SUMMARY:

• Experienced in Data Security Management, Architecture, Engineering and Operations. Architected, implemented and managed numerous Data Network environments.
• Conducts Vulnerability Analysis and Penetration Testing on network devices, security systems, applications, servers and client operating systems. Reporting and presentation of security and network infrastructure information to senior management. Consultative roles with C - level personnel, department leaders and project managers.
• Continued participation in various Civilian and Federal Government Data Security organizations. Preference for highly technical and fast paced environments.
• Experience in Unconventional and Asymmetric Warfare provides an orientation to understand threats, hacking methodologies and the individuals and groups involved.

TECHNICAL SKILLS:

• Data Security and Networking System Architecture, Engineering and Management
• Documented and applied various NIST Security Frameworks to organizations and their infrastructures
• Critical Infrastructure security protection of national power grid system devices and their applications
• Forensic Hacking Analysis and Computer Security Incident Response Readiness
• Penetration Testing and Vulnerability Analysis hands on experience
• Threat Modeling Analysis and Presentation to Architects and Management
• High Capacity Local Area and Wide Area Networking design, deployment and management

PROFESSIONAL EXPERIENCE:

Confidential

Senior Security and Network Architect, Engineer and Manager

Responsibilities:

• Penetration Testing of Security Devices, Network equipment and applications
• Palo Alto Firewall Architecture, Administration and Management of Firewalls and personnel F5 Reverse and Forward Proxy management Network Access Security Policy (NASP) Network Access Control (NAC) Architecture Cisco ISE NAC Architecture and Administration BGP Architecture for Vendor
• Partner and Internet Routing Firewall Migration from old to new Data Centers VPN Architecture and coordination of implementation with external organizations and internal users Rearchitected Domain Name Service (DNS) Data Loss Prevention (DLP) Data Flow Architecture Weekly Information Security (InfoSec) Infrastructure Architecture Review Board Engineering Reports for Security and Network Devices Direct reports of Firewall administrators
• Network administrators, F5 administrators and Telecom engineering

Confidential

Senior Security Architect

Responsibilities:

• Cybersecurity Architect Review Board member
• NERC-CIP Security Architect Penetration Testing Architect: Created policy, process and procedures for Penetration Testing.
• Data Security Architect for Smart Grid Initiative and Renewables generation infrastructure Working with third party systems and environments to insure secure connectivity into the company’s Smart Grid environment.
• Drone Defensive and Surveillance Security Controls Architect Created Charter for company Tiger Team assessment group.
• Routine assignment as Penetration Team Tester. Review Penetration testing results of Smart Grid devices, Web Applications and ICS/SCADA systems. Data security consultation to various power generation, distribution and management system projects Segmentation consulting for Industrial Control Systems and SCADA based systems.
• Firewalls security procedures creation, documentation and review of policy changes.
• SIEM and Vulnerability Analysis system architecture and implementation for Critical Infrastructure systems.

Confidential

Senior Security Analyst

Responsibilities:

• Established CSIRT policies and procedures for organization following NIST SP
• 800-61 (rev2) and SANS CSIRT Data Security Officer of Computer Security Incident Response Team FBI InfraGard Representative Cybersecurity Team membership Penetration Testing and Vulnerability Analysis using NMAP, NESSUS (Security Center), BurpSuite, Metasploit, OWASP ZAP, Maltego, Airodump and Aircrack-NG, Fern WiFi Cracker and multiple other Kali Linux tools IPS/IDS Policy establishment, analysis and investigation of detections and blocking activities.
• SIEM Architecture, implementation, monitoring and reporting of enterprise QRadar SIEM Forensic investigations using tools such as Wireshark, QRadar, IDS/IPS systems and Log file analysis Primary administrator for enterprise Proventia Intrusion Detection/Intrusion Prevention systems.
• Primary administrator for Check Point Intrusion Detection/Intrusion Prevention systems. Security Policy creation and compliancy for IDS/IPS, Firewall, Routers, Switches and Servers.
• Created and delivered Trending of Security posture and security metrics for Chief Security Officer Packet capture using tcpdump, Wireshark, Riverbed Steelhead NetShark appliances, Cascade Pilot, SNORT, Cisco ASA Presenting results of Packet captures to development and operational teams Configuring SPAN ports on Cisco 7010, 7018, 5000, and various other Switches NIST SP 800-115 Framework author for company Penetration Testing and Vulnerability Analysis Core and internal Firewalls Change review, approval and validation FireMon architecture, installation and ongoing support and monitoring of events generated.
• PKI (Thawte) primary corporate administrator RSA SecureID authentication system primary administrator Primary administrator for multiple Check Point Firewalls protecting multiple Internet and DMz subnets Cisco ASA Firewall administration for multiple protection points both internally and for employee VPN connectivity.
• F5 LTM, ASM and GTM administration for dual active data centers. Role Based Access Control configuration and support on Firewalls for control of development community.
• VPN client profiles creation and management on ASA VPN devices and in RSA SecureID environment.
• VPN network tunnel creation and support for internal branch offices and trading partners utilizing Cisco Routers. PCI DSS representative for network security group.
• Documentation and diagramming of Enterprise Data Security and Network systems and their interconnectivity Core Data Center equipment daily support.
• Equipment includes Cisco Nexus 7000, 5000, 40 00 and 2000, various 38xx series Routers and Catalyst Switches.
• Multihomed ISP connectivity support utilizing company’s own ASR Routers. Daily DNS management of InfoBlox Grid appliances.

