Jason Jiang
Toronto,ON
Summary
Seasoned Senior Security Consultant/Director with a proven track record at IBM and Telus, adept in deploying and managing advanced security solutions including Palo Alto Networks and Fortinet firewalls. Demonstrates exceptional leadership in guiding teams towards achieving robust cloud security postures and excels in strategic planning and implementation of complex routing solutions. Showcases a unique blend of technical expertise and strategic vision in enhancing organizational security frameworks.
Overview
20
20
years of professional experience
Work History
Senior Security Consultant /Director
Triple-stone Network Inc.
06.2009 - Current
- As a senior Firewall and cloud engineer, I have gained extensive experience in network security and cloud infrastructure
- I hold numerous professional network security certifications from leading vendors such as Cisco, Palo Alto Networks, Fortinet, Check Point, Amazon, Microsoft Azure, and Juniper
- In my role, I have designed, implemented, and maintained robust cloud-based solutions using AWS, Azure, and GCP
- My responsibilities included implementing security controls and best practices for cloud environments, analyzing new cloud technologies and services, and serving as a cloud security and Palo Alto,Cisco Firepower,Fortinet/Fortigate subject matter expert
- I have collaborated with stakeholders to present solutions within business units and infrastructure teams
- Additionally, I have performed the integration of Firewalls and Web Filtering products into a Managed Services environment, including SNMP tools and SIEM
- My expertise extends to designing, implementing, and integrating resilient and scalable cloud environments to meet business security requirements and address corporate risks
- I provide technical security expertise, communicate security architectural decisions, and facilitate the management of residual risk with application teams
- Planned, designed, and implemented complicated BGP and OSPF routing solutions on Cisco and Palo Alto Networks firewalls
- Implement virtual firewall management policies and templates in Palo Alto Networks PA-7k Series
- Implement Fortimanager, Forti fabric, Fortiswitch, Fortigate firewall and Forti Analyzier
- Install the Identity service
- Engine Solution across several data centers, 8 ISE servers
- Deploy Cisco firepower FTD 2100/4100 firewall and FMC firepower management server
- Deploy Azure cloud and integrate cloud Intune with on premise Cisco ISE server
- Deploy Palo Alto Networks Prisma access (SASE) Solution
- Cloud and Virtualization: Azure, AWS, virtual machines, VPS, Prisma access and cloud environment management
- Security and Compliance: CIS, NIST, DLP, IPS, cloud security posture management, IAM, endpoint security, EDR systems, and AAA, SIEM integration, FortiAnalyzer, Security Fabric rating
- Firewall Management: Cisco FTD, Firepower management center,Palo Alto Networks, panorama firewall management center, Fortigate firewall, Fortimanager,Forticloud, web url filtering, content filtering, and email filtering, SSL decryption
- Network Engineering: OSPF, BGP, Cisco ISE, Cisco ACS, site-to-site VPN, remote VPN, and network design and implementation
- Support large enterprise customers and migrate multiple firewalls between Fortinet, Cisco , Check Point t and Palo Alto Networks
- Deploy Prisma access SASE solution with 5 cloud center around the world
- Design and configure geo-defencing with Azure Active Directory and Cisco Secure Firewall Anyconnect VPN, limiting distant VPNs by country
- Implement Palo alto network firewall in Azure, configure Azure firewall and s2s vpn
- Implemented Checkpoint cloud Guard posture compliance check solution, check point cloud guard, protect customer’s multi-cloud environment against known and unforeseen hazards
- Integrated MDM, Posture, Profiling , and anyconnect vpn to ISE solution for large enterprise client
- Deploy and implement the email protection solution in the VMware environment
- Deploy 6 Shared virtual email security appliances, centralizing email message tracking and centralized report, centralized spam portal across Canada
- Implement Firemon/tufin/AIOPS on-going reporting for firewall policy optimization
Network/Firewall Engineer
IBM
Toronto
01.2005 - 06.2009
- As a subject matter expert, I have been deeply involved in requirements gathering, design, implementation, configuration, integration, and tuning of security appliances and software, leveraging Web/Email Filtering, Firewall, and Advanced Threat Protection technologies, routing and switching
