Technical expert with over 16 years of IT experience, with a comprehensive knowledge of computer Information Systems Security, System Administration and Network Operations.  Extensive knowledge in the areas of system security, vulnerability scanning, penetration testing, risk assessment and cyber security analysis.  Experience in project coordination and system implementation of government systems, banking, brokerage, telecommunication, ISP and other large computer networks.  Highly organized team player with the ability to effectively manage project milestones, and project delivery.                            

 

 

·               GWAPT - GIAC Web Application Penetration Tester

·               OSCP - Offensive Security Certified Professional

·               CISSP – Certified Information System Security Professional

·               Security+ - CompTIA Security Certification

·               CEH – Certified Ethical Hacker

·               CPT – Certified Penetration Tester

·               CCNA – Cisco Certified Network Associate

 

 

 

October 2015 – Present                                         Le, Arnold & Associates Pentagon City, VA                                                 Senior IT Security Engineer

 

·               Conduct IT Security oversight activities for Transportation Security Administration (TSA) Office of Information Technology.

·               Conduct IV&V Security Assessments on Cisco Routers, Cisco ASA Firewalls, Switches, Juniper Firewalls, F5 BIG-IP, Palo Alto and IBM ISS NIDS.

·               Verify security baseline configuration on Windows 7, 2003/2008/2012, Linux, UNIX operating systems and VMware servers.

·               Review Nessus scan results to identify relevant security vulnerabilities in the infrastructure.

·               Analyze security device configurations to verify that previously identified flaws have been corrected, and document all new security Findings

·               Conduct security assessment based on the Agency's policies, procedures, privileged user access, role-based access control, account management, multi-factor authentication and best security practices.

·               Perform ongoing risk determination to validate security controls and assess the system security posture.

·               Conduct research on vulnerabilities and exploits using publicly available as well as trusted resources.

·               Develop detailed remediation reports and recommendations for compliance and security improvements.

·               Provide oversight on configuring, deploying, and managing mission critical network appliances such as routers, firewalls, IDS/IPS, web proxies, etc.

·               Strong analytical and problem solving, oral and written communication skills.

·               Demonstrates strong organizational and time-management skills: multitasking, working individually and with a team, having a positive attitude, being self-motivated and reliable.

·               Works with minimal supervision, set priorities, and give attention to detail and quality.

·               Ensure full implementation of NIST SP 800-53, Security and Privacy Controls for Federal Information Systems and Organizations, and all OMB cybersecurity requirements.

 

 

January 2014 – October 2015                       SE Solutions (Sub to SRA International)                          Herndon, VA    Cyber Security Engineer

·               Currently hold active Security clearance with the Transportation Security Administration (TSA).

·               Conduct IV&V Security Assessments on Cisco Routers, Cisco ASA Firewalls, and Switches, Juniper Firewalls, F5 BIG-IP, Palo Alto and IBM ISS NIDS for the TSA SOC.

·               Verify security baseline configuration on Windows 7, 2003/2008/2012, Linux, UNIX operating systems and VMware servers.

·               Test Xceedium privilege identity management tool.

·               Investigate new and emerging security threats against the Network infrastructure and interconnected systems.

·               Review Nessus scans results, ArcSight, Solarwinds, SiteProtector for potential threats.

·               Review IDS alerts and new signature validations.

·               Troubleshoot connectivity issues, analyze, debug and diagnose packets and logs.

·               Participate as an individual contributor and as part of a larger team in various projects.

·               Review network designs and evaluate compliance to applicable security standards.

·               Conduct security audits and provide recommendations to mitigate risks.

·               Ensure compliance to government security standards and policies (NIST, DHS, FISMA, TSA, etc.).

·               Review AppScan results, web logs for potential attacks.

·               Perform web application and infrastructure penetration tests (OWASP, PTES testing standards).

·               Write Security Assessments Reports for Findings uncovered during testing and evaluation.

·               Perform security reviews of application designs, source code covering all types of applications (web application, web services, and thick client applications).

·               Experience with various security tools and products (IBM AppScan, HP WebInspect, Metaspolit, Core Impact, Nmap, Nessus, NeXposed, Kali Linux, BurpSuite, OWASP ZAP, WireShark, Tcpdump, Snoop and Nikto)

 

July 2013 – December 2013     PhaseOne Consulting Group  Washington, DC

Security Consultant

·               Currently hold a US Government Secret clearance.

·               Responsible for providing technical security guidance for the U.S. Agency for International Development (USAID) security risks, cybersecurity, compliance and governance.

·               Identify Security requirements, feasibility of various Cloud based solution providers to meet FedRAMP/FISMA compliance for USAID.

·               Conduct Security assessment and customization for Cloud service Software-as-a-Service (SaaS) built on Amazon EC2 infrastructure.

·               Write Security test plans, and SA&A artifacts for cloud based solutions.

