Expertise in Security, Dev - Ops and Networks in fortune 500 companies and government sector. Analysis skills, highly organized with efficiency in problem solving resulting in overall increase in productivity with minimum system downtime. Possess strong analytical, and organizational skills. Problem solving, troubleshooting, written and verbal communication skills with over 15 years of IT experience. Excellent interpersonal skills with 18 years of client relations experience. Known for consistently advancing skills, efficiency, ethics, patience and leadership.
Platforms: Windows and Linux
Cloud Technologies: AWS and Azure
Security: SIEM/Monitoring Solutions Spectrum, PRTG, Datadog, Logic Monitor, SCOM, E-health, SecureVue, Nagios, Microsoft ATA, LogRhythm and Splunk. Pen-test/vulnerability Management Metasploit, Kali, Backtrack, Nexpose, and Nessus. Web Security Burp suite, ZAP, OWASP tools/practices.
Programming: Java, Objective C, Python, PowerShell
Automation: Ansible, Selenium, DSC, Maven, Nexus, Terraform
Network: Cisco ASA, FWSM, Routers and Switches, Meraki, IPS and Security Manager. Brocade Load balancers - Juniper SSGs and Firewalls - Palo Alto Firewalls - Fort-iGATE Firewalls.
Dev-Ops: Microservices Docker - Source code management GitHub/Git - CI/CD, Agile methodology, ITSM, Jenkins, Vagrant, Packer, Hashi, Configuration Management and JIRA.
- Implementation and design of cloud and on-premise solutions to improve security posture and Identity Management including automation solutions, SSO Federation, Security assessments and hardening.
- Performed security assessment against unauthorized access attacks like ‘Pass the Hash’, Privilege Escalation, and Lateral Movement’.
- Provided guidance for security design and hardening standards to improve security posture and minimize attack surface using PAM Tiering Module for PROD/DEV environments.
- Designed and implemented automated solutions for Monitoring, patching and Change Configuration Management tasks using PowerShell, Azure Log Analytics, SIEM, ATA, and DSC.
- Aided in secure integration of apps and services to Azure and AWS.
- Coordinated with IT Dev-Ops departments to enhance the Change Management process to improve and automate the ITSM workflow between multiple departments.
- Created design to move new AD domains to AWS in shared trust model.
Senior Security Engineer
- Lead all security related aspects including design, troubleshooting and security assessment company-wide for IT and Dev-Ops.
- Designed and implemented all security infrastructure including monitoring, WAF, SIEM, pen-testing and vulnerability assessment.
- Coordinated numerous projects with department managers to mitigate vulnerabilities company-wide including data encryption, Identity Management, and network segmentations.
- Worked with compliance to create and modify security policies and accredit the company for SOC type I/II and to stay in compliance with HIPAA regulations.
- Developed security best practices to educate users and promote security conscious decisions.
- Established standards and procedures for IT/Dev-Ops that integrate security testing and evaluation as a part of the change management process.
- Designed and Implemented SIEM, Vulnerability Management and pen-testing tools.
- Deployed Disaster Recovery and Backup solutions via Azure and AWS.
- Implemented cloud Vault solution for keys and secrets management.
- Coordinated with the management of multiple departments to implement Security tools and WAF to improve Security posture and minimized attack surface for webapps and Dev-Ops.
- Provided guidelines for web application security according to the OWASP Top Ten and automated testing in a CI/CD workflow.
- MVP and multiple recognition awards.
Network Security Engineer
- Troubleshoot network access and traffic flow for applications.
- VPN Support and design.
- Build testing environments for new devices prior to implementations.
- Network surveillance, monitoring and response.
- Network security devices audits, STIGs to Confidential and HIPAA compliance.
- Web filtering content and QOS using Palo Alto firewalls.
- Manage access control via CISCO ASA firewalls.
- Troubleshoot traffic flow and routing via CISCO and Juniper routers and layer 3 switches.
- VPN build/design and troubleshoot using Juniper ScreenOS SSGs.
- Creating and managing VIPs using Brocade ADX load balancers.
- Lead consolidation project to clean the firewalls of unnecessary and redundant access that lead to reduction of CPU overhead and removal of 1000+ firewall rules.
- Tested and rolled new technologies and network devices in multiple upgrade cycles.
- Hardened network devices and encryption to meet NIST and STIG Confidential standards.
- Support to all security hardware including VTC, IDS deployment and vulnerability management with rapid response to threats including real time monitoring, log analysis and detailed incident documentation.
- Collaborated with other INFO-SEC departments to create detailed security state of the infrastructure including improvement recommendations and threat modeling.
- Performed testing and implementation phases for new security hardware appliances, and software before deployment.
- Identified and removed redundant design implementation that resulted in 20% faster traffic analysis.
Systems Analyst I
- IT infrastructure Sustainment and deployment to over 8000 users nationwide with all system upgrades or issue from hardware to software, AD, GPO management and SCCM deployments.
- Troubleshoot VPN, portal issues and configuring customized databases in Lotus Notes environment.
- Equipment configuration auditing, data backup service and encryption.
- Administration of CMS portal system including user access and rights nationwide.
- Insured smooth technology transition through several tasks during company merger.
- Aided in setting the standers for CMS system that cut the merger time from legacy system to 50%.
- Handled testing and implementing phases for new applications, hardware and system migration.
- Received multiple shared success awards for exceeding expectations, positive attitude, efficiency and winning spirit.