SUMMARY:

• I am a dynamic Security Engineer with 18+ years of record achievements and proven success with hands - on technical expertise to support critical data security infrastructures.
• I am technically proficient with multiple network firewalls/IPS sensors, and other network security hardware.
• I have exceptional problem solving skills while working with customers which allows me to secure sensitive data for controlling inbound and outbound content and all aspects of DMZ server computing.
• I have lead and managed many different teams and served on many national level projects from secure to unsecure.

TECHNICAL QUALIFICATIONS:

FIREWALLS: Cisco ASA5510 -ASA5585 and Juniper Space Screen-OS & Junos SRX, Checkpoint, Palo Alto

IPS/IDS: Source Fire, Cisco Fire Power, IBM ISS Proventia, McAfee, Juniper IPS

ANALYSIS / SIEM: Wireshark, Sysinternals Utilities, QRadar, Splunk, ArcSight, FireEye, BlueCoat Proxy

SCANNING: Nessus(7.0.3) Security Center (5.6.2.1), Metasploit, NMap

ROUTING: BGP, OSPF, EIGRP, RIP, MPLS, IPSec / GRE tunnels for VPN

WAN: T1, DS3, DSL, SONET, Multilink’s, PPP, Frame Relay, NVPN, MPLS RADIUS, TAC-ACS+, VPN, IPSec/GRE, SSL

SYSTEM ADMIN: Solaris, Unix, Linux, Windows 2000 server, NT/5.0, DNS, DHCP

NETWORKING: Voice Over IP, IP Telephony, wireless, Data

NETWORK MANAGEMENT: Cisco Works, syslog, SNMP, Agilent packet analyzer, LDAP

CUSTOMER SERVICE SKILLS: Exuding patience toward stressed customers while providing timely feedback to their requests. Mitigate the issue while building report and not just another voice over the phone. Assuring the client that they have a “one stop resource” for solutions to problems while they are being resolved.

WORK EXPERIENCE:

Confidential

Senior Network Security Engineer, Washington, DC

Responsibilities:

• Lead with the Implementation of Confidential -Office of Inspector General Security forensics program, Implement and upgrade existing security infrastructure devices and applications. Design, assess and minimize system vulnerabilities (example: SIEM, Firewall, IPS, Nessus Security Center, Endpoint, Active Directory security level authentication.
• Implemented security policy requirement for Nessus Security Center (5.6.2.1) for Dashboards creation for Center for Internet Security (CIS) Compliance and vulnerability assessments for auditors and for various Network/ Server / Desktop and Security Team for deep analyses.
• Created Scan Policies, Audit files, Credentials, Dynamic/Static Asset list, for Network / Server / Workstation scans for Weekly Vulnerability assessment with Nessus Security Center.
• Created Host Discovery Scan for all devices in the network using the Nessus Security Center.
• Work with various teams on scheduled scans on different devices with the scan results imported to an excel file generation from Nessus Security Center Low/Medium/High/Critical resulting in a devices list and enabling a view of their vulnerabilities as well as how to remediate those issues.
• Worked with OIG Agents on their cases to ensure information obtained was not malicious in content and used Palo Alto WildFire, PA - Threat Vault, Virus Total, Joe’s Sandbox, etc.
• Hands-on experience with Juniper / Palo Alto security Firewalls and IPS systems.
• Implemented Palo Alto Traps Endpoint Security and pushed out via SCCM to all workstations and Servers.
• Technical and security knowledge in a specialty such as log analysis, incident response, enterprise vulnerability assessment and/or remediation
• Provides authoritative advice to other support groups in systems security, and provide remediation steps and assist in developing and implementing Confidential -OIG stated guidelines
• Experience with alert analysis in a computer network intrusion/detection environment Blocked on IP, Hash, file type, Domain URL
• Implements security requirements resulting from new DOC-Cirt, US-Cert, Presidential directive, or other external mandate; integrates security programs across Confidential -OIG in relation to security incident reporting.
• Reviews and evaluates security policies; identifies need for changes based on new security technologies or threats; tests and implements new policies and institutes measures to ensure awareness and compliance.
• Working knowledge of well-known security tools such as NMAP, TCP-Dump, Wireshark, QRadar, Splunk, Juniper Space/NSM, Palo Alto, Nessus, Metasploit, Dynamic Malware Analysis Tools (Procmon, Process Explorer, Regshot, INetSim).
• Problem Solving: Identifies and analyzes problems; weighs relevance and accuracy of information; generates and evaluates alternative solutions; makes sound recommendations.
• Performed Phishing email analysis and Software/Executable analysis by using various tools such as Virus Total, Threat Crowd, Joe’s Sandbox Cloud, PA-Threat Vault, PA-WildFire

