Resume

Sign in

Active Directory Security

Location:
Dearborn Heights, Michigan, United States
Posted:
February 22, 2018

Contact this candidate

Resume:

ISAM AL RIKABI, E-mail:ac4kuz@r.postjobfree.com; Cell: 240-***-****;

Sr. Cyber Security Engineer, 11/2016 to present, Systems Technology Group (STG), MI 48127

Multi-task experience with cyber security SIEM tools, engineering and addressing security issues and technical specifications for (implemented QRadar SIEM in enterprise environment, network security infrastructure, Security Tools, network security, Automation, Test, Implementation, Configuration, deploying, Integration, Management, Rules, Reports, Offenses, use cases, and Documentation experience within cyber security, information security and engineering, involves security tool implementation and troubleshooting within enterprise environment. works experience in Plan, deploy, operate, maintain and execute DR procedures for Cyber security tools, and maintain enterprise security tools (e.g. IBM QRadar, RSA Archer GRC Platform, MetricStream, F5, Syslog NG Premium, Microsoft Azure, and FireEye HX MIR (Mandiant Intelligent Response) Controllers, Analyze Plixer NetFlow from Nexus Routers, Vulnerability Management, Patch Management, Security Incident Response, NGN Next Generation Networking, Next-Generation Data Centers, Python, and Wireshark.).

1-Analyzes, integrates, parses, rules, alerts, reports, offenses, use cases.

2- Cyber Security Tools Integration, Implementation, Automation, Configuration, Management, and Documentation.

3- Knowledge of network infrastructure and networking technology TCP/IP, DNS, DHCP, Proxies, Load balancing, ACE, F5, Linux/Unix, Windows, routing, switching, network design, wireless networks, and IP communications, netflow, packet capture/analysis.

4-SIEM: Installs, assets, log activity, network activity, dashboard, patch, upgrade, firmware.TCP/UDP protocols, TCPdump, Telnet, VI, Grep, and Tests Logs by spoofing Log Sources to Red Hat QRadar.

5-Designing, implementing, and maintaining network security, security tools, and using a scripting to and command line queries: Putty, SQL query SQL Plus, PSQL, Scripts Bash, Python, and PowerShell, Write network and security documentation, policies, and guidelines.

6-Cyber Security Tools Configuration Management: Experience of health, stability, patch management, troubleshooting, performance, and capacity of QRadar SIEM platforms. Log Analysis, SOC Analyst, NOC and Cyber Security Defense Center.

7-Provides guidance to SOC Operations, documents administration with Cyber Security SIEM Tools, Performs tasks consistent with the goals and objectives of the Cyber Security Defense Center and Lead efforts in the improve and develop of process/procedure manuals and documentation for the SIEM tools development.

8-Identifies and create use cases within the SIEM tools and work with Project managers in multi phases (Dev, QA, Test, and Prod) to manage multiple projects and tasks, and set appropriate priorities for tasks to be accomplished based on project plans and management priorities, and works both independently and in a team environment.

9-Identifyes security incidents, monitoring policy violations, Audit Violation Reports, GRC, Network and applications SLA reporting and Service requests to meet SLA objectives; SDLC, Agile development, Sarbanes-Oxley Compliance.

10-Documents (Manage Progress Logs), IBM Problem Management Record (PMR), Operation SIEM/Security/Network Requests, Application/Servers/DBs Owners Request and Tickets.

Cyber Security Tools Engineer - Development Lead Engineer, 2/2015 to 11/2016,

Systems Technology Group (STG), MI 48127

Professionals of SIEM log management, manages, monitor, network activity, assets, Log/Events/Flows analysis, searches, data extractions, reviews and analysis raw logs and payloads into SIEM (Logs/Flows) from Enterprise and various systems alerts, event traffic patterns, and development lead to parse the logs into QRadar, and develops regular expressions, RegEx, DSM, and LSX Parsing to parse the interested fields, SIEM content and use cases such as common rules test against both events and flow data and offenses, automation, configuration, integration, management, and documentation.

1-Builds, installs, develop, implement, architect, configures, maintenance, supports and integrates security tools that complies with vendor and customer requirements into large enterprise environment, assists with the proof of concepts and testing of new security tools into Development, QA Test, and Production Environments.

2-Familiars with security and monitoring tools (Load balancing, ACE, F5, Syslog-NG, Firewalls, Plixer, IDS/IPS), Infrastructure network, applications,Extranet, Intranet, and Datacenter; Unix/Lunix/Solaris /Windows /Database, Azure Cloud, Pivotal Cloud Foundry,WebSphere, CSC Analyst,NOC Analyst,SOC Analyst,NetOps,IntraNet,ExtraNet Teams in Enterprise Security Systems.

3-Python, PERL, Bash (IBM Security QRadar, Red Hat Enterprise and QRadar Collecting logs Unix / Linux, AIX, Linux, HP-UX, Solaris, and PowerShell for Windows Servers.

4-Customer services to support Internal and External Clients and creates Requests/Tickets.

