Santander Bank NA 

PKI Engineer

Project SME standing up two new PKI infrastructures for Santander Bank NA.  Responsible for install, configuration, testing, documentation, and support incorporating KeyFactor for certificate management into the PKI environment.  This includes Subordinate Certificate Authorities, CRL Web Distribution, Online Certificate Status Protocol, Network Device Enrollment, Certificate Enrollment Services, KeyFactor Command, KeyFactor Orchestrators, and KeyFactor database servers.

08/2016 – Present           Insight Global LLC               Remote    Perspecta – NMCI                                                

PKI Engineer

Engineer working on Navy contract utilizing Defense Systems Engineering Method (DSEM) deploying Next Generation Enterprise Network (NGEN) PKI Upgrade Project for Navy Marine Corp Intranet (NMCI) network infrastructure.  DoD Upgrade project for multi-tier PKI utilizing Agile following DoD, DISA, and DIACAP guidelines, policies, methodologies, etc.  Responsible for Centrify Upgrade Project on multiple domains.

12/2015 to 08/2016               Diversant LLC                        Atlanta, GA

The Home Depot – Corporate

PKI Security Engineer

Engineering support for multi-faceted enterprise infrastructure encompassing internal/external PKI, RSA CA, Entrust, Symantec, Venafi Certificate Management, and Thales Security Modules.  Heavily involved in large enterprise migration to SHA256.  SME for current and up-coming security encryption projects. Streamlined SLA and work processes for better accountability, efficiency, reporting, and auditing. Involved in SSL certificate renewal tracking for 20K endpoints.

• Modified in-house tracking and reporting system to manage new, renewal, re-issued, and revoked SSL certificates.
• Coordinated after hour’s renewal evolutions for 2250 stores servers with various teams involved in deploying, testing, and checking off successful iterations.
• Involved with evaluating POC for new technologies related to certificate authorities and internal alternatives.
• Lead for new Symantec SEM’s upgrade project for secure transmission of confidential data.

                                   Department of Technology Office

Information Data Architect \ Encryption Engineer

Architect/Engineer for the State of South Carolina Budget and Control Board. Contractor responsible for multifaceted Symantec Drive Encryption deployment Security Project for various Internal and External State Agencies.  Other later projects included CyberArk Sensitive Information Management, Privileged User Management, AirWatch Mobile Device Management, and Nessus Security Center deployments.

•       Architect and lead Engineering Support for Enterprise level multi-Agency deployment using centrally managed model consisting of Server desktop client solution for management of several internal and external agency State client deployment project.
•       SME for Symantec Drive Encryption (previously PGP) solution for all phases including: evaluation, POC, testing, pilot, deployment, and post deployment support.
•      Authored various support documents, test plans, and desktop/helpdesk SOP’s, architectural diagrams, etc.
•        Installed, setup, and configured CyberArk Enterprise Password Vault (EPV) as part of a deployment project.
•         Responsible for Symantec to McAfee Drive Encryption migration project.
•         Supported NESSUS VA project configuring scanning criteria, policies, reporting, deployment methodology, etc.

9/2013 – 12/2013                  General Dynamics                                                                                             Alexandria, VA

US Patent & Trademark Office

PKI-Encryption Engineer

PKI Engineer supporting USPTO Federal Bridge Certification Authority (FBCA) PKI Infrastructure across large campus and remote sites. Responsible for Internal and External network strategies used for User authentication, ID management, Web access, and VPN security.

• Engineering Support for Internal Entrust PKI environment consisting of clustered CA’s, DC’s, F5 Validation Authority- OCSP, clustered and standalone Hardware Security Modules (HSM’s), and ID Management (IDM).
• Maintain External Entrust PKI environment consisting of CA,s, DC’s, AD-LDS, Digital Certificate Management Web and Digital Certificate Management (DCM) Application servers running Entrust Admin Services (AS). Also support TruePass Authentication Section with Electronic Filing System (EFS), Private Pair (PPair) and True Pass Application web servers.
• Responsible for HSPD-12 compliant Card Management System (CMS) for issuance and maintenance of smart cards (PIV).
• Supported Probaris IDM, Biometrics scanners, Active Identity, Secure Mail, Digital Signatures and respective databases.

7/2001 – 8/2012           Computer Sciences Corporation                                                                         East Hartford, CT

PKI-Encryption Engineer/ Security Administrator

CSC

•       Directed the training for 400 Helpdesk and desktop support technicians in supporting various PKI and desktop Encryption security applications at tier 1 and 2 levels.
•       Implemented training of PKI subordinate engineers and administrators to support tier 3 level.
•        Installed and maintained the Corporate PKI infrastructure, including patches, version upgrades, application changes, log management, and security assessment systems.

·         Developed numerous PKI desktop installation client packages to match various operating system versions as well as custom installers to work at out of scope international locations in Asia and EMEA.

