We provide IT Staff Augmentation Services!

Senior Network Security Engineer Resume Profile

5.00/5 (Submit Your Rating)

NC

SUMMARY

  • Honorably retired Confidential submariner and currently serving as the Senior Manager of Information Security for a major health care industry software corporation.
  • Provides world class security, compliance, and IT risk management services.
  • Considerable experience leading security operations centers and incident response in both public and private sector.
  • Expert in the areas of FISMA, Sarbanes Oxley SOX , PCI, NERC CIP, Privacy, ISO27K, COMSEC, and HIPAA Electronic Protected Health Information ePHI as well as strong hands on technical background in network security.

PROFESSIONAL EXPERIENCE

Confidential

  • Director, Information Security
  • Direct report to COO.
  • Build information security program for new Startup company
  • Penetration testing of corporate products
  • Design and implement network security architecture including monitoring, credential management, IDS, all in Amazon AWS environment.
  • Deployed OSSIM AMI with OSSEC linux HIDS.
  • Write policies and procedures in preparation for SSAE16 and ISO 27K audit/certification.

Confidential

Senior Manager, Information Security

  • Direct report to Chief Security Officer.
  • Security network architecture gap analysis including IDS/IPS configuration and placement review, firewall and proxy placement and configuration review.
  • Incident response oversight.
  • New high availability Data Center Hosting Project
  • Vendor selection for vulnerability assessment services
  • Complete a stalled Arcsight project, configure collection and reporting.
  • Write/update security and privacy policies and production of numerous procedures and FAQs.
  • Internal testing and audit of Software as a Service division systems and processes as well as corporate systems.
  • Review vulnerability assessments and penetration testing, make recommendations on prioritization of corrective actions to the CSO.
  • Member of Privacy and Security Executive Committee working group.

Confidential

Global Security Manager

National Grid Account Confidential

  • Global Security Manager for managed security services contract in the electrical power and natural gas industry for National Grid.
  • Manage 6 direct reports, a leveraged security operations center and a leveraged user account provisioning center in providing all aspects of information security management and operational incident response.
  • Direct audit and compliance staff in internal audits for compliance for PCI, NERC-CIP, HIPAA, SOX and other Critical National Infrastructure requirements in US and UK as well as participating in external audits.
  • Manage Vulnerability Assessment team and review results and corrective actions with internal teams and customer.
  • Provide SLA management for server security patching, antivirus maintenance, network and host intrusion detection and investigation, as well as user requests for account provisioning and modifications.
  • Member of Change Control Board.
  • Review all proposals for security considerations.
  • Prepare department budgets for services, staff, and travel.
  • Negotiate proposals and quotes with internal departments and customer.

