SUMMARY:

• My name is Confidential and I have 15+ years of IT experience and 10 years of Cyber/ Security experience.
• Experience in Engineering and administrating security solutions.
• Identity Management, Access Management, LDAP Directories, Single Sign - On (SSO), Provisioning & MFA, SaaS, RBAC (Role-Based Access Control), Compliance and Auditing Technologies, Identity Federation services, Enterprise System Architecture, Security Infrastructure Design, Authentication and Authorization technologies, as well as custom-built security and technology frameworks to name a few.
• Great leadership analytical & technical skills combined with excellent communication & inter-personal skills.
• Skilled in working as Team Lead as well as Team member.
• Proven technical leadership skills include the ability to manage teams, earn the respect of its members, led by example, and thrive in an ever changing environment.
• Persuasive verbal and written communication skills compliment a proven ability to lead, multi-task, maintain an organized approach, and ensure success - even when faced with high-pressure or high-risk situations.

AREAS OF EXPERTISE:

• Project Management Risk Assessment Compliance Professional
• Security Engineering Identity Management PCI Engineering
• Splunk Administration Ping Access/Federation Threat visualization professional
• Enterprise Security SME Splunk Implementation Cyber Security

PROFESSIONAL EXPERIENCE:

Confidential

Security Engineer

Responsibilities:

• Create a strategic plan for the deployment of information security technologies and program enhancements adhering to TOGAF standards
• Architect/Design a new SSO infrastructure for external access using the Ping Identity components.
• Experience in both SAML based and Agent Based configurations in PingFederation
• Cyber Security Identifying and minimizing the impact or mitigation of external threats on Web Applications and malware based threats.
• Designed and implemented security solutions like CyberArk, Symantec DLP, Archer, SEP Suite
• Worked with internal stakeholders to design and prepare PCI 3.2 Environment.
• Coordinated with 3 rd party vendors to evaluate latest Security solutions.
• Performed bug tracking, regression and build tests.
• Configuration, Trouble-Shooting and performance tuning of PingFederation 7.2.1 /8.0.2 /8.0.3
• Created Pingaccess Identity mappings to work through pingaccess gateway
• Set pingaccess Authentication Requirements list parameters to match pingfederate settings
• Troubleshoot errors with pingaccess agents and Listeners key pairing errors

Confidential

Security SME

Responsibilities:

• Interpreted ISO 9001 controls and reviewed SLA agreements with vendors and recommended changes in policy or procedures to management
• Conduct related security assessments and recommendations using frameworks such as DIACAP, NIST, ISO27001, PCI/DSS and similar privacy and security frameworks.
• Consulted on various projects and initiatives regarding security best practices, risk mitigation, compliance obligation, and policy or process implementation.
• Skilled problem solver, comfortable negotiating and enforcing policies and procedures.
• Mentored Staff and partners on Security best practices and policy and approach.
• Implemented tools like Aegis and NetIQ IDM to control privileged access to critical systems and PIM Data and to automate operational process to protect from potential Risks
• Conducted risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and mitigation needs.
• PCI/DSS scanning and remediation
• Define vision and roadmap to clients’ security needs and design solutions that fit clients needs

Confidential

Sr. Security Integration Engineer

Responsibilities:

• Researched and recommended security solutions to various financial institutions across the united states
• Evaluated service providers and payment applications for their AOC, AOV, and implementation guides, tokenization, and their service providers.
• Creating risk assessment reports to minimize exposure and researched tools/solutions.
• Prepared researched tools and systems for presentations to potential clients.
• Conduct comprehensive system security evaluations, audits and reviews. Providing reports and recommendations on the hardening of endpoints on the network and tool research.
• Developed and recommended appropriate mitigation countermeasures to aid in preventing intrusions in information systems.
• Hands-on experience in full lifecycle of ISO27001 framework, SOC2 Audit and remediation
• Used tools like CloudNeeti to maintain compliance for cloud-based SaaS Cardwizard and Key management instance
• Created forms to On-board companies, On-board external/tertiary users profile using PingFederate 8.0.3
• Executes the PCI Data Security Standards PCI assessments for all controls, including communication of key milestones, gap remediation consulting/tracking, and guidance on compensating controls
• Worked on multi-factor Authentication integrations like RSA PingID and Yubikey and engaging in the usage of other protocols like OAuth.
• Working Knowledge of Open ID connect.
• Set up Pingaccess to backend apps to work alongside pingfederate for seamless integration
• Worked pingaccess issues involving WAM session errors and token mediation

Confidential

Sr. Security Engineer SME

Responsibilities:

• Implemented NetIQ IDM to replace Bradford Sentry NAC allowing for a more robust Identity management solution.
• Developed and recommended appropriate mitigation countermeasures to aid in preventing intrusions in information systems.
• Conducts systems security evaluations, audits, and proof of concepts.
• Reviewed system security plans and assessed security events to determine business impact and implements corrective actions to ensure the addition of information security/information assurance policies, principles, and practices in the execution of IT services under TOGAF controls.
• Set up a functional SCCM patching process to ensure patching is more in line with business needs.
• Experience in setting up SSO Environment for PingFederate, and PingAccess. PF as Auth server and PA as Resource server protecting API
• Supported RSA integrations and configurations and daily operations like adding user disabling user token assignment.

