TECHNICAL PROFICIENCIES:

Software: VMware, LogMeIn, MS Office Suite, Putty, OphCrack, SCCM bigfix, Netwitness, Zenoss, Security Center, ACAS(DISA), zabbix, Cisco Firepower, STIG Viewer, SCAP

Security: Cryptography (shared - key& public-key), Hashing, SSH, SSL/TLS, VPN, HTTPS

IDS/IPS: Snort, NitroView ESM (McAfee), Alientvault

SIEM: Arcsight, Splunk

Vulnerability & Penetration Testing Tools: Nessus, Nmap

Forensic/Malware: FireEye, Wireshark, TCPDump

Security Standards/Guidelines: FISMA, HIPAA, NIST, RMF

Operating Systems: Windows XP/vista/7/8/8.1/10, Windows Server 2012 R2, Linux (Red Hat, Ubuntu), Confidential OS, Android, iOS

PROFESSIONAL EXPERIENCE:

Cyber Security Engineer

Confidential, Linthicum, MD

Responsibilities:

• Monitoring and responding to Intrusion Detection System (IDS) cues and anti-virus alerts
• Support potential security violations and/or incidents by providing vulnerability scan results against target machines.
• Provide technical guidance to junior and intermediate team members.
• Provide input to engineer solutions for ACAS to include PVS, Nessus Server, Nessus Agent/Manager and Security Center.
• Diagnose and resolves ACAS vulnerability scanning credential failures, false positives, scanning issues, and reporting issues.
• Using wireshark and Tcpdump to analyze network traffic (pcap).
• Conduct vulnerability scans, reports, asset creation/modification, and policy creation/modification using ACAS Security Center.
• Create assets, policies, user accounts, groups, scheduled scans and reports using Security Center.
• Create scan zones, adds Nessus Servers, and shares/modifies objects using Security Center.
• Ensure Security Center configurations are compliant with DISA Best Practices.
• Conduct vulnerability analysis on common vulnerability exploits (CVEs) to determine if they are applicable to DISAs assets, the impact, the severity, and mitigation techniques.
• Uploads applicable DISA STIG benchmarks to Security Center(s) on a quarterly basis.
• Assisting with the installation and configuration of network security architectures, including firewalls, Demilitarized Zones (DMZ), router ACLs (Access Control Lists), and web content filters
• Scanning Hard drives/ SSDs for any malicious files.
• Managing and leading security incident response efforts
• Creating weekly report on vulnerability found in security center, Installing Yum updates in all agency systems.
• Maintaining current knowledge of technology capabilities and trends
• Accumulating operational intelligence and maintaining threat profiles of likely attackers

Network Defense Analyst

Confidential, Adelphi, MD

Responsibilities:

• Maintaining knowledge of emerging threats, vulnerabilities, and intelligence within the cyber security field to ensure subscribers are remediating against known threats.
• Constant monitoring of intrusion detection systems.
• Creation of technically detailed reports based on intrusions and events.
• Provides assistance in computer incident investigations
• Conducting trending and analysis of monthly results to identify high risk vulnerabilities impacting the network and ensuring proper security posture from a vulnerability management standpoint.
• Analyze and evaluate anomal ous network and system activity.
• Assist in troubleshooting and problem solving a wide variety of client issues
• Provide quality customer service with excellent communication skills.
• Recommend modifications to access control lists to prevent and mitigate Intrusions .
• Deploying, troubleshooting, and maintaining network-based vulnerability scanners at subscriber sites to ensure appropriate coverage of scanning services.

Data Security Analyst

Confidential, Rockville

Responsibilities:

• Provide 24x7x365 monitoring of all security devices, sensors, web proxies, endpoint encryption and security environment, antivirus and antimalware environment, federated authentication services environment, proxy auditing and inspection environment, PKI, and network/host based firewalls to detect real or possible security events.
• Monitor the Security Operations Center (SOC) hotline, email inboxes, and other communications
• Report incident information to US-CERT as necessary ensuring the confidentiality, integrity, and availability of the system
• Provided first level Intrusion Detection System (IDS) monitoring, analysis and incident response to information security alerts events
• Upon identification of security events, escalate to appropriate Security Operations support for immediate troubleshooting and remediation.
• Utilize GFE/CAP forensic tools to obtain evidence that adheres to standards admissible in a court of law in support of incident response teams
• Review/correlate information from security clearing-houses and cooperative network security communities on the latest security trends and cyber threats and disseminate the collected intelligence to security stakeholders.
• Contributes to a team of approximately twenty-five information assurance professionals working with Intrusion Detection System (IDS) software and hardware, analyzing IDS data, writing reports, briefing event details to leadership, and coordinating remediation
• Immediately report, upon discovery or notification, to the Watch Commander on the defined incident categories
• Actively monitor network events generated by over 17,000 users and 35,000 monitored
• Systems through the use of 40 Snort IDS devices in conjunction with NitroView ESM. Duties included identifying network intrusion attempts and escalating to Incident Response Team
• Perform daily blocks of IP addresses through Check Point Firewalls
• Perform detailed packet analysis on triggered security events utilizing tools such as Wireshark and NetWitness to eliminate false-positives and identify confirmed intrusion attempts
• CISSP Training

System Administrator

Confidential, Washington, DC

Responsibilities:

• Providing desk side services for over 7000+ on-site user by performing installation, configuration, maintenance, and troubleshooting on personal desktop computers (PC), Macintosh computers ( Confidential ), laptops, and peripherals such as printers, monitors, and scanners.
• Develop policy and procedure/SOP for the secure implementation of information technology.
• Expertise hands in troubleshooting of Computer hardware related problems such like UPS, SMPS, Printer and Drivers.
• Coordinate with the command network operations and security center techniques, training, and procedures as applied in Computer Network Defense.
• Managing and Maintaining the Servers, PC’s, Routers and Switches.
• Installing, configuring and administering network technologies, DHCP Client/Server, IPv4 vs IPv6
• Support all customers with respect to the computer equipment and the software installed on their systems, making sure that the software functions properly in customer's environment
• Good understanding of OSI Model, TCP/IP protocol suite (IP, ARP, ICMP, TCP, UDP, SMTP, FTP, TFTP)
• Perform Ghosting, PC and application upgrades and installs, New user set up (new user login, email, network proxies, VPN setup and install, printer setup, and Administrative rights), VPN troubleshooting and installation, SMS, encrypted disks, Scripting, Active Directory, BlackBerry power-users and support, and TCP/IP and network troubleshooting
• Perform Microsoft Active Directory Group Policy Objects
• Coordinating and manage team and IT projects.
• Work with clients and customers to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations