SUMMARY:

• Cleared, highly versatile IT professional with over 20 years of collective experience in all facets of Information Technology and Security is seeking an exciting new position to continue my career growth.
• Possess a diverse technical (Jack of All Trades) background with advanced troubleshooting expertise relating to all forms of Information Technology
• Experienced using Windows, Linux/BSD/Solaris Operating System, tools, and services.
• Experienced in the systems design, engineering, implementation, and operations of large - scale Enterprise network and security infrastructure including Firewalls, IDS, EDR, SIEM, Monitoring, etc.
• Hands-on experience with Cisco routers/switches, Cisco IOS and routing protocols, network configurations, and network troubleshooting.
• Extensive hands-on Security Monitoring, Investigation and Design experience with Splunk, Active Defense, ArcSight, Tenable Security Center, Enterprise Firewalls, Enterprise Intrusion Detection Systems (Cisco FirePower)

SKILLS:

Self-starting professional with excellent oral and technical writing skills, excellent interpersonal skills. I possess a strong ability to speak at all levels with thorough understanding of business and technical issues. Wireless 802.11b, Wireless Security (WEP/Radius), FreeBSD 4.x/5.x,Fedora, Red Hat Linux, NT Server 4.0/2000/2003 , NT Workstation, Cisco IOS, Windows 9x/2000, Symantec Raptor Firewall 6.x/7.0, Cyber-Guard 6.2.2/6.4.2 , CheckPoint NGX, Provider-1, Novell, MS Internet Information Server, MS Exchange 5.x, MS FrontPage 98/2000, MS Office Suite, TCP/IP, CDPD modems, Routing, Hub/Switch configuration, Cisco and Cabletron switch configurations, V-LANs, sub-netting, various protocol analyzers & sniffer software, Sun Solaris 5.8 OS, UNIX, Sun Hardware, ACID, Horde/IMP, Qmail, Sendmail, Nagios, NESSUS, Tripwire, Webtrends Enterprise Reporting Server, Webtrends Firewall Suite, Veritas Netbackup Center 3.1 for Solaris/NT, Norton Anti-Virus Center Corporate Edition, RealSecure IDS, MRTG/Raxnet Cacti, SNORT, tcpdump, Gold Disk, ISS SiteProtector, Retina vulnerability scanner, Sidewinder 7.0 firewall, SourceFire/FirePower, RT, ArcSight ESM, ArcSight Logger, ArcSight Connector Appliances (Software & Hardware based), NetApp, EMC, VM-Ware, V-Sphere, Splunk, Splunk ES, Tenable Security Center, Active Defense EDR.

WORK EXPERIENCE:

Confidential

It Specialist

Responsibilities:

• Deployed Tenable Security Center to the DEA enterprise
• Deployed CounterTack Active Defense EDR solution to the DEA enterprise
• Designed Splunk infrastructure for the DEA to replace ArcSight as the primary SIEM tool for the organization.
• Perform lead ArcSight engineering tasks and 3rd level support/troubleshooting for DEA security infrastructure.
• Engineered and implemented RT (Request Tracker), ticketing system. This tool is used for incident response and task tracking for the unit.
• Advise junior staff and assist with 3rd tier containment and investigation in cases of malicious incidents or unauthorized (internal/external) security breaches.
• Designed and implemented a new lab and testing environment with VMWare

Confidential

Sr. Information Security Manager

Responsibilities:

• Maintain and update all DEA ArcSight devices including the ESM’s, Loggers, Connector Appliances, and Smart Connectors
• Implemented Nagios Enterprise monitoring tool for monitoring DEA security infrastructure enterprise wide security infrastructure
• Monitor network for malicious code and intrusions with ArcSight and SourceFire IPS
• Assisted with development of new Security Operation Center; including development of standard operating procedures and Incident Response procedures.
• Assisted with build and deployment of ArcSight connector appliances to DEA Division offices
• Designed and implemented custom ArcSight reports tailored to the environment, including event statistics and anti-virus infections
• Designed and maintained various rules and filters to create main workflow channels for SOC analysts to monitor on a daily basis
• Implemented Nessus 4.2 server and maintaining plug-ins / manage scan policies
• Implemented database reporting tool Intelliview, which provides Oracle and other database reporting via web-portal.

Confidential, Arlington, VA

Sr. Network Integration Engineer

Responsibilities:

• Firewall Implementation and Operations Team Leader and Principle Engineer
• Responsible for optimization of site firewall configurations for proper security and functionality
• Performed Retina vulnerability scans and IAVA analysis for Confidential -Net sites
• Upgraded Confidential -Net Intrusion Detection System from ISS RealSecure to ISS SiteProtector SP-6
• Designed placement of new network IDS sensors to improve the Confidential -Net security posture
• Responsible for building and implementing Confidential -Net Field Site firewalls. (CyberGuard TSP 6.4.2)
• Monitored network for unusual activity via firewalls, sniffers, and Intrusion Detection Systems using ISS.
• Performed coordination for clean-up procedures of classified spillage occurrences.
• Responsible for firewall requests, maintenance, and daily operations for approximately 45 Confidential (Defense Information Systems Agency) sites nationally and abroad.
• Perform LAN/WAN troubleshooting and problem resolution
• Research network security vulnerabilities and inform proper personnel
• Implemented firewall request ticket management system in order to streamline customer requests and maintenance efforts

Confidential, Dulles, VA

Consultant

Responsibilities:

• Responsible for Special Project SCIF network including but not limited to design, implementation, and research of new requirements for customers
• Basic Taclane administration and configuration
• Implemented network monitoring tool Nagios to monitor services on enterprise wide network
• Front-line support of Exchange 2003 and Active Directory integration
• Setup and administer new network and system monitoring tools for corporate network
• Provide basic systems administration and troubleshooting for corporate network as needed

Confidential

Communications Engineer

Responsibilities:

• Provided engineering and design for Web hosting and Treasury bureau networks
• Manage/Monitor Raptor Firewalls, LAN/WAN Security, F5 Big/IP Load Balancers, IDS Systems
• Responsible for hardening of NT/Solaris systems in accordance with government regulation documents
• Responsible for Firewall log processing and metrics reporting using Telemate.NET and Web-Trends
• Implemented firewall log analysis server running Web-Trends Firewall Suite for all Treasury bureaus
• Responsible for Proxy Firewall assessment and intrusion detection utility assessment (Sidewinder, CyberGuard, Gauntlet, Cisco PIX, ISS, Dragon, Snort)
• Performed Disaster Recovery Planning for the U.S. Treasury Communications System (TCS) project
• Responsible for documentation of disaster recovery related procedures for critical and secondary systems