Beruflich Dokumente
Kultur Dokumente
Khalil
404-438-8379
Kareemkhalil99@gmail.com
https://www.linkedin.com/in/kareemkhalil
OBJECTIVE
To obtain a position in IT management, IT Security and networking engineering where my background,
education and experience will be utilized and challenged.
EDUCATION
Strayer University, Virginia Bachelor Of Science In Information Systems Concentration In Cyber Security
CERTIFICATIONS/TRAINING
NETWORKING o Cisco CCNA Certified o Brocade Routing, Switching (BCNE)
o Network+
SECURITY
o CISSP
o Security+ CE
o HIPPA Information Assurance o Information Assurance (IA) certificate o Certified Ethical Hacker (C|EH)
SUMMARY
Under general direction, responsible for the acquisition, installation, maintenance and usage of the wide and
local area network, Manages network performance and maintains network security, DLP Security , PKI Ensures
that security procedures are implemented and enforced, installs all network software, evaluates, develops and
maintains telecommunications systems, troubleshoots network problems, establishes and implements
network policies, procedures and standards and ensures their conformance with information systems and
companys objectives:
Technical writing/creation of formal documentation such as reports, training material, slide decks, and
architecture diagrams
ArcSight ESM: Real-time Event Correlation and Reporting, ArcSight Logger: Long-term Event Logging
and Reporting, ArcSight Express: Event Correlation and Logging for SMB
WORK EXPERIENCE
Providing security engineering support for the infrastructure and applications across multi-site enterprise and
data center environments; including engineering on data encryption, data masking and database monitoring
Work closely with technology and business stakeholders to understand goals, determine security requirements,
design and implement solutions to meet business objectives, IT strategic initiatives, corporate and regulatory
requirements.
Perform the technology planning, design, implementation and L3 support of IT Security solutions including PKI,
Checkpoint Endpoint Security, Splunk, Bromium, and other security tools. Protect and secure company resources
in the cloud, virtual and physical infrastructures.
Manage PKI Project, Splunk integrated system logs, Bios.
Performing PKI Third Party Key Recovery daily
Managing Symantec DLP DAR, End Point, AWS implementation and configuration
Support the security risk assessment of applications and infrastructure; including remediation of incident response,
vulnerability analysis and threat intelligence.
Cyber Ark Risk management
PKI system to support smartcard implementation in accordance with the DoS PKI X.509 Certificate Policy (CP) and
Certification Practice Statement (CPS). Analyze and develop certificate credentials and middleware interoperability with
multiple platforms and third-party security applications.
Scripting tools to automate routine tasks in Remedy and Blade Logic, scripting languages JavaScript, Perl,
python, shell scripting
Manage IAM tools such as TAM, OIM, and Sailpoint, Cyber Ark.
Manage of information security standards (ISO, NIST) with an emphasis on NIST 800-53.
Varied operating systems UNIX, Linux, Windows
LDAP, Networking, firewall, load balancing, Federated Identity. ArcSight ESM: Real-time Event Correlation and Reporting,
ArcSight Logger: Long-term Event Logging and Reporting, ArcSight Express: Event Correlation and Logging for SMB
FIRST DATA ATLANTA, GEORGIA
Symantec Data Loss Prevention Security Engineer
10/2015 - 4/2017
Symantec Data Loss Prevention, DIM, DAR, End Point, Q.A:
Deliver DLP implementation project including full PLM deliverables: requirements, design, testing, pilot and
global implementation., Develop incident response workflow for DLP incidents as raised through DLP tool. Define
policy/rules for the DLP solution and refine them as DLP strategy matures., Analyze reports from DLP tool and
provide metrics to management.
Document solutions and help documents as needed for future DLP Analysis team.
WinMagic SecureDoc for seamless integration with existing PKI systems
Creation of PKI Soft Certificates.
