PROFESSIONAL SUMMARY:

• Eighteen years of Information Technology Experience.
• Healthcare, Finance, Retail, Marketing, Food, Airline, Education and Consulting Industries.

TECHNICAL SKILLS:

Networking: F5 BIG - IP, Citrix NetScaler, Imperva SecureSphere, Routers, Switches, Hubs, Systems/Applications Integration and Migration, Hardware Configuration, Installation and System Configuration of Firewall, Ethernet, Token Ring, and Localtalk.

Operating Systems: UNIX (AIX, Solaris, Linux, Irix), MS Windows and Mac O/S.

Technologies: Splunk, Symantec DLP/Endpoint Protection, FireEye NX/HX, Cisco CSM, Lansweeper, Chef, WebSphere, MQ, JBoss, Tomcat, Apache, IIS, SiteMinder, AD, LDAP, IAM, SAP, VMware, Ruby, Java, JSP, Servlet, PHP, ColdFusion, C, C++, HTML, UML, XML, JavaScript, Perl, Korn Shell, VB, VBA, Oracle, DB2, SQL Server and MySQL.

PROFESSIONAL EXPERIENCE:

Confidential

Sr. IT Security Consultant, Information Services Team

• Developing and applying of IT Security policies and procedures for HIPAA/HITECH standard. Working with network team on designing of PCI-DSS 3.2 architecture environment build. Managing, configuring, reporting, creating security diagrams and troubleshooting of security issues relating to AD for authentication/authorization systems, managing shared and NTFS permission, Symantec Endpoint Protection v12.1.6 for Antivirus, Symantec DLP v12.5 for Email/Web/Https/FTP/USB/Network share protection, FireEye 4400 v7.9.3 for Malware Protection System (MPS), FireEye HX400 v3.5.0 for Endpoint Threat Prevention, Credant v6.8.0 for encryption, Tenable.io vulnerability scan management, Cisco M670 v9.6.1-019 for Content Security Management, Lansweeper v6.0.65 for asset management/inventory, Tufin SecureTrack v14.3 for Network Operations Management and ArcSight Command Center v6.5.1 ArcSight Logger v6.0.0 for SIEM.

Confidential

Sr. IT Security Consultant, EHS Compliance - Server Security and Access Team

• Analyze and writing scripts (perl/ksh/RegEx) on UNIX (AIX, Solaris) and Linux environment to migrate all local users and netgroups from LDAP Sun-Directory-Server v 11.1.1.5.0 to Quest Authentication Services (QAS v4.1.0). QAS simplify Identity Access Management (IAM) by using existing Active Directory (AD) for provisioning (UNIX/Linux and Windows accounts in one centralize location), password management, strong authentication, privileged account management, auditing, reporting and security compliance. Provides maintenance, troubleshooting to resolves issues of privileged user accounts. Using VMware Workstation v12.0 to build out ChefDK v0.18.30, Vagrant v1.8.6 (plugin berkshelf, omnibus, chef-zero, vbguest), VirtualBox v5.1.5.1.6 environment for testing cookbooks (using Ruby v2.0.0p598) to help automate the user accounts and global group migration process to QAS. Using CyberArk DNA v6.2.1.1 to scan the servers and analyzes any privileged/non-privileged account and Private/Public SSH Keys trusts to show which servers and accounts have access to connect to other accounts on a remote servers then generated a report and visual organizational maps that evaluate the privileged account security status in the organization.

Confidential

Sr. IT Security Consultant, Information Security Team

• Managing, configuring and hardening process for Sovos on F5 LTM (5250v, v12.0.0 ), Linux CentOS v 2.6.32-431.5.1. el6.x86 64, VMware ESXi v5.5/v6.0, Windows 2008 R2 and Windows 2012 R2 on the SaaS environment. Provides preventative maintenance, troubleshooting and quickly resolves problems to ensure infrastructure and application stability. Troubleshooting issues across all layers and tiers from network to application to database. Work with network, development and database team to address security issues and risks. Give recommendation on resolution or work-around. Provided technical risk assessments and design a plan to hardening the systems. System hardening for Domain Controller, Web, Database and Terminal Servers. Configuration of Active Directory (AD) and Group Policy Object (GPO) to assigning and enforcing security policies for all computers, installing and updating software. Configuration users setting, audit logs and firewall rule evaluation and policies deployment.

