View
13
Download
0
Category
Preview:
Citation preview
Kenneth Howard Long5509 9th Street NW Apt #100 Washington DC 20011 |Cell#: (301) 996 4518 |Email:Kenneth.long0714@gmail.com
Objective
To obtain an IT position that will strengthen skills and experience, so that one can achieve Sr. level.
IT Technologies/Tools Used in the past
Arcsight: Created and modified active list and channels to parses out anomalies
Created active rules to detect malicious traffic
Monitored over thousands (DNS, Proxy, WAF, Firewall, Antivirus, Email and IDS/IPS) logs daily to tune or get rid of false
or noisy rules.
Arcsight Logger: Generated logs from 24 to 48 hours to investigate infection vectors, when possible infection was detected from
SEIM tool Arcsight.
Netwitness: Created custom drills to generate full live packet captures for rule creation and investigation purposes
Sourecfire: Created custom rules for the following detection phases (C2, Scanning, Installation, redirection, and delivery)
Impervia web application firewall: Monitored and Created APT scanning rules to create ICF reports.
Mandiant Mir: Generated jobs to investigate successful or non-successful malicious executables, from an end point threat detection
Perspective.
Archer: Created incident reports daily to keep track and discover patterns, or trends, as well as possible APT activity.
Cisco IronPort: Used daily to determine if emails were categorize correctly as spam, and not APT.
Round Cube: Used as sandbox to determine if email document was weaponized or not.
Linux Ubuntu: Created virtual machine to examine malicious redirects and possibly none bad website.
Basic to intermittent level of navigating via Terminal
Create, delete, and move file and directories via sudo/ sudo su
Utilized GREP commands to query particular information when need
System Center Operations Manager (SCOM): Monitored the following type of alerts for over fifty servers daily (failed connections,
failed services and volume space to notify server team, or perform standard operating
procedure according to situation.
Semantic NetBackup: Monitored over two hundred backups nightly to notify storage team of any issues, or perform standard
operating procedure according to situation.
Re-run/Restart backup jobs, and policies to perform tape ejects, standard operation procedures, etc.
Viewed over two hundred backup jobs nightly to generate backup report.
Solarwinds: Monitored over 20 nodes to escalate or notify networking team of any issues accordingly.
Cleriion: Monitored, and Performed standard operating procedures for failed drives, so that all backup data in the environment was
never lost or corrupted
Bell Secure Works and Fire-eye: Viewed security alerts daily to determine if a ticket needed to be created for a wipe request, and
be pulled of the network.
Windows Server 2K3/r2, 2K8/r2, 2K12/r2: Installed patches monthly to secure, and decrease issues.
Created, modified, and reset active directory accounts
Added or removed members from groups.
Performed weekly rebooting procedures
Created shared drives.
Added new printer to print server with specific permissions.
Cisco Unified Admiration Phone System: Modified users extensions, and side cards.
Discontinued users phone extensions
Configured new phone for users
Citrix : Installed client software for over 60 users.
Viewed, and restarted user sessions for trouble shooting purposes via Citrix Director
Assyst: Created, Resolved, and assigned tickets daily
Ran trouble tooting procedures to ensure ticketing system was functioning correctly
Virtual Box: Created virtual machine using Linux operating systems to examine malicious redirects.
Vsphere: Monitored over 40 servers daily to complete daily task.
Microsoft Office suite: Install software client via Word, Outlook, Excel, and PowerPoint
Import / export email via outlook
Setup email rules via outlook
Created spread sheets via Excel
Created word documents with specified formatting via Word
Additional Knowledge
TCP/IP protocols and concepts: Basic to intermediate level of understanding of the following DNS, DHCP, Telnet, SSH, LDAP, IP,
IMCP, ARP, TLS/SSL
Understanding of the three way handshake and TCP vs UDP traffic via Wireshark
Understating of the OSI model layer seven to one
Cisco Switching and routing: Basic to intermediate understanding of configuration commands via putty as follow below:
Create vlans, set static, dynamic, and default routs, show IP route, show vlans, show run,
Show ip protocol, do show run, configure router on a stick, configure telnet / SSH, Create passwords
and banners, change/ create host name.
Basic to intermediate understanding of programing concepts using the following languages via notepad ++
HTML/CSS, Python, Ruby, PHP, JavaScript: Create a basic webpage,
Basic understanding of for loops, if/ if else statements, creating values and strings,
Puts and prints, console log, Boolean logic,
EXPERIENCE
Robert Half Technology
Second to third level IT support technician/analyst Bethesda, MD May 2015 – Aug 2015
Assist with IT support for over three hundred users daily which lead to higher user satisfaction.
Troubleshoot Citrix and printing issues daily which led to gaining a better understanding of issue trends.
Execute system admin task to provide daily fixes to cut down issue trends.
Imaged / installed laptops and desktops for new users which led to higher user satisfaction
Influence IT processes and procedure methods to implement a level of organization / structure which let to task getting
done more quickly and efficient.
WilmerhaleGlobal Operations Center Operator/ Technician Washington, DC October 2014 – March 2015
Performed system and environmental monitoring including reporting and analysis.
Performed backups of data throughout the enterprise; monitor backups, change backup tapes and maintains inventory of on
and offsite tape storage.
Performed physical installation of servers and network equipment as needed.
Connected systems to the network devices
Monitored data replication functionality, resolves replication issues and reports errors appropriately.
Resolved the majority of Infrastructure issues using the IT Knowledgebase, and escalated more complex problems to
Infrastructure Engineers in a timely manner.
Assisted Infrastructure Engineers and other Data Center staff as needed.
Maintained inventory of all equipment in the production Data Center.
BAE Systems Security Operations Center Analyst Herndon, VA February 2014-July 2014
Utilized Arcsight (Security Information Event Monitoring) tool to identify malicious network traffic daily
Request reimaging and wiping of hard drives, protect company’s data and assets
Performed triage level forensic of host investigations to identify the root cause of infection, malicious processes and
artifacts of compromise, add to teams awareness on identifying malicious groups and patterns
Wrote and tuned signatures based on different types of CND (Computer Network Defense) scenarios, Improved ESM tool to
detect unrecognizable malicious activity
Utilized Archer to create detailed incident reports that include activities leading to compromise, remedial actions and
preventative control recommendations, keep the company up to date on targeted attacks
Performed ICF reports on recon / vulnerability scans daily
Education History
Year Up/ Northern Virginia Community College Washington, DC September 2013 – July 2014
Major: Information Technology
Courses:Introduction to Hardware Microsoft Office Applications Introductions to NetworksBusiness Communication Writing Introduction to Professional Skills Personal Finance, Help Desk
University of the District of Columbia (UDC) Washington, DC January 2010 - July 2011
Major: Graphic Design
Courses: Digital Applications Introduction to Drawing Art Foundations InDesign Figure Drawing Digital Media
Recommended