Confidential

Deputy Data Center Federal Manager, Information Sys Security Officer

  • Converted from contractor to Government Service.
  • Provide operational oversight to over 300 contractor personnel on datacenter, management, operations, and security issues.
  • Review network engineering and security engineering design documentation for correctness and approve implementation plans. Provide senior level engineering guidance on security design and strategic plans. As a senior security engineer, provide expert level guidance in troubleshooting and resolving technical issues with firewalls, proxy servers, load balancers, intrusion detection systems, and anti-virus systems.
  • Evaluate NESSUS and Foundstone scan findings to prioritize issues that require remediation and/or incident response. Provide guidance to scanning personnel on NESSUS and Foundstone configuration and troubleshooting.
  • As member of DHS HQ Data Center Security Working Group provide input and insight on strategic direction of security architecture and policy.
  • Manage contractor configuration change management program. Provide process improvement consulting to DHS HQ Infrastructure Change Control Board. Participating member the DHS HQ Infrastructure Change Control Board representing Data Center TWO.
  • Review contractor performance against contract requirements.
  • Provide guidance and oversight to contractor Project Managers in the migration of component systems to Data Center TWO. Resolve conflicts between DHS Component Customers and the HP Data Center contractor staff and contractor Project Managers. Take decisive action to ensure schedules are met and outcomes are successful.
  • Review and approve Disaster Recovery Plans and Continuity of Operations Plans. Participate in drills and exercises as observer and provide constructive feedback to teams.
  • Guide contractor in FISMA requirements and work with DHS HQ Risk Management Division to ensure compliance.
  • Write statements of work and perform technical review of proposals.
  • Ensure contractor compliance with DHS Cyber and Physical security requirements.
  • Information Systems Security Officer for high side systems.
  • Security Operations Center Manager, Information Sys Security Officer Dec 2007 Nov 2009
  • Designed, implemented and managed a Security Operations Center for a DHS Data Center.
  • Lead a 30-person team in all aspects of information assurance including: Firewalls, Network and Host Intrusion Prevention and Detection, Anti-virus and Patching, Forensics and Investigations, FISMA and NISPOM Certification and Accreditation, and Vulnerability Assessment/Penetration testing.
  • Designed and implemented CISCO MARS log aggregation device, Symantec SEP, Symantec CSP, CISCO CSM, and FWSM firewalls.
  • Deployed McAfee Foundstone scanners and management console and trained staff in designing scanning profiles. Deployed multiple Nessus scanners and trained staff, as well as obtaining online CEH bootcamp for self and staff.
  • Personally train staff in all these disciplines and act as technical subject matter expert and a 'working' manager.
  • Provided security design engineering and consulting to various projects on best practice and NIST SP800-53 requirements.
  • Appointed as Information Systems Security Officer for FISMA NIST 800 series accredited systems.
  • Responsible for planning, implementation, recruitment and management of staff.

Confidential

Manager, ITS Information Security

  • Ground up implementation of an ITS Information Security Division.
  • Completed all aspects of NIST 800-37 Certification and Accreditation on multiple systems to meet FISMA, HIPAA, PCI, and Privacy Act needs. Expert in SCAP tools selection and deployment.
  • Designated Information Security Officer for Federal civilian agencies' systems.
  • Designated Information Systems Security Manager for DoD systems.
  • Implemented configuration change management standards and procedures.
  • Managed Ethical hacking team that provided in-depth Vulnerability Assessments and Penetration Testing. Expert with Nessus, CANVAS, APPSCAN, Metasploit, Burp, and a variety of other security assessment and penetration tools.
  • Wrote contingency plans, Incident Response Plans, Rules of Behavior and numerous Standard Operating Procedures.
  • Managed selection and deployment of TippingPoint Intrusion Prevention System. Deployed CS-MARS Log Aggregator.
  • Performed corporate investigations and implemented Incident Response policy and procedures.

Confidential

Senior Network Security Life Cycle Engineer

  • Senior Life Cycle Engineer for the world's 6th largest bank. Involved in all aspects of the development lifecycle for network security equipment.
  • Wrote high-level overviews, detailed technical procedures, and a variety of drawings and presentations for the 'Management Take Over' of over 750 security devices.
  • Designed proposals and solutions for customer requested new projects and upgrades.
  • Fourth level advanced technical support for Incident resolution and problems including Checkpoint Nokia firewalls, Bluecoat proxies, F5 Load Balancers, Nortel Contivity VPN and several obsolete platforms.
  • Security consulting on high profile logging project to meet PCI and Sarbanes-Oxley compliance.

Confidential

Information Technologist Specialist GS-14 , Information Security Officer

  • Information Security Officer. Completed federal certification as a VA Cyber Security Officer. Perform system analysis utilizing tools such as Nessus and Harris Stat. Completed entire FISMA Certification and Accreditation including writing System Security Plans, Business Continuity Plan, Disaster Recovery, and local security policies utilizing NIST VA guidelines. Complete annual PCI self-assessment. Maintain ISS desktop and server Host Intrusion Detection System and SNORT Network Intrusion Detection
  • Perform Systems Administration on 25 Servers. This includes all hardware, all software including these applications: Microstrategy Intelligence Server, MS Sql Server 2000, MS IIS 5, Terminal Services, McAfee Virusscan EPO , Veritas Backup Exec, Checkpoint NG firewall, Snort IDS, MS Project Server, Sharepoint Portal Server 2003.
  • Deployed SMS 2003 and MOM 2005.
  • Upgraded MS SQL 2000 servers to 2005 and deployed reporting services.
  • Provide consulting to project teams on VA and HIPAA requirements.
  • Harris Stat and Citadel Hercules expert. Utilizing both of these tools, all systems are maintained at the highest level of preparedness for intrusion and malware prevention.
  • SQL DBA. Maintain databases, including backups and error checking. Provide advice to both project teams and database modelers in the integration of new data.
  • Sharepoint Portal Server 2003 expert. Planned and implemented large server farm. Work with lines of business to determine needs and produce appropriate site.
  • WiFi expert. Deploy secure WiFi networks routinely test with AirSnort and other tools. Maintain authorized device list and ensure keys are changed regularly.
  • Networking Administrator. Maintain Cisco 3600 series routers with multiple T-1 lines for our intranet and a checkpoint NG based firewall/router for our Internet. Installed and maintain several Cisco switches.
  • Design and maintain backup tape library and schemes, plan and implement business continuity and disaster recovery plans. Designed and implemented server load balancing and network redundancy for maximum uptime.

Confidential

Senior Network Security Engineer, Systems Administrator

  • Senior Network Security Engineer. Responsible for consulting on best practices and application review for all web based applications, both intra and Internet. Design and implementation of new firewall installations. Responsible for 20 Checkpoint Firewall1 enforcement points and two management modules. Plan, coordinate, and implement all VPN connections and extranet connections.
  • Design and implementation of SurfControl and MS Proxy Server. Design and implementation of RSA SecureID authentication servers in conjunction with RADIUS and Client-to-Site VPNs.
  • Work with various vendors to evaluate, test, and customize hardware and software solutions.

Confidential

Information Technology Department Manager, Systems Administrator

  • Ground up implementation of new warehouse facility, including designing LAN and WAN, installing multiple NT4.0 servers utilizing COMPAQ rack mounted servers. Install and configure Cisco 3600 router and Adtran TSU.
  • Installed and managed Exchange web server with 3 remote sites connected within the domain on WAN, and Internet connectivity.
  • Installed and managed MS SQL 6.5 server to support multiple databases in a very busy and dynamic environment. Created transact-SQL statements to retrieve/modify information from tables.
  • Designed and installed Radio Frequency Network to support 30 forklift mounted computers.
  • Administrator in charge of all facets of network administration for 3 remote sites located on both coasts of the United States.
  • Installed and maintained firewalls and VPNs.
  • Wrote corporate IT security plan and user agreements. Designed and implemented tape backup plan for all servers.

Confidential

Technical Support Lead Supervisor

  • As Technical Support Supervisor, managed a 5 - 30 person telephone technical support team for an Internet service provider. Monitored server status and processes, maintained user accounts, troubleshot server and network problems in both the Digital Unix and Sun Unix environment.
  • Maintained and troubleshot support LAN NT4 and Internet connectivity issues.
  • Reviewed, troubleshot and installed customer created PERL scripts and HTML, setup redirects, assisted customers in Domain Name procurement.
  • Performed hardware and software troubleshooting and repair of Network and Dialup PC's, especially diagnosing hardware conflicts that detracted from PC performance on the network, and resolving software issues that had caused degraded performance or system lockups.
  • Quality Assurance team member. Tested new software developed in house, made recommendations for improvement, and wrote both user manuals and technical documentation for the software.
  • Collateral duties in this department included setup and maintenance of NT workstations and servers, win95 workstations, and Sun web servers.

Confidential

Chief Petty Officer, Submarine Service, Retired

We'd love your feedback!