IT Solutions
Resume:
OBJECTIVE: Professional with in-depth knowledge and experience managing information security solutions and supporting mission critical functions and operations within the federal government environment. Responsible for security policies and integration of information assurance efforts to meet changing needs and requirements. Working knowledge of Federal regulations and guidelines, including FISMA, NIST 800-Series Special Publications, OMB Circular A-130
KNOWLEDGE AND SKILLS:
• Solutions-oriented IT Security Specialist with notable success directing a broad range of corporate IT initiatives while participating in planning and implementation of information-security solutions in direct support of business objectives.
• Extensive experience in planning, coordinating, directing and managing large-scale and complex Information Technology projects, Skilled in strategic planning initiatives, technical architecture and new technology integration, technical architecture and new technology integration
• Manages all stages of system development efforts, including requirements definition, design, architecture, testing, and support.
• Worked knowledge of NERC-CIP, NIST, and FERC compliance regulations.
• Expert knowledge in utilizing Risk Assessment and Risk Management methodologies, specifically NIST 800-26, (NIST 800-53A), Security Planning and creating Plans of Action and milestones.
• Advanced knowledge of the practices, procedures and control techniques; associated with confidentiality, integrity and availability of information systems resources.
• Knowledge of IT security best practices and federal security compliance, and of the federal ICAM (FICAM) road map and of the Federal E-authentication Framework NIST 800-63-1.
• Performs Certification and Accreditation NIST 800-37 including Risk Analyses, Contingency Planning.
• Successfully formulate and implement advanced technology and business solutions to meet diversity of business needs; demonstrated strengths in creating business processes, procedures and new standards in the area of Information Technology.
• Advanced Knowledge of network security perimeter defenses ( LAN/WAN, VoIP VPN, Internet/Intranet/Extranet, screened subnets, DMZs, firewalls, Remote Access, and Proxies)
• Advanced Knowledge of the Auditor's role within the system development life cycle methodology NIST SP 800-64 and experience in conducting information security system audits
• Advanced experience Administering Citrix Metaframe and managing Citrix Profiles in a Windows Active Directory (AD) environment.
• Knowledgeable in fiber/DSL connectivity, VPN, Protocols: HTTP, Telnet, TCP, UDP, SNMP, SMTP, Gigabit Ethernet interfaces, Wireless LAN 802.11i & LWAPP.
• Strong work experience with CA Top Secret (TSS), Access Control Facility (CA-ACF2) and IBM Resource Access Control Facility (RACF), good understanding and working knowledge of COBOL programming
• Strong experience managing a mainframe infrastructure including identity and Access management, Automation of mainframe security management. Create and update mainframe JCL programming language.
• Perform Mainframe access control with CICS, z/OS UNIX(OMVS) and Also manages Certificates from trusted entities'.
• Strong work experience with CA Identity Manager (CA IDM). Implementing e-Trust CA-ACF2 in a z/OS and. OS/390 Environment.
• Advanced knowledge with Analog & Digital Electronics, Communications Electronics, Solid State Devices, Circuits, Electro-Optics, Robotics Principles, Electromagnetic and Switching Theory.
• Design and implements Hi End Audio and Video systems for home and commercial applications.
Operating Systems & Software Packages: Microsoft Windows 7, XP, Vista, NT, 2000, 2003 Server, IIS 4-6.0, Red Hat Linux 9, UNIX Sun OS (Solaris), Mac OS X, Novell NetWare 4.11& 4.85, NFS MVS/ES OS/390, Microsoft Office Suite 97 - 2010, Microsoft Visio 2000 - 2007, MS Exchange 5.5-2003, MS Outlook 2000. 2003, 2007 MS SQL Server 2000, Informix, Oracle 8i & 9i, DB2, Crystal Report 7.0, VMware GSX/ESX, Terminal Services, LANDesk, Citrix MetaFrame 1.8 client, DemeWare NT utilities, LDAP, Active Directory, CICS, JCL, C programming, FORTRAN 77& Assemble Languages.
