From: route@monster.com
Sent: Friday,
November 4, 2016 8:52 AM
To: hg@apeironinc.com
Subject: Please
review this candidate for: PaloAlto
This resume has been forwarded to
you at the request of Monster User xapeix03
|
|||||||
|
|||||||
|
|
|
||||||
|
||||||
|
Mary Hartzell Page 5 Mary
Hartzell
9013 Giltinan Court Springfield, Virginia 22153 (h) 703/627-9873 (w) 202/385-2730 Summary: Over the past two and a half years, I have worked
as the Resident Engineer for Arbor Networks at Verizon; it has been an
interesting diversion on my career path as a network engineer, and I have
become proficient at designing, configuring, managing and troubleshooting
Arbor devices during this time. While I have enjoyed the Arbor experience, and
feel that it has contributed to my engineering knowledge, I am interested in
returning to a role as a Senior Network Engineer/Senior Network Security
Engineer; I enjoy the varied products and areas in the Network Engineer role,
and feel as though it is time to return to this type of position. My previous position was as a Senior Network
Engineer working on a project for the Department of Transportation, where I
was part of a team that designed, tested and implemented a highly available
network with two data centers, one local and one remote. After the
completion of the project, I joined the Network Engineering team that
maintains and supports the Department of Transportation network configuration
and infrastructure as a Senior Network Engineer, specializing in Network
Security. I worked in this position for approximately 6 years total. As a member of the design and implementation
team, I was responsible for the design, configuration and installation of two
load-sharing clusters of Check Point Firewalls, R65, on SecurePlatform; in
addition, I configured the Advanced Routing Module on the SecurePlatform Pro
to peer with the neighboring Cisco routers and switches using OSPF and
BGP. I created a security policy for the Check Point Firewalls,
and implemented all rule and policy changes needed to support a series of
server moves for more than 600 servers on the customer’s network, in an IPv4
and IPv6 environment. I worked with Check Point Technical Support to
resolve a number of critical issues that arose from the cutting-edge
implementation, and have continued to support the growth of the network
through modifications and extensions of the firewall cluster policies. In addition, I’ve configured and administered
Cisco PIX and ASA firewalls, Sourcefire IDS/IPS with high-availability
Defense Center management, and managed Cacti for network bandwidth
availability. I’ve also worked with NCM for network configuration
management. I configured and implemented the Check Point
IPS-1 (formerly NFR) IDS/IPS sensors within the network environment, and
helped to integrate the alerts generated from the systems into the Cisco MARS
system and ArcSight Network Monitoring system. I have done the initial
configuration for the IPS-1 Alert Concentrator (formerly NFR Sentivist
Server), and maintained and implemented alert policies, user policies and
management policies for two concentrators. I have recovered the devices
from a catastrophic failure, and was able resume alerting with less than two
minutes of network downtime. I have upgraded the Sensor software, and
the Concentrator software. During the course of the project, I installed and
upgraded two Blue Coat Proxy SG 8100B appliances, and configured the Blue
Coat Web Filter to generate detailed logs for all HTTP use. This year,
I upgraded the 8100s with Blue Coat proxy 9000B appliances, and have
implemented transparent WCCP redirection for all traffic through the proxies.
I have built, configured and implemented a Red Hat Linux server running the
BlueCoat Reporter application (with an enterprise license), and have produced
daily, weekly and monthly reports on the userbase of approximately 12,000
individuals. I designed and configured the Blue Coat Proxies to use WCCP with
the adjacent switch for highly available web filtering services, and have
modified the load-balancing configuration within the WCCP switch
configuration. In addition, I have configured the ruleset and developed
the web pages to act as web coaching pages for the BlueCoat deployment. I implemented the OSPF and BGP configurations on
the Cisco routers and switches that are adjacent to the firewall clusters,
and performed troubleshooting for changes that were made to this portion of
the routing configurations. I worked with the network support staff resident
at the client agency to troubleshoot network and security issues by
performing and examining router and switch configurations, logs, packet
captures, traceroutes and other diagnostics, and made the changes
necessitated by any issues that arose from the gradual move to the new
network infrastructure. I configured the Cisco MARS appliances to pull
system data and logs from the Blue Coat appliances and the Check Point
firewalls. I worked with Check Point support to design and program custom
alerting for the Check Point IPS-1 Concentrators and Check Point firewall
clusters and management servers into the Cisco MARS devices to augment the
network monitoring capabilities of the MARS system. I manage the MARS
devices on an ongoing basis, performing all system upgrades, rebuilds, and
most reporting from the system. I built two blackhole DNS/honeypot servers on
Linux OS machines, and did all the configuration of the IPTABLES and HONEYD
applications to drop and log all identified malicious traffic. I wrote the detailed design and as-built
documentation for the Check Point firewalls, the NFR/Check Point IPS-1 IPS
devices, and the Blue Coat proxy devices. In the last year, I was the lead engineer for the
Sourcefire IDS/IPS project; we have implemented six of the total 32 sensors
and 2 Defense Centers configured with high-availability. I procured vendor quotes and worked with the
procurement team to obtain needed support contracts and hardware. In addition, I worked on configuring and
deploying the Fidelis XPS system with a ComandPost+ with proxy, direct and
mail sensors; this project involved designing the network placement,
upgrading the code, configuring the alerts, the alerts storage, NTP and all
other network functionality. In addition, I designed a set of scheduled
reports of interest to the security community at DOT. Security
Resident Engineer at Verizon, November 2011 - present Experience:
Arbor Networks, 76 Blanchard Road, Burlington, MA 01803
Provided support for Tier I ISP peering, DDOS and lab deployments at customer
site.
Performed upgrades, code reversions, hardware failure analysis, and
documentation of these procedures.
Identified and investigated issues in the various deployments, including all
seven production deployments and two lab environments.
Worked with the Operations, Network Architect and Certification Engineering
teams; in addition, I worked with the Arbor ATAC, Arbor engineering and Arbor
Sales teams to provide quick resolution for problems, and foster a
partnership between Verizon and Arbor for development and testing purposes.
Analyzed attack data and provided mitigation recommendations to the Verizon
DDOS team.
Provided support for reporting and data analysis to the Verizon peering
deployment engineers.
Supported beta testing of Arbor products in the test lab and the
certification lab; worked on documentation of issues.
Security
Senior Network Engineer, September 2009 – September 2011 Experience:
Team ActioNet , Department of Transportation, Office of the Chief
Information Officer
Provided support for enterprise network for approximately 8,000 users located
across the USA. Provided support for the Department of Transportation
enterprise network infrastructure comprised of various Cisco router and
switch models, Check Point firewalls and IDS sensors, Blue Coat Proxy/Web
Content filters, Juniper and Cisco VPN concentrators, Cisco Adaptive Security
Appliances (ASAs), Cisco Firewall Service Modules (FWSMs), Cisco PIX
firewalls, Cisco Intrusion Detection System Modules (IDSMs), Cisco Aironet
wireless access points (WAPs), Cisco Wireless Service Modules (WiSMs), Cisco
Wireless Location Appliances, and Cisco Universal Gateways (for remote
dial-in access). Provide support for multiple VLANs and routing
protocols EIGRP, OSPF, and BGP over ethernet (10/100/1000/10Gig) LAN/CAN, and
frame relay/ATM/MPLS WANs. Provided support for CAN wireless network
(802.11 a/b/g/). Provided network/security management using CiscoWorks,
Cisco Security Manager (CSM), Check Point Eventia, IPS-1 Manager, Check Point
SmartDashboard, Cisco MARS (Cisco Security Monitoring, Analysis, and Response
System), Cisco ACS (Access Control System), Check Point SmartConsole, Blue
Coat Reporter, Cisco WCS (Wireless Control System), Cisco ADSM (Adaptive
Security Device Manager), Crannog Netflow, HP Openview, and Netcordia NetMRI.
Provided network incident management and support for DOT Security Group, in
conjunction with the FAA CSMC (Cyber-Security Management Center) and US
CERT. Co-ordinated information gathering, network security monitoring,
post-mortem documentation for DOT cyber-security incidents.
Assisted team members in providing Tier III network operational
support, as well as in the development and execution of network engineering
projects. Developed and produced management reports on network
activity. Key member of task forces related to system security.
Performed as lead engineer for following security implementation areas: · Fidelis XPS deployment · BlueCoat Web Coaching configuration and implementation · BlueCoat Blackhole implementation · BlueCoat Web Content Filter policy configuration and implementation · BlueCoat SG Proxy configuration and implementation · BlueCoat Reporter · Check Point IPS-1 (formerly NFR) sensor and server configuration and
maintenance · Check Point firewall and management server deployment and maintenance · Cisco FWSM/IDSM configuration and
maintenance
Security
Senior Network Engineer, August 2007 – August 2009 Experience:
Bowhead Information Technology Services, Department of Transportation,
Office of the Chief Information Officer
Provided support for enterprise network for approximately 8,000 users located
across the USA. Provided support for the Department of Transportation
enterprise network infrastructure comprised of various Cisco router and
switch models, Check Point firewalls and IDS sensors, Blue Coat Proxy/Web
Content filters, Juniper and Cisco VPN concentrators, Cisco Adaptive Security
Appliances (ASAs), Cisco Firewall Service Modules (FWSMs), Cisco PIX
firewalls, Cisco Intrusion Detection System Modules (IDSMs), Cisco Aironet
wireless access points (WAPs), Cisco Wireless Service Modules (WiSMs), Cisco
Wireless Location Appliances, and Cisco Universal Gateways (for remote
dial-in access). Provide support for multiple VLANs and routing
protocols EIGRP, OSPF, and BGP over ethernet (10/100/1000/10Gig) LAN/CAN, and
frame relay/ATM/MPLS WANs. Provided support for CAN wireless network
(802.11 a/b/g/). Provided network/security management using CiscoWorks,
Cisco Security Manager (CSM), Check Point Eventia, IPS-1 Manager, Check Point
SmartDashboard, Cisco MARS (Cisco Security Monitoring, Analysis, and Response
System), Cisco ACS (Access Control System), Check Point SmartConsole, Blue
Coat Reporter, Cisco WCS (Wireless Control System), Cisco ADSM (Adaptive
Security Device Manager), Crannog Netflow, HP Openview, and Netcordia NetMRI.
Provided network incident management and support for DOT Security Group, in
conjunction with the FAA CSMC (Cyber-Security Management Center) and US
CERT. Co-ordinated information gathering, network security monitoring,
post-mortem documentation for DOT cyber-security incidents.
Assisted team members in providing Tier III network operational
support, as well as in the development and execution of network engineering
projects. Developed and produced management reports on network
activity. Key member of task forces related to system security.
Performed as lead engineer for following security implementation areas: · BlueCoat Web Content Filter policy configuration and implementation · BlueCoat SG Proxy configuration and implementation · BlueCoat Reporter · Check Point IPS-1 (formerly NFR) sensor and server configuration and
maintenance · Check Point firewall and management server deployment and maintenance · Cisco FWSM/IDSM configuration and maintenance
Senior Network Engineer / Network Security Engineer, Sept 2006 – August 2007
Techguard Security, St. Louis, MO Designed and implemented (as part of a team) a
new network with two data centers and a complete failover configuration for a
large government client. Configured and implemented two Checkpoint
firewall clusters of two firewall modules each, version NGX r65, IPv6 on
SecurePlatform appliances, with high availability dual Windows management
servers. Implemented OSPF and BGP dynamic routing on both clusters.
Configured redundant BlueCoat 8000 series proxy appliances, using WCCP from
Cisco switches to redirect HTTP traffic to BlueCoat devices.
Implemented Blue Coat Web Content filtering through policy on Blue Coat
proxies. Configured Cisco MARS to monitor and aggregate log and system
information from Check Point firewalls and Blue Coat proxy appliances.
