SUMMARY

• Confidential brings over 20 years of experience Information Technology and Information Security
• Engagements have included a mixture of large and small organizations alike
• He brings a “best practices” perspective to every engagement and project
• Experience building, managing and planning Information Security Programs. Confidential is a hands - on leader that enjoys leading from the front with vision and collaboration
• He has a passion for technical challenges and continuing to learn the latest and greatest security technologies

TECHNICAL SKILLS

Network Security: Checkpoint Firewalls, Pointsec PIX 535, IPSEC, Secure Socket Layer, SSL, TCPDump, ISS, VPN, Radius, Encryption, WEP, WPA, LEAP, Nokia

Security Software: SIEM, DLP, RSA SecrureID, RSA Authentication Manager, Splunk, RSA Netwitness, RSA Archer, Tivoli Identity Manager, WAF, Single Sign-On, Webinspect, Nessus, Qualysguard, ASDM, DUKPT, Tivoli Access Manager, Tivoli Security Manager, OS Hardening, Net Stumbler, Retna, PIX Device Manager, Imperva Securesphere, PDM, Checkpoint FW-1 NG AI, Secure IDS, Firesight, Fireamp, Tripwire, ISS RealSecure IDS, Snort, SonicWall, TippingPoint SMS, Confidential Security Identity Manager, Intrushield, Encase, PIN Debit, HSM, Atalla, Antivirus, Kali, Metasploit, Core Impact, Easy Creds, NMAP, DSNIFF, FOCA, Maltego

WAN Topologies / Encapsulation: ATM, Frame Relay, HDLC, PPP

Routing Protocols: BGP, OSPF, EIGRP, IGRP, RIP

Hardware: Cisco Routers and Switches, ASA, CSU-DSU’s, Probes, Sniffer, PIX 535, VPN Concentrator, Juniper SSL-VPN and UAC, Imperva, Big IP, Connectra, Ironport, Atalla HSM

Operating Systems: Microsoft Windows NT, 2000, 2003, Windows NT, Novell, AIX, SCO UNIX, Sun UNIX, HP-UX, Linux, ESX-1, VMware, Hyprevisor

Networking Protocol Suites: TCP/IP, IPX

PROFESSIONAL EXPERIENCE

Confidential

MANAGING CONSULTANT

Responsibilities:

• A hands-on Information Security Manager of on-site Security Consultants in support of IBMs clients
• Design and Implement Incident Management, Security Operations, Risk Management, Security Policy and Vendor Management Programs
• Design and integrate Security Governance and Security Strategy Programs
• Design and build Security Operations Solutions and Centers
• Lead the Installation, administration and monitoring of SIEM solutions
• Lead and manage event correlation
• Serves as a Project Manager and technical specialist for Intrusion technologies on client engagements
• Led company-wide IPS/IDS implementation
• Led multiple implementations of Advanced Malware Protection
• Manage penetration tests using open source, commercial and custom tools
• Manage data classification and data loss prevention projects
• Design and lead Vulnerability Management programs
• Provide solutions within Cloud Security IaaS, SaaS, PaaS, S3, EC2, VPC,
• Manage and advised on firewall setup and administration
• Consulted on VPN setup and management
• Application and Mobile application security assessments
• Consult on Organization -wide HIPAA, PCI, GLBA, FISMA and SOX compliance projects
• Consult and Implement Security Controls
• Develop, recommend and implement Information Security Policies
• Provide Risk Assessments
• OS Hardening and Security Baselining
• ISO 17799/27002 Security Assessments
• Managed multiple wireless security engagements including
• Implementation of Security Framework based on ITIL standards
• PCI-DSS and PCI PIN Compliance Assessments
• Consult client on management of in-scope PCI-DSS data
• Implementation of GRC Tools
• Develop PCI-DSS remediation plans
• Manage PCI ROC remediation projects
• GLB gap analysis and assessments
• Security assessments based on FFIEC recommendations
• Management of Compliance driven projects
• Develop FISMA compliant Security Programs for Agencies
• FIPS compliant Security Controls based on NIST special publications
• Responsible for WAN/LAN Confidentiality, Integrity and Availability - Implementation of network and security hardware
• High Availability networks (HSRP, VRRP and load balancing technologies)
• Incident Management for multiple sites
• Analysis of routing and switching infrastructure
• Network and Security Monitoring
• Project Management of Customer Implementations
• Firewall and VPN Management
• Log Management
• Capacity Management
• Performance Management and tuning
• Application capacity planning
• Probe installation for LAN/WAN visibility
• Technical support for product sales
• Network and Security product evaluation and purchase
• Installation and support of the Network Security Adaptor
• UNIX / Microsoft product installation specialist

Confidential

CONSULTANT

Responsibilities:

• Presentation and demonstration of network monitoring software for Fortune 500 Companies
• Presentation and demonstration of security products, enterprise management, corporate wide helpdesk, cross platform scheduling tools and centralized desktop management tools
• Network Analysis and LAN/WAN monitoring tools. Pre-Implementation planning of projects, scheduling of tasks and resources for projects
• Client liaison for project planning and training
• Technical Lead on over 20 implementations for fortune 500 companies
• Technical support for the sales organization
• Client/Server software installation
• Appointed to Technical Overview Committee
• Appointed to SWAT team on Technical Issues
• Subject Matter Expert on Security Products (CA Trust, Single Sign-On)