Post Job Free

Resume

Sign in

Transportation Security Officer

Location:
Pompano Beach, FL
Posted:
April 27, 2023

Contact this candidate

Resume:

Markus Shelton

***** Edsall Street Upper Marlboro, MD 20772

• Cell 202-***-**** • adwr1o@r.postjobfree.com

EXPERIENCE SUMMARY

Markus has over twenty-five years of experience in the design, deployment, testing, and operations of large-scale integrated cyber security systems. Mr. Shelton has a diverse background that includes data center security operations, leadership, security architecture, and operations of global IT, security, compliance, and risk management solutions. Markus has served as Cyber Security Practice Lead, Security Lead, Security Tower Lead, Security Intelligence Analyst, Information Systems Security Officer (ISSO), Technical Team Lead, and Subject Matter Expert for service providers and consulting firms’ cyber security projects. Markus has experience working with Splunk, ArcSight, IBM Q Radar, Cisco Firesight Management Center, Tripwire, Nessus Tenable, Tenable Security Center and PVS, McAfee ePolicy Orchestrator, Palo Alto Networks, Cisco ASA and VM Ware ESXi.. Presently, Mr. Shelton serves as an independent information security consultant supporting Defy Security and Equifax.

OBJECTIVE

To obtain a position in the area of cyber security that will afford me the opportunity to introduce creative energy and fully utilize my relevant education, training, certifications, and experience.

EDUCATION

University of Maryland at College Park--B.S. Electrical Engineering, Data Communications, May 1997 College Park, MD

The Johns Hopkins University--M.S. Computer Science, Networking and Telecommunications, December 2005 Baltimore, MD Loyola University Maryland--MBA, Management Information Systems, May 2002 Baltimore, MD

Walden University--Ph.D. Applied Management and Decision Science, August 2013 Minneapolis, MN

CERTIFICATIONS

Splunk Splunk Certified User 6.x, December 2017

Splunk Splunk Certified Power User 6.x, August 2018

Splunk Splunk Certified Enterprise Admin, August 2018

Splunk Splunk Enterprise Certified Architect, November 2020

Splunk Splunk Enterprise Security Certified Admin, July 2021

(ISC)2 Certified Information Systems Security Professional (CISSP), April 2012 (Active)

ISACA Certified Information Security Manager (CISM), July 2018 (Active)

ISACA Certified Information Systems Auditor (CISA), October 2018 (Active)

EC-Council Certified Ethical Hacker C EH, July 2017 (Active)

HP/ArcSight ArcSight Certified Security Analyst (ACSA), April 2009

HP/ArcSight ArcSight Certified Integrator/Administrator (ACIA), December 2008

CompTIA Security+ CompTIA, November 2011 (Active)

Carnegie Mellon SEI DISA HBSS Advanced Analyst (501), May 2018

McAfee/Secure Computing Sidewinder Firewall System Administration, June 2008

McAfee/Secure Computing Sidewinder Firewall Advanced Administration, June 2008

Palo Alto Networks Firewall 7.1: Configure Extended Features (EDU-105)

Palo Alto Networks Firewall 7.1: Install, Configure, and Manage (EDU-101)

Villanova University Applied Project Management, July 2002

VMWare VMWare vSphere Install Configure Manage v4.1

CLEARANCES

Department of Defense (DoD) Top Secret/Secret Compartmental Information (TS/SCI) CI Polygraph (Active)

Department of Homeland Security Clearance--Eligibility of Determination (EOD) 2012

Treasury Department Minimum Background Investigation (MBI)—2002

EXPERIENCE

October 2022- Present Defy Security/Equifax Atlanta, GA

Splunk SME

Assist the organization with the migration of the SIEM platform from Splunk to Devo.

Perform content validation by comparing use cases, reports, and threat hunts in Splunk to those in the Devo SIEM.

Update the Content Migration Tracker spreadsheet with the findings from content validation.

Ensure that all data sources are successfully ingested in both Splunk and Devo SIEMs.

Ensure that all data is parsed correctly.

