SUMMARY:

• Senior Cyber Security Engineer for 16 years and have additional 16 years’ for a total of 32 years hands - on experience and expertise as a Technical Manager, Hardware Engineer, System Engineer and Network Engineer.
• Task includes Monitoring, analyzing, migration, designing, consulting, deploying, troubleshooting and Project Management as while as a technical Management of large network systems.
• I have a proven record of evaluating system vulnerabilities, compiling actionable analysis, reporting threats, and recommending security improvements.
• Ability to quickly assess and troubleshoot complex problems involving a wide variety of information systems, work independently on large-scale projects, and thrive under pressure in fast-pace environments.
• (This is just a few of many Technical and Managerial task I have done in the Federal Government, Local Government and Commercial/Private Companies)

TECHNICAL SKILLS:

Security Applications Tools: ISS Real Secure IDS, Snort IDS, Tipping Point IPS, ISS Proventia IDS, Juniper Net Screen IDS, McAfee Intrushield Gateway IPS, Trend Micro Antivirus Virus, Symantec Enterprise Anti-Virus tools, Anti-Virus tools, Linksys, D-link Firewalls, Check Point NGX Firewalls, Juniper Firewall, Security Event Management of firewalls, ISS Real Secure, Tivoli Big Fix, Nessus, Nexpose, Nmap LEM Checker, Web Sense 6.2, Bluecoat Proxy SG 8000 Series, Iron Port, SIEM monitoring, HP ArcSight SIEM, HP Sensege SEIM, Cisco Mars SIEM, Tenable Security Center, Fore Scout NAC Active Scout & Counteract CT4000, Symantec EP, McAfee Virus Shield, McAfee Nitro SIEM, McAfee ePO, Bluecoat Proxy SG810 & SG510, Niksum Packet Analyzers, Riverbed Cascade Anomaly Detection, Fire Eye CMS 4310 WEB MPS 4300 & Email MPS 5000, Cisco Iron Port Email security, Imperva Application Firewall Secure Sphere X4500 Secure Sphere X2500 & Secure Sphere M150, DB Protect ver. 8.1 and Symantec DLP, Checkpoint IPS and IBM Site protector IDS. Cisco IOS, N-Stalker Enterprise 2012, HP WebInspect, Nmap, Super Scan4, Retina Network Security Scanner 5.17.1, Http TrafficGen, GFI LanGuard 11.0, Cain 4.9 and Backtrack 5Operating Systems: Windows NT/XP/Vista/7/8, 2003, 2008, 2012, Microsoft Exchange Server, Novell GroupWise, Lotus Notes, OS2, Linux, UNIX, and Apple OS X, VMWare, Oracle VM

Network Systems: LAN/WAN, TCP/IP, DNS, Wireless, Cloud Computing, VMWare, Windows Server 2003/2008/2012, Citrix, Novell, Right Fax Servers, Win Port Servers, Banyan Vines Networks, switches and routers. HP OpenView, IBM Tivoli, IBM Netcool, Cisco Works, DS View

PROFESSIONAL EXPERIENCE:

Confidential, Collage Park, MD

Information System Security Officer/ Sr. Security Engineer

Responsibilities:

• Advise the system owner regarding security considerations in applications systems procurement or development, implementation, operation and maintenance, and disposal activities (i.e. life cycle management)
• Assist in the determination of an appropriate level of security commensurate with the impact level
• Assist in the development and maintenance of system security plans and contingency plans for all systems under their responsibility.
• Participate in risk assessments to periodically re-evaluate sensitivity of the system, risks, and mitigation strategies.
• Participate in self-assessment of system safeguards and program elements and in certification and accreditation of the system.
• Notify the responsible IT Security Officer (ITSO) of any suspected incidents in a timely manner, and assist in the investigation of incidents, as necessary;
• Maintain cooperative relationship with business partners or other interconnected systems.
• Writing SSP, CP documents
• Perform Contingency Plan Testing
• MS Windows and Linux security assessment and hardening.
• Citrix and VMware Hardening
• Duties includes System administration, network administration, database administration, mobile device management, access control systems, and cyber security tool implementation and testing
• System Development Life Cycle.
• FIPS and NIST security policies, standards, and guidance.
• Dept. of Treasury cyber security policies and procedures.
• Tools used: Cisco networking and firewall platforms, Solar Winds, IPS, Nessus, Nexpose, Metasploit, Splunk, Apache Hadoop, and Mobile Iron.
• Work with the lead DBA, Developers, System and Network Engineers to resolve security issues
• Creating the SAR and the addendum documentation for each new system or devices coming on line in production.

