SUMMARY:

• CISSP w/ IA experience in NIACAP, NISCAP, NISPOM, NIST, FIPS, DCID, ICD, JSDCISSS, DIAM, Privacy, DoD Directives/Instructions, ODNI, STIG, SRR, SCCVI, IV&V, HIPAA, PCI
• Cyber Security - Risk Analysis/Assessment, Business Continuity & Disaster Recovery Planning, Access Controls, Telecommunication & Network Security, Software Security, Penetration Testing, Auditing, Crypto/ Physical Security
• Technical knowledge Next-Gen firewall, IDPS, network devices, security tools, TACLANE/KIVs, malware

WORK EXPERIENCE:

Confidential

Security Engineer

Responsibilities:

• Regional ISSO role for Confidential unclassified/classified IT systems for two Field Offices and all offsite locations
• Conducted forensic analysis on digital media to investigate Security Incidents
• Use tools such as Nessus, Nmap, CA Top Secret, Foundstone, and Metasploit to conduct Penetration Assessments
• Worked hand-to-hand with Cyber Crime Special Agents on internal threats and engineer defenses for Confidential systems
• Provided continuous monitoring to z/OS and z/VM mainframe system uses best business practice methods
• Mainframe experience with CA-Top Secret Security (TSS), Roscoe, and other related mainframe programs
• Constructed Risk Management Framework (RFM) for Confidential enterprise systems & financial systems
• Conducted vulnerability assessments manually and using Nessus and McAfee Foundstone tools
• Created security Incident Response (IR) policy and responded to incidents with escalation
• Completed audit log review on Linux, Windows and Mainframe bases operating systems
• Assessed Confidential systems for FIPS 199 category and protection level to adhere Confidential security standards
• Experience w/ A123 & KMPG audits and PCI standards & policies to implement security controls & compliance
• Provided continuous monitors enterprise level system comprised of infrastructure equipment (Cisco routers, switches, SONET equipment, WAN and TACLANE and bulk encryption devices.
• Experience working with Oracle 10g, 12c, and 11g and implementing STIGs and other Confidential security standards
• Configured security on Linux distros (Fedora, Debian, Oracle, Red Hat Enterprise)

Confidential

Security Engineer

Responsibilities:

• Confidential Immigration & Customs Enforcement and Homeland Security Investigations (HSI) as an IT security SME
• Experience with forensic tools (EnCase, Forensic Took Kit FTK )
• Managed Security Operation Center (SOC) and conducted continuous monitoring on IT systems
• Developed Disaster & Recovery Plans and Standard Operating Procedures (SOPs) for law enforcement center
• Created SOPs & Policy for Access & Control, destruction of media, handling of removable media
• Experience w/ Certification & Accreditation ( Confidential & Confidential ) lifecycle and creating packages
• Implemented NIST 800-53A rev3 security controls on hardware & software and entire facility
• Evaluated/analyzed vulnerabilities using IDPS tools (e.g. Nmap, RSA EnVison, Nessus, Splunk, WebInspect AlienVault) & conducted risk management assessments on all IT system & physical security in the facility.
• Conducted audits for IT systems and physical security and personnel.
• Created CIRT SOP for HSI facility, responded to incidents (alerts, virus, intrusion, environmental)
• Experience with implementing encryption solutions (e.g. AES -256) on transit data and data at rest
• Experience with wifi LAN security (802.11) on various vendor components
• Experience with Cisco and McAfee on layer two and application level firewalls, McAfee ePO
• Experience with virtual environments (VMware, Hypervisors, VCE) blade-servers, Linux & Microsoft
• Experience with IT security devices (e.g. Cisco, LAN/WAN, etc) and applications (e.g. Wireshark)
• Experience writing technical memos, SOPs, waivers, exceptions, and risk acceptance policies

Confidential

Team Leader

Responsibilities:

• Lead and managed team of 5 Cyber Security SMEs
• Performed network enumeration w/ tools (e.g. Foundscan, Nmap, BackTrack suite)
• Conducted network, application and physical vulnerability and risk assessments
• Developed recommendations for mitigation on security risks identified during assessments
• Wrote up and briefed results to clients ranging from technical staff to executive management
• Developed tools to automate security assessment tasks (e.g. scripts, macros)
• Used vulnerability assessments tools (e.g. Nessus, Foundscan, nmap, metasploit, BackTrack, SAINT)
• Experience with lab environment to conduct penetration w/ (e.g. BackTrack suite) on web servers

Confidential

Information Assurance Manager

Responsibilities:

• Implemented security plans and designed security for NSANet on Intel Community (IC) systems and implemented Confidential /CSS (IC) security control standards. Utilized XACTA tracking system.
• Conducted vulnerability/risk assessments, penetration testing from Confidential Ubuntu tactical mobile system, experience with BackTrack, Wireshark, and WinPcap
• Utilized experience and knowledge to analyze IDPS and conducted vulnerability assessments on INSCOM interconnected systems (e.g. Cisco devices, VoIP, VTC, MS servers) .
• Developed reports and trend analysis documentation on bandwidth, network architecture, as well as network security incidents on standalone systems that connected to INSCOM via DS or TROJAN connections.
• Directed, organized, and utilized crisis management techniques during outages, virus outbreaks, and in high-pressure environments, experience with McAfee and Symantec software.
• M anaged network Confidential specific to the DoD as well as many commercial tools to include eEye Digital Retina Network Scanner, Gold Disk, SAINT, WASSP, Flying Squirrel, Cisco SDM, ArcSight & NetWitness
• Implemented Confidential, DoDIIS, ICD, FISMA & NIST to INSCOM and remote systems
• Experienced with n etwork hardware (e.g. cisco Routers, Switches, VTC, VoIP ) architecture (LAN, WAN), implementation, configuration, and management to support INSCOM and remote systems
• Audited secured systems and tested security products and systems to detect security weakness
• Conducted risk assessments on IC IT systems in foreign hostile locations
• Lead Confidential for internal security audits and investigations.
• Experience with Confidential lifecycle and packages (e.g. POAM, DIP, SRTM, SSAA, SSP, Certifying Test Report, Disaster/Recovery Plan, COOP, CONOPS, SOP, ATO, MOU, MOA, Security Plan, Local Policies)
• Interfaced with Vulnerability Management System (VMS), DoDIIS System Compliance Registry (DSCR), IA One Source, and Army Profile Management System (APMS) to update vulnerability profiles of information systems
• Experience with VMware ESXi integrated in ClearCube blade servers

Confidential

System Engineer

Responsibilities:

• Configured Confidential MS Win2k 3 servers with AD & Exchange, Citrix, messaging system, CableXpress and FilesX software; hand selected to represent team
• Performed IT modernization from legacy MS Win2k to Win2k3 servers and data migration
• Implemented OS and software security controls to mitigate risk & threats and reduce exposure to Distributed/ Denial-of-Service ( DDOS) attacks
• Configured Cisco switches with layer 2 & 3 IOS to establish reliable infrastructure; improved network connection and increase bandwidth to gig-speed; and implemented security controls protocols, filters, services, and Access Control List (ACL) to defend against DDOS attacks
• Installed servers and network at State Dept embassies and consular facilities in both classified/ unclassified networks; implemented security policies and controls to adhere to NIST 800-53 security standards

Confidential

Program Manager

Responsibilities:

• Managed Confidential Biometrics project to install Confidential secured entry way using Confidential finger print system for Confidential military base in Confidential foreign country; increased Defense-in-Depth by adding layers of security controls and completed project ahead of schedule
• Project Manager for following projects (e.g. military base VoIP system and fiber infrastructure)
• VOIP over secured network using Cisco VoIP 7900 series network equipment on military base, provided senior level secured encrypted means to communicate
• M ilitary base network infrastructure with Fiber/CAT5E&6, entire server room renovation with Cisco & Nortel equipment; reduced EMI security vulnerability by switching to fiber optics and implemented policy to watch for coupling physical vulnerability of fiber wires and saved over $5,000 in cost and completed ahead of schedule
• Authored military base security policy to increase IA and operations security
• Counter Terrorist Manager; audited physical, personnel and information system assets and produced risk analysis on military base infrastructure
• Wrote and edited Support Project Agreements for IT systems and projects; produced clear and succinct reports for customer and senior management

Confidential

System Engineer

Responsibilities:

• Engineered personnel login software in both Java/ C ++ and lead team in designing Linux script for base WAN; conducted security code review to eliminate buffer over flow errors and security memory leaks
• Built SANS solution on military base network utilizing RAID servers; applied Confidential level encryption on military devices and implemented Air Force and DoD security standards
• Managed 20 personnel to transform Cisco routers and switches (6500s & 2934s) of ATM, Gig-E network to SONET OC-192 star-mesh topology using Nortel routers/switches and DWDM protocol; implemented network security to entire base
• Directed 8 personnel to design & implement government secured 802.11 wireless network with Cisco equipment using DoD encryptions ; used security tools (e.g. Flying Squirrel) to conduct wireless security review & assessment
• Analyzed network traffic and bandwidth to enhance network efficiency and reduce network vulnerabilities; maintained network integrity against intrusions by implementing IDPS

Confidential

Network Control Center Officer

Responsibilities:

• Managed 66 - 70 personnel to maintain helpdesk support to 3,000+ base population, maintain NIPRnet and SIPRnet, and upgrade base infrastructure
• Developed, simulated, and maintained Continuity of Operations for Network Control Center (NCC)
• Conducted white team/red team vulnerability and risk assessment on military systems
• Managed and worked on network hosts running MS Win XP, 2003, Linux, Solaris platforms
• Engineered SAN system for military base
• Conducted and managed information security