Security Engineer Cyber
Resume:
Michael A. MUNDI (CCNP, CCDP, SFCP, SCSA, SCNA, MCSE, CNE)
Laurel, MD 20723
Contact: (cell) 240-***-****; E-mail: ********@*****.***
RELEVANT EXPERIENCE
Cyber Security Engineer/Subject Matter Expert:
Excellent track record and experience on implementing mission critical enterprise-wide network solutions including security, messaging, database and remote access systems.
Fundamental experience in the implementation of Enterprise Events Security Management and operations solutions.
Network Infrastructure/security engineer with a profound understanding and extensive experience in the design and implementation of network integration systems.
WORK EXPERIENCE:
US House of Representatives
SOC Coordinator
11/22 – Present
Facilitate tasks across cross functional teams – SOC/Engineering/Endpoint Management.
oEvent Handling
oIncident Response
oData Analysis / Log Review
oVulnerability Management
oConfiguring and testing system security settings
oDetection Engineering
Work with security engineers to resolve SOC related issues and provide status updates
Perform triage and root cause analysis on security events
Identify new data sources for determination of security events
Review & update Corelight IDS capabilities
SOC ticket reviews
Office of Personnel Management
Zero-Trust IT Security Architect
03/22 – 10/22
• Develop zero trust policies for Identity, device, network, data and application workload pillars
• Federal Identity Confidentiality Access and Management subject matter expert
• Technical solutions to implementing zero-trust for network access
• Develop a security automation and response strategy
IRONNET CYBERSECURITY
Cyber Security Forensic Analyst/Cloud Security Engineer
06/16 – 02/22
Drafted an Information security management system Cloud security policy document based on ISO27001 framework
Developed a cloud security controls matrix based on the Cloud security alliance guidelines
Setup a security operations center with Splunk Enterprise and Splunk Enterprise security. Pull logs from Next generation firewalls/IPS, routers/switches, wireless access points, end-point – Antivirus, application control, Incident response.
Built Dashboards and alerts for various use-cases to notify/display interesting events
Propose policies and technical controls to security review board – Policies included the following: End point protection [application control, threat detection, prevention and response], Network Intrusion prevention, Web application filtering, Firewall rules
Managed the roll-out process of our enterprise host-based intrusion prevention system. Process included: Testing, removal of existing agents, configuration of new protection policies, integration with Splunk, Incident response workflows, Forensic analysis.
IronNet also makes its own network packet capture and forensics device – experienced in detection techniques for the following advanced threats:
oDNS tunneling
oDomain generation algorithm
oPeriodic/Randomized beaconing
oCredential phishing
oPII data loss
oDNS over HTTP
oTLS evasion
Asset discovery and vulnerability management
Blue and Red Team ethical hacking exercises for testing IT security posture readiness: Includes assessment of our cybersecurity kill-chain performance, policies and user awareness
Threat hunting in Splunk across indexes for all our security logs
Implement Scrum for our security operations tasks
Conducted a proof of value and implemented the following solutions:
oJAMF protect endpoint HIPS
oSaaS application security monitoring - Docontrol
oEmail gateway proxy security – Proofpoint/FireEye
INTERNATIONAL MONETARY FUND
Cyber Security Watch Officer, Washington DC
01/2014 – 05/2016
Network security infrastructure architect – Worked on the requirement analysis for network access control, email, proxy and endpoint security. Products eventually selected and deployed included – Forescout CounterACT, Bit9, FireEye, Websense, Proofpoint.
