Post Job Free
Sign in

Security Information

Location:
San Diego, CA
Posted:
October 10, 2020

Contact this candidate

Resume:

WAIS LATIF

www.linkedin.com/in/wais-latif 858-***-**** *********@*****.***

Professional Summary

Seasoned Senior Security Engineer and Enterprise Architect with more than 15 years of experience leading and executing architecture-level solutions. Extensive experience in leading multidisciplinary teams, overseeing and providing IT information security. Extensive experience working on enterprise level security architecture and remediation projects utilizing industry standard security frameworks. Continually exceeds expectations by creating valuable partnerships, working well with people at all levels of the organization, including stakeholders, team members, clients, and external partners. Skills

• Cloud Migration (AWS)

• Risk Assessment with Cybersecurity Maturity Model

• Risk Quantification using industry standard risk matrix

• Vulnerability Management (CVE, CVSS)

• Future Technology Roadmaps & Initiative Prioritization

• Systems & Software Development Lifecycles

• Proactive & Responsive Client Service

• Threat Modeling

• Security Auditing and Gap Analysis

• Security Architecture Guidance

• Governance and Compliance

• Standards & Implementation Guides

• Multi-Disciplinary Team Management & Leadership

• Resource & Personnel Allocation

• Change & Defect Management

• Excellent Verbal & Written Communication

• IT Information Security

• System Engineering and Administration

• Engineering Team & Technical Leadership

• IT Project & Business Technology Management

Work History

Security Director / Architect 05/2018 to 8/2020

Softworld – San Diego, CA

• Leading multiple teams of personnel including security professionals and multidisciplinary staff, providing technical leadership and mentorship to craft or execute technology strategies, guiding all engineering development activities or achievements by leveraging security and architectural experience.

• Reviewing application runbooks, workflows, training, logging and alerting capabilities for effectiveness and applicability as well as security plans, processes, and strategies to identify areas for improvement or updates, identifying gaps in current enterprise security guidance including creating or updating Enterprise Security Architecture Guidance in the form of Design Patterns, Standards, and Implementation Guides.

• Categorizing information system types and data and implemented appropriate security baseline controls to meet compliance and governance requirements.

• Conducting end-to-end data, business process, and system analyses to identify key business needs, issues, and gaps, leveraging providers to build solutions to improve data quality including creating diagrams and documentation with all components that comprise IT systems.

• Planning buy-vs-build by evaluating vendor products and new technologies to benefit the company through proof-of- concepts and written recommendations to ensure the right business needs are met versus the perfect technical solution.

• Analyzing IT specifications to assess security risks, utilizing Tactics, Techniques, and Procedures via MITRE ATT&CK, assessing, and recommending designs to secure networks through firewalls, password protection, and other systems.

• Assisting in generating artifacts to support evidence of security controls, generating Project of Action and Miles to identify gap and solutions to implement controls given business constraints.

• Analyzing system designs for vulnerable points of access, developing a NIST-based System Security Plan, auditing systems based on NIST 800-53 Controls, NIST Risk Matrix, Risk Management Plan and assessing false positives obtained from vulnerability reports by researching CVEs and NVDs.

• Implementing security policies to ensure HIPAA compliance while configuring and generating reports to ensure compliance, providing analytics as well as generating the Enterprise Risk Management Framework, the Information Assurance Program and Policies, and a penetration test plan consistent with OSWAP framework. Enterprise Architect 08/2017 to 03/2018

SMCI/Union Bank - Remote

• Identified and documented enterprise-level application connectivity, authentication, and authorization mechanisms, providing remediation guidance on non-compliant systems/applications to meet corporate standards.

• Assessed application systems based on SEC guidelines and generated Visio logical flow diagrams for system applications illustrating connectivity, authentication, and authorization.

• Ensured applications implemented security best practices (including encryption, reducing attack surface, and system hardening

• Worked closely with various subject matter experts to successfully identify critical security controls across the enterprise, conducting QualysGuard vulnerability scanner analyses for applications and systems.

• Collaborated with stakeholders, operational leadership, technical specialists, and internal/external customers to ensure that project scope, direction, and approach aligns vertically throughout the technology stack meeting security requirements.

Enterprise Vulnerability Management Analyst 01/2014 to 08/2017 Fiserv - Remote

• Red Team penetration testing Using Kali Linux tools to test environment or systems for vulnerabilities and misconfigurations and used Burp suite Pro to test web application misconfigurations including XSS, cookie manipulation, and input validation as well as nikto for enumeration of web server information.

