- I save companies money by protecting them from computer hackers with
- www.linkedin.com/in/kjcohen www.ITSecurityEngineer.blogspot.com twitter/KJCohen
- 120 Redmont Road Stamford, CT 06903 203 -968-8600 email: kennethjaycohen04 gmail.com
- My wide range of skills in security management, establishment of firewalls and disaster recovery.
- My experience in systems and network administration and programming.
- My extensive experience in design, development, security and maintenance of large-scale e-commerce, infrastructure, networks and data systems.
- My proven skills in root cause analysis of problems and providing troubleshooting support for resolution of technical problems.
- My expertise in managing the entire spectrum of network administration tasks in UNIX, Linux and Solaris environments.
- My articulate communication, working both independently as well as collaboratively in a team environment.
- Networks: IP Internet, Intranets , IPX, SNA.
- Protocols: IP, TCP, UDP, OSPF, RIP, SPX, DHCP, IPX, NFS, HTTP, SSL, PPP, PPTP,
- PAP, SMTP, POP3, SSL, Ethernet, HTML, ARP, SMTP, SNA, SSH, BGP, PKI Technology.
- Operating Systems: CISCO IOS, UNIX LINUX Red Hat, Mandrake, Susie, Slackware , Solaris, AIX, Nokia IOS, Windows 2008 R2, Z/VM.
- Circuits: DSL, T-1, bundled T-1's, T-3, OC-3, Dial-up.
- Firewalls: Fortinet, Checkpoint Nokia and Solaris , Cisco PIX, Novell Border Manager, Raptor, Gauntlet, IPC
- Applications: Windows 2008, Exchange 2010, BIND, Sendmail, Qmail, JSP, TCPDump, Sniffer, Traceroute, Ping, Nslookup, Tripwire, Secure, Telnet, SFTP, FTP, TFTP, IIS, Microsoft Office 2010, Active Directory Forest RBAC , Sendmail, Dirmaint, IBM Tape Library Management and Catalog System.
- Regulations: HIPAA, PCI DSS, SOX and DICAP
- Selected as one of three in the security division identified as critical to the recovery of business operations by GETS/WPS.
- Responded to external client audits.
- Modified business continuity plan to comply with corporate requirements.
- Wrote security procedures, standards and policy to comply with corporate and industry requirements.
- Maintaining disaster recovery plan, including continuity document procedures.
- Performing annual penetration tests, reviewing results and putting together a plan for remediation procedures to resolve vulnerabilities.
- Project plan leader to upgrade RSA MFA system.
- Creating, allocating, deleting and modifying users in Microsoft Active Directory including the assignment of RSA tokens.
- Planning, installation and maintenance of Windows 2008 R2 Active Directory Forest, Exchange 2010, RBAC models and SUS LINUX 11.3 running Bind 9.7.
- Managed TCP/IPWAN/LAN clients that entailed providing recommendations on network planning and design.
- Designed DMZ environment with selection of hardware firewall, routers, switches and software operating systems, applications and defining initial and ongoing security policies for e-commerce.
Senior Security Engineer
- Evaluation and documentation for proof of concept for intrusion detection system for HIPAA, PCI DSS and DICAP compliance.
- IT Security Representative for the affiliate approval process to ensure that when Aetna conducts business with vendors, customers, off-shore offices and third parties its data is protected per regulation compliance. Modify bluecoat proxy to provide access to requested URL's. Provided technical troubleshooting assistance for connection issues.
- Primary Handler to inquiries into the IT Security Mailbox. Responded to all security issues sent into mailbox and referred questions not being able to handle to third parties. For example, how to send HIPAA data to a third party in a secure manner.
- Released e-mail from IRON mail due to DLP settings after verifying that Privacy and Compliance will assume the risk for providing outside party with access to information.
- Approved Firewall rules for submission to Firewall implementation group.
- Reviewed web site for overriding of Web Blocker due to business requirements
IT Security Full-time employee
- Firewall installation, web to content, e-mail filtering with Fortinet.
- Installation and configuration of Fortinet firewall.
