|Email:||davearkle (at) expertfriend (dot) com [email concealed]|
|Location:||Nashville, Tennessee, United States|
dave (at) expertfriend (dot) com [email concealed]
I am seeking a position as a Network Security Manager or Engineer, with an emphasis on firewalls, VPN, secure network solutions, and standards compliance, including PCI, HIPAA, SOX, etc.
Sr. Consulting Engineer
HCA, Inc., Nashville, TN·
2006 - Present
Team lead for Network Perimeter in large enterprise (over 200,000 employees)·
Checkpoint Firewall / Provider-1 / Nokia Horizon Manager
-IPSEC VPN-Standards compliance (SOX, HIPAA, PCI, etc.·
-Cisco ASA firewalls, including CSM management and ACS access control
Provide technical consulting for network security issues, as well as perform operational work with network perimeter devices, including Checkpoint FW-1 /
Provider-1, Cisco ASA firewalls managed by CSM, Nokia Edge devices, etc. I am currently working to learn Cisco switching and routing.
My primary duties as Team Lead currently include operational and engineering support for Provider-1 and Checkpoint FW, including IPSEC B2B Vendor
connectivity. I am also currently leading a team working on PCI standards compliance (credit card processing), and design and deployment of an
enterprise-wide (200,000+employees) remote/guest access project.My past projects included HIPAA compliance auditing and remediation, SOX compliance,
Guest/Physician Networking, as well as operational support.
Network Security Specialist, Level 3
Marsh & McLennan, Inc., Louisville, KY·
9/2002 - 4/2006
Checkpoint Firewall / Provider 1 / Nokia Horizon Manager
-IPSEC VPN-distributed management across global network·
Cisco ISR / Cisco CSM·
Implemented RSA SecurID across the enterprise for remote access authentication· Developed change management process to facilitate SOX compliance·
Responsible for internal audits re: standards compliance and network security
At Marsh, my time was split between Global Network Security Architecture and Global Security Operations. I was a member of a 9 person team responsible for
network security architecture, infrastructure building and operations for all of Marsh, Inc. Marsh is a truly global enterprise with offices in 37 countries,
and over 30,000 employees. Responsible for the design, proofing and project management for the global Marsh network.
Responsibilities include facilitating business continuity, security standards audit remediation (HIPAA, etc), remote user connectivity using both client and
site-based VPN solutions, and deployment of Checkpoint NG in 18 countries and 8 global data centers. Operationally, I also handled daily firewall rule
builds and policy deployment.
Also, I supervised global change management for all Marsh global network and firewall changes. Operational duties included rule pushes, as well as OS and
software upgrades and patches, hardware maintenance and crisis management.
Acted as team lead for enterprise-wide merging of network infrastructure and management for Marsh Inc, Mercer HR Consulting, Putnam Investments, Kroll, Inc.,
Synhrgy Inc., and Marsh Management Consulting.This effort merged four network management teams, six disparate enterprise-wide WAN networks, and over 30
individual offices' networks. This project saves Marsh over $9,000,000 annually in IT infrastructure management and deployment, while simultaneously adding
in-house disaster recovery, redundant WAN connectivity, centralized network management and vastly increased quality of service to the business. This project
was completed 40 days ahead of schedule, and came in well under budget.
Firewall Engineer Level 3
IBM, Raleigh, NC
10/2000 - 9/2002
Support for over 300 Checkpoint firewalls over 12 server farms in several varied environments including IPSEC VPN·
Responsible for all aspects of Checkpoint Firewall support, including build-out, rulebase creation, NAT configuration, ongoing support and network
connectivity troubleshooting, and rulebase maintenance· Assist in networking architecture and project management·
Provide technical training and environment-specific training to new hires
Support Engineer Level II
RSA Security Inc., Bedford, MA
4/2000 - 10/2000
Front line technical support for network professionals (not end-users) on RSA SecurID, SoftID, and WebID two-factor authentication products in conjunction
with a widely varied selection of third-party connectivity devices.
Installation and configuration of firewall products such as Checkpoint FireWall 1, Cisco Pix (w/ Cisco Secure), Network Associates Gauntlet Firewall and
Installation and configuration of VPN products such as Altiga VPN, Checkpoint Firewall 1 VPN, Microsoft Windows 2000 VPN, Shiva LANRover, TimeStep PERMIT
Enterprise VPN and others. Installation of various RADIUS devices, such as CiscoSecure for NT, Funk Software Steel Belted RADIUS, Shiva Access manager, and
Chosen out of 17 individuals to create the official RSA Implementation Guide for Microsoft Windows 2000 VPN using Extensible Authentication Protocol (EAP).
Completed task 6 days ahead of schedule.
In my first full month, I broke the company record for number of "Perfect 10's" (perfect score on customer service satisfaction survey) in a month with 16
out of 27 responses (74 total customers total).
MIS System Administrator
Cambridge Credit Counseling Corp., Agawam, MA
4/1998 - 3/2000
Responsible for all aspects of system maintenance, upgrade, configuration, licensing, and administration for 100 Win 98 users on a TCP/IP NT network
connected via LAN and WAN·
Provide all support for PC users for Microsoft Windows 95/98, NT Workstation 4.0, Office 97, Office 2000, Internet Explorer 4.0/5.0, Seagate Crystal Reports,
Corel WordPerfect Suite 6.0/7.0/2000, Adobe Photoshop 5.0/5.5, Illustrator 8.0x, SoftQuad HoTMetaL Pro 5.0/6.0 and other misc. apps.
Installed enterprise backup solution utilizing Seagate Backup Exec.
Administer Unix-based Audix phone system·
Implemented dedicated Internet access via T1 for entire company utilizing Microsoft Exchange Server and Microsoft Internet Information Server· Established
WWW presence for Cambridge Credit Counseling Corp. as well as two other related companies.
Implemented a company-wide structured Help Desk function to streamline user support for any technical/operations related issues.
Responsible for all hardware and software purchasing decisions for local users and servers ($270,000 MIS budget for 1999) including spec and purchase of 100
Created design specification and built 3 dual processor server boxes for 24-hour production roles. Created design specification and implemented WAN-based
video conferencing system.
Internet Operations and Web Designer
Southfork Asset Management, Hauppaugue, NY
3/1998 - 3/2000
Created all web content as well as page design for company·
Implemented web-based inventory listing system for potential clients.
Administer all aspects of Internet connectivity, including T1 connection, email administration, and remote network access via Windows NT RAS Server
2/2004 Global Knowledge, Inc., Chicago, IL Certification Checkpoint CCSE certification - Checkpoint NG
2/2001 Verisign Education Center, Raleigh, NC Certification CCSA - Certified Checkpoint System AdministatorCCSE - Certified Checkpoint System Engineer
4/2000 Pinnacle Training, Westboro, MA Certification MCSE (Microsoft Certified System Engineer) training§
Westfield State College, Westfield, MA Double Major: Computer Science and Economics GPA: 3.85Cum Laude