Ensure that all report data is populated correctly in both Splunk and Devo.

Ensure that the aggregation functionality in Devo is working like Splunk’s throttling capabilities.

April 2022- October 2022 National Institute of Health (NIH) Bethesda, MD

Splunk Content Development SME

Develop, test, and implement out-of-the-box and custom NIH use cases. Develop associated Knowledge Bulletins (KBs) and incident response procedures for each use case.

Review each closed incident to ensure accurate closure codes, complete comments, and to identify tuning opportunities.

Review each false positive and benign positive incident to identify and implement updates that tune the correlation search to prevent future false positive and benign positive incidents.

Improved risk base alerting strategy. Identified new risk based alerting risk factors. Implemented new risk scores in Splunk.

Assist with the development of Splunk SOAR playbooks.

Develop and deliver presentations to senior level management to provide SIEM content development and SOAR implementation progress updates and the plan forward.

Develop and lead Splunk Brown Bag Sessions to train Tier 1 and Tier 2 security analysts on Splunk SPL.

Updated all enabled correlation searches with MITRE enrichment scripts and IP/Hostname enrichment scripts.

Updated Splunk autoblocking script. Deployed autoblocking functionality to additional correlation searches.

February 2021- April 2022 Essential Utilities Bryn Mawr, PA

Splunk Subject Matter Expert

Performed day-to-day administration of a Splunk SIEM system made up of Search Heads, Clustered Indexers, Cluster Master, Heavy and Universal Forwarders, Distributed Monitoring Console, Deployment Server, License Master, and Enterprise Security.

Performed data onboarding of several data sources including Cisco Firepower using eStreamer, Powerplan database, F5 load balancers, Forcepoint/Websense, Workday application, Active Directory, PowerShell, Windows, Linux, and Endgame. Ensured data was parsed correctly and CIM compliant. Ensured time zones, event and line breaking were correctly configured.

Deployed and configured syslog server using syslog-ng.

Migrated Splunk environment from Windows to Linux. Performed data migration.

Implemented Splunk Smart Store.

Created Splunk Run Book.

Developed and updated Splunk alerts and Enterprise Security correlation searches using data models, event tags, and event types.

Evenly distributed execution times of Splunk Enterprise Security correlation searches.

Developed Splunk dashboards. Performed security investigations using Splunk. Resolved disk utilization and memory utilization issues on Splunk servers.

Resolved issues with skipped searches. Performed health checks. Monitored license utilization.

Deployed Heavy Forwarders (HFs) and over 500 Universal Forwarders (UFs). Troubleshot HFs and UFs not communicating with Deployment Server.

Developed automated Workday and Powerplan reports with email notifications capturing all unexpected logins and transactions.

Educated team members on Splunk best practices.

May 2018- March 2021 General Dynamics IT (GDIT) Supporting The Department of Justice Washington, DC

SIEM Architect/Content Development Lead Engineer

Life-cycle management of a Splunk SIEM system to include Splunk Enterprise Security, Search Heads, Indexers, Heavy and Universal Forwarders, Distributed Monitoring Console, Cluster Master, Deployment Server and License Master.

Built and maintained several multi-site clustered Splunk environments with Splunk environments in an AWS Cloud, Azure Cloud, or on premises using Dell VxRail Hyperconvergence Infrastructure (HCI) hardware; installed and configured Enterprise Security, performed data ingest of many data sources, performed content development, and operations and support of Splunk in several enclaves. Utilized Ansible playbooks and scripts to automate the deployment of Splunk in the AWS Cloud.

Performed Splunk daily health checks. Troubleshot Splunk Forwarders when there is a loss of event flow for any data source.

Upgraded Splunk components to version 8.0.2 including Indexers, Forwarders, Search Head, Monitoring Console, Deployment Server, Cluster Master, and License Master. Developed Splunk apps and data models. Configured event types, tags, and correlation searches and accelerated data models.

Used Splunk to develop dashboards, perform field extraction, create SPL searches, and develop reports.

Updated Splunk lookup tables to keep Splunk whitelists and blacklists up to date.

