SUMMARY:

• Network Solutions Security Architecture, technical project management of security initiatives and IT security engineering
• 15 plus years of hands on design, configuration, implementation, administration and technical project management of security initiatives for large enterprises spanning multiple security domains and associated controls groups
• 10 plus years of Security Solutions architecture
• 5 years of vulnerability management, risk analysis, vulnerability remediation, asset management and tracking
• 10 plus years of working in mixed Windows and Unix environments
• 8 plus years of remediating audit failures
• Design and implementation of controls
• Change management processes and workflow
• Risk analysis on Windows, Unix and network infrastructures in support of policy, vulnerability management and regulatory compliance
• Hands on working knowledge in PCI DSS, SOX, NIST and HIPAA frameworks
• 10 plus years working with TCP/IP and packet analysis. (tcpdump and wireshark)
• 10 plus years of technical project management in enterprise environments covering the project lifecycle of initiation, product evaluation, planning, implementation and closure for security initiatives in firewall management, SIEM, AV, encryption, vulnerability scanning, encryption, network access, IDS, IPS, DLP and automated workflow management.
• Hands on experience with a wide array of open source and proprietary security tools that would include FireMon, Lumeta IPsonar, SIEM QRadar, Vulnerability Scanners, Data Loss Prevention, Firewalls, Intrusion Prevention, Intrusion Detection, Anti - Virus, Desktop firewalls, Packet analyzers, Automated Workflow Management tools and web application scanners (Webinspect, Appscan).
• 10 plus years of design, service and support of network infrastructure prior to becoming security focused
• Written and Verbal skills for presentations, documentation, security policy review/update and underlying procedures.
• Taking online training/labs offered by Pluralsight and Microsoft
• Completed the below courses
• Foundations for Cloud Architecture
• Azure Fundamentals
• Azure Security
• AWS Fundamentals and Administration
• SSCP: Risk Identification, Monitoring and Analysis
• SSCP Incident Response and Recovery
• Payment Card Security, Processing and the PCI Standards
• Agile Fundamentals
• QRadar
• Windows Power Shell Basics
• Python Fundamentals
• Preparing for the Cloud Security Alliance CCSK certification in Cloud Security

PROFESSIONAL EXPERIENCE:

Security Engineer

Confidential

Responsibilities:

• Supporting the DuPont and Dow merger
• Firewall change management of Juniper firewalls
• Utilization of networking knowledge and FireMon toolsets to assist with the re-ip of the DuPont firewall rulesets that would affect assets being re-ip’d sitting behind Juniper firewalls in DuPont data centers, corporate and manufacturing sites
• Applying security policy to requests for initial approval of requests
• Creating change management tickets utilizing FireMon Security Manager and Policy Planner.
• Troubleshooting firewall related access issues due to the ongoing merger
• Contributing team member for network security design and review of changes necessitated by the merger.
• Firewall cleanup
• Heavy utilization of FireMon Security Managers reporting capabilities and functionality to determine policy, rule and object usage
• Creating change management tickets with policy planner to facilitate cleanup in regards to unused, shadowed and hidden rules.

Confidential

Sr. IT Security Analyst

Responsibilities:

• Security validation of the BTrade TDCM EDI (electronic data interchange) application prior to being promoted to production
• Completed all Confidential procedural documentation that was required for application approval thru application acceptance, prior to the applications promotion to Production.
• Managed the remediation of application vulnerability failures with the application vendor
• Documented and ensured all Confidential security policy, relating to application security configuration was in place
• Functional application testing.

