Objective:

To obtain a position as an Information Security Professional where I can utilize my strong technology and leadership background to facilitate technical growth and effective operations.

Employment History

Confidential

Sr. Network Security Engineer

• Configure Juniper/Netscreen Firewalls in very complex environment
• Managed firewalls using Palo Alto's Panorama Central Management Software
• Used tools including Tufin and Splunk to monitor firewall traffic and troubleshoot network access
• Configuration, implementation, and problem determination across the major firewall platforms and understanding each customer environment at a detailed level

Confidential

Sr. Security Analyst

Enterprise Vulnerability Management using Qualys

• PCI and SOX Compliance, Reporting and Threat Management
• Work with the System Engineers and Device Owners to help resolve confirmed or potential vulnerabilities
• Project Management, case review, ticket creation, macro development, LDAP configuration, Active Directory AD Integration SSO , SSL standards.

Confidential

PKI Engineer /Sr. Information Security Professional

• Venafi Encryption Director VED - Enterprise Key Certificate Management System. I support internal customers as they install and deploy certificates, automating the processes of procurement, enrollment, monitoring, renewal and/or retirement of certificates across heterogeneous environments.
• Support both internally and externally hosted Certification Authorities CA's as well as SSL and Code Signing.
• Install and configure Hardware Security Modules HSM's for highest level of private key protection and security.
• Provide consulting to all lines of business's within the bank on security related topics to include certificates, multi factor authentication etc.
• Participate in defining and developing the strategic plans, certificate renewal, CRL/AIA, encryption type/strength, etc.

Confidential

Sr. Information Security Professional

• Responsible for IT Security services such as Vulnerability Scanning, Penetration Testing, AntiVirus, Security Assessments, Active Directory / Group Policy, Data Encryption, Intrusion Prevention Systems IPS , SEIM/SEM/SIM and Event Correlation, Enterprise Patching, Web Filtering, Application Security, Enterprise Monitoring, Active Directory Services, IIS, SharePoint, Single Sign On SSO using Kerberos/LDAP/SPN's, UNIX/WebLogic, PKI/Certificate Authority design and admin, Cisco ASA FW review and more.
• Tools and applications include TippingPoint IPS, Sophos SafeGuard HD Encryption, Qualys Vulnerability Scanning, WebSense web filtering, patching w/ Shavlik NetChk Pro/ WSUS / Secunia, Retina, Metaspliot, TrendMicro Sophos AntiVirus, PowerShell and Visual Basic Scripting, Active Directory - DNS/Group Policy Admin/ADUC/Forest/Domain/FSMO design, Incident Response, VMware, Application Scanning, ISO 20001:2005 / SOX, HIPAA, GLBA, GAMP5, Host Validation FDA , Auditing, password vault, AD Security, working w/ Federal Agencies, etc.
• Responsible for coordinating and leading information technology security activities across Gen-Probe worldwide which includes information technology IT risk management, IT security policies, IT security awareness, and IT security architecture.

Confidential

Information Security Specialist

• TippingPoint IPS SMS Enterprise Management SMS, HA, ZPHA, TOS, TMC, Digital Vaccines, Quarantine, Custom Filters, L2FB, Segment Creation, Enterprise Design Deployment, Incident Management eg. Conficker, Virus, DNS exploits TP/3COM Expert Training Certification, etc
• QualysGuard Vulnerability Scanning Internal External , Mapping, Asset Groups, PCI Compliance, Reporting and Remediation. Also used NexPose Rapid7 and others.
• Web Application Scanning using HP WebInspect SPI Dynamics , IBM Appscan/WatchFire, Qualys WAS, Accunetix and others. Working with developers to fix code and explaining exploits. Work w/ SDLC.
• Firewall rules review and oversight Apache, MS ISA, Cisco FWSM, Router ACL's, etc
• Email Filtering Routing with IronPort, Tumbleweed SPAM, Antivirus, attachments, white/ black lists, etc
• BlueCoat Proxy Administration, AD Authentication, Policy Creation Visual Policy Manager , Whitelists/Blacklists, Web Caching, exceptions, etc.
• Microsoft Active Directory Security Administration, GPO Design, Domain Forest Trusts, Certificate Authority CA Admin, IPSec, Single Sign On SSO w/ LDAP/SSL w/ UNIX clients, Auditing, etc.
• RSA enVision Administration, enterprise logging from Windows, UNIX, Cisco, etc , reporting, aggregation and correlation.
• GuardianEdge Hard Disk Encryption Administration, AD integration, user management, data recovery.
• Cisco WCS wireless integration, WPA, profile setup, VPN, Workstation Certificate.
• Symantec AV Administration, enterprise management, definition updates and distribution, virus removal.

Confidential

Sr. Network Engineer / System Administrator 4

• Responsible for the health and growth of Active Directory to include DNS management, GPO's, Policies, Directory Replication, Site-to-Site configuration/replication, Security management, Domain Controller build-outs and maintenance, DHCP creation and management, User and Group management, ILO/KVM support, LDAP expertise, packet analysis for network troubleshooting, IIS support and training of team members.
• T-Mobile SME for Microsoft Operations Manager MOM . Enterprise monitoring of Domain Controllers, Exchange Servers, DHCP / DNS servers and SMS servers. Maintained the Web Reporting features to facilitate trending reports for all servers and services. Ran SQL scripts for grooming Reporting database.
• Enterprise Public Key Infrastructure PKI design for T-Mobile network. This included building out a model that supported multi-level Certificate Authorities, Intermediate CA's and Issuing CA's. Designed IPSec Offline VPN certificates and designed other certificates and policies , auto-enrollment via Active Directory for domain clients, Web enrollment for non-domain members, Hardware Security Modules HSM's for highest level of private key protection and security.
• Kerberos Authentication for non-domain clients. Implemented keytab files in association with their Service Principle Name SPN to allow UNIX hosts to authenticate with Active Directory. WebLogic setup configuration, J2EE/JRE/JVM/monitoring, etc.

