We provide IT Staff Augmentation Services!

Senior Security Consultant Resume

Grand Rapids, MichigaN

OBJECTIVE:

  • To obtain a position in IT management, IT Security and networking engineering where my background, education and experience will be Utilized and challenged.
  • My Professional Security Goal and Project Management experience
  • Detect attackers’ reconnaissance activities in real time. Heighten the intelligence of Organization existing security infrastructure to find hidden patterns and relationships suggesting malicious activity to better business decisions about organization cyber risks and arms the business with an essential layer of business - relevant cyber protections plan that enhances the business existing security defenses.

SUMMARY:

  • Under general direction, responsible for the acquisition, installation, maintenance and usage of the wide and local area network, Manages network performance and maintains network security, DLP Security, Ensures that security procedures are implemented and enforced, installs all network software, evaluates, develops and maintains telecommunications systems, troubleshoots network problems, establishes and implements network policies, procedures and standards and ensures their conformance with information systems and company’s objective
  • IT Risk Management, IT Operations, or IT Audit Methodology
  • Knowledge of ISO 27000 frameworks, BITS SIG, or COBIT/SOX IT control testing.
  • Knowledge of security controls for the handling of Personally Identifiable Information (PII) data.
  • Knowledge of regulations and security compliance requirements affecting financial institutions
  • Providing best practices and guidance on IT Infrastructure Controls Assessments
  • Executing and evaluating infrastructure controls assessments and evidence for controls gaps and assisting with the documentation of any required remediation plans
  • Driving the design and implementation of effective continuous testing and reporting processes and tools for infrastructure controls
  • Proactive monitoring of internal and external-facing environment using specialized security applications
  • Provide timely, comprehensive and accurate information to Incident Response Manager in both written and verbal communications
  • Develop the requisite expertise, knowledge, and ability to perform independently through mentorship; mentor and share expertise with junior staff
  • Driving the continuous improvement of the IT Infrastructure Controls Assessment process and documentation
  • Monitors and responds to complex technical control facility hardware and software problems utilizing a variety of hardware and software testing tools and techniques. Provides primary interface with internal analysis and support to ensure proper escalation during outages or periods of degraded system performance. Provide network server support. DLP and NAC implementation and configuration, Cisco ACE Web Application Firewalls
  • Providing guidance and training for less experienced engineers
  • Understanding of X.509, RSA and general certificate management processes
  • Solid experience with public key infrastructure (PKI) and Experience with certificate lifecycle management, such as Venafi TPP.
  • Solid experience with Microsoft Certificate Services
  • Experience with commercial Certificate Authority providers
  • Experience authoring Certificate Polices and Certification Practice Statements (CP/CPS) and Strong proficiency in cryptography
  • Implement, Configure, Maintain, Fine Tune & Troubleshoot Symantec Data Leak Prevention (DLP) Solution.
  • Implement, Configure, Maintain, Fine Tune & Troubleshoot Network Access Control (NAC) Solution.
  • Administrated of server technologies (HP blades, VMware, dedicated server hardware, cloud) Detected and mitigated of SQL injection attacks
  • Detected and mitigated of DDOS attacks, Implementation and configuration of Source Fire: Next-Generation Intrusion Prevention System (NGIPS), with network visibility into hosts, operating systems, applications, services, protocols, users, content, network behavior and network attacks and malware. Next-Generation Intrusion Prevention System with integrated: Application control, Malware protection and URL filtering
  • Detected and mitigated of malware attacks, Incident response and DR Disaster recovery expert, Cisco ISE, Sourcefire IDS, Bluecoat, ASA firewall, UDeploy. Urbancode, DevOps
  • F5, ICE, PCI and Cisco Security Malware Root kit Trojan Worms, Malware DLL Injection, Experience working with Forescout (Fore scout), Cisco ISE and SSL VPM experience
  • System Administration, System Engineering, Linux/Unix administration to include:Checkpoint firewall, Barracuda Web Application Firewall, RSA /Symantec DLP, Cyber Ark PIM
  • Cisco Nexus series switches and routers, Nexus, 6500s, Prime, Nexus, Routing, Switching, Load balancer, Wireless.
  • Public and private cloud architecture from Network & security perspective
  • Understanding Splunk language (SPL, Open DNS Cisco Umbrella, Virus total, IBM Big Fix Manager.
  • Experience with Amazon Web Services (AWS), Arc Sight security analytics and log management
  • QRADAR SIEM Rule Tuning, Custom Security Alert Creation, Custom Security Reports, Audit Support
  • Log Parsing, Log Collection and Tuning Dashboard Creation, Updates, Fixes Remote Hands-On Support, Daily Reviews

