SUMMARY AND OBJECTIVE:

• Over 15 years of experience in information technology with an expertise in advanced information security concepts.
• Experienced in troubleshooting network performance, implementing technologies, incident response, as well as, designing and developing m issi on - critical LAN / WAN network security solutions. Skilled in the installation and configuration of network security devices such as intrusion detection/prevention systems and firewalls.
• Proven ab ilities as a lea d er, eng in eer, and me n to r. Knowledge of complex IT environments
• Hosted Solutions/MSS, application support, and customer relations. Seeking a Managerial/Supervisory position in the information security field that utilizes creativity and innovation in a challenging environment.

KNOWLEDGE AND SKILLS:

(Network Security Appliances): NetScreen Security Manger (NSM), Juniper NetScreen/SSG/ISG, Junos, Cisco Pix/ASA, Cisco 6509 FWSM, Cisco Security Manager 4.8, Check Point NGX/VPN-1/UTM - Nokia IPSO & SPLAT, Fortinet Fortigate, McAfee Firewall Enterprise/Sidewinder, Confidential Gateway Security, ISS Proventia Firewall, ipchains/iptables,McAfee Entercept/Intrushield, Tipping Point, Confidential Network Security, ISS Proventia, Enterasys Dragon, Juniper IDS/IPS, Cisco IDS, SNORT, Sourcefire, Confidential Critical Systems Protection (CSP)

(Information Security Tools/Appliances): AlgoSec - (Firewall Analyzer, FireFlow, BusinessFlow, and Autodiscovery), NMAP, Qualys, Retina, Gold Disk, Trip Wire, Nessus, Arcsight, SPLUNK, Metasploit, Confidential Endpoint Protection, Netbackup, Confidential Mail Security, Xceedium Gatekeeper, Fidelis DLP, Juniper Networks Secure Access, Juniper SSL VPN, Blue Coat Proxy

Network Concepts : OSI Model, Protocol Analyzers, NAT, Telnet, VPN, HTTPS/SSL, SSH, Routing, Switching, TCP/IP, Clustering, Failovers/ VRRP, NSRP, PKI, Encryption

Operating Systems : Linux Flavors (Red Hat, Fedora, SUSE, Gentoo, Ubuntu), Microsoft Windows 95/98/NT/2000/ME/XP, IBM AIX

Experienced in the following: Installation and administration of Windows and Red-Hat Linux server and client platforms , Cisco Application Centric Infrastructure (ACI), VMware VCenter/ESX Server 3.5, HIPAA, NIST, FISMA compliance, Passsafe, HP Service Desk, Microsoft Outlook, Office, and Microsoft Communicator, CDI Out of Band (OOB), BASH Shell, Citrix, WebEx, Windows Live Meeting, Net Support, Web connect, Remote Desktop, Putty, SecureCRT, Toad, FTP, SFTP, Sap R/3, PERL, Oracle Enterprise Edition 8i - 10G, SQL Server Structured Query Language (SQL), C++, IBM's Tivoli Netcool, SolarWinds, CA’s Unicenter - TNG, BEA Weblogic Server 7.0, Apache Web server, Visual Basic scripting, Manugistics/ Confidential applications NetWORKS Collaborate, Monitor, and WebWorks Foundation

EXPERIENCE:

Confidential, Bethesda, MD

Principal Cyber Engineer/ Firewall Architect

Responsibilities:

• Provide design, development, deployment, problem identification and remediation, and on-going support of the US Citizenship and Immigration Services ( Confidential ) International network.
• Perform analysis of application network requirements for solutions procured by the client
• Create high level design ( Confidential ), low level design ( Confidential ), Engineering Decision/Recommendation Memo documents.
• Identify network ports and protocols required for mission critical applications and work with Information Security Department to ensure network compliance.
• Recommend and evaluate new network security technologies to modernize and improve business processes through proof of concepts (POC’s).
• Provide managerial duties, leadership, guidance, and operational support for the network engineering/ Confidential - responsible for managing a 400 site WAN, leading a three man team.
• Interface with management ranging from project managers, up to the CIO and other executive leaders on various technical issues and projects.
• Provide firewall engineering and information security support for engineering planning and design of the Confidential MPLS network
• Develop and validate designs for the Confidential LAN/WAN, DMVPN, TIC, PEP, and deploy new firewalls for sites.
• Determine optimal routing through the network, troubleshoot network performance problems, and access control issues when escalated
• Identify, analyze, and determine appropriate firewall and circuit hardware types
• Provide recommendations and support to ensure data is exchanged among users and applications across the enterprise in a secure manner.
• Utilize encryption, VPN’s, and firewall restriction to support secure networking
• Assist in interfacing the Confidential network with other Confidential and Department’s WAN’s for interagency connectivity

