SUMMARY

• Confidential is a highly motivated IT professional with over 14 years of experience in Customer Support, IT management, Network Administration, Information Security and Cloud Security.
• He holds an array of professional certifications and has experience with many different operating systems and servers, Information Security standards and practices, mobile device management, Cloud technologies and Network/Security Architecture.

TECHNICAL SKILLS

Operating Systems: Mac OS X, Windows Desktop operating systems 2000 - Windows 7, Windows Server 2000 - 2016, Red Hat Linux

Software: Citrix, McAfee EPO, Lyris List Manager, Heat, Remedy, Foot Prints, Exchange 2003, MS Office Suite 2003, 2007 & 2010, MS Visio, MS Project, WebInspect, Secret Server, AppScan, Oxygen Forensics, VMware, Nessus, SolarWinds Ghost, Office 365, Metasploit, Splunk, Blackberry Enterprise Server 4.0 & 5.0, Mail Marshal, Hyper-V, OS Forensics, Wireshark Protocol Analyzer, Sophos antivirus, ZenPrise, EG, RSA Tokens soft and hard

Cloud Service Providers: AWS E/W, AWS Gov Cloud, Microsoft Azure Commercial, Microsoft Azure Gov Cloud, Office 365, Dynamic 365, Box, DropBox, Acquia, Appian, Druva, FireEye, Huddle, Qualys, Splunk, Symantec

Cloud: Amazon Web Services VPC, AWS WAF, Amazon Guard Duty, Trusted advisor, AWS IAM, Amazon Inspector, AWS KMS, Amazon Macie, AWS Shield, Microsoft Azure Azure security Center, Cloud Trail, Cloud Watch, Microsoft Operations Management, Azure AD, Symantec Cloud Work load protection, Endpoint Protection, Storage Protection, Symantec Elastica CASB, DLP, Splunk, Nessus.io vulnerability scanner, FireEye Email Treat Protection

Hardware: Cisco routers and switches, dell laptop, Sonic Wall, desktops and servers, HP laptops, desktops and servers, IBM laptops, desktop and servers, Tandberg VTC

Compliance: PCI, HIPPA, HITECH, SOX, GLBA, FISMA & FEDRAMP

Standards: NIST 800-XX, ISO 27001

PROFESSIONAL EXPERIENCE

Confidential

Cloud Security Consultant

Responsibilities:

• Work with other business units to make sure they are implementing cloud solutions in a secure manner
• Research new technology advancements and conduct evaluations focused on optimizing and improving infrastructure configuration, performance, capacity, availability, and operational reliability.
• Develop cloud security architecture requirements necessary to develop a secure solution for public, private, or hybrid cloud services.
• Develops core documents such as System Security Plan, Contingency Plan, Incident Response Plan, Standard Operating Procedures, Plan of Actions and Milestones, Remediation Plans, Configuration Management Plan, etc.
• Conduct FedRAMP Readiness Assessments and reviewing ATO packages for FedRAMP Cloud environments
• Leverage Archer to manage GRC for the cloud.
• Evaluate all cloud technology for an acceptable level of risk to the HoR.
• Assesses and mitigates system security risks; determine and analyze security and privacy requirements for implementation.
• Performs security control assessment using NIST 800-53A guidance and as per continuous monitoring requirements.

Confidential

Cloud Security Architect

Responsibilities:

• Work with the different institute and centers (IC) on the security architecture of their cloud solution they are looking to implement.
• Assess and validate the various perceived cloud solution that it is cloud or just a managed solution.
• Conducts independent scans of application, network and database and utilizes Managed Security Services Vulnerability Assessment Team (VAT) support as applicable
• Assist with the authorization of cloud solution at an enterprise level for NIH
• Work with CSP’s and 3PAO to ATO cloud solutions for enterprise and specific IC’s at NIH.
• Build out test environments to evaluate cloud solutions.
• Conduct continuous monitoring of cloud solutions.
• Conduct assessments of the different cloud solutions.
• Evaluate, select, design, test, and implement new system architectures and present research results, product updates, and security issues to stake holders
• Review FEDRAMP packages and analyze solutions for an acceptable level of risk for NIH.
• Work with cloud service providers on piloting their cloud solutions and ensuring their solution meets NIH security requirements.
• Maintain cloud catalog for IC’s to be able to leverage.
• Analyze security posture, work with Cyber Security and Applications teams to conduct preliminary investigation, and establish security baseline, risk mitigation and risk management strategies
• Build out, configure and operate cloud infrastructure deployed on Amazon Web Services including Virtual Private Cloud (VPC), Public and Private Subnets, Security Groups, Route Tables, Elastic Load Balancer and virtual devices for various IC’s. Analyze various cloud security technologies for implementation; Nessus, Cylance, Sophos, carbon black, etc.

