SQL 20XX/OracleVPN   McAfee/Norton/Symantec

Remedy Reporting System                             Gold DiskRetina Network Security Scanner

VMS                                                                eMass                                               WireShark

IPS/IDSTenable’s ACASHost Based Security System

PROFESSIONAL EXPERIENCE

CONSULTANT/FREELANCE  Apr – May 2016

Splunk Security Consultant (short term project)

·   Reviewed current Splunk Security Information and Event Management (SIEM) infrastructure. Built and designed security monitoring dashboards, configured tagging, set function to monitor log files, build queries and incident management solutions, troubleshooting Splunk deployment server issues/system administration for distributing configurations, apps, and content updates to group Splunk Enterprise instances/deployment servers, security event correlation, and alert tasks. Authored technical white papers for continuation of Splunk architecture deployment for customer. Configured data inputs to collect machine data; search, monitor, alert, and report on incoming data via search headers; indexers that provide data processing and storage for data and host the primary Splunk data store; forwarders that forward data to remote indexers.

AVT SIMULATION, Orlando, FL 2014 – Present     

Information Security (Cybersecurity) Manager (ISSE)/Systems Engineer/Security Architect

·   Information Assurance Manager/Information Systems (Cyber)security Engineer responsible for the analysis, design, implementation, development, certification and accreditation

·   (C&A) risk assessments, documentation, validation and verification (V&V), delivery, training and 

·   compliancy efforts for the continuous operations of information assurance/cybersecurity enabled

virtual simulation systems.

·   Knowledge of policies and procedures in-line with established  laws and regulations (CNSSI 1253, FISMA, Common Criteria, HIPAA, NIST, SOX, ITIL, ISO, CobIT, PCI-DSS etc). 

·   Prepared/authored various scientific and technical reports in accordance with established Dept of Defense Information Assurance/Cybersecurity directives including but not limited to: DIACAP, Risk Management Framework (RMF), and other applicable publications.

·   Extensive and advanced experience in: preparing Information Assurance/Cybersecurity certification letters, Plan of Actions & Milestones (POA&M) to obtain an Authority-to-Operate (ATO) and Certificate of Networthiness (CoN).

·   Operations Security (OPSEC), mitigation strategies, antivirus/patch management; vulnerability management, IA/Cybersecurity plans, risk and vulnerability management and security assessments, risk mitigation strategies and management.

·   Establishing protection goals, objectives and metrics consistent with established policies and procedures; secure configuration management, creation of security update scripts to automate security response, contingency planning, incidence response and forensics activities utilizing a layered security architecture as well as investigation of security breaches, personnel and physical security; authored numerous acceptable use corporate policies and procedures in conjunction with IT, human resources; access control, analyzed systems for vulnerabilities, identification/authentication (SSO), cost benefit analyses reports, Public Key Infrastructure (PKI), encryption, audit and backup solutions, content filtering, website security/firewalls, design, implementation, deployment, and validation of security controls; identity management, security policy analyses, security governance, incident response,  understanding of OWASP Top 10, CWE/SANS Top 25 and remediation best practices, Computer Network Defense (CND)/Computer Network Exploitation (CNE), Computer Network Attack (CAN), systems hardening initiatives, proxy servers, provided technical support for testing and regression testing, safeguarded networked systems against unauthorized infiltration, modification, and destruction.

·   Applied security engineering principles in interdisciplinary and/or collaborative approach to plan, design, develop and verify basic lifecycle balanced system of systems and system solutions.

·   Evaluated customer/operational needs to define system performance requirements integrate technical parameters and assure compatibility of all physical, functional and program interfaces.

·   Performs analyses to optimize total system of systems and/or system architecture. Performs analyses for affordability, safety, reliability, maintainability, testability, human systems integration, survivability, vulnerability, susceptibility, system security, regulatory, certification, product assurance and other specialties quality factors into a preferred configuration to ensure mission success.

