Drexter D. Inman, M.B.A, B.I.T. MCSE
Phone: 770-***-**** E-mail: *******.*****@*****.***
Objective:
Seeking a Senior Security Architect/Engineer position that will utilize my extensive knowledge of Windows System Environment, Oracle ERP and Project Security Architect skills as well as my educational background in Information Security and Business Management.
Career Summary:
Information Security Professional with over 15 years of IT experience in the areas of LAN/WAN, IT Management, Training and Support, Telephony, E-mail and Information Technology Security. A proven ability to translate the business needs of an organization into technology requirements that support the organizations business objective and successfully manage all phases of IT Projects Management, IT Risk Management, IT Security Policy, IT Governance, Network Security, Systems Security, Application, Security, Infrastructure Security, Penetration Testing and Logical Security, from needs analysis and requirements definition to vendor selection, implementation and System/Software/Product Full-Lifecycle Development. Drexter has knowledge in Server Harding, Anti-Virus Protection, Juniper Firewall, and Intrusion Detection, in addition to Application Security Project Management and Processes.
Education Background:
Masters of Business Administration (MBA) Degree, March 06
American InterContinental University – Dunwoody Campus GPA 3.75/4.0
Major: Business Management
Bachelors of Information Technology (BIT) Degree, March 05
American InterContinental University – Dunwoody Campus GPA 3.31/4.0
Major: Information Security
Applications
Qualys Scan, MS Office, MS Visio, MS Project, Norton360 Antivirus, Microsoft Exchange 2003, 2010, eTrust Antivirus, eTrust PestPatrol, eTrust Secure Content Manager, MS SQL 7, Windows NT/2003/XP/7, Remote Desktop Client, MS Terminal Server and Linksys Wireless Appliances, Active Directory, MS Exchange Deployment on Large Scale, Group Policy, COTS (Commercial Off-The-Shelf software), SMTP Protocols, disaster recovery, and end user support for Outlook 2000/2003, Internet Security Scan (ISS), Project Management, Splunk for IDS and DLP Qualys Scan, Nessus (Pen-Testing), Windows SUS, Remote Desktop Protocol.
Hardware:
Juniper Firewall, Qualys Guard, Cisco 3500 switches, WatchGuard Firewall, Checkpoint Firewall (ACL), Dell, HP, Linksys, Barracuda Firewall, Barracuda, Spam Filter, Barracuda IM, Black Berry Enterprise Server, Juniper Firewall SRX/ISG, Junos Space (Security Director), Palo-Altos Firewall, Panorama Interface, QualysGuard for Penetration Testing, Vulnerability Assessment and Web Application Security (WAS).
Experience:
Strive Consulting @ Cox Communication Inc., Atlanta, Georgia April 2015 – Nov 2016
Senior Security Engineer (Contractor)
Design work to insure the security of newly deployed applications and services.
Manages lab environments to maintain a secure test bed and evaluate security controls during application design/test phases.
Participate in the change management process, assembling change requests for tested configurations and evaluating the feasibility and appropriateness of other change requests as submitted.
Worked with Juniper SRX and NextGEN Palo-Alto firewall for security policies, SSL VPN, IPSEC connections and troubleshooting firewall issues.
Provides support of security operations organizations in the areas of ongoing lifecycle maintenance and new service deployments.
Implementation of Firewall Rules and Security Policies for internal clients and external partners.
Conduct engineering economic, alternative, and feasibility evaluations
Create documentation supporting new deployments and existing legacy infrastructure
Perform security assessment for security policies, procedures, standards, and guidelines.
Application architecture for the MDM application, defining the modeling of the application from conceptualization of what exactly the application will do, to Logical layer of how the application will function interconnected with other applications and the Physical layer of the applications deployment.
Provide uses privilege level access to the application, leveraging already existing company security policies for application operations e.g. Change management, vulnerability controls and requirement for imposing separation of duties within the application.
Protected the deployed application within the cloud by leveraging already existing Firewalls, IDS/IPS, Load-balancers, Multi-layer Authentication, Data encryption, Audit trails and URL filtering.
Technical understanding of Application security utilizing WAF to stop malicious attacks (XSS, zero day) at the source and Infrastructure security utilizing the Cloud offerings such as Firewalls/IDP/IPS system deployed at the infrastructures perimeter and within the LAN.
