PROFESSIONAL SUMMARY:

• Proven information security professional with success in guiding implementation of leading - edge solutions while balancing security initiatives to risks. business operation and innovations. Specialties include network design, systems architecture, configuration management, security assessment, pen-testing, vulnerability management, business continuity planning, disaster recovery planning and system administration with extensive experience major vendors products.

TECHNICAL SKILLS:

Programming Languages: SQL, C#, ASP, JavaScript, CORBA, VB, XML, PL/SQL, C/C++, Visual C++, VB Script, PowerShell programming, Java Script, ASP.Net, JSP, XSL, HTML, Python, R.

Software/Databases: Oracle 8i/9i, Proxy, OLTP, SQL Queries, SQL Server 2005/10, DBMS, .NET, DBA, Stored Procedures, Teradata, MS Exchange 2000/03/07/10, IIS 6.0/7.0/7.5, Reports, Active Directory, Novell NDS, AutoCAD, Siemens Step7, DB/2, MS Access, MySQL, ODBC, Novell 3.x/4.x, Visual Studio .NET, Visual Studio 6.0, JBuilder, CSS, ADO, ADO.Net, COM+, Apache, MS Word, MS Excel, MS PowerPoint, MS Access, Lotus Notes, MS Visio, MS Project management, SAS, SPSS.

Operating Systems: Window XP/7/2003/08/12, UNIX AIX, Linux RH, SUN SOLARIS

Hardware: Modems, Workstation, Severs, Intel, Hubs, SAN, HP, Cisco/Checkpoint/IBM/Palo alto Switches/Routers/firewall.

Networking/Security: DSL,TCP/IP,IPV4, IPV6, LAN, WAN, CAT5, Fiber Optics, Frame Relay, ATM, ISDN, Firewalls, OSPF, BGP,EIGRP, DMZ, RAS, VPN,Intranet, Extranet, VoIP, IPsec, DHCP, DNS, WINS,SNMP, HTTPs, SSH, FTP, TELNET,SOAP. ArcSightConsole 4.5.1.6043.2, Arcsight LoggerBMC Remedy 7.5,BlueCoat (Netcache),Netwitness Investigator 8.0,Proofpoint Smart Search 1.0.1.18Microsoft Windows Most versions workstation/client,Enterasys Dragon, Internet Security Scanner Real Secure Site Protector, Cisco ASA, Secure IDS,Cisco Routers and Switches Operating Systems HP OpenView, HP Tipping Point IPS,Sourcefire/Snort, Symantec and Confidential desktop and enterprise antivirus, ENS10.x, ForeScout+ CounterACT,AirDefense Security, MAP, SCOM/SCCM/SMS (2007/12) NAGIOS and SolarWinds Orion, Critical watch, OpenStack Ubuntu 14.04, RSA Access Manager, FireEye, Tanium 7.x,, Confidential Web gateway(MGW) ver 7 and 8, LogRhythm SIEM tool.

Security/Compliance framework: ISO 27001, COBIT, COSO, ITIL, NIST SP r1, FIPS,FISMA,PCI-DSS,HIPAA,GLBA,SOX.

Web Applications: BEA WebLogic, WebSphere, Servlets, Applets, IIS6/7.0, Apache Tomcat, Postgress

Research/Analytical Tools: SAS, SPSS, EM,Yelp data, Sqoop, Hive, Parquet, Hue, Impala, Rapid Miner, Tableau, Spark, Solr, Morphlines, Scala,. Hadoop system, Sqoop flume.

