SUMMARY

Senior Cyber Security Engineer with 30 years' experience and expertise in monitoring, analyzing, migration, designing, consulting, deploying, troubleshooting and Project Management of large network systems .Proven record of evaluating system vulnerabilities, compiling actionable analysis, reporting threats, and recommending security improvements. Ability to quickly assess and trouble shoot complex problems involving a wide variety of information systems, work independently on large-scale projects, and thrive under pressure in fast-pace environments.

TECHNICAL SKILLS

• Security Applications Tools: ISS Real Secure IDS, Snort IDS, Tipping Point IPS, ISS Proventia IDS, Juniper Net Screen IDS, McAfee Intrushield Gateway IPS, Trend Micro Antivirus Virus, Symantec Enterprise Anti-Virus tools, Anti-Virus tools, Linksys, D-link Firewalls, Check Point NGX Firewalls, Juniper Firewall, Security Event Management of firewalls, ISS RealSecure, Tivoli Big Fix, Nessus, Nmap LEM Checker, Web Sense 6.2, Bluecoat Proxy SG 8000 Series, Iron Port, SIEM monitoring, HP ArcSight SIEM, HP Sensege SEIM, Cisco Mars SIEM, Tenable Security Center, Fore Scout NAC Active Scout Counteract CT4000, Symantec EP ,McAfee Virus Shield, McAfee Nitro SIEM, McAfee ePO, Bluecoat Proxy SG810 SG510, Niksum Packet Analyzers, Riverbed Cascade Anomaly Detection, Fire Eye CMS 4310: WEB MPS 4300 Email MPS 5000 , Cisco Iron Port Email security, Imperva Application Firewall Secure Sphere X4500: Secure Sphere X2500 Secure Sphere M150 , DB Protect ver. 8.1 and Symantec DLP, Checkpoint IPS and IBM Site protector IDS. Cisco IOS, N-Stalker Enterprise 2012, HP WebInspect , Nmap, Super Scan4, Retina Network Security Scanner 5.17.1, Http TrafficGen, GFI LanGuard 11.0, Cain 4.9 and Backtrack 5,
• Operating Systems: Windows NT/XP/Vista/7/8, Microsoft Exchange Server, Novell GroupWise, Linux, UNIX, and IMAX
• Network Systems: LAN/WAN, TCP/IP, DNS, Wireless, Cloud Computing, VMWare, Windows Server 2003/2008/2012, Citrix, Novell, Right Fax Servers, Win Port Servers, Banyan Vines, switches and routers. HP OpenView, IBM Tivoli, IBM Netcool, Cisco Works, DSView,

PROFESSIONAL EXPERIENCE

Confidential

Information System Security Officer ISSO / Cyber Security Architect Team Lead

• Information System Security Officer ISSO for the FCC Auction Cloud Development Project
• Reporting to the Chief Information Security Officer, manage the information security
• Acts as an internal consulting resource on information security issues.
• Conduct the information security risk assessment program.
• Review compliance with the information security policy and associated procedures.
• Coordinate information security efforts with the Internal Audit Department.
• Support and manage multiple operating systems within FCC.
• Utilizing FISMA, FIPS 199, NIST 800 53rev4 Security controls, ensure all systems are in compliance with POAM process.
• Analyzes and assesses vulnerabilities in the infrastructure software, hardware, and networks
• Performs security monitoring, security and data/logs analysis, and forensic analysis, to detect security incidents, and oversee incident response process.
• Investigates and utilizes new technologies and processes to enhance security capabilities and implement
• Managed and help build FCC Security Operation Center as well as putting workflow and policies in place.

Tools: Tenable Security Center, Checkpoint Firewalls NGX R61 Power 1 5077, Encase , Fore Scout NAC Active Scout Counteract CT4000, Symantec EP ,McAfee Virus Shield, McAfee Nitro SIEM, McAfee ePO, Bluecoat Proxy SG810 SG510, Niksum Packet Analyzers, Riverbed Cascade Anomaly Detection, Fire Eye CMS 4310: WEB MPS 4300 Email MPS 5000 , Cisco Iron Port Email security, Imperva Application Firewall Secure Sphere X4500: Secure Sphere X2500 Secure Sphere M150 , DB Protect ver. 8.1 and Symantec DLP, Checkpoint IPS and IBM Site protector IDS, and a few others scanning and monitoring tools

Confidential

Sr. Security Analyst

• Protect computer assets by establishing and enforcing system access controls, maintaining disaster preparedness.
• Oversee and manage any changes and the deployment of Security tools. SourceFire IPS, Palo Alto Web filtering, Symantec Endpoint Protection, PGP File encryption, TrueCrypt, Tivoli Endpoint Manager BigFix , Tenable Security Center Scanner, and IBM AppScan, Trend Micro Office Scan.
• Develop framework for controls and levels of access recommending improvements.
• Maintain Security on all systems, providing and revoking customer access also reporting usage violations.
• Perform audits on network system and documentation.
• Establish computer and terminal physical security by developing standards, policies, and procedures coordinating with facilities security.
• Develop security awareness by providing orientation, educational programs, and training.
• Develop and implement SSP documentation and insured that all NIST 800-53 Security controls are being addressed.

