TECHNICAL PROFICIENCIES:

Platforms: Windows 10, Windows XP, Vista, Windows 7, Windows 8, Windows Server 2003, 2008, 2010 2012, SQL, Linux, Mac OS, and Mac OS X

Software: Cisco VPN Client, Sonicwall™, Scandisk Secure Access, VMware, Citrix XenDesktop, Cisco AnyConnect Secure Mobility Client, RSA Secure ID, McAfee Endpoint Encryption, Lotus Notes Virtual Help Desk (VHD), Service Now IT Service Management

Networking: VPN and Configuration of Routers/ Switches/ Access Points/ Hubs/ Firewalls

Tools: Carbon Black Protection and Response, Microsoft Security Essentials, Unhide, Combo Fix, Microsoft Office Suite 2003/2007/2010/2013/2016 , VisionApp, Palo Alto Panorama, FireEye EX and NX, Nessus, Angry IP Scanner, Linux Kali 2.0, John the Ripper, Vsphere, GPG4USB, KeePass, VisionApp, Angry IP, Total Command, Solar Winds, Dameware, Putty, Citrix, Nagios, VMware, Symantec Ghost Cast Server, QualysGuard Vulnerability Scanning, SCCM, Infoblox, Qradar, BitLocker, SANS General Security Awareness training admin console, Swimlanes, Splunk, ForeScout, Proofpoint, and McAfee ePo.

EXPERIENCE:

Security Operations Architect

Confidential, Chicago, IL

Responsibilities:

• Designed micro - segmentation strategies for the new environment. Architected the separation environment in AWS Virtual Private Cloud (VPC) and designated physical data centers throughout the united states.
• Interviewed and selected Managed Security Service Providers (MSSP) to manage various tools.
• Developed the Incident Response framework to include MSSP tier 1 and 2 response responsibilities.
• Architected the development/testing environment. Instituted new patch management program.
• Built the Security Orchestration, Automation and Response (SOAR) program centered on ServiceNow, Swimlanes, Qualys Vulnerability Scanner, Carbon Black, Symantec DLP, and Splunk.
• The SOAR program now handles 75% of security events. Took a leading role in developing the Identity Access Management (IAM) program using CyberArc.
• Architected Incident Response framework
• Architected the Playbooks
• Architected separation environment in AWS and physical data centers
• Architected Security Operations Center Incident Response workflow
• Architected Vulnerability Management program
• Designed the secure code scanning program for internally created applications
• Write 20+ Security Policies
• Designed and built the Vulnerability Management framework
• Identifies security gaps and presented strategies to close
• Developed the Security Incident Event Management and Data Loss Prevention infrastructure.

File Integrity Engineer/Architect

Confidential, Davidson, NC

Responsibilities:

• Architected Incident Response framework
• Architected the Playbooks for 50+ use cases for the detached SOC
• Designed and built the Vulnerability Management framework for the PCI admin zone
• Identifies security gaps and presented strategies to close
• Established the comprehensive information security program (CISP) to mitigate risks in a manner that is tightly aligned to business objectives while bringing the company in compliance with PCI DSS requirements.
• Developed the Security Incident Event Management and Data Loss Prevention infrastructure.
• Created the enterprise vulnerability assessments including scanning and remediation planning.
• Authored and implemented information security policies, procedures, standards and guidelines across all the PCI admin zone.
• Instituted software version controlling using Bit9

Data Protection Architect

Confidential, Washington, DC

Responsibilities:

• Design and built the ForeScout countermeasure solution
• Stood up HA appliances in 5 separate locations
• Build 4 C policies for monitoring
• Integrated ForeScout with SCCM for automated patching
• Integrated ForeScout with Nessus for non-compliant patch and vulnerability management
• Architected quarantine and remediation VLANS
• Architected Incident Response framework
• Architected the Playbooks for 500+ use cases for the SOC
• Designed and built the Vulnerability Management framework
• Architected the Vulnerability Scanning platform, including standing up the scanners and callback servers
• Identifies security gaps and presented strategies to close
• Established the comprehensive information security program (CISP) to mitigate risks in a manner that is tightly aligned to business objectives while bringing the company in compliance with HIPPA requirements.
• Conducts security and compliance risk assessments and aligns necessary controls, policies, procedures to cost-effectively protect information assets from intentional and unintentional modification, disclosure or destruction.
• Established an IT Governance, Risk & Compliance (GRC) system on a single, unified platform for compliance management activities including risk management and security, IT governance and audit operations allowing the company to gain visibility into the risk management and compliance efforts across the organization providing a risk-based strategy. Took a leading role in all internal audits and customer security compliance assessments, as well as FFIEC examinations.
• Established the FEPOC Business Continuity Program (BCP) ensuring participation from all departments in completing Business Impact Assessments and Department Recovery Plans, and coordinating BCP testing schedules and company-wide communication plans.
• Leads the Information Security Awareness program providing training that changes behaviors and reduces risk while ensuring compliance by using a framework based on the Critical Security Controls.
• Performs internal information security risk assessments and serves as the incident response manager and liaison to the internal auditor for information security processes.
• Develops all corporate security policies and procedures, including those for end users, IT administration and legal compliance
• Developed the Security Incident Event Management and Data Loss Prevention infrastructure.
• Created the enterprise vulnerability assessments including scanning and remediation planning.
• Architected the Security Incident Event Management and Data Loss Prevention infrastructure.
• Authored and implemented information security policies, procedures, standards and guidelines across all computing platforms.
• Provided safeguards to internal information systems by identifying potential security threats and determined causes of security violations and recommended corrective actions on time and on budget
• Designed and implemented a Secure FTP solution for corporate file transfer.
• Created encryption policy and technical solutions to protect company mobile computing devices including laptops and smartphones.
• Leads and manages a team of Information Security Analysts
• Lead migration from internally hosted infrastructure to an off-site data center
• Created change management program
• Instituted software version controlling using Bit9