Network Security Administrator

Responsibilities:

• Cisco IPS ASA5515-IPS, Cisco IPS ASA-SSM-40 IPS using Cisco IPS Manager Express 7.2.7
• Cisco ASA 5515 firewalls using Cisco ASDM-IDM management tool
• Websense Triton 7.8 for Web content filtering and the DLP protection module Web & URL Security locking down what site a user can go to through the policies setting. Data Security DLP Network and Endpoint Discovery, audit logs Email Security inbound and outbound, blocking virus, spam, bulk mail and other Threats Monitoring
• Splunk 4.0 SEIM Tools monitoring network Traffic
• Nessus Professional 6.5 vulnerabilities scanner
• Solar Winds Orion monitoring all Windows, Linux, database, switches, routers and other network gear, includes systems health, Application monitor, events, syslog,. Monitoring VOIP Phone (Polycom phones). Analyzing Net flow Traffic etc.
• Nmap/Zenmap 7.01 scanner
• BMC Track-it for inventory, reports, Change Management, and technical documents store.
• Data encryption, Symantec Endpoint Protection 12.1.5
• Research Technology
• Write and implement the policies to govern an organization's network environment and the systems that are connected to it.
• Find security gaps by performing routine audits of hardware and software entities on the network and closing those gaps.
• Apply operating system updates, patches and make configuration changes to tighten security.
• Protect the network from malicious entities such as hackers, viruses and spyware.
• Ensure the security of traffic that passes through the network.
• Ensure that network equipment is physically secure.
• Maintain an inventory of computers, servers, terminals, modems and other access devices that are attached to the Network.
• Manage, assign, and maintain the list of network addresses.
• Upgrade, manage, and maintain Firewall and other security equipment.
• Assist system owners in the development and maintenance of security plans for all general support systems and major applications under their responsibility.
• Assist system owners in the development and maintenance of contingency plans for all general support systems and major applications under their responsibility.
• Participate in risk assessments to periodically re-evaluate sensitivity of the system, risks, and mitigation strategies.
• Assist the system owner in the identification of resources needed to effectively implement technical security controls.
• Ensure the integrity in implementation and operation of technical security controls by conducting control security test and evaluation.
• Notify the responsible Information System Security Officer, or if none, the responsible IT Security Officer of any suspected incidents in a timely manner, and assist in the investigation of incidents if necessary;

Sr. Security Engineer/ Architectural Design

Responsibilities:

• Provide full life cycle IT Technology engineering, including Product Evaluation, Product Deployment, Configuration and Maintenance, and Third-Level Support in a security operations center environment. Coordinate with other organizations, assist the user community, coordinate with vendors, and be able to adapt to a changing environment. To insure all security tools are up and working to secured Dept. of Education/FSA network environment. Research, test and evaluation in the lab of any new tools that may be deployed in production. Hands on with VMWare ESX, ESXi, and VSphere security testing and hardening of virtual machines, Cisco Layer 3 switch provides connectives and network routing between virtual LANs (VLANs), Linux and databases security, Vulnerability scanning with Nessus, Vulnerability and Threat Analysis visualizes potential attacks against the enterprise by building a network model using results from vulnerability scanners, asset management, firewall rules and other data sets as needed with Cauldron Security tool, Centralized Enterprise Endpoint Security Management using McAfee ePO, Enterprise Configuration Monitoring and Network mapping with Red Seal tool, Enterprise Security Operations detecting and respond to Advanced Persistent Threats (APTs) using Archer SecOps Tool, Network and Host Intrusion Protection (NIPS/HIPS) using McAfee, Network Intrusion Prevention and Cisco IDS, Security Information Event Monitoring through Splunk SEIM Tool, Vulnerability Scanning also with Qualys Guard, Database Scanning using AppDetective, Net Optics Director Plus Tap for Aggregation, Regeneration, Matrix Switching, and smart filtering in a single device for Improves network visibility and security threat management, Relieves oversubscribed tools by filtering and logs gathering., Imperva WAF for Web application and web server security real=time monitoring and blocking. PEN Testing with Core Impact, Metasploit, Kai Linux suite
• Standard Operating Procedures, Concept of Operations (CONOPS),Installation/Deployment Plans, Test Plans, Network Diagrams, System Architecture Diagrams, Tool configurations. Also build the Security Test Lab. (These are some of the ongoing deployment of new Security tools that will be put in place each year)
• Responsibilities: Develop and maintain Enterprise security engineering concept of operations (CONOPS) documentation. Develop and maintain Standard Operating Procedures for security engineering roles and responsibilities. Maintain deployed security technologies providing accurate, detailed configurations, repeatable processes, all under change management control.
• Deploy security technologies in development and production environments. Develop processes that analyze data and produce accurate, meaningful, easily interpreted results based on user requirements and use cases. Conduct product evaluations of security technologies as directed. Develop product comparisons and detailed reports. Make recommendations to management appropriate to an organizations needs and requirements. Provide third-level troubleshooting support for security applications and appliances.
• Wrote Security Assessment Report (SAR) and provided (POA&M) Plan of Action and Milestones with risk analysis. Contribute to initiating FISMA metrics such as Annual Testing
• Design network and system architectural placement of new Security tools within the currant architectural layout, which includes make changes to better-secured FSA networks. And enabling better resources for Incident Response

Sr. Security Engineer and Policy Advisor

Responsibilities:

• Manage Sophos Web appliance Model WS1100 for Advanced protection from web malware, URL Filtering, Control rogue users and enforce safe search and reporting
• Manage Sophos Email Gateway appliance ES1100 for encrypting e-mail, DLP for data protection, Block spam, malware and phishing attacks
• Incident Response handling of all attracts
• Manage Cisco IPS Manager Express 7.27 ASA5512, Nessus, Nmap, Cisco ASDM For ASA Firewall
• Installed and configured Sourcefire/virtual IPS Defense Center using Cisco FireSight System.
• Identify, plan, and coordinate the delivery of security assessment and other security services required.
• Provide security consultancy to support change initiatives to ensure new projects and services are deployed in a manner that ensures adoption of relevant security strategy, designs, standards, controls and tools.
• Accountable for representing Technology Operations in cross-functional change programs and business meetings to ensure that information security considerations are included and considered and informed decisions are made to achieve agreed outcomes.
• Provide clear and concise security requirements that meet corporate direction, regulatory requirements and security best practices.
• Involvement and contribution in more complex designs with regard to IT security expertise, providing guidance early in project planning and solution definition phases.
• Key contributor in designing IT security solutions according to business and architectural requirements and standards.
• Review project solution designs to ensure security requirements are met.
• Implement security solutions, and provide technical leadership during the design, implementation, and testing phases of major initiatives.
• Work closely with other team members to ensure proper deployment of IT security solutions.
• Research, formulate and present detailed security positions relative to new technologies to Senior Management and project Teams.
• Review IT security solutions for high-risk projects and confirm that these meet guidelines and requirements.
• Perform internal and external security assessments.
• Perform 3rd party security assessments and audits.
• Production and management of internal technical vulnerability reports as per approved standards and processes.
• Production and management of design review memos as per approved standards and processes.
• Ensure security controls are implemented and operating effectively as part of solutions delivery.
• Provide technical advice and guidance on IT security related queries to both project and business areas as and when required.
• Provide Information Security subject matter expertise to business and technology customers.
• Support the supplier assessment process used in order to ensure that a suppliers capability to support services to an agreed level/standard is accurately assessed and reported.
• Lead, product evaluation activities from an IT security perspective to ensure products comply with minimum-security requirements.
• Working knowledge of ISEC requirements, Working knowledge of PCI regulations, previous experience with preparing audit responses. Responsible for writing the SSP, Risk Management, and Business Continuity Plan documentations.

