Hampton Roads, Virginia Metropolitan Area
Senior Network & Security Engineer with 10+ years of experience across enterprise security engineering, secure access architecture, and large-scale hybrid environments spanning government, telecom, and financial sectors. Specialized in proxy-based security infrastructure (Broadcom/Blue Coat), Zero Trust architectures, and SASE platforms including Zscaler (ZIA/ZPA), with deep focus on traffic flow engineering, identity-based access, and policy-driven enforcement models. Extensive experience supporting mission-critical production environments, leading complex troubleshooting and incident response efforts, and performing root cause analysis across distributed security and networking systems including SSL/TLS inspection, DNS routing, and F5 load balancing/SSLO architectures. Recognized for hands-on technical leadership in enterprise security operations, including cross-functional incident coordination, mentoring engineers, and translating complex system-level issues into clear operational and business impact for stakeholders.
Cloud-Secure Web Gateway - Working with Cloud Secure Web Gateway adding policy, performing log searches in the Development Environment and Certification Environment and Production Environment. Resolving high-level user issues with the Cloud proxy environment. Modifying policy based on current policy needs. Performing updates to Cloud proxy policy based on Cyber department’s request. Working with the WSS agent for end user configurations. Utilizing Broadcom’s URL categorization to set up policy on Cloud Secure Web Gateway. Security Appliances – Worked with F5, Checkpoint and Proxy devices within the security stack to ensure proper functionality within the security stack on the network. Working on the configuration as needed based on security standards documentation. On-Prem Proxy Solution - Performing support of the On-Prem Broadcom proxy devices, by adding policy based on policy. Troubleshooting incidents for user outages and performing policy fine-tuning to ensure effective performance for proxy connections. Added policy for Secure Socket Layer policy adds and removals by requests. Support Content Analysis Systems for virus scanning, by modifying the policy and ensuring devices are running properly. Zscaler – Working to resolve user issues in a timely manner. Utilizing Nano logs for Zscaler. Adding policy as needed and making recommendations on policy and resolution on issues encountered to ensure limited downtime. Policy Clean Activity – Go through removing obsolete policy and disabling rules that are no longer needed to aid in overall functioning in the Broadcom proxy environment. Reviewing the VPM to combine policy to facilitate efficiency policy flow for the M&T network.
Zscaler Migration Project – Migrated from Symantec Broadcom Proxy Secure Gateway proxy devices to Zscaler Proxy Technology. Converted to Zscaler policy from Proxy Secure Gateway policy. Performed high-level testing to ensure policy optimization and stability. Worked on Virtual Zscaler End Nodes to aid traffic move from various data centers in the enterprise. Helped with overall design of Secure Socket Layer policy. Worked with SSL policy on decryption for specified connections. On-Prem Proxy Environment – Worked on Policy Optimization with On-Premises proxy environment on Symantec Broadcom Proxy devices. Utilizing Management Center to make changes and update existing policies. Made recommendations based on requests given by the Information Security department. Collaborating with proxy models SG-500-10 and SG500-20. Configured policy to handle SSL traffic based on Synchrony network standards. SIEM Tools – Working with various types of SIEM tools such as Splunk, Solarwinds, Riverbed, Thousand Eyes to isolate Enterprise level issues and to perform forensic analysis of possible breaches on the network and to ensure security compliance. Collaboration – Worked with Security Operations team and Governance Team to create overall bank policy for user access and server access on the network. Cloud Secure Web Gateway -Worked on Cloud Proxy for Broadcom adding rules for SSL Intercept. Optimize policy functions for the overall user environment. Performed enterprise-level troubleshooting on various user issues encountered. Adding several sites to the SSL policy bypass for site connectivity during enterprise outages. On-call Function – Participated in 24/7 on-call rotation for enterprise-level issues.
Broadcom Proxy Project – Worked on rule migration from Solaris Unix servers to Symantec Broadcom Proxy devices for over one thousand rules manually for the migration. This was a key component for testing and proof of concept for the proxy environment. Netskope – Coordinated across multiple data centers to coordinate upgrades of Netskope technology. Communicated with various teams to ensure proper notification of the upcoming upgrades. Performed all the upgrade activities on my own according to best practices. FireEye – Worked on different configurations portions on FireEye devices. Setting up gateways, logging, and various other configurations to ensure the device were built according to Bank of America technology standards. McAffee Web Gateway – Performing configuration tasks on McAffee Web Gateway devices to assist in overall project timelines. Adding gateways, logging, upgrading the Operating Systems.
Engineered end-to-end replacement and re-implementation of failed F5 load balancing systems, restoring redundant architecture and enhancing site stability, availability, and infrastructure resilience. Directed DNS traffic failover and routing adjustments during major enterprise outages, utilizing situational analysis and infrastructure knowledge to preserve application availability and reduce operational downtime. Provided advanced troubleshooting and incident resolution across enterprise web and network infrastructure supporting NMCI operational environments.