SUMMARY:

• Seasoned and analytical IT professional offering extensive experience in all aspects of security architecture, systems engineering, and control development and implementation, from event acquisition to SOC response, within highly complex environment
• Equipped with solid understanding of large multi - national distributed environments and architectural capabilities including regulatory-defined archiving, event acquisition and parsing, active client environment awareness, and multi-tier high availability architecture
• Armed with exceptional expertise in detecting and mitigating malicious events within a fast-paced working environment
• Effective and articulate communicator; with keen attention to detail; equipped with outstanding organizational, technical, analytical, management, and problem-solving skills

AREAS OF EXPERTISE:

• Forensic Acquisition and Analysis Security Engineering and Architecture Program Development
• Hardware Resource Management Malware Detection and Mitigation Threat Intelligence

TECHNICAL ACUMEN:

Arcsight ESM Arcsight Logger Arcsight Connector Appliance Splunk IBM Consul IBM ISS Checkpoint IPS Damballa FireEye Darktrace Symantec Vontu DLP Cyber-Ark PIM Cyber-Ark PSM Gemalto SAServer Encase Forensic Encase Enterprise Tableau Imager IBM I2 Paterva Maltego IBM AppScan HP WebInspect Cenzic Metasploit Professional SIFT Workstation PKI Architecture Apache Webserver Apache Tomcat IBM Websphere BMC Weblogic Symantec Clearwell VMWare Workstation Apache Mod Security Citrix Netscaler Hardware Security Modules (HSM) ThreatGrid WireShark nMap MS PowerShell IBM RACF AirMagnet | Passware | Rainbow Tables | Ophcrack | AccessData FTK | Resonate Load Balancer

PROFESSIONAL EXPERIENCE:

Confidential, Lansing, MI

Security Architect

Responsibilities:

• Provide Confidential technical leadership as architect of enterprise log management and Security Incident and Event Management (SIEM) implementation and environment integration
• Provide Confidential guidance as technical lead of enterprise Data Loss Prevention implementation and environment integration
• Provide Confidential guidance with policy development and implementation utilizing NIST framework, PCI, HIPPA, CJIS, FEDRAMP and Michigan regulatory standards.

Confidential, Lansing, MI

Senior Security Engineer

Responsibilities:

• Take charge of aggregation, tokenization, correlation, and reporting of evidence in electronic format from multiple business units across the environment
• Implementation experience with multiple security frameworks and standards, including NIST, ISO 27001 and COBIT
• Efficiently fulfill the roles of primary security technical advisor to vice president of Confidential Global Security as well as technical lead of Corporate Security Incident Response Team
• Render expertise and assistance in executing immediate response and control structure as well as medium and long-term remediation architecture
• Leverage industry expertise in handling incident response of internal and external origin by identifying and mitigating attacker and attack vectors across US-based Confidential . Group corporate information technology resources
• Systematically oversee corporate security and event management environment across Confidential -US corporate resources as well as Confidential -UK investigative environments
• Functioned as lead architect for existing SIEM, firewall, anti-virus, network packet monitoring, and memory analysis tools to assist corporate security staff in detecting and mitigating malicious events within the corporate environment
• Analyze, control, and regulate design, execution, and reporting of several internal and external threat intelligence repositories
• Architected Confidential -US corporate external multi-factor authentication environment with implementations of PKI- and OTP-based authentication tokens and mobile applications
• Conduct risk assessments for multiple development groups and business units, including proof of value and risk evaluation of hardware and software

Senior Investigator

Confidential

Responsibilities:

• Seamlessly conduct acquisitions and investigations requiring forensically defensible acquisitions of memory as well as structured and unstructured data across US based Confidential . Group corporate information technology hardware resources including server, desktop, mobile device, and multi-factor FLASH memory acquisitions in both encrypted and unencrypted formats