Profile Summary
Develop, lead and manage global security architectures. Perform complex investigations,Manage Information Assurance Teams and deliver cost effective security compliance programs for Fortune 500 corporations. Hands on Manager/Engineer

PROFESSIONAL EXPERIENCE:

Consulting Engagements:
Confidential 9-2009 - Present

Client engagements range from breach management, technology implementations or compliance remediation programs.

Program Development & Management

• Develop policy, procedure and standards and integrate into work stream
• Deploy Archer and other GRC Solutions for evidence and performance management
• Implement Information Security Programs based on NIST/ISO 27001 standards
• Partner with CXO, legal and compliance groups to develop business and technical compliance strategies. Align security programs toapplicable standards, business need and audit objectives
• Perform compliance auditsfor PCI, TR39, VISA, SOX,FDA, MasterCard, PII, GLBA
• Implement and manage annual PCI compliance programs, develop Report of Compliance for Level 1 Merchants
• Complete SAS94,SSAE16 audits for venture capital activities
• Develop and providesecurity content, training & awarenessprograms
• Develop enterprise business continuity program aligned to ISO22399 with COBIT 4.1 G32 audit objectives
• Deploy enterprise security controls, develop control objectives with auditable control framework
• Perform data mapping, classification and labeling on enterprise data
• Perform risk assessment on companies under consideration for acquisition
• Develop corporate risk portfolio’s for visibility, tracking and remediation
• Manage outsourced contracts, vendor liaisons, audit and manage vendors
• Manage physical security, develop and test building evacuation and incident response plans
• Perform risk assessments, security assessments, penetration test

Security Architecture & Investigation

• Architect and deploy enterprise security controls, develop control objectives with auditable control framework
• Detect, investigate and manage targeted complex Advanced Persistent Threats (APT) targeted at global companies
• Investigate security events and corporate policy violations, work hand in hand with state, federal and international law enforcement
• Manage large scale security incidents affecting tens of thousands of users
• Deploy and manage incident response program, work with state, federal and international law enforcement agencies.
• Incident handler from detection to resolution
• Seize computers and perform forensics analysis with Encase, Accessdata
• Detect, investigate and manage targeted complex Advanced Persistent Threats (APT) targeted at global companies
• Investigate and resolve intellectual property infringement activities

Technology Development & Operational Support

• Manage Netapp and develop replication and recovery strategies for physical and virtual machines using Syncsort and VMware SRM
• Support and manage clustered VMware 4.1, VMWARE SRM, Syncsort
• Managed Security Operations outsourcing to Secureworksor Symantec MSSP
• Stabilize infrastructure, turn around immature technology support groups
• Deploy VMware view for remote access (VDI), Juniper and Cisco VPN\'s
• Deploy F5 and Citrix load balancers
• Deploy and support Mcafee EPO,Sophos, Symantec AV, BlueRidge Networks, Comodo
• Configure and manage Cyberark, Bit9, FireEye, Invincea, Damballa
• Database activity monitoring with Imperva, Mcafee
• Implement Web Application Firewalls such as Breach, F5 ASM, Imperva
• Deploy file integrity solutions from vendors such as Imperva, Tripwire
• Develop and manage vulnerability programs using tools likeAccunetix, Watchfire, AMP, Retina, BurpSuite, Backtrack, NST, Backbox
• Conduct Cyber Warfare operations, offensively and defensively
• Implement and manage Symantec Web Gateway, Symantec Mail Gateway, Protection Server, Endpoint Security, Manage SEP Enterprise for 30k+ users
• Configure Q1Radar, Symantec SIEM, Splunk, Nitro SIEM, RSA Envision, establish enterprise baselines and performing tuning, configure rules, filters, reports, connectors, active list
• RSA Envision, Build Custom Dashboards, Alerts and Reports, Use Universal Device Support to bring in external data sources
• Arcsight SIEM, ArcsightIdentity view, ArcsightLogger, manage connectors, write custom flex connectors, manage and monitor Arcsight database and database partitions, perform data management and manage data retention, upgrades from 3.3,4.0 to 5.02. Develop content based on over a hundred vendor products
• Develop SIEM content to detect Advanced Persistent threats, compromises, data exfiltration and breach conditions
• Develop SIEM use cases based off of users inputs, threats, ticketing systems, train staff on SIEM operational procedures and web based consoles
• Develop content and incident response procedures, train on case management
• Configure, implement, tune multiple vendor IPS’s such as CISCO,HP, IBM, Mcafee
• Define and implement hardware / OS baselines
• Deploy, upgradeSymantec Vontu DLP 9.0 to 11.5, and perform cross platform migrations, 32bit to 64 bit migrations. Migrate from little endian systems to big endian systems. Perform Oracle Database upgrades. Manage DLP incidents
• Migrate from Websense to Palo Altoor OpenDNS content filtering
• Troubleshoot and support Cisco routed networks, Cisco MDS and Nexus
• Deployed Cisco Nexus technology in core networks with VDC for zoning
• Security operations member on call 24x7 with 15 minute response time to meet customer service level agreements
• Perform computer and network surveillance operations
• Deploy and support global network architecture, troubleshoot firewalls, routers and switches
• Deploy Secure Filetransfer solutions
• Migrate Cisco ASA, Checkpoints to Palo Alto Firewalls, Upgrade legacy Checkpoint versions to Checkpoint R75. Deploy Palo Alto, Cisco ASA\'s, daily support of firewalls, rule management, auditing, reporting and patching
• Deploy Cisco MDS and manage Cisco Fibre Channel Fabrics. Deploy Cisco Nexus 7010 switches configure VDC’s for hosted customers and internal business units.
• Manage and configure MPLS, Frame relay, Fiber, SONET circuits, wiring closets and data center wiring.
• Configure and manageCisco devices such as 6513, 4507, 3845, 7206, 3640, 4225 IDS, Cisco ASA Firewalls, ACE, CSS load balancers

