Engineer Security
Resume:
William “Spencer” Plantier
**** ****** **** ** ****, NC or 919-***-**** or adg1fe@r.postjobfree.com
Security Engineer
•A solutions-oriented IT Senior Security Engineer with notable success directing a broad range of corporate IT initiatives while participating in planning and implementation of information-security solutions in direct support of business objectives.
•13 years in cybersecurity, ethical hacking, vulnerability identification and management, secure design practices. 6 years performing security assessments of Web applications.
•6 years performing penetration testing that identifies weaknesses in Web applications and supporting infrastructure, including servers, databases, networks, etc.
•Provided technical leadership and designed the security architecture for many end clients in an enterprise environment with Federal Systems clients (US Federal Courts, the EPA and the FBI) and various banks and financial institutions.
•6 years’ experience with network assessment tools such as Nessus, nmap and netcat as well as 6 years’ experience with security testing environments and tools, such as Kali, Metasploit, Wireshark, and Fiddler
•Strong understanding of vulnerabilities and attack methods, such as remote code execution, privilege escalation, XXE, XSS, SQLi, MitM, session hijacking, CSRF, and other common vulnerabilities, as well as testing, identifying and remediation.
•Have led in all stages of system development efforts, including requirements provided cloud protection using Palo Alto Cloud protection, Fireye Cloud Protection, and MacAfee Cloud security. Also ran Rapid 7 scans on both Linux and Microsoft Servers for vulnerabilities.
•Experience performing code reviews and reviewing the results of static analysis tools; have done C# programming with knowledge of secure coding best practices. Also have done UNIX Shell Scripting with Bash, Perl, Python and Scrapy.
•Have worked with various DLP tools and worked with clients to prevent any type of data loss. Have worked with policies within Active Directory for 13 + years. Have worked with Fireeye, Fortinet and Linux tools.
•Data Loss Prevention: 6 years of Fortinet DLP experience and two years’ experience with other tools. Worked with clients making recommendations and to provide data loss prevention.
•15+ years of networking experience serving as a Tech Lead Engineer responsible for the network design for NATO, provided technical documentation for numerous Cisco RFP’s, designed a VOIP for the Belgium Government, designed a Wireless Solution for US Navy and designed new switch technology for various Air Force Bases.
•Provided definition, design, architecture, testing, and support. Installed a variety monitoring tools to analyze network traffic and traffic from security devices. Adept at developing effective security policies and procedures, project documentation and milestones, and technical/business specifications. Track record of increasing responsibility in secure network design, systems analysis and development, and full life cycle project management. Demonstrated capacity to implement innovative security programs that drive awareness, decrease exposure, and strengthen organizations.
•Maintained F5’s at Peopleclick where I configured SNAT, rules and added certificates. Maintain and configured various F5’s at ATT and Labcorp.
•Worked with Sarbanes–Oxley Act Compliance since 2008
Core Competencies: Network & Systems Security; Business Impact Analysis; Regulatory Adherence; Data Integrity/Recovery; Disaster Recovery Planning; Contingency Planning; Research & Development; Risk Assessment; Cost Benefits Analysis, Cisco VOIP, Cisco Unity and Cisco Contact Center. Created Pen tests at Peopleclick, ATT, LabCorp and One Source. Answered Audit questions and mitigated vulnerabilities from audits from government agencies and other companies. Used Symantec, Fortinet, CSA, Fireeye and Cisco ISE for DLP
Platforms: UNIX (Solaris, HP-UX), Microsoft Windows® operating systems from 95 on, Linux (Red Hat, Ubuntu), Sun SPARC, Mac OS, VM/370, OS2 Warp, Cisco Routers, Cisco IDS, Cisco Switches (4000, 6500,3500,and 2900), Cisco ASA, Cisco PIX, Cisco Wireless) Secure Computing Sidewinder, RSA, Checkpoint Firewall, Fortinet, Juniper SRX, and Palo Alto
Networking: TCP/IP, Novell, Banyan, ISO/OSI, IPX/SPX, SNA, SMS/SQL, Ethernet, Token Ring, FDDI, VPN, SSH, SecureID, PGP, PKI, HIPPA, CFR-11.