Information System Security Officer (ISSO) / Cyber Security Architect Team Lead

Responsibilities:

• Information System Security Officer (ISSO) for the FCC Auction Cloud Development Project
• Oversee the Security Operation Center (SOC) Engineers
• Reporting to the Chief Information Security Officer, manage the information security
• Acts as an internal consulting resource on information security issues.
• Conduct the information security risk assessment program.
• Review compliance with the information security policy and associated procedures.
• Coordinate information security efforts with the Internal Audit Department.
• Support and manage multiple operating systems within FCC.
• Utilizing FISMA, FIPS 199, NIST 800 53rev4 Security controls, ensure all systems are in compliance with POAM process.
• Analyzes and assesses vulnerabilities in the infrastructure (software, hardware, and networks)
• Performs security monitoring, security and data/logs analysis, and forensic analysis, to detect security incidents, and oversee incident response process.
• Investigates and utilizes new technologies and processes to enhance security capabilities and implement
• Managed and help build FCC Security Operation Center as well as putting workflow and policies in place.

Tools: Tenable Security Center, Checkpoint Firewalls NGX R61& Power 1 5077, Encase, Fore Scout NAC Active Scout & Counteract CT4000, Symantec EP, McAfee Virus Shield, McAfee Nitro SIEM, McAfee ePO, Bluecoat Proxy SG810 & SG510, Niksum Packet Analyzers, Riverbed Cascade Anomaly Detection, Fire Eye CMS 4310: WEB MPS 4300 & Email MPS 5000, Cisco Iron Port Email security, Imperva Application Firewall Secure Sphere X4500: Secure Sphere X2500 & Secure Sphere M150, DB Protect ver. 8.1 and Symantec DLP, Checkpoint IPS and IBM Site protector IDS, and a few others scanning and monitoring tools

• PCI, HIPAA self-assessment process, Physical security reviews, Evidence collection and submissions for internal and/or external audit requests
• Responsible for writing the SSP, Risk Management, and Business Continuity Plan documentations. Also writing and managing the POAM process.

Sr. Security Analyst/ Information System Security Officer

Responsibilities:

• Protect computer assets by establishing and enforcing system access controls, maintaining disaster preparedness.
• Oversee and manage any changes and the deployment of Security tools . Sourcefire IPS, Palo Alto Web filtering, Symantec Endpoint Protection, PGP File encryption, True Crypt, Tivoli Endpoint Manager (BigFix), Tenable Security Center Scanner, and IBM AppScan, Trend Micro Office Scan.
• Develop framework for controls and levels of access recommending improvements.
• Maintain Security on all systems, providing and revoking customer access also reporting usage violations.
• Perform audits on network system and documentation.
• Establish computer and terminal physical security by developing standards, policies, and procedures; coordinating with facilities security.
• Develop security awareness by providing orientation, educational programs, and training.
• Develop and implement SSP documentation and insured that all NIST 800-53 Security controls are being addressed.
• Working knowledge of ISEC requirements, Working knowledge of HIPAA, and PCI regulations, Previous experience with preparing audit responses
• Responsible for writing the SSP, Risk Management, and Business Continuity Plan documentations.

Confidential, Washington, DC

Security & Information Assurance Analyst

Responsibilities:

• Ensure department system and network equipment is protected from Malware, Hacker, Data lose and other forms of cyber-attacks.
• Ensure all equipment is up-to-date with the DISA Security Technical Implementation Guides (STIGs), as well as the many NIST Security Standards from, the 800 NIST series.
• Provide security for all VMware desktops and servers
• Evaluate vulnerability scans utilizing network scanning tools and software to notify system administrators of applicable Information Assurance Vulnerability Alerts (IAVA).
• Manage Blackberry Administration, as well as, Air Watch for Android phones
• Perform monthly Penetration testing on SQL databases using Pen testing features with DB Protect.
• Deploy and manage DISA STIG CAT 1 standards for all systems.
• Monitor outbound and inbound traffic using Snort IDS and Sourcefire IPS, also using HP ArcSight for Log management, IPS, database, Firewalls and Switches
• Incident Response handling of all attracts
• Scanning systems and network equipment for vulnerability and compliancy with Nessus Scanner
• Managed and Patch systems and third party application with Tivoli Endpoint Manager (BigFix)
• Create POA&M and ensure fixes are applied
• Creating and writing SOP documentations

