Vulnerability Management Security Clearance
Resume:
CEH Version *, COMPTIA Security CE +
OVERVIEW
Solutions oriented professional with strong expertise in designing and delivering Cybersecurity solutions in support of Enterprise Network operations, Risk Management, Patch and Vulnerability Management, Change Management for mission Critical and High Availability Systems.
Skilled in installing, securing and optimizing (IS) resources – Linux/Solaris, System Security, Virtual File-systems, Data Backup and Restore.
SECURITY CLEARANCE:
Level: Top Secret Clearance
Granting Agency: DOD
DOD Certificates:
G-3 Computer Security Training, Auditing Logs for IA Managers, Cyber Protect Network Defense Course, Privileged User IA Responsibilities Course, IA Roles and Responsibilities Virtual Training Course, Personally Identifiable Information (PII) Course, NSS PKI Trusted Agent Training Course, Public Key Infrastructure, Zero Day Attacks and Prevention Virtual Training, Retina Scanner Virtual Training, NESSUS Vulnerability Scanner Course, IA Vulnerability Management Virtual Training & Domain Name System (DNS) Advance Course.
SUMMARY OF SKILLS:
Scanning Tools: Retina, ACAS Nessus Vulnerability scanner.
Security Skills: Vulnerability Assessment, Patch Management and Risk Mitigation.
Operating Systems: ORACLE Solaris 2.6 - 11, Red Hat Enterprise Linux 5/6, Oracle Linux 5/6, Oracle 7-10 Server, Symantec Netbackup Ver 7.0, PLATINUM Autosys 3.4 for UNIX. EMC Legato Networker 6.x, 7.x., VERITAS Storage Foundation 5.0, VERITAS Cluster Server for UNIX, EMC Power Path for UNIX.
Hardware: Oracle SPARC T - Series, Oracle SPARC M - Series, EMC Celera File Server, EMC Symmetrix & DMX Storage, SUN Fire F15K/20/25, SUN Blade 6000 Chassis, Fujitsu High End Servers, VMware Infrastructure Technologies & NetApp Storage.
Applications: Oracle Metasolv MSS6.3.1, Oracle Network Integrity NI7.3.5 & Oracle Unified Inventory Management UIM7.3.5
TRAINING:
FedVTE
CompTIA Advanced Security Practitioner [CASP] July 2022
Verizon Telecom Workforce
Completed Certified Ethical Hackers Curriculum [CEH] Jan 2012
Verizon Telecom Workforce
Completed in-depth CISSP Curriculum Nov 2011
SUN Solaris 8 TCP/IP Network Administration April 2004
Computer Operations (Diploma) April 1989
University of the District of Columbia
Urban Design (B.Sc) May 1983
WORK EXPERIENCE
Leidos
DOD – DISA
Fort Meade, MD
Linux Engineer May 2023 - Present
Document existing server and storage configuration, requirements and overall architecture.
Develop questionnaires for numerous types of server-based applications based on Linux operating systems deployed on various virtualization platform.
Gather needed data to forecast long-term capacity and migration requirements.
Peraton
US State Department
Beltsville, MD
Cyber Tools Engineer Feb 2023 - Mar 2023
Conducted security assessments and audits to evaluate the effectiveness of existing security measures and recommend improvements.
Collaborated with IT teams to integrate security measures into the development and maintenance of software applications and systems.
Conducted security assessments and audits to evaluate the effectiveness of existing security measures and recommend improvements.
Responsible for identifying vulnerabilities in systems and networks, and develop strategies to mitigate those vulnerabilities.
Notified the responsible IT Security Officer (ITSO) of security incidents in a timely manner and assist in the investigation as per guidelines.
Bylight
DOD – DISA
Fort Meade, MD
Sr Linux Administrator Feb 2020 - Oct 2022
Performed overall system administration duties, vulnerabilities assessment for a mixed growing environment of Red Hat 5 & 6.
Responsible for granting UNIX access to cleared users, sudo permissions; ensure integrity and protection of customer’s data.
Monitored and patched both classified and unclassified Redhat Servers based on ACAS findings.
Installed and configured Oracle MetaSolv “MSS” on the Oracle WebLogic application servers.
Installed and configured Oracle Network Integrity “NI” on the Oracle WebLogic application servers.
Installed and configured Oracle Unified Inventory Management “UIM” on the Oracle WebLogic application servers.
Applied working knowledge of DISA Security Technical Information Guides (STIG) and guidelines for UNIX servers and web servers.
Identified enhancements and improvements to the NCCM-R systems and/or testing processes to improve efficiency and overall data integrity of the program.
Notified the responsible IT Security Officer (ITSO) of security incidents in a timely manner and assist in the investigation as per guidelines.
Participated in risk assessments; periodically re-evaluate sensitivity of the system, risks and mitigation strategies.
