Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

OLEG NENOV

Washington,DC

Summary

Trusted Network Security Engineer with 15 years protecting companies against bad actors who disrupt business operations. Serves as primary safeguard against external threats. Educates colleagues on best practices and network safety protocols. Protects networked assets through both preventive and reactionary measures.

Overview

29
29
years of professional experience
1
1
Certification

Work History

Security Engineer

Departement of Commerce
06.2023 - Current
  • Tools: ForcePoint, ProofPoint, Sentinelone, McAfee EPO, Tenable
  • Implemented necessary controls and procedures to protect information system assets from intentional or inadvertent modification, disclosure or destruction.
  • Vul. Risk Mgmt (VRM): Authored security and vulnerability reports, detailing logged incursions and suggesting remediation efforts.
  • Coordinated with third-party security information and event management (SIEM) providers to maintain protections and predict threats.
  • Developed and maintained company-wide endpoint security solutions.
  • Applied Center for Internet Security (CIS) benchmarks to verify performance of ongoing security measures.
  • Offered preventive training to harden personnel against intrusion vectors such as phishing, ransomware and more.
  • Monitored use of data files and regulated access to protect secure information.
  • Engineered, maintained and repaired security systems and programmable logic controls.
  • Authored security and vulnerability reports, detailing logged incursions and suggesting remediation efforts.
  • Worked with teams to develop company-wide information assurance, security standards and procedures.
  • Selected appropriate intrusion detection system solutions for implementation at facilities.
  • Created standardized incident response program to outline immediate and consistent remediation of security breaches.
  • Performed risk analyses to identify appropriate security countermeasures.
  • Recommend improvements in security systems and procedures.
  • Conducted security audits to identify vulnerabilities.
  • Reviewed violations of computer security procedures and developed mitigation plans.

Security Engineer

Rapid Finance
06.2021 - 03.2023
  • Designed and Implemented Compliance Program (Policy/Infra Deployment/Remediation)
  • Deployed and Managed VRM (Vuln Risk Management)
    Risk Assessment - CVE Review and Prioritized Risk Management - Support Infra
    The team by providing Security Requirements and Design Guidance
    Engaged into in tshoot issue related to application & network issues pcap analysis
    POC - Reviewed Vendors and Deployed security and IT related projects - Driven Audit findings and collected artifacts / SOC 2 audit asks and Security Assessment
  • Managed Security Framework FedRAMP (NIST 800-53 rv.5) / SOC 2
  • Tailed CIS standard to meet business requirements to targeted SQL/IIS/Windows systems and verify performance of ongoing security measures.
  • Monitored and Schedule remediation to implement CIS standards
  • Implemented necessary controls and procedures to protect information system assets from intentional or inadvertent modification, disclosure or destruction.
  • Authored security and vulnerability reports, detailing logged incursions and suggesting remediation efforts.
  • Designed standardized incident logging system to track historical incursions while helping prevent future breaches.
  • Installed and maintained commercial firewall solution, working with security vendors to consistently apply best practices and software updates.
  • Coordinated with third-party security information and event management (SIEM) providers to maintain protections and predict threats.
  • Offered preventive training to harden personnel against intrusion vectors such as phishing, ransomware and more.
  • Monitored use of data files and regulated access to protect secure information.
  • Performed risk analyses to identify appropriate security countermeasures.
  • Recommend improvements in security systems and procedures.
  • Conducted security audits to identify vulnerabilities.
  • Reviewed violations of computer security procedures and developed mitigation plans.
  • Researched and developed new computer forensic tools.
  • Engineered, maintained and repaired security systems and programmable logic controls.
  • To comply w/ existing controls - Rollout SIEM (Rapid7) solution / oversaw data sources deployments and reconciliation - Daily IOC investigation and threat remediation

