SUMMARY

• I am a Problem - Solution detailed oriented Director of Information Security who has a successful track record in supporting and designing Enterprise security review processes that involved Vulnerability Management, Asset Management, Cyber Security, IT Security, and the Business.
• As a leader in Information Security, I have developed a proactive approach as well as a reactive approach to mitigating security risk to organizations while staying in alignment with the business. Also, I have experience in reviewing and developing network security architectural designs for new software deployments as well as new system acquisitions.
• I have supported and maintained a variety of system hardware and software packages.
• I have assisted in developing processes procedures to help decrease downtime after system outages and managed a team of Network and Security Engineers and Architects who resolved 1st, 2nd, and 3rd level network and security issues on 1st contact.
• Lead a team project that validated the importance of self-development, which in turn directly affects company growth, which increased company morale, which in turn help positively change the company.
• This project was designed to innovate and execute employee development. As a leader, I lead by example by making sure I put my best self forward by actively working towards my Doctoral Degree in Information Technology.
• I have trained business partners and employees on Enterprise Systems as a Lead Network Security Engineer in previous positions. I have created technical documentation for a knowledge base database.
• I have written and evaluated Information Security Policies to protect company assets and Data. As a Technical Lead, my responsibilities included Ensuring Reliability and Data integrity for companies Network Infrastructures, as well as promote increased Security Awareness for threats/intrusions across the Enterprise while making sure IT/IT security stayed in alignment with the business.
• I managed a nearly million-dollar budget for a team of Network/Security Engineers and Architects.
• Directed and Managed a team of Enterprise Security Architects and Engineers
• Managed People, Processes, Procedures and Technology
• Reviewed and approved Vulnerability Risk Acceptance, False Positive and Policy Exceptions
• Managed and Support Network Security & system Configuration (Cisco ASA FW/Juniper/Checkpoint) / Installed and Supported Proprietary Software
• Managed and Support IAM - Identity Access Management Controls
• Created a Vulnerability Management Charter
• Review, Approved and Developed Information Security Policies
• Create a Roadmap for Enterprise Security Tools for optimization
• Created an Enterprise Security Review process to Assess Security Risk
• Software development life cycle/System Development Life Cycle (SDLC)/Security Development Life Cycle
• Data integrity and recovery/Research and Development/Cisco ASA 5500/Cisco PIX (FW-1) Checkpoint
• LAN/WAN/VPN/WLAN (Wireless LAN) and WAN troubleshooting/HTML, CSS, PHP Scripts, MySQL (Tier 3)
• Active Directory/TACAAS/Windows Server2003/2008 and Exchange /SAN - Ciena Circuit 4200/ATM Circuits
• Project Lead - Coordinated, Managed, Schedule, set deadlines, and delegated task and responsibilities for a Large-Scale Wireless Project - WEP Elimination Project (PCI Compliance) - Lead a Team of 5
• Built an access database to keep track of CISCO TAC cases, RMA numbers and Internal Ticket number.
• Used Nortel network support tools to assist vendors in doing end to end testing for circuit degrades.
• Track problem records on networking, software and hardware issues for Trending purpose.
• Install software patches to increases Data integrity/Posted Switch installation Reports
• Hands-on experience installing /configuring routers and switches and Wireless LAN controllers
• Provide remote support for domestic and international customers, including Tier III support for LAN/WAN
• Assisted with the implementation of ongoing Enterprise System projects/Research & Development
• Proven skills to Facilitate and scribe meetings / Maintain and Secure Equipment Records

TECHNICAL SKILLS

Platforms/Technologies: UNIX, Windows 95/98/NT/XP2007, Linux, DOS/ Networking BGP, EGP, OSPF, Frame Relay(MPLS), Metro Ethernet, VPN, SNA, ATM, SONETS, IDS/NIDS, Telnet, PPP, TCP/IP, TFTP, Snort, UDP, IPX, OC-1, OC-3, OC-9, T1-T3, E1-E3, DS3, VLAN and ISDN

Languages and Software: Netcol - Network Monitoring, Solar Winds admin, Cisco Network Compliance Manager, Nortel, Outlook Exchange, MS Office, Lotus Notes, Excel, PowerPoint, Word, Checkpoint Reflections, Adobe, Clarify, Cisco Pix 5500, IVR, Mystat, and Statistical application, VMWARE, Visual Basics, Visio, Access, UNIX Scripting, TCL-Terminal Control Language, SQL-Structured Query, Oracle, PIX, MBSA, Nexus 2K/3K,5K, Spyware, IIs and Network Mapper(Nmap). Java J2EE, NetBeans IDE, Juniper, JunOS, F5, Ipv4/6, Bluecat, Bluecoat proxy SGs, Infoblox and CLI.

Hardware: Cisco Switches 3550, 3750 and 4500, Cisco routers 3810, 2800, WLC 4400/5500, Cisco 1030 WLSE, and Juniper WAN accelerators.

Firewalls and Load balancers: Juniper SRX, Proventia, ASA 5500, Nokia Checkpoint Firewall, Tipping Point, Blue Coat proxies, directors and supervisors. Work with BIG IP Technologies GTM/LTM.

Methodologies: NIST, SOX, CIS, ITIL, CMMI, AGILE, SCUM, SDLC - Waterfall approach, black/white box testing, best practices for Firewalls.

Network/Security Tools: Tanium, Imperva - WAF, Kenna, Qualys, HP Fortify, SolarWinds, Algosec, McAfee, Anomoli, CMDB, and Bluecoat Analytics.

PROFESSIONAL EXPERIENCE

Confidential

Director of Information Security

Responsibilities:

• Manage Information Security programs and supervise/guide IT security departments
• Allocate resources correctly and efficiently for the deployment of new and existing software applications and platforms.
• Implement and maintain security policies and procedures
• Keep an eye on security vulnerabilities and threats to Confidential Environment
• Develop strategies to handle security gaps within Security, Compliance and Risk.
• Be involved in security investigations and recommended courses of action
• Participate in the review and recommendations for deployment of new emerging security technologies and optimizing program enhancements.
• Ensure policies, procedures and protocols are being executed and reinforced.
• Provide leadership, training and guidance to direct reports and other colleague and associates.
• Participate in Implementing educational programs on security awareness and security compliance and risk Associated with Information Security
• Prepare technical reports for executive management
• Connect organizational requirements with security goals
• Hire, and review new and existing employee
• Create and Implemented an Enterprise security review program standards for Confidential .
• Communicate Security Gaps to the Executive team members including but not limited to the VP of Information Security, CRO, CIO and the CTO.
• Created Standards, Processes and Procedure for the Enterprise Information Security Review Team
• Supervise a small team of Solutions Architects and Security Engineers.
• Advocate/Leader and Mentor for current/other organization team members who are seeking to expand their knowledge in IT Security and Information Security.
• Responsible for being a Gatekeeper for all IT/IT Security request/changes to Confidential ’s IT Infrastructure to make sure the Confidential ’s is Secure which help reinforce compliance.

Confidential

Director of Cybersecurity Engineering

Responsibilities:

• Responsible for the overall threat analysis and Intelligence gathering and responsible for the overall analysis of the incident response management process and work collaboratively across all Technology departments and business units.
• Responsible for fully documenting all Incidents, creating trending reports that will assist with monitor the needs for improvements and staffing.
• Work within a 24X7 Security Operation Center (SOC) handling incoming security threats and Vulnerabilities.
• Accurate and rapid response to Security Events and participate in Forensic Investigation.
• Develop and Implement automation processes where possible to increase efficiency and accuracy.
• Identify Security Issues and Risk such as Application and Server Vulnerabilities, and Malicious Logic such and DDOS attacks/DOS attacks/ Execute Code/Cross site Scripting/Sequel Injections among others Security Know and possible new unknown security threats.
• Assist in developing Mitigation Plans for P1/P2/P3 incidents.
• Maintain Up-to-date knowledge of IT Security Industry.
• Provide Information Security Metrics
• Develop strong business relation between the Business Partners and IT Network/Security/Applications development and Engineering Teams and IT Architects.
• Develop SLA for Security Engineering Team and well as the SOC - Security Operations team.
• Demonstrate and Implement Security Best Practices.
• Develop and Maintain Incident Management Process and Procedures.

Confidential

Lead Network Security Design Engineer

Responsibilities:

• Configure and troubleshoot Blue Coat Proxies across GM Worldwide
• Lead Design Engineer for Global Projects for Applied Network Security Engineering
• Initiate/Create/Implement Network Infrastructure Changes across GM Networking Environment Worldwide.
• Provide 3rd and 4th Level Support for escalations from the NOC, Security Operations, Application team, third party teams and other Departments.
• Update, Create and Modify VPM policies on the BC proxies such as Whitelist/Static Route/Exceptions/Non- Authentication/create new specialized access groups for all Proxy SGs’ across GM Region Internationally
• Created PAC File Changes and Code Test PAC Files for the Blue Coat proxies
• Creating routing Changes to resolve priority 1, 2 and 3 Issues (Static Routes)
• Configure Blue Coat Directors for Centralize management of the Blue Coat Proxies
• Participate in an ON-Call Rotation for Escalations from the NOC and Security Operations
• Create Documentation and Presentations for the Proxy Team/GTSC (Networking Team)/DNS team
• Configure and Create Policy Rules for the Blue Coat proxies
• Create Power Point Presentations for Monthly meetings
• Manage Projects for GM In-sourcing for all security and networking equipment/devices which includes the Blue Proxies, ASA Firewalls, Checkpoint Firewalls, Blue Coat directors and Blue Coat Supervisors
• Implement System upgrades and (SGOS) software upgrades
• Submit RFCs for the Change Management CAB board to review
• Implement Changes approved by the CAB team
• BIG IP - Working with GTM/LTM Load balancers
• Working with Fire flow request and ITSRC request
• Adhere to the ITIL/Security Methodologies for all GM processes Worldwide

Confidential

Network Security Advisor Sr.

Responsibilities:

• Support and Monitor Network Firewalls such as Nokia Checkpoint, Juniper, Cisco ASA 5500 firewalls, Proventia, SRX, and Tipping Point.
• Working knowledge and support of IPS (Intrusion Prevention Systems), NIDS (Network intrusion Detect Systems), and HIDS (Hardware Intrusion Detect Systems) and i-sensors
• Monitor Syslogs for Threat intrusion such as DOS, DDOS, malicious logic, sequel injections among other malwares.
• View and monitor EFD - Event Flow Data for Anomalies - Trending History of Security Devices
• Create Historical reports for third parties
• Support and Work with high visibility clients within a dedicated team
• Liaison between the Project Managers, Device Engineers and clients.
• Provide support for Customers in a 24/7 Security Support Center (SOC)
• Provide System upgrades and create and submit RMAs
• Monitor the HIT - Health Information Technology Systems for a varied of clients/Platforms
• Create and interpret network diagrams
• Manage Small Projects and create technical documentation on Log aggregations for security Agents such Cisco ASA, checkpoint and source fire.
• Work within a mixed Platform Environment (Linux/Windows)
• Read log files and interpret log files and output from executing Linux commands from the CLI.
• Hands on experience Interpreting, Implementing and executing security standards such as NIST (National Institute of Standards and technology), CIS (Center for Internet Security) and NSA (National Security Agency)
• Knowledgeable of IT Security Audits and Penetration Testing/ Authenticate clients.

Confidential

Senior System Specialist

Responsibilities:

• NOC Project Lead/Wireless WEP elimination Remediation project that upgrade over 2000 stores to WPA2
• Resolved WAN (MPLS, Metro Ethernet) /LAN issue at the physical layer working up to the network layer/Monitor Ciena 4200 Circuits/Familiar with turning up/down BGP Peering/Configuring ERIGP and OSPF
• Wireless WAN/LAN troubleshooting for Cisco/Juniper networks/Reestablish VPN Tunnels
• DNS administrator/ Installed and Supported Proprietary Software/Manage Citrix Netscalers & F5 Load balancer
• Executive PBX Support/ Voice Mail Admin/Assist in floor moves and rerouting extension
• Maintain, Upgrade and Supports the Systems Infrastructure for an organization to ensure stability /reliable data transfers.
• Design and Develop the System Infrastructure for IT organizations by Identifying new and existing system issues
• Escalation point of contact for Tier 1 NOC, Operations, Logistic, hardware, and software associates.
• Third party Vendors negotiations to ensure System Availability//Purchase Orders/Manage Small to midsize Projects
• Train network/system operation employees T1, T2, T3. (On Boarding)
• Created end-user training guideline Run Book for the IT systems organization/ Revise Security Awareness Policy
• Provide customer support for Internal and External Employees/Provide layers 1-5 Support – OSI model/TCP/IP Layer
• Budgeting and monitoring expenses - enters proper project codes to ensure the proper department budget is deducted
• Produce AD-HOC reports and create Knowledge Base step action tables to resolve system issues.
• Create Deliverables for IT organizations and establish a Security Policy /Awareness Documents for employee to abide by.
• Install and configure/reconfigure communication devices such as Cisco Switches/Routers and Upgrade IOS.
• Troubleshoot and resolve Telecommunication Circuit degrades issues with the LEC
• Configure ASA 5510 firewalls, Access List, routing, and DHCP on routers and switches

Confidential

Information Technology Specialist/ Project Administration

Responsibilities:

• Troubleshoot internal and overseas Software, Hardware, Security and networking issues.
• Deploy software remotely to end user’s system.
• Help Maintain SLA by resolving problems on first contact/ ONCALL 24/7 Support
• Troubleshoot Tier 1, Tier II and networking issues
• Setup and maintain Windows Active Directory user and Exchange email accounts
• Direct all support calls to the appropriate groups if necessary
• Monitor Router and switches and send out Alerts to users when there a known outage.
• Provide Training to end-user and new IT employees
• Setup domestic and international new hire projects
• Troubleshoot VPN problems for remote users/ Familiar with Citrix Meta-frame technology and design.
• Provide wireless support for end users who are remote users.
• Hardware Troubleshooting also included printers, laptops, desktop, and Thin clients