Confidential

Sr. IT Security Consultant, Application Information Security Team

• Managing, configuring and update all Web Application Firewall (WAF) for Confidential on F5 ASM (Viprion VPR-C2400, v11.5.3). Build and deploy F5 ASM policies for new and existing applications. Monitor and analyze log reports and data from F5 ASM to reduce false positive blocks. Analyze internet traffic and interpret header and body information to determine source, intent, and risk of the threat agent. Provides preventative maintenance, troubleshooting and quickly resolves problems to ensure infrastructure and application stability. Provided technical requirements for building secure applications. Signatures, policies and profile tuning for SQL-Injection, Cross-Site Scripting (XSS) and CSRF Form Tagging. Troubleshooting issues across all layers and tiers from network to application to database. Write Splunk’s (Enterprise 6.1.3) query/RegEx (Regular Expression) to filter data and build dashboard for analyze WAF traffic for 100+ policies and create reports. Work with application, database, system and security team to address security, compliance issues and risks. Give recommendation on resolution or work-around. Provided technical risk assessments and suggestions for building different landscapes. Provide applications security incident response to detection, analysis and containment. Provide L3support all Confidential ’s web applications.

Confidential

Sr. IT Security Consultant, Global Information Security Team

• Architect network configuration of the Citrix NetScaler devices, cabling, initial configuration, installing, migrating and managing all Web Application Firewall (WAF) for Confidential . Cisco ACE load balance across different WAF devices for HA and improve performance. Migrating Imperva SecureSphere G8FTLS4-SR2500 v8.5 to Citrix NetScaler MPX 11515 v10.1. Citrix Command Center MPX 7500 v5.2 HA configuration using to manage NetScaler WAF devices. Trouble shooting issues with all Confidential ’s Web applications. Managing all SSL certificates on Imperva/NetScaler devices. Provided technical requirements for building secure applications. Signatures, policies and profile tuning for SQL-Injection, XSS and Application/System base signature. Work with application team to identify and prioritize the risks. Give recommendation on resolution or work-around. Provided technical risk assessments and suggestions for building different landscapes. Run report for PCI compliance devices on ArcSight Logger v 5.3.0.6684. Provide applications security incident response to detection, analysis and containment. Provide L3support all Confidential ’s web applications.

Confidential

Sr. Solution Architect, CarePATH CSM Team

• System Architect, integrating, installing, configuring, migrating and managing all Epic EPS 2012 v7.9.0 printing to Output Management Solutions (LRS VPSX v1R1.0.068) Enterprise Printing solution for Catholic Health Partners. VPSX servers and Epic EPS servers are on F5 BIG-IP GTM for load balance across different Data Center and improve performance for all converting printing job to PDF file format. Configuring and setup new printers (HP, Intermec, Ricoh and Lexmark) and printer drivers on VPSX. Trouble shooting issues with printers by reading logs and reports. Provided technical suggestions for building different landscapes. Provide risk assessment on application build and system requirement. Work with project manager to identify and prioritize the risk. Give recommendation on resolution or work-around. Provided technical risk assessments and suggestions for building different landscapes. Provide diagram and flow chart for business unit to explain application functions. All applications are running on Windows 2008 R2 on VMware v4.0.0. Installing and configuring IIS 7 and MS Message Queuing to work with VPSX. Setup LRS/DIS to work with Windows Active Directory authentication. Installing PageCenterX v1R2.0.013 and integrating with VPSX. Writing VBS script to help debug printing issues in different enviroments. Provide training to support team.

Confidential

Sr. Infrastructure System Architect, Solutions Development and Delivery Team

• System Architect the infrastructure (Vblock - Cloud Computing from Cisco, EMC, VMware), Hardware and Software required to satisfy the non-functional (sizing, availability, and performance) requirements for business applications that will be deployed in UnitedHealth Group's server farms. Working closely with internal Application Development teams to understand how an application functions and the software products required in supporting it. Providing system design and generate the provisioning artifacts required to support the operational teams. Working to ensuring architectural integrity and compliance, while at the same time working with Operations to continuously improve availability, serviceability and efficiency of our solutions. Data Center Migration of applications from Elk River DC to Chaska DC. Determine the quantity and size of Web Servers (IHS 7, JBoss EWS 1.0.2, IIS 7), Application Servers (WebSphere 7, JBoss EAP 5.1), Databases (Oracle 11g, DB2, SQL 2008), and other system servers (Pegasystem BPM (Business Process Management)), Information Server 8.7, SQL Server (SSIS, SSRS, SSAS) necessary to satisfy an applications non-functional requirements. Working with the technical leads on Service Delivery teams to communicate technical designs and resolve implementation details for all networks (F5 BIG-IP LTM, Checkpoint Firewall), servers (AIX LPAR, Red Hat Linux VM, Window VM), storages (F5 ARX for data management and EMC SAN storage for virtual servers) and software components. Ensuring architectural integrity and compliance with our hardware and software infrastructure standards. Working with Operations to drive continuous improvement in availability, serviceability and efficiency. Providing technical risk assessments and develop contingency plans to insure situational and application availability requirements are met. Recommending changes to resource utilization to improve efficiency. Identify cost-effective opportunities for technology refresh. Working effectively in a diverse organization spread across multiple locations. Manage and prioritize small to large deployment activities with a variety of teams. Most rewarding part is to see all the components work together in production that been use by everyone

