User:David Downey

Security Consultant: Symantec Data Loss Prevention (DLP) Symantec Endpoint Protection (SEP), Cisco Intrusion Prevention System (IPS), Checkpoint Firewall, RSA enVision SIEM, others

Responsible for overall standards, design, implementation, testing and ongoing operations of IPSEC VPN setup for customers and 3rd party accounts; directly implementing and troubleshooting various Cisco, Checkpoint, Fortinet, Linksys, VPN client, dynamic dial back-up VPN (OpenVPN) firewall/VPN entities, Windows 2008 R2 Security Baseline, IDS/IPS tools, web proxy, smart card (PIV); Disaster Recovery, redundancy/VRRP, antivirus/anti-malware; analyzing trends related to NOC alarm data, network traffic anomalies, and unauthorized activity; administered Zenoss Service Dynamics, HP OpenView, NetCool, and AdRem Netcrunch monitoring software; moves/adds/changes

Responsible for secure account management of company, customer, and 3rd party access to departmental systems; Microsoft Active Directory (AD) / Group Policy Editor (security templates for users and computers); HIPS, Event Log monitoring and analysis and reporting, CentOS Linux Administration, Microsoft AppLocker, Microsoft Global Object Access Auditing, disk quotas, biometric authentication; BitLocker and other hard drive encryption options; device hardening; research and implementation of new Open Source IT security options

Responsible for administration of Municipal wireless mesh (LAN/WAN) networks - covering large metropolitan areas; primarily focusing on access point maintenance, channel evaluation/planning, network optimization, identifying and proactively blocking unauthorized activity; administering Layer 3 Cisco switches on fiber optic backbone – typically Cisco 3550 series (L3) switches feeding data conduits to downstream wireless systems throughout a municipal network, implementing firewalls for city SCADA systems, creating secure wireless bandwidth access for law enforcement access, plus administering user accounts and user site connectivity issues