Create security policy via Juniper and Palo-Alto Firewalls.
Some working knowledge of VPN/IDS/IPS/Routers
CBTS @ General Electric (Energy Management), Atlanta, Georgia Aug 2007 – Apr 2015
Senior Security Architect (Contractor) a client of General Electric who provide my expertise to service a major Fortune 500 company division with 37 billion dollars in assets.
Provide technical and/or project leadership function for assigned engineering analysis and computing projects.
Security lead for Acquisitions and Integrations of all acquired and JV business by GE
Utilized Splunk with Symantec SIME as a DLP/IDS/IPS to investigate intrusion into the network.
Support and understand AWS offering and other cloud services e.g. Microsoft Azure
Understanding Cloud offering e.g. SaaS, PaaS, and IaaS and utilization of NIST Framework for Virtual Private Cloud
While working for GE as a contractor NIST was used as an industry framework for our vulnerability assessment as well as identity management. I would perform network assessment and Penetration tests on all acquired network using Qualys Scan appliance and would engage NIST website to assess the CVE Vulnerability Summary for vulnerabilities found during the assessment e.g. Cross-Site Scripting and Apache vulnerability.
Work within the framework of established GAP analysis for different business unit’s compliance with ISO 27001 Security Policy Standards.
Present security designs, architectures, IT Risk, and solutions to GE Security Architect and Security Review board as needed.
Primary SME for all Acquisitions and Integrations (network) for any and all newly acquired network. The primary roles amongst other things were to perform Network Discovery, Asset Management, Vulnerability Testing and Penetration Testing of all acquired networks using QualysGuard appliance. QualysGuard utilizing different modules such as WAS into QualysGuard and running the WAS API, and utilizing REST-based QualysGuard WAS API enables me to conduct pen-testing in addition to scheduling scan, retrieving results of those scans and automating scan capabilities.
Responsible for putting together a test plan for acquired networks and any remediation plans that came after as a result of those vulnerabilities found. A remediation plan would consist of remediating all High and Medium vulnerabilies and re-testing for verification of all fixes.
Some DBA experience with Oracle12 Management Database with installation of the Oracle Database server software and all front-end tools and DB application that access the Oracle Database. The use of remote computers with the Oracle Net component that allowed for remote access to the Oracle Database for execution.
Oracle Database backup and recovery.
Also perform security review for all New Product (NPI) introduced into the organization, as well as known and emerging attack vectors and exploits.
Experience with Nessus for pen-testing and port scans. This tool was used in preparation for compliance review primarily PCI scan which Nessus has intelligence built into to it for in depth ports scan 1-65538. Although I am familiar with Nessus, I was secondary for its use with the SecAnalyst team.
Qualysguard for penetration testing of internal and external using non-intrusive remotely and locally exploitable with no impact on the integrity or availability of the host or network that is being scanned.
Utilizing MS SQL Plus to issue command via the command line interface to the Oracle Database e.g. startup, shutdown, database parameters, managing users and creating DB object tables and indexes.
Provided Application Architecture Reviews as a security technical resource consultation as needed.
Evaluated, tested, designed and audited security of applications and risk levels, architecture and infrastructure of all businesses i.e. GE Energy, Aviation, Nuclear, Oil & Gas and Transportation businesses against recommended security practices.
Aligned industry specific compliance and framework requirements with the appropriate business. (U.S. export control, SCADA, CIP, ISO 27001, NIST, SOC, PCI, SOX, FISMA)
Mobile infrastructure and application security of Energy, Aviation Nuclear, Oil & Gas and Transportation businesses.
Security architecture and design, Information Security Management, Security Advisory board member, security awareness trainer, and subject matter expert.
Focus on the physical protection of information systems assets and corporate information and intellectual property assets in order to prevent the intentional or inadvertent access, modification, disclosure, or destruction of those assets.
Collaborate with management in developing technical directions, setting objectives, and setting realistic and challenging goals for Application Security Reviews.
Evaluate new applications and infrastructure project requirements against standard security practices and GE Security Requirements (examples: use of encryption, password access, SAP, Oracle ERP)
Project Manager for the Security assessment of over 200 Tier 1 and SOX application.
Security Leader for acquisitions of newly acquired network using Qualys to perform vulnerability/discovery scans of the acquired environment.
Review, document and audit compliance results to be used in tollgate reviews using existing project management tools.
