SUMMARY

• Application Security Assessment Investigation
• Assistant Certification and Accreditation Security Advisor
• Proficient in Windows/Linux - OS - Server environment(s)
• Level 1/2 Troubleshooting client/servers
• Tier III Professional support

TECHNICAL SKILLS

Databases: My SQL, Access, SQL Server 2000\2005; Oracle up to current release (11g) and other ODBC

Software: Proxy, TCP/IP, VMware, SQL Server C#VB.NET, ASP.NET, ADO.NET, WEBSERVICES, AJAXSILVER LIGHT, CISCO Firewalls, routers and switches; TCP-IP (v4/v6) protocol Checkpoint Firewall; Citrix (SaaS), Microsoft Platform Security, Virtual Machine Technology, MS Windows 7, Server, Vista and XP; TrackIt; Microsoft Office Suite 2007; Photoshop; SharePoint; Symantec and Bomgar, SCCM, GoToMyPC, RSA Tokens, Remedy Ticketing System, Lotus Notes, Guardian Edge, Juniper, WebEx. Security Sandbox application, Footprint Ticketing system, Wire Shark, Nessus, Web Inspect, AppScan, RSA Archer

PROFESSIONAL EXPERIENCE

Confidential

I.T Cyber Security Engineer

Responsibilities:

• Created Web application vulnerability assessments
• Pentest web applications
• Utilize Nessus /Tenable to Scan web application for vulnerabilities and viruses
• Deployed, configured, customized on Linux, Windows systems.
• Test Software applications and servers for vulnerabilities before deploying it to the network .
• Remediate Audits, Compliance Management, and policies, Risk, Threats and Federal Assessment by Utilizing RSA Archer Solutions.
• Corporate objectives, Control standards and baselines using Policy Management within RSA archer solutions.
• Report audit results, Manage audit resources, Plan and execute audit engagements, Managed the audit plan and Audit universe within the RSA Archer solution.
• Identifies security risks, threats and vulnerabilities of networks, systems, applications and new technology initiatives. Provides technical support in the development, testing and
• Monitored, Configured, Scan/Patch Network TCP/IP, DNS, Telnet and DHCP.
• Utilize Nessus, Nmap, Web Inspect and Microsoft Surface Analyzer toolset to Scan all ports, access points, devices and software on the network
• Managed/Secured and Scanned devices, software, Web applications following NIST protocol & FIPS 140-2
• Support security assessments SA&A and Certification and Accreditation C&A activities) and audit
• Identify, Manage and develop Plan of Actions and Milestones (POA&M) and mitigation strategies for potential vulnerabilities
• Conducts complex security architecture analysis to evaluate and mitigate issues. Develops policies and procedures for securing the system infrastructure and applications.
• Develops complex technical and programmatic assessments, evaluates engineering and integration initiatives and provides complex technical support to assess security policies.
• Created vulnerability risk assessments for in house, COTS and 3rd party applications.
• Utilize Wireshark, Nessus to Pen-test and analyze the network and software’s.
• Utilize McAfee ePolicy/End Point Protection Suite administration including virus protection, HIDS/HIPS, firewall, encryption and other workstation security technologies.
• Address known exploits using the Host Intrusion Prevention System (HIPS) also, configured, monitored, installed and updated the application as well.
• Denied/Approved Software applications after testing the software for vulnerabilities and malware. peration of firewalls, intrusion detection systems, enterprise anti-virus and software deployment tools.
• Perform day-to-day activities required to distribute application/software/patch packages and deploy operating systems using BigFix to end user hardware.
• Utilize BigFix for software Usage and Analyze Operating Systems Deployment and Bare Metal Imaging and Software Distribution.
• Utilize BigFix for Security and Compliance (SCA) Vulnerability Management, Configuration Management and Patch Management.
• Install, Troubleshoot, Monitor ASP.NET Web Applications.
• Utilize PowerShell, SCCM for scripting, Imaging Windows OS, 7 & 10 machines.
• Manage and monitor ticketing system ensuring tickets are completed in a timely manner
• Reset and revoke PKI/PIV certs for digital encryption, distributed secured authorization code to users, Maintained digital database PKI/PIV request before and after Windows 10 rollout.
• Manage system backupManage email, spam, andvirus protectionAdminister servers,desktop computers, printers, routers, switches, firewalls, phones, personaldigital assistants, smartphones, software deployment, security updates andpatches. monitor network usage and security, undertake routine preventative measures to ensure network security. resolve technical problems with LANs, WANs, network segments, internet, intranet and other data communication systems; ensure network connectivity is on par with technical considerations Install, modify, and repair server / computer hardware (cables, hubs, routers, wireless adaptors.) and software.
• Maintained all AWS Server, storage, back up and systems tools.
• Planned and managed AWS, SQL, and other systems updates and upgrades.
• AWS maintenance, licensing, deployment and ownership
• AWS/Cloud watch monitors and alerts
• Manage and maintain VMware virtual server environment
• Manage and maintain the VMware virtual client environment
• Manage and maintain the SAN/NAS (e.g. NetApp) storage systems
• Setup, configure, and maintain hosted environments such as Microsoft Azure and Amazon Web Services.
• Manage and maintain Active Directory, User Accounts, Group Accounts, Computer Accounts, DHCP DNS and Domain Controllers.
• Manage and maintain the Microsoft System Center Configuration Manager(SCCM) for server updates as well as for client updates and automated builds and deployments.
• Ensure the proper execution of regular system backups
• Manage, maintain and patch Windows/Linux server operating systems and the applications running on those servers.
• Remain up-to-date on security concerns and implement solutions as necessary
• Oversee and manage the Office 365 based email solution.