Confidential

Security and Network Engineer

Responsibilities:

• On site contractor to International BPO services firm. Locations supported include US, China, India, UK, Mexico and other countries.
• Company employs over 10,000 individuals in listed countries.
• Design, implement and manage Check Point, Nokia, Cisco, RSA SecureID and IDS/IPS systems.
• Vulnerability Analysis and remediation tracking using eEye Retina RSA Server 6.2 and 7.2 installation, support of User AAA services.
• Multiple Check Point Firewalls (R55-R75). Nokia and SPLAT model utilizing VRRP redundancy on IPSO (4.2 and 6.2) located in US, Mexico, China and India.
• Multiple Cisco ASA Firewalls (8.2-8.4 and ASDM 6.2-6.4).
• Scripting of Firewall tasks using BASH scripts and maintenance scheduling via Crontab Cisco IDS standalone servers and AIP-SSM on ASA 55xx, monitored with Cisco CSM and IME. Check Point SmartDefense and IDS application configuration and Penetration Testing with BackTrack 4/5 Vulnerability Analysis and Penetration Testing of environment. Tools used: NMAP, BackTrack 4/5 and NESSUS(Tenable).
• Daily setup up VPN connections between corporate office and various client and vendor networks.
• Various Cisco Catalyst Switches from 35xx to Catalyst 6513 (CatOS and IOS). Various Cisco Routers including 2851 GSR1and 2, 3 800 and 78 00 series.
• Private-VLAN establishment on Cisco switches for Port Channel (EtherChannel) attached UNIX and VMware servers to Check Point Nokia IPSO VRRP clustered Firewalls. Multiple Radius and TACACS Servers. F5 BIG-IP LTM Load Balancers setup and support in Active/Secondary configuration.
• F5 BIG-IP Application Security Manager (ASM) setup and configuration. eEye Retina Vulnerability Analysis and security policy tracking. Many VPN establishments and support on Check Point, ASA, and Cisco Routers. Solarwinds/Orion NPM and NCM configuration and daily usage.
• Design and Documentation of network and network security systems.
• Considerable Firewall and security system clean up and redesign of security environment. Traffic flow analysis and capacity planning using NetFlow (Fluke NetFlow Tracker) and Solarwinds/Orion NPM.

Confidential

Data Security Consulting and Management

Responsibilities:

• Architecture, implementation and management in a hands-on approach of numerous data infrastructures and support personnel.
• Provided Firewall and IDS/IPS consulting and services to Automotive, Financial, Airline and Retail companies Hired and managed contractors and company employees for various client engagements. Installation and support of Red Hat, CentOS and Solaris for BIND(DNS), NTP, SAMBA, TAR, CLAMav, Mail Applications, VNC Server, SNORT, SQUID, HAVP and Squid Guard/DansGuardian.
• Staffed and managed personnel for the deployment of all computers and their related systems for the Detroit/Wayne County Midfield Airport construction (approx. 5,000 systems) Provided Managed Security Incident Response services for various international automotive suppliers Deployed and managed many Cisco Switches, Cisco Routers, Cisco PIX and ASA Firewalls Work extensively with Netscreen and Juniper Firewalls, VPN and IDS/IPS configurations.
• Technologies supported daily include network connectivity (WAN, MAN, LAN), data security (Firewalls, VPNs, Intrusion Prevention, Access and Authentication control), Servers (Multiple Operating Systems), Database and Email Applications (MySQL and MS SQL), Health and Availability device monitoring, Client Operating Systems and Applications. Setup and support of exterior WAN bridges to connect campus buildings. Managed internal SecureNet, Inc. networks and servers.
• The environment hosted customers’ Firewalls, VPNs, secure Email systems, Ecommerce applications, general Web hosting and customer data environment monitoring. IDS/IPS protection utilizing SNORT on CentOS 5.x Automated Vulnerability Analysis and Penetration Testing of customers’ Internet and Intranet connectivity. Direct responsibilities for various Microsoft Exchange Servers (2000, 2003, and 2007), Microsoft SQL Servers ( 2000 and 2005 ), .NET application support, Microsoft Load Balancing Service. Setup and support of XEN Virtual environments (Dom0 and DomU) on CentOS. Determine compliancy to ISO requirements including documentation and internal auditing oversight. This included Audit functions.

Confidential

General Manager

Responsibilities:

• Primary Manager, architect and support coordinator of the company’s Data Security, Data Networking, Servers (Windows, UNIX, LINUX and AS/400), Desktops, Helpdesk and Telecommunications environments.
• Functional hands-on management approach with a mentoring orientation of the company’s Operations staff. Direct Report to Chief Information Officer and Chief Executive Officer. Authored Organization’s Information Security Policy. Conducted employee performance evaluations and helped staff with their continuous improvement goals. Conducted ongoing internal data security audits of servers and client network operating systems. Capital Expenditure planning, tracking and reporting. Disaster recovery planning, process, documentation and implementation. Customer interfacing (pricing, support, sales and documentation). Project planning responsibility. ISO Steering Committee member and internal auditor. Created and implemented server maintenance schedule for all servers.
• Automated server patching system for all Microsoft Windows Servers.
• Increased total UNIX and LINUX servers in environment.
• Instituted a centralized logging system for all servers, network devices and Firewalls. Instituted controls for server room and buildings access. Identified then deployed various new networking and server tools (hardware and applications). Redesigned complete data network including access points, Firewalls, Intrusion detection systems and operating systems (UNIX, LINUX, Solaris and Windows). Designed and assisted implementation of multiple Vulnerability Analysis systems. Designed and deployed High Availability network and Firewall segments. Provided detail design and implementation of Internet redundancy. Enhanced Email security environment.