Available for network operations, security operations, and infrastructure roles

Steven Hosek Network & Security Ops Technician

Patchogue, NY
stevenjhosek@icloud.com
linkedin.com/in/stevenhoseknyc

Network and security operations technician with experience in incident response, authentication troubleshooting, alert triage, escalation handling, and production support across managed services and enterprise environments.

View Technical Highlights Contact Me Download Resume
NOC / SOC operations
Incident response and escalation
Vulnerability remediation support
Client-facing technical communication
Current FocusProxmox clustering and service placement
Current FocusVLAN segmentation and policy boundaries
Current FocusDNS filtering and network visibility with AdGuard
Current FocusBackup, power resilience, and graceful shutdown planning

Professional Summary

Production-focused cybersecurity and infrastructure support.

Focused on network and security operations, troubleshooting, escalation handling, and support for live production environments.

I support network and security operations across client and enterprise environments, with day-to-day work spanning alert triage, incident response, authentication issues, VPN and infrastructure troubleshooting, patching, and stakeholder communication. My strongest value is narrowing problems down quickly, documenting what matters, and helping move incidents toward resolution without adding unnecessary noise.

Monitors and responds to network and security events across multi-site environments
Supports escalation workflows, remediation planning, and production-safe change execution
Communicates technical findings clearly to clients, internal teams, and vendor support
Works across infrastructure, identity, endpoint, cloud, and security platforms

Experience

Professional Experience

Roles selected to reflect my background in operations, support, troubleshooting, and security-focused technical work.

NOC Technician I

Sourcepass · Bohemia, New York · On-site
Oct 2021 – Present
  • Monitor and respond to network and security events across managed services environments, helping drive timely incident resolution and escalation.
  • Investigate alerts using OpsGenie, Splunk, AppDynamics, RabbitMQ, Azure, AWS, Active Directory, Azure AD, FortiEDR, Palo Alto, Defender, Barracuda, Proofpoint, KnowBe4, and LogRhythm.
  • Support client environments through troubleshooting, risk identification, incident handling, and technical communication with internal teams and stakeholders.
  • Served as a primary contact for critical PKI certificate issues in a 24x7 support workflow and coordinated closely with security and operations teams.

Service Desk Analyst – Raytheon

DXC Technology · Holbrook, New York · Remote
Jun 2021 – Oct 2021
  • Provided Level 1 support in a defense-contractor environment supporting employees, contractors, vendors, executives, and VIP users.
  • Used ServiceNow to document incidents, resolve common issues, identify trends, and escalate more complex issues to higher support tiers.
  • Supported Office 365 provisioning, restricted portal access, mobile device issues, and multi-factor authentication workflows using smart cards and tokens.

Help Desk Analyst – The Freeman Company

Infogain · Holbrook, New York · Remote
Apr 2021 – Jul 2021
  • Delivered L1/L2 support across phone, chat, and email, assisting with password resets, distribution groups, Office 365 provisioning, and Okta-based access workflows.
  • Worked with Active Directory, SAP, Five9, Exchange, Google Workspace, Box, Dropbox, Zoom, and Citrix-based internal systems.
  • Escalated non-resolvable issues appropriately while maintaining a strong user-support experience across remote environments.

Specialist

Apple · Lake Grove, New York
Oct 2019 – Feb 2020
  • Served as an initial point of contact for customers, helping guide purchasing, setup, and product support conversations.
  • Contributed to customer experience, team support, and visual merchandising in a fast-paced retail environment.

Technical Highlights

Technical Highlights

Selected examples that reflect how I approach incident analysis, problem isolation, and production-safe remediation.

