Summary
Overview
Work History
Education
Skills
Accomplishments
Certification
Timeline
Generic

JULIUS OFOSU-ASANTE

Ashburn,VA

Summary

Over 17 years of hands on experience with on-premise / private clouds, hybrid, and commercial cloud services (UC2S, SC2S and C2S). Top Secret/SCI with active polygraph. Master of Science in Information Security with 4.0 GPA. Design, develop, implement, test, operate and maintain hardware, operating systems and software to address cybersecurity requirements. Extensive knowledge of NIST SP 800-53, Risk Management Framework (RMF) and DoD Security Technical Implementation Guides (STIGs). Working knowledge of AWS (VPC, EC2, S3, Route 53). Advanced skills (Windows 7/10/2012/2016, CentOS 7/8, RHEL 7/8, LAMP Stack). Expert skills: Palo Alto (PA-7050, PA-5220, Wildfire WF-500, Panorama M-500/M-200, Multi-VSYS and Multi-VR, Active/Passive High Availability), F5 (BIP-IP i5800, BIGiQ, vCMP, AFM, ASM, APM, SSLO), Cisco (FMC2500, FMC2600, FirePOWER 4120, FirePOWER Threat Defense (FTD), Threat Grid TG-M5), Juniper (SRX5400, QFX5100, EX4300, JSA580, Routing-Instances/Chassis Cluster/Virtual Chassis), Gigamon GigaVUE-HC2, FireEYE (NX6500, FX6500, AX5550, EX8500, CM7500), RSA Netwitness/EMC Unity Storage, Security and NAT Policies, URL Filtering, IPSEC, VPN, SSL/TLS, Break&Inspect, VLAN, LACP, Tcpdump, Wireshark, Splunk.

Trusted Network Security Engineer with [Number] years protecting companies against bad actors who disrupt business operations. Serves as primary safeguard against external threats. Educates colleagues on best practices and network safety protocols. Protects networked assets through both preventive and reactionary measures.

Proactive [Job Title] adept at predicting and disrupting intrusion attempts. Pioneers novel network security measures to combat emerging threats. Maintains proven track record of utilizing both education and technological solutions to fortify companies against malicious exploitation and data breaches.

Equipped with strong problem-solving abilities, willingness to learn, and excellent communication skills. Poised to contribute to team success and achieve positive results. Ready to tackle new challenges and advance organizational objectives with dedication and enthusiasm.

Overview

22
22
years of professional experience
1
1
Certification

Work History

Network Security Engineer Lead

RSA NETWITNESS RECAP, CACI, INC
08.2020 - Current
  • Modernizing legacy RSA Netwitness platform, improving data collection and increasing data retention to comply with DoD/IC data retention policy
  • Configured Gigamon HC2 tool ports and maps to send SSL Intercepted data to RSA packet decoders
  • Applied NIST SP 800-53 security controls and STIGs
  • Performed self-assessment of NIST SP 800-53 security controls and STIGs
  • Produced body of evidence for the ISSO and SCA
  • Documented findings in Xacta
  • Worked with the ISSO and SCA on ATO package for the Authorizing Official
  • Achieved Authoritization to Operate (ATO) for 3 years
  • Tools/Skills: RSA Netwitness (Packet Decoder, Log Decoder, Concentrator, ESA), EMC Unity Storage Processor, Gigamon HC2, BIGIP SSLO Break & Inspect.
  • Performed network troubleshooting to isolate and diagnose common problems.
  • Engaged business and technology stakeholders to gather goals and requirements.
  • Designed, installed and configured email encryption gateways with data loss prevention.
  • Developed and maintained company-wide endpoint security solutions.
  • Implemented necessary controls and procedures to protect information system assets from intentional or inadvertent modification, disclosure or destruction.
  • Applied Center for Internet Security (CIS) benchmarks to verify performance of ongoing security measures.

Cybersecurity Engineer

CACI, INC
08.2020 - Current
  • FEDERAL
  • Modernizing legacy Cisco ASA and Sourcefire at 30 remote sites geographically dispersed
  • Replaced Cisco ASA/Sourcefire with Palo Alto Networks Firewalls
  • Performed
  • Applied Center for Internet Security (CIS) benchmarks to verify performance of ongoing security measures.
  • Authored security and vulnerability reports, detailing logged incursions and suggesting remediation efforts.
  • Implemented necessary controls and procedures to protect information system assets from intentional or inadvertent modification, disclosure or destruction.
  • Designed, installed and configured email encryption gateways with data loss prevention.
  • Developed security metrics and technical analysis to give insight into performance and trends.
  • Created policies and procedures for emerging security technologies and proposals.

LEAD PROJECT ENGINEER

SOURCEFIRE RECAP, CACI, INC
08.2020 - Current
  • FEDERAL
  • Recapitalizing legacy Cisco Sourcefire IDS/IPS sensors for increased visibility into SSL Intercepted DMZ traffic
  • Designing, engineering, installing, configuring and testing Cisco FirePOWER 4120s
  • Integrating Cisco FirePOWER 4120s with Cisco FMC2500 High Availability clusters
  • Configuring inline sets, zones, access control and intrusion polices
  • Configuring Gigamon HC2 inline tools and maps for Cisco FirePOWER 4120s
  • Configured FMC2600 estreamer to send intrusion events to SIEM
  • Applied NIST SP 800-53 security controls and STIGs
  • Performed self-assessment of NIST SP 800-53 security controls and STIGs
  • Produced body of evidence for the ISSO and SCA
  • Documented findings in Xacta
  • Worked with the ISSO and SCA on ATO package for the Authorizing Official
  • Achieved Authoritization to Operate (ATO) for 3 years
  • Tools/Skills: Cisco FirePOWER 4120, Cisco FMC2600, Gigamon HC2, SSL Intercepted Traffic.

Network Firewall Engineer Lead

CACI, INC
11.2020 - 02.2025
  • AWS UC2S IPSEC VPN
  • Environment: Palo Alto PA7050, Juniper QFX5100, AWS, BGP
  • Configured site-to-site VPN between AWS UC2S and on-premise Palo Alto firewall PA7050.
  • Applied Center for Internet Security (CIS) benchmarks to verify performance of ongoing security measures.
  • Created standardized incident response program to outline immediate and consistent remediation of security breaches.
  • Performed network troubleshooting to isolate and diagnose common problems.
  • Created policies and procedures for emerging security technologies and proposals.
  • Developed security metrics and technical analysis to give insight into performance and trends.
  • Designed, installed and configured email encryption gateways with data loss prevention.

LEAD PROJECT ENGINEER/ARCHITECT

CACI, INC
06.2020 - 08.2020
  • FEDERAL
  • Architecting, developing, engineering and integrating Multitenant Enterprise Controlled Interface (ECI) Security Stack in a Lab environment
  • The ECI Security Stack is a cybersecurity suite that will provide Firewall Functions, Forward Web Proxy, Intrusion Detection and Prevention, Break and Inspect, Session/File Analysis, SIEM and Full Packet Capture
  • Provide Subject Matter Expertise (SME) in system engineering support on-prem and cloud (VDSS, UC2S, SC2S, and C2S)
  • Member of a small engineering steering team, working to modernize legacy networks, systems and applications on-prem and cloud-based
  • Architect, develop, engineer, and integrate new security products as directed by the government supervisor or POC
  • Work closely with the customer to define requirements, implement business logic and refine applications
  • Tools/Skills: Palo Alto (PA-7050, PA-5220,Wildfire WF-500, Panorama M-500/M-200, Multi-VSYS and Multi-VR, Active/Passive High Availability), F5 (BIP-IP i5800, BIGiQ, vCMP, AFM, ASM, APM, SSLO), Cisco (FMC2500, FMC2600, FirePOWER 4120, FirePOWER Threat Defense (FTD), Threat Grid TG-M5), Juniper (SRX5400, QFX5100, EX4300, JSA580, Routing-Instances/Chassis Cluster/Virtual Chassis), Gigamon GigaVUE-HC2, FireEYE (NX6500, FX6500, AX5550, EX8500, CM7500), RSA Netwitness/EMC Unity Storage, Security and NAT Policies, URL Filtering, IPSEC, VPN, SSL/TLS, Break&Inspect, VLAN, LACP, Tcpdump, Wireshark, Splunk, Qradar

02.2018 - 06.2020

LEAD ENGINEER /ARCHITECT

CACI, INC
01.2020 - 05.2020
  • Key member of the RSA Netwitness modernization team
  • Replaced legacy RSA Netwitness and less hard and more storage full PCAP retention
  • Installed and configured RSA Netwitness and EMC Unity Storage
  • Configured Gigamon HC2 GigaSMART and Maps to feed ECI Security Stack PCAP data to Packet Decoders
  • Tools/Skills: ECI Security Stack, SSL Break and Inspect, RSA Netwitness, Gigamon GigaVUE-HC2, Full Packet Capture.