Tech Lead/SME – Network Security Engineer

Freddie Mac
08.2013 - 06.2021
  • IT Assurance- BSC and FM Policy Compliance/CIS, control alignment and attestation
  • Sec
  • Vulnerabilities: Risk Assessments (Apps/Network Nodes) & remediation
  • DDOS: Akamai Kona & Prolexic
  • Business/IT liaison: Analyzed the requirements, provided solution options & deliverable
  • Splunk (SIEM) – Splunk, CyberArk - Riverbed NetAuditor (Compliance tool)
  • WAF (Imperva) – web traffic analysis & manage policy: abnormal patterns - App Sec
  • Network/NextGen FW: Cisco IOS/Nexus/ISE, ASA, Arista, Checkpoint R77/Palo Alto
  • F5 LTM/GTM, Sourcefire/IPS (Sensors/DC - Snort Rules, DC Policy Mgmt.)
  • Proxy: Bluecoat, Zscaler (Day to Day Policy Management)
  • Day to Day: Project initiatives/Tshoot from endpoint to web apps (Wireshark – 4 to 7 layers)
  • Contributed ideas and suggestions in team meetings and delivered updates on deadlines, designs, and enhancements.
  • Corrected, modified and upgraded software to improve performance.
  • Coordinated deployments of new software, feature updates and fixes.
  • Designed and developed forward-thinking systems that meet user needs and improve productivity.
  • Tested troubleshooting methods and documented resolutions for inclusion in knowledge base for support team use.
  • Documented software development methodologies in technical manuals to be used by IT personnel in future projects.
  • Created proofs of concept for innovative new solutions.
  • Inspected equipment, assessed functionality and optimized controls.

Senior Network Security Engineer

USPTO
02.2012 - 08.2013
  • Security Operations Center (SOC):
  • Tools: QRadar(SIEM), HP OpenView – Threat detection
  • Troubleshooting and incident response – Threat neutralizing
  • Internal & External Security Audits - Exposed system vulnerabilities
  • Network Operations - DNS (Bind & Microsoft) VLAN, OSPF, Port Security, VOIP, VPN
  • WAN Optimization (Riverbed) ACS, NAC, NCS (WiFi) Cisco, F5, Juniper, & Riverbed & IPv4
  • Project Mgmt: Planning and guiding the team & Before and Aftermath deployment
  • Issue Escalations: Outages, IOS bug fixes, Vendor's Support, issuing RCA
  • Authored security and vulnerability reports, detailing logged incursions and suggesting remediation efforts.
  • Designed standardized incident logging system to track historical incursions while helping prevent future breaches.
  • Liaised with stakeholders to define and document design requirements.

Senior Network Engineer

L3 Communication, MPRI
09.2008 - 02.2012
  • WAN support (20 remote sites with 3500 nodes - MPLS/VPN clouds)
  • Designing (Visio Tool), implementing, and trouble-shooting modern networks:
  • Routing: Static/RIP/OSPF/BGP Ethernet/Fiber/ATM/Frame-Relay/T1/T3
  • Firewalls/DMZ/VPN/IDP:, EdgeX, SSL VPN, PIX, ASA, VPN 3000, Juniper IDP 250
  • Checkpoint R65/R70: Rules, Object, Upgrades, & Auth integration (RSA/CISCO)
  • Re-architect network segments - (LAN/WAN/WLAN/Firewalls/DMZ)
  • Router 1800, 2611, 2800, 3800 - VOIP – QOS (Installs – Upgrades – Security Patching)
  • Switches 3560, 6502 – VLAN/Trunking - (Filter)/STP/Port Secuirty/Etherchannel/HSRP
  • VoIP: ShoreTel 8.0/11 – Managed Upgrades/Site rollouts/Administration System
  • DNS, DHCP, Multi-site Active Directory 2003/2008 environments & – Managed VMs
  • RSA 6.1 & 7.1 – Deployed/Migrated/Admin - Checkpoint PointSec – Disk encryption
  • Planned and implemented effective disaster recovery and business continuity solutions.
  • Built and improved network documentation and training procedures to lead successful team completing high-quality work.
  • Established and monitored key performance metrics to verify consistent compliance with important networking standards.
  • Configured, tested and maintained LAN/WAN components and connections.
  • Analyzed existing network and application architectures, presenting findings on possible enhancements and improvements to senior decision-makers.
  • Improved network operation by incorporating new technologies into existing designs.
  • Installed and configured network security solutions such as VPNs, Firewalls and intrusion detections and mitigation tools.
  • Managed purchasing and installation of networking equipment such as core routers and switches.
  • Recommended network security standards and upgrades to management.
  • Led planning and technical design activities for routine operations and special projects.
  • Implemented scalable, efficient and cost-effective network automation framework.
  • Protected company assets and users with effective firewall solutions and strict security protocols.
  • Backed up support desk team to handle user problems and technical concerns.
  • Oversaw company's entire network and related policies covering use, maintenance and infrastructure.
  • Monitored network activities to quickly detect and resolve operational and security issues.
  • Liaised with dispatch personnel to optimize skill distribution and minimize service lag times through careful engineering triage.
  • Employed strong team management and task prioritization skills to streamline project turnaround times and meet tight deadlines.
  • Performed troubleshooting for ,Cisco, and packet analysis.
  • Provided complete end-to-end engineering and installation of route-based IP network solutions.
  • Provided detailed network diagrams and procedural guidelines.
  • Recommended options for disaster recovery and remote access security.
  • Troubleshot complex multi-vendor network service provider issues.
  • Established robust infrastructure and data capacity for new applications.
  • Managed, tracked, and coordinated problem resolution and escalation processes.
  • Monitored network capacity and performance to diagnose and resolve complex network problems.
  • Collaborated with vendors to identify best options for optimizing network performance.
  • Configured and troubleshot VoIP and multi-media distributed systems and platforms.
  • Assisted with implementation and support of network monitoring tools.

