SUMMARY:

• Demonstrated noledge of one or more engineering disciplines and vendor equipment Strong noledge of standard accepted compliances guidelines vulnerability management methodology and scope of functional security testing and risk - based security testing Infosec integrated control system frameworks engineering best practices Utilizing practical risk analysis and threat modeling (FISMA, FIPS199/200, NIST SP800-53r3/SP800-68, 20
• Critical Controls Cyber Defense Interactive, DOD 8500.2, DSD.35 Mitigation, ISO 17799/27001/22301, ISSAF, PCI-DSS, COSO, CoBIT, ect..) supporting teh auditing, testing and monitoring of proven security compliance policies and investigation of non-compliance Business internal and external meta-data collection risk analysis
• Good understanding of information systems critical controls, continuous assessments and remediation strategies Data network monitoring strategies, data network protocols packets abnormities investigations and multi network security access-control best practices
• Ethernet Lan networks vulnerability assessments, Wireless AP devices and wireless IDS risk assessments and cyber security penetration testing Owasp Top Ten web application security risk testing and code reviews API applications metadata risk assessments and vpn/reverse proxies penetration testing whitebox, graybox and blackbox Monitor risk compliance logs Network web application firewalls, proxies, switches, routers, dhcp/dns servers and desktop risk assessments Security data whole disk encryption, hidden secret disk encryption and private hidden data files encryption SSL RSA certificate management md5, sha1, sha256, sha386, sha512 password hash recovery and two-factor authentication Manages security performances capacity of various data network elements and framework interfaces to ensure
• Confidentiality, Integrity and Availability of data network information systems to help prevent data network systems down-time, intrusion and spying Identifies necessary network changes within teh OSI model by validate proposed operation information systems changes through critical baseline compliance frameworks, virtual testing assessments and vpn penetration testing environments
• Categorize/develops/submits a detailed reports and interfaces with teh Information Data Operations Management Teams to successfully implement these changes within organization business policy contingency planning initiatives Within teh information security systems categorization types inside teh information security system production OSI data networking models Other job related duties as needed/assigned.

TECHNICAL SKILLS:

Vulnerability Assessment Databases: CVE, US-Cert, NVD, NIST, OVAL, OSVBD, SecurityFocus, and CIS, generate and administer Network Global Logs, DNS Logs, Email Logs, HTTP Logs, FTP Logs, and MSN Logs.

Language: MS-DOS, MS-PowerShell, CGI, Java, HTML, XML, C+, C++, PYTHON, PHP, PERL, VI, GCC, Create Linux shell scripts, Linux shells - BASH, DASH, SH, Xampp, Cygwin, Net-SNMP, MySQL, SQL, ASP, UNIX, Visual Basic, Visual StudioLinux Security Penetration Testing Distros’ Favorites’ - KALI-Linux, BACKTRACK (5) (5r3), BACKBOX 3, OWASP Custom, OWASP WTE, OSWA-Assistant

PROFESSIONAL EXPERIENCE:

Confidential, Detroit, MI

Risk Assessor/VPN Penetration Tester/Security Network Analyst

Responsibilities:

• Security Support - Build and Test OSI Domains networking models for security control policies, standardize compliance risk assessments, vpn penetration testing, network infrastructure risk assessments analysis
• Cyber meta-data vulnerability investigation, cyber meta-data defensive strategies, wireless ap assessment, wireless network security strategies, multi-networks subnets vulnerability testing, advance web application security risk auditing, intrusion prevention detection & real time response testing, firewalls security analysis I/O ip & ports configurations, network access-list, access-control assessments - multi-advance network protocol filtering sniffers techniques, security data networks monitoring systems
• Data network performance capacity, high security data disk and data files encryption & password encrypt/decrypt analysis, advance protocol capture filtering technique, antivirus/malware/rootkit/spyware removal & computer disk/file recovery forensics and hard drives imaging backups.
• LAN/WLAN network security investigations, risk analysis and generate threat appraisal recommendations.

Confidential, Pontiac, MI

Project Manager/IS&S Technical Resource Manager

Responsibilities:

• GM Online intranet Project - Gather requirement for 6,500 end-users names in excess of 200 geographical departments for 65 multi-blade pos servers, file servers for departmental proprietor applications and daily business applications for 6,500 end users over 20 geographical locations throughout
• Eastern Michigan. Develop network pos server migration systematic strategy for departmental groups deployment dates.
• Gather all VAS applications inventory packages, map networks application file servers data capacity for deploying multi user s application from older network pos servers too teh fresh RIS pos servers for
• GM Online project, work with EDS SMC Center outlining methodical strategies for 9,400 deployment business applications written scripts for Tivoli. Solve all IS&S management technical issues