Confidential, Chevy Chase, MD
Information Security Consultant/ISSO
- Responsible for reviewing and advising on all aspects of information security involving the implementation of a new external hosted system as well as performing the actual ST&E. This includes web servers (Microsoft IIS, Apache), Oracle databases, and operating systems. In addition, complete monthly compliance and vulnerability scans (Nessus). Work with cloud services team to ensure system and physical security is maintained.
- United States Citizenship and Immigration Services - ST&E EngineerResponsible for performing ST&E on assigned systems. This included performing technical security assessments of operating systems, applications, databases, and the networking environment. Tools such as Nessus, DB Protect, HP WebInspect, and custom scripts were utilized to achieve results.
Confidential, Washington, DC
- Perform security advisory and and accreditation (C&A) work for The Department of Treasury. This includes Solaris, Oracle databases, Cisco PIX firewalls, etc. Tools used include vulnerability scanners (Nessus, Retina, ISS, etc.) DISA SRR scripts, CIS Security Tools, etc. Utilize NIST standards such as, etc. to perform tasks and create reports.
Confidential, Washington, DC
- Responsible for installation and customization of ArcSight Security Information Management (SIM) software. This includes Oracle database, ArcSight manager, ArcSight agents, Storage Area Networks (SAN), and operating systems (Windows and Red Hat). The installation of the software components required knowledge of Linux (Redhat), Windows (XP, 2000, etc.), SNMP, firewalls, Syslog, etc. In addition, I performed as an assistant instructor in ArcSight classes and hardened government systems as defined by government hardening procedures.
Confidential, Rockville, MD
- Responsible for designing and implementing a PKI (Entrust) solution.Also responsible for recommending, evaluating, designing architecture and implementing WinMagic disk encryption solution. The solution will be used to encrypt laptops and desktops to secure data. In addition, I performed IDS monitoring (Enterasys Dragon and ISS Site Protector) and incident response.
Confidential, Atlanta, GA
Security and PKI Consultant
- Responsible for installation, configuration, and modification of Xcert PKI (Public Key Infrastructure) products in NT and UNIX (Solaris) environments. This included integration of products with HSM (nCipher,Chrysalis), web servers, and cryptographic accelerators. Assisted in the design/implementation of PKI architecture, drafting of CP/CPS, issue/renewal/revocation procedures of X.509 v3 digital s. Advised clients on the most secure infrastructure to host internal PKI and on how PKI could assist with achieving HIPAA requirements
- This included firewalls, operating systems, intrusion-detection software (IDS), SSL use, LDAP, physical security, and backup strategy. Also participated on team that investigated the feasibility of an outsourced Authority (CA). In addition, participated on sales’ calls and advised sales engineers on scope and length of engagements.
Confidential, Atlanta, GA
- Responsible for installing and evaluating PKI products ( Servers, Directory Servers, Browsers, etc) in PKI laboratory. Performed research on a possible PKI solution (in-house, outsource, in-hybrid, etc.) for the state of Georgia. This included building NT and UNIX servers and installing the following products: Entrust 5.0, Netscape Management System 4.0, Baltimore Technologies’ UniCERT, Netscape Enterprise Server, Apache, Microsoft IIS, etc. The following issues were addressed: ease of installation, administration, cost of deployment, degree of end-user interaction required, flexibility, cross-, stability, etc.
Confidential, Chicago, IL
Senior Security Consultant
- Performed attack and penetration of client NT and UNIX networks using common tools, such as whois databases, DNS commands, FTP, ISS, Ballastia, Telnet, Ping Pro, and ESM. These tools were used to discover and exploit vulnerabilities such as open ports and weaknesses in Firewalls and routers. The goal of this process was to capture administrator accounts and important files. Performed security consulting, security assessments (audits), and made security recommendations on NT and UNIX machines, wide-area-network configurations
- Oracle databases (utilized SQL commands and scripts), physical security, and SAP enterprise system. In the SAP arena, worked with technical team and business team to define job roles and create profiles. Facilitated SAP security workshops for technical and business teams. In addition, responsible for drafting proposals and letters of understanding describing the cost of services, man-number of resources needed, and the approximate number of hours needed to complete engagements.
Network Security Analyst/Web-Page designer
- Assisted with installation of firewalls, routers, and NT servers. Responsible for Internet/Intranet and NT security, firewall administration, managed private keys (ENTRUST) and assisted with PKI implementation, researched and evaluated new products that would make the environment more secure and monitoring easier. In addition, provided security expertise in the following areas: IBM mainframe (using RACF), AS/400, Meditech (system used by hospitals), LAN, WAN, designed security forms, and documented all security procedures
- Prepared web reports (top users, most requested pages, etc.) and designed IS Security web page for the Intranet which allowed company users to access corporate security documents, such as forms and security policies. Position required day-to-day interaction with users with various degrees of computer experience in which excellent written and communication skills were necessary.
Data Security Analyst
- Acquired knowledge of Top Secret mainframe security package.Created Datanet, TSO, and other types of system IDs.Solved day-to-day access problems reported by users worldwide.Provided procedural documentation for creating and editing different types of system IDs.Trained new hire Data Security Analyst.Created a filing system for all completed work.