SECURITY SKILLS:

AntiVirus / Malware Tools: Malware Bytes, McAfee

Application Security: AppInspect, ARC, BurpSuite, OWASP. Postman

DAST / SAST Tools: Nikto, OpenVAS, ZAP | ZED / VeraCode

Disaster Recovery: AgilityRecovery, SunGard

Firewalls: Checkpoint, Cisco Meraki, Imperva, Juniper, Palo Alto

GRC: Netwrix, RSA Archer, System Contingency, Security, Test Plans

IPS/IDS Tools: Darktrace, McAfee, Snort, Trend Micro

Free Open Source Software (FOSS) Tools: Aircrack, AngryIP, CryptCat, Kali Linux, Kismet, mod sec, NMAP, Port Security, Putty, Pyloris, TrueCrypt Security Awareness Training, CBT Nuggets, KnowBe4

SIEM: ArcSight, AWS GuardDuty, McAfee, Rapid7, Splunk

Threat Management Tools: Azure Security Center, McAfee ePO, Sophos

Vulnerability Tools: Aircrack, Comodo, MBSA, Nessus, Rapid7, Wireshark

Web Security: WebInspect, WebSpider

Federal Standards: CSF, CIS Top 20, FISMA / FICAM, Lawful Intercept, NIST, NCES

Certificate Authority: CAPI, CRL, FIPS, JKS, PKI, OCSP, TLS

Identity Management: ABAC, ADFS, CAS, OAuth, Ping Federate, SAML, SiteMinder, Shibboleth, XACML

Languages: C#, CSS, Golang, HTML, Java, PHP, Powershell, Python, SQL, XML

PROFESSIONAL EXPERIENCE:

Confidential, Menifee, CA

Cyber Security Consultant

Responsibilities:

• Assisted Signal Sciences in customer engagement for their Signature WAF + RASP product.
• Application Testing using Burp Suite, Postman, Advanced REST Client
• Lead Investigator on all Cyber Events and Incidents.
• Assisted Executives and Small Business Owners in resolving Cyber Security Issues including but not limited to Identity Theft, Phishing, & Vishing Attacks.
• Assisted Cyber Team with Active Directory consulting while key employee was on vacation.
• Account Administration and Automation using Powershell.
• Utilized McAfee MVISION Suite for Cyber Security tasks based on MITREs ATTACK model.
• Provided Consultation to Executives and Small Business Owners for Proprietary and Regulatory Requirements to pass Audits, design and maintenance Web Sites, and Web Presence.
• Managed and Guided Small Teams of Cyber Security Engineers working in Cyber Security Operational Centers.

Confidential, Irvine, CA

VP - Security Manager

Responsibilities:

• Led all Cyber Security, Incident Response, Disaster Recovery, and Business Continuity Plans & Programs.
• Lead Internal Investigator on all Cyber Events and Incidents.
• Managed Security Engineers in SDLC & DevOps activities including building out new policies, processes, and security awareness training which met FDIC & FDICIA Compliance requirements.
• Implemented Rapid7 SIEM, Darktrace IDS/ IPS, Mimecast for Email Monitoring, Netwrix for GRC, Palo Alto for Network Firewalls, Cisco Meraki Wireless Firewalls, Security Awareness Training for (PCI, Vishing & Phishing Identification), Agile Testing Methodology, FDICIA Incident Response & Recovery for Breach Notifications, Agility Recovery Solution for Disaster Recovery, Vulnerability & Threat Management Rapid7 SIEM, and other Cyber Security best practices included in Industry Audits and FDIC recommendations from previous Audits.
• Selected, Implemented, & Managed DarkTrace instance for Network Behavior Anomaly Detection.
• Managed SLAs & KPIs for Rapid7 IDS/IPS + SIEM, Cisco Meraki Wireless, Agility Recovery Disaster Recovery, and KnowBe4 Security Awareness Training.
• Coordinated with IT Management Teams in identifying, establishing and implementing new and additional security initiatives, standards, policies, procedures, FDIC controls and best practices.
• Worked directly with Legal & Compliance to establish and enforce Security Awareness Training & other IT Policies listed in the Cyber Security Framework.
• Worked directly with Auditors to mitigate PCI & FDICIA security findings, improve the security posture of the bank, and to ensure requirements were met.