CYBER NETWORK FIREWALL ENGINEER

CACI, INC
08.2016 - 02.2018
  • Implemented Palo Alto Active/Passive High Availability
  • Converted McAfee Sidewinder Firewall Configuration to Palo Alto
  • Configured Security Zones, Security Policies, APP-ID, User-ID, URL Filtering, Security Profiles on Palo Alto
  • Implemented multi-factor authentication on Palo Alto using Microsoft Active Directory and CyberArk
  • Integrated Palo Alto Firewall with Panorama and configured on-prem Palo Alto Wildfire
  • Implemented and Applied DISA STIGs on Palo Alto
  • Implemented Multitenancy using F5-BIG-IP vCMP and Route Domain
  • Built 40 vCMP guests and multiple route domains
  • Configurated F5-BIG-IP High Availability
  • Implemented F5-BIG-IP LTM, AFM, ASM, and APM
  • Implemented F5-BIG-IP Break and Inspect using SSL Intercept (SSLi)
  • Currently testing F5-BIG-IP SSL Orchestration (SSLO) in the Lab to replace SSLi for Break and Inspect
  • Implemented and applied DISA STIGs on 40 F5-BIG-IPs
  • Implemented Multitenancy using Juniper Routing-Instances
  • Created Juniper Security and NAT Polices and Zones
  • Configured Juniper Chassis Cluster High Availability and Virtual Chassis
  • Configured VLANs and LACP
  • Implemented and applied Juniper DISA STIGs
  • Installed and configured FireEYE NX and FirePOWER Threat Defense Inline with Gigamon HC2
  • Integrated Gigamon HC2 with RSA Packet Decoder
  • Passed ATO audit for the 4x classified ECI Security Stacks and 2x Unclassified ECI Security Stacks
  • Received Bravo Zulu from Government and CACI leadership
  • Tools/Skills: Palo Alto (PA-7050, PA-5220,Wildfire WF-500, Panorama M-500/M-200, Multi-VSYS and Multi-VR, Active/Passive High Availability), F5 (BIP-IP i5800, BIGiQ, vCMP, AFM, ASM, APM, SSLO), Cisco (FMC2500, FMC2600, FirePOWER 4120, FirePOWER Threat Defense (FTD), Threat Grid TG-M5), Juniper (SRX5400, QFX5100, EX4300, JSA580, Routing-Instances/Chassis Cluster/Virtual Chassis), Gigamon GigaVUE-HC2, FireEYE (NX6500, FX6500, AX5550, EX8500, CM7500), RSA Netwitness/EMC Unity Storage, Security and NAT Policies, URL Filtering, IPSEC, VPN, SSL/TLS, Break&Inspect, VLAN, LACP, Tcpdump, Wireshark, Splunk, Qradar, FEDERAL
  • Member of the Network Security Services and AWS Cloud Team
  • Managed firewalls on-premise and cloud
  • Implemented and troubleshoot firewall change requests
  • Implemented IP blocks per Remedy and ServiceNow Tickets and TASKORD
  • Monitor firewalls and packet capture logs for anomalies
  • Work tickets in Remedy and Servicenow
  • Provide TEM and Priority tickets support
  • Led DISA CCRI Audit of the costumer networks
  • Passed audit with flying colors
  • Received Bravo Zulu from Government and CACI leadership
  • Tools/Skills: McAfee Sidewinder, F5-BIG-IP, Juniper SRX, McAfee Web and Email Gateways, Gigamon HC2, FireEYE NX and EX, Cisco Sourcefire/Snort ID, Arcsight SIEM, Tcpdump, Wireshark, Putty, Remedy.