Confidential

Security Information Assurance Analyst

• Ensure department system and network equipment is protected from Malware, Hacker, Data lose and other forms of cyber-attacks.
• Ensure all equipment is up-to-date with the DISA Security Technical Implementation Guides STIGs , as well as the many NIST Security Standards from, the 800 NIST series.
• Provide security for all VMware desktops and servers
• Evaluate vulnerability scans utilizing network scanning tools and software to notify system administrators of applicable Information Assurance Vulnerability Alerts IAVA .
• Manage Blackberry Administration, as well as, Air Watch for Android phones
• Perform monthly Penetration testing on SQL databases using Pen testing features with DB Protect.
• Deploy and manage DISA STIG CAT 1 standards for all systems.
• Monitor outbound and inbound traffic using Snort IDS and Sourcefire IPS, also using HP ArcSight for Log management, IPS, database, Firewalls and Switches
• Scanning systems and network equipment for vulnerability and compliancy with Nessus Scanner
• Managed and Patch systems and third party application with Tivoli Endpoint Manager BigFix
• Create POA M and ensure fixes are applied

Confidential

Senior Security Engineer / Project Lead

• Administer and manage the Eligibility and Enrollment Systems built on Windows Server 2008, AIX, and Red Hat Linux.
• Assist in the design, configuration and testing in the building the Maryland Health Information Exchange HIX utilizing IBM Tivoli Identity Manager, and Access Management and the Federated Identity Manager.
• Perform accountability audit log collections using Splunk.
• Perform daily scans and Pen Testing for vulnerability on all servers and web applications servers using N-Stalker Enterprise 2012, HP Webinspect , Nmap, Super Scan4, Retina Network Security Scanner 5.17.1, Http TrafficGen, GFI LanGuard 11.0, Cain 4.9 and Backtrack 5,
• Utilize Guardium Vormetric Data Security Encryption 2.0 tool to encrypt sensitive data, while securing databases. IBM InfoSphere Guardium Monitoring tool 8.2 was utilized in monitoring users and DBA activities.
• Identify and provide details on the security controls related to the system

Confidential

Senior Security Engineer

• Perform penetration testing on all domain servers, web servers, mail servers, Windows, Linux, and UNIX platforms including network equipment and port scanning.
• Monitor the network traffic using Firewalls, IDS/IPS, web and mail filtering systems also monitoring any changes to database and network drives.
• Present daily status report, reporting on new vulnerabilities and remediation.
• Provide investigative monitoring on user network activities.
• Manage and oversee a team of 8 Engineers.
• Tools: Cisco ASDN Firewall ver. 6.4- Perimeter firewall, Rules management, Troubleshoot firewall issues, viewing syslog, Palo Alto Firewall Net-Generation Firewall PA-5000- Internal firewall, BelManage/ System Management 2012,McAfee Network Security Manager 6.1 IPS ,Cisco Iron Port Web filtering ,Cisco Iron Mail filtering ver.C350- Nessus 4.41 Vulnerability Scanner, Qualys Guard Web Service Vulnerability Scanner ver. 7.0.61-1 scan subnets, firewalls, public facing server, DMZ, developer apps, printers, network scanning, routers and Trend Micro Office Scan, Tripwire Enterprise manages. Nmap/Zenmap 5.51- Scanner, GFI LanGuard 9.0 - Security scanner and patch management 2011, Dragon/Snort IDS, and Cisco 6500, 3500 switches.

Confidential

Cyber Security Engineer

• Perform Penetration testing for Government and private sector clients.
• Evaluate computer system security or networks by simulating attacks from malicious hackers.
• Search for unknown hardware or software flaws, or operational weaknesses in processes or technical countermeasures.
• Assess the magnitude of potential business and operational impacts of successful attacks.
• Test the ability of network defenders to successfully detect and respond to the attacks.
• Define and deliver all Security Service offerings, including Vulnerability Assessment, Penetration Testing, Security Architecture and Security Integration services.
• Built advanced hacking labs to assess the vulnerabilities of test, Internet, and/or Intranet connected systems, networks, and applications with the Breaking Point network simulation
• Security Evaluation testing: Evaluating and testing new security product such as IPS, Firewalls, Mail encryption, and Checkpoint IPS, Endpoint and Firewalls products, Surefire IPS, Encrypts and Cloud Computing.
• Tools: Super Scan, Nmap, Nessus, NEWT Professional, Putty, Back Track, Spiceworks, Brutus, Cain Abel, HP Web Inspect, Core Impact, Netstumber, Kismet and WEPCrack and Wireshark

