Nadeem A. Salaam
acvpjd@r.postjobfree.com
404-***-**** cell
CAREER SUMMARY
Over twenty years’ experience working in diverse environments implementing, testing and maintaining network infrastructure and computer environments, including 14 years in various Information Security roles. I’ve supervised engineering teams on multi-million dollar network/security upgrades for the Army Medical Services, and was appointed as the IT Security officer for the high visibility Division of Select Agent and Toxins program for the Centers for Disease Control where I have had roles in designing, implementing and maintaining large complex networks using a variety of vendor products and services. I’m an experienced pen and vulnerability tester. I’m considered a seasoned professional and experience problem solver who works well in team environments and independently. My experience has been equally successful as an analyst as well as engineer disciplines. I have vast experience as a security analyst, testing, auditing and conducting Certifications and Accreditation activities. Conducted C&A using NIST Risk Management Frameworks. Highly motivated and dependable, I have dual focus on management and technical perspectives to quickly develop workable solutions to IT problems.
PROFESSIONAL EXPERIENCE
Senior Information System Security Engineer/Analyst 11/14 – present
Time Solutions
Responsible for the design and implementation of a secured network for a High government system within the Centers for Disease Control. Setup and administered the network infrastructure used to develop and test project functionality and viability.
Accomplishments:
• Setup secure network infrastructure of multiple Windows 2012 r2 and linux servers for system
Production Primary and Disaster Recovery sites in addition to Development, QA and Staging.
•Installed and configured VMware EXSi 6.0 on multiple physical host to deployed fully virtualized
environments.
•Primary technical administrator for Disaster Recovery site and Business Continuity Plan and
contingencies.
• Monitor network for security incidents, internal and external threats
• Perform risk assessments of vulnerability testing of applications and website.
• Perform penetration testing against Windows servers and web applications using Metasploit
and Burpsuite.
• Perform packet captures using wireshark.
•Perform routine and custom scans of servers with Tenable Nessus Vulnerability scanner.
• Created various security model and system architectural diagrams used for project roadmaps
• Consult with Business Analyst and developers on complex high risk architecture issues.
• Evaluate OWASP top ten vulnerabilities in web application testing and advise developers.
• Evaluating and implementing security controls relative to NIST 800 series security framework.
• Apply standards and policies within FISMA and FIPS guidelines.
•Created security design and responsible for implementation of high classification government
system.
• Installed and administer Cisco ASA firewall and VPN. Palo Alto Networks security appliance, Cisco
3650 stackable switches and Cisco Aironet wireless AP’s.
• Follow the Enterprise Performance Life Cycle (EPLC) governance framework.
Senior Information System Security Analyst/Infrastructure Lead 7/08 – 0/14
Lockheed Martin
The Centers for Disease Control (CDC); Working on a classified program as project leader of IT Security and Infrastructure team managing a staff of hardware and software personnel. Technical lead in million dollar upgrade of system hardware and applications. Managed the implementation of 48 Blade servers across two geographically separated lights out data-centers.
Accomplishment:
• Served as lead engineer for architecture of and implementation of two datacenters
• Drafted diagrams and build documents to comport to vision of program goals and objectives
• Responsible for the overall infrastructure and components ensure 100% availability
• Responsible for IT security program, focusing on protecting applications and data.
• Conducted Security Risk Assessment and resolved deficiencies.
• Wrote organization and asset level policies and procedures where deficiencies existed.
• Responsible for the enforcement of security policy and directives.
• Prepared and implemented Certification and Accreditation (C&A) of High system IAW NIST
800-37 Risk Management Framework and 800-53 Security and Privacy Controls guidelines,
including FIPS 140-2 & 200 compliance.
• Ensured FISMA and HIPPA regulatory compliance of system and assets.
• Created policies and administered Access Control and Identity Management for systems and
applications.
•Monitored and maintained system security controls for compliance and remediation.
• Performs digital analysis of system and application logs for breaches and incidents using Splunk
software.
• Implemented and maintained Business Continuity and Disaster Recovery Programs.
•Performed penetration test, vulnerability scans and web security scans using
various vulnerability management tools; included remediation activities to ensure security and
integrity of the program and assets.
• Administered and maintained SSL/VPN certificates for web application servers.
• Performed risk mitigation analysis on all change request and updates of software and code.
• Responsible for the enforcement of security policy and directives.
• Managed team implementing and supporting System Center Operations Manager and Symantec
Security Information Manager.
• Provided direction and technical expertise for development efforts and staff task.
• Lead team efforts in several system upgrades of vender equipment, software upgrades and
product evaluations.
• Created and maintained technical and project documentation.
• Maintain network infrastructure for CDC and Lockheed Martin at LM facility.
Information Technology Security Officer, 7/03 – 7/08 Science Applications International Corp. SAIC
On contract to the CDC on classified program that protects threats to public health throughout the United States. As IT Security Officer was responsible for maintaining IT data security/protection both at rest and in transit, maintaining the network infrastructure, deploying new software and equipment, and improving programs production, staging, and coop environments.
Accomplishment:
• Designed and implemented network and security architecture for program.
• Responsible for setup/management of Intranet with five remote locations nationwide.
• Installed and maintained a wide range of network devices and security appliances which
including Cisco routers, Catalyst switches, Pix firewalls, Cisco Secure intrusion detection and.
Taclane Data Encryptors.
• Network administrator; created and maintained routed network and VLAN administration.
Implemented QOS traffic shaping for critical data traffic, setup and administered Active
Directory Domain and Domain Name Service (DNS). Responsible for IP addressing and subnet
creation using Public and Private addressing.
• System administrator of Trusted Solaris8/Trusted Gateway Server.
• Installed and configured Server Farm with OS mixture of 2000/2003 Server.
Configured clustered environment for redundancy of critical network infrastructure.
• Maintained virus definitions, IDS signatures, patches and system upgrades on
servers, workstations and network equipment.
• Works with other engineers to implement and enforce network security policies in accordance
with Defense Security Services (DSS) standards.
• Monitor secure network environment for occurrences of policy violation, intrusion attempts and
malware attacks
• Conducts frequent security test and validation of system to maintain certification and
accreditation (C&A) posture. Provides log analysis, security audit and investigative
support.
EDUCATION and Training:
• Certified Ethical Hacker and Penetration Testing
• Incident Response and Digital Forensic Analysis
• Bachelor’s Degree Computer/Information System Management Park University
• Advanced Information Network Systems U.S.A.F.
• Local/Wide Area Network Installation Technology
• Community College of the Air Force AAS Electronics
COMPUTER PROFICIENCY
Operating Systems:
Windows Server 2012 and Linux
Databases:
SQL 2013, MySQL, Postgress
Software:
IIS, DNS, DHCP, Active Directory, Symantec End Point Protection, Wireshark, Nessus, Metasploit, Splunk, syslog, Netwitness, Lancope and IBM Rational AppScan, System Center Operations Manager (SCOM)
CERTIFICATIONS:
Certified Information System Security Professional (CISSP)
Certified Ethical Hacker (CEH)
Certified Penetration Tester (CPT)
SECURITY CLEARANCE:
TOP Secret SSBI (currently in Secret status)
CUSTOMERS:
• Centers for Disease Control
• Tri-Services Healthcare
• Wilford Hall Medical Center