PROFESSIONAL EXPERIENCE:

Confidential, Addison, TX

Solutions Architect

Responsibilities:

• Design infrastructure solutions and directs the development of architecture, reusable frameworks and automation.
• Design and develops solutions for OpenStack and Cisco UCS platforms
• Leverage strong technical acumen with successful history of recommending solutions, to lead the development of patterns and architecture that are fit for purpose
• Design and develops patterns and standards Providing guidance to teams implementing various solutions in a fast-paced, agile environment.
• Evaluate current Confidential ePO environments and plan, design, deploy and maintain Mvision suits to internal and external clients.
• Automate deployments through the use of configuration management
• Create Chef coding best practices for existing development team.
• Debug existing automation code and test to confirm functionality within AWS/EC2
• Refactor existing Opscode Chef Automation code.
• Test Chef Cookbook modifications on cloud instances in AWS and using Test Kitchen and Chef Spec.
• Create documentation for Chef best practices to be used by developers as a guide to Chef Automation.
• Build servers in cloud based and physical infrastructure.
• Coach mentor and train developers in Opscode Chef and autonomously provisioning instances in a virtual environment.

Confidential, Dallas, TX

Sr.IT Cyber Security Consultant III

Responsibilities:

• IT Cyber Security SME and POC for any security issues over the Haggar environments
• Architect, Administrate and maintain all issues related to all Trends Micro Products (Office XG, Deep security, Control manager, endpoint manager, and application control manager.
• Scheduled, configured and maintained network security upgrades and daily backups.
• Provide SME consultation regarding cryptographic solutions, services, products, projects, cryptographic compliance with association payment networks, PCI DSS, and industry best practices
• Monitor the audit findings are followed up by the system owners for closure of any non-conformances. Following up with secondary audits to ensure the work is being completed
• Plan and develop audit scopes for key technology across the Haggar’s group.
• SME and POC for Stealth Bit products to test, install, administrate, controls, create policies, procedures and standards;
• On-going monitoring of the Company's control environment.
• Providing analysis, recommendations, and appraisals to aid the members of the Company in the effective performance of their responsibilities.
• Performed security reviews on internet and mobile applications (architecture and design)
• Researched new attack vectors and mitigating solutions
• Working as Backfill for Administer Veaam Backup system for ~1000 virtual machines, operating and monitoring Veaam Backups/Restores Windows, SQL, Exchange and Veaam Troubleshooting for any backup didn’t complete
• Develop and document cryptographic policies, procedures, and guidelines. Work alongside senior engineers as interface to governance, compliance, and risk management teams to ensure the system consistently meets the requirements for and accreditation.
• Provide SME consultation succinct and intelligible cryptographic reports, comments, and updates to Sr. management teams.
• Maintained SIEM (LogRhythm) and IPS (Tipping Point) for enterprise network.
• Performed upgrades of IPS system when old system was retired.
• Created monthly incident reports for upper management.
• Developed content for the LogRhythm platform around current trending security events to provide real time, relevant alarming.
• Developed Parsing rules for customer log source(Regex).
• Peer-review and (l LogRhythm).
• Developed and implemented network and system security related policies.
• Supported incident response during non-regular hours and emergency situations.
• Research, interact and coordinate with vendors to identify and implement the best software solutions per our technology requirements.
• Analyzed data collected to aid in property management for over 10K personnel for three DCS locations.
• Assisting in development, review, and dissemination of information security awareness communications in coordination with other institutional stakeholders
• Provide advice based on the corporate standards, external legislation and general best practices to safely guide the business passed the pit falls of cyber threats
• Work alongside the security risk assessment programmer to identify and document any risks that are discovered.
• Provided guidance to regional security teams
• Provided analysis/opinions to senior management/project teams on “hard-to-solve” problem
• Engaged with development teams and promote secure design/development early in the SDLC
• POC for Trustwave and SME in PCI DSS Compliance, This role includes vulnerability testing and assessment, security configuration analysis, PCI DSS and P2PE implementation, assessment, and audits, ISO/IEC 27001:2013 implantation, security management and operations, security governance, security policies and procedures development and system analysis as well as security .
• Backup role for network/Systems Administrator specializing in Cisco devices, Network security, Firewalls and VPNs, Cisco Routers, LAN/WAN connectivity, TCP/IP Windows XP, Windows Vista, NT/ System administration, communications.
• Possess IT experience with a strong foundation in internetworking and troubleshooting.
• LAN/WAN experience internetworking with Cisco routers, switches, Check Point Firewalls, Arista switches, IP telephones, 5508 Wireless controllers, and 3600 series access points..
• SME for FORTIMAIL Appliance to monitor all in/outbound email and activities going to exchange 2013 server.

