Scott Wedekind, Developer in Rexburg, ID, United States
Scott is available for hire
Hire Scott

Scott Wedekind

Verified Expert  in Engineering

IT Network and Security Developer

Rexburg, ID, United States

Toptal member since January 4, 2023

Bio

Scott is an IT network and security professional experienced in client-facing consulting and security services. Specialized in network security architecture and implementation, including security strategy, LAN and WAN design, firewall, endpoint security, and network management, he is known for his ability to translate complex information for non-technical audiences. Scott is a dedicated leader who uses business-driven security practices to maximize business effectiveness and minimize risk.

Portfolio

Cyderes (formerly Fishtech Group)
Firewalls, Endpoint Security, Risk Assessment, FortiGate...
Steven Douglas Associates
Check Point, Firewalls
IBM Global Business Services
Check Point, Cisco, ASA, VMware NSX, FortiGate, Juniper...

Experience

  • Networking - 20 years
  • Network Security - 18 years
  • Security - 18 years
  • Network Architecture - 18 years
  • Firewalls - 18 years
  • Visio - 12 years
  • Microsoft Visio - 12 years
  • Microsoft Office - 12 years

Availability

Part-time

Preferred Environment

Firewalls, Networking, Endpoint Security, SD-WAN, VPN, IPsec, Implementation, Operations, Client-side

The most amazing...

...projects I've delivered have required my ability to quickly learn new technologies like CrowdStrike, SRX, and Blue Coat to fulfill the customers' needs.

Work Experience

Security Consultant

2019 - 2022
Cyderes (formerly Fishtech Group)
  • Designed and deployed firewall implementations, endpoint security systems, and firewall logging and monitoring systems for Fortune 100 clients.
  • Deployed, implemented, and migrated Fortinet products, such as FortiGate, FortiManager, FortiAnalyzer, and FortiSwitch, for multiple clients.
  • Managed and executed Check Point operating system upgrades. Additionally, provided leadership and mentoring support to colleagues during the required upgrades.
  • Performed firewall rule reviews and audits, including risk analysis, assessment, and evaluation of high-risk, non-compliant firewall rules as large as 151 firewalls and over 30,000 policy rules using Tufin or Firemon.
  • Ran architectural and security audits and reviews and provided pre-sales support and SOW development.
  • Developed architectural and design recommendations like High-Level Design and provided implementation guidance and operational support for client deployments.
  • Created client documentation such as diagrams, build books, device health check reviews, best practices, and other operations guides.
Technologies: Firewalls, Endpoint Security, Risk Assessment, FortiGate, Fortinet Firewall Configuration, FortiManager, FortiAnalyzer, Check Point, CrowdStrike, Endpoint Detection and Response (EDR), Netskope

Network Security Engineer

2018 - 2019
Steven Douglas Associates
  • Created, modified, and deployed firewall rules requests and provided daily operational support on Check Point firewalls and 64,000 chassis.
  • Performed firewall troubleshooting and problem resolution.
  • Helped resolve architecture and configuration gaps and assisted with developing a firewall tuning recommendations document.
Technologies: Check Point, Firewalls

Network Security Engineer

2014 - 2018
IBM Global Business Services
  • Delivered firewall and security support for IBM GBS Federal Infrastructure Managed Services (FIMS) group providing secure IAAS (AWS-type) hosting for 30 US government agencies and its vendors.
  • Deployed new Check Point firewalls to support the new software-defined network infrastructure with OSPF routing and migrated the existing firewall rules and multiple IPSec VPNs, deploying a new client remote access platform.
  • Configured, installed, and maintained firewalls with Check Point, Juniper SRX, and Cisco ASA, supporting new client-dedicated environments.
  • Analyzed and cleaned up legacy firewall policies of 22 ASA and six NetScreen by deleting unused objects, consolidating similar rules, and removing unnecessary or obsolete rules.
  • Supported daily operations for multiple locations and clients, including firewall rule changes with Check Point, ASA, and FortiGate, problem determination, resolution and troubleshooting, audit remediation, and documentation, like network diagrams.
Technologies: Check Point, ASA, Cisco, VMware NSX, FortiGate, Juniper, Fortinet Firewall Configuration, Firewalls

