Uploaded File
Kevin
904-229-9216
1194 Dawn Creek Court
Jacksonville, FL 32218
Senior Security Engineer
23 years experience W2
1
Recommendation
Average rating
670
Profile views
Summary

Accomplished and highly analytical professional, with more than 25 years of progressive experience and expertise in all facets of network and systems infrastructure management; complemented with solid leadership, management, and communication aptitudes. Technically inclined; equipped with up-to-date knowledge of computer systems and applications to develop effective programs designed to optimize operpational efficiencies. Accustomed to working with professionals of diverse backgrounds within fast-paced and challenging environments, to ensure the timely and accurate completion of corporate goals.

Areas of expertise:

  • Network and Systems Infrastructure
  • Continuous Process Improvement
  • Information Technology
  • Risk Management and Mitigation
  • Project Development and Execution
  • Regulatory Compliance
  • Strategic Planning and Execution
  • Interpersonal Relationship Management

Technical Acumen

Hardware:

HP ProLiant DL 380, HP StorageWorks Autoloader 1/8 G2, Cisco Catalyst 3750,2960, 2900 switches, Cisco 804, 837, 857, 1750, 1840, 2821, 3640, 3660, 3825 routers, Cisco PIX 515, ASA 5520, ASA 5505 firewalls.

Software:

Microsoft Windows 2000, XP, Vista, 2007, Windows NT 4.0 Server, 2000 Server, 2003 Server, 2008 Server, Window Software Update Service (WSUS), Microsoft Exchange 5.5 and Exchange 2003 with Outlook Web Access (OWA), Microsoft SQL Server 2005, Astaro Security Linux, AIX 5.3.2, Symantec Ghost, Symantec Antivirus Corporate Edition, Symantec Backup Exec, and Sophos Antivirus.

Protocols:

TCP/IP, DNS, DHCP, FTP/TFTP, Telnet, SSH, NTP, ISDN (BRI), ISDN (PRI), T1 Serial PPP, PAP, CHAP, Metro-Ethernet, RIP, OSPF, EIGRP, BGP, VTP, LEAP/WEP/WPA, SIP, 802.11a/b/g, ISL/DOT1Q

Experience
Senior Infrastructure Security Engineer
Banking/Financial
Mar 2018 - May 2019
Jacksonville, FL
  • Responsible for the daily operation of Forcepoint (formerly WebSense) Proxy Appliances and servers at 7 locations: Jacksonville, Richmond, Houston, San Francisco, Kansas City, Sharon, Minnesota, etc.
  • Rotated an appliance configured as an E-mail Security Gateway (ESG) to a Web Security Gateway (WSG) after a WSG hardware failure.
  • Upgraded the memory for all Forcepoint model 5000 WSGs to support the upgrade to version 8.5.
  • Upgraded the Forcepoint platform from version 8.2, 8.3 to version 8.5 for both web filtering and Data Loss Prevention (DLP).
  • Worked general daily support tickets, responsible for break/fix scenarios.
  • Migrated the web proxy services from Forcepoint to Bluecoat. Bluecoat was then configured to send DLP data back to Forcepoint appliances using ICAP.
  • Mapped the company network using Microsoft Visio.
  • Support for QRadar, Secret Server, AD Manager, Sailpoint applications.
Blue Coat Cisco Infrastructure Security SAN Security Engineer Sailpoint Project Management
Remove Skill
Network Infrastructure Manager
Manufacturing
Apr 2017 - Mar 2018
Saint Augustine, FL
  • Responsible for the daily operation of 18 locations in the US, UK, Switzerland and China.
  • Worked general daily support tickets, responsible for break/fix scenarios involving 5 routers and 3 firewall incidents.
  • Mapped the company network using Microsoft Visio.
  • Performed research and a POC for an IACS network addition with network segmentation and Cisco Industrial Ethernet switches.
  • Discovered several single points of failure across the network and made recommendations to make all subnets redundant.
  • Implemented new HA Active-Active pairs of Palo Alto firewalls at several locations with MFA for Remote Access VPN due to ITAR compliance.
  • Segmented all networks into 1 logical, easy to follow schema supporting route summarization.
  • Made recommendations for FIPS 140-2 compliant syslog service, Remote Access VPN service, as well as infrastructure management with Cisco ISE.
Cisco Firewall MS Visio Project Management Routers Switches VPN Network Infrastructure Compliance
Remove Skill
Senior Security Engineer
Information Technology
Jul 2014 - Jan 2017
Jacksonville, FL
  • Worked daily break-fix tickets.
  • Created a remote access VPN with Active Directory authentication for iPads.
  • Transferred a remote access VPN to an ASA5540 for primary connection and ASA5520 for secondary connection with Cisco AnyConnect. AnyConnect clients authenticated with certificates from an internal CA server, and Active Directory. Also adjusted internal routing for MPLS networks and ‘hair pining’ for remote LAN-to-LAN subnets.
  • Converted load balanced virtual servers on an F5 to a Citrix NetScaler. The vast majority of the Internet translates were attached to a content switch to conserve IP addresses.
    • Moved SSL VPN connection from a development NetScaler to an HA production pair.
    • Produced a project plan to allow an application access to a company’s internal network through a VPN tunnel for the purpose of unlocking user accounts and resetting passwords.
  • Created load-balance virtual server on a Citrix NetScaler.
  • Created SSO junctions with IBM WebSEAL.
  • Created several highly detailed Visio network diagrams for customers.
  • Came up with a plan to upgrade several hundred Cisco ASA 5500’s in a production environment.
  • Created several Python and Perl scripts in conjunction with SecureCRT to:
    • Collect firewall configurations for import to a MySQL database.
    • Automate the upload of newer ASA/ASDM binary files to over 200 firewalls.
    • Verify MD5 checksums of uploaded files and automate the change of the boot image in the configuration.
    • Covert ASA configurations to version 9.1(6).
    • Parse SecureCRT session files for specific data then open sessions ad hoc to verify passwords.
    • Automate the removal of decommissioned servers.
  • Created a few PHP pages to show developer’s their IP Address, their hostname, and if certain TCP ports were in use on their laptops. This was to help the developer’s troubleshoot their issues before contacting enginner’s in Application Delivery.
PHP Python SQL MS Active Directory VPN TOAD Perl Security Engineer WSAD Cisco Cisco ASA Firewall VLAN Netscaler Perl Scripts MySQL Citrix SSL IPsec Blue Coat HA MPLS Project Management
Remove Skill
References
Average Rating