Languages: UNIX Shell Scripting (Bash, Perl, Python and Scrapy) with some C#.
Tools: Whatsupgold, Checkpoint Firewall Manager, Cisco Security Manager McAfee/Norton Virus Protection Utilities, CISCO IDS, NMAP, Cacti, HP OpenView, IBM Tivoli, Tripwire, Snort, Windows PowerShell, Wireshark, Fiddler, NESSUS, Kail, Metasploit,Curl, Rapid7 Pen test box, Lotus Notes, Microsoft Office System (including Microsoft Word, Microsoft Excel, Microsoft PowerPoint®, Microsoft Access, and Microsoft Outlook®), Microsoft Project, and Microsoft FrontPage®.
Professional Experience
CenturyLink Communication February 2020 to present
Network Engineer
Remotely install Meraki Firewalls, Troubleshoot any Meraki firewall, Wireless and switch issues. Troubleshoot any devices that connect to the Meraki devices
Ondefend February 2020 to present
Penetration Tester
Setup up Rapid 7 appliance. Tested and setup reports. Did Pen tests for Ondefend customers. One customer was a bank.
OneSource Communications November 2018 to September 2019
Security/ Pen Testing and Network Implementation Engineer
Used Fireeye, ran Rapid 7 scans and used Active Directory policies for Cloud Security. Investigated logs and vulnerabilities. Worked with customer to resolve vulnerabilities. Conducted Pen tests using Rapid7, Nessus, Kali, Curl, Metasploit, Python and Fiddler. Investigated vulnerabilities found through Splunk and Connectwise. Upgraded Cisco routers for Union Bank. Implemented Netflow for all Union Bank Sites. Created DR plan for Union Bank. Implemented Cisco Meraki’s for various customers. Installed Auvik. Renewed Palo Alto ACE. Passed the Platform Fundamental certification. Use Connectwise as ticketing program and remote Connection software. Analyzed Netflow traffic for Union Bank and advised Customer contact on the information. Use Python to do log queries. Configured and managed DNS and DHCP. Configured and maintained F5 loadbalancers. Worked with Proofpoint and configured and troubleshooted Proofpoint for various customers
Labcorp November 2017 to November 2018
Security Engineer/ Pen Testing
Was sent to a site within Labcorp that had a breach to isolate the network to prevent the spreading of the breach. Cleaned all systems up and do data recovery. Investigate what information was actually lost and then put in security measures to prevent future breaches and data loss. Used Palo Alto Cloud protection production. Investigate vulnerabilities through Cisco ISE and Splunk logs. Was the Secure email gateway subject matter expert with the proofpoint product. Configured and maintain Zscaler proxy. worked with NetSuite. For Pen testing Used Rapid7, Nessus, Kali, Curl, Metasploit, Python and Fiddler. Investigated vulnerabilities discovered via Splunk logs. Responsible for assisting with Cisco ISE implementation. Preconfigured and installed Palo Alto 820 Firewalls. Installed Cisco Meraki’s. Worked on new Data Center installation. Upgraded Cisco ASA’s. Was on the team that went to Kansas City for the data breach there. Configured Cisco switches and connected devices to Splunk and analyzed data. Use Python for log queries. Configured and managed DNS and DHCP. Configured and maintained F5 loadbalancers. Worked with Proofpoint and configured and troubleshooted Proofpoint
Cisco Systems December 2016 to November 2017
Security Engineer/ Pen Testing
Analyzed information being sent from the syslog collector into the Cisco SOC. Verified information from the syslog log collector into the SOC was accurate. Created scripts to monitor suspicious traffic. Blocked suspicious traffic and worked with customer verifying traffic was suspicious and needed to be blocked. Investigated vulnerabilities as tickets were assigned.
Worked with NetSuite. For Pen testing used Rapid7, Nessus, Kali, Curl, Metasploit, Python and Fiddler. Investigated vulnerabilities discovered via Splunk logs and other SIEM tools.Configured and managed DNS and DHCP.
ATT, INC Durham, NC 2010 to December 2016
Senior Security Engineer/ Pen Testing
Used Rapid7, Nessus, Kali, Curl, Metasploit, Python and Fiddler. Investigated vulnerabilities discovered via Splunk logs and other SIEM tools. SME on Secure email issues, Troubleshoot firewall issues on Fortinet, Checkpoint, Cisco, Palo Alto, Lucent Brick and Juniper firewalls. Troubleshoot routing issues on Cisco and Juniper routers. Troubleshoot DNS issues. Troubleshoot Bluecoat issues. Was Team Lead for installing Cisco ASA, Cisco IDS Bluecoat proxies, and SEG email for the US Federal Courts System. Managed a team of 8 for 24/7 coverage. Worked with FSSO, which integrates Active Directory with the Fortinet URL filtering. Worked with companies on evaluating risk assessment; helped companies evaluate their ISO 9001 and 27001 certification. For the US Courts configured security devices and SEG to have the traffic sent to the SIEM product for analysis. Analyzed data from the SEIM logs to troubleshoot and analyze any potential risk. Troubleshot and analyzed Bluecoat and Ironport data and issues. Used Tripwire. Performed firewall troubleshooting for several Banks (such as RBS/ Citizens Bank and Macquarie Bank). Was proficient with Fortinet DLP and cloud protection. At the US Courts was team lead for all vulnerability activity and reported directly to the US Courts management. SOC
Managed a team of eight for a 24/7 SOC. Reviewed weekly reports, managed 24/7 schedule and reported all activities to upper management. Made sure each team member was able to improve their skills so they could be prepared to stay within ATT standards. Had each team member cover every shift for cross training. Did all team member reviews. Technologies support Cisco ASA’s, Cisco switches, Cisco IDS, Ironport ESA, Mcaffee SEG product, SIEM and analyzing logs from the SIEM to protect the US Courts environment. Worked with ATT HR on reviews, training and hiring. Was very hands with every team member. Was the SME for Ironport, Mcaffee and Proofpoint SEG product. Designed powerpoint for lunch and learns for SEG (Secure email gateway) and was point of contact for all SEG issues. Configured and maintained Zscaler. Use Python for log queries. Configured and maintained F5 loadbalancers. Worked with Proofpoint and configured and troubleshooted Proofpoint.
Peopleclick, Inc, Raleigh, NC 2008 – 2010
Senior Security Engineer
Recruited to establish and manage enterprise-wide information-security and corporate network. Oversee companywide efforts to identify and evaluate all critical systems. Design and implement security processes and procedures and perform cost benefit analysis on all recommended strategies. Collaborate with external auditors to conduct in-depth compliance audits and penetration testing, presenting all results to senior management. Worked with outside vendors like Capital One Bank and performed multiple outside penetration scans and mitigated all issues and made all corrections for all penetration tests
Installed all security equipment (Cisco ASA Firewall, Cisco IDS and router) at Disaster Recovery site.
Mitigated all security issues from Security Audits; Installed and maintained Tripwire
Worked auditors to mitigate all security risks; conducted pen tests using Rapid7, Nessus, Kali, Curl, Metasploit, Python and Fiddler. Investigated vulnerabilities discovered via Splunk logs
Maintained all firewall rules for corporate and production network. Investigate and repaired all firewall and network related issues
Audit of Windows and Linux policies; Scan all devices with NetExpose.
Was instrumental in developing and implementing Cisco VOIP, Cisco Unity and Cisco Contact Center in Raleigh Corporate office. Upon completion of VOIP project there was a one-time saving of $247,000 and monthly ROI of $5,000. Integrated CUCIMOC with OCS. Had Extension Mobility and Mobile Connect installed on the Call Manager. Upgrade CUCM from 6.0 to 7.1.3.
Upgraded Cisco 2821 router to 2851 router. Maintained Cisco CME 2821 router with 40 Cisco phones (users) connected to it.
Prepared all departments for two successful SAS-70 audits. Responsible for the Network Redesign of all Corporate Offices.
