SUMMARY

• Over five years Information Technology experience including servers, routers, Cisco firewalls, network security and various areas of IT infrastructure.
• Skilled professional who has a strong education background of network administration and IT security.
• Managed network systems and provided application level support to end - users.
• Utilized several network enterprise security-related tools, and authored numerous reports and documents.

CORE COMPETENCIES

• Utilized NetWitness Investigator for threat analysis, integration to ArcSight ESM 5.02.
• Network Administration, monitoring networks for vulnerabilities or intrusions.
• Active Directory: created user accounts for new employees, created distribution lists.
• Group Policy: assigned employees to different categories based on their job title, and responsibilities
• Multimedia: Adobe Photoshop, Flash; Software Design: Alice
• Familiar with Snow Leopard and Linux versions Ubuntu, Fedora, and Knoppix using VMware Workstation
• A broad understanding of computer hardware and software, including things such as installation, configuration, management, troubleshooting, and support.
• Proficient in installing and configuring Windows Server 2003 & 2008 and Windows XP Professional Client Operating Systems
• Proficient in Microsoft Office Applications (Word, Excel, Access & PowerPoint)
• Use of Internet effectively for research
• Great customer service, communication, leadership and teamwork skills

PROFESSIONAL EXPERIENCE

Cyber Security Analyst

Confidential, Mclean, VA

Responsibilities:

• Monitor and Support the cyber security and network security compliance of assigned subsidiary divisions. Measure non-compliant aspects, formulate remediate efforts, create remediation plan and measure progress to reaching goal. Work with key stakeholders, management, and project teams to formulate goals, standards, processes, and policies to assist with compliance management.
• Utilize security tools such as IBM QRadar, Source Fire, and Fire Eye to identify potential threats or comprises.
• Create informative and accurate Incident Response reports, open BMC remedy tickets.
• Works with senior IT engineering staff to ensure the proper operation and performance of customer products and/or services are appropriate and operating as intended and to troubleshoot and fix as required.
• Conduct security research on latest IT security threats such phishing emails or campaigns and malwares.

Cyber Security Engineer

Confidential, Fairfax, VA

Responsibilities:

• Provide real-time security monitoring, integrating, intrusion analysis and incident reporting of Army network and IT infrastructure utilizing ArcSight ESM.
• Develop and test new content and using ArcSight ESM 5.5 filters, rules, data monitors, active lists, session lists, dashboards, reports and trends.
• Manage the operation of ArcSight Security Information and Event Management systems to include ArcSight ESM 5.5, Connector appliances/SmartConnectors, Logger appliances, Linux servers, network devices and backups.
• Support numerous cyber security technical capabilities and infrastructure onsite and at several remote locations.
• Provide technical support to Computer Network Defense (CND) team. Respond to day-to-day security requests relating to ArcSight operations.

Cyber Security Operator

Confidential, Beltsville, MD

Responsibilities:

• Conduct CIRT operational duties in accordance with documented processes and procedures.
• Detect, create tickets, report, and perform classification of computer security events and incidents. Coordinate with internal and external teams as needed to analyze events.
• Response/Remediate IDS alerts on Symantec SIM, alerts such as ZeusBot, Port 53 call outs, Suspicious PDF, and etc. Response/Remediate to FireEye alerts such as DNS alerts (Worms, Trojans, etc) and malicious emails.
• Utilize NetWitness 9 to pull PCAP, MD5 and create actionable tickets based on searches. Utilize Splunk to determine depositions of emails, DNS and pull reports Utilize IBM Site Protector to create Hunter tickets and pull reports. Utilize Virus total, URL/IP void, Sucuri, Anubis, Rex Swain, and others for analysis and remediation steps.
• Receive and process events accurately, professionally, and efficiently

IT Security Analyst

Confidential, Washington, D.C.

• Configure and Deploy new confidential, Loggers, Smart Connectors, Flex Connectors as required collecting data feeds. Assist in the proper operation and performance of ArcSight ESM, Loggers and connectors. Integrated data feeds (logs) of several government systems, applications and databases.
• Provide recommendations and implement changes to optimize ArcSight products in the customer environment. Support the client in fact finding or case supporting tasks as it relates to ArcSight via Remedy portal, email and etc.
• Evaluate relative ArcSight product advancements and provide recommendations to the customer. Provide technical support for Architectural, Engineering, Testing, Vulnerability Assessment processes.
• Provide technical expertise and support for: risk assessment; security planning and policy; education, awareness and training; system reviews/evaluations; computer investigations and forensics; reviews, inspections, audits and other evaluations performed on Contractor facilities and operations; technical engineering solutions.
• Evaluate security related technologies and services. Develop or support development of Standard of Operation Procedures documents, related documentations and recommendations.

System Administrator

Confidential, Falls Church, VA

• Experience administering DNS, DHCP, File, Print, Active Directory, and Group /Security policies in an enterprise network environment. Stay current with system information, updated security patches on servers and machines. Provide day-to-day systems and server backups and verify the validity of the data.
• Intrusion Detection System Snort: configured & deployed on company’s network to understand anomalies within production & stage environments.
• Installed and configured VMware ESX 4.1. Deployed several virtual machines in production and stage environments. Data recovery utilizing Forensics Toolkit or Get Data.
• Audited privileges to ensure that user accounts correspond to appropriate privileges assigned in accordance to the organizational policy. Reviewed audit files and security logs for potential vulnerabilities and problem-related issues.
• Provided, diagnose, research and resolve security related or technical issues then document solutions. Used protocol analyzes software such as Wireshark, Etherape: Analyzed HTTP, TCP, UDP, ARP protocols.
• Experience utilizing Cisco ASA 5505 firewall such as configuring and maintaining access list.

IT Specialist

Confidential, Annandale, VA

• Configured and registered new company laptops to their networks, and domains with use of Cisco routers, and switches. Installed software such as Symantec Antivirus Endpoint 11, Websense 6.3, including security patches updates with the new virus, and spyware definitions.
• Monitored new systems for any vulnerability against latest security warnings on malicious Internet events including spyware, phishing, spam, crime-ware, and compromised Web sites
• Maintain company product such as laptops, other in-use equipment. Request to upgrade memories on different computers, and laptops. Troubleshoot network, printing, scanner issues via remote desktop tools daily
• Respond to support requests made in person, by phone and email, then document the problem, the action taken and the resolution in documentation management system
• Active Directory: created user accounts for new employees and assigned them to proper security group, created distribution lists. Blackberry: Activate Blackberry's, configured emails exchange servers and provide Level 1 and 2 support to end users also testing and qualifying new devices and applications to ensure feasibility and usefulness

Computer Lab Assistant

Confidential, Alexandria, VA

• Monitored system performance, and provided security measures, troubleshooting and maintenance as needed
• Set up user accounts, regulating and monitoring file access to ensure confidentiality and proper use of access
• Designed and implemented network configurations, network architecture (including hardware and software technology, site locations, and integration of technologies), and systems
• Maintained the peripherals, such as printers connected to the network
• Identified areas of operation that needed to upgrade equipment such as modems, fiber optic cables, and telephone wires. Train users in use of equipment