Senior Network Administrator

AMERICON LLC
02.2002 - 09.2008
  • Established network specifications and analyzed workflow, access, information and security requirements.
  • Implemented corrective plans of action for network availability and latency.
  • Troubleshot network problems and escalated problems to vendor.
  • Upgraded network by conferring with vendors and developed, tested, evaluated and installed enhancements.
  • Installed, configured and supported local area network (LAN), wide area network (WAN) and Internet system.

Network Security Consultant

ArrowTop
02.2001 - 02.2002
  • Internal & External Security Audits - Exposed system vulnerabilities
  • Technical reviews and suggestions - Installed and administered Radius/RSA Server
  • Check Point Firewall 2000 on NT, Nokia & Solaris platforms:
  • DMZ from scratch on NT and Nokia platforms Static - Policy Management
  • VPN: (site-to-site & client-to-site) / HA for Nokia boxes (VRRP) Enable/Disable Ports
  • Delivered outstanding service to clients to maintain and extend relationship for future business opportunities.
  • Analyzed problematic areas to provide recommendations and solutions.
  • Liaised with customers, management, and sales team to better understand customer needs and recommend appropriate solutions.
  • Managed multiple deadlines across several businesses to meet dynamic needs of multiple clients.
  • Created and developed detailed work plans to meet business priorities and deadlines.
  • Supported clients with business analysis, documentation, and data modeling.

System Administrator

HALL, DICKLER, KENT FRIEDMAN & WOOD LLP
04.1997 - 01.2001
  • System Admin (SA) - NT/AV/Backup Server Support/ Firewall Admin (Raptor 6.0)
  • Worked with users to determine areas of technology in need of improved usability.
  • Installed important security and functionality patches to maintain optimal protections against intrusion and system reliability.
  • Monitored temperature and power draw to immediately detect faults and failures.
  • Served as subject matter expert on proposed technology purchases.

Desktop Support

Leboeuf, Lamb, Greene, & MacRae LLP
02.1995 - 03.1997
  • Installed new or upgraded hardware and software and coordinated installation and follow-up with user to achieve customer satisfaction.
  • Maintained inventory of installed desktop hardware and software components to keep records accurate and updated.
  • Troubleshot potential problems and eliminated before issues escalated or cascaded.
  • Documented and updated known fixes in knowledge base for future reference.
  • Analyzed issues to identify troubleshooting methods needed for quick remediation.

