Lan/Wan/Man, Security & Identity Management (22+ years): Security +, Tivoli Identity Management, Two Factor Authentication (2FA), PKI with Certificate Services. PIV, CAC, Etrust,RSA Secure ID, SDLC2 Gateway,X.25 Gateway, X.500, LDAP, SAML,IDENTITY MANAGEMENT,HSPD - 12,MS-2008 Server AD & 2012 Server AD. NESSUS,SCCM,IEM.ITIL,Jira/Agile.
Confidential, Rockville, MD
Subject Matter Expert
- Engineering Team Lead for Two - Factor(2-FA) Implementation for the Veterans Affairs (VA)
- Utilizing Level of Assurance (LOA3 and LOA4).
- Initial requirements analysis, NIST SP 800-53A rev4 and NIST SP 800-63-2, FISMA Compliance
- Encryption in Transit and at Rest.
- Alternate remote solution via Soft Token using MobilePass 2FA solution for VA employees and contractors.
- Supporting end-user Network related issues in the Chantilly location
- In-house sandbox 2FA Lab with MobilePass via virtualization.
- Access authentication via 2FA to VA’s Citrix Access Gateway (CAG). Worked with PKI,PIV Cards and resolved Three factor 3-FA(Biometric), and VPN issues.
- Jira/Agile S/W Project Management and tracking tool. Use of Stories to track project related task and events . HIPAA certified, CA SDM
- Wireless Testing of Campus Wide Network via Broadband.net
- Network Support Tier II/III & Security for proprietary SecureShell software used for Assessment test in the public school systems via FDOE. This was secure software that blocked students from accessing websites to look for answers during scheduled lab test times.
- Duties include Network Tier II/III support,/Security & Assessment for the Federal Department of Education (FDOE) Tier II/III Network support system for the US Public school systems nationwide.
Software Security & Desktop Applications: Join-me, Tivoli, LDAP, etrust RSA Secure ID, Tivoli ITIM,VPN client, Remote Desktop within a W2008 Server, Windows 20012, Win7,Win8 and UNIX environment. Use of Google Chrome books, Chrome OS, Mac IOS 10.x 8,Virtual Box, VM Workstation. Cisco IP Phone (7945) (Voice over IP),Cisco Webex
Sr. Security Analyst
- SCCM 2007/2012, CITIRX,IPV4,IPV6,DHCP,Proxy Servers, IPSEC, DNSEC, Group Policy, VPN,LPTN, ITIM Security and Identity Management for secured user authentication in Single Sing On (SSO) or Enterprise Single Sign On (ESSO) environment.
- Utilizing Windows 2008 Active Directory Services (ADDS). Use of SCCM (2007/2012),NESSUS, and CITRIX to update software packages and patches. Work remotely via VPN or ISP connection. (Production and lab setting) using remote desktop.
- Utilized Linux/Unix/Solaris, ssh servers for internet security web access and authenticated users application. Using VMware ESX, Virtual Box, VM Workstation and NESSUS, SCCM(2007/20012). Checking for intrusion detection on various portals by using Tivoli Identity Management (ITIM) software. Utilized LDAP and GPO organizational units (OUs).
IRS Lead Cybersecurity Risk Analyst
- Working with Stakeholders in the SPI-Gov/ Program Management Office(PMO) of Cybersecurity doing Risk Analysis, Certification & Accreditation, Compliance Review and Implementing a Cybersecurity Business Center/Lab.
- In addition, working with the Enterprise Life Cycle (ELC) process and other methodologies that included: ITIL,COBIT, and CMMI3 Maturity Model.
- Running security vulnerability scans and audits within Small Business Units.
- Interfacing with the Federal Enterprise architecture (FEA) and working with various project documentation and artifacts.
- Involved with the Work Breakdown Structure (WBS), Requirements Analysis, Project Initiation, Certification & Accreditation(C&A), and project estimated funding. Working with ATO group.
- Regular meeting and reports to Cybersecurity Senior staff and other stakeholders in regards to the impact within each small business unit based upon the results of the audit report and scans that were conducted. Any Malware findings had to be addressed immediately and contained within the FISMA based security control process.
- FISMA Act of 2002 on Compliance, NIST SP 800-53A rev 1 & now Superseded by NIST SP 800-53A rev 4
- Vulnerabilities discovered were tracked,maintained,and mitigated using a Plan of Action
- Working with Web Portal access issues in a production/application development environment.
- Troubleshooting Web portal access issues via EUP, and RUP.
- Conducted various portal checks via Triage and bridge calls.
- Use of Tivoli monitoring Transaction Performance (Big Board software), Tivoli Enterprise Portal(TEP), Tivoli Enterprise Console( TEC), Panorama Opnet, ITCAM.
- Troubleshoot P1, P2 tickets that come into our queue via ITAMS Peregrine help desk software system. Worked with various IRS in-house backend application programs: Mef, IRFOF,E-Services, IFS, ITNS, TDS, etc. Additional work included: SiteMinder, Etrust, WebSphere, Tivoli Packaging, etc.
Senior Network Engineer
- Member of a technical team working within a heterogeneous secured network environment with Windows 2003 Servers and IBM AIX on E series P5 platforms.
- Working in the identity management security space, Provisioning users and giving access to high level applications.
- Managing the Identity management (IDM) security space with ITIM, ITIL, TAM, WebSphere (WAS), LDAP, PKI, and SUN IDENTITY MANAGER (IDM5).
- Additionally, working with CiscoWorks, and various Cisco Catalyst switch configurations.
- Completing Traceroutes and pings.
- Trained end users how to use ITIM Esso.
- Solved tier2 help desk issues, and involved with hiring a team of software engineers to work with Java, PHP, and MySql.
