20 years' experience in Information Technology, Security and Network/Systems Engineering
Experienced Principal IT Security Engineer Offering 20 years' experience in Information Technology, Security and Network/Systems Engineering
Available August 6, 2012 Looking for opportunities in Northern Virginia (Dulles Corridor)
Career Highlights Solid background in IT management and in designing and managing voice/data networks and systems. Maintained high levels of security. Track record in building results-focused teams, leading network/IT projects, and working with vendors to achieve optimal cost savings. Developed infrastructure, enabling teams to provide high quality support and maximize client satisfaction. Familiar with industry best practices. In-depth knowledge of LAN, WAN, Cisco architecture, VoIP, VPNs, migrations, systems, disaster recovery, Security, etc. Performed complex installations, configurations, backups, upgrades, repairs, documentation, and maintenance. Troubleshot complex problems. Established client base from scratch. Strong communication skills. Proficiencies:
Network/System Administration Security Network Design/Maintenance Software/Hardware/Servers Project Mgmt./Leadership Web-based Systems Intrusion Detection & Prevention Data Recovery Planning Programming/Databases Wireless Technology Surveillance Systems IP Based Camera Systems Patch Management Solutions Anti-Virus Detection Enterprise Malware Detection
Accomplishments Completed extensive IT training: CCNA, MCSE, IIS, TCP/IP, Windows NT Security, Cisco Routers. Served as team lead for project implementation and for major network upgrades and installations. Created first PC Jukebox; first Web-based restaurant order system; and Freddie Mac's FMVCD. Developed SNMP-based monitoring utilities in UNIX. Led growth from scratch to $1+ million and from 1 employee to 8 employees in record 3 months. Deployed Remote Management Services, saving costs and facilitating 24/7 technical support. Designed and developed the first embedded WWAN meshing router using the latest EVDO technology.
Security Clearances Top Secret/SSBI - 03-06-2007 US DOJ Secret - 09-2009 EOD - 11-2010
IT Security Architect/Principal Security Engineer, Dev Technology, Reston, VA November 2010 - July 2012 HP Enterprise Services/Department of Homeland Security Security Architect/Principal Network & IT Security Engineer for DHS DC2 Data Center and the Security Operations Centers for HP Enterprise Services/EDS. Provide Tier 3 support to the DHS DC2 Security Operations Center. Provide guidance to Junior Analysts within the SOC. The SOC will allow DC2 to achieve situational awareness of the security posture of the enterprise, monitor its security resources and proactively manage the agency's security infrastructure to ensure the continued success of DHS's mission and continuity of operations.
NetOptics Fiber Tap architecture design & implementation within the DHS DC2 Data Center. McAfee IDS Sensor architecture design & implementation within the DHS DC2 Data Center. Netwitness architecture design & implementation within the DHS DC2 Data Center. Arcsight ESM/Arcsight Logger architecture design & implementation within the DHS DC2 Data Center.
Principal IT Security Engineer, Apptis Corporation, Chantilly, VA November 2009 - November 2010 Drug Enforcement Administration Principal IT Security Engineer in the Drug Enforcement Administration's ISIV Security Operations Center supporting the Firebird network. Provide high level daily/weekly IT Security Hotwash briefing to management. Administration support for approximately 30 SourceFire IPS sensors throughout the enterprise. Perform IDS/IPS signature tuning and custom development of signatures. Develop policy and procedure for a repeatable process for Tier1 security personnel. Perform Tier 3 functions within Arcsight, monitoring current events and tuning non-incidents, and false positives. Provide Engineering and Systems Administration support. Currently implementing a 64bit Arcsight system to alleviate performance issues with the current 32 bit production version. Implemented Personally Identifiable Information (PII) intrusion detection signatures. Perform vulnerability scanning of Firebird assets using tools such as Nessus, Nmap, Foundstone, AppDetective, and ThreatGuards's Secutor Prime for FDCC compliance for auditing purposes.
