PROFESSIONAL SUMMARY:

• Currently serving as a Cyber Security Analyst Shift Lead for SAIC/CWS at the United States CENTRAL COMMAND, MacDill AFB in the proactive defense and incident management with the Department of Defense. Highly motivated and has a great, "can do" attitude with multiple industry s and 15+ years of IT Experience; including Medical Device Security (RANSOMWARE), Cyber Security, Network Security, Information Assurance, Digital Forensic/eDiscovery, SCADA Security, Network Administrator, Systems Administrator, Virtualization and Cloud technologies.

TECHNICAL SKILLS:

Security Mechanisms: Palo Alto firwall, Cisco ASA firewall, CheckPoint, Bluecoat Proxy, ArcSight ESM/Logger, Nessus, Retina, enCASE Enterprise, enCase End Point Investigator, enCase eDiscovery, NMAP, Kali Linux, SAINT, Metasploit, Core Impact, Google Hack, Internet Evidence Finder (IEF), SCAP, STIGs, ACAS, HBSS

Networking: TCP/IP, VPN, LAN/WAN, Firewalls, Switches, Routers, Wi - Fi

Operating Systems: Windows, Linux, Unix, OSX

Programming|Scripts: knowledge - C, C++, Java, Bash Shell, Python, JavaScript

Virtualization: VMware, Hyper-V, Citrix, Virtual box

Backup Utilities: Backup Exec, Veritas, Windows Backup, Acronis, Symantec

PROFESSIONAL EXPERIENCE:

Cyber Security Analyst

Confidential

Responsibilities:

• Lead Computer Network Defense Analysts.
• Conduct 24x7 real-time threat analysis for United States Central Command (US CENTCOM) Headquarters and AOR NETOPS through multiple situational awareness and management tools.
• Research, analyze, track and report on all known Cyber Security threats, events and incidents.
• Maintain IA-CND sensor grid situational awareness from Tier 0 to Tier 2; report and respond to sensor grid outages and/or anomalies; direct network surveillance resources.
• Determine malicious activity and recognize emergent patterns and linkages to visualize cyber attacks through the use of various network management and security tools and systems.
• Perform Cyber Security Information gathering from various intelligent agencies such as (FBI, CIA, DIA, NSA, DISA, etc.,).
• Review security threats and determine effective countermeasures, as required.
• Analyze network or system changes/reconfiguration for security impacts.
• Distribute current IA-CND intelligence information to the USCENTCOM Components.
• Review and update Cyber Security tactics, techniques and procedures (TTPs) and Standard Operation Procedures (SOP).

Network Security Analyst

Confidential

Responsibilities:

• Served as a key technical member of the Network Security and Digital Forensic Analyst team assisted in implementation and maintenance of Information Security and forensic related to activities required to safeguard the Company’s information and asset.
• Responded to investigative and eDiscovery requests from Human Resource (HR), Legal, and Compliance, related to insider threats that occur in an enterprise environment.
• Responsible in preserving and analyzing network and host-based digital evidence according to industry standards.
• Document and report finding of investigations; use commercial forensic tools such as (EnCase Enterprise, EnCase EndPoint Investigator, EnCase eDiscovery, Internet Evidence Finder (IEF), Tableau Forensic Imager, Writeblocker, ArcSight ESM/Logger, Palo Alto Firewall, Bluecoat Proxy) and investigative methods to locate and review specific types of digital electronic artifacts.
• Provided forensic and technical advice to Legal, Compliance, and Human Resource leadership in cases that may involved fraud, employee code of conduct violations, criminal activity, and breach of confidential or proprietary information.
• Responsible for all phases of a project related to electronic evidence disposition and disposal.
• Responsible for security monitoring and incident response activities for Baycare enterprise environment including users, computer systems, and medical devices.
• Regularly conduct proactive hunting for security incidents based on threat intelligence, current adversary and environmental baselining to identify potential compromised assets.
• Utilize ArcSight Security Incident Manger, ArcSight Logger, Proofpoint Threat Intelligence, Palo Alto Firewall, Bluecoat proxy, Virustotals, Wireshark, Riverbed to review, triage and correlated suspicious network activities and malware.
• Analyze network traffic to determine if security alerts are true positive or false positive and perform research on malware through best practices such as Proofpoint Threat Intelligent to track possible root and cause.
• Researched, procured and implemented various best of breed network security tools to ensure Baycare can defend itself against APTs, malware, phishing, and threat against our intellectual property and PHI.

Independent IT Consultant

Confidential, St. Petersburg, FL

Responsibilities:

• Work closely with clients such as local home computer users and small businesses to analyze IT system requirements, information technology needs and their resources in order to plan projects and fulfill clients’ expectation
• Installation, configuration and troubleshooting - LAN/WLAN, desktop computers, laptops, routers, switches, Modems, standalone/network/wireless printers, and applications
• Setup and secure clients’ LAN and Wireless Network
• Perform systems backup and data recovery, mitigate security vulnerabilities (viruses, spywares, Trojans and other malicious codes)
• Stay current with emerging technologies - research, evaluate and recommend IT/security Technologies to meet business needs. Constantly update knowledge in Information Technology especially in cyber security and threats

Sr. Cyber Security Analyst

Confidential

Responsibilities:

• Contractor for the VistA Evolution project for U.S. Department of Veterans Affairs.
• Certified that Code Reviews of custom developed applications using the current approved static code analysis and penetration test tools should be conducted to identify security vulnerabilities, coding, and design flaws within the applications and systems.
• Ensured that a penetration test and full application assessment must be performed that includes automated and manual assessment tools and techniques on Internet Facing and/or High Impact applications.
• Ensured that all Critical and High vulnerabilities must be mitigated or have a documented mitigation plan.
• Developed and updated Standard Operating Procedures (SOP) and related documentation for clients. Examples: System Security Plan (SSP), Operational Acceptance Plan (OAP), Accreditation Requirement Guide. Risk Assessment (RA) Business Impact Assessments (BIA), Computer Incident Response Team (CIRT) SOPs.
• Performed tests and assessments on system and/or telecommunications networks to ensure the security configuration and operation is as described in security policy plans.

