Post Job Free

Resume

Sign in

Security Manager

Location:
Stamford, CT
Posted:
January 22, 2021

Contact this candidate

Resume:

KENNETH JAY COHEN

Cyber Security Cop. I keep the good guys in and the bad guys out.

I save companies money by protecting them from computer hackers.

P.O. Box 4233 ● Stamford, CT 06907 · 203-***-**** · email: adjml1@r.postjobfree.com

www.linkedin.com/in/kjcohen · www.ITSecurityEngineer.blogspot.com · @KJCohen

PROFESSIONAL SUMMARY

I save companies money using these and other skills

Security management, establishment of firewalls, and disaster recovery.

Experience in systems and network administration and programming.

Design, development, security, and maintenance of large-scale e-commerce, infrastructure, networks, and data systems.

Determining the root cause analysis of problems and providing troubleshooting support for resolution of technical problems.

Managing the entire spectrum of network administration tasks in UNIX, Linux, and Solaris environments.

Articulate communication, working both independently as well as collaboratively in a team environment.

TECHNICAL SKILLS

Networks: IP (Internet, Intranets), IPX, SNA.

Protocols: IP, TCP, UDP, OSPF, RIP, SPX, DHCP, IPX, NFS, HTTP, SSL, PPP, PPTP,

PAP, SMTP, POP3, SSL, Ethernet, HTML, ARP, SMTP, SNA, SSH, BGP, PKI Technology.

Operating Systems: CISCO IOS, UNIX (LINUX (Red Hat, Mandrake, Susie, Slackware), Solaris, AIX, Nokia IOS, Windows Servers, Z/VM.

Circuits: DSL, T-1, bundled T-1’s, T-3, OC-3, Dial-up.

Firewalls: Fortinet, Checkpoint (Nokia and Solaris), Cisco PIX, Novell Border Manager, Raptor, Gauntlet, IPC, SonicWall.

Applications: MAC OS, iPhone IOS, Windows, Exchange, BIND, Sendmail, Qmail, JSP, TCPDump, Sniffer, Traceroute, Ping, Nslookup, Tripwire, Secure, Telnet, SFTP, FTP, TFTP, IIS, Microsoft Office, Active Directory (Forest RBAC), SonicWall, Sendmail, Dirmaint, IBM Tape Library Management and Catalog System.

Regulations: HIPAA, PCI DSS, SOX and DICAP.

PROFESSIONAL EXPERIENCE

Independent Consultant, Stamford, CT – March 2020 – Present

Configuring, installing and maintaining SonicWall Next Generation Firewalls for small business.

Planning, installing and configuring Wi-Fi networks for residential usage.

Upgrading workstations for small business and home usage.

Project Planning, installing, configuring and maintaining Windows & Centos servers.

Network Security Specialist, Showtime (Division of Viacom-CBS), New York – Oct. 2014 – Feb. 2020

Responsible for the network security for the Showtime Broadcast Operations Center in Hauppauge, New York.

Installed Nessus security center to perform automatic weekly scans of network equipment to determine vulnerabilities and devised remediation plans.

Dealt with all the internal and external audit requests, collecting data, coordinating all the information that’s required.

Kept abreast of all security patches and made sure that they were all implemented.

Coordinated with Viacom-CBS corporate security staff for implantation of policies.

Filed security exceptions for equipment that cannot be patched.

Worked with the broadcast operations staff in documenting in data destruction policies.

Complied with Viacom-CBS corporate broadcast center and implemented policies and procedures and documented them.

Senior IT Security Analyst, Fidelity Information Services, New York – Sep. 2011 – Oct. 2014

Selected as one of three in the security division identified as critical to the recovery of business operations by GETS/WPS.

Responded to external client audits.

Modified business continuity plan to comply with corporate requirements.

Wrote security procedures, standards, and policy to comply with corporate and industry requirements.

Maintaining disaster recovery plan, including continuity document procedures.

Performing annual penetration tests, reviewing results and putting together a plan for remediation procedures to resolve vulnerabilities.

Project plan leader to upgrade RSA MFA system.

Creating, allocating, deleting, and modifying users in Microsoft Active Directory including the assignment of RSA tokens.

Independent Consultant, Stamford, CT – Aug. 2010 to Sep. 2011

Various Clients

Planning, installation and maintenance of Windows Servers Active Directory Forest, Exchange 2010, RBAC models, and SUS LINUX 11.3 running Bind 9.7.

Managed TCP/IPWAN/LAN clients that entailed providing recommendations on network planning and design.

Designed DMZ environment with selection of hardware (firewall, routers, switches) and software (operating systems, applications) and defining initial and ongoing security policies for e-commerce.

Senior Security Engineer, Consultant for Open Sky at Aetna, Hartford, CT – Jun. 2009 – Jul. 2010

Evaluation and documentation for proof of concept for intrusion detection system for HIPAA, PCI DSS, and DICAP compliance.

IT Security Representative for the affiliate approval process to ensure that when Aetna conducts business with vendors, customers, off-shore offices, and third parties its data is protected per regulation compliance. Modify bluecoat proxy to provide access to requested URL’s. Provided technical troubleshooting assistance for connection issues.

Primary Handler to inquiries into the IT Security Mailbox. Responded to all security issues sent into mailbox and referred questions not being able to handle to third parties. For example, how to send HIPAA data to a third party in a secure manner.

