EXPERIENCE

Confidential

Data Security Tester Analyst

• Conducted security testing for systems, routers, switches, web servers, databases, wireless access points, network traffic data, and other devices.
• Utilized tools Nessus, App Detective, Burp Suite, AppScan, Wireshark, Putty, Nipper, NMap, and NetSurveyor to detect OWASP related vulnerabilities including SQL injection, Cross-Site Scripting, configuration weaknesses, and etc.
• Delivered test reports of vulnerability findings, severity levels, potential threats, and security recommendations based on NIST SP 800-53.
• Assessed existing baseline policies, system security plans, recommend improvements and implement recommendations in collaboration with program managers.
• Identified existing organizational IT security weaknesses, including personnel controls, training, incident and emergency response, configuration management, logical security controls, physical security controls, operational security and integrity of software applications and data for customer engagements.
• Conducted audits or reviews to recertify based on security safeguards and identified vulnerabilities that could impair security of sensitive data or valuable resources for clients.
• Tested on operating systems Windows Server, Windows 7, MS SQL, Linux, Oracle database, and etc.

Confidential

IT Security Consultant

• Performed Certification Accreditation under FIPS 199, NIST 800-53, 800-37, DIACAP, FIPS 140-2, contingency test for client network, and security best practices.
• Provided analysis on security tools including Nessus, App Detective, AppScan, Web Inspect, and WebSense to configure vulnerability analysis and filtering.
• Management with security team and developers on POAM findings, status, and remediation using Cyber Security Assessment and Management CSAM .
• Developed policies and procedures for investigation and response to malware and other incidents on the network.
• Network security tasks include analyzing incidents, threats, logs, continuous monitoring, and configurations via IDS to determine operational impact, intent, and advisory capability. Produced briefings, findings, deliverables, and recommendations based on industry best practices to customer.
• Assisted cloud services provider in C A, systems security plan and design, and scanned systems for security compliance with authentication, integrity, availability, and vulnerability management.
• Provided training for incident response, business continuity planning, and contributed to deliverables including SSPs, contingency testing, assessments, continuous monitoring, POAMs, etc.

Confidential

Security Architect

• Supported multiple clients using various IA services including: DIACAP Certification and Accreditation, NIST, FIPS 140-2, Sarbanes-Oxley, PCI, STIGs, Cloud services, Security Testing and evaluation ST E for technical, operational, and management security controls, security architecture and engineering services, risk and threat assessment engagements, firewall configuration, operational security configuration, vulnerability, and patch management and general IA consulting services and contract proposals.
• Performed engineering tasks in creating firewall rule change requests and gathering ports, protocols, source/destination IP addresses to allow client firewall connectivity throughout the DHS client network. Performed vulnerability scans based on network ports and protocols.
• Provided firewall rule change configurations, RFCs, contributed to change control board meetings regarding network infrastructure and design approval. Performed risk assessment and POAM management based on NIST security controls.
• Troubleshoot operational tasks involving PKI web certificates, Virtualization, patch management, IDS/IPS for malware monitoring, detection, and mitigation, Cisco ASA 8500 security appliances, Wireshark, Nessus scanner, and Remedy tools. Presented at Architectural Review Boards on IT products App Detective, Web Inspect, Symantec EndPoint Protection, ArcSight for client approval.
• Managed internal proposal effort as Solutions Lead for security architecture tasks, model design, DIACAP, and information assurance documentation for RFP proposals with DISA, DHS, and Air Force clients.
• Applied change controls based on NIST security requirements. Supported customer database of logs, artifacts, PKI certificate updates, documentation, and emails for both internal and external audits based on Sarbanes-Oxley SOX and PCI-DSS compliance.

Confidential

Senior Security Engineer

• Analyze customer's Information Assurance IA needs from the Enterprise perspective. Review and determine applicable IA requirements, develop Enterprise-level IA technical solutions and trades.
• Provided IA support to Enterprise security capabilities are in compliance with DCID 6/3, DOD, NIST, and other government regulations.
• Reviewed security documents and provided input for POAMs, architecture design, RFC requests, and Certification Accreditation C A .
• Analyzed and/or created work deliverables such as security reviews, security architecture diagrams, Security Requirements Traceability Matrices SRTM , project security milestones, and other related security documents. Evaluate change, release, and Configuration Management practices to ensure that all modifications made are adequately controlled.
• Evaluate network infrastructure security to ensure confidentiality, integrity, availability and authorization of the network and information transmitted. Performed independent research, and use analytical skills to provide mitigation strategies, and provide input to policy development. Created governance compliance database in reference to NIST 800-53/800-37 security controls, FIPS- 199, FISMA, DIACAP, DCID 6/9, ISO, and Contingency plan testing.
• Worked with the Human Health Resources to meet compliance under HIPAA standards and security best practices. Provided daily reports on trouble tickets, escalations, and performed audits based on SLA and contract agreement with HHS.

