SUMMARY

• Experience of health, stability, patch management, troubleshooting, performance, and capacity of QRadar SIEM platforms.
• Log Analysis, SOC Analyst, NOC and Cyber Security Defense Center. Provides guidance to SOC Operations, documents administration with SIEM, Performs tasks consistent with the goals and objectives of the Cyber Security Defense Center and Lead efforts in the improve and develop of process/procedure manuals and documentation for the SIEM tools development.
• Identifies and create use cases within the SIEM tools and work with Project managers in multi phases (Dev, QA, Test, and Prod) to manage multiple projects and tasks, and set appropriate priorities for tasks to be accomplished based on project plans and management priorities, and works both independently and in a team environment.
• Identifying security incidents, monitoring policy violations, establishing baselines, assisting non - repudiation controls, providing information about problems and unusual conditions, contributing additional application specific data for incident investigation which is lacking in other log sources, Helping defend against vulnerability identification and exploitation through attack detection Records events, Security events, business process monitoring, transactions, connections, Anti-automation monitoring, audit, performance monitoring, compliance monitoring.
• Self-Starter, Experienced in leading others in cybersecurity tasks and variety of cybersecurity concepts, practices, and procedures. Capable of exercising creativity and latitude in task accomplishment. Audit Violation Reports, GRC, Network and applications SLA reporting and Service requests to meet SLA objectives; SDLC, Agile development, Sarbanes-Oxley Compliance.Documents (Manage Progress Logs), IBM Problem Management Record (PMR), Operation SIEM/Security/Network Requests, Application/Servers/DBs Owners Request and Tickets.

PROFESSIONAL EXPERIENCE

Confidential — Sterling Heights, MI

Systems Security Engineer

Responsibilities:

• Manage and maintain a broad range of relevant platforms such as Windows, UNIX, Linux, and industry leading security tools and platforms, scripting, and familiarity with open source security tools, Internet technologies, and systems infrastructure security, Responsible for supporting complex systems and application solutions, maintain and configure Network security tools to monitor and manage the environment, escalation of technical problems from/to other teams, identify and implement security improvements to the process, procedures, documentation, and systems.
• Maintain Active Directory, Group Policy, LDAP, Active Directory Lightweight Directory Services (AD LDS), using PowerShell, familiarity with Windows Security Infrastructure and ensure the stability, integrity, and efficient operation of the systems that support core organizational functions, System log analysis, backups, network security, user account/permissions management and systems, using Nagios to monitor and alert services for servers, switches, applications and services.
• Monitor security events from multiple sources such as antivirus, firewalls and system security logs, analyze the results and escalate, when necessary, to the appropriate group for remediation.
• Maintain of network/application security, applications programming, reverse engineering, malware analysis, cryptographic algorithms, Identify targeted attacks and other suspicious activity using a variety of network based tools.
• Escalate trouble tickets to vendor(s) as necessary, prepare and provide reports on assigned project work, provide troubleshooting of any security escalated issues related to assigned product.
• Familiar with network intrusion detection, network intrusion prevention, vulnerability scanning, network hardening, network access control, virtual private networking, and network management equipment and systems.
• Documents technical issues for a range of technical and business management.
• Using a high-level scripting/programming language (Bash, PERL, Python, PowerShell, JavaScript and C, C++).
• Experience interfacing directly with customer and management teams; including, conducting briefings and technical meetings for management and customer representatives.
• Knowledge of CISCO networking technologies, including Switches, Routers, Firewalls, and Wireless LAN controllers.
• Basic knowledge in malware analysis and forensic investigations, encryption algorithms.
• Familiar with Wireshark, Nessus, Snort, Tcpdump, SSH (Secure Shell), PuTTY, OpenSSH, OpenVPN.

Confidential, Rockville, Maryland

LAN/WAN Engineer

Responsibilities:

• The Administrator position is responsible for the administration of Windows 2003 & 2008 servers and AD, and CISCO switches VLAN configuration
• This position manages the computing environment using Altiris, and SCCM 2012 Training
• Manages user Accesses and file/folder security and shares and manages projects for upgrades, migrations refreshes, Familiar with Firewalls, switches, routers, and basic network troubleshooting
• The primary duties and responsibilities of the job: Installs new software releases
• Implement System upgrades. Evaluate and install patches
• Manage projects for updates and maintenance
• Routines on servers, labs, classroom, and provost workstations
• Work with third party software and Hardware vendors for support and troubleshooting, effectively communicate Updates and schedule routines for minimal downtime
• Resolve software/network related issues and Windows software for clients/servers; Windows 2008 server, Deploy Windows 7, and upgrade from Windows XP, Active Directory, Exchange; videoconferencing; SQL Server; Understanding of web technologies IIS; DNS, DHCP, TCP/IP; NetBIOS; Basic networking; Security Support using Symantec Endpoint Protection; Altiris
• Perform routine system backup and recovery of data. Maintain inventory of hardware, Software, and ensure license compliance
• Maintain data files, documentation and monitor System configuration to ensure data integrity. Analyze and resolve problems associated with Server hardware and application software.
• Provide next level support for network, software, Desktop and peripherals to Help Desk support staff
• Detects, diagnoses and reports problems for servers and workstations relating to security, hardware, and software

Confidential, Maryland

Systems Engineer

Responsibilities:

• Installing, administration & maintenance of client networks and Installs new software releases such as MS Office, System upgrades
• Evaluate and install patches. Manage projects for updates and maintenance Routines on servers, labs, and classroom
• Supported core Windows technologies (Windows server 2003 & 2008, Windows 7/XP)
• Deploy Windows 7, and upgrade from Windows XP
• Assisted in administering and supporting Active Directory environment
• Develop system access, monitoring, control, and evaluation; establishing and testing disaster recovery policies and procedures; completing back-ups; maintaining documentation, and performing system and software upgrades and patches
• Testing and Installation of computers and Medium hardware systems connected PCs in a network and set up peripheral equipment, hardware components
• IT establishes system specifications by conferring with users; analyzing workflow, access, information, and security requirements; support DNS, DHCP, TCP/IP; NetBIOS, PXE
• Troubleshooting a windows server operating system, IIS and Intel server related hardware issues