TECHNICAL SKILLS:

HARDWARE: HP ArcSight, Cisco ASA 5500 firewalls, Microsoft SQL server 2008, Cisco SRP547 wireless router, HP Blade Servers, Linksys wireless routers, Radio Labs wireless bridge devices, IBM AS400 servers, Dell Blade Servers, Cisco security/wireless, Fortinet firewall

SOFTWARE: VMware vSphere 4.1/5.0, HVD, Systems Center Operations Manager (SCOM), Systems Center Configuration Manager (SCCM), Active Directory (AD), National Active Directory (NAD), Internet information Service (IIS), McAfee HIPS, Foundstone Security Suite, Nexpose Forensic Tool, Tenable, BMC ADDM/ Server automation Suite, Symantec Endpoint, CSAM, MBSA, SCMOPERATING SYSTEMS: Red - Hat Enterprise LINUX, Windows 2000/XP/7, Windows Server 2008R2/2012R2, VMware vSphere, VMware View, Linux, Virtual Box

PROFESSIONAL EXPERIENCE:

Confidential, Washington, D.C.

Senior Systems Programmer

Responsibilities:

• Installed, configured and administered ADDM to continually monitor server configuration, as well as identify and log out-of-date patches, license, and BIOS versions
• Utilized Tenable Continuous View security suite, McAfee Foundstone and BMC server automation suite to conduct network and system vulnerability/compliance assessments
• Installed, configured and administered Mcafee HIPS within the physical and virtual environments
• Utilized HIPS in a manner to adhere to our organization SLA requirements
• Configured and administered EPO E-policy Orchestrator to manage Hips functionality and configuration
• Utilized tools such as CAIN and X-Way Forensics to Investigate security violations or incidents in an efforts to reverse engineer anomalies
• Proactively troubleshoots, and conducts performance tuning, systems analysis and modifications to ensure availability and reliability to all Enterprise Platform Services
• Managed and improved the Infrastructure Vulnerability Assessment Program, including configuring, scheduling, monitoring, and reporting results of vulnerability, patch, and compliance scans
• Utilized BMC server automation suite and SCCM to perform, patches, configures, upgrades, migrations, maintains and retires Platform Services in compliance with CIS, NIST, and DISA Policies and Standards or controls.
• Utilized BMC server automation to deploy scripts or jobs that carry out small/medium/large scale work initiatives
• Conducted extensive independent research to evaluate new platform versions, white papers, system configurations within a customized laboratory environment newly introduced appliances required testing and validation before implementation i.e.: Tenable, Foundstone, ADDM, Metasploit, tripwire and BMC web portal
• Applies judgment in evaluating the significance of new technological advances and advises management on the advantages/impacts of incorporating the new technology into the current hardware/software/network architecture
• Introduced, engineered, and administered ADDM (Asset Discovery Dependency Mapper) to our stake holders and then into our infrastructure, this tool was designed to build a query of all assets on the network
• Utilized V-realize to support our virtual environment to ensure it meets strict regulatory guidelines and security best practices
• Designed all Windows and Redhat virtual templates for the VDI environment based on NIST, DISA, CIS safe guards,
• Contributed to the reconstruction of the System Security Plan (SSP) and associated IA artifacts (e.g. Hardware and Software List, Dataflow Diagram, Vulnerability Management Plans, this documentation is primarily used by the CSAM tool
• Engineered, and administered CSAM into our environment, as a means of SSP retention

Deployment Supervisor for the Pentagon

Responsibilities:

• I utilized tools such as Server Automation, ADDM, SCCM, and MBSA to ensure all essential software and applications comply with Defense Information Systems Agency (DISA) regulations which involve firewall deployments, router and switch upgrades, network infrastructure upgrades, security policy remediation, network security upgrades, vulnerability assessments, and network and operating system hardening
• Managed security incident responses for NIPR and SIPR networks through a methodical process of identification, investigation, and resolution
• Utilized NIST 800 safe guards to be proactive against growing threats and reducing risk
• Effectively manage project scope by ensuring any changes to the scope are documented and approved with project change request forms these items where tracked and logged through the HEAT system, to provide transparency to upper management
• Managed and improved the Infrastructure Vulnerability Assessment Program, including configuring, scheduling, monitoring, and reporting results of vulnerability, patch, and compliance scans
• Track and report project milestones and provide status reports to government personnel and Confidential - Confidential senior level management a
• Configured EPO to work within virtual clustered environments, integrated with VMware and ESXI
• Supported McAfee Hips installations, (Standalone)
• Utilized EPO to perform and schedule updates and config changes to HIPS installations
• Developed and Implemented Information Security Policies and Procedures
• Utilized tripwire tools for vulnerability detection, (project based)
• Utilize packet capturing tools such as Wire Shark and Snort to assists in enforcing network security controls
• Supported the implementation of a VDI type infrastructure for NAVSEA, responsible for server segmentation
• Implemented periodic review of access controls for hosted and virtual systems
• Supported the implementation of an AWS virtual data center in support of the Hosted virtual desktop (HVD) project
• Integrated Metasploit tool sets for penetration testing
• Supported the implementation of HP ArcSight Logger;
• Developed and performed mitigation and remediation activities based on the findings to resolve network and system vulnerabilities to meet DOD compliance requirements. ( POAM’s)
• Utilize SCCM/SCOM and Active Directory in the deployment of user specific software and applications
• Configured and deployed Cisco ASA and Checkpoint firewalls during network infrastructure upgrades
• Responsible for planning roll-out process and sequence of new systems and platforms, including all IT related systems, communication systems, and IT driven security systems

Level II Network Tech

Responsibilities:

• Researched IT security issues & solutions & presenting ideas in a business-friendly &/or user-friendly language
• Evaluated risks & threats while adopting adaptive security policies, processes, & technologies with the use of tools such as Metasploit and tripwire
• Influenced corporate decision to in corporate network surveillance service level agreements (SLA) for company growth
• Served as subject matter expert on networks, devices, scanning, testing tools, and Security Technical Implementation Guides (STIGs)
• Performed security research, analysis and design for all client computing systems and the network infrastructure
• Performed basic unmanaged HIPS deployments
• Monitored events, responded to incidents and reported findings
• Managed project development from initiation to closure
• Resolved all Level 3 critical service calls successfully and efficiently
• Performed project evaluations and network security implementation and assessment for Confidential, Scott Trade, HR Block satellite offices

Confidential, Tampa, FL

Project Manager

Responsibilities:

• Executed Request for Proposal (RFP)/Request for Quote (RFQ)’s, scoped, and completed multiple network infrastructure projects successfully under budget without impeding quality for companies such as Confidential.
• Supervised other employees to maintain successful project/operations management team