Confidential, Hyattsville, MD
Senior Security Engineer
- Working with Tivoli Identity Management (TIM),DB2,Websphere,TAM, and Webseal Software. Installation and implementation of Tivoli security software
- Responsible for end user authentication, provisioning, reconciliation, orphan management, adoptions, running agents, loading adapters, certool, work flows, entitlements, LDAP, and Decommissioning of Citrix, and AIX server boxes from TIM.
- Enterprise system application access with ITIM Single Sign-On (SSO) & Enterprise Single Sign-On (ESSO)process, worked with Citrix, Sybase, LDAP, etrust SiteMinder,RSA Security ID, etrust PKI, HSPD-12, PIV cards.
- Security and Identity Management within the Treasury Web Application Infrastructure (TWAI). Understand single sign on process authentication process across mainframe (CA/Topp Secret), AIX, Solaris, Linux, Windows 2003 w/Active Directory.
- Additional responsibilities included: Attendance at Change management Change Control Board(CCB) meetings which focused on security integration/penetration that may compromise in-house TWAI security thresholds. Helped to implement and develop technical solution for Personal Identity Verification (PIV) cards and e-Authentication (e-Auth) related challenges with Smartcard, PKI, and HSPD-12.
- Working knowledge of digital signatures,Certificate Services,Hashes, Federated Identity management (FIM) and SAML. Direct experience with e-Government(e-Gov), e-Authentication(e-Auth) Initiative Level 1 and Level2 authentications.
- Tivoli Identity Manager v.4.5, IBM Secureway LDAP, Fiscal Services LDAP, TAM, Michigan Tool Ldap, Siteminder, TAM, AIX, Secure Shell(ssh), Connect Direct, Sybase, etrust PKI, RSA Secure ID, CA Topp/Secret), Rational Clearquest, Sun Identity Manager(IDM5).
Confidential, Rockville, MD
Network Consultant/System Administrato r
- Duties included: Working as a Lan Administrator doing network server installation and implementation of company-wide software applications at various field offices.
- Working with Tivoli, Websphere, LDAP, etrust RSA Secure ID and ITIM within a W2k and Unix environment.
- Working with Windows 2000 Active Directory Services.
- Working also with Linux/Unix/Solaris servers for web access and authentication user application.
- Worked with TAM and Webseal creating encrypted SSL, SSO, TCP Junctions.
- Web Portal Management with Websphere, TAM,TIM,LDAP and Webseal junctions.
- Writing shell scripts with Perl. These test scripts were used for regression testing.
Confidential, Virginia Beach, VA
Sr. Lan Manager
- Technical support with Lan Desktop services this was primarily a help desk function. Working with help desk tools such as Tivoli Deskview, Tivoli Service Center and Marimba.
- This was primarily a help desk environment with Windows NT Solaris 8.x, and Windows 2K. Resolved various Lan and desktop application systems/user problems.
- Help Desk coordination was accomplished by Tivoli Deskview ticket system, install new network users at various NOCs, create batch administration scripts, run system backups for servers.
- Field work at various Confidential NOC locations included installation SIW images, patches, Virus security updates, updates for application software, and W2k operating systems updates and patches.
- Server deployment and installations was administered on an as needed basis to the various NOC field offices.
- Experienced with LAN, WAN(ATM, Frame Relay, SMDS), Internet, various network protocols(i.e., TCP/IP),Solaris 8.x,Microsoft Windows NT User Administration, Windows 2000 Active Directory and computer management, microcomputer operating systems/software issues, relational database technology, products, business systems/services.
- Strong ability to work effectively with all levels of management/support staff in this very complex IT environment.
- Clearly orally communicate with technical leads/ answered with detailed information, interpret policies/procedures correct, and strong ability to identify/analyze technology problems before they actually happen.
Confidential, Ft. Eustis, VA
Tivoli Team Lead Engineer /Tivoli Administrator
- Worked for the Enterprise management team at Ft. Eustis Army Base. Deploying Tivoli pushes for the "Army Distant Learning Program". This was in a class room setting. PC's had to be updated with new software overnight after a Distant Learning class was delivered.
- Duties included installation and implementation of Tivoli TME 10, Tivoli Netview, Tivoli Framework, Tivoli Configuration, Tivoli Distribution, and some light programming with Perl. Worked heavily with Tivoli deployment/implementation within a Windows NT 4/2000 and UNIX environments.
- Worked with TMRs, Endpoints, Managed Nodes, Gateways, and setting up and installing of Tivoli client endpoints and troubleshooting duplicate endpoints.
- TMR, TEC, distributed monitoring, framework, inventory, remote control, Solaris, NT, and Oracle. Worked extensively with Tivoli TMR, TEC, Managed Nodes and Endpoints troubleshooting.
- Information Systems Network (DISA/DISN) infrastructure.
- Worked with NIPERNET/SIPERNET system environment.
- In addition, support of network problems via use of Network General Sniffer to do Lan Analysis and testing.
- In addition, involved in the interview, hire and managing of a team of Help Desk support and system engineers that solved on-going TIER2 and TIER3 networking problems at government military locations. We initially would go out and do site surveys at various military and government sites.
- Also, Responsible for hiring a technical staff of 22 Network Engineers to do site surveys, Lan Analysis, and Desktop administration with Windows 95/NT Workstation and Windows NT Server. Working with Defense Logistics Agency, DLA (Defense Logistics Agency) & Defense Information Systems Agency (DISA/DISN) and GSA.
- Responsible for accompanying Territory Sales manager in presenting company-wide emulation and Lan products to fortune 500 accounts. Involved configuring IBM 3174/3274 (TIC), VTAM/NCP, Token Ring Interface Coupler, Cluster control unit via VTAM/NETVIEW.
- Functioned in a Pre-Sales Lan/Wan support w/ 3270 terminal Emulation Product