To obtain a position as an Information Security Professional where I can utilize my strong technology and leadership background to facilitate technical growth and effective operations.
Sr. Network Security Engineer
- Configure Juniper/Netscreen Firewalls in very complex environment
- Managed firewalls using Palo Alto's Panorama Central Management Software
- Used tools including Tufin and Splunk to monitor firewall traffic and troubleshoot network access
- Configuration, implementation, and problem determination across the major firewall platforms and understanding each customer environment at a detailed level
Sr. Security Analyst
Enterprise Vulnerability Management using Qualys
- PCI and SOX Compliance, Reporting and Threat Management
- Work with the System Engineers and Device Owners to help resolve confirmed or potential vulnerabilities
- Project Management, case review, ticket creation, macro development, LDAP configuration, Active Directory AD Integration SSO , SSL standards.
PKI Engineer /Sr. Information Security Professional
- Venafi Encryption Director VED - Enterprise Key Certificate Management System. I support internal customers as they install and deploy certificates, automating the processes of procurement, enrollment, monitoring, renewal and/or retirement of certificates across heterogeneous environments.
- Support both internally and externally hosted Certification Authorities CA's as well as SSL and Code Signing.
- Install and configure Hardware Security Modules HSM's for highest level of private key protection and security.
- Provide consulting to all lines of business's within the bank on security related topics to include certificates, multi factor authentication etc.
- Participate in defining and developing the strategic plans, certificate renewal, CRL/AIA, encryption type/strength, etc.
Sr. Information Security Professional
- Responsible for IT Security services such as Vulnerability Scanning, Penetration Testing, AntiVirus, Security Assessments, Active Directory / Group Policy, Data Encryption, Intrusion Prevention Systems IPS , SEIM/SEM/SIM and Event Correlation, Enterprise Patching, Web Filtering, Application Security, Enterprise Monitoring, Active Directory Services, IIS, SharePoint, Single Sign On SSO using Kerberos/LDAP/SPN's, UNIX/WebLogic, PKI/Certificate Authority design and admin, Cisco ASA FW review and more.
- Tools and applications include TippingPoint IPS, Sophos SafeGuard HD Encryption, Qualys Vulnerability Scanning, WebSense web filtering, patching w/ Shavlik NetChk Pro/ WSUS / Secunia, Retina, Metaspliot, TrendMicro Sophos AntiVirus, PowerShell and Visual Basic Scripting, Active Directory - DNS/Group Policy Admin/ADUC/Forest/Domain/FSMO design, Incident Response, VMware, Application Scanning, ISO 20001:2005 / SOX, HIPAA, GLBA, GAMP5, Host Validation FDA , Auditing, password vault, AD Security, working w/ Federal Agencies, etc.
- Responsible for coordinating and leading information technology security activities across Gen-Probe worldwide which includes information technology IT risk management, IT security policies, IT security awareness, and IT security architecture.
Information Security Specialist
- TippingPoint IPS SMS Enterprise Management SMS, HA, ZPHA, TOS, TMC, Digital Vaccines, Quarantine, Custom Filters, L2FB, Segment Creation, Enterprise Design Deployment, Incident Management eg. Conficker, Virus, DNS exploits TP/3COM Expert Training Certification, etc
- QualysGuard Vulnerability Scanning Internal External , Mapping, Asset Groups, PCI Compliance, Reporting and Remediation. Also used NexPose Rapid7 and others.
- Web Application Scanning using HP WebInspect SPI Dynamics , IBM Appscan/WatchFire, Qualys WAS, Accunetix and others. Working with developers to fix code and explaining exploits. Work w/ SDLC.
- Firewall rules review and oversight Apache, MS ISA, Cisco FWSM, Router ACL's, etc
- Email Filtering Routing with IronPort, Tumbleweed SPAM, Antivirus, attachments, white/ black lists, etc
- BlueCoat Proxy Administration, AD Authentication, Policy Creation Visual Policy Manager , Whitelists/Blacklists, Web Caching, exceptions, etc.
- Microsoft Active Directory Security Administration, GPO Design, Domain Forest Trusts, Certificate Authority CA Admin, IPSec, Single Sign On SSO w/ LDAP/SSL w/ UNIX clients, Auditing, etc.
- RSA enVision Administration, enterprise logging from Windows, UNIX, Cisco, etc , reporting, aggregation and correlation.
- GuardianEdge Hard Disk Encryption Administration, AD integration, user management, data recovery.
- Cisco WCS wireless integration, WPA, profile setup, VPN, Workstation Certificate.
- Symantec AV Administration, enterprise management, definition updates and distribution, virus removal.
Sr. Network Engineer / System Administrator 4
- Responsible for the health and growth of Active Directory to include DNS management, GPO's, Policies, Directory Replication, Site-to-Site configuration/replication, Security management, Domain Controller build-outs and maintenance, DHCP creation and management, User and Group management, ILO/KVM support, LDAP expertise, packet analysis for network troubleshooting, IIS support and training of team members.
- T-Mobile SME for Microsoft Operations Manager MOM . Enterprise monitoring of Domain Controllers, Exchange Servers, DHCP / DNS servers and SMS servers. Maintained the Web Reporting features to facilitate trending reports for all servers and services. Ran SQL scripts for grooming Reporting database.