Provide Security solutions and architectures to meet security and Export Control requirements on application and infrastructure projects.
Work with support and operations project teams to troubleshoot security related production issues (Level 3) with production software applications when necessary.
Juniper SRX/ISG
Morris Hardwick Schneider, LLC, Atlanta, Georgia May 2003 – Aug 2007
Network Security Engineer
Responsible for staying abreast of all known security threats and violations then making technical recommendations to the Director of IT on how best to protect the network.
Network lead for all security related issues ranging from outside “phishing”, DNS Denial of Service attacks, viruses and computer usage compliance.
Successfully implemented and completed ongoing multiple IT projects ranging from $20K to $100K, provide the technical knowledge and vision to support the company’s business objectives, and evaluate and recommend hardware/software for business processes.
Deployed and administered WatchGuard Firewall in multiple locations to for dynamic packet filtering to examine and filter packets based on information in header and content.
Project Manager for the upgrade of multiple remote offices of 3mb DSL connection to 10mb T1 connections and coordinated with all outside vendors to provide and implement VoIP technology.
Project Manager for the testing, implementation and successful install of WiFi 802.11 (Wireless Technology) in the firm’s largest remote offices.
Maintaining of the firms application load balance of 10 Windows 2003 servers to enhance reliability and scalability for clients making requests internally and externally.
Assisted in transforming the firms into an IP based company in which every phone, computer, printer and copier had an IP address attached to it, giving the IT department access to any system remotely using a web-base interface and streamlining workflow.
Maintaining the health and integrity of all servers and workstation within the organization. Monitoring the log files for any intrusion attempts and remedying any that are found.
Installed and Maintained Windows 2003 Active Directory
Bekeart Corporation, Marietta, Georgia January 2002 – February 2003
IT LAN Consultant
Identified client needs, managed network systems, and provided overall technical leadership in the upgrade of the internal LAN to replace out-dated patch panels, cables and switches and documented the company’s infrastructure.
Administration of Checkpoint Firewall to stay in compliance with company’s access control list.
Project Manager for all internal connectivity and network issues and regularly performed backups on all NT and Windows 2000 servers.
Reduced network downtime by 25% and giving an overall system uptime to include maintenance and scheduled outages of 95%.
Magnet Communication Inc., Atlanta, Georgia January 2001 – August 2001
IT Engineer
Successfully administered all online Internet Banking Servers for Millions of dollars in online wire transactions in a 24/7 Network Operating Center (NOC).
Deployed SMS 2.0 to for hardware and software inventory and the remote deployment of packages to client/user desktop computers.
The administration of the company’s Exchange e-mail server that also support BlackBerry devices.
FundRaisingINFO.com, Atlanta, Georgia October 2000 – January 2001
Network Administrator
Direct system administration of all Windows NT system and exchange server that included the creation of new e-mail accounts for internal and webmail users
Deployed and administered MS Site Server and regularly ran reports on the company’s website to record and document the most popular pages, total visits and new clients and presented a weekly report to the CEO of the company.
Grubb & Ellis, Atlanta, Georgia April 2000 – October 2000
Systems Administrator
Project manager for complete office relocation project that required planning and coordination with multiple vendors.
Coordinated with outside vendors for data and phone drop location, T1 install, PBX install including workstations and server to include the reconnection of all client workstations and server systems upon completion at the new facility.
Performed regular backups of offsite and local server also used Compaq Insight Manager (CIM) to monitor hardware integrity.
EpicLearning.com, Atlanta, Georgia July 1998 – April 2000
Systems Analysis – Help Desk Manager – Training Center Manager
Training and Certifications:
MCSE certified -2004
JNCIA-Junos Training - 2016
A+ and Troubleshooting Certificate of Completion, Epic Learning
CISSP Certification 2010 Expired – CISSP Track to retake exam
Security + - Certification 2004
United States Marine Corps (Rank E-4), Camp LeJeune, N.C.
May 93 – Feb 97(Veteran)
United States Marine Corps (Reserves), Dobbins AFB, Marietta, GA
June 97 – June 99 (Veteran)
Associations and Memberships:
The National Black MBA Association – Atlanta Chapter
Association of Information Technology Professionals – Atlanta Chapter
Wireless Technology Forum (Advisory Board Member) – Atlanta Chapter