SKILLS:

Compliance: FISMA, GLBA, HIPAA, PCI - DSS, SSAE-16/18, SCADA, various frameworks including COBIT and NIST

Security: Airsnort, Bit9, Carbon Black Response, Checkpoint FW/VSX/IPS Design/Implementation/Monitoring, Cisco ASA/FWSM/PIX Design/Implementation/Monitoring, Cisco IDS, Cisco MARS Design/Implementation/Monitoring, Cisco NAC Design/Implementation/Monitoring, Cisco Guards, Cisco VPN Concentrators, Carbon Black FIM, Cloud Security, Compliance, Computer Security Policies and Standards, Core Impact, Cryptography, DLP, DMZ Design, E Discovery, Event Correlation, F5 WAF, HSM, IDS systems, E-Eye Retina Security Scanner, HSM, Imperva WAF, Incident Handling, IPTables, Malware/Virus detection and prevention software, Metasploit Exploitation Framework, Microsoft Forefront TMG, Nessus, Net Stumbler, NMAP, OpenVAS, Physical Security, Penetration Testing, Qualys Vulnerability Scanner, Safenet HSM, Security Awareness Training, Radius, Redseal, Risk Assessment, Splunk, SNORT, SourceFire IPS, Tipping Point IPS, Tripwire, WAF, WAN/LAN Security, Web Inspect Web Application Scanner, Vulnerability Management, Websense, Whisker, Wireless Design/Security and Installation

EXPERIENCE:

Confidential, Scottsdale, AZ

Senior Information Security Engineer

Responsibilities:

• Responsible to ensure that software applications and IT infrastructure are designed and implemented to the highest standards of information security best practices, and in alignment with policies and standards, thus maintaining and enhancing IT support standards and customer trust.
• Responsible for improving security controls that protect critical IT infrastructure and information assets.
• Assists in developing enhancements to compliance and resiliency programs, including PCI - DSS, SSAE-16, Disaster Recovery, and Incident Response Planning.
• Oversee vulnerability management and assessments, and threat modeling exercises for critical business systems.
• Lead efforts to assess the impact of emerging threats to operations.
• Oversees the Information Security team’s knowledge base of critical procedures to ensure prompt and effective response to security-related events.

Confidential, Chandler, AZ

Senior Information Security Engineer

Responsibilities:

• Provide leadership in support of implementing, maintaining, monitoring and troubleshooting a broad range of security infrastructure at Element Payment Services.
• Serves as information security subject matter expert and actively assist EPS teams in the development of secure business solutions for medium to highly complex problems.
• Provide leadership and support for junior level security personnel.
• Authored security policies, procedures, standards, and guidelines for computing infrastructure.
• Leads compliance initiatives including empowering customers to easily meet and exceed industry compliance requirements such as PCI DSS and PA-DSS.

Confidential, Chandler, AZ

Risk Consultant

Responsibilities:

• Provided risk consultant services to organization including gap discovery related to regulatory requirements.
• Provide information to guide and inform the selection of appropriate defensive measures so the organization can respond effectively to cyber-related risks.

Confidential, Scottsdale, AZ

Engineer, Senior Security

Responsibilities:

• Provided Security oversight for all project initiatives including Mobile Device Management, SAP re-platform and Exchange 2010.
• Formulated Security policy framework including Network, Incident Handling, User Access and Mobile Devices.
• Instituted Vulnerability Management program including regular Security Assessments and reporting.
• Provided Security approvals for all changes made to operating environment including AV Infrastructure, Checkpoint firewalls, PKI, IPS, VPN and DLP environments.
• Provided regular Security Reporting to Senior Management including Security Dashboard. Maintained security oversight for large scale Data Center migrations.

Confidential, Tempe, AZ

Senior Security Consultant

Responsibilities:

• Provide high end Security Solutions and guidance for organizations.
• Senior Security Consultant for multi-million dollar projects.
• Provide end to end Security solutions including Cisco MARS, Cisco NAC, Tipping point IPS and secure network design and configuration including firewall rule set analysis related to compliance issues.
• Deployed high end Cisco routing/switching (65XX series switches) and firewall products (Checkpoint, Checkpoint VSX,
• Deployed 2 factor authentication and VPN architecture including SSL and WebVPN connectivity.
• Provide security management tools including Cisco Security Manager and Checkpoint Provider-1.
• Performed various security related services to a number of clients including multiple fortune 500 organizations.
• Perform various Security auditing and compliance initiatives for various organizations.