Confidential

Sr. Security Engineer

Responsibilities:

• Managed pen-testing team performing vulnerability assessments and working with the Security Operations Center to identify gaps in security processes as well as vulnerabilities within the infrastructure.
• Migrated Ping federation from 7.1.3 to 7.2, major challenge was to update the standard templates and styles used by Client.
• Identified systems and categorize its C.I.A using FIPS 199 and NIST SP 800-60.
• Operation of SPLUNK ES including the creation of correlation, notables and alerting rules
• Set up viable SCCM Software and OS deployment to remote office locations.
• Implemented SSO using PingFederate 6.0.3 and PingFederate 7.1 R3 for many vendors' hosted applications.
• Provided POC for NetIQ IDM, App Manager and Aegis
• Used tools like RSA Archer, Tenable Security Center to maintain compliance
• Integrated with third party application using SAML 2.0 protocol, OAuth and managed both IDP and SP connections using PingFederate

Confidential

Security Engineer/Project Manager

Responsibilities:

• Implement design and configure Elastic Search and Splunk as needed for government agencies. And internal business units.
• Designed and implemented Elastic search instance for local and remote Government clients throughout the US.
• Review and fine-tuned current security processes as directed.
• Worked to process interpret CVE alerts pertaining to DSS PCI compliance.

Confidential

Security Engineer

Responsibilities:

• Design custom TA’s for Splunk log file correlation with PCI-DSS compliance constraints.
• Used tools like nexus retina and system center in real-time for compliance baseline.
• Used regex tools for parsing log files into Splunk
• Implemented Elastic Search for integration with Hadoop and Splunk
• Utilized IDS alerts and host system logs to identify, analyze, and report events that occurred within the network

Confidential

SCCM/SCOM Search Engineer

Responsibilities:

• Leading team of deployment consultants/engineers
• Use of tools, such as Splunk and NetIQ app manager for application and data analysis
• Upgraded Cisco Catalyst to Juniper switches as needed for upgrade project
• Implemented procedure to regularly update network devices with updates from vulnerability assortments.

Confidential

Security Engineer

Responsibilities:

• Developed security Standards for Company with multi control constraints ISO 27001, Nist and Diacap/Fisma.
• Implemented Scanning procedures using Retina- Nessus and Ip360.
• Performed DoD Information Assurance Certification and Accreditation Process (DIACAP) of mission critical systems as well as support vulnerability scans of enterprise to ensure compliance of IAVA and security configurations.
• Updated from RSA DLP To Archer Lead team of three from proof of concept to production coming in 23% under budget.
• Collaborated and teamed with a wide variety of stakeholders and partners and U.S. Government agencies to detect and prevent adversarial activity within DoD networks.
• Developed and recommended appropriate mitigation countermeasures to aid in preventing intrusions in information systems.

Confidential

SCCM 2012/Engineer /Network Tech

Responsibilities:

• Developed and fine-tuned ask sequences.
• Reconciled Active directory issues with remote locations
• Worked issues involving PXE booting and WDS
• Deployed windows 7 and server 2008 to 235 stores remotely.

Confidential

System Administrator

Responsibilities:

• Provided daily desktop support to 50 users in office and production side of midsized business.
• Procured and implemented new virtualized hyper V servers. Saving company money and providing redundancy.
• Moved company’s infrastructure to new building server’s desktop and all technology pertaining to business.
• Replaced Cisco Phone system with new windows-based PBX phone system saving company thousands of dollars on upgrade costs.
• Worked to create Operating system images on windows 7 Implementation.
• Provided day to day desktop support in a fast paced Secure Multi domain environment.
• Provided special Executive support to upper level management.
• Administered Xendesktop Troubleshooting dynamic assembly issues for end users.

Confidential

Network Engineer

Responsibilities:

• Hired help for IT needs for project work as needed.
• Set up new office construction with technology needs.
• Set up servers using WDS to push out desktops as needed.
• Packaged applications as needed.
• Set up and configured VPN for remote use for management.