Technical Lead Manager
Kevin
Usdrowski
Network security professional with 25+ years of experience designing and operating enterprise-scale infrastructure across large global organizations, hybrid cloud environments, globally distributed WAF platforms, and zero-trust architectures.
Technical Skills
Firewalls & Security
Palo Alto (Panorama)
Prisma Access
Cisco ASA
Cisco Firepower
Imperva SecureSphere WAF
Imperva Cloud WAF
AWS Firewall Manager
F5 ASM / Advanced WAF
Load Balancing
F5 LTM
F5 3DNS
vCMP
Networking
Cisco Nexus
Cisco Catalyst
Cisco ISR / ASR
BGP
OSPF
EIGRP
MPLS
VRF
IPSec / VPN
VRRP / HSRP
Cloud
AWS Direct Connect
AWS VPC
AWS Transit Gateway
Azure ExpressRoute
Equinix Fabric
Monitoring & OS
Splunk
SolarWinds
WhatsUp Gold
Wireshark
Ubuntu
Professional Experience
The Voleon Group
Technical Lead Manager, Network Aug 2025 – Present
Senior Network Engineer Mar 2025 – Aug 2025
- Designed and implemented a multipath WAN using Wavelength Circuits, IPsec, and eBGP.
Empower Retirement
Senior Security Engineer Aug 2020 – Mar 2025
- Supported enterprise security environment spanning multiple Palo Alto firewall series, Imperva on-premise and cloud WAF, and AWS Firewall Manager.
- Configured and deployed Palo Alto Prisma Access for all corporate users with on-premise gateways as backup.
- Implemented DR solution for WAF management servers and gateways; designed isolated BMS infrastructure with dedicated firewalls, IPsec overlay, GlobalProtect, and AWS Workspaces.
- Contributed to a data center migration moving all environments to a hybrid cloud infrastructure using AWS and Equinix.
Kaiser Permanente — Contractor
Network Security Engineer Apr 2020 – Aug 2020
- Developed overall security posture strategy for medical-based devices, building automation systems, and vendor connections across Kaiser facilities.
- Performed gap analysis on deployed and proposed cybersecurity solutions.
Jeppesen, a Boeing Company
Network Designer 5 / Senior Network Engineer 5 Jan 2018 – Apr 2020
Network Engineer 4 Jan 2017 – Dec 2017
Network Engineer 3 Jul 2016 – Dec 2016
- Designed a security-centric web tier with F5 i7800 vCMP guests, Advanced WAF, IP Intelligence, and Layer 3 transits enabling hybrid on-premise/cloud backend nodes.
- Configured IPS/IDS policies on Palo Alto firewalls and collaborated with application owners on threat signature enforcement.
- Designed and implemented a disaster recovery data center using Cisco ASR 1001-Xs, Palo Alto 3050s, Cisco Nexus 9396PX/93180YC-EX/3548, and F5 Big-IP virtual editions.
- Designed cloud connectivity via Equinix Fabric, AWS Direct Connect, and Azure ExpressRoute with multi-VRF isolation and Layer 3 transits to HA firewalls.
- Technical lead for all data center activities; trained and mentored new employees. Received "Exemplary" performance rating — reserved for fewer than 1% of employees — for two consecutive years.
Arapahoe/Douglas Mental Health Network
Network Engineer Jul 2015 – May 2016
- Designed and implemented a multipath WAN using MetroE links and eBGP.
- Refreshed all Layer 2 switching infrastructure in preparation for a new VoIP deployment; configured Cisco AnyConnect SSL VPNs with RSA authentication.
- Managed multi-vendor environment including Cisco ASAs, WLCs, McAfee, WatchGuard, HP, and 3Com.
CGI Group
Network Engineer — Consultant Dec 2013 – Jul 2015
- Third-level support for an international heterogeneous TCP/IP network; implemented complex multi-VRF solutions on Cisco routers and switches.
- Configured OSPF, BGP, EIGRP, VRRP, HSRP across Cisco 2900/3800/ASR routers and Nexus switches; applied ACLs and VACLs to meet financial security standards.
AT&T
Network Firewall Engineer — Contractor Aug 2011 – Jul 2013
- Sole engineer responsible for managing IBM's global multi-tier DMZ refresh project.
- Converted Nokia Checkpoint firewalls to Cisco ASA 5540/5550; migrated shared packet-filtering to Cisco ASA multiple-context active/active configurations.
- Migrated a Windows TACACS server supporting 300+ devices and 200 users to a Cisco ACS 1121 appliance.
Icahn Associates
Network Engineer — Contractor Nov 2008 – Dec 2009
- Migrated WAN from point-to-point leased lines to MPLS full-mesh; designed dense multicast network for enterprise video conferencing.
- Central point of contact for all network design, implementation, and issue resolution.
STMicroelectronics
Network Administrator — Contractor Jul 2007 – Dec 2007
- Second and third level support for 100+ Cisco device LAN; designed and implemented 802.11b/g wireless mesh network.
PetSmart Incorporated
Network Engineer — Contractor Apr 2006 – Nov 2006
- Engineered Cisco Call Manager Express rollout across 900+ retail stores, with new infrastructure at each location.
- Configured and supported F5 Big-IP devices; implemented Netscout nGenius probes for traffic analysis.
Lucent Technologies
Senior Network Engineer — Contractor Apr 2005 – Mar 2006
- Network lead for data center migration; provided Tier 3 support post-migration and designed global B2B/DMZ connectivity using Lucent firewalls, Foundry, Juniper, and Cisco.
Savvis Communications
Network Engineer — Contractor Mar 2004 – Mar 2005
- Supported Tier 2/3 DMZ environments; configured F5 Big-IP load balancers, Checkpoint firewall policies, and Cisco Catalyst/Nexus switching.
United Airlines
Senior Technical Analyst Oct 2003 – Jan 2004
Network Analyst May 2001 – Oct 2003
- Third-level operational support for international heterogeneous SDLC/X.25 and TCP/IP networks; maintained 99.49%+ uptime across 120,000+ nodes.
- Implemented DMZ for high-transaction vendors using Cisco multilayer switches, F5 load balancers, and Checkpoint firewalls.
- Mentored new analysts; provided 24/7 on-call support across multi-protocol network spanning point-to-point, frame relay, Ethernet, FDDI, and token ring.
Education
B.S. in Operations Management Information Systems
Northern Illinois University