Confidential, Scottsdale, AZ

Security Analyst

Responsibilities:

• Responsible for the monitoring and securing of the GoDaddy information technology environment by providing aspects of information security support and investigation, including intrusion detection, vulnerability and penetration testing and forensic analysis of computer intrusion events.
• Handled hundreds of security compromises and incidents including DDOS.
• Supported external and internal security architecture including Cisco Guards, Symantec Centralized Anti­Virus, Tipping Point IPS deployments and large scale Snort distributed environment.

Confidential, PA

Security Consultant

Responsibilities:

• Performed External Vulnerability Assessments, Internal Vulnerability Assessments, and Perimeter Security Assessments for large academic, financial, medical and other various institutions. Used a variety of security tools for performing both internal and external penetration tests.
• Wrote detailed security reports detailing the overall security posture of the organization, as well as demonstrating exploitation of multiple attack vectors when pertinent from an external and internal perspective.
• Produced high level Perimeter Security Assessments for various organizations.
• This included verification of pertinent security services (AD Structure, AV Architecture, CR process, Patch Management, Password Policies, Perimeter/Network Design, Security Policies...) as well as configuration analysis, and a detailed review of the overall security (layered) design, and produced recommendations based on data collected.
• In addition performed security device installation services, including Cisco ASA and Checkpoint firewalls.
• Filled support role for various companies in relation to various issues related to security and/or security devices.
• In addition maintained in house external scanning architecture consisting of Linux/Windows machines running Nessus, Nmap, Retina, and Web Inspect scanners.

Confidential, West Chester, PA

Network Security Engineer

Responsibilities:

• Maintained security infrastructure for 60,000 node corporate environment.
• Managed all firewall devices within the infrastructure including 80 Check Point firewalls and 5 management stations composed of Sun and Nokia hardware.
• Managed all security devices within the network including Cisco Pix firewalls, Cisco TACACS+ servers, and Cisco VPN concentrators.
• Managed all vendor connectivity consisting of Frame Relay and VPN solutions.
• Managed all network devices within partner network environment including Cisco 17xx, 26xx, and 75xx routers.
• Managed remote access for entire corporation consisting of Cisco Secure VPN architecture.
• Maintained numerous network security zones including publicly accessible resources within DMZ environments though out corporate environment.
• Managed all internet connectivity including all mail and web traffic within the Confidential network.
• Provided support for all network security related issues utilizing Remedy ticketing system.
• Worked in conjunction with Information Protection to maintain integrity across corporate infrastructure utilizing secure network design to minimize risk of exposure to malicious content and activity.
• Actively monitored Confidential network security infrastructure and provided incident response when appropriate.
• Provided 24x7 escalation for network security issues utilizing a rotating pager arrangement.
• Maintained and updated full network security architecture documentation including relevant policy and standards documents.
• Worked closely with tier-1 support team to allow them to provide adequate support for environment on a 24x7 basis.
• Processed network security change activity including new installations, upgrades, and disconnects.

Confidential, Grantville/Wyomissing, PA

Senior Information Systems Administrator/Programmer

Responsibilities:

• Responsible for entire corporate Windows NT/2000 network spanning entire country.
• Wan Engineer and Security Administrator for frame relay network and domain including multiple horse racing and casino facilities.
• Created companywide computer security and computer connectivity policies.
• Served as final contact on all WAN connectivity issues as well as centralized accounting (Great Plains), HR (ADP), and gambling systems.
• Primary administrator of all web presence, Internet connectivity, and Internet Security issues (Cisco PIX FW and service network.
• Administered/implemented site-to-site as well as client VPN utilizing OPENRADIUS architecture.
• Responsible for maintaining Computer Security Integrity though auditing/monitoring and installation of new technologies.
• Implemented and maintained all perimeter level security, and actively monitored traffic through logging and IDS (SNORT).
• Transformed corporations stop gap security model to a layered model, ensuring perimeter has no single point of security failure through use of various Security Technologies.
• Implemented central logging facility (SYSLOG) and alerting to streamline security-logging model.
• In addition monitored outbound web and all network traffic utilizing a combination of IDS/MYSQL and Squid Proxy Server with custom coded authentication system implemented with a combination of Calamari, Perl and SARG. Installed and maintained all Cisco network equipment including 2XXX, 3XXX, and 4XXX series routers, PIX 515 FW as well as wireless access points and various switches (Catalyst 2950,3550, etc.).
• Cut all security costs 75% by utilizing Open Source software while adding increased reliability and securit