OBJECTIVE:

To secure a challenging position in a network-engineering environment which provides job satisfaction and professional technical growth

PROFESSIONAL STRENGTHS

Hardware: Cisco 2500/3600 routers, Cisco Catalyst 2900/6500 switches, Cisco Pix firewall. Nokia IP 440/660, Sun SPARCstation 5/10, Sun Ultra 1/5, Sidewinder 2150e firewall

Operating Systems: Cisco IOS 11/12, Solaris 10, Windows 2000,

Applications/Tools: Security Expressions, Web trends, ISS, NMAP, Visio Professional, Spectrum, Kerberos, Splunk, Wireshark,

PROFESSIONAL EXPERIENCE

Confidential

Senior Infosec Engineer

• Provide centralized InfoSec Solutions to government and private sector clients resulting in improved security posture and compliance.
• Implemented security and engineering in-depth solution through various technologies including intrusion detection, penetration testing, cross-domain solutions, and vulnerability and risk assessments.
• Used various guides including NIST 800-53 after receiving full knowledge of the targeting systems
• Worked with network engineers to determine network traffic and protocols and implemented need-to-know and least privileges to mitigate authorization creep.

Confidential

Senior Security Program Manager

• Monitored and supported network connectivity problems using HP OpenView and Splunk.
• Maintained network hardware/software upgrades on routers and switches.
• Performed trouble shooting of network connectivity problems on multi-homed networks, firewall configuration and connectivity.
• Documented public and private network configurations for future upgrades and troubleshooting purposes.
• Validate new customer projects and assure communication by reviewing various protocols including HTTP, SMTP, FTP DNS and verified PKI Certificates based on RFC standards for TCP/IP using protocol analyzer Wireshark
• Implemented additional reputation based security controls with Cisco Iron Port Web Security Appliance WSA email agent.
• Validate machine data on the network in real-time or historical with technical indexer SPLUNK and create user accounts for audits performed by external Security Division.
• Review network designs and granted approval for new projects.
• Enabled port security on cisco catalyst switches and enable sticky for static devices like file and mail servers.
• Generated certificates and RSA keys for SSH connections on switch to improve network security posture.
• Confirmed speed and duplex of devices currently connected to switches.
• Configured routers and switches for organizations and enables routing protocols.
• Upgrader routers and saved images to TFTP servers.
• Encrypted configurations files on routers and switches.
• Troubleshoot network connections over Ethernet and ISP Serial connections.
• Configured duplex communication on cisco switches.
• Reset lost enable passwords on the Cisco routers and switches while saving existing configurations.
• Configured ASA Firewalls.
• Configured VLAN on Cisco switches on production and maintenance networks.

Confidential

Computer System IDS Team Lead Staff

• Led team members in providing real-time analysis on suspicious network activity.
• Created customized scripts for known vulnerabilities of IDP appliances and analyzed the data in Wireshark Protocol Analyzer to be forwarded to the CIRT Team in a PCAP file.
• Conducted vulnerability assessments known exploits such is outstanding SYN packets on the network with no corresponding SYN/ACK replies.
• Verified and authenticated proper use of customer network resources.
• Monitored, configured, and recommended changes to policies on ISS Site Protector appliance.
• Reviewed system logs in support of analysis activities. Performed functional analysis, timeline analysis, detailed trade studies, requirements allocation and interface definition studies to translate customer requirements into network detection specifications.

Confidential

Information System Security Officer

• Advised the system owners pertaining to security considerations in applications systems procurement or development, implementation, operation and maintenance.
• Developed and maintained system security plans SSP and contingency plans for all systems under the directorate.
• Assign protection levels PL to systems in SSP for ISSM approval under DCIS 6/3 and ICD 503.

Confidential

Deputy Information System Security Manager

• Demonstrated analytic capability by working with an integrated team covering all areas of network security testing as well as vulnerability mitigation for remediation of discovered critical vulnerabilities. Developed and performed Security Architecture best practices and firewall/IDS implementation.
• Managed security of the component's information systems to meet the business needs of the customer based on security requirements. Provided INFOSEC policies within the organization based on DCID 6/3 and ICD 503 standards.
• Implemented INFOSEC programs and served as the subject matter expert for security related decisions regarding networks and systems. Approved requests for clients, and confirmed that these requests were compliant with agency policies, and procedures in areas like media handling and the primary contact for INFOSEC related topics.
• Recommended resolutions for security issues and breaches, and substantiated links between documented security requirements in a secure environment.
• Assisted network administrator in configuring servers and systems to meet NSA and NIST standards and performed ST E's utilizing NSA Security Technical Implementation Guides STIG's .

Confidential

Security Engineer

• Provided analysis to comply with the policy and guidelines including be not limited to DCID 6/3 NIST Special Publication 800 37.
• Performed penetration testing for certification and accreditation based on FISMA standards.
• Used NMAP and other industry standard COTS tools to complete C A Packets.
• Recommended resolutions for security issues and breaches, and substantiated links between documented security requirements in a secure environment.
• Assisted network administrator in configuring servers and systems to meet NSA and NIST standards and performed ST E's utilizing NSA Security Technical Implementation Guides STIG's .