SUMMARY

A detail oriented and highly motivated IT business professional with over 12 years of experience in cybersecurity, internetworking, information, and telecommunication systems seeks a challenging network engineer or security position in a dynamic environment.

PROFESSIONAL EXPERIENCE

Confidential, Washington,DC

Senior Cybersecurity Engineer

• Working as a Senior Cybersecurity Network Engineer for the Security Architecture and Engineering group for the Consumer Financial Protection Bureau.
• Provides technical expertise in support of agency initiatives to ensure enterprise security for all internal and external hosted systems throughout the system development lifecycle (SDLC).
• Designing network security best practices for CFPB’s management network and Cloud Network Infrastructures. Working with Amazon Web Services (AWS) technologies such as Virtual Private Cloud, Elastic Load Balancing, and EC2 instances.
• Security review of network architecture designs for WAN migration and vulnerability scanning systems, Nessus and Splunk, implemented on AWS VPCs and Terremark cloud systems.
• Create implementation plans, baseline configurations, network diagrams, and performance analysis reports for proposed network architecture enhancements, system deployments, and upgrades in accordance with FISMA guidelines, specifically FIPS 140 - 2, the NIST Risk Management Framework, SP 800-37 and 800-53 rev 4.
• Working on organization wide implementation of NAC solutions using Forescout CounterAct. Focusing on security and network architectural design of the system for CFPB to meet NIST security requirements.
• Worked on security implementation plans for network and information systems based on NIST SP 800-53 Revision 4 security controls, and DoD STIGs.
• Worked on system integration and security audits for production cloud systems that integrate open source web development tools such as GitHub, Jenkins, Elasticsearch, and Memcached.
• Performed review and security audit for hardening Cisco Catalyst 3560, 3750, 4500 and Nexus 5000 and 7000 series switches.

Confidential, Fort Meade,MD

Cybersecurity Network Engineer

• Lead Cybersecurity Network Engineer at the Department of Defense. Providing Tier III security and network engineering support for the Internet Gateway Perimeter Defense project at DISA (Defense Information Systems Agency).
• Task Lead for global deployment of Filter List Management system that provides the capability to employ centralized management capability as well as ease of managing and deploying the complex DoD Firewall filters in Cisco and Juniper format for DoD’s Internet Access Point (IAP) routers.
• Subject matter expert on the current DoD’s NIPRNet and Internet gateway infrastructure. Developed operational concepts and technology to prevent and mitigate computer network threats against DoD networks.
• Provide on demand firewall filter testing and analysis for the DoD and related agencies on a biweekly basis. Reviewed firewall filters for TCP/IP errors during logical testing of ACL filters for DoD gateway Juniper routers, and advise to halt release on improperly configured ACL filters to protect the security of the perimeter boundary of NIPRNet.
• Utilized Ixia N2X, Spirent Test Center, and Breaking Point traffic generators to perform logical, performance, and penetration testing of the ACL filter management system for the DoD. Added additional layers of regression testing to ensure the integrity of firewall filter lists deployments to DoD perimeter routers. In addition, train team members and DoD customers on how to perform functional testing on ACL filters and document the process.
• Testing, evaluation, and system integration on Juniper enterprise routers, Oracle Solaris 10 systems, Linux and Dell Windows 2003 servers, Cisco routers and switches. Perform IPv6 integration and functional testing on DoD’s ACL firewall filter deployment systems utilizing Cisco 3600 series routers, Juniper Junos - M10i, M20, M120, and MX480 routers. Create test reports to validate compatibility between network systems and filter applications.
• Worked with US Cyber Command and other intelligence agencies with product vendors to incorporate system requirements into technical refresh of firewall security systems. Provided project lifecycle support to include conducting market research to find products that meet the requirements, written test plans, and executed lab tests for selected products.
• Wrote executive summaries, status reports, CONOPS, and implementation plans on firewall technologies, and created procedures and topology diagrams to provide documentation and support for the DoD internetworking systems.
• Successfully coordinated the move of the DoD’s ACL filter management lab system from Falls Church, VA to Fort Meade, MD for BRAC mandated relocation. Awarded a letter of appreciation from DISA for the move.
• Worked with Arbor PeakFlow systems in conjunction with Cisco ASA UTM 5500 series firewalls which provides network monitoring, security, detection, and mitigation of incoming DDoS attacks and other suspicious traffic trends.
• Worked with Tier II network engineers to troubleshoot TCP/IP connectivity issues with Juniper IAP routers, and Cisco ASA firewalls on the production NIPRNet network.
• Worked closely with team members to provide Information Assurance support by evaluating and verifying risks and vulnerabilities for DoD networks and information systems. Remediate security vulnerabilities to meet IAVM standards, CTO orders, and requirements according to DoD STIG guidelines on a weekly basis.
• Evaluated new internetworking management systems and involve in testing candidate systems that best meet their needs such as the IBM Tivoli Netcool Configuration Manager.

