SUMMARY:

• Spanning 20 years in both hands - on consulting & managing IT security projects.
• Infrastructure, Health-care, Government, Retail & Financial.
• Certified in many disciplines, can oversee daily operations, encompasses best practices such as: ITILv3, ISO 27001, COBIT, PCI DSS 3.2, HIPAA, FIPS, SOX, OWASP and related methodologies all while leveraging soft skills to ensure cohesiveness among team members and positive relationships with other departments.

STRENGTHS:

Application security & vulnerability mitigation, Active Directory, Linux, Windows, Web Servers, Nexpose Rapid 7, Nessus, HP Fortify, SQL, Citrix, VMWare vSphere, Cisco wIPS & Fluke (NetScout) Air Magnet Wireless, BIG IP F5 Load Balancers, Cisco ASA/Palo Alto Networking, RSA Archer eGRC, SAN Storage, 2 Factor & Multi Authentication (2FA/MFA) OWASP Top 10, Penetration Testing, Ethical Hacking and Social Engineering.

PROFESSIONAL EXPERIENCE:

Cyber Security Evangelist

Confidential, Indianapolis, IN

Responsibilities:

• Within the first 6 months, I transformed an IT Security department that was an inefficient jack of all trades, into a true Cyber Security team consisting of 5 team members whom were then able to perform more efficiently at protecting company assets.
• Creation of runbooks/playbooks for legal team's incident response and analyst's daily duties. Refine & update other departmental policies & procedures as needed for FBI, Secret Service & breach game plans.
• Monitor for employee insider threats, data exfiltration and other potential compromises/data loss prevention.
• Combat online credit card fraud, gift card fraud, bots, fictitious account creation, data loss prevention, SQL injection, etc through a combination of Akamai web application firewall (WAF), Alert Logic intrusion detection system (IDS), Vantiv credit card processor, Riskified e-commerce fraud protection, instilling secure coding practices to our developers & implemented a formal DEV/UAT/PROD patching cycle
• Monitor global cyber security intelligence feeds to be evaluated & prioritized for action by our security analysts
• Perform quarterly internal penetration testing & share findings with respective department heads for remediation
• Everyday usage of KALI, Burpe Suite, sslscan, wpscan, Nessus, Nexpose Rapid 7, Metasploit, PowerShell
• Migrated from an aging SPF records & DKIM email infrastructure to a fully implemented DMARC which drastically reduced spam as well as enhanced the security of company email in conjunction with Proof Point & dmarcian.com
• Hold weekly project management meetings/conference calls with up to 15 team members & vendors discussing deliverables, action items, SLA, budget and resources.
• Mobile device management with IBM MaaS360, JAMF & SOTI. Secured email by leveraging Proofpoint (DLP & Encryption). Management of Checkpoint firewall blades (Anti-bot, DLP, rules, Anti-malware), application whitelisting with Bit9 Carbon Black & file integrity monitoring with TripWire.
• Enhanced the organization's overall security posture by transitioning from a non-managed instance of IBM Qradar with multiple false positives that needed tuning, to a fully staffed 24/7 SOC managed by Dell Secureworks that produced real actionable alerts.
• Active & contributing member of the R-CISC (Retail Cyber Intelligence Sharing Center) in which I share with several other large organizations virus MD5/SHA1/SHA256 hashes, attack vectors, malicious IP addresses & domains, ransomware samples, indicators of compromise (IOC's), account takeover activity (ATO) and other tactics, techniques & procedures (TTP's) I've observed in the wild.

Senior Security Consultant

Confidential, Charlotte, NC

Responsibilities:

• Primarily hands-on, but also mentored 9 resources in Charlotte, Atlanta, Pune India, Tokyo Japan and London England to successfully deliver multiple PCI & HIPAA compliance projects on time and under budget. Clients included: Ally Bank, Navy Federal, Nomura, Fiserv, Bank of America, Wells Fargo, Delhaize, Master Card, Xerox & Tidelands Healthcare
• Windows 2003/2008/2012 , Red Hat Enterprise Linux 4/5/6, CentOS 5/6/7, Ubuntu 12/14, Solaris 2-11, AIX 5/6 and Mainframe/AS400
• Provide weekly status reports, SLA, & company security metrics within RSA Archer eGRC and to upper level management, VP & ISO
• Hold weekly project management meetings/conference calls with up to 15 team members & vendors discussing deliverables, action items, SLA, budget and resources.
• Designed, built and monitored Linux and Windows virtual machines on Dell R700/R800 series servers and HP Blades utilizing PXE Boot, .iso images, Chef, Puppet, VMWare vSphere 5.1/5.5, SCCM 2012, SCOM 2007/2012, SolarWinds, HP Site Scope, Splunk, McAfee & Symantec Antivirus both depending on customer
• Everyday usage of vMotion, migrating virtual machines, expanding LUN sizes, creating virtual machine templates, cloning virtual machines, editing virtual machine settings for CPU/RAM performance
• Designed, built and maintained physical SQL Server 2008/2012 database clusters
• PCI Compliance & remediation, OWASP Top 10 and created/edited Active Directory Group Policy Objects (GPO’s)
• Manage IIS/nginx/Apache/Tomcat/WebLogic/WebSphere services on Linux/Solaris/OS X/Windows servers
• WWN/LUN/RAID/PowerPath/iSCSI administration on EMC VMAX/VNX SAN storage for VMWare datastores
• Automated tasks written in PowerShell, VBScript, Perl, Python and cron/launchd jobs & batch files
• Troubleshoot Apple & Android device apps & web application code written in Go, SWIFT, C#, .NET, Java & XML
• Managed Fluke AirMagnet IDS/IPS wireless security project that encompassed 1,400 locations across the USA
• IBM Qradar SIEM tuning/white-listing & event collector/parsing configuration from snmp, syslog & database sources. Creation of custom Regex and identifying their parameters. Performing different attacks on the network in order to fingerprint them and then create a rule to catch those threats in the future. Performing custom searches when tasked by upper management or our legal department. Articulating the network flows to other departments & auditors.
• Nexpose Rapid7, Qualys, Burpe Suite, HP Fortify, IBM AppScan & Nessus vulnerability scanning/mitigation, work closely with internal & external auditors to provide remediation evidence and/or exclusions as well as performing change controls to retain PCI Certification every year (ROC)
• Penetration testing with KALI, Nmap, BurpeSuite, sslscan, Wireshark, Acunetix, IBM AppScan, OWASP Zap, etc.
• Email phishing campaigns with PhishMe software & Nexpose smtp to gather company metrics & employee security awareness; also published monthly security newsletters for the company
• Blue Coat proxy blocking/white-listing & Websense Triton
• Citrix Xen, Citrix Access Gateways, Service Now, Cisco AMP ThreatGrid, Virus Total, IBM X-Force & IBM Big Fix usage several times per week and train other staff members on how to install/configure/secure/use
• Approve & perform Change Controls within BMC Remedy & serve on Disaster Recovery Team

Security Consultant & Project Manager

Confidential

Responsibilities:

• I managed a large portion who's direction fell under the supervision of the United States Secret Service (initiation), Mandiant (recommendations) and Confidential (won contract) to resolve computer security issues for the Office Max/7-Eleven/Dave & Busters/Food Lion/Hannaford Brothers/Delhaize/Heartland Payment Systems due to their data security breach
• I was a consultant to United States Government Department of Veterans Affairs to encrypt all laptop hard drives with EFS & encrypt all incoming/outgoing emails with SHA-1 certificates due to their theft of HIPAA data
• Most projects were hands-on as well as mentoring teams up to 8 people to discover, assess and fix security vulnerabilities within several company’s infrastructure, applications, business processes and employee education. Sat on board of PCI-DSS, Change Control Management and Disaster Recovery teams. On call 24 hours a day, 7 days per week. Utilized NIST, CIS, NSA, CERT and Confidential guidelines and recommendations when using tools such as Knoppix, WHAX, BackTrack, Metasploit, Cain & Abel, Nmap, Nessus, Wireshark, TripWire, nCircle, IBM AppScan, OWASP Zap and more.
• Designed & built a converged infrastructure solution in a new data center. Managed 3 other team members. In charge of purchasing & installing equipment from vendors such as Dell/Cisco. Racked, stacked, configured & monitored all equipment. The project leveraged Exchange 2010, Active Directory 2008, Dell MD3220 SAN equipment, Dell blade chassis, Cisco & Brocade networking equipment as well as VMWare vSphere 5 (for department's core servers) & Microsoft Hyper-V (for employees/agents remote desktops)
• Budgeted, purchased, racked, stacked, installed and managed along with a team of 4 people, HP blade chassis servers and network equipment for an Active Directory, VMWare ESX 3, SharePoint, RSA, VPN, Citrix, Linux Red Hat and HP SAN storage project. Security monitoring with Snort importing the Confidential ’s recommendations. NERC CIP and FERC regulatory compliance.
• Worked mostly hands-on, but also oversaw project completion for desktop/laptop roll-outs, Windows OS upgrades (up to 2000 PC’s) printer/scanner/fax purchases (up to 1,000 devices) Active Directory NT4-2k-2k3-2k8 migrations, Wireless security, Email encryption using ZIX, Domino to Exchange migrations and Exchange 2000 to Exchange 2007/2010 migrations while encompassing PHI/PII data & adhering to HIPAA compliance for 6 hospitals