Developed and modified SOC Watchfloor content using correlated searches in Splunk Enterprise Security.

Used Splunk to ingest data from new data sources such as McAfee ePO, Digital Guardian, Cisco ACS, Cisco IronPort, Firepower, and FireEye.

Created apps with updated Splunk configuration files including inputs.conf, outputs.conf, props.conf, transforms.conf, and indexes.conf. Used the Master Node or the Deployment Server to push the apps to deployment clients.

Deployed Heavy Forwarders. Routed data based on content of events. Modified Heavy Forwarder for advanced, detailed filtering of data to reduce indexing volume.

Managed and deployed Apps and Technical Add-Ons (TAs) from Splunk Deployment Server.

Developed, tested, documented use cases scenarios in Splunk and ArcSight to detect and alert on data exfiltration, malware, high value resources, traffic anomalies, email monitoring, VPN, and unauthorized access and privilege escalation.

Lead ArcSight Tech Refresh including ESM 7.0, ArcMC 2.8.1, Event Broker 2.02, Logger 6.7, and SmartConnectors 7.8.

Integrated Remedy Action Request System with Splunk and ArcSight.

January 2018- October 2018 Leidos Supporting Defense Threat Reduction Agency (DTRA) Ft. Belvoir, VA

SIEM Content Development Engineer

Develop custom dashboards utilizing Splunk Enterprise’s Search and Reporting application.

Utilized McAfee ePO and Cisco FirePower Management Console to monitor alerts and investigate threats.

Created, tested, and on boarded ArcSight correlation rules used to implement established use cases.

Trained Network Operations and Security Center (NOSC) security analysts on Splunk Enterprise and ArcSight ESM functionality in order to improve their ability to perform threat hunting.

Performed content development of ArcSight ESM 6.11 resources, including but not limited to, reports, templates, query viewers, queries, filters, trends, active channels, field sets, rules, active lists, session lists, dashboards, data monitors, active channels, local variables, and users.

Supported cyber security initiatives through both predictive and reactive analysis, articulating emerging trends to leadership and staff.

Utilized understanding of attack signatures, tactics, techniques and procedures (TTPs) associated with advanced threats to assist security analysts investigate security threats.

September 2017- December 2017 Southern Company/Georgia Power Atlanta, GA

Splunk/ArcSight Content Development Engineer

Utilized Splunk Enterprise’s Search and Reporting application to create and optimize knowledge objects, dashboards, alerts, reports, data models, and external lookups.

On-boarded logs/alerts in Splunk to integrate Splunk with a wide variety of industry leading commercial security tools.

Ingested logs into Splunk from security applications and databases.

Deployed clustered and distributed Splunk Enterprise 8.1.4 implementation.

Developed use cases to detect command and control, exfiltration, communication to a suspicious region, unauthorized access to high value targets, brute force logons, privilege escalation, lateral movement, and the exploitation of devices with known vulnerabilities.

Documented business cases and use cases.

Created, tested, and deployed ArcSight correlation rules to meet the established business cases and use cases.

Ensured that the business cases, use cases, and corresponding correlation rules were aligned.

Developed ArcSight content to improve situational awareness of technologies such as Symantec Endpoint Protection, Microsoft Defender, Tanium, IBM Guardium, Cisco Sourcefire, Tipping Point, Linux, Unix, Windows, Palo Alto, and Cisco ASA.

Prior to SOC acceptance of newly developed correlation rules, ensured that the newly developed rule did not generate a load over 25 Events Per Analyst Hour (EPAH).

After implementation, ensured that all rules yielded a 60% or higher SOC investigation rate and less than 40% false positive rate.

Utilized the ArcSight Activate framework to leverage existing use cases from the ArcSight Marketplace.

June 2017- August 2017 International Monetary Fund (IMF) Washington, DC

SIEM Content Development Engineer

Assisted the organization with the transition of outsourcing security operations to a Managed Security Services Provider (MSSP).

Participated in the planning, knowledge capture, shadow, reverse shadow, and go-live phases during the transition.

