• Hands on working knowledge in CFATS, ISO 27001, PCI DSS, NIST, SOX and HIPAA frameworks
• Risk analysis on Windows, Unix and network infrastructures in support of vulnerability management and compliance
• 10 plus years of hands on design, configuration, implementation, administration and management of security for large enterprises.
• 4 years of vulnerability management, vulnerability risk analysis, asset management and tracking
• 10 plus years of working in mixed Windows and Unix environments
• 10 plus years of compliance remediation to implement control objectives
• 10 plus years working with TCP/IP and packet analysis. tcpdump and wireshark
• 10 plus years of technical project management in enterprise environments covering the project lifecycle of initiation, product evaluation, planning, implementation and closure for security initiatives in firewall management, SIEM AV, encryption, vulnerability scanning, network access, IDS, IPS, DLP, automated workflow management and network infrastructure.
• Hands on experience with a wide array of open source and proprietary security tools that would include FireMon, Lumeta IPsonar, SIEM QRadar, Network Vulnerability Scanners, Data Loss Prevention tools, Firewalls, Cisco routers and switches, Intrusion Prevention, Intrusion Detection, Anti Virus, Desktop firewalls, AAA Network Access Tacacs , Packet analyzers, Ethical hacking tools. Penetration Testing tools, Automated Workflow Management tools and web application scanners Webinspect, Appscan .
• 10 plus years of design, service and support of CISCO infrastructure and firewalls prior to becoming security focused allows me to bring the added value of that knowledge into your enterprise network and perform in the capacity of both a network and security engineer
• Written and Verbal skills for presentations, documentation, policy and procedure.

Confidential

• Implementing security architecture initiatives and managing those initiatives thru the project lifecycle
• Lead security architect for the FireMon initiative
• Technical Project Management
• Implementing Security Manager core module for approximately 300 Juniper and CheckPoint firewalls to report into FireMon
• Provisioning Checkpoint and Juniper firewalls into Security Manager
• Implementing policy planner
• Refined and simplified the DuPont firewall change management processes
• Requirements gathering
• Gather workflow requirements and current workflow from existing tools to be integrated into FireMon
• Implementing Policy optimizer module
• Implementing Risk analyzer module
• Hosting meetings for stakeholders from the Global enterprise
• Implementing architectural design to ensure the confidentiality, integrity and availability of the tool and its impact on the network
• Contributing team member for the security design of the DuPont Extranet
• Requirements gathering
• Determining use cases
• Contributing architectural design and review
• Researching security technologies and threats to determine if current controls are adequate
• Review of existing network design and the Juniper UAC architecture to ensure that the network is being vigorously defended against the current threat landscape
• Contributing architect for the Lumeta IPsonar initiative
• Network Security Documentation
• Visio

Confidential

• Management and administration of a QRadar SIEM
• Analysis of offenses and events
• Behavioral analysis of network flows
• Pruning false positives
• Flow analysis
• Custom rule and Building block design to trigger offenses and events
• Creation of searches in support of security incidents and investigations
• Generated reports for baselines and metrics
• Active Directory
• Management of ADmanager Plus across 4 domains
• Bulk user creations, deletions, group modifications
• Report creation in support of audit
• Analysis of DLP Proofpoint logs
• Analysis of Checkpoint Smartcenter rules and logs
• SSL certificate management
• Nessus vulnerability scans
• Virus definition update audit
• Physical security

Confidential

• Successfully completed a short term contract in the role of a consultant with HCL America, consulting to Shire Pharmaceuticals as a member of the governance risk and compliance team to complete a security gap analysis and vulnerability assessment
• Member of the Security Gap Assessment team
• Currently in the Plan stage of the ISO 4 phase model.
• Discovery of security gaps based on interviews and responses to questionnaires based on the ISO 27001:2005 framework
• Analysis of the client responses leading to a formal document which outlined the clients current security posture and the risks that would be assumed for non compliancy
• Made the appropriate recommendations for the controls that would need to be put in place to reduce risk and be compliant
• Managing the vulnerability and network audit scanning project which culminated in scans of targeted servers in the global enterprise data centers
• Utilizing Nessus for the vulnerability scan and Nipper Studio for the network infrastructure audit
• Configuration of multiple scans on targeted servers across the enterprise
• Managing the scan from the perspective of asset identification, identifying the platform and application owners as well as giving guidance to the stakeholders on the results of the scan
• Creating the high level reports from the results for upper management
• Management and scheduling of resources across the global enterprise to bring the project to a successful conclusion.

