TECHNICAL SKILLS

• GuardDuty
• Macie
• Config
• AWS API Gateway
• Inspector
• NACL’s
• AWS Config, IAM, VPC, KMS,
• CloudWatch, Systems Manager, S3, RDS, Route53, Lambda, and more
• Docker, Kubernetes, CloudFormation, Terraform, Vault, Ansible,
• Security Frameworks: NIST CSF, ISO 27001, CIS Benchmarks, HITRUST
• Certificates, Encryption
• Red and Purple Team Testing with Mitre ATT&CK and Safebreach tool
• CyberArk Application Access Manager projects for protecting secrets
• SOC - 2, FedRAMP audits20+ years of Cyber Security Experience

PROFESSIONAL EXPERIENCE

Assistant Vice President

Confidential

Responsibilities:

• Enterprise Information Security Architect with a focus on Cloud Security, payment architectures and applications, API Gateways, Application Security Code Reviews, Cisco Tetration Analytics, Guardium, Bromium, and FireGlass.
• Develops cutting edge frameworks for assigning controls to each phase of the Cyber Kill Chain with a strong emphasis on containment.
• Develops strategies for adversary emulation, measuring control effectiveness, and comparing advanced controls to determine their true value to the organization.
• Develops uses cases and requirements for the implementation and operation of the SafeBreach tool.
• Payment System Security Fortification projects including Fraud Monitoring, Network Security Segmentation, Endpoint Security, and Cloud Security initiatives.
• Creates documented guidance for conducting third party risk assessments
• Analyzes issues with CI/CD pipeline (Blackduck, Jenkins, Anthill Pro) and provides solutions to improve detection while sustaining operational efficiency
• Leads in the development of High Dollar Payment Architectures to prevent and mitigate the risk of highly evasive malware
• Represents Enterprise Security Architecture for Confidential related threat intelligence
• Represents Confidential Corporate Risk for Confidential CSP Security Architecture Compliance
• Expert in Customer Security Controls Framework

Application Security Manager/Sr Security Specialist

Confidential

Responsibilities:

• Represents the organization as the only PCI Internal Security Assessor.
• PCI DSS Certified and Attested 12 different application platforms and 20 web portals, representing 100% of all business transactions using credit/debit cards, and as a result saved the organization hundreds of thousands of dollars in monthly noncompliance fees.
• Reduced noncompliance fees for the organization by 100%, representing millions of dollars in noncompliance fees per year.
• Superior Cyber Security Technology Leader with superior knowledge of cyber security methods, practices, frameworks, and architectures.
• Conducts formal technical security risk assessments before the acquisition of new companies and other strategic decisions.
• Develops architectures and strategies for PCI scope reduction
• Conducts PCI DSS security assessments in a collaborative team environment
• Masterfully engineered OSSIM AlienVault products to conduct technical risk assessments, including vulnerability scans and other penetration testing projects validate segmentation and other PCI-driven security controls.
• Assists with SOC2 external audits and remediation.
• Assesses MFA technologies, messaging technologies, web application security, IAM architecture and processes, software development practices, code reviews, and evaluates the risk associated with web applications

Advisory Specialist Master

Confidential

Responsibilities:

• Superior Cyber Security Technology Leader with superior knowledge of cyber security methods, practices, frameworks, and architectures.
• Major contributor to major wins and pursuits related to Cloud Security and Data Protection.
• Involved in use-case development to ensure proper cyber security architecture development for CYBER 2020 Program.
• Develops Conceptual and Systems Architecture for groundbreaking and innovative Cyber Security solutions that will meet the needs of Fortune 500 organizations in the year 2020 and beyond.
• Expert in Symantec DLP version 14 including the following components:
• Expert in Cloud Security including Cloud DLP and Cloud Access Security Broker or Netskope CASB.
• Conducts Cloud Security assessments involving IAM and Data Protection architectures for Fortune 50 companies
• Develops Cloud Security requirements and architectures for companies with critical infrastructure.
• Works with several different Cloud Service Providers such as Microsoft Azure, AWS, Box, Watchdox, and others.
• Data Protection expert including:
• Data Breach Incident Response
• Data Loss Prevention
• Data Retention and Destruction
• Data Lifecycle Management
• Data Classification & Discovery
• Data Protection Governance
• Data Encryption, Tokenization, and Obfuscation
• Expert level Cloud Security Architecture and Design experience
• 11 years of Cloud Security experience in Datacenter environments
• Cloud Security Design and Engineering with the following technologies:
• Microsoft Azure
• Express Routes
• Palo Alto Firewalls
• VM-Series Firewall
• Network Security Groups (Azure)
• User Defined Routes
• ARM Template
• Netskope CASB
• Secure Islands/Information Protection

