SUMMARY:

• Self - motivated hands on security enginer, with more than Seventeen years of in-depth experience in the planning, implementation and management of a vast number of networking technologies and cyber security practices. Respected leader, able to develop team members, create harmonious work environments and maintain team cohesiveness in rapidly changing stressful environments. Routinely collaborates with departments within organizations to implement security programs. Recognized abilities of verbal and written communication, when conveying complex Information Technology and Cyber Security concepts to different levels of management and personnel. Taught over 1000 hours of various Information Technology disciplines.

­

TECHNICAL SKILLS:

Operating Systems: Windows Server (2X), Workstation (XP, Windows 7,8,10), VMWare Vsphere 5.x, NetApp DataONTAP (8.0 7-mode), Cisco IOS (12.x)

LAN/WAN: TCP/IP, VPN (Cisco Virtual Office, Anyconnect), Juniper (SSL Gateway)TCP/IP, IP Routing, EIGRP, BGPv4, ISL/802.1Q, Spanning-Tree (802.1D/S/W), multi-layer switching, SAN/NAS Storage Administration, CIFS and iSCSI, Public Key Infrastructure

Hardware: NetApp FAS270/2000-Series Filers, Dell (PowerEdge 2950/R600 Series) and IBM 3650 Servers, Xirrus wireless access point, Harris, Secnet 54 radio module

Software Frameworks/Compliance: Symantec Endpoint Protection Suite, Gemalto MyID, Retina Network security scanner, Wire shark, Windows Server Update Service (WSUS), SolarWinds Network Performance Monitor, Network Applications Monitor

PROFESSIONAL EXPERIENCE:

Senior Network/Security Engineer

Confidential, New York, NY

• Administer and support the infrastructure and client components of the Endpoint Protection for over 30 K clients nationwide (Windows, IOS, Linux)
• Technical lead on End-Point Protection infrastructure refresh projects, including coordination of Windows Server build, Database integration, and End-Point Protection software testing, build and implementation.
• Manage endpoint, anti-malware detection, intrusion detection, prevention systems, firewalls and Data Lost Prevention (DLP)
• Support implementation and operation of security/risk management frame works life cycles including implementation and verification of technical security controls to continuously improve the organization’s security posture.
• Support preparation, during and post audit activities for Sarbanes Oxley, and various yearly audits, by coordinating and supporting external and internal penetration testing teams with logistical support
• Provide evidence and explanations on technical and non-technical cyber security controls and post audit activities, to include remediation, exception, POAM plans and coordination with several vendors for remediation support
• Vendor Liaison, responsible for opening/tracking product enhancement and technical assistance request. Compiling vendor scorecard data. Analysis of vendor roadmap options. Remediate vulnerabilities in vendor supported software.
• Administer and support the Public Key Infrastructure and two factor authentication related services
• Provide Tier 3 Support for Cisco Anyconnect and Cisco Virtual office, Virtual Private Network clients and infrastructure including Cisco Adaptive Security Appliance (ASA), Identity Service Engine (ICE) and Wireless Controller (WLC)
• Lead troubleshooting efforts with vendors and Federal Reserve personnel across multiple sites across the United States
• Maintain up to date awareness of current global security events

Network\Security manager, advanced network technologies instructor

Confidential, Twentynine Palms, CA

• Implemented McAfee Data loss prevention, Host Intrusion Prevention System, Anti-Virus/spyware, Firewall and Rouge System detection
• Vulnerability remediation and Network/Host Operating System hardening utilizing Windows Server update Service
• Operated Network Vulnerability scanning with Retina Network security scanner
• Enforced Department of Defense policy on computer network defense and cyber security control measures, to include defensive measures to protect and defend information, computers and networks from disruption, denial degradation or destruction
• Routinely practiced Defense in Depth principals, by operating and maintaining Administrative controls such as account access request, Physical controls such as closed circuit TV, Technical controls such as directory services and logical network segregation Virtual Local Area Networks (VLAN)
• Maintained Microsoft Server 2K8 Active Directory architecture and administered DNS, DHCP
• Over 1000 hour of entry level and advanced level instruction of network fundamentals, Cisco and Microsoft technologies to over 400 students

Classified network manager\Technical advisor

Confidential, CA

• Supervised 25 (Civilian and Military) technicians and was responsible for the accountability, mentoring, professional growth and written performance appraisals
• Developed and implemented vulnerability mitigation procedures that include, acknowledging Information Assurance vulnerabilities alerts in accordance with Marine Corps Enterprise Network (MCEN) standards. Applying patching and mitigation processes on test sub network and production network
• Assessed network infrastructure for vulnerabilities with Retina Network security scanner and tracked compliance with directed mitigation timelines
• Served as the technical adviser to the Information Assurance Manager and ensure the overall security of both classified and unclassified garrison networks
• Ensured devices were configured according to requirements and regulations within the Defense Information System Agency provided Security Technical Implementation Guides (STIG).
• Implemented switch port security to improve security posture and mitigate rouge device vulnerability
• Implemented Enhanced Inter Gateway Routing Protocol (EIGRP) Router authentication across base network
• Implemented Secure Shell (SSH) remote access of all Cisco Layer 2 & 3 Device to comply with remote access policy
• Maintained Network consisting of 5000 users and 3000 workstations (WinXP/Win7)
• Launched domain improvement project which created multiple active directory sites over a campus network. End users experienced a %50 improvement in login times and file access
• Succeeded in Improving communication between higher headquarters and subordinate units by conducting weekly meetings that provided insight into the network infrastructure, best practice information and network trends
• Provided executive level network status briefing to the command staff consisting of general officers
• Conducted, coordinated and lead virtual private networks, LAN\WAN\TCP-IP Trouble shooting with Local, remote and regional network operations centers.

Joint Communications Task Force Lead

Confidential

• Assembled a 14 person mobile communication teams consisting of information technology, satellite, analog phone, electrician, electronics repair and multiplexing technicians, which provided rapid mobile communications across multiple rapidly changing and stressful environments in the United States, Kuwait and Iraq
• Maintained Accountability and ensured operability of $2.5 M worth of communications equipment, while moving from the West coast of the United States, aboard a naval vessel, at multiple locations in Iraq
• Created and implemented communications compound physical security plan to secure $2.5 M worth of communications equipment
• Minimized oversized network infrastructure hardware equipment by 30%. Combined router, switching, server and cryptographic equipment into a single hardware suite
• Planned, installed and maintained Windows Server 2003 R2 domain infrastructure and administered DNS, DHCP and exchange services to over 500 users on classified and unclassified networks
• Determined user requirements and available network bandwidth. Planed, designed and managed local and wide area networks
• Conceptualized and implemented a VMWARE data center and NETAPP FAS270 storage infrastructure which reduced power consumption by 50% and increased data center availability to 99.999%