Security Engineer Network
Resume:
OLUGBEMIGA MOSES OGUNSEYE
Dallas, TX ***** +1-330-***-**** *.********.******@*****.***
LEAD NETWORK & SECURITY ENGINEER
I have over a decade of experience in designing, implementing, and operating highly available, secure, resilient, and scalable IP networks for enterprises of different sizes. I have a strong sense of IT responsibility to support technical initiatives, and a record of supporting IT systems and projects in Agile environments.
PROFESSIONAL QUALIFICATIONS
Certified Meraki Network Operator (CMNO)
Cisco Certified Network Associate (CCNA)
Cisco Certified Network Professional (CCNP) – Enterprise
TECHNICAL COMPETENCE
Routing and Switching:
Using combinations of protocols and hardware which includes but is not limited to: Cisco ISR, ASR, Juniper, Aruba, Meraki, Cisco Catalyst and Nexus Series, Aruba, Juniper, Routing & L3: Static Routing, RIPv2, EIGRP, OSPF, BGP, IS-IS, GRE, MPLS, IPv6, Traffic Engineering, Redistribution, Multicast routing, STP, RSTP, MSTP, VTP, VSS DTP, VLANs, 802.1Q, Trunks, Cisco VDC, Aruba VSX & VSF, EtherChannel, Virtual Port-Channel, FabricPath, OTV Summarization Policy-Based Routing, NAT/PAT, HSRP, VRRP, GLBP, Route Filtering, SDN, ACI, SDWAN, DMVPN,
Security:
Cisco ASA 5500 Series, NGFW, FirePower, Cisco Secure ACS, Cisco ISE, Cisco Prime, Cisco VPN Concentrator, SonicWall Firewall TZ205, TZ210, Fortinet, Zscaler Public and Private Acess, Palo Alto Firewalls, Panorama, Site-to-site VPNs, Remote Access VPNs, GRE, IPSec, NAT, AAA (RADIUS/TACACS+), Access Control Lists, Dynamic Access Policies (DAPs), Traffic Filtering, Failover, Transparent Firewall, Security Contexts, DMZs, RBAC, IDS, IPS, Public Key Infrastructure (PKI)
Cloud Technologies
AWS Direct Connect, Azure ExpressRoute, Azure VPN (P2S,S2S), Google Cloud.
Software tools:
Solarwinds NMS, Nexpose Security Product, Splunk, Algosec, Nmap, Wireshark, Spiceworks, Visio, ASDM, Panorama, GNS3, IPAM Application Software, VMware, Python, Ansible, Linux, Opengear Light House, etc.
PROFESSIONAL EXPERIENCE
PROGRESSIVE INSURANCE March 2020 – Present
Senior Network Engineer
Deploy and maintain Datacenter Networks as required by the business.
Supported enterprise WAN connectivity which includes multiple dark fibers, DWDM, MPLS, Internet from multiple ISPs, LTEs etc.
Setup and maintain Viptela and VeloCloud SD-WAN Solutions.
Make periodic updates to routing and security policies in Viptela vSmart.
Support all connectivity to the enterprise’s Public Cloud Providers.
Maintain Corporation’s Datacenters Interconnection (DCI)
Deploy and maintain WAN technologies like MPLS, Internet and DWDM in support of business needs
Maintain BGP connectivity between Service Providers and network edge, and between network edge and various portions of the network including network core and DMZ.
Serve as network resource in support of Cloud Core Team.
Maintain and update relevant Ansible playbooks for applicable network tasks.
Provide support to the Data Center and Network Core team.
Create and maintain network Visio drawings and documentations.
Participate in incidence reviews and troubleshooting of service disruptions.
Built dashboards for network monitoring using tools like Splunk Studio and SteelCentral Portal.
Vendor relationship management.
X-RITE PANTONE, MI Sep 2019 - Feb 2020
Network Engineer
Resolved trouble tickets resulting from daily network operation.
Maintained the enterprise’s DMVPN Phase 3 which allowed for Spoke-to-spoke communication between regional offices and remote branches in different parts of the world.
Supported all Site-to-site VPNs between the enterprise and vendors as well as public cloud providers like Rackspace, AWS and Microsoft Azure.
Refreshed X-Rite’s Cisco Remote Access VPN Gateway (ASA 5580).
