Summary

Hands-on Information Security professional with outstanding technology and interpersonal skills, seeks an opportunity to utilize 15 years of Information Technology, Information Security, Engineering, Networking, Design, Implementation, and Project Management experience.

Professional Affiliations:

• INFRAGARD A national information sharing program between the Federal Bureau of Investigation FBI and the private sector relating to threats against the nation's infrastructure.
• USSS ECTF United States Secret Service's - Electronic Crimes Task Force
• US-CERT - United Stated Computer Emergency Readiness Team
• NCAS - National Cyber Alert System
• NCSD - National Cyber Security Division
• NYPD SHIELD- Partnership with private sector security managers and NYPD

Tools

• IDS/IPS McAfee, SourceFire, HP Tipping Point, IBM Proventia, CISCO IPS, Snort
• SIEM IBM Qradar, Solar Winds LEM, McAfee Nitro, Cisco Mars
• Proxies BlueCoat, Zscaler, Mcafee Web and email gateways, GFI Cloud
• Vulnerability Assessment / Pen Test - Nessus, Metasploit, Burp, Nmap, Wireshark, Qualysys
• Malware Defense Firepower SourceFire, McAfee - Advanced Threat Defense, FireEye - Network Threat Prevention, McAfee Endpoint Protection, Kaspersky Endpoint Security
• Application Security IBM Appscan, HP WebInspect
• Firewalls / Next Gen Firewalls CISCO ASA, Palo Alto, McAfee Next Generation Firewall
• Web Application Firewall F5 Big IP, Application Security Manager and hardware Load Balancer
• File Integrity Monitoring CimTrak change detection software, OSSEC
• Encryption HSM by Safenet, Vormetric Data Security, BitLocker
• Two Factor Authentication RSA, Safenet
• Network Monitoring Solar Winds, Splunk, Zenoss, HP Openview, IBM Tivoli
• Firewall Analyzer AlgoSec, Redseal, Solar Winds Firewall Security Manager
• Network Access Control ForeScout, TripWire
• Date Recovery / Forensics SANS SIFT Kit, Encase Enterprise, AccessData FTK

Professional Experience

Sr. Information Security Specialist

Confidential

• Evaluation and assessment of assets for Information Security Compliance Standards
• PCI-DSS, NIST, COBIT, OWASP, SANS ISO 27000X
• Penetration testing, Internal / External vulnerability assessments and remediation
• Information security policies and procedures
• Physical Security and Access Control
• Network Architecture Security Assessments VPN, Perimeter Security, Active Directory
• Information security incident management
• Training and mentoring Security, Network, Systems Engineers and developers on security practices
• Create Security Awareness Campaign and Training Materials

Confidential

Principal, IT Cyber Security Engineer

• Architecture and design of a global rollout of McAfee Intrusion Prevention System IPS to strengthen network security and increase automation. Therefore, enforcing a proactive strategy in blocking the threat at the network perimeter reducing risk of entry into the corporate network.
• Implemented McAfee Advanced Threat Defense to create a sandbox environment to provide static and dynamic analysis to eliminate any potential zero day Advanced Persistent Threats APT and advanced malware threats. Create reports to highlighting anomalies to be further investigated. Integrate with End Point Security
• Automation and integration of existing SourceFire Intrusion Detection Solution to reduce manual effort required to mitigate malicious threats, ultimately, creating greater efficiency, without increasing costs or headcount.
• Architecture design and Implementation of centralized IBM Qradar SIEM for High Availability and Redundancy
• Investigate network traffic as accumulated from IDS/IPS, Event Correlation to assess and mitigate risks
• Custom configuration of rules in IBM Qradar, and McAfee IPS to add greater value and enhanced correlation of logs.
• Integration of IPS into SIEM Qradar and McAfee e-Policy to reduce the number consoles required. Thus allowing for operations staff to streamline research and investigate potential security breaches, through a centralized, web based, dashboard.
• Configuration of Next Gen Firewalls, Zscaler Proxies, Mobile Device Management Solutions for improved security.
• Perform Security Assessments, Security Compliance Standards, Penetration Tests, and Vulnerability Assessments
• Research and PoC Cloud based applications to enhance the integrity security of the network, data, and ultimately reduce costs.
• Algosec Firewall Analyzer, Nessus, QualysGuard, Firepower SourceFire, Metasploit, ForeScout, and TripWire IP360

