Post Job Free
Sign in

Cyber Security Project Management

Location:
Mountain City, TN
Posted:
July 16, 2025

Contact this candidate

Resume:

R. Comeaux

404-***-****

*********@*******.***

NOTE: REMOTE ROLES ONLY

Education:

Designing Cisco Enterprise Wireless networks Wireless LAN Security-Deployment & Auditing CISSP (CERTIFIED) Wireless LAN Security-WWAN’s & Security VOIP (Voice over IP) Wireless LAN - Design & Installation Linux Systems Administration Wireless LAN - Security CheckPoint Firewall-1/VPN (CERTIFIED) Wireless LAN – Components & Configuring CISCO Advanced PIX Firewall Cisco Building Scalable Networks – BGP CISCO Advanced Router Configuration Cisco Building Scalable Networks - EIGRP IBM CSE E-Net Adv. Firewall Win (CERTIFIED) Cisco Building Scalable Networks - OSPF IBM CSE E-Net Adv. Firewall AIX (CERTIFIED) Perl

IBM CS AIX System Administration (CERTIFIED) Fundamentals of Project Management IBM E-Business Fundamentals APACHE Web Server on Linux HP-UX Advanced Networking/Systems Administration Administration of Websphere Appl. Server Configuring the Websphere Environment Advanced AIX Networking/Systems Mgmt. AIX Security Essentials Advanced AAA Security for Cisco Networks Websphere Security Cisco Content Services Switch

Microsoft (Beginning through Advanced) Project, Secure Settings for the Unix Operating System Access, Word, Excel, PowerPoint VOIP Fundamentals I, II & II TAM for Enterprise Single Sign-On Advanced MPLS for VPN Solutions Cisco NAC Solutions Advanced PKI

Cisco IDS Architecture and Device Configuration Cloud Security QRadar Cloud Architecture

Containers & Container Security AI Security Implications Short Overall Experience Summary:

* Very well versed in interfacing with and conducting presentations to C level management.

* Research, design, presenting, recommend and drive cyber security architectural solutions.

* Current role involved being the "go to" person for everything Network & Cyber Security.

* Experience in Network security & Forensics Investigations

* Experience in SIEM, SELM technologies

* Experience in HIDS/HIPS/NIDS/NIPS, Vulnerability Scanning, APPScan & Pen Testing

* Experience in Enterprise Project Management for Network, Cyber Security, GRC (Governance, Risk Management & Compliance) & Audit

* Experience in Firewalls, Proxies, DLP, PKI and many other security platforms.

* In depth knowledge of PCI-DSS, HIPAA, ISO27001/2, SOX, GDPR, SOX, COBIT, ITAR, Graham- Leach-Bliley, FISMA and other Security & Regulatory requirements.

* Ability to perform network/security architect collection, planning, implementation and management of network security technologies along with knowledge to create policies, processes, procedures and detailed M/S Office documents such as Visio, Word, Excel, PowerPoint.

* Experience demonstrating overall strategies to Management, C-Level & SME’s.

* Overall very well rounded experience in Security/Network Security, ability to learn new technologies quickly and apply them to environments rapidly.

R. Comeaux

Technical Summary:

Operating Systems:

Linux (many flavors), Windows 7/8/10, IBM AIX, HP-UX, PC-MS DOS, OpenVMS & UNIX, NOKIA IPSO, CISCO IOS, Sun Solaris, SCO UNIX. Familiar with AS400 & MainFrame/RACF.