5-Knowledge in the logs of: Incident Response to create Internal Request/Tickets with Unix/Lunix/Solars/AIX, Windows Servers, WebSphere, Global DB, Security Operations, Extranet, Intranet Engineering and Operations Teams - External Vendor support like IBM, RSA, MetricStream, CISCO, Tools: Ping, nslookup, sqlplus, Putty, TCPDump, Syslog, RegEx, LSX, DSM, QRadar Dashboard Tools.

6-Supports services such as SSL/TLS, LDAP, SSH,SSO, Kerberos, PAR, RADIUS and TACACS, Load Balancing, Proxies, MSSQL, WebSphere, Oracle, IIS, Apache ...etc., Guides and Mentors IT Security/Network Operation Engineers.

7-Documents deliverables (Manage Progress Logs), IBM Problem Management Record (PMR) requests to Qradar, Operation SIEM/Security/Network Requests, Application Request and Tickets to NetOps.

8-Participates in documentation of Infrastructure Control Review/Applications Control Review, documentation, runbooks and troubleshooting Guide.

9-Participates with Enterprise Network Engineer/SIEM/Operation teams to document the new procedures, policies, runbooks and guidelines and update deliverables in SharePoint site up-to-date.

10-Audit Violation Reports, Service Level Agreements (SLAs), SDLC, Agile, Sarbanes-Oxley Compliance.

Eta Company Sterling Heights, MI 48038,

Systems Security Engineer, 5/2013 to 1/2015,

Manage and maintain a broad range of relevant platforms such as Windows, UNIX, Linux, and industry leading security tools and platforms, scripting, and familiarity with open source security tools, Internet technologies, and systems infrastructure security, Responsible for supporting complex systems and application solutions, maintain and configure Network security tools to monitor and manage the environment, escalation of technical problems from/to other teams, identify and implement security improvements to the process, procedures, documentation, and systems.

1-Maintain Active Directory, Group Policy, LDAP, Active Directory Lightweight Directory Services (AD LDS), using PowerShell.

2- Familiar with Windows Security Infrastructure and ensure the stability, integrity, and efficient operation of the systems that support core organizational functions, System log analysis, backups, network security, user account/permissions management and systems.

3-Using Nagios to monitor and alert services for servers, switches, applications and services.

4-Monitor security events from multiple sources such as antivirus, firewalls and system security logs, analyze the results and escalate, when necessary, to the appropriate group for remediation.

5-Maintain of network/application security, applications programming, reverse engineering, malware analysis, cryptographic algorithms, Identify targeted attacks and other suspicious activity using a variety of network based tools.

6-Escalate trouble tickets to vendor(s) as necessary, prepare and provide reports on assigned project work, provide troubleshooting of any security escalated issues related to assigned product.

7-Familiar with network intrusion detection, network intrusion prevention, vulnerability scanning, network hardening, network access control, virtual private networking, and network management equipment and systems.

8-Documents technical issues for a range of technical and business management.

9-Using a high-level scripting/programming language (Bash, PERL, Python, PowerShell, JavaScript and C, C

10-Experience interfacing directly with customer and management teams; including, conducting briefings and technical meetings for management and customer representatives.

11-Knowledge of CISCO networking technologies, including Switches, Routers, Firewalls, and Wireless LAN controllers.

12-Basic knowledge in malware analysis and forensic investigations, encryption algorithms.

13-Familiar with Wireshark, Nessus, Snort, Tcpdump, SSH (Secure Shell), PuTTY, OpenSSH, OpenVPN.

Johns Hopkins University, Rockville, Maryland, LAN/WAN Engineer, 10/2012-4/2013

The Administrator position is responsible for the administration of Windows 2003 & 2008 servers and AD, and CISCO switches VLAN configuration, manages the computing environment using Altiris, and SCCM 2012.

1-Manages user Accesses and file/folder security and shares and manages projects for upgrades, migrations refreshes, Familiar with Firewalls, switches, routers, and basic network troubleshooting

2- Installs new software releases, Implement System upgrades. Evaluate and install patches

3-Manage projects for updates and maintenance

4-Routines on servers, labs, classroom, and provost workstations

5-Work with third party software and Hardware vendors for support and troubleshooting, effectively communicate Updates and schedule routines for minimal downtime

6-Resolve software/network related issues and Windows software for clients/servers; Windows 2008 server, Deploy Windows 7, and upgrade from Windows XP, Active Directory, Exchange; videoconferencing; SQL Server; Understanding of web technologies IIS; DNS, DHCP, TCP/IP; NetBIOS; Basic networking; Security Support using Symantec Endpoint Protection; Altiris

7-Perform routine system backup and recovery of data. Maintain inventory of hardware, Software, and ensure license compliance

8-Maintain data files, documentation and monitor System configuration to ensure data integrity. Analyze and resolve problems associated with Server hardware and application software.

