Lead Security Consultant
Accenture Federal
Total years of experience :34 years, 11 Months
• Prepared security documentation based on FedRAMP for NSF and presently working on AWS compliance for Bureau of Census.
• Working with external auditor on SSP and Policies and Procedures Custom and Border Protection, Department of Homeland Security
• Responsible to monitors IT vulnerability assessment and authorization
• Used Nessus and Tenable Security Center as vulnerability scanner, with extensive vulnerability management to measure and analyze security program effectiveness.
• Worked on scorecard and remediate the vulnerabilities by assigning to the responsible group.
• Responsible in scanning Web applications using AppScan.
• Gather requirements from various teams (Infrastructure, Middleware, and Security) for an Enterprise Logging and SIEM solution (Splunk and HP ArcSight)
• Extensively involved in coordinating, managing, tracking, auditing, reporting, and resolving compliance issues related to Federal Information Security Management Act (FISMA), Privacy Act, and Federal IT security regulations and requirements, NIST guidelines as per SP-800 series. (Department of Labor)
• Ensure the confidentiality, integrity and availability of systems and network
• Working as a team lead in the development of cyber security policies and risk management team.
• Managing IT Security programs, developed action plans and manages funding and other resources
• Participating in planning, developing, implementing Layer 7 Web Application Firewall (WAF) in Configuration Management.
• Working closely with customers on all projects. Guide them in identifying the problems and requirements. Provide information on alternatives for resolving their problems and fulfilling their problems.
• Excellent communication, interpersonal, and customer relations skills. Providing expert support to management.
• Maintain continuing open communication with customers and project teams. Exercise good listening skills as first step in effective communications. Respond appropriately to spoken information and to non-verbal expressions.
Teaching diferent Network Courses on Netware and Windows Operating System
• Worked as a team lead on different projects for implementation of security applications and appliance.
• Review proposal for new system, networks and application.
• Responsibilities include conducting security planning, auditing risk analysis and maintenance of numerous FISMA systems of Center of Medicare and Medicaid Systems.
• Configured and developed reports using MacAfee’s Network Security manager (IDS/IPS)
• Evaluated CheckPoint IPS 1200 and Sourcefire IPS.
• Monitor all alerts to ensure the confidentiality, integrity and availability of all information processes transferred or stored on Center of Medicare and Medicaid Systems network resources.
• Developed and implement procedures for monitoring, detecting, reporting and responding to security incidents.
• Using tools to analyze vulnerabilities, automatically remediate all networked endpoints and distribute and update software packages
• Assisting in developing Information Assurance Review documents including plans and procedures.
• Involved in security of network, hardware/software and computer servers room and ensured that the system maintains a high standard of security.
• Using Tripwire to manage IT configuration control, configuration management processes, monitor file integrity by creating a change audit rule and ascertain compliance.
• Functioning as a technical lead and participating in the selection, evaluation, implementation, and management of enterprise production security systems such as firewalls, scanners, antivirus, intrusion prevention and detection, remote access, and patch management.
• Work closely with customers on all projects. Guide them in identifying the problems and requirements. Provide information on alternatives for resolving their problems and fulfilling their problems.
• Responsibilities include conducting security audits of access controls, databases, networked systems and devices and providing guidance to system owners and administrators in remediating audit findings
• Presented demo of BigFix, eRetine and Triwire before the clients.
• Using BigFix (Tivoli Endpoint Manager) to analyze vulnerabilities, automatically remediate all networked endpoints and distribute and update software packages
• Assisted in developing Information Assurance Review documents including plans and procedures.
• Involved in security of network, hardware/software and computer servers room.
• Use Nessus4 vulnerability scanner, Tenable Security Center 4, QualysGuard and eRetina featuring high-speed discovery, configuration auditing, and asset profiling, sensitive data discovery and vulnerability analysis of the security posture. Submitted report to client after with remediation report.
• Managed group of 6 members in scanning network, implementation of different security projects.
• Providing technical support in using Tripwire to Department of Justice
• Functioning as a technical lead and participating in the selection, evaluation, implementation, and management of enterprise security systems such as firewalls, vulnerability scanners, Antivirus, intrusion prevention and detection, and patch management.
• Responsibilities include conducting security audits of access controls, databases, networked systems and devices and providing guidance to system owners and administrators in remediating audit findings
• Presented demo of BigFix, eRetine and Triwire before the clients.
• Using BigFix (Tivoli Endpoint Manager) to analyze vulnerabilities, automatically remediate all networked endpoints and distribute and update software packages
• Assisted in developing Information Assurance Review documents including plans and procedures.
• Involved in security of network, hardware/software and computer servers room.
• Use Nessus4 vulnerability scanner, Tenable Security Center 4, QualysGuard and eRetina featuring high-speed discovery, configuration auditing, and asset profiling, sensitive data discovery and vulnerability analysis of the security posture. Submitted report to client after with remediation report.
• Managed group of 6 members in scanning network, implementation of different security projects.
• Providing technical support in using Tripwire to Department of Justice
• Functioning as a technical lead and participating in the selection, evaluation, implementation, and management of enterprise security systems such as firewalls, vulnerability scanners, Antivirus, intrusion prevention and detection, and patch management.
• Provide technical expertise in coordinating IT security policy formulation and budgeting to ensure that NTSB’s IT assets are afforded protection as required by best practices defined in various Federal mandates.