EXPERTISE AREA:

  • Intrusion Detection
  • Threat Intelligence
  • Digital Forensics
  • Malware Analysis
  • Application Security
  • Security Engineering
  • Vendor Implementations
  • Identity & Access Management
  • Incident Response
  • Reverse Engineering
  • Security Assessments
  • Penetration Testing
  • Mobile Security
  • Vulnerability Management
  • DDoS Mitigation
  • Data Visualization

TECHNICAL SKILLS:

Operating Systems: Windows 7, XP UNIX, Linux, Nokia IPSO, SPLAT NGX R65, R70,R71, R75, Provider 1, Check Point R75 SPLAT and Software blades technology.

Security Tools: NMAP, Wire shark, Nesses Secure Center, Snoop, Tcpdump, Proxy application. FireEye

Vulnerability Scanning Tools: Qualys, Trustwave (Cenzic Hailstorm), HP-Fortify, Splunk, RedSeal. Tripwire

Intrusion Detection Systems: MacAfee, Juniper, Air magnet, Checkpoint IPS/IDS, Weasel correlation tool, MacAfee Nitro IDS, Source Fire. Implementation and configuration of Source Fire Next-Generation Intrusion Prevention System (NGIPS), with network visibility into hosts, operating systems, applications, services, protocols, users, content, network behavior and network attacks and malware. Next-Generation Intrusion Prevention System with integrated Application control, Malware protection and URL filtering

Firewalls: Checkpoint VPN-1/FW-R75 with Cluster/Secure XL, VPN, Watch guard Firewalls, Interlock Firewall, Cisco ASA and Cisco FWSM, Palo Alto, Juniper SRX Series.

DNS Servers: BSD and Linux based Internal and External Signature of Authority (SOA)

Load balancer: F5 Bigips LTM and GTM. LEM, FIM, Nexus, 6500s, Prime, Nexus, Routing, Switching, Wireless

Audit software and tools: Checkpoint Eventia Reporter, Tufin solutions for Revision control and Best practices, log logic, Manager.

Email Security Services: Message Labs, Cisco Iron Port, Anti-Virus, Anti-Spam, Image Control, Client Server.

Monitoring tools: Qualys, HP Open view, what’s up Gold Service Exchange Citrix Network Segmentation NSXImage deployment using Symantec, UDeploy Urbancode, DevOps

Software Applications: Virtualization Software, MS Office suites, MS Project, MS Front Page, MS Visio, SMS, Lotus Notes, Remedy, ETMS, Manager, SharePoint.

Protocols: TCP/IP, FTP, SNMP, SMTP, ICMP, RIP v2, OSPF, IKE, EIGRP, NAT/PAT, ACL.

WORK EXPERIENCE

Senior Security Consultant

Confidential, Grand Rapids, Michigan

Responsibilities:

