SUMMARY:

• An accomplished network engineer and information security professional with an outstanding record of success with more than fourteen years of experience in documenting and determining network requirements; and develop design solutions that are in compliance with the best engineering practices, standard and guidelines.
• Perform planning, coordination and conduct security testing and analysis (Vulnerability scanning and Penetration testing); document and report test results/risks and provide recommended countermeasures for a wide variety of systems and application on the IT network.
• I have extensive experience in CISCO ASA firewall administration and Virtual Private Network (VPN) management; configuring and troubleshooting network devices and understanding of routing protocols (OSPF, EIGRP, BGP, MPLS) and high availability redundancy protocols (HSRP, VRRP, GLBP).
• Recognized within the information technology and security community for knowledge, vision and leadership addressing a constantly evolving and complex area of information security with proven ability to establish internal and external corporate level relationships to effect significant change and drive a secure environment and improve security posture of the IT infrastructure.

TECHNICAL SKILLS:

• Network and System Security hardening
• Knowledge of SDLC Models: Waterfalls, Agile, Spiral etc.
• Vulnerability Assessments
• Familiarity with code review process and tools
• Knowledge of RMF, and IT governance standards
• High Availability Network Protocols
• Regulatory Compliance such as GLBA, PCI.
• Cisco ASA firewall and VPN Management
• SSL and IPsec
• Knowledge of Software Security Development Life Cycle (SSDLC), Secure code practice
• Packet Analysis using Wireshark

PROFESSIONAL EXPERIENCE:

Confidential, Fairfax VA

Systems Engineer Manager

Responsibilities:

• My responsibilities include: administrative items such as time card and expense report approvals, compensation management i.e., performance appraisal, communicating critical information to direct reports via staff meetings and meeting staffing requirements via hiring; and general motivational best practices e.g. accomplishment recognition, one - on-one employee engagement.
• As the functional manager, I am responsible for interpreting customer business needs and translate them into application and operational requirements. Leading the technical team and subject matter experts to meet program deliverables and objectives.
• Ensures that projects are completed on schedule, within scope and on budget
• Conduct briefings and participates in technical meetings for internal and external representatives concerning specific operations
• Ensure risk assessments are conducted and recommendations for applications are provided
• Responsible for establishing the strategy, maintaining and overseeing the agency wide information security program to ensure that information assets are adequately protected
• Closely monitor emerging information security threats, assess the risk exposure to the network infrastructure, implement mitigating measures and communicate effectively to key stakeholders on the status by providing periodic updates, reports, and recommendations to the customer and senior management

Sr. Network Engineer

Responsibilities:

• Oversee the day to day operation and maintenance of the inter-agency network connection between the Veterans Affairs /Department of Defense (VA/DoD) for health data sharing for Bidirectional Health Information Exchange Framework and DoD SHARE sites
• Serve as the lead for all new inter-agency network connections for programs requesting access to electronic health data between VA and DoD
• Conduct research and data collection on a number of complex and high priority special assignments as it relates to the Inter-Agency Network Systems
• Experienced in onboarding new external systems via Med-COI (VA/DoD) gateway or Business Partnership Gateway
• Assist the client in all Enterprise Security Change Control Board (ESCCB) requests/submissions and answering all follow up questions
• Responsible for monitoring daily firewall logs and generation of monthly traffic statistics report
• Evaluate and recommend improvements in security documentation and guidance consistent with VA 6500 security handbook and Confidential publications such as Confidential 800-53 rev4 controls
• Served as the project lead, to migrate from a single DS3 inter-agency gateway to a multi-gateway platform (include documentation, tracking status and providing migration milestones to senior leaderships at both agencies)
• Provide C&A support to system ATO and new operations needing ATO on the infrastructure
• Analyze network traffics and alerts, prioritize and differentiate between potential intrusion attempts and false alarms
• Perform off-site audit to check systems readiness for Disaster Recovery program for alternating processing site
• Provide support to management and stakeholders by effectively communicating and escalating issues/solution
• Establish troubleshooting call with inter-agency network engineers to fix and resolve network outages
• Participate in special projects as assigned
• Maintain high level of familiarity with the major Federal Government Information Security policies, guidance and directives
• Experienced in configuring, monitoring and troubleshooting Cisco routers, switches and ASA firewall management and VPN administration
• Maintain a current understanding of the IT threat landscape for the industry

Lead System Administrator

Responsibilities:

• Issue user IDs and password to new users and monitor system access and use to identify any security violations
• Conduct user training to ensure systems security and improve main frame efficiency
• Identify trends and root causes of system failures or vulnerabilities
• Ensure that the Information Systems Security department policies, procedures, and practices as well as other systems user groups are in compliance
• Ensure that the physical environment of the computers and their terminals are properly secured
• Conduct structured walk-throughs to ensure integrity of system applications
• Manage and perform the daily IT system security discovery and assessment activity
• Configure, troubleshoot, and maintain discovery activities that support the collection of critical system assets attached to the IT infrastructure (network)
• Check and ensure proper user access control procedures and documentations are implemented and maintained
• Provide input for documentation on new or existing systems
• Provide expert knowledge and assistance to junior network engineers
• Hands-on experience in configuring IP routing protocols (OSPF, BGP, MPLS) and Multicast (PIM)
• Working knowledge of DNS, TCP/IP, and DHCP
• Working knowledge of UNIX/LINUX