I currently work as a Senior Information Security Engineer for Leidos supporting a government programs security operations efforts. My primary role consists of performing various Security Operations duties; to include but not limited to: ArcSight/Splunk SIEM Monitoring and Administration, Host Based Security System (HBSS)/ePolicy Orchestrator (ePO) Administration and Analysis, Jenkins Administration, HP Webinspect Vulnerability Scanning and Analysis, HP Fortify Static Code Analysis (SCA) Vulnerability Scanning and analysis, Vulnerability Scanning with Nessus (ACAS Security Suite) scanning tool, Creating and Implementing security hardened baselines for various platforms leveraging the Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs), Fortinet Intrusion Detection System (IDS) Implementation and Management, and Risk Management Framework (RMF) / Joint Special Access Program Implementation Guide (JSIG) compliance work.
- Senior Information Security Engineer at Leidos Inc
- Threat and Vulnerability Management Analyst II at HEB Grocery Company
- Cybersecurity/Information Assurance Engineer I & II at Lockheed Martin
1 year, 4 months at this Job
- B.B.A. in Information Assurance - Information Assurance
- B.B.A. in Information Systems - Information Systems
Chariot, San Francisco, CA April 2018 - Present
Information Security engineer and Network engineer
• Policy creation, implementation, and monitoring
• Security Operation Center build out
• Daily log management and incident response
• Deployment of security deployment tools: IDS, IPS, Binary whitelisting end points, Radius
• Management and deployment of Meraki networks
- Information Security Engineer at Chariot Transit
- Administrator at Braintree
- Team Lead and Project Manager at Google
- Analyst at Syracuse University
9 months at this Job
- Bachelor of Science - (BS), Information Technology
Primary information security engineer for a global top 40 law firm.
• Directed Firm projects related to information security. Developed plans for the implementation and support of new security technologies. Monitored, tracked, and controlled project activities and staff performance. Provided project plans and status updates to CTO and CISO. Integral in influencing system projects from a security perspective.
• Advised business lines and IT teams on security best practices. Served as the Firm's subject matter expert for security controls strategy and processes, including risk, audit, and privacy requirements.
• Enhanced C-suite and employee security knowledge and awareness, oversaw the design and implementation of standard security processes for the Information Security Department.
• Deployed Tenable Security Center Continuous View onto the network enhancing network visibility.
• Led Incident Response for Firm malware event. Deployed Cylance antivirus to eradicate threat and helped generate executive summary report.
• Ran Proof of Concept deployment tests and gained budget approval for CyberArk privileged access management, Digital Guardian data loss prevention, Guardicore micro-segmentation software, IronScales phishing training and reporting software, and Splunk log management software.
- Information Security Engineer at Eversheds Sutherland LLP
- Cyber Security Consultant, Associate at Booz Allen Hamilton, National Security Agency
- Lead Project Manager for multiple Computer Network Operations at IDS/IPS
- Senior Network Engineer at NATO Training Mission - Camp Leatherneck
3 years at this Job
- MS - Cyber & Information Security
- BS - Electrical Engineering
Worked with a propriety log processing and alerting platform, along with rsyslog and filters. Client facing engineer that presents presentations, explaining security recommendations and implementing them in the alerting platform, and setting up reports. Have worked with Snort, Palo Alto, Cisco firewalls, Trend Micro, Fortigate, Putty, Firewall Management Consoles, SQL, ThreatQ and InterSect Alliance. Giving my input on setting up a large Splunk system, and how to separate data sets. Have traveled to meet clients for on-site visits, or meeting tools to deliver presentations.
- Information Security Engineer at NTT Security (US) Inc
- Associate Information Security Analyst at HM Health Solutions (Highmark)
1 year, 2 months at this Job
• Managed security monitoring for 20-30 assigned clients of varying size and complexity
• Cooperated with members of team to learn and share both proprietary and general security knowledge
• ~~~~~~~~~ education through obtaining GIAC Certified Intrusion Analyst certification, security conferences and internal training.
• Provide deliverables for both technically inclined client employees and high-level overviews for managers and C-level Executives.
• Provide clients with subject matter expertise to answer any questions related to security monitoring as well as investigate new technologies to see how it would integrate into their current security posture.
• Support continuous process improvement for training and everyday activity.
• Support continuous tool/software improvement by submitting bug reports and ideas to increase performance and efficiency
• Use of scripting, primarily bash, to automate repeated tasks for more efficient monitoring
- Information Security Engineer at NTT Security
- Assigned as dedicated analyst at
- Information Security Analyst/Senior ISA/Security Analyst at Solutionary Inc/NTT Security
- Student Painter at Minnesota State University
1 year, 11 months at this Job
Implemented security measures in Active Directory to govern client authentication, authorization and connectivity
● Maintained systems to protect data from security threats such as unauthorized access
● Responded to information security emergencies by collecting forensic evidence and reporting findings to client
● Conducted security and compliance services, producing detailed technical reports and presentations for customers
- Information Security Engineer/Consultant at Wilson Consulting Group, LLC
- Lab Technician at GWU - SEAS Computing Facilities
- Lab Research Assistant at GW Virginia Science and Technology Campus
1 year at this Job
- Bachelor of Science in Mechanical Engineering - Robotics
Responsible for analyzing system and application security exposures, in collaboration with business partners, throughout the engineering and operations lifecycle in cloud and company hosted environments. This includes but is not limited to the identification, evaluation, and interpretation of security requirements, control deficiencies, and information security risks. Helped design and develop end-to-end security architectures and policies for devices, mobile applications, and cloud systems and services. Responsibility includes developing key performance metrics and monitors to ensure compliance of established standards, processes and procedures.
- Principal Information Security Engineer at IGT Corporation
- Senior Security Architecture Specialist at Bose Corporation
- Information Security & Compliance / IT Security Officer at National DCP, LLC
- Principal IT Security Analyst at Sonus Networks
3 years at this Job
- - Continuous Monitoring and Security Operations
- - Law of Data Security and Investigations
• Responsible for handling network change requests ◦ Processed in upwards of 60 or more requests a week ◦ Provided expertise and guidance to submitters to ensure requests were processed in a timely manner ◦ Worked with policy writers to continually improve policy for increased security and adapt to company and network changes
• Developed tools to provide easier and automated access to information that was otherwise only obtainable via labor intensive manual methods ◦ Designed an app to compare two firewalls, allowing the automated analysis of millions of firewall rules ◦ Designed and wrote a script to quickly access and archive networking configuration for use in request analysis, automating a previously manual process from about fifteen minutes per transaction to seconds ◦ Took existing analysis tools and improved them by adding scripts to improve analysis speed and accuracy
• Worked on a team to provide cross-support for various scanning and security tools ◦ Provided training to other team members on the CNRQ process and the tools I designed ◦ Learned various other scanning tools to support other team members ◦ Assisted other team members with projects when my skills could be utilized
- Information Security Engineer II at Expedia Group
- Information Securiy Engineer at Apex Systems
- Information Security Engineer at DocuSign
- Information Security Analyst at Launch Consulting
1 year, 3 months at this Job
- Bachelor's - Workforce Education and Development
Established, built and directed a cross-functional team comprised of Engineering, Service Delivery and Data Science to create a secure, scalable cloud environment to enable innovation and exploratory work for our Data Science organization while migrating all existing workflows into the new environment.
• Implemented a Secure Configuration Program, including Polices, Standard Operating Procedures and Work Instructions to create a repeatable and sustainable process for securing the Cloud Hosting environments as well as the Corporate infrastructure
• Developed the Information Security Internal Audit strategy and three-year audit plan
• Performed the ISO 2017:2013 Internal Global Audit
• Responsible for articulating Medidata's security posture for potential Life Science clients & existing clients for life sciences audits.
- Senior Information Security Engineer at Medidata Solutions
- Senior Project Deployment Manager - Infrastructure Consultant at Church & Dwight Company. Inc
- Senior Project Manager - Information Security at Tory Burch LLC
- Senior Manager IT - Global Microsoft and Desktop Services at Pepperidge Farm Head Quarters, and U.S
2 years at this Job
- Bachelor of Science - Management and Marketing
• Responsible for Data Loss Prevention(DLP) configurations, monitoring activity, AirDefense configurations and threat detections
• Configured the DLP tools, worked on scripts and provided support to team with info on daily meetings, activities.
• Responsible work Fidelis configurations, worked on tools on threat prevention and information security on both mail exchange and share drives.
• Worked on Fidelis, Worked on license additions, monitoring and ldap. Monitored through debug, threat prevention and detection process and configs are peer reviewed by teams
• Experienced in Vulnerability scanning tools, as well as network security and monitoring tools such as IDS/IPS, Nexpose, Qualys, Splunk and Wireshark.
• Worked on corporate and retail environment Airdefense set up and firmware upgrades, sensor set up, application monitoring
• Airdefense sensors set up for scanning and security, Cisco AP's are set up for general networking and internet access. The corporate environment has 1 AirDefense appliance and 1 WiNG appliance, the WiNG appliance is used primarily for firmware upgrades and general profile creation, sensor-server AirDefense application, location and passwords etc.
• Monitoring wireless using Aruba Airwave Perform wlc installations, access point monitoring issues, Provide support to issues with wireless connectivity and heat map regions
• Configured email relay and alerts in the environment., Configured syslog's for the application.
• Prevented various malware attacks using IDS and IPS which are identified by signature based and anomaly-based engines.
• Experienced in Authentication, Endpoint Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Data Loss Prevention (DLP), Identity and Access Management (IAM) solutions
• Coordinate Symantec DLP, endpoint protection manager and anti-malware bytes exploit for endpoints agent and software upgrades. Experience in cloud security, threat monitoring, and prevention.
• Identified the vulnerabilities and non-compliant issues in the network and applications using vulnerability scanners and SIEM tools.
• Hands on experience in conducting Web Application Security scan, Ethical Hacking using commercial and non-commercial applications and methodologies such as SANS Web application assessment, OWASP Top 10 and CVSS Scoring using IBM App Scan.
• Worked in IDS/IPS to trigger the alerts which intern used for forensic purposes
• Utilized Splunk for monitoring and reporting purposes and to identify potential threats.
• Configuring network devices to send Syslog messages externally, which contains the required amount of data for forensic and compliance.
• Vulnerability assessment using tools such as Nessus and Qualys, and implementation of Security Policies. Knowledge in design and deploy of F5 LTM, GTM, APM, ASM solutions.
• Experience with industry recognized SIEM (Security Information and Event Management) solutions such as NITRO, Splunk, Forcepoint and many other tools.
• Oversee Vulnerability assessment /penetration testing of scoped systems and applications to identify system vulnerabilities.
• Excellent knowledge of FISMA, HIPAA and NIST Compliance usage, rules and regulations
• Use Splunk Security Manager to identify threats and assigned category.
• Solid Understanding of IBM QRadar.
• Strong understanding of DLP Architecture, Rules and Policies and its implementation
• Assist in the creation of an end-to-end technology strategy for SIEM to address current and future security concerns, emerging threats, regulatory compliance and alignment with technology and the business
• Provide support in security architecture, design, developing, monitoring and supporting enterprise infrastructure environment
• Antivirus McAfee Virus Scan Enterprise, Symantec, Endpoint Protection Suite.
- Information Security Engineer at CVS Health
- Sr. Network Security Engineer at Biogen
- Network Engineer at Lamresearch
- Jr. Network Engineer at Kensium Solutions Pvt Ltd
1 year, 1 month at this Job
- Bachelor's in Electrical and Electronics Engineer - Electrical and Electronics Engineer