SUMMARY

I’m an experienced IT Security Consultant with sixteen plus years of experience in IT and over eight years focused on Security Engineering. My current role is performing SOC support; investigate, monitor, identify and report malicious behavior on the network using logs from firewalls, Unix and Windows Event Logs, IDS/IPS, Anti-Virus, Web Proxy, Web Server, DNS, DHCP, and other sources. My background includes Information Security, Cyber Security, Information Assurance, Network Engineering, Systems and Network administration, configuring, and troubleshooting issues. I have a M.S in Information Assurance (2012) and a B.S in Management Information Systems (1999).  I also have CISSP Training and an active Top Secret clearance.

 

 

OBJECTIVE

 

Provide network, systems, and security experience, knowledge, and solutions in a system and network-diverse environment. Protect confidentiality, integrity, and availability of information and information systems. Advise and engineer secure solutions for business opportunities. Learn and experience, mentor and share.

 

 

TECHNICAL SKILLS

Software: Encase vers.6 & 7, LogRhythm, ePO 4.6 (HBSS, IDS/IPS, & DLP),Foundstone Scanner, SQL 2005 & 2008, FRED 2.3.1, Websense, Nessus, CSAM (Cyber Security Assessment Methodology), NMAP, FTK Imager, Forensic Toolkit, ForeScout NAC, Blue Coat, Arc Sight 5.0, BackTrack 5 ,Microsoft Baseline Security Analyzer, Microsoft Exchange 5.5, Microsoft Office 2003, 2007, 2010, Windows XP, Windows 7, LDAP,Norton Antivirus Corporate Edition 8.x,GHOST software, Cisco Works 2000, PS Tools, Wireshark, Snort, nCircle, Windows 2008, 2003,2000, Active Directory, and DOS.

 

Hardware:  Compaq, Dell, HP servers, Gateway, PC, Compaq, Dell, Gateway, PC, Hard drives (IDE/SCSI), CDROMS (IDE/SCSI), motherboards, sound cards, video cards, memory (SDRAM – EDO), PCMCIA cards, and network cards, Cisco Catalyst 2900, 5000 series, and 2500 series

 

CLEARANCE INFORMATION

Top Secret, Active

 

PROFESSIONAL EXPERIENCE

 

Sr. SOC Analyst6/13 – Present

Seneca ResourcesArlington, VA

 

·               Provide support for F-35 Lightning II Joint Strike Fighter (JSF), monitor current cyber threats in the DoD environment and implements counter measures to protect against such cyber threats.

·              Monitor, identify and report malicious behavior on the network using logs from firewalls, Unix and Windows Event Logs, IDS/IPS, Anti-Virus, Web Proxy, Web Server, DNS, DHCP, and other sources.

·               Identify root cause of incidents and provide mitigation and response action options.

·               Utilized Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), Data Leakage Prevention (DLP), forensics,  and malware analysis tools

·               Perform forensic analysis on network intrusions and attribute activity to perpetrators, identify potential data losses to network intrusions and determine if data was exfiltrated, and also track malicious behavior on the network and identify trends.

·               Work with Information Assurance division to ensure appropriate procedures, oversight and compliance are known and implemented in the network.

·               Escalate incidents to other internal department and external agencies as appropriate.

·               Provide incident response capabilities to isolate and mitigate threats to maintain confidentiality, integrity, and availability for JSF data

·               Maintain up-to-date knowledge of computer and network vulnerabilities, and exploitation tools and techniques.

·               Meet with the CIO on a weekly basis to present/brief on current and ongoing SOC investigations.

·               Mentor and train others in Information Security.

 

Systems Security Analyst09/12 – 4/13

Rolling Bay, Inc.Washington DC

 

·               Provide Certification and Accreditation (C&A) for Alcohol, Tobacco, and Firearms (ATF), in accordance to NIST 800 series, ATF handbook, and policy. This entails understanding and evaluating system architecture and a broad understanding of IT management, operations and technical practices.

·               Assist with the Certification and Accreditation for sensitive but unclassified (SBU) systems, by validating that the information system meets a specified set of managerial, operational, and technical controls set forth by OMB FIPS 199 security Categorization.

·               Review detailed descriptions of the controls, provide edits and feedback on their actionable quality, and based on the descriptions perform tests to prove the validity of these assertions through interviews, examining of evidence and either overseeing or directly running technical scanning tools against targeted systems.

·               Develop and reaccredit System Security Plans (SSP) for major/minor applications and general support systems (GSS) ; and conduct and develop Security Test & Evaluations (ST&E), Risk Assessments (RA), Risk Mitigation (RM) Plans, and Plan of Action & Milestones (POA&M).

·               Provide guidance and maintenance throughout the System Development Life Cycle of the systems. Participate in weekly IPT meetings to remain current of all system changes within the security environment.

 

 

Senior Security Engineer08/11 – 04/12

Dev Technology Group, Inc.Reston, VA

 

·               Provided support for Department of Homeland Security (DHS) EMS team,

·               Assisted with Requirements and the Architectural design of the Enterprise Management System (EMS)

·               Designed, installed, and configured VMware ESX (4.1), ESXi, and vSphere 4 environments with VirtualCenter management.

·               Build, configured and deployed 2008 Server VMs for the Production and Development environments

·               Familiar with NIST Special Publications and FISMA compliance.

·               Wrote Security Policies and provided assistance with PIA (Privacy Impact Assessment), SAR (Security Assessment Report), and BCP (Business Continuity Plan) documentation.

