SUMMARY

• Over 7 years of Information Security Implementation, Analysis and Enforcement.
• 10 years of cross - platform experience in systems administration, including analyzing, designing, installing, maintaining, and repairing hardware, software, peripherals, and networks.
• Superior troubleshooting and technical support abilities with migrations, network connectivity, creating and modify scripts and database applications.
• Develop exceptional relationships with clients, co-workers, management and end users.
• Excellent communication and problem solving skills. Fluent in English and Spanish.
• Maintained/Created Information Security programs of identifying malicious websites and blocking access to those sites.
• Maintained/Created Information Security programs for monitoring and updating corporate-owned web domains and web servers.
• Monitored internal control systems to ensure that appropriate access levels were maintained.
• Recommended, implemented and monitored policies and procedures for appropriate network security Incident Response.
• Assisted with development and delivery of internal Information Security trainings.
• Performed Forensic analysis of systems as required.
• Utilized traffic capture and analysis tools to help discover and mitigate infected systems.
• Performed the project manager role on security-related projects.
• Assessed and/or designed centralized user and configuration management systems.
• Performed and/or coordinated regular security assessments of existing or new infrastructures.
• Assisted in establishing practices and system configurations to ensure the safety of information systems assets and to protect information systems from intentional or inadvertent access or destruction.
• Identified, developed, and implemented mechanisms to detect security incidents in order to enhance compliance with and support of security standards and procedures in place.
• Conducted security risk assessments on new products and systems, periodic security risk assessments on existing systems and identified and/or recommended appropriate security countermeasures and best practices.
• Administered operating systems, hardware, and peripheral components.
• Maintain Web servers, file servers, firewalls, and directory services

TECHNICAL SKILLS

Scripts/Programming: Powershell, VBScript, Batch Script, Shell Scripting (Linux), Java, Ruby, Perl

Databases: Microsoft SQL Server, 2008, MySQL, Access

Software: Microsoft Office Suite 2000/2007/2010 , Veritas backup, Symantec End Point, Watchguard Firebox System Manager 8.0, Filezilla, Remote Desktop, PC Anywhere, VNCNetMeeting, Remotely Anywhere, Microsoft Virtual Machine, VMware WorkStationVMWARE ESX, Symantec Ghost, VirtualBox, Treezise, Microsoft Office, Symantec Endpoint Protection, RSA SecureID, RSA Envision, RSA Analytics, PaloAlto Next Gen Firewalls, SourceFire IDS/IPS, Metasploit Exploitation Framework, OpenVAS, NessusRapid7, Symantec SCCS, Wireshark, BackTrack Framework, OSSEC, IBM Security QRadar SIEM, Big Fix Tivoli End Point Manager, Fire Eye End Point, Sophos End Point Encryption Manager, AppRiver, Kaspersky End Point Security, CyberArk, Symantec DLP, Bradford NAC, Qradar 7.2, Imperva Secure Sphere, MacAfee EPO 5.3, Goverlan, SolarWinds, IBM VMS, Cylance, CheckPoint.

Hardware: IBM compatible PCs, APPLE, Mother Boards, Video & Sound Cards, Monitors, CD-ROM Drives, Memory, SATA/ESATA/IDE/EIDE/SCSI Hard Drives & other devices, SCSI Controller Cards, Tape Backup Drives, Optical, Raid, Drives, Scanners, Printers, Wireless Routers, Cisco Switches, Cisco Routers, SourceFire, Palo Alto, HP9000 Series, N-Class, rp7400 to rp8400 class servers rx3400 to rx5600 Servers/AIX 5.1, 5.2, 5.3,6.1,7.1, DELL and HP Blades Centers and Servers

O/S: Windows 3x/9x/NT/2000/XP/Vista/7/2000 Server/2003 Server/2008 Server2012 Server, UNIX, Linux, Solaris, IBM AIX, HP-UX 11/i, OSX, Back Track, Kali Linux, Samurai Web Testing Framework, Network Security Toolkit, BackBox, WeakNet, Ubuntu.

