Qualifications

An engineering-minded IT security professional with a record of excellence, integrity, dedication, and achievement. A motivated and innovative self-starter with the ability to quickly absorb technical information and effectively convey technical concepts to non-technical personnel. A team leader with outstanding communication skills and an ability to think creatively to solve complex problems.

Skills Summary

• 6 Years Security Engineering/Analysis Experience
• Penetration Testing Metasploit, Core Impact, BackTrack
• Vulnerability Assessment Nessus, Nmap, Cenzic Hailstorm, Burp Pro
• Programming and Code Analysis
• Intrusion Detection Monitoring
• Web Application Firewall WAF Implementation and Configuration Imperva
• Network/System Administration
• Technical Briefing, Training, and Mentoring
• Firewall/Proxy Implementation and Configuration Cisco ASA, FWSM, PIX
• Technical Writing MoA, SOP, RFP, Training materials
• Proficient with ArcSight, McAfee's Intrushield IPS, Cisco IDS, Splunk
• Network/User/Policy Management for Windows/Unix Enterprise Environment
• AntiVirus Enterprise Solutions Administration, Configuration, and Implementation
• Operating Systems Microsoft Windows: 2000, XP, Vista, Windows 7- Microsoft Windows Server: 2000, 2003, 2008, Linux/Unix: Fedora, Red Hat, Suse, Mandrake, CentOS
• Professionally experienced with C/C , PHP, Perl, JavaScript, Rational Visual Test
• Self-taught reverse engineering experience OllyDbg, IDApro

Professional Experience

Confidential

Senior Network Security Engineer

• After being hired as a network security analyst for the Judiciary's Security Operations Center, I was quickly promoted to the Vulnerability Assessment VA Penetration Testing PT team. Within one year I was promoted to lead the VA PT team responsible for all US Court's public facing assets, I regularly completed special assignments involving technical writing, briefing senior federal management, mentoring visiting federal staff, and training new personnel. Other responsibilities have included:
• Leading the VA PT team for Federal Judiciary's public facing network
• Regularly providing briefings to, and mentoring, nationwide court staff visiting the Judiciary administrative office
• Drafting documentation detailing scope, duties, and capabilities of VA PT team
• Developing and implementing a new, more thorough, reporting format to detail all VA PT results
• Establishing and delivering training for both VA/PT team members as well as security analysts on Security Operations Center team
• Representing the Security Operations Branch in the Judiciary network change control process by acting on the Engineering Review Board
• Providing incident support for escalated network security events
• Authored server hardening guidance for nationwide locations
• Providing customer support for operating system and web application security questions
• Engaging in code reviews to determine risk levels of custom web applications
• Actively monitoring and configuring IDS/IPS systems
• Performing in-depth security log correlation and analysis
• Drafting and developing SOP documentation for IDS/IPS tuning

Confidential

Senior Network Security Analyst I was hired as a junior level analyst, but promoted to a senior level role within 6 months and assigned as a shift team lead responsible for a team of junior and senior analysts. Less than a year later, I was promoted again and became the sole contract liaison with Senate Staff, providing on-site support to federal staff in Washington, DC. Responsibilities included:

• Actively monitoring and configuring IDS/IPS systems
• Researching and applying current event analysis techniques and best practices
• Authoring thorough investigative incident reports
• Establishing training plans and delivering training Performing in-depth security log correlation and analysis
• Acting in a liaison role with key federal personnel
• Drafting and developing SOP documentation for IDS/IPS tuning
• Training new staff in policies and procedures

Confidential

Lead Systems Engineer

• I was among only five employees when initially hired to provide software and web application development support. As Crystalfontz grew in size to over thirty employees, my position within the company expanded and encompassed a wide range of technical and engineering roles. While in this role, I performed the following duties:
• Established, managed, and maintained company IPS infrastructure
• Managed company network/user/systems policies for Windows/Unix
• Administrated a corporate antivirus solution
• Performed technical Certification and Accreditation efforts for all internal servers and workstations.
• Security and administration maintenance of both web and file servers
• Developed, implemented and maintained website, database and content management systems
• Created/sustained customized device drivers and software applications for Linux environment
• Authored related technical documentation as required
• Provided customer support for device drivers and custom software applications
• Developed production software for programming and testing devices
• Developed automation software with remote reporting capabilities for use in overseas manufacturing facilities
• Responsible for all server, file and network backup configuration and maintenance
• Built and repaired company computers

Confidential

Quality Assurance Systems Engineer

• I initially served as an intern for Itronix but was hired on as an engineer after demonstrating excellence in my work. I developed software to automate many facets of quality assurance testing which substantially reduced the testing lead time. I was rewarded by being given expanding leadership over quality assurance software automation development. While in this role, I performed the following duties:
• Developing software automation tools to streamline testing processes
• Creating and distributing test scripts for the systems quality assurance engineers
• Performing network security testing of integrated wireless network solutions
• Performing hardware/software testing of distributions for release
• Various proprietary custom applications
• Operating systems
• Wireless networking devices
• Developing detailed evaluation reports of test results
• Conducting wireless LAN intrusion detection testing
• Investigating customer Issues and worked to their resolution

Confidential

Software Applications Development Intern

• While in an internship role with F5 Networks, I quickly excelled in my tasks and took on responsibilities usually designated for a full time engineer, including research and development of hardware testing techniques that would eventually be implemented company-wide. While in this role, I performed the following duties:
• Assisting in the design of software used for the development of proprietary hardware
• Researching and applying concepts of JTAG to replace existing testing methods
• Building an internal network for collaborated proprietary hardware/software testing and to aid in information security
• Rebuiding the Spokane location intranet site to meet the growing needs of the business