SUMMARY:

• Multi - task experience with cyber security tools, engineering and addressing security issues and technical specifications for (implemented QRadar SIEM in enterprise environment, network security infrastructure, Security Tools, network security, Automation, Test, Implementation, Configuration, deploying, Integration, Management, Rules, Reports, Offenses, use cases, and Documentation experience within cyber security, information security and engineering, involves security tool implementation and troubleshooting within enterprise environment. works experience in Plan, deploy, operate, maintain and execute DR procedures for Cyber security tools, and maintain enterprise security tools (e.g. IBM QRadar, RSA Archer GRC Platform, MetricStream, F5, Syslog NG Premium, Microsoft Azure, and FireEye HX MIR (Mandiant Intelligent Response) controllers, Analyze Plixer NetFlow from Nexus routers, NGN Next Gemeration Networking, Next-Generation Data Centers, Python, and Wireshark.).
• Automation, configuration, integration, management, and documentation- Lead and Alternate
• Knowledge of network infrastructure and networking technology TCP/IP, DNS, DHCP, Proxies, Load balancing, ACE, F5, Linux/Unix, Windows, routing, switching, network design, wireless networks, and IP communications, NAT, netflow, packet capture/analysis.
• Implements, configures, and manages new and various security tools and integrates security tools.
• SIEM: Installs, assets, log activity, network activity, dashboard, patch, upgrade, firmware.TCP/UDP protocols, TCPdump, Telnet, VI, Grep, and Tests Logs by spoofing Log Sources to QRadar.
• Designing, implementing, and maintaining network security, security tools, and using a scripting to and command line queries: Putty, SQL query SQL Plus, PSQL, Scripts Bash, Python, and PowerShell, also some knowledge C/C++ and Java, Write network and security documentation, policies, and guidelines.
• Cyber Security Tools Configuration Management: Experience of health, stability, patch management, troubleshooting, performance, and capacity of QRadar SIEM platforms. Log Analysis, SOC Analyst, NOC and Cyber Security Defense Center.
• Provides guidance to SOC Operations, documents administration with SIEM, Performs tasks consistent with the goals and objectives of the Cyber Security Defense Center and Lead efforts in the improve and develop of process/procedure manuals and documentation for the SIEM tools development.
• Identifies and create use cases within the SIEM tools and work with Project managers in multi phases (Dev, QA, Test, and Prod) to manage multiple projects and tasks, and set appropriate priorities for tasks to be accomplished based on project plans and management priorities, and works both independently and in a team environment.
• Identifyes security incidents, monitoring policy violations, Audit Violation Reports, GRC, Network and applications SLA reporting and Service requests to meet SLA objectives; SDLC, Agile development, Sarbanes-Oxley Compliance.
• Documents (Manage Progress Logs), IBM Problem Management Record (PMR), Operation SIEM/Security/Network Requests, Application/Servers/DBs Owners Request and Tickets.

PROFESSIONAL EXPERIENCE:

Cyber Security Tools Engineer - Development Lead Engineer

Confidential, MI

Responsibilities:

• Familiars with security and monitoring tools (Load balancing, ACE, F5, Syslog-NG, Firewalls, Plixer, IDS/IPS), Infrastructure network, applications, Extranet, Intranet, and Datacenter; Unix/Lunix/Solaris /Windows /Database, Azure Cloud, Pivotal Cloud Foundry,WebSphere, CSC Analyst,NOC Analyst,SOC Analyst, NetOps,IntraNet,ExtraNet Teams in Enterprise Security Systems.
• Python, PERL, Bash (IBM Security QRadar, Red Hat Enterprise and QRadar Collecting logs Unix / Linux, AIX, Linux, HP-UX, Solaris, and PowerShell for Windows Servers.
• Customer services to support Internal and External Clients and creates Requests/Tickets.
• Knowledge in the logs of: Incident Response to create Internal Request/Tickets with Unix/Lunix/Solars/AIX, Windows Servers, WebSphere, Global DB, Security Operations, Extranet, Intranet Engineering and Operations Teams - External Vendor support like IBM, RSA, MetricStream, CISCO, Tools: Ping, nslookup, sqlplus, Putty, TCPDump, Syslog, RegEx, LSX, DSM, QRadar Dashboard Tools.
• Supports services such as SSL/TLS, LDAP, SSH,SSO, Kerberos, PAR, RADIUS and TACACS, Load Balancing, Proxies, MSSQL, WebSphere, Oracle, IIS, Apache ...etc., Guides and Mentors IT Security/Network Operation Engineers.
• Documents deliverables (Manage Progress Logs), IBM Problem Management Record (PMR) requests to Qradar, Operation SIEM/Security/Network Requests, Application Request and Tickets to NetOps.
• Participates in documentation of Infrastructure Control Review/Applications Control Review, documentation, runbooks and troubleshooting Guide.

