SUMMARY:

To obtain a position that will utilize my proven skills in Information Technology, Management, Systems Security Engineering, and Integration. In addition, with my experiences in LAN/WAN/SAN design, implementation, vulnerability assessments, disaster recovery and business continuity development, and project management to offer strong team technical skills and abilities to your organization's potential growth.

SOFTWARE, HARDWARE AND OPERATING SYSTEMS:

Servers OS/Application: LDAP, X.500 server, Mainframe, Java, PKI server, SSL, Meta Directory, Rainwall Redundancy, Raptor Firewall, Checkpoint Firewall - 1, OPSEC, Gauntlet Firewall, Axent ESM, IBM Tivoli and SNA, Microsoft SMS server, Microsoft AZURE cloud, Amazon AWS, Microsoft Windows 2012, 2008 R2 2000 &2003 Server, VMware, & Enterprise Version, Macintosh OS, AIX, Alpha 4, Servers, Linux Red Hat HP-UX 10.20 Server, Sun Solaris 2.5 & 8.0, Microsoft Index Server, Microsoft MOM & SMS, Microsoft IAS, Microsoft Proxy Server 1.0, Microsoft SQL Server 6.5 -2000, Sybase SQL Server 5.5.10, Microsoft Exchange Server 5.0/5.5, Microsoft Exchange Enterprise Server 2000, 2003 & 2007, Microsoft Cluster, Microsoft Internet Information Server 3.0 - 6.0, Shell Scripting, Perl Scripting, Reflection, Lotus cc-mail server, Citrix Winframe Server, Citrix Metaframe Server, Citrix Extranet Server, Rational Rose Enterprise, VMS, Weblogic, Cold Fusion, Websphere, PVCS Version Manager and DOORNet Server.

Client Software: Microsoft Windows 10, 8.1, 7, XP & 2000 Professional, Mac OSX 10.X, IBM Voice Recognition, CC Harvest, PageMaker, MS. Office 95, 97, 2000, and XP& 2003, Claris Works. Corel Draw, SmarTerm, Perfect Office. WordPerfect Suite, MS. Visual Source Safe, Crystal Report, CISCO, 3COM, Axent, RSA, Sharepoint, and Checkpoint.

Security Software: Rapid 7 Nexpose, Metasploit, Nessus, McAfee EPO, HIPS, Cisco PIX Firewall, Checkpoint Firewall, Core Impact, Splunk, LogRhythm, LightCyber, ForeScout, ChangeGear, TripWire, NNT Software, Infra Security, Checkpoint, F5 SM, SouceFire, Snort, Enterprise Security Manager, Nessus, WebInspect, Appdetect, ISS, wireshar, Necat, NetStumbler, L0phtcrack, THC Amap, Retina, QualysGuard, Sandcat, Safenet, Vometric, and Saint

Hardware: Server/PC: Dell Poweredge servers, Dell Power vault SAN, Dell Powervault Enterprise Tape Backup, IBM, Net Servers, Acer, AT&T, NEC, Toshiba, Hewlett Packard Netserver, and Macintosh.

LAN/WAN: Routers, Bridges, Repeaters, Mux, Cisco NetRanger, CSU/DSU, Frame Relay, DS3, DSL, ISDN, Cable Modem, Switches, Hubs, Ethernet, Giga Ethernet, FDDI, ATM, TCP/IP (IVP4, IVP6), OSPF, RIP, Telnet, FTP, HTTPs, HTTP, SQL*Net, EIDRP, IGPs, OSPF, EGPs, SSH, CISCO, 3COM, Juniper, Axent ESM Intruder Alert NetRecon, and RSA.

PROFESSIONAL EXPERIENCE:

Confidential, Washington, DC

Information Security Manager

Responsibilities:

• Perform and manage day to day client IT Security activities
• Implemented and using Sourcefire IDS/IPS to protect various network segments
• Implemented and using Checkpoint Firewall and Checkpoint Threat Emulation to protect Internet points
• Implemented and using Checkpoint Endpoint management with Anti - Malware, DLP, Web filtering, Firewall, and Full disk encryption protection on internal and mobile user devices
• Implemented and using F5 Application Security Module to protect Internet facing applications
• Implemented and using LightCyber Magna for Real-time network Behavioral Attack Detection and Forensics
• Implemented and using SIEM tool LogRhythm for daily continuous log monitoring
• Implemented and using ForeScout Counteract for Network Access Control ( Confidential )
• Implemented and using Deepnet Security Dualshield for Two factor authentication, Single Sign ON (SSO) on Windows, Mac, and Linux environment
• Implemented and using Rapid 7 Nexpose for vulnerability assessment and Metasploit for Penetration testing
• Implemented and using Nessus, Sancat, ManagedEngine, Qualys, Splunk, Snort, GFI LANGuard for continuous vulnerability management
• Implemented and using NNT Software and Centrify for baseline configuration management for Network devices, servers, and client devices based on CIS benchmark, USGCB, and DISA STIGS.
• Implemented and using Sunview ChangeGear for change control management and automated change tracking
• Implemented and using Vometric Data Security Manager/Platform for data at rest encryption on for none platform centric encryption using the FISP 140-2 encryption standards
• Implemented and manage mobile device management solution on Apple iPhone and iPad via Checkpoint Secure Workspace Capsule
• Assess and maintain client and vendor compliance with SOC 2 Type 2 audits, HIPAA, PCI DSS, GLBA, PII, Confidential, Confidential, COBIT, GAO Confidential, ITIL and ISO 27000
• Perform periodic risk assessment and maintain incident response and handling process
• Perform Security Development Lifecycle (SDL) on all IT related acquisitions and projects
• Monitor all IT related Service Level Agreements (SLA) and Cloud Services
• Manage mitigation of all IT related audits and Helpdesk SLA performance
• Assess and support IT operations on all network, servers, desktop, project, user support on architectural, operational, new technologies and compliance requirements
• Provide exceptional customer services to end users, senior management and IT team within and outside work hours
• Perform and Maintain Certification and Accreditation (C&A) for GSS and Major Application using Confidential 800-53 rev 3 and rev 4
• Designed, deployed and administer annual IT Security awareness training
• Created and Designed comprehensive Network, Application, Operational protection Security Architect
• Developed, wrote, and implement IT and IT security policy and standard operating procedures using
• Designed, deployed, and tested disaster recovery and business continuity plan

Confidential, Washington, DC

Information Security Manager

Responsibilities:

• Liaison with other legislative branch IT Security department on security issues and requirements
• Act as a point of contact for all IT audit issues for the agency such as POA&Ms and NFRs
• Create and maintain all agency MOU\MOA, and ISA
• Performed Agency wide Certification and Accreditation process using the Confidential 800-53A methodology and reviewing vendor SAS 70 Type I & II reports
• Implement and perform continuous monitoring of system and application changes through configuration management process
• Create and develop agency security incident response plan and perform incident response investigations with SLA monitoring
• Perform agency wide risk assessments using Confidential 800-39 guideline
• Performed periodic vulnerability scans and work with production group to mitigate risk
• Work closely with external and internal audit on agency IT audit and work with operation and business application groups on audit responses and mitigation actions
• Create agency IT Security policies using Confidential 800 series, FIPS, and GAO Confidential guidelines
• Developed agency wide security documentation gap analysis methodology
• Developed security posture using the OSI model covering all Security domains
• Updated exiting policy documents to meet current technology and Federal standards and mandates
• Create and maintain all agency Security Life Cycle (SLCs), Security Program/Framework, Security Policies, Procedures and Standards
• Create and maintain security requirements for all software application, hardware devices, and project to meet agency and Federal guidelines
• Perform annual Information Security Awareness Training for all agency employees and contractors
• Create and administer Rules of Behavior (ROB), Remote Rules of Behavior (RROB), Non-disclosure Agreements agency-wide
• Developed software and hardware policy and procedure compliance matrix
• Developed and implemented annual Information Security Awareness Training
• Work closely with production Security Operations (SecOps) group on Security issues, configuration, design and forensics
• Perform Internal Audit on network operation activities and processes
• Create internal control process documents for Application security administration
• Create agency wide security application and hardware business cases
• Work closely with the agency Enterprise Architect on enterprise network and application security requirement
• Managed scores of complex Enterprise-wide projects and tasks
• Review proposed enterprise wide new hardware and software implementations for security compliance
• Implement agency wide hard drive encryption and Perform PCI Compliance Audit

Confidential, McLean, VA

IT Audit Manager

Responsibilities:

• Assess Bureau of Indian Affairs ( Confidential ) data center security, including firewalls, Active Directory, LDAP, Digital Certificate Servers, and databases
• Managed the Audit process of a A-123, and Confidential process on IT systems
• Manage project time matrix and reports for project
• Create audit test planning, test scripting, and test completion
• Coordinate test sample requirements and test process gathered from business process owners
• Reviewed agency’s C&A processes and documentation
• Reviewed policy and procedures
• Perform audit interviews and coordinate with agency Confidential for audit process requirements
• Created Audit narratives, Testing, draft and final audit reports
• Performed Risk assessments reviews
• Reviewed SDLC processes and documentations
• Reviewed agency Configuration management process