Confidential

• Completed short term contract with MISI in which I was contracted to SunGard while a SunGard employee was on medical leave.
• Worked within the governance, risk and compliance sector of SunGards ITIL security model.
• Administration and log analysis for Websense data loss prevention
• Manage and administer the Rapid 7 Nexpose scanning
• Configure and initiate network scanning.
• Generate reports to track metrics of the scanning.
• Write procedural documents in support of the scanning process.
• Advise asset owners on security best practices and risk so as to comply with policy.
• Advise and work with auditors to ensure compliance.
• Advise and give guidance on how to implement best practices and meet control objectives.
• Member of the Archer Framework implementation team

Confidential

• Network Security Analyst contracted to the Department of Defense
• Primarily focused on the analysis of traffic crossing between military and non military networks bound for military assets as well as military sourced traffic bound for non military destinations.
• Identify non compliant, malicious network traffic
• Identify real time external and internal attempts to exploit network and host based assets and applications via HTTP, SNMP, TCP/IP, FTP, IM etc.
• Relay appropriate information to mitigate threats to the firewall team
• Snort, TCPDUMP and a number of other proprietary tools are used in the analysis of both behavioral and Signature based rules.
• Write and recommend rules for implementation into the toolset
• Identify and report on assets containing malicious threat capability
• Contact with all levels of management for the remediation and knowledge sharing of events.
• Report tracking and management of remediation efforts.

Confidential

• Engaged in a short term contract to design a solution for the remediation of network access vulnerabilities discovered during an audit
• Provide technical support to national account director during client meetings and follow up on any security centric issues the client requires to be addressed
• Coauthor the following statements of work with the account director
• Scope
• Project lifecycle details
• deliverables
• Designed a Tacacs solution for Network Access Compliance
• Engage with client technical staff for all pre solution implementation discovery

Confidential

• Security Vulnerability Manager for the Cingular Wireless NE region
• As an original member of the vulnerability management security initiative for the NE region I implemented processes and procedures to get the initiative off the ground and continued to review, refine and implement these procedures and processes when applicable
• Introduced Preventsys as a remediation and automated work flow management tool along with managing the project lifecycle.
• Conducted product evaluations of security tools in support of the following security initiatives
• Vulnerability scanners
• IPS AND IDS
• Security management toolsets
• Workflow management
• Correlation SIEM
• Initiated a risk management project in conjunction with vulnerability scanning
• Generated risk assessment documentation for variances
• Managed the remediation and mitigation of vulnerabilities for all core network platforms OSS, SGSN, BSC, RNC, MSC, HLR, and VLR in all markets of the Cingular Wireless Northeast region for Windows, Unix and Solaris platforms.
• Vulnerability Scanning
• Nessus, nCircle, Qualys, Retina
• Correlation and workflow tools Preventsys
• Initiated policy and procedures for hardening of UNIX and Windows based servers
• Team member for SOX compliance and audit remediation
• Team member to assess ISO 17799 controls .
• Administer the archiving of all security related requests and correspondence in support of due diligence.
• Represented the NE region on security panels for a variety of security initiatives.
• Access Management
• AD and Unix
• Account builds
• Account scrubs
• Audit of role based permissions and management of access control matrix
• Wrote policy and the procedures in support of policy as well as the review of existing policy to ensure that they were current.
• Worked with all the market operations managers to disseminate security policy, procedures and processes.
• Working with the platform owners I resolved any issues that arose due to remediation requests on the respective platforms that they own.
• Acted as a security ambassador to instill the need for security and the timely remediation of vulnerabilities.

Confidential

• Project manager and Team Lead for the Bristol-Myers Squibb Desktop Firewall Initiative
• Managed the project from inception thru test pilot.
• Authored all project documentation.
• MS Project document
• Firewall summary and recommendation documents
• Firewall criteria
• Project charter, scope, stakeholder, test plans etc.
• Conducted the assessment of the current firewall technology and based upon those findings made recommendations for the initial vendor selection.
• Developed criteria for 2'nd round of vendor selection.
• Developed test strategy for test phase and conducted the actual testing.
• Developed the strategy for firewall components that would be implemented.
• Developed strategy, scope and objectives for pilot phase.
• Set up and evaluated McAfee, ISS, Sygate and Zone Labs firewalls along with the enterprise management components.
• Created line item criteria to be used in the vendor reverse auctions
• This resulted in significant price reductions from initial vendor quotes.
• Created objectives that vendors would be tasked with.
• Reviewed Vendor Statements of Work for accuracy.
• Actively participated in and contributed to the BMS security focus group.
• Headed project team meetings and created applicable PowerPoint presentations.
• Gave presentations focused on various aspects of security to the global BMS security group.