·               Perform product security design activities which required extensive research and analysis

·               Manually exploit and compromise operating systems, web application, and databases.​

·               Review web/​OS scans results and static source code analysis, find vulnerabilities, misconfiguration, and compliance issues, write final reports and defend all findings (their description, risk, and mitigation strategies)​

·               Report vulnerabilities identified during security assessments utilizing standard CVE, CVSS, ​SANS Top 25 and OWASP Top 10 classifications, as well as compliance standards: FISMA NIST SP 800-53. 

·               Support Xirrus wireless security implementation.

·               Worked with the Engineering Teams in the configuration and customization of MaaS360.com and other Mobil Device Management (MDM) applications.

·               Create network architectural Visio diagrams of the Enterprise infrastructure.

 

March 2013 – July 2013         TriTech Enterprises                  Washington, DC

Penetration Tester/Security Consultant

·               Responsible for performing technical security assessments, providing meaningful hardening and mitigation strategies.  Advising the client Department of Labor (DOL) about inherent security risks on their network.

·               Conduct network and web-based application penetration tests, physical security assessments, logical security audit, and hands-on technical security evaluations.

·               Conduct System Security Assessments using Cyber Security Assessment and Management (CSAM).

·               Conduct web application testing in search of security flaws such as XSS, CSRF, authentication bypass, parameter manipulation, application logic bypass, SQL injection, Cookie Manipulation, Buffer Overflow and DOS based attacks.

·               Monitor Akamai LUNA Control Center.

·               Knowledge of OWASP Top Ten security vulnerabilities.

·               Working knowledge of Unix (Solaris, Linux, BSD) and/or Windows (2003, 2008, 2012) and VMware.

·               Use tools such as Paros, Burp Suite, Backtrack, Nessus, nmap, MetaSploit, sqlmap, wireshark, AppScan,  Saint,  Nikto and Maltego

 

November 2011 – March 2013         Blue Canopy                        Arlington, VA

Red Team - Penetration Tester

·               Responsible for performing security assessments, informing the Federal Deposit Insurance Corporation (FDIC) about inherent security risks, and providing meaningful hardening and mitigation strategies.

·               Launch authorized, adversary-based assessment for defensive purposes commonly referred to as a “Red Team” activities focused on what one or more adversaries or APT threat actor would do if they were attacking a target.

·               Conduct network and web-based application penetration tests, physical security assessments, logical security audit, and hands-on technical security evaluations.

·               Serve as a subject matter expert in the topics of database security, wireless security, network security or application and development security.

·               Create and update security threat assessment reports and update network diagrams and attack plans.

·               Conduct in-depth security assessments on all relevant operating system security (Windows, Solaris, Linux, AIX, etc.) and proprietary OS.  Ensure that devices were current on OS security patches and virus signatures.

·               Use tools such as Paros, Burp, Backtrack, Nessus, nmap, MetaSploit, tcpdump, wireshark, Nikto and Maltego.

·               Identify security issues such as Cross Site Scripting, SQL Injection, Cookie Manipulation, Buffer Overflow.

·               Network vulnerability assessments, analysis, monitoring and reporting, and audits of network infrastructure.

·               Familiarity with scripting in UNIX shell, PERL, or Python.

·               Ensure compliance with all NIST, FISMA, FIPS and OMB-A130 requirements

·               Database administration, device configuration hardening and compliance verification experience.

·               Knowledge of applied cryptographic protocols.

·               Deployed nCircle security compliance scanner across the agency.

 

May 2010 – November  2011 Tantus Technologies             Washington, DC

Senior Security Engineer

·               Provide system security engineering support for the design architecture and implementation of Symantec Vontu DLPS Data Loss Prevention system at the Federal Aviation Administration (FAA).

·               Work with Government Leads to Configure Symantec DLPS solution to detect PII information within the agency as well as leaving the network perimeter.

·               Conducting network based scanning across the FAA enterprise for PII information and also implemented data at rest, data in use, and data in motion solution.

·               Configure and install Vontu/Enforce Network Manager, Discover Servers and Network monitors across the agency.

·               Translate the FAA’s requirements into a technical solution to meet needs not covered by off-the-shelf deployments, and/or ability to work closely with vendors to get requirements into production-ready solutions.

·               Create reports, conduct IA analysis, Risk Assessments and Mitigation plans.

·               Ability to design systems with considerations for performance, operations, cost, and support and solve complex technical problems to meet the customer requirements for software and/or hardware issues.

 

May 2009 – May 2010  QinetiQ North America            Springfield, Virginia

Principal Network Security Engineer

·               Member of the of  Security Engineering Team involved with cyber security implementation, design, monitoring and troubleshooting activities for the DHS/FEMA network infrastructure

·               Utilize tools such as Sourcefire IDS, ArcSight Manager (SIEM), ArcSight Logger, EnCase, Wireshark, Tenable Security Center, Einstein, Foundstone, Syslog, Netwitness, Bluecoat Proxy, Symantec AV, Sourcefire Defense Center, Netscreen, internet gateway, firewall logs, Remedy and the DHS/EOC online security management system.

