SUMMARY:

Innovative Electrical/Computer Engineer with background in Information Technology and emphasis in managing, engineering, and architecting Information Technology Security seeking a challenging leadership position at an organization in need of IT improvements.

SKILL:

• PeopleSoft (CS,CRM) AutoCAD, MS Visio Rsyslog, syslog - ng Snort IDS
• UNIX (Solaris 10,BSD,HP) GW, Outlook, Lotus Solarwinds nCircle, Qualys
• Windows XP/Vista/7 MS Office 2007/2010 Pointsec (CheckPoint) Sophos SafeGuard
• Win Server 2003/2008/2012 IIS/Apache/PHP Veritas NetBackup LDAP, SAML
• Nmap, Nessus, Encase HTML, XML, .NET Tripwire CoreImpact (Penetration)
• Linux (Deb, RedHat,) Java, C/C++ CiscoWorks McAfee, Symantec, Bit9
• Novell NDS SQL/MySQL/Oracle HPOpenView Squid
• VMware PGP encryption Kali AD, DNS, DHCP
• Metasploit FTK EnCase
• SmartBits VoIP - Nortel Cisco/Nortel (Rtrs/Sw) Ciena DWDM
• VMware ESX Gigamon Cisco UCS (virtualization) F5 LTM/APM/ASM
• Cisco IronPort SafeNet HSM Axway (Secure Transport) LAN/WAN
• Bluecoat SGProxy/Packeteer LogRhythm SIEM ASA,PIX,FWSM WiFi, 802.11x
• Nexuss Splunk SIEM Cisco ACS, VPN SAN/NFS
• RSA Security Analytics QRadarSIEM Cisco IDS (SourceFire) MPLS
• FireEye (host/web/mail) Arbor Peakflow TippingPoint IPS RSA SecurID
• Forensic Investigation Higher Tier Support Project Management PCI-DSS, HIPAA
• Phy/Net/Appl Security Technical Trainer Disaster Recovery Planning FIRPA, SOX
• Protocol Analyzing System Administration Vulnerability Assessment ISO, IEC
• Penetration testing Supervisor Vendor Assessment Process ITIL

WORK HISTORY:

Confidential, Chicago, IL

SR SECURIty Engineer/Architect/Team Lead

Confidential, Chicago, IL

SR SECURIty Engineer/Team Lead

Confidential, Herndon, VA

SR. Security Engineer

Confidential, Chicago, IL

UNIX Administrator/sECURITY aNALYST

Confidential, Dekalb, IL

Sr. Network Engineer

Responsibilities:

• Provide IT Security guidance and leadership for the Confidential by providing meaningful resolution to organizational security concerns as well as proactively introducing technologies and/or processes to advance overall information security posture, growth, and maturity.
• Support various business units with tasks of achieving or exceeding their goals while remaining security conscious and aware. Support a fast-paced environment in which “time is money,” and innovation leads to added success.
• Plan and budget for key purchases of appliances, software, and other resources required to identify and/or fill security gaps.
• Designed customized training and delivery to address common security related matters such as phishing, espionage, impersonation, and social engineering.
• Design customized IT Risk Management Framework and Program for the firm, incorporating well-known frameworks such as NIST, ITIL, ISO, and PCI-DSS resulting in a better understanding and measurement of risk and controls or safeguards to mitigate the risk.
• Routinely monitor for OWASP top 10 related vulnerabilities associated with web application and coding security resulting drastic reduction of cyberattack surfaces.
• Manage vulnerability assessment program resulting in the proactive discovery and mitigation of vulnerabilities of various criticalities of infrastructure devices, servers, end points, and configurations.
• Instrumental in designing and implementing security strategies to address the “insider” threat resulting in increased visibility and understanding of how, when, why, and what data flows through the organization.
• Head and moderate a firm-wide cybersecurity working group in which key stakeholders from various departments such as legal, compliance, human resources, securities, finance & accounting, physical security, and central IT collaborate resulting in heightened visibility and irrefutable emphasis of organizational-wide security concerns.
• Design and Implement security policies, procedures, standards, baselines, and guidelines based on known standards and best practices to protect the confidentiality, availability, and integrity of sensitive, confidential, PII, PCI, and intellectual property data.
• Design security models to meet Meaningful Use, HiTech, HIPAA and other such requirements governing clinical data and procedures resulting in better safeguards around patient data.
• Design security measures around protecting high-risk medical device instruments leveraging legacy technologies and/or devices under strict FDA guidelines resulting in better segmentation, firewalling, and threat awareness.
• Implement access control mechanisms such as “least privilege” and “segregation of duties” which ultimately plays a role in how RBAC and/or DAC are adopted. Firm understanding of integration of directory services such as AD, LDAP with identity management Systems such as PeopleSoft to provide automation and streamlining when it comes to entitlements, user, service, privileged accounts.
• Design and implement PKI strategies to support the encryption and secure access of data and systems.
• Perform POC (Proof of Concept) analysis on new IT products and solutions being implemented and gap analysis/risk assessments on products and technologies already deployed resulting in a reduction of the number of tools required and the fulfilment of both business use cases and closing of security gaps.
• Assess security standards and requirements during a centralized architectural review committee of key IT personnel in which all new vendors are required to participate before legal contracts are approved and signed which resulted in time/resources savings and more streamlined approach to vendor assessments.
• Architect security infrastructure placement and provisioning of security and network infrastructure including but not limited to proxies, firewalls, content filters, SEIMs, IPS/IDS, Vulnerability scanners, directory services, VPNs, reverse proxies/load balancers, databases and protocol analyzers.
• Work directly with internal legal team to establish and review security components of issued contracts as well as with coordinating IT resources for litigation holds ultimately resulting in a substantial increase in 3rd Party liability to protect ePHI, PII, or intellectual property data.
• Develop applications to streamline redundant and routine processes ultimately leading to higher productivity of staff; improved SLA; compliance; and better organization of statistical data or metrics to measure progress.
• Teach several graduate-level courses pertaining to Information Systems and Information Technology.
• Conduct classes of up to 25 students, designing constructive assignments such as quizzes, research papers, labs, midterms, and final exams to meet the standards of Confidential and fulfill the obligations of enhancing student’s knowledge and understanding of information systems and technology.
• Draft comprehensive reports and presentations for the purpose of instructing upper management resulting in informed methods and decisions to implement specialized security solutions, controls, and safeguards.
• Project manage, design, and implement several organization-wide security related projects resulting in success properly allocated resources and talent, increased productivity, and deduplication of efforts.
• Respond to security incidents dealing with spam, phishing, system vulnerabilities, plagiarism, copyright violations, legal Subpoenas, virus outbreaks, probing, denial-of-service, defacements, and liability concerns.
• Provide advice and training regarding new information security technologies.
• Supervise other employers assigning them work tasks and monitoring their performances.
• Keep abreast of changes and advances in network & security communication hardware and software (i.e. periodicals, seminars, continuing education, webinars, etc.) resulting in continuous improvements in overall security posture and a compass to gauge the continuous security threats.
• Design, implement, and support WAN/LAN/CAN and wide range of devices including: routers/switches/cache engines/VPN/wireless (canopy, 802.11x)/RADIUS server/LDAP server/photonics.
• Design routing/switching schemes involving protocols such as EIGRP, OSPF, STP, HSRP, BGP, 802.11x resulting the redundancy and availability of data and systems throughout the organization.
• Respond to all network infrastructure and security related trouble tickets in a timely manner and according to protocol.