SUMMARY:

• Experienced IT Security Program Manager. Certified Industry Security Professional with Agile App Dev Background.
• Plan, Design and Implement Secure, Disaster Resilient IT Infrastructure with Support Services in a 24/7 SOC.
• A collaborative and creative IT Project Manager, adept in successful implementation of innovative and visionary IT solutions.
• A hands - on professional with over 15 years of IT industry experience in mission-critical roles.
• Extensive experience in securing enterprises and providing ISP services using Microsoft, Cisco, DELL, Juniper, Symantec, VMware, SuSE Linux and Novell products.
• P roject M anagement driven by Strategic Plans, POA&M (20);
• TCP/IP Internals and Comm Network Engineering (15)
• Enterprise mission driven Security Master Planning and Policy Implementation (15)
• Security Frameworks planning and implementation NIST 800, ISO 27001, GLBA, SOX, PCI, FFIEC
• Secure Identity and Access Mgmt and IPAM Integration with AD/LDAP/NDS (15)
• Gateway Security with advanced UTM/DPI appliances: Cisco ASA , DELL Sonicwall , Barracuda FW (15)
• S ecurity I ncident M anager Integration using QRadar (10); Sec Audit Trail via Syslog Servers (10)
• Endpoint Client Authentication with Smart Cards and RSA Secur ID Tokens (10)
• Cyber Forensics/IAVA (Pen Testing) with Rapid 7/Tripwire/QualysGuard/EnCase (10)
• LAN/Network/Protocol/Application Analysis w OPNET IT-Network Guru, Splunk / Snort / Wireshark (10)
• Enforcement and Support of MIL/DoD STIG on Enterprise Endpoints and Servers
• Endpoint Root Kit Detection and Mitigation for Spyware, Phishing and Trojan (10)
• Endpoint Group Policy Control (15); Shavlik /MS/Secunia Patch Mgmt System Exp(10)
• DNS(Sec) Mgmt using AD Integrated DNS (10); BIND DNS (15)
• Secure Enterprise Email (POP,IMAP,SMTP) Architecture, Design & Implementation (15)

TECHNICAL SKILLS:

• MS SQL Ent. DB Design & Implementation (15); Powershell (2), MS O ffice Suite (2013 thru 2007); MS P roject (7);
• MS T-SQL (5), VB/VBA (10), ASP.NET (5), AppMethods (2), Borland’s C++ (5)Oracle’s PL-SQL (5), Pascal (10), HP Transact (5); UX/Linux Shell: BASH/KORN (15)
• MS Server 2K16 thru 2K3 / Clients (W10 thru XP); SUN Solaris; SuSE / Red Hat Linux & Cisco IOS Firm Ware

PROFESSIONAL EXPERIENCE:

Confidential, Wash., DC

Security Engineer

Responsibilities:

• Security Engineer in support of mandated Confidential Security Assessment of IS.
• Review IS Architecture and Implementation against published Security Frameworks and Standards such as NIST-800-53; HIPPA; PCI-DSS; FERPA etc.
• Plan and execute assessment review, test controls against baselines using proven tools for Vulnerability Testing and Management such as Nessus; Burp; Web Inspect; OWASP; Kali-Linux, NMAP; Nipper Studio and recommend remediation of threats and vulnerabilities.

Confidential, Reston, VA

Snr. Cyber Security Consultant

Responsibilities:

• Snr Cyber Consultant in support of mandated Confidential Security Assessment of IS.
• Review IS Architecture and Implementation against published Security Frameworks and Standards such as NIST-800-53; HIPPA; PCI-DSS; FERPA etc.
• Conduct assessment review, test controls against baselines using proven tools for Vulnerability Testing and Management such as Burp; Web Inspect; OWASP and recommend remediation of detected threats and vulnerabilities.