Confidential, Arlington, VA

Senior Network Engineer

• Worked for the Navy’s Strategic Systems Program (SSP), under the Department of Defense (DoD) as a Senior Network Engineer with active secret clearance.
• Network Infrastructure Lead, in charge of Cisco access control list and firewall configurations. Maintained and installed Nokia Checkpoint IP 350, 380, and 390 firewalls. Created firewall rules and pushed out policies utilizing Checkpoint SmartDashboard R55, R61, and R65. Monitored network traffic utilizing Checkpoint SmartView Tracker software.
• Worked on Cisco 4500, 3750, 2960, 2950, 3550, 3500XL series switches and 7200, 2800, 2600 series routers and Cisco 4200 series IPS/IDS systems. Configured, maintained, and installed the devices according to DoD IT security guidelines on both classified and unclassified sides. Updated IOS, configurations, and ensured secure login using Cisco TACAS+ software for Cisco devices.
• Created and updated access control list (ACL) for Cisco 4500 and 4000 series router switch modules that control access to the Trident Strategic Weapon System Network (SWSNET) for SSP. Investigated cyber security attacks on the SWSNET network utilizing a combination of Checkpoint firewalls and Cisco IPS/IDS systems.
• Created and maintained SSP’s network topology diagrams, inventory checklist, and documentation for DoD Information Assurance Certification and Accreditation Process (DIACAP). Work with accreditation team to make sure network infrastructure meets Navy security requirements. Validate network infrastructure meets current IAVM’s, IAVA’s, and CTO’s.
• Update and reconfigure network infrastructure to meet security requirement changes. Manage, deploy and redesign network infrastructure. Schedule and plan future network infrastructure work. Implement configuration changes to network devices to meet IAVM requirements. Responsible for evaluating and purchasing Cisco network equipment for SSP locations across the United States and United Kingdom.
• Utilized Wireshark and Sniffer Pro packet sniffing software to troubleshoot network connectivity issues on SWSNET, NIPRNET (Non-classified Internet Protocol Router Network), and SIPRNET (Secret Internet Protocol Router Network) for military and vendor organizations such as DISA and Lockheed Martin.
• Assisted in troubleshooting connectivity issues with SSP users, and the SWSNET community involving Citrix VPN appliances, Access Gateways, and Presentation Server. Also worked with SWSNET partners such as NMCI, NAVSEA, and various contractors to ensure cross organization access to trusted systems for users across the network.

Systems Engineer

Confidential, Washington, D.C

• Worked on the General Integration Engineering Team at the Executive Office (EOUSA) of the Department of Justice (DoJ). Provided Tier III application, testing, and engineering support for DoJ systems within a Windows 2003 Active Directory environment.
• Specifically supported the Financial Management Information System, which utilized the Rumba terminal emulation program to connect client’s desktops to mainframe servers for financial database processing.
• Tested security patches and updates, created documentation and technical bulletins for various DoJ systems and applications such as FMIS PC2, Rumba, and NEF Automated Print/Save Application.
• Provided testing and documentation on VPN/firewall solutions for high speed remote access. The solutions involved implementing Blue Ridge BorderGuard RemoteLink and Senforce Endpoint products to provide secure remote connections throughout the DoJ’s WAN infrastructure and remote computing initiatives.
• Tested, documented, and built Hirsch Velocity Security Management Windows 2003 Servers for the Homeland Security Presidential Directive (HSPD-12). It involved implementing and setting up a biometrics based multi-factor authentication security system for the DoJ infrastructure.
• Used BMC Remedy Action Request System for ticket and bug tracking of security incidents and issues involving viruses, worms, and other malware affecting the DoJ systems.
• Performed the role as a Webmaster for specific EOUSA websites utilizing Dreamweaver and SharePoint and ensured the security of the websites through standard DoJ security protocol.

Confidential, Bethesda, MD

Systems Engineer

• Worked as a System Engineer at the National Naval Medical Center on the Navy Central HIV Program (NCHP) contract, and administered Windows 2000/ 2003 systems utilizing Active Directory.
• Administered, configured, and tested Dell PowerEdge Windows 2000/ 2003 servers for database and web applications. Worked on migration project with lead software developer to migrate NCHP systems from Windows 2000 to 2003.
• Maintained and updated Navy HIV servers according to DoD DITSCAP security guidelines and complied with IAVA announcements. Daily vulnerability scanned of all NCHP servers to ensure that they met DoD DITSCAP/DIACAP requirements and updated servers with IAVA patches to ensure they meet the DoD standards.
• Utilized DoD approved software such as Hercules Citadel, Retina Network Security Scanner, Golddisk, and Microsoft Baseline Security Analyzer to provide security and remediation to the systems according to Secure Configuration Compliance Validation Initiative set forth by DISA.
• Built, tested, and implemented data backup solutions and schedules with Symantec/ VERITAS Backup Exec 10 utilizing Dell PowerVault 124T. Also created a prototype VMware environment to provide a test lab for application and systems testing.
• Administered Nokia 350 firewalls utilizing Smart View and Checkpoint software. Also worked with Cisco 2600 router and 3550 switches.
• Created SOP documents for the Navy to document how to build and test servers and install software according to DoD and DISA guidelines.

Confidential, Washington, D.C

Senior Technical Analyst

• Provided network, hardware, and software support locally and remotely in a Windows XP environment. Built, tested, and deployed Windows XP workstations and laptops for multiple departments. Worked with Active Directory and administer user accounts in a Windows XP environment.
• Supported and tested digital certificates to ensure that they worked in a PKI infrastructure with Internet Explorer, Netscape, Mozilla, Firefox, and Safari for clients.

Confidential, Alexandria, VA

Network Analyst

• In charge of monitoring the Library of Congress network and computer systems, ensuring coverage on Windows, Sun, IBM mainframe, and UNIX platform servers.
• Worked in a Windows 2000 environment administering user accounts in Active Directory and monitoring network systems and servers for performance tracking, security vulnerabilities and attacks utilizing Microsoft Operations Manager (MOM).

Confidential, Annapolis Junction,MD

Technical Analyst

• Analyzed and resolved technical hardware and network issues, and provided heterogeneous Windows support to users in person and over the phone.
• Supported and assisted in the regional implementation of Windows 2000 systems in over 200 facilities in the Metro-DC area utilizing Dell and IBM equipment.
• Installed, moved, and configured network systems using Cisco, 3COM, and Lantronix routers, switches, comm. servers, and CSU/DSU.
• Administered users and maintained multiple IBM RS/6000 AIX UNIX servers and worked with IBM terminals and RAN’s.