Confidential, Bethesda, MD

IT Security Analyst

Responsibilities:

• Performed site assessment for infrastructure and IT operations
• Performed site IT security audit and IT operation audit
• Performed ethical hacks, and other vulnerability testing techniques using Nessus, Netcat, L0pht crack, VMware, ethereal, whisker, etc
• Evaluated disaster recovery plans and contingency plans
• Assessed Network equipment and software operations
• Redesigned and implemented site IT security and operation procedures
• Redesigned and implemented site disaster recovery and contingency plans to DOD C&A process standards
• Scheduled Disaster recovery and contingency plan periodic testing
• Performed firewall and network penetration testing (NetForensics, Nessus, etc)
• Implemented and manage Web filtering via Cisco PIX firewall, McAfee EPO, and Websense
• Redesigned site network; Wired LAN and Secure Wireless Access Points
• Upgraded network backbone from Fast Ethernet Copper to Cisco Gigabit Fiber backbone, CAT IOS upgrade, and CISCO IOS
• Upgraded from hub based network to a totally switched network
• Implemented Secure VPN access PKI certificate encryption and authentication
• Implemented secured PKI based Wireless Access for Mobile computing Campus wide
• Planned and deployed Windows Server 2003 and Windows XP with Office 2003 campus wide
• Planned, deployed and migrated from legacy email system to Exchange 2003 cluster for redundancy
• Designed and implemented Internet access redundancy
• Designed and maintained a configuration and testing lab environment
• Performed random site internal audits

Confidential, Vienna, VA

Director of IT / Security

Responsibilities:

• Maintained all activities of Information technology/Security
• Ensured that corporate and departmental policies are implemented and followed
• Managed the C5 Mission Critical Network LAN/WAN/SAN and security operations with 22 Technical Staff at 6 sites on a high availability schedule, while improving efficiency and reducing costs
• Worked on outside E-business (including presales presentations) client Security Projects and assist with procedure/process developments
• Performed operations economical efficiency (budget planning and cost control), and standard operating procedures
• Developed guidelines for the implementing security policy, Mitigation Plan, Disaster Recovery Plan, Emergency Plans, Vital Records, Threat and Crisis Management, Contingency Planning, Intrusion Detection, and Firewall policies
• Budget planning, monitoring, and control, asset management, time sheet, Performance evaluations, Bonus reviews, weekly status report, employee development, and focus on employee retention
• Initiated Corporate team building activities and training
• Ensured end user and external client satisfaction and prompt problem resolution in a timely manner
• Implemented an effective and efficient helpdesk support system to ensure great customer service and liaison with all departments on project needs
• Planned and recommended network hardware and software upgrades and migrations
• Closely monitored all software licenses, usage, vendor contracts, and compliance
• Installed, maintained and monitored all network devices (routers, switches, and load balancers) and bandwidth devices for performance and benchmark
• Managed Network configuration Documentations, Standard operating procedures, and network operation optimization
• Trained staff in Information Security Assessment, and monitoring for compliance, implemented Secure Wireless remote user PDA access over Windows Ce, Pocket PC, and WARP OS for messaging services
• Implemented Secure VPN Tunneling to all C5 and Client Extranet sites using various levels of encryption; IPSec, DES, 3DES, IDEA, MD5, Digital Signatures and Certificates
• Worked on the implementation of company wide knowledge management (Intraspect Knowledge portal) and Cold Fusion Web servers, ASP, and XML
• Successfully Implemented and administered Security Applications for MID-Tire Security (Orbix, Firewall Checkpoint-1, Real secure IDS, Rainwall Clustering, IDS, PKI, LDAP, SSL, Digital certificates-X.509 and SecureID) on Sun UNIX and Windows NT/2000 servers
• Performed extensive network penetration testing and systems interrogation. Developed Disaster Recovery Plan (DRP), Scheduled DRP testing, Intrusion Detection, Business Continuity Plan, Enterprise Contingency Plan, Security policy and Asset management
• Interacted with Scores of Vendors for competitive purchase and leasing pricing
• Maintained C5 PBX, Voicemail, Frame Relay, Voice over Frame, Video over IP, Voice over IP
• Redesigned and supported Software product development, environments, Application test processes, and work closely with software engineers for client application certification
• Monitored all Security components and responded to network Intrusions (attacks).
• Investigated all attacks (origin, attack type and activities if any), perform forensics, discuss findings with team and issue detailed reports to senior management.