Confidential, Baltimore, MD

IT Security Systems Consultant

Responsibilities:

• Develop IT strategy and vision of Confidential with organizational goals.
• Deployment of multi-vendor solution to include product and services.
• Manage IT infrastructure, procurement and tiered enterprise security.
• Facilitate Hi Performance Computing alternatives for 501c Orgs with precision component level upgrades.
• Enable efforts towards ISO 27001 and industry relevant security framework compliance.
• Enroll 501c’s in Google for NonProfits benefits.
• In corporate open standards into business practices such as application security informed by OWASP guidelines; enhance IAM and conduct security awareness training for benefit of clients.
• Engage best of breed/class tools in ensuring continuous stable enterprise: McAfee ePO for simplifying risk and compliance management; Splunk for real time capture and analysis of emerging threats to include Confidential, and Confidential attacks; event correlation with global incident monitors via dashboards on SIEM Console; Tenable Security for a robust comprehensive threat assessment, mitigation and management.
• Ensure secure operating platform via scheduled IAVA scans with tools such as TripWire, Secunia PSI and WSUS and others scaled according to size of client services.
• Maintain integrity of internet facing services with routine pen-testing for weaknesses in LOB software and proactively remediate any detected threats or vulnerabilities.

Confidential, Baltimore, MD

IT Manager-Chief Tech Officer

Responsibilities:

• Developed IT strategy and vision of organization with State mandated Confidential initiatives.
• Planned, implemented and deployed multi-vendor solution of Confidential Blade ESXi infrastructure, vSphere 6.x and Network fabric integrated NETAPP storage infrastructure. Supported DoD STIG compliance and updates. Implemented secure private cloud solution with on-premises infrastructure. Design and implement DoD compliant 2-factor CAC authentication solution in Win Svr 2K8/W7 space. Integrated Smart Card and RSA Secur ID token Access for secure Application access over the internet as part of multi-vendor IAM solution for enterprise application access. (2007 - 2014).
• Migrated Agency operating platform from Novell Netware eDirectory services to SuSE Linux Open LDAP messaging platform with Microsoft Server Active Directory, MS SQL and Oracle Applications and services in the technology inventory. (2000 - 2007)
• Architect of inaugural Agency IT Security Master Plan. Planned and assisted with implementation of SOC concept in a 24/7 Emergency Mgmt Operations center, one of the first in the Nation post 9/11. Managed SOC technologies ensuring policies and procedures in the form of SOP and plans were routinely followed on reliable infrastructure and technology services assembled in collaboration with major industry providers for the Confidential . Deployed technologies for advanced continuous network operations. (2K - 2K7).
• Implemented advanced messaging suites (Zimbra) and proven IDS/IPS/HBSS products (2K-2K7).
• Supervised the early adoption and integration of NextGen Security solutions in support of Agency RAS using Juniper SSL-VPN FW based solutions; leveraged guidance in NIST 800-153(WLAN); 800-30 (Risk Assess) and 800-115(Pen Testing) to effectively reduce vulnerabilities and remote access computing costs. Compiled threat matrix for valued assets using Risk Ratings & Target Values (2K3-2K7).
• Implemented best-of-breed technology and best-of-practices security approach for integrating rule based infrastructure management across enterprise supported by QRadar SIEM, Cisco ASA UTM FW appliances and Juniper SSL-VPN FW App Sec. Managed end-to-end network traffic in mission critical environment with QRadar SIEM outpacing peers in the industry (2K3-2K7).
• Collaborated with WhiteHouse CIO and MWCOG in aftermath of 9/11 for input on effective IT Sec strategies.
• Compiled Agency’s 1st mission-centric IT Master plan in collaboration with key Agency staffers (2K0 - 2K5)
• Mentor IT Staff, review performance and advocate staff career development (11/00 - 12/14).
• State Technical lead and Coordinator for victim-focused Disaster Case Mgmt System. Managed Software Project to support field agents in a disaster leveraging Networking and Application background for novel web-based solution encompassing secure access to DB App from field agents with advanced Card/SecurID type authentication ware. Enterprise App security achieved via Juniper SSL-VPN FW, HP WebInspect/Fortify, and Exceedium/Cisco ISE (2K0 - 2K7)
• Leveraged the VA capabilities of Rapid7 scanningwith the correlation and real-time actionable intelligence capabilities in QRadar. QRadar helped to streamline the process of Incident Forensics Analysis by using a configured QRadar VM Plugin to query Rapid7/Nexpose server at intervals for latest vulnerability data and using QRadar capabilities in correlation and contextual analysis in support of remediation and mitigation activities. (2002 - 2010)
• Recognized with State commendation for outstanding service to citizens in a disaster (10/2002)