Confidential

Senior Cyber Security Analyst, Alexandria, VA

Responsibilities:

• Leads the implementation of Confidential security forensics programs in collaboration with Confidential liaisons designed to anticipate, assess, and minimize system vulnerability (e.g., intrusion, Firewall or BlueCoat access and authentication programs.)
• Writes procedural documents once a need is identified to change security infrastructure, systems, processes and procedures based on new security technologies or threats
• Coordinates the implementation of Confidential security forensics programs in collaboration with Confidential liaisons across platforms and establishes vulnerability reporting criteria to insure protection of Confidential automated information.
• Provides authoritative advice to other support groups in systems security and provide remediation steps, assist in developing and implementing Confidential stated guidelines
• Investigates potential security risks, recommends mitigation or countermeasures, and works with support groups until resolution is achieved.
• Implements security requirements resulting from new DOC-Cirt, US-Cert, Presidential directive, or other external mandate; integrates security programs across Confidential in relation to security incident reporting.
• Reviews and evaluates security policies; identifies need for changes based on new security technologies or threats; tests and implements new policies and institutes measures to ensure awareness and compliance.
• Coordinates security activities with the Office of Security, the IT security officer at the Department of Commerce and the Office of Human Resources.
• Investigating, preserving, and analyzing advanced persistent threats that identify sources and methods that may be used to exploit vulnerabilities in the system and/or network.
• Planning and implementing corrective mitigation to stop advanced persistent threats, security incidents, system intrusions, anomalies and potential unauthorized activity and misuse.
• Possess a deep understanding of hacker techniques, vulnerabilities, attacks and countermeasures.
• Maintain a strong awareness and understanding of the current threat scope to conduct research on emerging security threats and potential customer impact.
• Strong knowledge of identified operating system platforms, routers, network protocols and security architecture.
• Working knowledge of well-known security tools such as NMAP, TCP-Dump, Wireshark, QRadar, Splunk, Juniper Space/NSM, Nessus, Metasploit, Dynamic Malware Analysis Tools (Procmon, Process Explorer, Regshot, INetSim).
• Working knowledge of common attacks and vulnerabilities and possesses strong understanding of common categories of malware and characteristics of each.
• Knowledge of Confidential enterprise systems in regard to information security solutions to various network and application development teams on key initiatives.
• Leads security team that develops and implements IT security forensics standard procedures.
• Experience with alert analysis in a computer network intrusion/detection environment or similar field desirable.
• A strong understanding of the information security threat landscape including detailed technical knowledge about the most prevalent vulnerabilities, threats, attack methods and infection vectors.
• Hands-on experience with Juniper security Firewalls and IPS systems
• Technical and security knowledge in a specialty such as log analysis, incident response, enterprise vulnerability assessment and/or remediation
• Communication: Makes clear and convincing oral presentations to individuals and groups. Listens effectively; clarifies information as needed. Speaks and writes in a clear, concise, organized, and convincing manner that is appropriate to the audience. Facilitates an open exchange of ideas to ensure all group input is considered. Handles technical, sensitive or controversial topics with agility, involving executives/managers as appropriate.
• Problem Solving: Identifies and analyzes problems; weighs relevance and accuracy of information; generates and evaluates alternative solutions; makes sound recommendations.

