Available for network operations, security operations, and infrastructure roles

Steven Hosek Network & Security Ops Technician

Patchogue, NY
stevenjhosek@icloud.com
linkedin.com/in/stevenhoseknyc

Network and security operations technician with hands-on experience in triage, fault isolation, authentication troubleshooting, escalation coordination, and production support across managed services and enterprise environments.

View Technical Highlights Contact Me Download Resume
Network & security operations
Incident response and escalation
Vulnerability remediation support
Client-facing technical communication
Current FocusProxmox clustering and service placement
Current FocusVLAN segmentation and policy boundaries
Current FocusDNS filtering and network visibility with AdGuard
Current FocusBackup, power resilience, and graceful shutdown planning

Professional Summary

Operations-focused cybersecurity and infrastructure support for live environments.

Built around the kind of work that matters in live environments: triage, troubleshooting, clear escalation paths, and changes that do not create new problems.

I support network and security operations across client and enterprise environments. Day to day, that means triaging alerts, isolating faults, working through authentication and connectivity issues, supporting patching and maintenance, and keeping communication clear between internal teams, vendors, and clients. I do my best work when a problem is noisy or ambiguous and needs to be reduced to something actionable.

Multi-site event triage, fault isolation, and operational troubleshooting
Escalation coordination, remediation planning, and production-safe change execution
Communicates technical findings clearly to clients, internal teams, and vendor support
Works across infrastructure, identity, endpoint, cloud, and security platforms

Experience

Professional Experience

Roles that best reflect my background in operations, troubleshooting, escalation handling, and security-focused support work.

NOC Technician I

Sourcepass · Bohemia, New York · On-site
Oct 2021 – Present
  • Monitor and triage network, infrastructure, and security events across managed client environments, helping move incidents toward resolution or the right escalation path.
  • Investigate alerts across infrastructure, cloud, identity, and security platforms using OpsGenie, Splunk, AppDynamics, RabbitMQ, Azure, AWS, Active Directory, Azure AD, FortiEDR, Palo Alto, Defender, Barracuda, Proofpoint, KnowBe4, and LogRhythm.
  • Support client environments through troubleshooting, risk review, incident handling, and technical communication with internal teams, vendors, and stakeholders.
  • Owned critical PKI certificate issues in a 24x7 support workflow and coordinated closely with security and operations teams through resolution.

Service Desk Analyst – Raytheon

DXC Technology · Holbrook, New York · Remote
Jun 2021 – Oct 2021
  • Provided Level 1 enterprise support in a defense-contractor environment supporting employees, contractors, vendors, executives, and VIP users.
  • Used ServiceNow to document incidents, resolve common issues, identify recurring patterns, and escalate higher-risk or more complex issues to senior support tiers.
  • Supported Office 365 provisioning, restricted portal access, mobile device issues, and multi-factor authentication workflows using smart cards and tokens.

Help Desk Analyst – The Freeman Company

Infogain · Holbrook, New York · Remote
Apr 2021 – Jul 2021
  • Delivered L1/L2 support across phone, chat, and email for password resets, distribution groups, Office 365 provisioning, and Okta-based access workflows.
  • Worked across Active Directory, SAP, Five9, Exchange, Google Workspace, Box, Dropbox, Zoom, and Citrix-based internal systems.
  • Escalated non-resolvable issues appropriately while maintaining consistent user support across remote environments.

Specialist

Apple · Lake Grove, New York
Oct 2019 – Feb 2020
  • Served as an initial point of contact for customers, helping guide purchasing, setup, and product support conversations.
  • Contributed to customer experience, team support, and visual merchandising in a fast-paced retail environment.

Technical Highlights

Technical Highlights

Representative investigations showing how I approach triage, fault isolation, and production-safe remediation.