- I have architected, designed, implemented, and supported complex security solutions end-to-end, managing the planning, engineering, and cutover phases for projects tailored to managed customers
- My role required resolving diverse and complex problems, often involving new or previously un-encountered issues
- I consulted with customers to address their unique security needs, performed system evaluations, tuning, optimization, and configured, installed, and integrated security technologies within customer environments
- Additionally, I delivered coaching and training, learning, and development by delivering technical briefs and presentations
- I oversaw and reviewed work products, including plans, methodologies, technical and process documents, and delivered comprehensive reports and status updates
- My responsibilities also included researching existing and potential vulnerabilities to determine false positives, assess potential risks, predict possible outcomes, and recommend effective mitigation strategies
- Implement BGP/OSPF routing in large data-center environment
- Designed and implemented a major Canadian financial company Firewall Migrate projects, Migrated 20 CheckPoint/Nokia firewalls from the CheckPoint R55 NG AI to CheckPoint R65 NGX
- Build IBM Commercial hosting service (CHS) network Data center from scratch
- Installed and configured Cisco Catalyst 6509/6506 core switches,7206/3845/2825 routers, 3560G/2960G /2948G access switches with high resilient and secure LAN/WAN technology, including Ethernet Channel, Trunk, MST, HSRP, Private/community-VLAN, MLS, Port-security, Policy based routing, Dual-homed OSPF/BGP to ISP with traffic load sharing policy ,thus greatly increasing the scalability and resilience of the network
- Configured and implemented a comprehensive security solution (FW, IPS, VPN and Vulnerability Management) for a large Financial customer
- Deploy high-end Cisco firewall HA in datacenter
- Deploy email security solution for government customers, Include 6 nodes and 100 domains
- Government firewall migration, including complex policy conversion on over 5000 rules
- Configured and implemented a large multi device FW/Site-to-Site VPN solution, include 75 location
- Configured and implemented a large scale Site-to-Site VPN solution for 85 remote sites across the country for a warehouse demonstration company
- Integrated the wireless solution with intrusion prevention, content filtering, traffic shaping, and remote VPN solution
- Implementation the Anti-virus, web-filtering, and IPS on the Juniper Branch office firewalls
Education
Bachelor of Science - Engineering
Jiangsu University of Science And Technology
Skills
- Palo Alto Networks firewall PA-400
- Palo Alto Networks firewall PA-5200
- Palo Alto Networks firewall PA-3200
- Palo Alto Networks firewall PA-7000
- Cloud posture security Management
- Fortinet Firewall 200F
- Fortinet Firewall 1000F
- Fortinet Firewall 3000F
- Fortinet Firewall 70F
- Cisco Firewall ASA
- Cisco FTD 1100
- Cisco FTD 2100
- Cisco FTD 4100
- Fortimanager
- Cisco Firepower Manager FMC
- Palo alto networks panorama firewall manager
- FortiAnalyzer
- Cloud access security broker (CASB)
- Cisco Scansafe web filtering
- Cisco Umbrella
- Open DNS
- Cisco DUO
- MFA
- Cisco ISE
- Identity service Engine
- Site-to-site VPN
- DMVPN
- Remote VPN
- ZTNA
- CIS/NIST Security framework
- AAA
- Load Balancer
- Routing and Switching
- Check Point CCSA
- Check Point CCSE
- Check Point CCCS
- TippingPoint
- SMS
- QUALYS Vulnerability scanner
- Juniper SRX
- Netscreen Firewall
- MDR/XDR
- IAM
- SIEM
- Zero trust architecture
- Incident response
- Security architecture
- Threat modeling
- Intrusion detection
- Identity management
Timeline
Senior Security Consultant /Director
Triple-stone Network Inc.
06.2009 - Current
Network/Firewall Engineer
IBM
01.2005 - 06.2009
Bachelor of Science - Engineering
Jiangsu University of Science And Technology
Similar Profiles
Jason JiangJason Jiang
Senior Security Consultant /Director at Triple-stone Network Inc.Senior Security Consultant /Director at Triple-stone Network Inc.
Anaya LeonardAnaya Leonard
Administrative Bookkeeper at Stone Network LLCAdministrative Bookkeeper at Stone Network LLC
Jennifer WilliamsonJennifer Williamson
Operations Manager at Triple J Logistics Management/ Triple J Hauling of TexasOperations Manager at Triple J Logistics Management/ Triple J Hauling of Texas
Sinthuja VijayarajSinthuja Vijayaraj
Intern Waitress at Cibo Wine BarIntern Waitress at Cibo Wine Bar
Salman ValimohamedSalman Valimohamed
Project Manager / Social Media Manager at Waveform Entertainment IncProject Manager / Social Media Manager at Waveform Entertainment Inc