PROFILE

• Results driven, motivated, and business-savvy cyber security professional with strong regulatory and hands-on expertise in IT Security and System Integration. Proven track record in helping clients achieve their business goals and objectives. Possessing considerable experience contributing key advice and providing leadership on enterprise-level projects, resulting in measurable security improvements and positive recognition. Strong background navigating intricate workplace relationships and guiding complex technical projects involving multiple organizations with competing priorities.
• Fifteen years of extensive experience in designing, integrating and managing security systems, creating operational procedures and managing projects.
• Holds an Active Top Secret, DoJ MBI and ATF High-Level Security Clearance

KEY STRENGTHS

CERTIFICATIONS

• Certified Information Systems Security Professional CISSP since 2001 Information Systems Security Architecture Professional ISSAP
• Information Systems Security Management Professional ISSMP GIAC Certified Incident Handler Gold GCIH - Gold
• Certified Information Security Manager CISM
• NSA Certified INFOSEC Assessment Methodology expert NSA IAM ArcSight Certified Integrator / Administrator ACIA
• ArcSight Certified System Analyst ACSA
• Checkpoint Certified System Administrator CCSA Microsoft Certified Systems Engineer MCSE
• Cisco Certified Network Associate CCNA

TECHNICAL SKILLS

EMPLOYMENT HISTORY

confidential

• Serving as in-house subject matter expert for all ArcSight ESM v5.0 , Logger v5.0 and Connector projects. Providing technical assistance to System Owners and CISO with the ongoing Audit, C A and Contingency Planning tasks.
• Designing the technical solution for eDiscovery. Coordinating tasks between Legal and IT teams. Leading security engineering and regulatory compliance FISMA efforts. Coordinating tasks between multiple vendors and Government representatives.
• Preparing position papers and presentations helping the CIO Office prioritize security initiatives based on organization-specific security risks and available resources.
• Assisting the client in compiling and refining RFI and RFP business requirements including but not limited to eDiscovery, ArcSight SIEM, Security Architecture/Integration and Social Media policy.
• Providing SME input for the technical approach for the upcoming IT Infrastructure Management contract.
• Serving as the technical lead for the deployment of BigFix Client and Relay infrastructure. Serving as technical lead for the transition to BigFix patch management and software metering solution DSS .
• Providing consulting support to the Enterprise Architecture Group with the focus on SDLC, FISMA and Security Architecture.
• Providing SME input on the secure system design and assisting system owners with security alignments required to address audit findings and POA M.
• PRICE WATERHOUSE COOPERS PWC / HEWLETT PACKARD HP Apr. 2011 Jan 2012
• Provided engineering and architecture services lead in support of a global deployment of HP's ArcSight SIEM services solution ESM v.5.0, Logger v.5.1 Leveraged, Security as a Service SaaS , Dedicated and Hybrid models . Solution design utilized HP's internal systems such as ECS, SRA/ESM and Vigilance, and offered integration points with HP's other enterprise security technologies such as TippingPoint and Fortify.
• Provided SIEM SME advice for the migration from RSA enVision to ArcSight SIEM platform.

confidential

Provided consulting services related to risk management, security architecture, and new technology research acquisition. Helped IMF Security Group formulate and get management by-ion for the outsourced security services program.

Transportation Security Agency ITIP

Assisted TSA/CSC with the data center migration relevant to ArcSight system components Connector and Logger appliances v5.0 . Provided Level 3 engineering support and implemented ArcSight Logger/ESM design enhancements.

confidential

• Provided SME input for the redesign and improvement of audit, logging and vulnerability management practices. Guided mid-level management on how best to leverage available resources for the purpose of fulfilling
• regulatory requirements while mitigate cyber security risks.
• Provided SME expertise for the improvement of CSIRT operations and technical assistance with the SIEM integration tasks netForensics, ArcSight Logger, Linux, Oracle, Active Directory .

confidential

• Redesigned ATR's ArcSight ESM v4.5 deployment, while significantly expanding the number of security data integration points, including but not limited to Oracle RDBMS, NetWitness, Snort and Symantec SEP 11.X. Provided technical assistance with FDCC, SCAP and C A tasks.
• Served as the Security Advisor to the CIO on tasks related to FISMA compliance and privacy assessments. Assisted ATR CIO with the composition of Inter-Agency Interconnectivity Agreements.
• Provided SME input for the establishment and adjustment of service level agreements. Conducted CMDB feasibility implementation study and presented results to senior mgmt. U.S. Senate
• Served as Technical Lead for the design and build-out of the Senate's Primary and Alternate Security Operation Centers.
• Served as technical lead for the design, deployment and integration of ArcSight ESM v3.5, 4.0 and nCircle vulnerability management systems.
• Served as Senior Advisor to the Senate CIO establishing the vision for the Senate's CyberSecurity program. Assisted CIO's office with the preparation of the Sources Sought, RFI and RFP for the CyberSecurity contract.

MD TECHNICAL DIRECTOR

• As a direct report to Executive VP, provided technical expertise for significant contracting opportunities RFP responses with 75 win rate. Led technical teams in oral presentations and red/gold team sessions.
• Managed team of senior security engineers. Designed Department's Global Intrusion Detection Security Architecture Real Secure IDS , featuring revolutionary RDBMS Clustering solution.
• Provided key input for the creation of the Department's CIRT and CTAC teams.
• Piloted and led deployment of the netForensics SIEM and provided technical assistance with C A tasks
• U.S. Dept. of Agriculture
• Conducted System Testing and Evaluation for the USDA's Major Application Systems.
• U.S. Dept. of Commerce
• Assisted the client with creation of the Contingency Plan and Business Continuity policy documents.

INDEPENDENT CONTRACTOR WASHINGTON, DC SECURITY ENGINEER /

ANALYST

Confidential

• Designed and delivered World Bank's Intrusion Detection System CA eTrust . Created custom reporting solution through integration of eTrust and SAP. Conducted Oracle and SAP audit analysis.
• Internal Revenue Service
• Played a key role in the development and documentation of architecture for the IRS Web Portal Netegrity Site
• Minder, eTrust Directory Server, Microsoft IIS, Vignette, Checkpoint and Cisco Pix firewalls.
• U.S. Department of Treasury
• Created Treasury's Intrusion Detection Policy document. Performed penetration testing and security assessment.
• U.S. Bureau of Printing and Engraving and U.S. Courts
• Conducted firewall audit and delivered recommendations for the improvement of firewall policies.

Confidential

Participated in the cutting edge security event correlation exercises. Tasks included Configuration of security Applications, including CyberWolf, Real Secure, Net Radar, Cisco Pix, Emerald and IDIP security daemon.

MD NETWORK

ENGINEER

• Web Site s Administrator Windows, Solaris, SQL, Firewall .
• Network Engineer Cisco Road Runner ISP Server installations, modem provisioning, hardware assembly . Data Migration Specialist FDIC, U.S. Architect of the Capitol Microsoft Access to Microsoft SQL migration .