Senior Enterprise Security Consultant

Confidential

Responsibilities:

• Leads Enterprise Security Architect (Big Data, AppSec, Cloud, and Network Security) project including managing activities and deliverables for 20 Senior Security Architects.
• Presents innovative future state cloud/big data/app security architectures, models, and frameworks to Senior UHG Executives in a collaborative manner
• Analyzes and architects Palo Alto network security architectures for hybrid Cloud environments integrating with AWS and Azure
• Exercises sound judgement, works collaboratively, and mentors and supports others to ensure team/organizational success.
• Provides expert level security solutioning and analysis expertise using the following platforms
• HP ArcSight
• Checkpoint Firewalls
• Fidelis DLP
• Splunk
• F5 LTM/GTM/ASM/APM
• IBM Guardium Data Encryption (Vormetric) and Database Activity Monitoring
• DataGuise
• XACML/Oauth 2/ Layer 7
• CA API Gateways
• Palo Alto
• Invincea FreeSpace
• FireEye

Senior Information Security Architect

Confidential

Responsibilities:

• Created Cyber Security Threat Intelligence Program and Program Documentation for Confidential
• Program Owner of SOC, Vulnerability Management Systems, SEIM, and Cyber Security Intelligence
• Managed threat intelligence feeds from the Financial Service Information Sharing and Analysis Center (FS-ISAC), which provides a forum for sharing information about fraud, threats, vulnerabilities and risk mitigation in the payments industry.
• Assisted in the development of the Information Security Policy, BYOD Mobile Device Security Policy, and other information security policies in accordance with ISO 2700X
• Provided guidance on Malware Analysis to include digital forensics, malware analysis, and overall threat analysis and triage.
• Presents the FireEye System to the team, training them on basic security monitoring and analysis
• Recommended strategies for mitigating the risk of malware infection including secure search engines, blocking outbound C2 communication, and ensuring dat files were updating.
• Streamlined policy/planning of IT Contingency Policies, Plans, and other related documentation
• Evaluated secure solutions for BYOD/Mobile Device Management, Anti-Malware, Secure Intranet, and other best of breed security solutions,
• Created Application Risk Assessment Process and Procedures and applied Acquisition best practices to IT procurement.
• Member of Change Advisory Board representing the Information Security Team
• Managed Vulnerability Risk Program, conducting daily/weekly scans of the IT environment
• Analyzes threat indicators, determining risk to the organization, and implementing the indicators accordingly
• Led BYOD initiative and created presentation outlining recommendations for upper management
• Consulted Executive Management on improvements to Remote Access Security, Browser Security...
• Led Cyber Security Awareness Month for the organization providing weekly deliverables to the executive for Cyber Security Awareness

Chief, DHS SOC

Confidential - Orlando, FL

Responsibilities:

• Technical Leader with superior knowledge of cyber security methods, practices, processes, and architectures including reverse engineering, architectural risk analysis, threat modeling for Mobile Architectures, and Malware Analysis through OOB architecture.
• Performs Computer Security Incident Response activities for the Confidential
• Coordinates with other government agencies to record and report incidents.
• Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications, and operating systems. Assists with implementation of countermeasures or mitigating controls.
• Prepares briefings and reports of analysis methodology and results.
• Creates and maintains Standard Operating Procedures and other similar documentation.
• Government Manager for Confidential Cyber Security Operation Centers
• Delivers Daily Cyber Security briefings to the Assistant Commissioner/CIO and other Executives of Customs and Border Protection.
• Reports on all cyber security, privacy, and classified incidents affecting the security posture of the DHS
• Communicates the latest threats, exposures, and vulnerabilities to the Directors of various information technology branches and expects compliance in accordance with FISMA.
• Manages Security Operations Center providing daily written/verbal reports to the CIO based on the disposition of each security incident.
• Reviews analysis of all security events and approves all decisions related to those events/incidents and how they should be dispositioned.
• Approves all SOC decisions regarding analysis, containment, and eradication of incidents
• Leads in use-case development roundtable discussions to ensure proper configuration of SEIM
• Ensures contingency and incident response plans are followed during any minor/major disasters, which affect the confidentiality, availability, or integrity of information assets.
• Managed Cybersecurity Compliance Validation assessment for DHS SOC.
• Writes Roles/Responsibilities, Processes and Procedures documentation, RACI charts, and other documentation as directed by management.

