Solutions Architect Project Management
Resume:
Shimba Alexandria Jones
Shimba Alexandria Jones, MSIS: Forensic Management
Certified AWS Solutions Architect Professional
Certified Hacking Forensic Investigator
Certified Project Management Professional
***********@*****.***
Education:
Strayer University Washington DC December 2022 – April 2024
Master of Science in Information Systems (MSIS): Computer Forensic Management
Bloomfield College Bloomfield, NJ September 2011 - December 2013
Bachelor of Science Degree: Network Engineer
Clinton Community College Clinton, IA January 2009 - August 2011
Associate Science: Biology
Chubb Computer School Jersey City, NJ May 1998 - December 1999
Diploma: Network Engineering and Data Communication
Job Related Summary:
15+ years of experience in the IT Industry.
15+ years of experience in Vulnerability Management.
10+ years of experience in Threat Intelligence, Network Security, Security Analysis, Incident Response, Security Risk Management.
10+ years of experience in networking concepts and devices (Firewalls, Routers, Switches, Load Balancers, etc.).
Good knowledge in NY DFS, NIST, COBIT, PCI, HIPAA, ISO, and other control frameworks.
Good communication and interpersonal skills.
Professional Summary:
IT Security Professional with over 15 years of experience supporting enterprise scale networks.
Experienced working in a 10, 000 server environments, dealing with at least over 500 servers in a day.
Experienced in scanning network vulnerabilities, penetrating testing and finding immediate remediation for the problem. Experienced setting up networks and configuring firewalls. As well as using intrusion detection system (IDS) and Intrusion Prevention Systems (IPS) software.
Over ten years working with host base intrusion security Applications.
Technical Skills:
Software: Microsoft Teams, MS Project, Radware, Excel, Jira, Silverline, F5, Venafi, Blade-Logic Automated Server, Centrify, Novell Identity Manager, MS Windows Server 2003, E-DMZ Par, MS Windows Server 2008, MS Windows 7, Hashi-Corp, McAfee Orchestrator, McAfee Anti-Virus, McAfee Found Stone, VMware Server, MS Outlook 2010 Sun Solaris 10, Linux, Firewall: Checkpoint-1, PCAnywhere, IBM Proventia Network Intrusion Prevention System (IPS), Intrusion Detection System (IDS), IBM Proventia Management Site Protector, Proventia Network Enterprise Scanner, Metasploit, NMAP, Exceed 7.0, RSA Security, Deep Trend Micro, Peregrine Service Center, Veritas, BlackBerry Server, Perforce, Cisco Identity Services, Cisco Wireless Control System
Compliance: Payment Card Industry Data Security Standard (PCI DSS), International standard for an Information Security Management System (ISO 27001), National Institute of Standards and Technology (NIST), Health Insurance Portability and Accountability Act (HIPPA), Division of Gaming Enforcement
Certifications: Certified AWS Solutions Architect Professional, Certified Azure Security Engineer Associate, Certified Hacking Forensic Investigator, Certified Microsoft Cybersecurity Architect, Certified Project Management Professional
Professional Experience:
Deep Defenses Cyber Security LLC Orange, New Jersey January 2024 – Present
Project Management / Security Engineer
As a dual-role Project Manager and Security Engineer, I lead initiatives to build and secure digital systems from the ground up, balancing cutting-edge development with enterprise-grade cybersecurity oversight.
Technology Oversight & Security Leadership: Spearhead the architecture, implementation, and ongoing oversight of secure technology systems, ensuring alignment with security frameworks, business objectives, and regulatory mandates.
Secure Game Application Development: Designed and developed interactive 2D games using Python and Pygame, integrating secure programming techniques to prevent reverse engineering, data leakage, and unauthorized access.
Secure E-Commerce Platform Development: Engineered fully functional and secure online store websites using Django, deploying end-to-end encryption, CSRF protection, secure session management, and role-based access control.
Secure Software Development Lifecycle (SSDLC): Implemented secure coding practices including input validation, output encoding, and data sanitization to mitigate risks such as SQL injection, XSS, and insecure deserialization.
Compliance & Risk Mitigation: Ensured all applications and systems met key compliance standards (e.g., OWASP Top 10, NIST), performing risk assessments and implementing controls to strengthen organizational security posture.