Fortigate NGFW 4400F Installation & Configuration – Threat Protection, SSL deep inspection, Web & content security, Device security
Implementation of an intrusion prevention solution; Fine tuning and custom signature deployment (IBM ISS Proventia)
Development of SIEM/ArcSight Use cases
Setup of Security Operation Center Triage process; Cyber watch duties includes – Incident response – Assessment of security alerts; evidence collection, remediation and mitigation; providing vendors with malware samples to update their signatures & defense posture
Manage fidelity of events from various sources - Firewalls, proxy servers, IPS, Virus and host intrusion prevention systems, Bit9, FireEye, Network access control
Vulnerability analysis and patching management – Microsoft, Oracle, Adobe
Situational awareness briefings for upper management
Security monitoring of cloud-based assets; developing strategy for a complete full monitoring and assessment of software as a service provider.
Hybrid security solution for the protection of cloud application and web infrastructure; vulnerability management and threat detection
Northrop Grumman Corporate &
United States Department of Defense
Secretary of Defense Communications
Network Security Analyst, Linthicum, MD
05/10 – 12/2013
Network security planning and engineering
Arcsight Implementation & support: (Versions 3.51 – 6.1)
oInstallation of database & manager
oInstallation and configuration of connectors & loggers
oConfiguration of logger receivers & forwarders
oContent development: use cases, rules, access/session lists, filters, active channels
Implementation and configuration of Splunk components; Indexer, forwarder, search head and deployment server
Network events analysis & correlation with Arcsight, splunk and other network utilities
Incident response and mitigation
Real-time threat management from various DOD sources and industry partners
Threat analysis – IPS/Packet capture analysis
Malware reverse engineering using Solomon testing environment
Implementation and management of network protection controls
Maintenance of network intrusion prevention systems (IBM ISS, Sourcefire, McAfee)
Information assurance (server & database scan; remediation management
Email & proxy content inspection with FireEye
Information Assurance:
oHost (OS/Web/Database) scan & vulnerabilities mitigation management
oNetwork access control policy management
oSource code (Java, & .NET) analysis and vulnerabilities testing with HP fortify
United States Army National Guard Bureau
Network Security Engineer, Fairfax, VA
01/04 – 04/10
Design configured & installed an Enterprise Intrusion prevention solution with ISS Real Secure. Entailed, Network sensors for states and territories, and back end systems.
Evaluated multiple Intrusion prevention systems, including vendor solutions from Sourcefire, Paolo Alto networks, Tipping Point and Nitro.
Implementation of Arcsight (version 3.5 & 4.0) for the correlation of data from various network security devices. This includes
oDatabase setup & configuration (EMC SAN) & Oracle
oManager installation & configuration (ver 3.5 & upgrade to 4.0)
oEnterprise ArcSight logger and connector infrastructure implementation
oMultiple connector platforms. Firewall (CheckPoint, Cisco) IDS/IPS (Cisco & ISS) Syslog, Bluecoat, Active Directory, host-based intrusion detection system
Incident response, escalation and management
Implement enterprise network security policies and procedures
Development and implementation of custom IPS signatures
Threat analysis and engineering of network defense mechanisms
Malware analysis & response
United States Department of Education, Washington DC
Principal Engineer
11/03 – 06/06
Provide Network Support & Maintenance for the EDNET core devices. Support activities includes:
oNetwork monitoring and incident response
oNetwork design & configuration: BGP, OSPF, ATM, POS, VOIP (Cisco call routing & optimization, Call manager administration)
oMaintenance of connectivity devices and network access servers. Includes software & hardware updates, re-configuration, hardware replacement
oConfiguration & Implementation of network connectivity devices. Includes Cisco Switches (4700, 5500 & 6500 series), Routers (2500, 3640, 7500 series) & Firewalls (Cisco PIX and Symantec Enterprise Firewall)
oManagement of Remote access devices; Includes remote dial-in and remote device access.
oNetwork support for the server operations team. Provide network connectivity for production servers; Configuration of the DMZ PIX firewalls for access to public resources.