Networking: LAN/WAN, TCP/IP, IPX/SPX, NetBeui, WINS, DHCP, DNS, SMTP, POP3, FTP, TELNET, VPN, NAT, TFTP, RIP,SNMP,RAS, RIP, NNTP, SSL, NAT,OSPF

Routers: Cisco 831, 1861, 1720, 2621, 2811, 2850, 3640, 3745, 3845

Switches: Cisco 1900, 2900, 2950, 3000, 3548, 3560, 3750, 6509

PROFESSIONAL EXPERIENCE

Confidential, FL

Network Security Engineer

Responsibilities:

• Managed and supported Firewalls, IDS, SIM, Security Auditing / Vulnerability Scanning, Anti-virus, End-Point Security, NAC, Privileged Account Security and others. (SME for assigned applications)
• Reviewed and validated service management tickets (e.g., incident, change requests, IT Security inbox) assigned to Information Security; ensuring tickets were routed to appropriate IT Security/Operations personnel. Ensure timely processing of tickets in the Information Security queue, maintaining minimal-to-no tickets in the at end of each week.
• Maintained Coverage of devices by security tools.
• Performed risk analysis, vulnerability assessment external facing apps(web) and perimeter
• Monitored network perimeter for suspicious traffic or events
• Correlated, analyzed, and escalated information security related events and alarms using security event management tools and following best practices.
• Coordinated remedial measures for security events, incident and vulnerabilities.
• Supported / coordinated vulnerability management services for the organization.
• Provided backup / support for business continuity service
• Evaluated new and emerging security products and technologies; making recommendations to senior IT leadership concerning adoption of new technologies to the enterprise environment.
• Proposed and implemented network Access Control (Bradford Networks)
• Assessed and implemented Privileged Account Security (CyberArk)
• Assessed and surveyed non-productive Qradar implementation and upgraded to correct size according to licensing, network traffic and storage needs.
• Managed, Reconfigured and tuned Qradar to functional productive levels
• Prepared status reports, technical diagrams, and flowcharts.
• Documented and maintained IT Security ops manuals and procedures.

Environment: Check Points, Rapid7, Fire Eye, CyberArk, Symantec DLP, Bradford NAC, Qradar 7.2, Sophos Safeguard 7.0, Imperva Secure Sphere, MacAfee EPO 5.3, Tivoli, Goverlan, SolarWind, IBM VMS, Cylance

Confidential, CA,FL

Senior Threat Analyst/Splunk Content Dev

Responsibilities:

• Involved in cutting edge deployment of Splunk enterprise security
• Created use cases with Splunk for a wide arrange of security tools and company wide applications
• Reviewed global NIDS, firewall, and log correlation tools for potential threats (Splunk)
• Documented and conformed to processes related to security monitoring
• Created and collaborated computer security incident response activities
• Advanced malware analysis with a wide arrange of tools, including: worms, viruses, Trojans, rootkits and bots through Splunk
• Researched and identified key indicators of malicious activities on the network and end user workstations (Splunk)
• Worked and collaborated with the security operations center (SOC) environment on vulnerability and threat assessment/management
• Handled high pressure situations in a productive and professional manner

Environment: Not Disclosing Environment details as per employers request (Example of tools like Palo Alto, Qualys, Fire Eye, sinkhole etc, over 53 different tools and security appliances)

Confidential, FL

Information Security Analyst

Responsibilities:

• Achieved SOX/PCI compliance, with (0) material findings.
• Ensured daily Identity Management procedures were appropriately ran to remove access from terminated employees. Maintained (0) deviation of active user accounts on managed applications/databases against active employees in HR Management System.
• Protected Spirit enterprise against the most basic information security threats. Made sure all endpoints were included within Tivoli Endpoint Manager and Kaspersky Endpoint Protection, properly running, and up-to-date.
• Maintained Coverage of devices by security tools in the range of 94 percent to 99 percent (goal was set to 100%).
• Effectuated Network scans in regular intervals to see if coverage was slipping or holding steady.
• Coordinated with IT Operations to ensure effective patch management practices were being performed on the organizations information systems and provided IT Management with patch management compliant report with patch release levels on enterprise servers and workstations.
• Evaluated new and emerging security products and technologies; making recommendations to senior IT leadership concerning adoption of new technologies to the enterprise environment.
• Reviewed and validated service management tickets (e.g., OTRS, incident, change requests, IT Security inbox) assigned to Information Security; ensuring tickets were routed to appropriate IT Security/Operations personnel. Ensure timely processing of OTRS tickets in the Information Security/SAP Security & GRC queue, maintaining minimal-to-no tickets in the at end of each week.
• Managed vulnerability management program to ensure corporate information system infrastructure was protected from external and internal threats. Addressed and mitigated all high and medium risks which were identified through scheduled vulnerability scans and penetration tests.
• Coordinated facilitation of internal and external audits for the organization and provided management direction as to how to remediate action items related to information security. Effectively managed internal and external auditor requests for applicable PBC/testing evidence in a timely fashion, assist in driving efficient and effective SOX-ITGC/PCI audits.
• Handled issues by opening tickets with vendors such as Kaspersky, RSA or Sophos and followed up from time to time at log collection requests or any other requests made by the vendor.

Environment: Windows XP/Vista/7/2003 Server/2008 Server/2012 Server, UNIX, Red Hat Linux, Symantec Endpoint Protection, RSA SecureID, Wireshark, BackTrack Framework, OSSEC, IBM Security QRadar SIEM, Big Fix Tivoli End point Manager, Fire Eye End Point, Sophos End Point Encryption Manager, AppRiver, Kaspersky End Point Security.

Confidential, FL

Information Security Analyst

Responsibilities:

• Achieved SOX/PCI and GLBA compliance, with (0) material findings.
• Ensured daily Identity Management procedures were appropriately ran to remove access from terminated employees. Maintained (0) deviation of active user accounts on managed applications/databases against active employees in HR Management System.
• Coordinated facilitation of internal and external audits for the organization and provided management direction as to how to remediate action items related to information security. Effectively managed internal and external auditor requests for applicable PBC/testing evidence in a timely fashion, assist in driving efficient and effective SOX-ITGC/PCI audits.
• Monitored security logs of windows/Unix environment, network infrastructure and security devices including firewalls, Intrusion Detection Devices and routers/switches performed in a consistent manner for regulatory requirements (RSA Envision Log Management Platform)
• Monitored logs of Linux Servers (SFTP)
• Performed information security risk analysis, vulnerability assessment on internal environments
• Performed risk analysis, vulnerability assessment external facing apps(web) and perimeter
• Performed penetration testing forensic analysis, and regulatory compliance assessment leveraging from tools like Backtrack R5, Kali Linux, Snort, RSA Envision, Rapid7, Encase etc.
• Supported products including SourceFire IPS/IDS, RSA EnVision, PaloAlto Application Firewall, Symantec EndPoint, Symantec SCCS and Rapid7.
• Monitored network perimeter for suspicious traffic or events; compiled and validated statistical data from logging tools in a timely manner; fused threat and vulnerability information with data collected across the enterprise.
• Correlated, analyzed, and escalated information security related events and alarms using security event management tools and following best practices.
• Performed investigations of suspicious events or incidents.
• Examined data from multiple sources including but not limited to those captured by network monitoring devices to determine methods through which attackers may compromise the system integrity or confidentiality.
• Used a variety of tools and operating systems including various penetration testing proprietary
• Frameworks (Core Impact) and distributions(Linux) to examine and/or process the contents of network data streams and correlation data.
• Assisted in assessing, piloting and testing new security tools and applications (RSA Security Analytics)
• Continuously Assessed and reconfigured tools in place to meet with the best practices and to adjust to the new security trends including tools like RSA Envision creating new correlations, alarms and reports, SourceFire Snort, PALO ALTO next Gen Firewall etc.
• Prepared and delivered incident and root cause analysis reports and summaries with a high level of technical accuracy; explained technical concepts to non-technical audience.
• Prepared status reports, technical diagrams, and flowcharts.
• Remained current with security incident response trends such as: vulnerabilities, exploits, and their countermeasures; incident response processes and tools.

