Mentoring of Jr employeesCreate and update Policies and ProcedureseDiscovery as neededPenetration Testing of Network, System and ApplicationsNetwork Security.Creator of Internal Blog/Articles for Security Alerts and trainingWork alongside various departmentsAnswer directly to Infrastructure Manager and VP of ITReview of Applications and Systems that may affect IT Security posture.MS O365 Defender, Exchange, DLP Policies. Answer alerts for MS Defender, Canary Honeypot, SIEM and vaious other tools. Create SOP for all Alerts to train SOCWork with SOC to get them up to speed about requirements.Attend Meetings from a Security Perspective adding in Cyber Security opinions and reviews.Lead various people towards Cyber Security and Safety thereof.

Various duties taking care of the Security Needs for the chosen application and website.Vendor selection, interfacing, website scans and maintaining.

Sr Security Specialist Responsible for:- Application Security & Infrastructure Security- SOC Development- PAM Managers, Architecture and Installation, SME- SPLUNK expertise- In Lab Testing and Determinations- Linux (RHEL) SME- Mentoring- Agile Development- Cloud Security- SSO and Federation- Business Analytical Skills- Documentation and Architecture- Testing Plans

Cyber Security encompassing, Network, Personal, IoT, Applications and Wireless. Broad background in various technologies and disciplines. Familiar with a wide range of Standards for Cyber Security (ISO27k, NIST SP800's, etc.)Hands on experience in Cyber Security for over 17 years.Knowledge Sharing and Developing.Knowledge Base systems ArchitectFirm believer in documentation to share information.Field Engineer to install, maintain, troubleshoot and guide for various companies and products. Worked as and with Delivery Managers.Policies and Procedures, review, design and develop.Policies & Procedures for PCI-DSS and GDPR Development including Audit. All in accordance with various frameworks from NIST SP-800 series, ISO 27k, etc.Mentoring of IT Staff.QA Design, Labs and implementation of Field Engineer LabsArchitect for various Lab environments (ultimate Sandboxes)R&D for swap out of older technologies.Technical Writer for full documentation of various requirements.Technologist within Cyber Security for over 15 yearsConstantly advancing my Techno-lust through training, hands on testing/developing and with my multi-tiered Lab in basement.VMware 6.x, SAN, WAN, LAN, NAS, Linux, Windows, Raspberry Pi, Platform Agnostic.The words "cannot be done" is not part of my vocabulary. There are thousands of ways around obstacles. The secret is to be able to think outside the box.

- Field Engineer interfacing with Clients and Management on daily basis.- Created and Installed various Knowledge bases to capture various aspects of day to day interactions with technologies, Engineering, troubleshooting and remediation techniques. - Manage various Microsoft SharePoint Portals and Informational areas.- Created tools (scripts) to better ascertain from large data sets information required to create COIs for the Client, within a Stealth Environment.- Forensic research into various events both from a Security perspective as well as software behavioral perspective.- Incidence Management for clients.- Data Center Management of Stealth Appliances and VMs.- Contributed or initiated technical artifacts through team collaborations for Stealth and Security communities of practice.- Maintain Stealth Equipment, Monitor same and troubleshoots problems when or if they arise.- SME for various versions of Linux (RHEL, Ubuntu, etc.)- Develop various Linux Scripts for clients and internal use.- Help develop Endpoint Monitoring solutions for Client and internal.- SIEM management using various Log Aggregation packages both commercial and opensource.- Set up and maintain Stealth Verification Center for clients.. - Tasked with design & install Field Labs for all Unisys Stealth Employees (field engineers and Engineering) to test and verify Stealth capabilities. - Cyber Security maven pushing Awareness and New techniques and within networks and applications- Trouble shoot AWS instances for POCs, Clients and other reqs.- Set up Unisys QA Labs with multi-node VMware (ESXi) with vCenter to manage over 1,000 VMs and external servers introducing 1,500+ Linux Containers. - Implemented various software packages to create test cases, bug tracking and remediation.- All labs are in a “sandbox of sandboxes” with connectivity only via VPN on internal network.Network and Cyber Security systems Consultant.

Contract Sub for HP/Fortify in helping client during their initial set up and roll out of Fortify SSC and SCA products.Strategic Consulting to Client for Fortify SSC and SCA products. Helped to define directions as well as troubleshoot issues for both Fortify and Client. Created guidance towards Build Automation and Integration using Fortify SSC/SCA, Jenkins, Maven and Sonar.

Help clients develop Application Security Incentives.Interface with Mgt including CISO, ISO and other Inter-Agency ISOs & CISOs.Create Security Standards for RFP process, including review of bids for security requirements focusing on Application and Infrastructure security. Client, New York State Department of HealthCreate a Standard Risk Assessment spreadsheet that all potential vendors must complete to help identify Security Risks and pinpoint areas where vendors must improve towards Security Standards adopted by the NYSDOH.Review/create Security Policies and Procedures as related to various aspects of Security. Create an SDLC for NYSDOHTrain individuals in App Sec, Black Box Pen testing using auto and manual tools (AppScan, WebScarab, BSP, others). Audit of Pen Scans to determine Pos/Pos vulnerabilities. Create custom reports to be used with AppScan.Set up Fortify (certified Fortify Pro) products, train and install. Train Developers in the use of Fortify.Created an internal Application Security Portal for Developers and Management to learn more on how to prevent Vulnerabilities for Applications.Monitor and suggest Database Security tools and techniques.Create Web log scanning software to look for potential new vulnerabilities being attempted on new and existing Web applications.Ran various Pilot Programs for Mobile Device Management (MDM), Cloud Initiatives including Cloud Storage for NYSDOH.Wireless investigation lead to discover and recommend secure Wireless implementation for NYSDOH (Client) including wireless penetration testingSecurity lead with CISO to work with potential Vendors on various RFPs.Act on behalf of NYSDOH CISO for various Security meetings and reviews.Installed Test Lab for Application Security and dissemination of attack software (malware, stealthware web based attacks towards various servers and services)Detailed Status reporting on various tasks and functions that were required throughout contracts.