• Lead team in deploying, configuring and supporting security appliances (firewalls, Arbor Network etc.), identifying security requirements and ensuring that project is completed as per specification and designed.
• Lead the team to monitor and maintain firewall, intrusion detection systems and vulnerability management. Investigate security breaches and perform security audits to detect vulnerabilities or misuse of the NTSB IT system.
• Identify customer’s requirement, assign to the team and monitor development. Prepare technical documents, evaluate proposals and finalize scopes of work.
• Extensively involved in coordinating, managing, tracking, reporting, and resolving compliance issues related to Federal Information Security Management Act (FISMA), Privacy Act, and Federal IT security regulations and requirements, NIST guidelines.
• Use Tripwire to manage IT configuration control, configuration management processes and ascertain compliance.
• Conduct security and traffic bandwidth management and monitor network traffic using Arbor Network’s Peakflow-X.
• Supervise, manage, update all desktops and servers from a single console using LANDesk Management Suite to enhance efficiency, inventory and cost reduction.
Implement cost-effective, risk-based information security programs. Ensure compliance with national and agency information technology standards, effective security practices, and the provisions of the Federal Information Security Management Act (FISMA).
Responsibilities encompass the full range of network systems administration, network operations, network security functions, and configuration control dealing with the secure configuration, operations, and day-to-day maintenance of classified networks processing classified and sensitive unclassified data.
Responsible for system auditing, strategic planning, investment control and project planning for local area network systems, operations, and computer network security.
Lead teams responsible for purchasing hardware and software to secure network.
Exercise a large degree of independent judgment and action in exercise of responsibilities. Keep senior officials timely informed of potential problems or controversial issues. Findings and recommendations are routinely approved without substantive alterations.
Ensure compliance with applicable laws, regulations, policies, and guidelines and with best information technology practices for securing network.
Develop and recommend new or revised policies and guidelines to meet changed circumstances.
Responsible for researching, designing, planning, developing, and evaluating new, advanced network technologies for this leading telecommunications company. Manage the planning, designing, testing and monitoring of software and hardware for extensive Wide Area Networks. Provide strategic and tactical design and technical expertise for solutions in support of managed data and security services for wire-line products.
Manage and support network of six servers used by some 750 users on NetWare 3.X, 4.11, Windows NT 4.0 and 2000 Platform on a 24-hour, seven days a week basis. Establish and enforce policies and guidelines for access to the network. Procure, install, and configure all software and hardware connected to the highly secure Sprint Lab. Install, configure, and managed security devices to protect Sprint Lab from hackers.
Identify required network upgrades, additions, and changes by interpreting forecast data and customer requirements. Conduct requirements analysis, concept design, and concept testing. Extensively involved in vendor selection, solution design, certification testing, and field integration testing.
Provide matrix management for teams on multiple simultaneous projects. Develop and implement project plans, milestones, and deadlines. Monitor project progress.
Maintain current knowledge of very rapidly developing technical developments. Exercise a large degree of independent judgement and action in exercise of responsi-bilities. Keep senior officials timely informed of potential problems or controversial issues. Findings and recommendations are routinely approved without substantive alterations.
Ensure compliance with company rules, policies and guidelines and with best information technology practices.
Establish and maintain effective working relationships with a wide range of individuals from first line operators to senior officials in order to obtain information.
Recruited to provide information technology services under the company’s contract with what was then the Immigration and Naturalization Service (INS) within the U.S. Department of Justice.
Interviewed operating personnel and conducted research to determine customer’s business needs. Designed and developed network systems to fulfill customer operating and security requirements. Prepared technical specifications.
Provided global administration, operation and maintenance of e-mail system. Developed training manuals for regional e-mail administration. Worked closely with deployment team members in the design, review and preparation of new sites.
Provided effective liaison between customer officials, company management, and vendors.
Representative accomplishments included:
Designing and implementing a cc:Mail based Network Management System.
Designing and implementing job calendar and scheduling system using Lotus Organizer.
Developing an e-mail administrator bulletin board.
Developing system for agency-wide global directory synchronization.
Assisting local administrator in converting cc:Mail routers from asynchronous to IP based.
Designed, installed, and maintained NetWare Server on different machines using SCSI Controllers and drives. Installed, configured, and maintained Lotus Organizer and cc:Mail. Installed Gateway using PC Anywhere for remote users. Assigned user access and authorization levels based.
Responsible for a wide array of network services for clients of this IT consulting firm. Established and maintained effective liaison and working relationships with firm’s management, client’s officials, end users, and vendors of software and hardware. Provide high level of technical expertise and service to generate customer satisfaction, repeat business, and referrals.
Analyzed customers’ requirements for networking capabilities and designed systems to meet their needs. Developed and implemented cost effective solutions for network integration. Researched, identified, and recommended appropriate hardware and software to fulfill the users’ requirements.
Representative accomplishments included:
Designing, installing, implementing, and supporting Novell NetWare and e-mail system.
Designing remote local area network for 30 users in an accounting and financial environment.
Implementing disk mirroring for storage and retrieval of file server data in case of disk failure.
Providing support and training for 250 users at 15 client companies.
GPA 3.5, Dean's Award Merit Scholarship (50% Tution Fee)