Tomorrow’s Solutions Today, Rockville MD
Vice President, Technology
11/02 – 11/03
Design and Implementation of a Network security data center. Configured and installed the following devices for fail-over, high availability:
oRadware Linkproof
oNetscreen 204
oLinkproof Web server director
oTeros APS 100
oSix T-1 frame-relay connections to Cisco 2600 series routers
oHP 3500 VPN device for remote access
oWeb and database server farms. Systems runs on Windows 2003, IIS6 and SQL server 2000
Network security & intrusion prevention for the most attacked site on the web
Network design & implementation for the Recording Industry Association of America. Performed the following tasks:
oNetwork architecture and configuration of routers & switches for 8 remote office locations
oConfiguration of Cisco Works 2000 for network monitoring: Configured traps and alarms services
oMigration of Checkpoint Firewall 4.1 to NG
oInstallation and configuration of Internet Security Systems RealSecure network sensor 7.0
oInstallation & configuration Whale Communications e-gap for secure web-mail access for Lotus Domino
oInstallation and Configuration of RSA Secure ID for web-mail authentication with whale communications e-gap
oDell OpenManage for managing enterprise servers
Performed the following configuration tasks for various other clients:
oConfiguration of Cisco routers for a two-office Intranet and Internet connectivity.
Frame-Relay circuit.
oConfigured integrated routing and bridging
oVLAN & Inter VLAN routing
VPN design & Implementation on Netscreen firewall
SecureID cryptographic services implementation
Designed and Implemented collaboration solution using Microsoft SharePoint for a user community of 300.
Air National Guard, United States Department of Defense, Network Operations Security Center, Crystal City, VA
Senior Network Engineer
11/02 – 12/03
Performed the following Configuration & troubleshooting tasks for the Nationwide Air National Guard enterprise:
oRaptor firewall 6.02 on Solaris 2.6: Deployed new systems by configuring the operating systems and Firewall software, rule sets and tunnels. Troubleshoot remote firewalls by the srl and rcu utilities
oManagement of enterprise core, distribution, and access routers and switches
oTroubleshooting of Microsoft Back-office applications: MS Exchange 5.5 and SMS 2.0
oEnterprise-wide monitoring with Whats-up Gold
Voice/Data Security:
oMaintenance of SIPRNET encryption devices for STU devices
Columbia Light House for the Blind, Washington, DC
Network Consultant
01/03
Troubleshooting and configuration of two Cisco routers connecting two office locations in the Washington DC metro are and the Internet. Circuits are dedicated full T-1
Access control lists
PIX firewall configuration
Families Forward, Washington, DC
01/03
ISDN router setup & NAT
Windows 2000 Active Directory Services setup, Server configuration
Desktop configuration
Coalition For the Homeless, Washington DC
Network Engineer
02/02
Implemented enterprise secure intra-network communications for 6 Washington DC metro offices. Installed & configured Linksys firewalls with IPSEC point-to-point tunnels to the head office.
Implemented Microsoft Windows 2000 Active directory services
Implemented Microsoft Exchange 2000 for 120 users: Configured the following:
oSecure (SSL) Outlook Web access
oIMAP access
oAnti-spamming control
oNorton anti virus for Microsoft Exchange2000
Software Performance Systems, Bethesda, MD
Senior Network Engineer
03/02 – 08/02
Provided consulting services for the clients listed below:
United States Department of Justice (DOJ), Washington DC
Senior Network Security Engineer
Designed and Implemented an ISS Real Secure Intrusion Detection System for the DOJ messaging backbone. The backbone has three fail-over sites. This included;
oRequirements analysis
oIDS Policy
oMarket Research
oNetwork 7.0 & Host sensor 6.5 deployment; Included ISS Site Protector, Security fusion module, fast analysis and System scanner (on all mission critical systems)
Network Security Audit (messaging backbone)
IDS Log analysis
Integrated logging
Brown & Williamson Tobacco Company, Macon, GA
Network Security Engineer
Implemented an enterprise wide intrusion detection system with ISS RealSecure, Entailed:
oVulnerability analysis & penetration testing
oInstallation of Network and server sensors
oConfiguration of OPSEC response on the network sensor
oCorrelation analysis
Drafting of a network security policy document; Included disaster recovery & business continuity plans
Provides PKI implementation proposal with Verisign
Geologics Corporation, Alexandria, VA
Senior Network Engineer
06/01 – 03/02
Provided consulting services for the clients listed below:
Untied Stated Antarctic Program (USAP), Antarctica
Network Security Engineer
Performed a network security audit for the USAP network in Antarctica and Christchurch, New Zealand.