Confidential

Senior Security Engineer, Herndon, VA

Responsibilities:

• Build Site to Site VPN between customer and company central office.
• Upgrade Cisco ASA IOS from 8.4 to 9.1(2)5.
• Troubleshooting using packet tracers and captures and Wireshark.
• Build SSL-VPN at all sites for secure communication to internal network.
• Configure Access-list on company and customer Firewalls.
• Configure NAT statements on version 9.1(2)5.
• Enable SNMP version 3 on all devices.
• Enable TAC-ACS on all devices and maintain Cisco ACS server administration.
• Configure SNMP and update SolarWinds topology with new devices to be monitored.
• Configure Solar Winds access for external customer portal via SSL-VPN and PAT.
• Configure VMWare View client to have access to VDI workstations.
• Mentor junior engineer on troubleshooting and writing method and procedures documents.
• Configure Cisco IPS modules on all Cisco ASA firewalls.
• Modify signatures to either Alarm or Deny sessions.
• Enable signature updates on all IPS modules.
• Enable best practices configurations on all devices router/switch/firewalls.
• Setup RF antennas with GEOSpier and MEOSpier Satellites.
• Work with Ibuilder and Imonitore for RF Satellite administration.
• Configure Routers for MPLS via BGP with Service Providers, and redistributed into EIGRP.
• Configure Cisco 3750 switches stacks for local network.
• Configure Vlans access ports and Trunks.
• Update trouble ticketing system for detailed fix action.

Confidential

Senior Security Engineer, Herndon, VA

Responsibilities:

• Work on service case reported by customers that are either escalations or change requests
• Configure Access-list on customer firewalls for Checkpoint/ Juniper/ Cisco
• Configure Static or Hide Nat statements on Checkpoint firewalls.
• Build Site to Site VPN’s for Checkpoint /Juniper / Cisco firewalls
• Configure Remote Access SSLVPN for Cisco ASA firewalls via ASDM
• Upgrade Cisco ASA firewalls from version 8.2 to 8.4
• Troubleshoot by running packet tracer or captures on Cisco ASA firewalls
• Troubleshoot Juniper ScreenOS via Snoop and log captures
• Configure Juniper SRX firewalls Access lists
• Configure Site to Site VPN’s for Juniper SRX firewalls
• Configure Source Fire IPS Sensors with updated signature definitions from Defense Center
• Modify signature policies for Source Fire IPS that are Inline or Passive to Alarm or Drop.
• Configure Source Fire IPS for Management
• White list traffic on Source Fire Defense Center
• Configure IP Profiling on Source Fire to find the Top Talkers on sensor
• Generate a Troubleshooting file to work with Source Fire TAC on escalation issues.
• Upgrade Source Fire IPS from 10.2.5 to 10.3.4 software revision
• Modify signature policies for IBM ISS Proventia IPS that are Inline or Passive to Alarm or Drop
• Upgrade IBM ISS Proventia IPS from 4.3 to 4.6 software revision.
• Modify signature policies for Cisco IPS via IDM or CSM that are Inline or Passive to Alarm or Drop
• Upgrade Cisco IPS software revision

Confidential

Senior Infrastructure/Security Engineer, Vienna, VA

Responsibilities:

• Configure Cisco ASA5585 firewall’s with Multi-context configuration with (4) port channeling for maximum transmission from firewall to Cisco 6509 Distro switches.
• Configure F5 Load Balancers on ver. 9 or ver. 10 with VIP’s, and pools, members and Monitors for balancing load levels on Application Servers.
• Configure F5 replacements that are down by uploading configurations.
• Configure Cisco ASA5550 for permitting or denying internal or external host to server farms.
• Configure Cisco ASA5550 for Site to Site IPsec VPN tunnels to Head Quarters offices.
• Configure Cisco 6509 or 7606 switches in the DMZ to interconnect in the DMZ by creating trunks and vlans and access ports and Access lists.
• Configure Cisco 6509 access switches for local user workstations.
• Configure Bluecoat Proxy servers to either allow or deny URL company-wide.
• Configure Infoblox for new IP reservation.
• Configure Cisco ASR routers and Cisco 7206 router with Confidential .
• Configure Cisco routers and switches and firewalls for Best Practices and Failover.
• Configure and troubleshoot using the CLI and ASDM version 6.4.5 to create, edit, and delete the existing configuration. Ex. Access lists, Static NAT, object group, IP address to names, IPsec VPN’s.
• Configure all devices for TAC-ACS and SNMP monitoring.
• Work with the IDS/IPS group for blocking suspicious IP’s, scanning the network.
• Work on multiple projects with programmers on Data Power appliances, Middle wear, and Iron Mail.
• Upgrading all ASA5520 in the DMZ that have existing 8.2.5 images with 2Gig memory cards with new code of 8.4.2 and ASDM image of 6.4.5
• Perform Password recovery on Cisco routers, switches, firewalls, Pix
• Upgrade Management Network with 2 tiered stacked 3750 Gig switches.
• Build Engineering Maintenance Scripts and Visio Drawing for Projects to be implemented.
• Cable Management so all Cat5/Cat6 or Fiber are neatly placed in racks.
• Work on Change Request tickets
• Daily communication with other internal members on multiple project management.

Confidential

Senior Cisco Network Engineer, Bethesda, MD

Responsibilities:

• Configuring Cisco ASA 5505 / 5510-5540 series firewalls, so services can be accessed from the outside of a company networks to internal services. Using CLI and ASDM to configure Static NAT, Access lists either permitting or denying networks on specific ports.
• Configuring site to site VPN tunnels on the Cisco ASA5500 series firewall
• Configuring two factor authentications for remote access VPN for customers working from home and mapping directories and drives, which they can access remotely.
• Configuring a three tier security topology on customer networks.
• Configuring firewall, routers, switches for redundancy and failover with HRSP
• Configuring Cisco ASA5500 firewall or router for new circuit turn-up with standby circuit backup.
• Configuring and installing Cisco Wireless Access Points via DHCP.
• Configuring Cisco switches 2960/3550/3750/4509 for either layer 2 or 3 routing.
• Configuring Cisco/Dell/3com switches for Voip infrastructure.
• Conducting password recovery on Cisco ASA5500/Pix’s, routers and switches.
• Configuring Cisco ASA5500 series firewall and switches and routers for IOS image upgrades revisions.
• Writing Service of Work for project requirement and hours.
• Managing and maintaining customer project from start to finish.
• Maintaining and configuring and racking network equipment at COLO sites.
• Conducting Penetration testing and evaluating customer networks for infrastructure security vulnerabilities.
• Work with different groups Tier 1/II in assisting in troubleshooting.
• Configuring Sonicwall, Juniper, Watchguard, Checkpoint firewall for customers.
• On-Call 24/7 for Confidential 700 customers

Confidential

Network Engineer

Responsibilities:

• Build SCIF networks at GD sites for private government contracts.
• Manage, build rack and stack network equipment and wires in data center.
• Configure Cisco ASA via CLI and ASDM
• Configure Cisco 3845/2891/2651 routers and 4506/4509/ 2950/2960/3548/3750 switches
• Work with Cisco wireless network controllers, and Access points
• Perform password recovery on Cisco routers and switches and ASA firewalls
• Push current version of Cisco IOS via TFTP to routers and switches
• Maintain and build network design diagram via Visio for all sites in GD network
• Investigate latency and packet loss over multiple T1 and T3
• Full life-cycle router/switch builds turn-ups at facilities, with IP assignment on DHCP server.
• Monitor all SCIF buildings and facilities within the continental US for network uptime.
• Investigate workstation connectivity for different applications on network.
• Maintain network database of configurations on Cisco works
• Configure HSRP for failover and load balancing on network equipment
• Maintain network routes via EIGRP and BGP with ISP
• Configure and modify rules in Cisco ASA and router
• Work at different sites and maintain network and special projects to rehome network equipment
• Maintain and build new vlan’s and layer 2 routing.
• Work on CA network tickets, and assist with the LAN desktop tickets
• Build terminal console connections for all equipment on data racks
• Maintain clean, tight network racks wiring.