·   Configured, designed, and implemented  Cisco Call Manager (CUCM X), CISCO routers/switches/VLANs/etc,, CISCO ASA 55XX firewall, WebSense, Barracuda Webfiltering solution, VMWare/hyperV, Windows 2012 R2, Active directory, PKI, authentication/authorization, network segmentation.

·   An effective security architect for several enterprise-wide security projects, designed, implemented and deployed defense-in-depth infrastructure security architecture that included security controls across multiple technology stacks of the OSI model.

·   Experienced in intrusion prevention/detection systems (IPDS), firewall configuration (Fortigate, Palo Alto, CISCO ASA 55XX), SIEM (Splunk, , security assessment tool/methodology for  networks (OSPF, BGP, VPN, FTP/SFTP/VSFTPD), systems, database and applications/web related protocols (TCP/IP, UDP, IPSEC, HTTPS, etc), authentication and authorization schemes (Active Directory, LDAP, etc), gateways (web/email), DNS Security, , Internet security, encryption, web filters (Bluecoat/proxies), advanced knowledge of web application, operating system, hardware, software, database, and network attacks, exploitations and defenses spanning the 7 layers of the Open System Interconnect (OSI) Model.

·   Developed security architecture requirements for LANs, routers/switches, firewalls, webservers, including the utilization of encryption/PKI. Identified security risks in projects using architectural threat risk assessment, threat and vulnerability analysis.

·   Strong understanding of application, system, network and enterprise-level security issues and methods,

processes, and procedures to mitigate, remediate, and/or harden said security issues.  

·   Extensive experience in effectively installing, configuring and securing all major operating systems (Windows 7/8, Windows 2003/2008/2012, Red Hat 5.5-6.5, Unix, Linux, Android, Mac), tablets, wireless devices, routers, switches, hardware, databases, firmware, and virtualization solution (VMware ESXi, Vsphere, HyperV) clusters, Storage Area Network (SAN).

·   Experienced in performing penetration tests, audits and vulnerability assessments using industry-standard vulnerability scanners (RETINA, Nessus, etc), implementing and hardening operating systems (Red Hat Linux, Microsoft desktop and server images), software, firmware, networked (routers, switches, firewalls) device’s security configuration in accordance with the Defense Information Systems Agency (DISA) approved Security Technical Implementation Guides (STIG), Security Content Automation Protocol (SCAP) Compliance Checker, Security Readiness Review (SRR) scripts, and industry-standard best practices to preserve the integrity, confidentiality, authenticity, and non-repudiation of information systems. Installed, configured, integrated, and administrated HBSS McAfee security suite, Syslog servers and Nessus ACAS.

MARINE EXPEDITIONARY FORCE-AFGHANISTAN (General Dynamics IT), Afghanistan 

Lead Systems Engineer Sept 2013 – July 2014

·   Served as the lead Systems Engineer for the Marine Corps Biometrics Program-Afghanistan.

·   Performed system engineering functions for hardware, network, and software components including but not limited to: requirements specification and management; product and design evaluation, trade-off and selection; human and systems integration; simulation and performance analysis in a laboratory environment; designed and documented server builds and technical details for change control; built, tested and executed the installation of new or modified operating systems and applications software and hardware for desktop and server core images per Marine Corps customer requirements through the utilization of industry-standard deployment processes.

·   Authored the Marine Expeditionary Force-Afghanistan Biometrics Program Systems Engineering and Migration Plan (SEMP) that articulated and communicated the technical planning and execution of the Biometrics Automated Toolset (BAT) system and the Secure Electronic Enrollment Kit II (SEEK II) through its System Development Life Cycle (SDLC); from the system’s migration to its end-of-life.

·   Managed system resources including but not limited to: performance and capacity planning, availability, cyber security/information assurance, serviceability and recoverability of all high-utilization biometrics systems for the Marine Corps Biometrics Program-Afghanistan with an emphasis on: database and application design, engineering, and testing; database administration,  management, installation, maintenance, and support of the SQL server and database architecture, optimization of stored procedures, and database troubleshooting; server scripting in an enterprise level utilizing Systems Engineering best practices to attain the highest and most logical outcome possible; engineered cyber security and information assurance solutions to attain the highest level of network security; modified and integrated existing system configurations; researched, tested, implemented, and integrated cutting edge COTS products, services and protocols into the network infrastructure.

·   Managed networked appliances (Tipping Point, CISCO, Juniper). 

·   Diagnosed and resolved complex level-3 technical support issues that involved the production and application of the computing environment and components that are not functional. Installed, configured, administered and maintained Windows servers throughout a geographically dispersed configuration including but not limited to: WinServ 2008 r2, DNS, DHCP, WDS, IIS, WSUS, SCCM 2007, SCOM 2007, WebDAV, SQL 2008, .Net FrameWork, VMWare ESX-I cluster, backup through RAID, disaster and file system recovery, WireShark, Splunk, TCP/IP, MS SOAP, and performance tuning of McAfee HBSS products and antivirus definitions.

·   Built and maintained a secure network that stores cardholder (PCI-DSS) data, information (HIPPA), restricted access to data, tracked and monitored all access to networked resources storing cardholder data/information, regularly and methodically tested security systems and processes.

·   Oversaw all aspects of the Marine Corps Biometrics Program-Afghanistan including, but not limited to: Enterprise Solutions Assurance, Information Technology Security (ITSEC); Information Assurance (IA); Information Security Governance and Risk Management and Vulnerability Assessment; Disaster Recovery Planning (DRP); Business Continuity (BCP) and Disaster Recovery Planning; Security Information and Event Management (SIEM); Access Control; Security Network Architecture and Design; and Customer Relationship Management.

DEFENSE INFORMATION SYSTEMS AGENCY (DISA) (IMRI, LLC) , Fort Meade, MD

Systems Engineer (Cybersecurity) Mar 2013 – Sept 2013

·   Supported research, development, testing and integration (RDT&I) of the Enterprise Network

·   Mapping and Leak Detection Systems (ENMLDS) program for the Defense Information

·   Agency (DISA) and Dept. of Defense (DoD).

·   Provided Computer Network Defense (CND) situational awareness of the Global Information Grid (GIG) through the engineering, architecture, fielding, testing of network security sensors (Splunk, SolarWinds, etc) and products and developed solutions for the confidentiality, integrity, and availability of the GIG.

·   Conducted internal and external network testing in a controlled environment to develop solutions for the production environment. Deployed tested software/hardware solutions to the production environment using HP’s ILO suite of solutions.

·   Spear-headed the development of the ENMLDS DoD Information Assurance Certification and Accreditation Process (DIACAP) packages to include: Security Plan of Actions and Milestones (POA&M) development, identified mitigation strategy/solutions, reviewed/mitigated findings via VMS/eMass, submittal of requisite accreditation and registration documentation for the DIACAP package, reviewed Information Assurance Vulnerability Assessment (IAVA) compliancy for the Dept of Defense ENMLDS program.

·   Skilled in utilizing IT security audit tools to carry out activities related to the security certification and accreditation of assigned IT systems.

·   Communicated with various customers on technical and engineering issues relative to product.

·   Set and observed all technical and architectural standards as previously stated within the Statement of Work.

·   Evaluated, tested, deployed, and maintained vendor-specific software and hardware for the Department of Defense production environment.

·   Created and maintained system architecture and troubleshooting documentation and disseminated to various Department of Defense customers as needed via Visio product suite.

·   Implemented authentication and authorization technologies including but not limited to usernames and passwords, Public Key Infrastructure (PKI), digital certificates, and two-factor authentication.