Provided recommendations on network security, disaster recovery & business continuity planning
Information Security Planning: Risk Assessment & Management
Department of Agriculture, Agricultural Marketing Services Division, Washington DC
Security Consultant
Provided the following security solutions:
Designed and implemented a DMZ solution with Checkpoint Firewall-1 on Windows NT. Solution included a cold standby Firewall. A high availability/load balancing solution will be implemented for client when firewall is migrated to Firewall-1 Next Generation.
Configured Webtrends to access & analyze firewall logs
Implemented and Intrusion detection system with ISS real secure with network & server sensors. Performed the following IDS tasks:
oVulnerability and penetration testing
oAudit trail analysis
oOPSEC response to Checkpoint firewall configuration
oRisk assessment & analysis
oSystem hardening
oReporting
oIDS system maintenance
oSecurelogic Programming for ISS Intrusion Prevention
Risk Assessment & Management
TranTech, Alexandria, VA
Network Architect
08/99-05/01
Provided consulting services for the clients listed below:
TranTech Corporate Offices, VA, MD
Network Architect
Designed and implemented a Frame-relay Hub and spoke solution for communication between main and five satellite offices. Each office has about 50 end-nodes.
Provided the following services to a TranTech client, the US Department of Commerce
oEnterprise Network analysis using Network Associates Sniffer
oImplementation of CiscoWorks 2000 for managing enterprise Cisco routers and switches
Fine-tuned Cisco PIX 506E firewall
Contingency Planning: Disaster Recover & Business Continuity
Agency for Healthcare and Research Quality, Rockville, MD
Senior Network Engineer/Project Manager
Project Manager for Security Operations, Y2K compliance and Network infrastructure design.
Performed the following tasks:
Network Infrastructure & LAN Management (Network team comprised of 7 engineers and 13 Network administrators)
Designed and Implemented an ATM solution with Cabletron Smart switch 6500 on a Bell Atlantic cloud. Configured PNNI, UNI, LECS, BUS and LANE services
Designed and implemented Migration from ATM to Gigabit Ethernet
Designed and Implemented a Dialer backup solution for the AHRQ MAN with Cisco 2500 series routers
Implemented a 24-Channel RAS solution on a Cisco 3640 router
Configured T-1 access solutions for remote offices
Managed the migration of e-mail from MS-Mail to Exchange 5.5; Setup test environment for the migration to Exchange2000
NDS migration from IntranetWare to NetWare 5.11; Implemented NDPS printing & ZENWorks for desktops & servers
Managed the daily maintenance of a heterogeneous NT/NetWare network. Network services include:
Internet/Intranet (MS Internet Server 4.0)
E-Mail (MS Exchange 5.5)
Oracle 8I application servers
Lotus domino 4.0 application servers
Dial-out (NetWare Connect)
Faxout (Faxination)
Fax-on-Demand (FaxFacts)
Video-on-Demand (Real Server)
E-Learning solutions with multimedia server running on Oracle 9i
Setup Compaq servers (1850, 5500, 7000) on the network for various applications
Implement enterprise backup with Veritas Backup Exec. Backed up NetWare, Microsoft File systems, Microsoft Exchange, Lotus Domino & Oracle databases
Conducted a pilot for the following Tivoli management module:
Monitoring & network performance
Monitoring for databases (Oracle Services were integrated with Peregrine asset center, service center & desktop administration modules)
Security Operations:
Project lead that worked on a PKI initiative for the AHRQ and its extranet
Developed common criteria models for IT security
Designed & Implemented an Axent Raptor Firewall solution on Windows NT 4.0. Solution included VPN access
Install Radware Fireproof for load balancing
Implemented RADIUS authentication with steel-belted RADIUS
Implemented a two-factor authentication solution with RSA SecureID. This is used for dial up, VPN, and web publishing authentication
