Summary of Qualifications:

Highly motivated professional with extensive information technology skills seeking a Cybersecurity Engineer/Analyst position in a fast-paced cutting-edge organization.

Core Competencies Include:

• Solid Knowledge of Regulatory Compliance and Corporate Security, Policies and Procedures ISO 2700x, NIST SP-800 Series, SOX, HIPAA .
• Experience with Nuclear Plant Policies, Procedures, Design Basis Threat, NEI 08-09/13-10.
• Research perform background analysis, using analytical approach with respect to event classification, event correlation, and root cause analysis.
• Experience in a 24x7x365, multi-tiered production/Network Operations Center.

• Strong understanding of Threat, Risk, Vulnerability Assessment Implementations.
• Experience with Security Tools Nessus, Snort, IBM Site Protector, Wireshark, AppScan.
• Practical knowledge of Incident Response and Escalation Procedures and BCP/DRP.
• Familiarity with Patch Security Vulnerability Management Tools WSUS, Shavlik, Retina.

• Experience with Intrusion Detection/Prevention Methodologies and Implementation.
• Experience with Remedy Service Desk Change and Configuration Management.
• Solid understanding of IS multi-platform environment Novell, Windows, and Linux .
• Strong Documentation Skills.
• Administer Deploy VMware ESX/ESXi Servers VDI and Citrix Thin Clients.
• Implementation/Virtualization of Citrix Presentation Server 4 /XenApp Servers via VMware.
• Integration and Interoperability of Novell and Windows Networks including Migrations.
• Implementation of Windows Active Directory, Group Policies Novell Directory Serv.
• Strong understanding of TCP/IP, DHCP, DNS, WINS and their Implementations.
• Excellent Analytical/Technical Troubleshooting Skills and Problem Resolution.
• Instructor and Classroom Teaching Experience.

Computer Skills:

• Operating Systems: Windows Server 2008, Windows Server 2003/Windows 2000 Server/Active Directory/Professional, Windows 8/7/XP/Vista/NT 4/9x/Me, Novell NetWare 3.x/4.x/5.x, Cisco IOS, VMware ESX 3x vSphere ESXi 4x/5x, SuSE Linux 9.3 11.3.
• Application Packages: CyberWiz, IBM QRadar SIEM , McAfee ePO, IBM Tivoli NetCool, Snort, Tripwire, Wireshark, AppScan, IBM Site Protector, Metasploit, Retina Network Security, Nessus, WinHex, WinAudit, STIG, CIS Benchmarks, IDS/IPS, Citrix, Remedy, ServiceNow, HP Insight Manager, Dell OpenManage, ILO OnBoard Admin, NetStumbler, Shavlik, NetID, LANDesk, Lotus Notes, GroupWise, Outlook, Office Suite, Symantec Ghost, MS Project.
• Hardware: IBM, Dell, Compaq, HP, HP BladeSystem, SAN, Cisco Routers, Servers.

Work History:

Confidential

• Supports Ohio State Department of Administrative Services Network Security Operations Center.
• Provides technical expertise in security risk management, security architectures and implementations, and utilizing effective security risk assessment practices.
• Performs security requirements analysis, engineering design reviews, security testing oversight, and risk remediation planning.
• Identifies security issues for remediation, creates, modifies, and updates Security Information Event Management SIEM tool rules.
• Recognizes potential, successful, unsuccessful intrusion attempts and compromise through reviews and analyses of relevant event detail and summary information.
• Performs routine security functions for risk detection, prevention, and response incident handling and response activities using NIST-SP800 methodologies.
• Communicates alerts to agencies regarding intrusions compromises to their network infrastructure, applications and operating systems assists with implementation of counter-measures or mitigating controls.
• Generates end-of-shift reports documentation knowledge transfer to subsequent analysts on duty.
• Evaluates firewall change requests assess organizational risks, email security monitoring including message identification, notification searches and analysis requests.
• Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
• Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance.
• Prepares briefings and reports of analysis methodology and results.
• Prepares maintains Standard Operating Procedures SOP other similar documentations.