Confidential, Annapolis, MD

Programmer Analyst Supervisor

Responsibilities:

• Coordinate the transition of legacy line-of-business application to Distributed Client Server model application using Microsoft VB and MSSQL backend.
• Designed DB schema and assisted with DBA services.
• Assist with Data Quality Assurance writing custom T-SQL scripts for SQL Enterprise Manager.
• Managed, mentored and supervised staff of three in multi-tiered software project implementation.
• Work with multi-jurisdictional customer base, determine custom application needs and architect a solution.
• Key implementation staff of revenue-enhancing Recreation Sports & Water Vessels Registration System.
• Supervised the design and implementation of multi-tiered application; Agency Fleet Vehicle Reservation and Mgmt system using Enterprise SQL database backend and VBA with Access for user front end. Designed conflict avoidance and mutual exclusivity logic to ensure non-conflicting reservation leveraging the power of relational and algebraic concepts.

Confidential, Baltimore, MD

LAN/WAN Systems Administrator

Responsibilities:

• Responsible for maintaining readiness of clinical IT infrastructure, systems and application.
• A leader in the adoption of 1stgeneration MS Windows Servers in support of a critical mission.
• Systems integration specialist for hi-tech cancer treatment planning & management systems.
• Sys Admin for high end UNIX based SGI Octane clients used primarily in support of adjunct Oncology services and clinical practice in Brache-therapy and Radiation Dosimetry at UMMS Radiation Oncology.
• Provided technical support and services to research fellows and residency MDs.

Confidential, Reisterstown, MD

Snr. Network Analyst

Responsibilities:

• Managed Project to transition Agency manual processes into IT integrated operational processes.
• Coordinate with Agency Director to articulate IT budget needs in support of Confidential CSEPP initiatives.
• Architected and implemented Agency’s Project for 1st entry into Internet Computing and Services
• Managed Project Life Cycle (POA&M,Acquisition, Config & Deploy) Novell GroupWise Messaging System.
• Implemented Agency’s Disaster Recovery and Tape Archival processes.
• Supervised the Network Manager and managed SUN SPARC Server running Solaris OS.
• Provisioned custom RAID-5 system in support of Server Storage needs leveraging readily available components and knowledge of Computer Science.
• Coordinated selection, deployment and configured Agency’s 1stFW/GW solution using Symantec products.

Confidential, Baltimore, MD

Principal Consultant

Responsibilities:

• Provided Systems Integration and Consulting Services to Small Business.
• A pioneer in custom Intel based hardware clients and servers with custom component level upgrade services.
• Delivered Turn-Key 2 nd generation LAN systems to Prof Svcs and Confidential in BW/Metro Area.
• Designed cost effective custom solutions alternative for PC shoppers integrating Fax/Modem/Voice solutions, Networking and Multimedia with music capability in early days of PC automation.
• Provided systems expertise in trouble-shooting and customizing 3rd party medical & legal billing applications.

Confidential, Baltimore, MD

Snr. Programmer Analyst

Responsibilities:

• Support State efforts in curbing the incidence of cancer through Epidemiology research.
• Assisted with converting mid-frame HP Image 3000 Network DB to Client Server DB on the SUN SPARC using Oracle SQL Server, Forms and PL-SQL
• Migrated departmental computing services to emerging LAN based technology on Unix / Novell Servers as alternative to campus charge-back services.
• Lead Developer in migrating COBOL based application using 4GL HP Transact on HP 3000 running MPE IV OS.
• Worked with multi-disciplinary staff from a cross section of State Agencies including, DHMH, MDE and Governor’s Office.
• Provided technical support and services to department staff, research fellows and residency MDs.