Assisted in the configuration and implementation of NFR ES1000 and ES2000
(now Check Point IPS-1 devices) in new network. Wrote documentation on
configurations and implementation for project network and security design
documentation for U.S. government client. Successfully resolved all
firewall issues resulting from move of over 500 servers from legacy network
to two new data facilities and new network topology.
Senior Technical Security Consultant/Project Manager, Nov 2004 – Nov 2005
Zero Penetration Systems, Alexandria VA Served as senior network and network security
consultant for project involving the network design and implementation of a
large private biometric access control network, integrated with a secured
home/business computer network, including remote and wireless access.
Designed the RS485 and Ethernet networks needed to support a 43 biometric
device network with a single management station, 32 remote video units, and a
secured Internet gateway with Checkpoint NG firewall and Cisco router,
including edge device specifications, router and switch specifications and
wiring specifications. Implemented network such that overall response
time was minimized so that management software worked optimally.
Designed web communications security package with Blue Coat Proxy appliance
and Checkpoint InterSpect IPS device for secured access. Also served as project manager for overall
project, including managing deliverables from 3 of the separate companies
that comprised the overall project team, delivering status reports to client
liaison, developing RFQs for vendors and job quotes for project team,
evaluated various software/hardware offerings for inclusion with future
projects. Provided 24-7 technical computer and network
support for project team members.
Senior Product Engineer III, Checkpoint, April
1999 – August 2002
UUNET/MCI/WorldCom, Ashburn VA Served as senior escalation engineer for
all managed and non-managed firewall issues related to Checkpoint on five
different OS/platforms; provided support for firewall software and OS
software. Provided senior on-call assistance to over 80 junior
engineers on firewall software configuration, hardware, and networking issues
for over 900 managed customers. Conducted onsite visit to major
customer in Germany for complete VPN security configuration with redundancy
for fail over. Lead instructor for Checkpoint NG training for
over 80 engineers, lead instructor for Provider One training, and lead
instructor for Nokia Security Appliance training. Developed most
training materials for all training sessions. Lab tested Netscreen and Rainwall/PIX products
for UUNET consideration for managed product solution. Acted as liaison with in-house development team
for creation of custom security tools. Provided technical expertise for
Worldcom evaluation of security product vendors. Provided technical
interface with firewall vendor regarding future development path of firewall
software and beta testing results of current firewall versions before
official release. Certifications:
Checkpoint Certified Software Instructor (CCSI), v4.1 and NG
Checkpoint Certified Security Expert (CCSE), NG
Nokia Security Administrator (NSA)
Cisco Certified Network Associate (CCNA), expired Clearance:
Public Trust, 2006
Top Secret (in process) Consulting
Statistical Consultant and Trainer,
December 1992 – March 1999 Experience:
QQQ Software, Arlington VA Designed introductory and intermediate level
courses in the use of TPL Tables software, a statistical cross tabulation
program. Conducted courses for and acted as consultant to National
Academy of Sciences, Bureau of Labor Statistics, and the National Center for
Health Statistics. Developed training materials and conducted two week
training course in Ankara, Turkey for the Turkish Government. Consultant, 1998 -
1999 AMTRAK, National Marketing Group, Washington, DC Completed and presented to senior executive
committee revenue forecasting model for AMTRAK National Marketing Research.
Published monthly revenue and competition analysis for rail, bus and airline
industries. Produced mapping of revenue and rider ship statistics using
MapInfo and SPSS software for cost analysis decision model. Wrote text
describing the results of the analysis for a non-technical audience.
