Skills Summary

Operating System: Windows 7/8 and Windows Server 2008 operating systems, Solaris, Mac OS X, Red Hat Enterprise Linux, Ubuntu/Debian Linux Desktop and Server Edition, Android

Security Skills: Knowledge of Network Security, Web Application Security, McAfee and IBM ISS Proventia IPS/IDS , CheckPoint Firewall, secure protocols SSH, IPSEC, SFTP, SSL/TSL, HTTPS etc , Hacker Methodologies and Tactics, SQL Injection, OS Command Injection, Cross-Site Request Forgery, Cross-Site Scripting, Incident Response, Host and Network Forensic, Malware Analysis, Penetration Testing, Vulnerability and Risk Assessments, Data Encryption, OWASP Top 10, SANS/MITRE Top 25. Experienced with Sysinternals, RegShot, CaptureBat, LordPE, Wireshark, tcpdump, Snort, Nessus, Nexpose, Nmap, Paros and Burp Web Proxy, Backtrack, SamuraiWTF, OWASP Mantra and Metasploit

Systems Administration Skills: Experience working within NOC environment configuring and managing Active Directory GPO and Site Replication, VMWare ESX 3.5, WSUS, DNS server, DHCP server, File server, Print server and Domain Controller, system and data recovery, Symantec Antivirus, McAfee Antivirus, implementing OS patches, MySQL, ORACLE

Network Communications: LAN/WAN, Ethernet, Wireless, ICMP, FTP, HTTP/HTTPS, TCP, UDP, SMTP, LDAP, DNS, WINS, DHCP, VPN

Application Security: Java, Python, x86 Assembly, SQL, C , HTML 5, Ajax, Web Services, SOA, SOAP, RESTful, Secure Code Review, Threat Modeling

Experience

Confidential

Title: Senior Application Security Specialist

• Acted as the security architect to ensure that security was being designed into all aspects of the underlying systems.
• Perform application risk assessments and threat modeling.
• Provide recommendation to resolve application security vulnerabilities.
• Reviewed JAVA, ColdFusion, PHP source code for security vulnerabilities.
• Audited web applications using IBM Rational AppScan, Burp Suite Pro, and a variety of open source security testing tools.
• Performed computer incident response, investigation, and mitigation.

Confidential

Title: Software Security Tester

• Performed secure code reviews Web Applications and Thick Client Applications , web penetration testing, and secure SDLC integration.
• Reviewed .NET C source code for security vulnerabilities.
• Reverse engineered applications to detect security vulnerabilities.

Confidential

Title: Security Engineer

• Configured and deploy secure Windows operating system.
• Performed vulnerability scans using Nmap, Nessus, NetSparker, MBSA and Nikto.
• Performed Network, Systems and Web Application penetration testing.
• Performed security source code review of JAVA and PHP using Fortify and RIPS.
• Performed malware analysis including reverse engineering using disassemblers and debuggers IDA Pro, OllyDbg , as well as related tools and utilities.
• Performed computer incident response, investigation, and mitigation.

Confidential

Title: Computer Security Specialist

• Performed malware analysis including reverse engineering using disassemblers and debuggers IDA Pro, OllyDbg , as well as related tools and utilities.
• Assisted with computer incident response, investigation, and mitigation.
• Conducted computer forensics investigation using EnCase.
• Performed vulnerability assessment and web application, servers, network devices penetration testing, coordinating mitigation efforts with information system owners.
• Assisted with internal security audit on servers, workstations, network devices and web applications.
• Performed network and vulnerability scans using Nmap, Nessus, GFI Languard, MBSA,
• Nexpose, and Nikto.
• Monitored windows workstations and servers, Unix and Linux servers, and network devices to verify controls were implemented correctly and up to date.
• Monitored security events and logs with Trustwave SIEM from McAfee and IBM ISS Proventia IPS/IDS , CheckPoint firewalls, network devices, Linux/Unix and Windows servers, Windows Desktops, Databases, McAfee anti-virus, and Motorola AirDefense Wireless IDS.

Confidential

Title: Help Desk Engineer

• Provided technical support for moderately complex problems in a timely manner.
• Provided support for Windows XP and Mac OSX operating system by phone, in person, and remotely.
• Performed in-depth technical advisement and problem resolution on Intel-based hardware and software problems including operating system OS , file operations, local and networked printing.

Confidential

Title: Information Technology Specialist

• Provided in-depth technical advisement on cross-platform problems and issues.
• Troubleshoot network connectivity within LAN.
• Assisted in providing support for over 13,000 systems running Windows XP/Vista, Windows server 2000/2003 and Mac OSX operating system.

Confidential

Title: Information Technology Specialist

Managed user accounts, permissions, E-mail, anti-virus, anti-spam, installs, configures, and optimizes operating systems.

Configured and maintain/patch/backup Windows 2000/2003 Domain Controllers, DNS server, Print server, DHCP server.

Assisted in managing Windows 2000/2003 Active Directory design and installation and design and deployment of enterprise-wide Group Policies using Active Directory components.