CERTIFIED SKILL SETS:

• IPS/IDS network sensors
• Splunk Log analysis (Heuristic & Behavioral)
• Splunk Network traffic analysis, Trend & Anomaly
• Wireshark Packet analyzer
• Router/Firewall ACL’s
• Nessus & Nexpose Vulnerability scanners w/Metasploit follow up
• Agent & Server based malware scans for endpoints
• Gap analysis and remediation
• Cyber forensics
• Chain of custody
• Hashing & Cryptography tools
• Imaging utilities
• Security Information & Event Management systems: Splunk, Rapid 7, Tenable, Confidential QRadar
• Sarbanes - Oxley compliance
• Encryption, Symmetric/Asymmetric
• PKI - Public Key Infrastructure
• Patch management
• Discretionary-based / Role-based / Rule-based / Mandatory
• Network segmentation/VLAN
• Confidential group Policy
• SLAs/OLAs/MOU Documentation
• BYOD/Acceptable use policy
• Cisco Advanced Malware Protection
• FISMA Federal compliance
• Confidential 800-53/37 Framework (RMF)
• Design IT security policies
• Endpoint security requirements
• Application security requirements
• Business continuity planning
• Disaster recovery planning
• Configuration management of Cisco Routers and Switches
• Microsoft Active Directory
• EIGRP & OSPF routing protocols
• VPN Clientless SSL w/PKI
• VPN IPSEC protocol suite
• NMAP topology mapping

RELEVANT PROFESSIONAL EXPERIENCE:

Multi-Departmental Intern

Confidential, Dalton, GA

Responsibilities:

• Network monitoring at edge and webservers with Splunk SIEM in Network Operations Control Center (doubled as SOC) in addition to feeds from network sensors
• IDS/IPS, firewall, from Router, Switch, web proxy, ect.
• Analysis of malware Tactics, Techniques, Procedures ( Confidential ) being used in context to DNS tunneling (payload size anomaly detection) attack vector, mitigate w/policy enhancement
• DNS DOS attack mitigation (enforcement of TTL field, and packet drop enforcement rules)
• Monitor operations for Indicators of Compromise (IoC), Confidential database
• VLAN segmentation tasks for SCADA field services department
• Process of evaluating Cisco Advanced Malware Protection (AMP) and Firepower ASA for future upgrade (Replacement of Symantec)
• Network topology documentation updating using Nmap
• Service Now ticketing system for incident handling/tracking and any policy changes

Technology Administrator

Confidential, Dalton, GA

Responsibilities:

• Administered the implementation of interactive Smartboard technology
• Integration into system network - implementation VLAN for access layer switches
• Update rules and submitted ACL for QoS tagging/flow control to Sr. Network Ops engineer
• Held training sessions for facility and staff in the usage of new technology
• Managed change control process and coordinated the corrective actions with vendor
• Software patch management, user endpoint hardware and server

Project Analyst, Security

Confidential, Atlanta, GA

Responsibilities:

• Analyze and correlate client netflow data with Confidential
• Nessus and Nexpose vulnerability seek and then assessment with Metasploit
• Severities classified according to Confidential Common Vulnerabilities Exposures ( Confidential ) listing
• Patch & update, remediation testing
• Recommendations for protection upgrades based on data analysis and industry best practices in conjunction with business impact information

IT Security Analyst

Confidential, St Petersburg, FL

Responsibilities:

• Scan & assessment of application, database and document security controls for SOX audits
• Alignment with framework Confidential 800-53/37: Configure discretionary access control (MS Active Directory) in accordance with corporate infosec policy and principle of least privilege
• Confidential security group and directory structure administration
• Microsoft Exchange email server administration
• Configuration of
• Confidential mainframe AS400/AFC2 database administration
• Internal assessment: Encryption and PKI verification using Wireshark protocol analyzer for
• Post assessment action: Evaluate, research and Remediate security gap findings
• Remediation: Increase RSA key length from 1024 to 4096 bit keys in accordance with industry best practices
• Project management, Role-based access control interface for Oracle energy trading
• Project Scope controls, Project Resource allocation/Budgeting
• Innovation of business processes: Planning / Research / Analysis / Implementation
• Continual service improvement

Confidential

Cybersecurity Contractor, St. Petersburg, FL

Responsibilities:

• Conducted Business Impact Analysis (BIA)
• Engineered the Business continuity Plan
• Build Disaster recovery management response system
• Confidential Q-Radar SIEM implementation
• Confidential IPS Confidential Intrusion Prevention System (IPS) implementation w/Syslog feed to Q-Radar
• Symantec enterprise firewall rule/policy response modification due to Confidential upgrades
• Training courses for McAfee enterprise firewall, now Confidential Risk-Adaptive protection

Confidential

Information Services Analyst

Responsibilities:

• MS Active Directory Confidential security group administration
• Active Directory account creation, modification and termination
• Implementation of Wireless LAN applications with 802.1X Diameter Single Sign on and PKI, Aircrack-ng used for verification
• Certificate Authority(CA) server management for PKI support
• Wireshark used on SPAN port replication for verification of properly encrypted data
• Endpoint security and firewall
• On-call incident response team: server rebuild of non-virtual RAID array for internal database and other IT network response duties for IT services continuity