Confidential

• Protected Critical Digital Assets CDAs from cyber threat by conducting cybersecurity assessments, evaluations, validations and managing connectivity to ensure adequate security.
• Performed security requirements analysis, engineering design reviews, security testing oversight, and risk remediation planning.
• Performed routine security functions for risk detection, prevention, and response.
• Monitored Plant's security systems events to detect investigate mitigate threats.
• Conducted vulnerability and mitigation assessments of digital systems and components.
• Identified cybersecurity problems and possible solutions and took appropriate actions for resolution.
• Conducted research and gathered information, drawings, documentation, procedures, policies, practices, vendor manuals, and any other device information required to complete Tabletop and provide supporting information to the Cyber Security Assessment Team while addressing all cyber security controls prescribed in NEI 08-09 Appendices D and E for each CDA.
• Scheduled meetings with System Engineers, and other Subject Matter Experts SMEs to gather information and complete the Tabletop Controls.
• Created, issued, and reviewed questionnaires and surveys to aid data gathering.
• Conducted Walk-downs and validated all information collected in the Tabletop to ensure the As Built matches drawings, diagrams, IPs, vendor manuals, procedures and policies.
• Reviewed and signed the Tabletop and Walk-down review and validation reports.
• Developed and provided cybersecurity documentation to ensure integrity of computer systems and conformance with the HNP Operating License, Technical Specifications and the Client's Quality Assurance Program.
• Provided and documented Cyber Security Contingency Plan, Incident Response Monitoring.
• Participated in plant-committed programs such as Emergency Response Organization, Self-Evaluation Program and plant outages throughout the Nuclear Generation Group.
• Provided expert analysis and review of critical infrastructures using Design Basis Threat DBT , R.G. 5.71/5.73, NEI 08-09, and NIST recommendations.
• Assisted digital design engineers with plant modifications based on assessment validations.
• Provided support to Nuclear Generation Group initiatives as directed to support Nuclear fleet projects and initiatives for Cyber Security across NGG.
• Served as the liaison between Nuclear Engineering and Nuclear Security Group
• Ensured protective equipment was in place at the lines of connectivity of the plant computing network boundaries.
• Ensured uniform implementation of the technological aspects of the Cybersecurity Defensive Strategy by monitoring the Plant's defensive architecture that protects Critical Digital Assets.
• Employed intrusion detection techniques including but not limited to network protective equipment, configuration control, and access controls to deny unauthorized access, and deter and detect cyber attack.
• Defined and maintained configuration of protective equipment such as ACLs, network objects, network objects, service groups, and logging levels.
• Ensured that changes were evaluated and managed through engineering design control processes prior to installation in the production environment.
• Notified Security Analysts when configuration changes such as vendor patches, signatures, firmware upgrades, ACL updates were needed.
• Experience with root cause analysis, risk mitigation, security assessments, analysis of security threats, trends and architecture.

Confidential

• Provided daily Executive Summary Report status of security events to IT Director.
• Assisted in the development, implementation, enforcement maintenance of system security, policy standards, guidelines and procedures to ensure HIPAA NIST regulatory compliance.
• Monitored client security systems and events to detect, investigate and mitigate threats.
• Developed and created Standard Operating Procedures SOPs .
• Documented and maintained information security policies, procedures and industry regulations.
• Performed Change/Configuration Management best practices to ensure stability of systems.
• Recommended coordinated the application of fixes, patches, and disaster recovery DR procedures in the event of security breach to ensure business continuity.
• Worked with system owners to ensure the integrity, availability, and confidentiality of data residing in workstations, servers, is being transmitted over the network.
• Provided operational support for application and user- access security efforts.
• Researched, identified, applied technologies to improve the security of computer systems.
• Researched performed background analysis, using analytical approach with respect to event classification, event correlation, and root cause analysis.
• Performed incident response handling methodologies with a view to reacting quickly, decisively, and deliberately in high stress sensitive stress situations in a 24x7 environment.
• Reviewed and developed remediation plans for vulnerability assessments.
• Performed vulnerability assessment and remediation of systems to ensure compliance to policies, regulations and controls HIPAA NIST .
• Assisted in regular penetration testing and vulnerability assessments of systems in order to identify system vulnerabilities.
• Created, designed, and implemented test plans around testing the security of systems and processes, implementing risk assessments and Plan of Actions Milestones POA Ms .
• Acted as division's security representative at stakeholders, industry, and regulatory meetings, also reviewed vendor products, and made recommendations as appropriate.
• Analyzed and monitored systems/network workload and security standards adherence, making recommendations to resolve problems.
• Designed and conducted computer security awareness and education programs for staff.

