SUMMARY:

• Seasoned network security analyst offering over 10 years experience in network administration. The last 6 years have been focused on configuring network security devices and correlating security events by tuning sensors at each level of computer network defense (CND) to provide continual monitoring of the DoD GIG (Global Information Grid). Demonstrated experience in all phases of Security Incident Management (SIM) including sensor management, vulnerability and threat assessment, security event correlation and incident response. Proven areas of expertise include:
• Confidential Firewall Enterprise, BlueCoat Web Proxy, Websense, Symantec Mail Security
• Security Incident Event Manager (SIEM), Symantec SIM and HP Archsight
• Confidential Host Based Security Suites ( Confidential ) and Symantec Critical System Protection ePolicy Orchestartor including Policy Auditor, Asset Baseline Monitor, Data Loss Prevention, HIPS
• AntiVirus / AntiMalware solutions by Symantec and McAfee
• Network/Host Forensics, Packet Analysis, Penetration Testing, Malcode Reverse Engineering
• Network Access Control (NAC) appliances, StillSecure, Cisco 802.1x

PROFESSIONAL EXPERIENCE:

Information Security Specialist

Confidential

Responsibilities:

• Serve as IA Infrastucture Support Team Lead providing global network operations security oversight and policy enforcement for all NAVY Enterprise Networks. Responsible for ensuring global compliance to DoD directives from Confidential, DISA, and joint services in relation to securing and defending NAVY networks. Advised as Engineer for Project Mangers during many network and security infrastructure project installations, full system upgrades, and configurations.
• Developed and implemented standard operating procedures, technical point papers and key performance indicators to improve, secure, and defend NAVY networks. Worked diligently to provide continuous monitoring capability and improve threat intelligence sharing between other NAVY and DoD cyber security teams. Serve as subject matter expert to Security Incident Handlers assisting in, incident analysis, network forensics, and report automation. Created and developed portal based weekly team status reports in order to provide situational awareness to leadership. Participated as Command Technical Representative for Special Cyber Operations, and new technology pilots. Achieved highest performance level (D) as “distinguished contributor” for end of year evaluation during the last 3 years.

Network Security Analyst Senior

Confidential Enterprise Services

Responsibilities:

• Served as computer network defense (CND) analyst on the Confidential Corp Intranet (NMCI) which provides over 400,000 Confidential and Confidential personnel with centrally managed computer and network services. Responsible for daily modifications and tuning of enterprise network security appliances including multiple vendors and technologies. Worked directly with many security vendors to develop, modify, and tune their product performance to integrate with the NMCI network. Developed custom sensor rules, signatures, and policies for alerting and reporting within enterprise antivirus, intrusion detection and prevention systems (IDS/IPS), network access control (NAC), email gateways, firewalls, web proxy content filtering, Host Based Security Suite ( Confidential ), and vulnerability scanners.
• Developed in depth knowledge of ePolicy Orchestrator and management of each of the Confidential components through daily administration. Gained extensive experience with PERL, REGEX and SQL by writing complex queries to extract data from network devices to provide log analysis, compliance reporting, and event correlation for use within the Incident Manager (SIM). Analyzed security event logs in depth to provide incident alerting and response to suspicious or malicious network traffic. Configured and managed desktop security capabilities for CAC/PKI, Encrypted File System, host firewall, antivirus, and data loss prevention (DLP). Created and updated multiple Knowledge Base technical documents and procedures including How To documents and Best Practices for NMCI security appliances, incident detection and response.

Information Technology Specialist Senior

Confidential

Responsibilities:

• Served as Tier 3 Network Administrator on the Confidential Corp Intranet providing remote desktop administration to client machines and configuration for Microsoft Exchange servers, Confidential Enterprise Servers,
• Domain Controllers, CITRIX, Remote Access Service, and VPN services. Extensive use of Terminal Services, Active Directory, Computer Management and registry management console to troubleshoot and analyze client side issues. Utilized multiple remote desktop management tools such as Tivoli, Netmeeting, and PSTools to correct client issues and improve system performance. Performed daily client troubleshooting and installs using software distribution tools such as Novadigm RADIA and Element.

Information Technology Specialist

Confidential

Responsibilities:

• Troubleshoot client incidents as a Tier 1 Service Desk Adminstrator by quickly assessing customer issues and applying known fixes or software re - installs. Through extensive use of Terminal Services and Active Directory performed troubleshooting steps to address hardware and software issues in a Microsoft Windows environment.
• Utilized Remedy ticketing system to thoroughly document and track client issues. Frequently chosen to offer peer monitoring and to other service desk agents. Selected to be part of multiple pilot programs to test and modify new software being added to the network.

Systems Integrator

Confidential

Responsibilities:

• Operated as systems integrator for over 2,000 different businesses and consumers installing maintaining, and securing electronic systems such as physical access control, computer controlled camera networks, networked security systems, business phones systems, home automation, and audio/video components.
• Installed, managed and secured business computer networks, maintained vital computer systems, performed hardware/software upgrades, performed daily backups and implemented disaster recovery plan. Built and installed custom servers, workstations, and databases.