Brad Fowler Email & Phone Number

San Jose, California, United States

• Designed, deployed, and provided administration for:
• Delinea – Secret Server with distributed server capabilities for remote password expiration, changing, and check out.
• RSA Netwitness – On premises SIEM services
• Vulnerability management program with Tenable.io and Nessus Professional
• Reverse proxy with WAF (Web Application Firewall) with certificate based multi-factor authenticationImplemented two factor authentication and SSO with Okta for
• RDP on domain joined and non-domain joined Windows servers

Little Rock, Arkansas Area

Network Engineering and life-cycle management of Check Point R77.20, R80.10, R80.20, and R80.30 firewalls and Cisco ASAs running FirePOWER services.

Little Rock, Arkansas Area

• Network Security Engineering: Network Director over Firewall Engineering (staff of seven), Proxy Engineering (staff of two), and Network Security Firewall Remediation (staff of eight) responsible for upgrades.
• Initiated major migration for core firewall and IPS consolidation reducing infrastructure bringing costs down, increasing stability with Juniper SRX 5800, Juniper IDP (Intrusion Detection and Prevention), SkyATP.
• Initiated and led program for Proxy Normalization which rearchitected proxy operations for request automation, regular distributed exception review, audit visibility, and consistently applied policy across the.
• Migrated off premises web controls to utilize cloud proxy services with Symantec ThreatPulse for approximately 30k users
• Migrated 12k users off of Cisco CWS/ScanSafe cloud proxy services to Symantec ThreatPulse cloud proxy services
• Engineered and deployed new user proxy environment to support SSL inspection via Symantec/Blue Coat SSL-V 3800B appliances serving 24k users

• Network Security Engineering: Senior Manager with responsibility over Firewall Engineering (staff of six), Proxy Engineering (staff of three), and Network Security Engineering (staff of three) teams responsible for.
• Created Network Security Firewall Remediation team to perform security remediation of firewall policies to align with improved standards and corporate/regulatory compliance utilizing Tufin and/or Firemon
• Implemented firewall and proxy life-cycle management program which tracked EOL hardware and EOS software inventory and their planned upgrades and new hardware platform migrations utilizing Lanooka Security Suiteo Check.
• Performed Proof of Concept testing for strategic user proxy architecture change via cloud services and vendor selection (Cisco Umbrella, Symantec ThreatPulse, ZScaler)
• Participated in Merger and Acquisition activities to transition network security infrastructure to FIS standards, architecture, and management

• Network Security Engineering & Operations: Manager with staff of twelve whose staff was responsible for business as usual requests, troubleshooting, project management, and life-cycle for approximately 650 firewalls.
• Operations & Engineering manager over staff with experience in Check Point Nokia IP appliances, Juniper SRX, and Cisco ASA/FWSM/PIX firewalls
• Increased operational effectiveness by creating documentation repository which optimized escalation and on call processes
• Enhanced feedback between IT staff and requesters via departmental SharePoint site which educated users on processes and SLA timelines and a quality assurance survey which triggered after operational implementations

• Network Security Engineering & Operations: Responsible for special projects that involved firewalls and proxies.
• Acted as team lead for a year in absence of direct manager before transitioning into that role
• Executed proof of concept for increased operational effectiveness and increased security profile utilizing Tufin
• Migrated security governance and oversight tool from Tufin to Firemon on VSX
• Developed method to analyze and remediate liberal firewall rules via Perl scripts and relational database designed to receive and parse log data into unique flows (source, destination, port) organized by order of.
• Architected new corporate WPAD (Web Proxy Auto Detect) proxy solution with ProxySG 9000-30 which replaced existing EOL ProxySG 8000 using Transparent Proxy/WCCP (Web Cache Control Protocol)

• Internet Utilities and Engineering: Operationally managed the firewall and proxy infrastructure.
• Replaced old Internet Crossbeam X40 NG FP3 firewalls with full mesh Crossbeam X80’s and 10 gigabit 8600 series blades running Check Point to NGX R65
• Designed and deployed a new PCI environment which consisted of six more chassis of Crossbeam X80's, two prod environments with internal VPN in different locations and one development environment
• Designed and deployed Alltel's Blue Coat proxy solution on SG8000 with geographic failover utilizing web proxy auto-detection (WPAD)
• Implemented Zenoss monitoring for SNMP poll and trap with trending and capacity alerting

• Information Security Architecture: Security architecture role with emphasis on networking technologies which included oversight & governance, audit, and policy creation.
• Reviewed and completely refreshed the information security policies for networking
• Coordinated all security penetration testing for Little Rock and Chicago data centersNetwork Architecture: Network services architecture role with responsibility for designing and implementing the Internet.
• Developed and implemented a new design for all architecture that connects FIS to the Internet which includes: o Internet facing DMZ firewalls - Check Point NG FP3 on Nokiao Employee Blue Coat Proxy cluster - Blue Coat.
• Redesigned the proxy strategy with Blue Coat and WPAD in order to provide self-disaster recovery across three data centers and integration into current authentication standards by utilizing Active Directory.

• Internet Technologies Group: Managed primarily Unix and Windows NT server architecture in the Internet DMZ for Alltel Wireless which consisted of approximately 300 eCommerce, internal, and development servers.
• Unix system administration utilizing Sun Solaris 6/7/8/9 running on Sun Sparc Enterprise servers (E450, E250)
• Managed server load balancing with F5 BigIP and Cisco 11000 CSS content switches
• Implemented High Availability / Load Balanced Firewall architecture with Check Point Firewall-1 using Cisco 11000 Load Balancing appliances content switches
• Implemented Corporate Proxies with Cacheflow appliances that served as proxy chaining hub for local office Squid based caching proxy servers running on Linux
• Implemented LDAP (Netscape’s Lightweight Directory Access Protocol) for corporate authentication