IT Director/Security Architect, WareonEarth Communications, Vienna, VA May 2009 - Nov 2009 Drug Enforcement Administration Security Architect for the Drug Enforcement Administration's transport network (DNet). Conducted an analysis of IT systems currently in production on DNet and provided recommendations for solutions that should be implemented to cover gaps and meet FISMA compliance. Recommendation of the following solutions: Centralized logging solutions), Security Information Management solution (Arcsight), Network Access Control solution (Cisco), Enterprise Anti-Virus solution (Symantec), Enterprise Patch Management solution (Bigfix), Enterprise Malware detection/prevention solution. Implementation of Active Directory for user authentication, DNS, DHCP. Implementation of DNSSEC for DNS security. Designed solution for securing IP based camera solutions utilizing SSL VPN capabilities. Provided guidance for proper implementation of DDoS mitigation at internet facing routers. Conducted vulnerability assessment of critical DNet core devices using open source tools such as Nessus, Foundstone and Nmap. Provided vulnerability findings to DNet's Program Manager and the DNet System Administrator for remediation. Designed a custom high end Linux based Network Based IDS "appliance" leveraging Snort and implemented this solution in DNet's Point of Presence locations. Developed custom IDS signatures to detect Personally Identifiable Information (PII).
Senior IT Security Engineer, Verizon Business, Ashburn, VA June 2008 - May 2009 Department of the Interior Sr. IT Security Engineer for Verizon Business's Government Network Operations and Security Center (GNOSC). Acquired ownership of Tivoli Security Operations Manager (TSOM) and associated systems with it in order to enhance the security capabilities of the GNOSC. Tuned existing network based intrusion detection and intrusion prevention systems such as TippingPoint, Juniper IDP and anomaly based intrusion detection systems such as ActiveScout and StealthWatch. Conducted Gap Analysis. Gaps were identified in security capabilities due to hardware limitations with inline security devices, which prevented additional signatures from being enabled on the inline devices. Designed, developed and implemented an open source Snort Pilot/Proof of concept solution (Einstein enclave type design) in one gateway in order to enhance the security posture of the GNOSC. Custom signatures were written to detect PII, SSN, Credit Card #'s, Healthcare Identification and many others. Custom US-CERT signatures were created to provide real-time incident notification to the customer using Remedy. The Snort Pilot was a great success, pending authorization under the new contract. Member of US-CERT/GFirst and Einstein community.
Principal IT Security Engineer, USmax Corporation, Gambrills, MD November 2007 - June 2008 General Dynamics/United States Patent and Trademark Office Lead Sr. IT Security Engineer for General Dynamics supporting the United States Patent and Trademark Office's Emergency Operations Center/Security Operations Center. (EOC/SOC). Worked with a team of highly knowledgeable IT Security Engineers to design, develop and implement an IT Security Program with the new USPTO EOC. The SOC will allow USPTO to achieve situational awareness of the security posture of the enterprise, monitor its security resources and proactively manage the agency's infrastructure to ensure the continued success of USPTO's business mission and continuity of operations. Assisted with the development of the COTS Evaluation, Engineering Requirements, Gap Analysis, Boundary and Network Infrastructure Internal Audit, Security Incident SOP, and PRISMA Metrics documentation. Member of US-CERT/GFirst and Einstein community.
Senior IT Security Engineer, SMS, Mclean, VA April 2006 - November 2007 Department of Homeland Security/Federal Emergency Management Agency Lead Network Security Engineer for the FEMA Security Operations Center. Primary SOC day-to-day operation support of all FEMA security implementation, development, design, installation, evaluation, and testing. Support Symantec Raptor, Cisco PIX, and Juniper Netscreen firewalls. Cisco router and switch maintenance. Support Remote Access systems such as iPass dialer, Cisco VPN Concentrators, Cisco 3002 hardware clients, Cisco VPN software clients for client-to-site and site-to-site implementations with Cisco and Juniper devices. Support ISS Proventia host-based firewall with SiteProtector central management. Support Cisco ACS authentication servers. Maintain and monitor Symantec SNS 7120/7160/7161 IDS/IPS sensors and Sourcefire IDS/IPS sensors. Provide customer support for FEMA security issues. Conduct security assessments and vulnerability assessments of network assets using tools such as Nmap, Nessus, and others. Perform computer forensics and data recovery as needed. Member of US-CERT and Einstein community.
Senior Systems Analyst/Network Sercurity, CSC, Washington, DC August 2005 - April 2006 Computer Sciences Corporation/Environmental Protection Agency Lead for DSS IT operations on the EPA-ITS contract. Provide support to DSS on-site technical staff supporting the EPA. Designed and developed scipts to obtain inventory of assets on the EPA network.. Developed a patchlink helper script to automate the process of renaming thousands of workstations which were located and named incorrectly on the EPA network. Created and lead a team of developers to develop the DSS database which interfaced with Remedy giving CSC Management the ability to generate extensive reports that could be given directly to the customer. Prior to this system Management would spend two full days exporting Remedy data and manually generating a customer report.
Senior Systems Engineer, VistaRMS/Kforce, Herndon, VA February 2005 - August 2005 Computer Sciences Corporation/Environmental Protection Agency Support IT operations for the EPA-ITS contract supporting approximately 7,500 users in 30 offices. Provide assistance to EPA employees who require information or technical support. Provide network/system administration support, desktop hardware/software problems, telecommunication issues, local area network issues, Lotus Notes issues, remote access issues, database issues, server access issues.
Major Projects: IT/Systems Engineer EPA Continuity of Operations (COOP) Fort Meade, MD March 2005 Provided Systems Administration/Network Engineering support. Designed and implemented a disaster recovery plan which automates the process of restoring all workstations simultaneously in the event of an emergency without user intervention. Develop automated disaster plan for the Fort Meade EPA Continuity of Operations (COOP) Center. Develop automated disaster recovery images for workstations/servers. Develop automated disaster recovery bootable double layer DVD media. Participated in the emergency operations and emergency activation drills.
IT/Systems Engineer Emergency Operations Center (EOC) Washington, D.C. August 2005 Provided Systems Administration/Network Engineering support. Designed and implemented a disaster recovery plan which automates the process of restoring all workstations simultaneously in the event of an emergency without user intervention. Develop automated disaster plan for the EPA headquarters Emergency Operations Center (EOC) in Washington, D.C. Develop automated disaster recovery images for workstations/servers.. Develop automated disaster recovery bootable double layer DVD media. Participated in the emergency operations and emergency activation drills.
IT/Systems Engineer EPA/FEMA Louisiana Hurricanes Response, Metairie, LA October 2005 Oversaw IT management; Provided Systems Administration/Network Engineering support. Implemented infrastructure to prevent unauthorized wireless devices on the network. Provided support for the existing NEC wireless access points being used for voice and data communications at the EPA/FEMA site. Designed and implemented a backup wireless network which was used in the event the primary wireless access points failed. Provided support for users arriving on the scene with laptops by configuring wireless adapters in each laptop and configuring access to the printers via IP based printing.
Information Technology Director, Internet Security Solutions, Sterling, VA 2000 - 2005 Lead IT operations for network/systems administration, security, firewalls, intrusion detection systems, and antivirus/spyware/malware/adware detection and removal. Spearhead overall operations: sales, marketing, accounting, staff management, contract negotiations, SOWs, RFPs, vendors, sub-contractors, finance, and technical support. Analyze requirements to provide client-focused solutions; optimize performance of IT infrastructure.
Major Projects: IT/Systems Engineer Unix/NT Jobin Realty, Centreville, VA 2004 - 2005 Oversaw IT management; provided Systems Administration/Network Engineering support. Implemented infrastructure to prevent unauthorized installations. Created jWeb Intranet/Extranet-based database management system-for 35 offices; 3,500 users. Installed Cat5e, Cisco Routers/Switches, Norton Antivirus Enterprise, and Windows 2000 Server. Improved productivity by setting-up server for central storage; migrated all forms online. Installed Netscreen Firewall/VPN; configured to connect directly to MRIS system. Developed company-wide MySQL database, allowing company to track employees in 35 offices. Stored database in 3 datacenters, creating redundant system and allowing 24/7 data access.
IT/Systems Engineer Unix/NT, Adelphia, Sterling, VA 2000 - 2003 Managed 12 employees. Assumed Systems/Network Administration responsibilities. Provided IT services and helpdesk support to 5,000 existing cable modem subscribers. Trained staff for installation/troubleshooting. Administered LAN architecture comprised of 250+ workstations and 5 servers. Compiled user information for all workstations, servers, switches, and routers on LAN segment; implemented comprehensive security policy, restricting unauthorized access to LAN systems. Obtained user information for all servers, email, FTP, www, proxy server, DNS servers, total control chassis, Motorola Head-end equipment, Cisco PIX/Switches/Routers, and other equipment on high-speed Internet division; implemented new security policy to restrict unauthorized access to systems. Developed helpdesk system to report problems and to provide troubleshooting information. Oversaw migration from Ridgetop Circle to Nokes Blvd.; provided new Windows 2000 Advanced Server; transferred all Adelphia data from shared file server. Recreated 250 user accounts, file directories, and permission schemes on new servers. Reconfigured network printers; configured workstations to connect to new server to access files and printers. Performed extensive planning/documentation to ensure seamless migration.
IT/Systems Engineer Unix/NT, BFQ Labs 2000 - 2001 Created custom software code, automating systems/password recovery process for Cisco products. Developed application where other firms, over several years, had failed. Saved valuable resources.
Affiliations Community Emergency Response Team (CERT) Loudoun County Sheriff's Office Auxiliary (LCSO) Virginia Sheriffs Institute (VSI) Virginia Crime Prevention Association (VCPA) International CPTED Association (IAC)
Professional Development MCSE, Learning Tree International, Reston, VA, 1999 Cisco Certified Network Associate (CCNA) Almatec, Herndon, VA, 1998 CompTIA Certification (A+) Almatec, Herndon, VA, 1997
Learning Tree International Certifications: (Reston, VA) Microsoft Internet Information Server, 1998; TCP/IP Internetworking on Windows NT, 1998; Implementing Windows NT Security, 1998; Microsoft Exchange Server 4.0/5.0, 1998; Advanced Cisco Routers, 1997; Microsoft Windows NT 4.0 Core/Enterprise Technologies, 1997; Microsoft Windows NT Workstation 4.0, 1997; Advanced Unix, 1996; Microsoft System Administration/Implementation for SQL Server 6.0, 1996; Microsoft Mail for PC Networks 3.2 Enterprise, 1995; Microsoft Windows for Workgroups 3.11, 1995; Implementing & Supporting Windows NT 3.51 Workstation/Server, 1995; TCP/IP for Windows NT, 1995
Certified Information Systems Security Professional (CISSP) Bootcamp - 2006 NetIQ Training - 2006 Patchlink Training - 2007 Harris Stat Training - 2007 Dealing with Difficult People - 2007 (Careertrack Event #51983) Managing your emotions under stress training - 2007 (Careertrack Event #53013) Configuring Security Threat Response Manager (CSTRM) Training - 2009 Thwarting the Enemy - Counterintelligence and Threat Awareness - 03-2011 Palo Alto Networks Firewall Installation, Configuration and Management PAN-EDU-201, PAN OS4.0 - 07-2011
First Responder Development
Loudoun County Sheriff's Office Auxiliary Police Academy - 2006 Community Emergency Response Team Training - 2006 Introduction to the Incident Command System - ICS 100 - 2006 Introduction to the Incident Command System - I-100 for Law Enforcement - 2006 Incident Command System for Single Resources and Initial Action Incidents - IS-200 - 2006 National Incident Management System - IS-700 - 2006 National Response Plan - IS-800 - 2006 CPR - 2007 First Aid - 2007 Community Emergency Response Team Training - 2007 WebEOC Training - 2007 Crime Prevention through Environmental Design (CPTED) - 2007 Community Emergency Response Team Train the Trainer (CERT TTT) - G317 - 2007