OBJECTIVE:

• A principal or senior position in Information Systems security and/or security management; business, information systems and security integration, enterprise security architecture, regulation compliance, including requiring DOD/DON clearance

PROFESSIONAL SUMMARY:

• An expert in Information Security Management processes, including regulations and compliance process implementation, small and mid - size businesses security management, HIPAA, 201 CMR 17.00 and SOX laws/standards implementation, “cloud computing” security services, and vulnerability management.
• An expert in rmation protection regulations (HIPAA, NIST R4, EU General Data Protection Regulation and implementation process.
• Speaker at international and national security conferences on Information Security Management matters.
• IS security technical leadership, able to build IS security from ground up. Deep knowledge of information security regulations, policies, processes, and implementation. IT/IS and IS security architecture. Full network security management cycle. Planning and budgeting multiple projects. Familiar with majority of IS security technologies. IS integration and development. LAN/WAN installation and administration. Computers, LAN/WAN hardware and peripherals support. Databases design. Excellent problem solving skills, very hands-on. Excellent customer relationship. Performed various IS management duties.

TECHNICAL SKILLS:

NETWORKS: Native Windows, TCP/IP based, NFS, Samba, R-utilities, virtual networking

ENTERPRISE NETWORKING: Remote offices VPN connection, remote home user connection via VPN clients, desktop control utilities

SECURITY: Information security regulations (NIST SP800, ISO, HIPAA, GLBA, SOX, PCI, MA 201 CMR 17.00), enterprise security policies, standards and guidelines, cloud computing security and compliance, access management and authentication including in cloud structures, vulnerability management, mobile network security, Government/DoD security regulations (rmation protection, DITSCAP, UTNPROTECT, IAVMP/SCCVI) ; Windows and UNIX network/file system security; network and email anti-virus protection; Internet firewalls (CheckPoint, SonicWALL, Linux iptables stateful, filtering firewalls/routers, personal firewalls), VPNs; PKI and data encryption (SSL, PGP), AS2 financial transactions protocol, webMethods EC-portal; web and network monitoring tools, WLAN security; network/internet vulnerability assessment/remediation (Nessus and Retina REM, Altiris); penetration testing (Metasploit); Intrusion detection (Snort); network security tools (Nmap, tcpdump, Wireshark, QRadar); disaster recovery and backup service.

COMPUTERS: Intel CPU-based PC; Dell, HP, COMPAQ, network servers; notebooks; SGI Origin-2000 server and O2 workstation, Sun workstations; Network Appliances network file servers; Windows Cluster

HARDWARE: Experience in LAN hardware (major network hardware vendors, HP, COMPAQ, Dell) installation and troubleshooting, personal computers, microcomputers; peripheral equipment (monitors, terminals, printers, modems, etc.) installation, maintenance and repair. Experience in hardware (interfaces, controllers, electron units) design

SOFTWARE: Citrix Xenserver and VMware vShere virtual platform, Windows server OS (, NT), Windows desktop OS (Windows-7/XP/2000/NT); MS-DOS and utilities; UNIX: Sun Solaris 2.x, SGI Irix 6.x; RedHat, Fedora Core, CentOS Linux; Microsoft Office;; remote X-Windows connectivity; MS Visio, MS Project; VPN clients; CA, Symantec, TrendMicro, Kaspersky enterprise AV solutions

INTERNET: WebMethods 6.5 ECG, Tumbleweed SFTP/FTPS server, Apache Web Server, Apache/Drupal platform, WordPress Linux/Apache.MySql; SSL, Internet routers, cable/DSL modems, dial-up (SLIP, PPP) protocols, PPTP and RRAS protocols; T1 and 56K Frame Relay connections, dial-up connections; VPN connectivity

MAIL: MS Exchange Server/Clients; SMTP mail servers: Eudora WorldMail, Seattle Mail Server/NT, Sendmail, ISMail; various mail clients

DATABASES: PostgreSQL server, MS SQL, MySQL, Microsoft Access

LANGUAGES: Perl 5, SQL, HTML

PROFESSIONAL EXPERIENCE:

Principal IS/IS Security Consultant

Confidential, Sharon, MA

Responsibilities:

• Development and implementation of security policies for various clients (PCI, privacy, Vulnerability Management, access to enterprise resources, various NIST standards) Security web sites hosting utilizing Linux/Apache/MySQL environment running Dripal and WordPress hosting environment DoD proposals and white papers on cyber security matters Cyber Attack Damage Assessment System. Next generation an integrated security system capable of restoring functionality under continues cyber attacks. Prop, osal for US Air Force/VIPMobile, Inc. IT/IS consulting for various companies, IT/IS services installation and support
• Networks assessment and security auditing; firewalls configuration (CheckPoint, Sonic, Linux iptables), stateful firewalls development, Internet routers, personal firewalls; Anti-virus protection (Norton AV EnterpriseAV for Gateway, TrendMicro AV) Design and development of GPL NessusDBX (Nessus enterprise back-end system, including database, reporting system, integration of various data sources, and customization) using Perl 5; vulnerability scanning, assessment, and management, including policies Penetration testing utilizing Metasploit and Nessus “fuzzy” scanning Intrusion detection tools installation and configuration (Snort with BASE) Recovery of computers affected by multiple instances of malware (viruses, worms, backdoors) Contingency, backup and disaster recovery planning and implementation IT business solutions: ECM financial management solutions for insurance companies, project planning and implementation, Fax services over T1, bulk mail distribution, infrastructure installation and support Email and Groupware: Exchange 2000, Eudora WorldMail, Unix Sendmail installation and support, IsMail server Web sites development, including database design for consulting management Linux servers and workstations installation and support

Information Security Analyst

Confidential, Boston, MA

Responsibilities:

• Responsible for all technical aspects of Information System security management and planning, Development of Information Security Plan including projects’ and operational processes planning; workforce and budget planning Information Security strategic planning to address compliance to HIPAA Security Rule, MA 201 CMR 17.00 standards and possible DHHS/CMS audit for HIPAA compliance Changing business and IT processes proposals according to regulations’ requirements HIPAA/HITECH and 201 CMR 17.00 compliance preparedness assessment Reviewing, development and implementation of security policies’ including 201 CMR 17.00 Access management and authentication (password based and two factor remote) User Rights Management System proposal, design, project’s management and implementation supervision Data management/Data retention project - to consolidate IT and security multiple projects and processes on single platform for overall data management (backup, restore, retention, logs' management, SIEM system); analysis of 42 CFR, 21 CFR, SOX, Massachusetts CMR retention time requirements Vulnerability management, penetration testing, intrusion detection planning and implementation Mobile network security (computers and smart phones)
• Security Information Events Management (SIEM) solutions’ research and project proposal; implementation and utilization of IBM/QRadar SIEM, offences investigation, system maintenance Perimeter protection, AV/malware project proposal and implementation consulting BIOS- based malware protection project proposal Contingency and disaster recovery planning, development of threats’ analysis documents Incident management policies, process, and cases’ handling Writing more than 100 documents (policies, technical, recommendations, planning) on various IT security aspects Working with vendors on technical and budgetary matters Installation and configuration of security tools Network traffic analysis and monitoring IT services outsourcing planning, working with service providers IT infrastructure planning

Leading System Security Analyst/Consultant

Confidential, Lanham, MD

Responsibilities:

• DOT cloud based ERM system security controls per NIST SP R4 and FedRAMP, authentication in Microsoft Dynamics cloud ERM service and NIST and FedRAMP requirements Research of compatibility of NIST recommended S&A processes and security controls for cloud computing environment; Security assessment and architecture analysis of the implementation of new DOT/ NHTSA National Driver Register (NDR) program; analysis of legacy NDR system Analysis of DOT/NHTSA C&A documents, system requirements, NIST SP-800-XX documents, C&A process, writing C&A reports according to NIST A, and issuing recommendations for security controls of new NDR system.
• .

Communications Security Analyst/Consultant

Confidential

Responsibilities:

• Application of general Confidential policies to secure communications Implementation of secure financial information files transaction system for numerous bank clients utilizing SSL and PGP encryption, and proprietary implementation of HTTPS, FTPS and AS2 protocols. Configuring server side E-Commerce Gateway two generations implementation using UNIX scripting and proprietary software. Remote technical support of customer side; project management, relationship management.

IV&V Security Analyst/Government contractor

Confidential, Shrewsbury, MA

Responsibilities:

• Independent verification and validation (IV & V) of Information Security processes and policies at the Center Verification of vulnerability status of the center networks, setting up vulnerability management procedures; customization of NessusDBX (Perl 5) Development and implementation of Vulnerability Management policy; analysis of privacy policies and guidelines Research of content filtering solutions.

Security Analyst/Government contractor

Confidential, Middletown, RI

Responsibilities:

• Development of new concept of security vulnerability management for large enterprises Working on policies and implementation of government regulations, security compliance review (DITSCAP, UTNPROTECT, IAVMP/SCCVI, NIST) Network vulnerability assessment and remediation (Nessus, eEye Retina, Altiris) Design and development of vulnerability scanning database applications for Nessus VS (Perl 5, PostgreSQL, RH FC1/2/3, CentOS 4.2 Linux) Integration of network vulnerability assessment software (Nessus) and assessment and remediation software (Altiris) in the database application Installation and configuration of security tools running on both Windows and Linux OS (Nessus, Snort, Nmap, tcpdump); development of exploit tools (Per 5) Wireless networks (WLAN) security; WLAN monitoring/WarDriving, installation and configuration of wireless discovery tools both on Linux and Windows (Kismet, Netstambler) Identification and research of unknown vulnerabilities of network applications Perl 5 scripts development for data processing and reporting Various Linux OS installation, configuration and support Reports’ design, generation and corresponding documents’ writing

