Objective To leverage my experience in IT Compliance, Security and Infrastructure solutions while looking for a reputable employer who looks for efficient and professional individuals who can work together. As a former Marine I believe that moving forward is a must.

Relevant Work Experience

• South Carolina Department of Revenue, Columbia, SC 02/2013 present Contractor Infrastructure Architecture
• Principal solutions architect for remediating security and vulnerability issues following largest public sector breach to date November 2012
• In less than six months took Windows servers and desktops to highest level of compliance ever seen by the IRS with their SafeGuards program
• Established sound documentation related to adherence to NIST controls while accounting for ITIL, SDLC and operational needs
• Architected green field environment that would allow for strong security principles primarily based on DISA STIG. This environment would be used in parallel for the migration of large enterprise applications.
• o Conducted workshops to document, convert and maintain legacy systems built from scratch in a secure environment
• This environment was primarily based on the following hardware, software and design methodologies to conform to DISA STIG guidance
• o Cisco Nexus 5K, 6K, 1000v. Clustered ASA 5585-x, Unified Computing System, Identity
• Services Engine, Prime, ACS
• ISE design took into account multiple branches, network enclaves, AD awareness and BYOD.
• Least privilege network access, RBAC, high availability o Separated production and test Microsoft Active Directory 2012 R2 environments Multiple read only domain controllers with the design of servicing limited and explicitly defined endpoints
• o PKI Offline 2012 R2 Master, 2012 R2 subordinates, internal external certificate revocation list validation, HA Safenet Luna 1700 HSM
• o Storage EMC VMAX 20K Prod DR , XtremeIO o 3 tier architecture design with defense in depth supporting multiple enclaves
• Two 2012 R2 non-transitive Forests. AD tree structures configured for scalability, automation and least privilege. Adherence to DISA STIGs MS, AD Domains and Forests.
• Multiple border firewalls, HA Palo Alto 5020 6.0 Prod / DR
• Network segmentation at layer three as well as East/West on layer 2 via Cisco VSG.
• Internal traffic routed via Cisco Nexus 6K and ASA 5585. Border and policy access accomplished via Palo Alto appliances with IPS and SSL decryption enabled.
• Gathering infrastructure and security requirements for enclave aware IPS, currently preparing in preparation for POC. Most important design consideration is ability to process all SSL decryption between enclaves.
• Recently completed successful POC for remote client VPN integration with Cisco
• AnyConnect client and Identity Services Engine

Confidential

Networking Analyst II Solution System Designer

• Responsible for overall monitoring and support of endpoint security applications for over 21,000 endpoints across diverse MPLS network in seven states o Worked with application developers and other security professionals to preempt vulnerabilities that may allow for advanced persistent threats
• Worked as technology owner for integrating distributed solutions across multiple platforms during various related business efforts o Consolidation of McAfee ePO server infrastructure
• Removal of CA eTrust audit and replaced with HP Arcsight for enterprise logging o Various NT domain consolidation efforts o Deployed Data Loss Prevention software
• Removal of ProofPoint and installation of McAfee Endpoint Encryption on 21,000 endpoints
• Author and designer of disaster recovery procedures
• Author and instructor for supported distributed systems
• Responsible for providing technology road maps on supported products along with collaborating on long term platform plans
• Present information to upper management regarding the direction of the security and enterprise tools while always keeping in mind cost saving initiatives and return on investment
• Incident response contributor and participant
• SWAT team member for critical outage issues
• Construct proof of concept documents for internal discussions using weighted metrics. This information is used to quantify vendor solutions.
• Architect solutions related to business and IT needs and work proof of concepts to implementation before handover to support staff
• Met SLA 99.4 of time for tier three support items
• Current Public Trust clearance

Confidential

Business Information Security Officer

• Design and implement Tripwire solution with auditable policies to meet threat, change management and Sarbanes-Oxley needs.
• Extensive knowledge in risk methodologies, security configurations and documentation for product development life cycles to streamline processes, implement policies, reduce costs and enhance time to market in support of business initiative. Experience in:

o Third Party Security Assessment leveraging BITS Shared Assessment Program

Methodology o Risk Methodology Framework o Risk, Criticality Assessment o Business Security Assessment o Physical Security o Encryption

o Business Continuity, Disaster Recovery

o Relationship Management

o Policy, Procedure and Guideline Development o Infrastructure, Perimeter Security

o Audit

o Regulatory Compliance o System Development Life-Cycle Process o Vulnerability and Threat Management

Confidential

Wintel Engineer East

• Provided 3rd tier support for CitiGroup related Wintel infrastructure and base images.
• Served as Information Systems representative for Default Management business line for Wintel Engineering Sarbanes-Oxley related audits.
• Setup, configured NetApp FAS270C devices in a clustered redundant real time continuity of business environment leveraging hardware encryption on Decru Dataforts while providing customer access to CIFS shares.

Confidential

Wintel Engineer East

• Top Secret clearance and honorable discharge
• UNIX LAN Administrator for NALCOMIS aircraft maintenance systems