Enterprise Network Engineer/SIEM

Confidential, Sterling Heights, MI

Responsibilities:

• Maintain Active Directory, Group Policy, LDAP, Active Directory Lightweight Directory Services (AD LDS), using PowerShell.
• Familiar with Windows Security Infrastructure and ensure the stability, integrity, and efficient operation of the systems that support core organizational functions, System log analysis, backups, network security, user account/permissions management and systems.
• Using Nagios to monitor and alert services for servers, switches, applications and services.
• Monitor security events from multiple sources such as antivirus, firewalls and system security logs, analyze the results and escalate, when necessary, to the appropriate group for remediation.
• Maintain of network/application security, applications programming, reverse engineering, malware analysis, cryptographic algorithms, Identify targeted attacks and other suspicious activity using a variety of network based tools.
• Escalate trouble tickets to vendor(s) as necessary, prepare and provide reports on assigned project work, provide troubleshooting of any security escalated issues related to assigned product. amiliar with network intrusion detection, network intrusion prevention, vulnerability scanning, network hardening, network access control, virtual private networking, and network management equipment and systems.
• Documents technical issues for a range of technical and business management.
• Using a high-level scripting/programming language (Bash, PERL, Python, PowerShell, JavaScript and C, C++). xperience interfacing directly with customer and management teams; including, conducting briefings and technical meetings for management and customer representatives.
• Knowledge of CISCO networking technologies, including Switches, Routers, Firewalls, and Wireless LAN controllers.
• Basic knowledge in malware analysis and forensic investigations, encryption algorithms.
• Familiar with Wireshark, Nessus, Snort, Tcpdump, SSH (Secure Shell), PuTTY, OpenSSH, OpenVPN.

LAN/WAN Engineer

Confidential, Rockville, Maryland

Responsibilities:

• The Administrator position is responsible for the administration of Windows 2003 & 2008 servers and AD, and CISCO switches VLAN configuration, manages the computing environment using Altiris, and SCCM 2012.
• Manages user Accesses and file/folder security and shares and manages projects for upgrades, migrations refreshes, Familiar with Firewalls, switches, routers, and basic network troubleshooting
• Installs new software releases, Implement System upgrades. Evaluate and install patches
• Manage projects for updates and maintenance
• Routines on servers, labs, classroom, and provost workstations
• Work with third party software and Hardware vendors for support and troubleshooting, effectively communicate Updates and schedule routines for minimal downtime
• Resolve software/network related issues and Windows software for clients/servers; Windows 2008 server, Deploy Windows 7, and upgrade from Windows XP, Active Directory, Exchange; videoconferencing; SQL Server; Understanding of web technologies IIS; DNS, DHCP, TCP/IP; NetBIOS; Basic networking; Security Support using Symantec Endpoint Protection; Altiris
• Perform routine system backup and recovery of data. Maintain inventory of hardware, Software, and ensure license compliance
• Provide next level support for network, software, Desktop and peripherals to Help Desk support staff
• Detects, diagnoses and reports problems for servers and workstations relating to security, hardware, and software

Systems Engineer

Confidential, Maryland

Responsibilities:

• Installing, administration & maintenance of client networks and Installs new software releases such as MS Office, System upgrades2-Evaluate and install patches. Manage projects for updates and maintenance Routines on servers, labs, and classroom
• Supported core Windows technologies (Windows server 2003 & 2008, Windows 7/XP)
• Deploy Windows 7, and upgrade from Windows XP
• Assisted in administering and supporting Active Directory environment
• Develop system access, monitoring, control, and evaluation; establishing and testing disaster recovery policies and procedures; completing back-ups; maintaining documentation, and performing system and software upgrades and patches
• Testing and Installation of computers and Medium hardware systems connected PCs in a network and set up peripheral equipment, hardware components
• IT establishes system specifications by conferring with users; analyzing workflow, access, information, and security requirements; support DNS, DHCP, TCP/IP; NetBIOS, PXE
• Troubleshooting a windows server operating system, IIS and Intel server related hardware issues

Systems Administrator

Confidential

Responsibilities:

• Exchange Administration including; DAGs, Outlook client, user mailbox creation/ deletion/ modification, shared Mailbox creation, calendar permission, mailbox management, shared mailbox permission management, end user outlook support issues, outlook profile corruption/ new / configure, distribution list permission assign/remove
• Script and develop using, PowerShell, VBScript, Shell and related systems
• Monitoring, maintaining, supporting, and optimizing all networked software and associated operating systems, oversee and troubleshoot operating systems and applications using OS-based, resource kit, and third-party tools, troubleshoot problems and quickly resolve issues, analyze failures to minimize outages and interruptions
• Designing and running system load/stress testing; escalating application problems to vendor
• Installing, administration & maintenance of client networks Cisco or equivalent
• Secures system by developing system access, monitoring, control, and evaluation; establishing and testing disaster recovery policies and procedures; completing back-ups; maintaining documentation, and performing system and software upgrades and patches
• Maintaining the technology architectures DNS, DHCP, TCP/IP, NetBIOS

IT Specialist

Confidential

Responsibilities:

• Developed and administered final exam to test student knowledge twice per module.2-SCCM 2007 application deployment/patching, deploy software distribution packages to desktops, laptops, and servers
• Trained employees how to use computers.
• Performed analysis, testing and installation of computers and large hardware systems, connected PCs in a network and set up peripheral equipment, hardware components, and allied devices.
• Loaded software programs/packages and utility applications, and installed Operating Systems.
• Develop finance DB applications for University.
• Maintained intranet networks.
• Provided user account management, network configuration, routine maintenance, workstation/disk configuration & management, troubleshooting, documentation,, and support for Windows systems, peripherals.
• Setup, and installed computers and new applications
• Generally diagnosed PC-related issues and fixes and repairs computers, printers and other hardware.
• Upgraded memory and hard drive systems checked performance-related issues and network support problems with hardware tools, including booting CD with diagnostic programs and utility software.