PROFESSIONAL EXPERIENCE

Information Security Engineer

Confidential, Herndon, VA

Responsibilities:

• Responsible for managing and delegating access to Tripwire Enterprise console.
• Deploy Tripwire agents to all systems subject to monitoring for Sox Compliance (Windows, Linux/UNIX & AWS).
• Conduct disaster recovery exercises with engineering teams to verify that systems replicate appropriately across production and DR site for SOx Compliance purposes.
• Conduct meetings with vendor (Tripwire) to ensure that console performs as expected and schedule necessary training.
• Troubleshoot agent connectivity issues in production environment, this ranges from modifying firewall rules to modifying agent configuration files as necessary.
• Upgrade Tripwire console versions as necessary per vendor specifications (Quarterly)
• Responsible for configuration, migration and deployment of Tripwire console server into production enterprise environment.
• Adjust monitoring rules as necessary to ensure proper monitoring of systems and residing application directories.
• Align all changes within monitored systems to appropriate change requests within Servicenow (Change Management).
• Report and escalate unauthorized changes to monitored systems within 24 hours of discovery to system and or application owners.
• Responsible for processing change requests specific to SOx applications and validate documentation (User Acceptance Testing and Quality Assurance) prior to deployment.
• Develop and document standard operating procedures specific to administration of SOx Applications.
• Coordinate and host annual meetings with system and business stakeholders of applications to ensure all proper systems and directories are monitored that are subject to Sox compliance (Sarbanes - Oxley)
• Generate and disseminate reports to internal auditing teams on as needed basis.
• Conduct monthly internal audit of changes against monitored systems and generate reports that are delivered to management.

IT Security Operations Engineer

Confidential, Sterling, VA

Responsibilities:

• Assist with management of Confidential System asset inventory.
• Develop and document SOP’s for vulnerability management and wireless scanning at Inova facilities.
• Assisted with implementation and testing of Center for Internet Security’s policy compliance tool (CIS CAT) at an enterprise level.
• Review quarterly vulnerability reports for external systems and report findings to system owners using CVSS model.
• Responsible for configuring and managing Qualys Express vulnerability scanning tool, on premise.
• Assist system owners with validating that high risk vulnerabilities are mitigated.
• Successfully completed multiple assessments of hosts using Kali Linux penetration testing tool using the following software: Metasploit, Armitage, Nmap, Kismet)
• Conducted internal vulnerability assessments of Inova data centers using Tenable Nessus, delivered findings via pdf reports to system owners.
• Conduct discovery scans and identify new unauthorized systems on production network using Tenable Nessus.
• Responsible for management of T ripwire Enterprise console this includes agent updates and installations as well as console updates (FIM).
• Responsible for coordinating and conducting PCI compliance scanning with 3 rd party vendor Sword & Shield.
• Conduct Wireless scanning using Kismet Wi-Fi sniffing tool to detect unauthorized devices (Rogue AP’s)
• Conduct Web Application scanning and deliver reports to requesting personnel using Arachni & HP Web Inspect tools.
• Assist management personnel with RFP’s for services at Inova.
• Assist Inova with resolution of internal audit findings in order to meet HIPAA compliance.
• Responsible for overseeing implementation of Tripwire IP 360 vulnerability management tool.

Security Operations Engineer

Confidential, Washington, D.C.

Responsibilities:

• Respond to IDS alerts via Verizon services, investigate and validate reports to ensure systems integrity.
• Rule set Management of Cisco ASA Firewalls devices.
• Enterprise management of Carbon Black Bit9 parity console, policies and rules.
• Assisting agency in adhering to standards for minimum security requirements (FISMA).
• Collaborate with multiple personnel within GSA to mitigate high priority threats to network infrastructure.
• Management of HP Assessment Management Platform (AMP) for application security testing.
• Conduct risk assessments of web services and architecture using HP Web inspect.
• Conduct vulnerability assessments of infrastructure and Amazon cloud services using Tenable Nessus scanning tool.
• Completed database application scanning & hardening using AppDetective Pro.
• Submit and review changes to agency firewalls to allow traffic as necessary using Verizon Fed Security system portal.
• Maintenance of security operations division servers (Linux/Windows)
• Management of McAfee Nitro Security monitoring tool.
• Responsible for collaborating with agency ISSO’s and ISSM’s to resolve Windows and Linux/Solaris based authentication issues (PKI/LDAP).
• Monitor Source Fire Defense Center for malicious activity and sensor health status.
• Perform agency wide scanning of assets for vulnerability and risk assessment using TripWire IP360.
• Prepare and deliver vulnerability reports for agency using Tripwire Security Intelligence Hub (SIH).
• Develop procedures to assist agency meet Continuous Diagnostics and Mitigation (CDM) program as designated by DHS.

Information Security Engineer

Confidential

Responsibilities:

• Respond to IDS alerts via Verizon services, investigate and validate reports to ensure system integrity.
• Management of Cisco ASA Firewall devices both internal and external (public) facing.
• Collaborate with multiple personnel within GSA to mitigate high priority threats to network infrastructure such as OpenSSL.
• Risk assessment of web services and architecture using HP Web inspect.
• Vulnerability assessment of hosts such as but not limited to Windows/Linux using Tenable Nessus network security application.
• Submit and review changes to agency firewalls to allow traffic as necessary using Verizon Fed Security system portal.
• Maintenance of security operations division Windows 2008 R2 servers.
• Manage cloud based scanners for Amazon hosting environment.
• Monitor SF Defense Center (DC) for malicious activity and sensor health status.
• Perform agency wide discovery scanning and report metrics using Tripwire IP360.
• Management of unauthenticated hosts on LAN using Tripwire Intelligence Hub.
• Develop procedures to assist agency meet Continuous Diagnostics and Mitigation (CDM) program as designated by DHS.

Information Technology Specialist

Confidentia, Fairfax, VA

Responsibilities:

• Assisted GSA NOC in determining and resolving LAN outages.
• Developed SOPs for GSA approved client software on Win 7 platform.
• Configured and deploy wireless & handheld devices as per GITGO directives.
• Assisted GSA NOC with maintenance of Cisco Catalyst 6000/5000 series switches and replaced parts as necessary.
• Assisted and planned site equipment refresh projects.
• Troubleshot and repaired general hardware failures with devices such as laptops, desktops, network printers and scanners and network connectivity.
• Created and managed Virtual Private Network accounts using Cisco Secure.
• Managed CA Unicenter ticketing system.
• Ensured Service Level Agreements as per GITGO contract are maintained.
• Provided active directory account and resource management using NetlQ tool.
• Supported Lotus Notes 6+ client administration.
• Installed and supported GSA Citrix applications.
• Assisted with agency cloud email migration (Google).
• Tested and deployed software packages on enterprise level using CA Unicenter.
• Supported new hardware deployments.
• Coordinated technology refresh projects with government personnel.
• Responsible for installation and support of GSA approved licensed software.

Senior Desktop Management

Confidential

Responsibilities:

• Configured and managed Lotus Notes client 6.5.
• Responsible for creation and support of VTC client sessions.
• Configured and supported management of handheld devices such as blackberry and Palm devices.
• Provided Blackberry Enterprise Server management.
• Created and edited user Active Directory accounts via NetlQ administration
• Troubleshot and repaired hardware problems with desktops, laptops, and network printers.
• Developed and maintained archiving solution for Lotus Notes client.
• Provided port management via Cisco devices and switches.
• Installed and supported Microsoft licensed products.
• Provided support for inventory management.