Produced descriptive statistics, and incorporated charts, graphs, tables and
text into the report. Presented cost-analysis to National
Marketing Group. Consultant, 1997 -
1998 KPMG Peat Marwick, Washington, DC Developed workflow model of postal employee
efficiency for United States Postal Service, identifying criteria for
measuring employee job efficiency using employee level data, and developing
work level standards against which all postal employees associated with
delivery were to be measured. Research
Associate, April 1996 - April 1997 National
Research Council, Office of Scientific & Engineering Personnel,
Washington, DC Prepared
statistical analyses of Ph.D. data, using SAS and TPL Tables, for various
publications. Developed statistical testing methodologies for use by
other staff members. Researched and prepared written discussions of
analytical topics in graduate education for publication by NRC and National
Science Foundation staff. Completed econometric analysis of degree and type
of differing career outcomes for men and women in science and engineering
fields. Wrote SAS programs to generate output for analysis, worked with
staff to develop method for making consistent comparisons between men and
women across fields in the sciences and engineering from a longitudinal data
file. Wrote text describing the results of the analysis for a
non-technical audience. Produced descriptive statistics, and
incorporated charts, graphs, tables and text into the report. Consultant,
November 1994 - April 1996 Logistics Management Institute, McLean VA Designed and implemented study of economic impact
of border crossing fee on northern border region and southern border
region. Produced forecast of long-term employment and regional
gross domestic product effects of fee. Designed model for estimating
short term and long term effects on land border crossings, and costs and
revenues of fee program. Designed model for analyzing the financial and
operational implications of different ownership options for GSA owned and
operated district steam organization. Constructed model of system
efficiency and unit fuel input costs, and estimated changes for additional
seasonal load, and changes in operational protocols. Examined the feasibility of increasing the
Variable Housing Allowance component of military members’ housing allowance
to allow for market absorption of excess housing demand by military personnel
for housing project issued by the Department of Defense. Constructed database for benchmarking project of
Department of Energy Nuclear Management site in Ohio. Produced cost
estimates for disaggregated categories of landlord and project management
costs. Designed model for budget estimates for nuclear decontamination
sites for DOE use in 10 pilot studies of overhead cost control mechanisms. Econometric and Statistical Consultant, November 1994 - November 1995 Center for Health Policy Studies, Columbia MD Designed econometric model for estimating direct
and indirect cost components across different provider types for similar
procedure types. Director of Micro- and Macroeconomic Modeling, September 1991 - June 1994 Consultant for SCSC, Inc., Alexandria VA
(Contract with HCFA) Chief econometrician on project for modeling and
simulating the health care sector of the economy. Responsible for
evaluating the macroeconomic simulation model currently in use, recommending
and implementing changes to the model, constructing the sector specific model
of the consumption and production of health care which is to be linked to the
macro model for the purposes of long run policy evaluation. Additionally
responsible for developing statistical matching and imputation methods to be
used in the production of a health care specific database, and for
programming and interpreting statistical analyses of this database. Education:
Master of Arts, Economics, December 1985 University of Maryland, College Park MD Bachelor
of Arts, May 1982 Hood
College, Frederick MD Overall
GPA 3.97/4.00 Major
fields:
Economics GPA 4.00/4.00
Financial Management GPA 4.00/4.00 Academic
Assistant Professor of Economics, Fall 1987 - 1994 Experience:
Department of Business and Economics, Mount Saint Mary's College, Emmitsburg
MD Responsible
for all aspects of course preparation for four classes per semester, including
Econometrics, International Finance, International Trade, Intermediate
Microeconomic theory, Business Statistics, Principles of Macroeconomics and
Principles of Microeconomics. Advise approximately 40 students per semester
on course selection, career planning and graduate studies, and serve on
various academic committees, including the Academic Council and the Core
Curriculum Committee. Developed core curriculum course integrating
western economic history, basic economic principles and western philosophical
development as relating to the evolution of the social sciences. Instructor in Economics, Fall 1985 - Spring 1987 Department of Economics and Management, Hood
College, Frederick MD Responsible for all aspects of course preparation
for four classes per semester in the Economics and Business disciplines. Computer
Econometric and Statistical Software Expertise:
• SAS, SPSS, TPL Tables, TSP
OS/Appliance Platforms
• SPLAT, Linux, Solaris, Windows, IPSO GIS/Mapping Software • Mapinfo Programming and Scripting Languages • FORTRAN, Basic, Pascal, COBOL, C and C++, Perl,
C, Korn shell, Visual Basic References:
Available upon request. |
|
|
||||||||
|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Languages: |
Languages |
Proficiency Level |
|
English |
Beginner |
|
|
|