Experience

• 

  202it solutions

  Nov 2011 - Feb 2012

  Helpdesk specialist (tier 2)

  • Have utilized Microsoft Office applications to create reports, spreadsheets, proposals, editing and documents. • Have become proficient active directory functions such as resetting user’s passwords, implement security policies, computer usage time on/off. • Have conducted installs, configures, and maintains server hardware/software, operating systems, applications, and supporting peripherals• Have used and become familiar with Windows, MAC, VMware, VM, windows server platforms, SSL-VPN and IPSEC cisco based firewalls, intrusion detection, Linux operating system, IDS/IPS, content filtering security devices such as network and host-based firewalls which include DDoS, abnormal activities from worms, Trojans, viruses. • Served as the initial point of contact for trouble-shooting hardware/software PC and printer problems. Show less

• 

  A-tech systems, inc.

  Jul 2017 - Nov 2017

  Junior soc analyst

  Responsible for incident response work including analyzing events, identifying false positive vs. real threats, identifying host involvement, comparing scan results, analyzing logs, and prioritizing incident/events. Helps to solve Tier II incidents and events.Responsible for Malware Analytics & Vulnerability Assessments by investigating events similar in complexity to Bash attempts and SQL injections.Worked with Forensic Support by working with remote contractor sites to extract data requested by our government SOC counterparts. Helped to develop training materials.Utilized Security Tool Management (Splunk, Fire Eye, Websense, and Firepower) troubleshoots and supports the restoration of security tool degradation and outages.Through network monitoring worked on the identification of resource management, hung processes, and routing configuration issues.Incident Response Tasks: Identify false/real threats, analyze tool alerts, identify Host involvement, compare scan results, identify incident/events, determine priority level(s), analyze logs, initiate appropriate Host scan, validate IP addresses, identify customer POC, remedy an Incident creation, enact a recall list, open a Triage Line, document incidents, communicate incidents, and gather incident details.Remedy Incidents Assignments: Timely follow-up, create a Remedy incident, provide incident details and assign to appropriate groups. Show less

• 

  Prism inc

  Nov 2017 - Aug 2018

  Information assurance security analyst

  Performs computer and/or network security vulnerability A&A assessments to identify, evaluate and mitigate security risks, threats and vulnerabilities. Designs, implements, integrates, configures and tests computer and network security solutions to manage the network/system’s firewalls and intrusion detection systems. Provides engineering analysis, design and support for firewalls, routers, networks and operating systems. Performs vulnerability scans using vendor utility tools. Monitors security audit and intrusion detection system logs for system and network anomalies.Monitors user access process to ensure operational integrity of the system. Enforces the information security configuration and maintains system for issuing, protecting, changing, and revoking passwords.Develops technical and programmatic assessments, evaluates engineering and integration initiatives and provides technical support to assess security policies, standards and guidelines. Implements, enforces and communicates security policies and/or plans for data, software applications, hardware and telecommunications.Performs product evaluations, recommends and implements products/services for network security. Validates and tests security architecture and design solutions to produce detailed engineering specifications with recommend vendor technologies.Develops, tests and operates firewalls, intrusion detection systems, enterprise anti-virus systems and software deployment tools.Reviews and recommends the installation, modification or replacement of hardware or software components and any configuration change(s) that affects security.Provides enforcement of security directives, orders, standards, plans and procedures at server sites. Ensures system support personnel receive/maintain security awareness and training.Maintains data and communicates to management the impact on business/customer caused by theft, destruction, alteration or denial of access to information Show less

• 

  Kforce global solutions, inc.

  Aug 2018 - Mar 2021

  Isso

  Perform Information Systems Security Engineer (ISSE) functions and role to bridge the gap between high level security policies/requirements and technical/operational implementation of requirementsDetermine information security measures implementations for operational systems and systems under development.Apply full range of Information Assurance (IA) policies, principals and techniques to maintain security integrity of information systems processing classified informationMaintain records on workstations, servers, routers, firewalls, intelligent hubs, network switches, etc. to include system upgrades.Maintain operational security posture for an information system or programDevelop and maintain documentation for A&A in accordance with applicable policies, procedures, and operating instructions.Develop and update the system security plan and other IA documentationProvide CM for security-relevant information system software, hardware, and firmwareAssist with the management of security aspects of the information system and perform day-to-day security operations of the system.Provide support for a program, organization, system, or enclave's information assurance program Show less

• 

  Ssa technology innovations

  Jun 2022 - now

   Responsible for Security Tool O&M/user support for DHS Security tools. Create procedures and documentation for maintaining all security hardware and software. Design and develop cyber security technology along with integration of new architectural features into existing infrastructures while maintaining the integrity and security of enterprise-wide cyber systems and networks. Ensures disaster recovery, databases, server roles (DNS, AD, Remote desktop), AD, DNS, Remote Desktop, Domain Tools, Database, FireEye, Swimlane, Splunk, CrowdStrike, Wireshark, Symantec Endpoint Protection, FireEye (EX, HX, NX), CA PAM, Tenable/Nessus, Tanium, and other security tools are functional, configured, accredited, documented, patched, security compliant, monitored, optimized, available 99.95%+ as well as user support. Perform full scope administration, maintenance, management, and configuration, patching, upgrades and optimization of security tools, devices, application systems, and servers and sensors within the cybersecurity infrastructure. Track and manage SOC security devices, physical property, and asset management. Show less

  • Founder

    Jun 2018 - now

  • Mid-Level Security Engineer

    Jun 2022 - May 2024