Security Engineer (Contractor At Master Card)
Manage MasterCard’s internal security policy for all internal and external customers. Manage security policies for MasterCard’s production and development environments. Customers make change requests via WEB based product named GSM. Use Cisco Security Manager to manage Cisco Adaptive Security Appliance. Maintained security policy of ASA’s by using MasterCard’s trouble ticketing system to add firewall rules per MasterCard’s global customer requests via GSM.Use Checkpoint Smart Domain Tracker, FW monitor and or TCPDUMP to troubleshoot and isolate connectivity issues. Write and implement Extended ACL’s on Cisco routers. Use Checkpoint Smart Domain Manager to monitor, modify or create/add rules to the existing security policies. Rules Add/Deletes and changes are performed by following a standard process of checking what is requested with what is allowed based on company’s standard Risk assessment. Following standard procedures to obtain management approvals for rules that require access to tcp/udp ports on the Risk Assessment list. Maintain PCI compliance for all rules. Upgrade IOS to Cisco ASA’s, Cisco Routers and Switches when required.Implement Cisco Identity Services Engine 2.0 (Cisco ISE 2.0) to profile devices connecting to access switches and place each device in a specific VLAN based on the results of the profile.Cisco ISE 2.0 was used to provide a policy based network access control solution. This solution provided the ability to create network access, guest, posture, client provisioning and profiler services. We created a guest, BYOD, printer, wireless, remote, corporate, production, test-environment and an unknown profile. A separate vlan was created for these groups of profiles. This granularity allowed for faster isolation of problems and troubleshooting.