Post Job Free
Sign in

Senior Infrastructure Engineer Network Security Expert

Location:
Southfield, MI
Salary:
OPEN
Posted:
March 19, 2026

Contact this candidate

Resume:

Leonard West

Infrastructure Engineer

**********@*****.*** Waldorf, MD 313-***-****

Summary

Dynamic Infrastructure Engineer with over 15 years of extensive experience in network security and firewall management. Expertise in Palo Alto configurations, VPN setups, and data center infrastructure administration. Successfully migrated complex network systems, improving efficiency and security compliance. Proven ability to implement strategic policies and manage large-scale deployments, ensuring optimal performance. Adept at analyzing network protocols and addressing technological challenges, ready to bring solid solutions and innovations to enhance infrastructure at prospective opportunities. ZTNA Work Experience

Senior Network Firewall Engineer, HCL Technologies, Washington 12/2018 – Present

Implemented policy rules, DMZ, and multiple VDOMs for various clients on the Palo Alto firewall.

Configured and managed static IP addresses without employing routing protocols. Administered Palo Alto firewalls, Panorama, application identification, user identification, zones, URL filtering, and SSL decryption.

Executed migration from ASA to Palo Alto infrastructure. Utilized static IP addressing to configure devices within the environment. Established router-based and policy-based VPNs, SSL VPNs, NAC, IDS/IPS, and IPSEC tunnels on Palo Alto firewalls.

Configured, maintained, and upgraded data center infrastructure, including Nexus 7k, 6k, 5k, 2k, and UCS, leveraging VDC, VPC, VRF, Cisco UCS, and fabric-path technologies. Applied endpoint security technology, such as antivirus, host intrusion prevention, and vulnerability assessments, while ensuring user/system authentication and network security compliance.

Created zones and sub-zones on F5 GTM for optimized traffic management. Extensively analyzed TCP/IP protocols alongside transport protocols like TCP and UDP. Implemented fundamental F5 LTM (Local Traffic Manager) configurations. Configured and managed VLANs, pools, and virtual servers on F5. Troubleshot Cisco devices, F5 load balancers, and Palo Alto firewalls efficiently. Established a separate ESX 3.0 environment to facilitate migration from NSX 2.5.1. Orchestrated the transition from Juniper Netscreen OS to Palo Alto firewalls. ÿVPN Alternative for Remote Work: Traditional VPNs grant users access to an entire network once they are authenticated. ZTNA replaces this with a "never trust, always verify" model, granting access only to specific applications. This improves performance by reducing latency and provides better security by preventing broad network exposure.

Network Security Engineer, Infosys, Irvine

03/2015 – 11/2018

Configured EIGRP, OSPF, and BGP on Cisco routers and L3 switches, including the Nexus environment.

Implemented policy rules, DMZ, and multiple VDOMs for various clients on the Palo Alto firewall.

Leveraged Cisco routers and switches by executing LAN and WAN routing protocols EIGRP, OSPF, and BGP to manage network infrastructure, identifying and resolving complex routing and switching challenges.

Gained extensive experience working with Nexus 7010, 5020, 2148, and 2248 devices. Administered Palo Alto firewalls, Panorama, application identification, user identification, zones, URL filtering, and SSL decryption.

Enhanced processes to identify, analyze, and control network threats using Palo Alto and Forescout solutions.

Managed user-based and role-based access through Palo Alto Forescout in real-time. Configured router-based and policy-based VPNs, SSL VPNs, NAC, IDS/IPS, and IPSEC tunnels on Palo Alto firewalls. Tthird-Party and Contractor Access:using ZTNA to allow organizations to grant external vendors or contractors access only to the specific internal applications they need to do their jobs. Because it doesn't provide direct network access, it significantly reduces the risk of third parties introducing threats to the rest of the corporate environment. Senior Network and Security Engineer, MGLW (contract), Memphis 11/2014 – 03/2015

Served as a senior network and security engineer within IT operations. Addressed production issues and DP routers in the data center and DP DMZ environment.

Managed Palo Alto/ASA firewall for security policies and rule configurations, device mapping using network address translation, object management, and various administrative tasks.

Configured and installed NSX and virtual Palo Alto, alongside Cisco switches (2950, 2960, 3550, 3750, 4500, and 6500 series) and routers (2500, 2600, 3000, 3800, 4331, 6500, 7200, 7500, and 7600 series).

Configured and troubleshot perimeter security devices, including Checkpoint R77 Gaia and Secure Platform, Palo Alto, and ASA firewalls. Conducted remote implementation of Palo Alto PA-500 and PA-200 firewalls. Participated in data center migrations, ensuring effective management, maintenance, configuration, and modification of firewall structures. Configured all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k, etc.) alongside a centralized management system (Panorama) for large-scale firewall deployments. Configured and maintained IPSEC and SSL VPN connections on Palo Alto firewalls.

: By using micro-segmentation, ZTNA ensures that even if a user's credentials are compromised, the attacker is "trapped" within that specific application's segment. They cannot "hop" to other parts of the network to find sensitive data or deploy ransomware.

