TECHNICAL SKILLS:

Operating System: Windows 7/8 and Windows Server 2008 operating systems, Solaris, Mac OS X, Red Hat Enterprise Linux, Ubuntu/Debian Linux Desktop and Server Edition, Android

Security Skills: Knowledge of Network Security, Web Application Security, McAfee and IBM ISS Proventia (IPS/IDS), CheckPoint Firewall, secure protocols (SSH, IPSEC, SFTP, SSL/TSL, HTTPS etc), Hacker Methodologies and Tactics, SQL Injection, OS Command Injection, Cross - Site Request Forgery, Cross-Site Scripting, Incident Response, Host and Network Forensic, Malware Analysis, Penetration Testing, Vulnerability and Risk Assessments, Data Encryption, OWASP Top 10, SANS/MITRE Top 25. Experienced with Sysinternals, RegShot, CaptureBat, LordPE, Wireshark, tcpdump, Snort, Nessus, Nexpose, Nmap, Paros and BurpWeb Proxy, Backtrack, SamuraiWTF, OWASP Mantra and Metasploit

Systems Administration Skills: Experience working within NOC environment configuring and managing Active Directory GPO and Site Replication, VMWare ESX 3.5, WSUS, DNS server, DHCP server, File server, Print server and Domain Controller, system and data recovery, Symantec Antivirus, McAfee Antivirus, implementing OS patches, MySQL, ORACLE

Network & Communications: LAN/WAN, Ethernet, Wireless, ICMP, FTP, HTTP/HTTPS, TCP, UDP, SMTP, LDAP, DNS, WINS, DHCP, VPN

Application Security: Java, Python, x86 Assembly, SQL, C#, HTML 5, Ajax, Web Services, SOA, SOAP, RESTful, Secure Code Review, Threat Modeling

EXPERIENCE:

Confidential, Washington, DC

Senior Application Security Specialist

Responsibilities:

• Acted as the security architect to ensure that security was being designed into all aspects of the underlying systems.
• Perform application risk assessments and threat modeling.
• Provide recommendation to resolve application security vulnerabilities.
• Reviewed JAVA, ColdFusion, PHP source code for security vulnerabilities.
• Audited web applications using IBM Rational AppScan, Burp Suite Pro, and a variety of open source security testing tools.
• Performed computerincidentresponse, investigation, and mitigation.

Confidential, Washington, DC

Software Security Tester

Responsibilities:

• Performed secure code reviews (Web Applications and Thick Client Applications), web penetration testing, and secure SDLC integration.
• Reviewed .NET(C#) source code for security vulnerabilities.
• Reverse engineered applications to detect security vulnerabilities.

Confidential, Washington, DC

Security Engineer

Responsibilities:

• Configured and deploy secure Windows operating system.
• Performed vulnerability scans using Nmap, Nessus, NetSparker, MBSA and Nikto.
• Performed Network, Systems and Web Application penetration testing.
• Performed security source code review of JAVA and PHP using Fortify and RIPS.
• Performed malware analysis including reverse engineering using disassemblers and debuggers (IDA Pro, OllyDbg), as well as related tools and utilities.
• Performed computerincidentresponse, investigation, and mitigation.

Confidential, Washington, DC

Computer Security Specialist

Responsibilities:

• Performed malware analysis including reverse engineering using disassemblers and debuggers (IDA Pro, OllyDbg), as well as related tools and utilities.
• Assisted with computerincidentresponse, investigation, and mitigation.
• Conducted computer forensics investigation using EnCase.
• Performed vulnerability assessment and (web application, servers, network devices) penetration testing, coordinating mitigation efforts with information system owners.
• Assisted with internal security auditon servers, workstations, network devices and web applications.
• Performed network and vulnerability scans using Nmap, Nessus, GFI Languard, MBSA, Nexpose, and Nikto.
• Monitored windows workstations and servers, Unix and Linux servers, and network devices to verify controls were implemented correctly and up to date.
• Monitored security events and logs with Trustwave SIEM from McAfee and IBM ISS Proventia (IPS/IDS), CheckPoint firewalls, network devices, Linux/Unix and Windows servers, Windows Desktops, Databases, McAfee anti-virus, and Motorola AirDefense Wireless IDS.

Confidential, Sliver Spring, MD

Help Desk Engineer

Responsibilities:

• Provided technical support for moderately complex problems in a timely manner.
• Provided support for Windows XP and Mac OSX operating system by phone, in person, and remotely.
• Performed in-depth technical advisement and problem resolution on Intel-based hardware and software problems including operating system (OS), file operations, local and networked printing.

Confidential, Washington, DC

Information Technology Specialist

Responsibilities:

• Provided in-depth technical advisement on cross-platform problems and issues.
• Troubleshoot network connectivity within LAN.
• Assisted in providing support for over 13,000 systems running Windows XP/Vista, Windows server 2000/2003 and Mac OSX operating system.

Confidential, Washington, DC

Information Technology Specialist

Responsibilities:

• Managed user accounts, permissions, E-mail, anti-virus, anti-spam, installs, configures, and optimizes operating systems.
• Configured and maintain/patch/backup Windows 2000/2003 Domain Controllers, DNS server, Print server, DHCP server.
• Assisted in managing Windows 2000/2003 Active Directory design and installation and design and deployment of enterprise-wide Group Policies using Active Directory components.