About
Highly accomplished Senior Network Security Engineer with over 15 years of experience across diverse sectors including manufacturing, healthcare, and insurance. Expert in architecting and implementing robust zero-trust network access (ZTNA) and micro-segmentation solutions, significantly reducing attack surfaces and enhancing organizational security posture. Proven leader in leveraging automation (Terraform, Ansible) and CI/CD practices to streamline network infrastructure deployments and fortify defenses against advanced cyber threats.
Work
Cleveland Clinic
|Network Security Engineer - Contract
Cleveland, OH, US
→
Summary
Led advanced network security initiatives and automation projects for a major healthcare institution, enhancing infrastructure resilience and compliance against evolving cyber threats.
Highlights
Resolved complex performance bottlenecks and system outages across critical security devices and network equipment, optimizing uptime and operational efficiency.
Spearheaded the deployment of Cisco Secure Workload (CSW) to establish Zero Trust Network Access (ZTNA), micro-segmenting applications and configuring precise rulesets for Cisco FTD and Check Point firewalls, reducing attack surface.
Automated the deployment of Cisco Secure Workload (CSW) agents across server environments, enhancing security visibility and operational efficiency through scripting.
Developed and maintained Infrastructure-as-Code (IaC) pipelines using Terraform for automated provisioning and configuration of network devices, improving deployment speed and consistency.
Integrated CI/CD frameworks and Agile methodologies for script development and CSW agent deployments, accelerating feature delivery and improving code quality.
Allstate Insurance Company
|Network Engineer
Northbrook, IL, US
→
Summary
Contributed to network infrastructure and security enhancements for a leading insurance provider, focusing on application dependency mapping, vulnerability management, and automation.
Highlights
Consulted with SMEs to analyze Application Dependency Mapping (ADM) reports, translating complex application requirements into precise firewall rulesets for mission-critical systems.
Mitigated critical security vulnerabilities (CVEs) by applying timely patches, updating firewall rulesets, and managing Cisco Secure Workload (CSW) agents, strengthening infrastructure defense.
Streamlined CSW agent deployments by migrating from legacy package building to automated installations via Ansible and the CSW agent console, significantly improving deployment efficiency.
Automated ACI contract updates using Ansible and Terraform, eliminating manual 'cut and paste' methods via APICs and improving configuration accuracy and deployment speed.
Collected and analyzed critical device metrics (memory, utilization) from ACI network equipment across primary and secondary data centers, integrating data into Tableau and Datadog for enhanced reporting.
Cummins
|Network Engineer - Contract
Columbus, IN, US
→
Summary
Managed and secured diverse network infrastructures for a global manufacturing leader, encompassing headquarters, data centers, and specialized industrial environments.
Highlights
Provided comprehensive network infrastructure support for Cummins Power Systems across headquarters, data centers, manufacturing sites, warehouses, and product labs, ensuring operational continuity.
Engineered and implemented robust network segmentation via firewalls, isolating production, manufacturing, and testing networks from the enterprise, effectively securing non-compliant SCADA, HVAC, and EHS devices.
Designed and deployed dedicated network infrastructure for cybersecurity product testing labs, supporting both blue and red teams in developing and validating advanced security solutions.
Managed and coordinated external vendors for voice, data cabling, security, and access control systems, ensuring seamless integration with facilities networks and project timelines.
Authored comprehensive Standard Operating Procedures (SOPs) and departmental documentation, standardizing operations and enhancing cross-functional communication and support efficiency.
McGough
|Network Engineer
St. Paul, MN, US
→
Summary
Managed comprehensive network infrastructure for a construction and real estate firm, overseeing data center operations, security migrations, and critical network services.
Highlights
Managed the end-to-end network infrastructure across McGough's headquarters, warehouses, regional offices, field sites, and data centers, ensuring reliable connectivity for all operations.
Successfully virtualized and migrated on-premise data center environments to regional redundant data centers, enhancing disaster recovery capabilities and business continuity.
Led the migration of Checkpoint security appliances to Cisco ASA Firepower and Cisco AnyConnect, modernizing security infrastructure and improving threat defense capabilities.
Maintained and monitored a diverse array of network equipment, including routers, switches, firewalls, WLAN controllers, APs, and voice systems, ensuring optimal network performance and security.
