Key Responsibilities:

Cybersecurity Operations

• Conducting detailed and repeatable execution of all security operational tasks as described in the Cyber Security Operations Center processes, procedures, and playbook.
• Conducting comprehensive security assessments and vulnerability scans to identify and mitigate security threats in various applications.
• Implementing robust security measures, including secure coding practices, application firewalls, and timely security patches to guard against vulnerabilities such as SQL injection, XSS, and CSRF.
• Collaborating with development teams to embed security protocols within the SDLC, ensuring early-stage security considerations and contributing to a reduced incidence of security breaches.
• Playing a key role in enhancing the security posture of the organization's applications through proactive defense strategies and continuous security improvements.
• Contributing to the development and implementation of security policies, procedures, and guidelines to enhance the overall security posture of the organization.
• Acting as a subject matter expert on AlgoSec FireFlow and providing training to team members on ticket management and rule analysis processes.
• Performing Security Reviews for On-prem, AWS, and Azure firewall requests in the Service Catalog.
• Assisting in user acceptance testing of Cloudflow capabilities with existing AlgoSec ASMS for AWS (SGs), Azure (NSGs), and On-prem.
• Collaborating with network and system administrators to analyze network security requirements, identify vulnerabilities, and design/implement appropriate security measures.
• Conducting regular security assessments (for both Software and Firewall requests reviews) to identify and address weaknesses and ensure compliance with Baker Hughes standards.
• Developing and maintaining firewall rule sets for Palo Alto and Cisco ASA FWs.
• Assessing newly commissioned firewalls or migrated FW rules (Cisco to Palo Alto) before transferring them to operations (TTO).
• Providing guidance and support to cross-functional teams on security best practices, ensuring adherence to regulatory standards and compliance requirements.
• Actively participating in security audits, assessments, and compliance reviews, addressing any identified gaps and recommending remediation measures.

Highlights:

• Cybersecurity Technologies: Firewall (Palo Alto, Cisco ASA), IDS/IPS, VPN, SIEM, DLP, WAF
• AlgoSec FireFlow: Ticket management, rule analysis, change management, compliance auditing
• AlgoSec Cloudflow: UAT, mapping, TSQ, and analysis
• Compliance Management: Utilizing Archer RSA to manage compliance activities, including risk assessment, policy management, incident management, and reporting.
• Vulnerability Management: Reviewing penetration testing reports, conducting vulnerability scanning, and managing remediation.
• Incident Response: Handling incidents, conducting investigations, performing root cause analysis, and managing recovery.
• Compliance: Ensuring adherence to HIPAA, GDPR, NIST, ISO 27001 standards.

Key Responsibilities:

Key Responsibilities:

Firewall and Security Operations:

• Gained strong hands-on experience in implementing firewall remediation, cleanup, port openings, and hardware refresh of Next-Gen Palo Alto Firewall series PA-200, 500, 800, 3000, 5000, and 7000 under Panorama M-600, managing over 1000 firewalls.
• Spearheaded security protocols for a global SaaS platform, executing comprehensive assessments and deploying countermeasures for vulnerabilities like SQL injection, XSS, and CSRF.
• Formulated and enforced security policies for on-premises applications, encompassing patch management, secure coding, and strict access controls, alongside managing application firewalls for enhanced defense.
• Led a security overhaul for a vital financial application, ensuring SDLC integration of security practices, compliance with PCI-DSS standards, and strengthening of application defenses through code reviews and penetration testing.

Managed security devices such as:

• NAC (Aruba Clearpass-CPPM)
• IPS (Sourcefire)
• DNS (F5 GTMs and OpenDNS-SaaS)
• Proxy (Bluecoat Symantec-VPM)
• Endpoint (Pulse Secure VPN)
• Threat Prevention and Response (RSA NetWitness and Sidewinder)
• Worked with AlgoSec Firewall Analyzer and FireFlow.
• Utilized monitoring/configuration tools such as Solarwinds, Voyence, Grafana, and Splunk.
• Employed Service-Now for incident-related tasks and firewall registrations.
• Managed Secure Network Connections Solution (Database) for secured firewall connections.
• Performed security, compliance, and risk assessments on each firewall policy for lifecycle management of the firewalls as part of the Incident Response team.
• Practiced Agile and SAFe methodologies and processes.
• Led and provided direction and guidance to more junior associates.

Backlog Role:

• Part of the Extranet Team.
• Attended DSUs and PI Planning Sessions, using ADO (Azure DevOps) as the Kanban board to monitor work intake, create features, and update user stories.
• Deployed ION (Internet Optimized Network) in different egress points/locations to optimize internet and office traffic, provide VPN gateway services, and optimize application hosting. This involved commissioning Palo Alto firewalls from start to finish, including creating variable templates for local firewalls to be onboarded to Panorama, as well as testing and configuring decryption and GlobalProtect for VPN users.
• Collaborated with network engineers or architects to test, implement changes, and enhance moderately complex or medium-scale network projects.
• Worked closely with customers on technical requirements to provide technical solutions.
• Performed troubleshooting on Palo Alto firewalls for different networks of business units, including servers, routers, switches, and firewalls under different routing protocols such as EIGRP and BGP.
• Analyzed packet captures in Palo Alto firewalls to resolve issues related to information flow and content.
• Performed urgent complex network changes and implementations.

