Craig Engelbrecht's Cloud Network Security Engineer Resume'

Professional Experience

Lumen Technologies INC, Oct 2019 – Present

Configured and managed troubleshooting of new firewalls during hardware refresh initiative, handling various bugs which arose and facilitating communications between customer and vendor.
Trained a new team of six engineers on day-to-day operations during the standup of the SLED SOC, mentoring junior and senior engineers to ensure their familiarity with system and process management using the various security tools at our disposal.
Spearheaded the daily operations management of HA Fortigate chassis clusters, responsible for providing internet service and NGFW UTM tools to the entire Commonwealth of Pennsylvania.
Developed a test lab environment with ProxMox virtualization, replicating production Fortigate setups for testing such as firmware upgrades, use-case evaluations, object management, syntax validation, and debugging.
Handled the configuration and management of network security devices, including firewalls, intrusion detection/prevention systems, and virtual private networks (VPNs).
Addressed layer 2 and layer 3 connectivity issues; BGP configurations; managed UTM features including web filter and IPS configurations such as custom categorizations and signatures.
Created comprehensive technical documentation, produced standardized templates for common tasks, and initiated process improvement projects to optimize firewall configurations.
Monitored and fine-tuned Zabbix and Splunk alerts, enhancing threat detection while significantly reducing false positives.

Secure Cyber Defense, May 2017 – July 2019

Conducted security assessments with Tenable Nessus, identifying vulnerabilities and offering solutions to mitigate security risks.
Architected and executed networking and security solutions for a diverse client base, fortifying critical communications for clients across the Health, Finance, Manufacturing, and Government sectors.
Resolved layer 2 and layer 3 connectivity issues, crafted VPNs, tailored firewall policies, and fortified security profiles.
Installed and tuned a multi-tenant FortiMail device for an email filtering solution, paired with FortiSandbox for advanced threat detection and malware scanning.
Performed comprehensive network security audits for a range of customers and partner agencies in a variety of different verticals using Tenable Nessus scans and endpoint security programs, combined with manual review.
Analyzed network traffic patterns to discern ordinary from anomalous behavior, leading to fine-tuning of IDS/IPS systems in our FortiAnalyzer, FortiSIEM, and AlienVault.
Managed network security devices, including firewalls, intrusion detection/prevention systems, and VPNs.
Trained new analysts and security engineers on security systems and internal procedures.
Developed communications standards and ticket update templates to simplify and expedite information gathering and troubleshooting processes.

United States Air Force (USAF), March 2011 - September 2014

Provisioned secure cross-domain links for squadron networks, fortifying the Department of Defense (DoD) against cyber threats, safeguarding a multi-billion dollar infrastructure.
Conducted rigorous inspections and certifications of hardware intended for classified environments; documented hardware renewals and destructions. Provided audits and accountability for COMSEC materials for the squadron.
Meticulously reviewed and archived security audit logs from a variety of systems, assuring the security of 47 DGS-2 networks against intrusion and insider threats.