Security Management
Resume:
Phillip Miles Jr.
Conway, AR 72034
*******.*******@*****.***
Technical Professional with experience ensuring the secure operation of the in house computer systems,
servers, and network connections. This includes checking server and firewall logs, scrutinizing network traffic,
establishing and updating virus scans, troubleshooting, analyzing and resolving security breaches and
vulnerability issues in a timely and accurate fashion, and conducting user activity audits where required. I
have a track record of producing high quality work within specified timeframes and of being able to effectively
multi task while working on several projects at one time. I am also recognized for excellent leadership,
planning and organization, teaming, attention to detail, project management, and communication abilities.
KEY AREAS OF EXPERTISE
•Intrusion Analysis/Detection
•Firewalls (Checkpoint, Nokia, Juniper, & Netscreen)
•Vulnerability Assessment (Foundstone/Nessus)
•Firewalls (Checkpoint, Nokia, & Netscreen)
•Symantec SESA/CSP/ESM
•Blue Coat/Websense
•McAfee Intrushield
•Remote Access (VPN, RAS, Citrix)
•ArcSight Administration(ACSA/ACIA Certified)
•Q1 Radar SIEM
•SharePoint/ MOSS 2003/2007
•HP Open View
•SiteScope/SiteProtector
PROFESSIONAL EXPERIENCE
The Vigilant, LLC, East Rutherford, NJ July 2010 – Present
Information Security Analyst
• Provide analysis and review of events and cases escalated from the live monitoring
team;
perform post mortem review of traffic flows utilizing SIEM system and other tools to
detect malicious activity; and complete projects and tasks associated with security
monitoring, detection, and incident response on an as needed basis.
• Cyber Security assessment using traffic analysis tools (i.e. WireShark, TCPDump,
etc).
• Analyzed and reviewed escalated cases to further investigate suspicious activity.
• Perform post mortem analysis on traffic flows and other activities to identify malicious
activity.
• Researched, developed, and keep abreast of testing tools, techniques, and process
improvements in support of security event detection and analysis.
• Executed tasks or lead small projects as needed.
• Communicated and interact directly with other staff to ensure optimal individual and
group performance .
• Performed other related duties as assigned or requested in compliance with ISO 9000
(International Standards Organization).
McNeil Technologies, Alexandria, VA Mar. 2009 – Jan. 2010
Subject Matter Specialist/Sr. Security Engineer – Team Lead
•Served as technical lead on SOC shifts and SOC technical projects. Continuously
raised the collective level of expertise and operational knowledge in the SOC.
Responsible for verifying that training materials are up to date and contain current
operational processes and procedures. Worked with partners and SOC managers
to better implement SOC operational procedures.
•Managed employees responsible for providing configuration and quotation services
to internal and external customers in the disciplines of Firewall Administration,
Forensics, Network/Security Operations, and Intrusion detection. Provided
technical assistance and ownership of customer calls until resolution. Identify
events and nodes that should be monitored and modify security tools as necessary
to successfully monitor and analyze the events and nodes.
•Managed the coordination of tasks relative to revenue opportunities and budgeting
while managing relationships with customers, internal partners, and team
members.
•Provided analysis reports to the customer's Task Manager and have them available
for display in the Enterprise Operations Center (EOC) and Security Operations
Center (SOC). Collect and analyze data obtained by the Customer's Security tools.
Tools include, IDS/IPS, Firewall, SIM, vulnerability scanning software etc.
Centralized Audit Logging Solution Administration and Maintenance Support,
supporting Customer's efforts to maintain the existing centralized audit logging
solution (Log Logic) capability that logs significant events for system operating
systems (OSs) and databases.
•Leveraged best practices through innovative on-the-job learning opportunities and
techniques while ensuring resolution of escalations and projects.
•Internet Content Management System Maintenance and Administrative Support
work with Customer to effectively configure and maintain Customers Web cache
(Bluecoat) and content filtering capability to manage Internet content. Followed
established Operating Procedures and update the procedures when necessary with
the prior approval of Customer.
•Supported the maintenance and administration of USPTO Enterprise Firewalls,
departmental (PTONet) firewalls, IT Facility West (lab) firewalls, and USPTO
Enterprise Remote Access/Teleworker firewalls.