Added Duo 2-Factor authentication and Single Sign-On (SSO) to Remote Access VPN setup.
Modified firewall rules and make route changes on Palo Alto Firewall as needed.
Maintained routing protocols such as OSPF and BGP across multiple regional offices.
Vendor relations management.
Create and maintain network documentation.
DART CONTAINERS, MI June 2018 – July. 2019
Network Engineer
Implemented of Campus QoS across their more than 350 Cisco Catalyst switches across 50 locations
Configured Medianet and Netflow on applicable devices.
Access and distribution layer refresh of various facilities.
Daily network operations and monitoring (SolarWinds NMS, LiveAction)
Maintained routing protocols such as OSPF at the Aggregation layer and BGP between distribution, core, and network edge.
Designed and implemented PoC for Viptela and Velocloud SD-WAN
Configured and managed VPN/DMVPN tunnels to connect various warehouses to datacenters
Configured route redistribution between BGP and OSPF in a multi-area OSPF network.
Managed network security, modified firewall rules on Cisco ASA and FTD using ASDM and FMC respectively.
Configured VIPs on BIG-IP F5 Local Traffic Manager (LTM) to load balance across server farms
Setup and maintain Dynamic Access Policies (DAPs) on Cisco ASA to support Smart Hands and 3rd Party Tier 1 support vendors.
Managed Network Access using Cisco ISE
Built ACI lab and migrated staging and lab network to ACI
Create Network KBAs and other documentation.
STERICYCLE, IL Sept. 2016 – Sept. 2017
Network Engineer
Worked on network redesign and security upgrade project, which involved carving out new IP address blocks, replacing collapsed core network with a 3-tier network and installation of new B2B and DMZ firewalls.
Deployed Out-of-Band Network and Opengear terminal servers on critical network infrastructure.
Back up, Restore, upgraded, and maintained CheckPoint and Fortigate firewall appliances.
Successfully replaced Cisco ASA with FortiGate Security Appliance running two virtual domains (VDOMs) and configured for basic firewall policy, IPsec VPN, Explicit Web Proxy, Application Control, Data Leak Prevention, Intrusion Prevention (IPS) and Web Filtering.
Performed security scan of assets in compliance with PCI-DSS.
BLICK CENTER, OH July 2015 - August 2016
Network Associate
Designed and deployed networks using static and dynamic routing protocol ( EIGRP, OSPF and BGP)
Configured and maintained VLANs, 802.1q trunks, VTP, First Hop Redundancy Protocols like HSRP.
Resolved network-related service desk tickets.
Setup additional branch offices using Meraki-Cloud
Deployed and monitored Cisco Identity Service Engine (ISE) for Network Access Control (NAC) and AAA (TACACS+ & RADIUS).
Setup virtual Port Channel (vPC) on the Nexus 7k at the core/distribution layer.
Documented network changes as needed
ROSCOM TELECOMS, LAGOS, NIGERIA Dec 2012 – June 2014
Network Engineer
Securing Cisco Switch access, implementation of traffic filters using Standard and Extended Access Control List, Distribute-list, and Route Maps. Troubleshooting hardware and LAN related issues – TCP/IP, DNS, DHCP, Layer2/3 network devices. Planning & scheduling the network and service down time for various upgrades and maintenance
Configured VIPs on BIG-IP F5 Local Traffic Manager (LTM) to balance loads across relevant servers in a pool.
Deployed and monitored Cisco Identity Service Engine (ISE) and Cisco Secure ACS for the implementation of port-based authentication (DOT1X), profiling and AAA (TACACS+ & RADIUS).
MPLS design and Implementation. Design and Implementation of enterprise VoIP telephony network
QueQuest Technologies Ltd, Lagos, Nigeria June 2008 – Nov 2012
Network Sales Engineer
Deployed and commissioned long distance call termination with RADIUS servers at clients’ location
Monitored voice traffic and bandwidth utilization.
Installed and demonstrated VoIP gateways and advised customers on our products.
Preformed maintenance on equipment as necessary, performing device upgrades, modification of configurations, password changes and diagnostic testing.
EDUCATION
MBA – Strategic Marketing - University of Akron - 2016
B. Sc Systems Engineering - University of Lagos - 2010
Contact this candidate