TAIWO SUNMOLA
CISA, CDPSE, CCNA, CCNP, CEH, PCNSE, AWS Practitioner, ITIL
Houston, TX 77084 *******.******@*****.***
NETWORK & SECURITY ENGINEER
Vulnerability Detection Project Management Threat Incident Management Risk Risk Management & Mitigation and configuration with Cisco Routers and Switches, Palo Alto Configuration
Security Protocol Development Strategic Planning & Analysis Testing Methodologies
·A dedicated, results driven Information Security Professional with 8+ years’ experience designing and introducing security strategies and measures to guide IT and network operations and equipment.
·An intuitive Engineer with proven success managing, maintaining, and configuring applications and security network hardware including. Firewalls, VPN devices,
Logging Systems, Security Provisioning Systems.
·A well-respected technical professional with notable expertise analyzing current environments, performing risk assessments and root cause analysis, and identifying potential threats, to implementing improvements to mitigate system vulnerabilities.
·Analytical and highly adaptable with extensive knowledge and experience developing, deploying, and evaluating systems that align with industry standards, and identify new trends in security threats and cyber-attacks.
·An accomplished and articulate communicator skilled in strengthening business relationships and leading cross-functional project teams across functions to drive cohesive, strategic operations.
work in the US for any employer
Work Experience
NETWORK ENGINEER
Vopak (oct 2021-oct 2022)
Ensure stable operation of the Vopak network to allow internal and external customers to successfully perform business functions.
Manages network equipment including Cisco Firewalls, Routers, Switches, Fortinet Firewalls and SD-WAN,
Manages on-premises datacenter connectivity using Cisco Nexus switches and Nutanix HCI.
Provides management and support for existing Cisco Collaboration platform including Cisco Call Manager, Unity and Webex
Reviews existing network state along with future growth plans, and makes recommendations to improve performance, reliability, and security.
Work directly with vendors and service providers to install and maintain data and voice circuits.
Implementation and management of high-profile projects, often concurrently, using new and existing project management and reporting tools.
Collaborate with other functional teams including, Network Engineers, Help Desk Analysts, Developers, and other Business Analysts to ensure application availability.
Perform regular audits and reviews of security posture and risks in accordance with new and existing policies.
Provide tier 3 support including occasional after hours support and engineering in support of active projects.
Creation and maintenance of documentation, including runbooks, diagrams, and knowledgebase articles.
Mentoring and information sharing with other members of the IT Team to support collaboration and career
VPN (Lead), Firewall and Proxy (Tier 3 Support)
COGNIZANT TECHNOLOGY SOLUTIONS (JOHN DEERE)
August 2020 to October 2021
Oversee implementation and maintenance of VPN resources and connections, ensure system availability to support 40,000 users on Cisco Appliances. Lead initiatives to analyze network security designs, build solutions to network elements, and develop deployment strategies to drive VPN Security. Establish and maintain network security and risk management policies to ensure data, network, and system protection from digital and physical threats. Configure enterprise VPN with ASAs and Firepower Alliances (Cisco), including upgrading ASAs to resolve vulnerabilities identified by Cisco. Employ reporting tools like Splunk to troubleshoot and resolve various remote access issues, and INFOSEC to perform NIST audits on equipment.
·Successfully implemented Firewall rules on Palo Alto and checkpoint appliances, in addition to securing infrastructure from unauthorized access.
Developed and instituted new network designs and provided security secured network segments and transport systems security policies for all internal systems.
Spearheaded project to build Network Equipment Center security designs according to business requirements and technical specifications.
·Configured Cisco routers and switches at enterprise level.
·Collaborated with OKTA team in creating MFA for remote access users.
·Leveraged advanced knowledge and experience in intrusion-detection, IDS/IPS,
DLP, SIEM, vulnerability-scanning, proxy appliances to monitor system functionality and promptly identify potential threats.
·Integral contributor in defining, developing, and directing global security management strategy and framework
·Supported Senior Team members in reporting and coordinating day-to-day tasks in absence of the Security Manager
Network Security / Information Security Analyst
APTIV GLOBAL- BOSTON PROJECT
March 2018 to June 2020
Developed and implemented internal processes to strengthen security measures for data, software and hardware, system applications, and networks. Devised network policies and procedures and authorization roles to aid in preventing unauthorized access, system threats, and potential data losses. Configured, deployed and maintained Active Directory, Cisco Wireless LAN Controller, Fore Scout Counteract,
F5 Load balancer using BIG IP LTM and Cisco Meraki Wireless Network for network security monitoring. Led and executed all tasks associated with integrated network operations efforts, including Security, IT Planning, LAN/WAN functionality and projects. Designed network layout and incorporated Internet facing VPNs, DMVPN phase 2 for remote connections, IPT, and wireless subnets. Implemented and maintained a Citrix environment utilizing the Riverbed Wan Optimization Tool and expert experience with Cisco Identity Service Engine. Instituted and supported
VoIP Business Phone System on Asterik Issabel, and segmented networks using VLANs.
Setup and monitored computer networks and computer environments, including software applications, hardware, system software, Virus protection software, and email applications.
·Built and managed disaster recovery and business continuity plans which included data backups and maintaining VPN products for L2L peers and remote personnel.
·Configured and maintained Cisco Wireless Lan Controller, and Cisco Meraki Wireless Network for network security and monitoring. Additionally, implemented Palo Alto Firewall across the network.
·Successfully deployed Cisco SD-WAN zero-touch provisioning and released SD-WAN security.
