- Senior Information Technology Professional, with 18 years of experience and an extremely diverse background. My core competencies range from Production UNIX systems administration, engineering, networking, UNIX and windows systems security, compromise investigation, analysis, cleaning and recovery as well as in depth troubleshooting of various listed technologies in production environments.
- I am an experienced SAN administrator as well. My latest role is as a Senior Consultant of a full stack mixed UNIX and Windows network focusing on IDAM and SSO utilizing Centrify, Active Directory while performing systems administration and architect duties as well with a security minded least privilege approach.
- Responsible for IDAM/SSO user provisioning, troubleshooting, and engineering with the FDA AD team and FDA IDAM/ICAM.
- Centrify Direct Control troubleshooting, administration and access management across the FDA environment for both Windows and various flavors of Linux and UNIX.
- Privileged identity management support and implementation.
- Worked on process improvement of the provisioning and access management procedures with regards to policy, standards and regulation.
- UNIX and Windows system administration, troubleshooting and management.
- Assisted in the design and review of the CyberArk environment provided technical expertise in the architecture, and security at various layers of the application from OS level to network and routing.
- Monitored the IDAM Centrify team ticket queue for incidents, provisioning tickets, escalations, and engaged appropriate teams for work requiring collaboration.
Senior Cloud Engineer
- Responsible for the day to day log monitoring and other activities of production cloud VMWare, Solaris, Windows 2012, and Linux environment with Oracle, WebLogic and various applications, scripting and automating tasks, etc.
- Responsible for Cisco switches, Cisco ASA devices, IDS/IPS firewall, routing hardware and infrastructure in office as well as physical and remote maintenance of a remote colocation stack.
- Managed Patching, hardware, software, Solaris 10 - 11.x, VMware, Windows 2003 - 2012 server, AD DNS and BIND etc.
- Planned and began a Centrify integration for SSO and UNIX/Linux AD integration with permissions and authentication.
- Cared for EMC VNX, EMC CX-3 SAN arrays with EMC Powerpath for Solaris, VMWare, windows clients.
- Switching matrix, physical colocation cages, wiring, routing, tagging.
- Performed all security related functions from threat assessment to incident response, forensics, analysis, planning, and SIEM.
- Managed remote teams and two networks.
- Planned a production cloud network migration from one colocation to another.
- Executed and planned Sparc64 Solaris 10/11.x to RHEL 6/7 migrations for production and development cloud applications.
- Provided storage, Intel and Sparc hardware, network, and routing support for the entire enterprise office and production colocation facility.
- BIND/AD Split DNS management for cloud, and entire enterprise.
- Managed RHEL/Solaris network in 3 locations.
- Managed security scans, vulnerability scans
- Provided guidance and solutions for PCI Compliance requirements
- Began making an undocumented network PCI compliant with assessors
- Clear consistent communication, organizing and planning as well as documenting of the network at all layers.
Senior Security Analyst
- Responsible for deep packet inspection and live event analysis & data inspection of customer network events from various IDS/IPS, UNIX/Windows Servers, as well as various network devices as well as live external internet threats. Also responsible for correlation of events between devices on various client network configurations in many different industries.
- Managed and updated customer infrastructure, IPS/IDS signature updates, firewall rule sets on IDS/IPS devices (Cisco IDS, ISS Site protector, Dell iSensor).
- Responsible for administration and security of external Linux servers used to download, analyze & inspect malware, 0-day exploits, connect to hostile hosts for reconnaissance and other extremely high-risk behaviors required by position.
- Familiar with various attacks, Local file inclusion, remote file inclusion, cross site scripting, distributed denial of service.
- Managed security incidents from start to finish through Remedy ticketing for thousands of clients.
- Provided excellent customer service on a live phone queue as well as ticket queue for Dell proprietary IPS/IDS devices built on Linux technology using snort, iptables and other open source/UNIX/Linux technology.
- Responsible for writing custom rules using Java, and Posix regular expressions to automatically handle certain network events from clients and take appropriate automated actions through above technology through a custom proprietary SIEM interface .
- Guided clients to proper methodology & practice in securing their network devices, appliances, and hosts in order to protect from future events/compromise as well as remediation during attacks and incident response guidance.
- Accountable for troubleshooting customer IPS/IDS/firewall devices based on POSIX/UNIX operating systems live in extremely diverse operating environments and configurations, as well as troubleshooting TCP/IP routing, filtering and firewalling with high level TCP/IP knowledge for 3000+ clients, many fortune 500/1000.
- SIEM with various different products.
UNIX & Windows Security Consultant
- UNIX & Windows systems security: hardening and provisioning. Collaborated with and guided the UNIX & Windows teams in order to adhere to security best practices.
- Consulted on: Solutions for automated jobs between UNIX/Windows hosts, including planning and provisioning of secure data transfers between hosts for automated jobs,
- Centrify Direct Control: Assisted with the implementation of a custom secure shell using Centrify to lock down user account access, with regular expressions and glob patterns.
- UNIX & Windows Active Directory Integration: Rolled out and deployed Centrify to AIX, Solaris & Linux servers in Production/Qual environments to simplify and secure user provisioning and access/auditing. AIX, Solaris and Linux were integrated with active directory in order to provide fine grained access control and move towards a single sign on environment.
- Created reports for internal audit on user access, and granularity of access to sensitive data, and hosts.
- Power Broker: Provisioned, and modified Power Broker policies on a least permissive basis, enabling audited root level access on various hosts enterprise wide.
- Responsible for troubleshooting complex UNIX applications, TCP/IP (Standard tools and TCPdump), and a multitude of other issues impacting business operations data, as well as security on Solaris/AIX hosts that handled live financial data.