Livecareer-Resume
JC
Jessica Claire
Montgomery Street, San Francisco, CA 94105 (555) 432-1000, resumesample@example.com
Professional Summary
  • Network & Security Engineer with over 4 years of experience working in large Enterprise scale networks.
  • Involved in design of client's large Enterprise IT infrastructure by implementing Cisco ISE system, including EAP-TLS, Guest Access, BYOD and compliance, to improve corporate network visibility and security in production environments.
  • Implementation and Operational experience in a Large Enterprise Scale Environments with Several Hundreds of Firewalls and Security Gateways
  • Demonstrated abilities in enterprise wide network design, administration and network integration including working with Dynamic Routing such as BGP and OSPF
  • Flexible for On Call Rotation and off hour support especially upgrades & Maintenance on Weekend changes and incidents.
Skills
  • Cisco 7600, 7500, 7200, 3800, 3600, 2800, 2600, 2500, 1800, 1700, 800 series
  • Switches: Nexus 9K/7K/5K/2K; Cisco Catalyst 6500, 4500, 3850, 3560, 3750, 2960
  • IP Routing Protocols: BGP, OSPF, EIGRP, IGRP
  • AAA TACAS RADIUS: ACS 5.5/5.7/5.8, ISE2.4/2.1
  • Firewalls: Cisco ASA 5500, Checkpoint R80 Gaia
  • Switching Technologies: VLAN, VTP, STP, RSTP, MPLS, IEEE 802.1Q, VTP, Inter-VLAN routing
  • Wireless Technology: Cisco 5500, 6500 series controller, Cisco AP, LWAP, Access Points
  • Microsoft Visio, Solar Winds, Kiwi Tools, Splunk, and MS Office applications
  • Capacity planning, Network Security, WAN
  • CLI, Network troubleshooting, Access, Troubleshooting
  • BYOD Program Implementation, Wireshark software
  • Operational Improvement, Regulatory Compliance, Project Organization
Work History
04/2017 to Current Network Security Engineer Apex Systems | Falls Church, VA,
  • Worked extensively on device profiling, authentication and authorization mechanisms using AAA, RADIUS, TACACS+, 802.1x, Posture Compliance Policies, Access and Controls, and Remediation Process.
  • Working as Network Access Controls (NAC) ISE Administrator in planning and designing Clients global network for Network Access Solution across Wireless, SSL-VPN, and Wired Networks.
  • Working on design, implementation and maintenance of Cisco Identity Service to support posture, profilings, and enforce compliance across remote VPN, wireless, and wired networks.
  • Managed and configured Cisco Identity Service Engine (ISE) with 802.1X for corporate users including Wireless BYOD, wired network users, IP phones and printers (requiring Mac Address Bypass (MAB).
  • Worked Extensively on Access Control Policies consisting of VLAN switching through SNMP, applying downloadable ACLs through Cisco ISE, and Configuring Standard and Extended ACLs locally and on upstream switch's for Cisco NAC.
  • Upgraded Cisco ISE consisting of 40 ISE servers North America wide from legacy version 2.1 to 2.4 without affecting business operation.
  • Implemented TACACS+/ RADIUS authentication/authorization on Cisco ISE for central management of all network devices across US.
  • Worked on Enforcement policies for auto-remediation of non-complaint devices and remediating devices that are misconfigured or are missing an 802.1x supplicant.
  • Configuring probes in Cisco ISE to collect device information connected on to company's switches and external Routers.
  • Integrating Cisco ISE with Load balancer (Citrix NetScaler and F5 LTM) to manage traffic between multiple ISE PSN nodes in order to provide AAA services.
  • Assist in deploying and troubleshooting PKI/Certificate based authentications.
  • Issued Digital certificates through PKI system to secure connect for both public web pages and private systems.
  • Planning, designing and Configuration of various Policy Configurations, Profile Authorizations, End device Profiling, User Identities, Cisco ISE and AD mapping with various attributes and levels of authorizations and Network Access.
  • Share knowledge with the team members and different TAC teams in my area of expertise including creation of guides.
  • Working on the design and implementation of the Guest Network environment(Visitor, Employee) and BYOD for NAC solution.
  • Monitoring and alert management of all components related to the ISE NAC solution and providing ongoing maintenance and support of solution components ( patching, upgrades, capacity reviews and lifecycle management).
  • Engaging across other GIS infrastructure domains to address ISE SUPPORT issues (PKI, server, Load Balancer, WAN, Web Acceleration, Security, AnyConnect).
  • Capacity planning and primary coordinator to manage and develop ISE security projects.
  • Gather Engineering Requirements for migrating applications, and create architectural diagrams showing the process flow.
  • Managed company Bring Your Own Device program, onboarding employee devices and verifying absence of inherent security threats.
08/2016 to 03/2017 Network Engineer Walt Disney Co. | Schaumburg, IL,
  • AAA Server) management, User database management, configuring privilege level and command authorizations using TACACS+ protocol.
  • Monitor logs for any unauthorized login, Password management of users, ACS Backup etc.
  • Operated with Network Operations Wireless team to design, configure, management of enterprise wireless hardware, software and management systems using Cisco Access Points, Controllers and Catalyst switches.
