Post Job Free
Sign in

Information Security Engineer

Location:
Riverview, FL
Posted:
March 22, 2021

Contact this candidate

Resume:

RICHARD MCFARLANE

Professional Summary

Meticulous Lead Security Professional who has designed, built, implemented, and administered security, storage, server, and network infrastructure over the past ten (10) years providing superior solutions. Successfully applied many access control and auditing systems to prevent unauthorized activities and provide accountability of users' resource usage. Implemented stellar intrusion prevention, antivirus, and vulnerability management systems. Achieved resounding disaster recovery and business continuity solutions to withstand unforeseen compromises. Developed practical knowledge from attending Prince Georges Community College, Strayer University, and George Washington University in securing network infrastructure, policy and compliance management, IT project management, and information systems administration and security. Possess the highly regarded ISACA Certified Information Security Manager (CISM), (ISC)2 Systems Security Certified Practitioner (SSCP) and Certified Information Systems Security Professional (CISSP) certifications. Possess excellent interpersonal skills, insightful system analysis, vast technical knowledge, and practical solutions development. Enjoy working in a team to share strategies and skills to accomplish goals. Thrive in high-pressure situations and quickly changing environments that require focused decision-making.

Platform: AWS, Azure, Windows XP/Vista/7/8, Mac OS X, Windows Server 2008/2012/2016/2019, Linux (RedHat 5/6/7/8), Cisco switch/router IOS 12.6 and newer, Cisco ASA firewall iOS 7.x and newer, FirePower iOS 5.x and newer

Hardware: Printers, Servers, Routers, Switches, Firewalls, Computers, Access Points, IP telephones, mobile devices, Storage devices, among others

Software: MS Office Suit, MS Projects, Cisco ISE, SolarWinds, MS Azure, Windows PowerShell, Oracle, Qualys, Nessus Tenable, VMware Workstation and vSphere, RemedyForce, ServiceNow, SAP

Security Technology: McAfee ePolicy Orchestrator (ePO), McAfee VirusScan Enterprise, Symantec DLP, Cisco AnyConnect/Stealthwatch/FirePower, Checkpoint Endpoint Security, Qualys, Symantec Protection Suite Enterprise Edition, Nessus Tenable

Certifications: ISACA CISM, (ISC)2 CISSP, (ISC)2 SSCP, PMI PMP, PMI_RMP, and NetApp Certified Data Administrator (NCDA)

Setup /Configure/Maintain Cisco FirePower/Stealthwatch/ASA Firewalls.

Setup/Configure/Maintain Symantec Endpoint Protection.

Experience in Windows Server and Linux installations, testing, and troubleshooting from OS 2003 to 2016 and RedHat 5/6/7/8.

Successfully implement and manage cloud security services in AWS and Azure to protect outsource services.

Proficient in developing policies, standards, and procedures for internal and external (PCI, ISO 27001, NIST, FOCI, DSS, DOD’s CMMC) compliances.

Skilled at troubleshooting network and security appliances’ availability, connectivity, and performance issues.

Deployment, administration, and maintenance experience in Windows and Apple OS (PCs, laptops, tablets, and phones).

Skills

Work History

Lead - Senior Information Security Engineer (06/2017 to Current) (Full-Time)

Johnson Controls Federal Systems – Remote (Tampa, FL)

Lead a team of Cisco MSSP engineers and a junior engineer to monitor and respond to security incidents.

Review information security controls to ensure maintenance of CMMC, DFARS, PCI, ITAR, CUI, ECP, and NIST 800-53 compliance and develop supporting policies, standards, guidelines and procedures.

Manage AWS cloud security services such as CloudTrail, CloudWatch, AWS WAF, CloudFront, CloudFormation, among others.

Install, maintain and monitor Cisco FirePOWER (formerly Sourcefire Defense Center/Snort) Intrusion Detection Systems (IDS) to catch emerging threats within the network.

Install, maintain and monitor Cisco ASA firewalls to secure network parameters, implement client and site to site VPN, and safeguard against intrusion using IPS Sourcefire modules

Install, manage and monitor Cisco Stealthwatch to provide cognitive and encryption analysis and response.

Configure and manage Symantec Endpoint Protection to resolve malware infections while following computer incident response procedures.

Configure and manage Symantec Data Loss Prevention to secure against data leakage or misuse.

Organized and completed a 500 GB Splunk deployment, including Enterprise Security for SIEM.

