Summary

• Deploy and configure SIEM Security Analytics platforms, primarilyArcsight, Q1, RSA Security Analytics, Alien Vault, Splunk, LogRhytm. Develop advanced SIEM Content
• Built Threat Intelligence and Information Sharing platforms
• Deploy and manage multipleglobal sensor networks to collect and consume threat intelligence
• Deploy and manage deep packet engines like Netwitness, Soleranetworks, Silent runner
• Deploy and manage case management tools
• Team lead for Counter Threat Unit for Fortune 15, leading geographically diverse team of Cyber investigators
• Deploy Vontu, Mcafee, RSA Data Loss Prevention systems
• Deploy SSL decryption technologies in proxy or pass thru mode
• Manage breach investigations, work with internal and external legal support teams and law enforcement
• Perform forensic imaging of laptops, desktops, servers, phones, tablets and produce report of findings
• Perform malware analysis to identify malware, malicious codeto support mitigation strategies
• Review and negotiate legal contracts, develop corporate policy, standards and procedures
• Develop security architectures, project plans and implementation plans for global technology deployments
• Deploy Malware platforms such as FireEye,Bromium, Damballa, Lastline, Cyvera, Cuckoo, Invincea and Trusteer
• Deploy Endpoint solutions such as Symantec or McAfee ePofor antivirus, endpoint encryption, DLP
• Deploy Imperva, F5 ASM Web application firewalls and database activity monitoring solutions
• Deploy Network Access Control NAC Forescout/Cisco/Aruba to manage guest networks and rogue connections
• Manage PCI, SOX, HIPAA, FTC, GLBA, NERC CIP compliance mandates, gather evidence and maintain compliance
• Develop and implement enterprise vulnerability management solutions
• Develop CSOC, CSIRTprograms to detect and manage global incidents, Architect network security strategies
• Deploy and tune IPS solutions such as Palo Alto, Sourcefire, Tipping point, IBMProventia
• Deploy other security controls such as Bit 9, Tripwire as mitigating controls as identified during risk assessment
• Develop network architectures and migrate routing protocols, re-architect DMZ networks, core networks and perform migrations to Cisco Nexus and Cisco UCS platforms
• Perform packet level inspection by tapping networks and utilizing tools like Network Instruments Gigastor, Network General Sniffer, Wireshark, Airshark, Airdefense, Netscout to troubleshoot network issues or support forensic investigations. Application performance monitoring to identify slow-downs and service outages
• Develop and deliver detailed flow diagrams, develop operational procedures, policies, risk analysis, gap analysis
• Program manage the enterprise to develop, test and implement business continuity plans
• Act as Interim Vice President of Security or Director of Security while fulltime resource werelocated
• Build out operational security operations centers, developed advanced threat management metrics.
• Trained onshore, offshore staff.

Confidential

Security Architect

• Educate and mentor permanent and contract staff on GRC compliance program objectives
• Develop and deliver implementation project plans for global technology deployments
• Develop and deliver risk impact statements, risk assessments and report of findings
• Develop and deploy security controls to meet PCI compliance mandate
• Deploy proxy solutions globally Bluecoat, ISA 2006 , Deploy and manage Kazeon e-discovery solution
• Architect and deploy IBM Proventia Intrusion Preventionappliances globally
• Perform data flow mapping to identify critical data regulated data flows
• Deploy Data Loss Prevention solution to monitor use of sensitive data, Perform E-discovery and legal holds
• Perform incident response Investigations based on RSA Envision SIEM use cases
• Architect and deploy secure file transfer solutions
• Virtualize systems with VMware, performed P2V, Vshield Configurations
• Global firewall migrations on Cisco, Checkpoint and Nokia Appliances
• Network architecture design, troubleshooting and deployment
• Policy, standards and procedure development, train and mentor staff on compliance requirements
• Produce technical Visio documents containing security and network infrastructure diagrams
• Deploy optical DWDM solutions for high availability networks.
• Application Penetration testing and Source Code Analysis Ounce Labs, Fortify, Web Inspect
• Perform GRC activities in risk management and compliance group
• Deploy and configure Cisco routers, switches, Nexus based switches, MDS platforms, firewalls, Cisco load balancers, troubleshooting layer 2,3 and routing protocols

