SUMMARY:

• Person of the highest integrity, a creative and flexible thinker, and a willing collaborator with others and demonstrated through concrete actions a commitment to diversity, and an ability to execute and promote desired outcomes.
• Align IT strategy and vision of SMBs with organizational goals.
• Assist with deployment of multi - vendor solution to include product and services from Microsoft, DELL, IBM, Cisco, VMWare, Seagate, Symantec, McAfee, Webroot and others.
• Manage IT infrastructure, procurement and enterprise security across multiple OSI Layers.
• Enable and facilitate efforts towards ISO 27001/2, Confidential and industry relevant security best practice framework compliance.
• Proven experience to advancing a high productivity focused information technology environment through assuring the confidentiality, integrity and availability of systems and information systems resources.

TECHNICAL SKILLS:

• Cryptographic systems and algorithms, Key management and practices; Active Directory/RBAC Permission Models; Firewall/ACL configuration; SIEM Vulnerability Management; Enterprise IDS/IPS; McAfee Intrushield; HP Tipping Point; Dissecting IPS/IDS signatures (ideally in Confidential syntax); Protocol analysis; Remote Access authentication mechanisms;
• Enterprise VPN Solutions; Palo Alto GlobalProtect; Cisco AnyConnect; WatchGuard firewalls;
• Configuring Reverse Proxies (e.g. Bluecoat, F5 APM); Strong project management (and time management); Articulate and defend security positions; Monitoring team of security engineers;
• Identify and resolve security issues and analyze risks; Systems, network, and application security; System resiliency, redundancy, failovers and disaster recovery; Penetration testing and vulnerability tools; TCP/IP packet analysis and iptable; Strong knowledge of physical and virtual network environments; Review network security designs for perimeter and internal environments; Risk assessments and Analysis; Compliance testing and auditing; Configuration and Change Management; Implement security best practices for SDLC and Incident Handling.

PROFESSIONAL EXPERIENCE:

Confidential, Newport, DE

Senior Network Security Engineer / IT Manager

Responsibilities:

• Provide subject matter expertise within the following realms of security: access control systems; cryptography implementation; operations security; security architecture and models; network security, security auditing and monitoring; application and Internet security; physical security, and development of SOPs and security policies.
• Develop security related procedures and performance metrics; review and contribute to the improvement and standardization of security systems across New Castle County.
• Influence the development of IT security architecture and system design guidelines.
• Install appropriate network security tools that dynamically audit and report security violations occurring within the network infrastructure.
• Develop remediation plans to maintain security compliance and update SOPs.
• Monitor, assess, and fine-tune IT business continuity security remediation processes, perform application vulnerability assessment scans and risk assessment reviews.
• Execute IT security projects with the infrastructure team.
• Recommend security enhancements and security tool investments.
• Monitor compliance of the enterprise IT architecture with IT security policy/SOPs.
• Investigate and report security incidents, and participate in the incident handling process
• Work with IT management team and IT staff to develop security policies and procedures
• Maintain awareness of latest security risks, exploits and vulnerabilities and apply remediation techniques to mitigate potential risk to the network as required.
• Design, analyze and implement a fully functional Two Factor Authentication (2FA) utilizing RSA Authentication Manager with SecurID hardware and software token technology to provide secure remote connectivity and authentication.
• Configure RADIUS servers to function with LDAP for remote user authentication.
• Keeps updated on IT security regulation changes and new developments in the IT security environment. Conduct research on new cybersecurity threats to mitigate them
• Content-Filtering solutions and proxies (Websense, BrightCloud, Bluecoat)
• Enterprise Vulnerability Scanning Tool Experience: Nessus, Qualys, Retina
• Perform Penetration Testing to harden perimeter network devices and lockdown DMZ
• Use of Metasploit Framework or NMAP for network scanning and others analysis
• Assure IT policies are enforced by each department and individual users
• Member of Multi-State Information Sharing and Analysis ( Confidential ), a group consisting of over 30 member states, sharing data about all current and future cyber security threats and challenges .

Confidential, Washington, DC

Systems Security Architect /Analyst

Responsibilities:

• Monitored and maintained physical and logical security and access to systems.
• FISMA Compliance testing using the risk management Framework from Confidential SP 800-37 rev1, 800-53 rev3, including SOX 404 and COSO COBIT Compliance auditing.
• Implement security Awareness and Training programs in order to educate personnel of their roles and responsibilities to maintaining a vibrant security posture
• Design a Change Management system in order to evaluate change requests for (systems or applications) are processed for approval or denial, and validation of test results from testing a environments prior to implementing changes to the production environment
• Assisted with testing of installed systems to ensure protection strategies are properly implemented and working as intended.
• Supervised the early adoption and integration of NextGen security solutions in support of Agency RAS using SSL-VPN based solutions; effectively reduced vulnerabilities and remote access computing costs.
• Compiled threat matrix for valued assets using Risk Ratings & Target Values (2K3-2K7).
• Restored relevancy, reliability and functionality to Agency IT services by adopting best-of-breed technology and best-of-practices security approach and integrating rule based infrastructure management across enterprise supported by QRadar, Cisco ASA UTM appliances and Juniper SSL-VPN App Sec. (2K3-2K7
• Align IT strategy and vision of organization with State mandated e-Government initiatives.
• Configure and manage active directory services including GPO maintenance
• Configured servers and perform system lockdown and system hardening.
• Perform penetration testing to determine vulnerabilities and mitigate potential unauthorized access or malicious attacks to the network infrastructure
• Design and conduct employee phishing campaigns to assure employee training and awareness programs are successful to educate users and staff about potential threats
• Perform risk assessments and analysis to determine potential threats and mitigate them
• Identify ways to maximize revenue while providing adequate infrastructure security
• Analyze security reports to determine areas of weaknesses and areas where resources may need to be diverted to achieve corporate goals and objectives

Confidential, Columbia, Maryland

Senior Network Engineer

Responsibilities:

• Configure Cisco routers, Switches and Firewalls
• Install and configure Microsoft Exchange Servers, Domain Controllers, and File servers
• Deployment of DNS, WINS, WEB, DHCP, HTTP, SMTP, FTP, including IPS and IDS security prevention and detection systems
• Maintains UNIX/Linux Operating System to provide optimum performance and system availability.
• Coordinate the transition of legacy line-of-business application to Distributed Client Server model application.
• Designed DB schema and assisted with DBA services.
• Configuring Layer-3 ACLs and Layer 2 switches
• Windows or Linux server and workstation administration
• Log files analysis within Splunk and use of Wireshark for packet capture and analysis
• Develop remediation plans to address all potential vulnerabilities found
• Monitor, assess, and fine-tune IT business continuity security remediation processes, perform application vulnerability assessment scans and risk assessment reviews.

Confidential, Washington, DC

Network Engineer / Administrator

Responsibilities:

• Possessed a Secret Clearance for this project through Confidential
• Managed the Enterprise Messaging system and ensure troubleshooting, tracking and reporting of end user issues are addressed accordingly
• Implement VPN technology to allow users remotely work from home and gain access to their emails during off business hours
• Install and configure Domain controller server, file, email, databases and web servers
• Perform backup and recovery operations to ensure data was available when needed
• Implement Network Address Translation to protect internal network resources.
• Configure and install various network devices and services (e.g., routers, switches, firewalls, load balancers, VPN, QoS)
• Perform network maintenance and system upgrades including service packs, patches, hot fixes and security configurations
• Provide Level-2/3 support and troubleshooting to resolve technical network issues
• Select and implement security tools, policies, and procedures in accordance with the agency’s security team and policy.