Engineer Network
Resume:
Warren G. Harding IV – CISSP#******
**** ****** ***** **********, ** 45244 513-***-**** adcnrd@r.postjobfree.com
Professional Experience:
Encore Technologies (Cincinnati, OH) 2/18-Present
Security Architect, Professional Services
Work with customers to develop security solutions adhering to both Industry and Vendor best practices
oRun design workshops to develop relevant solutions
oWork with customers to develop Build of Materials and Budgetary Estimates
oWork with customer to procure, install, configure and migrate solutions to production
oProvide guidance to customers on Security Program Architecture including mapping currently deployed solutions to frameworks, including Cisco SAFE and CIS20
Develop Internal Encore Security Solutions
oCisco Stealthwatch Flow Based Analysis Tool
oCisco Common Services Platform Collector
oCisco FMC/Firepower IDS solution for Internet Egress traffic Monitoring
oCisco Umbrella DNS based Security Solution
Convergys Corporation (Cincinnati, OH) 6/14-2/18
Network Architect, DNETS
Focus on Network Security Architecture
oEvaluate network security platforms for deployment in the Convergys environment
oDevelop Standard Operating Environment documentation to define platform standards
oDevelop Work Instructions (Implementation and Support Guides)
oTraining and Tier 4 support escalation for Network Delivery (Tier 3) and Site IT Contacts
oWork with Delivery Teams to implement new standards
oWorks with Annual Budgetary Cycle to determine IT Security needs and wants. Engages vendors to determine required equipment BoMs are associated CapEx and OpEx requirements
Projects
oLead on migration project to move from Classic IPS to Sourcefire IPS on ASA SSPs.
oLead on Cisco Firepower Threat Defense evaluation project as successor to ASA w/Firepower
oLed project to move SBC client interface into client DMZ from behind CCE firewall. This allows SBC to focus on SIP/RTP security and reduce data firewall traffic load
oImplemented new Converged Client Egress environment in Dallas Datacenter
oPalo Alto NGFW Point-of-Contact
Implemented Palo Alto IDS monitoring system to meet PCI audit point for site management networks
Implemented Palo Alto Firewalls in Virtual Wire mode to provide IPS augmentation to legacy FWs
Worked with Cisco Wireless SME to implement Guest Wireless environment with Palo Altos providing Anchor Controller DMZ and Content Filtering
Worked with Security Operations teams to develop template stacks to provide uniform policy administration across device roles.
oLead evaluation of Cisco Sourcefire environment as successor to classic Cisco ASA/IPS platform.
Performed Proof of Concept testing in lab environment
Created Platform work instruction documentation for operations and field support teams
Lead platform information and administrative training sessions for global operations teams.
oWorked with Security Operations to develop a migration process from Checkpoint to ASA firewall platform to reduce ACE explosion issues.
oLead SSL Decryption platform evaluation. Candidate platforms included Bluecoat, F5, Palo Alto, and A10.
oDesigned and Implemented New Team Lead Wireless Mobility DMZ architecture.
Palo Alto Firewalls for IPS and Application Control
Cisco 5508 and 5520 Wireless LAN Controllers
oWorking with Corporate Security to evaluate Endpoint Breech Detection and Remediation systems. Candidate platforms included: Cisco AMP for Endpoints, Palo Alto TRAPS, Crowdstrike, and Tanium.
oWorked with other members of the Architecture team and the Corporate security team to evaluate MDR vendors to expand Convergys’ Defense in Depth strategy.
Works with Technical Account Managers and Delivery Team to ensure new customer connectivity initiative meets Corporate Connectivity and Security standards
PCI Standards Evaluation
oWork with Corporate Security, Security Operations, and Network Delivery teams to ensure that PCI Cardholder Data Environments (CDE) meet current PCI-DSS standards
oParticipate in work sessions with Qualified Security Assessor (QSA) to determine open issues and develop remediation plans for in-scope environments
Northwestern University (Evanston, IL) 9/10 – 6/14
Network Engineer – NUIT
Member of NUIT Network Firewall Team
oPoint of contact for Data Center and Departmental firewalls
oDesign, Procurement, and Implementation of Virology Department network including migration of department behind a Netscreen SSG-550M Transparent Mode Firewall
oMigrated Chicago Datacenter from Cisco FWSM to Juniper SRX 5600 firewall
oDatacenter and Departmental Firewall rule set management and review
oFirewall Network Connectivity Troubleshooting
Lead Engineer for the Feinberg School of Medicine (FSM)/ Northwestern Medical Faculty Foundation (NMFF) Firewall project
oWorked with FSM and NMFF IT project team to determine Tier 1 and Tier 2 network requirements
oProof of concept implementation and testing with ASA 5505
oDesign, configuration, and deployment of a multi-context/multi-vrf production environment (Active/Passive 5585-X w/ SSP40)
oMigration of departments to Tier 1 and Tier 2 environments
Lead Engineer for the IPS/Next-Generation Firewall project
oWorked with the IPS project team to define network and security requirements for replacing end-of-life TippingPoint 1200E IPS
oPoint-of-Contact for vendor interaction – coordinated vendor communications and product demonstrations
oLed onsite evaluations of IPS platforms in the Northwestern Environment.
oConfiguration and implementation of PA-5060 Active/Active pair for network border environment
oConfiguration and implementation of PA-500 Active/Active pair for network staging/lab environment
oConfiguration and implementation of Palo Alto Panarama Central Management System.
