SUMMARY

• IT Professional with over 11+ years of experience with deployment application and migration server for various government agencies.
• Amazon Web Services (AWS) fundamentals and security (e.g., cloud computing, AWS security concepts including AWS access control and management, governance, logging, and encryption methods)
• Development Operations (DevOps) methodologies and tools, including agile development and deployment with an emphasis on Continuous Integration/Continuous Delivery (CI/CD) Ansible, Jenkins, JIRA Confluence.
• Proficient in supporting data center in a heterogeneous environment and includes a mix of Unix, Red Hat, Centos, Ubuntu, Solaris, Windows, Database, Amazon AWS EC2, VMware ESX, Cisco IP network, and HA Custer Storage.
• Deploy security tools IDS/IPS/HIDS/NIDS, Malware Analysis detection with Symantec/ MCAfee, enforce security policy, firewall Cisco, Fire Eye email protect, Splunk Detect Zero - Day Attacks, and RSA Token key.

TECHNICAL SKILLS

Hardware: Force 10, Dell R710, Dell Blade M1000e, Dell Equal Logic 6500, Dell PowerEdge M710, M610, Dell OEM IDRQ, Tape Power Vault 124T, Fortinet 3400B, Big Ip 6900, Dell Switch 5524/2248, HP K, L, N, and V class servers, IBM PS series, IBM X Server, IBM M6500 Blades, SUN SPARC, Sun Fire (T125, V245, T100), SUN series ( T520, T5220, T5240,420, 220)

Software: Remedy, Clear Case, Clear Quest, Serena (RM PVCS SBM), Nagios, Adobe ColdFusion, Deltek, Lotus Notes, Outlook, Salesforce, Microsoft SQL Studio, and Microsoft SharePoint. Platforms Windows 2008 R2 / 2012 R2, Solaris, Kick Start, VMware, Hyper V, Citrix/Xen, Linux/UNIX, (RedHat, HP, Sun & AIX).

PROFESSIONAL EXPERIENCE

Confidential - Reston, VA

Cloud Cyber Security Lead

Responsibilities:

• Collaborate with the Office of Chief technology departments’ managers; Cyber security, engineer and major stakeholder to assess and recommend technologies that support cloud solutions AWS (IAAS, SAAS, PAAS,) platforms.
• Providing direct technical support for the planning, design, and implementation of releases, upgrades, or changes to server, storage, and virtualization systems and the range of products and productivity tools that support the testing and production of those systems.
• Work alongside the customer and recommend technical standards, architect system design, configuration based on requirements and best practices for large and complex infrastructure projects
• Assist with the review of Program related documentation such as standard operating procedures, security policies, Plan of Actions and Milestones (POA&Ms) and other documentation
• Experience with AWS, in at least one of the followings: IAM Roles, SSH key public/ private key, KMS, Secure AWS Configuration, and AWS DDoS Protections
• Designing and Implementing PKI Certificates, MFA authentication, X.509, SAML, SINGLE SIGN ON (SSO), TLS/SSL, Active Directory (AD), ADFS, AADL, LDAP, FREEIPA, OAuth, OpenID, Kerberos, RSA PIV, CA SPECTRUM, SSSD, MMC, TLS/SSL, BIND, DNS, DHCP, SSID, NAT, SNMP, SNMPWALK, MIB, OID, Windows, Linux, APACHE, TOMCAT, ECLIPS, IIS, .NET, ORACLE WEB SERVER, EMAIL, AND ANROID DEVICES.
• Lead as technical security role configure and making recommendation which include network security, operating system security, Web security, MCAfee (DLP) Data Loss Prevention, Symantec IPS, Multi-Factor Authentication, SIEM, Identity and Access Management, anti-malware, Fortinet/FireEye IDS/IPS/HIDS/NIDS, IBM Big Fix, Rapid 7 Nexpose, NMAP, Tenable Nessus penetration vulnerability testing.
• Work closing with developers, engineer team, stakeholder by resolving possible abnormal activities, such as WANNY CRY, DNS POSION, SQL INJECT, virus, and bad server performance cause by security vulnerabilities.
• Perform support for infrastructures and available (7x24x365) after-hours and weekend and support of critical server as necessary
• Monitor system and application health, including analyzing system core dumps, logs (SIEM Splunk, Nagios/ Wire Shark) documentation of server, troubleshooting and vulnerability for Web/App Servers (e.g., IIS, Apache, Nginx, Node.js, Tomcat)., OWASP top 10, DoS, and common application-layer attacks, Web Goat, WAF, Akamai, Cloud Flare, IBM AppScan, HP Web Inspect, Rapid App Spider, McAfee /Symantec endpoint running vulnerability scan, penetration scan IBM Big Fix, IBM DB Protect, Tenable Nessus, CA Side Minder, Hercules, Retain, Checkpoint, VeriSign, PKI, IPTABLES, IPSEC/ VPN,, SELINX, Cisco ASA Firewall, F5 Load Balance, Fortinet, Fire Eye, GNS3, SOLARWINDS, SSH, FTP, KALI, Metasploit, Backtrack, OpenVAS, OSSEC, SCAP, VeriSign, Proxy, XML, CGI, HTTP/HTTPS redirect, SSH, SSL, PPP, TCP Wrappers, NMAP, Wireshark, Tcp dump, GFI, GNS3, Manage Engine, AD Audit and syslog ( Wireshark/ SolarWinds /Splunk) and Checkpoint IDS/IPS reporting F5 / Fire Eye)
• Document (CERT) security incidents as identified in the incident response rules and escalate to management as required.
• Enforce policy guide with FEDRAMP, FISMA, NIST, SANS, CVSS, OVAL, 800.53, and FIPS compliance.
• Design, develop, and implementation Hybrid Cloud vRealize Suite (vCO/vRO/vRA/vCAC, Direct Connect, VPC, DMZ, AWS EC2, S3, IAM, AMI image, ELB load balance, VPC, Cloud Formation, Route 55, Cloud Front, Redshift, Cloud Watch, Cloud Trail, Elastic Beanstalk, Docker, Vagrant, Code Deploy, EBS Storage, AWS Lambda Java, DynamoDB, Open Stack, Hadoop, Mongodb, Microsoft Azure, Office 365, Azure API, Route Express, VMware ESXi 5.x / 6.x, vSphere, vMotion, vCenter, Site Recovery Manager (SRM), DRS, VDS, Oracle 10g/11i/12c, Web Logic, NoSQL, Postgres SQL, Citrix, Xen Desktop/ XenApps, IIS .NET, ASPI, Microsoft SQL Server 2008/2012, HA Clusters, LAMP, Apache Maven, Eclipse Web IDE, NGINX Load Balancer, HAPROXY, Apache, Tomcat, MYSQL, PL/SQL, GitHub, Remedy, BMC Patrol, Drupal, Word Press, and EMC SAN Storage, Dell PowerEdge M1000 blade servers.
• Hands-on experience with AWS/ Azure provisioning, CEPH disk storage, file systems, backup, cloning, snapshotting, logical volume management, disk encryption, CPU, memory, and network remediation as well as application installation, support, testing, and troubleshooting.
• Export VM from virtualization environment (VMware OVF, Citrix OVF/OVA, Microsoft Hyper-Virtual Machine Disk (VMDK), Virtual Hard Disk VMDK, VHD, VHDX) files into AWS. Migrate VM P2V, V2V (Windows and LINUX) to Amazon EC2 Using AWS Connector for vCenter
• Deploy, manage and securing Microsoft Windows 7, 8. 10, Windows Server Foster Services 2008/2012 R2 architecture design and implementation ( 10,000 users in a systems environment 10,000 servers).
• Apply Windows / Linux Operating Systems, baseline security configurations, audit, and forensics, patch management, and upgrade administrative tools (GPO, SCCM, WSUS, Satellite, Kick start, YAML, Azure API, Power Shell, Spacewalker, provision images, Perl, Curl, Ruby, JBOSS, and Code Deploy).
• Procedures Integration for DEVOPSSEC follow baseline security configurations ( SERENA (RM, SBM, PVCS), SERVICE NOW, OPMANAGER, IBM Clear Quest, Clear Case, JENKIN, ANSIBLE , Confluence, JIRA, CLOUD FORMATION. JSON API, SALESFORCE and REMEDY

Confidential - New Carrollton, MD

UNIX Virtual Cloud/System Engineer

Responsibilities:

• Lead a team integrates cloud solutions, physical server, OS, application and database into a cloud architecture
• Hands-on experience in deploy cloud infrastructure environments by define, design and create cloud architecture projects
• Designed and Implement applications in cloud environments architectural with expertise of ESXi/VMware Hypervisor, VCenter, VMotion, VMware vSphere Networking Standard Virtual Switch, VMware Heartbeat, Vlan, Vtag, Citrix Xen Server, XenDesktop and Xen Center.
• Ensure cloud security methodology are follow by NIST compliance, 800.53, RMF CONTROL frameworks and POAM methods.
• Close collaborate with infrastructure architecture and engineering teams to meet program ATO and implementation schedule
• Creating a VM Cloning, Templates, and SnapShot VMware RHCE Linux, Centos, Ubuntu, Windows, Database, EMC ATOMS, OPENVPN, Bitnami, OPenFile, Apach and Tomcat
• Deploy DevOps continuous integration automation tools with IBM Cloud Stack, Cloud Stack, Openstack, BMC Blade Logic, JIRA Confluence, Ruby, Curl, Bash, JASON, YAML, JAVA, JBOSS, TCL/TK, PYTHON, RUBY, PHP, POWERSHELL and CURL.
• Deployment and implementations MFA authentication method, SAML, PKI, SSL, Single Sign ON, ADFS, supplements passwords to provide an online account with a second layer of security; Two-factor authentication Apple ID, Android, Application, and Web Server
• Implement and maintain database includes Oracle, Remedy RDBMS, DNS, NIS, LVM, VERITAS Volume Manager and NFS.
• Implementation of workstation and server manage Blade and Server with RHCE Linux ES41000+ Dell PowerEdge and Dell M1000e.
• Development and implementation of workstation and server; manage 10000 RHCE Linux 4/5x, 6.5x, Centos, Ubuntu, and Windows 2000/2008/2010 server
• Leads security risk assessments to ensure compliance with corporate security policies and adherence to best practices.
• Leads the evaluation of vendor proposals, new existing security designs, and emerging security technologies
• Experience with application, software security such as web application, Rapid 7 Nexpose penetration testing, Hercules vulnerability remediation, Fortify Code Analyzer secure code review, Fortinet, Checkpoint, VeriSign, VPN and secure static code analysis.
• Participate in change management control of project assets management and SLA agreement system capacity
• Provide document infrastructure software and hardware updates for data, operational system software, apply patch levels Satellite, Kick Start, SCCM, and WSUS.
• Experience with web/application servers: (WebLogic, Oracle Middleware, Bitnami, Oracle Form, Apache, Tomcat, IIS, .Net, JSEE Server, WebSphere, Deltek, Adobe Cold Fusion)
• Experience with RDMS and SQL: Oracle database, ODBC, MongoDB, Oracle, Microsoft SQL Studio, MYSQL Server
• Troubleshooting, installing and configuring software applications such as Oracle database server, Apache/Tomcat. Microsoft IIS, Web logic, MYSQL, LAMP, Word Press, Drupal, and a Middleware
• Plan and Design architecture VMware vSphere, Migration Storage DRS VMware vCenter SRM and VMware Datastore.
• Performing testing backup, recovery in preparation of storage (SAN, NAS, DRS) related hardware and software upgrades including Symantec VERITAS Cluster, VERITAS Volume Managers, VERITAS NetBackup, Symantec BMR, Data Volt, Solstice Disk Management, and MC/Service Guard.