Technical Support
Resume:
Phillip Miles Jr.
Conway, AR 72034
zm9cwh@r.postjobfree.com
Technical Professional with experience ensuring the secure operation of in-house computer systems, servers, and network connections. This includes checking server and firewall logs, scrutinizing network traffic, establishing and updating virus scans, troubleshooting, analyzing and resolving security breaches and vulnerability issues in a timely and accurate fashion, and conducting user activity audits when required. I have a track record of producing high quality work within specified timeframes and am able to effectively multi-task while working on several projects at a time. I am recognized for excellent leadership, planning and organization, teaming, attention to detail, project management, and communication abilities.
KEY AREAS OF EXPERTISE
Intrusion Analysis/Detection (McAfee Intrushield, Snort, Sourcefire)
Firewalls (Checkpoint, Nokia, Juniper, & Netscreen)
Vulnerability Assessment (Foundstone/Nessus/Qualys)
Web Proxy (Blue Coat/Trend Micro InterScan Security Suite)
Remote Access (VPN, RAS, Citrix)
SIEM Administration (ArcSight-ACSA/ACIA Certified / Q1 Radar)
PROFESSIONAL EXPERIENCE
TalentBurst-FIS, Little Rock, AR July 2011 – Dec 2011
Network Security Engineer
• Designs, writes, and maintains common procedures, SLI's and EXEC's for installed operating systems.
• Organizes, allocates, and supervises use of disk space for libraries, files, and common work space.
• Acts as a professional assistant or project team member in hardware evaluation, configuration, and software evaluation projects.
• Reviews, analyzes, develops, installs, and modifies Security Tools and systems.
• Detects, diagnoses, and reports related problems.
• Executes security controls to prevent hackers from infiltrating company information or jeopardizing programs.
• Researches attempted efforts to compromise security protocol and recommends solutions.
• Maintains security systems and administers security policies to control access to systems.
• Maintains the company's firewall and utilizes applicable encryption methods.
o Created information security documentation related to work area and completes requests in accordance with company requirements.
o Identified opportunities and executes plans to improve workflow and understands and quantifies business impacts of those improvements for communication to management.
o Interfaced with user community to understand security needs and implements procedures to accommodate them. Ensures that user community understands and adheres to necessary procedures to maintain security.
o Provided status reports on security matters to develop security risk analysis scenarios and response procedures.
o Other related duties assigned as needed.
TekSystems Inc. - SAIC, Little Rock, AR March 2011 – July 2011
Network Security Engineer
Security infrastructure engineering experience as well as a Microsoft Windows, UNIX, Checkpoint Firewalls, Juniper firewalls, PIX firewalls, Bluecoat Proxies, Juniper Intrusion Prevention devices, Certificate authority support, and wireless switch Security Management.
Day-to-day responsibilities that include monitoring, optimizing, problem resolution, root cause analysis, and managing all aspects of access to specified systems.
Interface directly with the Service Level Coordinators and is responsible for communicating the technical facts and issues to all parties involved.
Participate in an on-call rotation schedule and after hours work is a requirement for the person accepting this position.
Troubleshoot access issues
Adhere to the change management processes
Work in a team environment
The ability to engineer and implement security infrastructures
The Vigilant, LLC, East Rutherford, NJ July 2010 – Oct 2010
Principal Security Consultant
• Provided analysis and review of events and cases escalated from the live
monitoring team; performed post mortem review of traffic flows utilizing
SIEM(ArcSight) system and other tools to detect malicious activity; and complete
projects and tasks associated with security monitoring, detection, and incident
response on an as needed basis.
• Cyber Security assessment using traffic analysis tools (i.e. WireShark, TCPDump,
etc).
• Analyzed and reviewed escalated cases to further investigate suspicious activity.
• Perform post mortem analysis on traffic flows and other activities to identify
malicious activity.
• Researched, developed, and keep abreast of testing tools, techniques, and process
improvements in support of security event detection and analysis.
• Executed tasks and lead small projects as needed.
• Communicated and interacted directly with other staff to ensure optimal individual
and group performance.
• Performed other related duties as assigned or requested in compliance with ISO
27001 and 9000 (International Standards Organization).
• Develop new custom connectors (i.e. flexconnectors) to integrate site specific data
• Test and integrate ArcSight provided connectors
• Integrate ArcSight event actions into other company systems
• Provide ArcSight technical expertise
• Provide support to company ArcSight Clients
McNeil Technologies, Alexandria, VA Mar. 2009 – Jan. 2010
Subject Matter Specialist/Sr. Security Engineer – Team Lead
Served as technical lead on SOC shifts and SOC technical projects. Continuously raised the collective level of expertise and operational knowledge in the SOC. Responsible for verifying that training materials are up to date and contain current operational processes and procedures. Worked with partners and SOC managers to better implement SOC operational procedures.
Managed employees responsible for providing configuration and quotation services to internal and external customers in the disciplines of Firewall Administration, Forensics, Network/Security Operations, and Intrusion detection. Provided technical assistance and ownership of customer calls until resolution. Identify events and nodes that should be monitored and modify security tools as necessary to successfully monitor and analyze the events and nodes.
Managed the coordination of tasks relative to revenue opportunities and budgeting while managing relationships with customers, internal partners, and team members.
Provided analysis reports to the customer's Task Manager and have them available for display in the Enterprise Operations Center (EOC) and Security Operations Center (SOC). Collect and analyze data obtained by the Customer's Security tools. Tools include, IDS/IPS, Firewall, SIM, vulnerability scanning software etc. Centralized Audit Logging Solution Administration and Maintenance Support, supporting Customer's efforts to maintain the existing centralized audit logging solution (Log Logic) capability that logs significant events for system operating systems and databases.
Leveraged best practices through innovative on-the-job learning opportunities and techniques while ensuring resolution of escalations and projects.
Internet Content Management System Maintenance and Administrative Support work with Customer to effectively configure and maintain Customers Web cache (Bluecoat) and content filtering capability to manage Internet content. Followed established Operating Procedures and update the procedures when necessary with the prior approval of Customer.
Supported the maintenance and administration of USPTO Enterprise Firewalls, departmental (PTONet) firewalls, IT Facility West (lab) firewalls, and USPTO Enterprise Remote Access/Teleworker firewalls.
Provided support to all USPTO CIRT functions and using C3 staff and provide onsite supplemental staff required to operate the USPTO CIRT Forensic office. Responsible for reporting all US-CERT incidents and ensuring the USPTO management approves these reports and that the reports are within timelines mandated by the US-CERT reporting instruction.
Collected and analyzed data obtained by the USPTO's Security tools. Tools included, IDS/IPS, Firewall, SIM, scanning software etc.
Converted Checkpoint firewalls to Juniper firewall platform.
Ensured the SEM (Q1 Labs) solution was deployed and operating to deliver the technical and business results required by the customer.
Integrated SEM (Q1 Labs) solution with customer operations including network management and ticketing systems, and assist customers in building operational processes around the QRadar infrastructure.
Advised the customer on SEM and security best practices and implementing customer use with QRadar.
Conducted security investigations into customer incidents using QRadar SEM.
Tuned and troubleshot QRadar to deliver optimal performance in high volume enterprise customer environments.
Configured and troubleshot network and security devices, various operating systems, and applications such as web, mail and database services.
Created automated reports within QRadar to help aid investigation efforts.
ACXIOM CORPORATION, Conway, AR Dec. 2004 – Sep 2007
Systems Security Specialist
Helped design, maintain, and support and tune the application(s)/infrastructure(s) that detect security events. (i.e.-Host-based Intrusion Detection Systems (HIDS),
Network-based Intrusion Detection Systems (NIDS), and Security Information
Management (SIM).
Proposed/developed improvements to Information Security policies and procedures for system operations to support SAS70 and SOX audits as well as ISO 17799.
Ran security analysis reports while analyzing current trends and developments in Information Security.
Monitored Associates’ system entry, controlled internal data access, and performed surveillance on Acxiom’s Internal and Customer networks.
Performed analysis of real time and historical security events to determine whether threat concerns or conditions are present.
Monitored and managed the system utilized to determine the presence of misuse and potential security breaches on the network.
Involved in the development of Incident Reports and the recommendation of security countermeasures to the customer.
Interfaced with the customer account teams, the server support teams, and the vendors to provide notifications, helped determine the root issues, and passed knowledge between areas.
Assisted with security administration issues; such as access control and password maintenance.
Responsible for assessing and creating PCI audit documentation, creating audit evidence & managing storage within a Share Point archive. Read and interpreted existing rule sets for purposes of documenting compliance to PCI-DSS.
Architected/Installed/Maintained/Upgraded Voltage SecureMail Vulnerability Assessment infrastructure.
Integrated SecureMail with Exchange server, MS Outlook, and Active Directory while utilizing encryption (PKI, IBE, PGP).
Lead and executed the CSP installation (management platform, console and agent) installs and upgrades, including configuration management, certificates management, policies updates for user workstations and servers.
Provisioned for CSP upgrade, updates, and policy pushes.
Coordinated with Stakeholders in technical matters.
Provided dedicated technical and operational support for SCSP, assist with creation, enforcement, management and reporting of incidents through automated workflows.
Architected/Installed/Maintained/Upgraded McAfee’s Foundstone Vulnerability Assessment infrastructure.
Identified vulnerabilities in network infrastructure, operating systems, databases, network services, applications, application interfaces and/or other technical security mechanisms, and worked with the sponsor to mitigate these vulnerabilities.
Created custom scans and ensured scheduling met with system resource loads.
Utilized Remedy SQL database to capture detailed information for automated custom reports to management regarding remediation results.
Migrated firewalls from Netscreen to Checkpoint SPLAT platform.
ACXIOM CORPORATION, Conway, AR Dec. 2000 – Dec. 2004
Technical Support Specialist
Provided technical support and resolved all hardware/software related problems and service requests from over 6000+ internal/external users.
Resolved desktop support and Remote Access escalated by Level 1 support.
Assisted in resolving technical computer issues over the phone and follow-up with the customer until the issue was resolved utilizing documented procedures and available tools.
Installed and configured database management systems software.
Contact this candidate