FLEET READINESS CENTER-EAST (Rollout Systems, LLC), Cherry Point, NC

Lead Systems Engineer/Cybersecurity Administrator  Oct 2012 – Mar 2013             

·   Provided advanced systems administration and network management, maintenance, installation     

·   and refurbishment of over 67 Windows Server 2003/2008, 7 Redhat Linux 5.8 server, and 14 HP-

·   UX servers; housing NetIQ, SAMBA, SQL database and various proprietary in-house

·   applications for production utilization.

·   Proficiently administered an active directory domain controller with over 2000+ users  ; troubleshoot active directory domain controller related services and issues including but not         

limited to: Domain Name Services, DHCP, GPOs, LDAP, user and computer policy management, active directory domain controller replication issues, user and email management through active directory domain controller users and computers.                            

·   Performed Information Assurance administration and maintenance on all 88 servers via defense and industry-wide standards utilizing DISA STIGs, Gold Disk, Security Readiness

·   Review (SRR), Host Based Security System (HBSS), and Retina Network Security Scanner. 

·   Performed IBM WebSphere/webserver administration. 

·   Participated in various security compliance reviews, risk and vulnerabilities assessments, audits

·   and review of planned and installed IT systems to identify vulnerabilities, risks, and protection

·   of these assets to ensure confidentiality, integrity, and availability of these networked assets.                 

·   Performed back-ups to data via VERITAS Volume Manager and NetApp Backup Manager.

·   Created, installed, configured, and managed all aspects of the VMware ESXi environment

·   including the installation of over 20+ ESXi hosts and over 10 VMware infrastructure servers

·   and implementing updates and patches and fine-tuning the configuration to attain the best balance of performance resource and optimization and availability.

·   Developed scripts for recovery, performance diagnostics and to stream-line administration via Shell, VBscript, BASH and Jscript.

·   Proven installation and administration of Virtual Private Networks (VPN) per customer  requirements.

25TH SIGNAL BATTALION (Five Rivers Services) - Kabul, Afghanistan           

Authorized Service Interruption Manager/Network Controller Sept 2011 – July 2012

·   Provided a single point of coordination for communications connectivity, outage response,        

·   HAZCONs or events affecting systems and networks, and processed requests for Authorized

·   Service Interruptions (ASIs) throughout the entire Greater Kabul Metropolitan Area including 5 major bases, and 12 forward-operating bases during real-time operations in Afghanistan, servicing over 12,000+ users. Monitored networks in an enterprise environment to identify and prevent unauthorized use and disclosure of information networks.

·   Assisted 5 major technical control facilities in outage restorals. Directs operational adjustments to    technical control, telecommunications transmission equipment, and Network and System Security Operations Center (NOC/SOC) to maximize optimal circuit up time.

·   Oversaw and facilitated research, evaluation, and the secure selection of hardware, software, and product standards, infrastructure projects to harmonize customer requirements. Conducted performance testing of new technologies as required on all upgrades to the existing infrastructure. Ensured proper procedures and governance reviews were followed based on directives, etc.

·   Provided technical support and information assurance (cybersecurity) initiatives to over 20 Windows 2003/2008r2 active directory domain controller with over 500 users, and 1200 computers in a highly demanding work scenario. Reviewed and analyzed alerts and logs from SIEM appliances (McAfee Enterprise Security Manager, SolarWinds, Splunk) IPDS, AV, and other security threat data sources.

·   Provided technical and operational support to manage and maintain situational awareness of the Army strategic communications infrastructure within the Greater Kabul Metropolitan Area.                                                                   

THEATER NETWORK AND SECURITY OPERATIONS CENTER WATCH OFFICER (NOC/SOC)

(May 10- Jun 11)

Indian Ocean Region Network Operations Center (US Navy), NCTS Bahrain, Kingdom of Bahrain

·   Monitored, corrected and modified access control lists (ACLs) by manipulating CISCO series routers as needed to improve systems and networks for over 55 medium to large networks through BGPs, etc.