Software: Vulnerability Scanning-Penetration Testing (Application & other) on windows, linux, Unix, AIX and other O/S's, Incident & Forensics Research/Management, CheckPoint FW1/VPN 4.0-4.1-NG-NGX-Provider-1, CISCO PIX Firewall, IBM SecureWay Firewall, Cisco PIX Device Manager (PDM), Symantec Firewall, Nokia IPSO, HIDS/NIDS (Host/Network Based IDS(Cisco,ISS,Sourcefire,Dragon,Snort)) IDS/IPS, Encase, Snort, RBAC (AD, Unix, etc.), PKI, Cisco CSA (Cisco Security Advisor(host based IPS)), Active Directory, WEP/WPA/WPA2, EAP, TLS, TKIP, Wireless, VOIP, PKI, Nessus, Nmap, Fireeye, Sniffers, DHCP, RADIUS, SecureID, PGP, Voyager, Microsoft Office Suite: Microsoft Project, Excel, Word, PowerPoint, Access, Visio, SSH, SSL, HTTPS,, LOTUS SMARTSUITE, LOTUS Notes, AIX, Shell Scripting, X-Windows, TACACS, Websense, Webtrends, Motif, Reflections, SecureCRT, MultiNet, DNS, PCM, Scheduler, SLS, ALL- IN-1, DEC-Event, PSSP, DECPS, HealthCare (DIAG/LAB Proprietary Software),Internet Explorer, FrontPage, M/S Exchange, SiteMinder, Scripting, Outlook, Ghost, Tripwire, XLNT, Splunk, Secure IM, Remedy, Slack, Webex, ServiceNow & many other PC related software packages,

Hardware: Many brands, types and configurations of IBM iSeries & RS/6000; Cisco Wireless devices

(routers, wap, print servers, etc.), SP Frame & control workstation, Nokia, Contivity, HP 3000/8000/9000 Series Servers, VAX/Alpha, all models of PC based hardware, RAID Hot- swappable arrays from various manufacturers, network devices: Cisco Routers/Switches, Cisco Wireless, Hubs, CSU/DSU, servers, Terminals, RAS network servers. From manufactures: Cisco, Bay Networks, Compaq, Hewlett Packard, IBM & Dell. Nortel Switches & Routers, fiber cabling & termination hardware, Network printers, PLC’s, Modems, NIC’s, familiarity with Cisco 4200 series IDS devices. Networks: Windows WIN2K-XP-Vista, Windows 2000/2003/8/12 Servers, Windows 7/8/10, 10/T- 100/T-Gigabit Ethernet, Token-ring, Wireless, VOIP (Voice over IP), DLP, LAN/WAN/MAN, VPN, TCP-IP, Subnetting, Load balancers, SONET, ISDN, Frame Relay, T-1, DECNET 4 & 5, OSPF, RIP, IGRP, EIGRP protocols, encapsulation, Citrix, SSL, VPN, Twisted Pair, thick/thin Ethernet, NIS, NFS, FTP, BOOTP, LAT, CiscoWorks (network management software), CGMP (Cisco group Management protocol), VSM (Cisco visual switch manager), WEP/WPA/WPA2, EAP, TLS, TKIP, CSA, CSS (Cisco Content Services Switch), DNS/DHCP, familiarity & planning of Cisco Wireless MESH. Security: GDPR,SOX, COBIT, HIPAA, ISO 17799/27001/2, PCI, HIPAA, ITAR, Graham-Leach- Bliley, GSD331, ISEC, ITCS104, 802.1x.,BlueCoat Proxy, FireEye, ISS Proventia HIDS/NIDS/NIPS, ISS Vulnerability Scanner, Penetration testing, Cloud Security, familiar with COBIT, CMMC and NERC-CIP, McAfee HIDS-File Integrity Monitoring-Endpoint protection-DB Event Monitoring, IBM SPbD, mobile device security, Container Security, SIEM (Qradar), Csirt/Psirt, Tenable Cloud Security/Nessus, IBM SPBD, Crowdstrike Falcon prevent (A/V), CoalFire, Scanning tools: (Appscan on Cloud scanning

(AsoC)-Twistlock,Aqua), Jira Issue Tracking, FISMA, FIPS, DynaTrace. R. Comeaux

Employment:

April 2024

to January 2025 IT/Cyber Security Analyst, Security Project Management & Security Researcher

(Contract) Firm: Standifer Security Consulting & Engineering Company

Review network/security Architectural layouts and make recommendations for improving the security posture. Update visio documents to reflect new Architectural configurations.

Oversee and guide new security implementations, Inventory management/tracking.

Work with Outside Auditors when required to ensure compliance.

Create new process and procedure documents to reflect revised/improved architectural security posture.

Project Management of Pen Testing findings resolution.

Conduct Nessus Vulnerability Scanning. Drive resolution of findings.

Was the Security “go to” person for ISO27001/2 and anything Security related.

SIEM focal. Identify issues and drive issue resolution.

Collaborate with external Pen Testing personnel, resolve findings with Internal Teams.

Continually monitor Network compliance with Security focus’.

Interface with Business Upper management with regular updates on Security status.

Monitor daily scans, logs and patching compliance status of all devices in the customer environment. Project Manager for the overview and implementation of DynaTrace in the environment.

Oversee the correct SME’s efforts to resolve issues.

Drive Compliance efforts for ISO27001-2 Regulatory requirements..

Conduct Quarterly Compliance Reviews to ensure the focus environments were meeting requirements.

Educate Technical, Non-technical personnel when required on Security topics. April 2023

to Oct. 2023 IBM Digital Business Automation Security Analyst/Focal on Cloud Security, Security Project Management

(Contract) Firm: IBM Hybrid Cloud Security / Digital Business Automation

Conduct reviews of existing network/security Architectural layouts and make recommendations for improving the security posture.

Create new process and procedure documents to reflect revised/improved architectural security posture.

Project Management of Pen Testing findings resolution.

Conduct AppScan, Nessus Vulnerability Scanning on Cloud customers. Drive resolution of findings.

Security “go to” person for ISO27001/2 and anything Security related.

Security Projet Manager for SPdB (Security Privacy by Design) compliancy projects.

Security Project Manager for FISMA, FIP compliancy projects.

SIEM focal. Id issues, provide clarity of findings and drive issue resolution.

Setup and Execute Pen Testing, Resolve findings with Teams.

Engage/lead offshore teams on all Security related issues.

Open/Track/Resolve vulnerability/security issues on Jira, ServiceNow

Continually monitor Environment compliance with Security focus’.

Generate multiple Security Reports on the various Cloud environments. Interface with those environment personnel to highlight security findings and advise how to resolve them.

Monitor Qradar logs for instances of security violations, take actions if any are found.

Interface often with IBM CISO office for threats, Risks and Exceptions to security postures.

Review (and engage when appropriate) C-Sirt (infrastructure) and P-Sirt (IBM product) releases and activities.

Monitor daily scans, health checking, logs & patching compliance status’ of all devices in environment. R. Comeaux

Drive Compliance efforts for ISO27001-2, SOX, GDPR, HIPAA, PCI and other Regulatory requirements.

Inventory Management & Tracking.

Conduct Quarterly and yearly Compliance Reviews to ensure the focus environments were meeting requirements. Work with Outside Auditors when required to ensure compliance.

Educate Technical, Non-technical and C-Level when required on Security topics when required. July 2021

to Oct 2022 IBM Cloud and Cognitive Software Security Analyst/Engineer, RPA (remote process automation), Digital Business Automation on Cloud/Security, Security Project Management

(Contract) Firm: IBM Cloud SAAS / Digital Business Automation

Take new company acquisitions and move them into the IBM Processes and Compliance realm (ITSS

(ISO 27001/2), HIPAA, GDPR, PCI, etc.) using IBM SPBD tools and processes. Train new personnel on the way IBM handles different Security scenarios, Security compliance requirements, etc..

Achieved the quickest satisfactory compliance status for new company acquisitions compared to the past typical time frames.

Continually monitor Environment compliance with Security focus’.

