Summary of Qualifications

Multi-skills with very strong technical qualifications, results driven, risk assessment, project management, operation/workflow. Over 18 years in network design, network security, forensic analysis, vulnerability assessment, intrusion prevention, intensive knowledge in Networking IT security. Lead train multiple security teams to respond to an enterprise's strategic changes. Outstanding analytical, interpersonal.

Key Accomplishment

• Appointed by current Governor to serve in Cyber Security Strategic for Ohio Homeland Security. Assisting in cyber security strategic to all sectors.
• Member of Chief Security Officer-Leadership CSO-L strategic planning to all facets of securities for all cabinet level agencies.
• Acting CSO for Department of Correction.
• Engagement with key US government staffs on matters pertaining to statewide IT/Network security policy and annual IT budget. Managed a complex network across 66 counties, thousand of network equipments, hundreds of servers and more than 8000 PC.
• Network defense architect including 30 firewalls Checkpoint Cisco , Cisco VPN, IPS, Websense
• Design and manage State OH Inmate Network Infrastructure.
• Lead and conducted network security assessments, and risk management across 66 counties Cities in Ohio for comply the requirements with Ohio Revise Code, State OH OIT, Homeland Security HIPPA
• Tracking emerging issues and assessing their potential impact on Statewide network Homeland Security
• Lead Forensic Examiner to support Ohio Attorney General Office, and law enforcements.

Professional Experience

Confidential

• 1. Architected a comprehensive Enterprise Security Framework for compliance with House Bill 648, ORC1347.15, ORC125.18, Ohio IT Policies, Governor's Directives, and ODRC policies. Areas in developing Enterprise Security Framework including:
• - Work with CIO, supervisors inter-agency working group to interpreting applicable law.
• - Create, update, and evaluate ODRC IT Policies and Procedures.
• - Planned IT Security strategic requirement to technical solution mapping.
• - Implemented DRC policies by coordinating integrating multiple IT Security teams in Enterprise Framework.
• - Lead compliance auditing and risk management.
• Confidential
• - Oversee IT Policy/Procedure team, develop project scope.
• - Provide technical evaluation, comments on policy drafts.
• - Provide the IT Policy/Procedure team with a set of technical requirement for each different policy: Password Policy Security Notification Policy Electronic Record, Intrusion Prevention, Remote Access Security Policy Malicious Code Security Policy, Data Classification Policy, and Business Continuity Planning Policy.

Confidential

• Functioned as security landscape analyst and a voting member in State OH Chief Information Security Officer-Leadership Committee provides standards to help all agencies develop IT security strategic plan, including:
• - Standardized Common Security Framework
• - Standardized Auditing and Accountability
• - Standardized Identity Access Management IAM
• - Standardized Configuration Management
• - Standardized Contingency Planning
• - Standardized Media Protection
• - Standardized Awareness and Training
• - Standardized Access Control
• - Standardized Risk Management
• - Standardized Security Metric

Confidential

• Work with State OH Data Privacy Subcommittee DPSC to evaluate technologies, products, and statewide purchasing to provide statewide Sensitive Data protection, and implementation plans for the following areas:
• - Confidential Personal Information Access
• - Forensic
• - Data Loss Prevention DLP , Data Mapping
• - Network Access, Intrusion Prevention
• - Logging/Auditing
• - Endpoint Encryption, Removable Flash drive, Data Encryption
• - Content Encryption, WAN Encryption, Encryption Key Management
• - Two-factor Authentication, Biometric, Facial Recognition
• - Role Identity Management
• - Secure File transfer

Confidential

• - Architected 1st layer of boundary security solution to separate routing for internet cloud and interagency network cloud, filtered network threats, denied of services, network scanning, network attacks, and de-conflicted all cyberspace utilizing Cisco Technology, including:
• Architected Deployed 30 Cisco ASA firewalls in failover/high availability mode as main gateways of infrastructure.
• Deployed Cisco Intrusion Detection System IDS to monitor prevent network threats.
• Deployed Cisco PIX firewall as main gateway for all video traffics.
• Integrated Cisco with Checkpoint technology to maximize boundary network performance with zero downtime.

Confidential

• Leveraged subject matter expert to design/deploy 2nd layer of boundary security solution to protect infrastructure utilizing Checkpoint Technology, including:
• Checkpoint Firewall Next Generation NGX , Checkpoint Security Management, Checkpoint VPN-1, Checkpoint VoIP, Checkpoint Vector Protocol CVP Chaining and Load Sharing, SecureXL and ClusterXL.
• Design multi-segments DMZs with appropriate security for inbound outbound traffics.
• Integrated Checkpoint with WebSense technology via CVP protocol to protect secure internet contents and application layer.
• Design VPN Access for both Remote users and Lan2Lan L2L tunneling network between agencies.

Confidential

• Designed and deployed internet access solution to comply with agency's Internet Access policy with real-time classification utilizing WebSense technology.
• Integrated eDirectory, LDAP, MS Active Directory and network transparent for authentication.
• Integrated Websense filtering with Microsoft ISA/Squid Proxy to controls internet access, mitigate risks, and real-time analysis for entire department.
• Implemented Constant ThreatSeeker to block and provide dynamic protection against Web malware.
• Designed and deployed multi-configurations system for proxy servers to serve as Web-caching proxy, Video proxy, or sock-firewall to handle multi domains in disparate geographical for accessing internet.
• Logging auditing all internet access and check for any compromise.

Confidential

• Lead and train Forensic staffs to response all investigations
• Lead Forensic examiner to assist OH Attorney General Office, and Chief Inspector Office digital investigations.
• Lead trained multiple security teams to respond to an enterprise's strategic changes. Oversee all of the following IT Security Teams: Data Classification, IT procedures polices, Mobile Encryption, Vulnerability Assessment, Logging/auditing Database Access, Access Control, and Pen Testing team.
• Developed project scope, evaluated plans, criteria and milestones for multiple security projects activities to be carried out by each IT security team.
• Conducted and provided methodology and specific security expertise all IT/Network security teams to implement the State and department policies.

Confidential

• Conducting annual compliance reviews for Data Classification, identify the types of information and systems covered by ORC 1347.15. Updating annually Data Classification implementation plan and specifically meeting the requirements of ORC 1347.15. Implementing internal policies and controls apart from the ORC 1347.15 rules that offer similar protections for all DRC information assets and systems.
• - Lead Vulnerability Risk Management, security incident response, and forensic/audits.
• - Served as Member of Statewide Computer Emergency Response Team CERT to:
• Evaluated adverse events effectively and to response appropriately when computer security incidents are identified.
• Preparation and planning for a computer security incidents and ensuring that the right resources are available.
• Work with Chief Inspector Office, institution investigators, Adult Parole Authority investigators, State Highway Patrol, OBM internal/external auditors, and Ohio DAS IT Risk Management to address security concerns.
• Maintained Chain of Custody.
• Coordinated Incident Response Communication.
• Analyze incident, and perform computer network forensic
• Recovery Restore.
• Report incident and provide Forensic analysis.

Confidential

• Design LAN/WAN infrastructure for contingency and optimal network performance.
• Provided network team with multiple solutions for network routing of data and video while enhancing network security for all ongoing activities related to the designing phase, implementation, and maintenance of network infrastructure. - Design Lan to Lan L2L Tunneling solutions for inter-agencies to encrypt network traffics. Assured connectivity for L2L tunnel networks for OAKS, BMV, LEAD, Department of Public Safety, Ohio Department of Health, Ohio Department of Mental Health, Ohio State University.