Cybersecurity Engineer
Resume:
Roderick John Walti
Cell: 310-***-**** ******@**********.***
Information Technology Security Engineer
Transform Business Requirements into Scalable Technical Solutions
Consistent success in analyzing, planning, training, installing, configuring, and maintaining hardware and software technologies. Virtualization specialist, emphasizing best practice techniques. Exhibit superior problem-solving skills and techniques to resolve issues quickly, efficiently, and professionally. Work independently and collaboratively in cohesive teams. Provide expertise to explore, test, and assess solutions to remain current with emerging technologies. Proven leader, strategizing business solutions to meet growing needs of companies. Superior management abilities harnessing root-cause analysis techniques to eliminate bottlenecks, inefficiencies, and defects, delivering highly successful solutions.
Technical Writing Project Management Exchange Email AD Network Monitoring Firewalls Wireless SQL Databases VMware Windows Servers Network Security Cisco Networking Team Building Technical Support
Professional Experience
S2 GLOBAL - OSI SYSTEMS INC. Torrance, CA 8/21 to present
Sr. Cyber Security Engineer
ISO:27001:2022 certification obtained. Wrote ~ 50 policy & procedure docs, working to secure Non-Intrusive Inspection (NII) system that Xray scans vehicles at the S/W border in support of US DHS / CBP, mapping CIS / CSF controls to NIST 800-53, 800-171 standards and requirements. Working on CMMC Level 1 compliance, work with Azure AD, MS Defender ATP, Identity, Endpoints & Cloud, SentinelOne, Exchange Admin Center Performing vulnerability scans, with Tenable.IO Nessus & WAS, Qualys, Rapid7, AWS Inspector, performing remediations, remediating threats and risks in DevSecOps, work with Fortinet Firewalls, Switches, SonarQube, Security Scorecard, SolarWinds, Dark Trace, Ubuntu. Leading evaluation of ProxMox, OpenShift & Rancher/Longhorn/Harvester containerized virtualization.
KORN FERRY Century City, CA 3/20 to 8/21
Sr. Cyber Security Engineer
Hands-on with Splunk, Cybereason NGAV and EDR, Tenable I/O, Qualys, Veracode, Tippingpoint, Service-Now, Azure, MS Defender & Cloud, MS Cloud App Security/ATP (MCAS), O365, Apache, Azure AD Identity Protection, Lieberman RED Rapid Enterprise Defense Identity Management (PAM), BitSight, Security Scorecard, ProofPoint, Knowb4 Phish Sim, Bit9, SolarWinds Orion, AD Audit, GDPR, CCPA & NIST Compliance, resolved issues on F5 Load Balancer.
LA DEPARTMENT OF WATER AND POWER (LADWP) Los Angeles, CA 11/19-3/20
Energy Control Center (ECC) Cyber Security Engineer
Working in regulatory compliance in NERC-CIP & SCADA ICS environment in the DWP Energy Control Center, Work with Tripwire Enterprise, Tripwire Log Center, McAfee ENS, SCCM & WSUS, Tenable Nessus.
SOUTHERN CALIFORNIA EDISON (SCE) Los Angeles, CA 6/19-11/19
Network Cyber Security Architect
Planning for two new separate and redundant datacenters for the electric grid in NERC-CIP SCADA environment on implementation of 15 tools to secure the electric grid. Worked on DT, PKI, ADFS, PAM, FRA, WAF, NAC, NPB, SO, NDR, SIEM, NSM, VS, TIP, DMZ Proxy and FW project documentation, worked on Palo Alto firewall configuration design documents for 2 data centers and matched key requirements to security architecture design documents, mapped requirements to NIST 800-53 Controls.
LOYOLA MARYMOUNT UNIVERSITY (LMU) Los Angeles, CA 11/18-6/19
Network Security Engineer
Implementation and configuration of McAfee EPO ENS, Threat Scanning and Remediation with FireEye NX and Helix, Vulnerability Scanning and Mitigation, using Nessus and Nexpose/InsightVM from Rapid7, Splunk SIEM upgrade to 7.2 and installed multiple forwarders, worked on Office 365 & Azure security and compliance portal resolving email issues, ProofPoint, mapped network to identify scan targets.
Managed Palo Alto Firewall rules and content filters and reviewed logs for forensic investigations.
Performed remediation on threats using FireEye NX and Helix HX.
Performed Vulnerability & Penetration Test scans using Nexpose VM Insight VM by Rapid7 with remediation.
Worked to increase Splunk SIEM reporting by adding universal forwarders to multiple servers.
Implemented McAfee ePO 5.10 ENS and DLP, Documented procedures. Managed incident response.
Worked with Barracuda Email Security Gateway to filter SPAM and malicious emails.
Ran AD reports with AD Audit Plus for management.
Managed Security and Compliance Dashboard inside Office 365 Tenant.
