TECHNICAL SKILLS

• Amazon Web Services (AWS)
• Nessus
• TripWire FIM & IP360
• Nexpose/Metasploit
• SNORT
• FireMon
• QRadar SIEM
• SPLUNK
• QualysGuard
• LogLogic
• RSA Authentication Manager
• Symantec Endpoint Protection
• Checkpoint Blades - R7x/R80
• Active Directory

PROFESSIONAL EXPERIENCE

Confidential, Lenexa, Kansas

Cloud Security Architect / Security Officer

Responsibilities:

• Responsible for creation and implementation of security program for cloud services
• Established security as a separate approver for operational changes, implemented separation of duties policies, educated users on deficient security practices
• Collaborated with executive management and operational teams to develop a five year plan for staffing and implementation of a security program
• Owner of cloud security policies, performed annual reviews, lobbied for and achieved executive approval of policy improvements
• Created business proposals for multiple security solutions. Presented solutions to executive management with fully burdened cost estimates for approval
• Incident response leader, drove all security incidents through the Incident Response Plan, based upon NIST standards
• Oversaw all aspects of security within Amazon Web Services (AWS) deployment
• Performed exhaustive technology partner selection for vulnerability management, SIEM, network security, and other technology needs
• Reviewed vulnerability scan results and provided remediation steps to operations teams
• Developed and deployed role based SSO authentication for AWS users, resulting in elimination of redundant user accounts, ease of administration and improved security posture
• Selected, designed and deployed unique Check Point firewall solution for AWS architecture

Confidential, Overland Park, Kansas

Principal Security Engineer / Team Lead

Responsibilities:

• Supervisor for a geographically diverse group of Security Engineers
• PCI audit lead; coordinated all PCI audit related activity across multiple service towers, ensuring accurate and timely delivery of evidence to the customer
• Drafted proposals and recommended new security solutions to client
• Incident response lead, managed security events including active hack attempts and threats on social media
• Managed third-party correlated event management (SIEM) system, operated by BT Counterpane
• Created and implemented a Vulnerability Management Program, identifying key players in vulnerability remediation and ensuring the program launched successfully
• Reviewed penetration test results and provided recommended remediation steps to client
• Managed project upgrading Symantec Endpoint Protection system from 11.x to 12.x
• Architected upgrade of RSA Authentication Manager system, implementing Active Directory integration
• Designed roll-up executive reporting to customer specifications, detailing all requested aspects of Confidentiality, Integrity, and Availability
• Planned and deployed new intrusion detection solution utilizing SNORT sensors
• Documented process and procedure for patch and vulnerability management
• Utilized QualysGuard and Nexpose to determine vulnerabilities in PCI infrastructure

Confidential, San Diego, California

Security Engineer

Responsibilities:

• Documented access control processes for onboarding new employees and contractors
• Utilized SourceFire Defense Center and other tools to analyze suspicious traffic
• Assisted with new version rollout of Q1 Labs QRadar SIEM

Confidential, Kansas City, Missouri

Network Security Engineer

Responsibilities:

• Built, designed, and configured Cisco ASA Firewalls
• Updated and configured Squid transparent proxy to enable or block internet access
• Monitored and maintained security infrastructure, including SNORT, OSSEC, and NESSUS
• Expanded and maintained NAGIOS deployment

Confidential, Kansas City, Missouri

Operations Security Consultant

Responsibilities:

• Extensive experience with access controls and Active Directory/LDAP
• Developed processes to streamline access control reporting
• Member of proposal team that successfully bid on a Confidential contract worth over ten million dollars
• Contract project lead for rollout of Great Bay endpoint profiling service
• Utilized Wireshark to analyze suspicious traffic and diagnose network issues
• Designed, built, and maintained SNORT intrusion detection infrastructure
• Tier 2 incident team member, reviewed and confirmed incident reports from SOC
• Created scripts that reduced report processing time by 24 hours per month
• Audited access controls, resulting in the removal of unnecessary privileges
• Utilized Nessus to scan client systems for vulnerable software and suggest remediation
• Interviewed job candidates and provided feedback to hiring manager
• Assisted agency officials in conducting annual FISMA compliance reviews

Confidential, Lenexa, Kansas

Client Infrastructure Engineer

Responsibilities:

• Supervised and mentored technicians at multiple client sites
• Coordinated deployment of application security patches
• Documented client IT procedures to ease transition into new accounts
• Managed ticket system to ensure technicians met SLA and documented work completed
• Monitored system logs to detect unauthorized access