QUALIFICATIONS SUMMARY:

• Experienced IT security professional skilled in risk management, compliance, vulnerability management, infrastructure monitoring and incident management
• Strong experience in network security monitoring and incident response, record and report incidents in 24x7x365 Security Operations Center (SOC)
• Broad knowledge of network design, systems architecture, configuration management, and systems administration with extensive experience in managing government and non - government IT Infrastructure.
• Knowledge of network communications and routing protocols (e.g. TCP, UDP, ICMP, BGP, MPLS, etc.) and common internet applications and standards (e.g. SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.)
• Proficiency working with various event logging systems, reviewing of security event log analysis: Security Information and Event Monitoring (SIEM) platforms that perform log collection, analysis, correlation, and alerting
• Hands-on experience in systems/network operations and engineering
• Experience in project management, systems and network security, incident analysis and recovery.
• Experience in Windows and Linux Administration and Scripting
• Experience in Business Continuity Plan including Disaster Recovery Operations
• Experience in Security and Risk Management: Security, Risk, Compliance, Law, Regulations and Business Continuity
• Experience in capacity planning for enterprise level IT infrastructure.
• Experience in Technical Risk Assessment (TRA) and security audit
• Experience in server hardening and intrusion protection
• Experience in managing IT systems outages, diagnosing and resolving IT.
• Experience in analysis and providing advice on complex IT related issues.
• Experience in developing security policies and procedures
• Professional, enthusiastic, analytical, problem-solver, flexible, self - starter, team player, results-oriented, and can be counted on to get the job done.
• Good technical writing and documentation skills
• Effective communication skills—verbal, written, listening, and negotiating.

COMPETENCIES:

• Risk / Compliance Assessment Vulnerability Management Network Operations Monitoring
• IT Auditing Storage Area Networks Virtualization
• Security Operations Center (SOC) Software Development Customer Support
• Risk Assessment / Impact Analysis Network and Systems Security Change Management
• Regulatory Adherence/Compliance Project Management VPN Administration
• Change Management Administration Policy Planning / Implementation Windows 2012R2/2016
• UNIX Shell/Linux Business Continuity/Disaster Recovery

PLATFORMS:

• Security Frameworks: ISO 27001 • COBIT • COSO • ITIL• NIST SP
• r1
• Compliance Experience: FIPS • FISMA • PCI-DSS • HIPAA• GLBA • SOX
• Operating Platforms: Windows • Linux • Unix • OSX
• Platforms: VMWare
• Hyper-V
• HP hardware
• IP Packet Analysis - Ethereal tcpdump ntop Intrusion Detection - Snort/ACID
• TippingPoint
• Penetration Testing - Nessus/Nmap DNS Administration (bind)
• Perl
• HTML Apache
• Asterisk
• DHCP
• Exim
• MySQL
• Postfix
• SAMBA
• SSH Administration
• Cisco IOS Configuration (Netflow
• ACLs
• TAC+/Tacacs) Sidewinder/Gauntlet Firewall Administration
• Sonicwall Firewall Administration F5 BigIP and 3DNS Administration

WORK EXPERIENCE:

Information Technology Specialist

Washington, DC

Confidential

Responsibilities:

• Monitoring operational status of monitoring components and escalating and reporting outages of the components
• Collect and maintain information pertinent to security investigations and incidents in a format that supports analysis, situational awareness reporting, and law enforcement investigation efforts
• Identify malicious code present within a computer system as well identification of malicious activities present within a computer system and/or enterprise network
• Work with ticket management system to collect, document and maintain information pertinent to security investigations and incidents. Implement Change Management
• Developed and Implemented Information Security Policies and Procedures
• Implement and manage Enterprise baseline configurations, CIS, DISA-STIGs etc
• Remediate POAMs, audit related security vulnerabilities, Monthly Security Updates, Zero-Day
• Implement and manage SIEM systems. Triage and Interpret security logs
• Manage Security incidents; Manage FireEye systems
• Manage monitoring dashboards and indicators that identify anomalous activities on network
• Monitor and Analyze Risk indicators, Attack Surface, Threat vectors; Manage Access controls
• Implement security remediation, risk acceptance and technical compensating controls
• Recommend improvements for the detection of fraudulent behavior through the analysis of data from many disparate sources
• Manage Identity Management and Access controls including Roles-Based Access Controls
• Perform Vulnerability Assessments using Qualys and Nessus vulnerability scanners
• Perform Security penetration tests based on Business processes, Reconnaissance, Scanning, Exploitation (using Metasploit etc) and post exploitation analysis and coordinate remediations Participate in all aspects of Incident Handling: Preparation, Identification, Containment, Eradication, Recovery and Lessons Learned
• Manage Juniper Netscreen Firewalls and Intrusion Prevention and Detection (IDP) Devices
• Manage Intrusion Detection Systems (IDS) and SIEM technologies; Splunk, Symantec antivirus, Firewalls and Sourcefire and similar tools