  • Responsible for general AWS environment through protecting servers in the cloud
  • AWS Project integration, automation, provide API solutions, design, develop and implement creative infrastructure solutions. Monitor & Manage Tableau, Airflow, Thought Spot & other BI infrastructure
  • Analyze and recommend infrastructure sizing including hardware and software requirements. Analyze & troubleshoot issues.
  • Firewalls, Proxies, Web Gateways
  • Unified Threat Management
  • Data Loss Prevention
  • Enterprise Encryption Solution
  • Splunk Integration
  • DCS: Data Center Security Certified
  • Symantec Critical System Protection Certified
  • Have global responsibility for two critical Information Security areas:
  • Develop, design, implement and execute security vulnerability assessments and consulting on remediation recommendations.
  • Analyze and respond to a range of security alerts covering all locations and the ability to communicate with all levels within the company.
  • Assist the Senior Manager to design, implement and provide ongoing relevant information security services as well as communicating risks, exposures, or threats to relevant stakeholders.
  • Responsible for general AWS environment through protecting servers in the cloud
  • AWS Project integration, automation, provide API solutions, design, develop and implement creative infrastructure solutions. Monitor & Manage Tableau, Airflow, Thought Spot & other BI infrastructure
  • Analyze and recommend infrastructure sizing including hardware and software requirements. Analyze & troubleshoot issues.
  • Provide strong consultant to the enterprise business units, application and technical teams
  • Monitor, respond and evaluate the trending of security alerts generated from several heterogeneous security devices.
  • Establish technical standards and process that ensure industry best practices for Information Security are applied to IT and Business systems
  • Provide Incident Response (IR) support when analysis confirms actionable incident.
  • Monitor, evaluate and provide threat and vulnerability analysis as well as security advisory services.
  • Ensures all information security deployments properly implemented and supported.
  • Monitor, analyze and respond to previously undisclosed software and hardware vulnerabilities.
  • Investigate, document, and report on information security issues and emerging trends. Remain current, identify new functionality to meet business needs and foster knowledge sharing.
  • Integrate and share information with other analysts and teams
  • Manage tracking and remediation of vulnerabilities by leveraging agreed-upon action plans and timelines with responsible technology developers and support teams.
  • Assist with policy, standards, process and procedural updates as part of comprehensive remediation solutions
  • Validate remediation by reviewing application updates or deployed mitigations to verify resolution.
  • Provide security consulting services, as needed, to various projects to ensure all information security needs are met
  • Knowledge of global information risk management threat and vulnerability analysis and/or security monitoring/incident analysis
  • Demonstrated hands-on experience with vulnerability scanning tools as well as SIEM technology is required.
  • Strong technical knowledge in information security including: operating system administration for Windows and UNIX servers, Using Cisco Open DNS-Umbrella to block bad domains, investigate suspicious domains and identify the risk, Virus Total and IBM BIGFix( Big FIX)
  • Knowledge of desktop Windows and Mac systems, o application and database security, network access control systems, and/or web development, network and Internet security
  • Cloud and virtual hosting environments.
  • Demonstrated familiarity with administration and use of networking devices including Cisco routers and switches, wireless access points, Palo Alto firewalls, load balancers and VPN devices.
  • Working knowledge of IP-based protocols including the ability to perform network traffic analysis with

Confidential, VIRGINIA

Cyber Security Engineer

Responsibilities:

  • Providing security engineering support for the infrastructure and applications across multi-site enterprise and data center environments; including engineering on data encryption, data masking and database monitoring
  • Work closely with technology and business stakeholders to understand goals, determine security requirements, design and implement solutions to meet business objectives, IT strategic initiatives, corporate and regulatory requirements.
  • Perform the technology planning, design, implementation and L3 support of IT Security solutions including PKI, Checkpoint Endpoint Security, Splunk, Bromium, and other security tools. Protect and secure company resources in the cloud, virtual and physical infrastructures. Responsible for general AWS environment through protecting servers in the cloud. AWS Project integration, automation, provide API solutions, design, develop and implement creative infrastructure solutions. Monitor & Manage Tableau, Airflow, Thought Spot & other BI infrastructure Analyze and recommend infrastructure sizing including hardware and software requirements. Analyze & troubleshoot issues.
  • Manage PKI Project, Splunk integrated system logs, Bios.
  • Managing Symantec DLP DAR, End Point, AWS implementation and configuration
  • Support the security risk assessment of applications and infrastructure; including remediation of incident response, vulnerability analysis and threat intelligence.
  • Cyber Ark Risk management
  • Certifications of new versions in Vormetric and Informatica DDM
  • Coordination with Information Security team to ensure solution assurance and compliance to security policy, procedures, standards and baseline security configuration
  • Planning, designing and implementing of PKI, PKI, multi-factor authentication, X.509 token, single sign-on, federated identity, and certificate management solutions.
  • Scripting tools to automate routine tasks in Remedy and Blade Logic, scripting languages - JavaScript, Perl, python, shell scripting
  • Manage of information security standards (ISO, NIST) with an emphasis on NIST 800-53.
  • Varied operating systems - UNIX, Linux, Windows
  • LDAP, Networking, firewall, load balancing, Federated Identity.

Confidential, GEORGIA

Security Engineer

Responsibilities:

  • Deliver DLP implementation project including full PLM deliverables: requirementsDesign, testing, pilot and global implementation
  • Develop incident response workflow for DLP incidents as raised through DLP tool.
  • Define policy/rules for the DLP solution and refine them as DLP strategy matures. Analyze reports from DLP tool and provide metrics to management.
  • Document solutions and help documents as needed for future DLP Analysis team.
  • Creation of DLP policy, Data at rest scanning
  • Collaborate with other Information Security and IT team members to develop and implement innovative strategies for monitoring and preventing attacks.
  • Develop appropriate metrics key risk and performance indicators) to measure the monitoring program and related process.
  • Develop/Monitor basic IDS/IPS rules to identify and/or prevent malicious activity.
  • Develop and test new correlation content and use cases using SIEM filters, rules, data monitors, active lists, and session lists conduct research of emerging security threats.
  • Propose additional components and techniques that could be used to proactively Detect and prevent malicious activity.
  • Provide other services as a key member of the Cyber Security Operations Team:
  • Security review and administration of changes to networks
  • Manage various audits regulatory requirements System troubleshooting, Service management, checkpoint firewall
  • RSA /Symantec DLP, Cyber Ark PIM, Solarwinds LEM for security monitoring
  • QRADAR SIEM Rule Tuning, Custom Security Alert Creation, Custom Security Reports, Audit Support
  • Log Parsing, Log Collection and Tuning
  • Dashboard Creation, Updates, Fixes Remote Hands-On Support, Daily Reviews
  • Event Management/SIEM Management Respond to and, where appropriate, resolve, remediate or escalate reported security incidents
  • Oversee the monitoring of system logs, SIEM tools and network traffic for unusual or suspicious activity. Interpret such activity, work with other IT functions on remediation Investigate, and resolve security violations by providing postmortem analysis to illuminate the issues and possible solutions
  • Maintain logging to SIEM solution, work with security and IT team to onboard data from key applications and servers and tune/adjust logging form event sources
  • Collate security incident and event data to produce and publish exception and management reports
  • Oversee the monitoring of internal security control systems to ensure that security standards and appropriate information access levels are maintained
  • Perform or assist with regular audits on end-user accounts, permissions and access rights for all critical systems.
  • Design and manage identity and access management processes.
  • Maintain and implement role based administration program.
  • Participate in infrastructure projects to develop, plan, and implement specifications for network and distributed system security technologies in support of key information systems
  • Primary role and oversight in the management of firewalls, intrusion detection systems, switches and routers
  • Download and test new security software and/or technologies
  • Support data encryption deployments, including key management
  • Evaluate and recommend secure remote configurations
  • Design, implement and maintain segmented secure network infrastructure
  • Implement or coordinate remediation required by audits, and document exceptions as necessary
  • Perform system and application vulnerability testing
  • Participate in enterprise testing and risk assessment activities
  • Report unresolved network security exposures, misuse of resources or noncompliance situations using defined escalation processes
  • Build and maintain security dashboards, metrics and KPI’s based on business needs and requirements
  • Research threats and vulnerabilities and, where appropriate, take action to mitigate threats and remediate vulnerabilities
  • Review, assess, and mitigate penetration tests and vulnerability assessments on information systems and infrastructure
  • Monitor security vulnerability information from vendors and third parties
  • Recommend, schedule and/or apply patches where appropriate and, at the direction of Management remove or otherwise mitigate known control weaknesses, such as unnecessary services or applications or redundant user accounts, as a means of hardening systems in accordance with security policies and standards
  • Research, recommend, evaluate and implement information security solutions that identify and/or protect against potential threats, and respond to security violations.
  • Perform threat and vulnerability assessments, in some cases followed by appropriate remedial action, to ensure that systems are protected from known and potential threats and are free from known vulnerabilities
  • Ensure network security diagrams are created and maintained.
  • Support information security architectural requirements
  • Develop and maintain documentation for security systems and procedures
  • Participate in information security working groups
  • Leverage industry best practices to create, maintain, and document security baselines and standards
  • Perform security tool administration providing risk analysis of the following:
  • Vulnerability scanners
  • Security event logging & monitoring analyzers o Intrusion Detection/Prevention System (IDS/IPS) and firewall logs
  • Performs system and network security audits
  • Anti-virus products and central console