Confidential, Temecula, CA

PCI & Cyber Security Engineer

Responsibilities:

• Implemented Defense in Depth Cyber Security Practices using Cyber Security Framework as well as Training Users on Situation Awareness while utilizing Macintosh PCs, PCI Network Segmentation using Juniper Firewalls, and Payment Processor console screen access control for Perimeter and Sensitive Systems containing PCI + PII data. This included AWS + Azure instances in Docker.
• Developed Global Security Travel Program which included Traveling Best Practices, inspection of and reports for Foreign ISPs, as well as Remote Malware Mitigation and identification of Vishing and Phishing Attacks.
• Lead Internal Investigator on all Cyber Events and Incidents.
• Led all PCI DSS Re-Certification project activities, including Vendor Selection, PCI DSS Documentation of System & Evidence of Compliance, and PCI Re-Certification Audit.
• Managed Software & Network Engineers regarding SDLC & DevOps activities including building out new policies, processes, quality assurance testing, and security awareness training which met FDIC & FDICIA Compliance requirements for Payment Processors.
• Coordinated with IT Management Teams in identifying, establishing and implementing new and additional security initiatives, standards, policies, procedures, FDIC controls and best practices.
• Managed SLAs & KPIs for Google Email Cloud, Juniper Firewalls, Apple Desktop / Laptops, Comodo PCI External Scanning Vendor, BugBounty, and Certified Payment Processors (CPP) Security Awareness Training.
• Managed Security Risk Assessments & PKI Certificates.
• Designed & Developed PCI DSS Security & PCI Training Program.
• Designed & Developed Vulnerability Management Program.
• Designed & Developed Incident & Breach Response Program.
• Created Policies & worked with HR and Legal Teams in concordance of GDPR, Mastercard, & VISA PCI + PII requirements.
• Implemented Defense in Depth Cyber Security Measures and Practices.
• Guided Certified Payment Processors, ISOs, Mastercard, VISA, & Merchants of Verification of Compliance.

Confidential, Menifee, CA

Cyber Security Consultant

Responsibilities:

• Utilized McAfee Security Suite (ePO, Incident Response, Site Advisor, SIEM) for Cyber security tasks.
• Lead Investigator on all Cyber Events and Incidents.
• Provided Architecture for Symantec Security Solutions in shared & custom Clouds.
• Provided Analysis of ADFS, SAML, OCSP, CRL, and FISMA Systems.
• Assisted small businesses with Product selection of Security Systems.
• Vulnerability scanned & Penetration tested Application & Network Security (DNS, DHCP, Firewall, Router, RPC, Switch) and Web traffic (TCP, UDP, SNMP, SMTP).
• Provided Cyber Defense (IDS/IPS) for Web facing systems using AppInspect, Checkpoint Firewalls, McAfee, Kali Linux, NMAP, WebInspect, & Wireshark.
• Created Security Policies for SOX and ISO 27001 Security Controls.
• Lead Lawful Intercept, & Forensics Security Engineer performing a wide variety of compliance and regulatory activities.
• Coordinated with IT Management Teams in identifying, establishing and implementing new and additional security initiatives, standards, policies, procedures, controls and best practices.
• Reviewed BGP & OSPF configuration topology based on requirements from ISO & SOX Controls.
• Assisted in Malware Investigation & Remediation based on results from Trend Micro & Malware Bytes.
• Monitored Public Corporate Perimeters using Imperva’s Web Application Firewall.
• Vulnerability and Penetration tested Windows & Linux systems including Azure Coud using Kali Linux.
• Developed Python Scripts to assist in Investigations, Data Verification, & Security Tests.
• Installed, Configured, & Administered RSA Archer for GRC.

Confidential, Los Angeles, CA

Sr. Active Directory Federation Services Engineer

Responsibilities:

• Designed, Implemented, & Administered new ADFS in Azure environment providing connections for 100s of clients using Claims and Relying Party implementations.
• Managed Software & Network Engineers regarding SDLC & DevOps activities including building out new policies, processes, quality assurance testing, and security awareness training which met HIPAA Compliance requirements for Data Access + Storage.
• Coordinated with IT Management Teams in identifying, establishing and implementing new and additional security initiatives, standards, policies, procedures, HIPAA controls and best practices.
• Used Power Shell for ADFS, PKI, AD, DNS Discovery, Setup, and Scavenging activities.
• Penetration Tested all new ADFS connections using Kali Linux.
• Executed MS RAP Services which output key analysis for our platforms.
• Selected, Installed, and Configured Snort for Windows.
• Participated in Security Investigations related to IDS/IPS.
• Used Powershell, Nessus, Putty, Wireshark, and Nmap to run security scans on Network Services and Application Systems.

Confidential, Los Angeles, CA

Sr. Security Architect

Responsibilities:

• SOC Analyst providing direction and implementation of NIST Security Controls for all external & AWS Cloud Systems.
• Compliance analyst providing Governance of NIST Security Controls for all Tier 1 AWS Cloud & NFL Ticket Systems.
• Selected, Implemented & Administered RSA Archer for GRC.
• Provided Risk Assessments for AWS Cloud & all custom Web facing Applications.
• Penetration tested Hardware Security Modules, AWS Cloud, and all custom Web facing Systems for PCI Compliance.

