SUMMARY:

• Multi - skilled, “ CISA Certified, ” IT security professional with 17+ progressive years in operational security, network analysis, vulnerability management; expertise in security information and event management tools, implementation, and monitoring.
• Direct hands-on talents working with security technologies, including firewalls, encryption, intrusion detection, VPN, and key security services for corporate, government, and healthcare; excellent explaining technical issues to non-technical people.
• Skilled team-player and highly-motivated, self-starter with recognized strengths in mitigating security threats, maintaining security policies, and IT compliance; focused, adaptive, and honest. Solved tough problems; delivered outstanding IT projects.
• Demonstrated ability to learn new technologies and adapt to changing complex cyber environments; blended technical abilities with strong interpersonal skills interacting with diverse data security teams, key talent, and significant stakeholders.
• Information Security / Remediation Certification & Accreditation / Vulnerability Management / Log Monitoring / NIST, ISO, PCI, ITIL, HIPPA, SOX / Department of Defense Systems / IT Operations Security / End Point Encryption Cisco/ Juniper Firewall / Data Loss Prevention / Penetration Testing / SIEM Solutions & Implementation QRadar / UNIX Operations

TECHNICAL SKILLS:

• DoD (Department of Defense) | Active Directory | Security | Systems Engineering | Windows Server |
• Information Assurance | Networking | C&A | Network Administration | Computer Security | NESSUS | IP360 | Splunk
• Information Security | Vulnerability Assessment | Military | Top Secret | C | Troubleshooting | UNIX | Qradar

PROFESSIONAL EXPERIENCE:

Senior Information Security Analyst

Confidential, Sacramento, CA

• Guided security tool implementation with SIEM solutions and Websense; identified hundreds of vulnerabilities, fixed security issues and maintained IT security compliance.
• Compiled documentation on current security processes and polices; remediated any vulnerabilities found on enterprise systems and network environments.
• Evaluated and recommended security technologies including firewalls, encryption, intrusion detection, VPN, and managed security services.
• Implemented and managed network monitoring tools; included Websense, QRadar, Nessus and MacAfee ePO.
• Analyzed and resolved data, application, computer, and network security issues; administered security policies to control access to systems and prioritized Control Reviews.

Information Technology Security Engineer

Confidential, Orlando, FL

• Diagnosed and mitigated security risks; evaluated IA/IS operational models for network attack mitigation.
• Established and developed Department of Defense Information Assurance, led Certification and Accreditation Process ( DIACAP ) based IA/IS and security management support; computed firewall rules and maintained government policies.
• Managed IA/IS engineers, directed enterprise and network centric, service oriented architecture IA/IS development, tested integration engineering support for information system security engineering; aligned with Department of Defense IA/IS capabilities.
• Experienced with Department of Defense /Army Security Management and Security Engineering policy guidance and directives, knowledge, and practice of current and emerging information assurance enterprise security practices.
• Organized teams; developed and implemented enterprise security policies and practices, initiated vulnerability assessments, IAVA reporting, and IA/IS problem resolution.
• Administered SIEM solution with Qradar and planned penetration testing.
• Ability to convey complex information assurance data to a wide variety of government audiences, demonstrated oral and written communication skills; delivered briefing to executive personnel.
• Proficient in IA/ IS design, architecture, development, test & integration engineering support for information system security engineering on Windows, Linux and Unix OS platforms.

Senior Information Assurance Engineer

Confidential, Orlando, FL

• Pen tested several government sites; Skilled in auditing financial applications such as SAP, Oracle, JD Edwards, PeopleSoft, PCI. Initiated and implement security designs in hardware, software, data, and procedures on Windows, Linux and Unix Operating systems.
• Validated security requirements and performed system certification and accreditation planning and testing; liaised activities and secured systems operations
• Completed remediation protocols and secured risks to active directory, security polices, and registry settings.

Lead Information Assurance Engineer

Confidential, Shalimar, FL

• Tested firewall rules, ensured security guideline, programmed Cisco, Juniper Firewall platforms; processed “Penetration Testing” using AppScan.
• Facilitated Defense Information Assurance Certification and Accreditation Process accreditation and verified DISA Security Technical Implementation Guides ( STIGs).
• Monitored system in the system security engineering processes; ability to think logically and devise original solutions to complex systems engineering problems, collaborated with diverse engineering team activities and meet tight programmatic scheduled milestones.