Confidential- Client: Estee Lauder Companies Melville, NY
Risk Management / Security Architect 8-2006 to 10-2009

• Educate and mentor staff on GRC compliance program
• Develop and deploy security controls to meetPCI compliance mandate
• Deploy proxy solutions globally (Bluecoat, ISA 2006)
• Architect and deploy Intrusion Prevention System globally
• Perform data flow mapping identify critical data flows
• Deploy Data Loss Prevention solution to monitor use of sensitive data, Perform E-discovery and legal hold activities
• Perform incident response & Investigations based on RSA Envision SIEM usecases
• Architect and deploy secure file transfer solutions
• Virtualize systems with VMware, performed P2V, Vshield Configurations
• Global firewall migrations, Network architecture design, deployment
• Policy, standards and procedure development, train and mentor staff
• Produce technical documents containing security and network diagrams
• Deploy optical DWDM solutions for high availability networks.
• Application Penetration Testing and Source Code Analysis (Ounce Labs, Fortify, Web Inspect)
• Perform GRC activities in risk management and compliance group
• Deploy and configure cisco routers, switches, firewalls, load balancers, troubleshooting layer 2, layer 3 and routing protocols

Confidential- Client: State of New York, Albany, NY
Security Project (6 month contract) 2-2006 to 8-2006

• Develop policy, procedure and technical controls to move forward security project within the State of NY.
• Deploy AAVAL SIEM for SNORT IDS Log Correlation
• Deploy security controls such as IPS, Firewalls, RSA two factor authentication

Confidential, Camp Victory, Country of Iraq
Information Assurance Network Engineer Manager Interim Secret Clearance10-05 to 2-06

• Worked closely with senior military leadership for all GRC efforts in theatre
• Developed a network security program for all IRAQ forward operating bases (FOB), change agent for security posture
• Lead team of Information Assurance (IA) network security engineers
• Worked with other theater IA managers to develop a theater security strategy to become compliant with DOD and DISA security standards.
• Developed detailed documentation and performed security testing for DISA compliance and certification to achievetheater certification & accreditation. Deployed and supported all ASA, PIX, Sidewinder and Symantec firewalls in IRAQ, Afghanistan and Kuwait.
• Troubleshooting of routers, switches, routing protocols, load balancers, VOIPand LAN/WAN circuits consisting of Frame relay, SONET, MPLS, ISDN, Troubleshoot VPN, QOS, Routing Protocols such as OSPF, EIGRP, BGP and Multicast networks, Deploy Cisco routers, switches, firewalls, content switches, Vbrick
• Support IBM Proventia IDS appliances and work with Kuwait TNOSC on SIEM events

Confidential Hartford, CT
Program Manager - HIPAA Information Security Project 5-2003 to 9-2005

