We provide IT Staff Augmentation Services!

Manager Cyber Security Engineering Resume

Owing Mills, MD

SUMMARY:

Serving in the role of an Architect, I shape client’s vision and strategy developing highly advance or leading edge technology solutions and concepts. 20 years of experience as a NOC/SOC engineer with over 15 years devoted to developing automation, managing network performance and audit security compliance and/or health of the enterprise. My key responsibilities are to own the technology and deliver the products and provide consistent service meeting executive plans for IT strategies for multiple service technologies to improve the organizations reliability and to meet agency standards or laws.

TECHNOLOGY EXPERTISE:

Operating systems: Windows 3x/9x/NT/2000/XP/Win7 & 8/2003/Vista/Server2008/2012, Virtualization: Citrix, CheckPoint, Hyper - V, VirtualBox, VMware, Red-Hat (RHEL), IOS, JUNOS TMSH, RMON, Fedora,, CentOS, AWS/private cloud automation and Linux/UNIX/ Ubuntu - AIX - OS

Software: Bootstrap, iApps, VersionOne, TCL, Thycotic Secret Server, Regex, Hudson/Jenkins, HP Service Manager, Tufin, NetScout Preformance Manager, FireEye, SevOne PAS, TippingPoint IPS, What’sUpGold, Spectrum, Solarwinds NAC/NPM, Spirent, F5 BIG-IP Chassis, LTM/GTM - ASM, APM, SiteMinder, Nagios, ICINGA, SourceFire Security Center, SecurityCenter ACAS/Nessus, BlueCoat, Network Protocol Exchange 5.5 & 2003, AmberPoint, WebSphere, NeXpose, Metasploit, WebSense Triton Management, SNORT, Splunk, Lotus Notes, Citrix VDI, NetScaler, Oracle, PostgreSQL (EDB), Apache2, Python5, Puppet, GitHub, HTML5, CSS, Amazon Web Services (AWS), Weblogic Elastic Load balancer, Web application servers WebSphere, Apache, Weblogic, SOA, MSSQL, UDB Net, Java based Technologies, Java, EJB, JSP, JDBC, JMS, Kerboros, PKI, XML, WSDL, Web Services, Ant, and Spring Framework, Microsoft Office 97-2007/2010 Pro, Visio 2003-13, MS IIS Server, Immunet3, clamAv, Norton Anti-Virus, McAfee ePO Anti-Virus, Ghost Suite, Partition Magic, DameWare, OCS 2007/2010, SameTime, OnTap NETAPP, VMware, Virtual Box, Hyper-V, NetBackup, Backup Exec, Altiris Deployment & Recovery Solution, SCCM 2005/2007/2012 , Wise, Entrust, Oracle 5/8i/9i/10g, SQL, MySql, SharePoint 2000/2007/2010 , Palo Alto Panorama, Cisco IOS, ePolicy Orchestrator (ePO), HBSS, IDS, Hercules, Retina, GoldDisk, CMRS, WSUS, SharePoint & Project 2003/2007/2010 , Windows Workflow Foundation, Exchange 5.5/2003, Credent, BitLocker, MoblieArmor, AnyConnect VPN/ Confidential /ASDM, Nmap, SCCM 2005, MS Project 2003-2012, Zoneminder, OpenVAS, Chef

Network Protocols: NIPRNET, SIPRNET, LAN/WAN, TCP/IP, IPX/SPX, TELNET, Intranet, HTTP, HTTPS, SSL, TLS, Proxy ARP, NWLINK, NETBEUI, WINS, DNS, DHCP, POP3, RSA, SMTP, SNMP, FTP, SFTP (active/passive), TELNET, VPN, ICMP, RIP, VLAN, OTV, VCP, VRF, VTSP, VCDX, NAT, IGRP, RIP, OSPF, BGP, EIGRP, MPLS, IS-IS, TFTP, LDAP, BIND v8.x, IPX/SPX/NetBIOS, AppleTalk, RMON, OSI, IOS11.3 - latest, IOS (Hybrid), CatOS, DOS, Frame Relay, T-1, T-3, DS3's, Ethernet, L2/L3 Switching, L3/L4 x-Forwarder, ICMP, TCP, UDP, TACACS+, RADIUS, NAT/PAT, ACL, DMZ, VTP Spanning Tree, 802.1q, ARP, IP, PPP, ARP, RPC, SMTP, SNMP& Token Ring Protocols