UNIVERSITY OF CALIFORNIA LOS ANGELES (UCLA), Los Angeles, CA 6/18-11/18
Network Security Engineer
Implementation of NextGen EPP, Password Management, Threat Mitigation, Brand Trademark Protection, Threat Scanning, ProofPoint Anti-Phishing Campaign. SentinelOne, FireEye, Qualys and RiskIQ.
Documented procedures and implemented NextGen EPP and LastPass to 25 departments.
Performed analysis on threat scans and escalated threats found using Qualys.
SMART AND FINAL, Commerce, CA 2010 – 2017
Network, Systems and Security Engineer II
Maintained network security, operating systems, virtualization, MPLS, LAN/WAN, SAN, and wireless architecture. Lead multiple projects to upgrade and deploy various leading-edge technologies. Accountable for VPN environment, Email, Azure AD Security including assigning RSA SecureID and Authentication Manager integrated with Cisco ASA, Managed GCP cloud portal.
Installed, upgraded, and managed CheckPoint and Palo Alto firewalls, Setup and managed SonicWall, Cisco ASA, Intel Sidewinder, Checkpoint and Palo Alto firewalls and managed Proxy Servers. Configured firewall rules, NATs, Content Filters, LDAP authentication, IDS, Site to site and remote access VPNs, worked with McAfee Sidewinder Web Proxy
Implemented HP Tippingpoint IPS, and AnyConnect VPN on Cisco ASA firewall using IPSec & DMZ
Performed eDiscovery in email for provide legal assess to specific emails related to litigation risk.
Managed Cisco IOS on Cisco ASA VPN with RSA SecureToken two factor login with Secure ID, AAA, 802.1x.
Managed Projects (OKTA Single-Sign-on, ADFS, Carbon Black) for Cyber Security task force.
Performed NESSUS Security and Vulnerability Scans, performed Penetration Tests, performed Remediation.
Responsible for PCI & SOX Audits using Splunk SIEM, McAfee ePO for DLP under ISO 9000 and NIST.
Implemented and worked with McAfee Change Control to lock down file access for PCI related data and HR sensitive files.
Designed and configured Clustered Exchange 2010 using DAG running on Nimble iSCSI SAN for fault resiliency.
Migrated 2500 users to Exchange / Office 2010 on ESX5.5 with Nimble iSCSI and then to Exchange 2016 & Office 365.
Deployed Office 365 to desktops with Skype for business, ShoreTel, SharePoint, and OneDrive cloud storage collaboration.
Implemented redundant Symantec SMTP Email Gateways on Linux Virtual Appliances, filtering spam and viruses.
Managed project to install ShoreTel phones with VoIP. Integrated Outlook to display contacts for users to identify caller on phone display. Added voicemail speech recognition to email, sending voicemail in text format via email.
Implemented Nimble SAN on iSCSI and integrated to ESXi to present to Exchange and other servers through VMware, carved up LUNs, expanded volumes and resized Windows drives.
Setup and supported ExaGrid Storage for Windows Backup, Supported NetApp Fiber channel array connected to ESXi.
Migrated backup servers to BE v15, supporting backup of Server 2008 and integrating ExaGrid Backup to disk.
Implemented and upgraded Symantec Endpoint Protection and deployed client to 330 stores, corporate, and 6 warehouses.
Managed and administered Cisco routers and Cisco POE switches, isolating issues and managing endpoint VLANs.
Configured and managed AirWatch MDM, rolling out email and wireless policies to iPods for store scanning of products.
ROLLING HILLS COVENANT CHURCH, Rolling Hills, CA 2017 – 2018
Sr. Network & Security Systems Engineer / Manager
Worked on implementation of Microsoft Dynamics GP self-service timecard program, implemented VLANs, setup static NAT on Cisco ASA, setup SQL Server, Administration of AD and VMWARE ESX 6.5. Setup domain controllers, domain joined all systems and migrated user’s local profiles from OES. Configured Symantec Backup Exec to Disk & EPP, SentinelOne, ESXi 6.5.
Integral to the planning and setup of MS Dynamics, configured Time-Card portal, configured all users accounts to connect.
Moved Dynamics to AWS Cloud.
Ran Penetration Tests using Metasploit.
Implemented Meraki Wireless
Worked to remediate ransomware breach.
CITY OF PALOS VERDES ESTATES / PALOS VERDES ESTATES POLICE DEPT (PD) 2002 – 2012
IT Manager
Managed 12-server, 75-user Windows 2003 server, and IT infrastructure environment, on call 24x7x365. Accountable for IT support and project management relating to City and Police Department functions, Windows 2003 Active Directory, GPO management, SQL Server 2008, SSL Certificates, Cisco Routers, SonicWall Firewall, WatchGuard Proxy, Security and ESXi.
