SUMMARY:

• I am a diverse security engineer blending 7 years of cyber security with a fusion of other expertise spanning over 22 years in various corporate, small business and private sector environments.
• Using ingenuity, team collaboration and other resources at hand, I view each IT task as a chess match and enjoy a healthy challenge in completing management goals.

TECHNICAL SKILLS:

• 22+ years in IT, 7+ years in Cyber Security
• Effective in Python, C, Bash/Korn scripting and programming languages.
• Working knowledge of PHP, C, Yii, HTML, JavaScript and Python
• In - depth understanding of vulnerability/exploit scanners including: SAINT, Tenable Nessus and Rapid 7 Nexpose
• Participated in 7 annual PCI ASV recertifications
• Understanding of various security compliance standards including: FISMA, PCI, IAVA, SOX, NERC/CIP and HIPAA
• Competent in configuration assessments using NIST configuration benchmarks (USGCB/TIS, DISA/STIG)
• Familiarity with SAINT and Rapid 7/Metasploit pentesting app/tools verifying risk expose from vulnerabilities in a network
• Knowledgeable with SAINT Exploit Phishing tool-set in testing users to determine their awareness of security risks and security training needs
• Proficient using various security distributions including: Kali, Samurai, Web Dojo and OWASP BWA
• Familiarity with most common TCP/UDP protocols/ports
• Experienced with web application security testing tools such as SAINT, OWASP ZAP and Burp.
• Comfortable with Cryptography to include Symmetric, Asymmetric encryption (PKI), Hashing, Ciphers and etc
• Working knowledge of OWASP 2013/2017 Top 10 web application security risks
• Fully literate in various Linux (CentOS, Ubuntu, Red-hat, Fedora, Suse, Debian, FreeBSD, Solaris) and Microsoft distributions
• Proficiency using MYSQL/Maria DB and POSTGres databases
• Proactive research and tracking of the latest NIST published vulnerabilities, evolving exploits, techniques, and tools in support of enhancing existing methodologies.
• Development of vulnerability check signatures and remediation content
• Literate in various network monitoring utilities including, CA Solar Winds, EtherApe, NETQOS, Application Advantage and Network Generals Sniffers
• Working knowledge of Imperva WAF’s, F5 Load Balancers, FireEye IPS, Carbon Black Endpoint Security, ForcePoint Url Filtering
• Literate using Thycotic Secret Server Premium Edition Password Management Suite
• Comfortable with Linux Containers
• 2 years of general AWS EC2/MS Azure technology
• 6+ years using SAINT's LEAN SDLC practices
• Can work individually or thrive in a team
• Strong written/oral communication and technical writing skills

PROFESSIONAL EXPERIENCE:

Confidential

Security Engineer

Responsibilities:

• Engineering, implement ion and monitoring security measures for the protection of computer systems, networks and information throughout entire corporation nationwide
• Identifying and defining system security requirements
• Designing a system security architecture and developing a detailed security design
• Preparing and documenting standard operating procedures and protocols
• Configuring and troubleshooting security infrastructure devices and services
• Developing technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
• Assisting with management, configuration, and ongoing maintenance of Web Application Firewalls (WAF) and load balancers to include Imperva and F5
• Writing comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement
• Determining security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates
• Planning security systems by evaluating network and security technologies defining requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, load balancers, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards
• Implement security systems by specifying intrusion detection methodologies and equipment; directing equipment and software installation and calibration; preparing preventive and reactive measures; creating, transmitting, and maintaining keys; providing technical support; completing documentation
• Verify security systems by developing and implementing test scripts
• Upgrade security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements
• Prepare system security reports by collecting, analyzing, and summarizing data and trends
• Update job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations

Lead Product Support Engineer

Responsibilities:

• Comprehensive investigation of client vulnerability scanning internal/external assessments dissecting various scenarios using reports, log files, network traces, configuration files, network diagrams or duplication of the condition managing cases until resolved.
• In-depth analysis of client penetration testing scan outcome, post-exploitation and social engineer tools facilitating a better understanding of vulnerability existence, risk quantification and security posture against informational assets.
• Guidance in the configuration and usage of a diverse set of vulnerability/penetration/compliance/configuration policies, exploit tools and vulnerability-specific exploits.
• Assist QSA in SAINT’s ASV service work performing disputed results analysis of customer quarterly PCI scan data submitted via WebSAINT(SaaS) customer portal managing the client through the ASV attestation process
• Assist clients in remediation efforts providing guidance towards a resolution .
• Support SAINT’s ASV AOC service performing disputed results analysis of customer quarterly PCI scan data submitted via WebSAINT(SaaS) customer portal managing the client through the ASV attestation process.
• Responsible for assistance in configuration, installation and implementation of SAINT's security suite, SAINTCloud(SaaS) and turn-key appliances.
• Configuration assistance of product with IBM Qradar SIEM, Cisco ISE (Asset Quarantine) and Cisco Firesight (risk data correlation).
• Mentoring and training of newly hired engineers acclimating them with the entire SAINT product line and support procedures.

Lead QA/DevOPS Engineer

Responsibilities:

• Debian/Ubuntu LXC container image administration, creation and maintenance of build scripts for testing environment.
• Unit and regression testing of various aspects of SAINT unconventional Agile development/release cycle performing root cause analysis and documenting defects as needed in Redmine tracking system.
• Acceptance (Alpha and Beta) testing working in collaboration with prospected customers in meeting delivery requirements
• Smoke exploratory testing in identification and debugging of software defects
• Daily automated/manual pre-release/post-release application testing using Selenium WebDriver/IDE and standard installations.
• Daily REST API (HTTP, GET, POST, PUT & DELETE) functionality testing of entire product.
• Development of assorted testing/build scripts as needed using Selenium WebDriver/IDE written in Python and BASH.
• Assist DevOPs team in annual recertification of SAINT as an ASV (PCI Approved Scanning Vendor) overseeing scanning operation using various tools.
• Testing software on various distributions (Ubuntu, Debian, CentOS, Redhat, Fedora, SuSe, Kali, Mac) and virtual environments (VMWare Suite, Oracle VirtualBox) to ensure compatibility.
• Oversee backup operations of mission-critical Linux infrastructure, websites and various development servers using Linux shell scripts.
• Integration testing IBM Qradar SIEM, Cisco ISE (Asset Quarantine) and Cisco Firesight (risk data correlation) and Splunk.
• Mentoring and training of junior/newly hired QA engineers with companies QA process.

Lead Pre-Sales Engineer

Responsibilities:

• Designing, developing and delivering product presentations, demos and evaluations directed at current or prospective customers in Spanish/English.
• Providing pre-sales engineering assistance with design, configuration and implementation of the various SAINT products.
• Continuing post-sales engineering support and training on the core functionality of the product, establishing and cultivating ongoing business relationships with customers and business partners to facilitate additional business opportunities.
• Delivering recommendations on solutions on customer requirements that result in the closing of new sales.
• Reviewing reseller technical documents such as RFP's, RFI's and proposals recommending changes as needed for prospective customers.

Junior Developer/Vulnerability/Exploitation Researcher

Responsibilities:

• Regular integration of Microsoft Patch Tuesday vulnerability checks, CVE associations and tutorial content written in C/HTML submitted using CVS version control repository.
• Periodic 5 < CVSS score vulnerability research, engineering non-intrusive test methods and assimilation of checks into product.
• Proactive exploitation research, exploitation tool research and integration into product.
• Daily research on improving unauthenticated/authenticated testing methods bring greater value to our customers