Key Responsibilities:

• Planned and configured deployment, upgrade, and replacement of all network and security devices.
• Monitored, investigated, and responded to security alerts from SIEM/log management and various security controls/tools such as Firewall, secure email gateway, endpoint security, WAF, IDS/IPS, and DLP.
• Led projects to execute the implementation of a corporate vulnerability management program and maintained a system of continuous remediation of vulnerabilities within compliance deadlines.
• Analyzed potential intrusions on the network using various tools such as Fortinet and Tenable's Security Center to differentiate between intrusions and false positives.
• Configured and managed the Meraki MX100s and MX64s (Security & SD-WAN) devices deployed at HQ and each branch nationwide.
• Performed log management of corporate and client-facing systems, ensuring log source health, monitoring abnormal log activity, conducting investigations, and managing the ESXi appliances.
• Managed and monitored VMs through vCenter.
• Managed AD using ADManager Plus and provisioned users simultaneously in AD and Office 365 using User Management and Bulk User Modification features.
• Maintained Wireless Networks and the IP-PBX System.
• Configured, maintained, and managed the RSA Security Console along with the distribution of hard and soft tokens.
• Administered or programmed ID cards for Biostar Server.
• Investigated and controlled security alerts.
• Coordinated with ISPs regarding down circuits and applied new circuits with different ISPs.
• Performed configuration and maintenance of routers, switches, servers, and firewalls in the Data Centers.
• Analyzed network utilization, up-time, and downtime of circuits.
• Assisted in troubleshooting VPN Connection issues and concerns regarding desktops, laptops, and printers at HQ and branches.
• Provided support, investigated, documented, and performed investigations of incidents that occurred in branches.
• Documented the network diagram and information of the internet lines.
• Maintained proper grooming of network cables in the Data Centers.

Key Responsibilities:

• Implemented LAN/WAN solutions.
• Performed router and firewall activations for new and existing networks.
• Configured and troubleshot Fortigate UTM.
• Made configuration changes in PE and managed CE routers (e.g., QoS, route targets, IPsec Tunnels, routing) and managed firewalls (e.g., policies, NAT/DNAT, VRRP/HSRP, routing).
• Managed different circuit types such as Ethernet (Layer 2 VPLS and MPLS network), T1/E1/DS3/OC3/OC12, Fixed Wireless (DIA), and Broadband (SD-WAN).
• Conducted tests (e.g., BERT loopback test and RFC Testing) and troubleshooting of T1, E1, DS3, OC3, OC12, and high-capacity Ethernet circuits.
• Managed Alcatel (Nokia) routers, Cisco routers and switches, Fortinet Firewalls, Silver Peak SD-WAN devices, and Overture and Adva packet shapers.
• Provided analysis and troubleshooting for various technical issues (e.g., network issues, degraded performance, outages), ensuring first touch resolution within SLA.

Key Responsibilities:

• Served as the technical lead for key project implementations.
• Assessed existing customer systems and provided recommendations for improvement.
• Led or assisted in the development of technical as-built design projects.
• Performed pre-staging, user acceptance testing, and hardware acceptance testing for various devices, including:
• Firewalls (Palo Alto, F5, Fortinet, Check Point)
• SIEM (LogRhythm, ArcSight)
• NAC (ForeScout)
• AP (Ruckus, Cisco)
• Switches (Cisco, Ruckus, Aruba, Allied Telesis)
• Routers (Cisco)
• Performed troubleshooting, isolated problems, and restored customer services.
• Conducted POC demonstrations for network security devices.
• Worked with L2 security on Fortigate Firewalls, F5 Firewalls and Load Balancers, and Juniper Firewalls.

Training and Seminars:

• Backtoback Network & Cablink Workshop, FUJITSU Philippines.
• Check Point Bootcamp, FUJITSU Philippines.
• Check Point Sandblast Training Workshop, FUJITSU Philippines.
• Check Point Software Blades Technical Training, FUJITSU Philippines.
• Forescout Technical Training, FUJITSU Philippines.

Key Responsibilities:

• Configured GRPS and EPC networks, including IP configuration for Deep Packet Inspection, APN configuration, IP pool expansion, license loading, link modification/expansion, RNC/BSC/Enode-B rehoming, URL blocking on Nominum ThreatAvert, and definition of A/NAPTR/SRV records on DNS.
• Configured Cisco Nexus routers, establishing BGP peers on Huawei routers between the ECI fiber switch network and configuring OSPF routing on top of GRPS and EPC network configurations.
• Configured Cisco and Huawei switches between GPRS and EPC networks.
• Configured and maintained F5 BIG-IP solutions (Firewall, Load Balancer, and DRA).
• Performed log checking on SIEM Splunk and data monitoring on Netscout.
• Conducted hardware, site, and user-acceptance testing of packet core elements.
• Performed corrective and preventive maintenance in response to customer complaints, alarms, and abnormal network behavior through reactive and proactive monitoring of network outages.

Training and Seminars:

• Telco 101, Smart Communications Inc.
• IP Fundamentals, Smart Communications Inc.
• Packet Core Overview, Smart Communications Inc.
• Huawei GGSN Service Awareness Training, Smart Communications Inc.
• Huawei MME Pool Training, Smart Communications Inc.
• Ericsson Elite Core AAA Training, Smart Communications Inc.
• Cisco UCS Training, Smart Communications Inc.
• Cell Broadcast System Training, Smart Communications Inc.
• Nominum Vantio Threat Avert & Cache Serve, Smart Communications Inc.
• Network Functions Virtualization Cloud Training, Smart Communications Inc.
• RH Series Rack Servers Deployment & Management Training, Smart Communications Inc.

• CISCO Networking Academy Courses, Mapua Institute of Technology.