ad40ex@r.postjobfree.com
Rochester, NY **620
Skills
Project Development and Lifecycle
Workflow Planning
Systems Implementation
Purchasing and Procurement
Cost Reduction and Containment.
Project Management.
Education And Training
01/2008
Bachelor's:
Computer Science
Jaffna Hindu College
Jaffna, Sri Lanka
01/1997
Software Engineering Diploma:
Pack Institute of Sri Lanka
Colombo, Sri Lanka
Master of Science:
Computer Science, Progress
Rochester Institute of Technology
Rochester
Certifications
Certified Information Systems Security Professional (CISSP). CCNA – InProgress.
CTFL
CompTIA Security
Certified Information Systems Security Professional (CISSP)
Active Military Clearance
SANTHIRAMOGAN (Jerry Mogan) SEIMOGANARATNAM
Summary
Project Manager Cybersecurity & Compliance, Bachelor of Computer Science SUMMARY: CISSP / CTFL / CompTIA Security / Network Engineer with 15+ years of experience in network administration / engineering along with 5+ years of dedicated experience in network auditing. Expertise in networking tools including Cisco, Juniper, Juniper SRX, and Palo Alto Firewall. Proficient in cloud networking platforms related with AWS and Azure. Dedicated Project Manager successful at workflow planning and staff retention strategies. Boosts productivity through innovative management and mentorship. Keen to apply new and emerging project organization techniques to increase overall performance.
Experience
Avangrid - Project Manager Cybersecurity & Compliance
Rochester, NY
10/2019 - Current
Worked on NERC CIP regulations, standard, and compliance processes.
Developed Internal Controls Program and Project Planning working with Stakeholders.
NERC/ NATF Security Working groups and Subcommittee for Rule Making
Assisted in the development, maintenance of the project, and corporate quality department procedures.
Developed CIP security controls with the business units.
Documents Management System – Lock Path implementation
Configured firewall rules related with Juniper SRX
Worked with the departments to draft, review, obtain approval for processes, workflows, and evidence required to meet the CIP security controls owned, and implemented.
Worked with the entities to develop, review processes, workflows, evidence required to meet the CIP security controls developed, and implemented by the entities.
Worked with FERC / NERC federal level compliance communities to ensure security in the cloud systems related with AWS and Azure
Developed device & system hardening guides following NERC and NIST guidelines.
Influenced, communicated effectively with both technical, and non-technical staff relating to testing procedures or workflow concepts.
Recommended hardware / software upgrades, purchase approvals to help secure the company's valuable information, and prevent Distributed Denial of Service (DDoS) attacks.
Wrote, delivered regulatory training, policies, and monitoring training compliance.
Developed content for the LogRhythm platform around current trending security events to provide real time, relevant alarming.
Managed and monitored upkeep of LogRhythm SIEM environment.
Updated with new technology trends, inform the team on the emerging software technologies, and lead discussions about incorporating new technology.
Analyzed process-relevant documents including LLD's reference manuals, user guides, and engineering resources provided to customers.
Executed a good balance of manual, automated testing, and generated test execution reports to review with the product team.
Communicated, coordinated testing, bug reporting with remote teams, local teams, and cross functional teams.
Developed and followed up on actions taken in response to audit findings to assure adequacy of completed corrective actions.
Analyzed data on project performance to evaluate the implementation, effectiveness of project procedures, programs, and processes.
Provided in-process and results to the assessed organizations.
Interfaced directly with project managers to define the details of audit and surveillance scopes.
Developed, implemented, executed standard procedures for the administration, content management, change management, version/patch management, and lifecycle management of the SIEM/Log management platforms.
Established and maintained relationships with designated QA personnel.
Analyzed network traffic PCAP and tcp dump with Wireshark.
In-depth knowledge of Wireshark
Audited networks and security systems to identify vulnerabilities.
Analyzed system risk to identify and implement appropriate security countermeasures.
Designed, implemented, maintained security systems, and controls.
