Palo Alto Security Engineer
Resume:
OLEG PYSARENKO
LINKEDIN 954-***-**** ************@*****.***
SKILLS
OS: Windows, Linux, Unix, macOS, Chrome, Android, IOS
Internet protocol suite and OSI model: TCP, UDP, IP, ARP, ICMP
Routing protocols: OSPF, EIGRP, RIP, IGRP, BGP, IS-IS, VRF
Cisco devices management: switches, APs, routers, controllers, servers
Cisco tool technologies: DNAC, ISE, Prime, CMX, Meraki
SolarWinds Orion, Wireshark, pfSense, Intermapper
Cloud: Microsoft Azure, Amazon Web Services, Google Cloud
Virtual Private Cloud and Shared VPC
Tunneling: VPN, SSH, MPLS, IPSec, GRE
Port aggregation, port channel, etherchannel
Virtualization: Hyper-V, VMware, Citrix
Active Directory and Windows Server
SIEM: Splunk
Firewalls: Cisco, Fortinet, Palo Alto, Juniper
PowerShell scripting
Data backup and disaster recovery
Load balancing and High availability HA
RDP: MS RDP, VNC viewer, TeamViewer
Cisco security solution: FTD, FMC, ASA, NGFW
SSL Decryption, TLS, DLP, IDS and IPS
EXPERIENCED NETWORK SECURITY ENGINEER
With 10+ years of hands-on experience in the design, implementation, and support of large-scale networking environments, I specialize in delivering high-quality, resilient, and scalable network infrastructure. I have proven experience in Firewall implementations and support across leading vendors such as Cisco, Palo Alto, Fortinet, Juniper.
PROFESSIONAL WORK EXPERIENCE
NETWORK ADMINISTRATOR 12/2024 – 03/2025
City of Oakland Park
Migrated from Palo Alto firewall to Meraki firewall, including transferring firewall rules, configured high-availability HA (active/standby), adjusting network policies, and verifying security features to maintain optimal performance and security best practices.
Deployed Meraki firewalls to 14 City remote locations.
Migrated from VeloCloud SD-WAN to Meraki AutoVPN and SD-WAN solutions. Meraki MX security appliances use BGP to dynamically exchange routing information between City sites locations.
Designed the layout of new communication room, including the placement of network equipment, fiber optic cables, redundant electrical power source, proper grounding, HVAC system requirements, IT racks.
Created a plan for the placement of Wi-Fi access points and CCTV cameras at the new location. Provided the layout to the vendor for implementation.
Configured and installed Meraki devices (switches, routers, access points) to multiple City locations using best practices.
Created network segmentation at new location, configured DHCP for all new VLANs, isolated network traffic from public Wi-Fi to internal City’s production network.
Created layer 3 and layer 7 firewall access control rules on Meraki firewalls, standardized access control rules in all location.
Established VPN split tunnel connections in a mesh topology to all City sites and to remote data center. Administered remote VPN clients.
Connected City sites to several remote servers owned by multiple cloud vendors (Azure and AWS).
Configured and installed 2 redundant connections from different ISP providers in multiple City locations.
SENIOR SYSTEM NETWORK ANALYST – NETWORK TEAM 11/2021 – 11/2024
SYSTEM NETWORK ANALYST – NETWORK TEAM 04/2020 – 11/2021
Information Technology, Broward County Aviation Department
Deployed a multi-instance Cisco FPR-3210 firewall, configuring two separate firewall instances (County and VPN) on a single device.
Administered, configured, maintained next generation firewall Cisco Firepower (NGFW) and Cisco ASA firewalls, Cisco Identity Engine (ISE).
Performed traffic analysis and firewall hardening related to segmented networks.
Created and managed next generation firewall access control rules to allow/deny inbound and outbound network traffic, managed more than 800 rules spread between 6 county Cisco firewalls.
Implemented SSL decryption for finance, human resources and healthcare information to ensure compliance with data protection regulations.
Monitored and analyzed network traffic via SIEM Splunk, Cisco Secure Firewall Management Center (FMC) and WireShark (protocol analyzer), investigated and documented security incidents, provided recommendations to management on network related aspects.
Implemented Zero Trust Network Architecture (ZTNA) to secure access to critical resources leveraging network segmentation.
Worked with ReliaQuest GreyMatter SOC system.
Implemented web filtering and blocking based on URLs or FQDNs through firewall access control rules.
Performed daily administration for Cisco CallManager, Cisco Unity Connection, Cisco Emergency Responder (CER), Cisco Unified Computing System (UCS), Cisco Vision Dynamics and Cisco Webex conferencing solutions.
Configured IPsec site-to-site VPN full tunnels and administer remote VPN clients.
Utilized NMS scripts to perform advanced patch management, compliance checks, audit and update configuration for 1000+ network devices: routers, switches, APs.
Worked with Cisco TAC and RMA cases, manage network inventory surplus process.
Performed BCAD network monitoring utilizing Cisco DNAC Center, Cisco Prime, Cisco Mobile Experience, Intermapper and SolarWinds Orion.
Designed, deployed, configured, administered, troubleshoot, and upgraded at BCAD core and datacenter wired & wireless networks (8 routers/voip gateways, 500+ switches, 550+ access points, 6 firewalls) with a focus on standard design patterns, consistent reference architectures & strategies, performance, growth and scalability.
Created guidelines and standard operation procedures (SOP) for network team.
Deployed multi-tenant network environment based on VRF.
Manage and troubleshoot VOIP/PSTN, Algo public announcement system Cisco solution.
Maintain and troubleshoot fiber optical network with Fluke network tools and toner probes.
Assist security team on tasks, such as predict security attacks and minimize the impact; implement needed security policy across the network to protect information assets; governance risk compliance; perform network vulnerabilities analysis and identify mitigation steps to prevent threats to the network devices.
Assisted with management, support, troubleshooting for airport specific systems: baggage information display system (BIDs), flight information display system (FIDs), public announcement system (PAs);
Installed, troubleshoot, configured, support Verizon Mobile 4G LTE Network Extenders;
Genea – manage credentials, monitor all access activity globally, and assign mobile keys;
Installed, troubleshoot, configured, supported Meraki security cameras (MV22X, MV63X, MV93X).
COURT OFFICE SYSTEM TECHNICIAN II 11/2017 – 01/2020
Judicial Information Systems, Broward County Court Administration
Provided support for 400+ users (Judges included).
Troubleshoot software, hardware, network issues.
Image server: Microsoft Deployment Tool (MDT);
Remote user support via VNC viewer and VPN client connectivity.
Design, implement, administer and support Cisco network solutions for LAN, VLAN, WLAN;
Created and used PowerShell scripts for automating routing tasks.
Maintain IP addressing, routing, subnetting, for network solutions;
Troubleshooting and optimizing network, proposing and evaluating changes;
Windows Server 2012, 2016 management.
Microsoft Active Directory management (accounts, NTFS permissions, GPO, security reports, folder access);
Analyze network performance, modify parameters, create a baseline, create a heatmap;
Monitor network resource usage via Microsoft Tools or third-party providers such as SolarWinds;
Cisco devices: installation, configuration, updates, backup configuration, ACL configuration. Working with Cisco wireless access points, Cisco wireless controllers, mobility services, Cisco routers and switches;
RAID 0, 1, 5, 6, 10: daily monitoring, support, timely replacement.
IT & AV ACCOUNTING ASSOCIATE 10/2016 – 06/2017
Nova Southeastern University (contracted position)
Maintained inventory records in the fixed asset management system by gathering data, completing required forms/logs, and entering and correcting inventory records.
Managed inventory control for IT 9,000+ assets including: desktops, laptops, switches, routers, firewalls, APs, KVMs, racks, projectors, TVs, UPSs, peripherals, cameras, and cables;
Performed detailed inventory of computer components;
Software and licenses inventory management and audit;
SHIPPING-RECEIVING REPRESENTATIVE 06/2016 – 10/2016
Vista BMW
Monitored inventory levels and usage for a used car dealership;
Performed extensive auto parts inventory control, including data entry of product documentation;
Controlled the receipt of all incoming products and inspected all items for damage;
Verified all outgoing shipments to ensure necessary documentation was accurately recorded;
Quality control.
IT TECHNICIAN, 03/2015 – 02/2016
East-West Trans LLC (contracted position)
Troubleshoot software, hardware, network issues;
Design, implement, administer and support of LAN and WLAN, performed connectivity troubleshooting;
Design, implement and manage VoIP solution;
Installed and maintained: dispatcher’s workstations, GPS, radio stations, and tracking devices;
Scheduled, prepared, and started meetings on time using WebEx, Skype and conference call services.
DESKTOP SUPPORT TECHNICIAN, 09/2011 – 07/2014
Dnipropetrovsk Regional State Administration
Provided support for 600+ users;
Performed technical support for the installation, maintenance and troubleshooting of voice and data services used in desktop, remote client, Internet, and voice environments;
Created, modified, and maintained users accounts using Active Directory;
Imaging and deployment of PCs using GHOST;
Installed and configured peripherals, applications, MS Office, Lotus Notes, VLC, Adobe, etc.;
Windows Server (2003, 2008) set up, configuration and maintenance;
Maintained backups of databases and user files (LTO tape backup system).
IT SUPPORT INTERN, 09/2009 – 07/2011
My PC (part-time)
Repaired, upgraded, and maintained PC hardware and assisted in user’s relocation of IT equipment;
Assembled server racks/frames;
Assigned and acknowledged daily incoming ticket requests from end users.
EDUCATION, INDUSTRY CERTIFICATIONS, LICENSES
Cisco CCNP Enterprise, Cisco CCNP Security, Cisco CCNA Routing & Switching, Cisco CCENT
CompTIA A+, Network+, Security+
Google Introduction to Security Principles in Cloud Computing, Strategies for Cloud Security Risk Management
Fortinet Certified Associate in Cybersecurity
Microsoft Azure Fundamentals
CJIS Security and Awareness Training;
FEMA: IS-00100.b, IS-00200.b, IS-00700.b, IS-00800.c;
Dell: TechDirect 1000 Client Foundation 2017, TechDirect 1000 Enterprise Foundation 2017;
Master’s Degree: Public Administration, 2015, National Academy for Public Administration;
Bachelor’s Degree: International Economics, 2011, State Academy of Construction and Architecture;
Radio Technician License: Possess radio station. VHF and UHF bands (call sign KN4DIZ);
Civilian Police Academy: Davie Police Department.
PROFESSIONAL MEMBERSHIPS
American Radio Relay League member (ARRL), ID 200*******;
The Institute of Electrical and Electronics Engineers member (IEEE), ID 94369305;
HONORS
CPU Overclock Championship, 2014;
Achievement Award issued by Governor, 2012;
VOLUNTEER WORK
Davie Police Civilian Patrol, Davie Police Department, Town of Davie, FL;
Community Emergency Response Team (CERT), Town of Davie, FL;
Fort Lauderdale-Hollywood International Airport’s Operation Nightingale Active Threat Exercise, Broward County Aviation Department, FL.
Contact this candidate