- Demonstrates capacity to analyze and apply technology solutions and strategies which meet the security control requirements specified by FISMA, OMB, and NIST guidance. Superior technical, writing, and presentation skills.
- Excellent organizational skills and attention to detail, excellent customer service skills, working knowledge of Microsoft Office, ability to multitask, and excellent written and verbal communication skills.
- Demonstrates strength in managing projects from start to finish. Identifies resources needed and assigns individual responsibilities.
- Facilitates team and stakeholders meeting effectively. Communicates project information to superiors.
- Resolves and escalates issues in a timely manner. Proven ability to lead and motivate teams for maximum productivity.
- Proven experience in the installation and support of servers and network devices.
- Expert in Local Area Network (LAN), Wide Area Network (WAN), and network security systems.
WORK ON THE FOLLOWING NETWORK AND SECURITY CONCEPTS:
Network Security: IPSec VPN - Site to Site and Remote Access VPN; GRE and DMVPN Tunneling; AAA Architecture, TACACS+; SSL; SSH; Symmetric and Asymmetric Encryption Algorithm; Hashing Algorithm; PKI; Port Security; Router Hardening; System Hardening; ACL, NAT/PAT.
Routing: BGP, MPLS VPN, OSPF, RIP, EIGRPWAN MPLS, Metro Ethernet, Frame RelayWireless Access Point provisioning and deployment
LAN Switching: VLAN, VTP, STP, DHCP, EtherChannel, vPC, Port channel, VDCRedundancy/High Availability Hot Standby Router Protocol (HSRP); Virtual Router Redundancy Protocol (VRRP); Gateway Load Balancing Protocol (GLBP)
Load Balancer: Migrated from Cisco Application Control Engine to Citrix NetScaler SDX 11520 Appliances working as high availability (HA) pair - configure, manage and troubleshoot, etc
Network Management: SolarWinds, ORION; SYSLOG; Netflow; CiscoWorks, Ngenius Infinisteam
Cisco Secure ACS (Access Control Server): provides configuration, system administration, monitoring and reporting, etc
Ticketing System: Remedy; Network Documentation and Design Visio
Operating Systems: Windows NT Server and Workstation; Windows Server 2000/2003/2005/ 2008 R2; Windows XP/Vista, Windows 7 and 8; HP Unix, Red Hat Linux, Fedora; Cisco IOS.
Hardware: Integrated Service Routers (ISR), Aggregate Service Routers (ASR), Cisco 7600, 7206, 3900, 3600, 3800, 2600, 1600 Series Routers/Cisco Catalyst Switches and Layer 3 Switches Nexus 1010, 2000, 4000, 5000 series switches; Cisco Catalyst 650 9, 4507, etc. Cisco ASA 5585, 5510; Checkpoint Firewall, Workstations and Servers - H P, IBM, Dell, Micron, Compaq, Unisys/Printers, Scanners, Modems, RAID, SCSI, Network Cards, Memory, Wireless Routers and other peripherals.
Computer Network Specialist
Confidential, Baltimore, MD
- Manage and administer network and security infrastructure in a modern Data Center and more than one hundred Field Office locations.
- Access Layer Switches: Cisco Catalyst 3500 and 3700 series switches, HP A5500 Series
- Cisco Integrated Services Routers (ISR): Cisco 2800, 2900, and 3900 series routers
- Distribution Layer and Core Switches: Cisco 4500, 6500 series switches; Cisco Nexus 1010, 2000, 4000, 5000, and 7000 series switches
- Aggregate Services Routers (ASR): Cisco ASR 1000 and Cisco 7206 VXR routers
- Citrix NetScaler SDX 11520 Appliances for production application load balancing.
Computer Network Security Lead
Confidential, Baltimore, MD
- Maintain agency-wide information security management program to ensure that information assets are adequately protected. Responsible for identifying, evaluating and reporting on information security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the risk posture of the agency.
- Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program to ensure that the integrity, confidentiality and availability of information is owned, controlled or processed by the agency.
- Administer LogRhythm for servers and network devices log consolidation, integrity, reporting, event management, etc. Review and analyze LogRhythm for detecting, defending against, and responding to cyber threats and associated risks. LogRhythm uses the concept of Security Information and Event Management (SIEM).
- Manage security incidents and events to protect agency’s IT assets and reputation.
- Read and analyzed syslogs and other log files
- Managed enterprise vulnerability scanning and patch management solution for operating systems, applications and web browsers, thus preventing Web Application Attacks like Dive-by downloads, Buffer Overflows, Cross-site scripting (XSS), etc. Managed the installation of antivirus, firewall, and anti-spyware solutions. Took proactive steps to mitigate attack vectors, such as, SQL injection, XSS, Cross-Site Request Forgery (CSRF/XSRF), LDAP injection, Command injection, Directory Traversal, session-hijacking etc.
