Objective

To become a valued asset in a team-oriented environment that will challenge my skills and abilities as a Cyber Security Engineer/Analyst with the potential for enhanced responsibilities and advancement opportunities as prescribed by long-term corporate goals.

Summary

Senior Information Technology professional with hands-on, project, and team management experience in various disciplines within Information Technology, including: Systems Administrator, Network Administrator, Systems Architecture, Network Security, Cyber Security Engineer, Information Security Analyst, Penetration Tester, Critical Infrastructure Security Analyst, Digital Forensic Examiner, information assurance, PC Technician, and IT Support Help Desk Support Analyst.

COMPUTER SKILLS

• Software Tools: ACAS, NESSUS, Retina, VMS STIGs, SRR, POAMs, HBSS, BlueCoat, DIACAP, FISMA, Core Impact, Metasploit, Google Hack, SAINT, NMAP, Netcat, McAFee ePolicy, McAfee Gateway7, Websense, Wireshark, Snort, Cisco Security Agent CSA , Cisco MARS, Cisco IPS/IDS, SEIM, SSH, CARVER, Coalfire, WhiteHat, Exchange 2000, 2003, 2010, SharePoint 10, SCCM, Remedy, Visio, Norton Symantec, Ghost, PC Anywhere, PowerChute,
• Operating System: Windows Server 2012, 2008, 2003, Windows 8, 7, Vista, XP, 2000, NT4, 95, MS-DOS, Red Hat Enterprise 4, 5, Ubuntu, BackTrack, Citrix, Mac OS, LynxOS, Cisco IOS.
• Protocols Technologies: TCP/IP, IPX/SPX, UDP, FTP, HTTP, DNS, LDAP, SMTP, POP3, NFS, ARP, RARP, ICMP, WWW, NTP, SNMP, RIP II, IGRP, EIGRP, OSPF, BGP, MPLS, VLAN, L2-L3 QoS, IGMPv2. Ethernet, Fiber, Token Ring, IPSec, VPN, SSL-VPN, Cryptography, Over PPP, PPTP, HDLC, L2TP, PSTN, DSL, SDSL, ISDN.
• Scripts: JavaScript, Python, Bash Shell.

EXPERIENCE

Confidential

Senior Security Analyst

• Edited and updated System Security Plan SSP , Operational Acceptance Plan OAP , Accreditation Requirements Guide SOP , and Risk Assessment documentations.
• Coordinated and collaborated with the VA's Cyber Security team to ensure that Code Reviews of custom developed VA applications using the current approved VA static code analysis tool should be conducted to identify security vulnerabilities, coding, and design flaws within VA applications.
• Coordinated with the VA's Cyber Security team to ensure that a penetration test or full application assessment must be performed that includes automated and manual assessment tools and techniques on Internet Facing and/or High Impact applications.
• Coordinated and collaborated with VistA Evolution project team members to ensure that all Critical and High vulnerabilities must be mitigated or have a documented mitigation plan.

