Technical Certifications:

• Cisco Network Associate: Security CCNA Security EXIN ITIL v3 Microsoft Certified Systems Administrator MCSA : Messaging Microsoft Certified Technology Specialist MCTS : Microsoft Exchange Server 2007 Configuration Palo Alto Accredited Configuration Engineer ACE In progress CompTIA Security
• Operating Systems: Windows Server 2003, Windows Server 2008, Linux, CISCO IOS 14.x, Windows XP Professional, Windows Vista, Windows 7, Windows 8
• Software: Sidewinder Firewall, Palo Alto Firewall, Panorama, Cisco Firewall Service Module FWSM , Cisco Security Manager CSM , Sourcefire IDS, NETQos, SolarWinds, Splunk, Wireshark, Microsoft System Center Configuration Manager SCCM , Microsoft Exchange, Symantec Mail Security for SMTP, Microsoft Office Communicator, Remedy Tracking System, Active Directory, Windows Gold Disk, eEye Retina, Nessus, Nexpose Rapid 7, Nmap, Vulnerability Management System VMS , VMware, Microsoft Office
• it governance: DIACAP, FERC, FIAR, FISCAM, FISMA, HIPAA Security, ISO 27002, NERC-CIP, NIST, PCI-DSS, SARBANES-OXLEY SOX

Professional Experience:

Confidential

Sr. Security Solutions Architect Consultant

• Serve as the onsite lead supporting the remote testing team and onsite customer in order to facilitate operational fielding/integration, penetration testing, vulnerability assessments, remediation, upgrade and support schedules and activities
• Document and track the known risks and plans for implementing the determined mitigation and/or contingency strategies
• Ensure a quality assurance review of documentation-based deliverables is performed to ensure documentation is aligned with customer expectations
• Coordinate and conduct recurring security project status meetings with project stakeholders to communicate the overall progress

Confidential

PCI-DSS Assessor Consultant

• Performed a gap analysis on Belk's new Digital Store architecture, to include all ASA firewalls, perimeter routers, wireless routers, switches, and servers
• Worked with HP Security Architect to obtain a snapshot of the Palo Alto firewall deployment plan in relation to the new Digital Stores
• Interviewed security engineers and reviewed firewall configurations to determine if the Belk Information System was compliant with PCI-DSS requirements
• Observed Belk Digital store wireless AP configurations to detect if insecure encryption protocols were being used on the network

Confidential

HIPAA Security Auditor Consultant

• Performing risk assessments at twelve medical facilities per HIPAA Security Rule guidelines and NIST 800-66
• Advised the Chief Information Security Officer CISO of the recommended encryption, authentication and logging solution
• Conducted a business impact analysis BIA in preparation for developing the disaster recovery plan
• Composed all policies, plans, and procedures required by HIPAA Security Rule and HITECH

Confidential

Sourcefire Security Engineer Consultant

• Trained Analysts on how to perform various Sourcefire configuration and security related tasks
• Conducted a site survey to capture the required IP ranges, network maps and sensor to switch setup
• Advised Program Manager of the best course of action to optimize the Sourcefire sensors and Defense Center
• Modified Sourcefire RNA and IPS policies for each sensor administered in Defense Center

Confidential

Sr. Systems Analyst Consultant

• Serve as security consultant for all technical issues, including architecture, infrastructure, program initiatives, and best practices
• Perform FISCAM audits on seven United States Air Force Financial systems
• Developed and implemented test procedures to determine if the networks are configured in accordance with FISMA and NIST 800-53
• Analyzed DISA's SAS 70 against the customer's SLA to determine if the applicable controls were addressed
• Create detailed reports identifying where network design is not meeting Generally Accepted Government Auditing Standards GAGAS

Confidential

ARES CITS Site Lead Consultant

• Regional CITS site lead, responsible for securing AF Gateways at the highest level of the United States Air Force Enterprise Network
• Provide technical support to 2Gen Wireless project identify and report discrepancies in engineering design to the CITS Program Management Office PMO
• Evaluated CITS PMO engineering Business Requirement Documents BDR , Source Requirement Specifications SRS , and Use Cases to determine if they aligned with mission needs
• Assisted in designing and building the WAN backbone of the Air Force SIPR network to include analyzing fiber optic connectivity
• Supervises Field Service Engineers FSE s at AF bases in Louisiana, Alabama, Georgia and Florida on identifying software and hardware deficiencies, addressing vulnerabilities, and detecting cyber attacks
• Managed Palo Alto auditing project team tested and deployed templates designed to check Palo Alto Firewalls/IDS for DISA STIG compliance
• Managed Palo Alto deployment to 125 Air Force bases and 16 Gateway locations across the world
• Prepare required Certification and Accreditation C A documentation and artifacts in accordance with Department of Defense DoD Information Assurance C A Regulations DIACAP
• Provides guidance to CITS PMO in implementation of the Defense Information Systems Agency DISA Information Assurance and Vulnerability Management IAVM program

Confidential

HIPAA Information Security Officer Consultant

• Performed risk analysis per HIPAA Security Rule guidelines and NIST 800-66 delivered security solution to address all technical, physical, and administrative vulnerabilities detected protected organization from being compromised by cyber criminals
• Developed security plan, change management and configuration management plan, business continuity plan, password management plan, asset management plan, and ePHI incident response procedures in accordance with NIST 800 series
• Created an asset management database and allocated baseline captured all configuration changes made on medical information system

