SUMMARY:

• Over 20 years of Unix / Machine Data Analytics Industry experience
• Experience in Risk Management / Network Security / Information security / Communication and scripting expertise Hitachi HI - PAM Break Glass, Oracle IAM
• 8 Years as a Big Data Engineer, Splunk, IBM InfoSphere BigInsight 2.0, 3.0, 4.2/, Hortonworks 2.1-2.6 YARN proof of concept development for Security Analytics and tooling platform.
• Excellent communication skills with customer and team focus performing regulations assessments such as the Sarbanes-Oxley Act, the Payment Card Industry Data Security Standard, the Gramm Leach-Bliley Act, the Statement on Auditing Standards No. 70, Basel II, and the Data Governance
• Forward looking and innovative IT leader with strong track record in cross platform application deployment, infrastructure design and virtual environment framework
• Provided software version control and developed custom Kafka and heavy Scala, MySQL, Spark, Hive and Pig for server deployment and automation
• Managed significant numbers of internal teams and extensive cadre’ of outside resources. Career began with Bell Labs

SKILL SET INCLUDES:

• Currently at Confidential designing and implementing a Proof of Concept Security Intelligence on IBM Info Sphere Big Insights 2.2 and 3.0,4.2, Hortonworks 2.2-2.6, Data Security, and Data Science.
• Confidential Computer Incident Response Team ( Confidential -CIRT) developer for Chief Security Strategist of Fire Eye
• Communicating data models effectively with team members, management and contractors.
• PCI-DSS responsibility for consolidating centralized log management for file integrity monitoring of Linux, Firewalls, Routers, Switches and Windows system level components and Oracle 10g/11g FGA (Fine Grain Audit) metadata data, Weblogic Application server for credit card information logging to Splunk 4.1

SKILLS:

Operating Systems: Red Hat Enterprise Linux 6 and 7, SUN Solaris 10 and 11, Windows 2008 Server

Hardware: Cisco Routers 2600 Series & 7200 Series, Switches 5K, & 6KPIX Firewall (506, & 525) and other networking devices Local Directors 4.2, Ultra 2, 5, & 10, through Ultra Enterprise 250 & 450, Sun Fire V100, V120, V240, V280R, V440, and V880

Protocols: OSPF, SNMP, BGP, IGRP/EIGRP, and RIP I/II Frame Relay.

Security Utilities: Splunk 4.8, ArcSight, Symantec Security Information Manager (SEIM), Tripwire, Nmap, Snort, Socks, Cisco Secure, Checkpoint 4.1, Vendor Governance Checkpoint NG AI, Raptor, ANS, TIS, NMAP, Symantec, Nokia IPSO

Admin Utilities: Jumpstart, FTP, SFTP, DNS, Snoop, DHCP, MRTG, Tcpdump, KickStart, Enthought Canopy, Rattle, Samba. Nagios

Programming Languages: R, C, C++, J2SE, Sed, Awk, Korn, Perl, Bash, Python, CQL, Bourne, XML.

Cluster / DATABASE: Hortonworks, Cloudera, MySQL, Oracle, Apache 2.x

Analytic Utilities: NodeXL,, Canopy, Rstudio, R Commander, Rattle, Text Analysis, Sentiment Analysis, Association Analysis, Recommender System Development, Customer Survival Analysis, Customer Lifetime Value, Decision Trees, Profiling and Predictive Modeling, Data Mining and Statistics

PROFESSIONAL EXPERIENCE:

Confidential

IoT Security Consultant

Responsibilities:

• Cyber Security readiness related to 5G Mobil network for Smart Cities, IoT and V2X devices Critical Infrastructure Protection (CIP) and CIS controls mapping to NIST framework as it relates to gas & oil, power grid and transportation industries.
• Developing use cases, user stories and architectural requirements for implementation.
• Meeting and developing presentations for perspective clients.
• Performing quantitative research design as it relates to IoT and V2X devices.

