CLIENT : AIG Insurance , Contract Short Duration.
CIS STIG of Machines , Audit / Work With Chef Engineer to Ensure builds are CIS top 20 Compliant. , Vulnerability Assessment.
Security Audit of Machines , and improve Machine provisioning automation, to CIS compliance. work with DevOps to Deploy improved CIS Templates.
APEX Systems / Dell Contract , Client: United States Air Force & Texas AIR National Guard, 136th Communications Flight , (http://www.136aw.ang.af.mil/Units/) NAS JRB /Carswell, Fort Worth , Texas
Duties: Assist in the Windows 10 Deployment And Migration, as per contract specifications , requests , and troubleshooting, Imaging of Client Systems and remediation. Active Directory Migration assistance.
Technical lead: provide technical Leadership as required.
Deployment of Information Security Technologies, MacAfee "Nitro" SIEM Solutions, McAfee SIEM 10.x. Endpoint Management, SIEM Active Directory/ LDAP, Identity accesses management , Phantom incident response orchestration, carbonblack, Automated Incident Response, Identity Automation, RSA,Centrify, YubiKey multi-factor tokens , Identity accesses management , vulnerability impact assessments, Bluvector, Anomali STAXX, Phantom incident response orchestration, Automated Incident Response, Identity Automation. DLP,Proxy Server, OWASP TOP 10/SANS Top 20 Critical Security Controls /STRIDE & DREAD models
Security Operations, (Managed Security services provider to end clients) monitor SIEM for events, handle T1& Tier-II escalations , vulnerability impact assessments , Network Forensics.Security Operations, (Managed Security services provider to end clients) monitor SIEM for
events, handle Tier 1 & Tier-II escalations , vulnerability impact assessments , Network Forensics. keep up Incident response Documents updated on shared folders. Hawk SIEM, Nitro-SIEM Active Directory/ LDAP, Identity accesses management , DLP, Proxy Server, OWASP TOP 10/SANS Top 20 Critical Security Controls /STRIDE & DREAD models
|VMWare Linux IT Security Appliance builds , cloud computing security, Hytrust Cloud Control , , VEEM Backup, vmware servers, Redhat/Centos ,, Windows 2012, Gentoo/Pentoo/Sabayon CIS Framework Center for Internet Security & NIST compliance models , Cyber Security Incident Response and Network Security Actively Building Linux Virtual Machines/Security Appliances Based on Proven Open source partners Intrusion Detection Systems (IDS) and SIEM technologies , (ELK Stack) OSSEC-WAZHU , Alien vault, Suricata-ids, scirius Knowledge of Deep packet and log analysis Intermediate Forensic Skills , Cloud Forensics and Malware Analysis capabilities preferred Cyber Threat and Intelligence gathering , Evaluate Risk Levels. Excellent analytical , skills interact with team members, management ,brief and coordinate response activities with senior management Software Defined firewalls, web proxies, advanced malware detection , With Yara and other tools to find Zero day malware and contain it and submit to AV Vendors, share detentions. Carbonblack, RSA,Centrify,YubiKey multi-factor tokens. , Identity accesses management , vulnerability impact assessments, Bluvector, Anomali STAXX, Phantom incident response orchestration, Automated Incident Response, Identity Automation, RSA,Centrify Mcafee EPO/Enpoint Tenable USM SIEM (Nessus in siem) |
nexpose , Metasploit , Katana Web-testing Linux. Pentoo Linux, DLP,
OWASP TOP 10/SANS Top 20 Critical Security Controls /STRIDE & DREAD models
Provided administration Heavy background in Linux; Windows/NT/2000/2003 Server Environments Reverse proxy and security audits, and use Webmin/Clustermin administration tool for System/cluster configuration Gentoo Linux environment. Build PC’s for clients & provided training on E-commerce, web-site site design, Information Systems consulting, servers installed, LANs installation, integration services Handled Security threats to Clients, forensic services, Ethical Hacking services, Have Installed and configured Various servers and environments and or migration projects. Have held Several local Corp to Corp contracts with local IT staffing Firms/Or site Firms , Including TRS. As well as for Direct employed on I-9 status or other temporary agencies major projects: (including academic) ITT Capstone Deploys of Secured wireless networks for 2 not-for-profit Entities. , Help desk security auditor, Zolrich Group , TRS field projects , IBM Connect. ,OWASP TOP 10/SANS Top 20 Critical Security Controls /STRIDE & DREAD models
Special research projects. and testing, , Windows 7/8 Imaging /LANDesk/Windows 2008/2012 , Active Directory / Administration, Systems Imaging. Wyse/Dell Thin-client Imaging.Windows-CE Portable RF Scanning Guns/Computers Imaging/Administration Wavelink Avalanche support for . Cisco-Meraki WIFI/ WLAN Administration/WIFI Network Operations General IT-Site support/Network/Systems Administration. , Forensic WIFI teardown to debug major issues.
The Associate of (ISC)² status allows an individual to demonstrate competence in the field by passing the rigorous CISSP exam, and work toward gaining the experience required to become CISSP certified. The vendor-neutral CISSP credential confirms technical knowledge and experience to design, engineer, implement, and manage the overall security posture of an organization.
MCPS: Microsoft Certified Professional
VPN, Network Security, Network Administration, Networking, Active Directory, Security, Windows Server, Servers, Laptops, Routers, Wireless Networking, Unix, Linux, Computer Security, Help Desk Support, Computer Hardware, Windows 7, Cisco Technologies, Firewalls, 9 TCP/IP, Integration, Information Security Management, VoIP, Network Design, Computer Forensics, Information Assurance, Linux System Administration, CEH, Computer Network Operations, Linux Kernel, Samba, XP, Routing Protocols, IPv6, Windows XP Professional, Capillary Puncture, Sendmail, Linux Security, Ethical Hacking, voice over IP, Network Operations, Linux server administration, LDAP Administration, Vulnerability Assessment, TCP/UDP, Quality Assurance & Controls, DNS management, Penetration Testing, Security Audits, CISSP, Interests, Information Technology,Linux, Windows Server, Computer Forensics,Information Security,IPv6, IP, Networking,, ,Spanish, Japanese, Nitro-SIEM, HAWK-SIEM, ALIENVAULT-SIEM, IT Threat Inteligance,
Pentoo Linux, I have been porting Pentoo/(Gentoo Linux Pentesting) to Arm64 builds for many common IOT Devices to be stealthy and Aid in Pentesting research IE Raspberry-pi3 and Rock64 and similar SBC's , as one can cause simulated havok on Blue team/Test Blue team Awareness , and or otherwise , can be easily disguised hidden , so finding them could be a challenge for blue teams...
for Professional Pentesting the are small powerful platforms usful as micro-jump boxes, and or a swarm to gather intel , and complete pentests faster and have better results. , as well TCO of owning vs renting IOT devices makes the easily imaged as well as expendable as next more powerful IOT upgrade hits..
Many can Be Hidden for WEEKS with Cell modem and Batteriesin your ceiling tiles , thus allowing pentest team to go unnoticed for some time, or on your roof using weather resistive cases and a drone chopper to land it.
Researching IOT as a CI-PEN-Integration device , IE Pentest+Dev-ops
as FOSS/Open Source Concepts. , soon as new box goes live hack it, soon as dev-ops loads new software , prove it will not be compromised in a production environment.
Vol for pentoo for 5-8 years , so seams firing to AID in porting to Arm64 for other Users. package scripts/tools to test OWASP TOP 10/SANS Top 20 Critical Security Controls /STRIDE & DREAD models..
Time permitting , I package what I can and contribute what I can to the Pentoo team.