PKI Experience supporting PIV (Personal Identity Verification) smart card or DoD CAC (Common Access Card)
deployments
PKI experience with software development projects
Developing and improving the process for the installing appropriate PK/IBLADE hardware, software, and other
required, but non-PKI software packages
Fannie Mae, Reston, Virginia
8/2012 10/2015
Network & Cyber Security Engineer
Working with F5 BIG-IP LTM, GTM,ASM and Viprions, GLB Global Load balancer DNS Resonate Unix, Linux
Environment, Implementing QIP local DNS , configuration and Monitoring, Implementing, monitor net cools, Net
tools and Remedy ticketing tracking system.
Monitor and manage checkpoint, Juniper and Cisco ASA firewalls, Implementing routing protocols: BGP, EIGRP,
OSPF, IP Multicast, MPLS, Create and Coordinate CRM Change request management through Remedy new
projects , Supports HIPAA and PCI/PII and other regulatory related activities and remediation, Manage and
monitor ArcSight SIEM, technology (Symantec, Splunk, Arcsight, QRadar), ArcSight Logger - ArcSight Logger.
Administration and Operation, ArcSight Connector - ArcSight (Symantec, Splunk, Arcsight, QRadar), Implement,
Configure, Maintain, Fine Tune & Troubleshoot Data Leak Prevention (DLP) Solution., SYMANTEC: Discovering,
Protecting and Protecting, Managed Services integration Engineering.
Data Centers and End user system analysis planning and deployment management, Developing effective
recovery infrastructure solutions. resolve issues and develop knowledge resources to increase uptime and
restoration of services.
setting permissions for network resources, DLP and NAC implementation and configuration, Data Leak Prevention
(DLP) Solution. SourceFire / McAfee IPS/DLP security management, SNORT: intrusion detection system
/SourceFire Monitoring and reporting , Implement, Configure, Maintain, Network Access Control (NAC) Solution,
FireEye: Cyber Security & Malware Protection implantation
Configure Endpoint SEP12 (Symantec endpoint protection 12) Cisco Security Agent (CSA) Mitigating any
vulnerabilities in the Web application firewall and set rules for each of the applications.
Administering users digital rights management of identified documents Experience with the security issues
surrounding SOA and web services, and the ability to architect solutions.
Provide Cyber security and Information Assurance program support Safeguard networks against unauthorized
infiltration, modification, destruction or disclosure Manage, Implement and Monitor NETWORK OPERATION
CENTER (NOC) Teamed up to Accomplished building a Security Operation Center ( SOC) Collaborate with
colleagues to ensure that security tools support the overall security strategy.
Identify and lead functionality improvements in security tools and their supporting processes. Assist in creating
Information Security requirements for new products and services.
Review changes in production systems. Monitor, gather and report on IT Security and BCP related incidents and
provide regular activity reports.
Report on the status of remediation, related to the implementation, change, retirement or upgrade of IT Security
and BCP controls and processes.Implement information security best practices, Internet standards and protocols,
host/network common vulnerabilities and exploits (CVEs), hacker methodologies and tactics, and the tools used
Washington Metro Area Transit Authority Washington, Dc 5/2004 4/2007
Sr. Network Security Engineer
Identifying the threat detection & malicious activity monitoring using a variety of tools including network
intrusion detection sensors, intrusion protection sensors, and anomaly detection systems on WMATAs network.
Performs analysis of security system log files, reviews and tracks triggered events, researches current and future
cyber threats, reconciles correlated cyber security events.
Develops and modifies new and current cyber security correlation rule sets, and operates security equipment and
technology.
Periodically conducts white hat penetration testing on WMATAs infrastructure to lower the risk exposure of
WMATAs network.
Experience with Anti-Virus, Host Based Security Services, Intrusion Detection Systems, Firewalls and Security
Information and Event Management (SEIM) solutions Ensures security-related documentation is created and
updated in a timely manner and recommends installation, modification or replacement of any system
component, hardware or software, and any configuration change that affects the confidentiality, integrity, and
availability of The Authoritys systems.
Use extensive knowledge of the Metro's business/industry to identify technological developments and evaluate
impacts on the client's business. Manage technical security which includes F5 ASM, IPS/IDS Symantec, MacAfee ,
mutli-factor authentication, disk encryption, load balancers, intrusion detection prevention systems, anti-virus,
certificate servers, desktop firewalls and vulnerability scanners.