Confidential, Los Angeles, CA

Sr. Security Consultant

Responsibilities:

• Enterprise Identity Authentication and Authorization Engineer supporting Tier 1 NOC.
• Designed & Recommended Resource Tree including building out and trained resources for Tier 1 SOC.
• Troubleshooting efforts included Deep Packet Inspection using WireShark and MetaSploit for TCP, IP, ICMP, SMTP, UDP, SNMP, LDAP Protocols for Web (IIS, Apache, JBOSS) Tiered Applications.
• Utilized tools such as Pyloris, WebSpider, AppSpider, WebInspect, Wireshark, and Nmap to run security scans on Network Services and Application Systems.
• Used Microsoft Certificate Services for PKI management, FIM for client side protection.
• Used DAST Tools Nikto, OpenVAS, and ZED to perform code reviews.
• Installed, Configured, & Administered SiteMinder, Global Search Service, & LDAP.
• Selected, Installed, and Configured Splunk on Windows.
• Provided parallel administration and support for SAP, F5, BitKoo, SOA, and PingFederate.
• Developed custom software for Tier 1 Operations System Administrators which was used to troubleshoot Authentication and Authorization issues more succinctly using Open Source methodologies to interact with layers 7-3 of the OSI Model in C#.
• Designed OAuth, Cloud, and Cyber Solutions using Zachmann Software Methodologies.

Confidential, Dallas Texas

Sr. Security Architect

Responsibilities:

• Upgraded JAzP to integrate with the latest version of Microsoft Share Point and Active Directory.
• Developed the first SAAS Policy Enforcement Point (PEP) which consumed SAML & XACML.
• Used Microsoft Certificate Services for PKI management.
• Used Metasploit & including Wireshark & Cryptcat to test security posture and identify risks of solutions developed.

Confidential, Clarksburg, West Virginia

Principal SME Web & Wireless Systems

Responsibilities:

• Created Risk Assessment's for ISSM's, ISSR's, ISSO's.
• Developed & Presented Program Governance & Training Plans for Cyber Security Initiatives to Senior Directors & Section Chiefs.
• Tested Systems against NIST Security Controls including sensitive Hardware & SCADA Modules.
• Tested MPLS, LAN, & WAN Systems for Unsecured Traffic, Vulnerable Ports, & Services using NMAP.
• Developed special TS/SCI Intrusion Prevention System installed in front of Nations Public IPs used for 2 months before, during, and after 10 year anniversary of 9/11.
• Assisted Security Officers & Managers in Designing System Security, Contingency & Test Plans.
• Used Nessus, Angry IP, Cryptcat, Kismet, Metasploit, & CoreImpact for Security Penetration Testing.
• Worked with Operation Teams to Install and Configure Splunk & ArcSight across multiple domains.
• Engineered Device Hardening using DNSSEC, TrueCrypt, mod sec, Port Security.
• Managed Intrusion Detection and Prevention software for host based and client based deployment.
• Implemented Federal {NSA, DOJ, FBI} PKI Standards based on ICAM for SAML 2.0.
• Code reviewed web systems in accordance with Application Security Best Practices using VeraCode and other internal SAST Tools.
• Designed Practice Coding Guidelines using OWASPS Top 10 Threat Model.

Confidential, Las Vegas, Nevada

Sr. Security Architect

Responsibilities:

• Directed and Implemented Ping Identity Federated SSO solutions into existing Custom Portal which accounted for a total of $6 million increased revenue from members covered by 3 Blue Plans.
• Designed and Implemented Domain Driven SOA HL7 & HIPAA standards into software packages.
• Used Microsoft Certificate Services for PKI management.
• Selected, Installed, & Configured Splunk on Windows.
• Provided Security Process and Direction for Company including providing training for Engineers in writing Secure Code.
• Administered the Software Development Life Cycle using Team Foundation Server 2008.
• Completed Design, Code, and Security reviews for fellow engineers.

Confidential, Dallas, Texas

Sr. Software Architect

Responsibilities:

• Provided vision and direction for Policy Administration, Enforcement, & Decisioning Points using .Net and Java.
• Researched HL7 & Current HIPAA Standards for ABAC & SAML.
• Created JAzP a SAML SSO (SAML Authentication Assertions) based Authentication & Authorization PEP for Share Point 2007 (MOSS) for Federal Government DOD (Army, DISA, Joint Chiefs of Staff, NSA) which was integrated with Shibboleth Identity Provider and installed for HUMVees in Theatre.
• Created SAML Attribute Queries to retrieve SAML bound Attributes.
• Created SAML Authorization Decision Queries to eliminate man in the middle and reply attacks.
• Worked with Operation Teams to Install & Configure Splunk & ArcSight in multiple domains.
• Used Microsoft Certificate Services for PKI management.