CYBER THREAT INTEL ANALYST STAFF

LOCKHEED MARTIN
01.2012 - 08.2016
  • Performed enclave cybersecurity defense, attack vector analysis, incident handling, vulnerability management and reporting, risk analysis and readiness and strategic planning analysis
  • Extensive knowledge of APT adversary activities in cyberspace with subject matter expertise in intrusion set tactics, techniques, and procedures (TTPs)
  • Built a Static and dynamic Malware Analysis Sandbox on an old Dell Server using CentOS, VMware Workstation, REMnux, Windows XP, and Windows 7
  • Conducted data analysis, aggregation, event correlation and information security threat definition
  • Performed static and dynamic analysis of malware (Advanced Persistent Threat/APT) and its delivery mechanism (malicious documents e.g
  • Pdf, doc, etc.)
  • Extracted TTPs, exploit, author attribution, C2 and more
  • Utilize custom sandbox to isolate malware, unpack malware, monitoring registry changes and identifying malware communication channels
  • Performed digital fingerprinting to determine foreign adversary/actor behind malware/spear phishing campaign, and correlate the data back with the Intelligence Community (IC) Computer Network Exploitation (CNE) attribution
  • Utilized malware (APT) and spear phishing campaign analysis to develop IDS signatures, Firewall Rules, AV Signatures
  • Utilized Splunk to conduct network traffic analysis on DTRA/USTRATCOM SCC-WMD networks
  • Utilized Splunk to create search queries, dashboards, summary index and alerts
  • Utilized ArcSight SIEM to monitor network traffic on DTRA/USTRATCOM SCC-WMD networks
  • Utilized Arcsight SIEM to create search queries, active channels, active lists, filters, trends, reports, dashboards, drill downs, summary index and alerts
  • Regularly conducted analysis of the cyber capabilities and activities of foreign intelligence, security services, and potential threats to and impact on USSTRTCOM, DTRA and DoDIN information systems and operations
  • Collaborated with intelligence community (IC) partners to share and collect cyber threat data for use in strategic threat assessments
  • Created tailored products and reports for different levels of leadership
  • Reviewed security architecture to find gaps that impact the enterprise
  • Provided comprehensive solutions to enhance the security architecture
  • Tools/Skills: Arcsight ESM and Logger, Splunk Enterprise, Bluecoat Solera PCAP, Bluecoat Web Proxy, McAfee Sidewinder Firewall, Cisco 3750, Cisco 3560, Barracuda Spam Filter, Bluecat Proteus IPAM, SCCM, McAfee ePO HBSS, Wireshark, Argus Netflow, VMware Workstation 11/12, CentOS 6/7, Windows (XP/7/2008R2/2012R2), fakedns, Ollydbg, Sysinternals, Cyber Threat Intel, Malware Analysis (Dynamic and Static), Sourcefire IDS signatures, NIPRNET, SIPRNET, JWICS
  • Received kudos from the Government Customer and an 'Exceeded Expectations' evaluation (four out of five) from superior for 2013 and 2014, 2015 evaluation period.

CONSULTING, CYBERSECURITY SME, NATIONAL INSTITUTE OF HEALTH
03.2016 - 04.2016
  • National Institute of Health (NIH) High Performance Computing (HPC) Mellanox InfiniBand (IB) and Light Sheet Fluorescence Microscopy (LSFM) Network
  • Installed, configured and troubleshoot Mellanox InfiniBand (IB) Switch Fabric
  • Tested and validated connectivity between InfiniBand (IB) nodes
  • Installed, configured and troubleshoot Windows 2008R2/2012R2 Servers
  • Installed, configured and troubleshoot Anaconda Python on Windows Servers
  • Configured and troubleshoot McAfee ePolicy VSE and HIPS
  • Created network diagrams using Visio
  • Received kudos from Dr
  • Benjamin Whites and Dr
  • Amicia Elliott of NIH Neuroscience Research Center.

CYBERSECURITY

CONSULTING SME, NETWORK ENGINEERING, PROCESS POINT CONSULTING
03.2012 - 01.2016
  • Installed, configured and managed Cisco ASA Firewall
  • Installed, configured and managed McAfee Firewall Enterprise (Sidewinder)
  • Designed, installed, configured and managed Cisco 2602e Wireless Campus
  • Designed, installed, configured and managed Windows 2012 R2 Active Directory and DNS
  • Installed, configured and managed Windows 2012 SQL Server
  • Installed, configured and managed McAfee ePolicy 5.1, McAfee Agents, VSE and HIPS
  • Performed OS upgrades and security patch maintenance
  • Created network diagrams using Visio
  • Implemented and apply Firewall STIG
  • Implemented and apply Windows STIGs.

