SUMMARY

• To obtain a position that analyzing events in a near - real time basis by monitoring security system (Intrusion Prevention System, data leakage protection, etc.) dashboards and responding or escalating the event based on predefined protocols and procedures

TECHNICAL SKILLS

Networking: Subnet Masking, IP Addressing, Network Technology(Putty & Solar winds), LAN/WAN Technology, TCP/IP Protocols, Wireshark

Operating Systems: Windows(95-10), Windows Server(2003-2016), Linux

PC Technology: Assemble PC to the component level, Install, configure and troubleshoot PC, Upgrade systems, Audio Visual experience, Configuration of VOIP

Security: Cylance, McAfee, Source Fire IPS, Air Defense(Wireless Security), NSight, FireEye, Checkpoint Firewalls, Logrhythm, Menlo Security, Phantom, HBSS, ACAS, NAC, Tufin, BlueCoat, Carbon Black, CA(Concord) Spectrum and eHealth Suite, RSA Netwitness, Recorded Future

Personal: Project Management, Efficient multi-tasking abilities, Creative problem resolution, Organizational skills, Strong attention to detail, Excellent communication skills, Asset Management, Used Ticketing system(SharePoint, MAGIC, Remedy)

Programming: C++, HTML, Python

PROFESSIONAL EXPERIENCE

Confidential, GA

Sr. Security Engineer

Responsibilities:

• Works for (Threat Monitoring and Response Center) which is an Information Security Response 24x7 monitoring of security detection devices in order to detect potential attacks as they occur and to provide information to on previous malicious network attacks. Respond to escalated security events or incidents and implement counter-measures to reduce and/or mitigate further exposure. Performs triage on events which are reported by various detection devices to filter out things such as false positives and known accepted activities
• Use Python 2.7 to custom function for playbooks in Phantom Automation
• Creating Automating Incident Response alerts by Python 2.7 from LogRhythm SIEM such as EDR, VPN, PCI Scan alarms.
• Able to create daily reports and understand alerting workflow processes. Ability to understand, analyze and correlate security events and implement counter-measures to mitigate against intrusion attacks. Maintaining security monitoring and reporting appliances in addition to leading and analyzing security reporting
• Understanding and working knowledge of regulatory and audit mandates to ensure environments meet PCI, FFIEC, SOX and corporate standards. Analyzing phishing email and automated LogRhythm alerts through Phantom automation. Providing assistance with User Protection Team (Endpoint Management) to manage script control in Confidential ’ Confidential environment
• Understanding of Incident response methodologies and assist with coordinating security incidents. Strong knowledge of TCP/IP, HTTP, FTP, cookies, authentication, virus scanning, web servers, SSL/encryption and reporting packages
• Ability to decode and understand traffic flow at packet level traces (skilled with PCAPs, traffic generators, etc.). Identify common network and web site attacks such as SQL injection, cross site scripting and remote file inclusion
• An understanding of a wide array of server grade applications to include Dragon IDS, Cylance, Carbon Black, ThreatGrid, FireAMP, AirDefense, SharePoint, Active Directory, Fireeye, LogRhythm, RSA Netwitness, BlueCoat, and others

Confidential, Smyrna, GA

DoD DCMA Computer Network Defense Generalist

Responsibilities:

• Day to day management of network security devices by rotating logs, troubleshooting connection problems, offering guidance to geographically interspersed teams, assisting with deployment of hardware/software, assisting with upgrades and/or patches, etc at the SOC environment
• Analyzing packets capture and suggesting information assurance (IA) solutions and process improvements to help minimize the risks DCMA faces to computer network defense threats
• Classified material incident handling and assisting with cleanup activities and providing guidance on vulnerability and malware remediation
• Initiating response and tracking compliance with Change Gear, Magic and Share point ticketing system to directives issued by USCYBERCOM and participating in response to verified cyber attacks
• Day to day analysis and response to SAM Blocks, IP Hotlist, Domains Blocks request through the firewall rule events and logs, typically escalated from the Detect Team
• Communicating and interacting with the DCMA customer, vendor service providers, other government entities, and functional peer groups verbally and through electronic correspondence to gain cooperation of others, seek or distribute or coordinate information, and to report
• Performs CND vulnerability assessments within the enclave utilizing Retina Network Security Scanner ACAS, and NSM. Implement and enforce CND policies and procedures reflecting applicable laws, policies, procedures, and regulations

Confidential

DoD DCMA Network Technician

Responsibilities:

• Support the Defense Contract Management Agency Network Operations and Security Center (NOSC), supports global network and security operations monitoring, incident response, problem isolation, and service/repair coordination for cyber-attacks and related events
• Analyzing events in a near-real time by monitoring over 1000DCMA (server, router, switch, and circuit) and 15000 DCMA assets and determining appropriate courses of action
• Performs pro-active monitoring with CA(Concord) Spectrum and eHealth Suite for network elements alarms and alerts to identify those components/elements that may lead to or already are causing network degradation or failure
• Communicating and interacting with the DCMA customer, vendor service providers, other government entities, and functional peer groups verbally and through electronic correspondence to gain cooperation of others, seek or distribute or coordinate information, and to report
• Assisting the DCMA Firewall with Reimaging and maintaining the Checkpoint IPS Firewall

Confidential

Field Services Engineer

Responsibilities:

• Working in Hazard 3 conditions assigning over 7000 user accounts to appropriate groups and appropriate permissions for the Marines Military Base. Develop, maintain and communicate standard hardware/software setup and configuration profiles and responsible for the acquisition, installation, maintenance, and usage of the organization' Confidential local area network. Establish and implement network policies, procedures, and standards and ensures their conformance with information systems and organization objectives
• Build exchange mailboxes, configure email properties, and troubleshoot user email issues for NIPR, SIPR, and CX-1 and assigning rights to shared drive folders. Trouble shoots VOIP issues and troubleshoots printers and map shared printers. Responsible for patching and cabling of switches and routers
• Reimaging laptops and desktop with Window 7 and implement HBSS policy and used Windows Server 2008 have the ability to share files and create print queues, act as an application server, host message queues, provide email services and authenticate users
• Maintaining Active Directory and Microsoft Servers (Domain Controllers) to create user accounts, OU' Confidential, and OMB' Confidential and clearing port security on NIPR, SIPR and CENTRIX. Interact with network intrusion detection devices and other security systems via proprietary and commercial consoles from exploits and vulnerabilities

Confidential, Roswell, GA

System Analyst

Responsibilities:

• Responsible for proactively monitoring these workstations and is responsible for assisting with firmware updates, operating system updates, anti-virus software updates, security patches and repair of any hardware failures and Safeguarding files from unauthorized or accidental modification or destruction
• Experience Performing hardware installation and configuration of PCs, laptops, printers, scanners, web cameras, projectors, etc. and repairing and testing Xbox’ Confidential and PS3 for customers at HP
• Responsible “imaging” workstations as outlined by departmental standard operating procedures and installing, configuring all associated hardware and documenting computer security and emergency procedures, tests and policies
• Provide technical support to include resolving end-user computer issues using remote diagnostic and troubleshooting tools also completing tickets quickly within published service levels (SLA)