Oversee the development, management, and implementation of the security awareness training program.

Conduct internal and external vulnerability assessments using Qualys. Verify results and work with business owners to manage vulnerabilities identified during assessments to meet CUI, ECP, NIST 800-53 and IOS 27001 requirements.

Configure and manage Microsoft security services such as E3 and E5 Intunes, Information Protection and ATA

Monitor change requests to ensure proper security updates, patches and preventative measures are in place.

System Security Engineer (05/2015 to 06/2017) (Full-Time)

NIH\NIAID (CSRA Inc. -Contractor) – Rockville, MD

Lead and complete projects to design and implement data ownership tracking, auditing solutions, and incident response techniques to accurately distribute infrastructure cost, provide accountability, and respond to data compromise.

Design and deploy auditing systems using applications and tools such as Stealthbits, Varonis, Event logs, and NetApp OnCommand software.

Create, manage, and monitor permissions by distributing Active Directory groups and users accounts across storage resources.

Simplify backup solution by providing DDN and Infinidat LUNs to cache backups before pushing to tape.

Configure/manage Snap Drive, Snap Manager for Virtual Infrastructure, Volume Snapmirror, Qtree and LUN management, Flex Clone, Deduplication, Aggregate, Compression, storage planning, data management, implement best practices and testing environment.

Develop and implement complex SAN networks using Brocade FibreChannel switches.

Troubleshoot enterprise performance issues (collecting Core Dump and Perfstats) on the NetApp filers providing storage to Windows, Linux and Unix Servers.

Successful installation, testing, and migration of NetApp systems (7 mode and Cdot OnTap 8.0 – 9).

Provision, monitor, and regulate SAN and NAS infrastructure with data accumulating to more than 6 Petabytes.

Configure disaster recovery sites to maximize uptime and resilience.

Technical Support Specialist (11/2013 to 05/2015) (Full-Time)

NIH\NIAID (CSRA Inc. -Contractor) – Rockville, MD

Manage and monitor security of user devices by using Checkpoint Endpoint Security to encrypt data-at-rest, Cisco AnyConnect to provide VPN access, and McAfee ePolicy Orchestrator (ePO) to deploy policies and VirusScan Enterprise for virus protection.

Image computer using SCCM to ensure all devices are compliant with the security policy.

Sanitize computer disks to eliminate the risk of data leakage using degauss, crush, or Darik's Boot and Nuke (DBAN) wipe method.

Deploy, configure, and decommission Windows and Apple computers, communications devices, and peripheral equipment.

Install and troubleshoot Microsoft and Macintosh applications, peripheral device drivers, and enterprise-wide standard features.

Assess and document various sites' computer configurations and user requirements to satisfy scientists, engineers, and managers.

Analyze device procurement and prepare specifications for hardware acquisition.

Create computer deployment procedures that have successfully increased user satisfaction.

IT Administrator (03/2010 to 11/2013) (Full-Time)

MRC Behavioral Health Services – Takoma Park, MD

Configure and maintain the operations of the clinic's Windows Servers (2008R2) by using the Administrative Tools.

Implement various security measures, such as antivirus, intrusion detection/intrusion prevention systems, and OS security logs, to comply with the HIPAA law.

Manage access to the share servers holding patients’ data and design virtual private network (VPN) connection between remote sites to provide secure data transfer.

Maintain connectivity between the psychotherapists' computers and patient data servers.

Install and configure Cisco switches to provide reliable, efficient network connection.

Increase optimum performance of the network 85% through these duties.

Education

Doctor of Science: Cybersecurity Current

Capitol Technical University – Laurel, MD

Master of Engineering: Cybersecurity, Policy and Compliance 2018

George Washington University – Washington, DC

Bachelor of Science: Information Systems Concentration in IT Project Management 2016

Strayer University - Takoma Park, MD

Graduated Magna Cum Laude

Associate of Applied Science: Information Security 2013

Prince Georges Community College - Largo, MD

Graduated High Honors

Certifications

ISACA Certified Information Security Manager (CISM)

(ISC)2 Systems Security Certified Practitioner (SSCP)

(ISC)2 Certified Information Systems Security Professional (CISSP)

PMI Project Management Professional (PMP)

PMI – Rick Management Professional (PMI-RMP)

NetApp Certified Data Administrator (NCDA)

11035 Sage Canyon Drive, Riverview FL 33578 (C) 301-***-**** *****************@*******.***



Contact this candidate