Manage MasterCard’s internal security policy for all internal and external customers. Manage security policies for MasterCard’s production and development environments. Customers make change requests via WEB based product named GSM. Use Cisco Security Manager to manage Cisco Adaptive Security Appliance. Maintained security policy of ASA’s by using MasterCard’s trouble ticketing system to add firewall rules per MasterCard’s global customer requests via GSM.Use Checkpoint Smart Domain Tracker, FW monitor and or TCPDUMP to troubleshoot and isolate connectivity issues. Write and implement Extended ACL’s on Cisco routers. Use Checkpoint Smart Domain Manager to monitor, modify or create/add rules to the existing security policies. Rules Add/Deletes and changes are performed by following a standard process of checking what is requested with what is allowed based on company’s standard Risk assessment. Following standard procedures to obtain management approvals for rules that require access to tcp/udp ports on the Risk Assessment list. Maintain PCI compliance for all rules. Upgrade IOS to Cisco ASA’s, Cisco Routers and Switches when required.Implement Cisco Identity Services Engine 2.0 (Cisco ISE 2.0) to profile devices connecting to access switches and place each device in a specific VLAN based on the results of the profile.Cisco ISE 2.0 was used to provide a policy based network access control solution. This solution provided the ability to create network access, guest, posture, client provisioning and profiler services. We created a guest, BYOD, printer, wireless, remote, corporate, production, test-environment and an unknown profile. A separate vlan was created for these groups of profiles. This granularity allowed for faster isolation of problems and troubleshooting.

Network Engineer (PART TIME WHILE ATTENDING SCHOOL)Launch a Tech Support business offering tech support, security and overall upkeep and maintenance to small area businesses in the Kansas City urban core Kansas City metro area. Installed and configured routers, wireless access points, switches, Symantec (Norton Internet Security), free anti-virus scan software for various small business and individual customers needing support with their home wireless and security configurations. Client list include: The Spice Man, The Saint Joseph School System (Saint Joseph, Kansas), Pete’s Place and many Small Offices/Home Offices providing tech and security support PROJECTSecurity (install Firewall and Software to scan for virus)Internet setup, Net setup, (Installed Wireless LAN, Cisco Routers and Switches)Internet Security setup (Firewall, Virus Scans, Complete Desktop and Laptop cleanup and defrag)Internet Security Solution, Wireless Solution, Microsoft Exchange Implementation

Certifications and Training Include: Cisco Certified Network Associate Training • A+ Certification • Network+ Certification • Security+ Certification • Blue Coat Director • Blue Coat ProxySG Administrator • Blue Coat ProxySG Troubleshooting.Monitored and managed WAN, LAN and Security in a 7x24 Network Security Operations Center. Process customer’s issues and change management via AT&T’s trouble ticketing system known as AOTS (Remedy). Implemented security changes on CheckPoint Provider-1 (R-55, R-65 & R-70), Network Based Firewall (iPolicy), and Cisco Pix, Cisco Adaptive Security Appliance, and FWSM firewalls. Managed customer’s security policy using JUNOS and SSG series firewalls. Manage DNS for customers. Provided Adds, Changes and Updates to AT&T’s customer inventory database (Vantive). Set up customers and remote users with VPN connections as requested by customer and or remote users. FW monitor and or TCPDUMP was used to troubleshoot and isolate connectivity issues. CISCO Secure ACS with RADIUS and or TACACS was used to remotely connect to customer network to implement changes or troubleshoot problems. I gained ITIL certification while working at Insight Global (AT&T). Familiar with BGP policy based routing. BGP policy based routing was used for routing between Autonomous Systems.

Managed several multi-customer Security Policies using CheckPoint Provider-1 Centralized Management tools. Primary Security Engineer involved in moving Security Policies for the CTE (TEST) environment from the Winston Data Center to SILAS Data Center. Troubleshoot Firewall connectivity issues by using various tools such as TCP Dump, FW Monitor, ping and trace route. SmartView Monitor and SmartView Tracker, SmartView Dashboard were used to monitor and edit policies. Use NSS@WORK ticketing system to solve customers’ firewall change request. Use PICCT change management system to schedule firewall changes. Communicate with customers to schedule a time to test and validate planned changes. Edit and update the security policy to support Connect: Direct (NDM) for transferring files between Wachovia’s Mainframe and various vendors

Network Security Engineer, SPS, Inc. / Contracted to Federal Defense Logistics Agency, Columbus, OH, 2005-2006.Provided classroom training for HP OpenView Select Identity Suite of software at various customer sites. HP OpenView Select Identity Management is a web based application written in java. Used HTML and XML to edit and update data used to create and store web page files. This was a training environment, at each training site I would I would arrive a day before the start of class and set up the servers, switches and routers and set the network up in a corporate and branch office type of environment. Install HP OpenView Select Identity software Oracle 9i database on the server (training environment only) (for production environments Select Identity and the database implemented on separate servers)Supported the Defense Logistics Agency’s Data Center migration from multiple regional datacenters by installing the proper firewall rules, verifying switch (Cisco 6513’s) ports has the proper VLan assignment by logging on to the appropriate switch and changing the port to proper VLAN, as the new systems were migrated into the new U.S. CyberCenters (Core Data Centers) or from test to production environment. Install terminate and test Fiber Optic and cat-6 cable. Provide assistance to NOC personnel in troubleshooting Security issues, installing and configuring F-5 Load balancers, Nokia 1260 Checkpoint Firewalls. Configure and assign VLANS to various ports on the PROLIANT BLADE SWITCHES. Used Sniffer to capture and analyze Data traffic and troubleshoot problems. Installed and configured wireless Access Points for Office personnel and in Data Center for easy access for troubleshooting ProLiant Blade Switches, Routers & 6500 Switches. IP Multicast was used for DLA Briefings and training/e-learning via HP video conference.

Provided Infrastructure and Systems Security to FedEx Corporation and secure access to Customers and partners. Previewed all requests for access to FedEx Corporation and Operating Companies and wrote the actual Checkpoint Firewall rules. Expertise at staging rules on Test Firewalls running the same rules base as the Production environment which resulted in the capability to quickly find and correct incompatibilities prior to pushing new rules to the Production environment.