  • My responsibility included centralizing on-site management, policies and access point deployment to improve performance and visibility by maintaining 101 Cisco Wireless Controllers for supporting 5000 access points worldwide.
  • Engaged in solving WLAN deploy and design problems on upcoming sites, performing WLAN site surveys using Ekahau tool.
  • Improved and enhanced performance of Wi-Fi coverage using heat-maps and signal strength parameters on Cisco WLC and Cisco Prime.
  • Use Tools such as TUFIN for Firewall Policy optimization and rule base Clean up.
  • POC for checkpoint firewall upgrade from R77 and R80.10 to R80.20 and R80.30.
  • Configuring High Availability using Cluster XL on Checkpoint and monitor the Sync status for stateful replication of traffic between active and standby member.
  • Firewall policy provisioning and administration including addition of object groups, policies and NAT on the firewalls.
  • These firewalls were mostly Cisco and Check Point.
  • Work with B2B IPsec VPN tunnels on checkpoint including updating the crypto ACL/ encryption domain.
  • Troubleshooting user connectivity issues using SmartView tracker, smart log and by executing TCPDUMP, FW Monitor on Checkpoint firewalls.
  • Actively work with users to convert their firewall port opening requests into firewall change requests and process them through the Service Now change management system.
  • Working with OSPF as internal routing protocol and BGP as exterior gateway routing.
  • Work in an enterprise network environment with dynamic routing using OSPF and BGP for external connectivity.
  • Configured Switches with proper spanning tree controls and BGP routing using community and as path prepending attributes.
  • Work with BGP routing protocol for communication with business partners and influence routing decision based on AS Path Prepend and other attributes.
  • Worked with layer 2 switching technology architecture.
  • Implemented L2 and L3 switching functionality, which includes the use of VLANS, STP, VTP and their functions as they relate to networking infrastructure requirements including internal and external treatment, configuration and security.
  • Used internal network monitoring tools such as Solar Winds to ensure network connectivity and Protocol analysis tools to assess network issues causing service disruption.
  • Monitored network capacity and performance, as well as diagnosed and resolved complex network problems.
08/2015 to 07/2016 Cisco Network Engineer Agreeya Solutions | Newark, CA,
  • Managing administration of Router, Switch, IPS, ASA, ISE Server, Network topologies, involving design of network layouts, configuration & maintenance of servers in the different location.
  • Worked as a Network Security Engineer, responsibilities were to maintain, troubleshoot and protect the client environments through firewalls, SIEM, IDS, IPS.
  • Manage Cisco ASA Firewalls using CLI, CSM (Cisco Security Manager).
  • Build and configure Active/Standby Failover on Cisco ASA with stateful replication.
  • Configure and tweak inspection policies on Firewall to allow legacy application traffic.
  • Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation.
  • Configuring and Troubleshooting Site-Site VPN, Remote Access VPN, NAT, Policies comprising class map and policy map, Inspection, Failover issues on the ASA.
  • Support routing protocols including BGP and OSPF routing, HSRP, load balancing/failover configurations, GRE Tunnel Configurations, VRF configuration and support on the routers.
  • Review of Firewall rules, data flows when there is any new requirement or change in existing environment.
  • VLAN implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to avoid loops in the network.
  • Trunking and port channels creation.
  • Performed network troubleshooting, Vulnerability scans, Identity & access management, email protection.
  • Monitor client firewalls and content filter and ensure 100% compliance to network security policies.
  • Analyze threats to the network and give suitable solutions to ensure real-time protection against both internal and external threats.
  • Troubleshooting networking and security related incidents that affect the environments of the customers, in accordance with their priorities and SLAs.
  • Communicated with Cisco TAC and Internet Service Provider over phone or via email to troubleshoot technical problems.
  • Recreated reported issues in lab with customers' configurations and topology.
  • Researched and read up on new and unfamiliar technologies for quick and effective adoption.
Education
Expected in 05/2015 Master of Science | Electrical Engineering University of Missouri - Kansas City, Kansas City, MO GPA:
Certifications
  • Cisco Certified Network Associate (CCNA)

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

Disclaimer

Resumes, and other information uploaded or provided by the user, are considered User Content governed by our Terms & Conditions. As such, it is not owned by us, and it is the user who retains ownership over such content.

How this resume score
could be improved?

Many factors go into creating a strong resume. Here are a few tweaks that could improve the score of this resume:

85Good

resume Strength

  • Length
  • Measurable Results
  • Personalization
  • Target Job

Resume Overview

School Attended

  • University of Missouri - Kansas City

Job Titles Held:

  • Network Security Engineer
  • Network Engineer
  • Cisco Network Engineer

Degrees

  • Master of Science

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

*As seen in: