Scott Wedekind
Verified Expert in Engineering
IT Network and Security Developer
Rexburg, ID, United States
Toptal member since January 4, 2023
Scott is an IT network and security professional experienced in client-facing consulting and security services. Specialized in network security architecture and implementation, including security strategy, LAN and WAN design, firewall, endpoint security, and network management, he is known for his ability to translate complex information for non-technical audiences. Scott is a dedicated leader who uses business-driven security practices to maximize business effectiveness and minimize risk.
Portfolio
Experience
- Networking - 20 years
- Network Security - 18 years
- Security - 18 years
- Network Architecture - 18 years
- Firewalls - 18 years
- Visio - 12 years
- Microsoft Visio - 12 years
- Microsoft Office - 12 years
Availability
Preferred Environment
Firewalls, Networking, Endpoint Security, SD-WAN, VPN, IPsec, Implementation, Operations, Client-side
The most amazing...
...projects I've delivered have required my ability to quickly learn new technologies like CrowdStrike, SRX, and Blue Coat to fulfill the customers' needs.
Work Experience
Security Consultant
Cyderes (formerly Fishtech Group)
- Designed and deployed firewall implementations, endpoint security systems, and firewall logging and monitoring systems for Fortune 100 clients.
- Deployed, implemented, and migrated Fortinet products, such as FortiGate, FortiManager, FortiAnalyzer, and FortiSwitch, for multiple clients.
- Managed and executed Check Point operating system upgrades. Additionally, provided leadership and mentoring support to colleagues during the required upgrades.
- Performed firewall rule reviews and audits, including risk analysis, assessment, and evaluation of high-risk, non-compliant firewall rules as large as 151 firewalls and over 30,000 policy rules using Tufin or Firemon.
- Ran architectural and security audits and reviews and provided pre-sales support and SOW development.
- Developed architectural and design recommendations like High-Level Design and provided implementation guidance and operational support for client deployments.
- Created client documentation such as diagrams, build books, device health check reviews, best practices, and other operations guides.
Network Security Engineer
Steven Douglas Associates
- Created, modified, and deployed firewall rules requests and provided daily operational support on Check Point firewalls and 64,000 chassis.
- Performed firewall troubleshooting and problem resolution.
- Helped resolve architecture and configuration gaps and assisted with developing a firewall tuning recommendations document.
Network Security Engineer
IBM Global Business Services
- Delivered firewall and security support for IBM GBS Federal Infrastructure Managed Services (FIMS) group providing secure IAAS (AWS-type) hosting for 30 US government agencies and its vendors.
- Deployed new Check Point firewalls to support the new software-defined network infrastructure with OSPF routing and migrated the existing firewall rules and multiple IPSec VPNs, deploying a new client remote access platform.
- Configured, installed, and maintained firewalls with Check Point, Juniper SRX, and Cisco ASA, supporting new client-dedicated environments.
- Analyzed and cleaned up legacy firewall policies of 22 ASA and six NetScreen by deleting unused objects, consolidating similar rules, and removing unnecessary or obsolete rules.
- Supported daily operations for multiple locations and clients, including firewall rule changes with Check Point, ASA, and FortiGate, problem determination, resolution and troubleshooting, audit remediation, and documentation, like network diagrams.
Security Engineer
First Data Corporation (acquired by Fiserv)
- Defined, developed, and executed a plan that replaced the entire Blue Coat proxy production infrastructure–18 new proxies in nine different environments.
- Implemented rule requests on Check Point, Cisco, and NetScreen firewalls for daily operations support and critical, high-profile projects.
- Developed and delivered training for NOC technicians to provide first-level troubleshooting support, freeing up valuable security engineer resources.
Experience
Fortinet Greenfield Project
As a senior Fortinet consultant, I oversaw and managed the deployment of the new architecture, which consisted of the following:
• Two FortiGates in high-availability (HA) mode, six FortiAPs, and three FortiSwitches at the HQ main campus.
• Each branch location had one FortiGate (no HA), one FortiAP, and one FortiSwitch.
• The primary Data Center used two FortiGates in HA mode, two FortiSwitches, and no FortiAPs.
• The secondary Data Center had only one FortiGate (no HA) with no FortiSwitches or FortiAPs.
• FortiManager and FortiAnalyzer.
• Redundant Hub-and-Spoke SD-WAN connectivity.
• Guest WiFi access at the HQ main campus and branch offices.
• Expanded employee remote access using the FortiClient endpoint.
CrowdStrike Endpoint Design and Deployment
I created the high-level design (HLD) document and oversaw its implementation. While other internal groups deployed the CrowdStrike sensor to the hosts and devices, I built and implemented the different policies and host groups to be used by the end devices.
Certifications
Palo Alto Networks Systems Engineer (PSE) – Foundation
Palo Alto Networks
Netskope Security Cloud Implementation and Integration (NSCI&I)
Netskope
Fortinet NSE 3: Network Security Associate
Fortinet
Netskope Security Cloud Operation and Administration (NSCO&A)
Netskope
Tufin Certified Security Expert (TCSE)
Tufin
Akamai Bot Manager Advanced
Akamai University
Akamai Bot Manager Foundations
Akamai University
Zscaler Certified Cloud Administrator – Internet Access (ZCCA-IA)
Zscaler
Certified Information Systems Security Professional (CISSP)
Information System Security Certification Consortium (ISC)²
Skills
Tools
VPN, Microsoft Visio, Visio
Industry Expertise
Network Security
Languages
Python
Paradigms
Change Management
Platforms
CrowdStrike, Netskope
Other
Firewalls, Networking, Risk Assessment, Security, Endpoint Security, Network Architecture, Proxies, Microsoft Office, Check Point, VMware NSX, FortiGate, Juniper, Fortinet Firewall Configuration, FortiManager, FortiAnalyzer, Endpoint Detection and Response (EDR), SD-WAN, IPsec, FortiSwitch, FortiAP, Troubleshooting, Implementation, Operations, Client-side, Cloud Access Security Broker (CASB), Bots, Orchestration, IT Automation, Cisco, ASA
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring