Professional Summary:

• IT Security Professional with over 15 years of experience supporting enterprise scale networks. Experience working in a 10, 000 server environment, dealing with at least 500 servers in a day. I have extensive experience in scanning network vulnerabilities, penetrating testing and finding immediate remediation for the problem. I also have extensive experience setting up networks and configuring firewalls. As well as using intrusion detection system IDS and Intrusion prevention systems IPS software. I have ten years working with host base intrusion security Applications.
• Software: Back-Track5, Virtual Box, Blade-Logic Automated Server, Centrify, Novell Identity Manager, MS Windows Server 2003, E-DMZ Par, MS Windows Server 2008, MS Windows 7, McAfee Orchestrator, McAfee Anti-Virus, and McAfee Foundstone, VMware Server, MS Outlook 2010 Sun Solaris 10, Linux, Firewall: Checkpoint-1, PCAnywhere, IBM Proventia Network Intrusion Prevention System IPS , Intrusion Detection System IDS , IBM Proventia Management Site Protector, and Proventia Network Enterprise Scanner, MetaSploit, NMAP , Exceed 7.0, RSA Security, Deep Trend Micro, Peregrine Service Center, VERITAS, BlackBerry Server, Perforce, and Cisco Wireless Control System
• Compliance: Payment Card Industry Data Security Standard PCI DSS , Open Web Application Security Project OWASP , International standard for an Information Security Management System ISO 27001 , National Institute of Standards and Technology NIST
• Protocols: RIP, ARP, TCP/IP, DNS, DHCP, WAN, LAN, SMTP, OSPF

PROFESSIONAL EXPERIENCE:

Confidential

Security Engineer

• Communicate with the Information Technology IT Department to remediate security alerts and respond to information security incidents that could potentially impact the network, systems and applications at the 1199SEIU Funds
• Monitor security functionality IDS/IPS and Endpoint and report daily operational metrics provide scheduled management reports on risk status of network infrastructure, applications, internet activity, email filtering, vulnerability management and security metrics
• Maintain daily log monitoring services for Fund applications, databases, and network IronPort, MSSQL, Oracle, SEP, QNXT, V3, AD, Cisco Firewalls, Core Switches, VPN
• Perform ongoing administrative tasks and partner with IT to ensure the upmost availability for systems NeXpose, Metasploit, and DLP provide SME support during DLP Email Implementation
• Plan, test, and deploy IronPort HTTPS Policies proxy cleanup to augment existing internet monitoring solution communicate with IT to validate existing physical network segmentation
• Software Maintenance and Support. Application System Administration.
• Manage Incident Response program including updates to standard, guidelines, procedures, classification, and follow escalation process maintain incident documentation and remediation tracking system.
• Design, Deploy, and Maintain Security Incident Event Management within Mcafee SIEM, Database Activity Monitoring DAM , and Database Vulnerability Manager DVM system provide a lead role for endpoint and network security project initiatives
• Perform additional duties and projects as assigned by management

Confidential

Security Engineer

• Arc-Sight Appliance: Configure arc-sight logger and ESM to correlate with arc-sight smart connectors
• Beyond-Trust: install the PowerBroker Servers Authorization Agent , Configure Power-Broker servers, configure the required Access Policies and Execute Policies on the Proxy Host. Configure event logger.
• Blue-Coat: configure hierarchy and unit configurations. Modify Packet-Shapers in Policy-Center. Install Policy-Center on Windows Server 2008. Add rules to the Windows Firewall. Change and reset user passwords within Policy-Center. Configure new organizations in Policy-Center. Create new user accounts within Policy Center. Assign configurations to organizations.
• Cisco: Application Control Engine configure server farms, configure VPN's, troubleshoot routing protocols
• Cisco Scan-Center: Set-Up user e-mail message, Create LDAP and SAML authentication Realm, test authentication settings within Cisco ScanCenter, and download Audit Reports.
• Enforced/Configured security policies within checkpoint Smart-Dash-Board: Configured DLP, URL filtering. Checkpoint Gaia: configured Network interfaces. Configure site to site VPN's and user to site.
• Executed penetration testing using Qualys: scanning for open ports, application vulnerabilities, etc. Key-Focus Configure Honey-Pots within KF sensor interface, configure DOS settings
• Configure and troubleshoot DNS DHCP protocols within windows 2003,2008, and 2012
• MacAfee: Enforced/Configured security policies: Configured DLP, URL filtering.
• Source-Fire: Configure source-fire appliance to the network
• Troubleshoot network issues using the OSI model
• Provided network Intrusion Detection System IDS and Intrusion Prevention System IPS management
• Configure custom rules and sites, correlate validations and block sites within Imperva
• Symantec: Run PCI security audits, configure, configure and manage remote users, configure structure groups, assign users to configured groups, manage users computer: password and network access.

