- Operations Center Engineer/Consultant/Analyst. Extensive experience in 24/7 environments, including shift reports, SOP development, write - ups, incident response handling in a multi-faceted Network Security environment including Deployment, Configuration, Upgrade, Compliance and cutting edge network security technologies.
- Having knowledge of both network ( Confidential test, Confidential, Cisco Design Certs) along with security (CISSP, CISA, Security + and Confidential Security) allows a more comprehensive understanding of incidents and issues.
- It also allows for more enhanced communications with leads of the other departments and teams.
HARDWARE & SOFTWARE:
Operating Systems: Windows, Linus, Unix. Also well versed in following Distros: REMnix, DEFT, Kali, BackTrack and other custom developed/platform specific distros for windows, Linux and MAC environments.
Application Software: FireEye, Damballa, Triumfant, Solera, Netwitness, IBM IDPS & Site Protector, Entrust, Mandiant MIR, EMET, Palo Alto, NitroSecurity, ForeScout NAC, Retina, eEYE, Damballa, FireEye, Mandiant, SourceFire, FireAmp, Nitro, Cisco MARS, Accelops, Nessus scanner, Tipping Point IDS, Active Scout Honey Pot systems, CheckPoint NFR IDS, Lancope Stealthwatch IPS, PGP, SEP, Forescout Counteract NAC, IBM-TSOM-SIM, Still Secure VAM, ISS-Enterprise Scanner, Snort, Wireshark, Cisco PIX, Palo Alto, CheckPoint, Cisco ASA, Palo Alto Firewall, Websense, BrightCloud, Juniper NetScreen firewalls, Cisco VPN concentrator, Nortel Contivity, Router ACLs, Microsoft Windows Security Settings, IIS-Proxy Server, nmap, Solaris & Linux Servers, eEYE Retina. Various Operating Systems (Kali, Backtrack, DEFT, SIFT, REMnux, and other Standard Linux Distros). Kali based penetration Testing with tools such as BurpSuite, Maltego, Metasploit Armitage, nmap, ZAP and other OWASP based tools. Also have worked with AI technologies such as Red Lambda.
Senior Security Consultant
- Supporting large lift RFP responses requiring next-generation security solutions and as lead solutions architect designed, drafted, diagrammed, constructed narratives, explanations, demos and other supporting artifacts & aids to address proposal SOW & delivery Requirements.
- Providing a broad range of security services for Confidential clients including Risk, Compliance, Operations and Governance. Key items under each presented below:
- Deployment of Enterprise Risk Management frameworks, Risk Dashboard development for upper management tracking/reporting, development of all critical phases of Risk Management Framework including security controls selection, application, review and continuous monitoring.
- Scorecards, accreditation boundary setting, CONOPS development, reporting, C&A package & documentation, full lifecycle tracking of certification and critical asset management.
- Running & Managing all aspects of operations from tier development, escalation, lead reporting, incident management, cross-departmental integration, service desk alignment, escalations, MOA & MOU development, advanced operational support services (e.g. malware analysis & forensic lab development), CIRT desk and highly integrated proactive services (from security application & code testing to pen testing)
- Business alignment of security services, developing effective management plans for tools/technology, personnel alignment, process development & automation
- Gathering requirements, developing logic, development & deployment for technical & process automation, big data solutions, governance dashboards, asset tracking, control & alignment (e.g. Smart Mobile Apps).
- Have extensive investigative and operational support experience with McAfee EPO, various HIPS applications (including McAfee HIPS, EMET, Palo Alto Trap, Mandiant and FireAmp). Also have testing tool experience using Backtrack/Kali and related tools such as Metasploit Armitage. In addition many infrastructure controls experience including various firewall platforms (Cisco, Checkpoint, Palo Alto, Netscreen, Nortel), IDS/IPS platforms, and advanced next generation tools such as Fireeye, Mandiant, Damballa and various reverse engineering tools. As part of any Operations program also have extensive design, deployment, configuration and investigative usage of various SIEM platforms.
- This involved trending, communicating with SME partner organizations, security firms, Cyber Intel groups, Cyber Intel agencies, third party CIRT organizations, vendors and specialized security communities; to forecast trends, solutions, tactical and long range plans.
- This also involved conducting supporting reviews which were all conducted in their entirety and built into the doctrinal plans of respective clients.
- Uptime Requirements
- Compliance Requirements
- Business Impact Analysis
Enterprise Supply Chain Analysis/Management
- Boundary Development
- Process Drafting
ConfidentialSenior Security Consultant
- Asset Analysis & Impact Reviews
- Criticality Marking/Rating
ConfidentialSenior Security Consultant
- Implementation, Validation and POA&M reporting per ATO package building process and other compliance support services (e.g. SANS Top 20 support, Deployment Process Development, artifact template generation, etc.)
- Deploying Governance and Threat Management taxonomies and strategic plans for effective deployment of security tools & technologies guided by mandates such as NIST, FISMA, NISPOM, DIACAP, etc.
- Developing remediation strategies and integrating them into practice
- Review of infrastructure configurations for effective operational control and compliance delivery- along with custom rule setting, application reviews, attack reconstruction simulation, packet-by-packet inspection, application data rating & review and vulnerability management integration in the larger proactive services effort.
- Review scope, services and rules of engagement per annual compliance engagements
Security Consultant and Analyst
- Security Analysis: Conducted comprehensive security posture review, pen-testing, operational control and incident handling reviews. Led all tier-III incident investigation analysis, packet payload inspections; wrote up incidents and created post-mortem presentations; initiated security summit meetings with DOI officers to revamp policies and harden settings to protect DOI from PII and other data leakages.
- Operations: Established operation policies, documented SOPs, reviewed compliance and delivery of contractual requirements, ensured ITIL 20000 compliance, developed security incident response controls, conducted operations training on process, controls and management of security applications. Developed and delivered security awareness training and security product training for all level 1 and level 2 personnel. Provided hands-on support for many security devices and drafted operational policies regarding the protection of sensitive data.
- Vulnerability Management Program Lead: Used VAM (by Still Secure) and later ISS, to initiate discoveries and scans to identify and report vulnerabilities for remediation management. Managed and controlled submitted artifacts from system owners, assisting with POA&M as needed.
- Project Management: Created and executed detailed project plans delineating specific timelines, deliverables, resource requirements and interdependencies.
- Security Reporting: Prepared all security report data and documents for upper management; daily, weekly, monthly and quarterly. Communicated information regarding trending reports and broad-spectrum incident analysis.
- Planning: Offered strategic planning advice for Confidential senior managers through cross-comparative analyses of service providers, examination of building requirements, intensive research of trends and technologies, and ISO 20000 compliance overviews.
- Writing: Developed RFPs, external reports, post mortems and other highly sensitive documents for the entire operation. Along with business development colleagues, delivered presentations to prospective clients in order to showcase security programs and company potential.
Senior Security Audit Consultant
- Supervised compliance reviews, pen-testing and posture assessment services. Served as a Security Subject Matter Expert for bank clients, performing a full range of duties.
- Solely responsible for HIPAA and SOX compliance reviews, pen-testing/counter measure assessments, foot-printing, exploit research, system integrity analysis, privacy requirements measurements, security controls analysis and privacy/data protection for medical records and personal information.
- Conducted social engineering tests, counter-measure reports, awareness training, compliance instruction and top-down taxonomy/security practices counseling.
- Worked with business developers to explore options for designing, creating, tailoring, marketing, and pricing security services for potential clients.