SUMMARY:

• Over 20 years of diversified IT experience in various security, architecture, networking and project management positions. Proven and extensive hands on experience designing, engineering, and maintaining enterprise level security architectures for Fortune 500 companies. Strong background in vulnerability assessments, penetration testing, industry/government compliance, LAN/WAN design, integration, administration and security. Maintains outstanding interpersonal skills and the ability to work effectively with all levels of technical staff and clients.
• Knowledge encompasses many product areas and technologies including QRadar, FireEye, RSA, Check Point, Palo Alto Networks, Websense, Cisco ASA, Nessus, NMAP, Metasploit, Nexpose, Virtual Private Networks (VPN/SSLVPN), Cisco Routing and Switching, Wireless Technologies, Active Directory, PCI DSS, NIST 800 - xx, FERC, NERC, Quest Intrust, Quest ActiveRoles Server, Quest Archive Manager, Linux/Unix, SQL Database Programming and Administration, OS Scripting, and Multiple Programming Languages

TECHNICAL SKILLS PERCEPTIBLE:

Security Technologies: Vulnerability Assessments, Penetration Testing, Forensics, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), VPN, Content Filtering, Firewalls, 2-Factor Authentication

Security Software: QRadar, FireEye, Websense, Multi-Factor Authentication (SafeNet, Blackshield, CRYPTOCard, RSA), WS FTP, Intrust, ActiveRoles Server, Archive Manager, Spotlight on Active Directory, Cisco IPS/IDS, Snort, ISS RealSecure & ISS Proventia - SiteProtector, Nmap, NBTScan, Kismet, Airodump, hotspotter, NetStumbler, SATAN, Scanssh, LANguard, SELM, LANguard Network Scanner, LANalyzer, PGP, GnuPG, NAI Sniffer Suite, Dsniff, Network General Sniffer, John The Ripper, Auditor Security Collection, BackTrack, Kali, NESSUS scanner

Networking: IOS, Routers, Switches, Routing, Layer 2/3 Switching, Virtual Private Networks (VPN), RIP, IGRP, EIGRP, OSPF, and BGPv4, ATM, PPP, TCP/IP, IPX/SPX, DHCP, DNS, WINS, NetBIOS, NetBEUI

Operating Systems: Windows XP, Windows 7, Windows 8, Windows 2000/2003/2008/2012 Servers, Linux & Unix Variants

Web Administration/Design: IIS, Apache, PHP, SQL, Cyrus, Postfix, SSL, SSH, SFTP, FTP(S), WS FTP

Programming/Scripting: PHP, Perl, Visual Basic, .NET, Winsock, COM, ActiveX, Client-Server Applications, SQL & Access Databases

Checkpoint: Nokia IP 330, Nokia IP 530, Nokia IP 740, Check Point 12000, 13000, 15000, 21000, 23000 series, Windows 2003/2008/2012/ NT & *nix based servers including SecurePlatform and Gaia

Palo Alto: PA-200, 220, 800, 3000, 5000 series firewalls and M-100, 200 series Panorama appliances

PROFESSIONAL EXPERIENCE:

Confidential

Principal Cyber Security Architect

Responsibilities:

• Technical security lead for all security related issues and decisions for the healthcare division spin-off of a major Fortune 500 manufacturer
• Technical security lead defining the architecture and implementation of security policies, networks, and systems with strict adherence to PCI DSS contractual requirements.
• Project Manager and Technical Lead for the reconfiguration and reimplementation of current security systems, including Check Point Firewalls/IPS/IDS, SafeNet Multi-Factor Authentication, Remote Discovery, Web Filtering/Antivirus, Secure File Transfer, and various security related web applications
• Managed requests and handled VPN, Citrix, and VDI issues related to enterprise PAC files for multiple domains
• Provided support for high level security issues related to Active Directory as a Domain Administrator
• Technical lead for support of Check Point firewall infrastructure and migration to new OS and hardware
• Technical lead for the export of Check Point Firewall firewall policies to firemon
• Technical lead for the management of Check Point firewall and IPS policies
• Provided administrative support for McAfee Proxy/Web Filter/Antivirus
• Provided expert level support of SafeNet Multi-Factor Authentication using BlackShield and CRYPTOCard)
• Provided senior level support to administrators of WS FTP, used for secure file transfers SFTP across multiple domains
• Assisted with network security assessments for various business units
• Technical Lead for the deep discovery of corporate and manufacturing networks, including detailed mapping of applications, ports, and protocols, in order to properly create new, or reconfigure current, systems to the spin-off networks
• Technical lead for the migration of several external class C networks to an internal NAT configuration in order to meet compliance requirements including firewalls policies, servers, DNS, load balancing and s
• Used access to F5 load balancers to troubleshoot issues with DNS, s, and server migration issues
• Provided overall architecture guidance and high level troubleshooting for the implementation of Access Data eDiscovery on all servers and client workstations
• Project manager and team lead tasked with migration of business partner user management system to spin-off domains and infrastructure (using powershell, vbscript, wscript, javascript, ADO, SQL, and more)
• Provided senior level technical support for IIS servers hosting security software
• Responsible for reviewing, analyzing, and recommending cloud based solutions for network security firewall zones, web filtering and web hosting
• Administrator for several SharePoint sites used to track issues and provide information for various teams
• Able to communicate and interpret advanced security concepts across global business units using VoIP, Instant Messaging, Lync and WebEx

Confidential

Senior Enterprise Security Architect

Responsibilities:

• Architect and Technical Lead for the design of a multi-tiered network security architecture for the growing Fortune 500 enterprise
• Technical Lead for the implementation of a Security Operations Center (SOC) to manage ongoing threats to the organization
• Provided detailed documentation, including network diagrams, for the implementation of a new network security architecture based on technical and business requirements
• Architect, Project Manager and Technical Lead for the reconfiguration and reimplementation of current security systems, including firewalls, IPS/IDS, routers/switches and antivirus
• Technical Lead and Architect of an enterprise wide logging infrastructure and QRadar SIEM implementation
• Mentored the SOC team by providing expert advice from previous alert/tuning experience from multiple SIEM systems
• Technical Lead for vendor review and analysis of all 3rd party software, hardware, and network requirements
• 'Acted' as a mentor for less senior members, providing guidance on new assignments, testifying in court, s and career advice
• Responsible for the design of unique and complex business requirements related to SCADA/Gas Pipeline security.
• Technical Lead for the deep discovery of corporate and industrial control system networks, including detailed mapping of applications, ports, and protocols, in order to properly define security zones
• Acted as a primary resource in the design, acquisition and implementation of a new firewall, HIPS, File Integrity Monitoring, remote data acquisition (EnCase) and SIEM infrastructure
• Provided expert (3rd level) support for Multi-Factor authentication using RSA Confidential
• Responsible for the direction of information security related decisions across all lines of the corporation.
• Developed working relationships with key business and technical units to appropriately balance risks
• Provided weekly briefings to key security personnel and management regarding new threats that impact our environment.

Confidential

Senior IT Security Consultant

Responsibilities:

• Technical Lead for the implementation of an Application Security program for the business and SCADA/Gas Pipeline customers
• Provided live hacking demonstrations during events held for all major application development teams
• Documented major applications and development environments in order to create a set of application security standards for the enterprise
• Performed penetration tests on internal, vendor, and partner websites/applications
• Project Manager and Technical Lead for the migration from Surf Control to Websense
• Provided expert level support for administration of RSA Multi-Factor Authentication appliances
• Project Manager and Technical lead for the implementation of Algosec Firewall Analyzer
• Analyzed firewall rules to determine weak points between networks, business partners, and vendors
• Developed custom NMAP and Nessus scripts able to scan SCADA environments without system interruption
• Technical lead for the implementation of special SCADA profiles using Cisco ASA VPN appliances
• Mentored security team members on the use of NMAP, Nessus, BurpSuite, Linux, Websense, Forensic Analysis, and court testimony.
• Provided forensic analysis of compromised systems to determine the source of infection
• Responsible for the analysis, implementation, and approval of Check Point firewall requests for corporate and industrial control networks
• Responsible for the analysis, implementation, and approval of TippingPoint IPS requests and updates
• Designed and Implemented a new websense Websense Implmentation after SurfControl end of life (EOL) shut down in foreign country

Confidential

Sr. Security Architect Consultant

Responsibilities:

• Brought on as a Senior Level Security Architect and Quest Certified Product Specialist to design and implement solutions for Quest Software products.
• Solutions include defining business and technical requirements, mitigating threats, and meeting PCI/HIPAA/SOX compliance/, mnoihugi

Confidential

Sr. Security Architect Consultant

Responsibilities:

• Brought on as a Senior Level Security Consultant specializing in Application Security to help design the next-gen security architecture for Intuit (makers of TurboTax, Quicken, QuickBooks).
• Performed a comprehensive test of IDS/IPS capabilities with ISS Proventia, Sourcefire, Palo Alto, and TippingPoint products.
• Performed a thorough analysis of Web Application & Database Firewalls from Imperva & Breach to determine attack detection capabilities with SSL decryption.
• Implemented a test lab network including Crossbeam and Cisco Nessus routers and switches to test 10 gig capabilities of security products.
• Implemented clustered Juniper SSL VPN appliances to handle remote access into proof of concept labs.
• Created application security baselines for Windows Server, Red Hat Enterprise Linux, and Solaris.

Confidential

Sr. Security Architect Consultant

Responsibilities:

• Brought on as a Senior Level Security Architect and Quest Certified Product Specialist to design and implement solutions for Quest Software products. Customers include Fortune 500 companies Solutions include defining business and technical requirements, mitigating threats, and meeting PCI/HIPAA/SOX compliance
• Designed and implemented an ActiveRoles Server solution to assign role based access to resources using Active Directory for a major energy company in the Southwest
• Designed and implemented an Intrust solution to manage Account/Server access for a major power company in the Southwest
• Designed and implemented an Archive Manager solution to archive email according to HIPAA requirements at a major hospital system in the Midwest
• Designed and implemented an Intrust, Intrust for AD, and Intrust for Exchange access management and tracking solution for a major global law firm. These requirements encompassed both U.S. and European Union laws that deal with tracking employee information
• Designed and implemented an Archive Manager solution to help alleviate stress placed on Exchange clusters for a major Hospital system in the US

Confidential

Sr. Security Architect Consultant

Responsibilities:

• Participated in a double blind penetration test (internal staff was unaware that a security assessment was taking place)
• Managed a multi-phased pilot project to install Juniper IDP Intrusion Prevention Systems. This project required analyzing the current network, defining business and technical requirements, implementing evaluation systems onto the network, and presenting a cost vs. benefit analysis describing the advantages of utilizing IPS in the network
• Redesigned the DMZ from a flat architecture, where all servers were located on the same subnet, to a multi-tiered architecture
• Installed Juniper SSL VPN appliances for client/vendor portal access into the network
• Managed RSA Multi-Factor Authentcation servers, software, and tokens.
• Deployed multiple RSA ACE Servers with Steel Belted Radius to offer 2 factor authentication for network equipment and power users across the enterprise
• Designed 12 SMP (Security Management Program) tasks for auditing Enterprise Security Group systems based on HIPAA and PCI requirements
• Installed the Netscreen Security Manager (NSM) to manage firewalls. Previously there were 7 separate firewalls that needed to be managed individually. These firewalls were also configured for daily backups to an audit server, which was not done before at all
• Configured Alteon Layer 2 Switches to transparently pass traffic to NetApp network caching systems. Netcache systems were able to increase bandwidth optimization by over 20% for internet traffic. Each Netcache was configured to pass traffic to Websense for content filtering and Trend Micro-IWSS for Anti-virus filtering using the ICAP protocol
• Managed a project to redesign the Websense solution within the network. They were running only 1 Websense server for 12,500 desktops. An additional 8,000 desktops are being added to the network and the setup required a new design with more services. Managed 5 resources on Security and LAN team. Created a project plan and budget projections and allocated resources. The new design included migrating from one large policy into several smaller policies which can be managed by department/location. Management requirements also dictated that reports can be done by username, instead of by IP address as in the past
• Configured Citrix Netscaler systems for load balancing, SSL Offloading, and SSL VPN
• Configured TLS Encryption, according to HIPAA requirements, between Hospitals so that all Email communication is secured
• Upgraded existing mail systems to the latest version of Tumbleweed for email firewall/anti-virus/spam filtering. Modified Tumbleweed policies to quarantine emails based on content, such as HIPAA information or inappropriate materials
• Managed a project to place all Enterprise Security Group systems into OpenView for snmp alerts. This project required managing several resources on both the Security and LAN team. Generated a project plan, tasks, timelines, and budget projections and allocated resources
• Created and executed penetration tests on all network devices and advised on methods to prevent successful attacks
• Installed, configured, and utilized several Network Physics appliances for the purpose of analyzing network traffic. These appliances provide the ability to identify trends in network traffic and diagnose problems when outages occur
• Configured Trend Micro-IWSS scanner to analyze ftp/http traffic for spyware/adware/viruses
• Provided 4th level (emergency) support by packet captures with tcpdump, ethereal, wireshark

Confidential

Intrusion Prevention Specialist Consultant

Responsibilities:

• Developed project plan outlining the scope of work, projected hours, and an itemized list of tasks to be completed by the project team
• Provided a full network audit of systems on the Publix network. Successfully identified all business and system requirements with respect to Intrusion Prevention and File Integrity Monitoring systems. Requirements were then listed in a Systems Requirements Document (SRD) for review by IT management.
• Provided penetration testing to regulated systems such as those containing PCI, HIPAA, SOX data
• Developed a Request for Proposal (RFP) to be sent out to prominent IPS vendors. These vendors include Cisco, ISS, TippingPoint, Solidcore, and Tripwire
• Developed a testing plan to assist in the final selection of a product. These tests simulated the production network and had the goal of verifying the functionality of all major IPS features. A full penetration test of the environment was conducted to simulate IPS safeguards. Penetration testing was done via Nessus, Metasploit, NMAP, and custom perl scripting
• Created a Technical Design Recommendation (TDR) outlining viable implementations for utilizing Intrusion Prevention technology within the company
• Created a Formal Recommendation Document detailing the final details for this project. This recommendation includes the use of Intrusion Prevention Systems in approximately 1,000 stores and software on over 25,000 servers and workstations

Confidential

Network Security Consultant

Responsibilities:

• Lead network security engineer for the Plant Vulnerability Mitigation project in the Strategy and Architecture department. Held responsibility for the design of security for manufacturing plant networks
• Managed a successful pilot of Intrusion Detection System (IDS) technology in the Ford manufacturing environment utilizing ISS Proventia IDS appliances
• Created monthly reports to show the overall progress of the pilot
• Created project management scorecards to track pilot progress. These included baseline, tasks, funding/cost tracking, resource management, project issues, critical risks, vendor management, and quality control
• Participated in a Cisco NAC/Quarantine Proof of Concept project to determine its possible use in a plant environment
• Advised on the use of RSA SecurID USB tokens for two-factor authentication use in the rigorous plant environment
• Participated in a 6-Sigma project to determine the future of Host Endpoint Security for the entire Ford network. These included plans for future use of firewalls, virus control, mail/web filters, quarantine, network access control, GPO, intrusion detection and prevention, and VLAN network segmentation
• Helped write the Strategy Statement and Project Roadmap for Plant Vulnerability Mitigation
• Provided penetration testing to plant networks to identify security holes and made recommendations on how to mitigate risks
• Provided network audit documentation to upper management to describe the current state of plant networks
• Tested Host-based Intrusion Prevention Systems (IPS) on plant manufacturing servers