Senior Security Engineer / Project Lead

Responsibilities:

• Administer and manage the Eligibility and Enrollment Systems built on Windows Server 2008, AIX, and Red Hat Linux.
• Assist in the design, configuration and testing in the building the Maryland Health Information Exchange (HIX) utilizing IBM Tivoli Identity Manager, and Access Management and the Federated Identity Manager.
• Perform accountability audit log collections using Splunk.
• Perform daily scans and Pen Testing for vulnerability on all servers and web applications servers using N-Stalker Enterprise 2012, HP WebInspect, Nmap, Super Scan4, Retina Network Security Scanner 5.17.1, Http TrafficGen, GFI LanGuard 11.0, Cain 4.9 and Backtrack 5,
• Utilize Guardium Vormetric Data Security Encryption 2.0 tool to encrypt sensitive data, while securing databases. IBM InfoSphere Guardium Monitoring tool 8.2 was utilized in monitoring users and DBA activities.
• Identify and provide details on the security controls related to the system
• Responsible for writing the SSP,SOP, Risk Management, Data Center Continuity Plan documentations.
• Writing and documenting Incident Response handling

Senior Security Engineer

Responsibilities:

• Perform penetration testing on all domain servers, web servers, mail servers, Windows, Linux, and UNIX platforms including network equipment and port scanning.
• Incident Response handling
• Monitor the network traffic using Firewalls, IDS/IPS, web and mail filtering systems also monitoring any changes to database and network drives.
• Present daily status report, reporting on new vulnerabilities and remediation.
• Provide investigative monitoring on user network activities.
• Manage and oversee a team of 8 Engineers.
• Writing SOP documents and Logging POAMs process
• Tools: Cisco ASDN Firewall ver. 6.4- Perimeter firewall, Rules management, Troubleshoot firewall issues, viewing syslog, Palo Alto Firewall Net-Generation Firewall PA-5000- Internal firewall, BelManage/ System Management 2012,McAfee Network Security Manager 6.1 IPS, Cisco Iron Port Web filtering, Cisco Iron Mail filtering ver.C350- Nessus 4.41 Vulnerability Scanner, Qualys Guard Web Service Vulnerability Scanner ver. 7.0.61-1 scan subnets, firewalls, public facing server, DMZ, developer apps, printers, network scanning, routers and Trend Micro Office Scan, Tripwire Enterprise manages. Nmap/Zenmap 5.51- Scanner, GFI LanGuard 9.0 - Security scanner and patch management 2011, Dragon/Snort IDS, and Cisco 6500, 3500 switches.

Cyber Security Engineer

Responsibilities:

• Perform Penetration testing for Government and private sector clients.
• Evaluate computer system security or networks by simulating attacks from malicious hackers.
• Search for unknown hardware or software flaws, or operational weaknesses in processes or technical countermeasures.
• Assess the magnitude of potential business and operational impacts of successful attacks.
• Test the ability of network defenders to successfully detect and respond to the attacks.
• Define and deliver all Security Service offerings, including Vulnerability Assessment, Penetration Testing, Security Architecture and Security Integration services.
• Built advanced hacking labs to assess the vulnerabilities of test, Internet, and/or Intranet connected systems, networks, and applications with the Breaking Point network simulation
• Security Evaluation testing: Evaluating and testing new security product such as IPS, Firewalls, Mail encryption, and Checkpoint IPS, Endpoint and Firewalls products, Surefire IPS, Encrypts and Cloud Computing.
• Tools: Super Scan, Nmap, Nessus, NEWT Professional, Putty, Back Track, Spiceworks, Brutus, Cain & Abel, HP Web Inspect, Core Impact, Netstumber, Kismet and WEPCrack and Wireshark