NETWORK ENGINEERING & CYBERSECURITY

CONSULTING SME, UNITED STATES ARMY EMERGENCY RELIEF
03.2012 - 01.2016
  • Installed, configured and managed all Cisco ASA 5525X Firewalls
  • Installed, configured and managed all Cisco Routers and Switches (5548UP, 3750X, 3850, 6906E)
  • Installed, configured and managed all McAfee S2008 Firewalls
  • Installed, configured and managed all Juniper SRX 550 Firewalls
  • Designed and implemented storage solutions using EMC VNX
  • Installed, configured and managed all HP DL380P G8 servers
  • Designed and implemented multi-area OSPFv2 network
  • Designed and implemented site-to-site VPN between different datacenters using Cisco 3945E Routers and IPSec VTI
  • Implemented Zone-Based Firewall on Cisco 3945E Routers
  • Configured NTP on Cisco 3945E Routers to sync with stratum one NTP Servers
  • Configured network nodes and endpoints to sync with the Cisco 3945E Routers for time
  • Configured VLANs, EtherChannel and LACP
  • Configured Inter-VLAN routing, ACLs and NAT
  • Configured route redistribution, route map and prefix list
  • Designed and implemented storage solutions using 2x EMC VNX 5300 DPE/8x DAEs
  • Designed and deployed FCoE implementation utilizing 2x Cisco Nexus 5548UP Switches, 2x EMC VNX 5300 DPEs/8x DAEs, 16x HP DL380P G8 Servers, 16x Emulex Dual 10Gb/s FCoE Converged Network Adapters (CNA) and 36x Cisco SFP+ Twinaxial Cables
  • Implemented VSANs, Zone and Zoneset for the respective VSANs utilizing Cisco Nexus 5548UP
  • Provisioned storage from 2x VNX 5300 DPEs/8x DAEs for 16x HP DL380P G8/ESXi5.5 hosts using EMC Unisphere Manager by creating RAID pools/groups, LUNs, storage Groups
  • Implemented Boot-from-SAN for all 16x HP DL380P G8/ESXi5.5 hosts utilizing 16x Emulex 10Gb/s FCoE HBAs
  • Installed ESXi5.5 on 16x HP DL380P G8 Servers to Boot-from-SAN
  • Configured vNetwork Standard Switch and vNetwork Distributed Switch utilizing vSphere Client or vSphere Web Client to connect to vCenter Server 5.5
  • Configured VMware vMotion and HA for seamless VM migrations and High Availability during unplanned downtimes
  • Installed and configured VMware vCenter 5.5 Patch Manager
  • Designed and implemented single-forest, multiple-domains Active Directory model
  • Installed and configured Windows 2012 R2 Active Directory and DNS Servers
  • Installed and configured Windows 2012 SQL Servers on Windows 2012 R2
  • Installed and configured vCenter Server 5.5 using remote Windows 2012 SQL Servers
  • Configured vCenter Server 5.5 systems in Linked Mode for two sites
  • Upgraded to VMware vSphere ESXi6/vCenter Server 6 Enterprise Plus
  • Installed and configured SCCM 2012 R2 with remote Windows 2012 R2 SQL servers
  • Installed and configured WUS on Windows 2012 R2 for SCCM 2012 R2
  • Configured Discovery and Boundaries in SCCM 2012 R2
  • Configured and deployed Software Updates using SCCM 2012 R2
  • Planned, designed and implemented VMware Horizon 6 Virtual Desktop Infrastructure (VDI)
  • Installed and configured View Connection Servers, View Security Servers, View Composer, vCenter Server, VMware View Client, Virtual Desktops and Remote Desktop Services Hosts
  • Deployed and tested both PCoIP and Blast
  • Planned, designed and implemented Two Tier PKI infrastructure utilizing three Windows 2012 R2 servers; a standalone Root CA, an Enterprise Issuing CA and a Web server for CRL and CDP
  • Installed and configured Juniper Pulse Secure SSL VPN
  • Integrated VMware Horizon 6 VDI with the Juniper SSL VPN
  • Installed and configured McAfee ePolicy 5.1 on Windows 2012 R2 utilizing remote Windows 2012 SQL Server
  • Deployed McAfee Agent, VSE and HIPS
  • Configured Domain Controllers for NTP
  • Implemented and applied Firewall STIG
  • Implemented and applied Network Infrastructure Policy STIG
  • Implemented and applied Network Infrastructure Router L3 STIG
  • Implemented and applied Network Perimeter Router L3 STIG
  • Implemented and applied Network L2 Switch STIG
  • Implemented and applied Enclave STIG and DMZ STIG
  • Implemented and applied Windows Server 2012 Domain Controller STIG using Group Policy
  • Implemented and applied Windows Server 2012 Member Server STIG using Group Policy
  • Implemented and applied Windows 8.1 STIG using Group Policy.