Cloud-Based Development & Collaboration: Leveraged Google Colab and cloud-based environments for rapid prototyping, code collaboration, and secure remote development, ensuring encrypted data transfer and version control.
Cross-Functional Project Management: Managed full project lifecycles from scope to deployment, coordinating cross-disciplinary teams, timelines, and deliverables with Agile methodologies and clear communication across stakeholders.
Fiserv Inc Berkeley Heights NJ September 2022 – January 2024
Sr. Cyber-Security Engineer
Monitor and troubleshoot online financial platforms Nationally and Globally.
Investigate security events within App-Wall WAF.
Configure I-rule within the App-Wall WAF.
Whitelist IP addresses within the App-Wall WAF.
Detect and mitigate bot attacks using App-Wall.
Investigate vulnerabilities and verify certificates.
Investigate security events using Splunk.
Troubleshoot proxy and application management using BIG-IP Configuration Utility.
Configure DDoS profile using F5 Silverline.
Configure automation alerts within Venafi.
Decision making during technical conference calls.
Azure Identity Access: Created and managed groups/user’s profiles.
Integrated HashiCorp Vault platform using tokens to secure data.
Provisioned devices and virtual machines using CyberArk PAM.
Provisioned users and access within CyberArk IAM.
Configured a Zero-Trust network using Azure, AD, Policies.
Used Microsoft Entra ID to identify risk
.
Pershawn’s Housing Redevelopment and Construction Newark, New Jersey February 2020 – September 2022
Security Engineer
Hardened servers within the network using Splunk SIEM: Monitor users and network behavior.
Scan Network using Qualys Guard Vulnerability Management Tool: resolving weaknesses and flaws within the system’s software, hardware, or organizational processes.
Secure users within the Network using CyberArk PAM
Configure IDS/IPS using Deep Trend Micro Security Platform
Update Windows Servers across the network
Metro-Plus Health New York, NY October 2017 – December 2019
Security Engineer
Wrote internal security controls following the compliance of PCI/DSS/HIPPA
Scanned Network for vulnerabilities using Qualys Vulnerability Management
Designed Virtual network using V-sphere 6.0
Created Build Operate and Maintain sheet
Conducted Meetings with various I.T teams within the Organization.
Resorts Casino and Hotels Atlantic City, NJ January 2017 - June 2017
Security Engineer
Responsibilities:
Created and updated Internal Security Controls following The Division of Gaming Enforcement compliance.
Configured and monitored IDS/IPS using Checkpoint firewall.
Configured VDI using Trend-Miro Office scan 11.
Hardened servers within the network using Alien Vault SIEM: monitor user and network behavior.
Configured SSL, user, group permissions, allowed and denied using Blue Coat proxy.
Scanned network using Nessus vulnerability scanner.
Monitored the network using Tenable.
Cisco Identity Services Engine: Manage Users and External Identity Sources.
Configured PKI using Deep Trend Data Loss Prevention.
Yum Brand Louisville, KY March 2016 - June 2016
Senior Security Engineer
Responsibilities:
Installed Deep Trend Micro Security Platform, Virtual Appliance, agent and filter driver.
Secured all 2003 servers using Deep Trend Micro Security Platform using the following modules: IDS/IPS, WAF, File Integrity Monitoring, Log and Malware.
Integrated V-center with Deep Security using Sphere.
Installed V-Shield for ESXI host dedicated for Deep Security.
Configured Host and virtual clusters using V-sphere.
Migrated VMs to Deep Trend Micro Security Platform.
Created virtual servers within AWS using EC2
Created profile within AWS EC2 for Trend Micro Security Platform.
Created polices by system types of SQL, APP and standard systems and hardening.
Integrated Q-Radar SIEM and Deep Trend to alert group.
Referenced Solar Winds to locate DMZ and 2003 Microsoft Servers.
Zerto Virtual Replication tool to migrate DMZ servers back to the network.
QVC West Chester, PA November 2014 - March 2016
Senior Security Engineer/ Project Manager
Responsibilities:
Managed technical meetings in reference to Splunk monitoring.
Provided technical services to projects, user requests and data queries.
