SUMMARY:

• Over nine years of experience in the Information Security field, enhanced by 4 years of experience in the Information Technology field
• Self - motivated and goal-oriented professional able to work in a changing teamwork environment
• Communicate effectively with technical and business personnel

PROFESSIONAL EXPERIENCE:

Senior Security Systems Engineer

Confidential, San Antonio, TX

Responsibilities:

• Managed Confidential Drive Encryption with a deployment of over 1800 devices. In charge of software updates. Upgraded EPO server, Confidential Agent and Drive Encryption software across the enterprise. Created reports and dashboards. Provided Tier 2 support on encryption issues.
• Replaced Websense Web Content Filters/proxies with Netskope. Currently using the Netskope Web Proxy module. Created web filtering polices based on AD group, whitelist, etc. Working on implementing CASB and DLP
• Worked with Websense/Forcepoint proxies/content gateways. Managed clusters of appliances in dual locations. Worked on the creation of policies and WCCP integration. Used Wireshark to analyze network traffic
• Worked on project to decommission Ironport and Bluecoat appliances from enterprise
• Managed Microsoft System Center Endpoint Protection in Workstations. Created and modified Antivirus policies.
• Manage Symantec Endpoint Protection Manager in company servers. Worked on Antivirus and Firewall rules.
• Deployed and Managed Fidelis Endpoint EDR Solution
• Deployed and managed Fidelis Network sensors and cloud console in IDS mode. Tuned alerts and created new rules
• Scanned systems with Rapid7 Nexpose for security vulnerabilities. Deployed remote scanners and used CIS templates to check server application configuration
• Deployed OSSEC to use the File Integrity Features for compliance
• Manage RSA SecurID Second Factor Authentication Suite. Upgraded Authentication Manager. Added Authentication agents and Radius clients. Worked with Access Management Team to manage and issue software and hardware tokens
• Manage DUO Second Factor Authentication. Created new applications for VPN and VMWare Horizon. Set up authentication proxy. Working on migrating RSA SecurID accounts to DUO.
• Managed Proofpoint email security. Edited rules and worked on incidents and investigations related to spam and malicious emails
• Experience with Splunk. Created queries to look for incidents
• Evaluated and participated in the Proof-of-concept of various security tools such as Threat Intelligence Feeds (Anomali, Recorded Future), EDR (CrowdStrike, SentinelOne, Fidelis Endpoint), Multi Factor Authentication, etc.
• Worked on computer security incidents
• Created documentation for all managed security controls
• Worked on corporate spinoff of company. Split-up environments of Confidential EPO, Web Proxy. RSA SecurID. Worked also on integrating applications with new parent company.

Infrastructure Manager

Confidential

Responsibilities:

• Built Infrastructure team from the ground up. Involved in the hiring process and managed 9 employees with different technical backgrounds (Security, servers, networks, CCTV and telecommunications)
• Worked on analysis and deployment of Checkpoint UTMs to enterprise
• Managed different checkpoint security blades such as Anti-Spam, URL Filtering, Application Control, Firewall
• In charge of Information Security for the whole enterprise. To enhance security: Hired Information Security Analyst, created policies and procedures, deployed Firewalls, AV, Appliance AntiSpam, Patch Management, removed admin rights, created DMZ, etc.
• Installed EPO 5.1 and worked on deployment of epo agent and VirusScan Enterprise to desktops and servers. Created EPO policies and reports.
• Worked on establishing a security mindset in the company starting with the IT Team and also with other departments
• Incident Handler in charge when attacks or vulnerabilities were discovered
• Looked for areas of vulnerabilities in company and worked on mitigating them
• Responsible of multiple projects. Used RASCIs, GANTT charts and ACE Project
• Worked on different projects with the goals of achieving objectives while at the same time reducing risk to the enterprise
• Lead weekly staff meetings with Infrastructure Team and project related weekly meetings. Attended monthly meetings with Senior Management where I presented progress of projects of the Infrastructure Team
• Created IT and security policies and procedures
• Built the case for the company to invest in building a Data Center. Participated in all stages of the project.
• In charge of virtualization and backup projects
• Worked on creation of Wide Area Network for enterprise with over 50 remote locations
• Analyzed and worked with different ISPs to provide the best connections for remote locations
• Worked on reducing IT costs
• Established proper procedures to make changes in network. Created a standard change request form and notification procedures.

Security Engineer

Confidential, San Antonio, TX

Responsibilities:

• Managed deployment of Confidential Change Control software to bank’s Critical Servers
• Worked on Application Whitelisting project. Deployed Confidential Application Control to servers.
• Worked in different projects with the final goal of reducing risk to the enterprise
• Reviewed Firewall changes. Checked for compliance with Change Control process and security issues.
• Worked on project to replace current Mobile Device Management suite to Cisco Meraki Mobile Device Management. Created policies and tested devices for deployment.
• Managed Confidential Network Security Manager (IntruShield) IPS. Monitored for any malicious activity and created custom attack responses.
• Used different tools such as Nessus, Kiwi CatTools, Tripwire, Confidential ePO, RSA Envision, and AIX and ACS logs to create security compliance reports.
• Member of Change Advisory Board and provided security input on submitted changes
• In charge of SANS critical control 5 (Malware Defenses). Worked on Confidential Epo, Confidential VirusScan Enterprise, and other software to reduce threat exposure.