Confidential

Senior Network Security Consultant

Responsibilities:

• Revised the corporate network structure to include Confidential routing and clustered Nokia IP530 Check Point Firewalls for increased redundancy to core production systems
• Implemented Websense, a content management system, which allows for varying levels of filtering based on specific needs of users and groups
• Implemented ISS RealSecure and BlackIce Server Monitor intrusion detection systems for immediate response to network based attacks
• Implemented an enterprise wide solution of Tripwire for Servers to insure that proper auditing and change procedures were consistently followed. Tripwire would allow secure state rollbacks of critical files in the event of a security breach
• Implemented and maintained the Shavlik Patch Management system to minimize the ever increasing support costs required by security updates to Windows based servers and workstations
• Provided penetration testing to identify risks and determine the effectiveness of intrusion detection systems in place
• Revised current backup policies to include rotating backups of highly sensitive data through Veritas Backup Exec
• Reconfigured Brocade Fiber Switches across the network to maximize data throughput and include dynamic configuration of additional SAN devices

Confidential

Senior Security Architect

Responsibilities:

• Held responsibility for the design, implementation, and maintenance of security policies for the organization worldwide. Led the security software development team in architecting a new wireless PKI for their client/server platform
• Performed network security audits for the entire corporate network. These audits included vulnerability scans of all servers and systems as well as code reviews of software being developed for the wireless devices
• Completed the design of a new PKI system for their client/server platform
• Created a new network design and implementation plan with a strong emphasis on security. This design included both PIX and Check Point firewalls, a fault tolerant Cisco based routing scheme utilizing Confidential, and over 100 Windows and Unix based servers
• Provided penetration testing to identify risks and offered mitigation solutions
• Implemented Intrusion Detection Systems to help identify network threats and provide a timely response to these threats
• Implemented an automated server patching system to decrease the chances of hackers penetrating the network when new exploits evolve

Confidential, Ann Arbor, MI

Sr. Security Analyst

Responsibilities:

• Held responsibility for the design, implementation, and maintenance of security policies for large corporations, primarily in the auto industry.
• Hardware designs included routing, switching, firewalls, and intrusion detection systems.
• Security policies included authentication methods, accounting, screening of personnel, security awareness practices, change control procedures, password and resource management, and physical access control.
• Maintained a clear communication path between security administration and senior management
• Performed vulnerability assessments to identify weaknesses in the corporate network and provide viable mitigation solutions
• Designed a fully redundant Radius and SQL based authentication server system for dialup customers. This system currently supports over 300,000 dialup customers and has been load tested at over 2,000,000 without fail
• Programmed a secure software registration system using a Perl server backend and Winsock programming on Windows
• Developed new security policies, procedures, standards, and guidelines for a worldwide organization. This organization, consisting of over 27,000 workstations and 18 branch offices, needed a completely redesigned network in which security would be a primary concern
• Managed a team of 5 network security engineers. Worked closely with a Senior Network Engineer in charge of the network integration team, which in turn consisted of 40 network engineers and support staff. Design included a worldwide VPN structure with multiple redundant links, over 150 Compaq Windows 2000 Servers with Active Directory, 35 Cisco Routers, 100 Cisco Switches, and 80 Check Point and Pix Firewalls
• Upgraded security policies, procedures, standards, and guidelines
• Upgraded and implemented over 300 firewalls and 100 intrusion detection systems
• Performed additional lockdown configurations on over 300 public and private servers with Active Directory and LDAP.
• Reviewed server patch/update procedures and automation schedules. Performed network scans (attacks) for IDS and Firewall testing on a regular basis
• Developed security policies, procedures, standards, and guidelines for a financial institution.
• Initially the company had no security policy in place
• Worked closely with IT auditors to obtain an accurate representation of current network structure, which included 18 remote offices, over 200 Servers, and 3,000 employees
• Created a complete disaster recovery plan and developed a schedule for disaster recovery practices