Confidential

Senior Security Engineer/ Access Management Lead

• Work with IT Teams to insure that all system, appliances, applications and infrastructures are secure also manipulating logging and auditing features.
• Administer Active Directory Groups.
• Work closely Network Security teams reviewing their security tool and processes also recommending best practices.
• Delegated requests to different levels of IT personnel also acting as an Approver and Overseer.
• Administer Lotus Notes ACL access to Lotus Notes email and applications.
• Ensure the implementation of all contractual requirements following the Agile Methodology.
• Monitor internal and external network traffic as well a security scanning.
• Install and configure software and hardware for HSPD-12 PIV card Authentication
• Tools: Web Sense 6.3 ,Tipping Point IPS 5100n, HP Web Inspect7.7, Quest AD and Domain Management tool, Tivoli Big Fix, Checkpoint Firewall 4000, Checkpoint Endpoint Security, Nessus, Microsoft SMS, ArcSight ESM, ArcSight threat intelligence, HP Web Inspect ,Trend Micro Office Scan for clients machines.

Confidential

BOC-CIRT Network Security Engineer

• Secure and monitor the Network and the Desktop environments, as well as, performing investigation on US Census Bureau users and conducting deep analysis on inbound traffic that emulates a possible threat.
• Oversee a Security Operation Center team consisting of 5 members handling configuration and deployment of new security equipment.
• Installed new Sourcefire IPS 3D3000 Defense Center and Tipping Point SMS 5100 IPS/DLP appliances and sensors
• Perform all updates and fine tuning of sensor, policies and compliance patches and updates and writing signatures.
• Create, manage and perform all changes and tasks sensors running weekly reports utilizing Websense 6.3.
• Create daily and weekly reports from IDS searching for matrices of top ten IP's, ports, IDS signatures, identifying sources and destination IP addresses by their FQDN name.
• Investigate the top ten alerts by using Web Sense and firewall logs.
• Tools: Cisco Mars, Cisco IronPort M 1070:, SenSage 4.5 SIEM, Websense 6.3, Cisco ASA and Checkpoint firewalls.

Confidential

Project Manager /Sr. Security Engineer

• Manage and view all Security and Network designs working with new technology to implement them throughout the NAS and Non-NAS systems National Airspace System of the Federal Aviation Administration.
• Work closely with other Security Engineers contractors assigned to other FAA in implements Security control such as Access Control Policy Management, Audit, Authentication, Authorization, Automated Workflow Provisioning De-Provisioning, Event Monitoring Alerts and Logging, Federation Services, Meta-Directory and Virtual Directory Services, Single/Reduced Sign-On Support, Self-service, and Service Management.
• Utilize NIST 800-94 and NIST-41 in the implementation of Firewall and IDS/IPS deployment. Plan and build Public Key Infrastructure PKI , working with VeriSign and PIV card technology.
• Oversee information system requirements analysis, system design, development, implementation, and testing.
• Develop all activities related to information assurance procedures, control guidelines and systems.
• Confer with and advise all levels of government personnel on administrative policies and security procedures, technical issues and resolution.

Confidential

Lead Sr. Network Security Engineer

• Responsible for designing and rebuilding the Security Operation Center, while supporting a large enterprise network.
• Duties include incident response intrusion analysis and methodologies vulnerability assessments and network surveillance and monitoring.
• Perform research, written documentation and tests on new network security products.
• Updating and patching all Security tools and appliances.
• Created SOC workflow and operation process for the SOC Security Engineer.
• Tools: Checkpoint Firewalls NGX and VPN-1 version R65 and Juniper Firewall Net Screen-Security, Crossbeam, Web Sense 6.2 Bluecoat Proxy SG 8000 Series ver. 4.2.6.1, HP Open View, McAfee IntruShield Network IPS Solution, High Tower and HP ArcSight

Confidential

IT Specialist/Network Security Engineer

• Ensure safety of information systems and assets.
• Monitor security risks while enforcing information security Performed incident response duties
• Recommend emerging products, services, protocols, and standards, working with other teams to enhance agency network enhancements and security.
• Work closely with the Network Operations Center and the Security Operations Center enabling hardware updates and vulnerability scans.
• Perform periodic and on-demand system audits, supporting over a 200 agency city-wide network.
• Perform installation of Security Equipment
• Tools: IBM Appscan, Retina scanner, Air Defense, Wire shark , NFR Sentivist Intrusion Prevention, ISS Real Secure Site Protector and Juniper 1100c IPS, PGP Encryption and Drive Crypt, Citrix Netscaler 7000-STD Load Balancer

Confidential

Sr. System Engineer/ Cyber Security Engineer

• Provide and enforce Network and System Security for the Internal Revenue Service IRS .
• Using various network security tools, monitor and secure Windows networks following security policies and guidelines.
• Utilizing Snort and Razorback Intrusion Detection Software, monitor changes in system server files, ports and network traffic.
• Provide LAN/WAN support to secured applications.
• Enforced policies and guidelines.
• Support and manage Windows servers, Applications, Hardware and provide full Windows Domain Administrator Services