Confidential, Washington, DC

Principal Cyber Engineer/Architect

Responsibilities:

• Provide design, development, deployment, problem identification and remediation, and on-going support of the US Citizenship and Immigration Services ( Confidential ) International network.
• Provide managerial duties, leadership, guidance, and operational support for the network engineering/ Confidential responsible for managing a 400 site WAN, leading a three man team.
• Interface with management ranging from a project manager to the CIO on various technical issues.
• Provide firewall engineering and information security support for engineering planning of the Confidential MPLS network
• Develop and validate designs for the Confidential LAN/WAN, DMVPN, TIC, PEP, and deploy new firewalls for sites.
• Determine optimal routing through the network, troubleshoot network performance problems, and access control issues
• Identify, analyze, and determine appropriate firewall and circuit hardware types
• Provide recommendations and support to ensure data is exchanged among users and applications across the enterprise in a secure manner.
• Utilize encryption, VPN’s, and firewall restriction to support secure networking

Senior Network Security Engineer/Senior Firewall Engineer

Confidential

Responsibilities:

• Perform duties of a Senior Network Security Engineer Team Lead for a Department of Homeland Security government contract
• Conduct firewall audits and assessments/ISA’s to provide feedback on the risk impact of the firewalls security posture
• Conduct tier 1 to tier 4 firewall support to resolve daily operational issues, including troubleshooting mission critical application outages
• Perform analysis and troubleshooting of applications issues impacting load balancers, web servers, database servers, routers and switches, and other devices deployed throughout the network
• Provide support for security tools ranging from initial setup and configuration of devices for deployment to upgrading device OS/firmware.

Confidential, Washington, DC

Firewall Engineer

Responsibilities:

• Performed duties of a firewall engineer for a Confidential government contract
• Provided Tier 4 troubleshooting support and Firewall policy implementation and design

Confidential, Reston, VA

Security Engineer

Responsibilities:

• Performed duties of a security engineer for DoD government contract.
• Conducted Information Assurance (IA) analysis for Certification and Accreditation requirements
• Conducted IA assessments throughout the product life cycle to ensure that changes in application code and new add-on’s to applications do not open any new vulnerabilities
• Ensured Information Assurance Vulnerability Alert ( Confidential ) and Information Assurance Vulnerability Management (IAVM) compliance for information systems
• Provided information security recommendations and direct support to the Information Assurance Manager (IAM) and Information Assurance Security Officer (IASO)
• Ensured proper Security Technical Implementation Guide’s ( Confidential ) were followed in setting up and implementing information technologies in multiple environments.
• Designed and developed security requirements to ensure that applications and data exchanges are communicating in a secure manner
• Ensured the security posture is not compromised by reviewing and providing guidance on internal organizational policies as well as access to and from external sites
• Created, and updated existing, documentation to evaluate current IA control compliance, and define practices to mitigate risk where compliance currently is not valid.
• Worked with the Prime Contractor and attended meetings on issues ranging from internal software development security practices, to customer site compliance for web servers, database servers, routers, switches, firewalls, and intrusion detection systems.
• Analyzed automated scan results and provided guidance on areas where vulnerabilities can occur, and how to mitigate areas of risk.