·   Administered and troubleshoot 15 internal and external DNS servers running RedHat Linux 6.0 within the Department of Defense (DoD) unclassified and classified domains.

·   Acted as the lead shift systems administrator providing guidance and direction to less experienced employees with; adding/deleting users, creating security groups and distribution lists, managing GPOs, network security through IAVAs and information assurance/security, file permissions, file system integrity, troubleshooting active directory domain controller issues of over 100+ active directory domain controllers.

·   Assisted in securing networks and ensured government standards of command and control information security protection measures were maintained within the Security Operations Center. Performed incident detection and response while conducting analysis of security log data while analyzing and recommending mitigation techniques for cyber threats by using SolarWinds SIEM. Skilled in manipulating perimeter protection mechanisms via Intrusion Protection/Detection System and McAfee’s Host Based Security System suite.

·   Established and provided IP services, Internet services and electronic mail connectivity to various Naval organizations expanding a globally dispersed area through DNS transfers of MX records, A records, SOA records, and NS records.

·   Served as the lead systems administrator that provided direction to junior personnel for organizations requesting expeditious IP services connectivity through web browsing and electronic mail by means of querying recursive lookups through cached local DNS records, querying DNS Top Level Domains (TLD), and querying authoritative DNS servers through the Global Information Grid (GIG). Effective DNS security engineer for a major Network/Security Operations Center (NOC/SOC) using network monitoring tools (SIEM, Solarwinds, Splunk, WebSense, etc).

·   Maintained, troubleshoot, monitored, responded and reported on network security infrastructure systems and services, and information assurance; including but not limited to: network security log analysis, firewall maintenance and monitoring, IPS fine tuning and administration, intrusion and anomaly detection and analysis, and trend reporting for management review. Implemented operating systems hardening best-practices and procedures through security applications to achieve a comprehensive network, application, database, hardware and system security.

·   Drafted and recommended procedure changes that ensures effective and efficient management of IT assets through the assets life cycle.

PALADIN COUNTER IMPROVISED EXPLOSIVE DEVICES HELP DESK (US Navy), Bagram AFB, Afghanistan

Senior Information Management Officer Sept 2009 – May 2010

·   Managed, administered, and configured Windows 2003 servers for 760 user accounts spread across Afghanistan.

·   Administered, engineered and managed SharePoint portal for the Joint Improvised Explosive Device Defeat Organization (JIEDDO) Counter-IED (CIED) division supporting the entire Afghanistan area of responsibility.

·   Utilized in-house asset management tools to conduct physical inventory of assets, and the receiving and distribution of these assets.

·   Conducted information assurance/cybersecurity audits and reviews of hardware, software, and service asset data to ensure that system’s operation and management are in compliance with established Department of Defense directives.

·   Experienced in utilizing web authoring tools including HTML, XHTML, XML, CSS, web forms to improve public-facing websites.

·   Installed and administered the Biometric Automated ToolSet (BATS) utilized for counter-insurgency techniques in support of the JIEDDO initiative.

·   Focal point for the integration and deployment of the Handheld Intragency Identity Detection Equipment (HIIDE) to various Forward Operating Bases across Afghanistan.

·   Exemplary resourcefulness in delivering and providing network, system, and cybersecurity support to five organizations, 9 servers in an active directory domain, 650 workstations, 760 user accounts at 27 Forward Operating Bases across Afghanistan.

·   Routine maintenance in an Active Directory environment of over 760 user accounts.

·   Personally corrected over 1,200 technical deficiencies through trouble call responses.

·   Assured essential information sharing between numerous Joint, Interagency, and Coalition Force units and commands in and out of Afghanistan utilizing the Command Post of the Future (CPOF)

·   Suite.

·   Supported CIDNE managers/operators and CIED personnel in continuous data sharing initiatives.

NAVY-MARINE CORPS INTRANET (US Navy), San Diego, California

Lead Systems/Network Engineer June 2006 – Aug 2009

·   As the Navy-Marine Corps Help Desk Supervisor, supervised and mentored civilian and military personnel to conduct effective NMCI troubleshooting procedures.