Confidential

Senior Computer Systems Security Analyst

JOINT CHIEFS OF STAFF

• Member of Cyber Security team SOC, NOC, IA Engineer responsible to the government for policy assurance of Joint Staff J6 system resources utilizing Nessus Security Center- Assured Compliance Assessment Solution ACAS , DISA Host Based Security System HBSS , eEye Retina Network Security Scanner, Security Content Automation Protocol SCAP , DISA Security Technical Implementation Guide STIG , DISA Vulnerability Management System VMS , and other IA tools.
• Enforced System Hardening of: Red Hat Enterprise Servers, MS Operating Systems, Database applications Oracle and SQL , software/applications and mobile devices.
• Responsible for vulnerability assessment and protect critical enterprise infrastructure enclaves and hosts to ensure with comply routine audits by DISA/DoD.
• Utilized classified security assessment tools on network segments, servers, applications, and network devices to assess security compliance with IAVA alerts and network policies.
• Researched and developed new agile strategies to secure and protect the Joint Staff J6 from security vulnerabilities, threats and breaches.
• Administered DoD Information Assurance Certification and Accreditation Process DIACAP mission assurance planning and implementation that will follow DoDI 8500.2 and DODI 8510.
• Conducted security assessments of new or modified hardware, operating systems, and software applications ensuring integration with DoD IA security requirements.
• Assured products performed as stated and did not introduce vulnerabilities in which the risks associated could not be mitigated to an acceptable level.
• Monitored, maintained and tracked assets in the Vulnerability Management System VMS .
• Analyzed technical reports from classified security assessment tools and sensitive data to identify deficiencies, trends, problem areas, and compliance with DISA Security Technical Implementation Guides STIGs and Checklist.
• Generated vulnerability reports from VMS and distributed them to various groups within the Joint Staff Operations.
• Provided Security monitoring capability by analyzing computers and network nodes using classified security monitor tools approved by DISA/DoD.
• Detected vulnerabilities, attacks, and security violations on a Joint Staff J6 network enclaves and recommended appropriate countermeasures and remediation.
• Tracked and initiated the deployment of any new information security IAVA patches and updates.
• Mentored and trained cyber security engineer/analyst, NOC, and SOC staff on complex security alerts, threats and breaches.
• Trained cyber security members how to properly implemented DISA STIGs on image.
• Trained cyber security members how to update vulnerability assessment scanner tool.
• Trained cyber security members how to generate vulnerability reports and uploaded to DISA's VMS system.
• Created procedures how to perform vulnerability scan, applied DISA STIGs, and remediated the vulnerabilities.
• Prepared and briefed security alerts, threats, breaches and recommend solutions for civilian and military leadership at the Joint Staff J6.
• Provided strategic support for all phases of the NIPR and SIPR security enclaves within the Joint Staff J6.
• Delegated technical tasks and mentored team members to achieve organizational objectives.

Confidential

Cyber Security Engineer

JOINT CHIEFS OF STAFF

• Member of Cyber Security team SOC, NOC, IA Engineer responsible to the government for policy assurance of Joint Staff J6 system resources utilizing Nessus Security Center- Assured Compliance Assessment Solution ACAS , DISA Host Based Security System HBSS , eEye Retina Network Security Scanner, Security Content Automation Protocol SCAP , DISA Security Technical Implementation Guide STIG , DISA Vulnerability Management System VMS , and other IA tools.
• Enforced System Hardening of: Red Hat Enterprise Servers, MS Operating Systems, Database applications Oracle and SQL , software/applications and mobile devices.
• Responsible for vulnerability assessment and protect critical enterprise infrastructure enclaves and hosts to ensure with comply routine audits by DISA/DoD.
• Utilized classified security assessment tools on network segments, servers, applications, and network devices to assess security compliance with IAVA alerts and network policies.
• Researched and developed new agile strategies to secure and protect the Joint Staff J6 from security vulnerabilities, threats and breaches.
• Administered DoD Information Assurance Certification and Accreditation Process DIACAP mission assurance planning and implementation that will follow DoDI 8500.2 and DODI 8510.
• Conducted security assessments of new or modified hardware, operating systems, and software applications ensuring integration with DoD IA security requirements.
• Assured products performed as stated and did not introduce vulnerabilities in which the risks associated could not be mitigated to an acceptable level.
• Monitored, maintained and tracked assets in the Vulnerability Management System VMS .
• Analyzed technical reports from classified security assessment tools and sensitive data to identify deficiencies, trends, problem areas, and compliance with DISA Security Technical Implementation Guides STIGs and Checklist.
• Generated vulnerability reports from VMS and distributed them to various groups within the Joint Staff Operations.
• Provided Security monitoring capability by analyzing computers and network nodes using classified security monitor tools approved by DISA/DoD.
• Detected vulnerabilities, attacks, and security violations on a Joint Staff J6 network enclaves and recommended appropriate countermeasures and remediation.
• Tracked and initiated the deployment of any new information security IAVA patches and updates.
• Mentored and trained cyber security, NOC, and SOC staff on complex security alerts, threats and breaches.
• Trained cyber security members how to properly implemented DISA STIGs on image.
• Trained cyber security members how to update vulnerability assessment scanner tool.
• Trained cyber security members how to generate vulnerability reports and uploaded to DISA's VMS system.
• Created procedures how to perform vulnerability scan, applied DISA STIGs, and remediated the vulnerabilities.
• Prepared and briefed security alerts, threats, breaches and recommend solutions for civilian and military leadership at the Joint Staff J6.
• Provided strategic support for all phases of the NIPR and SIPR security enclaves within the Joint Staff J6.
• Delegated technical tasks and mentored team members to achieve organizational objectives.