Confidential

Sr. Network Engineer / Infrastructure Engineer

• Responsible for building out and deploying Windows 2003 Server in an enterprise environment. I was responsible for configuring GPO, OU, DNS, IP Sites, MOM, SMS, NetQoS, SharePoint and MS SQL.
• Technical support and design of MS SharePoint Portal Services SPS / Windows SharePoint Services WSS on production portal sites. Included SSL, Certificates, security, network design DMZ, Firewall and Exchange OWA/OMA , Load Balancing, SAN/Clustering, etc. Also managed OWA environment, Directory Synchronization between sites Aelita/Quest , integration with SmartPhone technologies.
• Use Microsoft Operations Manager MOM and Systems Management Server SMS to manage enterprise servers. Using these tools allowed for centralized administration and troubleshooting for the entire enterprise.
• Managed MS Exchange Server 2003 Enterprise environment to include F/E and B/E Clustering Failover and SAN connectivity. Troubleshoot SAN connectivity and configuration.
• Responsible for the day-to-day Infrastructure Requests to include SMS Portal Admin, OWA / Mobility / SmartPhone support, server configuration, Terminal Services, DNS, WINS, patch management/service packs, AD admin, configuring RAID arrays, Domain Certificate SSL Registrations, BigIP F5 VPN configurations, Blade servers, Cisco routers, switches, ISA Server Design, PBX Phone system support TeleVantage , etc.

Confidential

Sr. Network Security Engineer

• Trained clients on technologies including Windows NT/2000, DNS, legacy OS's Win3.x/DOS/Win9x , IPSec, L2TP/PPTP, DNS, RRAS, Active Directory Services OU's, Sites Domains , MS Exchange, IIS/Web hosting, Security, switching, routing / submitting, VLAN's, x.500, LDAP, VTP, ISA Firewall, encryption, Novell Netware server and clients and many other technologies.
• Symantec Firewall VPN, Symantec AntiVirus Enterprise Gateway, NetRecon, SonicWall Firewall/VPN, McAfee, Veritas Backup, BlueSocket wireless LAN solutions.
• Configured MS ISA Firewall for perimeter security while allowing internal servers Web, Mail, etc to be published through the firewall.
• Configured MS Exchange 2003 w/ OWA and SSL for remote users wanting encryption/security.
• Install and configure Windows 2003, Active Directory configuration.

Confidential

Technical:

• Windows 2003 training and migration. Also, MS Exchange 2003 migration w/ the updated OWA features.
• Provided onsite consulting for various clients on Active Directory design, RRAS, Novell migrations to Win NT Win2K, router/ hub/ switch configuration, DNS, TCP/IP, Backup services, Disaster Recovery.
• As a Microsoft Certified Trainer, I trained MCSE students on Active Directory, DNS, Security, Fault Tolerance, Backup, Disaster Recovery, OU, Site and Domain architecture, TCP/IP, NTFS / ACL's, etc.
• Provided network consulting to clients. Experience with Firewalls, Email Systems, Novell, Cisco and other 3rd party solutions.
• Business Leadership:
• Created partnerships with Microsoft as a MS Solutions Partner and Certified Training Educational Center.
• Managed 15 full time staff employees and several contracting engineers for various projects.
• Experienced with SLA's, helpdesk environments, escalation and tiered support models.

Confidential

Senior Network Engineer

• Administering NT domains, accounts, fault tolerance, re-subnetted network TCP/IP to allow for future growth, MS Exchange administration and intersite connectivity,
• Migrating a Novell Netware LAN to Windows NT LAN configuring 600 IPX clients and MS clients WfWG 311, MS-DOS, Win 95, NT Workstation 4.0 for mid-migration solutions,
• Router, Switch and node 3COM, CISCO, etc. configuration and management, trained users on MS applications, Network Administration, helpdesk etc.
• Configured several Compaq rack-mount servers w/ RAID arrays, UPS's, SCSI controllers, etc.
• Network Traffic Analysis MS Network Monitor, Network General Sniffer , NT Domain Admin.,
• Compaq server and workstation configuration SSD's, SCSI controllers, RAID, rack mount build-outs, etc

Confidential

Windows NT Support Engineer, Corporate Network Support

• Provided technical support for Windows NT Servers, Domains and Workstations, configured DHCP, WINS, RAS, Blue Screens, packet analysis MS Network Monitor , deployment and general troubleshooting.
• Trained NT engineers on networking, TCP/IP, RAS, WfWG 3.11 connectivity, fault tolerance, remote debugging, sniffer tracing, backup and printing, and blue screens .
• Wrote the first MS-DOS and Windows examination questions for the Microsoft Certification Program MCP . Test : 70-30 - MS Windows 3.1 Admin. and several following MS certification exams.
• MS-DOS/Windows 286/386, Win 3.0, Win 3.1, WfWG 3.11, Win3.x Mentor CSE, December,
• 1991 to 1992 Mentor, September, 1991
• Held SECRET Security Clearance