Technical: CyberSec 35 years experience
Specialties: McAfee ESM, QRadar, and ArcSight Confidential, and Appliances. PCI, ISO/IEC 27001, NIST 800 - 53, Firewall Engineer 12 flavors (Checkpoint FW1, Palo Alto FW PanOS); IDS/IPS, 40++ flavors *NIX RHEL, Windows 10/MacOS/cisco IOS; Network Engineer. SourceFire 5.3, Securityonion 12.04. (Intrusion Detection) Programmed in 27 languages including C, Perl and Python; Packet analysis (WireShark), tcpdump, snoop, exposure to TDR (time domain reflectometer)
Enterprise Security Architecture ( Confidential ): 16 years experience Intrusion Detection,, Pen Testing, Vulnerability Assessments, Internal and External Security Audits, Disaster Recovery); Working experience in all 10 Security Domains (CISSP); Written Security Plans/Policy; Enterprise Project Management. DBA, tripwire, Web Servers Apache, Tomcat, WebSphere; VPNs; Instruction and Course Development;
Firewall Configuration and Security Architecture and Infrastructure Design: Planning/Implementation of Enterprise level Firewalls (from Bastion Host, Choke & Access Router to modern, WAN /LAN Design; Network Management (SNMP) configurations, Infrastructure Architecture design/development (VISEO Network, internet Design Tier III support on Internet Backbone; Technical Project Management; Supervised up to 30 ArcSight SMEs. Project budgeting $2,500,000).
- Brough in to write a custom parser for the Confidential .
- Attended a 3 day class on how to develop parsers for the McAfee Confidential, taught by McAfee.
- Also helped by creating custom searches for the Tier III Analysts.
- Migrated 5 years of content from one Confidential to another one.
- When we were done Confidential ran twice as fast (EPS) in half the memory.
- Deep exposure to all Custom Content.
Confidential, Quincy, MA
- Reported to the Version SE who landed the Confidential Bank deal.
- Doing Consulting, Advising, and hands on as required.
- Exposure to large project with some exposure to Confidential Custom Content and chance to design new Content.
- Chance to work as part of a team (usually I do it all).
- Worked with some of the best Confidential Consultants and helped coach Confidential and new Security Analysts.
- Very large scale, extremely high EPS, complex Enterprise Networks with many ArcSight SmartConnectors, and IT for Governance Conformance Package.
Confidential, Saint Paul, MN
ArcSight Team Lead
- ESM CORR 6.0c ArcSight installation.
- Worked with Appliances, Custom SmartConnector sub-parsers, Solaris, RHEL, DRAC/ILOM OOB, PCI DSS 1.0 Audit performed,, Management, Import and Categorize Assets, configure Network Model, Overall SME. SourceFire IDS/IPS. Evaluate QRadar Confidential .
- Integrated 14 Connector Appliances to Logger to ESM
Confidential, Baton RougeArcSight Architect
- Large scale ArcSight installation.
- Also worked with Vmware VCM, IDS/IPS verifying Change Orders, creating Incidents and tracking them.
Confidential, Lanham, MDArcSight Architect
- Large scale ArcSigh installation. Configuring ESM, Appliances, IDS/IPS (SourceFire), SmartConnectors, FLEXConnectors for security event logs.
- Import and Categorize Assets, configure Network Model.
- Project management over 25 ArcSight contract SMEs.
- Technical Supervsion of Content Developers.
- Evaluate QRadar, QRadar online Training.