Security Engineer & Senior Security Analyst Resume
Brentwood, TN
SUMMARY:
- Providing services to businesses and individuals for on - demand and ongoing projects in all aspects of application and web development, network and system administration, security engineering and penetration testing and deployment solutions.
- Highlights of past and current work include:
- Hardware configuration and deployment for a school district
- Splunk professional services and IT Security consultant for a corporation
- Security Engineer and Senior Analyst for a MSSP using AlienVault OSSIM
- Penetration tester and Security/DevOps engineer for a recruiting agency
TECHNICAL SKILLS:
Linux: Debian/Ubuntu, Gentoo, CentOS, embedded/ARM
Windows: Desktop 3.1 through 10; Server 2003 through 2016
OS X: Snow Leopard through El CapitanPatching, upgrades and hardening: Altiris, Citrix Provisioned image patching, Windows ADK (DISM, MDT, ICD)Policy management: Windows SCM, ADK, Active Directory auditing, administration, GPO management, DNS and AD event correlation for exfiltration and persistent threat detection, auditing and configuration.Windows RSAT, Systernals (Process Explorer and Monitor, PSTools), Microsoft Management Console (MMC) and related snap-onsEnvironments include corporate networks, data centers, satellite locations, Microsoft Azure and Amazon Web Services, war zone/conflict areas, public and private sector demands.Portal Guard two-factor (2FA) and SSO authentication in an enterprise environment for gateway, Citrix, database and application as well as portal security.Symantec Endpoint Protection (SEP), DLP, Carbon Black/Bit9, CloudPassage for AWSAmazon Web Services (AWS), Microsoft Azure, Akamai, enterprise/on-site hosted SaaS and PaaSApache Httpd and Tomcat, Nginx, Jrun, IIS, lighttpd and custom scripted daemons (Python modules, bash)Citrix, VMWare vSphere/ESX, Hyper-V, WISE thin-client, Docker, some familiarity with Chef, Puppet and Ansible
Windows & Linux/Unix Shell: Powershell, WSH, batch, bash (awk, grep, sed, etc.), perl
Application: Java with some Scala and Kotlin, Android-centric Java (including Maven), Python, familiarity with C/C++/C# (mostly from code assessment, API security, etc.)
Web: PHP, Java JSP, JavaScript (jQuery, Prototype, Angular 2, Node.JS, Express.JS, etc.), responsive HTML5, CSS, XML, JSON, REST, SOAP and ColdFusion from a penetration testing perspective.
Some experience in: ASP/.NET, Go, Python (web-specific)
No/SQL: MSSQL, MySQL, SQLite, MongoDB, Cassandra, some familiarity with: Hadoop, Redis and Kafka.
Other: Regular expressions (regex), VBscript, various others such as AutoIt, XSLT (XPath, etc.)
PROFESSIONAL EXPERIENCE:
Security Engineer & Senior Security Analyst
Confidential, BRENTWOOD, TN
Responsibilities:
- Formerly Confidential, Inc., transitioned to Security Engineer during acquisition.
- Deployment, administration, and troubleshooting of numerous security technologies such as Network Access Control, Wireless Controllers, Vulnerability Management, VPNs and Firewalls.
- Assessment of new security technologies and architect of solutions to improve the security posture of the environment.
- Creating policies, working with DevOps, IT Infrastructure and IAM teams, performing gap analysis and ensuring the company meets compliance for HIPAA, SOX, PCI-DSS and ISO 27001 requirements.
- Conduct continuous real-time analysis of security logs, alerts, and reports to ensure the integrity of the corporate, data center and cloud networks.
- Defining and completing security projects, best practice project management principles and ensuring workflows and SLA meet requirements thereof.
- Analysis, compliance, incident response, management and all other aspects of application security, network segregation, access controls, IDS/IPS devices, cryptography, physical security, and information security risk management.
- Perform mobile, web and desktop application and infrastructure penetration testing, as well as physical security review
- Acting architect, implementation, deployment, development and administration of information security solutions
- Perform code analysis and vulnerability testing of applications and deployments through continuous-integration SDLC workflows, covering all types of applications (web, mobile, desktop and SaaS applications).
Software Developer & Technical Support
Confidential, CAPE CANAVERAL, FL
Responsibilities:
- Developer and systems administration of Nextgen EHR healthcare software with MSSQL 2008 and 2012 backend deployed through Citrix, thin-client, desktop, SaaS and conflict-areas
- Technology includes: PHP, SupportWorks, Python, VB, ASP/.NET, bash scripting and backend data transformations.
- Helpdesk support covering Tier 1-3 as needed by clients and employees for systems as well as Nextgen EHR.
- Data migration, analyst, upgrade and deployment engineer
Systems Administrator & Developer
Confidential, VERO BEACH, FL
Responsibilities:
- Developer and systems administration of Nextgen EHR healthcare software with MSSQL backend.
- PHP developer and integrations specialist providing custom workflow and dashboard solutions for healthcare providers integrated into existing systems.
- IT engineer maintaining, administering and providing break-fix solutions for hardware and software to ensure clinic workflow is unimpeded, continuously improved and HIPAA compliance is met.
Systems Administrator & Developer
Confidential, SEBASTIAN, FL
Responsibilities:
- Developer and administrator for pharmaceutical SaaS portal written in Java/JSP servlets with Jrun and Tomcat servers to facilitate distribution workflow and inventory management.
- Team lead tasked with improving and developing all aspects of systems and network.
- Reporting and analytics to facilitate executive, accounting and warehouse needs.
Call Center Supervisor
Confidential, MELBOURNE, FL
Responsibilities:
- Assist in the formulation of targets for individuals and teams
- Onboard, and support for CSSR employees.
- Report to staff and corporate and provide guidance and feedback
- Anticipate escalation and assist with calls and orders in a high volume environment
- Develop methods to optimize procedures and keep staff motivated
- Measure performance with key metrics such as call abandonment, calls waiting, etc.
- Ensure adherence to policies for attendance, established procedures, etc.