Highlight 01

802.1X Authentication Failure Analysis

Correlated wireless and identity-service behavior to narrow an intermittent authentication issue toward the endpoint rather than the infrastructure.
ProblemUsers were experiencing recurring authentication failures on enterprise wireless.
ApproachCorrelated controller-side behavior with identity service events and reviewed the timing of client authentication attempts.
OutcomeNarrowed the issue toward endpoint supplicant or certificate behavior rather than unnecessary infrastructure changes.
View investigation notes
What I checkedController-side authentication behavior, timing windows, identity service events, and whether failures lined up across systems.
What I ruled outBroad controller outage, systemic identity platform failure, and a general wireless service interruption.
What pointed to root causeTimeout behavior on one side without matching backend authentication activity strongly suggested an endpoint-side issue.
Next actionValidate the failing endpoint directly by reviewing supplicant behavior, certificate state, and repeatability on a known affected device.
Highlight 02

VPN Tunnel Stability Investigation

Worked through peer reset and recovery behavior to restore connectivity and stabilize a production monitoring path.
ProblemA production VPN path experienced recurring tunnel drops and basic recovery attempts did not restore service.
ApproachValidated tunnel behavior from both ends, tested recovery steps, and coordinated controlled peer re-establishment.
OutcomeRestored connectivity and stabilized the monitoring path while narrowing the issue to peer/session recovery behavior.
View investigation notes
What I checkedTunnel state on both sides, response to peer clears, route behavior, and post-recovery monitoring path stability.
What I ruled outA simple one-sided peer reset as the fix, and a purely transient issue that would clear without coordinated action.
What pointed to root causeThe tunnel only recovered cleanly when both ends were handled in a coordinated sequence, pointing to session recovery behavior rather than basic reachability.
Next actionContinue to watch recurrence patterns, document the successful recovery path, and use that sequence for future incidents.
Highlight 03

Critical Vulnerability Remediation & Upgrade Execution

Supported targeted remediation by validating scope, upgrade paths, and which platforms required action.
ProblemCritical vulnerabilities required remediation across production infrastructure without creating unnecessary risk.
ApproachReviewed affected systems, validated versions, confirmed upgrade paths, and separated impacted platforms from those not in scope.
OutcomeSupported targeted patching and production-safe upgrade execution tied to critical security issues.
View investigation notes
What I checkedProduct versions, vulnerability applicability, upgrade paths, operational risk, and whether adjacent systems were actually impacted.
What I ruled outBlind patching across every related platform and unnecessary changes to products that were not affected.
What pointed to root causeVersion and platform validation narrowed exposure to a smaller, better-defined scope, which made targeted remediation possible.
Next actionExecute controlled maintenance, validate service health post-change, and document the final supported remediation path.

The Lab

Home lab built for practical networking, systems, and security work.

My home lab is where I build and validate the same kinds of workflows I support professionally, with an emphasis on segmentation, infrastructure reliability, virtualization, and repeatable troubleshooting.

Lab Topology

Segmented environment centered on FortiWiFi at the edge, a UPS-backed core, and a home server running clustered Proxmox workloads.

Internet WAN / ISP FortiWiFi Policy / Routing / VLANs UPS Home Server Proxmox cluster / core lab workloads AdGuard DNS filtering / visibility Trusted VLAN Workstations / primary devices Guest VLAN Untrusted / temporary access Lab VLAN Testing / sandbox services Infra VLAN Management / core services

Edge security and routing are handled by FortiWiFi, with VLAN-separated trusted, guest, lab, and infrastructure segments. Core services and virtualized workloads run on a home server using Proxmox, with AdGuard providing DNS control and a UPS protecting the core path.

The environment is centered around a home server and a FortiWiFi firewall, with VLANs used to separate network segments and reduce unnecessary trust between systems. I use it to model cleaner network boundaries, test changes safely, and work through routing, access, and service behavior without touching production environments.

Core design elements include segmented networks for infrastructure, trusted devices, lab workloads, and isolated services, plus UPS-backed power protection so the environment stays stable during outages and can be shut down cleanly when needed.

  • Edge and segmentation: FortiWiFi-based routing, policy control, and VLAN separation for distinct network zones.
  • Virtualization: Proxmox cluster used for hosting lab workloads, testing infrastructure changes, and working through VM and service recovery scenarios.
  • DNS and filtering: AdGuard used for DNS control, filtering, and visibility into client query behavior across segments.
  • Power resilience: UPS integration to protect equipment, avoid abrupt shutdowns, and support graceful recovery planning.
  • Operational use: Validation of routing changes, access rules, service placement, patching workflows, and troubleshooting patterns before applying similar thinking elsewhere.
  • Administration and tooling: Ongoing work with Windows administration, scripting, monitoring, and documentation to keep the lab useful instead of static.