Confidential

Desktop Application Security Advisor/ Security Advisor Engineer

Responsibilities:

• Develop Archer data feed management and reporting
• Managing O&M activities of Archer
• Recommending and developing processes and use cases to be implemented by Archer
• Developing and maintaining appropriate documentation around Archer deployment(s)
• Providing Archer design and architecture support
• Remediate Audits, Compliance Management, and policies, Risk, Threats and Federal Assessment by Utilizing RSA Archer Solutions.
• Corporate objectives, Control standards and baselines using Policy Management within RSA archer solutions.
• Report audit results, Manage audit resources, Plan and execute audit engagements, Managed the audit plan and Audit universe within the RSA Archer solution.
• Completed ASA’s “Application Security Assessments” for LOC.
• Identify and mitigate security business and system risks
• Identify, Manage and develop Plan of Actions and Milestones (POA&M) and mitigation strategies for potential vulnerabilities.
• Assist with firewall policies and network configuration support for firewalls (Fortinet, Cisco ASA) * Engineering and configuration support for network router and switches (Cisco) * Provide engineering guidance and process ownership for VPN technologies, including user remote access and business to business connectivity.
• Managed NIST security frameworks ensuring their successful execution and ongoing compliance.
• Collaborate with the LOC Federal project team to support security assessments (Security Assessment and Authorization SA&A and Certification and Accreditation C&A activities) and audit
• Experience interfacing with customers regarding IA policies and practices
• Create Security Assessments by Communicating and escalating compliance and risk issues to the appropriate customer representative and level of management.
• Provide expert level consultation regards contractual system security obligations, frameworks, control requirements.
• Lead development and maintenance of information security risk assessments designed to evaluate inherent risks, controls, and residual risks for the LOC and key vendors. Monitor the operating effectiveness of key security controls and evaluate results relative to risk assessment.
• Utilize vulnerability assessment tools such as: McAfee Security Mgmt tools, Big Fix, Archer and custom PowerShell
• Performed testing, Virus Scan for requested/updated software for Windows XP, 7, Vista and Mac on Windows Server 2003/2008 and Linux Operating Systems.
• Created vulnerability risk assessments for in house, COTS and 3rd party applications.
• Utilize Wireshark, Nessus to Pen-test and analyze the network and software’s.
• Utilize McAfee ePolicy/End Point Protection Suite administration including virus protection, HIDS/HIPS, firewall, encryption and other workstation security technologies.
• Address known exploits using the Host Intrusion Prevention System (HIPS) also, configured, monitored, installed and updated the application as well.
• Received notification in Footprints ticketing system for requested software.
• Test web applications for security vulnerabilities using AppScan Tool.
• Analyze and assess vulnerabilities in the infrastructure (software, hardware, networks), investigates available tools and countermeasures to remedy the detected vulnerabilities, and recommends solutions and best practices.
• Utilize Nessus, Wireshark for vulnerability scanning tool
• Ran patches/updated in house, COTS, 3rd party applications
• Tests for compliance with security policies and procedures.
• Investigates and utilizes new technologies and processes to enhance security capabilities and implement improvements
• Scans for, identifies and assesses vulnerabilities in IT systems including computers, networks, software systems, information systems, and applications software.
• Utilize security software, including tools for monitoring, traffic analysis, intrusion detection, virus/spyware/malware detection, anti-virus software, and so on.
• Utilize Sandbox Application to execute files and URLs in a controlled environment and monitor the behavior of applications and operating systems for suspicious activities.
• Created, Modified, and Updated Security Hardening Guide, Denied software list and Risk Assessments on the shared drive network.
• Validate existing system security authorization packages - including SSPs, configuration management plans, and contingency plans - for compliance against NIST Special Publication (Revisions 2, 3, & 4)
• Develop technical test case strategies and procedures for a wide variety of operating systems, database environments, and applications to ensure that they adhere to National Institute of Standards and Technology (NIST), Federal Information Security Management Act (FISMA), Federal Information Processing Standards (FIPS), and Department of Education security policies and requirements.
• Approved applications for RSA tokens and disseminate, Add users to catalog ensuring placement in correct security domain, collected tokens from termination, removed users in database, Maintained database token request, distribution and maintained inventory of unassigned tokens.
• Troubleshoot hardware, software issues throughout the Loc
• Supported 2,000 users on site, phone, remote and walk-ins with helpdesk, Desktop issues throughout the Loc.
• Resolved helpdesk tickets utilizing remedy ticketing system
• Reset and revoke PKI certs for digital encryption, distributed secured authorization code to users, Maintained digital database PKI request.

