SKILLS:

Security Applications: RSA Netwitness/Security Analytics, Confidential Nitro ESM, Confidential EPO, RSA Envision, ArcSight, IBM QRadar, SolarWinds LEM, Rapid 7 Nexpose, FireEye Confidential, IronPort, 1DS/IPS (SNORT) WhatsUp Gold and Wireshark

Penetration Testing Tools: Aircrack - ng, Cain & Abel, Metasploit, Nessus, Nmap

Engineering Technologies: SAN and infrastructure design, ProE, AutoCAD, Mechanical Desktop 5, Mat lab 6.5, and Solid works

Database concepts: MYSQL, Sybase, MS Access, Oracle and SQL Server

Network Management tools: Cisco Works, SolarWinds NPM, CA Unified Infrastructure Management Technical implementation, Operations, Support, and Management of LAN, WAN, and Remote networks in an enterprise and data center environment

Languages: Python, Perl, Ruby, Java

PROFESSIONAL EXPERIENCE:

Senior SIEM EPO Consultant

Confidential

Responsibilities:

• Responsible for phased deployment of Confidential Drive Encryption and Removable media protection
• Collect and render metrics for status on ENS product coverage on workstations and servers.
• Create and trouble shoot VSE and ENS policies
• Trouble shoot ePO infrastructure
• Support InfoSec Ops teams with organization wide escalations concerning ePO, ENS, SIEM etc.

SIEM Engineer / Platform Lead

Confidential, Herndon, VA

Responsibilities:

• Responsible for threat evaluation, vulnerabilities detection and risk management
• Guides real-time security monitoring operations, detection, analysis, response and remediation
• Implements deep forensic analysis to aid in finding threats/suspicious activities in the enterprise
• Continual developing and revising Security Operations Center Procedures, Processes, Rules and Reports
• Communicates with clients at all levels, follows methodologies, and publishes clear, concise deliverables

Principal Information Security Engineer/ Interim SOC Manager

Confidential, Bowie, MD

Responsibilities:

• Lead security engineering life-cycle, including threat modeling, risk assessments, deriving and decomposing security requirements and integrating security into the system design, development, test and implementation
• Sustained deployment and protected Security Operations systems
• Trained Security Operations associates on security concepts and protocols
• Served as subject matter expert on security engineering processes, best practices, methodologies, and tools
• Tested and conducted Point of Contact (POC) for current and new technologies

SIEM Security Analytics/Netwitness Consultant

Confidential

Responsibilities:

• Provided data center integration, DAC storage configuration and security framework for the web portal.
• Onsite training and knowledge transfer also performed by myself as security SME.
• Performed onsite custom installation and configuration to integrate with unique security architecture
• Created custom correlation rules, modified default SIEM environment to coincide with customer security and compliance goals
• Met with customer security council to outline current use of RSA Security products and reinforce current framework and forecast future needs
• Acted as primary liaison between customer and RSA professional services

Senior SIEM Consultant

Confidential, Overland Park, KS

Responsibilities:

• Supported the migrating of three geographically diverse data center locations to RSA Netwitness Security Analytics
• Assisted with patch management, and vulnerability management
• Executed quarterly formal Health Checks, monthly software upgrades and VAM and ESU update
• Troubleshot issues with log sources or systems with vendor, and report system defects
• Managed product enhancements- tested and evaluated optimal solutions

SIEM Security Analyst

Confidential, Hanover, MD

Responsibilities:

• Completed vulnerability assessment and scanning, internal and external security audits
• Launched and developed use cases, content building, analyzed security event data, created filters, and event correlation and SIEM tuning
• Developed custom SIEM interface content-dashboards, data monitors, active channels, correlation rules, filters, and reports
• Established and managed remediation plans based on the SIEM Prioritized Approach method
• Designed Security and Network Architecture and established standards by analyzing data flows to minimize scope, that included centralized logging, intrusion detection, access control, vulnerability scanning and firewall solutions

Managing Partner/ Instructor

Confidential, Baltimore, MD

Responsibilities:

• Founded and structured custom training company providing premier information security solutions and consulting services focused on penetration testing, Cisco design architecture and unified communications
• Partnered with clients to assess IT training needs, program gaps and digital weaknesses and create personalized packages to ensure successful attainment of objective
• Functioned as Training and Operations Manager; logistics, curriculum construction and execution; forming performance & quality standards; process for client communication and feedback to ensure satisfaction
• Director of Business development; Developer of Marketing and Brand Management; print, web, products and Strategic Partnerships

IT Consultant/ Training Manager

Confidential, Chicago, IL

Responsibilities:

• Coordinated training and consultation services
• Supervised induction to trainers for new contract acquisition and development
• Supported security pen testing, vulnerability assessment and identified solutions