9-Provide next level support for network, software, Desktop and peripherals to Help Desk support staff

10-Detects, diagnoses and reports problems for servers and workstations relating to security, hardware, and software

Montgomery College, Maryland,

10/2011-10/2012

Systems Engineer,

Ensures the stability, security, and reliability of College servers and storage for members, team members, and other stakeholders by designing, planning, implementing, testing, measuring, and managing related hardware, software, interfaces, implementations, and projects.Participate in all phases of the computer system development life cycle, including concept of operations development, requirements development and analysis, software and hardware system design, algorithm design, risk management, integration, test and documentation.

1-Installing, administration & maintenance of client networks and Installs new software releases such as MS Office, System upgrades

2-Evaluate and install patches. Manage projects for updates and maintenance Routines on servers, labs, and classroom

3-Supported core Windows technologies (Windows server 2003 & 2008, Windows 7/XP)

4-Deploy Windows 7, and upgrade from Windows XP

5-Assisted in administering and supporting Active Directory environment

6-Develop system access, monitoring, control, and evaluation; establishing and testing disaster recovery policies and procedures; completing back-ups; maintaining documentation, and performing system and software upgrades and patches

7-Testing and Installation of computers and Medium hardware systems connected PCs in a network and set up peripheral equipment, hardware components

8-IT establishes system specifications by conferring with users; analyzing workflow, access, information, and security requirements; support DNS, DHCP, TCP/IP; NetBIOS, PXE

9-Troubleshooting a windows server operating system, IIS and Intel server related hardware issues

Systems Administrator, Computer Techniques Company, Iraq, Basra

2/2007-7/2011

Windows Server and Linux Administration

Supported core Windows technologies Windows server 2003 &2008 and Linux server, Install, configure and maintain Microsoft Active Directory including the design, implementation, and overall architecture of Active Directory, Group Policy, LDAP, Active Directory Lightweight Directory Services (AD LDS), and Windows Infrastructure and ensure the stability, integrity, and efficient operation of the messaging systems that support core organizational functions

1-Exchange Administration including; DAGs, Outlook client, user mailbox creation/ deletion/ modification, shared Mailbox creation, calendar permission, mailbox management, shared mailbox permission management, end user outlook support issues, outlook profile corruption/ new / configure, distribution list permission assign/remove

2-Script and develop using, PowerShell, VBScript, Shell and related systems

3-Monitoring, maintaining, supporting, and optimizing all networked software and associated operating systems, oversee and troubleshoot operating systems and applications using OS-based, resource kit, and third-party tools, troubleshoot problems and quickly resolve issues, analyze failures to minimize outages and interruptions

4-Designing and running system load/stress testing; escalating application problems to vendor

5-Installing, administration & maintenance of client networks Cisco or equivalent

6-Secures system by developing system access, monitoring, control, and evaluation; establishing and testing disaster recovery policies and procedures; completing back-ups; maintaining documentation, and performing system and software upgrades and patches

7-Maintaining the technology architectures DNS, DHCP, TCP/IP, NetBIOS

IT Specialist,

Basra University, Computer Center, Iraq, Basra

3/2000-1/2007

Taught computer training program Windows Office to 14-15 Masters and PhD students in 1 month modules. Worked with a team of 6-10 instructors to teach a complete course on computer software and hardware.

1-Developed and administered final exam to test student knowledge twice per module.

2-SCCM 2007 application deployment/patching, deploy software distribution packages to desktops, laptops, and servers

3-Trained employees how to use computers.

4-Performed analysis, testing and installation of computers and large hardware systems, connected PCs in a network and set up peripheral equipment, hardware components, and allied devices.

5-Loaded software programs/packages and utility applications, and installed Operating Systems.

6-Develop finance DB applications for University.

7-Maintained intranet networks.

8-Provided user account management, network configuration, routine maintenance, workstation/disk configuration & management, troubleshooting, documentation, training, and support for Windows systems, peripherals.

9-Setup, and installed computers and new applications

10-Generally diagnosed PC-related issues and fixes and repairs computers, printers and other hardware.

11-Upgraded memory and hard drive systems checked performance-related issues and network support problems with hardware tools, including booting CD with diagnostic programs and utility software.

Training:

1. Tenable Network Security Training: Security Center and Nessus

2. IBM QRadar, RSA Archer, Threat Connect, and Metric Stream

3. Big Data IBM Watson Advisor

4. Microsoft’s Azure Cloud

5. Agile Hosting Infrastructure and GRC

6. IBM: SIEM QRadar

7.-CISCO: Architecting Cisco Networks

8. Network Infrastructure Architecture, Security Architecture, Security Policy.

Self-Training:

9. CEH, CISSP, and CISA

Certification

10. Montgomery College, Silver Spring, Maryland

Cisco CCNA Complete July 2012

11. Informatics Institute for Postgraduate Studies,

12. Windows Server 2008, 70-640 Complete

2008

13. Informatics Institute for Postgraduate Studies,

Linux Sever Administration Complete, 2008

2008

14. Iraqi Computer Society,

Computer Hardware Technician Certificate

2006

15. Technician Computer Center, IT Certified Technician (equivalent to A+)

2002

Education

16. Higher Diploma Software Engineering (Degree)

2000

17. Bachelor of Science in Computer Science (Degree), 1995



Contact this candidate