Confidential

Software Engineer II / Cyber Security Engineer

• Identify potential network, host, and application vulnerabilities perform network, host, and application vulnerability scans using eEye Retina, Nessus, Netcat, NMAP, and Core Impact.
• Implemented DISA STIG's, ARMY Gold Disks and Raytheon's proprietary security tool to ensure software and hardware are compliance with DoD security requirement.
• Responsible to organize, plan, schedule and perform risk-based enterprise IT audit assessment for enterprise level systems, applications and networks to FISMA Information Security Controls DIACAP and NIST 800-53 IA controls .
• Evaluated and reviewed network, data, applications, and systems security, including configuration management, identification, authentication, and authorization methodologies.
• Conducted research, trade study, and implementation for various vulnerability security and IA tools to provide support for current and future projects.
• Conducted network vulnerability assessments and penetration testing for Supervisory Control and Data Acquisition SCADA systems using eEye Retina, Nessus, Netcat, and Core Impact to identify operational vulnerabilities and develop remediation strategies
• Implemented authentication methods 802.1x using Radius servers, Cisco switches, and MS Windows server 2003 and 2008.
• Responsible for installation and configuration Windows Vista, Windows 7, Windows server 2003, Windows server 2008, Red Hat Enterprise 5, Exchange 2010, VMware ESXi 5, IXIA, cisco switches and desktop applications for project K and various enterprise Campaign projects.
• Managed and configured daily operations of complex Global Enterprise Power Management Systems APC InfraStruXure to include APC Symmetra UPS, APC In Row Power Distribution, APC InfraStruXure Cooling, APC RC In Row Cooling, APC Rack PDU's, APC NetShelter Racks, and PowerChute for project K.
• Integrated and tested heat and water sensors within the project K's data center to ensure all operational.
• Wrote and implemented scripts to retrieve all APC UPS devices logs and gracefully shutdown all servers and devices during power outage.
• Configured security measures in all UPS Infrastructure systems to prevent internal and external cyber threats.
• Worked and trained international customers to test and evaluated the effectiveness of Power Management Systems.
• Brief senior leaders and team members weekly during team and Scrum meeting, on status for all projects and recommend forward strategies and remediation solutions.
• Participated in several multimillion dollars proposal included Purple, Project K, Enterprise Campaign, and CEC project.

Confidential

IT Security Instructor Volunteer Instructor

• Taught CompTia Network , Security , and A for Pinellas County Science Center Cyber Stem which sponsored by Raytheon Corporation, Pinellas County, City of Saint Petersburg, and Saint Petersburg College as part of community outreach.
• Developed lesson plans and teaching strategies for weekly lectures.
• Acted as a lead for all volunteer instructors.

