SUMMARY

• An enthusiastic and multi - skilled Cloud Network Security consultant with over 8years experience in 1st, 2nd and 3rd line support and management of multi-million dollar Projects valued at over $10,000,000.
• My track record of managing and maintaining network infrastructures is complemented by a meticulous approach to smooth-running business operations with efficient frugal financial management.
• Strong working knowledge of information security and networking best practices as well as industry standards, which are closely tracked with the latest technologies and application to my duties wherever possible.
• Extensive experience insecurityprograms, risk management,cybersecurity, networksecurity, cloud security, RFP process, vendor and partnership management, DataSecurity, APT, CERT operation,security solutions design, network assessments, privacy laws and regulations compliance and audits such as OWASP, PCI-DSS, HIPAA, HITECH, JSOX,COBIT, COSO, GDPR, GLBA, ISO/IEC 27001 series and NIST..
• Monitor, analyze, and report capacity ofNetworksolution system utilization and perform growth analysis/capacity planning with hands-on experience working with Cisco devices such as switches (Nexus {1k, 5k, 7k}, 35xx, 2960, 65xx, 45xx, etc.), Routers (26xx, 28xx, 38xx, 72xx) and other leading industry network devices. Also configuring and maintenance of various protocols such as VLAN, STP, MSTP, RSTP, DHCP,VRF, NAT/PAT, ARP, DNS, BGP, EIGRP, OSPF, HSRP, SIP, TACACS+, DMVPN, Multicast, 802.1q etc.
• Excellent Listening ability with efficient Oral and Written Communication skills. In addition, a good team player with very strong interpersonal skills with ability to work under little or no supervision in a fast-paced multi-user environment and providing mentorship when needed with strong documentation, planning and coordination skills targeted to meet Organizational Goals and Objectives.

TECHNICAL SKILLS

Programming: Matlab C+, Java, Python, C

Technical Products: Cisco, Juniper, Checkpoint, OneLogIn, Mimecast, Alienvault, Symantec, Avaya, Aruba, IBM, Dell, HP, Apple, VMware, Microsoft, etc.

PROFESSIONAL EXPERIENCE

Confidential

IT Operations Manager

Responsibilities:

• Instituted NIST / ISO framework controls to conduct the first corporate widesecuritybenchmarkingwhich helped established a Incident Response Management Program and a "Defense-in-Depth" cybersecurity strategy addressingcyberrisk in three key areas; Network Infrastructure, Cloud Services ( AWS, O365, Azure, Salesforce) and Insider Threats.
• Cybersecurity controls implemented include a DMZ to protect internal servers, Privileged Access Management, Intrusion Detection/Prevention Systems, Data Encryption, and Advanced Threat Protection.
• Development and testing of Business Continuity Plan and Disaster Recovery Plan. Also conduct Business Impact Analysis, Risk Analysis and Assessments, Gap Analysis, etc. with continual remediations of issues discovered.
• Enforced strict password rules and MFA for all users to ensure nonrepudiation and reduce risk of email accounts getting compromised. Also implemented practices like reduction of administrator privileges and change control management with the IT department and 3rd party vendors within first 10 days.
• Excellent knowledge and experienceon identifying the levels of vulnerabilities and threats such as SQL injection, Broken Authentication, XSS, local and remote File inclusions, XSS, CSRF, weak authentication factors etc on applications to improve overall security posture and prioritize the issues basedon NIST, CIS top 20,CWE and OWASP10 methodologies whilst using a wide variety of security tools to include Kali-Linux, Wireshark, Nmap, Metasploit, Nessus, Snort, Cain and Abel, Nitko, Dirbuster,Maltego, etc.
• Increased the development of formal processes by 70% by creating and defining the company’s first IT Policy/Acceptable Use manual Corporate Security Policies and Procedures, Best Practices and Security Training to quantify and mitigate all types of threats. Created and Implemented a Security Taskforce Team, with key executive personnel and agenda to define and modify policies and procedures to meet the company's major business objectives and managed a bi-monthly network infrastructure/cyber security report to inform management of the significant findings/updates/events/incidents.
• Architected and executed a secure Internet facing mult-itier network with appropriate controls at each tier including; Managed WAF at the DMZ tier, NG firewalls, SIEM solution, email spam protection and sandboxing solution. Hardening security baseline builds of all server webs, applications and databases.
• Increase Productivity and reduce security issues by 60% by defining the corporate information technology infrastructure and security strategies, and performed hands-on Proof of Concept (POC) testing for addition and/or replacement of infrastructure and security technologies.
• Implemented Symantec security suite for Data Loss Prevention and endpoint security/encryption. Also implemented Cisco AMP for additional malware protection and sandboxing capabilities.
• Responsibilities included performing hands on vulnerability assessment and penetration testing of critical IT infrastructure components including servers and network devices and served as theCyberSME for a program management team that managed GDPR, ISO 270001 and PCI DSS compliance and readiness.
• Lead internal IT engineers and vendors in an Agile methodology to Develop, Architect, Design and implement CloudSecuritysolutions to the firm's SaaS and IaaS services and conducted threat analysis, technical IT audits, Reconfiguration of firewalls, risk assessments across Yard wide infrastructure.

