- Information system security engineer and seasonal consultant with deep architectural understanding of enterprise IT infrastructure and a track record of successful project execution and completion that aligned with industry/federal regulatory standards and audit requirements i.e. PCI-DSS, HIPAA . Possess 13 years in project management, cross-training, consulting, technical documentation, help desk/data center operation, customer service, change management, IT compliance, risk assessment, information assurance, and leadership. Extensive hands-on experience working with planning, design, implementation, and integration of a diverse platform of Windows, Macs, Linux, Unix, and virtualization technologies for delivering security-focused, highly-available, and scalable business solutions that ensures confidentiality, integrity, and availability. Administered enterprise network infrastructure of over 10,000 servers across many geographically dispersed data centers. Have a solid understanding of network security and system design of an n-tier environment designing Internet-facing applications with significant involvement in all phases of the development process database structure, business logic, and user interface . Computer science approach to problem solving with automation DevOps and efficiency in mind, integrate knowledge of systems and APIs to arrive at solutions.
- Experience administering a heterogeneous network in a mixed environment with Windows and NIX servers.
- NIX AIX, HP-UX, Solaris, Linux : Apache VMWare ESX, XenServer Enterprise
- Windows 2000,2003,2008, 2012 : AD, GPO, Exchange, IIS, SQL Server, Terminal Services, WSUS, SCCM, SCOM, SharePoint
- Knowledge with enterprise-level storage technologies, network file system protocols, and backup systems.
- Datacore, XioTech, Brocade, NetApp IBM TSM Symantec NetBackup iSCSI, NFS/CIFS, Fibre Channel FC , SAN
- High-level understanding, as well as technical know-how of information system security architecture design.
- High level: cryptography encryption hashing , access control and least-privilege, defense-in-depth, PKI, tunneling protocols SSH SSL , VPNs, proxy, firewalls, endpoint security, IDS/IPS, penetration testing, kill chains
- Technical: OpenSSL, McAfee ePO, Nitro SIEM, Nexpose Rapid7, Vormetric, Wireshark, nmap, OWASP: Nikto, Burp
- Proficiency in data modeling design, ETL process, and database administration, development BI tools.
- MySQL 4.0 to 5.1 , Postgres 9.1 , SQL Server 2000,2005,2008 , T-SQL, Stored Procedures, Functions, Views, DTS SSIS
- Working experience with enterprise-level networking technologies with strong conceptual understanding.
- OSI model, IP LAN/WAN, TCP/IP, switching, routing, load-balancing F5, NetScaler , subnets, VLANs, trunking
- Diverse experience in scripting, webapp development, object-oriented programming, code troubleshooting.
- PowerShell, Python, VBscript, WMI, Batch, AutoIT, KixScript, Shell, Perl, .NET, PHP, SQL, HTML, Java, C
Senior Security Engineer
Developed enterprise information security solutions for SIEM, PKI, end-point protection/encryption, firewalls, proxies, IDS/IPS, DLP, and vulnerability scanning for the information security team. Managed McAfee product suites Nitro SIEM, ePO . Focus on SIEM development e.g. event correlations for our startup SOC and MSSP engagement, ePO upgrade design, as well as leading the effort in PKI architectural redesign and process management of SSL certificate lifecycle. Contributed to knowledge management and technical documentation. Participated in R D of new/existing security products. Managed changes and requests through Remedy per SLA requirements. Interfaced with departments across many verticals and managements to drive toward a solution.
Information Security Engineer V
Led the technical effort in Wells Fargo's cryptographic services team to assist with the design, implementation, and coordination on the bank's initiative on file/data encryption for AIX, HP-UX, Solaris, Linux, and Windows servers throughout the enterprise. Provided consultation on approved technologies which had secured buy-ins from various line-of-businesses that resulted in significant revenue gains for the team. Devised a deployment plan to secure data-at-rest and databases for the 5,000 branch locations internationally. Conducted risk assessment on encryption products to ensure solutions comply with internal policy, industry standards e.g. PCI-DSS v.2 , and federal standards e.g. FIPS 140-2 Level 3 to pass audit requirements. Strict adherence to ITIL's change management procedure using BMC's Remedy for any work performed on production systems. Improved internal processes and cross trained new members.
- Responsible for the W. P. Carey School of Business's server infrastructure supporting over 250 faculty and 10,000 students with core administrative areas in virtualization, PKI, SAN/NAS storage, networking, and learning management system. Managed and deployed SSL digital certificates and private keys for the purpose of confidentiality, integrity, and non-repudiation of secured server/client communication, code signing, and secured messaging. Participated in the support, maintenance, upgrade, planning, and documentation of core server technologies used within the college operating at about 100 Microsoft Windows servers. Make recommendations on new technology and cross train fellow IT members as necessary. Participate in 24/7 on-call rotation.
- Project highlights: i researched, designed, documented, and deployed a two-tier PKI hierarchy with Windows Server 2008 Active Directory Certificate Services ADCS , features included: CRL, web enrollment, 2048-bit SSL certs, AD integration Windows Server Core ii constructed a development environment for Blackboard mirroring the production environment iii Active Directory migration from 2003 to 2008 R2 iv upgraded VMware vSphere from ESX 4 to ESXi 5.
- Responsible for the Windows enterprise environment for the university - 1,000 servers and 9 data centers - with key enterprise components: Active Directory 2003 GPO, VMWare ESX XenServer with NetApp over NFS, Terminal Services, SQL Server 2000 2005 clusters, F5 load-balanced IIS 6 7 farm, printing. Provided a managed server solution for customers: 24x7 monitoring and patch management WSUS . Served as the primary contact and coordinator between customers and the data center for any maintenance and change control, installation and deployment, planning and design. Assisted in efforts of streamlining business needs by automation and scripting Batch, VBscript, WMI, Shell . Residence expert in Windows deployment strategies, virtualization/system consolidation p2v/v2v , and business service migration AD / files / printing / web / database .
- Project highlights: i led all efforts in the aspect of the Active Directory migration process 2000-to-2003 and 2003-to-2003 from start to finish OU design, GPO migration, objects re-ACL, users/groups migration ii researched and tested two-factor authentication smart cards in a heterogeneous environment with Windows and NIX certificate authorities.
Performed patent research specific in the area of validity, accelerated, and patentability/novelty search. Performed extensive database searches on patents while employing strategic search methods proximity search, inner/outer result sets joins, forward/backward search . Documented search strategies keywords, Boolean patterns , related patents, and summarized findings into a comprehensive report for clients. Specialized in the area of computer science, information technology, networking technology, electrical engineering, and other engineering practices. Streamlined internal processes and created automation surrounding search method and report generation.
Technology Support Analyst Associate
- Managed key infrastructures consist of 20 servers: Active Directory 2000 GPO, NetApp, SQL Server 2000 clusters, IIS 5, printing. Supported the college's network and oversaw the help desk operation of 600 faculty, staff, and students. Supervised and cross trained junior members on all functions. Familiar with ASU HR hiring process, and participated in the evaluation and interviewing process of the candidates. Reduced overall operating cost for the department. Provided short and long term IT planning as well as product selection recommendation.
- Project highlights: i conducted a cost saving initiative by consolidating key infrastructure services: Active Directory and CIFS file shares ii converted college's website to a new template layout on Microsoft .NET framework from classic ASP.