Confidential

Security Engineer

• Automated the process of vulnerability management and policy compliance across the enterprise provide network discovery and mapping, asset prioritization, vulnerability assessment reporting, and remediation tracking according to business risk using Trend Micro Deep Security Management System: Malware and spyware, scanning. IPS/IDS configuration.
• Configured McAfee Found-Stone penetration technology, Anti-virus scan and connect end points using McAfee Orchestrator
• Executed compliance and security checks on Linux, Windows 2003, and Windows 2008 servers going online using Blade-Logic Server Automated Software. Execute and maintain the 12 components form that's part of the PCI compliance checklist outlined by the PCI Security Standards Council.
• Prepared server audit reports using Microsoft Excel for countries such as: Turkey, Puerto Rico, India, Jamaica, etc.
• Security Governance: made decisions and wrote reports about the framework of security issues and task for future reference.
• Used Blade-Logic automated server management to support and troubleshoot issues, such as: agents, patch and software deployments,
• Trend Micro Deep Security Management System: Configure Intrusion Prevention/Network Intrusion Prevention System: Investigate changes on the network using file integrity monitoring, apply new policies to new computer/servers entering the network environment using Trend Micro Enterprise Manager.
• Executed penetration testing using Qualys: scanning for open ports, application vulnerabilities, etc
• Attended ongoing security meeting with various such as: Network Managers, Software Developers, Mainframe team, etc.
• Vaulted: Vault Linux, Windows 2003, and Windows 2008 servers and passwords using E-DMZ Par
• Added Unix users into Centrify and import them into Active Directory
• Created table and user accounts within the Oracle Database
• Ran Vulnerability scans using Microsoft SQL
• Configured user account and permissions using Microsoft GroupWise
• Analyzed logs and investigate incidents using Envision SIEM
• Configured level of permission within Blue-Coat proxy servers
• Used Nmap for network inventory, managing service upgrade schedules, and monitoring host or service uptime
• Monitored/troubleshot ArcSight SIEM for network alerts: viruses and users mis-use
• Used MetaSploit for web application testing, password auditing, network discovery and risk validation
• Created wireless guest-net accounts using Cisco Wireless Control System
• Created training documents using PowerPoint and Microsoft Word 2010
• Provisioned/De-provisioned users using Novell Identity Manager
• Provided network Intrusion Detection System IDS and Intrusion Prevention System IPS management
• Executed Perl scripts to verify open-shares and standard privilege on Linux, Windows 2003, and Windows 2008 compliance servers
• Configured VPN's using ASA Cisco 5500
• Attended migration meeting with various I.T Departments
• Configured users account within Linux-Red Hat and Solaris 10
• Processed authorized changes to machine log-on ID's and security software
• Configured network access managed using Active Directory Infrastructure
• Worked on assign tickets using Service-Now Ticketing System
• Monitored and test mobile devices across the network using Keynote mobile software application.
• Enforced/Configured security policies within checkpoint Smart-Dash-Board: Configured DLP, URL filtering. Checkpoint Gaia: configured Network interfaces.

Confidential

Security Engineer

• Created users account in Microsoft Active Directory.
• Set-up and configure firewall policies.
• Provided network Intrusion Detection System IDS and Intrusion Prevention System IPS management
• Investigated and resolve security vulnerabilities
• Resolved trouble network tickets using Peregrine Service Center. Followed SLA's protocol.
• Monitored and troubleshoot the following networks: Linux, Solaris, and Microsoft Windows Servers using the Microsoft System Center Operations Manager.
• Troubleshot Web servers and applications using MSCOM Health Check tool.
• Monitored web applications using Topaz monitoring tool.
• Added users to Microsoft Access database
• Configured and troubleshoot mobile security devices within Keynote
• Configured and troubleshot ASDM configuration using Cisco ASA
• Ran load balanced test using Keynote.
• Monitored and troubleshot performance, real-time users, and mobile monitoring across the network.
• Created and delete user IDs within access list
• Created user ID and passwords using user-add command
• Administered password access to user and groups.
• Pre-created pools of computer accounts within Centrify Suites
• Created Server Templates and added permission within Centrify Suites
• Participated in bridge calls troubleshooting network and user's issues.
• Updated logs in the Peregrine Service Center.
• Configured Trend Micro Office Scan 8.0: Configured Permissions, Cluster Resources, and updated nodes.
• Worked with management and the I.T team monitoring network change through Peregrine Service Center: Change management feature.
• Monitored the network using Proventia Network Intrusion Prevention System.
• Configured security policy within IPS and created security reports.

