QUALIFICATIONS SUMMARY

• Seasoned Information Security professional with more than 15 years of information technology hands-on experience. Successful implementer of complex systems with the proven ability to lead or work within team environment. Strategic problem-solver with ability to work across multiple domains of Information Security effectively as a team lead, project leader or major contributor. Looking to leverage and transition skill set to an organization seeking to maximize and strengthen its Information Security program. CORE COMPETENCIES
• Data Loss Prevention Incident Response Security Policy Design
• Vulnerability Assessments IT Security Project Leader Network and Systems Security
• Internal Information Security Audits Security Operations Regulatory Compliance

ACCOMPLISHMENTS

IIS Hardening Project Confidential

• Member of project team responsible for the IIS Hardening of Internet facing web application servers to reduce cyber threat exploits. Project goal was to ensure corporate Internet facing web servers met Microsoft's recommended web application security requirements for IIS. Interfaced with web developers and application business owners during four month period. I was inserted into project during final four months which had an aggressive time line and was able to complete this highly visible project as a major contributor.
• Firewall Replacement Project Confidential Member of project team responsible for the successful migration of Cisco ASA and McAfee Sidewinder firewalls to Next Generation Palo Alto Firewalls. Tasks included migrating firewall rules and objects from one system to the other and providing post support. Complex project completed over a period of 6 months in two geographical areas, West Coast and Atlanta. Project resulted in improved IPS functionality, increased capacity, and ability to create application based rules. Data Loss Prevention Implementation Confidential
• Technical Leader involved in assisting vendor with installation, configuration, and final implementation of Symantec's Data Loss Prevention suite. Project Team included representatives from Legal, Claim Units, and Infrastructure Support. End result of project resulted in the identification and visibility of Personal Identifiable Information. I was the primary technical resource who interfaced with Legal and executive management to develop and create the base policies used to protect corporate data transiting the web as well as outbound email content analysis.

Data Loss Prevention Implementation Confidential

• Member of DLP Project Team selected to install Symantec Data Loss Prevention suite. Installed base components of Symantec Endpoint Prevent, Discover, Network Prevent for Web, Network Prevent for Email, and Data Insight.
• Websense Web Security Rollout - Confidential I was the Technical Leader responsible for the rollout of the Websense Web Security product not only for LAN based web traffic exiting the network, but also the for the remote PC disconnected from the corporate LAN.Interfaced with multiple IT infrastructure teams to successfully implement the product. Successful migration led to reduction in malware incidents and enhanced web reporting capabilities.

VeriSign Managed PKI service Confidential

Introduced and implemented this 3rd party Certificate Authority to ensure ease of distributing and organizing SSL certificates for corporate operations. Resulted in cost savings of annual certificates and overall manageability.

Computer Security Incident Response Team CSIRT Confidential

Assisted in the development of a formal CSIRT. Worked with Director of Information Security to establish Incident Response procedures and policy documentation for regulated corporation.

PCI Compliance Confidential

Worked with Compliance team at a major telecommunications firm to develop processes for achieving PCI DSS 3.0 standards.

SECURITY APPLICATION EXPERIENCE

• HP WebInspect Qualys Vulnerability Management WhiteHat Web Application Scanner
• Nessus Vulnerability Scanner FOCA Nexpose Vulnerability Scanner
• Symantec DLP Nmap RSA Security
• McAfee IronMail Solarwinds Splunk

WORK EXPERIENCE Consultant Confidential

• Responsible for creating design, configuration, and assessment of Symantec's Data Loss Prevention 12.5 application suite for a major Health Care provider.
• Responsible for the installation of Symantec's Data Loss Prevention 12.5 application suite Endpoint Prevent, Network Prevent, Discover, and Email Prevent in Lab and Production environments.
• Provide weekly assessment reports to DLP Project Team regarding implementation and project status.

Network Security Engineer Confidential

• On site consultant assisting customer with the enhancement of their PCI Compliance program from DSS 2.0 to DSS 3.0.
• Created firewall audit reports produced by systems in scope for cardholder services environment.
• Reviewed firewall audit reports produced by Cisco ASA and Palo Alto firewalls.
• Successfully initiated communication to Network Team to resolve weak firewall rule sets to align with best practice standards for network security.
• Member of project team responsible for migrating perimeter firewall services to next generation firewalls.