Confidential

My contract dealt primarily with network security which required my extensive networking background to implement and support various aspects of security for a global network made up of over 50,000 nodes. I administered an ISS Black ICE firewall consisting of 8000 users and built and managed ISS SiteProtector firewall pilot. Daily responsibilities included firewall log analysis, virus remediation, vulnerability assessment, penetration testing and scanning with a variety of tools, some of which included Nessus, Nmap, and Foundstone. All vulnerabilities and exploits were investigated and documented by myself on a daily basis and end users or managers were notified for resolution. I also was a member of various teams to test and determine the feasibility of a variety of security enhancements to the network and desktop clients, such as encryption, spyware and malware detection products, desktop firewalls, host based Intrusion detection products and network based intrusion prevention products.

Confidential

Network Engineer

• Client desktop rollouts, desktop support for windows and client support from the desktop to the router
• Novell admin
• Microsoft NT 4.0 / 2000 server admin and NT /2000 desktop support
• Network and desktop Security PIX firewalls, Ipsec, Authentication practices, penetration testing, IPS, IDS, hardening of MS 2000 family OS to meet with SANS criteria.
• Network analysis utilizing Netscout or Sniffer technology for the purpose of baselines and the troubleshooting / diagnosis of connectivity and performance related issues of the network.
• Lan / Wan connectivity, implementation and diagnosis of Lan / Wan related issues which have included new site installs or cutovers, performance related issues, client end to end connectivity and Vlan related issues along with VPN's.
• Project Management handled all aspects of site and client migrations, LAN/WAN infrastructure, site cutovers and turnups, fallback recovery, and coordinating with outside vendors the on time delivery of circuits, power, and other essential services required to meet project completion
• Escalated network support with an emphasis on Cisco infrastructure. Supporting and configuring the Cisco product line of catalyst switches and routers.
• I supplied escalated network support and network security for the DuPont Global East Coast Network. This network consisted of 400 plus Cisco routers and several thousand Cisco switches connecting to 100 plus remote sites via frame relay and leased circuits. I also supported several hundred ISDN remote clients who were attached via Ascend pipeline routers along with several hundred dial in clients
• Responsibilities in support of this network primarily consisted of escalated support for the following issues.
• Internet Worked with DuPont internal clients and external DuPont vendors in conjunction with the firewall team to resolve both inbound and outbound issues of connectivity from or to remote sites that crossed the DuPont DMZ
• Performance / slow response Determining if the problem was on the client side, network, or outside vendor network and making the appropriate changes and or recommending changes that should be made when the problem was determined to be on the network side
• Security Audited router access lists and firewall rule sets to ensure compliance with corporate security policy. Worked with end user clients to resolve virus related issues and conducted security audits for corporate compliance
• Remote Site Outages - Determining causes of remote site outages and implementing the corrective action necessary to bring the site back online.
• Client connectivity- Worked with clients to determine the causes that were not allowing them to connect to various services across the network and then implementing changes that would allow them to connect to these services. This type of support required an in-depth understanding of the network infrastructure as well as the desktop operating systems and applications residing on them to determine if the problems the clients were having reaching services to remote hosts, printers, and or vendors were network, desktop or server related.
• Following is a synopsis of tasks performed for past clients from 10/95 thru 2000
• Meeting customer needs in, administration, maintenance, project management, service and support of their LAN/WAN and enterprise networks in the following areas
• Installation service and support for a wide variety of hardware and client server platforms

Confidential

Solely responsible for maintaining a node of a global wide area network and the local internetworks on a shift basis. Customer base consisted of all airline carriers and airline related businesses with emphasis on maintaining the network at Honolulu Intl. airport, remotely attached airports in the Pacific Rim and the local base of Approx. 500 airline and travel related businesses. Project management of client cutovers to the Sita network and hardware installs to the Sita network. Conducted physical security audits at the Honolulu airport of the network closets, access panels, cable troughs and gate equipment

Confidential

Provided third level technical support, Beta evaluation and qualification for Ethernet NIC and the associated firmware. Supported interfaces ran on multiplatforms running in a UNIX and DOS environment

Confidential

Technical Support of data communications hardware and software for a UNIX based product line of mini computers. Systems Admin for in-house UNIX systems

Confidential

Technical lead for 20 plus technicians in debug of an entire IBM compatible 3270 product line. Acted as a liaison between engineering and manufacturing for the introduction of new product lines. I taught various classes on troubleshooting techniques and test tool utilization.

Confidential

Component level debug of PC Circuit boards