Confidential

Big Data Engineer Cyber Security Auditor

Responsibilities:

• Proactive and experienced security support engineer with solid background with Linux platform as well as application support, change/incident management and various security practice areas with emphasis on event aggregation and correlation
• Big Data and Analytical solutions and take full ownership of the services and platform he/she is responsible for in production environment
• Successful in performing Change management, Prepare, document, implement and verify changes including communicate changes to end-users and other impacted parties Incident, Problem management.
• Conduct Root Cause Analysis, responding to incidents and participated in post mortem analysis
• Tooling, design and implemented monitoring solutions on various platforms
• Handle complex reporting requests from senior management and regulators
• Work on defining Roles & Responsibilities (RACI) by designing and implementing a support model
• Built functional QA/UAT environments and train L1/L2 teams and infrastructure support
• Manage Linux servers and applications (installation, troubleshooting, maintenance) and code-base and configuration via various version control systems
• Lead meetings using Kanban, Agile Security for continuous integration using SCM, Build (Github) automation using Jenkins, Gherkin language for developing user stories in CA Agile Rally, code quality reviews using static code analysis tool SonarQube and Sonar Lint
• SME (Subject Matter Expert) on Enterprise Technology Data Lake Security for DevOps (Service Support Readiness), primary secure access approver for the Hortonworks 353 data nodes and Elastic Cluster 181 data nodes

Confidential, NYC, NY

Big Data Engineer Cyber Security Strategist

Responsibilities:

• Provided recommendations for improving security posture in IT/ICS SCADA Critical Infrastructure protection (CIP) environments.
• Prepared presentations with team members of Deloitte regarding Governance and NIST Cyber Security Framework and American Presidential directive.
• Discussed asset management tools inventory for all systems including air-gaped defenses
• Recognized areas of improvement for CSOC visibility, incident management and Threat Hunting use cases
• Recommendations on SPLUNK Enterprise Security and FIM using the Tripwire Enterprise App for monitoring audit events.
• Experienced in HDFS, ES, Zookeeper, logstash, flume, kafka, hbase, spark, elastic search, Hortonworks
• Responsibilities in Splunk & Security data analytics/operations
• Performed Level3 support as a SME in Security Data & Analytics projects
• Proactive and experienced security support engineer with solid background with Linux platform as well as application support, change/incident management and various security practice areas with emphasis on event aggregation and correlation
• Successful in suggesting change management, prepare, document, implement and verify changes including communicate changes to end-users and other impacted parties incident, problem management.
• Conducted Root Cause Analysis (RCA), responding to incidents and participated in post mortem analysis
• Discussed tooling, design for implemented monitoring solutions on various platforms
• Handled complex reporting requests from senior management and regulators
• Suggested automated repetitive over manual processes and conducted product onboarding
• Suggested on defining Roles & Responsibilities (RACI) by designing and implementing a support models
• Reviewed Policy on managed Linux servers and applications (installation, troubleshooting, maintenance) and code-base and configuration via various version control systems

Confidential, NYC, NY

Cyber Security, Big Data Engineer

Responsibilities:

• As a Cyber Security Consultant in the Information Security Department Program team member responsible for planning, executing, and managing Data Dictionaries for all infrastructure, application logs and enhancements.
• Data Dictionaries included Event ID, Field Name, Field Definitions, Category of Importance, If Important explanation of why it’s important. The infrastructure included logging categories of printers, CCure building access, Cisco Router, ASA, VPN, Checkpoint Smart Defense, Juniper, Clearpass, Pulse, Ariba Wireless, Mainframe RACF, ACF2, TOP Secret, Tomcat and Windows, *NIXs, which was a total 17 categories and 70 types of infrastructure endpoint security devices.
• Developed SPLUNK data models for data searches, reporting and dashboards.

Confidential, Weehawken, NJ

Cyber Security Big Data Engineer, Consultant

Responsibilities:

• Diverse Security Engineer Threat Management Program team member responsible for planning, executing, and managing multi-faceted projects related to IT risk management, mitigation and response, compliance, control assurance, and user security awareness tools.
• Currently developing and driving security strategies, policies/standards, ensuring the effectiveness of solutions, and providing security focused consultative services to the Confidential organization. My expertise and assistance is to ensure the firm’s infrastructure and information assets are protected.
• Provided tuning of Rapid7 environment for enterprise best practices
• Comfortable defining security standards and frameworks within customers Rapid7 environment
• Created policies and procedures for Rapid7 and false positive validation. Specifically of identification and remediation.
• Selected and implemented appropriate tools for necessary surveillance and monitoring of the firms computing environment with Cisco’s FirePower (Sourcefire) for Network IDS for monitoring hosting.
• Develop Access Control Policies, Intrusion policies for all access control rules for each access control rule and procedures such as user log-on and authentication rules, security breach escalation procedures, security assessment procedures and use of firewalls and encryption routines.
• Perform security assessments and security attestations. To enforce security policies and procedures, they monitor data security profiles on all platforms by reviewing security violation reports and investigating security exceptions.
• Developed Big Data clusters in Hortonworks HDP 2.6, Cloudera CDH and IBM “Big Insights Infosphere 2.0, 3.0, 4.2 ” for POC use cases, using Kafka, Scala, MySQL, Spark, Hive and Pig and Python for machine learning security use cases again YARN/HDFS POC.
• Knowledge of SPLUNK Dashboards, “Predictive Analytics” D3js and “High Charts”.
• Currently supporting a "Security Big Data Lake" Platform based on HDP cluster configuration (352) HDFS data cluster, (184) Elastic Search (ES) data nodes, and (32) additional nodes for management. Setup and configured SaltStack, Flume, Kibana, Zeppelin, Elasticsearch-head, Bigdesk, Marvel, Logstash, and Nagios for additional monitoring and I am also capable in converting Oracle SQL to the HQL.
• Used ELK (Elastic Search, Lucene and Kibana), Ambari, Ganglia, Tasktraker, Jobtracker for supporting the cluster
• Designing & Maintaining 300+ node, multi-terabyte Big Data environment(s) built on Hadoop/Hortonworks Ecosystem with Git and Salt
• Work with Systems and Network Engineers and Security Data Scientists end users to improve security, performance & capacity
• Day-to-day troubleshooting of problems and performance issues in the clusters
• Work with developers to evaluate their Hadoop security use cases, provide feedback and design guidance
• Work simultaneously on-boarding various data sources multiple projects competing for time and understand how to prioritize accordingly
• Developed multi-threaded tools written in Perl, Python and R to automate SOC administrative tasks in the security operations center. Developed python scripts for “Network Visibility Perimeter” stream use cases both analytic teams and SOC. Instructing Archer engineering teams on RPM development and Yum deployment, currently developing scripts for fuzzy REGEX matching for malware proxy scans. Developed Big Data clusters in Horton works and Big Insights for POC use cases, using Kafka, Scala, MySQL, Spark, Hive and Pig and Python for machine learning security use cases again YARN/HDFS POC.
• Provided risk assessments and gap analysis for PCI DSS scans using python to pull reports and Qualys, Nessus, NMAP, NETCAT, Nikto scans
• Selected and implemented appropriate tools for necessary surveillance and monitoring of the firms computing environment with Cisco’s FirePower (Sourcefire) for Network IDS for monitoring hosting, 3 rd party VPN traffic and user browsing.
• Develop Access Control Policies, Intrusion policies for all access control rules for each access control rule and procedures such as user log-on and authentication rules, security breach escalation procedures, security assessment procedures and use of firewalls and encryption routines.
• Perform security assessments and security attestations. To enforce security policies and procedures, they monitor data security profiles on all platforms by reviewing security violation reports and investigating security exceptions.
• Update, maintain and document security controls and provided through direct support to the firm’s users and internal Security product owners.
• Current on security threats by on onboarding various data source such as FS-ISAC, Bluecoat Proxy Data, ScoutVision, iDefense, Looking Glass, Arcsight configuration and automation
• Stay abreast of current Cisco, Juniper, iXia, Arista and Security Onion’s security technology evolution through hands-on lab testing knowledge on technical professional advice from security information and Event Management and Big Data Analytics for Security prior to deployment by service delivery teams.
• Use NIST Framework for Improving Critical Infrastructure Cybersecurity. Understanding of Windows and Linux OS hardening regarding implementing “Least Privilege”, Capabilities, “Mandatory Access Control”, “Role-Based Access Control”, Enhanced Authentication, “Logging and Source Code Review”
• Implemented changes for Pruning the Kernel, Linux Kernel Enhancements, Careful Recompilation, POSIX capabilities, chroot restrictions, SE Linux, LIDS, grsecurity, AppArmor and Address space modification protection.
• Knowledge of Symantec CCSVM / Rapid7 Nexpose, OSSEC, Wireshark, PWK, Metasploit, Snort, TCPDump, file integrity checks SPLUNK as opposed Tripwire.
• Familiar with Titania Nipper Studio, Paws Studio and Risk Assessment Tool, Kali Linux
• Implemented sweeping with FireEye MIR and FireEye HX for malware and “Zero Day” defenses
• Operation and loading IOC’s with sweep parameters, binary analysis and viewing job results in Redline.
• Testing, evaluating and ongoing configuration of LDAP, PAM, HiPAM, and CyberArk

