SUMMARY:

• Over 18 years’ experience with networks and application security.
• I worked as a penetration tester for the Office for the Secretary of Defense for 5 years that also included managing Confidential laboratory environments, forensics, and social engineering to compliment or enhance the penetration testing.
• I worked with the NSA in their Tailored Access Operations office as well as an Intelligence analyst.
• I’m currently working with a travel and fuel sales company, Confidential, on the defense side of the house helping with network architecture, vulnerability identification and management, vulnerability and patch management and incident response.

TECHNICAL SKILLS:

• Tool experience for Confidential analysis include Backtrack; Metasploit; Nexpose; Net Stumbler; Cain and Able; John the Ripper; BTCrack; Wireshark; Scanline; ProofPoint; IronPort; FireEye; Varonis; SCCM; LanDesk; Cuckoo; Symantec; and Snort. Experience with programming languages to include: C, C++, and C Sharp, Pascal, and Basic.
• Application security tools include Open Web Application Security Project (OWASP), AppScan, IDA Pro reverse engineering application suite, DISA Gold Disk, DIACAP Retina scanner, Nmap, NESSUS, and Nexpose.
• Intrusion detection experience using IDS and IPS appliances and forensics for post infection or breach attempt investigations. Primary experience using FireEye, Snort, TippingPoint, and Netflow. Internal audit experience to investigate suspicious insider activity as well as validate proper security controls and physical security audits.
• Unix (various Linux, various BSD, Solaris), Nagios, JBoss, DHCP, SSH, Wireless networking with 802.11 b/g, Snort, Nmap, Metasploit Framework, Apache, MS IIS, Sendmail, MS Exchange, WSH/WMI scripting, RAID configuration, Veritas Backup Exec, Oracle 8i/9i/10g, Java 1.4, Unix shell scripting, SQL, HTML, and Perl,
• Also have experience with IPv4 and IPv6 networking to include working with Cisco network devices and administrating networks and maintaining proxy, UTM, network, and application layer firewalls.
• Worked with operating systems ranging from DOS and Windows 3.1 to Windows 10 and Windows Server 2016, as well as multiple Linux distributions, UNIX, and Solaris.
• Windows Server and client operating systems, configuration and maintenance, computer security assessment and configuration, Symantec Antivirus server, patch management, Active Directory management.
• Graduated from the NSA sponsored two month Digital Network Analysis (BDNA) course in Pensacola Florida, 2007, which provided hands on experience to wireless technologies, such as 802.11 a/b/g/n, GSM and CDMA and SIGINT technologies.
• Knowledge of network security tools includes, port scanners, enumeration tools, automated penetration testing tools, packet analysis tools, and wireless scanning tools.

PROFESSIONAL EXPERIENCE:

Confidential

Information Security Engineer

• Created the incident response policy and subsequent team where previously there had been nothing formal and provided training on email header and malware analysis to other team members.
• Managed email firewall ProofPoint as well as rebuilt the architecture over time to better provision the memory and storage capacities and streamline the rules to have the appliance perform more efficiently.
• Migrated MX record to a cloud provider AppRiver to provide additional layer in defense where we experience the greatest attack vector.
• Administrator for Symantec; Forecepoint, (previously known as Websense); Cisco Wireless LAN controller; Nexpose; InsightVM; FireEye; ProofPoint; AppRiver; Malwarebytes MBMR; DUO two factor authentication; Varonis; Splunk.
• Manage the companies MX and A records. Implemented DKIM and DMARC records for primary domains.
• Project Manager for Security in headquarters relocation; responsible for physical security including access control management and camera placement; setting up a secure share solution using Bitlocker; Implementing new MDM solution using InTune; encrypting data at rest using Vormetric; Annual Penetration tests; redesign of email firewall, policies and mail routes; Patch management program; Vulnerability Management Program; Incident Response Program.
• Work with Legal, HR, and Compliance for internal investigations and audits, occasionally required to speak at court to present findings from investigations.
• Security and vulnerability assessments to appliance or applications prior to deployment on the Confidential production network using OWASP and AppScan.
• Utilize Varonis to find and mitigate poorly implemented permissions on sensitive areas on the share drives as well as provide legal an HR with investigative reports around access to files.
• Set up disaster recovery failovers for security appliances at our DR Datacenters and implemented DR plan for when and how to fail over.
• Set up two factor authentication using Duo and worked with business to stage rollouts to minimize business impact.

Confidential

Information Security Engineer

• Incident response to security breaches, analysis of malware and how it avoided AllianceBernstein security measures.
• Vulnerability and penetration testing using Nessus, Nmap, Metasploit, Nexpose, Backtrack and Kali
• Worked with developers to provide a security and vulnerability assessment to appliance or applications prior to deployment on the AllianceBernstein network. .
• Assess current policies and procedures to identify better ways of conducting business and enhancing the security posture of AllianceBernstein.
• Continuous assessments to requests for access to applications or groups that requires an analytical response and understanding of network security in order to avoid creating a hole or vulnerability in an otherwise secure environment.
• Work with internal audit and Information Assurance to mitigate poor security controls revolving around active directory and permissions, primarily using Varonis but manual inspection of Active Directory was necessary as well.
• Occasionally malicious email finds it way past the filters and I analyze the meta data to determine where it originated and sandbox any attachments in sandboxie or cuckoo to analyze if malware or redirects to infected sites are existent.