- Penetration testing with Nessus Security Center.
- Z/VM Senior Systems programmer.
- Capturing logs for consolidation with Cisco MARS.
- Domain names services with BIND.
- Project Manager responsible for the time frame of implementation and coordination with other departments for the installation of third party vendors to corporate DMZ environment.
- Designed, wrote test plan including security, implementation and coordination with other department for connection of external clients to a multi-tier DMZ environment.
- Designed solutions for disaster recovery site.
- Worked on NT System Administration to connect medium/large offices to the Internet, system upgrades, backups and recovery, and system application.
- Provided technical expertise in development and configuration of Sun Solaris/Windows 2K boxes and support to client.
- Responsible for engineering and maintaining UNIX based systems and developed maintenance cycles of the UNIX environment.
Consultant Senior Security Network Systems
- Architected, installed, tested and troubleshot connecting third parties to corporate DMZ structure using Checkpoint Firewalls.
- Installed and configured Tripwire software to comply with financial audit regulations.
Consultant Computer Systems Manager
- Developed and maintained the virtual help desk for Checkpoint firewalls for the major user interface for the infrastructure group.
- Responsible for UNIX server configurations changes and building documents.
- Responsible for detecting and notifying the appropriate IT operations group on vulnerabilities within their systems and security alerts, and provide recommendations on mitigating or removing the vulnerabilities.
Consultant, Senior Security/Systems Operation
- Communicated proactively during outages and led the team to discover the root cause of outages, implementing required changes and communicated changes to the constituencies.
- Assisted in the completion of security projects using the specialized expertise and discipline of information security management methodologies and templates for projects.
- Worked with LAN/WAN Cisco technology including BGP, EIGRP, OSPF.
- Developed, implemented and maintained application security processes and security testing process and methodologies for the financial and brokerage industry.
- Reviewed firewall, router, IDS Intrusion Detection Systems , anti-virus, and system logs and investigated anomalies as needed.
- Provided Helpdesk support for firewalls, checkpoint on Unix Platform.
- Worked with engineering staff on implementation of security solutions for existing and new networking firewall Cisco PIX , routers, switches and configuration services.
- Contacted and worked with vendors in response to hardware failures.
- As a Project Manager, coordinated outside network scans to validate the security of Gartner's network with e-mail, network sniffing, and load balancing and performed forensics and detailed investigations.
- Designed redundancy network infrastructure for e-commerce website to allow the site to function in the event of loss of one site.
- Upgraded, maintained Checkpoint Firewalls 4.1,2000, NG under Nokia Platform.
- Led Gartner projects for a comprehensive risk assessment and analysis of their infrastructure and identified tactical items to assist in their security and privacy endeavors.
- Provided disaster recovery solutions for server hardware and infrastructure.
- Designed and implemented LAN/WAN network topology, equipment, connectivity and delivery.
- Installed, upgraded, troubleshot, and configured CISCO switches for worldwide network.
- Monitored the performance and provided troubleshooting support for WAN connections including interfacing with vendors to resolve telecommunication issues.
- Implemented network based IDS system.
- Developed policies, procedures and processes for notification and escalation of alerts.
- Maintained DHCP servers and allocated static IP addresses when needed.
- Monitored CERT advisories and tracked modifications to servers across departments.
- Performed risk security architecture reviews for the security policies.
Senior Web Infrastructure Project Manager/Security Administrator
- Complete design, installation and implementation of Avon's website, including
- Connection to the Internet with T-3 and T-1 circuits
- Checkpoint firewalls under Solaris for e-commerce structure
- VPN access for 10,000 global representatives
- Security architecture reviews, security policy procedures for access between the Internet, servers located in the DMZ, and mainframe
- Nanny blocker for 100,000 users
- Relocation of avon.com from external ISP to Avon's data center in .
- Implemented network based IDS systems procedure for notification and escalation of alerts.
- Developed worldwide Internet standards to connect Avon to the Internet, using four points of access around the world. The access points improved Avon's global network performance to regional points instead of a single access point located.