- Enterprise Public Key Infrastructure PKI design for T-Mobile network. This included building out a model that supported multi-level Certificate Authorities, Intermediate CA's and Issuing CA's. Designed IPSec Offline VPN certificates and designed other certificates and policies , auto-enrollment via Active Directory for domain clients, Web enrollment for non-domain members, Hardware Security Modules HSM's for highest level of private key protection and security.
- Kerberos Authentication for non-domain clients. Implemented keytab files in association with their Service Principle Name SPN to allow UNIX hosts to authenticate with Active Directory. WebLogic setup configuration, J2EE/JRE/JVM/monitoring, etc.
Sr. Network Engineer / Infrastructure Engineer
- Responsible for building out and deploying Windows 2003 Server in an enterprise environment. I was responsible for configuring GPO, OU, DNS, IP Sites, MOM, SMS, NetQoS, SharePoint and MS SQL.
- Technical support and design of MS SharePoint Portal Services SPS / Windows SharePoint Services WSS on production portal sites. Included SSL, Certificates, security, network design DMZ, Firewall and Exchange OWA/OMA , Load Balancing, SAN/Clustering, etc. Also managed OWA environment, Directory Synchronization between sites Aelita/Quest , integration with SmartPhone technologies.
- Use Microsoft Operations Manager MOM and Systems Management Server SMS to manage enterprise servers. Using these tools allowed for centralized administration and troubleshooting for the entire enterprise.
- Managed MS Exchange Server 2003 Enterprise environment to include F/E and B/E Clustering Failover and SAN connectivity. Troubleshoot SAN connectivity and configuration.
- Responsible for the day-to-day Infrastructure Requests to include SMS Portal Admin, OWA / Mobility / SmartPhone support, server configuration, Terminal Services, DNS, WINS, patch management/service packs, AD admin, configuring RAID arrays, Domain Certificate SSL Registrations, BigIP F5 VPN configurations, Blade servers, Cisco routers, switches, ISA Server Design, PBX Phone system support TeleVantage , etc.
Sr. Network Security Engineer
- Trained clients on technologies including Windows NT/2000, DNS, legacy OS's Win3.x/DOS/Win9x , IPSec, L2TP/PPTP, DNS, RRAS, Active Directory Services OU's, Sites Domains , MS Exchange, IIS/Web hosting, Security, switching, routing / submitting, VLAN's, x.500, LDAP, VTP, ISA Firewall, encryption, Novell Netware server and clients and many other technologies.
- Symantec Firewall VPN, Symantec AntiVirus Enterprise Gateway, NetRecon, SonicWall Firewall/VPN, McAfee, Veritas Backup, BlueSocket wireless LAN solutions.
- Configured MS ISA Firewall for perimeter security while allowing internal servers Web, Mail, etc to be published through the firewall.
- Configured MS Exchange 2003 w/ OWA and SSL for remote users wanting encryption/security.
- Install and configure Windows 2003, Active Directory configuration.
- Windows 2003 training and migration. Also, MS Exchange 2003 migration w/ the updated OWA features.
- Provided onsite consulting for various clients on Active Directory design, RRAS, Novell migrations to Win NT Win2K, router/ hub/ switch configuration, DNS, TCP/IP, Backup services, Disaster Recovery.
- As a Microsoft Certified Trainer, I trained MCSE students on Active Directory, DNS, Security, Fault Tolerance, Backup, Disaster Recovery, OU, Site and Domain architecture, TCP/IP, NTFS / ACL's, etc.
- Provided network consulting to clients. Experience with Firewalls, Email Systems, Novell, Cisco and other 3rd party solutions.
- Business Leadership:
- Created partnerships with Microsoft as a MS Solutions Partner and Certified Training Educational Center.
- Managed 15 full time staff employees and several contracting engineers for various projects.
- Experienced with SLA's, helpdesk environments, escalation and tiered support models.
Senior Network Engineer
- Administering NT domains, accounts, fault tolerance, re-subnetted network TCP/IP to allow for future growth, MS Exchange administration and intersite connectivity,
- Migrating a Novell Netware LAN to Windows NT LAN configuring 600 IPX clients and MS clients WfWG 311, MS-DOS, Win 95, NT Workstation 4.0 for mid-migration solutions,
- Router, Switch and node 3COM, CISCO, etc. configuration and management, trained users on MS applications, Network Administration, helpdesk etc.
- Configured several Compaq rack-mount servers w/ RAID arrays, UPS's, SCSI controllers, etc.
- Network Traffic Analysis MS Network Monitor, Network General Sniffer , NT Domain Admin.,
- Compaq server and workstation configuration SSD's, SCSI controllers, RAID, rack mount build-outs, etc
Windows NT Support Engineer, Corporate Network Support
- Provided technical support for Windows NT Servers, Domains and Workstations, configured DHCP, WINS, RAS, Blue Screens, packet analysis MS Network Monitor , deployment and general troubleshooting.
- Trained NT engineers on networking, TCP/IP, RAS, WfWG 3.11 connectivity, fault tolerance, remote debugging, sniffer tracing, backup and printing, and blue screens .
- Wrote the first MS-DOS and Windows examination questions for the Microsoft Certification Program MCP . Test : 70-30 - MS Windows 3.1 Admin. and several following MS certification exams.
- MS-DOS/Windows 286/386, Win 3.0, Win 3.1, WfWG 3.11, Win3.x Mentor CSE, December,
- 1991 to 1992 Mentor, September, 1991
- Held SECRET Security Clearance