Move offices to smaller office space. This including redesigning network configuration to save the company $10,000 in monthly expenses. Maintained Symposium and Nortel 11c. Converted Symposium to Cisco IPCC
Worked closely with the AD group on making sure Virus protection was up to date and all systems were protected.
Managed the patch server to see what patches were needed and then schedule the patch upgrades. Worked with end point security (Servers and workstations)
Performed risk assessment on all devices to ensure they were secure.
Deployed end point protection on all servers and work stations.
Installed and maintained MRTG, installed and maintained NAGIOS, installed and maintained Splunk and installed and maintained SNORT.
Carquest, Raleigh, North Carolina 2007 – 2008
Security Manager and Lead Engineer
Recruited to create security policies, implement Cisco CSA and Cisco MARS and served as a supervisor five employees.
Used Rapid7, Nessus, Kali, Curl, Metasploit, Python and Fiddler for Pen testing.
Implemented RSA Enivision server to log and report activity on all security devices. Worked on Risk assessment on all devices. Maintained RSA secureID servers. Worked with Active Directory and user groups providing security. Created DR plan for cold DR site for all security devices. Created security policies for all systems. Worked with Ironport for Secure email and Sendmail for secure email
Implemented Cisco SSL VPN clients for 4.500 stores. Tested and Implemented Cisco CSA to all UNIX servers and Cisco VOIP servers. Worked with the Active Directory group to keep the anti-virus software updated on the PC’s. Made sure all end point devices were secure. (Servers and workstations). Installed and maintained Cisco NAC. Implemented three Cisco MARS servers
Maintained and installed Ironport email devices
Managed a team of seven. Reviewed weekly reports and then consolidated them into a report to my manager. Maintained a team meeting every week to incorporate customer service training with each team member. Dealt with all Human Resource issues and hired two additional employees while I was manager. Did Lunch and learns with the team to cross train. each team member. Did all team member reviews. Technologies that were supported Cisco Mars, Cisco NAC, Cisco ASA’s, Cisco VPN, Cisco Any connect, Sidewinder Firewalls, Ironport ESA and Unix email. Was very hands on with every team member.
Cisco Systems, Raleigh, North Carolina 2006 – 2007
Network Engineer Advisor
Recruited to advise technical writers on all technical aspects of all Cisco networking equipment. Worked on network design for NATO. Created documentation for Cisco Sales Engineer lunch and learns for ten employees. Provided technical document on numerous RFP’s. Design VOIP for the Belgium Government.
Design Wireless Solution for US Navy. Design new switch technology for various Air Force Bases. Worked on a new Mobile solution in response to new emergency services requirements. Worked with Active Directory on providing an all in one solution for all agency communications.
ATT, Raleigh, North Carolina 2005 – 2006
Network Engineer
Recruited to resolve ATT’s customer LAN, WAN and VOIP issues. Became Team Lead for all Home Depot LAN, WAN and VOIP tickets. Installed VOIP for 350 Dillard’s stores. Most productive troubleshooting technician on the Day shift
Strategtic Technologies, Raleigh, North Carolina 2004-2005
System Network Administrator
Responsible for installation, maintenance, troubleshooting, and upgrade of all internet and phone equipment (including wireless), security devices, and internal frame-relay equipment
Provide rotational on-call support during non-business hours.
Technical support for production and development systems
Worked with UNIX engineers needs and provided them support.
Moved ten web servers from Florida to Raleigh Hosted site
Reconfigured VPN solution that increase network performance
Installed and maintained Symantec Raptor Firewall
Worked with Active Directory on end point protection on all devices
Installed and maintained MRTG. Installed and maintained Nagios. Installed and maintained SPUNK
Professional Training and Certifications
Palo Alto ACE
*Currently studying for Certified Ethical Hacker certification
Professional Affiliations
Member – Information Systems Security Association
Member - CIPTUG
Education
Albuquerque TVI
Associate Degree, in Accounting
Accounting Major also took various Programing Classes
Santa Fe University of Art and Design- Accounting
Contact this candidate