SUMMARY:

• Focused, resourceful Cybersecurity professional wif an excellent understanding of information security standards, frameworks, practices, and solutions to support the security practice.
• Hands - on experience includes specialization in implementation, engineering and analysis of security management solutions specifically designed around security operations.

TECHNICAL SKILLS:

Windows: Server ; Windows 7; Windows 10

Mac: OSX

Linux: Working noledge CentOS

Cloud: Working noledge AWS

Security applications: Qualys & Nessus Vulnerability Management; Symantec MSS, LogRhythm & ArcSight SIEM; Dell SecureWorks & FortiNet IDS/IPS; Palo Alto Networks WAF; Websense WAF; Wireshark; Nmap; RSA; L0phtCrack; Invincea; Tripwire; McAfee ePO Suite (Endpoint Security, VSE, SAE, MDE, DLPe Device Control); and more

PROFESSIONAL EXPERIENCE:

Security Consultant

Confidential, Los Angeles, CA

Responsibilities:

• Perform Website Security Audits and Patch Tuesday Endpoint Audits using Qualys FreeScan
• Install, configure and manage automated solutions like McAfee Total Protection for Data (ePO Console for Centralized Management)

Sr. Security Specialist

Confidential, Burbank, CA

Responsibilities:

• A complete re-architecture of the previous implementation of Qualys included the following tasks: Build and test new Autantication Records for the *nix assets for successful autanticated scans; Purge stale data in existing scans, scan schedules, reports, report schedules, and maps; Develop reports and scorecards for collecting monthly metrics reported to executive management
• Coordinate efforts among teams spread across various NA regions on a project to re-align the active and reporting endpoints in McAfee ePO and reduce the number of endpoints failing to check into ePO on a regular basis. Follow-up and drive teams to resolution and closure of associated tasks

Consultant - Security Analyst

Confidential, Glendale, CA

Responsibilities:

• Primary member of the SOC Threat Intelligence Operations Team (Security Incident Response and Management)
• Monitor, respond, triage and investigate all security incidents based on notifications and escalations from Symantec MSS, McAfee ePO, FortiNet and Websense security tools
• Assist project team in defining policy and procedure documentation for the new SOC, specifically internal Symantec MSS Standard Operating Procedure
• Perform high level review of security incidents and event data to produce monthly exception reports
• Present key findings, propose recommendations for improving security, and stay current wif IT Security by reading security trade publications and continuing technical s

Security Engineering Consultant

Confidential

Responsibilities:

• Focus on implementation, upgrading, troubleshooting, support, and monitoring of McAfee products including ePO Management, Endpoint Security, VSE, Site Advisor Enterprise, and Endpoint Encryption
• Create and run various queries, server tasks, and dashboards to ascertain the overall health of the ePO system
• Maintain and update the ePO Daily Health Checklist
• Manage day-to-day operations and troubleshooting for McAfee products
• On-site and remote consultant for major organizations in the greater Los Angeles, San Diego, Nashville and Chicago areas

Information Security Analyst

Confidential, Los Angeles, CA

Responsibilities:

• Provides guidance to the network, application and system teams on security architecture decisions
• Monitors, analyzes and evaluates operations and activities to ensure an appropriate level of information protection is achieved and maintained
• Maintains, manages and monitors the security infrastructure
• Performs day to day administration of security related systems and applications, monitoring logs and reporting of security events
• Proactively manages, tunes, and troubleshoots security logging, web filtering, anti-malware & other security systems
• Contributes to systems incident response and event handling
• Participates in Information Security Risk Assessments
• Develops, communicates and trains others on security standards and procedures
• Develops and maintains concise documentation related to responsibilities
• Researches and recommends new security technology capabilities for the greater organization

Consultant - Systems Security Engineer

Confidential, Carson, CA

Responsibilities:

• Harden Microsoft Operating System environment to meet and/or exceed Security Technical Implementation Guide (STIG) requirements in preparation for an agency-wide Command Cyber Readiness Inspection (CCRI). This work assisted Confidential pass the inspection wif exceptional marks in March 2012
• Implement, manage and monitor systems for anomalies in system behavior and security incidents utilizing the following tools: LogRhythm SIEM, McAfee ePolicy Orchestrator, Tripwire, VMware View
• Operational lead for Confidential ’s End User Computing modernization project. Backed by VMware Virtual Desktop Infrastructure (VDI) technologies, including vSphere, ESXi, View, ProfileUnity

Consultant - Sr. IT Compliance Analyst

Confidential, Hollywood, CA

Responsibilities:

• Work in coordination wif others to deliver concurrent compliance and security processes around SOX and SSAE 16 (SAS 70) audits and PCI assessments
• Interface wif various IT teams to ensure dat IT systems adhere to corporate standards and follow PCI requirements
• Assist in developing and awareness programs and materials around regulations effecting IT and the business

Security Operations Analyst

Confidential, Glendale, CA

Responsibilities:

• Continuously monitors levels of service as well as interprets and prioritizes threats through use of intrusion detection systems, firewalls and other boundary protection devices, and any security incident management products deployed (ArcSight/Cisco Security Manager & Cisco MARS/Lumigent DB/Qualys/Symantec Endpoint Protection/Tripwire)
• Communicates alerts to the appropriate management regarding actual intrusions and potential intrusions and compromises to their network infrastructure, applications and operating systems (Windows/Linux/Unix teams and appropriate business units)
• Generates reports as requested and provides noledge transfer to subsequent analysts on duty (ArcSight/BigFix Web Reports/Lumigent DB/Qualys/Symantec Endpoint Protection/Tripwire)
• Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance (Core Impact Pen Tests/BigFix/Qualys/SiteMinder/Symantec Endpoint Protection/Tripwire)

Web Application Administrator

Confidential, S anta Monica, CA

Responsibilities:

• Proactive centralized management and monitoring of web site, system and application logs for urgent & critical events (RSA SecurID & Access Manager/eEye Retina Network Security Scanner/GFI Events Manager/GFI Network Server Monitor/Idera SQL Compliance Manager/Idera SQL Diagnostic Manager/NetLib Encryptionizer)
• Deploy servers efficiently wif centralized management capabilities, including automatic updates for production and test environments (Windows Server 2000 & 2003/VMware ESX & ESXi Server/Windows WSUS)
• Maintain platform security and disaster prevention/recovery by implementing, enforcing and maintaining procedures (RSA SecurID & Access Manager/eEye Retina Network Security Scanner/GFI Events Manager/GFI Network Server Monitor/Idera SQL Compliance Manager/Idera SQL Diagnostic Manager)
• Assist R&D deploy web-based application and rollout management wifin a solutions framework (Microsoft SourceSafe/Microsoft Robocopy/VB Scripting)
• Provide 3rd level network application support by researching database, network, and web application issues
• Adhere to PCI DSS compliancy standards for security testing, documentation, policies, and procedures
• Create and maintain documentation and policies effecting systems to ensure usability, stability, and availability including disaster recovery

Sr. Systems Administrator

Confidential, Los Angeles, CA

Responsibilities:

• Perform maintenance on Windows 2003 Servers running Exchange 2003, SQL 2000, Sharepoint Server, Blackberry Enterprise Server, IIS6, Great Plains
• Run MS Baseline Security Analyzer to find current patch levels, update OS security and application patches
• Implement backup routine for systems and databases
• Fine tune for performance and clea house to allow for disk space recovery
• Active Directory Administration (user & computer account adds, moves, changes)