Confidential

Security Architect

Responsibilities:

• Design and implementation of security initiatives and managing those initiatives thru the project lifecycle
• Lead security architect for the FireMon initiative
• Implemented FireMon Policy Planner and Security Manager to remediate policy violations, change management and logging audit failures on both the global PCN and corporate networks.
• Refined and simplified the DuPont firewall change management processes by combining 2 disparate change management systems into 1
• Gathered workflow requirements from stakeholders, firewall owners and current workflow from existing tools to be integrated into a customized Policy Planner workflow
• Reviewed and approved or denied firewall rule change requests by applying AP&C (Automation and Process Control) security policy against requested rule changes
• Interpretation of firewall change requests into actionable firewall rules and determining what firewall change requests would need to be applied
• Approver for firewall change requests on PCN (Process control network) and IT firewalls.
• Designed and integrated the approval process for access and authentication to the toolset
• Implemented FireMon Security Manager core module for approximately 500 Juniper and Checkpoint firewalls to report into FireMon
• Dissemination of product functionality to security, audit, firewall owners, approvers and admin groups
• Creation of custom searches utilizing FMQL
• Implementing reports and recommending changes on shadowed and hidden rules, least and most used rules, unused rules etc. to increase performance and throughput of enterprise firewalls
• Path and traffic flow analysis
• Managed the tool prior to being handed off to OPS
• Contributing security architect for the Chemours spinoff
• Lead architect for the Chemours FireMon initiative
• Member of the review board to ensure that adequate security controls were being migrated from the DuPont to Chemours network
• Contributing security architect for the secure design of the DuPont Extranet
• Threat modeling.
• Determining use cases
• Contributing security architect for the review of Network Security Solutions and Security Technology Refresh
• Hosted meetings for stakeholders from the Global enterprise
• Interaction with cross functional teams included telecom, audit, legal, infrastructure, security and change management
• CVI certified - Chemical-terrorism Vulnerability Information
• Researching security technologies and threats to determine if current controls are adequate
• Review of existing network design and the Juniper UAC architecture to ensure that the network is being vigorously defended against the current threat landscape
• Network Security Documentation
• Visio

Confidential

Sr. Security Analyst

Responsibilities:

• Management and administration of a QRadar SIEM
• Incident response to events identified as deemed to be possible incidents
• Analysis of offenses and events
• Behavioral analysis of network flows
• Pruning false positives
• Flow analysis
• Custom rule and Building block design to trigger offenses and events
• Creation of searches in support of security incidents and investigations
• Generated reports for baselines and metrics
• Customization of dashboards and reports
• Active Directory
• Management of ADmanager Plus across 4 domains
• Bulk user creations, deletions, group modifications
• Report creation in support of audit
• Analysis of DLP (Proofpoint) logs
• Analysis of Checkpoint (Smartcenter) rules and logs
• Application security scans
• SSL certificate management
• Nessus vulnerability scans
• Virus definition update audit
• Physical security

Confidential

Senior IT Security Engineer

Responsibilities:

• Member of the Security Gap Assessment team
• Currently in the Plan stage of the ISO 4 phase model.
• Discovery of security gaps based on interviews and responses to questionnaires based on the ISO 27001:2005 framework
• Analysis of the client responses leading to a formal document which outlined the clients’ current security posture and the risks that would be assumed for non-compliancy
• Made the appropriate recommendations for the controls that would need to be put in place to reduce risk and be compliant
• Managing the vulnerability and network audit scanning project which culminated in scans of targeted servers in the global enterprise data centers
• Utilizing Nessus for the vulnerability scan and Nipper Studio for the network infrastructure audit
• Configuration of multiple scans on targeted servers across the enterprise
• Managing the scan from the perspective of asset identification, identifying the platform and application owners as well as giving guidance to the stakeholders on the results of the scan
• Creating the high level reports from the results for upper management
• Management and scheduling of resources across the global enterprise to bring the project to a successful conclusion.

Confidential

Senior IT Security Engineer

Responsibilities:

• Worked within the governance, risk and compliance sector of SunGard ITIL security model.
• Administration and log analysis for Websense data loss prevention
• Manage and administer the Rapid 7 Nexpose scanning
• Configure and initiate network scanning.
• Generate reports to track metrics of the scanning.
• Write procedural documents in support of the scanning process.
• Application security scans
• Advise asset owners on security best practices and risk so as to comply with policy.
• Advise and work with auditors to ensure compliance.
• Advise and give guidance on how to implement best practices and meet control objectives.
• Member of the Archer Framework implementation team
• 01/09 - 06/09 Jacob and Sundstrom - Network Security Analyst contracted to the Department of Defense
• Primarily focused on the analysis of traffic crossing between military and non-military networks bound for military assets as well as military sourced traffic bound for non-military destinations.
• Identify non-compliant, malicious network traffic
• Identify real time external and internal attempts to exploit network and host based assets and applications via HTTP, SNMP, TCP/IP, FTP, IM etc.
• Relay appropriate information to mitigate threats to the firewall team
• Snort, TCPDUMP and a number of other proprietary tools are used in the analysis of both behavioral and Signature based rules.
• Write and recommend rules for implementation into the toolset
• Identify and report on assets containing malicious threat capability
• Contact with all levels of management for the remediation and knowledge sharing of events.
• Report tracking and management of remediation efforts.

