SKILLS:

Languages: Proficient in PowerShell, Familiar with Python, XML, CAML, JavaScript, Bash Shell

Security and Software: Wireshark, FireEye ETP, Service Manager/ServiceNow ticketing systems, Rapid7 Insight IDR SIEM, Azure Security Center, Azure Sentinel, Splunk SIEM, Nessus Vulnerability Scanner, Cisco ASA, Fiddler

Platforms: Windows XP/7/8/10, Server 2008/2012/2016/2019 , Mac OSX, Linux - CentOS (Basic)

EXPERIENCE:

Senior Systems Architect

Confidential

Responsibilities:

• Responsible for the management and monitoring of the security information and event management (SIEM) solution in a 24x7x365 Security Operation Center (SOC).
• Perform real-time proactive security monitoring, detection, and respond to cybersecurity events; provide incident response - triage, incident analysis, remediation and recovery.
• Conduct thorough investigation of security events generated by our detection mechanisms such as SIEM, IDS/IPS, Anti-Virus, etc.
• Identification of successful potential intrusions and compromises through review and analysis of relevant event detail information.
• Launch and track investigations to resolution. Recognizes attacks based on their signatures.
• Conducted analysis, cyber threats, the discovery of vulnerabilities, monitoring for cyber intrusions, troubleshoot and response to security incidents detected from Splunk and Azure Sentinel (Azure Security Center)
• Analyze logs and respond to security events and incidents from Firewall (FW), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Antivirus (AV), Network Access Control (NAC) and SIEM tools based on Indicators of Compromise (IoC).
• Develop reports, alerts, dashboards, tune, and other content to support the ongoing automation, monitoring, management, and maintenance of the SIEM (Security Information and Event Management) platform.
• Responsible for monitoring, configuration changes, accounts, managing log sources and software updates for the SIEM solution.
• Life-cycle management and operation of Cybersecurity products such as firewalls, Anti-Virus, identity and access controls, behavior analysis tools, vulnerability scanners, PKI & encryption management and perform assessments.
• Architecture and administration of Enterprise Exchange Server Email Routing and Security utilizing built in tools, EOP, FireEye ETP.
• Configuration and Administration of Cisco Routers, Switches, and ASA Firewalls.
• Implementation and management of email public security methods, DKIM, SPF, DMARC records.
• Installation, configuration and management of web proxies, reverse proxies, and load balancers with appliances such as Microsoft TMG, and KEMP Technologies.
• Research and procurement of tools, or solutions to aide in complying with security policies and standards mandated from client and regulatory audits.
• Work collaboratively with other areas of IT to ensure that all IT technology solutions are securely implemented and supported.
• Use PowerShell to create and modify basic scripts to automate tasks and provide audit information for security events relating to Windows Servers.
• Defined, Documented, and Implemented Security Incident Response Process for both Microsoft Private and Public Azure Cloud environments based on PCI DSS guidelines
• Ensure that all system designs address cybersecurity requirements and collaborate with internal teams to ensure secure technology operations.
• Maintain situational awareness of latest cybersecurity threats, vulnerabilities and mitigation strategies.
• Participation in the computer security incident response team CSIRT.
• Mentor, and train newly onboarded new hires.

Network Administrator

Confidential

Responsibilities:

• Microsoft Windows 2003/2008/2012 (Active Directory, DNS, DHCP, Cluster, IIS, and SQL)
• Windows Server 2003/2008/2012 installation, configuration and administration
• Cisco SA IOS hardening, monitoring and administration
• Implement security related improvements and enhancements to mitigate threats to corporate network
• Configuration and administration of Cisco routers and switches
• LAN/WAN support/administration
• Windows Server 2003/2008/2012 installation, configuration and administration
• Implement and maintain high availability systems employing Windows Server 2012 failover clusters

Systems Analyst

Confidential

Responsibilities:

• Network security/Intrusion detection and analysis
• Cisco IOS hardening, monitoring and administration
• Implement security related improvements and enhancements to mitigate threats to corporate network
• Configuration and administration of Cisco routers and switches
• Microsoft Windows 2003/2008/2012 (Active Directory, DNS, DHCP, Cluster, IIS, and SQL)
• LAN/WAN configuration and administration
• Remote Access VPN implementation, configuration and support (IPSec/SSL)
• Windows Server 2003/2008/2012 installation, configuration and administration
• Active Directory installation, configuration and administration
• VMWare vSphere/ESXi administration
• SharePoint 2010/2013 installation, configuration and administration
• Exchange Server 2003/2010 installation, configuration and administration
• Implement and troubleshoot routing protocols including BGP, OSPF and EIGRP
• Windows XP/7/8 support and administration
• Maintain the data storage and backup system employing Veeam Backup and replication Yosemite Server
• Backup (Tape, SAN, NAS, etc.)
• Complete IT project following PMI Project+ best practices
• Macintosh binding to Active Directory and Mac OSX troubleshooting
• Apple Hardware/OS/iOS Specialist
• Prepared test plans and data, and user documentation for customer billing system.