SUMMARY:

• Over 24 years of IT related experience entailing: 20 years’ experience as System Engineer/Administrator for SMB and large enterprise organizations running heterogeneous environments running UNIX (AIX, Sun, SCO), Linux ( RedHat, SuSe, CentOS, Fedora, Kali Linux,Open Client, Timbuktu ), and Windows. Almost 19 years of UNIX administration for Confidential AIX/Linux/Solaris/SCO enterprise environment running 3,000 servers (clustered and non - clustered) for multi hardware platforms including Sun, Confidential and Compaq/HP.
• More than 7 years of handling Database security ( Imperva SecurePhere 11.x, 10.x ) to secure sensitive data stored in databases against compromises of their confidentiality, integrity and availability and providing real-time protection against cyber security threats, data loss and failure to meet audit requirements.
• More than 5 years of Unix/Linux security experience related to identification and authentication, Authorization and access control, auditing and accountability.

TECHNICAL SKILLS:

Hardware/Software: Confidential AIX 5.3 ML 4/ 5.2 ML 05, Confidential NIM - Network Installation Management, Linux Fedora21/20, Linux CentOS7/6.5, SuSe Linux11SP3, Sun Solaris, Linux RedHat7/6, Linux Timbuktu, Kali Linux, SCO Open Server, Imperva, Rapid7, Qualys, Windows NT/2000/XP server and workstation, MySQL-Mariadb, Nagios, Cactus, MyownCloud, MS Exchange 2003/2000/5.5/4.0, Checkpoint, DHCP, WINS, DNS, MS SQL server, Netscape Web server, Netscape Navigator, Confidential compatible, Intel, Macintosh, HP servers/blade servers, Dell, Compaq,, Cisco 2500 router, HP hub, Microsoft Office 95/97/2000, MS Outlook, Lotus Notes, Access, dBase, Visio, ProComm Plus, MS IIS, Net Beui, Ethernet, Norton Utilities, MS Explorer, Laplink, Timbuktu Pro, PC Anywhere, Help Star, TCP/IP, Lotus Suite, DOS.

PROFESSIONAL EXPERIENCE:

Confidential, Glendale, California

Sr.Unix/Linux/Imperva Dbase Security Engineer

Responsibilities:

• Plan, implement, upgrade and monitor security controls for the protection of TWCC computer networks and information systems. Perform assessment phase of Vulnerability & Threat Management process. Also, assist with maintaining compliance for industry certification such as PCI as well as create and maintain reports for both compliance and internal system audit data.
• Assist Disney Engineering team to migrate and on-board 70 Dbase PCI-Prod apps to Imperva Security Dbase Tool. Provide recommendation for system automation and participate in on-going automation and operational projects as well as document found issues and associated resolutions to existing problems.
• Upgrading Disney current Imperva version from 10.5 to 11.0 and 11.5 in all of its MXs and SOM. Also participate in reviewing of current project documents for future audit by state and federal.
• Setup private cloud with AWS based VirtualBox, Wildfly, Postgresql, Postfix mailing system with hardened security on Linux.
• Successfully upgrade all of Imperva Security issues to pass both Disney Internal Security and external Audit Security to be able to comply with current PCI and SOX audit . Not only to assist with execution of projects related to my areas of responsibility but also to adhere to security policies, processes and procedures as well.
• Ensure appropriate security policies and controls are in place that will safeguard digital files and vital electronic systems. Perform assessment as well as troubleshooting and help isolate issues.
• Good and extensive working experience on Cloud Systems(AWS or Google Engine)
• Respond to computer security breaches and viruses. Provide operational oversight of users and privileged users by reviewing and enforcing security and other standards. Participate in variety of OS patch management and coordination. Cooperate/develop and test Linux security patch packages with other teams and vendors as well as troubleshoot Linux OS and application security patch installations.
• Review proposed change control request to ensure proper alignment with TWDC policies standards and guidelines. Follow pre-defined actions to handle issues based on severity including escalating to other support IT groups. Familiar with Chef, Puppet and Cobbler.
• Issue, follow-up on, resolve or drive resolution of open security event tickets as well as working ongoing maintenance and administrating of assigned systems as needed.
• Perform Service Delivery of Security Operations Infrastructure
• Provide coordination for security event detection, identification and resolution. Experience with one or more of the following security vulnerability assessment and management tools (McAfee MVM, Qualys, and Rapid7)
• Provide technical assistance in the selection, configuration, and maintenance of network security devices including, but not limited to, WAF, Network-based Malware detection and related platforms. Familiar and understanding of Splunk and its log management such as its usage to support wide range of log management uses cases including log consolidation, retention, security, and IT operational troubleshooting.
• Develop technical security standards to support policies including assisting in creating and coordinating security monitoring standards and incident investigation procedures.
• Serve as a technical resource in advising and assisting all departments and schools for issues relating to network security.
• Engage with cross-functional teams in the design and implementation of security projects and initiatives
• Assist with the development of metric and scorecards in support of the information security program for quarterly and annual Information Security reports to executive management
• Promote awareness of applicable security policies and standards
• Implement or coordinate remediation required by Federal/State audits (SOX,PCI,Internal IT Security), as necessary
• Collate security event data to produce monthly exception and management reports.
• Respond to and, where appropriate, resolve or escalate reported security incidents.