Confidential, Dallas, TX

Sr.IT security Consultant

Responsibilities:

• Lead the endpoint protection security team (EPS) to support all security issues related to Bigdata Endpoint Protection like VSE, HIPS, MSME, MOVE, ENS and IDS/IPS issues on TxDCS (windows and Unix/Linux) environments.
• Provide technical direction for development, engineering, interfacing, integration and testing of components of system
• Work alongside electronics hardware and software engineers and with IT, acting as the security advisor and providing guidance on security architecture
• Interface directly with customer and program management team
• Provide technical oversight of program milestone reviews
• Drive solution for hardware, software, and develop policies and procedures for securing operational infrastructures
• Provide internal and external customers with technical design support to system acquisition specification, design, proof-of-concept prototyping, development and evaluation of management information and decision support systems
• Review new security technologies, help select third party suppliers, and create solutions to effectively mitigate security threats/risks
• Responsible for the review of security alerts originating from our MSSP security monitoring service including triage, investigation and root cause analysis
• Instrumental in coordinating compliance remediation efforts effectively raising our systems configuration compliance levels from approximately 40% compliant to over 98% compliance in just 6 months for over 600 systems.
• Responsible for Corporate Security Policy development.
• Perform ongoing tuning and alerting on technologies which may include but are not limited to: Data Loss Prevention (DLP), Host Intrusion Prevention (HIPS), MOVE, VSE, MSME, MA
• Participating in the prioritization and planning for our $3.6 million capital expense budget aligning it to both business and information security program goals.
• Implementing Security and Compliance Frameworks ISO 27001, COBIT, COSO, ITIL, NIST,SP r1,FIPS • FISMA • PCI-DSS • HIPAA,GLBA • SOX to different TXDCS agencies.
• Developing Security Operations procedures to maintain regulatory compliance in accordance with prescriptive PCI controls
• Assisting in the internal review of corporate information security policies in cooperation with key systems administration departments in alignment with PCI, SOX and future regulatory frameworks utilizing CIS as a guideline for their provisions
• Participating extensively with external PCI and SOX audits by developing audit evidence and coordinating with internal compliance teams
• Actively Participated in corporate PCI Compliance initiatives and assessment.
• Provided risk management oversight and compliance support for Information Security Technology (IST) Risk Management and Compliance Project Management (RM &C) team Information Security, full scope PCI-DSS, Sarbanes Oxley/COBIT and ITIL/ITSM compliance/internal control testing efforts within multi-platform environments.
• Managed and executed the entire gamut (risk assessment, testing, root cause analysis, reporting, remediation, continuous monitoring) of internal control compliance testing.
• Responsible for managing the corporate Tripwire Enterprise file integrity management product
• Responsible for RSA Envision, Confidential SIEM monitoring and configuration aligned to internal PCI and SOX controls.
• Evaluating the selection of Managed Security Services for key IT security systems
• Responsible for corporate Cryptographic tools (Safenet Appliances) and key management processes/procedures.
• Acting as Sr. Security Engineer, Security Analyst and Security Architect for IT projects
• Managing extensive PCI remediation efforts across IT
• Deployed corporate Intrusion Prevention systems for all corporate and ecommerce DMZ environments.
• Evaluating data loss prevention technology for future deployment and budget needs
• Act as SME for review/monitoring of corporate Symantec (SAV10/SEPM11) virus/malware remediation efforts.
• Leading the project to migrate more than 7000 servers(Windows/Linux) from Symantec technology to Confidential products as (VSE, VSEL,CLS,HIPS,HIDS,MA, EPO, SIEM,Nitro,Critical watch)
• Handling P1, P2 incidents call and provide resolutions to customer.
• Processing all remedy tickets assigned to the team before the SLA deadline. co-workers on new adopted technologies.
• Test new technologies releases (SP, patches, hotfixes) in our development environment before deploying to production environments.
• Participating in vendor’s (MacAfee and Symantec) beta technologies labs, threats SNS notifications, alerts, newsletters.
• Preparing monthly automated risk reports to customers (TX DCS 23 agencies).
• Deploy, maintain, troubleshoot, tune multi-tier, distributed, cloud-based applications components ( Confidential /Symantec email and gateway solutions in OAG-CS and OAG-AL environments)

