It Specialist Resume
SUMMARY:
- Cleared, highly versatile IT professional with over 20 years of collective experience in all facets of Information Technology and Security is seeking an exciting new position to continue my career growth.
- Possess a diverse technical (Jack of All Trades) background with advanced troubleshooting expertise relating to all forms of Information Technology
- Experienced using Windows, Linux/BSD/Solaris Operating System, tools, and services.
- Experienced in the systems design, engineering, implementation, and operations of large - scale Enterprise network and security infrastructure including Firewalls, IDS, EDR, SIEM, Monitoring, etc.
- Hands-on experience with Cisco routers/switches, Cisco IOS and routing protocols, network configurations, and network troubleshooting.
- Extensive hands-on Security Monitoring, Investigation and Design experience with Splunk, Active Defense, ArcSight, Tenable Security Center, Enterprise Firewalls, Enterprise Intrusion Detection Systems (Cisco FirePower)
SKILLS:
Self-starting professional with excellent oral and technical writing skills, excellent interpersonal skills. I possess a strong ability to speak at all levels with thorough understanding of business and technical issues. Wireless 802.11b, Wireless Security (WEP/Radius), FreeBSD 4.x/5.x,Fedora, Red Hat Linux, NT Server 4.0/2000/2003 , NT Workstation, Cisco IOS, Windows 9x/2000, Symantec Raptor Firewall 6.x/7.0, Cyber-Guard 6.2.2/6.4.2 , CheckPoint NGX, Provider-1, Novell, MS Internet Information Server, MS Exchange 5.x, MS FrontPage 98/2000, MS Office Suite, TCP/IP, CDPD modems, Routing, Hub/Switch configuration, Cisco and Cabletron switch configurations, V-LANs, sub-netting, various protocol analyzers & sniffer software, Sun Solaris 5.8 OS, UNIX, Sun Hardware, ACID, Horde/IMP, Qmail, Sendmail, Nagios, NESSUS, Tripwire, Webtrends Enterprise Reporting Server, Webtrends Firewall Suite, Veritas Netbackup Center 3.1 for Solaris/NT, Norton Anti-Virus Center Corporate Edition, RealSecure IDS, MRTG/Raxnet Cacti, SNORT, tcpdump, Gold Disk, ISS SiteProtector, Retina vulnerability scanner, Sidewinder 7.0 firewall, SourceFire/FirePower, RT, ArcSight ESM, ArcSight Logger, ArcSight Connector Appliances (Software & Hardware based), NetApp, EMC, VM-Ware, V-Sphere, Splunk, Splunk ES, Tenable Security Center, Active Defense EDR.
WORK EXPERIENCE:
Confidential
It Specialist
Responsibilities:
- Deployed Tenable Security Center to the DEA enterprise
- Deployed CounterTack Active Defense EDR solution to the DEA enterprise
- Designed Splunk infrastructure for the DEA to replace ArcSight as the primary SIEM tool for the organization.
- Perform lead ArcSight engineering tasks and 3rd level support/troubleshooting for DEA security infrastructure.
- Engineered and implemented RT (Request Tracker), ticketing system. This tool is used for incident response and task tracking for the unit.
- Advise junior staff and assist with 3rd tier containment and investigation in cases of malicious incidents or unauthorized (internal/external) security breaches.
- Designed and implemented a new lab and testing environment with VMWare
Confidential
Sr. Information Security Manager
Responsibilities:
- Maintain and update all DEA ArcSight devices including the ESM’s, Loggers, Connector Appliances, and Smart Connectors
- Implemented Nagios Enterprise monitoring tool for monitoring DEA security infrastructure enterprise wide security infrastructure
- Monitor network for malicious code and intrusions with ArcSight and SourceFire IPS
- Assisted with development of new Security Operation Center; including development of standard operating procedures and Incident Response procedures.
- Assisted with build and deployment of ArcSight connector appliances to DEA Division offices
- Designed and implemented custom ArcSight reports tailored to the environment, including event statistics and anti-virus infections
- Designed and maintained various rules and filters to create main workflow channels for SOC analysts to monitor on a daily basis
- Implemented Nessus 4.2 server and maintaining plug-ins / manage scan policies
- Implemented database reporting tool Intelliview, which provides Oracle and other database reporting via web-portal.
Confidential, Arlington, VA
Sr. Network Integration Engineer
Responsibilities:
- Firewall Implementation and Operations Team Leader and Principle Engineer
- Responsible for optimization of site firewall configurations for proper security and functionality
- Performed Retina vulnerability scans and IAVA analysis for Confidential -Net sites
- Upgraded Confidential -Net Intrusion Detection System from ISS RealSecure to ISS SiteProtector SP-6
- Designed placement of new network IDS sensors to improve the Confidential -Net security posture
- Responsible for building and implementing Confidential -Net Field Site firewalls. (CyberGuard TSP 6.4.2)
- Monitored network for unusual activity via firewalls, sniffers, and Intrusion Detection Systems using ISS.
- Performed coordination for clean-up procedures of classified spillage occurrences.
- Responsible for firewall requests, maintenance, and daily operations for approximately 45 Confidential (Defense Information Systems Agency) sites nationally and abroad.
- Perform LAN/WAN troubleshooting and problem resolution
- Research network security vulnerabilities and inform proper personnel
- Implemented firewall request ticket management system in order to streamline customer requests and maintenance efforts
Confidential, Dulles, VA
Consultant
Responsibilities:
- Responsible for Special Project SCIF network including but not limited to design, implementation, and research of new requirements for customers
- Basic Taclane administration and configuration
- Implemented network monitoring tool Nagios to monitor services on enterprise wide network
- Front-line support of Exchange 2003 and Active Directory integration
- Setup and administer new network and system monitoring tools for corporate network
- Provide basic systems administration and troubleshooting for corporate network as needed
Confidential
Communications Engineer
Responsibilities:
- Provided engineering and design for Web hosting and Treasury bureau networks
- Manage/Monitor Raptor Firewalls, LAN/WAN Security, F5 Big/IP Load Balancers, IDS Systems
- Responsible for hardening of NT/Solaris systems in accordance with government regulation documents
- Responsible for Firewall log processing and metrics reporting using Telemate.NET and Web-Trends
- Implemented firewall log analysis server running Web-Trends Firewall Suite for all Treasury bureaus
- Responsible for Proxy Firewall assessment and intrusion detection utility assessment (Sidewinder, CyberGuard, Gauntlet, Cisco PIX, ISS, Dragon, Snort)
- Performed Disaster Recovery Planning for the U.S. Treasury Communications System (TCS) project
- Responsible for documentation of disaster recovery related procedures for critical and secondary systems