Confidential

Network Security Engineer

• Conduct penetration testing on wired and wireless networks.
• Act as aggressor in war game simulations providing Confidential for blue forces and attempt to harass or defeat the opposing side through cyber - attacks.
• When sanctioned, attempt to assess physical security by means of social engineering or exploit vulnerable security devices like card readers, cameras, ground sensors or aerial assets.
• Researching, assessing, mitigating, and reporting on systems security vulnerabilities associated with Advance Concept Technology.
• Demonstrations (ACTDs) and Joint Capability Technology Demonstrations. This includes, but is not limited to: reviewing computer-centric technologies, including 802.11, 802.15, 802.16, and 802.20 wireless networking on ACTD/JCTD architectures for security vulnerabilities, exploits, mitigation, and remediation techniques; per-assessment enumeration and exploitation and penetration/red team testing; researching selected technologies used in ACTD/JCTDs, to include specific security vulnerability and functionality tests in a laboratory setting and recommending alternative solutions when applicable; Confidential and local assessments; preparing informational presentations and documentation, quick look studies, white papers, initial systems vulnerability assessments, test plans, articles for reprint, and findings reports.
• Responsible for maintaining familiarity with current and emerging wireless networking technologies either in use or possible for implementation in a Department of Defense systems environment.

Confidential

Global Intelligence Analyst

• Developed intelligence on Confidential computer infrastructures and writing technical reports on the intelligence gathered from these efforts. Network protocols of Confidential networks such as EIGRP, IGRP, IPSec, and IPX are routinely assessed for possible exploits.
• Common daily tasks included analysis of raw packets of information from Confidential networks that had been collected from Snort and other packet capture programs, conducted vulnerability assessments of Confidential networks using port scanners and automated penetration tools such as Nmap, and Metasploit.
• Assessed wireless environments in Confidential theaters using such tools as ArcGis to probe for possible vulnerabilities in their wireless networks. Using the information to further exploit technologies such as HPCP, GMA /CDMA, and 802.11, 802.15, 802.16, and 802.20. Unclassified research of targets was also a daily task that included: vulnerability assessments of Confidential systems from a potential adversary, third world point of view; identifying individual targets of interests like system administrators for Confidential networks on Facebook, Myspace, or other social forums and use that information for social engineering; IO vulnerabilities are assessed in a military environment using unclassified and commercial-off-the-shelf (COTS) capabilities and in accordance with the Concept of Operations (CONOPS) provided by the NSA.
• The mission required frequent use of multi-domain (classified) networks.
• Responsible for leading a team of 11 personnel, to include training in basic data structures of a packet, how the OSI model applies to digital network intelligence, and the differences between TCP and UDP protocols.
• Acquired four years of experience writing serial, technical, follow-up, and summary reports for national level consumers as well as second and third party consumers when appropriate cooperation was deemed necessary.
• Notable success from leading the team included several reports reaching the level of the President, as well as being awarded the Joint Service Commendation Medal for cooperation with sister services and civilian agencies.

Confidential

Team Lead

• Assisted in maintaining intranet access and security by assisting in assigning usernames for access by team members and was routinely tasked by windows systems administrators with ensuring only authorized personnel accessed the Confidential intranet.
• Responsible for one fourth of the store and its inventory as well as training new personnel on the hand held computers used throughout the store.
• Responsible for managing a team up to 30 people and carried out interviews for administration.

Confidential

Web Development

• Designed, secured, and maintained a website for local community churches. Tools used were primarily HTML and PHP code. In addition to design, SSL protocols were incorporated into the website to increase security and provide an environment for secure e-commerce to take place. A WAN was later incorporated for an affiliated church in a nearby town, providing inter connectivity between the two organizations. Periodic review of web traffic was a routine process carried out to look for intrusion attempts or any anomaly such as requests to closed known ports or large amounts of data that may need to be blocked to prevent against spam attacks. In addition to the design and management of the web page.
• Helped design and implement a LAN for Lee Road United Church, as well as the creation of a database of online products in Microsoft Access which was linked to the web page to automate online purchases.
• Assisted in post-production video editing in Adobe Professional and Flash animation for video productions produced at Lee Road United Church.

Confidential

System administrator

• Provided network administration to include updating legacy systems and identifying upgrades.
• Implemented Common Access Cards (CAC) security for physical access to buildings and updated corporate databases using SQL, MySQL, and SQL Light, to ensure the security of the facility was maintained.
• Created and maintained a Microsoft Excel spreadsheet to ensure a half million dollar inventory of pharmaceutical drugs, which were accounted for and allowed statistical study of those drugs purchased, received, and shipped, enabling him to better engage contractors and vendors for the best price and availability.