Kenneth Howard Long5509 9th Street NW Apt #100 Washington DC 20011 |Cell#: (301) 996 4518 |Email:Kenneth.long0714@gmail.com

Objective

To obtain an IT position that will strengthen skills and experience, so that one can achieve Sr. level.

IT Technologies/Tools Used in the past

Arcsight: Created and modified active list and channels to parses out anomalies

Created active rules to detect malicious traffic

Monitored over thousands (DNS, Proxy, WAF, Firewall, Antivirus, Email and IDS/IPS) logs daily to tune or get rid of false

or noisy rules.

Arcsight Logger: Generated logs from 24 to 48 hours to investigate infection vectors, when possible infection was detected from

SEIM tool Arcsight.

Netwitness: Created custom drills to generate full live packet captures for rule creation and investigation purposes

Sourecfire: Created custom rules for the following detection phases (C2, Scanning, Installation, redirection, and delivery)

Impervia web application firewall: Monitored and Created APT scanning rules to create ICF reports.

Mandiant Mir: Generated jobs to investigate successful or non-successful malicious executables, from an end point threat detection

Perspective.

Archer: Created incident reports daily to keep track and discover patterns, or trends, as well as possible APT activity.

Cisco IronPort: Used daily to determine if emails were categorize correctly as spam, and not APT.

Round Cube: Used as sandbox to determine if email document was weaponized or not.

Linux Ubuntu: Created virtual machine to examine malicious redirects and possibly none bad website.

Basic to intermittent level of navigating via Terminal

Create, delete, and move file and directories via sudo/ sudo su

Utilized GREP commands to query particular information when need

System Center Operations Manager (SCOM): Monitored the following type of alerts for over fifty servers daily (failed connections,

failed services and volume space to notify server team, or perform standard operating

procedure according to situation.

Semantic NetBackup: Monitored over two hundred backups nightly to notify storage team of any issues, or perform standard

operating procedure according to situation.

Re-run/Restart backup jobs, and policies to perform tape ejects, standard operation procedures, etc.

Viewed over two hundred backup jobs nightly to generate backup report.

Solarwinds: Monitored over 20 nodes to escalate or notify networking team of any issues accordingly.

Cleriion: Monitored, and Performed standard operating procedures for failed drives, so that all backup data in the environment was

never lost or corrupted

Bell Secure Works and Fire-eye: Viewed security alerts daily to determine if a ticket needed to be created for a wipe request, and

be pulled of the network.

Windows Server 2K3/r2, 2K8/r2, 2K12/r2: Installed patches monthly to secure, and decrease issues.

Created, modified, and reset active directory accounts

Added or removed members from groups.

Performed weekly rebooting procedures

Created shared drives.

Added new printer to print server with specific permissions.

Cisco Unified Admiration Phone System: Modified users extensions, and side cards.

Discontinued users phone extensions

Configured new phone for users

Citrix : Installed client software for over 60 users.

Viewed, and restarted user sessions for trouble shooting purposes via Citrix Director

Assyst: Created, Resolved, and assigned tickets daily

Ran trouble tooting procedures to ensure ticketing system was functioning correctly

Virtual Box: Created virtual machine using Linux operating systems to examine malicious redirects.

Vsphere: Monitored over 40 servers daily to complete daily task.

Microsoft Office suite: Install software client via Word, Outlook, Excel, and PowerPoint

Import / export email via outlook

Setup email rules via outlook

Created spread sheets via Excel

Created word documents with specified formatting via Word

Additional Knowledge

TCP/IP protocols and concepts: Basic to intermediate level of understanding of the following DNS, DHCP, Telnet, SSH, LDAP, IP,

IMCP, ARP, TLS/SSL

Understanding of the three way handshake and TCP vs UDP traffic via Wireshark

Understating of the OSI model layer seven to one

Cisco Switching and routing: Basic to intermediate understanding of configuration commands via putty as follow below:

Create vlans, set static, dynamic, and default routs, show IP route, show vlans, show run,

Show ip protocol, do show run, configure router on a stick, configure telnet / SSH, Create passwords

and banners, change/ create host name.

Basic to intermediate understanding of programing concepts using the following languages via notepad ++

HTML/CSS, Python, Ruby, PHP, JavaScript: Create a basic webpage,

Basic understanding of for loops, if/ if else statements, creating values and strings,

Puts and prints, console log, Boolean logic,

EXPERIENCE

Robert Half Technology

Second to third level IT support technician/analyst Bethesda, MD May 2015 – Aug 2015

Assist with IT support for over three hundred users daily which lead to higher user satisfaction.

Troubleshoot Citrix and printing issues daily which led to gaining a better understanding of issue trends.

Execute system admin task to provide daily fixes to cut down issue trends.

Imaged / installed laptops and desktops for new users which led to higher user satisfaction

Influence IT processes and procedure methods to implement a level of organization / structure which let to task getting

done more quickly and efficient.

WilmerhaleGlobal Operations Center Operator/ Technician Washington, DC October 2014 – March 2015

Performed system and environmental monitoring including reporting and analysis.

Performed backups of data throughout the enterprise; monitor backups, change backup tapes and maintains inventory of on

and offsite tape storage.

Performed physical installation of servers and network equipment as needed.

Connected systems to the network devices

Monitored data replication functionality, resolves replication issues and reports errors appropriately.

Resolved the majority of Infrastructure issues using the IT Knowledgebase, and escalated more complex problems to

Infrastructure Engineers in a timely manner.

Assisted Infrastructure Engineers and other Data Center staff as needed.

Maintained inventory of all equipment in the production Data Center.

BAE Systems Security Operations Center Analyst Herndon, VA February 2014-July 2014

Utilized Arcsight (Security Information Event Monitoring) tool to identify malicious network traffic daily

Request reimaging and wiping of hard drives, protect company’s data and assets

Performed triage level forensic of host investigations to identify the root cause of infection, malicious processes and

artifacts of compromise, add to teams awareness on identifying malicious groups and patterns

Wrote and tuned signatures based on different types of CND (Computer Network Defense) scenarios, Improved ESM tool to

detect unrecognizable malicious activity

Utilized Archer to create detailed incident reports that include activities leading to compromise, remedial actions and

preventative control recommendations, keep the company up to date on targeted attacks

Performed ICF reports on recon / vulnerability scans daily

Education History

Year Up/ Northern Virginia Community College Washington, DC September 2013 – July 2014

Major: Information Technology

Courses:Introduction to Hardware Microsoft Office Applications Introductions to NetworksBusiness Communication Writing Introduction to Professional Skills Personal Finance, Help Desk

University of the District of Columbia (UDC) Washington, DC January 2010 - July 2011

Major: Graphic Design

Courses: Digital Applications Introduction to Drawing Art Foundations InDesign Figure Drawing Digital Media