Developed the ArcSight Knowledge Capture document and the ArcSight Standard Operating Procedures (SOPs).

Created FlexConnectors and custom parser overrides to ensure data in ArcSight was in the desired format for optimal content development.

Performed advanced searching and reporting in Splunk to implement specialized dashboards.

Correlated event logs in Splunk to create more targeted dashboards and alerts.

Developed Hitachi PAM use case to ensure employees adhered to organizations’ privileged access management policy.

Maintained and troubleshot custom scripts that integrated ArcSight with the IT Service Now (SNOW) trouble ticketing system.

Performed daily ArcSight health checks and restored any ArcSight component that failed since the last health check.

Upgraded the Symantec Endpoint Protection and Symantec Critical Systems Protection ArcSight SmartConnectors to the latest version.

Identified hung ArcSight SmartConnectors and performed troubleshooting to restore the connectors.

September 2016- June 2017 Defense Information Systems Agency (DISA)

Ft. Meade, MD

Sr. SIEM Design and Operations SME

Responsible for designing, improving, and maintaining the hardware and software baseline of ArcSight ESM systems on HP DL 580 G9 servers with four Sandisk Fusion IO cards running Red Hat 6.8 and ArcSight ESM 6.9.1c Patch 2.

Lead an ArcSight ESM upgrade seven ESM servers from version 6.5.1 P2 to version 6.9.1 P2.

Responsible for providing Tier 3 support for seven ArcSight ESM servers.

Developed and executed test plans to perform functionality and stress testing on an ArcSight 6.9.1 Patch 2 system.

Created Installation Guides, Upgrade Guides, and Standard Operating Procedure (SOP) documentation.

Utilized Linux shell scripts and Python and the Red Hat Kickstart DVD to automate the installation of ArcSight ESM version 6.9.1 c Patch 2.

Executed SCAP and Tenable Security Center security scans to identify vulnerabilities. Apply STIG fixes, update Red Hat packages, and apply patches to remediate vulnerabilities.

Installed, configured, and evaluated ArcSight Data Platform (ADP) 2.0 including Event Broker, ArcSight Investigate, Logger 6.3, and Arc MC 2.6.

September 2015– August 2016 Raytheon Abu Dhabi, UAE

Sr. SIEM Security Architect

Responsible for the design and operations and maintenance of an ArcSight system including ArcSight ESM 6.8c and Command Center, ArcSight Logger Appliances version 6.1, ArcSight Connector Appliances, SmartConnectors, and FlexConnectors.

Performed content development of ArcSight ESM 6.8c resources, including but not limited to, reports, templates, query viewers, queries, filters, trends, active channels, field sets, rules, active lists, session lists, dashboards, data monitors, active channels, local variables, and users.

Responsible for deploying an ArcSight asset model. Utilized Network Model Wizard to import assets, asset ranges, and zones.

Developed an ArcSight test environment to mirror the operational environment.

Defended proposed changes at the Discrepancy Review Board (DRB) and the Change Control Board (CCB).

Proposed new baseline changes to the Engineering Review Board (ERB).

Developed ArcSight Design Document and ArcSight Sysconfigs describing how all ArcSight systems were built.

Developed backup solution for ArcSight System utilizing EMC Avamar. Developed a Work Instruction (WI) describing how to implement this backup solution.

Performed ArcSight daily health checks and developed daily health check reports.

Trained NOC/CSOC staff on ArcSight architecture, creating data monitors, trends, reports, queries, dashboards, active channels, filters, user administration and performing daily health checks.

Integrated Tenable Security Center, Sourcefire IDSs, Tripwire, McAfee ePO, Symantec Endpoint Protection, Microsoft WUCs, EMC VNXe, and Syslog Daemon SmartConnectors with ArcSight.

Integrated Big IP F5 load balancer with ArcSight to increase the event volume the syslog connector could support.

Utilized filtering and aggregation on SmartConnectors to reduce event volume received by the ArcSight ESM server.

