• Lead the incident response process, organizing bridge calls with relevant stakeholders. Tracking and assigning tasks across multiple teams.• Automated triggers and playbooks within Red Canary to alert on and remediate threats.• Converted enterprise EDR solution to behavioral AI protection by replacing VMware Carbon Black with SentinelOne Singularity XDR.• Established procedures for incident response using opensource tools like DFIR-IRIS. Allowing case management collaboration across response teams.• Setup log ingestion from multiple solutions into Splunk Cloud.• Developed alerts and timed reports from Splunk Cloud apps/applications and dashboards.• Created Rapid7 InsightVM dashboards for better vulnerability tracking and team coordination.

• Deployed Rapid7 InsightVM to detect and manage endpoint common vulnerabilities and exposures (CVE).• Integrated Rapid7 InsightIDR with multiple event sources for SIEM data collection.• Created filtering rules for Microsoft Office365 to filter SPAM and phishing threats.• Regularly scheduled enterprise security awareness training using KnowBe4. • Identified email threats with KnowBe4 PhishER.• Audited infrastructure to meet CIS workbench baselines.• Audited logon activity, server changes, and user behavior with ManageEngine ADAudit Plus.• Created automation flows with Microsoft Automate to quickly remediate suspicious activity.• Implemented secure password storage with opensource software Teampass.• Deployed software, including the Rapid7 Insight client, to all endpoints utilizing Microsoft System Center Configuration Manager (MS SCCM).• Created and managed servers with Microsoft Hyper-V and VMware vCenter.

• Identify risks across the enterprise with Rapid7 InsightVM.• Created Security Baselines to keep critical hosts up to date.• Integrated Two Factor Authentication (2FA) utilizing RSA in conjunction with Group Policy.• Implemented threat detection with Kroll and Red Canary. Enabling the IT team to perform potential threat investigations.• Deployed Carbon Black Defense to compliment Carbon Black Response and Carbon Black Protection, therefore hardening endpoints.• Deployed SSL certificates for internal websites.

• Identified risks across enterprise with Rapid7 InsightVM.• Integrated Two Factor Authentication (2FA) utilizing RSA in conjunction with Group Policy.• Implemented threat detection with Kroll and Red Canary. Enabling the IT team to perform potential threat investigations.• Deployed Carbon Black Defense to compliment Carbon Black Response and Carbon Black Protection, therefore hardening end-points.• Integrated SSO between Jobvite and internal Active Directory.• Migrated virtual environment from Microsoft Hyper-V to VMware ESXi hypervisors.• Saved on Microsoft server licenses by moving VMware vCenter to vCenter Server Appliance with External Platform Service Controller (PSC).• Replaced Dell Compellent storage with Hybrid Flash Tintri T880 and T850 VMStores.• Hardened computers by replacing Symantec Endpoint Protection with Carbon Black Protection for protection from malware/antivirus.• Implemented endpoint forensics with Carbon Black Response.• Setup SSO authentication with On-Premises domain and Microsoft Azure with AzureADConnect.• Upgraded Dell PowerEdge rack servers across two datacenters.• Protected sensitive passwords in a central repository using TeamPass.• Implemented IP Address Management with opensource software PHPIPAM.• Implemented Windows System Update Server WSUS to manage computer updates.• Implemented Group Policy to harden domain.• Installed Synology NAS devices.• Managed domain CA certificates.• Managed Microsoft license keys with Microsoft KMS.• Deployed and upgraded to Windows Microsoft Server 2016.• Deployed multiple linux VMs including CentOS and Ubuntu.• Built disaster recovery hot site.• Upgrade and managed Microsoft Exchange 2016.• Implemented a training program for the computer support department with subscription to PluralSight.com.• Monitored health of virtualized environment with VMware vRealize Operations Manager.• Manages Active Directory infrastructure. Deploying software and policies using GPO.

• Conducted internal audits and assessments to meet Payment Card Industry (PCI) Security Standard compliance.• Upgrade VMware vSphere environment to v5.5• Improved VMware environment performance and efficiency using data from VMTurbo and vCenter Operations Manager.• Expanded virtual environment capacity by adding chassis and blades to Cisco UCS.• Migrated over 3000 mail user from Microsoft Exchange 2010 to Microsoft Exchange 2013.• Replaced EMC Clariion SAN at two data centers with PureStorage. Moving to a full SSD implementation for SAN.• Implemented VMware vCenter Operations Manager to monitor VM resources and usage.• Configured Cisco Unified Computing System (Cisco UCS).• Deploy servers on demand using VMware vSphere 5.5.• Deploy VDI clients using VMware View 5.2.• Provision storage on EMC products such as Clariion CX120 and CX240.• Performed SAN zoning on Brocade and Cisco switches.• Set folder and share permissions using Microsoft file servers and EMC Celerra NS2G and NS-120.• Migrated Microsoft Exchange 2007 to 2010.• Implemented email archiving using Symantec Enterprise Vault and Exchange 2010.• Performed and scheduled full and incremental backups using EMC Networker and Symantec Backup Exec• Managed internet traffic with Microsoft TMG 2010.• Moved primary datacenter of over 300 physical and virtual servers from Los Angeles to Las Vegas with little to no down time.• Implemented VMware vCenter Site Recovery Manager for disaster recovery and planned migrations.• Managed and deployed hardware key fobs and software tokens using RSA Authentication Manager.• Monitored physical server health using Dell Open Manage.

• Managed the server, network and developer teams.• Achieved 100% systems compliance with the Information Assurance Vulnerability Management system set by the Defense Information Systems Agency (DISA).• Coordinates with MCTOG command to implement network outages in support of network maintenance.• Receive, process, and execute mitigation for Information Assurance Vulnerability Alerts to include network elements, encryption devices, operating system, application server software, hardware updates, and patches.• Identify and develop network requirements in support of unit training, develop logical network diagrams from requirements, validate and update physical network diagrams as required.• Designed and setup tactical and garrison networks using Cisco Catalyst 3750 switches.• Cross-connected and extended T1 lines over 10 miles using Cisco 2821 Integrated Services Routers. • Configure logical and specific IP addresses for network elements, according to the network plan.• Configure, operate, modify, and maintain logical domain using MS Active Directory.• Planned, installed, and maintained MCTOG data network servers to include Microsoft Server 2003 servers to include Domain Controllers, DNS Servers, DHCP servers, Exchange Servers, SharePoint Servers, Print servers, Backup servers, WSUS Servers, Antivirus Servers, and Virtual Machines using VM-Ware, ESX Server, and Microsoft Virtual Server, to act as application server platforms.• Setup, configured, and maintained the Cisco router and switches in a Core, Distribution, and Access Layer design. This includes updating and backing up configurations as well as researching better ways to secure the network. Setting up encryption on the hardware and port security via MAC address port reservation.

• Responsible for conducting internal audits and assessments in classified and unclassified computing environments through standards including Security Technical Implementation Guides (STIGs)• Increased availability of resources by implementing and managing network area storage.• Supervised the installation of a high-speed (OC-192) dual SONET ring utilizing Cisco 15454 Optical Network Systems providing 100% core network uptime.• Used Windows Server Update Services and Symantec Endpoint Protection Server to maintain and patch servers and workstation.• Restored and maintain backups of all corporate e-mail, Windows and UNIX servers and SQL databases, minimizing down time.• Experience with DHCP, DNS, WINS, TCP/IP sub netting and routing.• Kept servers at peak performance by performing hardware and software upgrades.• Maintained a large Windows Active Directory Forest supporting over 10,000 users.• Created and deployed software using Microsoft Systems Management Server (SMS)