SUMMARY:

• Results - focused and dynamic professional, with over 20 years of diverse experiences; steering and directing all aspects of operations, business development, and project management. Highly reliable with strong working knowledge of promoting security awareness to ensure system security and to improve server and network efficiency. Efficient and highly motivated with working knowledge of the principles and techniques of effective supervision and, and ability to work effectively in busy environments with positive results. Proactive with excellent interpersonal and communication skills, experienced in working with different teams and personalities including clients and vendors as well as working on own initiative.
• Cyber Security Advanced Persistent Threat Detection Cyber Security Management
• Operations & Project Management Staff Development &
• Strategic Planning & Development P&L / Budgeting / Cost Control
• Business Continuity & Disaster Recovery Administrative Functions
• Successful Projects
• Campus-wide ERP Rollout Managed WIFI Solution
• Office 365 Corporate email migration HelpDesk Call Center Implementation
• Active Directory / Group Policy SharePoint Intranet and Website
• Network Infrastructure Design and Implementation SharePoint Business Workflows
• Win XP to Win 7 Migration (500+ Desktop Computers) Centralized Docs & Reports Library

TECHNICAL SKILLS:

• McAfee ESM, REC, ADM, ELM
• Windows 2003, 2008, 2013 Server
• Cisco Catalyst 2950/2960/4300
• Active Directory and Group Policy
• Cisco Call Manager 7 VoIP Phone System
• Microsoft Exchange Server
• Nortel Option 11c/Meridian Voice Messaging
• VLANs, DHCP, WINS, DNS, TCP/IP, UDP, TCP
• Dell PowerEdge 1855/1950/1955 Blade
• Virtualization - VMWare, Oracle VirtualBox
• Dell PowerVault TL2000 Tape Backup
• Working knowledge of ITIL & ISO27001 Standards
• SAN, NAS, NFS, ISCSI

PROFESSIONAL EXPERIENCE:

Confidential, Frisco, TX

Cyber-Security Analyst

Responsibilities:

• Review, triage and coordinate all cyber-related reported events; working with Cyber Investigations Managers to ensure each incident detection is properly identified, updated and escalated to the correct Investigations Tier.Utilize McAfee Nitro SIEM, Symantec EPS, and McAfee DLP for incident and event management detection and incident response. Evaluate logs and events pulled from various firewalls, IDS / IPS / and intrusion detection systems in conducting in-depth APT analysis.
• Perform network forensics’ in monitoring and analyzing inbound/outbound network traffic. Gather evidence towards developing a timeline of events and provide incident remediation.
• Actively engage with Entergy Cyber Investigation Managers and Security Incident Management Team leads (CSIRT) to ensure they are kept apprised of any significant changes identified during the progress of handling an incident.
• Perform extensive post-mission, produce technical intelligence reports in support of special programs and provide expertise and leadership to the team in the development of analytical models and assessments
• Review trending and other data relative to authentication analytics and respond, contain, escalate, investigate, and coordinate mitigation of security events relative to anomalies detected.
• Identified malicious activity originating from China. Was quickly able to correlate through thousands of events to isolate and block suspicious IP addresses in avoiding breach of Entergy’s sensitive information. Resulted in greatly improving the network security and protecting Entergy from Cyber terrorism.
• Identified employee activities pertaining to violation of company policies, including the use of POP3, personal drive access, and Dropbox/OneDrive.

Confidential

Cyber-Security Manager

Responsibilities:

• Designed and managed system information security architecture, including operational planning, and risk remediation activities, ensuring all systems conform to industry best practice.
• Developed Continuity of Operations (COOP) and Disaster Recovery (DR) operations and conduct evaluation of COOP and DR during annual incident response .
• Drafted technical manuals, installation manuals, installation progress updates, and incident response plans; create required system compliance reports and information requests.
• Drafted information security policies, standards, and processes. Development of an incident response plan, business continuity plan, security operations, to name a few.
• Performed digital investigations in gathering evidence as proof.
• Writing forensics and/or incident response reports, investigating computer attacks, and extracting data from electronic systems and team members on analysis, tools or reporting
• Successfully implemented a robust network infrastructure project by initiating the project plan and coordinating with vendors in redesigning the infrastructure. Resulted in greatly improving KRM’s network security against threats.
• Introduced and implemented AlienVault SIEM. Greatly enhanced KRM’s ability to log, monitor, and identify anomalies and cyber threats.
• Implemented operational process in hardening the IT infrastructure and developing an incident response system. Implemented Cisco ASA and switches. Utilized Nessus towards running vulnerability scanning and Ossec host based IDS.
• Implemented an Active Directory least privilege security model and Group Policy, enforced best practice based on SAN institute security framework.
• Introduced Office365 and successfully migrated employees from their old email provider. Resulted in saving over 80% of cost in resources and improved customer satisfaction, while dramatically reducing support.

Confidential

IT Manager

Responsibilities:

• Managed technical infrastructure operations for 1700+person Primary/Secondary school in a multi-cultural workforce environment.Provided leadership, vision, and technical guidance in development of IT services and projects to meet the instructional, security and administrative needs.
• Development and overall management of the IT Services division, consisting of Telecommunications, Instructional Support, Desktop Support, Software Support, Academic Computing, Online Learning, and the Faculty Development Institute.
• Negotiated contracts, direct long-range planning, prepare and monitor budgets, and conduct ROI studies.
• Implemented school-wide ERP system, resulting in improved data integrity, bridging communication gap amongst departments, and enhanced day-to-day operations.
• Migration of Office 365 project yielded substantial cost savings, dramatically reduced support issues and increased customer satisfaction.
• Introduced a just in time (JIT) order process for consumables, thus resulting in improved cash flow and controlled inventory.
• Introduced a disaster recovery plan to ensure minimal productivity loss.
• Significantly enhanced the reliability and performance of all 450+ desktops by developing and implementing standards, resulting in reduced support issues, improved computer performance, and increased customer satisfaction.
• Introduced and standardized on SmartBoards, campus Wifi, BYOD and other classroom technology in enhancing student, faculty, and staff productivity.

Confidential

Senior Systems Engineer

Responsibilities:

• Communicated with office staff to map current processes and determine needs.Implemented and coordinated change control process where updates and major/minor changes are controlled to minimize downtime.
• Created user documentation to assist in operations and troubleshooting; including workflow process, employee guide, laptop configuration, and technical support, to name a few.
• Improved the design and development of the laptop imaging script, thus reducing imaging process time from several hours to less than an hour.
• Successfully designed, developed, and published an interactive Intranet site, giving its customers access to real-time data.

Confidential

IT LAN Administrator

Responsibilities:

• Performed all Level II & III technical, network administrative and PBX phone duties by providing high-level solutions.
• Service, add, move, and change PBX phone system. Extensive experience with Nortel Networks Option 11c and CallPilot/Meridian voice messaging system.
• Responsible for overall infrastructure; supporting incoming T1, Cisco routers, switches, firewalls and network cabling.
• Successfully completed the networking/phone implementation for the office expansion project; upgraded Nortel’s license pack, cross-connected phone/data cabling from patch panel to employee’s cubicle/office space. Project completed on-time and within projected budget.