Technical Support Cyber Security
Resume:
**** **** **** ***** *********@*****.*** Mobile: 518-***-****
Frederick, MD 21703 Home: 518-***-****
EDUCATION
University of MD University College MS Information Technology 12/30/15 GPA: 3.50
University of MD University College MBA 12/30/17 GPA: 3.33
University of Science & Technology BS Environmental Sciences 07/30/2000 GPA: 3.50
CERTIFICATIONS
Certified Network Associate (CCNA)
Juniper Network Certified Internet Specialist (JNCIS)
Avaya Certified Network Associate
ITIL v3 Foundation
CISSP (In Progress)
Expired:
Cisco Certified Design Associate (CCDA)
Extreme Network Associate (ENA)
SUN Certified System Administrator for Solaris
Watson Analytics 101 (Cognitive Class WA0101EN)
Certified Ethical Hacker (In Progress)
PROFESSIONAL EXPERIENCE
Veterans Affairs (VA), Martinsburg, WV 02/2018 – present
SAIC/Halfaker – Snr. Cyber Security Engineer - Cyber Security Incidence Response - Cyber Security Analyst
Cyber Security Analyst/Sensor Monitoring
Over 10+ years of Security Incident Response, Security Operations Center, and threat analysis experience
Provides security analysis and technical support to monitor, identify, and mitigate security incidents.
Monitoring various security tools (e.g., Splunk, Splunk Enterprise Security, Palo Alto Networks, Sourcefire, Cisco ASA) to identify potential incidents, network intrusions, and malware events, etc. to ensure confidentiality, integrity, and availability of VA architecture and information systems are protected.
Security Review - Monitors and evaluates security incidents, system alerts, audit events, and other activity for potential threats against networks and systems. Detects anomalies, malware infections, and intrusion attempts. Identifies, recommends, and executes appropriate mitigation tactics for identified threats.
Track investigations in Service Management systems: Jira, Remedy and Service Now & Utilization of Splunk ES SIEM to respond to incidents detected on the VA network.
Generating trouble tickets and performing initial validation and triage to determine whether incidents are security events. Work security tickets within established SLAs and escalate to Customer or Tier 3 as needed, establish false positive, or contact customer as needed.
Follow standardized security playbooks to triage, escalate, and respond to security events.
Reporting - Produces reports that document investigation and security incidents as well as the results of analysis. Provides analytics and reporting that facilitates actionable cyber-intelligence within daily operations. Conveys information to the appropriate parties, which includes both internal and external partners.
Analyzing and correlating incident event data to develop preliminary root cause and corresponding remediation strategy.
Providing technical support for new detection capabilities, recommendations to improve upon existing tools/capabilities to protect the VA network, and assessments for High Value Assets.
Oversee the hardening, monitoring, and maintenance of security components to provide protection against malicious both internal & external threats.
Experience working with various technologies and platforms such as AWS, Azure, O365, Splunk/SIEM, CrowdStrike, Sentinel One, Microsoft Defender Endpoint (MDE), FortiGate, ZScalar, Cisco ASA, etc.
Developing and updating customer supported policies, procedures and standards and ensuring all IS security-related documentation is current and accessible to properly authorized individuals. Participate in the development of technology roadmaps to align with overall IT strategy and vision.
Experience in IDS/IPS, SIEM, EDR, DLP, Firewalls, DNS security, cloud security, Windows and Linux systems, etc.
VA NSOC/BPE Operations: Network Security Operation Center
Maintain a large MPLS network comprising of Cisco Routers, switches, and Firewall dedicated for Business Partners connectivity to the Department of Veteran Affairs private network.
Cisco Site-to-Site VPN utilizing Cisco ASA, IPSEC, Multi-area OSPF, BGP and MPLS environment.
Packet Capturing and Citrix Access Gateway (CAG) and NetScaler, Cisco Any Connect VPN, Remote Access Solutions, ASC, SolarWinds, NGenius, NOM alerts and Cisco ASDM.
SDM & SNOW Ticketing System, Splunk, Remote Access testing, DNS Answers Redirects
COMPUTER SCIENCE CORP (CSC), FAIRFAX, VA 03/2009 – 12/2018
Information Security Engineer
Supported the installation, configuration, troubleshooting, and maintenance of the following technologies: Firewalls: (Cisco ASA 5500 series, Sidewinder, Palo Alto (NextGen FW), etc.); IDS/IPS: (Snort, Source Fire, Cisco IPS 4200, McAfee NSP); Enterprise anti-virus: (McAfee and Norton Endpoint protection); Patch management software: (WSUS, Update Expert, SMS, and McAfee ESM); Malware protection: (FireEye, FireAMP); Software deployment tools.; content filtering, access controls, and system hardening.