Confidential

Sr. Information Security Analyst

Responsibilities:

• Developed and documented all related Security Authorization documentation including but not limited to System Security Plan, Cloud Assessment Procedures, and Security Assessment Reports for an industry leading Cloud Service Provider in accordance with FedRAMP and Cloud Security Alliance best practices.
• Conduct security reviews of architectural designs of FedRAMP compliant, cloud Infrastructure as a Service & Platform as a Service offering with Security, Virtual machine, Storage, and Web hosting capabilities.
• Conduct security and privacy impact assessments for all changes to that affect the posture of the system environment of both on premise and FedRAMP compliant cloud systems and applications.
• Work with cloud application developers and other stakeholders to ensure that security standards are adopted into the cloud architectures.
• Utilize FedRAMP Security Assessment Framework (SAF) when conducting information security risk assessments for DOL/ETA IaaS & PaaS environments hosted in an Amazon FedRAMP compliant cloud.
• Modify and create all necessary authorization related documentation into Cyber Security Assessment Management (CSAM) using approved templates and procedures.
• Understanding and enforcement of Federal Information Processing (FIPS), FISMA, FedRAMP and Other Cyber Security related laws, regulations and directives.
• Perform OWASP top 10 and other penetration application scanning using WebInspect and/or AppScan of both on premise and cloud systems & application.
• Utilize Remedy for creating and tracking tickets.
• Assessment and Authorization review of the various systems.
• Utilize CA software change manager to track and review code changes
• Create and track POAM’s to make sure risk are properly documented and tracked until resolution.
• Develops core documents such as System Security Plan, Contingency Plan, Incident Response Plan, Standard Operating Procedures, Plan of Actions and Milestones, Remediation Plans, Configuration Management Plan, etc.
• Apply appropriate information security control for Federal Information System based on NIST 800-37 rev1, SP 800-53 rev4, FIPS 199, FIPS 200 and OMB A-130 Appendix III.
• Assist with activities associated with security awareness, contingency, disaster recovery, incident response, and role-based training for employees. For audits and assessments, assists in gathering supporting evidence.
• Researches best practices for IT security. Performs information security assurance reviews for products, technologies, and services.

Confidential

Information Security Consultant

Responsibilities:

• Advise internal stakeholders on information security risk and control matters throughout the organization and promote the business advantages of managing information security risks more efficiently and effectively.
• Conduct technical & process security reviews, security log monitoring, vulnerability assessment, security assessment of new projects.
• Review the implementation of information security policies & procedures based on ISO 27001 standards; recommend new security practices to strengthen the information security posture.
• Develop secure cloud architecture and perform cloud security engineering on AWS for all of the DIFM state program participants and NEA HQ.
• Perform tenant audits of the various business units that leverage.
• Protects system by defining access privileges, control structures, and resources.
• Determines security violations and inefficiencies by conducting periodic audits.
• Managed the corporate VMware environment, Citrix Xenserver, including sever hardware, storage, configuration, licensing, monitoring, capacity, & performance management.
• Upgrades system by implementing and maintaining security controls
• Perform vulnerability scanning on IS to ensure appropriate protection has been put in place for those systems.
• Monitor network resources with Solarwinds and report to security lead and management.
• Manage the DIFM program with included managing the entire IT infrastructure of 13 states which consisted of over 300 staff.
• Manage the migration of office 365, one drive and sharepoint for DIFM states.
• Coordinates the development, implementation, and administration of high-level security policies, practices, standards and programs.
• Coordinates the development and execution of effective security awareness programs.
• Coordinates and implements solutions (McAfee EPO, Sophos) for effective security of data on desktop and laptop systems (e.g., lost laptops, decommissioned desktops, etc.)
• Participate in data collection, analysis, and management for client assessments and client requests.
• Participates as a member of team providing pertinent security information and input to strategic and tactical planning; initiatives and projects planning

Confidential

Remote Access Administrator

Responsibilities:

• Citrix Presentation Server: Systems configuration and monitoring
• Vsphere 4: Systems configuration and management.
• Blackberry Enterprise Server 5.0.2: Configuration and management. Account troubleshooting.
• Assign RSA software and hardware tokens
• Update and patch servers

Confidential

Network Admin

Responsibilities:

• Provide customer support for over 100 employees
• Administer Cisco switches and routers.
• Repair hardware
• Network monitoring Snort
• Sonic Wall firewall management
• Manage account for our Imis database running on SQL server
• Setup network for annual convention
• Patch Management
• Red Hat Linux Administration
• McAfee EPO for endpoint management
• GFI Mail security
• Disaster recover administration
• Manage Tivoli backup system
• Manage Active Directory and group policy
• Restore data from back up from our backup system.
• Manage network resources
• Perform desktop and laptop malware cleanup
• Setup users for VPN connectivity
• AV and Webinar setup