Confidential

GLBA, Sarbanes Oxley, FFIEC, PCI DSS, Security Compliance Procedures

• Implemented Websense upgrade for web content filtering and reporting
• Administer and configure RSA remote access VPN and F5 Firepass using RSA FOB's for dual factor authentication
• Configuration and monitoring of IBM Proventia Intrusion Detection / Intrusion Prevention System
• Configure ACL's and Manage the Secure FTP Server for restricted access to the DMZ
• Maintained encrypted Password Safe for Information Security
• Installation and Management of Web Certificates for HTTPS secure web traffic
• Internal External Vulnerability Assessments as required for various regulatory compliance. Mitigated any identified audit items.
• AML, BSA, OFAC, and participate in fraud investigations.
• Manage CipherTrust Ironmail for Secure Web Mail TLS Encrypted
• Ensure change control procedures are adhered to, that changes pass security reviews, and recommend additional processes and procedures to enhance the integrity of the network and data.
• Manage Cisco Mars - SIEM, Create PGP Encryption Keys, Enterprise Security Dashboard
• Device Shield port management and restrictions on CD/RW, USB, and outbound access
• Manage E-policy 4.6 Antivirus server McAfee Malware Gateway / Transparent Proxy, Data Loss Prevention
• TACACS ACS configured for various user level access to Security Appliances
• Utilize Wireshark and other network analysis tools to investigate security incidents.
• Routinely conduct reviews of logs via Daily, Weekly, and Monthly PMI's.
• Forensics Security Investigations, Provide Evidence, Chain of custody, Court Appearance, etc.

Systems / Network Security Confidential

Systems Administration Design

• Configuration of Routers, Switches, Firewalls, Proxy Servers, Cisco Catalyst and HP Procurve, Wireless Routers, Watchguard, Cisco PIX Firewall, Cisco Routers and Cisco ASA, Cisco Access Points. Cisco Mars, CiscoWorks
• Troubleshooting, implementation and support of Cisco, Exchange, Active Directory, LINUX, Microsoft Novell.
• Data migrations, consolidations, storage, failover backup solutions, and technology refreshes.
• Network Operations, systems integration deployments and load balancing.
• Integrated databases with shipping systems, SQL DB inventory, sales, Data base Monitoring
• Utilized Tivoli Storage Manager 6.1, Red Hat Linux Enterprise with failover, MySQL
• Investigate network traffic as accumulated from IDS/IPS, Event Correlation to assess and mitigate risks
• Monitored, tested, and performed troubleshooting of network issues in complex network environments.

Systems Management

• Management and troubleshooting of all Telecom, Network and Data Center Systems Remote support and configuration of systems, networks and virtual private networks. .
• Managed network security, user access permissions, virus prevention, and intrusion detection.
• Provided support for routers, switches, firewalls, circuits, VPN, SQL, Wireless, Satellite, T-1, T-3, OC-3,
• Customized Next generation firewalls, Mobile Device Management, Cloud Security to fit client budgets and goals.

Director of Information Technology Confidential

• Achieved cost savings of 46 by renegotiating vendor contract, implementing VOIP utilizing higher bandwidth connections.
• Installed and upgraded core infrastructure and troubleshooting on routers, switches, firewalls, and VPN appliances.
• Configured Cisco Pix Firewall to connect to the State of Florida, FDOT.
• Upgraded and integrated web servers, MS Exchange servers, finance server, and SQL.
• Implemented remote network connectivity for 10 remote sites.
• Utilized Cisco, Linux, Windows Server support, Apache HTTP, MySQL, and open-source applications.
• Managed 300 internal and external user- supported LAN.
• Configured IP T-1's, Frame Relay, and VPN connections for external connections to regional facility.
• Continually recommended proven technology solutions to increase efficiency and reduce costs.

Information Systems Project Manager Confidential

• Managed projects including 20 employees contractor resources consisting of systems, security, network, middleware, application, hardware, and database administrators.
• Negotiated and managed the purchase of more than 4.5 million in hardware, software and contract services.
• Monitored Systems Network Security and reported incidents for 250 servers
• Ensured successful, cost-effective and on-time implementation of all projects.
• Prepared cost benefit analysis and risk assessments in quantitative and qualitative reports.
• Negotiated prices, terms, and vendor service levels on hardware, software, and support contracts.
• Determined TCO / ROI analysis of short long-range business requirements.
• Monitoring and reporting for web-based metrics for local and remote Unix, NT Servers, IBM utilizing Tivoli and HP Openview
• Network monitoring and management, desktop server support, end user support, troubleshooting.
• Generated time and cost estimates for projects and procedures.
• Planned initiatives for development, enhancement, maintenance and support.

Confidential

Database Analyst

• Managed a Filenet Optical Imaging System utilizing an Oracle Database.
• Provided desktop and end-user support for 350 users at 3 sites.
• Designed, developed and maintained financial accounting databases.
• Reconciled financial control databases utilizing Sybase and Lotus Notes.
• Ensured financial compliance controls and clearance of U.S.-based equities and derivatives.
• Security, backup and recovery, troubleshooting, performance tuning, capacity planning.
• Utilized Moving Average, Convergence Divergence, Stochastics, RSI, and Bollinger Bands.
• Performed analysis of stocks, options, commodities, and foreign currency.