Confidential, New York, NY

Infrastructure Big Data Engineer, Consultant

Responsibilities:

• Wrote Python scripts to automate administrative tasks in Qaulys vulnerability scans. These python scripts will automatically upload/download asset information captured in an Oracle 11g database. Used urllib.request and urllib.parse for authentication. Wrote various Veracode automation for parsing data collection and threat management. Used Archer dashboard platform for governance, risk and compliance solutions from Archer Technologies consumed XML data feeds to integrate data from a variety of sources into a unified view in the Archer dashboard and QLickView environment stored data in Cassandra database.
• Created FTP, SFTP scripts to automate windows administrative tasks in python and functions of Windows and Unix Operating Systems.
• Troubleshooting and automated configuration of application servers, web servers, mail services and other Linux services relevant to products and services.
• Provided WAN, Cisco ASA, Check Point, and Juniper support for Confidential GDC connectivity for Confidential Aviation, and Confidential .
• Created detailed design for Honeywell VERITAS NETBACKUP 6.5 support.

Confidential, Jersey City, NY

Business Analyst, Consultant

Responsibilities:

• Currently directing and writing implementation and compliance procedures for SME’s at the Confidential & Clearing Corporation (DTCC) to implement Break Glass HI-PAM deployments on key system in Singapore, Netherlands and the United States for SAS 70 Compliance Audit Trail. Systems to be integrated are MQ, Checkpoint Firewall, Cisco routers/switches, (TAM) Tivoli Access Management, RACF, Oracle, Sybase, UDB databases as well as many other critical systems.
• Meeting with system/application owners to provide them with project scope, aid in designing access methodology that can be integrated
• This is a Break Glass solution that supports Governance and regulatory requirements such a SOX, COBITS, and SAS70.
• Designed an RACI IAM Framework with Oracle Identity and Access Management Suite for all Compliance components

Confidential, New York City, NY

Liaison Infrastructure Engineer, Consultant

Responsibilities:

• Responsible for consolidating centralized log management for file integrity monitoring of Linux and Windows system level components and Oracle 10g/11g FGA (Fine Grain Audit) metadata data, Weblogic Application server for credit card information logging to Splunk 4.1.
• Provide direction and support in Joint Venture Technology for capacity planning and connectivity testing. IP routing and firewall infrastructure, Encryption Technologies of all type.
• Managed technology support for Juniper firewall, application and F5 load balancer upgrades.

Confidential, Cincinnati, OH

IRC Security Engineer, Consultant

Responsibilities:

• Served as a Big Data SPLUNK 3 and 4 and SSIM 4(Symantec Security Information Manager) System Administrator.
• Performed installation and configuration applications, FTP, SFTP and additional administrative responsibilities, such as writing scripts in python to query Windows 2K3 SQL Server, transmit data over socket connections in specific formats required by the SSIM (Symantec Security Information Manger).
• Wrote SYSLOG conversion script in python for incoming data feed.
• Configured and setup Jail Kit and WU-FTP for enterprise connectivity to deliver data to secure log server.
• Archer Administration and configuration for the development of security policy and compliance.

Confidential

Director of Infrastructure, CTO and System Engineer/Administrator

Responsibilities:

• Documented results of injection testing, syntax testing, exploratory testing, data analysis, test scaffolding testing.
• Performed penetration testing at the application layer and using vulnerability scanning tools Nikto, IBM AppScan, HP WebInspect, Nessus, Charles Proxy
• Knowledge of object oriented development, with deep understanding of secure software
• Intermediate level development exposure to J2SE / J2EE, Spring and Hibernate
• Thorough understanding of secure software development and coding practices for Java development, application security, and privacy
• Performed Risk Assessments for PCI DSS, FRAP, SOX compliance and interpret vulnerabilities and communicate business impact and remediation actions to management.
• Deployment of Linux/Solaris, Windows OS family, and network security appliances
• Performed Business Impact and GAP Analysis