Generate multiple Security Reports on the various Cloud environments. Interface with those environment personnel to highlight security findings and advise how to resolve them.

Monitor Qradar logs for instances of security violations, take actions if any are found.

Interface with IBM CISO office for threats, Risks and Exceptions to security postures. Create

new Risks for issues when needed, monitor current risks for resolution, time frames to resolve, etc..Work with Environment SME’s to resolve the security findings/issues.

Perform forensic research on security findings.

Inventory review for accuracy and modify when needed.

Review (and engage when appropriate) C-Sirt (infrastructure) and P-Sirt (IBM product) releases and

activities.

Monitor daily scans, health checking, logs and patching compliance status. Take actions to engage and lead the correct SME’s and efforts to resolve issues.

Create new process/procedure documents when none exist. Educate personnel on same.

Interface with world-wide groups to accomplish desired end goals. Lead webex meetings to achieve those goals with these groups.

Review network layouts for best security posture, engage network SME’s when security findings/issues arise that need to be resolved. Create secure network designs, processes and procedures.

Utilize SOS tooling, Tenable Nessus, Qradar, COGNOS Reporting and other tools were utilized for this contract.

March 2021 Enterprise Cyber Security Analyst, Project Management, Cloud to June 2021 Security

(Contract) Firm: NorthRidge Financial

Help the company understand what is involved with the new 3rd party vendor taking over many functions of their IT environment from a technical and more importantly security perspective.

Perform education on the security requirements of the new contract.

Evaluate current security posture against Regulatory/security requirements such as HIPAA, GDPR, ISO27002, PCI, etc.. Point out shortcomings, possible Risks and how to resolve them. Conduct education to upper management to help them understand the Regulatory requirements

what’s involved and how to meet those requirements.

Be the liaison between the company and the 3rd party solution provider on all things security.

Create new process documents to reflect the new environments, requirements, actors and conduct education on what is required. Answer questions from the leaders and C level managers. R. Comeaux

Create new C Level presentations on security posture, requirements going forward to achieve security compliance, etc.

Review current security architecture looking for any security gaps/risks/etc.

Help this client navigate the private cloud architecture and security.

Create new architectural drawings on proposed security solutions for C Level management. Sept 2018

to Oct 2020 Enterprise Cloud Cyber Security Engineer/Analyst, Security Project Management

(Contract) Firm: IBM Cloud

Technical Cyber Security PM on a very large project involving evaluating very detailed research on all Cloud Commercial (500+) customers making determinations which will follow specific Cloud Cyber Security Policies (Internal, Commercial or a Hybrid). This involved evaluating network & cloud architectures, data flows, Regulatory requirements and many other factors for Commercial customers.

Functioned as a Cyber Security Technical resource for all cloud environments. Guided new customers on which Cloud environment was most secure and beneficial to them.

Created and conducted Education sessions with Cloud Commercial customers reviewing details of what is required via the security policy requirements, conducted Q&A sessions.

Guide the Account Leaders on what is needed regarding security policy requirements on an ongoing basis to help them to understand the Technical & Non-Technical requirements.

Executed follow up research to determine if customers were implementing requirements. Created problem tickets when NCI’s (Non-Compliant Issues) were found and guided Technical SME’s on resolutions of these issues. Evaluated and created Security Risk documents when required.

Influential/instrumental in creating a new Cyber Security Policy for Hybrid Cloud Customers.

Design and lead Security presentations to C-Level, Delivery Project Executives, Delivery Managers, Engagement Leaders and all other levels.

Research current trends and releases of threats in the wild and also threats from relevant sources that pertain to customer environments. Create/write documents making management aware of these threats and the proposed solutions to protecting their environments from these threats.

Researched and evaluated current environment compliancy to the different Regulatory

Track assets via Inventory Management.

environments (IE: PCI, HIPAA, ISO 27002, GDPR, FFIEC, ITAR, SOX, etc.). Was a resource to all Cloud environments regarding questions on the above Regulatory requirements.

