SUMMARY:

• Detail - oriented, highly skilled, and multifaceted professional, offering more than 17 years of experience and skills in threat and vulnerability management, information security analysis, information security architecture, information security policy design, risk assessment, security incident response, and security solutions.
• Skilled at designing and implementing cyber security solutions for major government organizations, petroleum, and financial entities that consistently reduce security costs while elevating the security status of the environment.
• Accomplished history with working with various business and IT organizations in countries around the globe to facilitate security architecture in order to further enhance the security stance of the company.
• Adept at security policies, developing solutions, assessing environments, and interpreting standards that constantly pass the security and regulatory audits. Successful in initiating four separate security programs which passed all third-party audits and all established laws and regulations.
• Comprehensive background in developing and implementing strategic technology and security road maps aligned with the needs of the business to deliver exceptional security and privacy solutions. Knowledgeable of penetration testing, vulnerability assessment, and security program development.
• Expert at implementing network security, SIEM tools, new concepts, identity management, new security technologies, and new security controls as well as in developing innovative security controls and processes that meet business and executive requirements along with protecting information.
• Bilingual in English and Russian.

TECHNICAL ACUMEN:

Security Solutions: Nexpose | Metasploit | NitroSIEM/McAfee ESM | Fireeye | Nessus | Saint | Splunk | Prism EventTracker | TriGeo | CheckPoint | Bitlocker | Websense | Airwatch MDM | McAfee | Symantec | Kaspersky | Arcsight | Cyberark | Control Insight| RSA Envision Encase |RSA Netwitness | Lumension | Bit 9 | Backtrack/Kali |Beyond Trust |LogRhythm

Others: Cisco IDS/IPS | Cisco Ironport | Cisco network devices | Barracuda Spam Devices | SASS | Various HIDS | Data Loss Prevention (DLP) | Sourcefire IPS | Microsoft Windows | UNIX and Linux | SQL | Oracle | IIS | Apache | Various NAC solutions | Python | Ruby | ICS | SCADA | NMap | ZMap |Masscan | Qualys | Various SIEM solutions |P KI Infrastructure and digital certificates

Protocols: TCP/IP | UDP | HTTP | HTTPS | SSL | FTP | TFTP | Telnet | SNMP | ICMP | SSH | DNS | DHCP LDAP | WINS | NAT | SMTP | POP | IPSec | IMAP | SSL/IPSEC VPN | DNSSEC | iSCSI | PAT | NetBIOS | BACnet

EXPERTISE AREA:

• Strategic Planning and Implementation
• Regulatory Compliance
• Project Management
• Risk ManagementSecurity Architecture
• Design Process Improvement
• Change Management
• Software Development Life Cycle Management Deployments and Migrations
• Threat and Vulnerability Management
• Security Awareness
• Incident Management
• Secure Configuration Management

PROFESSIONAL EXPERIENCE:

Primary Global Threat and Vulnerability Engineer

Confidential, Ft. Worth, TX

Responsibilities:

