TECHNICAL SKILLS:

Sourcefire Defense Centers and Sensor Engineering, Fireeye, HP Tipping Point, Suricata, Mandiant Incident Response, Snort, Nessus, Nmap, Metasploit, Metasploitable 2, Kali Linux 2, Backtrack 5AirCrack, Burp Suite, Telerik Fiddler, OWASP Top 10, Confidential AppScan, OWASP ZAP, HP DAST Webinspect, Client Fortify, SonarQube, SIEM tools management, and Architecture, Splunk, McAfee ESD, Confidential Qradar,HP Arc sight, Bluecoat, Websense, Netwitness, RSA Security Analytic Event Log Correlations and Analysis, Network Forensics & Incident Response, Tripwire, Unix and Linux administration, Nikto Web Server Scanner, Netsparker, VMWare, Vsphere, ESXi, Virtualization, IDA Pro, ASA Firewall ASDM, Palo Alto, PFSense, Chef Automation tool, Check Point Firewall ADM, IPS/ IDS, Cisco Routing and Security Configuration, Cisco Switching and Security Configuration, Zscaler cloud Proxy, Cisco ScanSafe, Nexpose, Trustwave, PenetrationTesting and Vulnerability Assessment, Risk Assessments, Core Impact, Found Stone, EnCase7, Wireshark Packet Analysis, Tcpdump, Log Analysis, EUREKA, Anubis, Malwr, Trend Micro Officescan, GFI Langaurd, Qualys, Retina, Threat Expert, Alien Vault, Visual Threat, Virus Total, Network Monitoring, HEAT and Remedy ticketing systems, Log Management, US Citizen and Security Clearance Eligible.

EMPLOYMENT HISTORY:

Confidential, Lanham, MD

Sr. Security Analyst

Responsibilities:

• Raw data and log analytics using UNIX command line to pull, sort, parse, and manage data logs.
• Vulnerability Assessing, Web app Pentesting, and Network Pentesting. (Cobalt Strike, Burp Suite, Nessus Kali Linux, Metasploit)
• Document Findings for Proof of Concept, follow industry standards like Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM), and National Institute of Standards and Technology (NIST).
• Use Knife command line tool to create, modify, and update Cookbooks (Chef Config Files) to update Chef servers with system patches and updates.
• Presented findings to Engineering, Software, and management teams. Develop an action plan to mitigate threats and vulnerabilities.
• Use EnCase 7 to perform network Intrusion case forensics and analysis.
• Operate in a 24/7/365 CSIRT SOC that monitors and responds to Cyber & Information Security incidents.
• Use Scripts and LINUX commands to parse DNS, FIREWALL, EMAIL, PROXY GATEWAY, WEB, IDS/IPS, ENDPOINT PROTECTION, & SERVER logs for alerts and for analysis of incidents.
• Use some tools to aid in analysis; QRadar and ArcSight SIEM, Symantec Endpoint Protection AV, Sourcefire - SNORT IDS, RSA Security Analytics- Netwitness, Wireshark, Palo Alto and ASA firewalls, Virus Total, etc.
• Use Confidential proprietary ticketing and documentation systems to track and manage high-level and low-level cases and escalations.

Confidential, Annapolis Junction, MD

Penetration Tester

Responsibilities:

• Assess client-side, virtual networks, physical networks and web-applications for vulnerabilities and security flaws.
• Project supporting the Confidential and create executive and technical reports of penetration test results.
• Did Regular Expressions, Parsing, Scripting (BASH and Python) and Network/Web-App penetration testing as well as Automated and Manual Tests using Kali Linux 2 suite and Core Impact.
• Use Core Impact to run Network, Client-Side, and Web Application Penetration Tests on targeted systems
• Perform security scans and tests for development projects that would include security design reviews and blackbox/graybox Security assessments and Penetration Tests.
• Specifically performed Network, Client-Side, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST) and Penetration tests using BurpSuite, OWASP ZAP, and Fiddler.
• Use Kali linux, Metasploit, Nmap, AirCrack-ng, Nessus, Nikto, and Hydra to perform Reccon, Enumeration, and Network based attacks and exploitations. Used Exploit-DB to stay up on latest exploit packs.
• Used open source technologies to conduct research for improvement upon the client's security postures.

Confidential, Canton, MD

Principal IT Security Engineer

Responsibilities:

• Architect, Engineer, and fully develop and manage QRadar SIEM from the ground up.
• Import ALL Log Sources, Logs, email groups, Access Controls, and License for Confidential QRadar, configure the XGS remote syslog to send events to QRadar from the SiteProtector Console and Local Management Interface.
• Map high-level security, and privacy needs into requirements
• Enforce security standards into existing code and run automated code review and mitigation through HP Fortify.
• Use Splunk and QRadar SIEM systems for Big Data parsing and investigating incidents and log correlation.
• Use Knife command line tool to create, modify, and update Cookbooks (Chef Config Files) to update Chef servers with system patches and updates.
• Review and monitor applications for security leaks
• Perform security scans and tests for development projects that would include security design reviews and blackbox/graybox Security assessments and Penetration Tests.
• Specifically performed Network, Client-Side, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST) and Penetration tests using BurpSuite, OWASP ZAP, and Fiddler.
• Use Kali linux, Metasploit, Nmap, AirCrack-ng, Nessus, Nikto, and Hydra to perform Reccon, Enumeration, and Network based attacks and exploitations. Used Exploit-DB to stay up on latest exploit packs.
• Configure, Engineer, Architect and maintain various security devices and software.
• Work in a Unix/Linux and Windows environment behind Kernel Shell and Powershell.
• Configure and maintain various security products including, SIEM, Anti-virus, IDS and DLP
• Code in Python and BASH to demonstrate proof-of-concept exploits of identified vulnerabilities that will be utilized for future builds and standards
• Schedule and coordinate activities with our Stakeholders, Software Development teams, Project
• Managers, Lead Engineers and Managers in planning, execution, and mitigation of identified vulnerabilities.
• Work with the legal team to support various industry standard compliance initiatives critical to the organization's information privacy.
• Develop and support the best practice methodology for policy assessment and security awareness training to IT application developers.
• Maintain PCI-DSS and FISMA compliance throughout various systems and networks.
• Conduct risk- assessments on said systems and networks. Perform web-application and network Penetration tests for QC and Production.

Confidential, Columbia, MD

Sr. Security Analyst

Responsibilities:

• Continuously monitors levels of service as well as interprets and prioritizes threats through use of intrusion detection systems, firewalls and other boundary protection devices, and any security incident management products deployed.
• Work in a Unix/Linux and Windows environment behind Kernel Shell and Powershell.
• Did Regular Expressions, Parsing, Scripting (BASH and Python). Maintain, and Engineer QRadar and Splunk SIEM systems. Licensing, access, log aggregation and Dash boards/ Pages, configure the XGS remote syslog to send events to QRadar from the SiteProtector Console and Local Management Interface.
• Use QRadar and Splunk for Big Data parsing and investigating incidents and log correlation.
• Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
• Ensures the integrity and protection of networks, systems, and applications by technical
• Enforcement of organizational security policies, through monitoring of vulnerability scanning
• Create and manage Sourcefire, Snort and Bro IDS/IPS rules.
• Monitors and proactively mitigates information security risks.
• Work within a 24/7 shift-scheduled security operations environment

Confidential, Silver Spring, MD

Security Analyst (SOC)

Responsibilities:

• Performs detailed examination and analysis of Phishing sites;
• Work in a Unix/Linux and Windows environment behind Kernel Shell and Powershell.
• Did Regular Expressions, Parsing, Scripting (BASH and Python).
• Use Splunk for Big Data parsing and investigating incidents and log correlation.
• Used Qradar and ArcSight as SIEM systems for alert and Incident Response.
• Performs analysis of malware binaries and communication points;
• Responsible for working in the 24x7x365, Security Operations Center (SOC)
• Monitor and analyze network traffic and IDS alerts
• Create and manage Snort and Bro IDS/IPS rules.
• Investigate intrusion attempts and perform in-depth analysis of exploits
• Analyze a variety of network and host-based security appliance logs (Firewalls,
• NIDs, HIDS, sys Logs, etc) to determine the correct remediation actions and escalation paths for each incident.
• Perform investigation of on elevated intrusions and alerts.

Confidential, Baltimore, MD

Systems Engineer

Responsibilities:

• Troubleshoot computer hardware, application, network, and software related issues for
• Confidential and Confidential Network users.
• Create tickets and assign tickets to NOC and other proper departments or teams as necessary using HP Service Manager ticketing system.
• Install printers, software, and update software on workstations via LANDesk remote assistance tool and remote desktop tool. Work in Active Directory, Group Policy, LANDesk manager, Microsoft Windows Server 2003, 2008 RS, and Exchange Server.
• Provide support for over 50,000 users on both the CEG and Confidential Domains. Provide
• VPN, Remote Access, and RSA Authentication using the RSA console.
• Support Users using MAC computers and PDAs like iPhone, Android, and Blackberry in connecting to the Mobile Iron and BES or Blackberry Enterprise Server.
• Manage remote clients on Citrix Xenapp 6 apps, through the Citrix access management console server by closing, opening, troubleshooting, refreshing, and shadowing sessions

Confidential, Baltimore, MD

Network Engineer

Responsibilities:

• Setup LAN networks connect them to WANs and MANs using Cisco routers and
• Switches/hubs for setup of new computer labs. Use protocols OSPF, BGP, EIGRP, IPSEC,
• SSL, VPN and Static routing.
• Work a mix of full time and as needed basis on projects supporting and implementing network architecture for the Baltimore City Public School Systems.
• Build and configure PCs, laptops, and Servers and configure VLANS on switches.
• Worked with Firewalls ASA 5505 - 5515 and Cisco equipment in cli IOS command line like
• Routers: 2800, 2900, 3800, 3900, 7200, and 7300 series.
• Worked with Cisco switches cli IOS command line interface. Cisco switch models: Catalyst 3850, 2960-X, and 2600X series.