Confidential

Senior Cross Domain Security Engineer

• Provided security support using IA knowledge, implementation, and technical operation of DISA Cross Domain Solutions. Provided subject matter expertise including status charts and documentation on DISA operations and enterprise architecture.
• Applied customer needs into security requirements based on security policy and DISA STIG guidelines. Provided documentation and implementation of Solaris security architecture and design.
• Project management regarding field clients, configuration management, Data at Rest, and client connectivity challenges for the purpose of establishing infrastructure solutions. Provided leadership in security status meetings with management, clients, and engineers regarding client connectivity, network monitoring, firewalls, security testing and evaluation, and upgrade migration.
• Worked in integrated security lab to create client accounts, perform metric tests, configure port settings, and data flow traffic to network using Single Point Access server. Provided guidance to customer liaisons, program/technical managers, and operations engineers regarding service connectivity, troubleshooting, and security requirements.
• Performed data auditing and filtering functions using TDX and Radiant Mercury filter guards.
• Used security tools Retina scanner, Syslog, and Wireshark. Analyzed and implemented security solutions based on knowledge of IA products and services to mitigate IA vulnerabilities.
• Resolved RFCs and IAVA alerts for vulnerabilities/risks and applied equipment security patches and upgrades to ensure integrity. Supported transition of client network connections for rollout migration upgrade.
• Performed audit and filter functions for data using TDX and Radiant Mercury Guards.

Confidential

Network and Malware Engineer

• Malware Engineer: Duties include reverse engineering and malware analysis. Tools used include Sourcefire IDS, Wireshark, IDA Pro, OllyDbg, ArcSight, Metasploit, and Immunity. Tasks include monitoring, detecting, analyzing, and resolving SPAM, network anomalies, unauthorized activities, web data traffic, malware, and viruses. Presented forensic reports and mitigation findings to customer meetings. Performed penetration testing and fixes for analysis, verification, and ethical hacking.
• Network Engineer: Traveled to CONUS/OCONUS customer sites to lead network hardware and software installation per network infrastructure. Configured Cisco routers and switches, HP printers, Dell servers, and PC workstations to establish network connectivity. Terminated and installed Ethernet, serial, and fiber optic cables for hardware functionality. Audited inventory and installed hardware for equipment racks. Migrated user accounts from Windows NT to Windows XP. Created directory structures and set security permissions to LAN user accounts using Windows XP and Active Directory. Installed various applications CEGIS, HP Openview, Lotus Notes, Domino, Apollo, Hot Fixes, service packs, and various network management applications. Arranged presentations with customer liaisons regarding migration conversion and network cutover plans. Configured print servers, and scanner hardware/software. Documented and updated IP address and inventory data into database records.

• Software Tester: Performed ad-hoc and regression testing of software application builds. Documented software errors, coding bugs, security vulnerabilities, and functionality issues based on system requirements. Analyzed application functions in compliance with project requirements. Documented test plans and procedures containing technical case instructions for software operation. Organized presentations with customer and branch managers regarding testing results and project lifecycle. Verified with acceptance inspectors the compliance for system requirements, security standards, and test plan documentation. Tested using Unix, Linux, Java, SQL Server, Windows, and other applications.

Confidential

Network Engineer

• Provided operational support at Base Station Relay Facility. Certificate in Matrix Switch 2700/2800 Operations.
• Configuration and installation of Cisco switch and router hardware/software, database, and system support for regional stations and transmission facilities. Studied network protocols TCP/IP, AppleTalk, SNMP, and etc. Installed and configured Cisco router and Marconi ATM machines during scheduled cutovers. Experience in operations and configurations for CNT Matrix Switch machines.
• Maintained and updated Selcal recall terminals, Remedy, and Openview HP applications. Experience resolving lease line circuit connections DS1, DS3, OC3, T1, E1, etc. and network problems via NET Promina multiplexers.
• Operated oscilloscopes, DTS test sets, encryption devices. Programmed timing device, Digital Lightwave, and CSU/DSU devices. Terminated and installed Ethernet, coaxial, serial, and fiber optic cables for equipment and facility structures. Set up equipment racks and cable cages for equipment nodes. Created inventory databases using Microsoft Access.

Confidential

Systems Engineer

• Built servers for Windows NT and Windows 2000. Installed software with specified configurations. Troubleshooting and maintaining servers, workstations, and laptops.
• Installed configured XML, SQL Server, PowerBuilder, Oracle 8, Java, Visual Studio, Visual Source Safe, Aero XML, HTML, Windows NT and 2000 Service packs, and client/server applications.
• Configuration of login and portal settings. Analyze, identify, implement, and maintain the policies, rights, permissions, and security protocols for local area network.
• Troubleshoot and maintain 40 NT workstations, as well as install and configure all software for deployment on client machines. Mapped, monitored, and maintained all share drives.

SKILLS

• Utilities: Burp Suite, App Scan, Wireshark, Nessus, NMap, App Detective, Nipper, Retina, Snort, WebInspect, Backtrack/Kali, Virtualization, Metasploit, Remedy system, Symantec Endpoint Protection suite, TCP Dump
• Operating Systems: Windows, Unix, Linux CentOS, Mint, Fedora, Ubuntu , VMWare
• Cisco routers, switches, Marconi ATM Switches
• DTS Test Sets Fireberd 6000 , Oscilloscopes, CSU/DSU TXPort 3001 and Solo Select Devices , Commsync I II
• Encryption equipment: KG-75, KG-175, KG-194, KIV-19
• Programming: Java, C , HTML
• Created cabling via Ethernet, serial, fiber optic cables