Lead Engineer for Departmental Firewall Service Upgrade
oEvaluated Juniper Branch SRX line as a replacement for the Juniper Netscreen firewalls running in transparent mode
oDeveloped chargeback model for new SRX based Departmental Firewall Service
oDeveloped configuration templates for the following departmental firewall platforms:
SRX210 – Single Chassis and Active/Passive Cluster
SRX220 – Single Chassis and Active/Passive Cluster
SRX240 – Single Chassis and Active/Passive Cluster
SRX550 – Single Chassis and Active/Passive Cluster
Lead Engineer/Project Manager for the NAC Replacement Project
oResponsible for evaluation of potential solutions including, Bradford, Avenda Systems, and Impulse Point
oLead NAC project team meetings regarding overall NAC deployment strategy, deliverables for various project segments, and deployment timelines.
oConfigured Bradford Network Sentry appliances for University-wide deployment including guest wireless service
oProvided process training and documentation for Engineering, IT Security, and Help Desk system administrators
oCompleted successful deployment of Bradford NAC solution to Northwestern Student Residences and shutdown of Netpass legacy NAC system
Provides support for Northwestern University VPN systems
oJuniper SA 6000 series SSLVPN client access system
oCisco ASA 5500 series Point-to-Point VPN system
Daily Tier 2 and Tier 3 support escalation, including on-call rotation, for Northwestern University network infrastructure
TEKsystems (Chicago, IL) 1/10 – 9/10
VoIP Engineer – Contracted to CNA Insurance Network Applications Services Group
Daily Tier 2 and Tier 3 support escalation for a multi cluster CUCM and UNC 7.x environment
Migrated users and call handlers from CallManager 4.1 and Octel Voicemail system to CUCM/UNC 7.x environment.
User configuration changes (Move, Add, Delete), including Mobility and CUPC/Presence configuration.
Environment and procedure documentation for both end user and technical support personnel.
West Monroe Partners (Chicago, IL) 3/08 – 12/09
Senior Consultant – Infrastructure
Design, Implementation, & Support of client’s Boarder and DMZ environments
oBoarder firewall implementations including Internet access control and end user vpn design and implementation
oIPSec tunnel remote site connectivity implementation
oDMZ design and access control implementation
Design of multi-server Cisco DMVPN and VoIP (CUCM & UNC 7.x) environment for client
Vendor selection for Metro IP connectivity for multiple clients.
Implemented Cisco 2112 WLC and converted client’s 1231G APs to LWAPP
Converted client’s VPLS network from RIP to OSPF and implemented dynamic Internet failover
Staff augmentation for Chicago area trading firms (LAN, WAN, Multicast Routing)
On demand Tier 3 network support for multiple client’s global infrastructures
Cincinnati Bell Technology Solutions / General Electric 3/06 – 2/08
CBTS(Cincinnati, OH) 11/06-2/08
L3 Network Engineer – GE Energy & Aviation/Rail Network Operations
Configured and implemented IPSec tunnel connectivity and access control policies for GE Energy 3rd party affiliates
Administered GE Energy’s Checkpoint Firewall Infrastructure which included Provider-1 Checkpoint Administration Console and associated Checkpoint appliances including
Work with GE’s network design group to ensure design implementations met criteria to be transitioned from Implementation to Production stage.
Ensured multicast functionality across U.S. WAN environment for GE corporate broadcasts
Administered GE’s F5 LTM environment for server load balancing.
Monitored network health with Network General Infinistream sniffers and NetQoS Netflow appliances
Tier 3 escalation point for Severity 1 & 0 network issues.
Trasys (Cincinnati, OH) 03/06-11/06
Network Engineer II – CBTS for GE Energy & Aviation/Rail Network Operations (Level 3 Support)
Responsible for providing day-to-day support for GE Energy’s network infrastructure.
oGlobal Firewall Policy Administration
oF5 LTM Server Load Balancing Administration
Tier 3 escalation point for Severity 1 & 0 network issues.
Work with other GE divisions’ network groups to maintain overall integrity of corporate-wide GE network.
