Profiles search
John Keeton
Sr. Lead Information Security Engineer at Lumen Technologies
Lake Saint Louis, MO, United States
Details
Experience:
Technical lead on corporate firewall security team responsible for engineering, design, and 3rd level support for operations team.
2019 : Present
Lumen Technologies
Sr. Lead Information Security Engineer
• Technical Lead and manager of a team of Security Engineers responsible daily support, monitoring, design, and architecture of managed hosting security environment.
• Partner with network and application design teams on emerging technologies for most secure design while not overly burdening security requirements.
• Collaborated with auditors to ensure we maintain PCI-DSS and SOX audit compliance as required by some customers.
• Provide guidance and technical leadership to support all daily aspects of CheckPoint firewalls segmenting internal production management LAN and customer environments.
• Mentor junior members of team to offer guidance, career coaching, and advice to help strengthen and develop their skills.
2017 : 2019
Lumen Technologies
Sr. Manager
• Technical lead responsible for design, engineering, and architecture for the managed hosting security area while coordinating with network architects.
• Lead Security Engineer on effort to redesign international multi-site (75+) connectivity from point to point links to MPLS cloud to reduce customer impacts of outages on management LAN.
• Participated in the hiring process of junior members on the team by evaluating their past experience in relation to the position requirements.
• Maintained CheckPoint VSX firewalls and Multidomain Manager / Provider-1 for private cloud hosting environment. Determined appropriate software code levels for CheckPoint firewalls, partnered with the vendor to determine upgrade path, and worked with operations to deploy.
• Owned and maintained the virtual Cisco ASA firewalls separating corporate and customer networks while mentoring junior members of the team on the configuration and support.
• Performed troubleshooting for application and network issues throughout all 7 layers of the network stack utilizing various tools including tcpdump, wireshark, fw monitor, etc.
• Developed and maintained effective communications with various areas to fully document and establish procedures for devices in scope of responsibility.
• Engineered and implemented IPsec VPN connections between corporate network and public cloud based customer facing portal to allow rapid development of product feature team.
• Influenced others by being the focal point with network architects for dynamic routing (BGP/OSPF) between security and network devices running on Cisco and Juniper on global network.
2015 : 2017
Lumen Technologies
Sr. Lead Engineer
• Technical Lead on emerging Threat and Vulnerability Management team.
• Researched and implemented new technologies and policies to ensure firm security.
• Developed and implemented a processes for vulnerability scanning in addition to partnering with application owners for mitigation of vulnerabilities.
• Provided direction and technical leadership of a 7-person team primarily responsible for daily support and design for Firewalls, Intrusion Protection System for 12,000+ remote locations. Team also responsible for Layer 7 Web Application Firewall, Proxy Servers, and Security Event and Incident Management.
• Managed, designed and implemented a $1.5M effort to implement new perimeter hardware for 8 environments. The effort also included developing requirements, partnering with management to obtain approval, and implementing a cross training plan for other members of the team to prevent single point of knowledge.
• Appointed Technical Lead responsible for the successful conversion of 12,000 remote locations from MLPS to public IPSEC VPN connectivity. The effort included researching solutions, identifying requirements, constructing the architectural design, assembling a proof of concept, and generating performance testing.
• Represented the Security Department while successfully implementing the IPv6 effort. Provided research, designed a solution and implemented the project in development and QA labs. The effort found many systems that needed upgrades to support IPv6 and laid groundwork for future IPv6 deployment in production.
2000 : 2015
Edward Jones
Technical Consultant
• Member of 6 administrator team responsible for 45 Sun Solaris servers ensuring availability of corporate website, application and database servers, as well as back end connections to AS/400’s. Other team functions included system maintenance for data mining group.
• Participated in project to evaluate hardware and software to replace green mono-color terminals at branches with graphical terminals.
2000 : 2000
Enterprise Rent-A-Car
Unix System Administrator
2019 : Present
Lumen Technologies
Sr. Lead Information Security Engineer
• Technical Lead and manager of a team of Security Engineers responsible daily support, monitoring, design, and architecture of managed hosting security environment.
• Partner with network and application design teams on emerging technologies for most secure design while not overly burdening security requirements.
