Summary

IT SECURITY ANALYST

Dynamic Information Systems Security Professional with demonstrated expertise in all phases of Information and network security issues including security strategy, architecture, firewalls, and operational services. Diverse background consisting of positions encompassing the creation of innovative, technologically advanced security solutions for government agencies and private organizations. Excellent analytical skills, with the critical ability to identify security issues and quickly apply effective resolutions, as well as establish and implement backup and recovery plans. Expert organizational skills that include the ability to successfully manage complex projects and rapidly evolving requirements. Strong knowledge of global Information security controls, and excellent assessment skills. Adept at learning new skills and applying the knowledge to improve the security environment. Active Secret Security Clearance.

AREAS OF EXPERTISE

• Security Management
• Technology Architecture
• Application Deployment
• Software Configuration
• Document Management
• Risk Analysis
• Network Communications
• Performance Monitoring
• Government Policies
• Network Management

EXPERIENCE ACHIEVEMENTS

Confidential

SYSTEMS SECURITY ENGINEER

Selected to provide high-level support for the Software Engineering Center for the Contingency Defense Satellite Communications Systems and Operations Control System. Provide direction, support, performance monitoring, and scheduling of three staff members on a variety of security and communications systems. Ensure compliance with military and government standards and regulations. Maintained the Windows Server Active Directory and Exchange2000 and 2003, providing security patch management for critical updates. Monitored network communications and performance and facilitate modifications to configurations as needed. Maintain documentation of network and security systems, including software configuration changes, upgrades, rollout of test procedures, and security policies.Nessus and Retina vulnerability management software used for compliance monitoring, and threat detection for all systems.

BUSINESS IMPACT:

• Perform end-to-end release management, including all documentation, requirements gathering, and ensuring adherence to policies.
• The following software's are used to do Patch Management and Security Management with all government systems.Nessus and Retina is used to detect potential vulnerabilities on tested systems. We also use the following to scripting tools to script security updates for system, tools used are .net and NSIS.
• Document incidents in accordance with approved Incident Response Plan and forward for review and action.
• Address IA Vulnerability Management IAVM for all IVA Alerts IAVAs , IVA Bulletins IAVB , IAV Technical Advisories IAVTs , and Computer Tasking Orders CTOs .
• Support development and implementation of IA policies, procedures and guidelines.
• Address system and network security violations and incidents. In coordination with the IAM, initiate protective or corrective measures when an IA incident or vulnerability is discovered.
• Evaluate IA and IA-enabled software, hardware, and firmware for compliance with appropriate security configuration guidelines.
• Provide security engineering designs and implementation in all aspects of Information Assurance and Information Security InfoSec Engineering.Assesses and mitigates system security threats/risks throughout the program life cycle validates system security requirements definition and analysis establishes system security designs. Performs functions necessary to ensure the security of an enterprise network which includes Information Assurance Vulnerability Management IAVM and Risk Analysis assistance in the mitigation of security risks to operating systems and applications used within the network by using Retina and Nessus and other tools needed to find Vulnerabilities.

Confidential

SENIOR SYSTEMS ENGINEER / IT MANAGER

Charged with all design, management, and support of the operations for a multi-platform LAN/WAN environment within the company's Research and Development Laboratory. Provided systems administration and support for more than 186 work notes, including RedHat Linux, HP UNIX, Microsoft Server 2000, 2003, XP Pro. Performed security patch management for Exchange 2000 and provided remote and local desktop services for Microsoft Windows Active Directory. Maintained and assigned various IP services, including DNS, Web Proxy, and Socks. Maintained and configured Dynamic Host Configuration Protocol DHCP servers. Provided administrate staff and interns with training. Charged with implementing and administering daily applications and provided network security access. Provided management and administration to staff and interns. Designed and delivered new policies and rules, providing updates, configuration, and troubleshooting. Provided management and installation of TCIP/IP and UDP/IP networking for router configuration and setup. Trained and supported end users of software, hardware, laptops, workstations, computer accessories, and peripherals. Performed all scheduling and dispatching of resources for tracking and resoling network issues.

BUSINESS IMPACT:

• Facilitated comprehensive training initiatives throughout the United States and France.
• Met the needs of a rapidly expanding research laboratory, which went from 20 to 200 staff members while expanding the entire wireless and telephone network.