Pearson Vue
|Network Engineer - Contract
Bloomington, MN, US
→
Summary
Managed perimeter and internal network security for a global assessment company, focusing on firewall management, intrusion prevention, and secure remote access.
Highlights
Managed robust perimeter security using Checkpoint Provider-1, Cisco ASA firewalls, and Cisco FWSMs, ensuring comprehensive external threat protection.
Configured and managed critical network security components including firewalls, IPS, proxy services, web filtering, DLP, and secure remote access, safeguarding sensitive data and network integrity.
Optum
|Network Engineer - Contract
Eden Prairie, MN, US
→
Summary
Executed critical firewall migration projects for a leading healthcare services company, standardizing security infrastructure across acquired entities.
Highlights
Successfully migrated multiple legacy firewalls (Juniper, SonicWall, Checkpoint) from acquired entities to standardized Cisco ASA firewalls, streamlining security operations and compliance.
General Dynamics Mission Systems
|Network Engineer Lead
Fairfax, VA, US
→
Summary
Led network infrastructure support and data center migration initiatives for a defense contractor, ensuring high availability and security across diverse operational environments.
Highlights
Provided lead support for critical network infrastructure across diverse business unit facilities, including data centers, offices, labs, and manufacturing sites, ensuring robust operational continuity.
Directed the virtualization and migration of on-site data centers to geographically dispersed regional colocation facilities, enhancing redundancy and disaster recovery capabilities across the US.
Maintained and continuously monitored a comprehensive suite of network equipment, including routers, switches, firewalls, WLAN controllers, and wireless APs, ensuring peak performance and security.
Managed critical network infrastructure components including Nagios, Infoblox, F5 Big IP LTM, Cisco ACE, Cisco WLAN, RSA SecureID 7, and Cisco ASA firewalls, optimizing network performance and security.
Education
University of Massachusetts, Lowell
Bachelor of Science
Information Technology
Skills
Network Security & Architecture
Cisco Firepower, Checkpoint, Cisco Secure Workload (Tetration), Cisco ASA, Intrusion Protection System (IPS), DNS Protection, Zero Trust Network Access (ZTNA), Micro-segmentation, Vulnerability Management (CVEs), Web Filtering, Data Loss Prevention (DLP), RSA SecureID, Firemon, IBM Proventia, Google Security Operations, Cisco Security Cloud Control, Cisco Secure Access, Cisco Identity Services Engine, Network Segmentation, Perimeter Security.
Network Infrastructure & Hardware
Cisco Networking, Cisco Nexus 7010, Cisco Nexus 9606, Cisco 9840 WLAN controllers, Cisco Catalyst 4510R-E, Cisco Catalyst 4506/4510, Cisco Catalyst 3850, Cisco Catalyst 9300, Cisco 3900 ISR, Cisco 4000 ISR, Cisco 5520 WLAN Controllers, Cisco 3700 APs, Cisco 3800 APs, Cisco IE3000, Cisco 3560, Cisco Prime, Cisco ISE, Cisco WLAN, Cisco ACE, Cisco 7600 switches, Cisco 4500 switches, Juniper SRX 240H, Juniper SRX 650, Cisco 5580, Cisco 5540, Cisco 5520 ASA, Cisco 4240, Cisco 4255 IPS, Cisco Application Centric Infrastructure (ACI), Software Defined Wide Area Network (SD-WAN), Vipetela SDWAN, CradlePoint LTE routers, Data Center Operations, Virtualization.
Automation & Orchestration
Ansible, Terraform, CI/CD, Process Automation, Python, Bash Scripting, PowerShell, Infrastructure-as-Code (IaC), Agile Methodologies, REST API, Ansible Automation Platform (AWX).
Monitoring, Management & Tools
ServiceNow, Logic Monitor, Infoblox, Nagios, Kaseya, Tableau, Datadog, IPControl IPAM, CMDB, Vendor Management, Project Management, SOP Development.
Operating Systems & Platforms
RedHat Linux, Windows Server, OpenShift.
Industrial & Medical IoT Security
IoT, MloT, SCADA, HVAC, Environmental Health and Safety (EHS), Premise Security Systems, Security Cameras, Digital Signage.