Confidential

Network Administrator

• Supported and resolved over 200 UNIX and Windows Servers within the Pfizer Environment.
• Created users accounts using Microsoft Active Directory.
• Resolved all trouble UNIX/Windows Server tickets using Peregrine Service Center
• Provided support and maintenance for UNIX Solaris OS based servers: patching Day Light Saving Time DST , OS upgrades, and performance monitoring.
• Unix Systems administrative duties: created user accounts, rights, and permission patched and installed software.
• Configured and troubleshot Trend Micro software
• Configured user to the network using Cisco Works troubleshot VERITAS Cluster Servers
• Resolved VERITAS Cluster Servers: freeze and unfreeze clusters, added users to cluster groups.
• Resolved VERITAS Network File Servers: restarting disable volume, recovering mirrored volume, and recovering.
• Created spreadsheets using Microsoft Excel
• Monitored Security Applications using IBM Proventia Network Intrusion software - identified vulnerabilities, threats, weaknesses, and configured snort or snoop to investigate suspicious activity.
• Set security policies, standards, processes, completed audits.
• Monitored the network using IBM Tivoli NetView.
• Set-up and configure firewall policies.
• Provide network Intrusion Detection System IDS and Intrusion Prevention System IPS management
• Investigate and resolve security vulnerabilities

Confidential

Senior Application Security Analyst

• Monitored the Bloomberg Network Globally and International in over 120 countries conjunction with outside infrastructures.
• Communicated with management at every level of security to secure the policy enforced.
• Identified key vulnerabilities worked with the network infrastructure team to ensure all security risks are sufficiently reduced.
• Presented summaries of vulnerabilities using Real Secure security software IDS.
• Configured snoop to investigate questionable IP addresses.
• Monitored network activities using Real Secure Network Management software.
• Scanned network using Real Secure Network Scanner software. Checked firewall logs for suspicious activities.
• Configured and troubleshot Trend Micro software
• Created SAP mobile accounts
• Updated Network Sensors, set policies for the network.
• Configured single-sign-on using RSA hardware. Configured security settings using Windows NT, 2000 and Solaris 8.
• Troubleshot technical problems using TCP/IP Configured and Maintain Security Policy in a Windows/Unix environment.
• Conducted security evaluations and risk assessments of applications, infrastructure, and network interfaces.
• Configured Ticker, Front-end and Back-end machines using Exceed software.
• Troubleshot issue using AIX clearing ports and checking IP addresses.
• Configured Blackberry's Enterprise Server and troubleshot end users technical issues.
• Configured and secured wireless laptops.
• Created spreadsheets using Microsoft Excel

Confidential

UNIX Administrator

• Supported and configured over 300 networks within the Qwest communication Data Center for companies such as: Bear Sterns, Fleet Bank, CBS, Walt Disney, etc. and provided technical support.
• Managed high end technical project. Installed hard drives, NIC cards, and CD-Drives.
• Provided technical support for over 300 independent networks using Remedy ticketing system.
• Resolved over 30 tickets a day Troubleshoot technical problems remotely and over the Phone.
• Set-up client networks using the following hardware: Cisco 5000 switches, Cisco 2500 and 4000 router series, Pix firewalls, Compaq NT Servers and Workstations and Ultra Sparc workstations. Installed the following software: Window NT, Solaris, IIS, Windows NT Server, check point, Novell, Lotus Notes, and Windows 98.
• Configured the following Cisco protocols: BGP, OSPF, EIGRP, and RIP.
• Update client web-site using ISS software.
• Communicated with management at every level of security to secure the policy enforced.

Confidential

Project Manager

• Coordinated rollout activities with IBM, Reuters, Lucent Technologies, and Cabletron to deploy approximately 13,000 NT workstations in 400 Paine Webber retail branch offices configured with Token Ring LAN.
• Performed technical support during workstation and server installations using TCP/IP protocol suite.
• Tracked and resolve over 35 tickets a day on the Vantive ticketing system.
• Updated and created documents using Microsoft Word
• Created spread-sheets using Microsoft Excel
• Used various configurations to install NT as a TCP/IP client. Telnet into TCP/IP- based UNIX hosts to troubleshot issues and monitor software upgrades/enhancements. Utilized Internet for web-based applications.
• Process and update Move, Add and Change requests for existing new clients.
• Used knowledge of Ethernet, WAN technologies and connectivity devices.