Sr. Computer Systems Security Analyst

Confidential

Responsibilities:

• Analyzed the results from DISA-approved security tools and provided SME-recommendations based on vulnerability scan results. Considered the asset’s functional environment and business impacts it could have for Joint Staff J6-Pentagon and the warfighters.
• Conducted Security Risk Assessment on all new applications, IT Systems or changes to existing IT Systems and devices to verify if they satisfy established security baseline before adoption into Joint Staff J6 enterprise enclave.
• Performed Retina and Nessus Scans for all the Pentagon Joint Chiefs of Staff J6 enclaves.
• Helped establish secure baseline Windows 7 and Windows Server 2008 R2 images at the Joint Staff when there was no existing secure baseline images setup previously.
• Created efficient and repeatable software security testing process using VMware virtual lab environment and Retina Network Security Scanner
• Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG) Expert, used the DoD Vulnerability Management System (VMS) to report compliance of systems and baseline images, and worked on transitioning the Joint Staff to using Assured Compliance Assessment Solution (ACAS) and Security Content Automation Protocol (SCAP)-NIST.
• Performed hands-on monitoring of network traffic for user violations of acceptable use policy and potential insider and outsider threats.
• Mentored junior, intermediate and senior members of the IA staff in the evaluation, assessment and understanding the security requirements of all associated DISA IA supported programs (i.e., POA&Ms, STIGs, and overall C&A processes).

Software Engineer II | Information Assurance (IA)

Confidential

Responsibilities:

• Contractor for the Tactical Local Area Network (TACLAN), U.S. Special Operations Command (USSOCOM), Cooperative Engagement Capability (CEC), U.S Navy, Department of Defense (DOD), Government of Saudi Arabia Ministry Department (Project K), Purple and Enterprise Campaign proposals.
• Analyzed the results from DISA approved security tools and provided recommendations based on vulnerability assessment scan results. This is performed while taking into consideration the asset’s functional environment and business impacts it could have for our warfighters.
• Performed vulnerability assessment and penetration tests on internal systems and external network with the use of popular penetration tools (Core Impact, Retina, NetCat, and NMAP).
• Provided SME input to programs IA process improvement, including construction of new process and policy documentation, creation of IA artifact definition and criteria, and assessment of IA requirements with regards to DIACAP compliance.
• Integrated TACLAN’s environment within a virtualized systems using VMware’s ESX Server and Virtual Center Client. Created installation guides for the step-by-step installation of TACLAN’s virtualization platform to include VMware Virtual Center, VMware ESX Server, Storage Area Network components, and disaster recovery. Tested and verified the operation of virtualization within the TACLAN environment.
• Performed extensive software testing: Unit, Installation, Integration, Regression, Acceptance and vulnerability testing against classified and unclassified systems to ensure FISMA and DITSCAP compliance.
• Responsible conducting researches, documents, lecturing/presentation, cyber vulnerability assessments and Penetration Testing against SCADA systems.
• Responsible for COTS integration: installation, configuration MS Windows, Red Hat Linux/UNIX, Virtual VMware ESXi, IXIA Network Analyzer, Confidential s, IDS/IPS, and desktop applications with the developed enterprise environment.
• Performed datacenter critical infrastructure integration and hardening to ensure operational redundancy and security of HVAC/UPS systems, severs, network devices and other technology components.
• Part of the Confidential NCS Enterprise Campaign team, whose goal was to combat advancing cyber threats against critical infrastructure/SCADA systems.
• Taught Confidential Cyber STEMS program (ComptTia A+, Network+, and Security+ s) at Pinellas County Science Center.

Sr. Systems Administrator

Confidential

Responsibilities:

• Setup, configured, and administered backup servers for daily and weekly backup of file and database servers including MS Exchange E-Mail and MS SQL database servers with Veritas.
• Created and deleted e-mail accounts, configured and administered e-mail servers, and performed Postmaster duties for message broadcast including priority and emergency message.
• Created, disabled, deleted, and administered user accounts in MS Windows server 2003 and Citrix environment, enforced access rights permission to all groups of users and password policies including audit of policies.
• Produced documentation for Standard Operating Procedures (SOPs) of systems and configurations, policy and procedures for hardware and software installation, E-mail, Disaster and Recovery Plans and Continuity of operation Plan.
• Performed installations, configurations, upgraded, and support for systems and users on Windows OS, Windows Servers, and Mac OS.
• Upgraded, troubleshoot and fixed Laptops, desktops, printers, faxes/copy machines, and wireless devices.
• Provided technical support of corporate LAN/WAN environment as well as escalated technical support issues.
• Monitored network and servers with SolarWinds and helped address any issues that arose.
• Set up and performed antivirus and malware scanning with McAfee and Norton software for end-users.