Configured Forwards Prepare, arrange and tested Splunk search strings and operational strings.
Configured Dashboards and created reports.
Created virtual servers within AWS using EC2
Created network profile within AWS EC2
Created, managed and maintained Splunk Run-Book.
Implemented forwarder configuration, search heads and indexing Add data to the following types: Local event log collection, Active Directory, registry monitoring.
Complied with PCI-DSS Compliance.
Supported all aspects of Company's Security Information, baseline policies and good practices.
Advised security team of Deep Trend Micro best practices. Cloud Security configurations which include the following operating systems: Windows and Linux servers. Virtual technology: VMware, Token Key: RSA. Firewall: Palto Alto.
CyberArk: Created, managed groups and user’s profiles.
Configured and implemented rules and baseline policies test all modules before the actual rollout of Deep Trend Micro Security platform. The modules: Log, Malware, Firewall, IDS/IPS, Integrity monitoring and Web Repudiation within Deep Trend Micro. Configure IDS/IPS, Firewall rules. Configured data within the integrity module to detect Data Loss Prevention. Configured servers within Deep Trend Micro Cloud Security. Deep Trend Data Loss Prevention securing e-mails using PKI.
Designed and implemented two-factor security within VMware using tools such as: RSA token and Symantec Certificate. Worked close with security team scheduling weekly meetings for any critical challenges and new deployments. Worked with software vendors. Configure and provision user within CyberArk.
1199SEUI Funds Manhattan, NY July 2014 - November 2014
Sr. Security Engineer
Responsibilities:
Communicated with the Information Technology (IT) Department to remediate security alerts and respond to information security incidents that could potentially impact the network, systems and applications at the 1199SEIU Funds. Monitored security functionality (IDS/IPS and Endpoint) and report daily operational metrics; Provided scheduled management reports on risk status of network infrastructure, applications, internet activity, email filtering, vulnerability management and security metrics.
Maintained daily log monitoring services for Fund applications, databases and network (IronPort, MSSQL, Oracle, SEP, QNXT, V3, AD, Cisco Firewalls, Core Switches, VPN).
Software maintenance and support. application system administration.
Managed Incident Response program including updates to standard, guidelines, procedures, classification and followed escalation process; Maintained incident documentation and remediation tracking system.
Designed, deployed and maintained Security Incident and Event Management within MacAfee SIEM, Database Activity Monitoring (DAM) and Database Vulnerability Manager (DVM) system; provide a lead role for endpoint and network security project initiatives. Performed additional duties and projects as assigned by management.
Becton Dickinson Franklin Lakes, NJ March 2014 - July 2014
Security Engineer/Project Manger
Responsibilities:
Arc-Sight Appliance: Configured arc-sight logger and ESM to correlate with arc-sight smart connectors.
Beyond-Trust: Installed the Powerbroker Servers Authorization Agent, Configured Power-Broker servers, configured the required Access Policies and Executed Policies on the Proxy Host. Configured event logger.
Blue-Coat: Configured hierarchy and unit configurations. Modified Packet-Shapers in Policy-Center. Installed Policy-Center on Windows Server 2008. Add rules to the Windows Firewall. Changed and reset user passwords within Policy-Center. Configured new organizations in Policy-Center. Create new user accounts within Policy Center. Assigned configurations to organizations.
Cisco: Application Control Engine configure server farms, configure VPNs, troubleshoot routing protocols.
Cisco Scan-Center: Setup user e-mail message, Create LDAP and SAML authentication Realm, test authentication settings within Cisco Scan Center and download Audit Reports.
Enforced/configured security policies within checkpoint Smart-Dashboard: Configured DLP, URL filtering. Checkpoint Gaia: configured Network interfaces. Configure site to site VPNs and user to site.
Executed penetration testing using Qualys: Scanning for open ports, application vulnerabilities, etc. Key-Focus Configure Honey-Pots within KF sensor interface, configure DOS settings.
Configured and troubleshot DNS and DHCP protocols within windows 2003,2008 and 2012.
MacAfee: Enforced/configured security policies: Configured DLP, URL filtering.
Source-Fire: Configured source-fire appliance to the network.
Troubleshot network issues using the OSI model.
Provided network Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) management.
Configured custom rules and sites, correlate validations and block sites within Impervo.
American International Group Livingston, NJ May 2011 - April 2013
Security Engineer/SME
Responsibilities:
Automated the process of vulnerability management and policy compliance across the enterprise; provide network discovery and mapping, asset prioritization, vulnerability assessment reporting and remediation tracking according to business risk using Trend Micro Deep Security Management System: Malware and spyware, scanning. IPS/IDS configuration.
Configured McAfee Found-Stone penetration technology, Anti-virus scan and connect end points using McAfee Orchestrator. Executed compliance and security checks on Linux, Windows 2003 and Windows 2008 servers going online using Blade-Logic Server Automated Software.
Executed and maintained the 12 components form that’s part of the PCI compliance checklist outlined by the PCI Security Standards Council.
Prepared server audit reports using Microsoft Excel for countries such as: Turkey, Puerto Rico, India, Jamaica, etc.
Security Governance: Made decisions and wrote reports about the framework of security issues and task for future reference. Used Blade-Logic automated server management to support and troubleshoot issues, such as: agents, patch and software deployments.
Trend Micro Deep Security Management System: Configured Intrusion Prevention/Network Intrusion Prevention System: Investigated changes on the network using file integrity monitoring, apply new policies to new computer/servers entering the network environment using Trend Micro Enterprise Manager.
Executed penetration testing using Qualys: scanning for open ports, application vulnerabilities, etc.
Vaulted: Vault Linux, Windows 2003 and Windows 2008 servers and passwords using E-DMZ Par.
Added Unix users into Centrify and import them into Active Directory.
Configured user account and permissions using Microsoft GroupWise.
Analyzed logs and investigate incidents using Envision SIEM.
Configured level of permission within Blue-Coat proxy servers.
Used Nmap for network inventory, managing service upgrade schedules and monitoring host or service uptime.
Created wireless guest-net accounts using Cisco Wireless Control System.
Created training documents using PowerPoint and Microsoft Word 2010.
Provisioned/de-provisioned users using Novell Identity Manager.
Provided network Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) management.
Created and Managed Privileged Accounts in Privileged Access Manager
Created and managed on-boarding rules within CyberArk
Created policies in CyberArk Identity
Executed Perl scripts to verify open-shares and standard privilege on Linux, Windows 2003 and Windows 2008 compliance servers. Configured VPNs using ASA Cisco 5500.
Attended migration meeting with various I.T Departments.
Configured network access managed using Active Directory Infrastructure.
Worked on assign tickets using Service-Now Ticketing System.
JP Morgan Chase Bank Wilmington, DE March 2010 - May 2011
Security Engineer
Responsibilities:
Created users account in Microsoft Active Directory.
Setup and configured firewall policies.
Provided network Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) management.
Investigated and resolve security vulnerabilities.
Resolved trouble network tickets using Peregrine Service Center. Followed SLAs protocol.
Monitored and troubleshoot the following networks: Linux, Solaris and Microsoft Windows Servers using the Microsoft System Center Operations Manager.
Troubleshot Web servers and applications using MSCOM Health Check tool.
Monitored web applications using Topaz monitoring tool.
Added users to Microsoft Access database.
Configured and troubleshoot mobile security devices within Keynote.
Ran load balanced test using Keynote.
Monitored and troubleshot performance, real-time users and mobile monitoring across the network.
Created and deleted user IDs within access list.
Created user ID and passwords using user-add command.
Administered password access to user and groups.
Pre-created pools of computer accounts within Centrify Suites.
Created Server Templates and added permission within Centrify Suites.
Participated in bridge calls troubleshooting network and user's issues.
Updated logs in the Peregrine Service Center.
Worked with management and the I.T team monitoring network change through Peregrine Service Center: Change management feature. Configured security policy within IPS and created security reports.
Pfizer Pharmaceutical Morris Plains, NJ July 2005 - December 2009
Network Administrator
Responsibilities:
Supported and resolved over 200 Unix and Windows Servers within the Pfizer Environment.
Created users accounts using Microsoft Active Directory.
Resolved all trouble Unix/Windows Server tickets using Peregrine Service Center.
Provided support and maintenance for Unix (Solaris OS) based servers: patching (Day Light Saving Time DST), OS upgrades and performance monitoring.
Unix Systems administrative duties: Created user accounts, rights and permission patched and installed software.
Configured and troubleshot Trend Micro software.
Configured user to the network using Cisco Works troubleshot Veritas Cluster Servers.
Resolved Veritas Cluster Servers: freeze and unfreeze clusters, added users to cluster groups.
Resolved Veritas Network File Servers: restarting disable volume, recovering mirrored volume and recovering.
Created spreadsheets using Microsoft Excel.
Monitored Security Applications using IBM Proventia Network Intrusion software - identified vulnerabilities, threats, weaknesses and configured snort or snoop to investigate suspicious activity.
Set security policies, standards, processes, completed audits.
Monitored the network using IBM Tivoli NetView.
Setup and configured firewall policies.
Bloomberg Media News Manhattan, NY October 2000 - May 2005
Senior Application Security Analyst
Responsibilities:
Monitored the Bloomberg Network Globally and International in over 120 countries conjunction with outside infrastructures. Communicated with management at every level of security to secure the policy enforced.
Identified key vulnerabilities; Worked with the network infrastructure team to ensure all security risks are sufficiently reduced. Presented summaries of vulnerabilities using Real Secure security software IDS.
Configured snoop to investigate questionable IP addresses.
Monitored network activities using Real Secure Network Management software.
Scanned network using Real Secure Network Scanner software. Checked firewall logs for suspicious activities.
Created SAP mobile accounts. Updated Network Sensors, set policies for the network.
Configured single-sign-on using RSA hardware. Configured security settings using Windows NT, 2000 and Solaris 8. Troubleshot technical problems using TCP/IP Configured and Maintain Security Policy in a Windows/Unix environment. Conducted security evaluations and risk assessments of applications, infrastructure and network interfaces. Configured Ticker, Front-end and Back-end machines using Exceed software.
Troubleshot issue using AIX clearing ports and checking IP addresses.
Configured BlackBerry's Enterprise Server and troubleshot end-user's technical issues.
Configured and secured wireless laptops. Configured users and groups within Novell using Active Directory access.
Created spreadsheets using Microsoft Excel.
Qwest Communications Weehawken, NJ July 1999 - October 2000
Unix Administrator
Responsibilities:
Supported and configured over 300 networks within the Qwest communication Data Center for companies such as: Bear Sterns, Fleet Bank, CBS, Walt Disney, etc. and provided technical support.
Managed high end technical project. Installed hard drives, NIC cards and CD-Drives.
Provided technical support for over 300 independent networks using Remedy ticketing system.
Resolved over 30 tickets a day Troubleshoot technical problems remotely and over the Phone.
Setup client networks using the following hardware: Cisco 5000 switches, Cisco 2500 and 4000 router series, Pix firewalls, Compaq NT Servers and Workstations and Ultra Sparc workstations. Installed the following software: Window NT, Solaris, IIS, Windows NT Server, check point, Novell, Lotus Notes and Windows 98.
Configured Active Directory Integration with Active Directory.
Configured the following Cisco protocols: BGP, OSPF, EIGRP and RIP.
Updated client web-site using ISS software.
Communicated with management at every level of security to secure the policy enforced.
Paine Webber Weehawken, NJ October 1997 - July 1999
Project Manager
Responsibilities:
Coordinated rollout activities with IBM, Reuters, Lucent Technologies and Cabletron to deploy approximately 13,000 NT workstations in 400 Paine Webber retail branch offices configured with Token Ring LAN.
Performed technical support during workstation and server installations using TCP/IP protocol suite.
Tracked and resolved over 35 tickets a day on the Vantive ticketing system.
Updated and created documents using Microsoft Word.
Created spread-sheets using Microsoft Excel.
Managed Novell Identity Manage Server configuring: configured identity user stores, local authentication, configured SAML. Used various configurations to install NT as a TCP/IP client. Telnet into TCP/IP- based Unix hosts to troubleshot issues and monitor software upgrades/enhancements. Utilized Internet for web-based applications.
Processed and updated Move, Add and Change requests for existing new clients.
Used knowledge of Ethernet, WAN technologies and connectivity devices.
Contact this candidate