SUMMARY:

• Over 8 years IDS/IPS hands on experience
• Five years experience supporting Content Delivery Networks (CDN)
• Daily environmental firewall monitoring
• Perform weekly DDOS simulation exercises
• Generated and circulated Daily End of Shift (EOS) reports
• Published incidents, alerts and advisories as required.
• Executed constant research pertaining to the latest viruses, worms and malware
• Developed an intimate relationship with US - Cert, NIST and other security resources

TECHNICAL SKILLS:

Routing Protocols: Created test plans, pre/post change control checklists for network device upgrades (CIRB), and Routing Protocols ( RIP, IGRP, EIGRP, MPLS, OSPF, BGP4, IPv4, IPv6 )

Professional working knowledge of: TCP/IP and related Protocols such as DNS, FTP, TFTP, HTTP, HTTPs, SMTP as well as Network Monitoring tools (e.g. HP OPENVIEW, Solarwinds, NETCOOL, FLUKE, Network General Sniffer, cisco works, Wireshark) and Network ticketing and provisioning tools (e.g. Infoman, Remedy, Tivoli, EMACS).

Hardware: Checkpoint firewalls, Cisco ASA firewalls, Cisco VPN concentrator, Cisco/Juniper routers, Cisco switches, Cisco AP s, IXIA, Breakingpoint, IBM mainframes and cluster controllers.

Software: Microsoft, UNIX, JAS, Outlook, Lotus Notes, VPN, Microsoft Windows, SecureCRT, VISIO, Oracle, PCRE, Orion, putty and SSH.

Security tools: Checkpoint, Cisco, Arcsight, ARBOR Peakflow, ARBOR TMS, CITRIX NetScaler, TCPDump, NCPDump, DNStop, WEBtop, Sourcefire, Tippingpoint, Site Advisor, Einstein, Orion, FireEye, RAD, snort, SPLUNK, Websense

Content Delivery: Palo Alto, Baracuda, proxy servers, Content Delivery Networks (CDN s)

PROFESSIONAL EXPERIENCE:

Confidential - Manassas, VA

Cyber Security Engineer

• Use Tactia, UNIX language to check, test and monitor UNIX servers.
• Provided daily Security Operations Center (SOC) support.
• Provide IPS and IDS defenses against Locky Ransomeware.
• Reset LDAP passwords.
• Analyze, decode and resolve snort report issues.
• Performed packet capture and analysis
• Execute security measures using the numerous security tools available.
• Support day to day NOC/SOC activities.
• Perform assign environmental testing.
• Participate and study, UNIX, Security, Wintel and NOC-SOC best practices daily.
• Perform all other duties as assigned.

Confidential - Warrenton, VA

Sr. SOC Engineer

• Provided daily Security Operations Center (SOC).
• Coordinated Tier II & III support on Security hardware and software issues.
• Administered network security.
• Provided Tier I Triage support for system outages.
• Provided Tier 1 Forensic analysis.
• Reset LDAP passwords.
• Train junior engineers and analyst.
• Performed random packet capture and analysis
• Obfuscate numerous security threats on a daily basis.

Confidential - Sterling, VA

SOC Engineer

• Implemented weekly customer simulation DDOS exercises.
• Performed firewall evaluation on the Checkpoint and cisco firewalls..
• Utilized security and firewall best practices.
• Monitored and analyzed the security traffic.
• Configured the rules, acl’s and filters used by the Citrix Netscaler, that governed the security policies.
• Performed initial Forensic analysis of the firewall logs.
• Analyzed daily packet capture and firewall logs.
• Generated daily, weekly, and 72 hours Customer Incident and Final Incident reports.
• Interfaced with customers (via the phone), to assist with service provisioning.
• Implemented customer mitigations where applicable.
• Conducted research pertaining to the latest viruses, worms, malware, Trojans, adware, etc.
• Performed all other Network Cyber Security/Information and DDOS mitigation duties as assigned.
• Obfuscate numerous security threats on a daily basis.

Confidential - Reston, VA

Duty Analyst

• Performed daily Intrusion Detection Sensor (IDS) monitoring to ensure that all sensors are active.
• Performed initial Forensic analysis of Checkpoint and Cisco security logs.
• Built and maintained filters, rules, and acl’s that governed the behavior of the Checkpoint and Cisco firewalls and the cisco and Juniper routers.
• Tested, monitored, installed and maintained Checkpoint and Cisco firewalls.
• Reviewed alerts and packet-level data collected from sensors on a daily basis and report findings to the government Watch Officer (WO).
• Provided incident response functions when appropriate and coordinate activities with field site personnel when directed by the government (WO).
• Obfuscate numerous security threats on a daily basis.