Infrastructure Security Architect

Confidential, Washington, DC

Responsibilities:

• Developed patch management program
• Lead migration from internally hosted infrastructure to an off-site data center
• Created change management program
• Instituted software version controlling using Bit9
• Developed Cybersecurity Awareness program
• Collaborated with internal teams to protect employee and client information by the delivery of security analysis, recommendations, projects, and compliance methods and practice.
• Developed and communicated NIST and FISMA security standards and policies for implementation.
• Design, build, test, and deliver computers images for traveling users
• Developed and deployed test environment which doubled as Honeynet
• Created and managed the security approval process framework for each phase of projects in the development lifecycle including threat and vulnerability management strategies.
• Responsible for contributing to IT Security Governance company security Policies and Standards
• Administered threat assessments, network intrusion detection, computer network defense, and secure network architecture with support from Senior Management
• Defined the baseline security architecture framework
• Introduced the Security Lifecycle Management Process for project management
• Created project budgets and timelines for security initiatives
• Provided updates and presentations to executive-level personnel on security position and project statuses
• Engineered, designed, and implemented information security controls to ensure the confidentiality, integrity, and availability of corporate data

Senior Information Security Engineer

Confidential, Bethesda, Maryland

Responsibilities:

• Set policy enforcement by user roles
• Research and validated of 250 publishers
• Wrote custom rules for server patching
• Created new change control process to center around Bit9
• Security member on the disaster management team
• Lead the mitigation, patching, and restoration process during the 2015 Ransomware attack in which McAfee updated DAT files a month after Symantec
• Responded and took ownership of information disclosure incidents involving PII and PHI while ensuring the incident was handled with HIPPA standards
• Wrote Procedures for Incident Response
• Liaised with Systems Administrators on server patching
• Wrote various policies and procedures and presented to Change Control Board
• Employed Ethical Hacking techniques
• Managed all Least privilege escalation requests
• Translated Risk Analysis findings to the Information Risk Management database
• Created, tested and implemented network disaster recovery plans
• Performed risk assessments and tested data processing systems
• Installed firewalls, data encryption, and other security measures
• Recommended security enhancements and purchases
• Trained staff on network and information security procedures
• Lead role for Incident Response reporting
• Wrote Access review policy and procedure
• Member of Incident Response team
• Analyzed and categorized risks based on a proven method
• Instituted data destruction policy
• Overhauled Certificate of Destruction (CoD) methods
• Managed third-party vendor for disk destruction
• Analyzed, approved or denied software request not on the approved list for special use
• Provided new and current users with general security awareness training
• Liaised with Help Desk on continued training
• Monitor their organization’s networks for security breaches and investigated a violation when one occurs
• Installed, tested, and use software, such as firewalls and data encryption programs, to protect sensitive information
• Prepare reports that document security events and the extent of the damage caused by the events
• Conduct penetration testing

Systems Security Administrator

Confidential, Chantilly, Virginia

Responsibilities:

• Created Security training (initial, refresher, and ongoing) awareness training for all employees
• Created and implemented an asset policy procedure
• Instituted the BYOD Policy and Standards
• Created and maintained on/off boarding standards for security best practices
• Modified practice of duties to include Separation of duties
• Isolated vulnerabilities and threats by using the qualitative assessment strategy
• Managed risk by implementing a transference method in addition to using mitigation strategy First
• Implemented least privilege policy - separation of duty, Need-to-Know, and Job rotation
• Used web-based firewalls to protect traffic through HTTP/HTTPS (Barracuda)
• Used protocol analyzers to check traffic in and out
• Reconfigured and monitor the ruleset of the primary and secondary firewalls
• Managed multiple VLANs on routing switches
• Created and used the disaster recovery model when the main File/Print server crashed
• Implemented Weekly full backup and nightly differential back-up to warm off-site storage
• Invoked problem escalation procedures to coordinate recovery
• Configured and updated Nagios monitoring server
• Update server patches
• Implemented Support email ticketing system
• Manage network drive permissions
• Monitors problem management database
• Manage Virtual Private Network
• Maintain a central source of information
• Isolates problem and security trends
• Ensures that daily, weekly, and monthly statistics, and status reports are completed
• Virtualized Microsoft Exchange Server 2003/2008
• Migrated all PCs platforms from Windows XP to Windows 7
• Cleaned Active Directory of old profiles

Assistant Security Analyst

Confidential, Waldorf, Maryland

Responsibilities:

• Manage network drive permissions
• Implemented an asset policy procedure
• Managed web filter
• Created new user account for employees and interns
• Created document control policy