SUMMARY:

• Vulnerability Assessment and Penetration Testing, Security Analysis, Network Administration, Systems and Application Administration, Enterprise Information Assurance, Risk Management, IT Governance, FISMA, Privacy, Business Continuity & Contingency Planning, Information Security, Network Continuous Monitoring, Project Management, SDLC, Cloud SecurityHIPAA, SOX, and PCI - DSS compliance
• Intelligence driven defense utilizing reverse engineering malware (REM)
• Expert knowledge of OWASP top 10, and SANS top 20 critical security controls
• In depth knowledge of the lifecycle of security event information collection, translation, investigation and incident response of enterprise-wide security implementations
• Development and testing of a premier forensics and incident response program
• Creation of automated security testing scripts using Python, PowerShell for open port scanning to identify brute force attacks, DDos, botnets, NMAP port scanners
• Configure, integrate, and deploy: NGFW, WAF, SIEMS, IDS, IPS, DLPS
• Implementation of Information security frameworks using ISO 2700x standards
• Extensive experience w/ Unix/Linux systems, shell scripts, open source software
• Endpoint management / protection utilizing LANDesk, SCCM, Symantec, McAfee
• Proficient with Windows, MAC and Linux Operating systems
• Identity and Access Management: RSA (IMG) IBM (TFIM) Microsoft (ADFS)
• Enterprise cyber security threat analyst, vulnerability assessment, and risk management
• Fully versed in Windows, UNIX, and Linux based operating systems and networking technologies

TECHNICAL SKILLS:

Deep knowledge of global / domestic regulations and standards: GLBA, FISMA / NIST, SOX, HIPAA, FDA, EMA, HITRUST, HITECH, ISO 2700x and SSAE 16, NIST- CSF, PCI-DSS

Programming: Python, Java, JavaScript, C++, C#, Perl, Ruby, PowerShell

L2-L3 protocols: OSPF, EIGRP, STP, VLAN, VTP, 802.11, IPv4, IPv6, ARP

L4-L7 protocols: MPLS, TCP/IP, UDP, BGP, BACnet, HTTP, HTTPS, SSL, SSH, FTP, DNS, DHCP, NTP, SMTP, SMB, SNMP, RADIUS, RDP, LDAP, BGP

Security protocols: IPsec, SSH, SSL/TLS, VPN, ISAKMP, DES, AES, RSA, PKI

PROFESSIONAL EXPERIENCE:

Senior Network Security Engineer

Confidential, Boston, MA

Responsibilities:

• Configuration, integration, deployment of Cisco ASAs, Palo Alto, Checkpoint NGFWs
• Senior member of the Computer Incident Response Team (CIRT) respond appropriately to event detection by the Security Operations Center (SOC) and the Computer Security Incident Response Center (CSIRT) Perform malware reverse-engineering using IDA Pro for static and OllyDbg for dynamic code analysis
• Vulnerability scans / Penetration testing: Qualys, Appscan, Webinspect, Metasploit, Kali
• In depth technical analysis of cyber security incidents identified as a threat to the confidentiality, integrity, and availability of intellectual property, business partner information or employee's personal identifiable information
• Development of security policies and procedures such as user log-on and authentication rules, security and breach escalation procedures, security assessments, and use of firewalls and encryption routines. Implementation of recommended remediation plans
• Principal for monitoring and analyzing information security events to ensure a consistent and coordinated response to new, ongoing, and emerging security threats
• Establish and maintain defensible evidentiary processes for all forensic investigations
• Managing and maintaining Forcepoint (Websense) infrastructure across multiple deployments, including troubleshooting business-critical devices
• IBM QRadar; HP ArcSight (ESM); SolarWinds, Wireshark, Nessus, and Splunk
• Trend Micro, Symantec, LANDesk, SCCM, Carbon Black, (DLP) EMC-RSA, Symantec, Trustwave, Websense, OfficeScan.
• FireEye: Automated threat forensics and dynamic malware identification and protection
• Implement network security practices and breach notification protocols in addition to other audited regulatory requirements in an ISO / IEC 27000: 2016 framework
• Web application firewall (WAF) configuration and deployment to protect web application servers against XSS and SQL injection attacks
• Configure, deploy, manage (NMS) utilize enterprise network monitoring tools: Solarwinds (NPM, SAM, and WPM) Coradiant, the BMC product suite (BPPM, ADDM, CMDB, and APP Diagnostics) HP Open View (all versions) - HP SiteScope, HP: OM, Omi, NNMI

Senior Network Security Engineer

Confidential, Boston, MA

Responsibilities:

• Responsible for the Maintenance of medical information security systems as per the Health Insurance Portability and Accountability Act (HIPAA) (42 U.S.C. §1301 et seq.)
• Senior EHR Database Engineer, Epic Cache Database Administrator, SQL Server DBA
• Splunk enterprise administrator, collected, analyzed and act upon big data generated by BIDMC’s security systems and vast technology infrastructure
• Configured, deployed, managed, Cisco’s FirePOWER 8000 high-performance next-generation intrusion prevention systems. Configured and deployed Checkpoint NGFW
• Configuration, integration and deployment of network vulnerability scanning tools: Including but not limited to: Tenable (Nessus) Qualys, (SIEMs) ArcSight, QRadar. Security and malware protection: FireEye CM, NX, HX. (Endpoint Management, Protection) LANDesk, Symantec, MS-SCCM, McAfee epo (DLP) Symantec and others
• Built multiple Arcsight channels (intrusion detection, executables and suspicious source) for analytical and engineering response actions
• Managed multi factor authentication processes and protocols. (system and user) using: RADIUS, LDAP, AD, TACACS+, 802.1x. Identity and Access Management utilizing RSA (AVESKA) IBM (Tivoli) Microsoft (ADFS) and PKI token / certificate based authentication
• Design and implementation of virtual switching system (VSS) for both user segment and server segment using 6509-V-E catalyst switches
• Configuration and deployment of Cisco 2960, 3750-X, 3750V2, 4500E, 4900, Nexus 4000, 5000, 6500 Catalyst switches. Configure, deploy: Cisco ASR, ISR 3800, Coriant 8600 routers
• Switching technology and administration including: creating and managing VLANS, port security - 802.3ad, Trunking-802.1Q, RPVST+, Inter-VLAN routing, and LAN security on Cisco Catalyst switches 4507R+E, 6509-E and Cisco Nexus Switches 2232, 5596, 7009
• Made use of multiple cloud technologies for various applications including AWS
• Ethernet switch configuration: Port management, switch stacking virtual chassis VPC, VLT

Senior Network Engineer / Systems Administrator

Confidential, Boston, MA

Responsibilities:

• Configured Fortinet 80C / 100D clustered Palo Alto and Cisco ASA next gen firewalls
• Configuration, maintenance, and troubleshooting of dynamic routing protocols: BGP, OSPF & EIGRP (route redistribution, route-maps, offset-lists, prefix lists, route summarization, route-feedback, BGP attributes) on Cisco Routers 7613, 7201, and 3945E. Configured, deployed and monitored F5 load balancers
• Installed, configured and managed Cisco routers: 7200 series, 3800 series, 3700 series, 2800 series and Cisco Catalyst switch series 6500, 4500, 3500, and 2900
• Utilized knowledge of frame relay, MPLS services, NAT'ing, subnetting, including: DNS, LDAP, DHCP, HTTP, HTML, HTTPS, TCP/IP, UDP, SNMP, RIP, IPSEC, PPTP, WISM, ACL’s, HSRP, BFD, Netflow, and multicasting protocols. Cisco wireless network admin
• Switching technology and administration including: creating and managing VLANS, port security - 802.1x, Trunking-802.11, RPVST+, Inter-VLAN routing, and LAN security on Cisco Catalyst switches 4507R+E, 6509-E and Cisco Nexus Switches 2232, 5596, 7009
• Active Directory domain controller replication, management, services, backup functions
• Network design, architecture, stress tests, wireless network management. Switches: Cisco Catalyst series 3750, 4500, 4900, 6500; Nexus 2000, 5000, 6000 and 7000, Cisco WAAS, Routers, Cisco series: 7200, 3800, 3600, 2800, 2600, 2500,1800
• Managed reliable, secure, and high performing systems in a multi-domain, multi-site Windows Active Directory environment that consisted of IBM servers, EMC and HP storage arrays, Windows 2008, 2012 servers. Configuration of: DNS, DHCP and WINS. VMware administration using vSphere 5.5 (Hypervisor)

Manager, IT Client Services

Confidential, Boston, MA

Responsibilities:

• Project Manager for the creation and management of large enterprise projects including: transition to the EPIC EHR | EMR system. EPIC Cache and SQL Database Administrator
• Responsible for the daily operations of the organization’s Help Desk, Desktop Support, and Desktop Engineering departments, including Audio Visual and Telecommunications services
• Revamped an underachieving Client Services team by restoring pride and respect. Built a strong team (through training) which consistently displayed dedication and enthusiasm
• Improved customer satisfaction rating by 50%; consistently achieving survey results of 90% or better. Accomplished this higher level of service while decreasing the team by 10%.
• Increased FCR (first call resolution) of the Help Desk to 70% by implementing standard procedures and continuous process improvement
• Created a Desktop Engineering team focusing on standardization and implementation of endpoint software and imaging, utilizing LANDesk, SMS, SCCM 2012 and Remote-App
• Created Information Security Management System (ISMS) by developing, implementing, and overseeing the enforcement of policies, procedures, and associated plans for system security administration with user system access based on industry-standard best practices
• Annual tech refresh, Windows 7 & Citrix upgrades. Supported Avaya digital telephone system
• Development of disaster recovery plans - Conduct several RFP’s for new initiatives
• Installed desktop power-saving software resulting in 10% annual savings in energy costs
• Established security policies around: MDM, encryption, antivirus, Computrace, MS-SCCM, EPIC - EHR | EMR

Project Manager

Confidential, Boston, MA

Responsibilities:

• Project Manager, designed and implemented a BACnet to support Johnson Controls, Siemens, Honeywell, Trane, Tyco, United Technologies and GE systems
• Managed Cisco - Johnson Controls (BAS/IP) Building Automation Systems. HVAC-R, lighting, fire alarm, elevator controls, security and energy management systems
• Coordinated weekly 13K Volt emergency generator tests for ATS standby readiness
• Expert knowledge of BAS, BMS, and large scale facilities infrastructure to manage and monitor all industrial utilities systems as required to provide comfort, safety, efficiencies
• Managed balancing processes and fundamental strategies to meet ASHRAE 170 requirements in all health care occupancies
• Provided training to technicians in the preventative maintenance of systems
• Directed staff / security personnel to take action with hospital wide systems such as: medical gas, life safety, elevator malfunctions, fire (or false alarms) mechanical and utilities failures
• Archived and made available to JCAHO (for compliance certification) all engineering systems preventative maintenance logs and systems documentation