December 2014– September 2015 Deloitte Philadelphia, PA

Sr. SIEM Security Architect

Responsible for the content development of ArcSight ESM 6.8c resources, including but not limited to, reports, templates, query viewers, queries, filters, trends, active channels, field sets, rules, active lists, session lists, dashboards, data monitors, active channels, local variables, and users.

Responsible for installing, configuring, and troubleshooting performance issues on ArcSight ESM 6.8c servers.

Responsible for migrating content from ArcSight ESM 5.2 servers to ArcSight ESM 6.8c servers.

Responsible for deploying an ArcSight asset model. Utilized Network Model Wizard to import assets, asset ranges, and zones.

Utilized content management feature in ArcSight Command Center to synchronize packages by pushing them from an ESM publisher to ESM peers activated as subscribers.

Installed and configured HP ArcSight Management Center (Arc MC) to provide centralized management for Connector Appliances, Loggers, software connectors, and other ArcSight Management Centers.

Integrated threat intelligence feeds with ArcSight to provide contextual relevance for security events. Utilized STIX and TAXII standards.

February 2015 – March 2015 IBM Supporting Walgreens Chicago, IL

Security Intelligence Analyst/Managed Security Services Tower Lead

Responsible for analyzing threats in the general threat landscape and specific threats targeting the client’s environment.

Responsible for monitoring and researching information security threats and identifying indicators of compromise (IOCs).

Responsible for assessing the client’s security data from Intrusion Detection System (IDS)/Intrusion Protection System (IPS), OS logs, firewall logs, anti-virus logs, and IBM Q Radar Security Incident and Event Management (SIEM).

Analyzed security data for repeating trends, attacks, malicious Internet Protocols (IP), and anomaly type events.

Conduct scan reviews and provide recommendations to client with regards to SIEM rules, policy tuning, blocking recommendations, incident handling, and vulnerability remediation.

Provided trend reporting to client on a weekly basis.

August 2013– December 2014 Accenture Supporting Ohio Administrative Knowledge System (OAKS) Columbus, OH

Managed Services Security Lead

Refined the overall security architecture and processes to improve the organization’s overall security posture for the Ohio Administrative Knowledge System (OAKS) PeopleSoft ERP system which provides Financial Management, Human Capital Management, and Enterprise Learning Management.

Served as lead technical security expert in a client-facing role responsible for providing thought leadership and refining and maintaining security architecture and defining the security processes, policies, frameworks, and standards.

Assessed security threats and implemented security controls. Tracked, coordinated, prioritized, and reported on all security related tasks to ensure defense-in-depth. Directed Application, Infrastructure, and SOC organizations.

Reviewed firewall rule sets, IDS and web proxy configurations, ArcSight reports, and access control lists for accuracy.

Created and presented weekly Security Operations and Operational Leadership briefings to the Client’s senior level executives. Explained complex security topics in a very simple business-oriented language that both subject matter experts and senior level leadership could easily understand.

Developed and tested disaster recovery and business continuity plans.

Coordinated all vulnerability remediation and patching efforts; Served as primary point of contact for security audits.

Performed forensic security investigations using ArcSight Logger Appliance and Imperva SecureSphere.

Formatted and analyzed Nessus Tenable credentialed scans; Utilized Tenable Security Center to report on vulnerabilities.

Lead ArcSight ESM 6.0 internal working sessions to prioritize and track status of the development of use cases.

Utilized BMC ADDM and Tenable PVS to monitor automated asset inventory discovery.

Utilize Solarwinds Network Configuration Manager (NCM) to compare firewall, router, and switch configurations against standard secure configurations defined for each type of network device in the organization

Lead Infrastructure, Application and SOC organizations to ensure that SANS 20 Critical Security Controls were effectively implemented.

January 2012 – August 2013 CSC Supporting Transportation Security Administration (TSA) Pentagon City, VA

Cyber Security Lead Architect/SIEM Design Engineer

Installed, configured and provided Tier 3 operational support for HP ArcSight, Cisco NIDS, Sourcefire IPS, IBM Site Protector IPS, Checkpoint and ASA firewalls, McAfee Web Gateway, Microsoft Forefront web gateway, Big IP F5 load balancers, Cisco TACACS, and Symantec Endpoint Protection (SEP) Manager.