Security Incident Management tools: Snort (BASE Interface), SGUIL, IDS Policy Manager, Nmap, HIDS, NIDS, Enterasys Dragon, E-Trust, Nessus, Retina, Sourcefire Console manager, Firewall Logs, Remote Administration (VNC, Putty) and System Development Life Cycle (SDLC), Risk and threat Analysis, Research and assessment, escalation plans and logging (CAPRS Ticketing system), CA-Unicenter v 5.1 Service Desk, Lotus Notes R5 & 6.5, BlueCoat Web Proxy Content Filtering, Qualys Vulnerability Scanning, Db Protect and CoBIT.
Network Security Devices: Dell Power Edges, Checkpoint Firewall, Pix Firewall, Norton Personal Firewall, and Cisco VPN, TCP/IP, DHCP, IBM Web Sphere Data Power XML 150.
Forensics Software: ILook v7, EnCase v4, FTK, Paraben tools. Encryptions Tools: CA Entrust Digital Certificates & Signature, SSL, PKI, PGP, IPSec, CA- ACF2 (Security for z/OS and 0S/390), FTP server, Putty telnet/Ssh client. Familiar with: Methodology of Hacking, US-CERT, NIST Asset Tool, NIST Special Pub 800 series. Vulnerability Tools: Symantec (Norton Internet Security Suite), McAfee Security Suite, Zone Alarm, CA Internet Security Suite.
Electronics Tools and Test Instruments: LabView, Spectrum Schematic Diagram Analysis, Digital and Analog Meters, Oscilloscopes, P spice simulation software, Maple Math & Engineering Software.
PROFESSIONAL EXPERIENCE:
Sr. Security Planning, Analysis & Requirements Engineer , (ACI) SSA Woodlawn Baltimore, MD. December 2010- September 2011
• Perform Security Architectural Compliance Analysis and Requirements for Role & Compliance Manager (RCM) Profile Content Analysis and Review (PCAR), Automated Resource Access System (ARAS) and Triennial Certification (TEC) projects in support of the Social Security Administration Identity, Credential, and Access Management (ICAM) Implementation Process.
• Develop project documentation including, architecture documentation, deployment plans, installation guides, configuration documentation, test plans, project-specific training materials, and project status and results reports.
• Manage projects across multiple platforms in CA- Identity and Access Management, CA-Top Secret Mainframe Security tool, IAM workflows and Role & Compliance Management Tools.
• Develop Requirements for TSTRAC and other security tools.
• Develop user specifications and risk assessments for SSA Security Team.
• Develop system specifications and detailed design documentation for the SSA ICAM Implementation Process.
• Produce detailed functional and security requirements documentation for the Control, Audit and Security Branch.
• Develop and provide feedback on architectural and design specifications that utilize CA- IDM technologies.
• Provide system security support for CA-Top Secret, TSTRAC, security administration tools, TSO, and CA-IDM 12.5; documentation for existing applications and provide weekly & Monthly status reports on all initiatives in this technical area.
• Applications & Tools: CA-Identity and Access Management 12.5, CA-Top Secret Mainframe Security Product, Single Sign-On, CA Role & Compliance Manager, ICAM & FICAM.
Sr. Security Engineer IDS Team Lead, (KSI) SSA Woodlawn, MD February 2009 -December 2010.
• Continuation of the previous (IDS) job descriptions, after the contract with CACI ended with the National Computer Center (NCC), Division of Telecommunications Security and Standards (DTSS), Social Security Administration
• Analyzes information regarding suspicious activities to the SSA network; develop triage policies and procedures to evaluate suspicious activity; perform blocking of Internet protocol (IP) networks; monitor, operate, and maintain network and host-based Intrusion Detection System (IDS) sensors; and provide host-based security management service.
• Proficient in researching traffic patterns to identify false-positives and/or malicious traffic within IDS Intrushield TippingPoint, IPS (Snort), scanners Qualys, proxy BlueCoat and PIX's firewalls.
• Perform security assessments using tools such as Bluecoat Web filtering and reporting, IBM vulnerability and monitoring tool AppScan.
• Oversee server-based security, and ensure security and accreditation requirements are met and maintained for customer connections.
• Perform network security administration responsibility; install, operate, and maintain security management software; and generate reports and update trouble tickets; Install and maintain all pertinent software/hardware for server/sensor functionality
• Provide technical and operational support to protect systems under the responsibility of the DISSAO against unauthorized access and inadvertent damage or modification
• Manger and train new Intrusion Protection Team (IDT) for new SSA works faculties in North Carolina.
• Improved existing training documentation and developed training core curriculum for new IDS staff.
Security Engineer IDS, (CACI) SSA-NCC Woodlawn, MD November 2005– 2/2009.
• Provide problem reporting and tracking using the Change Asset Problem Reporting System (CAPRS); Configuring Cisco IOS software and implement Cisco IDS Sensor to SSA networks; developed exploits for Windows and UNIX systems and other specific support systems as they are implemented.
• Security Information Management Solution (SIMS) integrates, correlates, and analyzes security event data from the enterprise network (IDS sensors, firewall traffic and routers).
• Analysis Packet payload using Snort (BASE); Development and implementation of SSA IDS policies using NIST 800-31 Methodology.
• Test LAB design and creation: Designed and Implement IDS test lab to check performance on different Operating Systems. The Test Lab was built on the ESX VM Sever infrastructure with virtual machines of different Operating Systems (Red Hat 9, OS Fedora Core 6, Ubuntu, Trustix, FreeBSD, Solaris10, Slackware, and MS Windows Server 2003). All Network and Security applications are first tested on these Operating Systems to determine compatibility and performance before deployment
IT Support Specialist, CitiFinancial Owings Mills MD. November 2004 – February 2006
• Interface directly with employees via phone, email, and IM. Provide guidance and technical support to employees regarding computer hardware, software, and/or network problems during company’s windows 2000/Exchange active directory migration. Open trouble tickets, query users, identify and resolve hardware, software, and network problems in a timely manner.
• Manager Group accounts utilizing Active Directory and DemeWare NT utilities (LDAP), Exchange 5.5\2000, Novell, UNIX and multiple legacy domains. Connect to clients using Terminal Server, LANDesk and SMS. Manage shared network resources, including printers and shared storage. Install hardware, configure, and upgrade desktop/laptop applications, including MS-Office 2000/XP, Adobe, SQL, PDA’s, blackberry.
• Providing Level II-III support in a 24/7 environment to clients across the US, Canada and India;
Perform systems enhancements and manager backup servers utilizing Putty Telnet/SSH client.
Sr. Technical Support Specialist, Ernst & Young Baltimore MD. September 2004 – November 2004
• Perform Systems migration from MS Windows 2000 to MS Windows XP Pro. Using Ernst & Young Global Core Loadset 3.0 software.
• Implementing Novell client 4.83 and Odyssey wireless Client Manager.
• Perform Systems QA on COTS software, Create user ID in Active Directory and configure Lotus Notes 6.5 to client specification.
Information Assurance/ Security Engineer, General Dynamics AIS. Fairfax VA. May 2002-February 2004
• Coordinate the effort of the (FERC) Federal Energy Regulatory Commission to comply with the requirements of the Federal Information Security Management Act (FISMA) of 2002.
• Performing NIST 800-26 assessments, presenting the information to the customer as well as preparing the report for OMB were significant in effectively determining the status of information systems security within FERC and providing a roadmap for future Certification and Accreditation (C&A) of Federal Information Systems SP 800-37. Perform Security Metrics Guide for Information Technology Systems SP 800-55 and Develop and Implement information security and network strategies in alignment with FERC business goals and objectives.
• Provide Security engineering support to the C&A process NIST 800-37. Functions include gathering evidence on systems, providing Government Accountability Project (Gap) Analysis; Evaluate threats and vulnerabilities to ascertain whether additional safeguards are needed.