Confidential

Chief Information Security Officer CISO Consultant

• Developed and implemented strategy to modify local network infrastructure in accordance with NIST 800-30 enhanced the security posture of the network by minimizing exposure to threats
• Well rounded automation and/or process knowledge including but not limited to: DCS/Distributed SCADA network architecture for control systems
• Conducted site survey for customer to assess the effectiveness of existing physical security layers
• Created backup plan that was integrated into daily LAN operational procedures
• Analyzed threats and provided impact assessment for exposure to malware
• Knowledgeable of FERC and NERC CIP standards performed research on solutions to protect US power grids from cyber attacks
• Working knowledge and understanding of regulations/standards for critical infrastructure NERC CIP, NIST 1108R2, ISA-99, IEC 92443, WIB, etc. and processes

Confidential

Information Security Engineer Contractor, AFNET Increment 1 System

• Experienced in implementing security compliance in accordance with NIST 800 series, DoD Instruction 8500.2, DoD Instruction 8510, and FISMA standards
• Developed step by step risk assessment procedures that were implemented across 16 organizations world-wide
• Performed risk and impact assessments for all change requests presented to the Change Management Engineering Review Board ERB
• Audited 180 Windows and UNIX servers, 160 Cisco routers and switches, and 60 appliances enhanced the overall security posture of the system within the guidelines of DoD Information Assurance Certification and Accreditation Process DIACAP
• Provided risk management consulting services in support of AFNET Increment 1 project review network design, artifacts, and perform in-house audits
• Performed system test and evaluation ST E activities on a variety of hardware and software systems
• Coordinated Certification and Accreditation Plan of Action and Milestones POA M implementation with Operations department
• Conducted vulnerability assessments of network systems using Retina network vulnerability scanner and Windows DISA Gold Disk software at 16 Air Force sites

Confidential

Information Security Analyst Contractor, GCSS

• Applied knowledge of current IA policy, tactics, and techniques by performing risk assessments on over 600 Windows and UNIX servers
• Thorough knowledge of the Department of Defense Information Assurance Certification and Accreditation Process DIACAP , roles, responsibilities, and methodologies
• Analyzed vulnerabilities on Windows and UNIX servers to ensure the integrity of the GCSS infrastructure remains uncompromised
• Organized with appropriate parties to ensure the timely deployment of operating system and application security patches
• Provided oversight in the management and mitigation of Retina and DISA STIG findings

Confidential

Network Security Engineer, Contractor, 26 Network Operations Squadron NOS

• Exchange Lead, responsible for configuring and performance monitoring of 3 Exchange 2003 clusters
• Maintained the Air Force's Intranet which includes over 1300 Cisco Service Delivery Point routers and multiple LAN servers, switches and routers
• Utilized Wireshark to perform independent assessments of the nodes in the DMZ and internal burb
• Built, configured, and administered a Symantec Mail Security for SMTP server, which filtered, blocked, and deleted over 250 viruses a month that were transferred by electronic mail
• Built Exchange 2003 server and migrated 120 user accounts to a new 1950 server that had RAID 1 capability efforts reduced the chance of losing vital information during system malfunctions
• Administered information protection for the LAN and Sidewinder/PIX firewall's and SNORT/Sourcefire IDSs
• Extensive experience in installation administration of Windows 2003 servers, Active Directory Design Architecture, File Servers, XP Pro, Vista, and Windows 7
• Installed and configured Sourcefire IDSs on LAN and conducted daily analysis of alerts
• Supported DIACAP team with Certification and Accreditation package by completing Ports and Protocols analysis
• Secured Windows 2003 network infrastructures by performing OS hardening, implementing Microsoft Active Directory, and securing online communication using SSL digital certificates
• Resolved Retina Scan vulnerabilities that could potentially bring down the network and cause damage to over 5 million worth of equipment
• Obtained and installed over 150 PKI certificates on servers and workstations and conducted training for customers on the use of the certificates
• Composed and maintained security procedures on both classified and non-classified networks the procedures provide detailed steps that are critical in preventing the loss, alteration, or leak of critical information

Confidential

Exchange Administrator, SSgt, Network Control Center

• Supervised 4 messaging technicians, which included overseeing training to ensure that they were qualified on core tasks and that they understood their responsibilities which was performing complex systems analysis through the design, development, and configuration of exchange servers
• Served as the administrator for Exchange 2003, Symantec mail Gateway servers, Blackberry devices and server, and Microsoft Outlook efforts ensured the successful delivery of over 22 million messages
• Prepared recommendations for the acquisition and replacement of equipment valued at over 35,000
• Migrated 2,500 mailboxes from Exchange 2003 to Exchange 2007 servers

Confidential

Exchange Administrator, SSgt, Messaging Section

• Administered 6 Exchange 2003 and 2 DMS servers hard work ensured that electronic mail successfully flowed to more than 8,000 users
• Developed the Preventive Maintenance Inspection program for all exchange servers the program contributed to a near 100 up time
• Resolved over 450 computer trouble tickets over a two month period efforts prevented the loss of valuable man hours due to work stoppage and saved the unit over 100 hours in down time
• Supervised 13 Exchange administrators whose responsibility was to provide vital support to 5 geographically separated units serviced by Osan Air Base

Confidential

Enterprise Controller, SSgt, NOSC

• Created and modified access control lists on Sidewinder 5.2 and 6.0 firewalls efforts protected 15 sites from malicious attacks
• Resolved communication outages and provided a single point of contact for all deployed communication issues
• Provided the daily situation and health reports for all network control centers in Southwest Asia efforts ensured that operations were up and running around the clock