Confidential, Montery Park, California

Sr.Unix/Linux/Security Engineer - Consultant

Responsibilities:

• Project (on-going): Working with Confidential vendor(CA) to integrate and setting up IDM/LDAP to centralize all Unix/Linux user and group accounts. Evaluate current operating systems and system support software packages and trying to ensure they are appropriately integrated into the IDM project. Evaluate and coordinate the installation, testing and implementation with all affected areas. Analyze various methods of how to control information security problems, determine the strengths and weaknesses of each method and implement the best cost justified solution. Identify weak links in IDM project if existed, and determine how to mitigate the control deficiencies. Assist Confidential in deploying Imperva DAM solution as well as identifying critical data to be hosted in critical Dbase.
• Handling and working with multidisciplinary cross functional IT including Security teams to gather and analyze product requirements and propose infrastructure solutions and specifications. Participating in Dbase assessement phrase and hardware implementation phrase.
• Perform all maintenaince for IT security duties to support and protected environments. Ability to program using scripts and programming language such as Perl, Python, Java script and others to detect/solve problems and to automate repetitive tasks.
• Participate in all phases of the development from a medium to a large scale distributed system as well as giving advise to solve complex problems by applying available advanced troubleshooting techniques in Systems, Networking and Applications.
• Having strong communication skills both verbal and written as well as the ability to work independently (self starter) and in team environment, ability to response/support critical situations and quickly adapt to defined process and procedures if needed. Enjoying to work on solving challenged problems.
• Responsible for the administration of a comprehensive Information Security program . Manage the development and implementation of security policies, standards, guidelines and procedures to ensure ongoing maintenance of security. Design, develop, customize, install, test, implement, and maintain operating system software, propriety system software and hardware infrastructure or connectivity capability; monitor and tune systems for optimum performance. Review the designs of proposed major applications and upgrades for compliance with security policy; perform routine security audits, report findings and recommend related system enhancements, monitor, and research possible security threats and communicate alerts and recommendations to the appropriate staff member

Confidential

Data Center Security Engineer

Responsibilities:

• Supported for implementation, troubleshooting, and updates of applications on servers (approx 4,000 Unix/Linux and Window servers).
• Managed system cloud infrastructure and all related processes.
• Provided support for day-to-day operations in the Development, Test, Stage, QA, and
• Production environments included the following:
• Account Management and Security:
• Software / OS updates and patching.
• Evaluating new operating systems and system support software packages and ensure they are appropriately integrated into the security frameworks.
• Analyze various methods of controlling information security problems, determine the strengths, weaknesses of each method and implement the best cost justified solution.
• OS installations and configuration on new servers on both Physical and Virtual machines based on customers' specification needs.
• Hardware setup and Configuration.
• Server decommissioning activities.
• Execute and enhance monitoring systems used to detect and report security violations. Plans and design appropriate security system configuration changes required to support business needs.
• Coordinates the installation with other IT areas, performs testing and implementation with all affected areas.
• Managed and provide directions to Confidential -India Unix/Linux team on projects and tasks on both current projects and in-coming projects.
• Assisted developers with isolation and resolution of application issues which are service, operating system or hardware based.
• Provided early life cycle support on solutions deployed to production.
• Provided support for day-to-day operations in the Development, Test, Stage and Production environments to include the following:
• In-depth knowledge of AIX, Linux ( RedHat, SuSe, CentOS, Open Client, Fedora, and Timbuktu ), familiar cloud-AWS with VMWare Virtualization VCP vSphere5, Cisco UCS, Cisco PIX, Juniper, Palo Alto.
• Responsible for executing the monitoring systems used to detect and report security violations. This includes duties such as monitoring security events, compliance (based on company IT security policy) and object access and other items as assigned.
• Analyze the results of monitoring to identify, classify, escalate, report and forecast security events.
• Maintain, develop, document and improve the use of the products used by the team. Continue to maintain the systems at satisfactory operating level.
• AWS (Amazon Web Services) - Setup, install, and configure servers on AWS cloud.
• Hands on experience with AWS or other public Cloud-related technologies and tools (S3, Elastic Load Balancer, Redis, etc.).
• Respond to security Incidents. Determine if the violation is a malfunction or is legitimate. Take appropriate action depending on circumstances.
• Experience implementing and/or supporting hybrid cloud infrastructure and cloud automation via APIs.
• Setup, install, and configure VMWare server, LAMP, MySQL, Monitorix, Storix, and KVM.
• Evaluate new operating systems and system support software packages and ensures they are appropriately integrated into the security program.
• Evaluate updates to existing and new security systems and coordinate the installation, testing and implementation with all affected areas.
• Analyze various methods of controlling information security problems, determine the strengths and weaknesses of each method and implement the best cost justified solution. Identify weak links in information security products, and determine how to mitigate the control deficiencies.
• Strong experience with system management tools, logical file systems, and client/server environments.
• Shell programming experience.
• Network, LDAP experience.
• Ability to communicate technical issues with non-technical people.