• Developed and implemented the Confidential Global and Confidential scanning environment/architecture and Threat and Vulnerability management programs. Emphasis being on accurate information and metrics from internal and external vulnerability scanning and threat detection activities to lessen risk and that meets SOX and PCI compliance standards
• Responsible for incident management of emerging threats by working with the Confidential and Confidential organizations to facilitate remediation efforts through multiple team collaboration and provide feedback and timely updates to executive management on remediation efforts until completion. Review and improve vulnerability risk assessment processes.
• Provide cyber security guidance for vendor risk assessments as related to new and existing cyber security, infrastructure, and facilities products/services. This included vendor and internal cross-disciplinary team collaboration on proper cyber security controls that would be instituted in order to reduce risk to an appropriate level.
• Delivered guidance and implementation of a global Nexpose scanning solution and Threat and Vulnerability management programs for Confidential and Confidential which included threat modeling, vulnerability risk, and remediation prioritization.
• Design architecture for consoles, pooled scan engines, and deployment of new scan engines into separate security zones for Threat and Vulnerability Management activities
• Remediate false positives and worked with Rapid7 to alleviate concerns around false positive reporting
• Create custom scan templates for AS/400, SCADA/ICS, and Telephony assets
• Administer the Confidential Nexpose scanning environment that includes four consoles and 45 scan engines
• Primary point of contact for incident response, investigation, and management requiring interaction with various internal organizations, managing remediation efforts, and reporting metrics to Confidential and Confidential management.
• Developed and implemented an effective Threat and Vulnerability Management program for Confidential ’s and Confidential ’s 800,000+ assets
• Corrected the Confidential Threat and Vulnerability Management program in six months which consists of 20,000+ active assets. Improved the percentage of assets being monitored by 90%
• Designed and implemented a successful ICS/SCADA Threat and Vulnerability Management program that included actively scanning the entire Confidential SCADA environment
• Assessed Internet perimeters for Confidential, Confidential subsidiaries, and Confidential and provided interpretation of risk criticality and remediation options for threats and vulnerabilities via various controls and evaluated PCI compliance adherence.
• Effectively implemented the risk assessment process for evaluating vulnerability impact to the business. models. Managed the qualitative risk assessment of vulnerabilities based upon the CVSS scoring and internal risk metrics
• Via TVM activities, found misconfigured infrastructure devices, servers, unknown assets, unapproved assets, and inappropriate network connectivity for assets and remediated the vulnerabilities to an acceptable risk level
• Successfully implemented asset tagging for risk assessment and accurate reporting of metrics to various business teams and management that included the current status of SOX and PCI compliance for the company and subsidiaries’
• Initiated and directed the implementation of vulnerability scanning of assets globally and Splunk integration.
• Efficiently handled vulnerability remediation activities with internal global teams and vendors. Average remediation time was 3 weeks
• Designed and implemented the Cyber Security Champions program which trained advocates for Cyber Security within Confidential
• Provided cyber security guidance for vendor risk assessments as related to new cyber security, infrastructure, and facilities products/services. This included vendor and internal team collaboration on proper cyber security controls that would be instituted in order to reduce risk to an appropriate level

Information Security Officer

Confidential, Irving, TX

Responsibilities:

• Design a comprehensive information security program within the given $150,000 budget which involved both internal and advisor/customer security practices and solutions as well as assessment of information security risk in light of executive management's risk tolerance and advisor acceptance as member of the H. D. Vest divesture from Wells Fargo
• Serve as the principal member of the Information Security Steering Committee as well as stakeholder of the Risk Oversight Committee
• Function as the leading member of the Computer Incident Response Team ( Confidential ), in charge of investigating the internal and external incidents as well as rendering guidance and root cause analysis to executive leadership
• Administer the review, validation, redirection, audit, and approval of information security infrastructure at three data centers
• Organize and facilitate risk mitigation meetings between cross-disciplinary team collaboration as well as oversee and approve physical security systems and strategies at all H.D. Vest Facilities
• Evaluate and approve security exceptions as well as monitor the environmental compliance with all the employed policies and the execution of due care audits and assessments of vendor contracts for information security concerns
• Managed Security Operations Center ( Confidential ) that consisted of 15 junior and senior level Information Security Professionals
• Handled threat and vulnerability management (TVM) activities; tuning led to a 73% decrease in false positive alerts for the entire environment
• Successfully managed and corrected the security architecture, which was developed by the divestiture contractors, while meeting stringent timelines and keeping the cost of the security solutions within the given $150,000 - $200,000 dollar budget. Second year security control and services costs were reduced by 28.5%, decreasing administration time, and increasing the level assurance
• Prospected technical vendors to implement the information security architecture that was available for purchase by the advisors that increased adherence to FINRA, FFIEC, and SEC regulations by 35% in the first year
• Prepared weekly reports for the management regarding the security state of the environment and forensic root cause analysis of H. D. Vest and advisor security incidents which facilitated strategic decision regarding security, compliance, business objectives, and budgetary allowances
• Designed, implemented, and managed the H D Vest Security Operations Center ( Confidential ) which performed activities that included penetration testing, scanning, forensics investigation, and monitoring of the environment. This includedthe installation and troubleshooting of the environment security tools such as Nexpose, Saint, and SIEM tools and validation of the information being aggregated from logs or scans into these tools from multiple platforms.
• Spoke yearly at the H D Vest national conference to 150-200 non-technical advisors about Cyber Security

Principal Cyber Security Engineer

Confidential, Carrolton, TX

Responsibilities:

• Oversaw the design, testing, and implementation of the cyber security solutions of the AIM physical security systems for 64 nuclear power plants across the Unites States as well as Strategic Reserve, Department of Defense, and Department of Energy sites. This required being responsible for the design, testing, documentation, and implementation of the secure network architecture for Confidential INC physical security systems, which ranged from $5 - 50 million dollars
• Spearheaded the preliminary and ongoing sales meetings on how product provides appropriate levels of cyber security and comply with current regulations, while managing budgetary allowances related to each customer or facility
• Carried out Threat and Vulnerability assessments and audits as well as completed fuzzing, internal vulnerability scans, penetration testing, and interpretation of results for the facilitation and auditing of remediation efforts as well as removal of vulnerabilities. SIEM event tuning led to a typical decrease in false positive alerts by 82%
• Responsible for driving Confidential INC initiatives in Information/Operations Warfare, Electronic Warfare, Knowledge management/discovery, Cyber Security Systems Engineering & Integration, and Information Assurance
• Founding member of the Cyber Security Stakeholders Committee, responsible for coordinating with the senior management regarding cyber security initiatives and insights about the emerging information security business sectors
• Acted as the primary point of contact for forensic investigations and incident response for Confidential INC cyber security customers, which included provision of due diligence guidance relating to the incidents.
• Served as an effective Confidential INC representative, responsible for meeting with a panel at Confidential in January 2011 to a group of more than 200 students and small business owners regarding information security
• Provided effective solutions to client’s cyber security concerns for four $20M systems that caused delivery delays for several years, which helped enhance the Confidential INC image as a cyber-security service provider which led to further business developments
• Successfully secured $300M in new National Security Agency ( Confidential ) cyber security business
• Responsible for installation of SIEM solutions at all 64 sites, which included deploying, training, technical support, and verifying and troubleshooting central log aggregation from multiple platforms

Operations Security Officer

Confidential, Addison, TX

Responsibilities:

• Developed and implemented the information and physical security controls for an environment that processes 750,000 credit report requests daily. These controls were built from the ISO 27002 standard and included installation and troubleshooting of the security tools in the environment such as a SIEM, File Integrity Monitoring, and central log aggregation.
• Assured compliance with the business and security certifications, auditing requirements, and current state of security infrastructure in creating, implementing, and managing information security program and remediated the software development lifecycle for secure practices
• Gave a weekly update to management regarding security vulnerabilities, emerging threats, as rendered recommendation on security control solutions within a $100,000 dollar budget that met business and compliance requirements
• Established and led the Computer Incident Response Team ( Confidential ) in containing and resolving security incidents along with overseeing forensic investigations and providing root cause analysis conclusion reports to the management
• Led the validation and testing of business continuity and disaster recovery plans
• Displayed expertise in developing a successful information security program within one year where none had previously existed as well as enabled the successful passing of the company on 63 audits and SAS70 type II within two and a half years, including the achievement of PCI and RI3PA/EI3PA compliance within six months of the project initiation. This required meeting the requirements with a limited budget of $100,000 and reduced onsite audits by 90%.
• Played an integral role in developing, testing and deploying security controls with cross-disciplinary team collaboration without delaying the contractual-based service level agreement (SLA) of returning the credit report request to end user in three seconds or less
• Brought improvement to the employee security awareness through instigation of training programs and materials
• Established a SDLC for development that adhered to industry standards such as OWASP and ITIL.

Senior Security Analyst

Confidential, Plano, TX

Responsibilities:

• Provided floor management and expert leadership to a team for the Plano Global Security Operations Center ( Confidential )
• Functioned as an effective primary Computer Incident Response Team ( Confidential ) contact for internal and 110 external clients that reported security events, including server compromise, corporate espionage, inappropriate Internet and email usage, and confidentiality breaches
• Spearheaded the investigation, diagnosis, remediation, and resolution of Cisco Intrusion Detection System (IDS), IBM Internet Security Systems (ISS), RSA enVision, McAfee, Sourcefire Intrusion Prevention System (IPS), and firewall alerts and vulnerabilities
• Performed thorough analysis of client networks and devices for the identification and resolution of security risks
• Established new RSOC’s in Saragosa, Spain, and Kuala Lumpur, Malaysia and facilitated the training of analysts
• Completed accurate documentation of all evidence for computer forensic investigations as well as maintenance of chain of custody and enforcement of business continuity plans
• Established the security center in Saragossa, Spain, ensuring compliance with the European privacy laws and regulations as well as assisted in the employment of procedures for regional security center in Kuala Lumpur, Malaysia
• Functioned as the subject matter expert (SME) for Confidential Security Team, managed the Confidential personnel that received the Microsoft 2008 Excellence in Overall Security Award
• Responsible for remediation of vulnerabilities, troubleshooting of central log aggregation and validation of log information from multiple platforms