Supervised Information Assurance personnel to ensure security architecture, design, and implementation are in accordance with DISA regulations.
Directviz
DOD - DISA
Fort Meade, MD
Sr Information Assurance Security Specialist Dec 2016 - Feb 2020
Assisted in the development of system security plans and contingency plans for NCCM-R Lab.
Notified the responsible IT Security Officer (ITSO) of security incidents in a timely manner and assist in the investigation as per guidelines.
Collaborated with the Cyber Security (IA) team on risk mitigation, mitigated SCAP findings and program granted Authorization to Operate (ATO) for the cycle.
Participated in risk assessments; periodically re-evaluate sensitivity of the system, risks and mitigation strategies.
Identified enhancements and improvements to the NCCM-R systems and/or testing processes to improve efficiency and overall data integrity of NCCM-R program.
Supervised Information Assurance personnel to ensure security architecture, design, and implementation in accordance with DISA regulations.
Performed overall system administration duties, vulnerabilities assessment for a mixed growing environment of Red Hat 5 & 6.
Responsible for granting UNIX access to cleared users, sudo permissions; ensure integrity and protection of customer’s data.
Applied security patches to systems and software required by both DISA and JTFGNO.
Applied working knowledge of DISA Security Technical Information Guides (STIG) and guidelines for UNIX servers and web servers.
Updated standard procedures (SOP’s) and documented processes to ensure systems configuration standards.
Developed, implemented and enforced Information Security Policies and Procedures.
Ensured proper corrective measures when an incident or vulnerability has been discovered.
Suprtek
DOD - DISA
Fort Meade, MD
Sr Linux Administrator May 2016 - Nov 2016
Responsible for granting UNIX access to cleared users, sudo permissions; ensure integrity and protection of customer’s data.
Notified the responsible IT Security Officer (ITSO) of security incidents in a timely manner and assist in the investigation as per guidelines.
Participated in risk assessments; periodically re-evaluate sensitivity of the system, risks and mitigation strategies.
Identified enhancements and improvements to the JIMS’s systems and/or testing processes to improve efficiency and overall data integrity of JIMS’s program.
Supported Information Assurance personnel to ensure security architecture, design, and implementation in accordance with DISA regulations.
Performed overall system administration duties, vulnerabilities assessment for a mixed growing environment of Red Hat 6 and Windows Server 2012.
Applied working knowledge of DISA Security Technical Information Guides (STIG) and guidelines for UNIX servers and web servers.
Configured and managed virtual machines (VM’s) hosted on VMware ESXi v6.x Hypervisor in a clustered environment.
Digital Management, Inc (DMI/ESM)
DOD - DISA
Fort Meade, MD
Sr UNIX Administrator May 2015 - May 2016
Performed overall system administration duties, vulnerabilities assessment for a mixed and growing environment of Red Hat 6 and Oracle Solaris 10/11.
Assisted in the development of system security plans and contingency plans for the lab.
Notified the responsible IT Security Officer (ITSO) of security incidents in a timely manner and assist in the investigation as per guidelines.
Participated in risk assessments; periodically re-evaluate sensitivity of the system, risks and mitigation strategies.
Identified security requirement to an IT system in all phases of the System Life Cycle.
Identified enhancements and improvements to the OSS systems and/or testing processes to improve efficiency and overall data integrity of the OSS.
Applied security patches to systems and software required by both DISA and JTFGNO.
Applied working knowledge of DISA Security Technical Information Guides (STIG) and guidelines for UNIX servers.
Responsible for granting UNIX access to cleared users, sudo permissions; ensure integrity and protection of customer’s data.
Lockheed Martins/Apex Systems
DOD – DMA
Fort Meade, MD
Sr System Administrator Nov 2014 – April 2015
Performed overall system administration duties, vulnerabilities assessment for a mixed and growing environment of Oracle Solaris 10/11, Windows and Red Hat Enterprise Linux 5.
Applied security patches to systems and software required by both DISA and JTFGNO.
Applied working knowledge of DISA Security Technical Information Guides (STIG) and guidelines for Windows/Unix servers, databases, and web servers.
Developed strategies to manage the frequency of appropriate support package/patch applications.
Responsible for granting UNIX access to cleared users, sudo permissions; ensure integrity and protection of customer’ s data.
Maintained super user accounts for DIMOC systems and applications on Keypass Database.
Ensured data backups are performed and tested according to policy and procedures.
Coordinated local and remote DIMOC support staff to maintain maximum up time for enterprise system and resources.
Provided support for the Defense Asset Management System (DAMS) servers during business hours and on-call rotation.
Provided Microsoft Windows Operating Systems (Servers & Workstation 2008 R2 SP1, 2003 SP2) administration including user creation, third party software installations, security updates and general troubleshooting.
Monitored and managed compartmentalized environments for customer - development, test and production.