Hardware: SevOne, SourceFire IPS, ExtaHop, nGenius NetScout Appliances and Probes, Riverbed Steelhead, F5 Confidential ASX/CSM 6400, 4000, 1600 - APM/GTM/LTM/VIPS/load balance, Vipron, Gigamon, Brocade, Aruba, IBM compatible PCs, EMC VPLEX, NETAPP, Quantum Tape Library, Symantec 5230, handheld devices: Droid, Blackberry, iPhone and Windows, Dell/HP BladeSysytems and IBM eServers, Sun, Bluesocket, TACALANE, KG-340, KIV-7, KIV-19, Juniper NSM, Netscreen EX42XX, EX82XX,SRXXX, Cisco Call Manager CUCM, Cisco Unified Comm (UCS) routers/switch ASR1004, 25XX, 4XXX, 5XXX, AS5300, 72XX, 37XX, 35XX, Cisco Nexus 6001, 7010, 5000 Catalyst switch 65XX series w/MSFC, Cisco Managed Switches 3750 G/X, 3550, 3650, 3925 Cisco ASA, Confidential, Palo Alto 500/3020, CNS Network Registrar 6.x, Cisco Content Service Switches, Cisco CSM, 11xxx series, Gigabit Ethernet, 3-Com, Bellair, ATM, LAN, WAN, Broadband, Bridges, Concentrators, DSL, Fluke LAN Meter, Voice/Data VLANs, AVVID, VoIP, IP Phone 7XXX/6XXX, Unity, QoS, Aironet wireless, AAA, Wiring/Cabling Standards, Motherboards, Memory Chips, IDE/EIDE/SCSI/SATA Hard Drives, SCSI Controller, LTO3/4 Tape, iScalar 500, BizHubs/MFP Scanner and Modems

PROFESSIONAL EXPERIENCE:

Manager Cyber Security Engineering

Confidential, Owing Mills, MD

Responsibilities:

  • Cyber Lead that provides subject matter expert experience designated to a solution focus in areas such as engineering, forensics, policy governance and in a large range of security projects dealing with SIEM architecture, routers/WAN devices, firewalls, load balancers, cloud-solutions (AWS/SalesForce/cipherCloud), and application development.
  • Responsible for directing or lead modifications of the network infrastructures, developing implementation plans and creating documentation or detailed plans to implement Confidential operational standards and are consistent with security requirements and vendor best practices.
  • Manage performance of the Cyber Ops team and plan the budget for day-to-day expenditures, short and long term goals.
  • Expert understanding of network design of SIEM tools, access control, and strong analytical and problem solving skills. Extensive knowledge of ethical hacking techniques and counter attack methodologies and familiar with security tools for wireless and network scanning applications, vulnerability assessment of applications such as WhiteHat Sentinel, Rapid7, etc,.
  • In depth understanding in multiple areas of Information Security from hands on experience networking (TCP/IP, OSI model, network protocols), operating system fundamentals (Windows, UNIX, mainframe), security technologies (firewalls, switches, routers, IPSEC, IDS/IPS, etc.), voice technologies (session border controllers, MPLS, VOIP, etc.), authentication technologies, (TACACS, RADIUS, etc.), wireless architectures, encryption key management, and mobile device technologies. Also, knowledge of vulnerability scanning and assessments, risk management, PCI, HIPPA, NIST, DIACAP/RMF, privacy assessments, incident response, security policy creation, enterprise security strategies, and governance and the ability to quickly and effectively learn Cyber Security Operation tools in a large, complex multi-platform environment to support Cyber Security Operation Center and Information Security.
  • Developing a long term roadmap to migrate ownership of many services from their current state to a more responsive architecture appropriate to a healthcare focused enterprise.
  • Manage the day-to-day configuration and installation and/or maintenance of security products. Implement necessary enhancements/updates/upgrades to existing security products through change control. Where possible, suggesting and implementing possibilities to automate manual operational activities with security appliances such as SourceFire IDS/IPS, F5 Confidential (LTM/ASM/APM/FirePass) and Cisco Load Balancers, Palo Alto firewalls, Gigamon, FireEye and Bit9/Carbon Black’s dynamic malware protection against advanced cyber threats, such as advanced persistent threats and spear phishing, QRadar, CyberResponse application to handle incident workflows and log analysis, SolarWinds, Sophos, and Splunk to monitor antivirus and node level alerts, and Blue Coat SSL Inspection and InFoBlox for web application security monitoring at host and enterprise level of the stack.
  • Represent Security Operation Center in disaster recovery procedures and exercises. Ensure the enterprise is protected and secured in the following areas: Identity and access management, provide data protection (through the use of technologies such as whole disk encryption, end-to-end e-mail security, public and private key management, data leakage prevention, web applications and source code security, database security, etc.), Network devices and infrastructure, desktop/mobile devices and remote access to the network, Information governance to ensure data is managed based on its sensitivity, information security policies, guidelines, and standards, Information governance through Perform day-to-day maintenance and address issues and problems associated with security tools.
  • Provide engineering support by assigning Cyber Security Operation staff in carrying out its’ assigned functions and responsibilities to maintain the Confidential VPNs, Access Policy (APM), Application Security (ASM), Internet proxy (BlueCoat), off-hours support and problem resolution as directed by departmental requirements, service level agreements and internal support procedures, assistance with audit issues and concerns affecting the Information Security department.
  • Serve as lead cyber security specialist, forensic investigator, cyber architect, security network engineer, information security coordinator/project manager and as a contributor to cross functional teams for deployment and support of security specific infrastructure to provide fidelity throughout the Confidential enterprise.
  • Provide updates on projects and staff related task status to the Director ITOps daily.
  • Manage a team of technically diverse personnel of senior, junior level security specialists, various analysts, and contractors that focus on forensic investigations and analyzing data points from various security tools.
  • Negotiates and manage vendors and arrangements such contracts or managed servicer providers (MSPs) providing 365 x 24 operational support for Security Cyber Operations Center.
  • Streamlined the periodic compliance reviews of appliances, routers, IPS/IDS, and firewall configurations by integrating several management products into one (Solarwinds) and setting up multi-factor authentication inline with RADIUS tokens and client certificates. This provides a better method to monitor access of partners to the Company, evaluated access (System Administrators), and associates.
  • Manages portfolio and team performance using various metrics such as reliability, availability, compliance, responsiveness and knowledge in operational area.
  • Performing security governance through the design and implementation of security policies, procedures, guidelines and standards to maintain the confidentiality, integrity and availability of information systems and data. Design, and implement security solutions to monitor the efficiency and effectiveness of security operations, controls and infrastructure. Test and integrate security solutions to address enterprise risks and exposures. Report on new technologies and security concerns through the security vulnerability assessments and technical subscriber feeds from vendors.
  • Interact with other technical and operation support service teams to develop tactical and strategic programs to address processes, controls, organization and infrastructure to manage information security related concerns and satisfy directives.
  • Properly interpret business and technical requirements into security solutions and designs that are consistent with the current information security architecture and implement and assist in enforcement of company security policies.
  • Provide Information Security related recommendations regarding Confidential infrastructure components (communications network, physical security, data access, computer hardware/software and data confidentiality, integrity, and availability).
  • Maintain familiarity with state of the art concepts, procedures, software and techniques in Information Security in order to be able to effectively assess and develop the Confidential Information Security environment.
  • Direct the continuous and secure operation, administration and maintenance of current and new Confidential systems and applications, including changes to existing applications/systems, to assure compliance with Information Security policies and standards.
  • Apply creative thinking in problem solving and identifying opportunities for improvements in security. Document results of system and application reviews including corrective action taken and security related documentation.