Provided Tier 3 operations and support, architectural oversight, and leadership in the planning and designing of an ArcSight SIEM system, including ArcSight ESM, ArcSight Logger Appliances, ArcSight Connector Appliances, ArcSight SmartConnectors, and ArcSight FlexConnectors

Integrated Cisco ASA NIDs, IBM Site Protector and Sourcefire IDSs, Microsoft ISA and McAfee Web Gateway web proxies, Symantec Endpoint Protection (SEP) Manager, Net IQ Security Manager, and Linux and Windows OS logs with ArcSight.

Optimized security event data flow using aggregations and filters, map and categorization files, and Big IP F5 load balancers.

Modified Logger architecture, including peering loggers and Connector and Logger Appliance filters’ to prevent caching.

Logger and Connector Appliance system administration, license updates, storage configuration, SSL certificates, and user/group administration.

Installed, configured, and upgraded Connector Appliances, Logger Appliances, SmartConnectors, and FlexConnectors

Upgraded code on ArcSight Logger Appliances to version 5.3 Patch 1 and on ArcSight Connector Appliances to version 6.4

Added/modified ArcSight forwarding filters using regular expressions (regex) and unified expressions to ensure all security events were delivered from Logger Appliances to ESM.

Developed filters, rules, and customized reports for ArcSight Logger Appliances.

Conducted daily checks of all ArcSight components to identify potential problems or outages.

Utilized ArcSight dashboard to monitor hourly, daily, and weekly CPU utilization and EPS for all receivers and forwarders.

Troubleshot Cisco VPN SmartConnector parsing, IBM Site Protector IDS SmartConnector hanging, Logger caching, and Connector and Logger Appliance web-enabled management GUI issues.

Developed Concept of Operations (CONOP) document and Standard Operating Procedures (SOPs).

Evaluated Splunk Enterprise SIEM to determine its feasibility for implementation.

Initiated Request for Changes (RFCs); Defended the proposed solutions’ impact to the TSA Configuration Control Board.

December 2011 – February 2012 Deloitte Supporting US Army (ALTESS) Radford, VA

SIEM Architect

Provided Tier 3 operational support and day-to-day administration of an ArcSight SEIM system, including ArcSight ESM and SmartConnectors.

Performed daily health checks of all ArcSight components to ensure proper throughput, CPU utilization, free database space, and free archived partition space.

Monitored alerts and notifications

Troubleshot connector parsing and caching issues

Responsible for installation, upgrading, maintenance, and troubleshooting of SmartConnectors

Maintained whitelist of all authorized ArcSight users

Performed content development for use cases (business logic defining correlation, prioritization, and categorization of data from sensors) using filters, rules, queries, dashboards, active lists, session lists, data monitors, trends, and reports

Applied the latest AUP categorization file to the ESM Manager

Lead weekly calls with all ArcSight stakeholders to set priorities and to communicate the latest status on projects and issues

September 2003 – December 2011 Lockheed Martin Supporting Missile Defense Agency (MDA) Crystal City, VA

Senior Network Security Design Engineer

Performed architecture, design, configuration, and Tier 3 and above operational support of ArcSight Enterprise Security Manager (ESM) 5.0, including the Manager, Database, Web, and Console components

Configuration and deployment of ArcSight Connector Appliance and Logger Appliance v5

Installed and configure ArcSight SmartConnectors on IBM Real Secure/Proventia IDS and Red Hat 5 Linux Syslog Servers.

Developed ArcSight filters and rules to perform weekly monitoring of important security events

Lead upgrade of all ArcSight components from version 4.0 to version 5.0 throughout the MDA worldwide network.

Maintenance of ArcSight ESM 11G Oracle database

Performed analysis of new technologies to provide cost effective security solutions that met design requirements.