Confidential

Data Center Unix/Linux Engineer

Responsibilities:

• Systems Administrator for approximately 5,000 UNIX servers in the data center including all hardware support and all the operation of all the servers. Running on both AIX versions 5.3 ML 4 and 5.2 ML 05 with clusters on some servers (production) and non-clustered (non- production).
• Responsible for maintaining cloud infrastructure systems using AWS and Google Cloud
• Responsible for designing, developing, testing, documenting, monitoring and implementing information and network security solutions. Enforcing security strategies and support existing systems in accordance with policies, standards, guidelines, procedures with assignments included:
• Developing and/or defining the security standards for new and/or existing business applications to be used in different departments within the bank.
• Monitoring and researching security events, SOX security compliance, and object access at the network, data, and operating systems including application levels to reduce the risk to the Bank.
• Identified user, functional, and technical requirements for various information systems (e.g., computer systems, software applications, database systems, network systems, etc.) by conducting user interviews, surveys, and/or focus groups; performing work-flow analyses; performing data analyses; identifying patterns in system and/or user errors to use as input for security usages; identifying security requirements; testing the functionality of modules, components, and/or entire information systems; performing system and network diagnosis and trend analyses; reviewing training materials; and assessing issues related to feasibility, time requirements, costs/benefits, and build/buy decision-making, etc.
• Supported existing servers running various UNIX operating systems, including Solaris, AIX, Linux Red Hat on various hardware platforms, including Sun, Confidential and HP, by monitoring the various information systems, modules, and/or components along with security as well.
• Set up and configuring hardware and system components for local systems; installed and configured software (e.g., operating systems); optimized system performance; and providing various troubleshooting, maintenance (e.g., updates, patches, back-ups, etc.) and technical support.
• Researched new information systems, modules, and/or components by conducting comparative analyses and product evaluations of hardware, software, network systems, data systems, components, and/or related processes, etc. in order to evaluate the product's capability to meet the business user requirements.
• Provided server administration in support of all core services with an emphasis on PeopleSoft HR. Assisted in designing implementation and conversion project plans by conducting and participating in the design phase; conducting a variety of preliminary tests (e.g., unit, integration, production simulation, load, network, etc.); and collaborating with project managers, users, technical staff, programmers, and various vendors to produce project timetables, task assignments, and testing criteria.
• Provided hardware, software, and operating system research, evaluation, testing, installation and configuration, system analysis and design, network configuration, troubleshooting, resource monitoring, scripting and automated tasks for AIX, Linux, Solaris events, backing up and restoring data using Confidential AIX-NIM master and clients methodology, disaster recovery planning, developing procedures and task plans, and managing projects from definition through implementation.
• Hands-on Perl and Korn Shell programming and experience in HMC, P4/5/6 servers, and Storage solutions. Setup of redundant HMC and service processors, firmware upgrades and configuration of redundant Virtual IO Servers using Confidential HACMP (High Availability Cluster Multi-Processing) solution for Confidential System P platforms. Custom create RPM packages in-house for various clients to use for their own applications.
• Responsible for users’ management security audit on both internally and as well as SOX state and federal audit. Used Maximo Work Management to manage both planned and unplanned maintenance activities, from initial work request and work order generation through completion and recording of budget data.
• Rack and stack servers based on specifications.
• Managed the ESE Lab including all of the servers, hard drives, all server parts, and all server hardware.