17 years of experience network software and hardware installation and troubleshooting, security device configuration/best practices in an enterprise environment. Software: McAfee ePO/HBSS, eEye Rem/Retina, Check Point Utilities Smart DashBoard, SmartView Tracker, SmartView Monitor, Eventia Reporter , ArcSight ESM, Exchange 5.5, Exchange 2000, Exchange 2003, SQL 7.0, SQL 2000, NetIQ App/Security Manager, Microsoft ISA Server, Snort, Visual Studio 6/2003/2005, Commvault Galaxy, EMC Navisphere, EMC Powerpath, Quest Fastlane Migrator/Reporter, GroupWise 6.0-6.5, Visual Basic.NET, Winstall MSI packager, Wise Install, ZENworks, Citrix Server/Metaframe Client 1.8-XP, Ghost 6.5 Enterprise Edition, MS Excel, Access, Word, Project 2003, Outlook, Veritas Backup Exec, Arcserve Backup, HP Openview, Project, Visio, Lotus Notes 4.5 Lotus cc:Mail, Unistation, Pcanywhere, Flash 2-4 Languages: Visual Basic 6, .NET 2003/2005, VBScript, C, T-SQL, HTML, ASP, XML Operating Systems: Check Point Secure Platform, Red Hat Linux 5.x,Windows NT 4.0, 2000, XP, 2003, 2008, Novell Netware 4.11 6.5, SUSE Linux 9.0, MS DOS Hardware: Check Point Nokia firewall hardware, Proventia IDS/IPS, Disk Jockey Pro, SEM/SIEM Dell, HP/Compaq Server Hardware, Cisco Routers and Switches, Cisco PIX ASA firewall, Checkpoint NGX r65, EMC SAN, Brocade and McData Fiber Switches, HP Storageworks NAS/SAN, Synoptic Hubs, DVD RAM BIOS upgrades RAID controllers, Intermec RFID, Shiva RAS, Cisco TACACS, Avaya Wireless LAN, IDE/SCSI hard drives SATA drives, Jetdirect print servers, SCSI card/devices, 3Com switches, fiber converters.
Responsible for the planning, design, implementation of the corporate's geographically dispersed Windows Active Directory and Exchange environment. Planning, deployment, and maintenance of enclave Group Policy Objects. Creation of numerous GPO administrative templates to customize high performance computing HPC environment. Deployment of Dell Storage Area Network, as well as the creation and maintenance of LUNs. In charge of the Design, implementation, and maintenance of the organization's virtual server farm, as well as Cisco routing and switching infrastructure to include VLAN creation and troubleshooting. Sustain backup to disk, as well as tape backup jobs. Perform mission essential functions in support of the Government customer when necessary. Responsible for providing network/computer security and risk management planning, strategic planning, management and technical oversight for the certification of networks, systems, applications, and associated computer hardware/software resources in support of the TACOM Life Cycle Management Command LCMC .
Responsible for the Cost and Systems G8 Windows Active Directory environment. Planning, deployment, and maintenance of enclave Group Policy Objects. Creation of numerous GPO administrative templates to customize high performance computing HPC environment. Deployment of EMC CX CLARiiON array storage area network, as well as creation and maintenance of LUNs. Sustain backup to disk, as well as tape backup jobs. Responsible for the administration and troubleshooting of the Cisco network infrastructure, including routers, switches, and ASA firewall devices.
Information Assurance Team Lead
Supervise 12-14 Information Assurance Engineers. Responsible for providing information assurance/information security support tasks in an enterprise network environment. Duties include Security Architecture Design and Implementation, Checkpoint Firewall Support and Administration, Wireless Security, system monitoring, Vulnerability Detection and Remediation, IDS support and administration, and Windows/Unix/Linux system security administration NIPR and SIPR . Maintain and improve the DLIS security posture through the adherence of DISA security standards. Revisit and modify existing security controls to maintain relevance. In charge of IAVM compliance through CERT status updates, draft POA M POAM and defense-in-depth auditing. Investigate and analyze all response activities related to computer security incidents. These tasks include, but are not limited to: creating and maintaining incident tracking information planning, coordinating, and directing recovery activities and incident analysis tasks, including examining all available information and supporting evidence or artifacts related to an incident or event. Collect data from a variety of security tools including intrusion detection system alerts, firewall and network traffic logs, and host system logs to analyze events that occur within their environment.
