I’m looking for work in security engineering, governance, security architecture, commutable or remotable
- Hired in anticipation of the implementation of a large Confidential installation.
- Mixed environment of dozens of divisions, locations, and control standards
- HIPAA - PHI, ISO 2700X, PCI-DSS, depending on division specialties.
- I modified and detailed design changes for implementation of logging, monitoring, IDS/IPS monitored and managed appliances, and services expanding on an original 3 sites design, expanded to 7.
- To be responsible for the preparation of periodic, and ad-hoc, reports once in place.
- Provided professional consulting services pertaining to the field of security monitoring and Log Retention.
- Functioned as conduit / liaison between customer security operations and Dell Confidential to integrate with:
- Threat Intelligence Management System
- Counter Threat Unit
- Security Operations
- Incident Management and Response
- Security Risk and Consulting
- LogVault 2 SIEM, iSensor IDS/IPS appliance, and other collection/monitoring products.
- Researched and reported on various schemes for collection, redirection, and routing, of event traffic.
- Worked with Security and Governance Standards groups as requested.
- Daily administration, break-fix, and upgrade duties.
- Researching unparsed/unidentified logs, creating and implementing new log-source types.
- Devising and implementing architectural modifications to LogRhythm’s largest single deployment.
- Worked with two peer engineers, SOC, Security application groups, Vendor Engineering Services.
- Devised simple/effective Powershell and T-SQL processes to accelerate diagnostic response.
- Implemented modifications to accommodate and isolate load balanced traffic for analysis.
- AGILE shop: I documented all processes, developed and distributed my scripts to all peers.
- Hands-on hardware, firmware, OS, Cluster, Network, F5, NetApp, install and prep.
- Remote installation and configuration of (8) McAfee satellite sites running on ESXi and Windows guests.
- Assisted with Installs of MS SQL Server for failover-clustered ePO Database Server and teamed NICs
- Worked with iSCSI, BIOS, and Firmware upgrades, hardware driver installation and iqn assignement.
- Documented routine tasks on NetApp, F5 LTM and GTM Load Balancers, Switch replacement.
- Assisted with the DIACAP, ATO, Nessus vulnerability remediation, of all datacenter components.
- Wrote procedures for routine maintenance tasks for SE and SA functions to be assumed by VA personnel.
- Performed or oversaw install and replacement tasks on all datacenter hardware.
- Enabled vendor access as authorized, to include using Cell Hot-spot to connect pre-live equipment.
- Created AWS cloud linux instance, installed LAMP components, to transfer an ILIAS training server to.
- Stood up the new servers and configured accounts/security to customer specs.
- Installed and tuned apps, worked with developers in tuning.
- Documented build and SA processes for handoff to Global Net contractors.
- Splunk monitoring and analysis of data transfer issues, system status during batch deployments.
- Persistent bus monitoring, restarting and clearing queues, tier four support of customer issues.
- Analysis of process flow interruptions. software upgrades. Scripted Splunk reports.
- DevOps SOA. RESTful ActiveMQ messaging to Amazon Cloud SMS/SQS message handling.
- Agile Continuous Production - represented Production at coding scrums and validations.
- Performed manual transfer of sessions and accounts synchronizing Oracle and Cassandra records manually.
- Confluence, Jira, Campfire, cURL, SOAP, JSON, Ruby, Bash, ksh, SQL, NoSQL, Python, XML.
- Cygwin, Postman, VisualVM, Op5, Hector, Cygwin, IntelliJIDEA, NetBeans, Eclipse, Elasticsearch.
Product Support Engineer
- 24/7 remote support of Network Monitoring appliances Certify and QA tickets for bug-fixes.
- SNMP Device Certification.
- Wireshark, nmap, NetSNMP OpenSQL, php. ESX support, Cisco NetFlow.
- BlackBuntu, BacTrack 5r2, Linux Mint, Gentoo Linux, Ubuntu, xubuntu.
- Open Source environment - OpenOffice documentation, Mozilla Firefox, etc.
- Corporate web domain, and VCenter, (ESX) running on Google Cloud infrastructure.
Security Engineer Leader
- Solaris 8, 9, 10-Zoned, Red Hat Linux, SuSE, VMware virtuals, Oracle Enterprise Linux.
- SRR and Retina scans to monitor DISA STIG compliance.
- Worked with Army/DoD Auditors and Unix Group to resolve findings and mitigate vulnerabilities.
- Responsible for Unix/Linux representation during DIACAP periodic reaccreditation process.
- Mitigation Strategy reports, determination of False Positives and their cause.
- Provided technical justification for findings that could be excepted based on unique architecture.
- Created a custom bash-scripted environment to push out updates, run scripts remotely, and retrieve results.
- Provided all unix-specific ArcSight and McAfee support.
- Automated (cron) a system to allow custom pulls of most recent run and add results to repository servers.
- Performed initial SRR, Nessus, and Retina scan certification of all new Unix/Linux hosts.
- Account Security: Enterprise Security Manager, Trusted Agent CAC PIN Reset
- Primary responsibility for site account requests based upon investigation and adjudication data provided.
- Performed and automated nstallation and testing of McAfee Security products on al *nix variants.
- Solaris, Oracle Enterprise Linux, SuSE Linux, and Red Hat Linux.
- Installation and Update processes scripted and turned over to the Unix Team to run.
- Moving all Unix/Linux scanning to McAfee HIPS, HBSS 4.5 and EPO per DISA requirements.
Software Engineer Leader
- Provided onsite engineering support for Aegis, BMD, and CR-2 support as needed.
- Provided lab and testbed support involving “Anything that touches Aegis” documented and operated various simulators for Anti-Submarine Warfare, Air to Air Combat Control.
- Attended (test) missile engagement, resolved IRIG time, NTDS, RS442, OS, and Data recording issues.
- Support included acting as a stand-in for all types of console and simulator positions for Lockheed Marin.
- Diagnostic kernel trace, debug of C, C++, ADA code, Network Analyzer (NAM)
- UYK-43 boot and operation, layer 1-3 network troubleshooting of backplane, VMEbus, and cabling.
- Worked with the NightStar suite Ntrace, Ktrace, Niew, and later the RedHawk RT linux.
- Participated on Lockheed Martin CIIT Team to track and resolve problems which transcend baselines.
- Devised means for distributed use of X-based applications, connecting multiple labs for lab use.
- All Documentation and operations performed within FMS releasability restrictions.
- Timing studies, logfile access, Korean Font capability, Tactical display issues.
- Participated in test shots including LINKEX, JAMEX, and reserved lab time for my own test shots.
- Worked on Mission Planner video (X) issues. Worked with Engineers, Managers, Programmers.
Computer Scientist/Systems Engineer
- Various phases: 586 people when I started, I was one of 10 when it was handed to Army.
- 2nd level Unix Admin serving 64 military bases remotely, with some onsite (travel) support.
- Administration of Internal Citrix farm running civilian version of JCALS (ACES).
- Supported Citrix farms fielded as part of NEXTGEN, and JCALS Thin Client Web Servers.
- Documented process for remote login via Terminal Services for remote management of DoD web servers.
- Responsible for Security scans and Maintenance drops run on CITRIX farms.
- Maintenanace of DoD FTP Interfaces - Confidential, SATODS, ATOMS, links.
- HP-UX 11, Solaris 8, Solaris 2.6, Dec Tru-64 5.1, Citrix Metaframe XP farms.
- Major deployments done off-hours over long nights and weekends routinely.
- Ran all routine Oracle tasks as directed by DBA staff.
- I took the initiative to conduct “Unix classes for Subject Matter Experts” as an extra-curricular.