SUMMARY:

Experienced IT Security and Network professional serving a diverse client base in federal government agencies, Pharmaceutical companies, and Financial Institutions. Security and Networking qualifications combine with demonstrated ability to implement technical solutions to meet critical business needs. Outstanding leadership and interpersonal skills that has yielded an effective working relationships and top performance among staff.An excellent communicator between technical and business units who can translate complex data into easily understood terms

EXPERIENCE:

Information Security Engineer

Confidential

Responsibilities:

• Lead BlueCoat engineer responsible for design and implementation for multiple clients.
• Conducted consultations and information sessions on bluecoat implementations to best standard practices.
• Directly supported clients with large, complex environments to include (but not limited to) Internet Service
• Providers, Financial Institutions, Healthcare organizations and Utility services.
• Trusted advisor responsible for building and maintaining relationships with potential and existing clients.
• Responsible for creating Statements of Work (SoW) for team of engineers based off of customer objectives and deliverables.
• Became a Splunk power user and Admin, working on multiple engagements regarding configuring and implementing Splunk Enterprise.
• Worked with CyberArk on multiple engagements regarding identity management and setting up use cases for preventing access management.
• Engineered, installed and configured Firemon upgrades and implementations.

Senior Information Security Engineer

Confidential

Responsibilities:

• Dealt hands on with enterprise antivirus management, patch management, web and spam filtering; email and disk encryption, and other end - user, network, and host-based security solutions.
• Researched, evaluated, and recommended security technology and solutions. Defined and documented internal controls and procedures.
• Lead projects and conducted routine security audits and risk assessments.

Senior Information Security Analyst

Confidential

Responsibilities:

• Dealt hands on with enterprise antivirus management, patch management, web and spam filtering; email and disk encryption, and other end-user, network, and host-based security solutions.
• Researched, evaluated, and recommended security technology and solutions.
• Defined and documented internal controls and procedures. Lead projects and conducted routine security audits and risk assessments.
• Used security products and techniques to routinely monitor for vulnerabilities, threats, alerts and attacks. Worked with Engineers and System Security Specialists to achieve results and submits reports on findings, current status, and recommendations to Information Security Manager.
• Worked with IT Management and Engineers to routinely recommend, develop and maintain policies, standards, guidelines, and training materials on the secure configuration and operation of computer systems, network devices, communications and protection systems. Periodically perform audits to determine that controls are in place and operational.
• Worked with IT resources and business leaders to assist in the research, development, configuration, upgrade and implementation of IT Security related products and services. Developed and facilitated incident response procedures and performed risk assessments. Conducted security investigations using data analysis and forensic techniques worked with Business Owners, IT Application Development and Infrastructure stakeholders to assist in the planning, design, and implementation of enterprise wide security architecture and systems provided periodic risk assessment reports to the CIO and executive lead team. Documented security related events and the impact caused by each event. Identified existing security weaknesses and concerns, and described each potential impact on the organization from an operational and financial standpoint

Information System Security Engineer

Confidential

Responsibilities:

• Worked with all aspects of Risk Assessment, the Certification & Accreditation process, continuous monitoring, patch management, system security configuration, and specializing with Confidential documentation and implementation of its principles and practices. wrote the SSP and accompanying documents for the Certification & Accreditation process.
• Interfaced directly with government clients on multiple projects to deliver their security requirements.
• Filled in on other projects that needed help along the Certification & Accreditation process.
• Dealt with patch management, vulnerability assessment and system security based on multiple security constraints.
• Configured, created, and documented all changes made to the network and our system based upon customer needs and requirements to their satisfaction.
• Managed day to day file and system security administration based upon IT compliance

Arcsight Security Engineer

Confidential

Responsibilities:

• Attended and completed various ArcSight specific trainings and boot camps.
• Build multiple ESM, logger, and connectors to fit the customer s needs.
• Created content built around customer requirements and needs
• Aided in the creation and implementation of various security rules for multiple systems
• Hardened various boxes and systems for test and production environments to meet DoD and customer requirements.
• Provide customer support for numerous customers in the Federal Professional Services.

Information System Security Engineer

Confidential

Responsibilities:

• Oversees the efforts of security staff to design, develop, engineer and implement solutions to security requirements.
• Gathers and organizes technical information about an organization's mission goals and needs, existing security products, and ongoing programs in the MLS arena.
• Performs risk analyses that also include risk assessment.
• Provide support to plan, coordinate, and implement the organization’s information security.
• Provide support for facilitating and helping agencies identify their current security infrastructure and define future programs, design and implementation of security related to IT systems.
• A working knowledge of understanding of business security practices and procedures; current security tools available; hardware/software security implementation; different communication protocols; encryption techniques/tools; familiarity with commercial products, and current Internet/EC technology.
• Provides daily supervision and direction to staff

Information System Security Engineer

Confidential

Responsibilities:

• Worked with risk assessment, especially with Confidential 800-30. Threat identification, system security categorization, gap analysis, compliance reporting, security analysis, especially trend analysis, incident response, encryption.
• Experience doing vulnerability scanning, penetration testing, system hardening, system integration, packet sniffing. Apply and validate security patches.
• Developed, tracked, created and managed POA&Ms.
• Gained knowledge of and experience with quality assurance and continuous monitoring.
• Contributed to the accuracy and efficiency of analysis operations through technical innovation, procedural refinement, training of analysts and analyst oversight.
• Accountable for the real-time analysis, commentary and handling of security events.
• Designed processes and complex spreadsheets to support Certification & Accreditation, Patch Management, Personnel Clearances / Training, Password Change management, Vulnerability Assessment Reporting, Network Inventory, Expense Reports, System Hardening and consolidation Gained knowledge of Confidential Assessment Methodology/Evaluation Methodology (NSA IAM/NSA IEM).

Security Analyst/Information System Security Engineer

Confidential

Responsibilities:

• Detect, defend and protect information assets from cyber-attacks via monitoring, analysis, response, and threat management.
• Comprehensive knowledge of mission impact and effective mitigation.
• Performs monitoring, problem resolution, change management, analysis and incident response.
• Coordinates actions with internal and external customers, service providers, cryptologic centers and the intelligence community.
• Guided the Certification & Accreditation Process and Continuous Monitoring
• Worked with system owners to mitigate weaknesses on the POA&M enabling system authorization for both currently accredited and those systems pending accreditation.
• Worked with affiliated organizations and personnel to achieve and maintain System’s operational status in accordance with NISCAP, DCID 6/3, and Confidential SP 800-53.

Network Engineer

Confidential

Responsibilities:

• Member of a tier 1 seven-member network team. Knowledge of Cisco/Juniper routers; Voice over Internet Protocol (VoIP) network
• Promina 400/800 multiplexers; BPX/IGX/MGX switches Provide operational support to military operations, deployed forces, centers located in the CONUS and OCONUS and services to multiple networks.
• Ensure network wide interoperability through the use of cryptographically secured backbone trunks and utilizing Cisco WAN Manager and HP Open View network mapping.
• Coordinate troubleshooting with Tier-2 and end users to expedite restoral of circuit/trunk outages.
• Perform trend analysis on WAN outages by the use of spread sheets and graphs to aid in the isolation and restoral of reoccurring outages.
• Utilize Master Station Log (MSL) and remedy to annotate essential events on shift and update trouble ticket outages.