NETWORK SECURITY ENGINEER
Highly competent, Experienced Network Security Engineer with expertise in delivering cutting-edge and robust next generation firewall services. Adaptable, willing to learn quickly and master new technologies with strong analytical, organizational, written and interpersonal skills. Successful in team and self-directed settings. Excellent communication skills with strong customer focus. High dedication toward growth and self-improvement
Proficient in deploying the PAN-OS software versions (6.x – 9.x) including the Panorama Central Management Solution
Deep understanding of the Palo Alto single pass parallel processing (SP3) Architecture
Expert level knowledge in configuring and Managing User-ID, App-ID and Content-ID
Experience with deploying the Palo Alto VM-Series Firewall on Oracle Cloud Infrastructure
Strong hands in Migration using the Palo Alto Expedition tool
Well versed with SSL decryption, SSL forward proxy and Certificate Management
Experience with integrating the Palo Alto Firewall with Authentication services such as Radius, LDAP and Kerberos
Strong hands on experience in deploying Palo Alto global protect services
Extensive knowledge in Configuring and troubleshooting Site-to-Site VPN
Experience with configuring SNMP and troubleshooting with Wireshark
Excellent Customer/Client relation skills and the ability to communicate technical information to non-technical audience
Experience with deploying and managing the Palo Alto Wildfire services
Well versed in configuring and troubleshooting quality of service (Qos) on Palo Alto Firewall
Experience with deploying the Palo Alto VM-series firewall on AWS cloud
Extensive knowledge in DNS Security and Denial-of-service protection
Experience with security information and event management (SIEM)
Expert level knowledge in deploying and troubleshooting Palo Alto High Availabilty
Experience with configuring Fortinet firewall (Fortigate), FortiManager and FortiAnalyzer
Experience with Network Access Control (NAC)
Strong knowledge in deploying Layer 2 Segmentation and Link bundling
Comfortable with configuring Cisco devices: Routers, Switches and Cisco ASA
PROFESSIONAL BACKGROUND
Network Security Engineer Atlanta, GA
June 2019 - Present
Installation, configuration and Licensing of Palo Alto 500, 3000 and 7000 series
Deployment and Licensing of Panaroma appliances including provisioning of dedicated log collectors
Planning and configuring device groups, template and template stacks
Migration of over 30 Cisco ASA firewalls to Palo Alto firewalls using Expedition tool v1.2
Deploy site-to-site VPN on Palo Alto VM-series firewall to protect Oracle Cloud Infrastructure
Perform constant cleanup on the rule bases by removing rules that are not triggered
Keep detailed record of client interaction and problem resolution in the ticket system
Escalate specific system issues to vendor support
Perform Firewall periodic upgrades and manage dynamic updates
Deployment of Custom application signatures for non-traditional applications
Implemented global protect Remote access vpn Solution for over 1000 users
Configure and monitor URL filtering for internal user bandwidth consumption management
Configure and troubleshoot High availability for Palo Alto firewalls in the network
Deployed public key infrastructure and multifactor factor authentication(MFA) to protect internal resources
Install and manage the Wildfire WF-500 appliance
Configuring and managing Vulnerability protection for enterprise applications
Participate in pre-defined on call rotation to respond to service tickets every 2 weeks
Constant monitoring of all enterprise firewalls and creating monthly reports of appliance performance
RAETH DATA SOLUTIONS
Network Security Engineer ATLANTA, GA
2015 – 2019
Configure network event monitoring and reporting using protocols such as SNMP and Syslog
Deployed High Availabilty and equal cost multipath for Palo Alto firewalls within client environment
Configured and monitored IPS on Fortigate firewalls within Client environment
Performed periodic upgrade and software updates
Configured and troubleshoot Site-to-Site VPN between Client Datacenters
Configured NAT and port mapping to protect Clients DMZ servers as required
Deployed and managed clients public wildfire subscriptions including appropriate mitigation of threats
Configured and maintained the Fortinet FortiManager and Fortigate appliances
Configured and managed Fortisandbox subscription for client environment
Implemented the Fortigate Advanced Threat Protection module for client environment
Deployed Splunk for collecting logs from Palo Alto and fortigate firewalls
Migrated over 20 fortigate firewalls to Palo Alto firewalls
Constant monitoring and evaluation of performance of all security appliance in the production environment
Monthly reporting of performance of all security appliances in Client production environment
Troubleshoot and resolved connectivity and application issues with wireshark
Configure Cisco ISE policy and profiling for users within Client environment
Deployed dot1x protocol and radius authentication on all access layer switches for various clients
Configured and troubleshoot Cisco DMVPN for Datacenter security
EDUCATION & CERTIFICATION
CCNP
PCNSE
CCNA RS
CCNA Security
CCNA Wireless
CompTia Security+
COMPUTER & TECHNICAL SKILLS
Cisco Routers: Cisco Integrated Services Routers (ISR) 2900, 3900, 4431, 4451 Cisco Switches: Cisco Catalyst 2960, 3550, 3650, 3750, 3850 Virtualization: Exsi 5.5, 6.0, VirtualBox, VMware Workstation 9, 10, 11, 12
Operating systems and Database tools:
Unix (Solaris), Linux (Ubuntu), Windows Server 2008 R2, Windows Server 2012
Benjamin Appiah
678-***-**** Atlanta, GA adjhdd@r.postjobfree.com
HISCOX