Security Analyst

Confidential, San Antonio, TX

Responsibilities:

• In charge of administration and deployment of Confidential Solidcore Change Control and File Integrity Monitor to bank’s Critical Servers
• Worked in different projects with the final goal of reducing risk to the enterprise
• Reviewed security vulnerabilities detected by Confidential Secure scans and coordinated resolution of issues discovered
• Managed RSA Envision SIEM. Configured multiple devices to send logs to the SIEM. Created custom alerts and reports
• Reviewed Firewall changes. Checked for compliance with Change Control process and security issues.
• Managed Confidential Network Security Manager (IntruShield) IPS. Monitored for any malicious activity and created custom attack responses.
• Created automatic vulnerability scans of different servers and appliances using Nessus
• Used different tools such as Nessus, Kiwi CatTools, Tripwire, Confidential ePO, RSA Envision, and AIX and ACS logs to create security compliance reports.
• Member of Change Advisory Board and provided security input on current changes
• Managed Confidential ’s ePolicy Orchestrator. Deployed Antivirus to workstations and servers and created different Antivirus policies. Deployed multiple repositories throughout the enterprise to minimize bandwidth utilization. Deployed a new ePO server in the DMZ to manage internet based clients
• Managed the installation and deployment of new Hard Disk Encryption Software called Confidential Endpoint Encryption. Automated the deployment of the software through ePO
• Migrated Safeboot deployment to Confidential Endpoint Encryption.
• Managed and deployed Confidential Enterprise Mobility Management software to manage compliance of mobile devices

Systems Engineer

Confidential, San Antonio, TX

Responsibilities:

• Managed and deployed software, updates using Systems Center Configuration Manager 2007 (SCCM 2007)
• Deployed Windows Updates enterprise-wide by using SCCM Software Updates module
• Deployed Computer Images by using the Operating System Deployment module in SCCM
• Member of Active Directory administration team. AD infrastructure consists of over 5000 computer objects. Created custom GPOs and scripts
• Managed BlueCoat Appliance for web traffic filtering
• Managed Confidential ’s ePolicy Orchestrator. Deployed Antivirus to workstations and servers and created different Antivirus policies
• Managed Safeboot deployment. Created different installation sets
• Set up Sharepoint sites and troubleshoot Web and Application servers
• Provided Tier 3 level technical support at enterprise
• Troubleshoot enterprise-wide applications hosted in Windows 2008 and Windows 2003 server systems
• Managed both Windows Server 2003 and 2008 Terminal Servers
• Deployed and managed Citrix XenApp 5.0 server

Network Security Specialist

Confidential, San Antonio, TX

Responsibilities:

• Provided security assessments for Center and school districts with Eeye Retina and other security tools. Also, provided network documentation and network diagrams
• Managed and deployed laptop tracking software (CompuTrace)
• Started Laptop Data Encryption project
• Managed 8e6 R3000 Internet Filtering Appliance, and C30 Email Security Appliance for schools and service center Managed Fortigate IDS
• Checked Server logs to detect signs of intrusion
• Updated network security website, and sent network security newsletter email to school districts
• Installed and managed Windows Update Services(WSUS) to send updates to Workstations and Servers.
• Member of network administration team
• Managed Windows Active Directory network consisting of 300 desktops, laptops and servers
• Provided Technical Support to School Districts such as troubleshooting Microsoft Exchange 2000/2003 Server, managing Windows 2000/2003 servers, DHCP, DNS, Group Policy, setting up Antivirus Servers
• Managed Dell server farm. Set up servers and blade servers with Dell Server Assistant and Server Administrator software. Installed Dell IT Assistant to monitor and diagnose hardware problems in server farm
• Installed and managed WMware ESX 3.0 to start server virtualization project
• Started Really Simple Syndication (RSS) project.
• Contributed to the of the organization’s and school district’s staff by updating network security course, users in applications, sending weekly “Network Security Terms of the Week” email, and network security newsletter
• Managed Computer Associates Integrated Threat Management r8.1 (ITM) Antivirus Server. Created antivirus, and anti spy-ware policies. Deployed from Central Management Console latest version of antivirus software and product updates
• Used AuditWizard software to audit for software licensing compliance
• Set up and managed BridgIT Conferencing server to provide remote technical support to School Districts through the Internet
• Edited Windows SharePoint site

Network Engineer

Confidential, Austin, TX

Responsibilities:

• Provided consulting services to various clients from different industries (Health care, Oil, Land Surveying, Service Industry, etc.), in the cities of San Antonio and Austin
• Provided recommendations to improve clients network’s efficiency and security
• Installed and troubleshot networks (wired and wireless), desktops, servers, laptops, network printers with jet direct cards
• Set up Windows 2000 and 2003 servers for clients. Configured HP Proliant servers with SmartStart software for array and software configuration. Enabled remote access with Terminal Services and Citrix. Created login scripts for clients shared and home folders
• Deployed managed antivirus solutions with Symantec Antivirus Corporate Edition and configured Firewall protection for clients. Installed and configured BrightStor Arcserve backup software
• Set up Blackberry wireless phones
• Provided technical support to clients over the phone.