Education

Bachelor of Science - Management Information Systems

Touro College
New York, NY
08.2000

Skills

  • SUMMARY:
  • WAN: Optimization (Riverbed), Ethernet/Fiber/ATM/Frame-Relay/T1/T3/MPLS/DDOS
  • LAN: Routers: 1800, 2611, 2800, 3800, Switches: 6500, Nexus 5k & 7K, Arista 70xx/CVP
  • Routing: Static/RIP/EIGRP/OSPF/BGP
  • VPN: Checkpoint R65/70/75/EdgeX, ASA5520, PIX515, Netscreen 100, Cisco VPN3000
  • Firewalls/Tools: ASA55xx, Checkpoint R65-77, PaloAlto PAN-OS 8/9, Tufin, Imperva WAF
  • Cloud: Azure and AWS
  • End Protection: Checkpoint Pointsec
  • IDS/IPS: Juniper IDP200, Firepower/Sourcefire
  • Loadbalancer/Proxy: F5 LTM/GTM / Websense, Bluecoat, Zscaler
  • SIEM & Compliance: Rapid7, Splunk, QRadar, NetAuditor, Gigamon
  • Authentication: RSA 61 & 71, ISE, ACS, NAC
  • Management/Monitoring: HP Open View, Remedy, What’s up Gold/SolarWinds, QIP
  • Tools: Visio, FW Monitor, Wireshark, RSA SA, NetAuditor(Riverbed), Ansible
  • Compliance/Controls: CIS/FedRAMP/NIST 800-53 rv5
  • Risk Management: Rapid7, Tenable SC
  • Scripting: python, regex

Certification

- ECSA v8 EC-Council Certified Security Analyst #ECC01641126367

- ITIL v3 Foundation

- CCNP v.6 Cisco Certified Network Professional #CSCO10151547

- CompTIA Security+ (SY0-301) #COMP001020370796

- CCIE 360-001 R&S Written #CSCO10151547

- Checkpoint Certified System Engineer (CCSE NGX R65) # CP0000062448

- Microsoft Certified Engineer W2K MSCE #101406020

- Checkpoint Certified System Engineer (CCSE 2000)

- Intranet Ware 4.11 Certified Novell Engineer (CNE)

Timeline

Security Engineer

Departement of Commerce
06.2023 - Current

Security Engineer

Rapid Finance
06.2021 - 03.2023

Tech Lead/SME – Network Security Engineer

Freddie Mac
08.2013 - 06.2021

Senior Network Security Engineer

USPTO
02.2012 - 08.2013

Senior Network Engineer

L3 Communication, MPRI
09.2008 - 02.2012

Senior Network Administrator

AMERICON LLC
02.2002 - 09.2008

Network Security Consultant

ArrowTop
02.2001 - 02.2002

System Administrator

HALL, DICKLER, KENT FRIEDMAN & WOOD LLP
04.1997 - 01.2001

Desktop Support

Leboeuf, Lamb, Greene, & MacRae LLP
02.1995 - 03.1997

Bachelor of Science - Management Information Systems

Touro College

Similar Profiles

  • Ivana Ninkovic

    Ivana NinkovicIvana Ninkovic

    Accounting Assistant at Kanton Aargau, Departement Gesundheit und SozialesAccounting Assistant at Kanton Aargau, Departement Gesundheit und Soziales

  • Els Bogemans

    Els BogemansEls Bogemans

    Praktijkdocent at HoGent Departement OmgevingPraktijkdocent at HoGent Departement Omgeving

  • Michelle Wu

    Michelle WuMichelle Wu

    China Galaxy Securities Co,Ltd. Zhongshan Branch at Intern of the Wealth Management Departement and thChina Galaxy Securities Co,Ltd. Zhongshan Branch at Intern of the Wealth Management Departement and th

  • Blair Lalor

    Blair LalorBlair Lalor

    Administrative Assistant at Palm Beach Soccer AcademyAdministrative Assistant at Palm Beach Soccer Academy

  • Jae'la Rowles

    Jae'la RowlesJae'la Rowles

    Administrative Support Assistant at United States Marshals ServiceAdministrative Support Assistant at United States Marshals Service

CREATE PROFILE
OLEG NENOV