Highlight 01

802.1X Authentication Failure Analysis

Correlated wireless-side events with backend authentication logs to narrow an intermittent 802.1X issue toward the endpoint rather than shared infrastructure.
ProblemUsers were experiencing recurring authentication failures on enterprise wireless.
ApproachCorrelated controller-side behavior with identity service events and reviewed the timing of client authentication attempts.
OutcomeNarrowed the issue toward endpoint supplicant or certificate behavior rather than unnecessary infrastructure changes.
View investigation notes
What I checkedController-side authentication behavior, timing windows, identity service events, and whether failures lined up across systems.
What I ruled outBroad controller outage, systemic identity platform failure, and a general wireless service interruption.
What pointed to root causeTimeout behavior on one side without matching backend authentication activity strongly suggested an endpoint-side issue.
Next actionValidate the failing endpoint directly by reviewing supplicant behavior, certificate state, and repeatability on a known affected device.
Highlight 02

VPN Tunnel Stability Investigation

Validated both ends of a recurring VPN issue and used a controlled recovery sequence to restore connectivity and stabilize the monitoring path.
ProblemA production VPN path experienced recurring tunnel drops and basic recovery attempts did not restore service.
ApproachValidated tunnel behavior from both ends, tested recovery steps, and coordinated controlled peer re-establishment.
OutcomeRestored connectivity and stabilized the monitoring path while narrowing the issue to peer/session recovery behavior.
View investigation notes
What I checkedTunnel state on both sides, response to peer clears, route behavior, and post-recovery monitoring path stability.
What I ruled outA simple one-sided peer reset as the fix, and a purely transient issue that would clear without coordinated action.
What pointed to root causeThe tunnel only recovered cleanly when both ends were handled in a coordinated sequence, pointing to session recovery behavior rather than basic reachability.
Next actionContinue to watch recurrence patterns, document the successful recovery path, and use that sequence for future incidents.
Highlight 03

Critical Vulnerability Remediation & Upgrade Execution

Supported targeted remediation by validating exposure, upgrade paths, and which platforms required action.
ProblemCritical vulnerabilities required remediation across production infrastructure without creating unnecessary risk.
ApproachReviewed affected systems, validated versions, confirmed upgrade paths, and separated impacted platforms from those not in scope.
OutcomeSupported targeted patching and production-safe upgrade execution tied to critical security issues.
View investigation notes
What I checkedProduct versions, vulnerability applicability, upgrade paths, operational risk, and whether adjacent systems were actually impacted.
What I ruled outBlind patching across every related platform and unnecessary changes to products that were not affected.
What pointed to root causeVersion and platform validation narrowed exposure to a smaller, better-defined scope, which made targeted remediation possible.
Next actionExecute controlled maintenance, validate service health post-change, and document the final supported remediation path.

The Lab

Home lab built for practical networking, systems, and security work.

My home lab is where I validate the same kinds of workflows I deal with professionally: segmentation, virtualization, DNS control, service placement, and repeatable troubleshooting.

Lab Topology

Segmented environment centered on FortiWiFi at the edge, a UPS-backed core, and a home server running clustered Proxmox workloads.

Internet WAN / ISP FortiWiFi Policy / Routing / VLANs UPS Home Server Proxmox cluster / core lab workloads AdGuard DNS filtering / visibility Trusted VLAN Workstations / primary devices Guest VLAN Untrusted / temporary access Lab VLAN Testing / sandbox services Infra VLAN Management / core services

Edge security and routing are handled by FortiWiFi, with VLAN-separated trusted, guest, lab, and infrastructure segments. Core services and virtualized workloads run on a home server using Proxmox, with AdGuard providing DNS control and a UPS protecting the core path.

The environment is built around a FortiWiFi firewall and a home server, with VLANs used to separate trusted, guest, lab, and infrastructure networks. I use it to test routing, policy changes, service placement, and access behavior in a controlled environment before I carry the same thinking into production work.

UPS-backed core gear keeps the environment stable during outages and gives me a clean shutdown path for hosts and services when power is interrupted.

  • Edge and segmentation: FortiWiFi-based routing, policy control, and VLAN separation for distinct network zones.
  • Virtualization: Proxmox cluster used for hosting lab workloads, testing infrastructure changes, and working through VM and service recovery scenarios.
  • DNS and filtering: AdGuard used for DNS control, filtering, and visibility into client query behavior across segments.
  • Power resilience: UPS integration to protect equipment, avoid abrupt shutdowns, and support graceful recovery planning.
  • Operational use: Validation of routing changes, access rules, service placement, patching workflows, and troubleshooting patterns before applying similar thinking elsewhere.
  • Administration and tooling: Ongoing work with Windows administration, scripting, monitoring, and documentation to keep the lab useful instead of static.

