laptops for protection for remote users. SOX audits were
the driving force behind the firewall upgrades and network segmentation.
SOX vulnerability assessments where done on a monthly basis using Languard
and Internet scanner. Each assessment is tailored for SOX compliance, and
is one of many layers in the risk mitigation arena and compliance
framework. Administration of Sidewinder firewalls at remote locations.
Supported Pointsec encryption products for the MassMutual corporate
network. Tailored policies and support around company business
requirements.
Security Consultant SAIC
1/15/08-7/15/08 Security consultant for SAIC. Administered 24 firewalls
running Checkpoint R60. Upgraded the firewalls to R62, and all firewalls
were running on Nokia IP 1220 firewalls. Implemented two Site Protectors,
Proventia G devices for SAIC client. Administered Juniper firewalls
consisting of 75, 100, and 200, firewalls.
Implemented Blue Coat SG510 and 810 appliances, and Blue coat reporter for
the corporate network. Checkpoint firewall upgrade from R55 to R65 on
Nokia 390 appliances for headquarters and remote sites. Risk assessments
where done using Nessus, and Internet scanner, on a monthly basis to help
ensure that risks to the network are mitigated in a timely manner for all
SAIC client networks.
Veritas Corporation
Security Project Manager/ Security Engineer
8/6/07-12/15/07
In charge of development of security solutions, and the evaluation of
products suitable for security within all Veritas Corporate networks. Over
15 years experience in Information Security related technologies, with
experience in Cisco routing; Checkpoint firewall, and, IDS systems, Proxy
Systems such as Bluecoat, Wireless LANS, Wireless IDS systems and
vulnerability scanning systems and services in a corporate environment.
Levi's Corporate Headquarters
Interim Security Manager
Lead firewall team in multiple locations, for change management, firewall
security related duties and IDS support. All firewalls are Checkpoint R62,
IPSO 4.2. IDS infrastructure is Proventia G appliances. Remote access
support with Nortel Contivity appliances. Risk assessments and
vulnerability scans where done on a semi-weekly basis using Languard, and
Internet Scanner, to ensure company resources are secure.
6/1/07-8/15/07
IBM
Security Engineer/Project Manager
11/06-5/1/07
Firewall administration and configuration on Pix 515E, 525, and Checkpoint
IP 1220 firewalls for IBM clients.
MLGW
Security Engineer/Project Manager
9/05-10/06
Performed security audits on corporate network in support of NERC
requirements. Upgraded all Checkpoint firewalls to IPSO 3.8 NGAI R55.
Also administered Cisco PIX 520 and 515E firewalls running IOS 6.3 as well.
Used Languard to scan hosts for vulnerabilities, and used App Detective to
scan for vulnerabilities on all databases. Cisco IDS was also used for
IDS. Did a major DMZ upgrade using F5 load balancers, Blue Coat reverse
proxies, Checkpoint firewalls, and Firepass vpn solution as well. Support
for all security related needs at the MLGW headquarters.
Zenith Insurance
Senior Security Engineer:
3-14/05-6/21/05
Put processes and procedures in place to start a new
security department. Wrote all IDS and Firewall
assessments, testing methodologies, and setup all
internal infrastructure for the new Enterprise
Security Department. Administered Juniper 50, 75, and 100 firewalls to
segment off network traffic and applications for the corporate network.
Performed firewall testing
utilizing Ixia Load, Ixia Chariot, and Ixia VPN for
performance testing. Other vendors used for testing
consisted of Blade Software's Firewall Informer, and
IDS Informer. All of these where utilized to test for
performance, conformance, and stress testing of the
production infrastructure.
T-MOBILE HEADQUARTERS
Security Engineer
1/1/05-3/13/05
Daily duties include: All firewall rule pushes,
firewall design, documentation, and troubleshooting
with in the corporate network. Firewalls consisted of
Checkpoint IP 1260's, and 650's, in a Provider -1 environment. Alteon load
balancers where utilized as well. All firewalls where
running Checkpoint NGAI which I upgraded for NG 4.1,
on IPSO 3.8.
MICHELIN CORPORATE HEADQUARTERS
Security Project Manager/ Security Engineer
1/10/03-11/20/04
In charge of Internet Access, Security, Auditing, and
all E-commerce Infrastructure. The following are
different platforms that where utilized to enforce
security and handle the day-to-day infrastructure
requirements: Permeo Security Server 4.1, and 4.2,
Alteon Content Cache, 305, and 310, Alteon Ace
Director 400, all used in load balancing and
clustering. Administered Nortel Contivity appliance for remote access to
company resources for employees. Web Trends 7.0, and 8.0, Checkpoint
Firewalls running NG on 330, 440, and 650's, and Nokia
Horizon Manager to handle all administration.
Administration with Pix 520 firewalls as well. LAN/WAN
design, administration, implementation, installation
and maintenance of the corporate network. The
environment also consisted of Unix, (AIX, Solaris,
HP-UX, Linux Red hat, and Free BSD which had to then
be hardened and secured using Bastille, or other unix
hardening software.)
