SUMMARY

• Proven track record of delivering and administering enterprise - wide architecture,
• aligned with incidents response management and IS security operations
• Analytical and goal-oriented Information Systems Security Professional with comprehensive, high-level experience in leading key initiatives.
• Implementing IT security policies, and delivering state-of-the-art technology solutions that mitigate risk, reduce vulnerability, and ensure the security of the IT infrastructure across large, diverse organizations.

AREAS OF EXPERTISE

• Security and Risk ManagementþIdentity and Access Management
• Asset SecurityþSecurity Assessment and Testing
• Security EngineeringþSecurity Operations
• Communications and Network SecurityþSoftware Development Security
• Contingency PlanningþCyber Security Standards

EPROFESSIONAL EXPERIENCE

Confidential, Washington, DC

Senior Information Security Specialist

Responsibilities:

• Continuously monitored systems by reviewing current vendor patch notifications, security configuration best practices, security architecture guidance, and emerging threats and vulnerabilities.
• Mitigated risk by reviewing emerging threat and vulnerability notifications, and creating risk-based security notifications whenever new vulnerabilities are discovered or new threats emerge.
• Improved the entire operational process by establishing remediation priorities with the system owner and other key stakeholders, and consider the risk and impact of the vulnerability when establishing remediation priorities.
• Achieved compliance by verifying systems comply with DOS, DOD, FISMA, and industry best practices with regards to security and patch notifications from vendors, security configuration guidance, and Security Architecture.
• Reduced negative impact by conducting business impact and risk analyses, and organizing and maintaining proactive and reactive cyber security policies and procedures.
• Streamlined the NIST C&A/A&A processes, standards, and controls through operational, management, and technical controls that have been audited by the government.
• Identifieddeficienciesand created a Plan of Action & Milestones (POA&M) by conducting Command Cyber Readiness Inspection (CCRI) support for applicable DOD systems.
• Ensured development activities are consistent with applicable security policies and guidelines working within the system development life cycle (SDLC).
• Increased security by providing hands-on support related to security matters in systems under development or enhancement, e.g., SHA-256 support.
• Leveraged emerging technologies to allow the organization to operate more efficiently by providing risk assessments in areas of Data Locker evaluation and Microsoft’s DirectAccess.

Confidential, Santa Ana, CA

Global IS Security Analyst

Responsibilities:

• Planned, coordinated, and led teams with the design, integration, development, validation, and implementation of specific security policies, systems, and services.
• Enhanced reporting capabilities by delivering metric-based, security advisories monthly reports for senior management to identify key security, status, and SLA objectives.
• Greatly improved response times and SLAs for Incident Response, firewall change requests, and investigative data analysis, as well as various types of access requests by developing and streamlining procedures.
• Replaced and consolidated legacy security technologies for intrusion detection, web filtering, and application controls into a single unified threat management platform using next-generation firewalls.
• Completed security assessments and implementations of multiple solutions, including mobile device management, enterprise file sharing, and e-signature.
• Championed multiple data center migrations and decommissioning activities.
• Managed the deployment and implementation of multiple security technologies, including digital forensics.
• Contributed to cost reduction and increased security by evaluating new security trends and technologies.

Confidential, Las Vegas, NV

Security Analyst

Responsibilities:

• Acted as customer site liaison to multiple remote monitored NNSA sites, reporting on monitored security incidents and monthly attack trends, and providing remediation recommendations to the remote site management.
• Served as active member of special project teams, including Security Information Event Management (SIEM) administration and intrusion.
• Defended valuable corporate and federal government information assets from threats by providing high-quality service in four distinct areas of security operations: SIEM administration, network traffic monitoring, antivirus and IDS product support, and login account management.
• Ensured security of critical national assets by analyzing network traffic for anomalies, examining captured packets for concealed malicious software, and directing responders to perform further research or recovery.
• Mitigated risk by monitoring classified/unclassified network traffic for 25 NNSA enterprises, matching security signatures with the Snort Intrusion Detection System (IDS), and capturing events in Net Forensics.
• Worked in the Security Operations Center (SOC) to improve packet captures and verify approved network traffic using Wireshark, TCPdump, Net Forensics, and Snort Signatures.
• Identified and mitigated emerging security threats by working with Cyber Intel and reviewing company information security policy with end users.

Confidential, Los Angeles, CA

Security Analyst

Responsibilities:

• Collaborated effectively with Security Engineering and Architecture teams to obtain current state on vulnerabilities and exposures within company systems, Computer Incident Response Team (CIRT), and customer ancillary staff on security intrusions and remediation actions.
• Improved incident response times, incident analysis, and overall incident response functions by promoting security best practices and ongoing development of SOC (Security Operations Center) policies/procedures.
• Ensured the monitoring environment was working effectively and efficiently by producing reports on detailed analysis and ongoing status as it pertains to the threats identified on the IDS/IPS sensors, potential impact of malware discovered, and tracking of suggested remediation steps.
• Reduced risk and eliminated false positives and false negatives by updating and tuning Web application firewall and IDS sensor signatures and event actions, and correcting configurations for specific company environments.