Senior Security Engineer/ Access Management Lead

Responsibilities:

• Work with IT Teams to insure that all system, appliances, applications and infrastructures are secure; also manipulating logging and auditing features.
• Administer Active Directory Groups.
• Work closely Network Security teams reviewing their security tool and processes also recommending best practices.
• Delegated requests to different levels of IT personnel; also acting as an Approver and Overseer.
• Administer Lotus Notes ACL access to Lotus Notes email and applications.
• Ensure the implementation of all contractual requirements following the Agile Methodology.
• Monitor internal and external network traffic as well a security scanning.
• Install and configure software and hardware for HSPD-12 PIV card Authentication
• Tools: Web Sense 6.3, Tipping Point IPS 5100n, HP Web Inspect7.7, Quest AD and Domain Management tool, Tivoli Big Fix, Checkpoint Firewall 4000, Checkpoint Endpoint Security, Nessus, Microsoft SMS, ArcSight ESM, ArcSight threat intelligence, HP Web Inspect, Trend Micro Office Scan for clients machines.

Incident Response handling/Network Security Engineer

Responsibilities:

• Secure and monitor the Network and the Desktop environments, as well as, performing investigation on US Census Bureau users and conducting deep analysis on inbound traffic that emulates a possible threat.
• Oversee a Security Operation Center (SOC) team consisting of 5 members handling configuration and deployment of new security equipment.
• Installed new Sourcefire IPS 3D3000 Defense Center and Tipping Point SMS 5100 IPS/DLP appliances and sensors
• Perform all updates and fine tuning of sensor, policies and compliance; patches and updates; and writing signatures.
• Create, manage and perform all changes and tasks sensors running weekly reports utilizing Websense 6.3.
• Create daily and weekly reports from IDS searching for matrices of top ten IP’s, ports, IDS signatures, identifying sources and destination IP addresses by their FQDN name.
• Investigate the top ten alerts by using Web Sense and firewall logs.
• Tools: Cisco Mars, Cisco IronPort M 1070: SenSage 4.5 SIEM, Websense 6.3, Cisco ASA and Checkpoint firewalls.

Project Manager /Sr. Security Engineer

Responsibilities:

• Manage and view all Security and Network designs working with new technology to implement them throughout the NAS and Non-NAS systems (National Airspace System) of the Federal Aviation Administration.
• Work closely with other Security Engineers contractors assigned to other FAA in implements Security control such as Access Control Policy Management, Audit, Authentication, Authorization, Automated Workflow Provisioning & De-Provisioning, Event Monitoring Alerts and Logging, Federation Services, Meta-Directory and Virtual Directory Services, Single/Reduced Sign-On Support, Self-service, and Service Management.
• Utilize NIST 800-94 and NIST-41 in the implementation of Firewall and IDS/IPS deployment. Plan and build Public Key Infrastructure (PKI), working with VeriSign and PIV card technology.
• Oversee information system requirements analysis, system design, development, implementation, and testing.
• Develop all activities related to information assurance procedures, control guidelines and systems.
• Confer with and advise all levels of government personnel on administrative policies and security procedures, technical issues and resolution.

Lead Sr. Network Security Engineer

Responsibilities:

• Responsible for designing and rebuilding the Security Operation Center, while supporting a large enterprise network.
• Duties include incident response; intrusion analysis and methodologies; vulnerability assessments; and network surveillance and monitoring.
• Perform research, written documentation and tests on new network security products.
• Updating and patching all Security tools and appliances.
• Created SOC workflow and operation process for the SOC Security Engineer.
• Tools: Checkpoint Firewalls NGX and VPN-1 version R65 and Juniper Firewall Net Screen-Security, Crossbeam, Web Sense 6.2 & Bluecoat Proxy SG 8000 Series ver. 4.2.6.1, HP Open View, McAfee IntruShield Network IPS Solution, High Tower and HP ArcSight
• Incident Response handling of all attracts