Implemented an Intrusion detection solution with ISS Real Secure version 5.5/6.0. Configured Network & server sensors
Configured internet content filtering with Websense Version 4.3
Implemented Network Associated Total virus defense suite
Tested Thwate and Verisign PKI schemes
Performed vulnerability assessments and analysis with Webtrends security analyzer & ISS internet/system scanners
Risk Assessment & Management
Contingency Planning
TEKSYSTEMS, Reston VA
Network Engineer/Project Manager
08/98-08/99
Provided consulting services for the following clients
Washington Mortgage Financial Group, Vienna VA
Project Manager
Project Manager for the merging of acquired offices on to the WMFG corporate network
Managed a nationwide team of 20 network engineers and customer support representatives
Migrated newly acquired offices on to the corporate NetWare NDS tree and GroupWise 5.2 e-mail platform; Enterprise-Wide Implementation of ZEN Works
Designed and implemented a WAN connectivity solution for 26 remote offices. Each remote office had a Cisco 2500 series router running EIGRP for IP & IPX.
The head office router is a hub Border Cisco 4500 router.
Configured and managed router access lists
Designed and Implemented a Cisco Works Management platform for all enterprise network Cisco Routers.
Managed network personnel and provided status reports to VP for network operations
Wrote document standard for network design, including e-mail and disaster recovery
Designed and implemented testing and risk implementation strategies
Enterprise backup with backupExec (Veritas)
Implemented network security policies for a VPN with NetWare Border Manager 3. 0. VPN services included Remote access via NetWare connect
Setup & implemented standard test lab procedures
Bureau of Economic Affairs, Washington DC
Systems Engineer
Lead Engineer for the hardware upgrade and migration from NetWare 4.10 to IntranetWare and from GroupWise 4.1 to 5.2
Project scheduling & management
Hardware setup and configuration (Compaq 3000s and 7000s)
Setup of test LAN environment
Installation and configuration of server OS
Configuration of backup scheme implementing Arcserve IT
Configuration of VINCA standby server
Installation and configuration of ManageWise
Planning of GroupWise migration
Disaster Recovery Planning
NASA Goddard Flight Space Center, Greenbelt, MD
Senior Network Engineer
Project Lead for the Migration of User Community from Novell 3.12/4.11 to Windows NT 4.0;
Campus Backbone Maintenance team
Project Management of Novell to NT Migration
Setup & Configuration of SMS for Network Inventory and application deployment
Disaster Recovery & Business Continuity Planning
Management of existing Novell Network
Maintenance of Campus backbone Cisco/3COM routers and switches
Migration of Campus network from RIP to OSPF
Traffic Management with access lists
Network Management with HP Openview and Net X-ray
Designing & Implementation of Network Faxing & Remote Access
Management Of POP500 email service
Management of RAPTOR firewall traffic
Project Lead on Y2K compliance for Hardware & Software
NT & Unix Interoperability
Management of Enterprise Backup with IBM ADSM utility
Design an Implementation of ATM VPN backbone using Cisco 5000 Catalyst switches
Implementation of BGP4 and OSPF on network backbone on Cisco 7500 Platform
Lockheed Martin Corporation, Bethesda, MD
Project Manager
6/97 – 08/98
Manager for the migration of legacy e-mail systems to a Microsoft Exchange 5.0/5.5 corporate platform for the Northern Virginia Region (8000+ Users), Project team (20-30 personnel); Duties include
Presentation of the corporate e-mail (lmxpress) initiative to Lockheed Martin corporate, non-corporate and subsidiary companies. This process entails educating the client on the benefits of lmxpress and providing solutions on integrating their LAN or Campus into the corporate infrastructure;
Coordination of tasks with subcontractors, corporate and site personnel;