Confidential, Plano, TX

Sr. System Support Engineer

Responsibilities:

• Interact with Enterprise customers (mainly Fortune 500 companies) on MacAfee Perimeter Security and Vulnerability Assessment Products (EPO, Foundstone, email Security. EMM).
• Gained expertise & specialized on Perimeter Security products which include Intrushield (IPS) and Host Intrusion Prevention system (HIPS). Single Point of Contact (SPOC) for escalations/technical issues related to Perimeter Products (email Security, IPS, Web shield).
• Gained experienced and supported Vulnerability assessment and Penetration Testing using Confidential ’ s flagship product Group shield for Exchange/Dom.
• Prepared VM machines with vShere ESX3.x,4.x, to simulate customer’s issues (win2003/08/10, exchange 2000/03/07/10, and SharePoint 2003/07/10)
• Involved in Research and Analysis during troubleshooting with respect to reproducing client issues with a view to resolution. This also, involves time to time interactions with the Development/QA center hosted in Bangalore.
• Assigned to special projects to install multiple servers(vServer) with win 2003/08, exchange 2003/07/10, sharepoint2007/10 configure, maintain, test different Confidential ’s product compatibility, then work with Developing team for hot fix to clear bugs.
• Tested MacAfee’s e-mail security products (group shield, portal shield, IPS, Spam killer with exchange 2003/07/10.
• Interaction with IDT and AVERT team for critical issues related to IPS Signatures.
• Conducting DAP (Deployment Assistance Program), which includes remotely accessing clients network and assisting them in deploying/configuring Confidential products.
• Wrote KB Articles for MacAfee Support Team for new issues that were found during troubleshooting.

Technologies: Intel, UNIX, Linux AS, Windows 2003/08 exchange2003/07/10, Oracle 8i/9i, SQL2005/8, TCP/IP, Routers, Hubs, Firewalls, Proxy, DNS, WINS, OLTP, SAN, NAS, EMC, VSU, Quality Assurance, UAT, Stress Testing, SDLC, SQL Queries, BEA Web logic, HP, SQL Server 2003/8,EPO,GSE,GSD, VSE, EMM, PSH,PA, EE, Ebiz.

Confidential, Addison, TX

Sr.System Engineer

Responsibilities:

• Responsible for troubleshooting and repairing CEB’s domain controllers, Active Directory, and DNS, and messagingenvironment. Identified problems with AD replication, DNS configuration, and Group Policy configuration and engineered and implemented permanent solutions designed to provide stable future growth.
• Design, implementation and Administration of Active Directory infrastructure on Microsoft Windows server 2003 and 2008 (x86 and x64).
• Automation of computer and user configuration, as well as software installation and upgrades.
• Analyze data and investigative information using Encase and
• Possess an efficient and versatile communication style
• Demonstrated integrity and judgment within a professional environment
• Support the information security lab used for processing investigation and forensic efforts
• Setup and configuration of Symantec Enterprise Vault (VERITAS KVS) archiving software.
• Manage and lead day-to-day technical security operations for a global web hosting provider and domain name registrar and provide leadership for Corporate Security team.
• Operate and analyze results from enterprise detection systems such as Sourcefire, Tripwire, and several others.
• Perform incident response for compromises that occur within the network, both in production and on the back-end servers. Act as Tier 3 escalation point and on-call responder.
• Perform regular vulnerability assessments and internal penetration tests against corporate assets.
• Manage, operate, and analyze data from corporate security systems including Sourcefire IDS, Solera Network Forensics, Mandiant Intelligent Response, and EnCase.
• Analyze incident event data from FireEye and Damballa Failsafe appliances as well as other data sources.
• Maintain corporate SSL s and ensure their freshness and renewal status.
• Provide security oversight and best-practices advice for ongoing operations within other organizations.
• Act as a security evangelist for the company and provide guidance on information security topics.
• Implementation of Symantec Mail Security for SMTP and Symantec Endpoint Protection.
• Installation and maintenance of database servers in both Windows and Linux environments.
• Configuration and maintenance of Cisco routers, VPN devices and managed switches.
• Management and administration of LANs, servers, workstations and peripheral equipment.
• Setup, configure and troubleshooting of Microsoft IIS web server issue.
• Setup and configuration of VMware 3.x, 4.x servers in both Windows and Linux environments.
• Identified and repaired replication problems with CEB’s multi-forest, multi-domain environment. Created scripts to troubleshoot and automatically repair chronic issues with AD integrated applications.
• Redesigned the replication topology to better support the physical site links and MPLS network between multiple national and international sites.
• Managed and maintained a multisite Exchange 2003/07 messaging implementation with multiple application integrations such as OCS 2007, BES, and RightFax.
• Provided group policy support by consulting, designing, and implementing group polices to control the user interface for Citrix (Presentation Server, Citrix XenApp and EdgeSight). Created GPOs to manage wireless, firewall, WSUS, and security settings on computers.
• Designed and implemented a WSUS 3.0 solution for the Windows Server environment.
• Stabilized, documented, and designed a VMware test environment for AD and core systems integration with IIS, Exchange 2003/07, OCS 2007, WSUS, and SMS 2003.
• Monitoredand troubleshot IDS systems for two calling centers using applications like ArcsightConsole 4.5.1.6043.2, Arcsight Logger,BMC Remedy 7.5 Bluecoat (Netcache),Netwitness Investigator 8.0,Proofpoint Smart Search 1.0.1.18,Microsoft Windows Most versions (SCOM, SCCM, SMS)workstation/client only, Enterasys Dragon, Internet Security Scanner, RealSecure Site Protector,Cisco Secure IDS,Cisco Router and Switch Operating Systems, HP Openview, Sourcefire Snort, Symantec and Confidential desktop and enterprise antivirus, ForeScout CounterACT,Air Defense Security, MAP to determine any unusual activity was observed or discovered, we would
• Designed, deployed, configured, supported, troubleshot, debugged and administered some of the Cisco security products, devices, and technologies like ASA 5500 series, ACS
• , NAC, TrustSec, 802.1x, IOS IPS, RADIUS/TACACS+, SSL/TLS, SSH.
• Documented user, group, and shared resource information to be used by the Tier 2 support personnel, user administrators, and workstation administrators. Created how-to documents to support new infrastructure designs.
• Supported systems with Symantec Netback 5.x, EMC Data Domain, and Tape Hardware.
• Assisted telecom team to install (VoIP) Avaya system, configure and troubleshoot end user issues.
• Developed simple VBScript and PowerShell scripts to manage implementation of AD changes and to support other engineers and administrators to gather AD information to report to end users and auditors.