Director of Cyber Security

Confidential - Maitland, FL

Responsibilities:

• Hands-on Director of Cyber Security Architecture/Officer position focused on information security, VoIP security, application security, database security, Mobile security, compliance, security policy development, forensic investigations, Penetration Testing (including Mobile and Web 2.0 Penetration Testing), remediation, and incident response for a PCI Level 1 Service Provider.
• Technical Leader with superior knowledge of cyber security methods, practices, processes, and architectures including reverse engineering, architectural risk analysis, threat modeling for Mobile Architectures, and Malware Analysis through OOB architecture.
• Develops, writes, enforces, and tests adherence to information security policies based on NIST, Gold Disk (STIGS).
• Manages security of all operating systems including Windows 2008 Server, VMware, and Red Hat Linux.
• Monitors Security Event and Information Management (SEIM) logs looking for security incidents.
• Directs the security activities of network security engineers, developers, DBAs, and IT Managers.
• Enforces security rules of behavior for the entire IT organization and vendors.
• Conducts network security forensic investigations, audits and risk assessments and presents findings to the VP, COO, and CEO
• Successfully led the organization towards PCI DSS compliance in 8 months.

Senior Security Architect

Confidential - Maitland, FL

Responsibilities:

• Architect level position focused on flawless design and implementation of highly secure network architecture solutions.
• Presents complex design solutions for bank processor institutions in a time-sensitive manner.
• Tunes ASA IPS Module signatures utilizing CSM and MARS.
• Resolves highly complex issues related to IPS, CSM, Web proxies, VPN, PKI, and NAC.
• Conducts wireline\Mobile vulnerability assessments and presents findings to Senior Management for review.
• Thorough Incident Response and Digital Forensics, proactively eradicating threats to reduce risk of subsequent incidents.
• Tunes IPS systems according to customer security requirements.
• Manages mission-critical network security systems including MARS, CSM, Foundstone, Checkpoint, Nessus, IPTables, Fortinet UTM, and CACS.
• Complete Life-Cycle management of projects from conception to delivery to support.
• Implements highly advanced web security gateway solutions from Bluecoat.

Network Security Specialist

Confidential - Lake Mary, FL

Responsibilities:

• Management level position focused on large scale VOIP technology projects that include the following VOIP technologies: QOS, SIP, Cisco ICM, and H.323.
• Lead worldwide deployment of Cisco WAE Content Engines for the secure and efficient delivery of media-rich learning applications to call centers all over Asia, Europe, Canada, and USA.
• Hand-picked to lead PCI Security initiatives including PCI Self-Assessment questionnaires and design of FWSM, Juniper IPS, and ASA for the secure deployment of financial networks.
• Designs, secures, and troubleshoots complex WIRELESS/RFID issues for the campus.
• Conducts security risk assessment of Wireless/RFID networks and presents findings to Senior Management for review.
• Audits 802.11a/b/g Wireless LANs for security vulnerabilities and presents findings to management.
• Conducts formal technical training presentations on squid proxy, WCCP, and cache engines.
• Management level expertise in network architecture, design, and deployment.

Network Security Consultant/Contractor

Confidential - Orlando, Florida

Responsibilities:

• Consults EDS Management on network security and architecture, best practices, compliance, network management, and other functional areas in a dynamic environment.
• Network Security Design Architect for secure enterprise networks in a datacenter environment consisting of the latest information technologies developed by Cisco, Sun, Storagetech, Microsoft, Veritas, and Radware.
• Improves network security and functionality in accordance with industry best practices and procedures.

Network Security Engineer

Confidential - Maitland, Florida

Responsibilities:

• Level 3 Network Security Engineer responsible for the design of secure financial networks.
• Researches, develops, and tests new security technologies and presents the findings to senior management.
• Lead Engineer for business continuity/disaster recovery projects for Visa, MasterCard,
• SME in Cisco product line, Cisco Pix 525, VPN, DLSW, Encryption, Authentication, access control lists, EIGRP, BGP, SSH, TACACS, AAA, encryption, and VPN.
• Consults clients on the successful implementation of firewalls, servers, routers, and switches.