United Technologies

•     Key player in UTC Enterprise large scale PKI Migration Project.
•      Executed the cloning of UTC production environment of  Entrust 5.0 CA, Subordinate 5.0 CA, Syntegra X500, Staging LDAP server, Entrust 7.1 CA, and iPlanet LDAP servers. Coordinated with Vendor and Client staff to the successful completion within designated timelines.
•     Stood-up complete new PKI environment after migration consisting of Entrust CA, Messaging Server, Compliance and Webmail Appliance servers.
•      Set-up PKI policies based on UTC, CSC, and Entrust role models.
•      Executed the customization of the new Messaging Server to perform harvest requests and automated many areas of how traffic is handled thru UTC mail hubs.
•      Engineering support for 5 Encrypted Email scanning Compliance Servers and management console used for content scanning government ITAR restriction and compliance requirements.

·         Configured SNMP trap reporting Servers status to mobile devices for after hour monitoring and required action.

Pratt & Whitney

•     Integrated with PW Security Team working out specific roles, policies, and support methodologies to cover file, folder,  mail, and SAP based Encryption methodologies.
•      Principle CSC engineer for all Checkpoint FDE and CME Encryption server based deployments.
•      Directed and implemented all configuration, customization, and support of server and desktop Encryption clients, upgrades, patches, troubleshooting, etc.
•      Operated Level three support for all Checkpoint  Encryption applications

Rocketdyne

•      Key contributor engineering and migrating Rocketdyne LDAP exchange system to join Pratt & Whitney’s to allow standard organization email Encryption to function from different networks.

.

Hamilton Sunstrand

•       Vital Security Team member in large Boeing Hamilton email Encryption project allowing said companies to share public certificates for ease in CONUS email communications stored on ldap proxy server
•      Instigated the training of all Windsor Locks desktop support teams in latest Encryption technologies and techniques supporting various Encryption desktop application versions.
•      Directly supported Symantec Critical Systems Protection suite which secures and blocks various proxy points for servers in the organization.

Sikorsky

•       Represented Security Team in smartcard Encryption deployment project meetings.

·         Integrated with Stratford Security and Desktop Teams on various Encryption projects and mentoring areas to get them up to speed on product support.

Carrier and Otis

•       Established onsite training of Farmington Desktop Support Technicians on PKI and Checkpoint FDE and CME clients.

• Assisted in preparing these vessels for annual information security IAVA certifications.
• Contributed to creating training material, powerpoints, etc for  various units infosec training requirements as tasked.
• Administered, patched, and implemented IAVA to Naval Submarine Support Command.
• Stood-up Hercules/Citadel servers to download all pertinent security patches and IAVA material from US Navy REDCOM center.
• Provided over 400 hours of information security training to more than 200 sailors from various ships and subs and four aircraft squadrons based in Norfolk and San Diego.
• Performed information assurance vulnerability assessments on more than 12 ships.
• Fly Away Team member performed pentests and vulnerability assessments, password cracking, reporting, assisted crew with vulnerability mitigation, to complete mission scanning both NIPR (Unclassified) and SIPR (Classified) Navy networks on target ships.

• Administered, maintained, troubleshot, upgraded, configured, installed, and repaired all pertinent Base wide network needs for 600 users complying with Novell and NT 4.0 hierarchy.
• Implemented Information System Security and Antivirus resolution.
• Upgraded and built custom PC configurations following Navy Base Network guidelines and standards.
• Assisted in the installations of 5 network classrooms consisting of approximately 104 workstations to be used for training in both highly classified and unclassified areas.
• Upgraded Navy Base Standard Training Activity Support System computers to present NT 4.0 version status, using Ghosting software for efficiency and speed, applying all Oracle upgrades and patches allowing secure firewall penetration utilizing Alta Vista Tunnel protocols.
• Lead technician for Base upgrade project of 600 users from Novell based Lotus CCMail email client to present MS Exchange Server 5.5/Outlook 2000 client, training and working with Upgrade Team Members.
• Resolved various helpdesk IT issues from printer configuration to network troubleshooting in base offices and student labs.
• Trained  20 Cryptologic Maintenance Technicians to support aforesaid  Helpdesk( Navy Instructor Certified).
• Recommended preventive, mitigating, and compensating controls to ensure the appropriate level of protection and adherence to the goals of the overall information security strategy.
• Assisted in the development of access-controls, separation of duties, and roles.
• Conducted technical risk evaluation of hardware, software, and installed systems and networks.
• Assisted with testing of installed systems to ensure protection strategies are properly implemented and working as intended.
• Assisted in incident response and recommend corrective actions.
• Implemented Security training with base personnel covering potential network environment threat vectors.
• Participated in forensic recovery and analysis of base assets..