PM for MFA (Multi Factor Authentication) implementation in all Cloud environments.

Evaluated/researched IDPS/Vulnerabilities, created powerpoints to show Upper Mgmt types what is being encountered currently in the environments. March 2006

to Sept 2018 Enterprise Network Security Analyst/Engineer/Architect-Security Delivery Manager

(Contract) Firm: IBM

Support Global customers in the Energy, Retail, Distribution as well as other Sectors of Commerce.

Review current network & security architectures, make recommendations to correct security exposures based on those architectures to meet PCI-DSS, SOX, ISO27001/2 requirements.

Take customer visions, turn them into realistic viable and secure solutions. Relay to customers, at all

levels in the customer environment, how their corporate visions can be realized. Create project plans, visio drawings, etc. to drive the corporate visions into secure realities.

Every role I was engaged in was supporting these customers and always involved researching current trends and threats in the wild and also threats from relevant sources that pertain to customer environments. Create/write documents making management aware of these threats and the possible and proposed solutions to protecting their environments from these threats. This was a constant effort to be aware of what was happening in the Security threat world. These created documents would flow to all R. Comeaux

levels of management including C-Level. When required, education would take place on the threats.

Performed Vulnerability scanning-penetration testing on Windows, Linux, Unix, AIX and other O/S's, PM on projects to eliminate findings. Execute AppScan on customer accounts and help rectify findings. Managed many groups in various environments ensuring "best practices" security.

Design and lead the network security architectures by aligning business requirements, IT strategies, detecting critical deficiencies, and recommending solutions for continuous improvement.

Research, designed, performed capacity planning, implemented and managed network & security architecture configurations for secure networking environments: This included proxies (Bluecoat, etc.), DMZ, Wireless, SIEM/SELM, HIDS/NIDS/IPS, and many other Security configurations based upon requirements.

The Security requirements PCI-DSS, SOX, ISO27001/2 & others (depending on customer environments & focus) were always considered when reviewing current or new customer solutions for their environments.

Architect solutions to prevent DDOS attacks and other Top 10 vulnerabilities in the Enterprise. If ISP, this could involve the ISP Core, Edge Router, Customer Edge and Customer network scenarios. Other actions would also be looked at for possible deployment depending on the environment.

Work with information security leadership and cross-functional teams to develop strategies and plans to enforce security requirements and address identified risks.

Manage a team of IT security professionals to deliver security solutions. Also functioned as the 3rd level escalation person for Security Incidents, issues, solutions, etc.

Evaluate, propose, expand/mature current security architecture to achieve goals of formal security policy.

Create formal process documents with the purpose of specifying hardening parameters for many environments.

Oversee health checking activity on a periodic basis to ensure hardening parameters are still in place and accurate.

Performed the research/design/architecture/capacity planning and drove Implementation teams for projects

involving differing security solutions including cloud.

Provided third-level support and analysis during and after security incidents.

Research and assess new threats and security alerts and recommend remedial actions.

Planned for future network designs/growth/bandwidth based upon current and future projects.

Responsible for identifying and implementing technology solution designs and delivering sustainable, cost- effective business solutions based on industry and business research.

Hands on configuration of Cisco routers, switches, firewalls in test environments when required.

Review daily the HIDS/NIDS/NIPS findings-take actions to resolve.

Security Project manager to implement new HIDS/NIDS/NIPS, participate in configuration/fine tuning of this solution. Primary contact for this HIDS/NIDS/NIPS environment.

Highly familiar with ISO17799/ISO27001/2, PCI DSS, SOX, HIPAA, ITCS104, GSD331, ISEC, FIC 20001 security policies, JCAHO. Familiarity with NIST.

Created and Reviewed Architecture for Risk identification. Defined, design and created requirements and documentation to be used for guidance by various teams.