Automation / Scripting

I use lightweight automation where it saves time and reduces drift. Most of it is operational: repeatable checks, service validation, file transfer, configuration review, and post-change verification.

  • PowerShell: service health checks, backup validation steps, version checks, and repeatable server-side validation tasks.
  • Bash / SSH / SCP: file transfer, image movement, config retrieval, and remote validation across lab nodes and network gear.
  • Config validation: compare expected settings, verify connectivity assumptions, and confirm changes before and after maintenance work.
  • Why it matters: small automation reduces avoidable mistakes and makes troubleshooting faster when the same patterns repeat.
Examples
# PowerShell
Get-Service | Where-Object Status -ne 'Running'
Test-Connection -ComputerName server01 -Count 2

# Bash / SSH / SCP
ssh admin@lab-fw 'show system interface'
scp image.bin admin@router:/bootflash/

# Validation workflow
- check service state
- verify network reachability
- compare expected version/config
- confirm post-change health

Technical Skills

Core tools, platforms, and operational areas

Built from hands-on work across network infrastructure, security monitoring, systems support, voice, and client operations.

FortiWiFiSegmentation and policy testingHome lab edge control and VLAN boundary validation
ProxmoxClustered lab workloadsVirtualized services, recovery tests, and service placement
AdGuardDNS filtering and visibilityClient query review across segmented networks
Cisco CERE911 routing analysisELIN and callback behavior review in voice environments

Networking / Infrastructure

  • VLANs
  • DHCP
  • DNS
  • RADIUS
  • MAB
  • EAPOL
  • Cisco IOS / IOS-XE
  • FortiGate
  • FortiWiFi
  • Cisco FMC
  • VPN Tunnel Troubleshooting
  • WAN / LAN
  • Network Monitoring
  • NAC / Policy Troubleshooting
  • Wireless Authentication Troubleshooting

Voice / Collaboration

  • Cisco Unity
  • Cisco CER
  • CDR Analysis
  • SIP / Call Routing Troubleshooting
  • ELIN / E911 Routing
  • CUCM

Security / Monitoring

  • Incident Triage
  • Event Correlation
  • False Positive Analysis
  • Threat Detection Review
  • Vulnerability Scan Review
  • Security Escalation Handling
  • Microsoft Defender
  • FortiEDR
  • Palo Alto WildFire
  • Zscaler
  • Proofpoint
  • LogRhythm
  • SIEM Triage

Systems / Platforms

  • VMware
  • vCenter
  • Nutanix Prism Central
  • SQL Server
  • Windows Server
  • Linux
  • Ubuntu
  • Proxmox
  • Backup Validation
  • Server Health Monitoring
  • NetScaler SDX / VPX

Physical Security / Access Control

  • Brivo
  • Milestone Recording Server Support
  • Video Surveillance Troubleshooting
  • Access Control Support

Operations / Tooling

  • Runbook Creation
  • Technical Documentation
  • Client-Facing Incident Communications
  • Vendor Coordination
  • PowerShell
  • Bash / CLI
  • WinSCP
  • SSH / SCP
  • OpsGenie
  • Splunk
  • AppDynamics
  • RabbitMQ
  • Azure
  • AWS
  • ServiceNow
  • Okta
  • ConnectWise
  • IT Glue

Contact

Direct contact details.

Available for network operations, security operations, and infrastructure-focused roles. Email is the best way to reach me.

Emailstevenjhosek@icloud.com
LinkedInlinkedin.com/in/stevenhoseknyc
Resumestevenhosek.dev/Steven-Hosek-Resume.pdf

Professional Preview

This profile is shared selectively.Enter your access code to continue

Thanks for taking a look. This site is shared selectively for hiring and professional conversations. Enter the access code you were given to view the full profile, technical highlights, and resume.