Key Achievements

• Key lead in implementation of new and emerging security technology solutions
• Managing day-to-day IT security operations

IT SPECIALIST

Washington DC

Confidential

Responsibilities:

• Identify malicious code present within a computer system as well identification of malicious activities present within a computer system and/or enterprise network.
• Work with ticket management system to collect, document and maintain information pertinent to security investigations and incidents.
• Monitor operational status of monitoring components and escalating and reporting outages of the components.
• Collect and maintain information pertinent to security investigations and incidents in a format that supports analysis, situational awareness reporting, and law enforcement investigation efforts
• Perform Vulnerability assessments
• Implement IT security configuration baselines: DISA STIG, CIS, FDCC and USGCB
• Implement agency-wide Least Privilege Access controls through Active Directory
• Analyze security risk ratings, Integrating environmental factors into CVSS scoring system
• Implement system ports monitoring and detections; OS and Services Fingerprinting
• Manage DLP systems
• Implement and manage Antivirus/Antimalware systems (Symantec Enterprise Protection system)
• Maintain records of security monitoring and incident response activities based on case management and ticketing system
• Manage Intrusion Detection Systems (IDS) and SIEM technologies; Splunk, Symantec antivirus, Firewalls and Sourcefire and similar tools
• Manage monitoring dashboards and indicators that identify anomalous activities on network
• Monitor and Analyze Risk indicators, Attack Surface, Threat vectors; Manage Access controls
• Implement security remediation, risk acceptance and technical compensating controls
• Recommend improvements for the detection of fraudulent behavior through the analysis of data from many disparate sources
• Manage Identity Management and Access controls including Roles-Based Access Controls
• Perform Vulnerability Assessments using Qualys and Nessus vulnerability scanners

Information Technology Specialist

Washington DC.

Confidential

Responsibilities:

• Design, Implement and Administer large-scale Active Directory Infrastructure (300 Servers, 5000 Workstations) and group policies
• Provide infrastructure support for the coordination, design, testing, and implementation for multi-tiered Enterprise-wide COTS and non-COTS applications.
• Manage major Windows-based Technologies within the BLS environment i.e. MS Exchange 2010, SCCM 2007, Blackberry (BES), SQL 2008, SCOM, NetBackup, VPN, McAfee etc.
• Manage Virtualized Enterprise environment: Hyper-V, VMware and Citrix Metaframe
• Manage SAN Technologies environment i.e. EMC SAN, Dell EqualLogic SAN
• Review, analyze and implement integration of new system into existing IT infrastructure.
• Perform agency-wide Microsoft Windows 7 deployment
• Perform Contract Evaluation, Award, Modification, Payments, Deliveries, Performance as COR
• Develop, perform and document application interoperability and functionality testing
• Provide advice and guidance on complex information (IT) issues
• Develop project plans and other project template documentations
• Apply advanced IT concepts, principles, methods and practices to resolve complex IT issues
• Scripted using VBScript, SQL Queries, PowerShell, Batch commands
• Configure and manage SCCM 2007 infrastructure for Apps Deployment and Patching
• Design, implement and support middleware infrastructure for application development teams: Microsoft .NET Frameworks, Visual C platforms, JAVA, IIS, ORACLE, Apache etc.
• Support Windows 2003/2008 Servers and Windows XP/7 desktop platforms
• Communicate effectively with senior management, supervisors, technical professionals and customers orally and in writing.
• Provide infrastructure support to high-tier application development teams in a 6000-user community
• Perform capacity planning and scope out requirements for all agency-wide applications, monitor server and workstation resources utilization and growth projection for applications at agency-wide levels.
• Provide infrastructure support for the coordination, design, testing, and implementation for multi-tiered Enterprise-wide COTS and non-COTS applications. HelpDesk applications, multiple business applications, financial applications, HR applications etc.

Key Achievements

• Made substantial improvements to technical support since joining the organization