SUMMARY:

• 15+ years of experience in IT Security Policies, Procedures, and Protections on Enterprise scale
• Infrastructure design for security systems throughout the Enterprise
• Risk Manager and Architect for all IT Systems in the Enterprise
• Secure Software Development in ASP.NET and C#.NET (OO and Agile)
• Active DoD Security Clearance

TECHNICAL SKILLS:

Operating Systems: Windows 7/8/10/2008/2012/2016 Linux

Security: eEye Retina Metasploit NMAP Fortify Nessus LogRhythm McAfee ePo Palo Alto

Relational Databases: Oracle Microsoft Access Microsoft SQL Server

Development Tools/Techniques: MS .NET Framework C# ASP.NET Active Server Pages (VB Script/JavaScript) HTML/DHTML Oracle PL/SQL MS Internet Information Server (IIS) Visual Studio .NET

Development Methodologies: Requirements analysis Agile Secure Coding

PROFESSIONAL EXPERIENCE:

Confidential, FL

IT Security Office, Enterprise Architect, and Manager

Responsibilities:

• Produced monetary budgets for Desktop/Server Management group and IT Security
• Designed and Managed Intrusion Detection/Intrusion Prevention Systems, SIEMs, and Vulnerability Assessment Systems
• Subject Matter Expert in Enterprise Architecture of Windows Operating System hardening, Security Compliance and Patching Solutions, Virtualization, and Secure Coding
• Streamlined projects which involved many stakeholders to achieve the best secure outcome for the customer fiscally
• Champion of Change of the “business as usual” perspective to an more secure and agile IT and presenting these ideas to management

IT Security Officer

Responsibilities:

• Developed Security Plan and Procedures to protect a government computer network, numerous servers, and clients.
• Designed and built anti - virus and anti-spam solutions to protect the enterprise from outside threats.
• Managed monetary budgets for Server Management group and IT Security
• Managed Intrusion Detection/Intrusion Prevention Systems
• Responsible for security compliance for NAVSEA, DoD, and Navy regulations
• Worked through the DITSCAP process to achieve an Authority to Operate (ATO) for unclassified network
• Managed the Windows 2003 Active Directory, Exchange 2003 Infrastructure, and Senior Member of Network Administrator group
• Developed and deployed DoD CAC Smartcard login throughout the Enterprise.
• Designed and built original applications in C# and ASP.NET with broad conceptual considerations, including longevity of solutions, as well as, cost effectiveness with Oracle and SQL Server backend databases.
• Managed and maintained Defense Messaging System (DMS) GWS and clients.

IT Security Specialist/Software Engineer

Confidential

Responsibilities:

• Developed Security Plan and Procedures to protect a government computer network, numerous servers, and client PCs.
• Designed and built anti-virus and anti-spam solutions to protect the enterprise from outside threats.
• Managed monetary budgets of $200,000+
• Researched and procured Intrusion Detection System
• Responsible for security compliance for NAVSEA, DoD, and Navy regulations
• Windows NT/2003 Administrator, Exchange 2003 Administrator, and Network Administrator
• Developed new policies with Active Directory infrastructure for increased computer security
• Designed and built original applications with broad conceptual considerations, including longevity of solutions, as well as, cost effectiveness.

Software Engineer

Confidential

Responsibilities:

• Developed software designed to support diversified operations in both this facility and the military base on Andros Island, in the Bahamas.
• Instrumental in revitalizing and organizing the IS Department, establishing standards and procedures, and introducing the concept of distributed application architecture.
• Designed and built original applications development with broad conceptual considerations, including longevity of solutions, as well as cost effectiveness.
• Effectively realize substantial costs on many currently operational projects.
• Windows NT Administrator, Exchange 5.5 Administrator, and Network Administrator
• Implemented standard development procedures, including documentation of requirements, design, and testing.
• Used standard development procedures for full lifecycle management of developed applications
• Conducted instructional presentations to train associates to introduce and utilize design tools, as well as provide technical support to development team regarding project solutions.

Confidential, Austin, TX

Enterprise System Test Engineer

Responsibilities:

• Security Expert in Confidential for Testing of upcoming 12G server line.
• Developed Test Plans and Procedures for security and penetration testing of upcoming 12G server line.
• Liaison for Test organization to consult with Development on Secure Coding Practices and Threat Modeling
• Developed SMB Security Presentation on customer pain points for Security
• Member of Security Product Evaluation group that evaluated new security products for inclusion in Confidential offerings
• Member of “Malware Tiger Team” to Evaluate Confidential processes and work on solutions to correct current processes prevent future malware incidents
• Mentored peers in Test Group on additions of security to all test cases
• Provided management risk assessments on products before release and whether to gate products
• One of founding members to create a Security Center of Excellence in Confidential to evaluate all Enterprise products from a security perspective. At time of departure, it was still work in progress.