Enterprise/Network Security Professional
- Email:
- [email protected]
- Tel:
- 7196612290
- Mobile:
Summary
> United States Air Force Veteran
> More than a decade of experience managing security infrastructure and compliance within highly classified military environments.
> Comprehensive knowledge of network routing and switching architecture with strength incorporating firewall infrastructure and web content filtering technologies in complex network environments.
> Promote security awareness throughout complex enterprises through the implementation of security standards and training programs to protect corporate and government assets.
> Execute system tests to confirm security measures are in place, identify potential threats, respond to security violations and incorporate remedial processes to ensure data security.
> Proven ability to work with compliance frameworks and requirements such as PCIDSS, HIPAA, SOX, ISO 27000, NIST, & FISMA.
Technology Certifications
CompTIA Advanced Security Practitioner CE (CASP CE) | CompTIA Security+ CE | CompTIA Network+ CE| CompTIA A+ CE| Information Technology Infrastructure Library ITIL v3 Foundation | Microsoft Certified IT Professional
Enterprise Administrator (MCITP) on Windows Server 2008 | Microsoft Certified Solutions Associate (MCSA) Windows
Server 2008 | Microsoft Certified Technology Specialist (MCTS) Windows Server 2008 Applications Infrastructure |
Microsoft Certified Technology Specialist (MCTS) Windows Server 2008 Active Directory, Configuration | Microsoft
Certified Technology Specialist (MCTS) Windows Server 2008 Network Infrastructure Configuration | Certified Information System Security Professional (In Progress)
Technical Skills
Operating Systems: Windows XP, Windows 7, Linux, Windows Server 2008, Unix
Testing Tools: DISA REM, Eeye Retina Scan Engine, Security Content Automation Protocol (SCAP) Compliance
Checker, and Microsoft Baseline Security Analyzer, NMAP, Wireshark, Qualys
Software: Microsoft Office Suite, Microsoft Visio, Microsoft Project Management, BMC Remedy, McAfee Enterprise Virus Scan, Symantec Endpoint Protection
Protocols: DNS, SSH, SNMP, DNS, DHCP, FTP, TCP/IP, UDP, EIGRP, TACACS+, SMTP, HTTP, HTTPS, IPSec, SFTP
Hardware: Cisco Switches, Printers, Scanners, Laptops, Desktop PCs, Kiv7, TACLANE, KVM Switches
Tools: Qualys,Tanium, Imperva Incapsula, Exabeam, Microsoft Exchange Server 2010, Active Directory, Tivoli, PUTTY Other: Vulnerability Management System (VMS), SCVVI updates, IAVAs
Education
Experience
Technical Experience
INTERACTIVE COMMUNICATIONS, INC. | ATLANTA, GA 2016 – PRESENT
Enterprise Security Architect
Interactive Communications is the market leader in new payment technologies and solutions, which supports more than 186 domestic and international services to include gift cards, prepaid wireless products, reloadable debit cards, digital music downloads and various payment solutions. The company provides support to more than 450,000 points of distribution, 700 brand partners and 2,000 employees globally.
Provides direction and thought leadership to enterprise wide initiatives applying security principles such as access control, encryption, and host security as well as state of the art and emerging technologies such as cloud computing, mobile computing, and next generation architecture. Develops in depth security architecture standards, frameworks and design patterns spanning all layers of security from host, server, mobile, and network to application and data.
security. Architects, designs, prioritizes, coordinates, and communicates the security technologies necessary to ensure a highly secure environment. Identifies the need for new security technology solutions designs, reviews and collaborates on new deployments. Conducts risk assessments by analyzing the business impact and exposure, based on emerging security threats, vulnerabilities and risks.
* Conducts security threat & vulnerability assessments on over 175 applications
* Manages and monitors over 100 websites and web application firewalls to secure against risks, such as SQL injection, cross-site scripting, illegal resource access, and remote file inclusions
* Manages 30+ security standards and policies for global implementation.
* Partnered with internal teams to protect employer and client information by the delivery of security analysis, recommendations, projects and compliance methods and practice as Lead Security Architect on over 5 major projects.
