SUMMARY:

• Information security / Cyber security Analyst with system engineering background and Linux / network security background.
• Performed System Administration for Linux Red Hat and SUSE Servers.
• Managed a cluster of 2 Juniper SSG 550 firewalls (Was installed as replacement of Checkpoint NGFP3) and Managed the Juniper Confidential Server based on Linux RHEL 4.0.
• Installed and configured VMware ESX 3.0 on HP BL20 Blade servers and NetApp Filer 250 Including converting the physical servers to VM’s.
• Configured Samba on SLES server and used it as file server.
• Install and maintain MySQL on SLES, Patching the server and keeping it up and running.
• Monitor SEIM and other Systems for anomalous events and respond in a timely manner.
• Identify, verify, and respond to anomalous activity or security events on NAFTA network.
• Managed different flavors of firewalls: Juniper, Checkpoint, Palo alto, PIX.
• Local in MI available for the Metro Detroit area.
• AND many others………See technical skills and experience in the sections below

TECHNICAL SKILLS:

• DameWare Remote Administration
• Dell Blade M600/M610
• Dell EqualLogic PS5000E and MD3000
• Dell PowerEdge 2950 Servers
• FAS250/FAS270
• Hyper V
• IBM QRadar
• Splunk
• Cylance AV
• Symantec DLP
• Symantec ATP
• Cisco Source Fire
• Cisco AMP
• Fire Eye Threat Analysis Platform
• Linux RHEL 4, 5, 6, 7
• Linux SLES 11
• MS Exchange Servers
• NetApp Filer Storage
• Confidential Servers
• Symantec Backup Exec Software
• Symantec Ghost Solution
• VMware ESX 3.0 running on HP BL20P
• VMware vSphere 4.0
• Windows Server, 2000, 2008R2, 2012R2
• Windows Server NT
• Windows Terminal Servers 2003, 2008.
• Palo Alto Firewall.
• Juniper Firewall
• Checkpoint Firewall.
• Windows Client XP,7, 8.1, 10

PROFESSIONAL EXPERIENCE:

Confidential, Auburn Hills, MI

Certified Security Analyst

Responsibilities:

• Monitor SEIM and other Systems for anomalous events and respond in a timely manner.
• Identify, verify, and respond to anomalous activity or security events on NAFTA network.
• Monitor, review, and respond to Content Management alerts and logs.
• Review and respond to firewall and IPS security alerts.
• Analyze, verify, and respond to AV and Malware events on NAFTA workstations and servers.
• Respond appropriately to security events. Coordinate with other NAFTA teams for investigation and remediation.
• Analyze, verify, and respond to AV and Malware events on NAFTA workstations and servers.
• Monitor and respond to Data Loss Prevention events and escalate where necessary
• Identify, coordinate, and correct users in security policy violations.
• Documenting security procedures.
• Respond appropriately to security events.
• System Abuse monitoring and management.
• Coordinate with other NAFTA teams for investigation and remediation.
• Using the following systems / tools to accomplish what’s mentioned above: Cisco SourceFire IPS/IDS, IBM QRadar, Splunk, Symantec DLP, Infoblox / IPAM DNS/DHCP Management Console, Cisco Prime Infrastructure, FireEye, Cartographer, NetScout nGinues, Symantec SEP, Symantec ATP (Advance Threat Protection), Cisco AMP (Advance Malware Protection).

Confidential, Detroit, MI

Information Security Engineer

Responsibilities:

• Analyze information to evaluate the effectiveness of controls, determine the accuracy of reports, and monitor the efficiency and security of operations.
• Participate in the domain’s architecture governance process.
• Review exceptions and make recommendations to architectural standards at a domain level.
• Analyze the current architecture to identify weaknesses and develop opportunities for improvements.
• Consult with domain/project/program teams to ensure compatibility with existing solutions, infrastructure and services.
• Consult on business - facing projects and maintain knowledge of their progress.
• Ensure the conceptual completeness of the technical solution.
• Work closely with project management to ensure alignment of plans with what is being delivered.
• Provide recommendations based on business relevance, appropriate timing and deployment.
• Recommend expenditures based on the size, scope, and cost of hardware and software components.
• Working on design, architecture, integration and implementation of Cylance (Next-Generation Antivirus).

