SUMMARY

• Highly dynamic Cyber Security Practitioner capable of handling critical business operations, offering a focus in DevSecOps, Cyber Security and cloud architecture security services

TECHNICAL SKILLS

Software: Carbon Black Response, AlienVault, BlackDuck, MS Windows Server, Windows 10, Citrix XenServer, SQL Server, MS Exchange Server, Kaseya MSP platform, Symantec Endpoint ProtectionSophos, Webroot Secure Anywhere, Datto, Nmap, Metasploit, HP LiveVault, Solarwinds NPM/NTA, Putty, MS Visio, Avaya IP Office Manager, FileZilla Server, Sonarqube, Visual Studio’s Team Services (VSTS)

Hardware: Dell Sonicwall NGFW firewalls, HP Managed switches, HP Servers, Dell servers, HP laptops, Dell laptops, Mac OSX, Apple and Android mobile devices, wireless access points, and Avaya IP Office Manager.

Cloud: Azure Security Center, Google G Suite, Datto Intelligent BC/DR solutions and HP LiveVault, AWS EC2

PROFESSIONAL EXPERIENCE

Confidential

Lead IoT Security Architect

Responsibilities:

• Threat modeling of Android 4G LTE cloud connectors, and connected aircraft IoT gateways
• Created organizational IIoT security requirement documentation, risk assessment procedures and standards
• Architected Confidential IoT SOC dashboard using Azure Security Center, OMS monitoring and metrics
• Defined risk acceptance and management processes, OSS vulnerability acceptance standards and policy
• Duties included BlackDuck opens source software (OSS) vulnerability approval and rejections
• Architect IoT platform and SDK General Data Protection Regulation (GDPR) metadata tagging
• Lead IoT Security Architect in risk approving high CVE vulnerabilities in IoT platform architectures
• Performed Docker Container and Microsoft services component and system threat modeling
• Security incidence responder to PS JIRA issues to Product Security Incidence Response (PSIRT) team
• Created IoT digital and embedded device forensic investigation process for event and incident response
• Azure Security Center Security Administrator and incidence investigation responder
• Lead Security Architect in approving remediation controls and mitigation architectural reviews
• Foghorn Lightning and Manager analytics threat modeling and security reviews
• Embedded device analytics rules engine security reviews and threat modeling
• Azure Tenant subnet security reviews, NSG’s, security virtual appliance firewall configurations
• Apache Ranger, NiFi and Azure Storage Blob architectural security reviews and design
• SDLC/SDL development and standardized security gate checks
• Busybox, Docker container and OpenShift security architecture, reviews and design approvals
• Azure threat monitoring, and incidence response SOC III security lead

Confidential

Platform Cloud Security Engineer

Responsibilities:

• Security reviews and engineering of BLE, 6LoWPAN, WSN, 802.15.4 and 802.11 IoT sensor networks.
• Risk assessments and threat modeling of PaaS, SaaS and IaaS for DevSecOps
• Security of Things (SoT) data flow diagram and threat modeling for IoT and cyber - physical systems
• Azure SC and Microsoft OMS for IaaS, and PaaS platform security analytics development
• Perform security visualization analytics using Microsoft Power BI and Azure Log Analytics
• IoT and Cyber-physical system security requirements planning, and functional design reviews
• Azure Event Hub and IoT Hub API ingestion security reviews and engineering
• IoT policy documentation development for due diligent security best practices
• Documentation development on SDL/SDLC methodologies and integration for DevOps
• Code static analysis and vulnerability reviews using SonarQube.
• Azure SC preview release DevOps POC testing and implementation
• Network security group (NSG), web application firewall (WAF) and Next-generation firewall (NGFW) deployments

Confidential

Senior Cyber Security Architect Team Lead

Responsibilities:

• Architect Carbon Black Response AWS EC2 cloud deployment for IBM global geographic deployment involving over 500,000 endpoints
• Planned and reviewed AWS cloud regions and availability zones for CB Response for POC testing
• Architect CB Response in IBM Innovation lab for POC testing of on premise vs cloud deployments
• Architect and designed CB Response AWS sensor groups for IBM global regions
• Designed CB response AWS log collection of raw and high quality feeds to SIEM and data collectors
• Architect new standardize log source intake check list for on boarding into QRadar
• Developed Carbon Black Response operational procedures for SOC and incidence response teams
• Iteration Manager and technical team lead for Agile daily standup and scrum meetings
• Responsible for creating epics, stories and task in IBM Bluemix, and GitHub (ZenHub)
• Provisioned BigFix server, for development and POC testing of IBM new product release BigFix Detect
• Created test plan for product comparison, CB Response and BigFix Detect in IBM SoftLayer and AWS
• Duties included initiation of global privacy assessment tool process (GPAT) for CB Response global deployments for US, China, EMEA, APAC
• Architect SOC and CSIRT RBAC groups, created users and views
• Architect custom sensor groups, agents for CB Response sites and low latency bandwidth sites
• Deployed Azure Advanced Threat Protection for POC comparison against CB Response
• Architect an APT vector attack using control and command (C&C) backdoor attack to determine viability of Windows Defender ATP and Carbon Black Response to alert
• Designed layouts for Azure Express Route, and based point to site VPN solutions
• Automated Systems Design (ASD)May 2003 to September 2016
• Cyber Security Consultant (Contractor)
• Reviewed Google SLA agreements & security policy for senior managements and planned migration to Google G Suite products
• Implemented a baseline standard cloud security policy in alignment with the corporate security policy
• Architect a scalable hybrid cloud solution to meet the enterprise risk tolerance level
• Established as the Lead project architect for proof of concept (POC), implementing the migration from Microsoft Exchange Server to an environment Google G Suite cloud platform. Performed a successfully migration of 65 users, 120 distribution groups, calendars and contacts with zero loss of data
• Architect the design and planning phase for migrating over 700,000 files and permissions off Windows Servers to Google G Suite
• Created training documentation for corporate users, working with the conversion from Excel to Google Sheets, Microsoft Word to Google Docs, and Google Drive storage architecture.
• Other duties involved performing Google super admin role creating email accounts, distribution groups, configuring opt out removal list policies, single sign on (SSO), and Multi-factor authentication policies
• Setup Google smart phone access, configuring Google application enabled passwords for scanners, printers, fax servers, scan to email for copiers, and SMTP enabled applications for CRM, purchase order and financial web application servers
• Designed SPAM and virus policies for Postini and Gmail for Google G Suite
• Performed migration from Postini to Google ant-virus & spam platform for Gmail
• Implemented Evoko conference room scheduler using Google Calendar API, and Gmail API for conference room digital calendar scheduling
• Configured DMARC, DKIM, and SPF policies for Google G Suite Gmail to reduce SPAM, Spear phishing and malware attacks by 85% based on the rejection policies of the senders policy framework (SPF)
• Configured Google G Suite backup using Backupify-Datto third party BaaS cloud provider
• Performed enterprise wide proactive monitoring and management across multiple sites using Kaseya managed service provider (MSP) platform.
• Configured and correlated firewall syslog’s, IPS and IDS logs to SIEM to detect anonymous activities
• Performed triage for events and remediation for cyber incidences, deployed corrective measures, followed up with the creation of incidence and response detailed reports and executive summary reports for senior management.
• Performed PCI-DSS internal audits and corrective actions based on 3rd party PCI auditors recommendations
• Reviewed corporate configuration management (CM) policies, improved processes using NIST standards to implement security-focused CM processes for software, patch management, and IT critical vulnerable software change control processes
• Deployed secured Window’s remote desktop services servers.
• Configured host based intrusion detection service to monitor servers.
• Implemented Windows OS baseline standards policy for hardened the operating systems using Microsoft Security Hardening Guide
• Architected an enterprise Windows RADIUS Server using EAP-TLS integrated with Microsoft AD using group policy deployment of internal PKI certificate issued to authorized AD domain devices.
• Architect and deployed IPSEC VPN for Avaya VPN handset for mobile sales teams and Philippines call center
• Deployed bastion host using firewall rules, NAT and DMZ policies with continuous monitoring
• Architected and deployed a private cloud infrastructure using Citrix XenDesktop VDI
• Resolved enterprise application portability issues by configuring critical corporate apps to securely utilize Microsoft RDP App deployment tools to support remote sales teams and their mobile devices access to corporate resource
• Implemented secure FTP/TLS server using NGFW appliance firewalls for software development teams.
• Performed periodic PEN testing of internal and external public resources
• Proactivity monitored Windows Event logs using Kaseya MSP platform for servers and Windows endpoints.
• Security awareness training, security gate checks and SDL/SDLC methodologies integration with DevOps.
• Used SANS Top 25, OWASP Top 10 list for current and latest software vulnerability
• Reviewed Cloud Security Alliance (CSA)
• Configured alert notifications and quality gates in Sonarqube and vulnerability alerts
• Configured SSL/TLS certificates for web application IIS front end servers.
• Architect secure Avaya IP Office community networking for centralized voicemail and four digit site to site dialing using encrypted VPNs tunnels
• Performed Microsoft domain administration, provisioning user accounts, security groups (RBAC) and privilege account monitoring.
• Used Microsoft PowerShell AD group policy deployment
• Designed and deployed cloud based heuristic anti-malware packages, and monitored for malware
• Established as the Lead architect and project manager for development of business continuity, contingency and disaster recovery plan using NIST standards
• Architected layered defense BCP/DRP design using Datto BaaS on premise appliance and cloud virtual snapshots, along with HP LiveVault
• Performed POC testing using AWS EC2 and Windows Server AWS AMI image to extend Active Directory (AD) for hybrid cloud. of
• Configured AWS PVC environment, gateway to interface with physical appliance firewall) using routing groups and IPsec VPN tunnels

