Senior IT Security Specialist @ From September 2013 to Present (2 years 4 months) Security Architect / Engineer @ From December 2007 to September 2013 (5 years 10 months) Sr. Security Engineer @ Managed a team of consultants responsible for security equipment upgrades, maintenance, logic and integration. Managed relationship with an MSSP including contract negotiations, systems upgrades
Senior IT Security Specialist @ From September 2013 to Present (2 years 4 months) Security Architect / Engineer @ From December 2007 to September 2013 (5 years 10 months) Sr. Security Engineer @ Managed a team of consultants responsible for security equipment upgrades, maintenance, logic and integration. Managed relationship with an MSSP including contract negotiations, systems upgrades and intrusion monitoring and alerting.
Developed an internal security monitoring program including processes for incident response and management reporting. To solve numerous audit issues for SOX and FFIEC compliance, implemented technologies including ArcSight ESM for server log correlation and privileged user monitoring. Implemented a vulnerability management program including a commercial vulnerability scanner and procedures for remediation and reporting. Managed third party penetration tests and ensured all issues were quickly resolved.
Served as a security consultant on various IT projects including interbank payment systems upgrades, new operating system and application rollouts, network hardening and office expansions.
Co-designed a secure network infrastructure including network architecture, segmentation, layered firewalls, VLANs, Proxies, and other Defense-in-Depth strategies for a new data center. From September 2006 to December 2007 (1 year 4 months) Manager, Penatration Testing Team @ Managed a team of programmers, operators and technical writers, with the goal of proactively testing the security of US military networks. Revised the testing methodology to focus on accessing sensitive information instead of technical rights and privileges. This directly influenced executive management and was effective in gaining support to enhance IT security programs. Lead and directed operational activity including network reconnaissance, vulnerability scanning, exploitation and compromise activity, social engineering and report writing. Delivered test results and presentations to senior leadership including base commanders and civilian IT executives, with detailed action plans and recommendations to secure impacted networks. From July 2005 to September 2006 (1 year 3 months) Sr. Incident Responder @ Led numerous incident investigations, working with US military personnel and joint intelligence departments. Responsible for log analysis using IDS, Firewall, SIEM, anomaly detection, server and application logs. Identified attacks on military systems and deployed sniffers to understand attack techniques for signature development and alerting.
Architected and deployed commercial and government developed Intrusion Detection and Prevention Systems. Maintained policies and signatures on over 20 systems on 13 bases. This was part of a larger initiative to implement a more sophisticated security monitoring and defense infrastructure. From November 2003 to July 2005 (1 year 9 months) Lead Network Security Engineer @ Marine Corps Tactical Systems Support Activity: Deployed with 3rd Marine Air Wing, in support of Operation Enduring Freedom, in building their network infrastructure. Responsible for Network Architecture, Firewall Policy, Proxy, IDS, URL filtering, DNS, Active Directory, Routing and Switching configurations.
7th Communications Battalion: Built networks from the ground-up in support of deployed operations. Built Windows NT Domains, including configuration and maintenance of DNS, Exchange, and other Windows applications and services. Configured Cisco routers and switches, as well as Gauntlet Firewalls on Free BSD. From November 1999 to November 2003 (4 years 1 month)
Computer Networking @ Marine Corps Communications and Electronics School Michael Cena is skilled in: Vulnerability Management, Intrusion Detection, Incident Management, Log Management, Security Architecture Design, Configuration Management, Windows Security, Linux Security, Vendor Management, Pricing Negotiation, Information Security Management, Information Security Policy, Security Information and Event Management, Penetration Testing, Information Security
Looking for a different
Get an email address for anyone on LinkedIn with the ContactOut Chrome extension