Security Engineer

2009 - 2014
First Data Corporation (acquired by Fiserv)
  • Defined, developed, and executed a plan that replaced the entire Blue Coat proxy production infrastructure–18 new proxies in nine different environments.
  • Implemented rule requests on Check Point, Cisco, and NetScreen firewalls for daily operations support and critical, high-profile projects.
  • Developed and delivered training for NOC technicians to provide first-level troubleshooting support, freeing up valuable security engineer resources.
Technologies: Check Point, ASA, Cisco, Proxies, Firewalls

Fortinet Greenfield Project

The client needed assistance with the migration of their headquarters (HQ) and main campus facilities, their outsourced primary and disaster recovery data centers, and several branch locations to Fortinet firewalls, switches, and wireless access points. The new infrastructure replaced the client's existing one, which consisted of a pair of SonicWall firewalls at their HQ main campus with Cisco switches and routers serving their branch locations. The connectivity between locations was a mix of MPLS circuits and IPsec VPNs.

As a senior Fortinet consultant, I oversaw and managed the deployment of the new architecture, which consisted of the following:
• Two FortiGates in high-availability (HA) mode, six FortiAPs, and three FortiSwitches at the HQ main campus.
• Each branch location had one FortiGate (no HA), one FortiAP, and one FortiSwitch.
• The primary Data Center used two FortiGates in HA mode, two FortiSwitches, and no FortiAPs.
• The secondary Data Center had only one FortiGate (no HA) with no FortiSwitches or FortiAPs.
• FortiManager and FortiAnalyzer.
• Redundant Hub-and-Spoke SD-WAN connectivity.
• Guest WiFi access at the HQ main campus and branch offices.
• Expanded employee remote access using the FortiClient endpoint.

CrowdStrike Endpoint Design and Deployment

This project was developed for a large pharmaceutical company; it was global in scope and was initially deployed to approximately 1,200 devices, eventually expanding to an estimated 33,000 servers and employee workstations.
I created the high-level design (HLD) document and oversaw its implementation. While other internal groups deployed the CrowdStrike sensor to the hosts and devices, I built and implemented the different policies and host groups to be used by the end devices.
AUGUST 2022 - AUGUST 2024

Palo Alto Networks Systems Engineer (PSE) – Foundation

Palo Alto Networks

MAY 2022 - MAY 2024

Netskope Security Cloud Implementation and Integration (NSCI&I)

Netskope

MARCH 2022 - MARCH 2024

Fortinet NSE 3: Network Security Associate

Fortinet

FEBRUARY 2022 - FEBRUARY 2024

Netskope Security Cloud Operation and Administration (NSCO&A)

Netskope

OCTOBER 2021 - OCTOBER 2023

Tufin Certified Security Expert (TCSE)

Tufin

MAY 2021 - PRESENT

Akamai Bot Manager Advanced

Akamai University

MAY 2021 - PRESENT

Akamai Bot Manager Foundations

Akamai University

JULY 2020 - JULY 2023

Zscaler Certified Cloud Administrator – Internet Access (ZCCA-IA)

Zscaler

MAY 2006 - PRESENT

Certified Information Systems Security Professional (CISSP)

Information System Security Certification Consortium (ISC)²

Tools

VPN, Microsoft Visio, Visio

Industry Expertise

Network Security

Languages

Python

Paradigms

Change Management

Platforms

CrowdStrike, Netskope

Other

Firewalls, Networking, Risk Assessment, Security, Endpoint Security, Network Architecture, Proxies, Microsoft Office, Check Point, VMware NSX, FortiGate, Juniper, Fortinet Firewall Configuration, FortiManager, FortiAnalyzer, Endpoint Detection and Response (EDR), SD-WAN, IPsec, FortiSwitch, FortiAP, Troubleshooting, Implementation, Operations, Client-side, Cloud Access Security Broker (CASB), Bots, Orchestration, IT Automation, Cisco, ASA

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring