Pikesville, MD § 443-834-9476 § Eliezer318@gmail.com

 

Systems/Information Security Engineer - Active Top Secret Clearance only (attained 08/2014)/

U. S Citizen / CompTIA® Security Plus Certification 2012-2018/

Capable to have: Full scope Counter Intelligence and Lifestyle Polygraph

 

PROFESSIONAL SUMMARY

Highly regarded systems & security engineer with more than twenty years’ experience working for major corporations and government agencies including Microsoft, DISA, and Unisys / TSA Federal Security (DHS). A consummate professional who is dedicated to achieving the goals and objectives of his employer and an extraordinary volunteer who provides IT services to local non-profit organizations.

 

Proficient in implementing Microsoft Windows-based Architectures Data Security: integrity and confidentiality via secure infrastructure configurations including: architecting/designing, data analysis, detailed reporting, and develop security requirements for configuration and implementation of network infrastructure for Wintel environment. Possesses business expertise specifically for securing Dell/Compaq Servers/ Desktops/Laptops (AD/FDCC/GPO); FISMA compliancy for Windows 2012/08/3/0 Enterprise and Data Center servers, NETIQ VM and SM, POA&M’s.  

 

Microsoft Best Practices for Active Directory Server and client infrastructure Windows 2012/08, Windows 7 (all legacy Microsoft O/S’s), Exchange 2003/5.5 migration (ESEUTIL), Microsoft Virtual Server and PC 2005, VMware, ISA/Proxy Server, SAN’s, Microsoft SQL Server 2005/7.0, MOM 2K/2K5, DELL & Compaq Mgmt. Tools, TCP/IP, DNS, WINS, DHCP, IIS 5.0/6.0, NLBS, SSL, clustering, LAN, WAN, Windows Migration & ADMT.

EMPLOYMENT HISTORY

Technica Corporation, Working at Fort Meade, MD   March 2013 - Present

Defense Information Systems Agency (DISA) - TOP SECRET                    

systems engineer/Architect contractor GS-13/14 equivalency

Systems Engineer/Architect for the DISA Customer Management Executive (CME) team supporting all DISA partners (customers). Serves as the technical system lead for new and existing IT projects on the DOD classified (SIPRNet) and unclassified (NIPRNet) networks. Providing technical direction including: analyzing and documenting the user requirements (Guiding users in formulating requirements, advising alternative approaches along with providing technical leadership for feasibility of all requirements and technologies within the environment). Experience with working with all stakeholders to identify, develop, baseline and maintain systems level functions. Oversee the entire engineering-based processes: Develop and design the technical, architectural, and system design documentation (Initial capabilities documentation [service request forms (SRF)] for all types of integrations including Distributed Systems (Service-Oriented Architectures) and Data Architectures. Guide system development and preparation of system integration plans to include requirements specifications (Network/Software/Information Awareness and Storage Engineering) and systems control documentation for the DODIN, DISN based on the DODAF architecture. Define/Develop and fulfill all the detailed stated requirements based on the initial or updated system requirements documentation.

Provide expert technical advice and guidance to all government leadership on appropriate application of technology to meet current and future mission requirements. Initiates, tracks, and resolves requests for information to the mission partners and their vendors.

Architected Cross domain solutions for multiple environments. Developing and coordinating with adjacent, higher, supported and supporting commands and agencies, accessing strategies and technical guidance to enable ongoing and future operations.

Technical Point-of-Contact (POC) for all inherent or emerging technical based risks and vulnerabilities (i.e. technical incompatibility, cost, continuity of operations). Integrate data from multiple systems and develop solution to integration and interoperability issues. Serve as Back-up Point of Contact Engineer/Architect for the other team engineers’ projects in their absence and mentor new team members. Roll-out of public sector agency’s pilot/production projects on Windows 2008/12 Active Directory, Linux 5.x/6.x/7.x and Solaris platforms. Provided engineering support in the roll out of MilCloud in the agency organization as well as Multicast using any-source and source specific environments. Provide weekly and ad-hoc status reports to Senior Management and other stakeholders. Projects involve server and storage resources based on various technologies (virtual, physical) and operating systems (Windows, Linux, and Solaris). Communicate complex technical requirements to non-technical personnel and extend, enhance, and optimize existing and new architecture.

 

 

Certification Upgrades - Attained Security-Plus Certification   2012

ü       Studied Microsoft 2008 R2 upgrade MCITP/MCSA and 2012 Courseware

ü       Studied Cloud: CSA’s Certificate of Cloud Security Knowledge (CCSK) and CloudU

 

TrueTandem, Washington, DC – SECRET         August - October 2011

sr. information Security & systems engineer

Provided operational and technical (Hardware and Software) support for initial deployment/roll-out of public sector agency’s pilot/production, Windows 2008 Active Directory & System Center Server environment. Lead engineer for the procurement of third party tools for SNMPv3 implementation for GP rollout. Information Assurance: Prepared Security Awareness Training Assessments for agency roll out. Agency Administrator for the implementation of the Microsoft System Center suite: (SCCM 2007 R3 and SCOM, Windows 2008 AD administration, Hyper-V). Provided GFI LANguard scanning and reports.

 

Booz Allen Hamilton, Linthicum, MD -May 2011 - July 2011

internal lab system security engineer, - SECRET

Implemented and provided expertise on Microsoft-based Internal Controls and Production Systems (2 domains) of Microsoft based environments for the Internal Booz Allen Hamilton Network. Provided Active Directory administration, routine maintenance along with fixing Backups and Console Control Secure Gateway Systems. Personally worked on raised floor infrastructure including tracking all infrastructure whips/ floor boxes and PDUs/cabling; created detailed diagram documentation. Assisted in racks preparation for move and implementation of the new infrastructure. HW Installation: blade servers, UPS, Juniper, Rack fans, Raritan’s. Experienced in the development and evaluation of policy documents and standards.

 

CyberPoint LLC, Baltimore, MD –            October 2010 – March 2011

software security test engineer

Six month contract developing software security procedures and testing upgrades for the internal and external international customers. Analyzed and provided cost based analysis for Customer Relation Management (CRM) tools (Microsoft CRM 4.0, MindTouch, and Alfresco). Tested Visual Automation using Kaspersky Anti-Virus with the test automation framework tools: (Ranorex, Sikuli, Inflector, etc. tools) for deployment. Experienced in the development and evaluation of policy documents and standards.

 

Unisys TSA Federal Security              2005 - 2010

systems InfoSec engineer/architect  - SECRET

(DHS), Pentagon City, VA 2008 – 2010

Senior Lead Security Information Assurance NETIQ Systems Security Engineer for the Windows Operations and NetIQ environments. Security Configuration Manager (Vulnerability Manager) and Security Manager for the TSA Policy Compliance team. Provided in-depth system security analysis, identified and characterized High Level and Low Level Persistent Threats and vulnerabilities. Lead operational team to resolve critical incidents from detailed analysis of the security checks. Responsible for the deployment and configuration for Vulnerability & Security Management of 400+ Windows based data integrity security checks for detailed analysis for all Servers within the TSA Environment. Served as ISVM (Information Security Vulnerability Management) Team Lead Engineer responsible for leading the process on providing quick corrective remedial action to maintain the security of the government/agency assets on a daily/weekly basis. Tracked and resolved requests for information from mission partners. Lead operational teams to resolve critical incidents based on FISMA/DHS/TSA regulations. Developed concepts of support and courses of action; integrated command and external capabilities; coordinated and documents comprehensive operations and plans. Participated in low to high level briefings and meetings to provide expert advice and assistance. Performed in-depth data analysis and prepared detailed reports, products, assessments for remediating the Plan of Action and Milestones (POA&M’s) vulnerability weaknesses within the TSA Environment. Weaknesses and scans were created based on Foundstone scans and in some cases FISMA compliancy for Unisys’s TSA architecture and infrastructure [Windows servers/workstations, firewalls, AD. Created documentation for TEMP/TAR for INFOSEC products. Responsible for ISSO based audits remediation for INFOSEC Products. Performed data analysis and prepared detailed reports, products, assessments, and briefings of security incidents for all levels.  Experienced in the development and evaluation of policy documents and standards.

 

 

 

Continuing from previous page,

 

Network/system SOC Information Assurance Security Engineer – SECRET     2005 – 2008

Lead InfoSec NetIQ Architect-SOC Engineer for the Windows Operations and NetIQ’s Vulnerability Manager and Security Manager (in-depth system security analysis, identified and characterized High Level and Low Level Persistent Threats and vulnerabilities) for TSA 400+ Windows Servers. Lead a team that provided technical and operational development for the entire TSA infrastructure. Responsibilities included monitoring and maintaining the operation and stability of our organization’s enterprise network across all groups’ data engineering teams e.g. Incorporating Symantec Anti-Virus tools for diagnosis and completion of misaligned devices for the TSA network. Tracked and resolved requests for information from mission partners. Lead operational teams to resolve critical incidents based on FISMA/DHS/TSA regulations. Developed concepts of support and courses of action; integrated command and external capabilities; coordinated and documents comprehensive operations and plans. Participated in low to high level briefings and meetings to provide expert advice and assistance. Worked with Incident Response Team Management to resolve advanced persistent threats and vulnerabilities affecting the network. Managed configurations for Host and Network Intrusion Detection Systems (ISS-Proventia) implementations as well as software testing the environments for network or installation based issues. Documented SOPs for all responsibilities. Microsoft SME: Responsible for all Outlook-Exchange-Secure-IP (Office Communication) Server projects for the SOC. Monitored and conducted troubleshooting on LAN/WAN core operational problems and assisted with problem determination and resolution where applicable. Provided team leadership guidance and subject matter expert for Microsoft best practices for all Windows based issues: infrastructure/security/operations/network (IP’s, Ports, Event ID’s) administrative issues (Co-owner of all team distribution groups & person in charge for configurations).

 

Anteon (located at USCG/DHS), Alexandria, VA                2005

senior systems operations & exchange engineer – INTERIM SECRET

Senior Microsoft Systems Operations Engineer (all shifts) for the United States Coast Guard Telecommunications and Information Systems Command (AKA USCG TISCOM under DHS). Responsibilities included core administration and core maintenance functions for Windows Active Directory, installation, configuration and troubleshooting hardware and software issues for  Microsoft’s Windows Enterprise production platform Windows 2K3 Active Directory Domain Controllers & WINS, DNS, DHCP, and Active Directory Migration Tools, and Network Security. Taught and mentored new recruits in 500+ DELL servers (2600, 2800, and 4600) including Implemented Patches/Updates/fixes and Quick-Fix Engineering’s processes. Served as 24/7 Shift Lead for AD and Exchange Network Security Response Management Team. Monitored the network infrastructure of AD and Exchange 2003 using Microsoft Operations Manager 2005, Exchange 2003/5.5 migration involving AD Connector, installation, configuration, troubleshooting, Exchange mailboxes: (create, move, delete, and troubleshooting 20,000+ seats), Implementation: SMTP, routing groups, public folders, Troubleshooting: Queue tracking and ESEUTIL tools. Virtual Servers (virtual PC 2004), Backups: LTO VERITAS. GPO Policy team member for all GPO Policy related issues: troubleshooting policies and or writing new policies.

 

Microsoft Corporation       2000 - 2005

Microsoft operations systems Security engineer, Redmond, VA 2004 – 2005

Systems InfoSec Engineer (all shifts) for internal Microsoft Corporation Network Operating Center Labs production and pre-production environments based on Windows 2003 Enterprise and Data Center Edition Server Active Directory. Administered accounts, domains, permissions, and security. Conducted daily checks for any attacks or abuse to network via standardized security logs designed exclusively for our organization. Performs data analysis and prepared detailed reports/assessments for briefings of security incidents. Performed installation (racking/cabling/patch panel/switch), configuration, test, application install, and TCP/IP routing. Managed enterprise infrastructure trusted domains environments, websites, portals, IIS 6.0, and SQL 2000. Supported Clients local and abroad. Led and directed troubleshooting for hardware/software break/fix environment with 3000+ servers (Compaq /Dell). Using tools and techniques: Virtual Server 2005, clustering w/ SAN’s, Dell open manager, HP Openview, PERC 2/3/4 and Compaq RAID controllers, Compaq Insight Manager, UMED, ISA clients, decommission servers, and flatten/rebuilds. Reviewed Microsoft best security practices for all implementations.

 

 

 

 

Continuing from previous page:

 

msn internet service provider lead systems engineer, Redmond, WA      2002 – 2004

Lead Systems Engineer: (all shifts/30 people) for MSN Global Services Center. Level 5 Subject Matter Expert for all MSN server/client based issues dealing with national Telecomm for Secure Network Authentication (Walled Garden-RADIUS Servers, ATM packet switching (MUX/CAP). Provided technical and security investigation for the MSN Network Operating Center. Tools: Microsoft Operations Manager 2000, event logs, self-trained internal Microsoft tools. Appointed to Narrowband and Broadband Executive

Network Security Team which provided daily technical expertise investigations for Hacking/Spamming, Abuse, Email abuse, for the entire MSN ISP infrastructure [5 million users] (Narrowband and Broadband connectivity[DSL]), Team Bridge call rep for all Fiber/Pronto based DSL circuits/connections for SBC Telco and IP Tunneling for Ameritech. Created/designed, installed and maintained production test bed for MSN’s latest products.

Investigated security upgrades, patches, service packs and viruses where applicable. Lead for security based resources related to Active Directory: users, permissions, security, computers, shared folders, DNS, DHCP, WINS, Proxy client and ISA Server, trusted domains and peripherals. Documented SOPs, used Virtual PC and Virtual PC 2004 for test bed experience. Worked with Telecom’s exclusive access: (Ameritech, Bell South, PacBell, Southwest Bell, Verizon East/West, and Quest) Broadband / Narrowband.

 

server engineer, Seattle, WA       2001 – 2002

Clients: Food Industry

Microsoft Certified Systems Engineer for Wintel XP/2000 issues: (servers, desktop support, laptops, PDA’s), (Internet Data Centers Web farms using Windows 2000 clustering & migration, security), frontline network/security troubleshooting for BlackIce and Proxy/ISA Server; Tech POC/SME person for networking, researching, and telephone support (administration, technical).

 

server test systems engineer, Redmond, WA        2000 – 2001

Black Box Multi-Lingual Testing Engineer for the Software Development Product Cycle (Beta, build install ability, configuration, & implementation testing) of entire Windows XP / Windows 2000 Active Directory operating systems functionality for English/Hebrew Localized Versions.

Lead Server Test Operations Systems Engineer/Administrator for MSN Mobile Development (Data Center 300+ nodes). Design thru implementation, administrator for the entire production networks [code and content deployments] on (Dell’s, Compaq’s) Windows 2K clustered architecture break/fix environment (SQL 7.0, IIS 5.0 web servers) for the Microsoft Security Internet Data Center for mission critical client-server machines: Intranet and Internet websites. Troubleshooting HW/SW issues; configuration management, and developing and maintaining documentation). Performed all system upgrades, load testing, servers/pc, documentation, maintenance, and regressions. Administered: TCP/IP-HTTP/S-POP3-WINS-DNS-DHCP-SMTP-VPN-MSMQ, MS Proxy Server 2.0 and client, DAT tape backups, and wrote batch scripts.

 

Jewish prisoner services international / cosmopolitan trading

Systems engineer /database administrator, Seattle, WA         1997 - 1999

Headed & administrated a Windows NT 4.0 / Windows 98 Intel based (25 nodes) network & database for a non-profit prison organization for regional coordinators across America. Designed intercommunication network from the ground up to included security, backups, and all network-related issues (TCP/IP, DNS, DHCP, WINS, and LAN desktop support). Provided training to my replacement to ensure a smooth transition. Project Management/Supervisor for all non-profit events and day-to-day activities.

 

simple trading Inc. onsite systems lead Los Angeles, CA          1995 - 1997

Supervisor (25 personnel) for an onsite heterogeneous Desktop and Server support for all Windows 95, 3.1 and PC related issues: TCP/IP, DNS, DHCP, WINS, and LAN. Designed/Implemented new business strategies that exceeded existing business plan goals in all areas of computer based warehouse operations: {scheduling, shipping, receiving, etc...)

 

EDUCATION

1993 B.A., Talmudic Law & Hebraic Studies, Major in Computer/Business Ethics, Neveh Zion College, Jerusalem, Israel