KEY SKILLS:

Windows, UNIX, Splunk, Symantec DLP, ePo Orchestrator, Verisign, StealthWatchMcAfee Web API/Foundstone, SolarWinds, Imperva DAM/WAF, FireEye, ProofpointSiteMinder, EMC SRDF, Avamar, Aspect, ArcSight, SecureWorks, Sourcefire, ServiceNow, NeXpose, Qualys, Tripwire Enterprise/IP360, WebInspect, Fortify, BSM/SIM/Insight /Operations Manager, Novell Sentinel SIEM, Remedy, Assyst, SCCM, Citrix, Juniper, Confidential AppScan. Senior Application Banking Engineer; Quantitative Risk Management, Hyperion Enterprise, Kofax Ascent Capture, RightFax

EXPERIENCE:

Confidential

Director Information Assurance, El Segundo, CA

Responsibilities:

• Establish and oversee IT accountability across disparate project teams for master security application processes, cloud computing, network/firewall upgrades, business analytics and virtualization rollouts.
• Established and documented the full range of threat/vulnerability reduction, deterrence, international engagement, incident response, resiliency, and recovery policies in support of Confidential 800 - 53/171 and the 2016 updated framework for improving critical infrastructure Cybersecurity
• Performed extended risk assessments supporting ISMS standards via the creation of detailed ISO 27001 documented security scopes, roles and functional business requirements. Develop client security programs by reviewing existing programs and projects; conducting comprehensive reviews of threats; evaluating and analyzing relevant data points. Assess IT network and security architectures as they relate to managing identities and access privileges, delegated administration models, workflow and access control models revising diagrams as required
• SOC Strategy Development: Architecting and design of security solutions (SIEM, IDS, etc.) per business project initiatives following strict FFIEC, NCUA, SOX and other regulatory guidance
• Develop Information Security Plans and Policies, Incident Response plans customized to business risk profile. Coordinate with IT Operations, digital forensic experts, network engineers, system engineers and Web application engineers to explore and report on specific security risk issues in depth
• Manage third party service providers relating to additional security services. Due diligence and SAS 16 reviews as required (penetration testing, encrypted Email services, data loss prevention)
• Document results of security risk analyses, formally present metrics and analytics to CIO. Serves as a Member, Executive IT Steering Committee. Formulate executive level recommendations related to Information Security strategy serving as lead member, Executive IT Steering Committee

Confidential

Cyber Security Engineer, Tempe, AZ

Responsibilities:

• Identify, analyze, triage and respond to SIEM (Splunk) concurrent security incidents (brute force/ddos attacks, Java exploitations, malware callbacks, excessive database logins/administrator changes, service account monitoring, direct root login attempts/failures).
• Troubleshoot, evaluate, track, and manage network/system problems and recommends escalation as appropriate
• Leads project's execution, infrastructure changes that impact security and data management and unknown dependent relationships

Confidential

Intrusion Detection Engineer, Las Vegas, NV

Responsibilities:

• Assisted in achieving the success of three (3) consecutive external QSA audits for Confidential -DSS, GLBA and SOX compliance annual goals.
• Realignment with Confidential standards including dashboard and other reporting/metrics to directorate level.
• Alignment and scanning utilizing data loss prevention and content monitoring/filtering software detecting and preventing data ex-filtration transmissions blocking sensitive data in-use, in-motion and at-rest. Works closely with 3rd party vendors refining and/or enhancing DLP software toward structured or unstructured data capture intended to further lower and avoid false positives/negatives or enhance perturbation techniques

Confidential

Executive Security Consultant, Las Vegas, NV

Responsibilities:

• Confidential Executive Adviser to the Chief Information Security Officer. Architectural investigation, analysis and realignment of three (3) project Information Technology Security streams; Identity and Access Management, Security Operations Center and Disaster Recovery
• Leverages Architectural Design and Project Management skills providing detailed updates to the CISO/CIO and Executive Council concerning steady-state alignment of major Security tools, the elimination of current IT security vendor. Provides guidance toward direct rebuild and enhancement of future security techniques, predictive/big data analytics, forensics, operational tracking and tracing of Indicators of Compromise
• Interviews new candidates and aligns manning on/off-shore. Owns DR/BCMP for 20 critical applications

Confidential

IT Applications Analyst, Glendale, AZ

Responsibilities:

• Responsibilities span the full range of IT Operations Bridge core functions. Research, analyze and understand log sources, particularly security and networking devices (firewalls, routers, anti-virus products, and operating systems).
• Maximize availability of critical systems and components through advanced performance/availability monitoring
• Triage and respond to SIEM concurrent security incidents. Identify and analyze events from network/systems.
• Troubleshoot, evaluate, track, and manage network/systems problems and recommends escalation by level. Configuring Juniper Networks Firewall/IPSec VPN Products

Confidential

Information Security Engineer, Phoenix, AZ

Responsibilities:

• Vulnerability Management ( Confidential ) - Corporate wide IT threat intelligence gathering, analysis and spanned (metric) reporting. Lead project scanning engine deployment worldwide
• Tripwire File Integrity and Compliance ( Confidential ) - External QSA audit assisting 3 Business Units toward full Confidential compliance followed by project migration to Corporate BU Realignment with Confidential standards including dashboard and other reporting/metrics to directorate level
• Security Operations Center - Build and deployment of SOC Corporate wide; event classification/correlation and root cause analysis. Critical application, database and logging connectors alignment, monitoring, metric reporting build/deployment
• Malware - NID monitoring/response and reverse engineering. Enterprise antivirus solutions, virus outbreak management, mitigation and remediation techniques
• RightFax Administrator - Directly supported production RightFax Administrators when inabilities to resolve production issues occurred