“Security Analyst/Architect” for a multi-year contract, multi-billion dollar Global Account. This role was responsible for everything security related on this huge customer. This involved analyzing Information security systems against IT Best Practices and recommending/developing security resolutions to found issues in these environments.

Defined and Created an Enterprise Security Policy if one did not exist. Defined/created Security process/procedures and Standards for all environments based on the Enterprise Security Policy.

On a daily basis, I monitored the primary security sites for the latest known vulnerabilities, outbreaks, known issues in the “wild” and evaluate the customer environment for actions to avoid security issues.

Primary Security Interface to the external customer driving the Security Policy Implementation, ensuring compliancy. Also drove PCI, HIPAA, ISO 27002 & SOX security compliancy for customer.

Technical PM, creating project plans, interface with SME’s concerning successes, issues, problems, essentially “making things happen”.

Daily reviews of logs, firewalls, IDS/IPS (HIDS, NIDS, IPS) traffic reviews to identify possible actions that need to be taken.

Review configurations of firewalls, switches, routers and AIX, Windows, Solaris & Linux Operating R. Comeaux

systems for security gaps, holes, services/ports and made recommendations for changes to remedy any found security problems to ensure a more security environment.

Network & Security Architecture planning for IDP, VPN (site to site, remote users, etc.), network infrastructure, security infrastructure.

Evaluate all Operating systems environment settings (O/S configuration parameters) and interface with system administrators to recommend best practice O/S configurations for a more secure environment on: Linux, AIX, Unix, Windows, AS400, OS390 Operating systems according to ISO 27002/17799.

Review DMZ network configurations, traffic flows from the insecure and secure networks, evaluate the data stored in the DMZ and based upon Best Practices, make recommendations to management on what is needed to bring the environment into a “best practices” secure scenario. Drive the project to implement these changes.

Perform overall Security Environment reviews based on current Best Practices, latest ISO 27002/17799 security policy. Advise C-Level management and IT staff of these recommendations.

Recommended new solutions to further secure their environments. Conducted security overviews for all levels of Mgmt.

Conducted training for management and IT staff on corporate policies and recommend a plan to achieve compliancy with these policies.

Functioned as a SME (Subject Matter Expert) for all issues security related.

Evaluate/Test/Recommend and Implement security tools to streamline the security compliancy process (IE.: automated health checking, SAD (systematic attack detection), etc.).

Streamlined processes to use document repositories for efficiency and audit document retention.

Scheduled notifications were put into place for consistent security policy compliancy.

Architect new secure environments for SSL VPN, firewalls, routers, switches, AAA security, digital certificates, Virtual environments. Evaluate current environments for security improvements. .

AIX Systems Administration: AIX O/S system loads, security modification of O/S parameters,

network configuration, in test labs.

Monitored and developed SLA criteria for security related activities. My role was crucial to my client dramatically improving their SLA posture which had severe monthly financial penalties associated with any “missed” SLA’s.

Was the primary focal for all audits. Performed periodic “spot checks” to ensure compliancy to Best Practices and to Enterprise Security Policy. Presented Monthly formal presentations to C-Level Management of overall Security Posture on the account and recommended changes to produce a more secure environment. All recommendations made from an Industry Best Practices standpoint.

As a result of the peer audit review task list, focused on resolving these issues and advanced the completion timeline by at least 4 to 6 months ahead of schedule.

Oversee PKI environment, ensuring compliance with Best Practices, oversee the revocation lists, etc.

Create processes/procedures for environment compliance to PCI, SOX, HIPAA & ISO 27002.

Conducted all Training of personnel in the use of these processes/procedures and methods of data/document retention for audit purposes. This included "C" level training as well.