Security Operations Analyst Confidential

• Analyze and provide vulnerability threat reports produced from multiple Vulnerability Management tools Nessus, Qualys, HP Web Inspect, and Whitehat cloud services to assess common cyber threats and minimize risk exposure to corporate web applications.
• Responsible for Symantec DLP incident triage process.
• Recommend policy adjustments for Symantec DLP to streamline incident assessment process.
• Escalate and provide vulnerability summaries for applicable IT teams in order to mitigate high risk vulnerabilities detected on external network devices, PCI systems, and web based applications.
• Create action items for applicable platform teams to resolve Penetration Test findings.
• Create trend reports for Sr. Level Management to identify effectiveness of vulnerability assessment program.
• Actively research emerging cyber threats utilizing various external sources of information.
• Interact frequently with various teams within IT and non-IT to develop new processes related to Information Security.
• Create Standard Operating Procedures for out of date or non-documented processes.
• Create functional workflow diagrams for Standard Operating Procedures
• Utilize IPAM tool SolarWinds or InfoBlox to identify and discover hosts within enterprise.
• Utilize NMAP for host port scanning.
• Analyze and approve Firewall requests.
• Initiate reporting and log reviews from Palo Alto firewalls to identify potential vulnerabilities and threats.
• Prepare and orally present InfoSec related topics to Security Team members and CISO on routine basis.
• Facilitate e-Discovery requests.
• Utilize Splunk for incident research.
• Network Security Consultant Confidential
• Assigned to contract position to perform 'Business as Usual' security tasks during corporate transition to new co-location facility.
• Member of project team responsible for migrating core and perimeter firewalls to next generation appliances.
• Perform basic firewall administration Create Rules, Add/Remove objects or services , on McAfee Sidewinder, Cisco ASA, and Palo Alto next generation firewalls.
• Utilized Palo Alto firewall's Bot Report and Threat Analysis feature to detect and block cyber threats initiating from infected host machines attempting communications twith command and control internet servers.
• Troubleshoot and identify LAN/WAN connectivity issues utilizing firewall log monitoring console.
• Utilize Wireshark and packet captures to analyze traffic flow.
• Administer Nexpose and Nessus vulnerability scanners to detect cyber threats and to provide risk assessment of corporate web applications.
• Provide support and administration of McAfee IronMail.
• Provide support and administration of RSA Secured ID encryption solution.
• Perform IIS Security reviews on production and development web applications utilizing Microsoft's security best practices for web applications running on IIS to minimize cyber threat exploitation.

Security Operations Lead Confidential

• Information Security Technical leader and administrator for Symantec Data Loss Prevention program, including Email Prevent, Endpoint Protection, Network Monitoring, and Data at Rest.
• Update and maintain internal Data Loss Prevention policies relevant to regulatory compliance HIPAA to protect and monitor PII data exiting corporate network.
• Established remediation process to reduce and mitigate Data Loss Prevention incidents.
• Created Risk Acceptance form to document Penetration Test vulnerabilities and effectively assess business impact.
• Utilized Qualys vulnerability scan engine to detect common cyber threat vectors and their impact on internal and external core web applications.
• Responsible for evaluating and recommending Information Security products for organization.
• Security Incident Response Team leader for escalated incidents.
• Provided leadership in internal audit, compliance, testing, remediation, and risk assessment activities.
• Developed effective summary reports and security metrics for senior management.
• Proficient with creating cross-functional flow charts to describe security processes or security architecture.
• Met regularly with security vendors to evaluate and determine needs to enhance organizational security strategy.
• Involved in the development cycle of new applications and assisting developers with security recommendations during SDLC.

Principal Security Technologist Confidential

• Prepared presentations for Senior Management related to security issues.
• Technical lead analyst for Websense Web Security application used to reduce threat of malware, enhance employee productivity levels, and conduct investigations regarding suspicious activity per request.
• Enhanced Crawford's cyber threat defenses by utilizing WebSense's Web Security categorization features to block internal systems from communicating with web sites known to have a malicious or questionable reputations.
• Reviewed Penetration Test results to identify risks and create actionable mitigation summaries against common cyber threats.
• Performed internal vulnerability assessments on corporate LAN servers.
• Worked alongside Network Team to identify intrusion alerts and detect denial of service attacks utilizing IBM Proventia IPS system.
• Analyzed external cyber threat activity in real time utilizing HP Tipping Point IPS.
• Managed Event Log Management Suite Security Event archiving, log review, and forensics.
• Performed internal IT audits on various security systems and applications.
• Assisted internal Compliance with SOC 2 controls and internal audits.
• Key contributor to Information Security Policy program.
• Coordinated and chaired meetings with inter-departmental groups to discuss security processes or related procedures.
• Strong Visio, Microsoft Office Excel, Word, and PowerPoint experience.
• Provided leadership, guidance, and share knowledge with team members.
• Strong familiarity with project planning concepts.
• Managed, participate in, or directly work on security related projects, assignments, or initiatives assigned by management.
• Key contributor to third party business risk assessments questionnaires pertaining to ISO 27002 standards.
• Implemented Self Service Password Management utility to reduce Help Desk requests.
• Information Security Project Leader for Identity Management de-provisioning process.

Senior Systems Engineer Confidential

• Active Directory Domain Administrator.
• Provided file server Access Control standards.
• Provided Web server application support and code installation.
• Responsible for VeriSign Managed PKI SSL infrastructure.
• Provided hardware maintenance, software support, and troubleshooting of corporate servers and systems.
• Participant in Disaster Recovery exercises at off-site facility.

Consultant Confidential

NT LAN Administrator/Consultant for major Credit reporting agency.

Systems Engineer Confidential

• NT LAN Administrator.
• Provided data backup process standardization.
• Systems Engineer Confidential
• Provided NT 4.0 Server/LAN administration for then BellSouth Cellular Corporation.
• MIS Support Technician Confidential
• Six-month contract position involved installation of NT Workstation 3.51 and related support.
• Diagnosed common application, system, and network problems on Ethernet and Token Ring LAN.