Palo Alto Zero Trust
Resume:
Ramon Castillo
*****.********.**@*****.***
Cell 858-***-****
Senior Security Networking Engineer with excellent experience with hybrid multi-cloud Azure, Palo Alto NGFW, Panorama, AWS, and on-premises virtual infrastructure. Built unbreakable corporate networks according with business requirements using encryption process to protect current data transmission requirements and future projected needs with multivendor environments, and zero trust architecture. Designed software-defined Access (SDA) that is secure, resilient, high-performing, and cost optimized across protected health information (PHI) for 4.5 million members and 7500 employes. Integrated new deployments of platforms to the next generation of connectivity from lab to production environments.
PROFESSIONAL SKILLS
Jira
Ansible
Aruba
Cloud SP
BGP
Tunnels
Palo Alto
VPN IP-Sec
Infoblox
DDI
OSPF
Ruckus
Cisco DNAC
Catalyst 9K
Cisco ISE
VMware
Encryption
Linux
Thousand Eyes
Slack
CI\CD
Microsoft AD
Silver Peak
Secure CRT
Panorama
Splunk
Terraform
TrustSec
SD WAN
Zero trust
EDUCATION
Colorado Technical University, 2012 – 2014
MS in Management: IT and Project Management
Tecnológico de Juárez, Ciudad Juarez Chihuahua, Mexico, 1994 – 1999
B.S in Electronics and Communications Engineering
CERTIFICATION
Post Graduate Program in DevOps by Caltech in Progress
Cloud Architecture Core, Sep 2018
ProLiant Server, Nov 2017
Cisco Certified Network Associated CCNA, Nov 2014
PROFESSIONAL EXPERIENCE
BlueShield of CA \ Intuit \Turbo tax \ Cybersecurity ECS
IT Consultant \ SNE \ WNE 12/2021 – Present
Designed and integrated network wire and wireless architecture using Palo Alto NGFW, WLC, Cisco DNA and Cisco ISE configurations for Financial and health Care corporations with Software Defined access SD-Access. Divided network architecture into micro segmentation using Cisco Catalyst switches 9300\9500 and WLC across Azure Cloud architecture and several branch offices with two data centers using TACACS device administration and RADIUS for network authentication.
Remediated security discrepancies for critical businesses applications using tunnel with encryption, and cybersecurity strategies using digital certificates for all the assets. Monitor the performance with Slack channels, using Palo Alto solutions, Cisco DNAC, Silver-Peak and Aruba base. Providing accuracy and visibility across two datacenters (SAC and LAS), 20 sites across California and 16 BSC’s providers across the United States.
Deployed data center into public cloud using azure, Linux virtual machine with Palo Alto and Plugins to monitor critical KPI with azure sentinel, AKS, Containers, Palo Alto NGFW tools, to collect, identify and visualize issues in production environments.
JJLG importers\Accenture\Zensar, CA 11/2018 – 12/2021
IT Consultant\ Sr Cloud Network Engineer with Security
Migrated into Azure Cloud infrastructure as code and applications to build data centers using two tunnels with encryption for each subscription, terraform, containers and CI\CD, GitHub and Jenkins at UHC, DFS and JJLG Importers.
Provided Wireless connectibity to the business using Cisco Catalyst 9300, Palo Alto, Panorama, Network profile gateways, Microsoft virtual WAN, Terraform and Ansible using digital certificates model. Design and start up the integration in more than 200 sites across the US to provided services to India on United heaths Group.
Automated network architecture based on PCI compliance using Ansible, F5, Palo Alto Firewall 7050 series with Panorama, GitHub, SNMP, SSH, and AAA in more than 250 remote sites across west and east locations.
Review business continuity solutions on Cisco architecture, VMware, and Palo alto firewalls using routing protocols with two ISP and SD-WAN technology with MPLS, and OSPF reducing operation cost.
Firstview Financial, Atlanta GA 01/2018 – 10/2018
Network Engineer
Remediated PCI Compliance and integrated multi cloud platform policy based with Azure, AWS, VPN tunnels with encryption, VMware, Hyper V, Windows Server, SCCM, Cisco Firewalls and Cisco UCS servers, Cisco routers and switches with trustSec architecture. Integrated CyberArk with PAM with based on HIPAA and PCI compliances.
Hands on implemented and troubleshot to deploy Cisco Meraki switches, Microsoft office 365, and active
directory, using cloud and VRF, NAT, PAT and VPN connections between call center and data
centers in PA and Atlanta with PCI compliance.
Created hybrid DC using VMware, Microsoft Hyper V and Cisco VPN, under HIPAA and PCI DSS.
Achieved business continuity, budget, network security and compliances with CyberArk PAM.
Designed Microsoft Azure, IaaS with Dynamics SL ERP system in cloud platform with DRP and BCP using three data centers with F5, DMVPN over MPLS Networks to provide services to India in less than six months.
CenturyLink \ Externetworks\Field Engineer, Alpharetta GA 10/2015 – 01/2018
Network Engineer
Identified requirements with customers using site survey ekahau software at WiFi enterprise networks to define devices to be deployed on SD-WAN solution using multi cloud platform like Microsoft azure, Cisco Routers, Palo Alto Firewalls, Cisco Meraki firewalls, routes, and switches.
Troubleshot L2\L3, WAN, LAN and SDWAN technologies across multi cloud platforms using Azure and AWS with Cisco and Palo Alto solutions with several companies like 3M, Raymond James, Cherokee women health, health technologies, and Relay health over PCI compliances.
AT&T, Denver Colorado 09/2014 – 10/2015
Network Provisioning Design Engineer
Acted as the technical escalation point for design and test and turn up TTU teams, to ensure end-to-end
network deliver on the BGP with EVPN, Ethernet and WAN services are installed and configured
correctly.
Troubleshoot and build L2\L3 configurations on enterprise Cisco and switches using data center platforms with Cisco IOS. Provided support focus on design, installation, and configuration of CRE routers with BGP, EVNP, with IPsec.
Configured, tested, and turned up more than 150 projects using Multi cloud platforms, with AWS and Microsoft Azure. Recommended changes for design network optimization to ensure delivery on time and within specification according with SOW across the several fiber optic ring networks.
Contact this candidate