SUMMARY

• I am a dynamic Security Engineer with 18+ years of record achievements and proven success with hands - on technical expertise to support critical data security infrastructures.
• I am technically proficient with multiple network firewalls/IPS sensors, and other network security hardware. I have exceptional problem solving skills while working with customers which allows me to secure sensitive data for controlling inbound and outbound content and all aspects of DMZ server computing.
• I have lead and managed many different teams and served on many national level projects from secure to unsecure.

TECHNICAL SKILLS

FIREWALLS: Cisco ASA5510 -ASA5585 and Juniper Space Screen-OS & Junos SRX, Checkpoint, Palo Alto

IPS/IDS: Source Fire, Cisco Fire Power, IBM ISS Proventia, McAfee, Juniper IPS

ANALYSIS / SIEM: Wireshark, Sysinternals Utilities, QRadar, Splunk, ArcSight, FireEye, BlueCoat Proxy

SCANNING: Nessus(7.0.3) Security Center (5.6.2.1), Metasploit, NMap

ROUTING: BGP, OSPF, EIGRP, RIP, MPLS, IPSec / GRE tunnels for VPN

WAN: T1, DS3, DSL, SONET, Multilink’s, PPP, Frame Relay, NVPN, MPLS

SYSTEM ADMIN: Solaris, Unix, Linux, Windows 2000 server, NT/5.0, DNS, DHCP

NETWORKING: Voice Over IP, IP Telephony, wireless, Data

NETWORK MANAGEMENT: Cisco Works, syslog, SNMP, Agilent packet analyzer, LDAP

PROFESSIONAL EXPERIENCE

Confidential

Senior Network Security Engineer

Responsibilities:

• Implemented security policy requirement for Nessus Security Center (5.6.2.1) for Dashboards creation for Center for Internet Security (CIS) Compliance and vulnerability assessments for auditors and for various Network/ Server / Desktop and Security Team for deep analyses.
• Created Scan Policies, Audit files, Credentials, Dynamic/Static Asset list, for Network / Server / Workstation scans for Weekly Vulnerability assessment with Nessus Security Center.
• Created Host Discovery Scan for all devices in the network using the Nessus Security Center.
• Work with various teams on scheduled scans on different devices with the scan results imported to an excel file generation from Nessus Security Center Low/Medium/High/Critical resulting in a devices list and enabling a view of their vulnerabilities as well as how to remediate those issues.
• Worked with OIG Agents on their cases to ensure information obtained was not malicious in content and used Palo Alto WildFire, PA - Threat Vault, Virus Total, Joe’s Sandbox, etc.
• Hands-on experience with Juniper / Palo Alto security Firewalls and IPS systems.
• Implemented Palo Alto Traps Endpoint Security and pushed out via SCCM to all workstations and Servers.
• Technical and security knowledge in a specialty such as log analysis, incident response, enterprise vulnerability assessment and/or remediation
• Provides authoritative advice to other support groups in systems security, and provide remediation steps and assist in developing and implementing Confidential -OIG stated guidelines
• Experience with alert analysis in a computer network intrusion/detection environment Blocked on IP, Hash, file type, Domain URL
• Implements security requirements resulting from new DOC-Cirt, US-Cert, Presidential directive, or other external mandate; integrates security programs across Confidential -OIG in relation to security incident reporting.
• Reviews and evaluates security policies; identifies need for changes based on new security technologies or threats; tests and implements new policies and institutes measures to ensure awareness and compliance.
• Working knowledge of well-known security tools such as NMAP, TCP-Dump, Wireshark, QRadar, Splunk, Juniper Space/NSM, Palo Alto, Nessus, Metasploit, Dynamic Malware Analysis Tools (Procmon, Process Explorer, Regshot, INetSim).
• Problem Solving: Identifies and analyzes problems; weighs relevance and accuracy of information; generates and evaluates alternative solutions; makes sound recommendations.
• Performed Phishing email analysis and Software/Executable analysis by using various tools such as Virus Total, Threat Crowd, Joe’s Sandbox Cloud, PA-Threat Vault, PA-WildFire

Confidential

Senior Cyber Security Analyst

Responsibilities:

• Leads the implementation of Confidential security forensics programs in collaboration with Confidential liaisons designed to anticipate, assess, and minimize system vulnerability (e.g., intrusion, Firewall or BlueCoat access and authentication programs.)
• Writes procedural documents once a need is identified to change security infrastructure, systems, processes and procedures based on new security technologies or threats
• Coordinates the implementation of Confidential security forensics programs in collaboration with Confidential liaisons across platforms and establishes vulnerability reporting criteria to insure protection of Confidential automated information.
• Provides authoritative advice to other support groups in systems security and provide remediation steps, assist in developing and implementing Confidential stated guidelines
• Investigates potential security risks, recommends mitigation or countermeasures, and works with support groups until resolution is achieved.
• Implements security requirements resulting from new DOC-Cirt, US-Cert, Presidential directive, or other external mandate; integrates security programs across Confidential in relation to security incident reporting.
• Reviews and evaluates security policies; identifies need for changes based on new security technologies or threats; tests and implements new policies and institutes measures to ensure awareness and compliance.
• Coordinates security activities with the Office of Security, the IT security officer at the Department of Commerce and the Office of Human Resources.
• Investigating, preserving, and analyzing advanced persistent threats that identify sources and methods that may be used to exploit vulnerabilities in the system and/or network.
• Planning and implementing corrective mitigation to stop advanced persistent threats, security incidents, system intrusions, anomalies and potential unauthorized activity and misuse.
• Possess a deep understanding of hacker techniques, vulnerabilities, attacks and countermeasures.
• Maintain a strong awareness and understanding of the current threat scope to conduct research on emerging security threats and potential customer impact.
• Strong knowledge of identified operating system platforms, routers, network protocols and security architecture.
• Working knowledge of well-known security tools such as NMAP, TCP-Dump, Wireshark, QRadar, Splunk, Juniper Space/NSM, Nessus, Metasploit, Dynamic Malware Analysis Tools (Procmon, Process Explorer, Regshot, INetSim).
• Working knowledge of common attacks and vulnerabilities and possesses strong understanding of common categories of malware and characteristics of each.
• Knowledge of Confidential enterprise systems in regard to information security solutions to various network and application development teams on key initiatives.
• Leads security team that develops and implements IT security forensics standard procedures.
• Experience with alert analysis in a computer network intrusion/detection environment or similar field desirable.
• A strong understanding of the information security threat landscape including detailed technical knowledge about the most prevalent vulnerabilities, threats, attack methods and infection vectors.
• Hands-on experience with Juniper security Firewalls and IPS systems
• Technical and security knowledge in a specialty such as log analysis, incident response, enterprise vulnerability assessment and/or remediation
• Communication: Makes clear and convincing oral presentations to individuals and groups. Listens effectively; clarifies information as needed. Speaks and writes in a clear, concise, organized, and convincing manner that is appropriate to the audience. Facilitates an open exchange of ideas to ensure all group input is considered. Handles technical, sensitive or controversial topics with agility, involving executives/managers as appropriate.
• Problem Solving: Identifies and analyzes problems; weighs relevance and accuracy of information; generates and evaluates alternative solutions; makes sound recommendations.

Confidential

Senior Security Engineer

Responsibilities:

• Build Site to Site VPN between customer and company central office.
• Upgrade Cisco ASA IOS from 8.4 to 9.1(2)5.
• Troubleshooting using packet tracers and captures and Wireshark.
• Build SSL-VPN at all sites for secure communication to internal network.
• Configure Access-list on company and customer Firewalls.
• Configure NAT statements on version 9.1(2)5.
• Enable SNMP version 3 on all devices.
• Enable TAC-ACS on all devices and maintain Cisco ACS server administration.
• Configure SNMP and update SolarWinds topology with new devices to be monitored.
• Configure Solar Winds access for external customer portal via SSL-VPN and PAT.
• Configure VMWare View client to have access to VDI workstations.
• Mentor junior engineer on troubleshooting and writing method and procedures documents.
• Configure Cisco IPS modules on all Cisco ASA firewalls.
• Modify signatures to either Alarm or Deny sessions.
• Enable signature updates on all IPS modules.
• Enable best practices configurations on all devices router/switch/firewalls.
• Setup RF antennas with GEOSpier and MEOSpier Satellites.
• Work with Ibuilder and Imonitore for RF Satellite administration.
• Configure Routers for MPLS via BGP with Service Providers, and redistributed into EIGRP.
• Configure Cisco 3750 switches stacks for local network.
• Configure Vlans access ports and Trunks.
• Update trouble ticketing system for detailed fix action.

Confidential

Senior Security Engineer

Responsibilities:

• Work on service case reported by customers that are either escalations or change requests
• Configure Access-list on customer firewalls for Checkpoint/ Juniper/ Cisco
• Configure Static or Hide Nat statements on Checkpoint firewalls.
• Build Site to Site VPN’s for Checkpoint /Juniper / Cisco firewalls
• Configure Remote Access SSLVPN for Cisco ASA firewalls via ASDM
• Upgrade Cisco ASA firewalls from version 8.2 to 8.4
• Troubleshoot by running packet tracer or captures on Cisco ASA firewalls
• Troubleshoot Juniper ScreenOS via Snoop and log captures
• Configure Juniper SRX firewalls Access lists
• Configure Site to Site VPN’s for Juniper SRX firewalls
• Configure Source Fire IPS Sensors with updated signature definitions from Defense Center
• Modify signature policies for Source Fire IPS that are Inline or Passive to Alarm or Drop.
• Configure Source Fire IPS for Management
• White list traffic on Source Fire Defense Center
• Configure IP Profiling on Source Fire to find the Top Talkers on sensor
• Generate a Troubleshooting file to work with Source Fire TAC on escalation issues.
• Upgrade Source Fire IPS from 10.2.5 to 10.3.4 software revision
• Modify signature policies for IBM ISS Proventia IPS that are Inline or Passive to Alarm or Drop
• Upgrade IBM ISS Proventia IPS from 4.3 to 4.6 software revision.
• Modify signature policies for Cisco IPS via IDM or CSM that are Inline or Passive to Alarm or Drop
• Upgrade Cisco IPS software revision