•Provided support to all USPTO CIRT functions and using C3 staff and provide
onsite supplemental staff required to operate the USPTO CIRT Forensic office.
Responsible for reporting all US-CERT incidents and ensuring the USPTO
management approves these reports and that the reports are within timelines
mandated by the US-CERT reporting instruction.
•Collected and analyze data obtained by the USPTO's Security tools. Tools include,
IDS/IPS, Firewall, SIM, scanning software etc.
ACXIOM CORPORATION, Conway, AR Dec. 2004 – Sep 2007
Systems Security Specialist
•Helped design, maintain, and support and tune the application(s)/infrastructure(s)
that detect security events. (i.e.-Host-based Intrusion Detection Systems (HIDS),
Network-based Intrusion Detection Systems (NIDS), and Security Information
Management (SIM).
•Proposed/developed improvements to Information Security policies and procedures
for system operations to support SAS 70 and SOX audits as well as ISO 17799.
•Ran security analysis reports while analyzing current trends and developments in
Information Security.
•Monitored Associates’ system entry, controlled internal data access, and performed
surveillance on Acxiom’s Internal and Customer networks.
•Performed analysis of real time and historical security events to determine whether
threat concerns or conditions are present.
•Monitored and managed the system utilized to determine the presence of misuse and
potential security breaches on the network.
•Involved in the development of Incident Reports and the recommendation of security
countermeasures to the customer.
•Interfaced with the customer account teams, the server support teams, and the
vendors to provide notifications, helped determine the root issues, and passed
knowledge between areas.
•Assisted with security administration issues; such as access control and password
maintenance.
•Administered internal Office SharePoint Server environment.
•Assisted with setup, configuration, and deployment of SharePoint environments.
•Provided needed application support to internal developers and external partners
during website development stage.
•Created and executed operational plans to ensure Office SharePoint Server is
meeting performance and uptime requirements defined in the Service Level
Agreement.
•Using documented change management practices that include thorough testing and
documentation, executed modifications to the environment.
•Created and test disaster recovery plans in a staged environment and documented the
results.
•Troubleshot any issues that arose.
•Communicated needed information with stakeholders, the product manager, other
administrators, and the server team.
•Administrative duties included: backup, user issue resolution, and management of
user rights and permission.
•Portal usage monitoring: load, access and usability.
•Helped to create and maintain SharePoint tools, process workflow maps and
documentation.
•Architected/Installed/Maintained/Upgraded Foundstone Vulnerability Assessment
infrastructure.
•Identified vulnerabilities in network infrastructure, operating systems, databases,
network services, applications, application interfaces and/or other technical
security mechanisms, and worked with the sponsor to mitigate these
vulnerabilities.
•Created custom scans and ensured scheduling met with system resource loads.
•Utilized Remedy SQL database to capture detailed information for automated
custom reports to management regarding remediation results.
•Ensured up-time and availability of ESM application
•Preemptive management (e.g. alerts) of ESM system availability and performance
•Troubleshoot and fix ESM issues on both Windows and Unix servers.
•Became a key resource in system integration and multiple party interfaces
•Provided architecture knowledge and console administration support for system
integration efforts
•Participated in project teams involving system integration and interface development
•Managed and administered ESM data stores and file systems
ACXIOM CORPORATION, Conway, AR Dec. 2000 – Dec. 2004
Technical Support Specialist
• • Provided technical support and resolved all hardware/software related problems
and service requests from over 6000+ internal/external users.
•Resolved desktop support and Remote Access escalated by Level 1 support.
•Assisted in resolving technical computer issues over the phone and follow-up with the
customer until the issue was resolved utilizing documented procedures and
available tools.
•Installed and configured database management systems software.
DREAMMAKERS HOUSING COUNSELING, Pine Bluff, AR May 1999 – Nov. 2000
Help Desk Specialist
• Identified problems, troubleshot, and provided advices to assist users.
• Coordinated with other IS areas to resolve problems if necessary.
• Responded to inquiries and requests for assistance with the organization's computer
systems or PCs.
Contact this candidate