IS manager

Confidential, Boston, MA

Responsibilities:

• IS Group management and administrative duties Companywide IT and security management: -Development and implementation of the company security policy and guidelines -General network security, NT CheckPoint Firewall-1 and filtering firewalls configuration -Connection and integration of two remote offices (London, Seattle) in corporate network -VPN over RRAS and Firewall-1, remote clients connection over VPN -Remote users’ connection via VPN and RAS -Internet and Intranet access monitoring -mplementation of secure network sub-netting for Internet services -Installation and support of Web, FTP, and Remote Access services -Backup/Disaster Recovery and Storage Management services -Integrated network virus protection solution ( CA InocuLAN/NT) Management of and technical participation in: -General technical supervision of 20-server, 300 workstations and 1TB capacity network -Remote control of satellite office servers and VPN gateways -Relocation of central Boston office and rebuilding of switched/routed network -Conversion of NFS/UNIX network to WindowsNT/UNIX network, installation of NT switching and routing network -Conversion NT Seattle Mail Server to MS Exchange Groupware, MS
• Exchange Server and Internet Connector installation and support -Migration to MS Exchange v.5.5 -Internet connection via T1 and 56K Frame Relay, Internet Routers -Windows NT Cluster solution for high availability NT and NFS file services (200GB) -Multiple switching and routing networks and VLANs development and support -Support and administration of diverse NFS/UNIX network, NFS (Network Appliance, Inc. ) file servers (300GB) -Installation and support of WindowsNT Servers, Linux 5.2/6.2, WindowsNT Workstation 4.0 (3.51) and Windows95 desktop OS -MS SQL v.6.5/7.0 Server (500GB) installation and support

MIS Manager

Confidential, Norton MA

Responsibilities:

• IS Group management and administrative duties Management and planning of merger and connection of two corporate East and West coast networks Management, development and administration of: Novell 3.12/UNIX 10BaseT/10Base2 network of 100 users Microsoft Mail v.3.5, MS Mail Remote v.3.5, SMTP MS Mail Gateway v.3.0, UNIX Sendmail Remote Access dial in/out services (Shiva LanRover/E-8Plus) Internet services (Morning Star Router Secure Connect m.5001, Frame Relay 56K, DNS, Netscape and Microsoft browsers) Desktop OS (Windows-95, DOS, MS Windows, WFW) with dual protocol stack (Novell VLM/Windows-95 IPX/SPX, SunSoft PCNFS/PCNFS-Pro and Windows TCP/IP) Installation, support and administration of manufacturing/planning/financial system, based on MicroMRP MAX and Grate Planes Dynamics products Design and support of PC users and Phone System database

Systems Engineer

Confidential, Norwood, MA

Responsibilities:

• Desktop/ Network problem and business solutions for number of Confidential customers.

Consultant

Confidential, Littleton, MA

Responsibilities:

• Network design, development and administration (WinNT 3.51 and 3.5 servers for Intel and Alpha CPU, Novell 3.11, WinNT SQL Server/Client) Workstations installation, support and troubleshooting (WinNT 3.51, WFW 3.11, Win95, Pathworks for WFW and Win95) in multi-protocol environment Macintosh PC network support (AppleShare, TCP/IP, WinNT volumes) Microsoft Mail support and development (MS Mail Server 3.21 for WFW and WinNT 3.51, multi-post office environment) Internet Windows-based applications support: Netscape, Mosaic, Eudora and Pine mail; Remote Access and communication services

Software Engineer

Confidential, Cambridge, MA

Responsibilities:

• Novell network development, administration, support and troubleshooting Multi-OS environment installation and support (DOS, Win3.1x, OS/2, WinNT, Sun Solaris2.x), applications installation and support Microsoft Mail (DOS and Windows) administration and support PC and Sun stations hardware support and troubleshooting Databases design for time sheets and projects management Databases design for inventory management Databases and projects data and files connectivity and transfer development Multi-user databases administration and support Software and hardware ordering and inventory database support

Technician

Confidential, Boston,MA

Responsibilities:

• DEC and PC Ethernet hardware/software installation and maintenance IBM, Macintosh and COMPAQ computers service and repair Software installation and troubleshooting Peripheral equipment installation and repair Proprietary publishing systems service and repair Hardware tests design

Professional . MICRO/ix

Confidential, Sudbury, MA

Responsibilities:

• MS-DOS and Interactive UNIX Sys.V Rel.4.x installation, UNIX administration

Senior Design Engineer

Confidential

Responsibilities:

• Design of computer systems software and hardware for real time processes control, data acquisition, and processing Databases and user interfaces design for Electric Utility Company
• Distributed computer systems hardware and software design Flexible manufacturing and robotics control systems development