Deloitte/IBM/Teksystems
Alexandria, VA
Lead UNIX System Administrator Feb 2012 - Feb 2014
Site PKI-E Server Administrator responsible for processing Certificate Authority certs request.
Worked closely with Service Level Manager (SLM) to ensure timely completion and delivery of approved projects to the customers - engineering, storage allocation, post-installation and quality assurance.
Assigned BMC REMEDY Incident or Change request to system administrators based on availability, workload and individual skill set.
Maintained Remedy database for users to communicate with the service desk in order to provide real-time technical assistance, information to promote customer awareness, and customer driven problem resolution.
Conducted peer-reviews to ensure newly built systems meet documented user requirements.
Performed overall system administration duties, vulnerabilities assessment for a mixed and growing environment of SUN Solaris 10 and Red Hat Enterprise Linux 5.6.
Responsible for granting UNIX access to cleared users, sudo permissions; ensure integrity and protection of customer’s data.
Routinely configured Linux LVM storage server, created file-systems; add storage as per application requirements.
Worked directly with customers and engineering group to review requirements and baseline specification.
Responsible for implementing security configuration standard on newly built systems – DISA STIGS & UNIX SRR’s.
Ensured system baselines are configured and updated to meet IA standards for compliance.
Conducted DIACAP Knowledge Service and the IA control validation procedures.
Closely worked with VMware Administrators to avoid over-consolidation during hardware refresh and elimination of physical servers.
Frequently installed Web logic, J2EE, MySQL client packages on Clustered Web servers for the application team.
Attended weekly technical forum to discuss the program’s technical requirement and project timelines – Application/Network/Management and Information Assurance.
Managed, troubleshoot and provide corrective actions for approximately [200] LVM’s and physical servers across the enclave.
Installed Symantec Netbackup client on new servers, updated necessary configuration files
Worked with Backup & Recovery Team to troubleshoot client and Master/Media server connectivity, backup failures and other related issues.
VERIZON COMMUNICATIONS
Aberdeen, MD
Sr UNIX Administrator Jan 2000 - Feb 2012
Supported the Program Manager and collaborate with customers to resolve operational system issues and ensure smooth business operations.
Performed general system administration duties, patch management and vulnerabilities assessment of various SUN Enterprise and Fujitsu servers.
Supported Break/Fix activities to maximize system availability.
Configured RSA SecureID PAM Agent on high risk security jump host and centralized management servers.
Upgraded Symantec Netbackup client on servers and updated configuration files.
Provided Disaster Recovery (DR) and Continuity of Operations (COOP) support for SAP applications.
Reviewed logs to determine cause of failures, connectivity to master server; disabled drive and trouble shoot with statuscode command when applicable.
Configured newly provisioned LUNS and create new Disk Groups or expand file-systems as per application request.
Regularly performed EMC BCV operations on hosts running Oracle instances or database.
Performed backups, data migration, user error recovery, enabled and maintained archive log with EMC Networker tools on approximately [150] servers.
Liaison for SOX compliance by stakeholders and periodic third party auditing within SAP R/3 Landscape.
Conducted security assessments to ensure adherence to security policy, procedures and industry standards.
Performed OS Security auditing and vulnerability analysis for various platforms such as Microsoft, Solaris, and Linux.
Performed organizational functions to track IT-related business assets throughout their life cycle (procurement/use/disposal).
MCI Telecom
Rockville, MD
SAP Production Support Aug 1998 - Jan 2000
Responsible for monitoring and managing the entire landscape with BMC Patrol for UNIX.
Verified database security, monitoring, system reboot and user maintenance on SUN and FUJITSU servers.
Identified and prioritized operational requirements for systems, support, maintenance and operational training requirements.
Analyzed complex system standards, thresholds and recommendations to maximize system performance.
Provided training to various new employees and assisted with expert knowledge on production processes.
Provided multi-platform security management with Enterprise Security Manager (ESM) software consistent with predefined corporate security policies.
Co-ordinated Configuration Control Board (CCB) projects by documenting SAP R/3 hardware and software requirements.
ONECALL SOLUTIONS
Hyattsville, MD 20774
Infrastructure Consultant Jan 1993 – July 1998
Provided technical leadership to both internal and external personnel on highly complex system installation processes.
Designed business/technology solutions, identified alternatives, developed prototypes, ensured solution integrity, and mitigate client risk.
Performed capacity planning, trend analysis and execute test plans for implementation.
Analyzed highly complex system standards, thresholds and recommendation to maximize system performance.
Responsible for the investigation, analysis, remediation, and root cause of various logical security incidents; including intrusion, detection alerts and virus outbreaks.
Delivered prompt and professional response to user requests and resolution of incident tickets.
Compiled metrics and production reports that track data, incident management and problem management performance.
Reference upon request
Contact this candidate