Confidential

Responsibilities:

• Engaged in a short term contract to design a solution for the remediation of network access vulnerabilities discovered during an audit
• Provide technical support to national account director during client meetings and follow up on any security centric issues the client requires to be addressed
• Coauthor the following statements of work with the account director
• Scope
• Project lifecycle details deliverables
• Designed a Tacacs+ solution for Network Access Compliance
• Engage with client technical staff for all pre solution implementation discovery
• 08/05 - 12/07 Cingular Wireless / Confidential & Confidential Mobile - Security Vulnerability Manager for the Cingular Wireless NE region
• As an original member of the vulnerability management security initiative for the NE region I implemented processes and procedures to get the initiative off the ground and continued to review, refine and implement these procedures and processes when applicable
• Introduced Preventsys as a remediation and automated work flow management tool along with managing the project lifecycle.
• Conducted product evaluations of security tools in support of the following security initiatives
• Vulnerability scanners
• IPS and IDS
• Security management toolsets
• Workflow management
• SIEM
• Generated risk assessment documentation for variances
• Managed the remediation and mitigation of vulnerabilities for all core network platforms (OSS, SGSN, BSC, RNC, MSC, HLR, and VLR) in all markets of the Cingular Wireless Northeast region for Windows, UNIX and Solaris platforms.
• Vulnerability Scanning
• Nessus, nCircle, Retina
• Correlation and workflow tools (Preventsys)
• OS Hardening
• Worked with platform owners of Windows and Unix based systems to standardize new production builds to SANS top 20
• Initiated policy and procedures for hardening of UNIX and Windows based servers
• Remediate existing production servers
• Team member for SOX compliance and audit remediation
• Team member to assess ISO 17799 controls.
• Administer the archiving of all security related requests and correspondence in support of due diligence.
• Represented the NE region on security panels for a variety of security initiatives.
• Access Management
• AD and Unix
• Account builds
• Account scrubs
• Audit of role based permissions and management of access control matrix
• Wrote policy and the associated procedures in support of vulnerability management.
• Worked with all the market operations managers to disseminate security policy, procedures and processes.
• Working with the platform owners I resolved any issues that arose due to remediation requests on the respective platforms that they own.
• Acted as a security ambassador to instill the need for security and the timely remediation of vulnerabilities.

Confidential

IT Security Engineer

Responsibilities:

• Project manager and Team Lead for the Bristol-Myers Squibb Desktop Firewall Initiative
• Managed the project from inception thru test pilot.
• Authored all project documentation.
• MS Project document
• Firewall summary and recommendation documents
• Firewall criteria
• Project charter, scope, stakeholder, test plans etc.
• Conducted the assessment of the current firewall technology and based upon those findings made recommendations for the initial vendor selection.
• Developed criteria for 2’nd round of vendor selection.
• Developed test strategy for test phase and conducted the actual testing.
• Developed the strategy for firewall components that would be implemented.
• Developed strategy, scope and objectives for pilot phase.
• Set up and evaluated McAfee, ISS, Sygate and Zone Labs firewalls along with the enterprise management components.
• Created line item criteria to be used in the vendor reverse auctions
• This resulted in significant price reductions from initial vendor quotes.
• Created objectives that vendors would be tasked with.
• Reviewed Vendor Statements of Work for accuracy.
• Actively participated in and contributed to the BMS security focus group.
• Headed project team meetings and created applicable PowerPoint presentations.
• Gave presentations focused on various aspects of security to the global BMS security group