Manufacturer's Bank of L.A.10/16/02-12/20/02
Security Engineer
Contract
Emphasis on Firewalls,
host penetration, IDS, vulnerability assessments, and security
baselining. SMS design and implementation of 5000 pc's, 50
servers, and all Y2K applications, consisting of
Windows XP Pro, Windows 2000 Pro, Advanced Server, and
Active Directory Structure as well.
Security Manager:
NETWORKTOPOLOGIES
Dallas, Texas
7/01 - 5/02
Senior Data Security Manager
Security Manager:
Designed, implemented, and managed the network
security system for a company, which provides
application, services to Fortune 500 clients and
government agencies nationwide.
Administered corporate firewalls, Intrusion
Detection Systems (IDS), host penetrations,
vulnerability assessments, forensics, risk management,
and related security issues.
Financial Operations:
Planned and managed an annual operating budget for
equipment and payroll costs.
Training/Staff Development:
Recruited, hired, trained, supervised, developed,
and evaluated performance of 10-12 technical personnel
in the Network Operations Center (NOC).
Ensured staff achieved 99.9% uptime to comply with
Service Level Agreements (SLAs).
Migrated 50 servers from NT 4.0 to Windows 2000.
Migrated 1000 desktops using Active Directory as well.
Used SMS to push out the rollout.
NOKIA
Senior Data Security Specialist
Irving, Texas
11/00 - 6/01
Security Management:
Recruited by management to design and implement a
multi-layered security system for a major global
manufacturer of electronic products.
Managed and supervised installation and staffs
on-site at facilities throughout North America, South
America, and Asia.
Wrote documentation for security processes which
conform to the ISO 17799 standard.
Administered all corporate Checkpoint and Pix
Firewalls.
Monitored IDS consoles/agents and all remote
capabilities, including Secure Identifications and
Virtual Private Network (VPN) connections.
BELL HELICOPTER, Hurst, Texas
Firewall Security Project Manager
1/00 -10/00
Security Management:
Recruited by management to design and implement a
global security portal for use by employees in all
corporate facilities and vendors worldwide.
Consulted with department managers on a daily basis
to anticipate, review, and resolve technical issues
arising day-to-day business operations.
Remote access administration with Nortel Contivity appliance.
Security Administration:
Designed, implemented, and administered 4 Nokia IP
650s and four Pix 520's. Administered 2 Ace Servers
(1 Solaris and 1 Netscape Proxy Server.)
Monitored firewall logs for intrusions and the
Cisco Netranger IDS for intrusion detection.
Created all accounts for Internet access and Secure
ID's for remote access. Documented, wrote, and
implemented all rules to allow or restrict access to
the corporate network by 50,000+ users and vendors
worldwide.
Investments
Y2K Security Engineer
Fort Worth, Texas.
6/99 - 1/00
Researched and resolved technical issues to
expedite the installation of the security system and
other issues involved with an enterprise network.
Managed, trained, developed, and evaluated
performance of 25 Systems Engineers and contract
technical employees.
Administered and maintained all changes to the
corporate firewall of a major stock brokerage firm
(Q-Investment) to ensure compliance with Y2K
standards.
Detected and resolved Y2K issues.
Added security patches and hot fixes.
Monitored all CERT advisories.
Analyzed host penetration scans. Conducted
vulnerability assessments.
Administered the NT Server.
Trained Systems Engineers in the administration of
Checkpoint Firewalls.
Also served as Security Engineer.
Checkpoint Software Technologies
Security Engineer
Grand Prairie, Texas.
6/98 - 4/99
Security Engineer/Trainer
Security Training/Administration:
Designed and implemented the corporate network for
Checkpoint, and supported all firewall related issues.
Trained staff to install and support the Firewall-1 product line.
Developed and implemented solutions to issues
pertaining to downed firewalls, the setup and
configuration of existing firewalls, and the setup of
Checkpoint VPN technology (Secure Remote and Secure
Client).
Implemented courseware, classroom configuration,
and NOC setup.
B.F. Goodrich Aerospace
Network Engineer.
Irving, Texas.
3/97 - 5/98
Network Engineer.
Systems Analysis:
Managed network systems for U.S. operations of an
aerospace manufacturer to ensure 99.99% uptime.
Administered a Pathworks network.
Designed and installed an NT 4.0 Network for 1,000
users.
Provided additional support for all e-mail Exchange
Servers, McAfee Net Shield Anti-Virus Software.
Installed and configured Cisco 2500 routers and
Catalyst 1900 Switches.
Mobile Oil Corporation
Network Engineer
Irving, Texas.
2/97-
Network Engineer
Project Management:
Managed the installation and configuration of IBM
Thinkpad laptop and desktop personal computers for
1,000 users.
Served as Project Manager for Novell 4.1 global
network.
Troubleshot network related issues.
Dallas Cowboys
Network Engineer
Irving, Texas.
3/96-1/97
Network Engineer
Systems Analysis:
Project manger
Designed and implemented a Novell 4.1 network for
500 users.
Supported and administered E-mail Servers, network
servers, and all network and security policies..
Pinnacle Brands
Network Administrator
Arlington, Texas
3/95-2/96
System Administration:
Administered a Novell 3.12 network and email
servers for 500 users.
Graduate from University of Phoenix information AAIT. Graduate from
University of Phoenix BSIS degree. Attending University of Phoenix for
Master degree in MIS.
Contact this candidate