Confidential

IT Consultant

Responsibilities:

• Performed network assessments and site surveys, network port switch mapping, used Solarwinds Orion NTA/NPA, and Nmap for scanning the network
• Used MS Visio for network design layouts for architectural planning
• Reviewed ACL for the firewalls, routers and switch configurations. Recommended replacement of current firewall with new NGFW application/kernel based firewall, yielding improved ingress/egress deep OSI layer inspection of protocol traffic
• Regular review of SIEM syslog reports and proxy server logs reports and alerts for any anomalous activities
• Performed non-destructive PEN testing on firewalls scanned for extraneous open ports and to identify attack surfaces or and attack vectors
• Citrix P2V physical legacy servers virtual migrations over to IaaS private cloud environment
• Lead engineer to upgrade banks mortgage department legacy software to a new software version
• Configured and hardened Windows Servers IaaS private cloud and virtual SQL Servers
• Investigated and troubleshoot failed SQL jobs, scripts running on legacy SQL Servers
• Other duties involved onsite in place migration of Windows domain controllers
• Migrated 32 bit Windows Active Directory to 64 bit Microsoft Active Directory virtual environment
• Architect and deployed Active Directory infrastructure OU’s, DNS AD secure site link replication, over AT&T MPLS switch environment for multiple out of state geographic locations
• Architected and deployed proxy servers using Active Directory group policies objects (GPO)
• Hardened and rolled out branch offices Windows domain controllers, member file servers at new branch offices

Confidential

IT Consultant

Responsibilities:

• Architect and deployed Citrix IaaS hybrid cloud hosted in public data center
• Configured NGFW firewall for hybrid cloud connectivity data
• Designed and deployed on premise wireless AP’s with WIFI extenders using AES encryption
• Configured a site to site IPSEC VPN tunnels using AES for hybrid cloud solutions
• Configured SIEM monitoring of all firewall sys logs, IPS activity alert monitoring for analysis and remediation
• Used Kaseya MSP platform to managed and monitor all endpoint and server log alerts and security for the hybrid IaaS cloud environment and on premise environment
• Setup Google G Suite public cloud access for mobile sales force, Google drive, calendar, sheets access

Confidential

Cyber Security Consultant

Responsibilities:

• Perform security assessment, Windows Servers, SQL Servers, firewalls, and wireless router security setting.
• Used NIST industry standards and guidelines for risk assessment, and auditing
• Reviewed policies and procedures for storage, sharing of files, and encryption mechanisms for the proper protection of PHI data and the destruction of patient and employee PHI/PII data. Reviewed data lifecycle policy for digital media and if data sanitization procedures were in place
• Examined local, and Microsoft Active Directory domain accounts, password and clipping level policies
• Provided audit report with areas of potential vulnerabilities, risk and mediation procedures
• Architected a proof of concept Citrix XenApp and XenDesktop deployment, for the purpose of a planned migration from a legacy Citrix XenApp/XenDesktop environment

Confidential

Network Support Engineer

Responsibilities:

• Deployed new branch office Microsoft Windows domain controllers
• Provisioned Microsoft AD domain users, administrators security accounts
• Branch onsite and remote desktop support and malware remediation.
• Responsible for server security monitoring, and network security monitoring
• Configured and hardened DHCP and DNS Windows Servers
• Team lead for project rollout, banks first VoIP solution. Setup new executive branch office in Buckhead.
• Migrated newly acquired, acquisitioned bank branches, computer systems and applications
• Issued branch managers and customer service reps privilege security level access to Equifax Credit portal
• Performed SQL Server maintenance for Mortgage and accounting departments
• Setup and configured SQL Server security parameters and databases to work with Diebold software
• Configured ATM cash dispensers, responsible for downloading ATM machine NCR data. Loaded currency into ATM machines and setup teller line bank software