• Collaborated with auditors to ensure we maintain PCI-DSS and SOX audit compliance as required by some customers.
• Provide guidance and technical leadership to support all daily aspects of CheckPoint firewalls segmenting internal production management LAN and customer environments.
• Mentor junior members of team to offer guidance, career coaching, and advice to help strengthen and develop their skills.
2017 : 2019
Lumen Technologies
Sr. Manager
• Technical lead responsible for design, engineering, and architecture for the managed hosting security area while coordinating with network architects.
• Lead Security Engineer on effort to redesign international multi-site (75+) connectivity from point to point links to MPLS cloud to reduce customer impacts of outages on management LAN.
• Participated in the hiring process of junior members on the team by evaluating their past experience in relation to the position requirements.
• Maintained CheckPoint VSX firewalls and Multidomain Manager / Provider-1 for private cloud hosting environment. Determined appropriate software code levels for CheckPoint firewalls, partnered with the vendor to determine upgrade path, and worked with operations to deploy.
• Owned and maintained the virtual Cisco ASA firewalls separating corporate and customer networks while mentoring junior members of the team on the configuration and support.
• Performed troubleshooting for application and network issues throughout all 7 layers of the network stack utilizing various tools including tcpdump, wireshark, fw monitor, etc.
• Developed and maintained effective communications with various areas to fully document and establish procedures for devices in scope of responsibility.
• Engineered and implemented IPsec VPN connections between corporate network and public cloud based customer facing portal to allow rapid development of product feature team.
• Influenced others by being the focal point with network architects for dynamic routing (BGP/OSPF) between security and network devices running on Cisco and Juniper on global network.
2015 : 2017
Lumen Technologies
Sr. Lead Engineer
• Technical Lead on emerging Threat and Vulnerability Management team.
• Researched and implemented new technologies and policies to ensure firm security.
• Developed and implemented a processes for vulnerability scanning in addition to partnering with application owners for mitigation of vulnerabilities.
• Provided direction and technical leadership of a 7-person team primarily responsible for daily support and design for Firewalls, Intrusion Protection System for 12,000+ remote locations. Team also responsible for Layer 7 Web Application Firewall, Proxy Servers, and Security Event and Incident Management.
• Managed, designed and implemented a $1.5M effort to implement new perimeter hardware for 8 environments. The effort also included developing requirements, partnering with management to obtain approval, and implementing a cross training plan for other members of the team to prevent single point of knowledge.
• Appointed Technical Lead responsible for the successful conversion of 12,000 remote locations from MLPS to public IPSEC VPN connectivity. The effort included researching solutions, identifying requirements, constructing the architectural design, assembling a proof of concept, and generating performance testing.
• Represented the Security Department while successfully implementing the IPv6 effort. Provided research, designed a solution and implemented the project in development and QA labs. The effort found many systems that needed upgrades to support IPv6 and laid groundwork for future IPv6 deployment in production.
2000 : 2015
Edward Jones
Technical Consultant
• Member of 6 administrator team responsible for 45 Sun Solaris servers ensuring availability of corporate website, application and database servers, as well as back end connections to AS/400’s. Other team functions included system maintenance for data mining group.
• Participated in project to evaluate hardware and software to replace green mono-color terminals at branches with graphical terminals.
2000 : 2000
Enterprise Rent-A-Car
Unix System Administrator
Company:
Lumen Technologies
About
Senior Information Technology professional for nearly 20 years, focusing on security for past 15 years. My background ranges from operations, support, design, architecture, risk aversion and mitigation. I have a strong background in Unix systems and Networking and utilizing best processes and techniques to keep networks secure.
I am knowledgeable in not only the technical aspects of the field, but also the requirements needed for developing business plans to get senior leadership buy off and sponsorship of strategic initiatives as well as training and mentoring of Junior members to develop them.
Key technology areas of focus are:
Security, Networking, Threat Protection, Vulnerability Management, Firewalls, Routers, Linux Systems, Palo Alto firewalls, Check Point firewalls, Cisco Routers, Vulnerability assessment tools such as Tenable, Nessus, Kali, IPS, Vmware, Perl, Bash, IPv4 and IPv6
Profile Photo