Confidential, Alexandria, VA

Lead Global Firewall Engineer

Responsibilities:

• Managed and monitored nearly 500 firewalls of various vendor technologies and other network devices globally.
• Interacted daily with Fortune Top 50 clients to effectively resolve any and all firewall-related issues.
• Supported and managed approximately 129 Confidential Gateway Security Firewalls, 142 Checkpoint firewalls, 114 Cisco Pix/ASA Firewalls, 124 Juniper Firewalls
• Acted as technical lead on SOC shifts and projects such as migrations and audits.
• Identified cyber attacks (i.e. DDOS, etc.) and took the necessary steps to remediate
• Performed new device configuration and on boarding process for new clients.
• Provided support for clients by setting up firewalls and other network devices including CDI, Out of Band, Confidential Mail Security, and NetScreen Security Manager (NSM).
• Take on technical escalations from the Tier 1 team for issues that require additional in-depth analysis.
• Diagnosed and identify network and firewall-related issues that impact network traffic.
• Performed policy modification and rule changes on firewalls, including VPN, VLAN, route, and NAT changes.
• Created and updated SOP guidelines for best practices and documentation for knowledge base articles
• Inspected client rule bases to identify potential vulnerable rules and access in place on firewalls through audits and other projects.
• Designed and implemented security best practices for Fortune 500 clients
• Built client to site and site to site VPN’s for supported vendor products.
• Set up and configured SSL VPN per client requests.
• Performed firewall upgrades, such as PIX to ASA conversion, Juniper Screen OS, and CISCO OS.
• Configured IDS/IDP blades for firewalls, i.e. Cisco ASA, Juniper NSM/Netscreen
• Performed firewall migrations from one vendor product to another, such as PIX to ASA conversion and Check Point to Cisco
• Trained and mentored newly hired security engineers and interviewed potential candidates.

Confidential, Alexandria, VA

Network Security Engineer

Responsibilities:

• Worked in a 24 by 365 Managed Security Services (MSS) operation with a client facing role to resolve clients security issues related to network security devices and applications
• Performed diagnosis, analysis and resolution for Log Collection Servers, IDS and Firewall software and hardware issues.
• Assisted clients on a daily basis with troubleshooting network traffic problems (i.e. latency, dropped traffic, loss of packets, etc.) related to network devices.
• Identified areas where security can be strengthened on policies for Firewalls and signatures for IDS
• Responsible for uptime monitoring for approximately over 16,000 network security devices on a global scale ranging from Firewalls to Host-based IDS and Network based IDS.
• Resolved Alarms for faults on IDS and Firewall devices related to logging, device unreachable, etc.
• Performed log management and resolved log collection outages associated with Confidential ’s log collector application
• Qualified new devices for clients and ensured that they are properly set up and configured for a production environment.
• Collaborated with various Delivery Management teams to assist clients with non standard requests such as incident and threat response, device audits, and fault handling.
• Trained and mentored new hires in technical and workflow tasks.
• Provided night shift and day shift coverage as needed.

Confidential, Arlington, VA

Software Applications Analyst

Responsibilities:

• Responsible for duties for software support for clients ranging from troubleshooting application issues, to identifying network issues which impact the applications
• Provided technical support for Learning Management Software for end users

Confidential, Rockville, MD

IT Analyst

Responsibilities:

• Worked directly with clients to investigate and coordinate the resolution of client issues, including ownership of data entered into on-line issue tracking system while complying with support procedures.
• Provided support for online bidding, Request for Quote (RFQ) system for shippers and carriers.
• Performed duties of Hosting Analyst which includes database management, batch job management, Perl/SQL script modification, and other daily ad hoc requests by Hosted Solutions/MSS clients.
• Monitored and troubleshot WAN connectivity with Cisco routers and layer 3 switches.
• Monitored and troubleshot multilayer switching, VLAN’s and trunking on Cisco switches
• Managed and deployed corporate NetScreen Firewalls.
• Communicated with internal and external customers to assist with troubleshooting mainframe and server issues as they related to network connectivity.
• Assisted with performing router and switch hardware and software maintenance.
• Assisted in training coworkers in basic NetScreen 5.4.0r4.0 administration.
• Resolved and tracked client support issues (end-user and technical) for Manugistic’s Collaborate, and Monitor applications to assist the Global Client Support department.
• Documented the development and implementation of process design/client architecture for Hosted Solutions clients.
• Worked with Global Consulting Group to ensure successful post implementation support is in place.
• Generated daily and weekly uptime server reports for Client servers running Linux.
• Worked with software developers in India to ensure that patches are tested properly for a client reported defect or a feature request.
• Performed beta site testing and software tuning for new versions of customized client applications.