Network Linux Engineer, Govplace, Reston

06/2012 Provided – 08/2014 Tier 2 operational support for UNIX systems. Analyzed and designed consulting support for major business applications. Instituted efficient processes to improve operational efficiency. Utilized Linux clustering (Red Hat) and SAN technologies. Managed project and task deliverables, system changes, and application rollouts/upgrades.

Configured and maintained IPSEC, SSL decryption, high-availability settings, port mirroring, and SSL VPNs on Palo Alto firewalls.

Designed and deployed security firewalls, including ASA and Palo Alto solutions. Worked within an enterprise data center to enhance operational security. Built and configured server hardware environments for optimal performance. Troubleshot OS and hardware issues for both local and remote servers. Installed, configured, and integrated servers into production environments. Environment included Advanced Red Hat systems, KVM, XEN, and vendor escalations. Employed scripting tools to automate various processes.ÿSecuring Multi-Cloud and Hybrid Environments:USING ZTNA to simplifies access to applications hosted acrossdifferent public clouds (AWS, Azure, GCP) and on-premises data centers. Itprovides a unified way to manage access without complex network configurations or multiple VPN tunnels.

Cisco Systems Engineer, Business Computer Analysts, San Diego 06/2007 – 07/2012

Executed troubleshooting of network issues, monitored performance, and investigated related problems.

Provided consultation, evaluation, installation, and testing of network devices and management systems encompassing Ethernet, AppleTalk, FDDI, and ATM configurations. Deployed and configured Cisco networking equipment, including switches, routers, firewalls, VPN, and wireless environments.

Possessed experience with Checkpoint and Juniper firewalls. Configured networking switches effectively for efficient operation. Systematically analyzed and coordinated the ordering and receipt of materials and supplies for fiber optic, twisted pair, and broadband LAN/WAN connections. Demonstrated comprehensive experience in installing, configuring, and troubleshooting Cisco routers, switches, and firewalls.

Cisco Systems Administrator, Insurance Companies of the West Coast, San Diego 06/2006 – 05/2009

Configured Cisco Identity Service Engine and worked with NAC. Established Active Directory environments.

Possessed working knowledge and experience with endpoint security solutions and network security protocols.

Designed, implemented, and supported large-scale highly available networks across multi-site environments involving consumer-facing web-based applications. Managed data center operations (Halon, pre-action systems, APC, etc.). Oversaw data and voice network (Cisco) server platforms (UNIX, Windows, IBM). Facilitated storage and replication utilizing EMC and Cisco technologies. Implemented backup and recovery measures with products like NetBackup and ESX Ranger.

Managed virtualization environments (VMware, Microsoft). Ensured high availability through Veritas VCS/GCO/Storage Foundation solutions. Designed and planned the Cisco Virtual Office proof-of-concept, focusing on implementation and testing phases.

Managed Express Virtual Office configurations according to Cisco guidelines. Configured dynamic multipoint VPN solutions and conducted troubleshooting efforts. Managed IPv6 access over the internet and utilized IPsec transport mode encryption with NAC.

Environment included PIX firewalls, Cisco GBICs, and Cisco WS-C3548-XL-EN configurations.

Cisco Systems Engineer, Tech Mahindra, Inc., Irvine 06/2004 – 05/2006

Facilitated the build-out and burn-in process of network devices. Executed software upgrades and base configurations for network devices effectively. Installed physical rack-and-stack setups and initiated the installation of networking devices.

Supported end-user transitions across 30 different phases of network implementation. Designed and deployed security firewalls, including ASA and Palo Alto configurations. Supported extensive equipment migrations involving labs and storage solutions. Decommissioned outdated network hardware.

Assisted in coordination efforts regarding re-runs caused by hardware or software complications.

Maintained tape libraries for backup media and organized off-site vault storage for secured data.

Managed adequate supplies for computer rooms and laser printer operations. Exhibited experience with Cisco IOS and CLI for routers and switches. Accumulated knowledge of various Cisco hardware, including Catalyst 650x/450x and various models of Cisco routers.

Environment included PIX firewalls, Cisco GBICs, and Cisco WS-C3548-XL-EN configurations.

Education

BA, Business Administration, West Virginia State University, institute 25112 08/1974 – 05/1977

MS, Computer Science, UC Berkeley, Berkeley California 01/1980 – 03/1982

Skills

Certificates

Novell Certified NetWare Engineer (CNE) 4.X certification Novell

Cisco Certified Network Associate

Cisco

CCNP

Cisco

CCDP

Cisco

VPNs Firewalls NAT Proxy IPSec DMZ Solution Load Balancers Intrusion Detection Systems Intrusion Prevention Systems Public Key Interchange SSL Cisco routers switches VPN devices Active Directory TCP/IP Ethernet DNS DHCP WINS Palo Alto ASA Firepower

Checkpoint firewalls MWG Bluecoat Zscaler proxies Juniper Aruba/HP Arista Dell EIGRP OSPF BGP Nexus F5 LTM Cisco IOS CLI Troubleshooting Support Management CI/CD Python Docker Kubernetes AWS Cloud networking Scaling Migrating Root Cause Analysis Aurora Redshift OpenSearch Distributed systems



Contact this candidate