Confidential, Reston, Virginia

Network & Cyber Security Engineer

Responsibilities:

  • Provides direct support of Symantec Network and Endpoint DLP systems including Linux based Symantec Enforce, Defender, Discover and Monitor servers as well as their Oracle support database server.
  • Provide operational engineering support for Symantec Endpoint DLP clients deployed throughout the client enterprise and network monitoring/DLP monitoring systems including assisting in issue resolution, implementing DLP system/client upgrades and working with support groups to resolve conflicts between DLP and other protection mechanisms.
  • Interpret and respond to issues related to DLP activity including integrating with alerting systems, adjusting policies to support customer DLP requirements, support the customers regular and ad-hoc reporting requirements.
  • Coordinate with other organizations, both internal (CSIRT/SOC), and manufacturer support (Symantec); assist with advanced issue resolution across the enterprise.
  • Demonstrated technical experience with:
  • Symantec Endpoint Protection client
  • Symantec Enforce Server and Symantec DLP network support systems (Discover, Endpoint Protect, and Defender servers) configurations, alerts and DLP reports
  • Interpret DLP alerts and modify these policies to reflect client requirements
  • Technical writing experience: Installation/Deployment Procedures
  • Networking: Working with BIG-IP LTM, GTM, and Viprions
  • Configuring advance load balancing algorithm
  • GLB Resonate UNIX/ Linux Environment
  • Working knowledge SSL PKI, Solarwinds Log & Event Manager, Network Configuration Manager, Patch Manager
  • Implementing routing protocols including BGP, EIGRP, OSPF, IP Multicast, MPLS Nexus, 6500s, Prime, Nexus, Routing, Switching, Load balancer, Wireless .
  • Researching and recommend performance improvements for the customer’s IT network infrastructure environment
  • Evaluating existing systems and/or user needs to analyze, design, recommend, and implement system changes
  • Analyze and recommend appropriate network upgrades to support future requirements.
  • Develop key life-cycle documents and diagrams as required to support new projects including Concepts of
  • Operations, Analysis of Alternatives, requirements specifications, and design specifications
  • Design/Configure Firewalls and Load Balancer as required
  • Configure/Design remote wireless solutions
  • QRADAR SIEM Rule Tuning, Custom Security Alert Creation, Custom Security Reports, Audit Support
  • Log Parsing, Log Collection and Tuning
  • Dashboard Creation, Updates, Fixes Remote Hands-On Support, Daily Reviews
  • IDS/IPS New Generation Firewalls, Anti-virus, Event log analysis, Risk analysis for vulnerabilities, incidents and change requests, Data classification and encryption of data, Manage/perform security audits, Develop security awareness instructional material, Dhcp, Vlan, Firewall, Nat, Packet Tracing, Bgp, Load Balancers, Smtp, Dns, Vyatta Routers, Brocade Switches, Soft layer, Rhel 7, Windows Server 2012, python Programming, Arc Sight security analytics and log management

Hire Now