OBJECTIVE

Senior Security Solutions Architect, seeking to help deliver critical IT Security Projects

PROFESSIONAL SUMMARY

• 20 Years I.T. Architecture 10 , Operations 10 , Security 10 , Development 5
• 10 years of Advanced Security Engineering and Architectural Experience
• Strong ability in communicating decision choices options to the client.
• Delivered targeted, focused information security analysis, security design engineering within both Commercial and Federal Information Processing Security FIPS environments
• In-depth knowledge of security standards and checklists. PCI, HIPAA, SOX
• OWASP Best practices against SQL injection, cross site scripting, DDoS
• Expert configurations against Top Attacks SQL, PHP, JAVA, .NET JavaScript, Adobe
• Experienced in custom coding solution API's, ETL's, Security Application connectors etc.
• Performed IT Security Risk Assessments for large Fortune 500 customers
• Assessed, Architected, Implemented, Deployed and Managed multiple Enterprise Security solutions utilizing following technologies:
• o Security information and event management SIEM McAfee, Symantec, Solarwinds, Snort, OEM IAM Dashboard, SourceFire
• o Systems Software, Lifecycle Management Coverity, TeamFoundation Server, Visual Studio Application Lifecycle Management, Svn, Git
• o Endpoint Protection Platforms Symantec Endpoint Protection SEP , McAfee ePolicy Orchestrator ePO ,
• o Data Encryption Symantec Whole Disk Encryption ,PGP Universal Encryption, McAfee Whole Disk, TrueCrypt
• o Web Gateways McAfee Web Gateway, F5 Secure Gateway, CheckPoint Software Gateway
• o Network Security Platforms IPS/IDS SourceFire Next-Generation Intrusion Prevention System NGIPS , OSSEC, Snort
• o Network Load Balancing, Virtualization, WebProxy F5 BigIP, 3DNS, Juniper, Fortinet
• o Vulnerability Management and Policy Compliance Qualys Guard Enterprise, McAfee Vulnerability Manager MVM
• o Data Loss Prevention McAfee DLP, Symantec DLP
• o Database Audit and Monitoring DAM Application Security DbProtect, Custom Snort Rules
• o Enterprise Key Management Safenet Key Management DataSecure
• o NextGen Firewall Hardware IDS/IPS Auditing
• Cisco, Palo Alto, Juniper, Fortinet, F5
• o Creation of RuleSets, filters, datasets for static and dynamic code analysis
• Automated Web Application Testing and Scanning VeraCode, WebScrab, Peach
• o Implementation of Static/Dynamic code analysis tools remediation issues
• .NET, J2EE/J2SE, JavaScript, SQL, PHP
• o Application Security Assessments for .NET and J2EE/J2SE
• Static/Dynamic / Binary Code Analysis, Software Coding Remediation
• o Web Service/Application Security Testing, Static /Binary, Code/Software
• HP Fortify, IBM Rational App Scan, Coverity Code Remediation
• o Web services security testing Protocol Fuzzing
• Peach, WSFuzzer, Web Scarab, JProFuzz, ZAP, Microsoft SDL Mini File Fuzzer
• o Creation of Data Models/State Models, Configuration
• Publisher, Agent Monitor, Test, Fuzzing Strategy, Fuzzer Logging
• o Penetration Testing, Brute Force, Web Proxies
• MetaSploit, Nessus, Kali, BackTrack, Burp Suite
• o Browser Vulnerability Scanning Quays Hardening of web Browsers
• IE, Safari, Firefox, Chrome
• o Network Monitoring Network protocol/packet inspection
• Snort, WireShark, TCP DUMP, SolarWinds, Nagios
• o Automated deployment, configuration, monitoring Puppet, Chef, BMC
• Installation, administration, configuration of workflows/orchestrations
• o Automated Installation KickStart, Jumpstart, PXE
• Installation Tools RPM, YUM, AutoYast, pgkmgr, d
• o Open Cloud Infrastructure Architecture/Cloud Deployment
• RackSpace, Openstack, AWS, Google Compute/App Engine
• o Identity Access Management Deployments IAM Security Lifecycle
• SSO, LDAP, OIM/OAM, ODS, TAM/TAM,TDS, AD/ADAM, CA Siteminder
• o Authentication, Authorization, Access -Architecture/Administration
• AD, LDAP, Kerberos, SSO, JAAS, AAA, RADIUS, TACAS ,PKI, Certificates, Federation
• o Architectural Governance Oversight, Review, Approval
• Design of Blueprints, RoadMaps, Architectural Design Patterns
• o Manual Testing of Server ,Web, application, and DBapplication security
• .NET/Java Coding, Debugging, SQL scripting, Javascrupting, HTML, XML
• Self driven, attention to detail, highly organized, extremely resourceful
• Able to coach/mentor, ability to provide excellent customer service
• Excellent communication and collaborations skills, speaking, and presentation skills
• Ability to translate highly technical terms/concepts into business oriented solutions
• Experience working with distributed offshore teams

PROFESSIONAL EXPERIENCE

IT Security Consultant

Confidential

• Strategic Lead and SME for Infrastructure Security Tools Maintenance, Upgrades, Installations
• HP Fortify, HP CloudScan, HP Web Inspect , Administration, Updates, Upgrades, Maintenance
• HP AMP Installation, RulePack/RuleSet Upgrades, Troubleshooting AMP/Web Inspect Sensors
• DevOps environment automated deployment, support for Middleware, Virtualization, Bare Metal
• RHEL, SuSE, Windows 2012 Server Administration, SQL Server 2005 and 2008 Troubleshooting
• Troubleshooting job Templates for OWASP Best Practices in secure coding and penetration testing

Confidential

Security Architect

• Strategic Lead and Consultant security gaps/remediation SOA and EBS Infrastructure Security
• Security Assessments and Recommendations for Infrastructure, Application, and Data security
• Consulting on Authentication, Directory Services, Authentication, Authorization, SSO, AD, LDAP
• Consulting on OIM/OAM, ODS, TAM, TDS, oAuth, SAML, WS-Federation, Secure coding standards
• Consulting for Data privacy Security Data-In-Motion, Data-At-Rest, Data access/protection

Confidential

Infrastructure Security Architect

• Consulting on security Cisco InfoSec Policy/Security Controls for Cisco Hosted Environments
• Documentation of Web-Ex software, Cisco Collaboration Cloud Stack Web-Ex, Jabber, CUCM
• Authoring of diagrams for the Web-Ex, Web-Ex Datacenter, Jabber, Media Tone Network
• Authoring of Information Security Hardening Guides for UNIX O/S RHEL 6.4, Ubuntu 12.04 LTS
• Authoring of InfoSec Middleware Hardening Best Practices Apache, Tomcat, J2EE, JAVA

Software patching/configuration recommendations for infrastructure OS, Application, Middleware

Dell Solutions Architect

Confidential

• Strategic Network Security Architecture Lead Solutions Design consultant
• DataCenter Manager of Co-Located DataCenter Rack elevations and infrastructure
• Intrusion Detection Monitoring and Network Performance Monitoring HIDS/NIDS
• Defense against network based attacks DDoS, DNS Hijacking, IP Spoofing, MitM
• Hardening against browser attacks Cross Site Scripting, Cross Site Forgery, MitB