Utilized Cisco Firepower Management Center (NGFW) and Windows GPO to efficiently manage firewall rulesets inside Cisco ASA (SFR), including investigating and implementing new rules for enhanced security management inside the Purdue Model Network scheme.

Led efforts to reorganize a server room, tracking all cables and assets, and moving them into new, larger racks to improve infrastructure management and efficiency.

Led the procurement of a new management and inventory tracking system for cyber assets, streamlining asset management and reducing deployment times for special equipment.

Deployed network and asset monitoring solutions to enhance visibility and optimize the management of network assets (PRTG / OPC UA Server).

Monitored and investigated network alerts through SIEM (Tripwire).

Conducted vulnerability scanning and documentation for new assets introduced into the network.

Managed Active Directory users inside of Industrial Control LAN including implementation of GPOs to restrict access.

Executed the deployment of Trend Micro Apex One agents to fortify endpoints within ICS and DMZ networks.

Gathered and documented evidence to ensure compliance with NERC CIP regulations within the IT infrastructure, ensuring a robust audit trail.

Contributed in the implementation of Dragos inside of Control and DMZ networks found in the Purdue Model.

Designed a secure pathway to remotely execute code between two networks utilizing JEA (Just Enough Administration) for PowerShell, ensuring that strict network segmentation is maintained.

Collaborated in backup management processes, documentation, and disaster recovery initiatives to ensure comprehensive data protection and business continuity (Veeam).

Directed vendor interactions and authored scopes of work for effective project delivery.

NERC CIP 007-6 (Physical and Logical Port Security): Creation of firewall rulesets to only needed traffic to pass through.

Port analysis on critical infrastructure to develop rulesets to harden security

NERC CIP 010-3 (Configuration Change Management, Baselines): Followed procedures for applying changes to systems with authorization from necessary members of team.

Implementation of 2FA (DUO) on end point devices for whole company

Tools: Windows Firewall, Active Directory, Group Policy, PDQ Deploy, PowerShell, Event Viewer

VPN / Site-to-site VPN Implementation (OpenVPN / Synology VPN)

Multi-site NVR setup for surveillance

Backup Implementation for Home use and also for small office (Active Backup for Business)

File Management System (Synology Drive)

Tesla Powerwall information display (Grafana, Docker, Telegraf, influxdb)

https://www.paatrick.com

Created online resume using HTML and CSS. Hosted on AWS S3 and delivered via AWS CloudFront. AWS Route 53 used for domain name.

Secured with HTTPS. Redirects HTTP requests to HTTPS site.

Website visits counter created with AWS DynamoDB, AWS Lambda, AWS API Gateway and JavaScript.