SUMMARY

• Multi certified professional wif 12+ years of extensive experience in managing Information and System Security, Network Management, Systems Integration and Analysis.
• Seeking a senior role in the Information and System Security field that will utilize my security engineering and system administration expertise to help meet and exceed department goals and corporate objectives, thus increasing the overall security posture of the organization.
• Skilled in Information and System Security best practices wif the ability to read, review and revise System Security Plans (SSP), perform Certification and Accreditation (C&A) tasking’s, provide security analysis, conduct risk assessments, compliance and security audits keeping systems and networks up - to-date to ensure the highest security level and protectcomputersystems and networks against hackers, spyware, and viruses.
• A service and Client-focused professional, wif proven team leadership strengths; Enjoys the challenge of managing projects from inception to completion; Experienced in fostering and developing client/business relations, providing end user training, and increasing efficiency to enhance profitability. Strives to always promote high quality, results-driven, prompt, and professional service and support.
• System administrator/specialist wif experience in the planning, installation, configuration, operation, maintaining, and troubleshootingof systems and network technologies.
• Established reputation for highly reliable and accurate work; capable of performing work that requires concentration, high degree of patience and attention to detail; able to learn new skills rapidly.
• Adept at working in fast-paced environment demanding strong organizational, leadership and interpersonal skills. Confidently interacts wif all ages and levels of individuals. Multitasks effectively.

PROFESSIONAL EXPERIENCE

General Service Administration (GSA)Lead Security Engineer

Confidential Washington, D.C.

Responsibilities:

• Daily responsibilities included C&A, data gathering, security training and awareness for ISSO/ISSM on Tenable Security Center, review of daily vulnerability and compliance scans, executive reporting documentation development and distribution.
• Assisted in information security assessments; performed threat analysis, vulnerability assessments, and penetration testing. Performed investigations of security incidents, anomalies, events and the development of incident reporting procedures.
• Analyzed cutting-edged technologies that would effect corporate security posture, as well as protecting against unknown risks (i.e. Tenable, Forescout, Web Inspect, Q Radar)
• Interfaced wif global teams to implement technologies that align wif the current security strategy including the need for comprehensive vulnerability and risk management wif Internet facing sites across all business units. Provided metrics on vulnerability assessments, reporting standards and recommended remediation activities.
• Continuously reviewed and revised information security controls related to GSA’s SSP
• Monitored the Web and OS systems for any and all signs of vulnerabilities and non-compliant configurations.
• Performed security system updates on a regular basis wif associated technical documentation.
• Updated all ISSOs/ISSMs on potential new cyber threats.
• Conducted evaluation of intranets and firewalls on a regular basis.
• Resolved all fraud and virus infections in coordination wif computer security incident response teams.
• Evaluated SIEM products in order to assist wif the selection and implementation of the best tool to help identify network attacks, malicious behavior, policy violations and provide comprehensive auditing and reporting capabilities to support regulatory compliance.
• Generated reports and developed procedures for the IT department to harden the Network and Server infrastructure.
• Engineered reporting automation through the use of Tenable Security Center API and Google Services API wif the use of Python
• Played a significant role in the development of the Information Security Department tools deployment.
• Instituted continuous scanning efforts and ensured scans were performed every 72 hours.
• Evaluated and ensured system compliance wif established information assurance policies and regulations according to NIST 800 while adhering to GSA Policies.
• Revised Standard Operating Procedures (SOPs) for incident response handling.
• Reviewed and analyzed security response policies and programs for potential risks.
• Ensured continuity in user account creation for GSA personnel.

Administrative Office of the US CourtsLead Security Engineer

Confidential Washington, D.C

Responsibilities:

• Installed, configured and administered ADDM to continually monitor server configuration, as well as identify and log out-of-date patches, license, and BIOS versions.
• Utilized Tenable Continuous View security suite, McAfee Foundstone and BMC server automation suite to conduct network and system vulnerability/compliance assessments
• Installed, configured and administered MacAfee HIPS wifin the physical and virtual environments
• Utilized MacAfee HIPS and EPO in a manner to adhere to the organization SLA requirements
• Configured and administered EPO E-policy Orchestrator to manage HIPS functionality and configuration.
• Utilized tools such as CAIN and X-Way Forensics to investigate security violations or incidents in an effort to reverse engineer anomalies.
• Proactively troubleshot, and conducted performance tuning, systems analysis and modifications to ensure availability and reliability to all Enterprise Platform Services.
• Managed and improved the Infrastructure Vulnerability Assessment Program, including configuring, scheduling, monitoring, and reporting results of vulnerability, patch, and compliance scans.
• Utilized BMC server automation suite and SCCM to perform, patches, configures, upgrades, migrations, maintains and retires Platform Services in compliance wif CIS, NIST, and DISA Policies and Standards or controls.
• Integrated Tenable Security Center wif ADDM, and Blade Logic Server Automation Suite through the use of Python Scripting language.
• Automated tasks through the use of BladeLogic which utilized a NSH style scripting language.
• Utilized BMC server automation to deploy scripts or jobs that carry out small/medium/large scale work initiatives.
• Conducted extensive independent research to evaluate new platform versions, white papers, and system configurations wifin a customized laboratory environment. Newly introduced equipment required testing and validation before implementation.
• Applied judgment in evaluating the significance of new technological advances and advised management on the advantages/impacts of incorporating the new technology into the current hardware/software/network architecture.
• Introduced, engineered, and administered Asset Discovery Dependency Mapper (ADDM) to our stake holders and tan into our infrastructure. dis tool was designed to build a query of all assets on the network.
• Utilized V-realize to support our virtual environment to ensure it meets strict regulatory guidelines and security best practices
• Designed all Windows and Redhat virtual templates for the VDI environment based on NIST, DISA, CIS safe guards,
• Contributed to the reconstruction of the System Security Plan (SSP) and associated IA artifacts. (i.e. Hardware and Software List, Dataflow Diagram, Vulnerability Management Plans, dis documentation is primarily used by the CSAM tool referencing NIST 80053)
• Engineered, and administered CSAM into our environment, as a means of SSP retention

ServicesSenior Security Engineer

Confidential Washington, DC

Responsibilities:

• Utilized tools such as Server Automation, ADDM, SCCM, and MBSA to ensure all essential software and applications comply wif Defense Information Systems Agency (DISA) regulations which involved firewall deployments, router and switch upgrades, network infrastructure upgrades, security policy remediation, network security upgrades, vulnerability assessments, and network and operating system hardening.
• Managed security incident responses for NIPR and SIPR networks through a methodical process of identification, investigation, and resolution.
• Utilized NIST 800 safe guards to be proactive against growing threats and reducing risks.
• Effectively managed project scope by ensuring any changes to the scope were documented and approved wif project change request forms. These items were tracked and logged through the HEAT system, to provide transparency to upper management.
• Managed and improved the Infrastructure Vulnerability Assessment Program, including configuring, scheduling, monitoring, and reporting results of vulnerability, patch, and compliance scans.
• Track and report project milestones and provide status reports to government personnel and Hewlett-Packard senior level management.
• Configured EPO to work wifin virtual clustered environments, integrated wif VMware and ESXI
• Supported MacAfee HIPS installations, (Standalone)
• Utilized EPO to perform and schedule updates and configuration changes to HIPS installations
• Developed and implemented Information Security Policies and Procedures,
• Ensured all enterprise appliances and applications underwent proper certification and accreditation
• Utilized tripwire tools for vulnerability detection.
• Utilized packet capturing tools such as Wire Shark and Snort to assists in enforcing network security controls.
• Supported the implementation of a VDI type infrastructure for NAVSEA while being responsible for server segmentation
• Implemented periodic review of access controls for hosted and virtual systems.
• Supported the implementation of an AWS virtual data center in support of the Hosted virtual desktop (HVD) project.
• Integrated metasploit tool sets for penetration testing.
• Supported the implementation of HP ArcSight Logger.
• Developed and performed mitigation and remediation activities based on findings to resolve network and system vulnerabilities to enforce DoD compliance requirements.
• Utilized SCCM/SCOM and Active Directory in the deployment of user specific software and applications.
• Configured and deployed Cisco ASA and Checkpoint firewalls during network infrastructure upgrades.
• Responsible for planning roll-out process and sequence of new systems and platforms, including all IT related systems, communication systems, and IT driven security systems.

Network Technician

Confidential Tampa, FL

Responsibilities:

• Researched IT security issues and solutions while presenting ideas in a business-friendly/user-friendly language
• Evaluated risks & threats while adopting adaptive security policies, processes, & technologies wif the use of tools such as Metasploit and Tripwire.
• Influenced decisions to incorporate network surveillance service level agreements (SLA) for company growth and development.
• Served as subject matter expert on networks, devices, scanning, testing tools, and Security Technical Implementation Guides (STIGs).
• Performed security research, analysis and design for all client computing systems and the network infrastructure.
• Performed basic unmanaged HIPS deployments.
• Monitored events, responded to incidents and reported findings.
• Managed project development from initiation to completion.
• Resolved all Level 3 critical service calls successfully and efficiently.
• Performed project evaluations and network security implementation and assessment for Liberty Tax Service, Scott Trade, and HR Block satellite offices.
• Executed Request for Proposals (RFP)/Request for Quote (RFQ), scoped, and completed multiple network infrastructure projects successfully under budget wifout impeding quality for companies such as Liberty Tax Service, H&R Block, and PetSmart
• Supervised other employees to maintain successful project/operations management team