- Technical Professional with experience ensuring the secure operation of in - house computer systems, servers, and network connections.
- This includes checking server and firewall logs, scrutinizing network traffic, establishing and updating virus scans, troubleshooting, analyzing and resolving security breaches and vulnerability issues in a timely and accurate fashion, and conducting user activity audits when required. Proven track record of producing high quality work within specified timeframes and effectively multi-task while working on several projects at a time.
- Recognized for excellent leadership, planning and organization, teaming, attention to detail, project management, and communication abilities.
- Intrusion Analysis/Detection - (McAfee Intrushield, Snort, Sourcefire)
- Firewalls - (Checkpoint, Juniper, & Netscreen)
- Vulnerability Assessment - (Foundstone/Nessus/Qualys)
- Web Proxy - (Blue Coat/Trend Micro InterScan Security Suite)
- Remote Access - (VPN, RAS, Citrix)
- SIEM Administration (ArcSight / Q1 Radar)
PROFESSIONAL EXPERIENCENetwork Security Engineer,
Confidential, Little Rock, AR
- Designed, wrote, and maintained common procedures, SLI's and EXEC's for installed operating systems.
- Organized, allocated, and supervised use of disk space for libraries, files, and common work space.
- Acted as a professional assistant or project team member in hardware evaluation, configuration, and software evaluation projects.
- Reviewed, analyzed, developed, installed, and modified Security Tools and systems.
- Detected, diagnose, and reported related problems.
- Executed security controls to prevent hackers from infiltrating company information or jeopardizing programs.
- Researched attempted efforts to compromise security protocol and recommends solutions.
- Maintained security systems and administers security policies to control access to systems.
- Maintained the company's firewall and utilizes applicable encryption methods.
- Created information security documentation related to work area and completes requests in accordance with company requirements.
- Identified opportunities and executes plans to improve workflow and understands and quantifies business impacts of those improvements for communication to management.
- Interfaced with user community to understand security needs and implements procedures to accommodate them. Ensures that user community understands and adheres to necessary procedures to maintain security.
- Provided status reports on security matters to develop security risk analysis scenarios and response procedures.
Confidential, Little Rock, AR,
- Security infrastructure engineering experience as well as Microsoft Windows, UNIX, Checkpoint firewalls, Juniper firewalls, PIX firewalls, BlueCoat Proxies, Juniper Intrusion Prevention devices, authority support and wireless switch Security Management.
- Day to day responsibilities included monitoring, optimizing, problem-resolution, root cause analysis, and managing all aspects of access to specified systems.
- Interface directly with the Service Level Coordinators and communicated the technical facts and issues to all parties involved.
- Participated in an on-call rotation schedule and after hours work.
- Troubleshot access issues.
- Adhered to the change management processes.
- Engineered and implemented security infrastructures.
Confidential, East Rutherford, NJ,
- Provided analysis and review of events and cases escalated from the live monitoring team; performed post mortem review of traffic flows utilizing SIEM(ArcSight) system and other tools to detect malicious activity; and complete projects and tasks associated with security monitoring, detection, and incident response on an as needed basis.
- Cyber Security assessment using traffic analysis tools (i.e. WireShark, TCPDump, etc).
- Analyzed and reviewed escalated cases to further investigate suspicious activity.
- Performed post mortem analysis on traffic flows and other activities to identify malicious activity.
- Researched, developed, and keep abreast of testing tools, techniques, and process improvements in support of security event detection and analysis.
- Executed tasks and lead small projects as needed.
- Communicated and interacted directly with other staff to ensure optimal individual and group performance. Performed other related duties as assigned or requested in compliance with ISO 27001 and 9000.
- Developed new custom connectors (i. e. flexconnectors) to integrate site specific .
- Tested and integrated ArcSight provided connectors.
- Integrated ArcSight event actions into other company systems.
- Provided ArcSight technical expertise.
- Provided support to company ArcSight clients.
Confidential, Alexandria, VA,
- Served as technical lead on SOC shifts and SOC technical projects. Continuously raised the collective level of expertise and operational knowledge in the SOC. Verified that materials are up to date and contain current operational processes and procedures. Worked with partners and SOC managers to better implement SOC operational procedures.
- Managed employees responsible for providing configuration and quotation services to internal and external customers in the disciplines of Firewall Administration, Forensics, Network/Security Operations, and Intrusion detection. Provided technical assistance and ownership of customer calls until resolution. Identify events and nodes that should be monitored and modify security tools as necessary to successfully monitor and analyze the events and nodes.
- Managed the coordination of tasks relative to revenue opportunities and budgeting while managing relationships with customers, internal partners, and team members.
- Provided analysis reports to the customer's Task Manager and have them available for display in the Enterprise Operations Center (EOC) and Security Operations Center (SOC). Collect and analyze d obtained by the Customer's Security tools. Tools include, IDS/IPS, Firewall, SIM, vulnerability scanning software etc. Centralized Audit Logging Solution Administration and Maintenance Support, supporting Customer's efforts to maintain the existing centralized audit logging solution (Log Logic) capability that logs significant events for system operating systems and dbases.
- Leveraged best practices through innovative on-the-job learning opportunities and techniques while ensuring resolution of escalations and projects.
- Internet Content Management System Maintenance and Administrative Support work with Customer to effectively configure and maintain Customers Web cache (Bluecoat) and content filtering capability to manage Internet content. Followed established Operating Procedures and update the procedures when necessary with the prior approval of Customer.
- Supported the maintenance and administration of USPTO Enterprise Firewalls, departmental (PTONet) firewalls, IT Facility West (lab) firewalls, and USPTO Enterprise Remote Access/Teleworker firewalls.
- Provided support to all USPTO CIRT functions and using C3 staff and provide onsite supplemental staff required to operate the USPTO CIRT Forensic office. Responsible for reporting all US-CERT incidents and ensuring the USPTO management approves these reports and that the reports are within timelines mandated by the US-CERT reporting instruction.
- Collected and analyzed d obtained by the USPTO's Security tools. Tools included, IDS/IPS, Firewall, SIM, scanning software etc.
- Converted Checkpoint firewalls to Juniper firewall platform.
- Ensured the SEM (Q1 Labs) solution was deployed and operating to deliver the technical and business results required by the customer.
- Integrated SEM (Q1 Labs) solution with customer operations including network management and ticketing systems, and assist customers in building operational processes around the QRadar infrastructure.
- Advised the customer on SEM and security best practices and implementing customer use with QRadar.
- Conducted security investigations into customer incidents using QRadar SEM.
- Tuned and troubleshot QRadar to deliver optimal performance in high volume enterprise customer environments.
- Configured and troubleshot network and security devices, various operating systems, and applications such as web, mail and dbase services.
- Created automated reports within QRadar to help aid investigation efforts.
Confidential, Conway, AR
- Helped design, maintain, and support and tune the application(s)/infrastructure(s) that detect security events. (i.e.-Host-based Intrusion Detection Systems (HIDS), Network-based Intrusion Detection Systems (NIDS), and Security Information Management (SIM).
- Proposed/developed improvements to Information Security policies and procedures for system operations to support SAS70 and SOX audits as well as ISO 17799.
- Ran security analysis reports while analyzing current trends and developments in Information Security.
- Monitored Associates’ system entry, controlled internal d access, and performed surveillance on Acxiom’s Internal and Customer networks.
- Performed analysis of real time and historical security events to determine whether threat concerns or conditions are present.
- Monitored and managed the system utilized to determine the presence of misuse and potential security breaches on the network.
- Involved in the development of Incident Reports and the recommendation of security countermeasures to the customer.
- Interfaced with the customer account teams, the server support teams, and the vendors to provide notifications, helped determine the root issues, and passed knowledge between areas.
- Assisted with security administration issues; such as access control and password maintenance.
- Responsible for assessing and creating PCI audit documentation, creating audit evidence & managing storage within a Share Point archive. Read and interpreted existing rule sets for purposes of documenting compliance to PCI-DSS.
- Architected/Installed/Maintained/Upgraded Voltage SecureMail Vulnerability Assessment infrastructure.
- Integrated SecureMail with Exchange server, MS Outlook, and Active Directory while utilizing encryption (PKI, IBE, PGP).
- Lead and executed the CSP installation (management platform, console and agent) installs and upgrades, including configuration management, s management, policies updates for user workstations and servers.
- Provisioned for CSP upgrade, updates, and policy pushes.
- Coordinated with Stakeholders in technical matters.
- Provided dedicated technical and operational support for SCSP, assist with creation, enforcement, management and reporting of incidents through automated workflows.
- Architected/Installed/Maintained/Upgraded McAfee’s Foundstone Vulnerability Assessment infrastructure.
- Identified vulnerabilities in network infrastructure, operating systems, bases, network services, applications, application interfaces and/or other technical security mechanisms, and worked with the sponsor to mitigate these vulnerabilities.
- Created custom scans and ensured scheduling met with system resource loads.
- Utilized Remedy SQL dbase to capture detailed information for automated custom reports to management regarding remediation results.
- Migrated firewalls from Netscreen to Checkpoint SPLAT platform.
Technical Support Specialist,
- Provided technical support and resolved all hardware/software related problems and service requests from over 6000+ internal/external users.
- Resolved desktop support and Remote Access escalated by Level 1 support.
- Assisted in resolving technical computer issues over the phone and follow-up with the customer until the issue was resolved utilizing documented procedures and available tools.
- Installed and configured base management systems software.