Senior Security Engineer
In charge of IAVM compliance through CERT status updates, POA M /MSR drafting, and defense-in-depth auditing. Work with IAM to perform gap analysis of existing controls, as well as the introduction of new controls as new systems were migrated or introduced into the Federal Services enclave. Ensure STIG compliance on all computer systems and network devices through vulnerability management and SRR audits. Monitor anomalous traffic/trending in Check Point Tracker, Approve rule change requests in Check Point SmartDashboard as they apply to industry best practices, Monitor firewall performance in SmartMonitor, Analyze, test, debug, implement, and maintain new and existing intrusion detection application programs and related documentation to meet organizational business security program requirements. Maintain the intrusion detection system IDS to meet best practices and industry standards, as well as providing on-going vulnerability management duties and wireless scanning functions, Monitor and analyze alerts including forensic analysis, and makes appropriate notifications in accordance with company policy. Design and implement alerting mechanisms and associated policy planning and application strategies. Evaluate, recommend, install and maintain security application software packages. Prepare application quality assurance reviews as well as perform vulnerability assessments in accordance with incident response plans. Ensure critical data and applications are addressed in the Delta disaster recovery plan. Responsible for training users on the utility of PGP for desktop e-mail encryption. Ensure activities conform to departmental application development standards and systems life cycle. Prepares and submits project status reports to management.
Network System Specialist /.Net Developer
Responsible for the planning, design, implementation, troubleshooting, and support of the Praeses IT Infrastructure in a Windows Active Directory environment. Support, configure, and scrutinize anomalous behavior as logged by the corporate Intrusion Prevention System IPS , as well as Cisco PIX/ASA firewalls. Maintain the security and availability of Network resources such as Jurisdiction Online server hardware and storage, Implement and Maintain the Corporate digital certificate environment, Exchange messaging system, and file and print services. Perform proactive monitoring and remediation of all network hardware and software resources. Protect stored data through understanding and implementing secure file system permissions, Scrutinize security infrastructure to ensure the confidentiality, integrity, and availability of all corporate resources. Responsible for editing, reviewing, and maintaining the Praeses disaster recovery plan, as well as act as the single point of contact between NTG leased hot-site and Praeses corporate counsel. Maintain the Symantec Antivirus console and respond to/mitigate virus alerts. Closely monitor firewall logs to thwart off potential attacks. Automate and standardize tasks through VBScript, .Net applications, and Group Policy Objects. Assist senior sales staff with future business ventures through written Statements of Work, as well as research of potential opportunities. Work with the Air Force to develop custom security applications for Cyber Command initiative at Barksdale AFB.
Network Operation Engineer
Responsible for systems operation and administration of NetIQ AppManager/Security Manager Network Operations Center NOC application. This requires preventative maintenance, maintaining security through log audits and monitoring, as well as an understanding of all wide area network devices. Apply secure programming practices through languages such as VBScript, Visual Basic, ASP, XML, HTML, and SQL development is required for custom monitoring scripts and NOC custom web UI, configuration updates, and reports. Responsible for GPO maintenance and configuration changes, management of network devices, monitoring of such systems/devices, technical documentation of enterprise network design solutions, data analysis of managed network devices and Windows/UNIX hosts. Writing of incident reports which explain an existing or potential issue, followed by recommendations of mitigation. Proactive maintenance checks of network devices, monitoring of hardware and software systems and development of displays that present the data to customers. Responsible for customer interaction to ensure that monitoring requirements are being met and that the data being provided is accurate. Programmatically assign user account CAC Smart Card attributes to provide 2 factor authentication DLIS/DRMS-wide. Perform other related duties as assigned in coordination with all IT teams for the best solutions in monitoring and resolution of network device issues. Took delivery of, scrutinized, tested, and implemented STIG security compliant systems as dictated by DISA.