We provide IT Staff Augmentation Services!

Security Engineer Resume

4.00/5 (Submit Your Rating)

PROFESSIONAL EXPERIENCE

Confidential

Security Engineer

Responsibilities:

  • Assist the Director in managing the overall posture of the security program and raising the CMMC over one full point in 6 months
  • Project and technical lead for all Network Monitoring solutions and Privilege Access Management tools
  • Develop security guidelines for implementation and audit review for our e - Commerce platform
  • Work with upper management and product managers to develop secure implementations plan for company acquisitions
  • Manage vulnerability managed program including Pen Test mitigation to reduce vulnerability risk to Enterprise systems
  • Develop secure DevOps guidelines using Agile project management to help product teams securely implement and develop internal and customer facing applications
  • Informally manage and mentor the Security Analyst personnel
  • Managed the ISO 27001/2 Policy and Standards creation for the organization in the first six months of hire

Confidential

Network Security Engineer

Responsibilities:

  • Project lead for several large initiatives to include SIEM, corporate Multifactor Authentication, Network Security Monitoring, Firewall conversion, Web Content Filtering, and other smaller tasks
  • Daily monitoring of SIEM notifications, firewall & ID/PS log events
  • Project lead on writing SOW for the enterprise cloud initiative overseeing leads of each IT Operations team
  • Worked with team members to be interviewed for annual NCUA audit to ensure no major findings were incurred
  • Process implementation for Network Infrastructure, Workstation, and Server hardening using DoD STIGs and CIS hardening guides
  • Key evaluator of new technologies implemented by business units and IT Operations for security gap analysis
  • Mentored several lower level security and IT Operations personnel to further positions inside and outside of the company
  • In support of VP of IT Infrastructure, worked with Network Operations to lead and revamp infrastructure configurations to securely stabilize network communications between data centers and branches.

Confidential

Cybersecurity Engineer

Responsibilities:

  • Security review and administration of security controls to Incident Response tools suite including CentOS 7.x, Windows 10, web application servers, and other open source tools such as ELK, Apache Kafka, and others
  • Contract lead to develop training plans for multiple roles within DoD Enterprise Operation Centers
  • Courseware development for multiple network security monitoring tools such as Bro, Argus, and Fidelis
  • Project lead for basic and advanced network intrusion detection courses provided to the DoD supporting agencies
  • Product analysis for new DISA Learning Management System for e-Learning and online training
  • Instructed on the use of vulnerability scanning using Tenable Nessus/Security Center and nmap to DoD agencies
  • Provided subject matter expertise to DoD and commercial customers regarding Network Infrastructure Device Hardening, Security Architecture, DMZs, and other policy-related documents
  • Worked with DoD services and supporting agencies to determine security controls relative to their organizational needs through technical and architectural analysis
  • Performed quarterly maintenance for all Network Infrastructure, DMZ, Enclave, KVM, SAN, MFD, Secure Remote Computing, and Removable Storage and External Connections security guidelines
  • Developed publicly available Security Technical Implementation Guidance (STIGs), which includes requirements for device hardening, architectural needs, and policy in unclassified and classified networks
  • Lead the revision of DoD cyber security policy, system engineering plans, and concepts of operations to include alternative mitigation techniques to meet business cases presented by outside customers
  • Participates in numerous working groups for current and future development of DoD network infrastructure and architectural security initiatives
  • Collaborates with certification and accreditation review teams and auditors to help clarify and determine applicability of STIG requirements during assessments for certification and accreditation purposes

Confidential

Information Services Administrator

Responsibilities:

  • Managed day-to-day operations of IT department including but not limited to help-desk, network and system engineering, security, troubleshooting, and business procurement
  • Designed and implemented a centralized patch management system for the network
  • Maintained network perimeter defense solutions such as firewalls, email & web security gateways, and intrusion detection and prevention solutions
  • Negotiated and managed voice and data service contracts with outside vendors and saved over $30,000 a year
  • Implemented virtual servers using VMware ESXi solutions
  • Engineered and implemented VPN IP Phone solution for virtual users
  • Configured and programmed Avaya IP Office 500 PBX and Voicemail Pro Server
  • Implemented and maintained Blackberry MDM solutions
  • Designed and deployed centralized antivirus and host intrusion prevent solutions using Kaspersky product

Confidential

IT Manager

Responsibilities:

  • Led the negotiation of software maintenance contracts with outside vendors and saved an average of ten percent annually
  • Reduced communication costs by bidding out Internet and telephony services saving $8,000 per year over three years
  • Provided continued maintenance and development of bug fixes and patch sets for existing web applications.
  • Co-managed materials resource planning (MRP) software implementation of Epicor Vantage
  • Created custom Crystal reports for the MRP software package
  • Implemented and administered Symantec Backup Exec and End Point Security solutions
  • Upgraded network infrastructure

We'd love your feedback!