International Paper Positions 6/01 – 3/06
EDS (Memphis, TN) 08/05-03/06
Infrastructure Analyst – International Paper Telecommunications (Global Data Network)
Administered the company’s “Portals” web DMZ and High-Availability server switches
oConfigured server load balancing and URL redirects on switches’ Content Switching Modules
oAdministered ACLs and translations on switches Firewall Service Modules
oInstalled and updated certificates and configured SSL terminations on SSL module
Tier III administration and engineering for International Paper’s Wireless Infrastructure.
oDeveloped and tested configurations for various AP models (113X, 12XX, 13XX)
oConfiguration and administration of APs through the Wireless LAN Solution Engine.
Responsible for providing day-to-day network administration and Tier III troubleshooting for International Paper’s Global Data Network
International Paper (Memphis, TN) 04/04-07/05
Network Specialist II – Telecommunications (Global Data Network)
Lead on conversion of Box USA sites from their frame relay network to International Paper’s IP-enabled frame relay network.
oAccess control for old network scheme to IP resources.
oReaddressing of network to meet IP standards
Responsible for administering the Company-Wide Network Infrastructure:
oCisco Firewalls – FWSMs, 535, & 501 models
oCisco Routers – 72XX, 36XX, 28XX, and 26XX series / Frame Relay, IMA, Packet over Sonet, ACLs, Route Maps
oCisco Switches - Catalyst 6XXX, 5XXX, 4XXX, 3XXX, 29XX / Layer 3 Switching, VLANs, dot1q trunking, HSRP
oCisco Aironet 12XX series APs, 13XX series bridges, and WLSE management tool
oRouting Protocols: BGPv4, OSPF, RIP
Administration of Cisco ACS Access Control Server for network device access permissions
Tier III escalation point for Wireless LAN connectivity issues.
Responsible for network designs and upgrades at IP facilities for Network Remediation Project.
Assisted with configuration of Routers and Switches for the Disaster Recovery/ Hot Site.
Responsible for coordinating and performing new circuits installs, disconnects, and Port/PVC upgrades/downgrades with AT&T provisioning.
Working on project to move all routers from telnet access to SSH login.
Responsible for testing compatibility of new hardware platforms.
International Paper (Cincinnati, OH) 6/01-03/04
LAN Support Specialist II – MidWest Regional Support
Site administrator for Cisco Infrastructure (3600 series routers, Catalyst 6509, 4006, and 2950 series switches, Gbit Ethernet, VLAN’d environment).
Participated in site-wide infrastructure upgrade from 3Com based equipment to Cisco architecture.
Administrator for Windows 2000 Servers in the Mid-West Region.
Led desktop OS migration to Windows 2000 from a varied environment (NT,9X).
Daily Network Administration and Desktop Support for the Loveland site (900+ users).
Backup for Server Analyst team when needed.
Entex IT Service (Cincinnati, OH) 7/00-5/01
Customer Engineer
Assigned to Givaudan – 9/00 – 4/01
Assigned to Remote Network Services (Owens Corning) – 08/00 – 09/00
Assigned to Toyota – 07/00 – 08/00
Merrill Lynch & Co. (Cincinnati, OH) 09/97-06/00
Investment Associate – Series 7 and Series 66 Licensed
Education:
Northwestern University, Evanston, IL 2012-14
Masters of Science, Information Technology
Cornell University, Ithaca, NY 1993-97
Bachelor of Science, General Studies
Certifications Exams Completed:
Certified Information Systems Security Professional #393868
GIAC Security Essentials (GSEC) #32421 (Expired)
JN0-332: JNCIS-SEC (Expired)
JN0-101: JNCIA JunOS Exam (Expired)
642-832: Troubleshooting and Maintaining Cisco IP Networks (Expired)
642-812: Building Cisco Multilayer Switched Networks (Expired)
642-901: Building Scalable Cisco Internetworks (Expired)
642-873: Designing Cisco Network Service Architectures (Expired)
642-373: Cisco Express Foundation Design Specialist (Expired)
640-460: CCNA Voice (Expired)
640-802: Cisco Certified Network Associate (Expired)
640-863: Cisco Certified Design Associate (Expired)
642-523: Securing Networks with Pix and ASA (Expired)
APC Data Center University Associate (Expired)
E00-511: F5 Big-IP V9 Local Traffic Management (Expired)
156-210: Checkpoint Certified Security Administrator (Expired)
642-577: Wireless LAN for System Engineers (Expired)
215: Installing, Configuring, and Administering Windows 2000 Server (Expired)
210: Installing, Configuring, and Administering Windows 2000 Professional (Expired)
067: Implementing and Supporting NT Server 4.0 (Expired)
073: Implementing and Supporting NT 4.0 Workstation (Expired)
068: Implementing and Supporting NT Server 4.0 in the Enterprise (Expired)
059: Internetworking with Microsoft TCP/IP on Microsoft Windows NT 4.0 (Expired)
058: Network Essentials (Expired)
087: Implementing and Supporting Microsoft Internet Information Server 4.0 (Expired)
Contact this candidate