Confidential

• Performed responsibilities as security analyst in a 24x7x365 Network and Security Operations Center NSOC .
• Assisted in the development creation of security plans, policies, procedures and guidelines.
• Assisted in regular penetration testing, vulnerability assessments remediation of systems of six federal agencies DOD, IRS, DOJ, HUD, DOT, DHHS in order to identify system vulnerabilities.
• Performed event monitoring to support the federal government agencies IRS, DOD, DOJ, HUD, DOT, DHHS using tools such as Tivoli TSOM, Tenable Security Center Snort, Nessus, and McAfee ePO in coordination with IBM's compliance operational assessment.
• Performed root cause analyses of events, systems processes provided solutions.
• Developed vulnerability patch management processes that ensured all hardware/software was accounted, monitored, and current on designated security standards, instituting a routine vulnerability assessment methodology that included network, configuration, and application.
• Utilized IBM Rational AppScan to perform and provide application security and risk management solutions.
• Tracked and analyzed Syslog files from firewalls and Windows/UNIX/Linux servers.
• Utilized IBM Site Protector and McAfee ePO to monitor IDS/IPS systems analyzed events, logs, and reported on auditable alerts for unauthorized access, alteration and compromise.
• Performed network and system vulnerability assessments scans using Tenable Security Center Nessus , IBM AppScan, IBM Site Protector, and WinAudit,
• Monitored critical, financial, and medical systems using Tivoli NetCool/Omni Bus reported on critical incidents and offer recommendations.
• Responded to network and security incidents Incident Response classified events, executed notification procedures, initial triage of events to determine if they were incidents.
• Collaborated with project teams to provide architectural guidance to ensure security was an attribute of all systems.
• Identified opportunities to deploy security technologies and process to enhance technology practice operations and competitive market position.
• Implemented security metrics - incidents, risk, compliance, availability, and service.
• Refined and maintained a comprehensive information security strategy and drive implementation and awareness across the Technology Practice.
• Documented systems and processes in compliance with NIST SP800 standards.
• Tracked customer trouble ticketing system using Remedy Service Desk.

Confidential

• Executed Plans of Action Milestones POA M to identify, assess, prioritize, and monitor the progress of corrective efforts for security weaknesses found in programs and systems.
• Administered Windows Server 2003/2008 systems and Active Directory network.
• Implemented the installation, configuration and provisioning of Windows Server 2008 systems on HP c7000 Enclosure SANs and Dell 1950 systems.
• Installed and configured HP BladeSystem c7000 and c3000 Enclosures.
• Implemented the migration of clustered SQL Server 2005 to a new Windows domain.
• Installed, configured, administered McAfee ePolicy Orchestrator 4.0/4.5 and Windows Server Update Services 3.0 on Windows Server 2003 for virus attacks and Microsoft systems updates respectively to prevent or remediate virus attacks.
• Provided support for System Development Life Cycle SDLC BCP/DRP programs.
• Monitored system network performance provided daily Summary Executive Reports.
• Performed preventive maintenance monitored and optimized performance of servers, collected, analyzed, and prepared usage and performance statistics.
• Provided support for development of security standards, guidance and policies for supporting government IT Security Programs.
• Researched current trends in computer network vulnerability, exploits, malicious actors and their techniques and unintended events, which impact network security.
• Performed network/security administration, monitoring, troubleshooting, and maintenance to ensure optimal and effective uptime of IT services.
• Analyzed, reviewed and maintained the security baseline by performing risk and vulnerability assessments to ensure balance between the availability of resources and the requirement of sufficient security measures for effective protection of intellectual property business continuity.
• Kept abreast of emerging security technologies and made appropriate recommendations to the senior management regarding their implementations.
• Evaluated security risk assessments and engineering change proposals.
• Developed provided systems documentation of network security procedures processes
• Assisted in the design, implementation, management and review of the network infrastructure based on business requirements to ensure a secured, resilient and continuous availability of IT services for the company.

