Kyle Takeuchi

Senior Network Engineer

More About Me
About

Let me introduce myself.

Profile Picture

My name is Kyle Takeuchi. I am a Network Engineer with a focus on perimeter network appliances including but not limited to firewalls, routers, on prem DDoS mitigation, proxies, and load balancers. I am strive to provide a robust security posture while maintaining an easy environment for a user base to work in.

Profile

I am a network engineer with 5+ years of experience in the financial sector. I am knowledgable in a number of technologies including, but not limited to, F5, firewalls, switches/routers, and proxies.

Skills

Below is a short list of technologies I'm familiar with and the level of expertise I have with each technology.

  • 90%
    CheckPoint
  • 85%
    Palo Alto
  • 70%
    Juniper
  • 95%
    F5 Networks
  • 75%
    Unix Administration
Resume

Career objective.

Obtain a challenging position in the field of Network Engineering or Information Security with a focus on perimeter network appliances including but not limited to firewalls, routers, on premises DDoS mitigation, proxies, and load balancers. I am eager to learn and am in search of a position that provides the opportunity to design, architect, and engineer solutions.

Work Experience

Engineer, Network Engineering

Mar 2017 - Present

Intercontinental Exchange | NYSE

  • Maintain and deploy Pulse Secure VPN infrastructure supporting 5,000+ employees and provided training to various departments to take ownership of end-user support
  • Troubleshoot and deploy F5 infrastructure of 120+ devices, exploring various technical needs related to LTM, APM, and AFM
  • Maintain and deploy a squid proxy infrastructure of 60+ proxies that are utilized for outbound http/https requests from internal servers
  • Maintain and deploy an RSA SecurID infrasturcture for 5,000+ employees, used to authenticate against various services such as remote access tools
  • Maintain, troubleshoot, and deploy a role based SAML authentication infrastructure for authenticating against external services such as ServiceNow, DigiCert, etc.
  • Maintain PKI infrastructure for SSL certificates to offload SSL on the F5
  • Monitor and work an active/fast paced ServiceNow ticket queue providing deliverables and lead times to meet expected SLA’s
  • Maintain and update ACLs on Juniper hardware as needed/requested

Analyst, Network Engineering

Dec 2015 - Feb 2017

Intercontinental Exchange | NYSE

  • Troubleshoot connectivity issues and implement access using firewall rules across both Checkpoint and Palo Alto firewalls
  • Transferred responsibilities of physical security access controls systems (badge access and camera system) to local IT Support teams. This included providing access to all relevant resources and providing the necessary training for the teams to take over the technologies
  • Troubleshoot F5 network connectivity issues and escalate to the appropriate teams when needed
  • Maintain and implemented new SP (Service Provider’s) on our existing SAML IdP (Identity provider) solution, Pulse Secure
  • Transferred responsibilities of our RSA SecurID token infrastructure to our local IT Support teams. This included providing limited admin access to all relevant resources and providing the necessary training for the teams to troubleshoot any token related authentication issues
  • Troubleshoot end user VPN issues on Pulse Connect Secure. Maintained and setup new roles for access to various resources for several teams within the company

Analyst, Information Security

June 2014 - Nov 2015

Intercontinental Exchange | NYSE

  • Assisted in maintaining a positive security model with regard to user web access, utilizing OpenDNS to block most TLDs and whitelist domains as needed
  • Monitor/release quarantined emails via our in-line FireEye deployment
  • Setup our physical access control system using Lenel OnGuard for HID prox badge access
  • Setup our physical access control monitoring system for camera footage for our HQ and remote sites using OnSSI
  • Setup and deployed our RSA SecurID token infrastructure for 5,000+ users and provided training of local IT Support staff for end user support
  • Monitored security related events on our SIEM and responded to any known incidents
  • Setup several alerts in Splunk to notify our group when certain events were triggered, such as too many failed login attempts to our corporate VPN's
  • Assisted in the operational side of upgrading, maintaining, and implementing policy on our on premises Arbor Networks DDoS Mitigation devices
  • Monitored and analyzed logs to correlate security related events

Helpdesk Support Technician

July 2013 - June 2014

1ix Network Solutions

  • Helpdesk phone support - fielded calls from clients nationwide regarding technical issues including, printer/scanner malfunctions, SharePoint permissions, network connectivity, router and switch installation, email setup, etc.
  • Responsible for the relocation shipping department to new warehouse location. Patched computers/printers to various networks/vlans in both the IDF/MDF
  • Migration of several clients from server based network shares to Office 365 SharePoint. Directed meetings and training programs
  • Managed Nortel phone system - setup voicemail, patched over new lines to phone system, reset passwords, etc.
  • Replaced/troubleshoot computer hardware related issues
  • Managed Active Directory and Exchange servers for various clients, performed minor functions including, creating/deleting email addresses, creating/deleting user accounts, resetting passwords, etc.
  • Created basic PHP/HTML based intranet on IIS7 for asset management. Included form fields, linked to Windows SQL server, ensured data integrity with JavaScript. Intranet provided various list views that could be manipulated using various SQL sorting functions
  • Provided remote and onsite backup management using systems such as JungleDisk and Symantec Backup Exec. Provided data recovery from backups due to hard drive failures.

Relevant Projects

Homelab

  • Setup a cluster of Proxmox virtualization servers to provide an environment to learn
  • Core network runs off of a pair of Juniper EX3300’s as well as two PFsense firewalls
  • Segregation of services such as OOB management, DMZ, Internal, Café wifi, Trusted Users, etc. using various methods including vlans and L3 termination on the firewall
  • Run services including several websites behind an HA pair of F5 VE’s
  • Network and server monitoring via Zabbix
  • Run a personal VPN on Pulse Secure using a Juniper MAG2600
  • Maintain an Identity Management solution using FreeIPA
  • Test network automation using Ansible

Education

Bachelor's Degree

2009 - 2013

University of Georgia

Management Information Systems (MIS) Terry College of Business

Certifications

F5 Networks

2018 - 2020

Certified Administrator

  • 101 Application Delivery Fundamentals
  • 201 TMOS Administration
Portfolio

Check Out My Recent Projects.

Below are a handful of recent projects/initiatives I have taken on in my home lab. This is not an all inclusive list of projects I'm currently working on, just some highlights of a few. Each of the below link to my blog where you can find updates on numerous different items.