• Advanced Knowledge of the Auditor's role within the system development life cycle methodology NIST SP 800-64 and experience in conducting information security system audits.
• Provide Plans of Action and Milestone (POA&M) for the CMS environment. This is part of FERC Certification and Accreditation Program (FISMA).
• Experience in Forensic Password Recovery Toolkit and retrieving data from deleted hard drives using EnCase and ILook.
• Worked with NERC-CIP Cyber Security Standards.
Operations Support Specialist IV, IntelliMark IT Business Solutions, Columbia MD. May 2002
• Evaluate the hardware and software configurations of laptop and desktops units to the minimum specifications required as defined by BCPSS. Document what the systems configurations are, and any non-compliance issues associated with the BCPSS specifications.
• Validate and document the compliance/non-compliance of the software and hardware (internal components and peripherals OS and Applications) configuration from each vendor, against the defined BCPSS specifications, running each application and validating the type of software, the revision level, and the installed configuration. (One month assignment).
Technical Support Analyst, Medstar Health Systems, Baltimore MD. February 2000 to April 2002
• Responsible for the planning & implementing of Windows NT 4.0, Windows 2000 Advance Server Exchange Server; Defined and implemented backup/restore procedures and policies
• Support NFuse, Citrix Secure Gateway, and Web Interface for Citrix Presentation Server and provide web administration and coding assistance with customization
• Set up Open Database Connectivity (ODBC) driver to enable applications to draw information from SQL databases and Crystal Report writer over the network.
• Perform administrative functions MS Windows NT/2000 terminal servers, Novell and Citrix severs, Perform backup and recovery using CA Arcserve backup suite.
Information Security Administrator for CA & Kforce the client FDIC Virginia Square VA. June 1999 –February 2000
• Provide Security engineering support in the response to the FDIC computer security incidents.
• Generate and distribute account of (PKI) Public Key Infrastructure and digital certificates.
• Responsible for handling incident by phone and provide corrective action to resolve them.
• Implement Browsers certificate on Netscape Navigator 4.71 and MS IE 5.0 for banks; monitor security logs and generates reports; Perform secure file transfers using 128 bit SSL encryption.
• Performed administrative functions for web-based systems using CA-ACF2 mainframe security application and creates user access to Entrust security database.
Network & Systems Support Specialist, HCIA Inc. Baltimore, MD. December 1996- February 1999
• Administrating of UNIX, Novell, and Windows NT file server.
• Review and edit systems configuration; managed shared resources and support backup using Backup Exec; Installed McAfee anti-virus with active update on Server and workstations to help safeguard the Company’s assets.
Operations Support, Chevy Chase, F.S.B. Laurel, MD. January 1996-December 1996
• Monitored and control batch processing; Maintained production schedules via MVS/JCL, CICS and CA-7, Monitor ATM banking network.
• Assisted Production Support, Help Desk and Networking in identifying problems and determined corrective action in resolving them.
Operations Support Specialist U.S.F &G., Baltimore, MD December 1993-December 1995
• Monitored Mainframe systems activity utilizing OMEGAMON, CA7, MVS/ES and JES2.
• Controlled job flow and scheduling utilizing CA7; Handled vendor’s inquiries pertaining to user problems using NETVIEW, JCL, CICS, and COBOL, Systems used IBM 962 and Amdahl 6650.
EDUCATION:
Morgan State University
Major: Electrical Engineering
Parkland Junior College Champaign, Illinois
Major: Electronics Technology
CERTIFICATIONS / TRAINING:
CA-Identity Manager and CA-Role & Compliance Manager 12.5, March 2011
Security Awareness Training: Managing Information Security Risks: the OCTAVE Approach, May 2010
SANSFIRE Securing Oracle, 2007
SANS 17799 Security and Audit Framework, 2003
SANS@HOME Hacker Techniques and Securing Wireless Networks, 2006
CERTIFIED in Disaster Recovery, 2004
NIST IT Security Capital Investment Planning (CPIC) Workshop, 2003
REFERENCES:
Available upon request.
Contact this candidate