Enterprise Solution Architect

Confidential, McLean, VA

Responsibilities:

  • Senior Engineer that provides hands-on troubleshooting, analyzes policies and devices, develops network technical design documents for planning and solutions for all lines of business throughout the company to include but not limited to F5 Confidential Viprions and devices (GTMs, LTMs, and Enterprise Managers), Check Point Firewall, L2 equipment, applications (OS, layer 7, and presentation software), private and AWS cloud environments. Responsible for creating or editing the existing network infrastructures, developing implementation plans and creating documentation and the scripts that implement Confidential standards and are consistent with security requirements.
  • Communicate with the associate staff; contractors or project status(es), internal and external vendors to establish agreements to inter-connect through VPN, MPLS, or other circuits to provide connectivity to share or collaborated development and production efforts.
  • Provide technical leadership and guidance to junior personnel in Advanced Persistent Threat (APT), Endpoint & Server Protection (real-time visibility, detection, response and prevention throughout the enterprise) and ENT Identity Management (i.e., single sign-on SSO).
  • Managed stories as a scrum leader and a network technical integration lead ensuring customer shared in the design and validation decision as well as allowing the engineers work on tasks with more cycles.
  • Network Engineer that designs, builds or operates equipment configurations including network hardware, software, servers, or server operation systems and implements network security controls (system communications and malware protections) for edge, DMZ, and internal boundary protection devices to limit risk (i.e., IAVAs/patches, Antivirus, Incidents, etc.) with proven best practices approaches.
  • Coordinate change reviews, installation, code reviews of new equipment for 5 sites. Coordinate network operations, maintenance, repairs, or upgrades. Daily operations include: manage core VLANs and ACLs, perform backups of DMZ devices, analyze Hadoop reports and configure client remote users/sessions, firewall (Juniper SRX, ASA, and Checkpoint) policies, L2 devices, applications (i.e., VMWare, Apache), and identify potential issues with tools (i.e., Solarwinds, Spunk). Monitor riverbed devices, load balancing (Cisco ASR and F5 LTM/ASM) designing iRules, iApp, installed SSL certificates.
  • Review existing Sourcefire code and devices and report misconfiguration issues to operations center. Deployed Sourcefire Defense Center (3D c5.3+) and registered firewall. Developed documentation for SourceFire system implementation, upgrades and tuning across multiple data centers and network ingres/egres points globally.
  • NOC/SOC Responsibilities included configuration management, change management, response to ticket requests, weekly performance review and recap, AGILE (VersionOne) development, recommendations on architecture and building architecture as well as purchasing hardware, software, change management process for NOC layouts updates, break/fix and installs.
  • Responsible for daily change reviews include monitoring systems for potential vulnerabilities that may result from improper system configuration, hardware or software flaws, or operational weaknesses.
  • Design role include updating or creating enterprise architecture, installation or testing of applications, systems (virtual and physical), routers, firewalls, IPAM - IP/DNS, and switches for client development and to enhance security posture.
  • Design, organize, and deliver product training, skill transfer, or product education sessions for team members and other staff as well guidance and recommendations on how to improve security posture as a whole.
  • Provide internal / Confidential training for SSL and firewall management to network and security engineering teams for PCI, HIPPA, and other standard regulations
  • Assist with architecture or design review of security infrastructure planned throughout the enterprise for each data centers.
  • Rack, install, license and configure network components including Next-Gen firewalls with custom access and IPS policies in inline mode

Cyber Network Defense Architect

Confidential, Linthicum, MD

Responsibilities:

  • Senior Network Engineer provide analysis, design, planning and solutions for a high visibility project to aggregate and automate the collection of data from applications residing on different domain classifications of Department of Defense networks and make available to authorized organizations. Responsible for reviewing the existing network infrastructures, developing implementation plans and creating documentation for the execution and integration of technological solutions.
  • Negotiated with vendors to obtain an upfront savings to the client of $1.6 Million.
  • Design, test, and inspect data communications systems, malware protections, and auditing mechanisms to alert and perform continuous monitoring of data center components.
  • Install hardware such as cables, switches, routers, servers/blades, and wireless adaptors to perform enhancements or product integration initiates.
  • Provide technology roadmaps for staff and designers of associated networks.
  • Adjust network size to meet current and future capacity demands on network, cooling and power upgrades, and provides improvements to sustain 99% network availability project.
  • Communicate with customers, sales staff, operations, cyber security, legal or marketing to determine specific network hardware or software requirements, such as platforms, interfaces, bandwidths, port density, storage, or routine schemas.
  • Network Engineer that Design, build or operate equipment configurations including network hardware, software, servers, or server operation systems and implements network security controls (system communications and malware protections) for edge, DMZ, and internal boundary protection devices to limit risk (i.e., IAVAs, Antivirus, Incidents, etc.) with proven best practices approaches.
  • Analyze business requirements to develop technical network solution and their framework to support 15+ customers of the cyber defense network systems architecture design, and functional planning
  • Monitor the network via SEIM, ArcSight, VirusScan Engine and other tools to take appropriate action based on malware detection, alerts and severity levels.
  • NOC/SOC Responsibilities included project management, response to ticket requests, weekly performance review and recap, AGILE development, recommendations on architecture and building architecture as well as hardware, software, NOC layouts, computer forensics (IT technology, computer science, and engineering), break/fix and installs.
  • Design role include updating enterprise architecture, installation or testing of applications, systems, routers, firewalls, and switches for client development and to enhance security posture. Design, organize, and deliver product training, skill transfer, or product education sessions to staff or supplies.
  • Mange a resource of 20 contractors and vendors. Architected convergence of five internal networks with an external community, (1) voice networks into VoIP, (2) Fiber NIPRNET/SIPRNET and Private dual ISP (2) network: 7 U.S, 2 international. Private and sneaker nets that had previously been separate networks are now back-hauled to interconnect using attribute base access control (ABAC) solution, identity management (Oracle), PKI/PIV card reader authentication to applications, tokens and other cryptography mechanisms.
  • Network architecture and installation for various technologies such as Narrowband, ATM, SONET, IP, xDSL, DWDM, FlexPod (HP, NetApp, and Cisco appliance), VMWare, Solarwinds, Fortinet, SourceFire, F5 LTM/ASM, Splunk, GitHub, JUNIPER, Cisco NEXUS, and other emerging technologies.
  • Authored security and project support documents such as: a scope of work, work breakdown structure (WBS), RMF security controls (18 families - 135 documents) SOPs, System Security Design (SSD), System Security Plan (SSP), SAR, Security Compliance Traceability Matrix (SCTM) - 360+ security controls, and request for proposal (RFP). Performed vendor negotiations, bid analysis, bid evaluation, and contract award.

Senior Network Engineer

Confidential, McLean, VA

Responsibilities:

  • Provide in-depth support for existing local-area/wide-area network (LAN/WAN) infrastructure, centered on MPLS and VPN WAN based solutions.
  • Establish configuration and policy standards utilizing management platform or CLI (command line interface) for existing Cisco ASAs/PIX, IDS and Nokia/Checkpoint NG firewalls. This includes knowledge of where to place rules/filters, as well as knowledge of correcting conflicting rules/filters in the policy. Interactive with operations personnel to implement network management criteria and security controls.
  • Configure, deploy, optimize, and monitor firewalls, routers, switches, proxies, security information and event management systems, intrusion detection systems, vulnerability scanners, multi-factor / strong authentication technologies, RADIUS/TACACS+ servers, and logging servers.
  • Administrate Wireless LAN Access and privileged access to routers, switches and firewalls for network devices utilizing TACACS as their authentication method.
  • Support network products through their life cycle; changes, upgrades, decommissioning.
  • Provide network analysis using traffic capture engines (Wireshark, and Sniffer).
  • Provide in-depth support for information security incidents including internal violations, hacker attacks, viruses and system outages.

Senior Network Manager

Confidential, Alexandria, VA

Responsibilities:

  • Responsible for maintaining PBS’s WAN (L3) hardware (routers, switches, firewalls, ACE, WAN optimizers, NAC, IPS, Video Teleconferencing, VPN and PBSs as well as network related services (DNS and DHCP) and network monitor tools.
  • Plan, design and implement network upgrades and changes by following Change Management and best practices procedures
  • Use experience with upgrading code on network devices, create design documents, network Visio diagrams, and peer review other designs as needed.
  • Mentor other junior NOC/SOC engineers to the processes, procedures, and Technologies that are in use.
  • Support of Service Level Agreements (SLAs): Configure and activate patched and unpatched ports, meeting all Service Level Agreements in place.
  • Provide add, move or change VLANs with strong working knowledge in switching (L2) elements: VLAN's; trunking (802.1q and ISL); Aggregation (EtherChannel, FastEtherchannel) and VOIP/SIP.
  • Update configuration and IOS software to network elements.
  • Create, review and update service request (Remedy and HD Authority) tickets according to established Standard Operating Procedures (SOPs).