Confidential, Irving, TX

Sr.System integration Engineer

Responsibilities:

• Participated with the customer in the strategic design process and translate business needs into technical systems solutions.
• Designed and maintained server and network architectures supporting web based applications (Intel, UNIX environments).
• Infrastructure and Architectural design including security implementations (over 22 projects) ensuring smooth project progression from inception to production on time and within scope and budget using project management and ITIL best practiced methodologies IS&I,IBM Rational tool(requirement & design management, costing/forecasting, planning both strategic and tactical, scoping, scheduling, implementation, testing, security/audit reviews, launch activities, quality assurance, business continuity, disaster recovery, governance, problem resolution & risk management, change control, wrap up/post mortem and vendor management).
• Ensured to provide customers with a high level of customer satisfaction through maintaining comprehensive knowledge of solutions offerings, strategies and direction as it relates to their business.
• Proposed new and complex high quality solutions to clients in response to varying business requirements. used a pre-sales methodologies along with in-depth knowledge of leading-edge solutions and technology in conjunction with industry and business skills to influence clients and sell Confidential solutions
• Developed Comprehensive Environmental Documentation.
• Participated in designing and develop RII( Retail Infrastructure and implementation) web portal
• Install, monitor, administrate and configure the servers by installing the OS Linux, Windows 2000 AS, Applications Voice Genie Gateway, VR, Web logic, Databases Oracle 8i, 9i and SQL2000 and tested before handing to the production team.
• Configured and maintaining networking using of TCP/IP protocol stack.
• Configured network devices design network configurations including Routers, Hubs, Firewalls, Proxy, DNS, WINS servers.
• Designed and maintained the physical architectures supporting OLTP database applications including database servers, SAN, NAS, EMC and VSU.
• Participated in development of innovative and cost effective solutions to customer problems, using integrated data processing and communication solutions.
• Coordinated with the Application Development Manager to ensure the detailed design aligns with the solution and the Quality Assurance Test Manager to coordinate functional testing of the solution and the infrastructure/implementation team to ensure successful implementation and deployment of the solution.
• Worked with more senior team members in performing research and feasibility studies, tradeoff analyses, operation studies, design reviews, and technical briefings with clients.
• Staffing, performance appraisal, promotion and compensation decisions.
• Answered customer inquiries regarding technical issues, and provided them with proper
• Supervised, coach and develop staff (14 members).
• Provided and assistance to less experienced staff.
• Ensured the staff remains engaged through selected challenging assignments that push established technological knowledge base boundaries.
• Led Risk Assessment meetings.

Technologies: Intel, UNIX, Linux AS, Windows 20/03,Vserver, Oracle 8i/9i, SQL, TCP/IP, Routers, Hubs, Firewalls, Proxy, DNS, WINS, OLTP, SAN, NAS, EMC, VSU, Quality Assurance, UAT, Stress Testing, SDLC, SQL Queries, BEA Weblogic, HP, SQL Server 20/05, DBMS, C++, ASP, Java, CORBA, VB, XML, .NET, DBA, Stored Procedures, Oracle, Teradata

Confidential

Technical Engineer/Network Administrator

Responsibilities:

• Administered and supported computer systems (Win NT, Win 9x) for all district offices in the city.
• Configured, Analyzed and resolved problems associated with server hardware Windows NT evaluate and install patches and resolves software related problems.
• Maintained data files and monitors system configuration to ensure data integrity.
• Installed, configured and maintained Active Directory, DNS, DHCP, WINS, Firewall, VPN, SSH.
• Led all phases of small to medium size projects. This should include understanding the business, recommending appropriate projects based on business value, defining project objectives, determining business and system requirements, project planning, selecting a team and assigning project responsibilities, negotiating project deliverables, evaluating and selecting products, designing and testing, implementing and maintaining appropriate solution.
• Determined the scope and objectives of audits and prepare audit plans, Report findings and make recommendations to management.
• Managed and supervised five people to be part of productivity team at HR block in the city.
• Wrote Annual Reports and Planning for IT Information Department.
• Provided the 22 offices in the city with PC‘s and needed parts.
• Trained the new staff and employees for new software.
• Maintained and upgraded the PC’s and software in all offices.
• Prepared bi-weekly report about the status for the district direct about status of all offices.

Technologies: Window NT/9X, Active Directory, DNS, DHCP, WINS, Firewall, VPN, SSH, Reports PhD. in IT Cybersecurity Management (current)University of North Texas (UNT)