Conduct sniffer activities to determine what traffic is flowing on the networks, make determinations on what should be allowed based on critical production applications and made recommendations to eliminate unwanted and questionable security traffic flows. ACCOMPLISHMENTS: As a Professional motivated self-starter and working independently, my role as Security Analyst/Architect was crucial to taking actions to correct, architect new or update existing configurations, security incidents, recommendations to upper-level management on ways to improve their security posture, monitoring “in the wild” for future possible security breaches, driving security projects, etc. This was a critical security role and I received reviews that indicated “very satisfied” customer reviews. September 05 Mountain States Health Alliance Tennessee to Feb. 06 Enterprise Network Security Engineer

(Contract)

Implemented wireless solution, consultant on VOIP solutions, configure VLAN’s on Nortel and R. Comeaux

Cisco switches. Designed, implemented Role Based Access Controls for the AD and Unix environments.

Configured, implemented and troubleshoot new and existing Nortel switches utilizing fiber gigabit/Ethernet 1000 networks.

Conducted sniffing activities when situations dictated.

Take actions to rectify vulnerability scans findings that showed security flaws in the infrastructure (IE: traffic flows blocked at the firewalls and routers).

Evaluated leading IPS solutions and made recommendations on best fit IPS solution for this enterprise environment. This particular health care provider had 9 hospitals and over 5000 employees in a multi-county environment.

Oversee the health checking (periodic intervals) activity to ensure that hardening parameters are in place and accurate.

Planned/implemented new infrastructure IP addressing schema for new and existing network projects, existing security infrastructure and made recommendations for a more secure environment.

Monitored network bandwidth and performance, took actions to remediate any situations that would affect the network.

Planned network modifications/enhancements to bandwidth/hardware to enhance performance based

on current growth, future projects and expected required performance.

Participate in HIPAA & SOX security audit and compliancy requirements.

Delivered executive level presentations on HIPAA and requirements of this act.

Configure/Implement/Troubleshoot new dual redundant Checkpoint firewalls on a Nokia platform.

Responsible for multi-million dollar infrastructure requirement for implementation of a new

Radiology PACS. This involved technical project management, network device (routers, switches, firewall) implementation/configuration.

3rd level support for the enterprise related to networks, infrastructure devices, firewalls, etc..

Received an excellent Letter of Recommendation from the Enterprise DIRECTOR based on the Radiology PACS project I was responsible in implementing/configuring/supporting.

Configure firewall/router/switch rules/acl’s as situations required. This also involved setting up and maintaining vpn’s to various sites.

Work with various parties in troubleshooting various router, switch, firewall/vpn and wireless issues.

Worked with various teams to implement and troubleshoot a cisco wireless solution using WLSE, 1200 AP’s and WPA2. Plan layout and location of Access Points based on signal strengths.

Help to design/plan-implement a complete Disaster Recovery plan. May 05 Siemens – Corporate Headquarters Alpharetta, Ga. to August 05 Corporate Enterprise Security Architect

(Contract)

Architect new and existing infrastructure and enterprise-wide firewall/wireless/network/security

solutions. These efforts were based on collaborative efforts with many teams and involved: researching/building requirements, designing/developing solutions, implementing and tracking, and

project management and final documentation.

Manage/Administer/Monitor Host based Intrusion Prevention Systems (Cisco CSA).

Run security scanning against applications, systems and network infrastructure and network devices pro- actively looking for security vulnerabilities. Recommend/schedule change management for implementing these vulnerability resolutions. Advise & assist parties on resolutions of same.

Make aware the corporate environment of current security patches and help them when necessary with implementation issues concerning these. This included allowing time for lab testing and conclusion reviews before implementation to minimize impact on production environment for Unix hosts, windows, firewalls, cisco wan devices, SAN (Storage Area Network), Linux hosts, etc..

Research/implement/test/assess new security tools and assess their usefulness and relevancy to stated security goals and posture in the Corporate production environment.

Run regular monitoring reports showing reconnaissance, attempted intrusions, log file analysis of

R. Comeaux

firewalls/servers/network devices and take actions accordingly.

One a regular basis, perform awareness to staff of current security stance, on-going issues



Contact this candidate