TECHNICAL SKILLS

Netware 6.5 servers, NDS/Edirectory, Active Directory, Windows 2008/2012 server, Citrix Meta Frame XP, Microsoft exchange 2013, Mcafee Enterprise edition,, Dell Poweredge family, HP Proliant family, Gateway servers, Cisco firewalls, Jnuiper ScreenOS and Junos OS, Paloalto PAN - OS.

PROFESSIONAL EXPERIENCE:

Confidential

Senior Cyber - Security Engineer

• Design, Architect and Vet IT security projects for both internal and external clients. Build site to site Active/passive Firewall clusters.. Support all security devices and applications in the organization.
• . Worked with staff to upgrade and implement best practices for all security related project.
• Prepared Architectural drawing and documentation for new and old projects
• Migrated Juniper Netscreen, Cisco firewalls to Palo Alto PAN-OS.
• Installed, configured, Clusters using Active/Passive firewalls including APP-ID, Wild Fire and Context URL
• Designed and customized Algosec FireFlow ticketing system to march Confidential firewall processes.
• Implemented Business Flow application monitoring.
• Installed and provision PKI certificate for IT infrastructure devices.
• Designed security zones, High Availability and hardened according to best practices PaloALto firewalls and Junipers.
• Co-ordinated meetings to discuss new/modify security access for IT infrastructure.
• Implemented Pulse VPN appliance for remote users using VDI, Remote desktop and intranet access file system.
• Cleanup unused, duplicated and disabled rules on Cisco, Juniper, and Palo Alto firewalls.
• Maintained and Support Cisco, Juniper, Palo Alto firewalls, F5 LTM’s and GTM’s, Tripwire, PRTG, Algosec etc.
• Configured SolarWinds to provide Trap alerts and Manages IP address using IPAM
• Installed and configured Juniper Junos Space, used to Manage Juniper firewalls, routers and switches
• Installed, racked and connect network cables to appropriate interfaces.
• Created Active Directory group policies using best practices.
• Performed monthly and on demand Nessus Vulnerability scanning.
• Configured servers and clients for WSUS and McAfee EPO
• Reviewed firewall and application requirement for Compliance.

Confidential

Senior Security Engineer

• Provided detailed design and implementation plans for Enterprise Wireless network with integration in DOJ secure Network using ClearPass, Controller and Airwave
• Implemented Symantec Endpoint Protection using VMWare guest servers,
• Analyzed, cleaned-up and consolidated Microsoft Group Policies throughout DOJ Civil division.
• Created PKI templates to be used with all Servers, computers, Smartphones and wireless devices
• Configured Cisco Iron Port, CISCO and HP switches to support CISCO VOIP throughout the DOJ Civil division
• Builted VMWare testing lab for testing production applications
• ImplementedPIV card security to authenticate to DOJ wireless network
• Monited Network using SolarWinds Orion suite and Aruba Airwave.

Confidential

Security Consultant

• Provided detailed design and implementation plans.
• Managed, monitored and administered CISCO ASA, SourceFire series and Checkpoint Firewalls, IDS/IPS, Cisco Routers, Switches, VPN’s tunnels, Servers, SAN’s and Microsoft Servers. Email Antivirus software
• Designed and deployed multi-level security technology such as Public Key Infrastructure (PKI) and two factor authentication.
• Designed and implement help Desk process flow for the help desk system
• Used best practices to implement the Help Desk Software and the Monitoring center.
• Evaluated hardware and software for the project and make recommendation.
• Installed, configured Windows 2012 servers, Hyper-V servers, SolarWinds NPM, NCM, NTA and Web Help Desk.
• Managed the project budget
• Hardened Firewalls, Routers, Switches and Servers.

Confidential

Senior Systems Engineer

• Developed, implemented and documented processes and procedures to ensure compliance with standard business practices.
• Managed North and South American network Infrastructure and IT Service Desk
• Successfully implemented and advanced a risk-based approach to information security that provides the proper balance between protection and business results.
• Procured, coordinated and managed, vender/contractor support for custom and commercial business application systems.
• Managed and monitored security information, Proxies, Qualys, Network performance, SSL\VPN, Supported Load balancers, switches, routers, NAP servers, Wireless Network and firewall policies.
• Led IT infrastructure vulnerability assessments and compliance audit.
• Educated IT staff on IT infrastructure security best practices.
• Assisted with the definition and implementation of IT infrastructure related security policy, standards, and procedures.

Confidential

Senior Security Engineer

• Managed, monitored and administered Firewalls, IDS/IPS, Routers, Switches, VPN’s, Servers, SAN’s, Microsoft Servers and VmWare Servers.
• Designed and deployed multi-level security technology such as Public Key Infrastructure (PKI) and two factor authentication.
• Deployed enterprise security solutions such as McAfee HBSS, PKI Smart Cards, Encryption technology and Network access controls.
• Conducted risk assessments and implement solutions to reduce vulnerabilities,
• Implemented Retina, Hercules, Mcfee HBSS, ePO, Solarwind Network Performance, Network Configuration, CISCO, HP ad 3COM switches, VLAN technologies and NetFlow modules.
• Reviewed Syslog, Solarwinds and Juniper IDP logs to identify Intrusion and network problems.
• Carryout Agency mandate from Department of Defense and NIST Security regulations, directives, and instructions such as DOD 8500, NIST-53 etc
• Executed and Update IA Implementation Plan (defined in DoD 8500.1 and DoD 8500.2) for DoD Information Assurance Certification and Accreditation Process (DIACAP)
• Coordinated with network management services to ensure the timely deployment of operating system and application security patches, deployment of security applications and currency of security applications patch levels.
• Monitored system operations for compliance with security policy and accepted best security practices.
• Prepared and update disaster recovery and contingency plan quarterly.

Confidential

IT Section Director

• Developed and implemented all IT policies and procedures, including those for architecture, security, disaster recovery, standards, purchasing, and service provision.
• Formulated and deployed long-term strategic plans for acquiring and enabling efficient and cost-effective information processing, communication technologies and virtual technologies
• In-depth experience with Windows security, internetworking concepts and TCP/IP protocols
• Supervised and manage all aspects of networking including: switches, routers, firewalls, e-mail (Exchange), backups, desktop support, communication lines, phone systems, data encryption, virus protection, patch management, desktop policy enforcement, VPN/remote access, wireless network, asset management;
• Managed the implementation and deployment of MacAfee EPO, Anti-Virus and Endpoint Encryption Software to protect the Agency confidentiality, leakage, Applications and Virus protection.
• Improved Helpdesk and IT procedures reducing problem solving time by 20%.
• Manages Forensic audit using Encase6 eDiscovery tools to identify Pornography usage