Automation / Scripting

I use lightweight automation to make recurring operational tasks faster, more repeatable, and easier to validate. The goal is not to over-engineer simple work, but to reduce manual drift and make common checks easier to rerun.

  • PowerShell: service health checks, backup validation steps, version checks, and repeatable server-side validation tasks.
  • Bash / SSH / SCP: file transfer, image movement, config retrieval, and remote validation across lab nodes and network gear.
  • Config validation: compare expected settings, verify connectivity assumptions, and confirm changes before and after maintenance work.
  • Why it matters: small automation reduces avoidable mistakes and makes troubleshooting faster when the same patterns repeat.
Examples
# PowerShell
Get-Service | Where-Object Status -ne 'Running'
Test-Connection -ComputerName server01 -Count 2

# Bash / SSH / SCP
ssh admin@lab-fw 'show system interface'
scp image.bin admin@router:/bootflash/

# Validation workflow
- check service state
- verify network reachability
- compare expected version/config
- confirm post-change health

Technical Skills

Core tools, platforms, and operational areas

Built from day-to-day operational work across network infrastructure, security monitoring, systems support, voice, and client environments.

FortiWiFiSegmentation and policy testingHome lab edge control and VLAN boundary validation
ProxmoxClustered lab workloadsVirtualized services, recovery tests, and service placement
AdGuardDNS filtering and visibilityClient query review across segmented networks
Cisco CERE911 routing analysisELIN and callback behavior review in voice environments

Networking / Infrastructure

  • VLANs
  • DHCP
  • DNS
  • RADIUS
  • MAB
  • EAPOL
  • Cisco IOS / IOS-XE
  • FortiGate
  • FortiWiFi
  • Cisco FMC
  • VPN Tunnel Troubleshooting
  • WAN / Branch Connectivity
  • Network Monitoring
  • NAC / Policy Troubleshooting
  • Wireless Authentication Troubleshooting

Voice / Collaboration

  • Cisco Unity
  • Cisco CER
  • CDR Analysis
  • SIP / Call Routing Troubleshooting
  • ELIN / E911 Routing
  • CUCM

Security / Monitoring

  • Incident Triage
  • Event Correlation
  • False Positive Analysis
  • Threat Detection Review
  • Vulnerability Scan Review
  • Security Escalation Handling
  • Microsoft Defender
  • FortiEDR
  • Palo Alto WildFire
  • Zscaler
  • Proofpoint
  • LogRhythm
  • SIEM Triage

Systems / Platforms

  • VMware
  • vCenter
  • Nutanix Prism Central
  • SQL Server
  • Windows Server
  • Linux
  • Ubuntu
  • Proxmox
  • Backup Validation
  • Server Health Monitoring
  • NetScaler SDX / VPX

Physical Security / Access Control

  • Brivo
  • Milestone Recording Server Support
  • Video Surveillance Troubleshooting
  • Access Control Support

Operations / Tooling

  • Runbook Creation
  • Technical Documentation
  • Client-Facing Incident Communications
  • Vendor Coordination
  • PowerShell
  • Bash / CLI
  • WinSCP
  • SSH / SCP
  • OpsGenie
  • Splunk
  • AppDynamics
  • RabbitMQ
  • Azure
  • AWS
  • ServiceNow
  • Okta
  • ConnectWise
  • IT Glue

Contact

Direct contact details.

Available for cybersecurity, infrastructure, and operations-focused roles. Email is the best way to reach me.

Emailstevenjhosek@icloud.com
LinkedInlinkedin.com/in/stevenhoseknyc
Resumestevenhosek.dev/Steven-Hosek-Resume.pdf

Restricted Access

Enter passphrase to access stevenhosek.dev

This site is restricted. Enter the access code provided to you to continue to the full profile and resume.

stevenhosek.dev
Authorized viewers only
Credential required