Senior Network Engineer

Confidential, Washington, DC

Responsibilities:

  • Performed ongoing network maintenance, diagnostics, administration and design for 1,000+ nodes for multiple environments.
  • Supported F5 technologies writing iRules and managing SSL certificates for public web servers through VIPs.
  • Troubleshooted network related issues and administers ASA firewalls, VPN firewall appliances, SourceFire IPS systems Nexus 7010/6000 switches, ASR 1000 routers, Riverbed WAN optimization, F5 Confidential (ASM/LTM/GTM) load balancers or ADC’s, Cisco VTC and TACACS including Infoblox DNS, DHCP, web, data filtering services.
  • Worked with Confidential support staff to provide prompt resolution of staff network problems and requests administers.
  • Collaborated with Windows, Storage, UNIX and application development teams to determine technical requirements.
  • Worked with security teams to ensure that all network components are PCI compliant.
  • Worked with ISPs to ensure reliable Internet connectivity, and performance.

Network Architect

Confidential, Adelphi, MD

Responsibilities:

  • Responsible for understanding, configuring Cisco (ASAs/ routers) and Juniper NSM architecture, security and designing of computer networks, including local area networks (LANs), wide area networks (WANs), the Internet, intranets, voice systems and other data communications systems from a network perspective.
  • Creates tests to evaluates and analyze network, Differentiated Services, routing protocols, network capacity management, VLAN configuration, and IPv4, IPv6, VoIP (SIP), SNMP, RMON protocols.
  • Develop technical network solutions through DNS, SMTP, HTTP, SCP, TFTP and SNMP framework to conduct scheduled maintenance, implement or manage wireless networks with site survey, access point configuration, or station authentication schemes for CAC and RSA tokens.
  • Determine specific network hardware or software requirements to operate diverse platforms (Cisco, Juniper, Brocade, UNIX, Windows, etc.), interfaces or bandwidths (Ethernet, FE, GE, 10GE, etc.), or routine diagrams to outline schema (Data flow, service hierarchy, etc.), OOB servers and single sign-on (SSO) solutions.
  • Solution design of IP networks including technologies such as BGP and OSPF routing, L2/L3 switching, server load balancing, QOS, MPLS, network security and enterprise network monitoring.
  • Evaluated network designs to determine whether customer requirements are met efficiently and effectively.
  • Monitored and analyzed network performance (Cisco NAM, Solarwinds, Spectrum, Scutlizer, etc.) and data input/output reports to detect problems (, identify inefficient use of computer resources, or perform capacity planning.
  • Implemented in network technology upgrade or expansion projects, including installation of hardware (Palo Alto, WebSense, Spirent, etc.) and software and integration testing
  • Development of architectural strategy, including technology standardization and modernization of enterprise, data center and disaster recovery network infrastructures.
  • Designed and supported DNS, DHCP and IP address management; Infoblox, Blue Coat networks; network security technologies including firewalls, IPSec and SSL VPN, RADIUS/TACACS, network intrusion and detection, DDOS mitigation, network access control and web content proxy/filtering.
  • Enrolled operational & engineering team members in strategy and business goals, by interfacing at a technical level.
  • R&D advanced technologies to enhance & evolve core network infrastructure used across systems and services.
  • Stayed current with developing technologies and predict impact of changing technologies for next generation data centers, cloud computing including technologies such as network virtualization, unified communications, IPv6, and hands-on knowledge with Cisco Nexus products.
  • Wrote reference and/or solution architectures and strategic roadmaps for network and network security technologies, various infrastructure initiatives for operational segments, passing all industry tests and internal and external audits.
  • Investigated and generated recommendations on key third-party components, such as network and security infrastructure technologies, necessary to implement solutions.
  • Solution design of IP networks including technologies such as BGP and OSPF routing, L2/L3 switching, server load balancing, QOS, MPLS, network security and enterprise network monitoring.
  • Evaluated network designs to determine whether customer requirements are met efficiently and effectively.
  • Monitored and analyzed network performance (Cisco NAM, Solarwinds, Spectrum, Scutlizer, etc.) and data input/output reports to detect problems (, identify inefficient use of computer resources, or perform capacity planning.
  • Participated in network technology upgrade or expansion projects, including installation of hardware (Palo Alto, WebSense, Spirent, etc.) and software and integration testing.

Hire Now