Environment: Active Directory, Batch Scripts, VB Scripts, Metasploit Exploitation Framework, Backtrack(Linux), Kali(Linux), Core Impact, Encase, Autopsy Forensics Suite, Source Fire IDS/IPS, RSA Envision SIEM, RSA Analitycs, Symantec SCCS, Rapid 7, Palo Alto Application Firewall, Symantec End Point.

Confidential, NY

Security Administrator

Responsibilities:

• Created Global groups and Computers in Active Directory.
• Users’ accounts administration in Active Directory.
• Created and modified batch scripts and VB scripts to automate administrative tasks.
• NAS Volumes Data Administration.
• Configured remote access and Security policies.
• Maintained and performed IOS upgrades and migration schedule complying with Change Control Procedures.
• Migrated Data and Applications Profiles for more than 3,000 users.
• Notified computers applications with HP OVCM.
• Created application services with HP OVCM.
• Associated application groups and services with OVCM.
• Created Scripts with Powershell and visual studio 2008 Express.
• Supported products including Linux, Solaris, AIX, SCO OpenServer, UnixWare, PacketSeeker, PacketShaper, PacketShaper Xpress, WatchGuard Firebox and other firewalls, SonicWALL firewalls, SafeWord PremierAccess, Citrix MetaFrame, ThinPrint, Expand Accelerator, Sidewinder Firewall, Postfix, BIND (DNS), SSH, IPsec Virtual Private Networks (VPNs), iptables (Netfilter), Apache, VNC, and various thin client and X terminal devices.
• Performed Administration, software installation, upgrades/patches, troubleshooting, and maintenance on UNIX/LINUX servers.
• Performed capacity planning, including allocating storage, providing hardware and software redundancy, and planning future expansion requirements for Disaster Recovery Testing.
• Oversaw tuning and performance monitoring for UNIX/Linux workstations, servers, and peripherals.
• Performed information security risk analysis, vulnerability assessment on internal and external environments, penetration testing, and regulatory compliance assessment service and Developed remediation strategies in response to assessment results.
• Monitored security logs of windows environment, network infrastructure and security devices including firewalls, Intrusion Detection Devices and routers/switches performed in a consistent manner for regulatory requirements (RSA ENVISION).

Environment: RSA ENVISION, Citrix Presentation Server 4.5 (XenApp Server), VMware, vSphere 4, Microsoft Virtual Machine, Active Directory, DHCP Server, DNS, Server, HP OVCM, Linux, Solaris, AIX, SCO OpenServer, PowerShell, Batch Scripts, VB Scripts, Access Database, Back Track, Samurai Web Testing Framework, Network Security Toolkit, BackBox, WeakNet, Java, Ruby, Perl, MySQL, Access. Servers/AIX 5.2, 5.3, 6.1 e- servers/Solaris Sparc 8 s, DELL and HP Blades Centers and Servers

Confidential, NY

Senior Operations Manager

Responsibilities:

• Managed daily operations adhering to company policies and procedures.
• Directed sales & marketing of site and made suggestions geared towards customer retention and increasing profitability.
• Oversaw employee assistance of clientele, produced daily reports on client retention & assistance.
• Assisted with team recruitment, hiring, training, and developing an effective sales staff, providing regular feedback and taking disciplinary action as needed.
• Provided on-site customer support and diagnosed problems. Repaired defects in microcomputers and related equipment (all peripherals) at both motherboard and component level.
• Maintained store inventory
• Prepared estimates of labor and materials costs for proposed projects and layout work.
• Sustained proper documentation of expenses including vendor invoice/receipts, shipment records, parts inventory and expense reports.