1 recommendation
Senior IT Infrastructure Designer and Administrator
Utilities/Energy
Jan 2014 - Jul 2014
  • Fulfill diverse tasks including the relocation of a wired L3 connection from a router to a switch before trunking the data to a firewall sub-interface along with the relocation of servers from a DMZ with the City of Gainesville to the one at Gainesville Regional Utility.
  • Take charge of creating secondary VPN tunnels alongside business partners, as well as in setting up the mechanism to route traffic down a primary tunnel and use the secondary tunnel as default.
  • Lead the transition of six dynamic LAN-to-LAN VPN connections from Cisco ASA 5505's to a Cisco VPN Concentrator to a primary and secondary Cisco ASA5520s.
  • Find the most efficient ways to transition the network from IPv4 to IPv6.
  • Create VBA script to automate the development of HTML-based 'change request' tickets.
  • Configure the Cisco ASAs to verify with Cisco Identity Services Engine (ISE).
Cisco Cisco ASA Firewall LAN Routers Trunking VPN
Remove Skill
Network Engineer / Administrator
Information Technology
Oct 2013 - Dec 2013
  • Set up three LAN-to-LAN VPNs and three remote access definitions with LDAP for employees.
  • Leveraged technical expertise in converting all of network objects, network object groups, and access lists for inbound, outbound, DMZ, and VPN traffic created with Cisco ASDM.
  • Directed VMware servers in vSphere such as taking snapshots and cloning servers.
  • Optimized knowledge of traffic flows, VLAN placement, and routing by mapping out the entire network with Microsoft Visio 2013.
  • Keenly managed the relocation of remote network to Nashville, Tennessee, connecting to the central site with a LAN-to-LAN VPN on ASA5505.
  • Installed of a new Catalyst 3750-X with HSRP redundancy at a remote disaster recovery (DR) site.
  • Maintained Windows Active Directory accounts, Exchange 2012, and VMware ESX servers.
  • Configured Adtran, HP, Juniper switches, and Cisco.
Cisco Disaster Recovery Juniper LAN MS Active Directory Network Engineer Switches VMWare VPN vSphere Windows HSRP LDAP VLAN
Remove Skill
Senior Networking Engineer - Infrastructure and Security Team
Information Technology
Dec 2010 - Oct 2013
  • Displayed top-rated skills in creating, troubleshooting, and fixing issues on Cisco Nexus 7000 and 5000 series switches concerning virtual device contexts (VDCs), Virtual Route Forwarders (VRF), virtual port-channels (vPC), Overlay Transport Virtualization (OTV), and Fabric Extenders (FEX).
  • Rebuilt main distribution frame (MDF) data center and the fourth floor IDF.
  • Prevented cabinet flooding with numerous connections by spreading all servers between cabinets.
  • Held responsibility on the daily infrastructure and security operations; as well as on all aspects of F5 load balancers.
  • Succeeded in the rework of firewall access control entries (ACEs) in Salt Lake City and Jacksonville on Cisco ASA5585/5520, SonicWall E5500, and a Checkpoint 4600.
  • Offered services such as Cisco IronPort Web Security Appliance, RSA Security Server, VMware ESX servers, SAN, and SQL Server 2008.
  • Exemplified expertise in installing, wiring, and configuring NetApp 6248 SAN; along with the transfer of data from a failed installation of SolarWinds Orion to a working environment.
  • Maintained and renovated the SolarWinds modules which included NPM, NCM, SAM, IPAM, NTA, VNQM, and IVIM.
  • Performed various tests in a separate environment including the following:
  • Gathering multiple Catalyst 2960’s and constructed a procedure of clustering the switches for Salt Lake staff, allowing connections to the cluster be in the same port-channel.