Confidential

Network Engineer, Ashburn, VA

Responsibilities:

• Engage with high-profile military personnel to analyze network performance levels on devices such as on Cisco 2500 - 2800 series routers, and 2950 - 3750 switches.
• Work with provisioning group for recommended network layout for Routers and Switches.
• Perform Password Recovery on Cisco Routers and Switches at military bases for devices that are down.
• Configure Router and Switches for TAC/ACS authentication on military sites.
• Troubleshoot and configure VPN IPSec connectivity between sites.
• Configure Confidential ’s on Cisco routers to permit or deny ports and networks at military sites.
• Troubleshoot base utilization and packet loss for connectivity.
• Investigate workstation connectivity for different applications on network.
• Troubleshoot server applications and connectivity issues across bases for authorized applications utilizing firewall and routing.
• Isolate network virus infections on the network that decrease base productivity, based on loss of bandwidth due to port scanning.
• Troubleshoot civil/personnel remote access connectivity issues.
• Physically test circuits at national bases to CSU/DSU, checking for correct cross-connect mapping and errors, clocking, framing type.
• Leading training classes with new hires on actual real time issues at sites.
• Investigate latency and packet loss over multiple T1 and T3.
• Full life-cycle router/switch builds turn-ups at Bases, with IP assignment on DHCP server.
• Leading the team when a major base outage occurs, to resolve the problem or to assist other groups in the coordination of the escalations.
• Monitor all Forts and facilities within the continental US for network uptime.
• Maintain network database of configurations on Cisco works.
• Configure BGP or OSPF protocols on routers for different sites.
• Document all finding in the Confidential ticketing database.

VOIP Administrator

Confidential, Riverview, FL

Responsibilities:

• Maintain and analyze the Cisco BTS 10200 Voip soft switches on there national platform running on SIP.
• Proactively maintain and evaluate Soft switch performance using (Python) scripts and CLI.
• Writing and reviewing MOP’s and processes pertaining to upgrading and enhancing the BTS Voip network.
• Running Oracle SQL queries and modification against multiple servers.
• Maintain Big IP Linux servers to enable and disable front ends in/out of service.
• Performing scheduled and emergency maintenances to upgrade Confidential servers and soft switches.
• Trouble shooting dial plan and trunk and realm routing.
• Running and editing CRON jobs running in the network for time sensitive scripts, to pull data for upper management for network performance.
• Maintain and trouble shoot network voicemail issues, with Front End Solaris voice servers.
• Performing complex dial plane translation changes to Voip network.
• Ensure routing is in place for network servers and Cisco 7301 Voip routers.
• Providing Tier 3 support, for customer service and tier 2 support groups.
• Perform call through testing with CLEC to add new rate centers.
• Provisioning, turn up and maintenance of 911 trunks over TDM and SIP with CLEC.
• Isolate national SIP network failures using Agilent call tracing tool, and Ethereal SIP sniffers.
• Upgrading code and monitoring of the ACME, Session Border Controller routers.
• Interface with Network engineering, Network Operations and CLEC to isolate and resolve subscriber and network connectivity issues.
• Maintain, and trouble shoot for national groups that their provisioning tools are operating for LDAP and IMAP servers.
• Monitor entire national network for outages, and work with groups to ensure optimal uptime using Qosum and Spectrum.
• Maintain Cache and Queue Servers.