Released e-mail from IRON mail due to DLP settings after verifying that Privacy and Compliance will assume the risk for providing outside party with access to information.

Approved Firewall rules for submission to Firewall Implementation Group.

Reviewed website for overriding of Web Blocker due to business requirements.

IT Security (Full-time employee), Emigrant Bank, Elmsford, NY – Mar. 2007 to Mar. 2009

Firewall installation, web to content, e-mail filtering with Fortinet.

Installation and configuration of Fortinet firewall.

Penetration testing with Nessus Security Center.

Z/VM Senior Systems programmer.

Capturing logs for consolidation with Cisco MARS.

Domain names services with BIND.

Independent Consultant, Stamford, CT – Aug. 2003 to Feb. 2007

Various Clients

Project Manager responsible for the time frame of implementation and coordination with other departments for the installation of third-party vendors to corporate DMZ environment.

Designed and wrote test plan including security, implementation and coordination with other department for connection of external clients to a multi-tier DMZ environment.

Designed solutions for disaster recovery site.

Worked on NT System Administration to connect medium/large offices to the Internet, system upgrades, backups and recovery, and system application.

Provided technical expertise in development and configuration of Sun Solaris/Windows boxes and support to client.

Responsible for engineering and maintaining UNIX based systems and developed maintenance cycles of the UNIX environment.

Major Clients

Consultant, Senior Security Network Systems at Comerica Bank, Auburn Hills, MI – Aug. 2006 to Feb. 2007

Architected, installed, tested and troubleshot connecting third parties to corporate DMZ structure using Checkpoint Firewalls.

Installed and configured Tripwire software to comply with financial audit regulations.

Consultant, Computer Systems Manager at Financial Information Services Agency (FISA), New York, NY – Nov. 2005 to Jan. 2006

Developed and maintained the virtual help desk for Checkpoint firewalls for the major user interface for the infrastructure group.

Responsible for UNIX server configurations changes and building documents.

Responsible for detecting and notifying the appropriate IT operations group on vulnerabilities within their systems and security alerts, and provide recommendations on mitigating or removing the vulnerabilities.

Consultant, Senior Security/Systems Operation at Center Morgan Stanley, New York, NY – Aug. 2004 to Oct. 2005

Communicated proactively during outages and led the team to discover the root cause of outages, implementing required changes and communicated changes to the constituencies.

Assisted in the completion of security projects using the specialized expertise and discipline of information security management methodologies and templates for projects.

Worked with LAN/WAN Cisco technology including BGP, EIGRP, and OSPF.

Developed, implemented and maintained application security processes, and security testing process and methodologies for the financial and brokerage industry.

Reviewed firewall, router, IDS (Intrusion Detection Systems), anti-virus, and system logs and investigated anomalies as needed.

Provided Helpdesk support for firewalls, Checkpoint on Unix Platform.

Worked with engineering staff on implementation of security solutions for existing and new networking firewall (Cisco PIX), routers, switches, and configuration services.

Contacted and worked with vendors in response to hardware failures.

Security/System Administrator at Gartner Inc., Trumbull, CT – May 2001 to Jun. 2003

As a Project Manager, coordinated outside network scans to validate the security of Gartner’s network with e-mail, network sniffing, and load balancing and performed forensics and detailed investigations.

Designed redundancy network infrastructure for e-commerce website to allow the site to function in the event of loss of one site.

Upgraded and maintained Checkpoint Firewalls 4.1,2000 and NG under Nokia Platform.

Led Gartner projects for a comprehensive risk assessment and analysis of their infrastructure and identified tactical items to assist in their security and privacy endeavors.

Provided disaster recovery solutions for server hardware and infrastructure.

Designed and implemented LAN/WAN network topology, equipment, connectivity, and delivery.

Installed, upgraded, troubleshot, and configured CISCO switches for worldwide network.

Monitored the performance and provided troubleshooting support for WAN connections including interfacing with vendors to resolve telecommunication issues.

Implemented network-based IDS system.

Developed policies, procedures, and processes for notification and escalation of alerts.

Maintained DHCP servers and allocated static IP addresses when needed.

Monitored CERT advisories and tracked modifications to servers across departments.

Performed risk security architecture reviews for the security policies.

Senior Web Infrastructure Project Manager/Security Administrator at Avon Products Inc., Rye, NY – Apr. 1998 to May 2001

Complete design, installation and implementation of Avon’s website, including

Connection to the Internet with T-3 and T-1 circuits

Checkpoint firewalls under Solaris for e-commerce structure

VPN access for 10,000 global representatives

Security architecture reviews, security policy procedures for access between the Internet, servers located in the DMZ, and mainframe

Nanny blocker for 100,000 users

Relocation of avon.com from external ISP to Avon’s data center in Rye, NY

Implementation of network-based IDS systems procedure for notification and escalation of alerts

Developing worldwide Internet standards to connect Avon to the Internet, using four points of access around the world. The access points improved Avon’s global network performance to regional points instead of a single access point located in Rye, NY.

EDUCATION

BS, General Engineering/Computer Science, Northeastern University, Boston, MA

Minor: Economics.

REFERENCES

Available on request. Recommendations are posted on my LinkedIn profile.



Contact this candidate