In charge of Cyber Security, performed IDS, IPS with SonicWall, performed vulnerability scans and remediation.
Ran periodic Intrusion Prevention Security Scans using Tenable Nessus, Performed Penetration tests with NMAP.
Migrated to SonicWall NSA3500 Unified Threat Management Firewall, integrated LDAP and IPS and content filtering.
Implemented Symantec Managed AV Spam Protection for SMTP Email Gateways Protection
Implemented and then upgraded to Cisco IronPort SMTP Email Gateway for AntiSpam and Malware detection.
Implemented SonicWall SSLVPN documented and deployed to multiple users.
Implemented Sunbelt SNSI (Sunbelt Network Security Inspector) tool for vulnerability assessment, performed remediation.
Setup WLAN connection to LASD/DOJ interface for real-time criminal history updates from Patrol Cars.
Managed project to replace 9/11 call dispatch system with IBM AIX for Spillman for historical tracking on DB2.
Replaced existing DVR with Samsung video surveillance CCTV security systems, supporting DA subpoenas for jail & PD.
Implemented WSUS for automated Microsoft patching, keeping endpoints up to date for added security.
Installed and configured iSCSI SAN for VMware ESXi with vSphere 4.x for shared storage.
Replaced switches in IDF upgrade to switched 1 Gbps, then upgraded Backbone to 10 Gbps on HP ProCurve Switches
Upgraded all users and servers from Exchange 5.5 to Exchange 2003 and Office 2010.
Managed project to install Automated License Plate Reader (ALPR) cameras in patrol cars, connecting to DB2 and DOJ.
TRIPLE-L ACQUISITION CO, TRIPLE-L DISTRIBUTION CO., Industry, CA 2010
IT Director
Oversaw IT support for 15-server, 4-site MPLS network. Managed Windows 2003 and Windows 2008 Servers, 3 Active Directory Domains, MS Exchange 2003 - 2007, 3 Blackberry BES Servers, JD Edwards Financials, DocuWare, Create!Forms, Create!Fax, RightFax, VMware ESX, ESXi, vSphere, vCenter, Cisco ASA 5505, SonicWall VPN’s, SQL Server migrations, InterTel Phone Switch, and Motorola Symbol MC9090 wireless barcode scanners using Cisco and Motorola wireless.
L.A. COUNTY OFFICE OF THE ASSESSOR, Los Angeles, CA 2005 – 2010
Senior Network Engineer
Supported IT environment running MS Exchange and Active Directory. Worked with vendors to acquire products and services using RFPs and non-stock requests, determining items to be budgeted, resolving issues, and setting up sole source agreements. Managed IT vendor contracts. Ran intrusion prevention security scans using Tenable Nessus and Sunbelt SNSI tools and performed remediation. Worked on Symantec End Point Protection.
Designed, proposed, installed, and configured EMC CX700 SAN with 22 TB of storage and wrote documentation for EMC SAN, integrating with ESX VMware for Windows Server Storage on fiber channel.
Worked on planning and design of new data center, collaborating with engineers to determine specifications.
Migrated multiple servers to VMware ESX with ISCSI and NAS appliances.
Additional Relevant and International Experience
EN POINTE TECHNOLOGIES INC., El Segundo, CA
Manager of Technical Operations: Projects: Regus, GOVERNMENT OF ETHIOPIA, Addis Ababa / NOKIA, Finland, Union Bank Y2K Project, worked at Sumitomo Bank on Netware Migration, Worked in HIPPA Compliant environments, Cedars Sinai, HealthCare Partners
GE CAPITAL IT SOLUTIONS, Irvine, CA
Project Manager – Enterprise
DIRECTV, El Segundo CA
Senior Systems Engineer: Implemented TCPIP company wide, Managed Nortel BCN Router, Symantec Backup Exec.
TOYOTA MOTOR CORPORATION, Torrance, CA
Project Manager: Designed LAN Support Program integrating into Windows 98 connecting to AS400 over Token Ring.
Education and Training / Certifications
CCTA Certified Cybereason Threat Analyst
Cybereason NGAV and EDR Training and Certification
Splunk Fundamentals Training and Certification
Checkpoint Firewall-1 Checkpoint Certified Security Administrator and Engineer (CCSA) and (CCSE) Certifications
Cisco CCNA, UCS, and CCNP Training
VMware V-Sphere 5.5 Authorized 5-day FastTrack Training
Spillman Training on Security with Crystal Reports, Police Computer Aided Dispatch (CAD) on (AIX and SUNOS) Certified
EMC Clarion Storage Foundations Course
Microsoft Certified Systems Engineer Certification (MCSE)
United States Marine Corps Corporal, Field Radio Operations (El Toro), Secret Security Clearance
Affiliations
HP / Microsoft Frontline Partner / Assistant Chaplain, LA County Sheriff
Contact this candidate