Confidential

Lead Security Engineer/ IT Project Manager

Responsibilities:

• Own and manage diversecyberincidents (Network sensors, SOC alerts, spam emails, hunting, personnel investigations, and other sources). Provide accurate analysis, drive remediation cross-functionally (legal, management, and infrastructure services) and bring closure.
• Serve as the primary informationsecuritypersonnel for creating, testing and monitoring of penetration test plan to identify possible vulnerabilities on clients infrastructure and applications platforms with SQL injection and DDOS attack using Kali Linux to identify threats, thus recommending preventive measures against them.
• Serve as the primary informationsecurityadvisor and resource forvulnerability and penetration testing policies and control while providing technical expertise and support to IT management and staff in risk assessments and the implementation of appropriate informationsecuritypolicies, procedures and products.
• Managed client delivery teams providing SEIM, assessments & incident response and provide technical expertise and support to clients engagements and implementation of appropriate information securityprocedures and products. Identified opportunities to upgrade stabilize or improve existing network infrastructure to ensure on-going high performance and supportability and evaluate emerging technologies against business needs.
• Analysis of networks and recommendations for improvements. This includes Migration and Upgrades of network devices, Thin Client implementations, Server and Email Migrations, PCI-DSS and HIPAA compliance.

Confidential

Network/Information Security Engineer

Responsibilities:

• Work to align technology with client business needs by designing new solutions to fulfill a need or revamp existing services to be more stable, efficient, and cost effective. Developed and enhance IT incident response and disaster recovery plan (CERT).
• Provided guidelines and advisement to Agency on developing, implementing and effectively managing security processes and Programs (BCP, Business Impact Analysis, Incident Response Planning, Risk Management, Vulnerability Management, and Privacy)
• ProvidedSecurityAssessments, for Cloud and Physical networks. Evaluated compliance with the requirements applicable for the respective type of business. Also ensured that clients were meeting industry standards such as NIST, ISO, COBIT, etc. Maintaining positive relationships with vendors and partners.
• Created and supervised the implementation of InformationSecuritypractice policies, methodologies and knowledge base management tools to improve process within the client's enterprise environments.
• Lead and managed the intrusion monitoring program, false/positive risk mitigation, rule sets and filtering controls and strategy designs effectively minimizing intrusion and vulnerabilities to theclient’s network.

Confidential

Network Security Engineer(Part-Time)

Responsibilities:

• Worked in a team of 6 on a $950,000 WAN connectivity project for a multi-campus universitywhich also included purchase and supervision of server installation at back-up Disaster Recovery site.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.Configuring and troubleshooting the Site to Site IPsec VPN tunnels using Cisco ASA firewalls and checkpoint.
• Configuration and Maintenance of various protocols such as: UDP, DHCP, DNS, WINS, TCP/IP, MPLS, BGP, EIGRP, OSPF, 802.11(a/b/g/i /n), WEP, WPAv2, AES, TACACS+, RADIUS, TLS, IGMP, MulticastVLAN, VTP, STP, Ether Channel, Trunking, HSRP, VRRP, GLBP, etc. Experience with IDS/IPS technologies and vulnerability assessments tools & monitoring: Rapid 7, Nessus, etc.
• Senior Student troubleshooting support Manager supervising 23 student support staffs. Also providing mentorship to students about career paths and development.

Confidential

Network/System Support Engineer

Responsibilities:

• Upgrades and Migration services from Windows Server 2003 to Windows Server 2008 R2.
• Supported and monitored servers systems and conducted frequent backups of critical data remotely.
• Configuration and troubleshooting of Cisco, Dell and HP devices as well as mobile devices.
• Engineered SNMP solution using Orion Solarwinds. Installation of Orion Solarwinds application. Configured SNMP on all thenetworkdevices (1000+ devices server/router/switch/firewall/antena/wireless/pbx) and added them to SolarWinds for monitoring etc. Monitorednetworkactivity by analyzing information provided by Orion Solarwinds to ensure both efficient and effectivenetworkoperation.
• Provided exceptional service in handling customer complaints and managing the customer resolution process.
• Achieved consistent #1 and #2 rankings in monthly metrics, including dropped calls, call duration, and customer satisfaction ratings. Referred difficult issues to management while maintaining positive rapport with clients.