Confidential

Security Project 6 month contract

• Develop policy, procedure and technical controls to move forward security project within the State of NY
• Deploy open source SIEM for event correlation
• Deploy security controls such as IPS, Firewalls, RSA two factor authentication

Confidential

Information Assurance Network Engineer Manager

• Worked closely with senior military leadership for all GRC efforts inMiddle East theatre of operation
• Lead team of Information Assurance IA network security engineers at diverse locations throughout middle east
• Worked with IA managers to become compliant with DISA security standardsand STIG's
• Developed detailed documentation and performed security testing for DISA certification accreditation
• Deployed and supported all ASA, PIX, Sidewinder and Symantec firewalls in IRAQ, Afghanistan and Kuwait
• Troubleshoot routers, switches, routing protocols, load balancers, VOIP and LAN/WAN circuits consisting of Frame relay, SONET, MPLS, ISDN, Troubleshoot VPN, QOS, Routing Protocols such as OSPF, EIGRP, BGP and Multicast networks
• Deploy Cisco routers, switches, firewalls, content switches, Vbrick multicasting solutions in a 220,000 user endpoint multi country WAN infrastructure
• Support IDS appliances and work with Kuwait TNOSC onArcsight SIEM events
• Security monitoring on classified networks

Confidential

Program Manager

• Develop agency HIPAA security program and gained executive acceptance
• First State agency to become compliant with HIPAA security mandates for State of CT
• Deploy wireless network statewide to achieve cost savings by eliminating point to point circuits
• Business continuity program for continued care for Statehospitals in the event of a declared disaster
• Deployed centralized HIDS, NAC and Antivirus management solution to reduce virus infections and security incidents by 95 , freeing up two FTE's for other project work
• Performed Malware identification, analysis and remediation
• Implemented patching and vulnerability process
• Configured, deployed and supported Cisco routers and switches for wired and wireless networks statewide
• Deployed identity management and single sign-on solution
• Monitored State networks with ISS Siteprotector IDS System
• Deployed, configured and supported McAfee EPO HIDS agents for agency
• Train and mentor agency staff
• Developed operational manuals, procedures and response plans

Confidential

• Trained and educated hospital executive management on HIPAA compliance mandates
• Project management, security strategy development, perform assessments, gap analysis and remediation
• Developed and deployed technical and procedural controls, Develop security and network architectures
• Troubleshoot networks and systems, Deploy single sign on solutions and identity management
• Deploy Dragon and SNORT IDS system, Web application security testing using Cenzic for regulated systems
• Implemented vulnerability management program
• Support client during network outages to resolve complex routing or network issues

Confidential

Chief Technology Officer

• Worked closely with the CEO and CFO to overcome funding challenges for Internet startup
• Designed and implementing Internet data center, develop and implement network infrastructure design
• Worked closely with contractors to build out and commission datacenter
• Developed company security, network strategy and drove budget process
• Implemented security strategy to insure zero security incidents for hosted customer environments
• Maintained VOIP hosted solution, Developed and managed Incident response program
• Design and deploy LAN/WAN/MPLS networks, Troubleshoot routing protocols BGP, OSPF, RIP, EIGRP , deploy routers, switches, load balancers, security appliances
• Deploy and support IDS/IPS solutions, mitigate DDOS attacks, Deploy PIX, ASA, Sidewinder,Checkpoint and Smoothwall firewalls. Support servers and Operating systems
• Configure reverse proxies, Load balancers, 3rd level support for hosted client solutions
• DeploySIEM platform for event correlation and logging
• Deploy application and networking monitoring
• Managed 24 indirect reports, 3 direct reports
• Develop Physical Security program for secure data center
• Develop CSOC, NOC and CSIRT capabilities and manage daily events