  • Linking F5 Load Balancer to the Catalyst 2960 cluster with a port-channel; as well as utilized F5 in configuring both sides to trunk multiple VLANs, resulting to increased throughput, redundancy, and connection to several more network segments than normally been allowed to.
  • Closely analyzing the other Spanning Tree versions after upgrading core to a virtual switching system (VSS) to remove migrate spanning tree (MST).
  • Proposed configuration changes in the Salt Lake equipment for network improvement, including the following:
  • Swap out of HSRP for GLBP in utilizing all routers in the group.
  • Removal of the option to inject static routes into EIGRP.
  • Installation of numerous defaults routes on the core to ensure that the secondary route would take over once the first route failed.
SQL VMWare TOAD SQL Server SOAP Cisco Clustering Data Center EIGRP Firewall LAN Virtualization SolarWinds Switches Routers Network Engineer Infrastructure Security NetApp SAN HSRP IPAM
Remove Skill
Network Administrator / Engineer
Information Technology
Jul 1998 - Sep 2010
  • Converted a failing LAN/WAN infrastructure to a business class network.
  • Supported the prevention of unauthorized access to the network and protection against DHCP spoofing and STP/VTP protection through MAC address security on switch interfaces.
  • Implemented Cisco ASA 5520 firewalls for packet filtering with inbound, outbound, and DMZ ACLs VPN remote access with Cisco client and LAN-to-LAN access with remote and external agencies and NAT overload for internal workstations and static translates for server hosts.
  • Decreased vulnerabilities on the company's Internet router and firewall by upholding all Cisco SMARTnet contracts and Cisco IOS versions.
  • Oversaw Microsoft Windows, Microsoft Office, and Symantec licensing.
  • Functioned as the IT project manager on a public housing construction site, working closely with the construction manager, electrical contractor, wiring vendor, and IT staff for a local hospital regarding Cat5 and coax installation.
ACSLS Cisco Cisco ASA DHCP Firewall Network Administration Routers VPN WAN LAN Network Engineer Windows NAT
Remove Skill
Edit Skills
Non-cloudteam Skill
Education
Attended in Electrical Engineering
Northern Illinois University
Related Courses
Cisco Training— Implementing Cisco Data Center Unified Fabric (DCUFI v4.0),
Nuclear Field A-School—Electricians Mate,
United States Navy Avionics Electronics Technician,
Certifications
Certified Ethical Hacker (CEH)
Cisco Certified Network Professional (CCNP)
Skills
Cisco
2019
18
Firewall
2018
18
VPN
2018
17
Cisco ASA
2017
15
LAN
2014
15
Network Engineer
2013
15
Routers
2018
15
ACSLS
2010
12
DHCP
2010
12
NAT
2010
12
Network Administration
2010
12
WAN
2010
12
Windows
2013
12
SQL
2017
6
TOAD
2017
6
Project Management
2019
5
Blue Coat
2019
4
Security Engineer
2019
4
Citrix
2017
3
HA
2017
3
HSRP
2013
3
Infrastructure Security
2019
3
IPAM
2013
3
IPsec
2017
3
MPLS
2017
3
MS Active Directory
2017
3
MySQL
2017
3
NetApp
2013
3
Netscaler
2017
3
Perl
2017
3
Perl Scripts
2017
3
PHP
2017
3
Python
2017
3
SAN
2019
3
SSL
2017
3
Switches
2018
3
VLAN
2017
3
VMWare
2013
3
WSAD
2017
3
Clustering
2013
2
Data Center
2013
2
EIGRP
2013
2
SOAP
2013
2
SolarWinds
2013
2
SQL Server
2013
2
Virtualization
2013
2
Compliance
2018
1
MS Visio
2018
1
Network Infrastructure
2018
1
Sailpoint
2019
1
837
0
1
AIX
2010
1
BGP
0
1
Database Backups
0
1
Database Design
0
1
Disaster Recovery
2013
1
DNS
2010
1
FTP
0
1
Juniper
2013
1
LDAP
2013
1
Linux
0
1
Microsoft Exchange
0
1
OSPF
0
1
Risk Management
0
1
SecurID
2013
1
Software Asset Management
2013
1
SSH
0
1
TCP/IP
0
1
Trunking
2014
1
vSphere
2013
1