↵

PROFESSIONAL SUMMARY:

• Information security engineer and Military Veteran with a Secret Security Clearance and 10 years of proven experience in information technology.
• Accomplished measurable results while establishing and implementing security for various sized IT programs and leading teams in a dynamic, fast - paced environment.
• Possess a comprehensive background in information security and network design derived from conducting domestic and global operations in the middle east.
• Managed risk upon multiple lines to protect assets, property, and equipment valued over $25M while meeting the expectations of senior leadership.
• Possess extensive knowledge in penetration testing and governance, risk management, and compliance.
• Recipient of multiple s for outstanding performance and professionalism.

TECHNICAL EXPERIENCE:

• Linux, Unix, Microsoft, Cisco IOS, JunOS, macOS, iOS, Android, ChromeOS, VMware ESXi, Docker, Kubernetes
• TCP/IP, SSL, TLS, SSH, IPSec, LAN, WAN, Ethernet, HTTP(S), DNS, NetBIOS, NTP, FTP, SMTP, SNMP, SMB, SAML, Kerberos, X.509, RADIUS, LDAP, syslog
• Symmetric/Asymmetric Encryption, Cryptography, Encryption, Diffie Hellman, PKI, RSA
• Bash Scripting, C, C++, HTML, JavaScript, Python, PowerShell, SQL
• NIST Special Publications/Cybersecurity Framework, Penetration Testing Execution Standard (PTES), HIPAA, GDPR, GLBA, SOX, PCI-DSS, TOGAF, CIS Top 20 Benchmark, DISA STIGs, FISMA, FedRAMP, ITIL v3, OWASP Top 10,
• Intrusion Detection/Prevention Systems (HIDS/NIDS, Cisco, ) (ISS, Forcepoint), Host Based Security Systems/ Endpoint Security (McAfee, Symantec, Sophos, Sentinel One), Routers/Switches/Firewalls (Cisco, Juniper, HP), Web Content Gateway/Security (Forcepoint, Checkpoint, Cisco), Email Gateway Security (Proofpoint), Web Proxies, Content Filtering, Bluecoat, Anti-Malware,, Websense, SIEM, Splunk, SAN Nessus, Nexpose, Metasploit Retina Wireshark, NMAP MS Office, Exchange, Apache, IIS,Twistlock, Forcepoint (websense), (Knowbe4, gophish, kingphisher, SET,(social engineering), burp suite, acunetix, netwrix, carbon black protect (application whitelisting), Sentinel One (next gen malware), (Sophos, bit locker (disk encryption), White hat SAST/DAST tool, Scrutinzer, Kali linux, CASB, SaaS, PaaS, IaaS, Private Cloud., UML, DLP, IAM, Policy Configuration, ISO, BCP, DR, Risk Assessment, Compliance, GRC, Digital Forensics, DRM SOC, Vulnerability Management, Enterprise architecture, Compliance, Cloud Security

PROFESSIONAL EXPERIENCE:

Confidential, Irvine, Ca

Security Engineer

Responsibilities:

• Established and developed global enterprise Vulnerability Management Program, which included implementing patch management processes by working with various stakeholders and business unit owners and gaining buy-in from senior management.
• Support a technically diverse environment consisting of various cloud service providers and microservices architecture by implementing security best practices and system hardening controls.
• Lead security analyst part of blue team operations which duties include log reviews, threat hunting, and incident response; as well as assigning resources.
• Developed and led the Security Awareness and program by developing policies, standards, and procedures; performing monthly cyber threat emulations and phishing campaigns which reduced the phish prone rate of the entire company by 10%; and establishing a curriculum based on the OWASP top ten.
• Coordinate and integrate the use of SAST/DAST tools to review and monitor various web applications/microservices for potential vulnerabilities and/or weaknesses that could be exploited for privileged level access.
• Craft and review various custom scripts and tools to use for various business cases such as vulnerability management, systems configuration, and network management.
• Stay informed and updated on current threats and vulnerabilities through various sources of information such as threat feeds, twitter, and podcasts.

Confidential

Security Systems Engineer

Responsibilities:

• Advised externals customers to better help understand, organize, and document their information security architecture and develop roadmaps for optimization around regulatory compliance.
• Developed strategic partnerships and relationships with numerous security vendors by collaborating on technical roadmaps to improve the security practice’s capabilities.
• Facilitated and coordinated internal/external penetration testing efforts, quarterly PCI-DSS security assessments, and ensured reports were delivered on time and customer SLAs were met.
• Analyzed various security architectures with the goal to optimize and align security tools with business objectives and reduce vendor management costs.
• Develop security policies, standards, and procedures for the security team’s research lab and practiced numerous red team exercises to obtain root level permission.
• Research current and emerging security attack vectors and threats to better identify security related deficiencies and develop proper solutions to reduce and mitigate risks within business processes and operations.

Confidential, San Diego, CA

Information Technology Test Engineer

Responsibilities:

• Lead test engineer ensuring projects met customer requirements and were compliant with DoD standards and regulations.
• Managed vulnerability remediation on software and network configurations based on results from tools such as Nessus, Retina, NMAP, and Wireshark to ensure engineering solutions met all government security guidelines.
• Reviewed technical documentation for any discrepancies or errors prior to being published for government use.
• Extended remote access capability to off-site engineers by establishing VPN IPsec tunnels leveraging PKI s for access control management.
• Initiated collaboration efforts with other business units to resolve issues ranging from network configuration, vulnerability/patch management, and software changes/bugs; establishing a strong rapport within the team.

Confidential, San Diego, CA

Cyber Network Operator

Responsibilities:

• Led, trained, and mentored Marines on the usage of specialized IT equipment; conducted quarterly performance evaluations; oversaw their daily work performance; and maintained technical and physical qualifications.
• Managed the operation of computer hardware systems, including coordinating and scheduling the use of computer terminals and network devices to ensure efficient use in a dynamic environment.
• Led the deployment of various tactical local area networks leveraging Cisco routers and switches to support mission critical communication between operating bases; earned letter of commendation for professional services.
• Accounted for over $25M worth of IT hardware including but not limited to routers/switches, computer system, printers, and other network and computer peripherals.
• Lead technical engineer responsible for organizing mission critical 24x7 Network Operations Center (NOC) that consisted of configuring and troubleshooting layer 2/3 protocols such as EIGRP, OSPF, STP, VTP, HSRP, & VRRP.