·Implemented several triggers to troubleshoot infrastructure issues, added trigger dependencies to navigate past redundant alerts in SolarWinds Orion, and setup HA for SolarWinds to monitor NPM.
·Administered Cisco ASA firewalls throughout WAN to ensure LAN integrity and protection from external threats, and utilized UTM (Unified Threat Management) to monitor network, bandwidth, and malware of the environment.
·Troubleshot reported errors and system failures, identified root cause, and implemented resolutions to minimize impact on production impact and overall operations.
·Configured and applied ACLs on Cisco ASA and Checkpoint firewalls and Cisco routers.
·Analyzed vulnerability scans provided by clients to remove false positives from various of tools (Nessus, app detective, web inspect and QualysGuard), before creating and delivering a final report.
·Investigated ArcSight SIEM events to determine true intrusions and scrutinized
DDoS attacks, FireEye, Sourcefire, malware, and web sense event that are common on Comcast network and NBCUniversal.
·Analyzed system functions and connections to identify cyber threats and system vulnerabilities, monitor for cyber intrusions, and troubleshoot and respond to security incidents detected from HP ArcSight, SIEM Ids/IPS, and other security applications. Managed incident monitoring, investigations, and responses involving advanced or complex threats from everyday security events to advanced persistent threats (APTs)
Wireless Field Network Engineer (AT&T Project)
SOFTWARE QUALITY LEADERS INC
November 2017 to March 2018
Integrated and tested Ericsson RBS 6601, BBU6630 (5G), LTE and 5G ran equipment using Script Installed File (SIF), and deployed BBU6630 across the AT&T Network.
Performed DUS swaps with BBU5216 + XMU, BBU6630 for carrier explanation for LTE, as well as a DUS to 5216 BBU migration to support routine system upgrades, updates, and management. Drove preventative maintenance efforts including testing network equipment, assessing system performance, and ensuring proper functionality according to technical documentation and intended operation.
·Contributed to phases 1 thru 5 of carrier configuration and radio carrier to support 850 frequency.
·Developed and facilitated an effective support module for post-release customerhandover.
·Singlehandedly owned and troubleshot a Level-2 NOC incident, thoroughly assessed and identified post-migration issues, and developed and implemented a resolution to minimize system downtime and production impact.
·Designed and setup a repeatable, reproducible, and measurable technology process to streamline operations and increase productivity.
Network Security Admin
SAINT NICHOLAS HOSPITAL
September 2015 to August 2017
Managed the installation, administration, troubleshooting and maintenance of network security solutions. Updated software with latest security patches to strengthen security measures across network resources. Routinely performed vulnerability and penetration tests to identify and mitigate potential threats, and established disaster recovery and business continuity plans. Developed standard operating procedures (SOPs) for upgrading and managing onsite computer systems and network connections, in addition to managing Active Directory and associated features. Built and configured network Firewall using Cisco Meraki
Wireless Solutions, Cyber Roam, and Active Directory to ensure proper defense against cyber-attacks. Utilized DMVPN Phase 1 to connect to remote sites, and utilized MRTG and Solarwinds NPM analyses to monitor bandwidth and network activity.
·Developed and introduced a Helpdesk system to manage hardware inventory, monitor support requests, and increase efficiency of network support activities.
·Led on-call technical support efforts, including troubleshooting issues, assigning to appropriate team or individual, and follow up ensure completion within predetermined Service Level Agreements (SLAs).
Noc Engineer/Network Support
Quest Telecoms Services Nigeria LTD/Alcatel Lucent March 2015 to September 2015
Network Admin
Rostrum Investment and Securities NIG November 2013 to March 2015
Tools:
MRTG, Solarwinds NPM, Netbrain, NetFlow, Riverbed WAN Optimization Tool, MPLS, Broadband, LTE, VSAT, Viptela, BIG IP LTM, Asterisk Issabel, Zscaler, ITIL standard Hardware:
Cisco routers and Firewalls, LANs, WLANs, VLANs, TPLINK routers, Cisco Catalyst, Avaya Phones, Cisco Wireless LAN Controller, Nexus 7K/5K/2K
Security:
SonicWall, Cisco-Meraki, Palo Alto System, Cyber Roam, SolarWinds Orion, Cisco ASA firewalls, DDOS Appliances (Arbor Edge Defense)
Routing Protocols:
OSPF, EIGRP, BGP
Education
Bachelor of Science in Computer Science
Olabisi Onabanjo University, Ogun State
Skills
•Platforms:
•Windows
•Windows Server
•Mac OS
•VMWare ESXi
•VMWare vSphere
•RADIUS
•Active Directory
•LAN
•Network Monitoring
•VPN
•WAN
•Network Security
•Network Firewalls
•Disaster Recovery
•MPLS
•System Administration
•Network Support
•DHCP
•Information Security
•Load balancing
•OSPF
•DNS
•Remote access software
•TCP/IP
•Cisco routers
•Network infrastructure
•Virtualization
•Cybersecurity
•VoIP
•Microsoft SQL Server
•Splunk
Certifications and Licenses
Certified Information Systems Auditor (CISA) Certified Data Privacy Solutions Engineer (CDPSE) Cisco Certified Network Professional (CCNP) Cisco Certified Network Associate (CCNA) ITIL foundation in Service Management Certified Ethical Hacker (CEH) Amazon Cloud Practitioner PCNSE(Palo Alto Certified Network Security Engineer)