SENIOR CYBER INTEL ANALYST

LOCKHEED MARTIN
08.2008 - 01.2012
  • Monitored and analyzed security events in ArcSight ESM, Snort IDS and other security tools
  • Created active channels, active lists, filters, trends, reports, dashboards, queries, drill downs and field sets in ArcSight SIEM to analyze security events
  • Utilized ArcSight Logger to pull and export security events
  • Created, modified and updated Snort IDS and ArcSight SIEM rules and content
  • Built systems for capturing netflow and PCAP
  • Utilized CentOS, Tcpdump, Argus, SiLK, Tcpdstat, Tcpflow, Ngrep, iptables and python scripts
  • Built Snort IDS sensors on CentOS
  • Authored python scripts for the CND Forensics Incident Response Team to automate remote scanning of Windows systems for malware and suspicious anomalies
  • Triaged incoming security events and performed security incident investigation analysis and response
  • Worked incidents from cradle to grave
  • Evaluated and deconstructed malware through open-source and vendor provided tools
  • Tasked other analysts and directed efforts to analyze the IDS and remediate security issues found
  • Conducted open-source and classified research and analysis to support recommendations regarding cyber threats, threat vectors, threat actors, and threat trends
  • Communicated alerts to IT groups regarding intrusions and compromises to their network infrastructure, applications and operation systems
  • Assisted with implementation of countermeasures
  • Identified and developed threat signatures from all available sources
  • Coordinated and distributed directives, vulnerability, and threat advisories to identified consumers
  • Provided daily summary reports of network events and activities and delivered metric reports
  • Researched hackers, hacker techniques, vulnerabilities and exploits
  • Tools/Skills: Arcsight ESM and Logger, Snort, McAfee Intrushield, Nmap, Tcpdump, Argus, Ngrep, CentOS, Wireshark, Windows Active Directory, Sidewinder Firewalls, Cisco ASA Firewalls, IronPort Spam Filter, Microsoft Exchange, Barracuda Spam and Web Content Filters, Websense Proxy, Encase, Sysinternals, Hex Editors, Ollydbg and open source tools.

CYBERSECURITY

CONSULTING SME, ENGINEERING, NEWPORT NEWS SHIPBUILDING
06.2007 - 01.2012
  • Lead Technical SME for Network and Security Engineering: USS Gerald Ford CVN-78 Machinery Control Monitoring Systems (MCMS)
  • Deputy Technical SME for Network and Security Engineering: USS Gerald Ford CVN-78 Nuclear Propulsion Plant Supervisory Control and Data Acquisition (SCADA)/Industrial Control System (ICS)
  • Provided SME level support for Network and Security Engineering of the CVN-78 Navigation Network, Weapon Systems Network and Video Network
  • Designed, implemented and configured multi-area OSPFv2 networks of varying MIL-STD requirements
  • Implemented and configured Multicast - PIM Dense Mode and PIM Sparse Mode for varying MIL-STD network communication latency requirements
  • Configured VLANs, VLAN ACLs and Inter-VLAN Routing
  • Implemented EtherChannel and LACP
  • Configured VRRP, IP SLA and Route Redistribution
  • Implemented AAA, SSH, Port Security, Port Mirroring, NTP, and SNMPv3
  • Configured ACLs, NAT and VPN
  • Installed and configured Retina Vulnerability Scanner
  • Configured and troubleshoot Programmable Logic Controllers (PLCs)
  • Configured and troubleshoot Information Distribution Centers (IDCs)
  • Configured and troubleshoot Group Distribution Centers (GDCs)
  • Configured and troubleshoot Display Distribution Centers (DDCs)
  • Utilized Wireshark extensively for troubleshooting
  • Conducted scans using Nmap
  • Implemented and applied Switch STIG
  • Implemented and applied Firewall STIG
  • Tested and verify the Networks and Security compliance with the MIL-STD requirements using the Spirent Testcenter and Retina Vulnerability Scanner
  • Created network diagrams using Microsoft Visio
  • Authored numerous network design and configuration documents for the Navy.