Confidential

Senior Systems Administrator

• Supported a multitude of software Operating Systems as well as Software Packages to include Windows Server 2003, Active Directory, Citrix Server, Exchange Server 2003, SQL Server 2005, Blackberry and PBX Phone Server.
• Enforced System Hardening of: Firewalls, Routers, Switches, Telecommunications, Server infrastructure, Virtual Private Networking Access Control Lists and Diagnosed Network / Server configuration deficiencies. Managed all phases of LAN / Wan to include network planning, network design, network configuration, network management, and wrote Network Security Policy's.
• Architected secure solutions and enforced policies for remote VPN access for mobile clients and remote sites.
• Implemented Wireless connectivity inside corporate building using Cisco Aironet access points. Implemented Leap and 128 bit WEP encryption security in order to provide information assurance for wireless infrastructure.
• Managed day to day operations of Server infrastructure to include: capacity planning, reliability, data integrity and backups / restores, using Veritas Backup Exec.
• Worked with external consultants to test and evaluate new accounting/finance software, company intranet and internet websites.
• Integrated the design and implementation of next generation security-focused products.
• Documented organizations network and server infrastructure to establish current processes for new and current system integration projects.
• Developed plans for the integration of Citrix technology onto Corporate Enterprise infrastructure.
• Administered user accounts in MS Windows 2003 environment, enforced access rights permissions to specific groups of users and password policies including audit of policies, created and deleted e-mail accounts, setup and configuration of server and workstations to include operating system and application installation, data and email restored.
• Provided Tier I, II, III level support for the organization.
• Created documentation for Standard Operating Procedures SOPs of system configurations, policies and procedures for Disaster and Recovery Plans and Continuity of Operations Plan.

Confidential

Systems Support Analyst

• Installed, Configured, troubleshot and maintained Windows NT 4.0 wks /servers, Windows 2000 wks/servers, Windows 2003 Servers, and Open Servers SCO UNIX , Veritas Backup and network printers.
• Installed, configured, and assisted nurses and pharmacists at multiple hospitals across the country in troubleshooting with Perinatal and pharmacy's software problems.
• Managed, maintained and supported File Servers, Web Servers, Open Servers, Database servers and Backup devices remotely with multiple hospitals across the country.
• Generated trouble tickets and managed help desk ticket system.

Confidential

Marketing Support Engineer/QA Analyst

• Responsible for variety of complex and independent activities involved in analysis documentation and interpretation of data related to department extensive quality assurance testing on EPSON products.
• Evaluated, interpreted, collected data and prepared written reports and analysis setting progress, a diverse trends and appropriate recommendations or conclusions.
• Responsible maintained liaison with Epson Quality Assurance and utilization Review, Risk Management Offices as well as related Administrative departments represent the department on various quality audit committees.
• Developed forms and procedures to track and compile information and apply appropriate data analysis techniques maintain computerized database for tracking quality assurance statistics.

Confidential

IT Site Manager

• Integrated, managed and supported Windows Servers NT4/2000, Active Directory, Domain Controller, Exchange Server 5.5/2000, File Servers, Print Server, UNIX HP 9000 and clients.
• Coordinated data recovery with business development staffs, Database Administrators, and LAN Administrators weekly in preparation for major disaster.
• Coordinated and collaborated with outside contractors to conduct sites survey for new shipping terminal and Teklogic wireless installation across multiple shipping terminals
• Performed tasks related to the routine administration of the Microsoft systems including support of all Windows servers, workstations, and laptops, Wireless network, and local/network printers for 24 hours business operation.
• Administered and maintained computer hardware components, hubs, switches, routers, NIC, VPN, TCP/IP, DHCP, DNS, Veritas Backup Exec.9, Norton Antivirus/Ghost, and network operating systems.
• Maintained user accounts, groups, profiles, and privileges through the administration tools available within Window's NT Server 4.0 User Manager for Domain.
• Upgraded memory on workstations SDRAM and EDO upgraded system BIOS to conform to Y2K compliance.

Confidential

IT Field Support Engineer

• Supported Windows NT 4.0 / Server, Window 95/98 clients and assisted end users with software and hardware related problems.
• Configured and troubleshoot PCs/local/network printers, hubs/switches/routers/controller and peripherals.
• Imaged machines using Ghosting Software and Upgraded software Bios chips for Y2K
• Supervised a working crew of 10 to 30 people on computer and networking related projects at Merrill Lynch, Paine Webber, Prudential Security, Sprints, Washington Mutual Bank, Texaco Corporation.