Designed and documented Tripwire Manager and Tripwire for Servers (TFS) solution. Developed schedule, policy, and configuration files for Linux and Windows servers

Designed McAfee ePolicy Orchestrator (ePO) and Tripwire Enterprise solution running in a VMWare ESXi /Blade Server environment

Developed Syslog Server solution using syslog-ng application running on Linux Red Hat 5 Enterprise Server in virtualized VMWare ESXi Server environment.

Served as Information Systems Security Officer (ISSO); Helped organization obtain a high commendable DSS security rating. Created Master System Security Plan (MSSP), Network Security Plan (NSP), and Information System Profile (ISP). Developed a Hardware and Software Security Baseline and issued User Brief forms to all users. Cultivated an office-wide culture of security awareness.

Applied IA Fixes and Patches to Linux Red Hat and Windows servers; Deployed security template and latest virus definition files to lab servers; Utilized Acronis to image Windows and Linux servers.

Configured KG-175 Type 1 encryptors; Utilized GEM to manage KG-175 encryptors.

Performed technical evaluation of several security information and event management (SIEM) tools including HP ArcSight, RSA Envision, LogRhythm, Splunk, and IBM/Q1 Labs Q Radar to determine which tool mapped best to design requirements.

Utilized DISA Gold Disk, SAINT, and Tenable Nessus to perform server vulnerability scanning and to remediate findings.

Utilized McAfee Sidewinder firewall and IBM/ISS IDS to secure the network.

February 2003 – September 2003 Defense Information Systems Agency (DISA) Falls Church, VA

Tivoli Technical Team Lead

Design, installation, configuration, and day to day operations of the Department of Defense’s DISANet enterprise management system including Tivoli TME Framework, Enterprise Console, User Administration, Software Distribution, Distributed Monitoring, Remote Control, HP OpenView Network Node Manager (NNM), Remedy Action Request Server and Concord eHealth.

Evaluated Net IQ AppManager and HP OpenView Operations Smart plug-In for Exchange.

Planned Network Management System (NMS) SNMP Version 3 migration.

Visited Worldwide Unclassified DISANet sites to deploy Tivoli Endpoints and provide Tivoli training to site administrators.

June 2001 – February 2003 The MITRE Corporation McLean, VA

Senior Network and Distributed Systems Engineer

Installed and configured Tivoli Framework 3.7.1, Enterprise Console 3.7.1, NetView 7.1, Distributed Monitoring 3.7, Inventory 4.0, and Software Distribution 4.1 to mirror the IRS’ Enterprise Systems Management (ESM) Modernization environment.

Architecture design, implementation, configuration, and 24x7 support for the DoD’s Joint Defense Information Infrastructure Control System Deployed (JDIICS-D) enterprise management system utilizing Microsoft Terminal Server OS, Cisco Works 2000, HP OpenView 6.1, Remedy Action Request 4.5.2, and Remedy Web 4.1.

Served as Project Lead and Subject Matter Expert (SME) supporting the FAA’s National Airspace System (NAS) Infrastructure Management System (NIMS) project. Installed, configured and maintained Tivoli Enterprise Console (TEC) 3.7.1, Framework 3.7.1, NetView 7.1.2, and Peregrine’ ServiceCenter 5.1.

January 2001 – May 2001 Business Edge Solutions/(EMC, Inc.) Edison, NJ

Senior Solutions Engineer (Consultant)

CBeyond Communications Atlanta, GA

Implemented and configured Micromuse NetCool Omnibus, Reporter, Visionary, Impact, ISM, Precision, and Firewall Probe.

Implemented and configured development, staging, and production HP OpenView NNM network management system.

Implemented and configured Infovista in order to monitor performance and report on routers, switches, and IADs.

October 2000 – January 2001 Seven Space Reston, VA

Performance Monitoring Systems, Manager

Utilized InfoVista, NetCool ISM, and MRTG to monitor performance and report on Cisco routers and switches, ArrowPoint load balancers, NetScreen firewalls, and Compaq and Dell Windows 2000 servers.

Implemented, configured and maintained



Contact this candidate