Confidential

Sr. System Engineer, Tartan Technology Infrastructure Team

• System Architect Cargill Enterprise SAP Application Integration with multiple third party applications for Common Applications -Line of Business. Provided technical suggestions for building different landscapes. Provide risk assessment on application build and system requirement. Provide technical gap analysis requirement and functionality for present and future system usage. Work with project manager to identify and prioritize the risk. Give recommendation on resolution or work-around. Provided technical risk assessments and suggestions for building different landscapes and new applications. Working with business resources to provided recommendation for different applications and versions upgrade. Provide diagram and flow chart for business unit to explain application functions. Administer, Configure and support F5 BIG-IP 6900 (LTM v10.0.1) for Intelligent load balancing applications traffic management and improve performance for all Tartan Applications. Installing, configuring, and managing Sabrix Enterprise v5.1.3 tax management solution, Paymetric v2.2.4 -Payment Integration and tokenization services. SAP Adobe Document Services v7.01SP3 for creating and deploying interactive forms, generate dynamic documents for label printing. Trouble shooting DNS issue for Output Management Solutions (LRS VPSX v1R1.0.052) for Enterprise SAP Printing solution. ARIS application v7.1 for Enterprise business process modeling, uPerform application v4.11.0 for developing interactive training, eLearning and content management. Install/Config/Administer Enterprise Content Management (ECM v9.7.1) for Structured and Non-structured data archive OpenText solutions, Triplepoint CSL v7.1.2.11/CR v 5.0.12.109 application for Commodity Trading and Risk Management. Supporting the TIBCO ActiveMatrix BusinessWorks v5.7.2 servers that running TIBCO services. All applications are running on Windows 2008 on VMware v4.0.0 or AIX v6.1 64bit servers. Provided technical guidance for off-shore team in resolving the critical issues. Writing ksh script startup/shutdown applications in different environments. Working with external auditors on Payment Card Industry Data Security Standards (PCI DSS) compliance audit.

Confidential

Sr. System Engineer, Latitude IT Infrastructure Team

• System Integrating, designing, installing, configuring, migrating and managing all LATITUDE releases and all software maintenance releases for internal development and test environments. Setup F5 BIG-IP 6400 (LTM, ASM v9.4.7) load balance and firewalls for the company internal network by configures routers to serve dynamic IP, setup filtering policies (SQL injection, XSS, URL, form parameter, etc) to block intruders access internal data/network. Latitude uses set of AIX 5.3 64bit servers running WebSphere MQ v6.1 to provide messaging functionality for the Latitude application to the WAS application. The MQ servers run independent of the redundant servers and interface with MQ hub EAI to provide a business interface. Supporting and trouble shooting problems for testers and developers on 200+ UNIX(AIX, Solaris, Linux) development/testing servers. Designing a deployment process for the applications. Resolve implementation infrastructure issues for network, servers and applications. Install, deploy and maintain IBM Web Serves, Webagents, SiteMinders v6.0, SunOne Directory Servers(LDAP) v5.2 on Unix (Solaris 10, 64bit), WebSphere Servers v6.1 and Oracle 10g DB back-end. Managing of customers request, users request and change policy. Writing Perl script to change hundreds of configure files in different enviroments and automated deployment process.

Confidential

Sr. System Engineer

• Designed, installed, configured, migrated and managed all company Red Hat Linux Servers, WebSphere v6.0, MySQL, MS Windows 2003 Servers, SQL Servers2005 and users MS Windows XP machines.
• Installed and configured Webmail to access email online from a Linux mail server, installed SpamAssassin and ClamAV AntiVirus to work with Sendmail to scan spam and virus e-mail which ran on a Red Hat Linux Server. Setup firewall for company’s internal network by configured routers to serve dynamic IP, setup filtering policies to block hackers by using Public IP forwarding to Private IP.
• Supported and troubleshoot problems for Linux production, testing, development servers, and Windows XP users. Designed a deployment process for the applications. Resolved implementation infrastructure issues for network, servers and applications. Implemented change to improve efficiency. Setup NFS to allow all Linux users to logon different server but each user default to their own home directory. Installed, developed and maintained company Apache 2 Web Servers using PHP with MySQL DB back-end. Planned, implemented, and managed global customers’ and users’ request and change policy via phone, e-mail and in person using a tracking forms and systems.

Confidential

Instructor for Java, XML, C++ and ColdFusion

• Prepared lectures for college courses and assessed student progress through grading evaluations. Tutored and motivated students to complete course objectives through lectures and hands on coding while tailoring teaching methodologies to the specific student needs.