 

 

Senior Security Engineer11/06 – 08/11

Computer Science Corporation (CSC)Washington, DC

·               Provided SOC support for US Agency for International Development (USAID); my primary responsibilities involved Vulnerability Assessment, Port Security, Patch Management, and also Anti-Virus Management.

·               Incident Response:  Respond to computer security incidents, this process involves coordinating responses to computer security incidents and recommending a course of action on each incident.

·               Follow the NIST recommended guidelines when handling an incident.

·               Vulnerability Manager: Performed application/software vulnerability assessments, analyze vulnerability data and develop effective remediation strategies to mitigate vulnerabilities discovered.

·               Establish and maintain contact with system owners and system administrators.

·               ePolicy Orchestrator:  Manage and maintain two EPO servers (Washington and Mission), there are a combined total of 7500 workstations and servers.

·               Responsible for upgrading, setting policies, creating task, and ensuring all systems have the current data definition and Anti-Spyware installation. Maintained the SQL server, developed scripts to ensure the database

·               Run weekly reports to meet SLA’s and complete daily maintenance work on both SQL databases

·               Patch Management: Provide and maintain patch management repository. Review, research, and test security patches (software & application) in test lab before they were installed on Production systems. Developed scripts to help automate the patch process.

·               Attend Change Control Board meetings to povide recommendation on changes applied to the USAID network.

·               Port Security:  Implement and manage ports to prevent and track rogue machines from accessing the USAID network

·               Familiar with NIST Special Publications, OMB, and FISMA compliance.

·               Host weekly Security Operation meetings with other Teams to ensure they are informed of the latest threats and vulnerabilities affecting the USAID network. Also provide the System Managers and Owners information on how to remediate vulnerabilities and reduce threats to an acceptable level,

·               Reviewed and updated Plan of Action and Milestones (POA&Ms).

·               Assisted with the Certification and Accreditation process.                                                           

 

 

Network Security Engineer01/04 – 11/06

SRA International, Inc.Washington, DC

·               Implemented and managed port security to prevent and track rogue machines from accessing the USAID network.

·               Managed Cisco 2500 and 6500 series switches, responsible for identifying, verifying, assigning IP address, and updating the database. Activate / deactivate and cable ports on switches and change VLAN as necessary. Troubleshoot network connection on a switch to pinpoint problems.                  .

·               Managed and maintained the Citrix servers, performed weekly maintenance. Installed release packs FR3 and SP4 on the LAB servers for testing guidelines before upgrading on Production servers. Renewed Citrix Web Server ID certificates and setup a certificate on the RSA server. Deployed MSUS on the LAB and PRODUCTION servers to ensure servers would receive important updates. Created/set GPO’s on the LAB & Production servers and upgraded to SP-4 and FR-3.                                                                        .

·               Researched, reviewed and mitigated security vulnerabilities from the network scan report.  Responsibilities include coordination with system/application owner to address security vulnerability prior to applying USAID approved security patches. Verified systems to ensure patches are correctly installed by utilizing Microsoft Baseline Security Analyzer and SMS.

·               Utilized Remedy Support to perform change requests for add, move, delete, and change user location. Verify and follow- up with the AMS officers to ensure user information submitted is accurate.                                           

·               Assisted with the ePO client installation and updates on workstations and servers.

 

SMS Administrator06/03 – 01/04

Zen TechnologyBethesda, MD

·               Provided support for (MDA) Missile Defense Agency, responsible for Systems Management and Administration, including system configuration, troubleshooting, security, resource monitoring, and developing specialized programs. Configure software for deployment through the use of SMS 2.0. Maintain Ghost network for imaging of pc’s for the Desktop.

·              Updated SMS Servers security patches (software & application) updated the security settings/patches on the ghost images. Provide a daily status report on task or projects that were being worked.

 

 

Systems Analyst/NT Administrator11/98 – 06/03

Advance Systems Development (ASD)Shirlington, VA

·               Provided computer support to Directorate of Personnel & Security, troubleshoot hardware and software problems. Installed, configured, tested, and maintained Windows NT workstations.

·               Migrated all Windows NT 4.0 workstations to Windows 2000, developed test images for Windows 2000 deployment and was pivotal in troubleshooting configuration problems with “legacy” software

·               Configured laptops for RAS connection and trained clients on how to dial-in to the network; also troubleshoot network issues that prevented user’s access.

·               Wrote Standard Operating Procedures concerning the installation and configuration of applications

·               Answered calls and input helpdesk tickets into Remedy, distributed tickets to the different Teams within the computer support and followed up on open tickets.

·               Utilized Microsoft Exchange Administrator to create new email accounts, Mail List, Resource and Services, and department calendars.

·               Maintained the network print servers, installed local printers for users, created user accounts in User Manager, and also setup permissions on directories.

·               Used SMS to upgrade applications and create batch files.

·               Provided a monthly report stating the number of accounts that were added and deleted from the network.

 

 

EDUCATION

Capital College

Masters, Information Assurance 2012

Capital College

Bachelor of Science, Management Information Systems 1999

 

CERTIFICATIONS

 

ITIL V3 Foundations

Security +

Certified Ethical Hacker v7

 

 

CERTIFICATES

 

Network Protection
Security Management
Information Assurance Administration

 

TRAINING

Comptia A+ Supporting Hardware & Software

Citrix Mete-Frame XP for Windows Administration

Microsoft Official Hands-On Labs 2811: Applying Microsoft Security Guidance

Ultimate Hacking

Computer Forensic I

Network Security

Official (ISC)2 CBK CISSP Training

ArcSight ESM Administrator 5.0

 

,