Working experience with IDS/IPS software (Snort, Source Fire, Cisco IPS, Palo Alto), log event correlation /SIEM tools (Splunk)/Vulnerability assessment tools (Nessus, Retina, Nexpose etc.) and Network analysis / sniffer tools (WireShark, TCPdump, Netstat, NMAP, Metaploit).
Monitor and review data from various sources including Nagios, Palo Alto, Firewall logs, and Enterprise log management systems (SEIM tools). Remediate any issues identified.
Palo Alto FW: Planning, Implementation, Monitoring, Maintenance & Troubleshooting
Experience administering network and systems using security in-depth approach: detection, and boundary protection.
Knowledge of enterprise network routing protocols such as OSPF, BGP, EIGRP, RIP and static routes. Good understanding of routing/switching concepts, IP assignment, LAN/WAN/VLAN configurations, Cisco/Juniper/Extreme/Avaya products.
Operational supported network devices such as routers, switches, and firewalls for large-scale LAN/WAN environments.
Support incident response for all security-related issues. Drive issues to a timely resolution and ensure that all lessons learned are used to improve the overall security posture.
Microsoft Windows and Linux/UNIX System Administration.
Cisco ASA Firewall / Palo Alto configuration implementation, troubleshooting, and maintenance.
Performs product evaluations, recommends and implements products/services for network security.
Create configuration baselines, policies, procedures and conducts verification and validation for security compliance of all information systems, products, and components.
Perform internal and external penetration tests.
Ensuring Information Assurance-enabled software, hardware, and firmware comply with appropriate security configuration guidelines as well as test, monitor and troubleshoot any related issues.
Performs periodic threat assessments and audits to determine if potential threats exist and support the creation of comprehensive threat and risk assessment reports.
Provides identification/fixing for problems within existing systems design/implementation of new systems, enhances the existing systems and participates in the analysis, design and new implementation of emerging IT systems.
AVAYA, Inc., Albany, NY. 04/2001- 3/30/2009
Network Implementation Engineer (Sr.)
Strong working knowledge of Linux/Unix /Windows systems and Information Security concepts/practice.
Sr. Implementation Engineer for the Merrill Lynch Global VPN deployment as well as the Lead Engineer for the Merrill Lynch Global SSG deployment in multiple countries.
Hands Experience with configuration and implementation of data switches, routers and FWs: Extreme, Cisco, Avaya, Juniper, VPN, Secure Access Control (SAC).
Maintain, configure and administer computer networks and related environments including hardware, software, applications and configurations.
Provided technical training and supported associates, as well as developing installation and implementation specification templates/Job Aids and other documentation for new products introductions.
Work with NOC manager in planning, staging, configuration, implementation of new products, improving network reliability and other technical support for the NOC team.
Migration of complex legacy infrastructures to new managed security services platforms
Provide technical and analytical support in determining the root cause of network problems and implement action plans to resolve potential or active Network impacting issues.
Strong understanding of networking technologies including SIP, SSG, VPN, TCP/IP, DHCP, TFTP, VLAN, QoS, VoIP, various WAN technologies (Frame Relay, MPLS, etc.), Ticketing Systems (Maestro & Remedy).
Work with sales, business partners and account management staff to assess technical integration requirement and system deployment.
Maintain, configure and administer computer networks and related environments including hardware, software, applications and configurations.
VPNet Technologies, Troy, NY 04/00 -04/2001
System Engineer
Providing system function for the VPNet Network Operations Center (NOC).
Installation, configuration, and maintenance of the Window Servers and Workstations, UNIX/Linux servers as well as the Clarify & Maestro database for issuing tickets.
Support several LAN (60+) workstations and 10+ servers.
Performing security, performance, and availability assessments. Managing and resolving open networking issues.
Designed, implemented and administered Systems Security Practices, utilizing Cisco's PIX systems
Redesigned corporate IT systems, policies and procedures using Proxy, DHCP, DNS, WINS, Windows & Exchange 2000 servers.
Provides guidance, technical support and product assistance to clients. Analyzes reviews and Completed escalated helpdesk tickets and change orders to meet the NOC's needs with 97% of assigned trouble tickets being closed within 24 hours.
References: Refurnished upon request
US Citizen: Authorized to work for Any Employee
Contact this candidate