Design input of the corporate exchange infrastructure;
Installation, configuration & maintenance of massage stores;
Disaster recovery planning & implementation;
Management of account & information security;
Management of Domains, HR records and X.500 information with custom APIs;
Management of data synchronization between legacy systems and the corporate intranet;
Training of site system admin staff on maintenance and fundamentals of Microsoft Exchange;
Message store software installation and upgrade via SMS
Design and implementation of a Citrix thin client access solution
AAA Networks
Pre/Post Sales Systems Engineer
9/96 - 5/97
Product presentations for Cisco, Microsoft, Novell, Shiva & Compaq
Pre/Post sales technical support; Included the following
Installation and configuration of Cisco routers & switches
Installation & configuration of Novell 3.12, IntranetWare and Windows NT networks; Microsoft Exchange 5.0 and remote access service with Shiva remote LANrover and Travsoft;
Troubleshooting of network operating systems and desktop applications;
Troubleshooting and configuration of PCs and servers
Disaster Recovery, data backup with ArcserveIT and Veritas BackupExec
COMSYS
Senior NetWare Engineer
3/95 - 8/96
Desktop migration from Windows for Workgroups to Windows 95;
Migration from NetWare 3.12 to IntranetWare;
Disaster Recovery & Business Continuity Planning
Implementation of an enterprise wide backup strategy using Arcserve 6.1
Implementation of DHCP and a Checkpoint firewall between the corporate virtual private network and the Internet on a Windows NT platform
Implementation of the Citrix thin client for remote access via Windows NT 4.0;
Implementation of remote access via PCAnywhere;
Remote desktop management using PC LAN Closeup & PCAnywhere;
Implementation of the NetWare Multiple Protocol router;
Training of tier 1 & 2 helpdesk support staff;
Troubleshooting of desktop & Network operating system components;
Implementation of an enterprise virus plan with InnocuLAN
Configuration of Windows NT workstations for application developers
Configuration of cc: Mail clients ver 2.2-8.0 for desktops
Application configuration with the Novell Application Launcher
Use of ManageWise for network inventory & support
Department of Interior
Computer Systems Analyst
3/94 - 2/95 (contract)
Network specialist for a 300-plus node Novell 3.11 LAN;
Service and support of servers and workstations;
Installation of CD-ROMs and hard drives; System upgrades;
Workstation configuration; Maintenance of NetWare and e-mail servers
Troubleshooting of Workstation operating systems (Windows 3.11 & 95) and applications;
IP host address allocation and TCP/IP configuration;
Installation, configuration and troubleshooting of print queues, print servers and printers
Configuration of laptop computers for remote users
Management of server farm backup & restore
Delta Computer Systems
Network Specialist
10/91 - 2/94
Installation and configuration of NetWare LANs: Included:
Configuration and Installation of hubs and switches; Cabling and wire termination;
PC assembly; Server installation and configuration; End user support;
Troubleshooting of Network topology components;
Network administration and performance tuning;
System design and implementation
Maintenance of workstations & servers for a 100+ clients
Balfour Beatty, London UK
Assistant Project Manager
1/91 - 8/91
Supervision of temporary works construction;
Estimation and cost control of foundation construction operations;
Project planning and scheduling;
Construction surveying and setting out
EDUCATION:
Cisco Certified Network Professional
Cisco Certified Design Professional
Sun Certified System Administrator
Sun Certified Network Administrator
Microsoft Certified Systems Engineer
Certified NetWare Engineer
Master of Science; Construction Engineering; Loughborough University of Science and Technology, England;
Bachelor of Engineering; Civil Engineering with Architecture, Leeds University, England, LS2 9JT
Contact this candidate