Ndri Olivier Diby

Salt Lake City, UT 801-***-**** adsear@r.postjobfree.com

SUMMARY

High-performing team player with extensive experience in multiple network and security vendors in a wide variety of industry. In depth and hands-on understanding network architectures with a strong ability to design and implement complex and secure networks, quick troubleshooting skills, and excellent decision-making expertise.

PROFESSIONAL SKILLS

Secure network architecture

Strong leadership on teams as well as effective management of employees

Cisco routing including 4k/ASR1k routers

Cisco switching including 2k/3k/9k Catalyst IOS switches, 5k/7k/9k NX-OS switching

Palo Alto firewalls

Panorama

Cisco Application Centric Infrastructure (ACI)

Multiple network management, monitoring, and alerting tools including Solarwinds, Cisco ISE

Distributed networking utilizing WAN technologies including MPLS, IPSEC, and SD-WAN

Logging and SIEM analysis tools including Splunk

Remote access and Site to site VPN configuration and deployment

Advanced Layer 1-4 network troubleshooting

Wireless LAN design and implementation utilizing controller-based, local, and cloud managed solutions

Core network technologies including TCP/IP, BGP, OSPF, EIGRP, SNMP, TACACS+, RADIUS, STP, RSTP, MSTP, AAA 802.1X, HSRP, VRRP, GLBP, LACP Multicast, VLANs, IP subnetting, GRE, IPSEC, DMVPN

Ansible network automation configuration and deployment tool

EDUCATION & CERTIFICATIONS

M.S. Network Engineering & Security, Depaul University, Chicago, IL – May 2017

B.S Telecommunication Administration, Weber State University, Ogden, UT April 2011

Cisco Certified Network Professional (CCNP) Enterprise

COMPTIA Security+

Cisco Application Centric Infrastructure (ACI)

PROFESSIONAL EXPERIENCE

Network Security Engineer at Cotiviti

Draper, UT April 2020 – August 2022

Performed the following tasks:

Setup and configured devices such Nexus 9K switches in multiple Datacenters across the US

Used network management, monitoring, and alerting tools such as Solarwinds and Cisco ISE

Setup, configured and deployed Palo Alto firewalls and Panorama

Configured Cisco Application Centric Infrastructure (ACI)

Configured and deployed Cisco Meraki wireless access point

Configured automation tools such as Ansible to deploy configuration to network devices

Configured WAN technologies such as Silver peak SD-WAN

Network Security Engineer at Palo Alto Networks/CSS Corp

Draper, UT November 2018 – January 2020

Performed inbound, outbound phone and email support for Palo Alto networks customers and partners troubleshooting and configuring the following: Global protect, HIP-Based Policy Enforcement, SSL VPN, Site-to-site VPN, Automatic VPN failover with Dual ISP, OSPF and BGP routing, Security and NAT policies Rules, User-ID, User-ID Agent and Agentless, User IP mapping, URL Filtering, File Blocking, Antivirus blocking, Wildfire, Antispyware, Vulnerability Protection, DoS Protection, QoS, Application Override, Zone Protection, External Dynamic Lists, Log Forwarding, SSL Decryption, Policy Based Forwarding, Captive Portal, LDAP, Radius, TACACS+ SNMP, Syslog, Netflow Email, High Availability Active/Passive and Active/Active, Firewall Upgrade, Panorama upgrade, Template, Device Group, Template Stack, Certificates, Multi-Vsys SAML, MFA, Azure, AWS and more.

Top Production case closure among 15 Engineers and Closed over 150+ cases within a quarter

Technical Support Engineer at Pure Storage

Lehi, UT November 2017 – April 2018

Performed inbound phone and email support for customers and partners

Performed Software version upgrade for customer on various Flash Array or SAN products line

Performed Hardware Upgrade for customer on various Flash Array or SAN products line

Configured Flash Array or SAN (Storage Area Network) and Provisioned disk resources from SAN to users

Cyber Security Solution Field Engineer Contractor at Emerson Process Management/Randstad Technologies

Price, UT May 2017 – September 2017

Implementing Critical Security Controls (CSCs):

Inventory of Authorized and Unauthorized Devices

Inventory of Authorized and Unauthorized software

Vulnerability Assessment and Remediation

Controlled use of administrative privileges

Maintenance, monitoring, and analysis of audit logs

Email and Web Browser Protections

Malware Defenses

Limitation and control of network port, protocols, and services

Data recovery

Secure configurations for network devices such as Firewall, Routers, and Switches

Data protection

Controlled access based on the need to know

Wireless access control

Account monitoring and control

Application software security

Implementing Critical Security Controls using VMware ESXi, Cisco 2960-X switch, NAS (Network attached Storage), Nexpose vulnerability assessment, Domain Controller, Active Directory, McAfee ePolicy Orchestrator, McAfee Rogue System Detection, McAfee Antivirus, McAfee Application Control, Solarwinds, Cisco Identity Services Engines (ISE), Tripwire configuration management and Acronis Backup & Recovery.

Network Engineer at Academy Mortgage Corporation

Salt Lake City, UT, October 2011 – April 2012

Configuring, implementing, and managing Cisco Unified Communication Manager Express & Cisco Unity Express for Academy Mortgage branches nationwide.

Configuring and implementing T1/PRI & POTS line connection on Cisco Voice Gateways

Coordinating T1/PRI circuit turn up with service provider Century Link, Comcast and Other for Academy Mortgage branches nationwide.

Planning, preparing, designing, implementing, operating and optimizing Cisco IP Telephony Network for Academy Mortgage branches nationwide using VLANs, Cisco 29xx-VSEC-SRE/K9, Cisco POE Catalyst switch 2960, Cisco ASA 5505, Cisco CP-7962G (IP Phone) and Cisco valet wireless router.

Backup administrator for corporate Cisco Unified Presence Servers (CUPs), Cisco Unified Communication Manager and Cisco unity Connection.

Business Support Engineer at CSS Corp

Salt Lake City, UT, May 2011 – October 2011

Performed inbound phone and email support for NETGEAR customers and partners

Configured and troubleshoot Site- to Site VPN, Remote Access VPN and SSL VPN

Configured and troubleshoot firewall, routers and switches

Configured and troubleshoot wireless router, wireless access point and wireless controller

Configured and Troubleshot Network Attached Storage

Presales

Contact this candidate