Created agendas and communication materials for team meetings.
Improved operations by working with team members and customers to find workable solutions.
Worked closely with team members to deliver project requirements, develop solutions, and meet deadlines.
United States Air Force Reserve - IT Network Engineer/Information Material Officer
10/2002 - Current
Managed system information security architecture, installation, design, operational planning, risk remediation activities, servers/systems for various government clients, and ensured all systems installed according to schedule.
Administers and monitors Industrial Security (INDUSEC) requirements to determine the program's effectiveness.
Coordinates Personnel Security (PERSEC) investigations for contractors requiring identification under the INDUSEC program.
Assists and advises Installation Access Control program in granting and suspending access.
Administers and maintains the installation lock and key program.
Maintains Physical Security defenses to ensure sensitive information and equipment security.
Conducts Mission Assurance Assessments (MAA) to highlight vulnerabilities in infrastructures and assets to develop plans to mitigate potential loss or disruption of critical assets.
Maintains and reviews the command's Security Classification Guide library and facility inspection checklist documentation, SF 701, SF 702, DA Form 1999 and SF 089
Maintained backup of cloud (AWS / Azure)
Specialized in network centric analysis utilizing a variety of tools / techniques such as network security monitoring, log analysis, and more.
Guided the development, evolution of our security monitoring platform as well as detection, and response procedures.
Developed continuity of operations & disaster recovery operations, conducted evaluation of COOP, and DR during annual incident response training.
Conducted risk assessments, collaborated with clients to provide recommendations regarding critical infrastructure, and network security operations enhancements.
Ensured information assurance by transmitting secure data between classified systems, performed ethical hacking, malware reverse engineering, penetration testing, certification and accreditation (C&A) within Security Operations Center (SOC) environment.
Supported Proofpoint SMB products including Proofpoint Essentials
Configured, maintained system backups using Backup Exec, and Dell Autoloader
Installed, configured, upgraded, and maintained Cisco devices.
Assisted in the development and implementation of disaster recovery procedures.
Assisted with the planning of records management, imaging practices, and document retention strategies.
Assisted with strategies for determining electronic document lifecycle and disposal.
Performed technical writing of electronics communications policy/procedures.
Performed hardware, network, software, and printer support for business computers.
Configured OAMP management interfaces and visibility on Juniper (OS boot 8.1R4.3) series routers.
Created admin user IDs and permission on the router.
Configured interfaces with IP address for the OAMP visibility.
Designed Cisco VPN solution utilizing IPsec Client and IPsec site to site with IPsec GRE
Implemented IP tunneling for VOIP traffic.
Worked on Cisco ASA5510 firewall, created configuring access lists in ASA5510 firewall router for CDN network servers and remote routers to access the media server cluster network.
Migrated Windows work group environment to Window NT server environment.
Worked on Vulnerability Management Tools Retina, Nessus, McAfee, and Found stone.
Deployed MS office upgrade to all offices providing on-site implementation support and training.
Worked at the security operations center (SOC)
Tested, certification of new features, and patches of software, hardware functionality.
Performed logical, performance, and physical audits of existing networks.
Diagnosed, troubleshot difficult problems at local, and remote sites.
Completed additional Information security assignment in Dubai, Italy, and Singapore
Awarded Army achievement medal for 12-month work in Kuwait/Iraq
Spearheaded server infrastructure development, quality control, staging, and production operations.
Planned, implemented, and integrated updated system-oriented projects.
Ran operational tests on systems, equipment to reinforce proper processes, and remedy malfunctions.
Built and oversaw network infrastructure comprised of various virtual products.
Provided exemplary helpdesk service and support to assist customers.
Studied network security logs to identify, eliminate outside, and internal threats.
Handled troubleshooting tasks for local area networks (LAN), wide area networks (WAN), and voice systems to reduce network connectivity problems.
Tested systems during each step of implementation and deployment processes
Designed, delivered mission-critical infrastructure to maintain consistent availability, and performance.
Created systems for deployment by the military in remote locations.
Utilized Python to handle debugging and automation scripting tasks.
Created automated simulations, diagnostics for load testing, network integrity, and other operational scenarios.
Designed, implemented, and deployed infrastructure systems across government networks.
Carestream Health - Senior Quality Engineer / Cyber Security Engineer
Rochester, NY
03/2015 - 06/2019
Generated techniques of quality-engineering to test, systems, and products
Provided effective support in all the stages of product development by applying quality engineering applications.
Planned, managed for resources, and hardware for image view Evo 510K submission.
Led the project start to finish.
Worked on DRX-Revolution NANO 5.7.712.X testing for Gate 3, completed, found hardware/software defects reported to developers, and project team.
Worked with FDA audit teams and FAD approval process for Carestream new products.
Detected Platform Team, detected FW Integration testing and QA Testing
Worked on test case authoring and executions.
Performed root causes analysis of failures in systems.
Complied with all SOP's that apply to QA work as documented in the quality system.
Designed, developed testing assignments related to software products and systems.
(PLC's, HMI's, Vision Systems and, LabVIEW)
Performed testing assignments on updates to existed Carestream products.
Developed testing methods, wrote quality testing procedures, and checked quality to ensure compliance.
Represented customer perspective in project quality decisions.
Performed testing assignments on updates to existing products (CPE) and support the customer complaint process as needed.
Ward Greenburg - IT Manager
Rochester, NY
04/2014 - 03/2015
Participated in planning, analyzing, and implementing organizational objectives.
Provided comprehensive secure IT/network design, systems analysis, and full life cycle program management.
Led all stages of system development efforts, including requirement's definition, design, architecture, testing, and support.
Worked on IT, LAN/WAN operations and maintenance director with secure Internet access.
Worked as an Expert Program, Project Leader, able to coordinate, direct all phases of project-based efforts while managing, motivating, and mentoring teams.
Maintained security of voice, data networks, and equipment
Monitored, maintained physical, logical security, and access to systems.
Responsible for support of existing security policies, procedures, as well as created, and implemented new security procedures.
Risk assessment of partners
Presented options to management for the enhancement of DNS, firewall, modernization of firewalls, inbound e-mail security, and robustness
Assisted with the upkeep of network infrastructure including switches and load balancers.
Assisted in migration of VPN concentrators to new project.
Completed TruSecure enterprise certification, and development of incident handling procedures.
Responsible for existed Microsoft Active Directory / Novell environment and new deployments.
Configured TCP/IP, DHCP, DNS, WINS, VPN, RRAS connections.
And settings
Administered company application infrastructure adhering to SLA timelines and deadlines.
Supported Citrix XenApp 6.5 infrastructure and farms.
Managed VMware ESX storage, data stores, clusters, and virtual machines
Utilized VMware to deploy and migrate virtual servers as needed.
Provided EMC SAN administration and support.
Utilized patch link software to manage software updates and patching.
Performed Root Cause Analysis (RCA) for infrastructure, network, and server issues.
Utilized point of business (POB) CMDB software suite for task, incident reporting, project management, time tracking, billable hours, and configuration items (assets)
Completed thorough risk assessments, deployed management, and response strategies to prevent roadblocks.
Updated project plans based on changing objectives, specifications, and staff availability.
Windstream Telecommunications - Senior Product & Service Activation Network Engineer
Rochester, NY
04/2013 - 04/2014
Aided in technical troubleshooting for phone, internet, and VOIP, for medium to large companies.
Routed, translated (Analogue/POTs lines), ability to work with 5ESS switches, GENBAND, DMS switches, eSM, Neustar, IAS (Protrace), and additional software programs.
Worked on VOIP, able to work with Plexus, Wireshark, IRIS, and several other software programs.
Worked on Queue management skills with experience in time and employee management.
Tested circuits, refer out to carriers, and follow-up with customers.
Troubleshot call quality, cannot call out, cannot be called, voice down, internet down, issues with IP, POTs line phones, many additional voices, and data issues.
Trained in working with ADTRAN, Cisco, All Worx, IP phones, and several other pieces of equipment.
Worked on M6 and AS400
Communicated changes in project scope and timelines to proper stakeholders.
Worked successfully with diverse group of coworkers to accomplish goals, and address issues related to our products and services.
Improved operations by working with team members and customers to find workable solutions.
Resolved interpersonal conflicts by listening, finding common ground, and building relationships.
Performed site evaluations, customer surveys, and team audits.
Demonstrated self-reliance by meeting and exceeding workflow needs.
University of Rochester - Analyst Programmer / Validation Engineer/ Systems Engineer
Rochester, NY
01/2003 - 02/2010
Provided 1st / 2nd-level help desk support, verification, and validation engineer to a major medical center & affiliated hospital.
Supported Clinical applications include registration, medical records, patient accounting, order control, and clinical documentation.
Performed CIS system, unit, acceptance, regression, load, functional/performance testing on dozens of applications using both automated, and manual testing methods.
Leveraged knowledge of object-oriented programming (OOP) to help validate, verify, communicate, and resolve software issues through careful, thoroughly documented testing to maximize return on investment (ROI) for IT initiatives.
Excelled in finding, documenting, reporting bugs, errors, interoperability flaws and other issues within proprietary software applications developed for University of Rochester Medical Center's global user base.
Demonstrated methodical, detail-oriented, and thorough approach to all assignments while adhering to compressed timelines.
Completed all assignments on or ahead of schedule.
Recognized excellent problem-solving, analytical skills by programmers, project managers, and supervisors.
Reviewed customer requirements, performed analysis, design, documentation of current state, and future state workflows for the Department of Pathology Clinical Laboratory
Maintained a detailed knowledge of systems currently operational which interface with Misys & path net or impact the laboratories in some way (patient management, Gemini, Medipac, the hospital network and Winstation software)
Compliance (GxP & 21 CFR Part 11, 21 CFR Part 820), Quality Assurance, Computer & Process Validation (SDLC) remediation, audits, operational quality review, technical writing
Evaluated, installed, configured, tested, updated computing hardware, and software systems.
Tested software updates from Sunquest, Path net to ensure that processing of patient results is accurate, and reliable before the software is moved into production.
Coordinated, installed HL7 or ASTM order/result interfaces to outreach clients including specification negotiation, and testing.
Assisted in building and maintaining Outreach Client database.
Analyzed and resolved system problems, including functional as well as performance issues.
Collaborated with product / engineering team members to define and develop new product concepts.
Met with stakeholders, contractor product teams and customers throughout system development life cycle.
Implemented, tested enhancement feature requests to improve product functionality, and extend performance.
Reviewed project documentation and made all important changes to match updates to project scope.
Accomplishments
Cisco
Juniper / Juniper SRX
Network Auditing
Palo Alto Firewall
AWS
Azure
Active Directory (AD)
SPSS
MS SQL Server
UNIX servers
FDA, 21 CFR Part 11
Encryption
Active Directory
Mathematic Simulation
TCP/IP
UDP, DHCP, COM, LAN, WLAN, SNMP, IPSEC
RMON, HTTP, HTTPS, Juniper, Cisco ASA 5510, Pix 500and watch guard x55e X Edge e-series appliance.
JDSU, Cisco 7609, 6509, 4924, ME3800, ASA 5505, 5510, 2600, 1800, 2650, 2900,2690, 281, Cisco ME3400, 3412, 871, 2900, 2950, 2960, 3550, 3560, IDS / IPS: RIP, EIGRP, OSPF, IS-IS, BGP
Linux / Unix
Tenable Nessus
Symantec Blue Coat Data Loss Prevention
Harden network and server infrastructure
Regulatory compliance and documentation
Resource Allocation
Reporting documentation
Programming languages: C++
Assembly
Java
Windows 98/2000/2003/XP/Vista/7and 10
MS Office Suite
.