Confidential

• Provided technical documentation of MdTA's systems processes and procedures BCP/DRP, security policies, network diagrams, backup operations, and installations configurations .
• Provided support for the installation and configuration of Disaster Recovery secondary site.
• Provided support for the design and implementation of BCP and DRP programs.
• Participated in project planning determined project needs in advance and established the appropriate timeline to complete projects on time
• Assisted in the creation, development, and implementation of IT Governance frameworks COBIT ITIL in the organization.
• Assisted in the development and implementation of System Development Life Cycle SDLC using the JAD, RAD, and Waterfall models.
• Implemented network vulnerability scans and assessment of systems.
• Produced design documents, network topologies, operational procedures and other security-related documentation for projects in the development/integration stages.
• Assisted with system security hardening, and baseline development and analysis.
• Provided security updates patch management for servers clients using Shavlik WSUS.
• Evaluated and provided recommendations on systems development, systems operations, and enterprise information security risks, vulnerabilities/exposures.
• Provided technical support and maintenance of managed/monitored UPSes.
• Provided imaging and cloning of client systems using Symantec Ghost Enterprise.
• Administered Blackberry Enterprise Server configured users for e-mails.
• Provided data backup and restore operations support in a clustered environment.
• Provided remote desktop management via LANDesk and Novell's ConsoleOne.
• Managed software distribution to client systems via Novell ZenWorks and scripts.
• Implemented migration from GroupWise 5 to Microsoft Exchange 2003/Outlook.
• Provided technical support for the Novell Directory Services to Windows Server 2003 Active Directory migrations, provisioning and consolidation.
• Maintained and administered Windows 2003 Active Directory, Group Policies and Novell Directory Services/NetWare 5 servers.
• Managed disks in HP StorageWorks EVA 8100 SAN clusters.
• Published applications, applied policies to various user groups via Citrix Management Consoles, and provided support for remote users via VPN and Citrix.
• Provisioned, installed, configured and implemented the Citrix Presentation Server 4.5 virtualization project using VMware ESX Infrastructure.
• Administered Citrix Presentation Server 4.0 and Maximo server farm.
• Administered VMware ESX Servers and VMs infrastructure using VirtualCenter.
• Provided support for the design, installation configuration of VMware ESX Servers.
• Monitored system and network performance provided daily Executive Summary Report.
• Developed and provided security test plans and vulnerability reports to management.
• Implemented maintained security focused Policies using NIST SP-800 Standards.
• Assisted in defining the overall information security strategies and procedures.
• Assessed, recommended, and implemented security controls and modules to ensure sufficient protection of corporate intellectual property and business continuity.

Confidential

• Implemented the design and development of IT Security Templates for securing servers/workstations and the testing of solutions to various security-related issues.
• Supported imaging and cloning of client systems using Norton Ghost Enterprise.
• Provided technology trend products and provided recommendations.
• Provided applications support implementation of existing functionality and enhancements.
• Developed user training manuals and trained end-users on how to use the Bureau's various technologies/applications Windows 2000/XP, Remote Access .
• Supported the planning, design implementation of the Bureau's Windows 2000/2003 Active Directory and migration from Windows NT 4.0 to Windows 2000 Active Directory.
• Performed security assessments vulnerability remediation of systems with documentations.
• Identified various security vulnerabilities, responded to security alerts, and took necessary actions to ensure system and network integrity and availability.
• Documented systems processes procedures in compliance with NIST SP800 standards.
• Evaluated compliance with established information assurance policies regulations.
• Reviewed provided recommendations on countermeasures prepared required security operations manuals and coordinated with the Operations Security Manager on daily basis.
• Assisted with the maintenance of Access Control List ACL and signature policies for Information Assurance devices, including IDS and Antivirus solutions.

Confidential

• Maintained Bureau of Census enterprise-level Novell and Windows NT network.
• Provided custom installation and configuration management of Windows NT 4/IIS
• Implemented network data backup using ARCserve and Veritas Backup Exec.
• Configured and maintained hardware RAID on Compaq and Dell servers.
• Provided Novell/Win NT server maintenance hardware support and system documentation.
• Implemented HP OpenView, Cisco router configuration and troubleshooting of failed interfaces, links, and protocols.
• Provided documentation for standard operating procedures for network security infrastructure
• Performed IDS/IPS operations and provided daily briefings to the Network Operations Team.
• Monitored network traffic to detect, identify and triage events of suspected or determined unauthorized activity.
• Performed investigative analyses of Security Event Information -IDS/IPS alerts, ACL logs, anti malware signature alerts, anomalous or suspicious activity.

Confidential

• Designed, installed, configured and managed Windows NT 4.0 and Novell servers.
• Supported data backup using ARCserve 6.5 for Windows and NetWare.
• Integrated Novell and Windows NT networks and provided end-user support.
• Maintained WINS, DHCP servers, and TCP/IP configuration.
• Provided system documentation of server and workstation configurations.

Confidential

• Planned implemented the migration from Novell NetWare 3.12 to NetWare 4.11 network.
• Provided system documentation of server and workstation configurations.
• Implemented the integration of Novell NetWare and Windows NT servers.
• Provided server GroupWise e-mail administration, maintenance NDS management.
• Provided the backup and restore operations using ARCserve and Palindrome.