Summary of Capabilities / Experience

• Systems: Computers / Servers, Networking, LAN/WAN Operations, Security Operations Center SOC , Critical Incident Response Team CIRT , Computer Security Incident Response Team Lead CSIRT
• Hardware: X86 based workstations servers, Firewalls, Routers Switches, printers
• Software: Linux Remnux, Kali Linux, BackTrack, Red Hat Enterprise 5 and 6, Fedora, CentOS, Ubuntu iptables, VMware, Metasploit Framework, Nessus, Nmap, Apache, Microsoft Windows Server and Workstation, Arcsight, Internet Information Server, Microsoft Office, Visio, Cisco MARS, Enterasys Dragon, ISS Site Protector, Tivoli NetCool, Rapid7 Nexpose, OWASP ZAP, Burp Suite Pro, Netwitness, Splunk, Network Miner, McAfee Vulnerability Manager, Sourcefire, Tenable Security Center
• Malware Analysis Tools: System Monitor, Process Explorer, CaptureBAT, Regshot, BinText, LordPE, QuickUnpack, Firebug, PELister, PEiD, IDA Pro, OllyDbg, OllyDump, HideOD, Rhino, Malzilla, SpiderMonkey, Jsunpack-n, Honeyd, NetCat, Wireshark, curl, wget, xorsearch, SWFTools, Fake DNS
• Programming: HTML, VB, Java, some C , Basic Assembly Knowledge
• Protocols: TCP/IP, SMTP, DHCP, FTP, HTTP, SMB
• 12 years of system / network experience
• Security Clearance: DoD Secret, DoD Top Secret SSBI

Linux Experience

• Over 6 years Linux experience - desktop and server administration
• Deployed Samba in a diverse network environment between Fedora, CentOS, and Windows
• Knowledge of setup / repair of hardware and software in desktop and server environment
• Knowledge of setup / repair of hardware and software mdadm RAID
• Familiar with Apache web server Basic configuration and administration

Windows Experience

• Server administration - Windows NT environments up to Windows 2008 environments.
• Workstation administration - Windows 95 up to Windows 7 environments.
• Knowledge of setup and administration of user accounts, and file and printer sharing in a Windows Server environment supporting in excess of 100 nodes.
• Knowledge of setup and administration of Microsoft Exchange in an Enterprise environment

Work Experience

Confidential

Sr. Information Assurance Engineer, Staff / Security Engineering Lead

• Lead and perform all enterprise security architecture and engineering projects in respect to security engineering tool deployments and upgrades
• Critical incident response lead
• Work directly with chief architect and senior management on all enterprise security recommendations and changes.

Confidential

Sr. Information Security Engineer

• Perform internal penetration testing on company products and services to include mobile applications, network infrastructure, and web applications utilizing commercial and open source tools and products.
• Vulnerability management utilizing commercial products such as Rapid7 Nexpose, Tenable Nessus, Qualys, Appscan and other top industry tools.
• Incident response and serve as a Level 3 escalation resource for a 24/7 Security Operations Center.

Confidential

Cyber Security Operations Team Lead

• Work with Government leadership to develop processes, procedures, and workflows within CyberSecurity Operations.
• Manages a team of 5 Security Analysts / Engineers providing direction to assist in the resolution of various computer security incidents involving PII, malware, forensics, and network intrusions.
• Monitor and maintain the integrity and security of the DOI/NBC email system with the use of a dual layer data Loss Prevention DLP solution utilizing solutions from Websense and Symantec.
• Utilize Arcsight to monitor and respond to network traffic anomalies from various endpoints to include firewalls, routers, switches, and servers running various flavors of Microsoft Windows and Unix.
• Review and approve Firewall change requests as defined by the DOI security policy in addition to industry standard security best practices.
• Develop project plan and execute the deployment of ForeScout CounterAct throughout the DOI/NBC environment to provide network access control and ensure all networked devices on the network are validated.

Confidential

Computer Security Incident Response Team Lead

• Serves as an escalation point for all enterprise issues related to the infrastructure and all connected endpoints.
• Senior Information Security Analyst providing network analysis, and configuration guidance to a government customer.
• Serves as a direct point of contact for Government personnel running sensitive and classified investigations that require highly technical skills in information gathering and analysis.
• Monitors network devices and workstations for anomalies based on security best practices, recommends and applies changes to infrastructure systems and devices.
• Coordinates and performs vulnerability scans of government sites using Tenable Enterprise and NMAP.
• Administrator and Operator of McAfee ePO TOPS Suite manager over 22,000 endpoints.

Confidential

• Level 2 Computer Security Analyst providing network analysis, incident response to various Commercial customers in a Managed Service Provider environment.
• Lead content developer, analyst, and administrator of Arcsight.
• Assisted with security policy and other security related documentation development to meet ISO 20000 accreditation.

Confidential

• Supports Cisco switch connectivity issues in an administrative capacity
• Supports government personnel with network connectivity issues at both the switch and workstation endpoints.
• Network Cabling and testing of Cat5, Cat5e, Cat6 and some Fiber runs
• Assists server team with backups using Veritas

Confidential

• Level 3 Analyst providing network and administrative support to government personnel around the world
• Supports and trains new personnel on several proprietary government applications in which I am a subject matter expert for.
• Trains new employees in user account creation and administration in a Microsoft Windows and Novell environment.
• Recognized as top performer in my department during my time of employment

Confidential

• Responsible for support and setup of employee workstations, telephone extensions, printers, and all other needs in the office.
• Provides support and administration with active directory in a windows 2000 server environment.
• Supports windows 98, 2000 professional, and windows XP machines on the network.