·   Maintained, and managed data storage, e-mail, information assurance/security and web services through real-time monitoring, fault recognition, isolation and resolution.

·   As NMCI Security Analyst, responded to over 450 trouble calls, directly supporting over 5,000 Navy-Marine Corps Intranet Users in conjoining Navy and Marine Corps installations throughout the United States within the Network Operations Center and Security Operations Center in an enterprise level.

·   Maintained and administered over 230 CITRIX Xen App clients to enable application delivery to end-users in a Windows environment.

·   Proficiently administered over 7000+ Active Directory domain controllers including but not limited to: setting up network/file access restrictions; troubleshooting of user accounts, user account creation/deletion, backups and restores procedures through MS Active Directory domain controllers; virus protection through Symantec/McAfee anti-virus solution; web content filtering; firewall administration; patch management services; group policies through GPO.

·   NMCI Field Technologist processed, tracked and resolved over 2,000 trouble tickets to over 12,500 users in a highly dynamic and demanding organization. Utilized Remedy Ticket Tracking System to document and resolve cases.

·   Utilized Norton Ghost and other reimaging software for reimaging high-level computers for production utilization.

COMPHIBRON ELEVEN (US Navy), Sasebo, Japan

Systems Administrator Apr 2003 – May 2006

·   Completed the migration of Windows NT server to Windows 2000 server environment for 3 medium to large size organizations.

·   Administered an active directory domain of over 30 servers with exchange email services, file/print, DHCP, various application, antivirus and patch management on all servers within various classified (SIPR/CX-I) and unclassified (NIPR) domains for 4 medium to large size organizations consisting of over 6,000 users.

·   Assisted in the migration of over 2500 workstations from Windows NT to Windows 2000.

·   Assisted in troubleshooting 4 network servers, 200 user profiles, cannibalized and rebuilt over 50 computers.

·   Implemented Public Key Infrastructure (PKI) and information assurance initiatives in a large size organization, contributing to a more secure environment.

·   Primary WebMaster for 4 medium to large size organizations, facilitating optimum information dissemination throughout the Pacific Fleet area of responsibility.

NCTS BAHRAIN (US Navy), Kingdom of Bahrain

Technical Control Facility (TCF) Shift Supervisor Jan 2001 – Mar 2003

·   As the Technical Control Facility (TCF) Shift Supervisor, provided a full spectrum of capabilities in support of low probability of interception and low probability of detection of global voice and data communications operations throughout the Fifth Fleet Area of Operations. Trained and lead junior technical control facility personnel in the day-to-day operations of the TCF.

·   Impeccable support to both secure and non-secure communications and transmission systems which included but not limited to: local area networks, wide area networked systems, network management equipment, asynchronous transfer mode (ATM) equipment, internet protocol (IP) equipment, channel banks, high-to-low level multiplexing systems and equipment, satellite communications (SATCOM),  switching systems, channel service units/digital service units (CSU/DSU), cryptographic equipment and interfaces, test and patch facilities, signal conversion, interface equipment, single and multi-mode fiber optics, emission control and security (EMCON/EMSEC), communications security (COMSEC), electronic keying management system (EKMS), fiber optics, multiplexing equipment, laser, wireless, radio frequency (RF), UHF/EHF/SHF, MLOS, microwave frequency, tactical interfaces, fiber-to-copper and copper links, repeaters, switching protection, information assurance/security and cryptographic equipment.

·   Responsible for proper performance of quality control checks, isolating disruptions, and coordination of restoral of over 600 Department of Defense communications circuits traversing ultra-high frequency, super high frequency, extremely high frequency, and fiber optic mediums.

·   Assisted in over 150 communications upgrades and installs.

·   Configured circuits, networks, and systems based on DISA standards, and the results of quality assurance testings.