Sr. Consultant and Cyber Security Engineer Resume Arlington, VA - Hire IT People

SUMMARY:

Over 5 years I have grown my expertise as a SIEM security analyst working and specializing in ArcSight ESM/Logger/CONAPP.
I have completed my Masters of Science Degree is Cyber Security Technology which allows me to broaden my experience and knowledge to not only focus on security but allow me to cover other areas of Cyber Security Technology such as information assurance, policy and compliance as well as computer forensics. My current position as a Program Manager allows me to continue be versatile in Cyber Security allowing to cover both technology and policy.

TECHNICAL SKILLS:

SIEM Security Monitoring Technologies: ArcSight, NetWitness, SourceFire, QRadar, and McAfee Nitro

Additional Technology Applications: Remedy, Footprints, Blue Coat Proxy and Reporter, Wireshark

Scanning Technologies: Nmap and Nessus

Software: Adobe Creative Suite, MS Office, MS Project

Forensics Software: Encase, FTK, Paraben or P2 Commander, Helix and Sleuth Kit

WORK EXPERIENCE:

Confidential, Arlington, VA

Sr. Consultant and Cyber Security Engineer

Responsibilities:

Manage and drive technical project enhancements on an existing Identity Access Management system as the Program Manager working with an on - site contractor technical team as well as with the DHS client.
Implementing the HSPD12 program by providing technical and operational support to DHS.

Confidential, Elkridge, MD

Technical Lead for ArcSight

Responsibilities:

Providing custom SIEM compliance and installation guidance, in conjunction with security consulting services for our multinational client base.
Responsible for driving SIEM compliance and monitoring initiatives across diverse infrastructure for a robust managed service client base.
Establish and develop use cases, content building, analyzing security event data, creating filters and event correlation along with daily tuning for ArcSight ESM.
Create and Modify ArcSight content to highlight interesting network traffic for analyst and operators.
Created Rules and Report that tailored the needs of each customer.
Develop and Deploy Content and Content Building in the ESM.
Performed regular health checks for ArcSight ESM, Logger and the Connector Appliance. Continue to check log files for system errors or down connectors and resolve any issues that may affect the performance of the SIEM.
Work closely with ArcSight Engineers to configure network topology which also included definition of locations networks and zones within the ArcSight Manager.
Trained in Advanced Administration in ArcSight.

Confidential, King of Prussia, PA

SIEM Security Operation Center Analyst

Responsibilities:

Responsible for managing the ArcSight SIEM, monitoring alerts, resolving security related events in ArcSight, generating reports. Monitoring information systems to protect the smart grids for the PA, NJ, and MD areas.
Monitor, investigate, analyze and remediate any potential threats or concerns in the IDS and IPS.
Run queries against the database to identify threats and perform manual correlation to minimize the amount of false positive in the SIEM.
Responsibilities included resolving or escalating incidents for further investigation, staying up to date on the latest attacks or APT.
Additional monitoring for CamSuite, Check point, Oracle Receivers, RSA SNMP and additional AntiVirus Vendors such as McAfee.

Confidential, Fort Meade, MD

Federal and Contracted Investigator

Responsibilities:

Completed background investigations for candidates who were obtaining or maintaining their clearances ranging from public trust to top secret.
Trained and mentored new incoming special agents and provided them with the hands on experience that was needed to be highly efficient and overly productive in case management.
Analyzing various security events on case management, taking audit trials.
Achieved exemplary customer satisfaction scores, consistently scoring between 95%-100% on all leads that were re-contacted for quality assurance (outperforming average of 90%).
Consistently met or fully exceeded investigator requirements for high service standards.
High level of productivity and efficiency in completing 95% of each caseload provided each month. Secret Clearance expired 12/02/2012, can maintain any clearance level.