·               Responsible for detailed analysis and the creation of Security Event Notification (SEN) tickets and provide supporting documentation for security incidents.

·               Create Sourcefire IDS signatures for deployment to the production systems.

·               Coordinate DHS Nessus security scanning activities and conduct vulnerability analysis on output results.  Performs threat/vulnerability assessments and remedial actions, to ensure systems are protected against known/potential threats and free from known vulnerabilities.

·               Researches threats and vulnerabilities and takes action to mitigate threats and remediate vulnerabilities

·               Notify DHS components of vendor software security patch notifications.

·               Work with the Focused Operations data forensic and Media Analysis teams on e-mail phishing campaigns and other cyber related exploits to design and implement pro-active Sourcefire IDS signatures.

·               Work with US-CERT on coordinated responses to cyber threats from malicious domains.

 

2002 – March 2009  Computer Science Corporation  Tysons Corner, Virginia - Senior Security Engineer

·               Assigned to a Department of Homeland Security (CBP/DHS) modernization project; Automated Commercial Environment (ACE) Security Certification and Accreditation Team.

·               Perform and evaluate vulnerability scans using the NESSUS scanning tool within a multi-platform, large enterprise environment. Initiate corrective action regarding security violations, attempts to gain unauthorized access, virus infections that may affect the network or other event affecting security.

·               Use TENABLE Security Center to schedule network vulnerability scans, generate reports and conduct vulnerability assessments. Participate in OIG security audits and coordinate scans with DHS SOC and CSIRC.

·               Experience working with Cisco firewall, Snort intrusion detection, ITIM, Radius, Tacacs authentication technologies, work with various network protocols, security scanners, network and host based IDS systems.

·               Work with internet, web applications security techniques, correlate system logs and network anomalies.

·               Experience with regulations related to information security (NIST, FIPS 199, FISMA, DHS-4300A, etc.)

 

1998 – October 2002       3Com Corporation                          Vienna, Virginia

Senior System Engineer

·               Assist sales and pre-sales staff with presentations, demonstrations, training and installation of new products.

·               Developed and conducted training classes for AT&T, Sprint and Verizon.

·               Performed field engineer function, pre-sales activities, consulting services to other large customers.

·               Install and configure 3Com and Cisco routers and switches.

·               Configured Cisco 2500, 3600, 7200 routers and Cisco Catalyst 2900, 6500 switches.

·               Create UNIX shell scripts along with PERL and EXPECT scripts for network audits and inventory.

·               Install and configure UNIX SUN servers to support RADIUS and JAVA based NMS software.

·               Installed VOIP, SS7, VPN/L2TP/IPSEC, CDMA/3G wireless, SIP phones, ISDN and Softswitch.

·               Experience with UNIX OS, including SOLARIS, SCO, AIX, HPUX, LINUX, BSD and QNX.

·               Installed Cisco Pix and Symantec firewall.

 

·               Worked with the following software: Hummingbird Exceed, PVCS Dimensions, Hyperformix, Websphere Application Server (WAS), LDAP, Microsoft Project, Microsoft Office, AIX, Solaris, Win2K, Visio, Sniffer Pro, Mercury Loadrunner, Tivoli products, Cisco IOS, SSH, SSL, HTTPS, DNS, VLANS, NAT, RMS, MQSeries, IPS, IDS, Reverse Proxies and Bluecoat WAF.

·               Worked with the following hardware: Cisco 6513 and 3550 switches, Cisco 7206 routers, Cisco Pix Firewall, IBM P595 Servers, Brocade, Hitachi SAN, Symantec, and Agilent Technologies network analyzer.

·               Install Windows 7 Enterprise, Windows XP SP3, Windows Server 2008 R2, Windows Server 2003

·               Worked with ArcSight, Nitro, Foundstone, QualysGuard, GFI Landguard, IBM Appscan, Sourcefire,

·               Installed Cisco Pix, Checkpoint, Sidewinder, Gauntlet, Raptor, Tripwire, Remedy and Micromuse Netcool.

 

·               Symantec Data Loss Prevention System

·               2015 TSA Security Awareness Training

·               2014 TSA Security Awareness Training

·               2013 DOL Security Awareness Training

·               2012 FDIC Security Awareness Training

·               2011 FAA Security Awareness Training

·               2010 CBP IT Security Awareness and Rules of Behavior Training

·               2009 IT Security Incident Response Training

 

Electrical Engineering           University of Toronto, Canada

Computer Science (Honors)                                      Sheridan College, Canada

Central Peel Secondary School                                 Brampton

Gordon Graydon Senior Public School                     Brampton

 

·               Member of IEEE (Institute of Electrical and Electronics Engineers)

·               Member of ISC2  International Information Systems Security Certification Consortium, Inc

·               Member of EC-Council

 

·               Leader of The Pack Award for outstanding service as part of the Sprint and Verizon account team presented annually to five people in the entire department at 3Com by the General Manager.