Confidential, Farmington Hills, MI

Information Security Analyst

Responsibilities:

• Administered Symantec Messaging Gateway Email environment including SPAM filtering, compliance policies and email security 10.5 including building new servers plus responding and investigating virus infections.
• Managed secure web gateway services using Blue Coat Proxy SG appliance + installation and preforming appliance upgrades.
• Managed Symantec PGP Universal encryption infrastructure supporting Web Messenger, Whole Disk Encryption and Net Share (securing shared folders), including upgrading the env to new versions.
• Installed, configured and administered Symantec Endpoint Protection providing Anti-Virus services for clients and servers. Including upgrading the env from version 11 to version 12.1.4.
• Supported an internal Certificate Authority infrastructure using Active Directory Certificate Services based on Windows server 2008 R2 servers.
• Supported privileged access management solution using Cyber-Ark Privileged Identity Management Suite.
• Supported Juniper SA remote access infrastructure using Juniper SA 4500 in a cluster and RSA two factor authentication technologies.
• Analyzed and understand security threats and to assist with incident investigations and remediation using SSIM (Symantec Security Information Manager).
• Provided on-call support for Information Security technologies.
• Managed Juniper SRX firewall (SRX 650) using Juniper Confidential .
• Managed Palo Alto Firewalls (PA 5020), creating and deleting rules, configured interfaces, zones, security policies, worked with PA Panorama and troubleshooting + setting up the Lab environment.
• Managed Qualys: Preformed vulnerability scans and created vulnerability reports.

Confidential

Enterprise Administrator, Warren, Michigan

Responsibilities:

• Studied the MCITP Enterprise Administrator on Windows Server 2008 at Confidential .
• Followed Hands-on training to renew my VCP certification from VCP 4.0 to VCP 5.0, Practiced in my virtual environment at home.
• Studied Microsoft Exchange 2010 in my home lab.
• Followed Cisco CCNA security training using Cisco ASA 5505.
• Followed SRX training on Juniper SRX210h firewall.

Confidential

Network Security Analyst

Responsibilities:

• Installed, managed, troubleshoot Microsoft ISA 2006 Firewalls.
• Managed, monitored Sophos Antivirus environment on Windows clients and servers.
• Responded on a daily- bases to all security events (ex: Infected systems).
• Monitored Outpost24 vulnerability scanner appliance.
• Managed Bluecoat Web filtering appliance and troubleshoot internet access issues.
• Installed, configured and Managed Microsoft SCOM 2007R2 environment and deploying monitoring agents to Windows 2008, 2008R2 servers.
• Developed, customized and applied Active directory group polices (Server hardening).
• Installed and configured virtualization environment based on Microsoft Hyper-V on Windows 2008/2008R2, Creating VM templates and deploying VM’s using SCVMM 2008 (System Center Virtual Machine Manager).
• Installed and configured new Blade servers and added them to the virtual environment.
• Managed and monitored Dell EqualLogic Storage boxes.

Confidential

Network Security Engineer / System Admin

Responsibilities:

• Performed System Administration for Linux Red hat RHEL 4.0 servers (installation, configuration, patching, deploying MySQL 5.0 servers on RHEL 4.0
• Daily management of Juniper SA 2000 for remote access (Replaced the Cisco VPN Concentrator 3000).
• Managed a cluster of 2 Juniper SSG 550 firewalls (Was installed as replacement of Checkpoint NGFP3) and Managed the Juniper Confidential Server based on Linux RHEL 4.0.
• Installed and configured VMware ESX 3.0 on HP BL20 Blade servers and NetApp Filer 250 Including converting the physical servers to VM’s.
• Configured Samba on SLES server and used it as file server.
• Install and maintain MySQL on SLES, Patching the server and keeping it up and running.
• Managed day to day operation of remote access solution (Cisco VPN Concentrator 3000).
• Preformed vulnerability scan for the Windows env using LAN Guard Network Security Scanner.
• Installed, configured Microsoft WSUS 2.0 for Patch deployments, and later upgraded it to WSUS 3.0.
• Deployed Microsoft Windows patches services packs and hotfixes to the Windows Clients.
• Installed, configured and managed Microsoft Proxy Server 2.0.
• Installed, configured and monitored Snort IDS/IPS.
• Deployed, managed and upgraded Confidential Corporate Edition 8.0 plus upgraded to version 9.0 and later to 10.0.
• Administered (day to day operation) Bluecoat Proxy (replaced the Microsoft Proxy server 2.0).
• Daily operation of managing Cisco Pix firewalls 506e and 515e for the daughter companies.
• Migrated, configured and administered the Company Windows NT 4.0 PCS’s and BDC’s to Windows 2000 Active Directory.
• Migrated, configured and managed 2 separate Exchange 5.5 Servers to Exchange 2003 in a cluster based on Windows Server 2003 Enterprise.
• Installed and configured plus daily management for Backup solution based on Veritas Backup Exec 9.0.
• Daily Administration of: Windows 2000 Print servers, Application Servers and Terminal server.
• Acted as 3rd level support for user incidents.