* Administered InComm’s Advance Threat Protection (ATD) policies, and employed e-mail filtering, SPAM blocking policies, and application security controls on a network supporting over 5,000 company-wide end users.
* Implemented the organization’s configuration baseline and hardening standards across a multi-platform infrastructure with over 3,500 workstations and servers.
GEORGIA DEPARTMENT OF HUMAN SERVICES ATLANTA, GA ?2014 – 2016
SENIOR INFORMATION SECURITY ARCHITECT
DHS delivers a wide range of human services designed to promote self-sufficiency and wellbeing for all Georgians. The department is one of the largest agencies in state government with an annual budget of $1.8 billion and approximately 11000 employees. DHS is comprised of three divisions and nine enterprise support functions.
Serves as Subject Matter Expert (SME) and Senior Information Security Architect representing the agency on all issues relating to information security. Designs and engineers secure IT solutions within the organization’s
enterprise environment, analyzes and manages the security risks associated with business decisions and strategies.
Implements agency security policies, standards, guidelines, Information Security Awareness Program, Business
Continuity and Disaster Recovery Plans and all Information Security Compliance initiatives. Performs Risk
Management Analysis to identify areas of risk, vulnerabilities and develops security measures to prevent losses. Develops and implements IT System Security Plans. Manages agency Information Security projects, testing and IT infrastructure implementations. Conducts vulnerability scans on agency IT resources, and creates Plans of Action and Milestones (POAM) to mitigate vulnerabilities. Ensures all agency Information Security project deliverables, objectives, schedules are reviewed in collaboration with global project team members and stakeholders. Determines the resources, and the scope of agency Information Security projects while ensuring all project work meets the business and stakeholder standards. Provides information security input and oversight of agency IT security relevant deliverables to ensure all projects are in accordance with guidance and regulation requirements prior to approving deliverables from vendors to the stakeholders. Collaborates with business owners, IT managers, staff, and vendors to oversee the Systems Development Life Cycle (SDLC) of IT Infrastructure and Information Security services to meet agency needs. Advises on host security controls, firewalls, endpoint security software, host hardening while integrating networks, infrastructures, hosts, applications and storage into fully secure solutions.
* Implemented the state of Georgia Department of Human Services Information Security Awareness training program while ensuring over 11000 employees are trained to provide first line of defense for the department’s Information Security Program within 2 months of hire to the state of Georgia Department of Human Services.
* Key player in the implementation of the state of Georgia Department of Human Services 300 Million-dollar Integrated Eligibility System as Information Assurance Architect while ensuring
network/application, infrastructure and information security awareness and regulations are adhered throughout testing and production of environment.
* Mitigated 197 network, application, and web security vulnerabilities identified three prior years within the first nine months of hire.
ROCKWELL COLLINS INC. | ENVISTACOM INC. DULUTH, GA 2013 – 2014
CUSTOMER SERVICE ENGINEER | HELP DESK ADMINISTRATOR
Rockwell Collins Inc. is a provider of avionics and information technology systems and services to governmental agencies and aircraft manufacturers. Envistacom Inc. was a subcontractor on this contract through 2013.
Deliver Tier I and 2 technical support for 5000+ military and civilian personnel. Research and resolve technical issues with hardware and software, network devices, cabling, workstation, peripherals, and electronic mail. Administered network configurations for NIPR, SIPR and Centrix networks. Maintained individual TACACS+ access and rights and managed user and organizational email mailboxes within Microsoft Exchange Server 2010. Installed applications, and deployed applications upgrades.
??Successfully resolved 400+ help desk tickets within first 3 months in the position.
EXELIS INC., COLORADO SPRINGS, CO 2012 – 2013
INFORMATION SYSTEM SECURITY OFFICER (ISSO)
Exelis Inc. is a global aerospace, defense, information and services company with positions in enduring and emerging global markets.
Performed network security vulnerability and assessment audits using port scanners such as Eeye Retina and Security Content Automation Protocol (SCAP) compliance tools. Screened 80+ assigned classified information systems encompassing mainframes, workstations and servers for highly classified sites and locations on behalf of the DoD. Completed manual vulnerability scripting tests on Linux and VMS systems. In charge of certification and accreditation and approval for adding classified systems on the network. Conducted IT auditing and system log analysis for Windows Server 2003, Windows Server 2008, Windows 7, Windows XP, Redhat Linux, and Solaris platforms to ensure compliance with the Defense Information Systems Agency Guides. Completed weekly audits to uncover security vulnerabilities and threats and reviewed computer security violations with end users. Encrypted data transmissions and erected firewalls to conceal confidential information. Implemented patch management throughout the network infrastructure. Maintained system virus logs and ensured virus definitions were up to date.
* Played a key role in Exelis receiving a good inspection rating on the 2012 DSS inspection. The DSS inspector noted a clear improvement in the reduction of security vulnerabilities.
* Promoted security awareness through end user training. Delivered security guidance and governance of classified areas system security. Designed and enhanced electronic training presentations on the SCAP and SCC validation tools for compliance auditing of current settings.
* Implemented and planned security measures and Security Technical implementation Guides (STIGs) of classified information systems in accordance with National Industrial Security Program (NISPOM) baseline configurations.
DEPARTMENT OF THE ARMY – FORT CARSON EDUCATION CENTER, COLORADO SPRINGS, CO ? 2011 – 2012
INFORMATION ASSURANCE OFFICER | SYSTEM ADMINISTRATOR | COMPUTER ASSISTANT
The Fort Carson Education Center offers official military tests and opportunities to increase reading, word knowledge, and math skills through BSEP and GT PREP, and counseling from college representatives.
Provided enduser and desktop support at the Fort Carson Education Center, which provided educational support to 5,000 military and civilian personnel. Validated user’s accounts, ensuring up to 40 individuals were in compliance prior to granting access to the network for class participation. Identified, reported and resolved network security violations.
* Enforced the IS security guidance policies by suspending users accounts for actions that knowingly threatened, damaged, or harmed the IS, network or communications security.
Completed a mission critical tech refresh of 80 client workstations with minimal downtime.
INFOZEN INC., COLORADO SPRINGS, CO ? 2010 – 2011
SHIFT OPERATOR
InfoZen is a leading provider of mission critical IT services and solutions to the public sector. The company provides software engineering, data management, and IT services management.
Processed mission critical data in support of the Department of Homeland Security. Monitored system integrity and performed detailed reporting of data processing cycle. Conducted basic validation tests to assess data integrity. Monitored Tivoli Enterprise Portal for trouble conditions. Identified flaws in process cycle, including hardware, software, internal and external networks and data integrity issues.
??Implemented network troubleshooting procedures to isolate trouble sources for corrective action.
UNITED STATES AIR FORCE, COLORADO SPRINGS, CO ? 2002 – 2010
ISSO | CLIENT SUPPORT ADMINISTRATOR |COMMUNICATION SECURITY (COMSEC) CUSTODIAN | VIDEO TELECONFERENCE FACILITATOR
The United States Air Force is the aerial warfare service branch of the United States Armed Forces.
Delivered technical support to 180 computer users. Researched and remedied network discrepancy errors in computer programs and 15 operating systems. As the ISSO, completed security scans to protect highly classified systems. Briefed quality assurance leaders on system vulnerabilities. Installed mission essential computer programs and utilized computer maintenance utilities that decreased network vulnerabilities and increased network security. Administered
$65,000 in computer assets and purchased software and hardware. Provided 24/7 video teleconference capabilities for high visibility meetings. Validated network user account status within Active Directory while providing computer support for network user account lockouts, password resetting and security permissions. Stationed in Korea to provide IT support on a special project. While deployed provided 24/7 help desk support to 800 deployed troops.
* Led Windows XP migration and configuration in support of the largest US/Korea war simulation evaluation. The project encompassed 27 computers and 7 printers delivering 24/7 help desk support.
* Collaborated with 500+ computer operators to coordinate computer updates that minimized network connectivity downtime and increased network connectivity by 15%.
* Promoted to Airman Below the Zone (senior Airman level) 6 months earlier than standard promotional timeline.
Education & Training