Confidential, NY

Field Technician

Responsibilities:

• Implementation of network infrastructure in over 600 public schools in the 5 boroughs of New York City.
• Implementation of network infrastructure including Cisco 6509 IOS upgrade, SUP32 and NAM2 upgrade, Access Point LWAPP implementation, installation of WLC 4404 Wireless Controllers, 3845 routers, 3560 and 3750 switches, and PIX 525 and ASA 5510 firewalls.
• Upgrade of Autonomous Access Points to Light Weight.
• Verified and updated network design plans and floor plans. Verified drop numbers, fiber runs, patch panel numbers and face plate IDs.
• Tested and verified fiber runs between MDF and IDFs. Rack and stack of equipment in the MDF and IDFs.
• Worked with MS Office suite including MS Project and Visio. Verified AP locations in the MS PowerPoint floor plans, verified proper AP spacing, tested AP signal strengths and cell coverage, channel selections, conducted site surveys, conducted wireless surveys, wireless signal analysis, documentation, etc.
• Interfaced with Public School principals and technical coordinators.

Environment: Cisco 3550 WR Switches, Cisco 3800 Routers, Cisco 3550 PWR Switches, Cisco 3800 Routers, Cisco 1200 Series Access Points, DHCP, Windows 2003, Linux

Confidential, NY

Security Operations Analyst

Responsibilities:

• Monitored network perimeter for suspicious traffic or events; compiled and validated statistical data from logging tools in a timely manner; fused threat and vulnerability information with data collected across the enterprise.
• Correlated, analyzed, and escalated information security related events and alarms using security event management tools and following best practices.
• Performed investigations of suspicious events or incidents.
• Assisted in the development of a more robust and effective monitoring and intrusion response capability within the organization.
• Provided reports to leadership on the status of the environment and metrics surrounding events and incidents.
• Maintained security components functioning optimally.
• Evaluated and assessed that monitoring and intrusion response policies were followed.
• Collaborated with security architectures, engineering and network operations to ensure effective monitoring and intrusion response was implemented for all system environments.
• Worked closely w/ 3rd parties to ensure rapid mitigation of any incidents.
• Worked closely w/ 3rd parties to ensure incident response plans were up to date and were effectively utilized and monitored.
• Examined data from multiple sources including but not limited to those captured by network monitoring devices to determine methods through which attackers may compromise the system integrity or confidentiality.
• Used a variety of tools and operating systems to examine and/or process the contents of network data streams and correlation data.
• Assisted in piloting and testing new security tools and applications and assessed their applicability to the team’s operational capability.
• Supported the daily coordination and remediation of incidents with senior management, peer security analysts, and various stakeholders.
• Prepared and delivered incident and root cause analysis reports and summaries with a high level of technical accuracy; explained technical concepts to non-technical audience.
• Remained current with security incident response trends such as: vulnerabilities, exploits, and their countermeasures; incident response processes and tools.

Environment: Active Directory, DHCP Server, DNS, Server, VPN, HP OVCM, AIX, HP- UX, Batch Scripts, VB Scripts, Metasploit Exploitation Framework, Nessus, Backtrack, PHLAK, L.A.S, HELIX Linux, Solaris, Perl, Java, Ruby.

Confidential

Network Administrator

Responsibilities:

• Managed broad range of installation, upgrade, roll-out, and troubleshooting projects for Windows- based networks, with focus on computer/network systems
• Provided telephone/email support to over 25-30 users daily on multiple contracts
• Provided support for users having problems connecting to the network externally to the office using VPN.
• Troubleshot connectivity issues within and outside the office for both wired and wireless connections
• Troubleshot Win XP, Office XP, Mac issues
• Configured and used active directory.
• Responsible for network drives mapping and printer mapping
• Troubleshot Pc hardware and peripherals.
• Mapped network drives
• Installed and configured connectivity applications Netscape, Norton antivirus, Microsoft Office, OBDC

Environment: Active Directory, VPN, Office XP, Netscape, Norton Antivirus, MS Office, OBDC, Mac, Windows XP, SOLARIS, LINUX