SUMMARY:

Proven leader in cyber security with 14 years of experience in Information Technology and Security engineering, operations, and management. Able to influence others and drive meaningful change in an organization. Specializes in deployment and optimization of large - scale deployments of enterprise security tools while creating processes that maximize the return on investments and reduces enterprise risk.

COMPUTER SKILLS:

Operating Systems: Windows Server and Client OS, Linux

Vulnerability Scanners: Rapid7 Nexpose, Retina, Tenable Security Center, IBM AppScan and MBSA

Enterprise Security Tools: McAfee ePolicy Suite, PhishMe, SCCM, Cisco Firewalls, Cisco IDS, ArcSight Logger, IBM QRADAR, IBM PCAP, IBM Forensics, Palo Alto, FireEye, Trend Micro Deep Security, Trend Micro Endpoint Encryption, Active Directory and Group Policy

Enterprise Solutions: MS SharePoint, MS IIS, Apache, MS Project Server, MS SQL, MS Exchange, Virtual Server, MS Communicator

Other software: MS Office Suite, MS Infopath, Front Page, Project, HTML, Photoshop, Access, Lotus Notes, and Batch file scripting.

PROFESSIONAL EXPERIENCE:

Senior Cyber Security Engineer

Confidential

Responsibilities:

• Acting CISO for 6 months managing 5 FTEs
• Remains deputy to the CISO while providing leadership and technical expertise for the corporate cyber security team. leading the security engineering function for the corporate cyber security team
• Remains up-to-date on cyber threats and directs technology, polices, and processes to ensure security industry standards and compliance requirements are met, authoring polices and processes as required
• Assists in the development of the cyber security awareness program to include annual awareness training
• Conducts reviews of enterprise security tools and makes recommendations based on best practices
• Conducts Proof of Concepts for security tools and provides input and recommendations to meet security requirements and ensure Return on Investments
• Deploys and maintains the Rapid7 Nexpose enterprise network vulnerability scanner
• Collaborates across multiple teams to actively remediate vulnerabilities and reduce security risks
• Deploys and maintains IBM Security QRadar solutions: SIEM, Packet Capture and Incident Forensics
• Reviews security exemptions and makes determination of accepting risk
• Assists with gap closures to gain compliance with NIST 800.171
• Administers the Cyber Security SharePoint sites for the employee facing site as well as internal team collaboration site

Senior Security Engineer, Team Lead

Confidential

Responsibilities:

• Enhanced continuous monitoring capabilities by identifying technical and non-technical security controls assessment process for automation
• Supported adherence to evolving security requirements and policies
• Identified security architecture and implementation gaps, vulnerabilities, and risks
• Developed, tests, and implements the solutions to address security gaps

Information Security Manager

Confidential

Responsibilities:

• Managed the Information Security Operations Team supporting enterprise vulnerability management, email threat management, security exemptions process and security audit functions
• Responsible for the development and oversight of the enterprise vulnerability management program
• Built and administers all internal team SharePoint sites as a proficient SharePoint Site Administrator
• Reviewed, authored and coordinated changes to the corporate information security policy
• Developed and implemented security controls and procedures in support of the security program
• Coordinated the development and administration of the Security Awareness Program
• Completed internal audits to ensure security controls compliance and participate in external audits specifically related to SOX and NIST 800.171
• Responsible for identifying security risk and developing solutions to mitigate risks
• Developed metrics and other reporting for upper management
• Completed the Confidential Emerging Leaders Program in order to become a better leader

Information Security Analyst

Confidential

Responsibilities:

• Supported corporate IT security functions
• Supported the enterprise log management solution by creating analytics reports in ArcSight Logger
• Managed the enterprise McAfee ePolicy Orchestrator solution
• Performed security monitoring and audit functions for account management and access
• Supported SOC compliance audits and processes

IT Security Analyst/Team Lead

Confidential

Responsibilities:

• Lead a team of IT Security analysts responsible for enterprise corporate security
• Configured and managed ArcSight Logger to analyze all corporate logs
• Configured and managed Cisco IDS to monitor intrusion detection events
• Managed HBSS and performed malicious code removal
• Deployed and managed Trend Micro’s Endpoint Encryption and Credant in various environments
• Completed vulnerability assessments on various systems per Confidential requirements
• Developed security policies and procedures
• Handled computer security incidents, forensics and management reporting
• Administered Active Directory, Exchange Server, Blackberry Server, SharePoint Server, and Project Server
• Managed intranet server, web server, and corporate user support system
• Administered all corporate DHCP, DNS, and file/print services
• Provided support on risk management framework activities for Confidential projects

Network Administrator

Confidential

Responsibilities:

• Implemented and maintained a new network structure with associated security controls
• Served as sole help desk technician for all users
• Created and maintained a disaster recovery plan