From: route@monster.com
Sent: Friday,
November 4, 2016 8:52 AM
To: hg@apeironinc.com
Subject: Please
review this candidate for: PaloAlto
This resume has been forwarded to
you at the request of Monster User xapeix03
|
|||||||
|
|||||||
|
|
|
||||||
|
||||||
|
Michael Krieg Cell 602-748-5958 MichaelDKrieg@gmail.com Points of
Interest: CISSP DOD Policy 8570.1 (Certified Information Systems Security
Professional), GIAC GPEN (Penetration Tester/Ethical Hacker), CCNP (Cisco
Certified Network Professional), CCSP (Cisco Certified Security
Professional), ITIL V3 Foundation, CCNA Voice, Top Secret eligible,
B.A. in Information Technology/Management. Work
History: Cybersecurity
Consultant, Health Organization (January 2015 – present) Provided
architectural, engineering, analytic services, staff support modeling, and
mapping services Projects: Algosec -
vendor engagement, scoping requirements, purchase, testing. Cisco ISE -
vendor engagement, scoping requirements, network diagramming, internal lab
setup and liaison with medical entities. Mandiant – SME
support to facilitate penetration testing based on scope ePO –
Deployment testing for DLP, HIPS, FRP(EEFF) VPM –
Vulnerability identification and reduction methods. Security
framework assistance (NIST based) and input. SecureLink –
Migration to virtual environment. Azure –
analysis of network capacity and ramifications of cloud based services Remote/Overseas
Traveler solution planning for high-profile personnel. Audit Support
– process/procedure documentation / internal resource engagement / data
collection / item closure 1) WPA remediation
(Wireless) 2) FTP remediation (File
Transfer) 3) VPN remediation
(Private Networking) 4) PCI remediation
(Payment Card Industry) Software/Hardware/Technologies
used: McAfee Web Gateway / SecureLink Cylance / Carbon Black / DDPE /
MDE7 Switches / Routers / Firewalls
(Fortigate / Cisco) Cisco Security Manager / Fortinet
Manager Remedy / Algosec / ePO (DLP,
HIPS, Agent) Sr.
Security Architect, AVP, Western Alliance Bank (June 2013 – January 2015) Primary
responsibilities included, but were not limited to, architecture,
implementation of technologies, and analysis of current and future
environment security landscape. Direction for security aspects of
infrastructure migration. Audit finding review and action plans to remediate.
Charged with providing input on all IT security matters pertaining to
business operations. Software/Hardware/Technologies
used: Switches / Routers Syslog, Microsoft Suite, PGP Cisco Access Control Server
(ACS), Routing Protocols Palo Alto, Cisco ASA, Checkpoint CCSVM, Manage Engine, Solarwinds
Orion. NOC Analyst
(Tier 3), Phacil, Dept. Homeland Security (March 2013 – June 2013) Primary
responsibilities include, but not are limited to mentoring less experienced
analysts. Interfacing directly with the government and escalating issues as
necessary. Designing, Testing, and implementing network technologies. Manage
projects, troubleshoot difficult technical issues. Create policy and
procedure within the NOC. Attend conference calls for awareness and problem
resolution assistance. Software/Hardware/Technologies
used: Bluecoat Packet shapers Switches / Routers / Firewalls CiscoWorks, Remedy / Syslog,
Microsoft Suite Cisco Access Control Server
(ACS), Routing Protocols Juniper NetScreen, Enterasys,
NAC, MAB ITT Exelis
TAC-SWACAA Kuwait (February 2009 – March 2013) WAN
Security Engineer, Southwest Asia Cyber Center (SWACC), Theater Network
Operations Service Center (TNOSC) Primary
responsibilities include, but are not exclusively limited to operate and
maintain Bluecoat proxy servers for the theater Configure, Engineer,
Implement, and Maintain DMZ (Demilitarized Zone) on Cisco ASA on an
enterprise level network. Create, Implement, and Troubleshoot VPN connection
point to point and mesh via routers and ASA. Modify service policy and
inspection maps as necessary. Troubleshoot and verify BGP connectivity to
DISA. Create and Implement NAT policy, directly allow authorized traffic
in/out of theater firewalls for various services based on DISA Security
Technical Implementation Guides (STIG) and Follow Ports, Protocols, and
Services Management (PPSM) for compliance. Provide direct input on policies
regarding hardening the theater assets for deny all permit by exception
(DAPE) posture. Perform troubleshooting and coordination with remote entities
for service restoration and/or modification. All work was performed at or for
Qatar, Bahrain, Kuwait, Iraq, Afghanistan, and Saudi Arabia enterprise
network in support of U.S. Army. Software/Hardware/Technologies
used: Bluecoat Proxy Switches / Routers / Firewalls Cisco Network Compliance Manager Remedy / Syslog / Solarwinds
Orion Microsoft Suite Cisco Access Control Server (ACS) Routing Protocols, VOIP Positions
held within the company: Network
Operations Manager/Engineer, Earth Terminal Complex Provide
encrypted network pathways via dynamic VPN tunnels running primarily OSPF to
external tactical military units in various world locations and bridging them
via BGP to DISA (Defense Information Systems Agency). Configure ASA using
ASDM/CSM. Configure trunks, route patterns, VoIP phones using CCM.
Troubleshoot routing, VoIP, switching issues. Also bring up and tear down
satellite units as mission requirements dictate. Manage personnel to include
vacations, staffing, interviewing, training, etc… Camp Arifjan
Network Lead, 228th Signal Company Supervised
work section as Network Lead for layer 2 infrastructure of military
compound. Perform installation, maintenance, and configuration of
myriad Cisco switches in an enterprise network. Fielded trouble tickets on a
daily basis to ensure network services, Install, Configure and Maintain VOIP
infrastructure. Monitor, respond, and restore network connectivity across
compound. Work under austere conditions. Support United States Army
classified and unclassified networks at Camp Arifjan, Kuwait. Software/Hardware/Technologies
utilized: CiscoWorks, CSM/ASDM, Cisco ASA, Nagios, Cisco Call Manager,
Cisco ACS, Active Directory, Rancid, Remedy, Cirrus, and Putty. TACLANE
(KG-175(x)), Linux, SNMPc, DHCP, Routing protocols (RIP, EIGRP, BGP, OSPF).
Cisco MARS, Citrix Wan Scaler. Wells
Fargo, Network Engineer/Analyst (2008 – 2009) Facilitate
network configuration changes daily for entire Wells Fargo network to include
firewalls, switches, and routers. Types of configurations are MPLS
implementation, ISDN, Frame Relay, BGP, port settings etc… Escalate changes
that did not perform desired result to implementation engineer. Execute in
house swap of blades, supervisor modules in data centers. Contact personnel
(TipNRing, Diebold, Verizon, Qwest, HP, On-Site security) at remote sites to
perform networking hardware upgrades and replacements. Work remedy tickets
for outages following procedures and adhering to SLA’s. Work as a team to
resolve issues and/or assist fellow engineers. Bank of
America, Systems Engineer/Network Desktop/Hardware Technician (2005 – 2008) Responsibilities
(2007 – 2008) Provide 3rd
Level IT support to Countrywide/Balboa Insurance Group campuses. Maintain
Remedy ticket system for assessing and prioritizing requests. Provide support
to end users, to include Image/Ghost Desktops/Laptops, Troubleshoot
scripts/logs of applications to determine cause of issue. Asset track
equipment. Liaison with Unisys for printer hardware issues. Address out of
scope issues and make contact with entities required to complete requests.
Complete required training programs and courses. Troubleshoot hardware
equipment and perform swaps and ordering of equipment for installation/repair
on HP products. Troubleshoot software/OS. Troubleshoot and devise solutions
for external groups that need assistance (I.E. Systems Architecture, Systems
Integration, Remote Server Support, Remote Wireless Support, etc…) Responsibilities
(2005 – 2007) Travel to
remote locations (3 weeks out of the month) across the Continental United
States installing HP Printers, Servers, Desktops, Complete re-mount of all
networking equipment into new Rittal cabinet (Switches, Servers, Routers, KVM
Switches). Perform Hardware Refresh including data backup, bios
updates/settings, new O/S installations, imaging of PC’s/Laptops/Servers,
install Memory, Spare drives for RAID arrays, update firmware, Install UPS
with powerchute. Complete administrative paperwork for each site completed
utilizing Remedy and Pocket Pc/Symbol for inventory control/digital imaging. Software
utilized: Windows Office Suite, Remedy, ActiveSync (Asset Tracking),
Windows XP, Windows Vista, Windows 98, Windows 2000, Windows Server 2003,
Pretty Good Privacy (PGP), Visio 2003, Adobe Acrobat Professional 8, Snagit
8, Aspect Direct Producer, Adobe Elements, Citrix Web Client, Lotus Notes 7,
Sametime Client, McAfee Antivirus, Sygate Protection Agent, Remote Desktop,
SMS Hardware
utilized: Blackberry, Proliant Servers, HP Desktops, HP Printers, Lexmark
Printers, Cisco Switches, Cisco Routers, HP Scanners, KVM Switches (multiple
servers/pc’s managed through one monitor/keyboard/mouse suite), and PDA
Symbol Scanner Technologies
utilized: VPN, SMS, DNS, WINS, Active Directory, WiFi CableOne,
Solutions Specialist Level I (February 2005 – October 2005) Provide first
line of customer support to allow resolution of Internet and email issues.
Provide solutions based on information and allowed scope of support. Access
tools required to ascertain the nature of the issue and interpret the
information accordingly. Remedy is used to log tickets. Worked with
Windows 95 through Windows XP operating systems. Utilized Microsoft Office
Suite products. Performed as a team representative. Responsibilities were
drafting focus for the week, basic principle submissions, and various other
administrative/managerial functions. Successfully perform blind
troubleshooting day in/out over the telephone. MCI/WorldCom,
WAN Engineer (2001 – 2002) Monitor
multiple vBNS+ (Very High Performance Backbone Network Services) circuits for
the NMCI (Navy Marine Corps Intranet) SLA (Service License Agreements) for
end to end connectivity for the California region, Hawaii, as well as provide
back up monitoring support for the Norfolk, VA region area of responsibility
if needed. Maintain logs of latency for SLA’s as well as BGP (Border
Gateway Protocol) connectivity for various links and to contact appropriate
personnel in the event either system does not meet required standards for
escalation purposes. Enter trouble tickets into Remedy system. Complete
monthly training programs as required by MCI. Possessed Secret
clearance. Systems Integrated, Systems/Network Engineer, San Diego,
CA (2000 – 2001)
During employment at Systems
Integrated, have installed, maintained, designed, and configured network
systems for waste, hydroelectric, and power entities such as (SDG&E,
Suffolk County Water Authority, County of Onondaga, US Army Corps of
Engineers, City of Stockton, etc. ). Have utilized a multitude of
Cisco switches and routers. Maintained and configured multiple
frame-relay links. Implemented multi-port serial devices (Port Server) for
use in controlling multiple devices at once. Provide valuable input on
proposed project designs for network, software, and hardware issues. Responsible
for the specification and verified operation of equipment for projects.
Provide customer support for network projects. Travel 6+ weeks per
year. Maintain Windows NT, Exchange 5.5, VPN, IIS, Linux, and UNIX
servers. Maintained 1,500$ monthly budget. Adapted daily to changing
requirements and exercised flexibility when needed. Worked daily
without supervision on various tasks and projects. Responsible for all
matters pertaining to all projects when network equipment and design was
concerned. Project process would entail following the specification, creating
the network diagram, purchasing equipment, configuring and testing equipment,
installing at destination location and appropriate training. Project Highlights: Installed hydroelectric network
control system to operate all dams along the Missouri River
(Ft. Peck, Oahe, Big Bend, Garrison, Ft. Randall, Gavins Point...) Installed
network control system for Onondaga County, Syracuse, NY. Installed and
configured routers and servers into the main locations for the waste plant
(Oak Orchard, etc.) Multiple FRADs (Frame Relay Access Devices) installed
into various pump stations throughout the county. Worked with Verizon to
complete the installation and testing of said devices. Also, trained county
employees on network control system. Including various aspects such as,
programming the router (including frame relay configuration), monitoring the
network, troubleshooting equipment, networking basics, etc… United
States Marine Corps, Network Engineer, Network Administration (1990 - 2000) Throughout
distinguished military career of 10 years, have planned and maintained
remote networks in various regions of the Continental United States and
abroad. Worked with and operated cryptographic gear to secure and
operate unclassified and classified networks while possessing a Secret military
clearance. Maintained and
supervised multiple Microsoft NT servers, including services such as: DNS, DHCP,
WINS, SNMP, TCP/IP, RAS, AND IIS. Provided support for Battalion sized
unit (1300) users, to include computer software, hardware, and network
installation involving Microsoft Windows NT Servers and Banyan Vines Servers,
Windows 3.1 – Windows NT 4.0 Workstation. Maintained,
installed, and operated routers utilizing BGP4, EIGRP, IGRP, RIP, and OSPF
routing protocols. Also familiar with Variable Length Sub-net Masking
(VLSM). Utilized Cisco 2500, 4000, and 7000 series routers. Coordinated with
the Defense Information Systems Agency (DISA) to connect to tier 0 routers to
provide network connectivity worldwide. Familiarity with Sniffer Pro, HP
Openview, Visio 2K software. Supervised, counseled and trained platoon
(30-60) sized unit of Marines. Maintained and accounted for over
$700,000 worth of assets. Served as lead
instructor for 5 week training course covering network engineering and
implementation in a field environment. Successfully trained multiple
Marines in course. Budgeted and purchased data equipment for upgrading of
company with a $50,000 budget. Effected Y2K upgrade for over 300
non-compliant computers. Completed fiber optic upgrade and planning for
backbone infrastructure replacing antiquated thick-net. Exposed to firewalls.
Have a good understanding of the implementation. Worked with database
applications: Lotus and Microsoft, Trained on HP/Solaris Unix systems for
basic administration and network configuration of operating platforms. Abilities: Quick
acquisition of highly technical material. Able to work well with
diverse group of individuals. Team player or
Leader depending on the situation. Superb stress management. CERTIFICATIONS ·
HP
Area Self Maintainer (ASM) Certified, Hewlett Packard, Cert Date 2/9/2008 ·
GPEN
Certified Pen Tester – GIAC – Cert Date 9/9/2016 ·
Certified
Information Systems Security Professional (CISSP) #396728 – ISC2 , Cert Date
5/19/2011 ·
Cisco
Certified Security Professional (CCSP) #CSCO10064520 – Cisco, Cert Date
1/4/2011 ·
Cisco
Certified Network Professional (CCNP) #CSCO10064520 – Cisco, Cert Date
5/20/2008 ·
Cisco
Certified Network Associate Voice #CSCO10064520 – Cisco, Cert Date 10/25/2009 ·
COMPTIA
Network+ #COMP001007233000 – CompTIA – Cert Date 5/06/2009 ·
COMPTIA
Security+ #COMP001007233000 – CompTIA – Cert Date 5/20/2009 ·
Information
Technology Infrastructure Library (ITIL) v3 Foundation - #4309644 – EXIN –
Cert Date 9/15/2011 EDUCATION ·
Glendale
Community College, AZ , Associates degree in Computer Information Systems (2004)
·
Ottawa
University, AZ, Bachelor’s dual-degree in Information Technology/Management. (2006) |
|
|
||||||||
|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|