Designed and built a new Splunk infrastructureMentored and guided a team of up to seven peopleManaged Enterprise security solutions, including firewalls, load balancers, virtual private networking and network access controlAssisted in project planning for Enterprise security solutions

• Represent the ARINC Direct business unit within Collins Aerospace and with customers who make inquiries regarding the security posture of the business.• Review and provide security-oriented feedback for all system wide changes relating to software or infrastructure.• In accordance with the Collins Aerospace Security Governance Board, coordinate the establishment, implementation and adherence to policies and procedures that guide and support the provision and use of information technology services and hardware.• Monitor vulnerability notices from vendors, security agencies and governmental resources. Track company compliance in resolving such vulnerabilities.• Monitor the logs from the business unit’s firewalls, intrusion detection systems (IDS), web application firewalls (WAFs) and proxies for indications of compromise, intrusions or policy violations.• Maintain the ARINC Direct security devices while ensuring that change control procedures are followed.• In my role as security SME I assisted with the successful migration of a major offsite location into the Collins Aerospace network.

- Lead and instruct CrossFit classes utilizing proper mechanics and form- Periodically perform fundamentals classes for new members in preparation for joining regular classes

Assess and assist in the management of complex and specific risks associated with modern information systems and networks.Coordinate the establishment, implementation and adherence to policies and procedures that guide and support the provision of information security services.Monitor vulnerability notices from vendors, security agencies and governmental resources. Track company compliance in resolving such vulnerabilities.Analyze, respond to and investigate system and security alerts and conduct forensic investigations.Monitor the aggregate logs from the enterprise firewall, system, proxy, virtual private network (VPN) and intrusion detection system (IDS) for indications of intrusions, compromise or policy violations.Manage the Enterprise wide anti-virus solution.Perform ad hoc network, operating system and application scans and general vulnerability assessments to ensure all patches, hardening and compliance rules are being met prior to the host being allowed on the production network.Perform monthly scans of the network hosts, databases and applications utilizing several COTS and FOSS tools to ensure compliance with company security policy.

Assessed security events from the IDS appliances to determine impact and recommend corrective action to remediate vulnerabilities, exploits or policy violations.Reviewed and engineered architecture solutions for IDS placement to maximize network visibility and overall ability to detect malicious traffic or activity.Worked to add segments to the existing implementation and made suggestions to augment with placement of additional appliances at critical data points. Maintained change management documentation.Monitored the aggregate logs from the enterprise firewall, system, proxy, virtual private network (VPN) and intrusion detection system (IDS) for indications of intrusions, compromise or policy violations.Reviewed, recommended and implemented filters to reduce false positives.Performed ad hoc network, operating system and application scans and general vulnerability assessments to ensure all patches, hardening and compliance rules are being met prior to the host being allowed on the production network.Performed quarterly scans of the network utilizing several COTS and FOSS tools to ensure compliance with company security policy and industry/government regulations.

Supervised a staff of up to 18 with varying levels of security and technical expertise.Evaluated, implemented and managed production security systems, including firewalls, intrusion detection and vulnerability assessment.Created and drove the roadmap of services and tools to keep established customers and improve our ability to attract and obtain new customers.Updated and maintained security processes and documentation for monitoring to ensure compliance with customer SLAs.Acted as consultant to other functional teams to help determine needs and develop requirements as well as determine security implications.Provided analytical training and support for new analysts and others interested in IDS technology.Provided direction and guidance to program staff to assure compliance with security and appropriate use policies.Acted as the final escalation point for all technical and customer service issues.

Configure and Administer Cisco Pix and ASA firewalls.Administer Checkpoint and Juniper Netscreen firewalls.Configure and administer Cisco Intrusion Detection Systems (IPS, ASA w/ IPS & ISR) and Snort IDS to include maintenance, updates, signature filters and disaster/IOS recovery.Configure and administer Snort Intrusion Detection Systems to include scripted installation, maintenance, updates & signature filters. Administer other market leading Intrusion Detection Systems; Enterasys, ISS & McAfee.Utilized CompuCom’s proprietary analysis tool to view alerts from the customer IDS sensors and to determine at the packet level if there was a valid intrusion attempt. When necessary I would implement or seek to implement countermeasures.Monitor and analyze security alerts using SEIM products (envision and eIQ) by build correlation rules that would generate alerts based on a determined set of rules.Administer open source servers, services and applications; Red Hat Linux, Barnyard, Apache, Wikimedia & Nagios.Generate customer tickets and provide phone based support to bring issue to resolution.Evaluate, review and recommend action to customers based on their environment.

Administered Windows 2000 and Windows 2003 servers that included print, IIS, DHCP and DNS services.Created new corporate accounts (NTID and/or mail) using the REGDB system.Maintained a Ghost server for rapid (re)deployment of desktops and laptops to end users.Maintained server backups using Veritas Software's Backup Exec 9.1.Utilized the Remedy ticket system to respond to trouble tickets.Run Net/Mini Stumbler to prevent rogue access point installations.Update and patch all affected Windows client and server machines as needed.Dropped new telecommunication lines that include Ethernet, coax and phone.Troubleshoot and repair software and/or hardware problems as they arise.

Administered Windows 2000 and NT 4 domain controllers, SQL 2000, file, and print servers, which include IIS, DNS, WINS and DHCP, as well as several FlexLM implementations of COTS applications.Maintained port connectivity and VLAN configuration on Cisco 6509 and 2950 series switches.Administered the centralized Anti-Virus server system which resulted in 0 virus infections.Administered the centralized updates and patches to all affected Windows client and server machines using Update Expert and Windows SUS.Assisted in vulnerability scanning using several applications including GFI Languard and Internet Security Scanner. Used L0phtCrack monthly to test password complexity compliance.Maintained server backups on Mission-critical web and database servers using ArcServe 2000.Tested new products, service packs, hot fixes and GPOs in an isolated test lab for possible deployment on production machines.Troubleshoot and repair software and/or hardware problems as they arose.