- Developed, maintained and published up-to-date information security policies, standards and guidelines. Oversaw the approval, training, and dissemination of Security Awareness Program.
Senior Network Engineer
Confidential, Chantilly, VA
- The course is designed to help prepare students for the Cisco Certified Network Associate examination 200-120. A hands-on introduction to Cisco internetworking devices.
- The goal is to configure and manage Cisco network infrastructure within multiprotocol internetworks.
- Topics include VoIP (voice over Internet protocol), wireless network protocols, and routing protocols.
- This has given me the opportunity to contribute to the training of hundreds of our deployed military officers, and many more civilians back home.
Network Security Support Staff
- Cain and Abel which has the ability to crack encrypted passwords using Brute Force, Dictionary, or Cryptanalysis
- CrypTool: Its purpose is to aid users with understanding the various concepts and techniques used in cryptography. The program covers a range of modern ciphers such as RSA, DES and AES as well as classically used ciphers including the Caesar, Playfair and Vigenère ciphers.
- Snort a free, open source network intrusion detection and prevention system capable of performing real-time traffic analysis and packet logging on IP networks.
- Nmap used to sweep networks and look for vulnerable targets. Once these targets are identified, an intruder is able to scan for listening ports.
- Nessus as a network security scanner to detect open ports and other vulnerabilities in a network, and has the ability to generate a variety of reports.
- Forensic Imaging of Digital Media with Adepto
- Forensic Analysis of Digital Media (Dead-box) with Autopsy
- System deployment: create and implement disk images with Norton Ghost
- Use Track-It 7.0 to manage tickets from users.
- Maintain full functionality of computer equipment, hardware, software, audio visual devices, peripherals and systems including the instructional computer labs and classrooms, the homework lab, the library commons, the Testing Center; and a ll faculty and staff desktop and laptop computing equipment located in the University Complex.
- Ability to u se Wire shack Packet Sniffer to analyze packets and frames in a LAN segment
- Experience in server virtualization techniques such as VMWare
E-Business Project Manager
- Managed all new IT projects from start to finish and make periodic presentations to management
- Ensured that service providers abide by the Service Level Agreements
- Experience in using standard design and Project management tools
- Managed the deployment and installation of Cisco Routers and Switches in branches with minimal downtime.
- Managed from start to finish the successful deployment of 1000 units of ATMs and Inverters in bank Branches and Offsite locations.
- Managed the successful deployment of 3000 units of Point Of Sale devices
- Managed the migration from issuing magnetic stripe cards to CHIP-&-PIN enabled cards
- Managed the successful deployment of mobile banking services, whereby subscribers were able to use their smartphones to carry out online mobile banking activities .
- Some of the key deliverables in one of the projects are: Requirements Definition; Provision of Project Management Plan and Creation of WBS; ATM Encryption Keys Generation Plan; ATM Encryption Keys Distribution Plan; ATM Test Plan; ATM Test Results; ATM Project Evaluations & Lessons Learned; Final Report and Presentation.
- Managed Cisco Adaptive Security Appliance ( ASA ) 5585 for firewall, Intrusion Prevention, VPN, content and URL filtering, antispam and antivirus solutions .
- VPN management and operation, example, Cisco AnyConnect VPN client
- Managed Cisco Firewall Service Module (FWSM) installed in Cisco Catalyst 6506-E switch for the protection of internal network behind the DMZ. The Cisco Catalyst 6506-E supports both Cisco Catalyst OS and Cisco IOS Software.
- Managed Cisco 7606 Router for high performance Headquarters core routing, and enterprise WAN aggregation .
- Managed the deployment and installation of Cisco Integrated Service Routers in branches
- Enabled QoS in Cisco Router and configured IP network to support real-time voice traffic. Installed and configured voice feature card in Cisco router. Configured network and SIP parameters for VoIP phones, as well as Caller ID
- Ensured the availability of network devices like Cisco Routers and Switches in all branches of the bank.
- HP Unix Server administrator - managed user and group accounts; managed tuning and performance; configured networking and TCP/IP
- Configured VLAN in Cisco switch.
- Used WhatsupGold to monitor and manage the Bank’s enterprise network
- Ensured the availability of all e-business applications and devices like MasterCard, VISA, Internet Banking, ATMs and POS terminals. Ensured that the bank’s debit cards were properly processed, and managed cards that have been issued to cardholders, like hot listing and dehotlisting, etc.
- Wrote structure query language (sql) used to generate reports and monitor the performance of ATMs.