SUMMARY:

Information security engineer seeking to provide strategic proactive security solutions, advisement, support, professional grade incident response, malware handling, and proactive threat landscape research

COMPETENCIES:

• Information Security Strategy Development, Portfolio Management, and Implementation
• Prospecting, Design, Implementation, and continuous improvement of Technical as well as Procedural
• Security Controls
• Design, implementation, administration, and service of information systems and data networks for companies in several sectors: Clinical, Healthcare, Insurance, Retail, Construction, Legal, Venture Capital and Education
• Level 3 Support for Security Solutions such as Firemon Network Security Policy Management SuiteMcAfee Email Gateway Email Protection Suite, ArcSight SIEM, Access Data's Forensic Toolkit for Digital
• Investigations, Cisco Firewalls, F5 Load Balancers for Log Distribution services, and QualysGuard Web
• Application Scanning Services.
• Networking concepts such as physical and logical design, service debugging, Layer 1 - 7 troubleshootingpacket analysis, netflow, switching, routing, subnetting, access control lists, and network address translation
• Data reconnaissance, migration, forensics, and restoration on server and client systems
• Proactive and incident driven system examination with platform utilities, SIEM systems, intrusion detection/ prevention systems, packet analyzers, traffic analyzers, Advanced Threat Detection Engines, logging platforms, vulnerability scanners and compliance reporting systems to discover and remediate malfunctionsmalicious activity, unauthorized activity, vulnerabilities or risks on different types of devices using different platforms

TECHNICAL SKILLS:

Computer Systems: Windows XP/2003 Client - Server Family, Windows Vista / Client-Server 2008 FamilyWindows SBS 2003/2008, Windows 7, Window Server 2012, MAC OS X, Fedora, Ubuntu, Red Hat Enterprise Linux Client-Server Family, SUSE, BSD, Solaris, CentOS, and other Unix\Linux platforms

Roles: Mail, File, Proxy, Application, Web, DNS, DHCP, RAS, Print, Domain Controller, Backup and Recovery, Authentication, LDAP, Terminal Services, Digital Fax, Deployment services, Database, Key management, Update Services, Secure File Transfer

Networking: Routers, Firewalls, Load Balancers, Switches, Repeaters, Hubs, Wireless Access Points, Wireless ControllersWireless Security Protocols, UTM Devices, Hybrid Devices, VPN, NAS, SAN, TCP/IP, IPv4, ACLs, IPv6, UDPNTP, DNS, RSTP, VOIP, STP, VLAN, VTP, DHCP, EIGRP, OSPF, Static Routing, IPSec, SSL/TLS, RIPv2802.3, 802.11, ICMP, RADIUS

Malware Analytics Technologies and Skill Set: Crowdstrike, Carbon Black Suite, Lastline, Anubis, VxStream Sandbox, Wepawet, Kali Linux, Parrot Linux, OpenVAS, GrayLog, Squid, OpenVPN, Onion Proxy Tor, Maltego, Cobalt Strike, REMnux, Helix, Wireshark, Metasploit, bash scripting, Command and Control Traffic analysis, packet analysis, Machine analysis, Log analysis, File analysis, Forensic Investigation Processes and Techniques, Reverse Engineering File Behaviors and Binaries, CIS, SANs, NIST, ISO 27001/2, Verizon Data Breach Report and other data breach reports

Malware Experience and Research: Zeus, CryptoLocker, Locky, CTB-Locker, Flame, Duqu, Stuxnet, SpyEye, Dridex, ModPOS, VBS Downloaders as well as other blended malware families

Security / Forensics: Access Data Forensic Toolkit, Prodiscover Toolkit, Encase, FireEye, FiremonSNORT, SourceFire, IBM Proventia, ArcSight SIEM Platform, Nessus, Splunk, RSA DLP, Fidelis

Database: MySQL, Oracle, MS SQL

Virtualization: VMWare, Parallels, Hyper-V, Citrix, VirtualBox

Web 2.0: Sharepoint, Drupal, Wordpress, Joomla, OpenAtrium, LogMeIn, Teamviewer, NoMachine NX, LAMP, Stack Applications, WIMP Stack Applications

Disaster Recovery: Acronis, Symantec Ghost, Image Vault, Paragon, Symantec Backup Exec

Other: OpenOffice, MS Office (97,2003, 2007, 2012), Visio, Project, Adobe Acrobat, Adobe InDesign, Adobe Photoshop

WORK EXPERIENCE:

Information Security Engineer

Confidential, Philadelphia, PA

Responsibilities:

• Information Security Strategy development and implementation driven by Risk and Threat Mitigation techniques utilizing industry guidelines such as CIS, NIST, SANS, and ISO 27001/2 combined with driver indicators from data breach investigation reports as well as Third Party Risk Assessment feedback
• Information Security Solution prospecting, design, implementation, and continuous improvement in the following areas: host - based anti-malware detection/prevention, network-based anti-malware prevention/ detection, vulnerability management, threat intelligence integration, Layer 7 Firewalls, Malicious/Unauthorized Behavior Analytics, Automated Malicious/Unauthorized Incident Detection, malware sandboxing, Forensic response kits as well as several other areas
• Audit Management and Compliance Advisement for Confidential DSS 3.1 and SOX

Information Security Engineer

Confidential, Woonsocket, RI

Responsibilities:

• Prospecting, design, implementation, and continuous improvement of security solutions such as ArcSight SIEM, Firemon NSPM, McAfee Email Gateway, Log Distribution services, Qualys Web Application Vulnerability Scanning, and Cisco ASA Firewalls
• Security Incident response and event examination with security solution technologies in the following categories: SIEM, IDS/IPS, NSPM, FIM, Anti - malware, Net flow and DLP

Systems Engineer

Confidential, Phoenixville, PA

Responsibilities:

• Design, support, and implementation of Clinical/Non - Clinical information systems utilizing various versions of Windows, Linux, Unix, and specialty Linux/Unix operating systems.
• Design, support, and implementation of data networks
• Data reconnaissance, restoration, and migration of server and end user systems utilizing Windows, and Linux Tools

Information Technology Specialist

Confidential, Pottstown, PA

Responsibilities:

• Design, Implementation, and continuous improvement of data networks and information systems
• Design and installation of Cisco IP Telephony/VOIP services
• Custom Server and desktop hardware design and implementation running windows 2003 series and custom Linux/Unix distributions