INFORMATION SYSTEM TECHNICIAN

UNITED STATES NAVY, CARRIER AIR WING
06.2003 - 06.2007
  • USS DWIGHT D
  • EISENHOWER (CVN 69) and USS ASHLAND (LSD 48)
  • Operated and maintained global satellite telecommunications systems
  • Operated and coordinated automated networks, datalinks and circuits
  • Applied diagnostic, corrective and recovery techniques to information systems
  • Provided telecommunications and computer-related training and assistance
  • Analyzed communication signals
  • Performed preventive and corrective maintenance on state-of-the-art equipment.

Education

Master of Science - Cybersecurity

Capella University
Minneapolis, MN
01.2010

Bachelor of Science - Mathematics & Computer Science

State University of New York (SUNY) Albany
Albany, NY
01.2002

Skills

  • Value engineering
  • Engineering design
  • Engineering
  • Root-cause analysis
  • Verbal and written communication
  • Technical direction
  • Compliance enforcement
  • Requirements analysis
  • Innovation and creativity
  • Design and specification planning
  • Technical analysis
  • Design build
  • Controls monitoring
  • Continuous improvement
  • Analytical thinking
  • Planning and deployment
  • Automation tools
  • Malware analysis
  • Network forensics
  • Configuration management
  • Firewall configuration
  • Reverse engineering
  • Firewall installation
  • Network security management
  • Network monitoring
  • Threat analysis
  • Cloud security
  • Incident response
  • Application security
  • Patch management
  • VXLAN designs and troubleshooting
  • Intrusion detection
  • Vulnerability assessment

Accomplishments

  • Resolved product issue through consumer testing.
  • Collaborated with team of [Number] in the development of [Project name].
  • Documented and resolved [Issue] which led to [Results].

Certification

  • CISSP, ISC2
  • CCNP, Cisco
  • CEH, EC-COUNCIL
  • GCIA, SANS
  • GCIH, SANS

Timeline

Network Firewall Engineer Lead

CACI, INC
11.2020 - 02.2025

Network Security Engineer Lead

RSA NETWITNESS RECAP, CACI, INC
08.2020 - Current

Cybersecurity Engineer

CACI, INC
08.2020 - Current

LEAD PROJECT ENGINEER

SOURCEFIRE RECAP, CACI, INC
08.2020 - Current

LEAD PROJECT ENGINEER/ARCHITECT

CACI, INC
06.2020 - 08.2020

LEAD ENGINEER /ARCHITECT

CACI, INC
01.2020 - 05.2020

02.2018 - 06.2020

CYBER NETWORK FIREWALL ENGINEER

CACI, INC
08.2016 - 02.2018

CONSULTING, CYBERSECURITY SME, NATIONAL INSTITUTE OF HEALTH
03.2016 - 04.2016

CYBERSECURITY

CONSULTING SME, NETWORK ENGINEERING, PROCESS POINT CONSULTING
03.2012 - 01.2016

NETWORK ENGINEERING & CYBERSECURITY

CONSULTING SME, UNITED STATES ARMY EMERGENCY RELIEF
03.2012 - 01.2016

CYBER THREAT INTEL ANALYST STAFF

LOCKHEED MARTIN
01.2012 - 08.2016

SENIOR CYBER INTEL ANALYST

LOCKHEED MARTIN
08.2008 - 01.2012

CYBERSECURITY

CONSULTING SME, ENGINEERING, NEWPORT NEWS SHIPBUILDING
06.2007 - 01.2012

INFORMATION SYSTEM TECHNICIAN

UNITED STATES NAVY, CARRIER AIR WING
06.2003 - 06.2007

Master of Science - Cybersecurity

Capella University

Bachelor of Science - Mathematics & Computer Science

State University of New York (SUNY) Albany

Similar Profiles

CREATE PROFILE
JULIUS OFOSU-ASANTE