• Conducted training and operations for US and NATO navies, above, below, in the air and on Vieques Island utilizing electronic warfare systems and weapons release simulating actual combat environments.
• Implemented remote radiating of controlled emissions simulating hundreds of enemy fire control/missile and friendly radars for training requirements so foresaid units could identify and report efficiently and speedily these correlations. Reports were then analyzed and evaluated for accuracy for final grading of participating units.
• As Information Security Officer was on fly-away team transiting between Puerto Rico, Vieques, St Croix, and St Thomas Islands. During these missions facilities Information Systems would be regularly scanned for possible security compromises, viruses, illegal software, improper use of computers, password control, network vulnerabilities, etc.
• Networking team member in the upgrading and relocation of 16 HP TAC-3 UNIX system fiber optic network including splicing 80 strands and rerouting. This network was highly classified due to its use in Caribbean Anti-Narcotic missions being fed raw data from P-3’s, U-2’s, ship and land based units and facilities.

  JMCIS-UNIX Administrator/IT Support/Electronic Warfare Technician

• Worked with Navy Research and Development (NRAD) installing Joint Maritime Command Information System (JMCIS) a HP-TAC-3 UNIX based network which encompasses various external systems to communicate effectively via classified satellites, sea, land, and air based units bringing intelligence gathering, communications, and instantaneous targeting data together for the fleet.
• As part of Admirals Staff was flown to Japan to participate in Operation Foal Eagle on USS Duluth, manning JMCIS gear in Command Information Center, working closely with intelligence gathering Cryptologic Technicians.
• As a ULQ-13 Van Operator/Technician was responsible for transiting to various land sites including Fallon, Nevada, where electronic warfare was conducted against Navy air units including Top Gun. Responsible for programming radar simulations and radar/communication jamming of aforesaid units.
• Supported Raytheon complete upgrading of (6) Vans including a complete refit of all remotely controlled computer transmitting networks. Also worked on 440 VAC high voltage TWT type signal generators, troubleshooting, maintaining, and repairing equipment.

Certification Path

Certified Ethical Hacker- CEH  03/30/2011

Certified Network Defense Architect- CNDA  05/15/2011

Computer Network Defense In Depth Baseline Assessment 9/2008   SPAWAR Atlantic Fleet             Naval Base, Norfolk VA.

Entrust Security Manager Administration Comprehensive     9/2005 Kanata, Ottawa, CAN.

Security Certified Network Professional – SCNP  Hardening the Infrastructure      10/2004

Linux + CompTIA      7/2004

Security Certified Network Professional – SCNP  Network Defense Countermeasures            5/2004

Security Certified Network Architect – SCNA Advanced Security Implementation                                    4/2004

Security + CompTIA      2/2004

MCSE 2000 Core and Electives
4/2001          University of West Florida US-FL-Pensacola

Certified Intergraph Computer Aided Design (CADD) Drafter  11/85

Venafi Certificate Management

Entrust Certificate Authority       

Entrust Messaging Server

Entrust WebMail

Entrust Compliance Server

Entrust Truepass

Pointsec Mobile Security

RSA SecureID

Checkpoint Full Disk Encryption

Checkpoint Media Encryption

Symantec Critical System Protect

Symantec PGP WDE Encryption

Microsoft CA, ADCS

Vericept 360

Vericept Protect

Perl, HTML

Visio

Adobe Photoshop

Gimp

McAfee ePO

McAfee Drive Encryption

MS Server 2003+

MS Exchange

eEyeRetina

Backtrack/Metasploit

SecureID Administration

TrueCrypt

PIV Smartcards

CyberArk PUM

CyberArk SIM

•       Letter of Commendation for Navy Base MS Exchange/Outlook upgrade project.
•   Letter of Commendation for Navy Marine Corp Relief Drive Volunteer Excellence,
•       Letter of Commendation for American Multi-Heritage Committee Volunteer.
•   Awarded (3) Letter of Commendation for outstanding training to the fleet.
•  Volunteer Roosevelt Roads Elementary Schools Science Club Administrator- working with US Fish and Wildlife Biologists saving endangered green sea turtles..
•      Received Letter of Commendation for superb Electronic Warfare training to the Navy (Top Gun).
•    Letter of Commendation for researching and building (4) Russian T-49 mock mobile gun units to be used for search and destroy mission training in the Pacific.
•     Volunteer and coordinated Adopt-A-School program in San Diego.

NAVY MEDALS & RIBBONS:

Navy and Marine Corps Achievement Medal (4)

Navy Battle “E” Ribbon

Navy Good Conduct Medal (3)

Naval Reserve Meritorious Service Medal

National Defense Service Medal

Global War on Terror Service Medal

Military Outstanding Volunteer Service Medal

Navy Sea Service Deployment Ribbon (2)

Naval Reserve Sea Service Ribbon

Cold War Medal

INTERESTS:

Information Security, Cyber Warfare, Military History, Computers, Graphics, Chess, Model Building, Antiques, Collectibles, Zymurgy, Science Fiction, Boating, Martial Arts, and Archery.