• Educated management and obtained HIPAA security program acceptance and buy in
• Developed strategic HIPAA security program for state agency. Achieved HIPAA security compliance certification for agency.
• Security program allowed the agency to become the first State agency out of twenty to achieve HIPAA compliancy.
• Deploy wireless network statewide to achieve cost savings.
• Major achievement was working with agency hospital executives to develop business continuity plans for continued care in the event of a declared disaster.
• Deployed centralized HIDS, NAC and Antivirus management solution that reduced virus infections and security incidentsby 95% freeing up two FTE\'s for other project work. Virtualize systems to consolidate
• Performed Malware identification, analysis
• Configured, deployed and supported Cisco routers and switches for wired and wireless networks statewide
• Deploy identity management and single sign-on solution
• Monitored network with ISS Siteprotector, deployed, configured and supported Mcafee EPO & HIDS agents

Confidential 1-2002 - 5-2003 Clients:
Berkshire Health Systems, Pittsburgh, MA, Blue Cross of Puerto Rico

• Educated hospital executive management on compliance mandates
• Project management, security strategy development, perform assessments, gap analysis and remediation
• Developed and deployed technical and procedural controls, Develop security and network architectures,
• Troubleshoot networks and systems, Deploy single sign on solutions and identity management
• Deploy Dragon and SNORT IDS system, Web application security testing using Cenzic for regulated systems

Confidential Minneapolis, MN
Chief Technology Officer 10-2000 to 12-2001

• Worked closely with the CEO and CFO to overcome funding challenges while designing and implementing an Internet hosting facility.
• Worked closely with contractors to build out and commission datacenter.
• Developed company security and network strategy and drove budget approval and implementation of the strategy to insure zero security incidents for hosted customers.
• Maintained VOIP hosted solution, Developed, managed Incident response program
• Design and deploy LAN/WAN/MPLS networks, Troubleshoot routing protocols (BGP, OSPF, RIP, EIGRP), deploy routers, switches, load balancers, security appliances
• Deploy and support IDS/IPS solutions, mitigate DDOS attacks, Deploy PIX, Sidewinder,Checkpoint and Smoothwall firewalls.
• Configure reverse proxies, Load balancers, support hosted client solutions
• Deploy SIEM platform for event correlation
• Managed 24 indirect reports, 3 direct reports
• Develop Physical Security program for secure data center

Network Engineering and Security Architecture Projects 1994-2000:

Confidential, Carlsbad, CA, Interim Network Manager
Confidential, Orlando FL, Network Consultant
Confidential, FL, Security Consultant
Confidential NJ, Senior Novell Consultant
Confidential, Tampa, FL, Network Consultant
Confidential- Minneapolis, MN - Pre / Post-sales Security Engineer
Confidential, MN, Senior Network Engineer
Confidential, Harrisburg, PA Corporate Sr. Information Security Engineer
Confidential, Allentown, PA, Network Consultant
Confidential- San Jose, CA, Pre/Post Sales System Engineer
Confidential, Hillsboro, OR, Network QA Engineer

Confidential, Tacoma, WA
Technical Services Manager 1988 to 1993

Confidential K9 Narcotics / Explosive Law Enforcement
1983 to 1987

CAREER CERTIFICATIONS AND TRAINING

NSA IAM - Confidential
CISM Certified Information System Manager
CISSP #11890 Certified Information Systems Security Professional
CISA Certified Information Systems Auditor # 0125802
CFE Certified Fraud Examiner
CBCP #4432 Certified Business Continuity Planner
CRISC Certified 2011
Cisco CCNA, Cisco CCDA
Cisco CCNP, Cisco CCDP
Passed CCIE written test, Cisco Nexus Training
Imperva Application and Database Protection Training
Raptor (Symantec) Firewall Certified,
Check Point, Cisco ASA, Netscreen/Juniper
Legato High Availability Clustering Certification
ICSA Security Auditor Certification,
Keane Project Manager Training
US ARMY IA Certification for Retina and Harris STAT
DISA 2011 IA Training
CIW Certified Security Analyst,
ArcsightCertified Security Analyst 5.0
Arcsight Certified ESM Administrator 5.0
Symantec Certified Specialist Endpoint Protection
Symantec Certified Specialist Dataloss Prevention (VontuDLP 11.5)
McAfee Certified Product Specialist (EPO)
Encase Forensics Training
OWASP Training
Fortify Training
F5 Certified Technology Specialist, ASM

EDUCATION - CCAF LAW Enforcement