• Employed dirbuster to enumerate hidden or unknown directories without causing DOS issues and conducted extensive work with QualysGuard vulnerability scanner to create custom reports and scans.

• Validated Security Exceptions Request and assisted in determining False Positives with respect to QualysGuard reports, researching CVEs and NVDs to determine modified CVSS scores.

• Implemented Metasploit to validate false positive findings while using python, bash, batch, and Perl scripting to execute payloads and using nmap and masscan to help determine proper network segmentation.

• Provided management guidance and expertise for all Trusted Advisory and Recommendations to various departments in-scope for PCI-DSS Compliance as well as actively reviewed or evaluated current PCI scope and state of compliance including PCI Compliance deadlines for all remaining Report on Compliances.

• Defined, documented, and developed an efficient, manageable approach to completing managed PCI-DSS assessments including readiness and current state assessment including review and validation of existing controls, documentation, or any potential gaps.

• Tracked and resolved difficult distributed server-related vulnerability issues, validating penetration testing and findings as a subject matter expert, and assisting in remediation process to ensure timely completion.

• Defined alternate solutions, mitigations, or workarounds to identify vulnerabilities by scanners or third-party testing, providing technical vulnerability expertise and support while participating in regular vulnerability analysis meetings and produce ongoing reports of progress.

Cyber Security Engineer 10/2012 to 01/2014

Solute Consulting – San Diego, CA

• Used eEYE Retina and Nessus for mitigating/scanning of vulnerabilities as well as employing S-CAP compliance checks to ensure seems meet baseline security standards and performing DoD 8500.2 IA control validation and document results for system stakeholders.

• Implemented Security Technical Implementation Guides on systems to reduce attack surface area, driving Certification and Accreditation package generation, review, and submission while maintaining Project Actions and Milestones as well as generating Interim Authority to Test packages for approval.

• Directed the continuous improvement of engineering staff, systems, equipment, and procedures to maintain pace with technological advancements and organizational needs while defining the technology roadmap, developing Enterprise Security Architecture Metrics and conducting technical requirements analyses.

• Oversaw and provided architectural guidance for up to 40 concurrent projects in a fast-paced environment, from ideation to solution design, development, and testing, ultimately ensuring that all standards and policies were met.

• Assessing security controls using NIST 800-53 and NIST risk matrix System Administrator 06/2012 to 10/2012

IntegrITS – San Diego, CA

• Used eEYE Retina for mitigating/scanning of vulnerabilities, remediating discovered vulnerabilities while ensuring integrity of system functionality and implementing Security Technical Implementation Guides on systems to reduce attack surface area.

• Virtualized physical machines using VMConverter and created engineering analyses of customer systems for preparation of P2V migration and ensured design did not interfere with security standards.

• Ensured the Virtual Machines security posture was at an acceptable level for the Data Center, placing VMs into ESX server, configuring Anti-Virus and Intrusion Prevention Systems, and ensuring functionality with Data Center's infrastructure.

• Worked with C&A team to obtain Authority to Operate and Memorandum for the Record for migrated systems as well as engineered new networks to support changing mission requirements, installing system and software updates to keep operating systems secure and software with the most current user data available. Information Assurance Analyst 03/2011 to 06/2012

Prevailance – Point Mugu, CA

• Ensured fire suppression technologies were maintained regularly and documented as well as ensured information ownership responsibilities were followed to include accountability, access approvals, and special handling requirements.

• Assisted in the re-accreditation process as a subject matter expert for IA accredited training devices and ensured site IA security procedures were implemented in accordance with configuration management policies and practices.

• Ensured IA compliance monitoring IAW DoDI 8500.2 series, reviewing the results of such monitoring and notifying the proper authorities of the results of the review as designated by the COR.

• Reviewed system audit logs weekly, reporting any security violations to the COR as well as ensured that all audit log records were backed up and maintained IAW DoDI 8500.2 series controls.

• Ensured that the network device program activities were carried out for the network control devices including firewalls, routers, and switches according to IAW DOD policy and organizational specific guidelines.

• Implemented government-directed technical vulnerability corrections and conducted quarterly tests for changes and updates made to the network control devices to ensure the integrity of IAW systems Configuration Management Plan.

• Ensuring data integrity and protection for data in motion and data in at rest. Education and Certification

• ISC2 Certified Information Systems Security Professional

(CISSP)

• AWS Certified Solutions Architect Associate

• CompTIA Security +

• Miramar Community College – Associates Degree in Mathematics

• CompTIA Network+



Contact this candidate