Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Contact Information
Name: David Arkle
Email: davearkle (at) expertfriend (dot) com [email concealed]
Location: Nashville, Tennessee, United States
Position/Title: Security Consultant
Resume: Dave Arkle


dave (at) expertfriend (dot) com [email concealed]




I am seeking a position as a Network Security Manager or Engineer, with an emphasis on firewalls, VPN, secure network solutions, and standards compliance, including PCI, HIPAA, SOX, etc.



Work Experience


Sr. Consulting Engineer

HCA, Inc., Nashville, TN·

2006 - Present

Team lead for Network Perimeter in large enterprise (over 200,000 employees)·

Checkpoint Firewall / Provider-1 / Nokia Horizon Manager

-Firewall connectivity

-IPSEC VPN-Standards compliance (SOX, HIPAA, PCI, etc.·

-Cisco ASA firewalls, including CSM management and ACS access control

Provide technical consulting for network security issues, as well as perform operational work with network perimeter devices, including Checkpoint FW-1 /

Provider-1, Cisco ASA firewalls managed by CSM, Nokia Edge devices, etc. I am currently working to learn Cisco switching and routing.

My primary duties as Team Lead currently include operational and engineering support for Provider-1 and Checkpoint FW, including IPSEC B2B Vendor

connectivity. I am also currently leading a team working on PCI standards compliance (credit card processing), and design and deployment of an

enterprise-wide (200,000+employees) remote/guest access project.My past projects included HIPAA compliance auditing and remediation, SOX compliance,

Guest/Physician Networking, as well as operational support.


Network Security Specialist, Level 3

Marsh & McLennan, Inc., Louisville, KY·

9/2002 - 4/2006

Checkpoint Firewall / Provider 1 / Nokia Horizon Manager

-IPSEC VPN-distributed management across global network·

Cisco ISR / Cisco CSM·

Implemented RSA SecurID across the enterprise for remote access authentication· Developed change management process to facilitate SOX compliance·

Responsible for internal audits re: standards compliance and network security

At Marsh, my time was split between Global Network Security Architecture and Global Security Operations. I was a member of a 9 person team responsible for

network security architecture, infrastructure building and operations for all of Marsh, Inc. Marsh is a truly global enterprise with offices in 37 countries,

and over 30,000 employees. Responsible for the design, proofing and project management for the global Marsh network.

Responsibilities include facilitating business continuity, security standards audit remediation (HIPAA, etc), remote user connectivity using both client and

site-based VPN solutions, and deployment of Checkpoint NG in 18 countries and 8 global data centers. Operationally, I also handled daily firewall rule

builds and policy deployment.

Also, I supervised global change management for all Marsh global network and firewall changes. Operational duties included rule pushes, as well as OS and

software upgrades and patches, hardware maintenance and crisis management.

Acted as team lead for enterprise-wide merging of network infrastructure and management for Marsh Inc, Mercer HR Consulting, Putnam Investments, Kroll, Inc.,

Synhrgy Inc., and Marsh Management Consulting.This effort merged four network management teams, six disparate enterprise-wide WAN networks, and over 30

individual offices' networks. This project saves Marsh over $9,000,000 annually in IT infrastructure management and deployment, while simultaneously adding

in-house disaster recovery, redundant WAN connectivity, centralized network management and vastly increased quality of service to the business. This project

was completed 40 days ahead of schedule, and came in well under budget.


Firewall Engineer Level 3

IBM, Raleigh, NC

10/2000 - 9/2002

Support for over 300 Checkpoint firewalls over 12 server farms in several varied environments including IPSEC VPN·

Responsible for all aspects of Checkpoint Firewall support, including build-out, rulebase creation, NAT configuration, ongoing support and network

connectivity troubleshooting, and rulebase maintenance· Assist in networking architecture and project management·

Provide technical training and environment-specific training to new hires


Support Engineer Level II

RSA Security Inc., Bedford, MA

4/2000 - 10/2000

Front line technical support for network professionals (not end-users) on RSA SecurID, SoftID, and WebID two-factor authentication products in conjunction

with a widely varied selection of third-party connectivity devices.

Installation and configuration of firewall products such as Checkpoint FireWall 1, Cisco Pix (w/ Cisco Secure), Network Associates Gauntlet Firewall and


Installation and configuration of VPN products such as Altiga VPN, Checkpoint Firewall 1 VPN, Microsoft Windows 2000 VPN, Shiva LANRover, TimeStep PERMIT

Enterprise VPN and others. Installation of various RADIUS devices, such as CiscoSecure for NT, Funk Software Steel Belted RADIUS, Shiva Access manager, and


Chosen out of 17 individuals to create the official RSA Implementation Guide for Microsoft Windows 2000 VPN using Extensible Authentication Protocol (EAP).

Completed task 6 days ahead of schedule.

In my first full month, I broke the company record for number of "Perfect 10's" (perfect score on customer service satisfaction survey) in a month with 16

out of 27 responses (74 total customers total).


MIS System Administrator

Cambridge Credit Counseling Corp., Agawam, MA

4/1998 - 3/2000

Responsible for all aspects of system maintenance, upgrade, configuration, licensing, and administration for 100 Win 98 users on a TCP/IP NT network

connected via LAN and WAN·

Provide all support for PC users for Microsoft Windows 95/98, NT Workstation 4.0, Office 97, Office 2000, Internet Explorer 4.0/5.0, Seagate Crystal Reports,

Corel WordPerfect Suite 6.0/7.0/2000, Adobe Photoshop 5.0/5.5, Illustrator 8.0x, SoftQuad HoTMetaL Pro 5.0/6.0 and other misc. apps.

Installed enterprise backup solution utilizing Seagate Backup Exec.

Administer Unix-based Audix phone system·

Implemented dedicated Internet access via T1 for entire company utilizing Microsoft Exchange Server and Microsoft Internet Information Server· Established

WWW presence for Cambridge Credit Counseling Corp. as well as two other related companies.

Implemented a company-wide structured Help Desk function to streamline user support for any technical/operations related issues.

Responsible for all hardware and software purchasing decisions for local users and servers ($270,000 MIS budget for 1999) including spec and purchase of 100

PC workstations.

Created design specification and built 3 dual processor server boxes for 24-hour production roles. Created design specification and implemented WAN-based

video conferencing system.


Internet Operations and Web Designer

Southfork Asset Management, Hauppaugue, NY

3/1998 - 3/2000

Created all web content as well as page design for company·

Implemented web-based inventory listing system for potential clients.

Administer all aspects of Internet connectivity, including T1 connection, email administration, and remote network access via Windows NT RAS Server




2/2004 Global Knowledge, Inc., Chicago, IL Certification Checkpoint CCSE certification - Checkpoint NG

2/2001 Verisign Education Center, Raleigh, NC Certification CCSA - Certified Checkpoint System AdministatorCCSE - Certified Checkpoint System Engineer

4/2000 Pinnacle Training, Westboro, MA Certification MCSE (Microsoft Certified System Engineer) training§

Westfield State College, Westfield, MA Double Major: Computer Science and Economics GPA: 3.85Cum Laude



Privacy Statement
Copyright 2009, SecurityFocus