Confidential - Glen Allen, VA

Sr. Network Engineer

• Monitored the network daily and, performed Intrusion Protection analysis and Intrusion Detection for customer clients Enterprise Environment.
• Captured and decoded pcaps of suspected/suspicious traffic. Performed benchmark testing on Checkpoint and cisco firewalls.
• Tested, monitored, installed and maintained Checkpoint and Cisco firewalls.
• Performed initial Forensic analysis of Checkpoint and Cisco security logs.
• Built and maintained filters, rules, and acl’s that governed the behavior of the Checkpoint and Cisco firewalls.
• Performed customer notification regarding suspicious events on their networks.
• Using Arcsight, Online Guardian, and Remedy, I performed monitoring for suspected malware signatures, rules violation, and abnormalities.
• Monitored the firewalls, IPC’s and IDC’s from a central Security Operations Center (SOC) location. Reacted to any and all threats according to procedures.
• Monitored and maintained Protection hardware, including, but not limited to Checkpoint, Sourcefire, Tippingpoint, Cisco, Juniper, Barracuda and Palo Alto.
• Obfuscated numerous security threats on a daily basis.

Confidential, Reston, VA

Sr. Network Engineer

• from the Checkpoint and Cisco firewalls.
• Daily monitoring of the network, perform Intrusion Protection and Intrusion Detection for customer clients Enterprise Environment.
• System upgrades involving Cisco routers, switches and MPLS circuits. Duties include daily monitoring of network throughput and AT&T MIS environment.
• Worked with Sr. Analyst to plan network changes and environment modifications. Prepare and create network reports and make determinations on acceptable traffic thresholds.
• Interact with Telecommunications Services and the Server group for the installation of new voice services, firewalls and application servers.
• Performed all other duties as assigned.

Confidential - Washington D.C

Supervisor, Network Control, Network Analyst, Network Engineer

• Supervised network controls, manage 5 direct reports, set budgets, schedules and support 2500 end-users and 5000 pieces of desktop/laptop equipment.
• Managed an array of technical projects that introduced unified technologies such as voice, video and data and network monitoring tools and storage systems (SAN, EMACS, NETCOOL) as well as projects that allowed Confidential to bring new buildings and data facilities online.
• Physically and remotely configured, troubleshot, and administered users, laptops, tablet PCs, and blackberry devices for onsite and mobile users.
• Performed daily monitoring of the network, perform Intrusion Protection and Intrusion Detection for customer clients Enterprise Environment.
• Built and developed internal “Best Practices”.
• Performed as liaison with Audit Department for numerous department resources audits.
• Improved Data Security and Firewall Protection. Maintained and managed security, firewall and intrusion detection utilizing DEFENDER, Zone Alarm, TACACS, RSA, Palo Alto, Barracuda and Checkpoint
• Developed the desktop security using a firewall protection platform complete with Zone Alarm and POINTSEC.
• Introduced Remote Access VPN Design and supervised the Implementation for Confidential . Re-designed and implemented a Virtual Private Network (VPN).
• Executed Enterprise systems implementation; built in all the bells and whistles, selected a desktop security project, engaged data security team and collaborated on the design, utilizing Zone Alarm, firewalls on every laptop, enterprise wide.
• Spearheaded Y2K Readiness. Prepared Confidential for Y2K, coordinating with internal groups including DMZ, DCF, UNIX, EMM, etc. to confirm Y2K readiness.
• Conducted Disaster Recovery Operations. Managed over 20 Disaster Recovery exercises, IBM Franklin Lakes, SUNGARD and COMDISCO.

Confidential

Sergeant, Field Communications, Communicator

• Served seven years in the Confidential as a field communicator (radio, wiremen and cryptographic), last two active years spent at Quantico as an Enlisted Instructor at the Communications Officer School (COS); in charge of field wire, radio and cryptographic communications.
• Installed phone systems in field headquarters locations, in the US, Europe and Okinawa Confidential .
• Integrated voice and computer systems for Amphibious Warfare simulations exercises.
• Three meritorious promotions.