Confidential

Help Desk/Desktop Support

Responsibilities:

• Traveled to job sites to fix/troubleshoot hardware/software and Network Server issues
• Supporting all desktops, laptops, PDAs, and tablets with a customer focused attitude.
• Configured TCP/IP settings, ping IP address,rebootedserver, secured server, Configured Network Adapters
• Set up, configured and added users toActive Directory Group Policies.
• AddedLaptop, Desktop Machines andnetwork printers and printer Drivers, eCopy machinesto the server/network.
• Supported 5,000 users utilizing a variety of mainstream operating systems including (Windows XP and Windows 7 andLinux), internet explorer advanced settings, and Microsoft Offices.
• Configurednetworks, application servers and web servers.
• Troubleshot and monitored Microsoft Exchange Server 2003/2007/2010 , Active Directory, Windows Server 2003/2008, Linux Operating Systems, BlackBerry Server, VMware, SQL Server and Citrix.
• Windows Infrastructure AD/DNS/WINS/DHCP/TCP-IP.
• Utilizedremote tools applications such as SCCM, BomGar, WebEx, and Citrix.
• Interacting directly with IT team members to document, track, and resolve issues related to FDICinfrastructure.
• Managing and implementing software and hardware updates, patches and upgrades.
• Workedindependently and in a team environment to monitor, manage and troubleshoot LAN/WAN, various Commercial Off-The-Shelf (COTS) applications, disaster recovery/back.
• Updatesystems, internet and security issues, network performance,client’sserver technology, storage, file, print and communication servers.
• HelpedManage cloud backup systemandConfiguredActive Directory, TCP/IP, DNS, DHCP, VLANs
• Performing virus removal and ensure anti-virus software is current.
• KeptSupervisor and others, as appropriate, informed of work activities, progress, and problems.
• 24/7phone supportand on call to fix hardware/softwarenetwork, server issues.
• Utilized Remedy 7.5 to submit tickets and resolve tickets.
• Migratedover 2,000 users from windows XP toWindows 7.
• UtilizePoint sec and McAfeeencryption systemfor encrypted laptops
• Maintaining and deploying Virtual Desktop Images (VMware VDI)
• Updated,Configuredand ran Patches in VMware ESXI 5.1,SCCM Version 2007 R3and Active Directory
• Maintaining and deploying OS images on Desktops, laptops, PDAs, and tablets

Confidential

Help Desk/Desktop Support

Responsibilities:

• Supported users with Windows 7, XP, Vista, Mac OS operation systems.
• Created users 2007, 2010 Microsoft Outlook accounts.
• Acted asTeam Lead in the migration of Windows XP to Windows 7 for over 4000 users.
• Supported various Executives/high-level staff in the organization (Managers, Supervisors, Vice Presidents, etc.) with technical issues.
• Created,changed, deletedusers accounts per request in Novell and Active Directory.
• Created,changed, deletedusers accounts per request in remedy ticketing tracking system.
• UtilizedSCCM application topush MS Office Suites such as MS Word, Excel, Power Point application and other requested software’s to users’desktop and laptop equipment.
• Utilized remote tools applications such as SCCM, Bomgar and Citrix.
• Resolveddatabase issues and perform backup and recovery functions.
• Installed, configured, administratedActive Directory, Windows Server 2003/2007, BlackBerry Server, VMware ESX 3.5, SQL Server and Citrix.
• FlushedDNSservers and troubleshot file servers, proxy servers.
• Supported over 4,000 users with computer/laptop hardware, software, issues.
• Team Leader of 13 entry level techs in the help desk department.
• Migrated over 3,000 users from Windows XP to Windows 7.