Kareem H.

Khalil
404-438-8379
Kareemkhalil99@gmail.com
https://www.linkedin.com/in/kareemkhalil

OBJECTIVE
To obtain a position in IT management, IT Security and networking engineering where my background,
education and experience will be utilized and challenged.

EDUCATION
Strayer University, Virginia Bachelor Of Science In Information Systems Concentration In Cyber Security

Cornell University, Ithaca, New York Professional Development Management (PDP)

CERTIFICATIONS/TRAINING
NETWORKING o Cisco CCNA Certified o Brocade Routing, Switching (BCNE)

o Network+

SECURITY

o CISSP

o Security+ CE

o Symantec DLP 12.5/ 14.5 Certified o IA Information Assurance Inspector

o HIPPA Information Assurance o Information Assurance (IA) certificate o Certified Ethical Hacker (C|EH)

o A+ Certified life certified o MSCE: Dell & HP Desktop Infrastructure Certified

SUMMARY

Under general direction, responsible for the acquisition, installation, maintenance and usage of the wide and
local area network, Manages network performance and maintains network security, DLP Security , PKI Ensures
that security procedures are implemented and enforced, installs all network software, evaluates, develops and
maintains telecommunications systems, troubleshoots network problems, establishes and implements
network policies, procedures and standards and ensures their conformance with information systems and
companys objectives:

IT Risk Management, IT Operations, or IT Audit Methodology

Knowledge of ISO 27000 frameworks, BITS SIG, or COBIT/SOX IT control testing.
Knowledge of security controls for the handling of Personally Identifiable Information (PII) data.
Knowledge of regulations and security compliance requirements affecting financial institutions
Providing best practices and guidance on IT Infrastructure Controls Assessments
Executing and evaluating infrastructure controls assessments and evidence for controls gaps and
assisting with the documentation of any required remediation plans
Driving the design and implementation of effective continuous testing and reporting processes and
tools for infrastructure controls
 Proactive monitoring of internal and external-facing environment using specialized security
applications
Provide timely, comprehensive and accurate information to Incident Response Manager in both
written and verbal communications
PKI hands-on technical experience
Performed scheduled PKI related tasks (key generation/key activation)
Develop the requisite expertise, knowledge, and ability to perform independently through mentorship; mentor
and share expertise with junior staff
Driving the continuous improvement of the IT Infrastructure Controls Assessment process and
documentation
Monitors and responds to complex technical control facility hardware and software problems utilizing
a variety of hardware and software testing tools and techniques. Provides primary interface with
contractor support service groups or provides internal analysis and support to ensure proper
escalation during outages or periods of degraded system performance. Provide network server
support. DLP and NAC implementation and configuration, Cisco ACE Web Application Firewalls.
Providing guidance and training for less experienced engineers.
Implement, Configure, Maintain, Fine Tune & Troubleshoot Symantec Data Leak Prevention (DLP)
Solution.
Implement, Configure, Maintain, Fine Tune & Troubleshoot Network Access Control (NAC) Solution.
Administrated of server technologies (HP blades, VMware, dedicated server hardware, cloud)
Detected and mitigated of SQL injection attacks
Detected and mitigated of DDOS attacks , Implementation and configuration of Source Fire: Next-
Generation Intrusion Prevention System (NGIPS), with network visibility into hosts, operating systems,
applications, services, protocols, users, content, network behavior and network attacks and malware.
Next-Generation Intrusion Prevention System with integrated: Application control, Malware
protection and URL filtering
Using FIM for managing identities, credentials, and role-based access control policies across heterogeneous
computing environments.
Detected and mitigated of malware attacks, Incident response and DR Disaster recovery expert, Cisco
ISE, Sourcefire IDS, Bluecoat, ASA firewall, UDeploy. Urbancode, DevOps
F5, ICE, PCI and Cisco Security Malware Root kit Trojan Worms, Malware DLL Injection, Hooking
Remote troubleshooting, Experience working with Forescout (Fore scout), Cisco ISE and SSL VPM experience
System Administration, System Engineering , Linux/Unix administration to include:
System troubleshooting, Checkpoint firewall, Barracuda Web Application Firewall, RSA /Symantec DLP, Cyber
Ark PIM.
Cisco Nexus series switches and routers, Nexus, 6500s, Prime , Nexus, Routing, Switching, Load
balancer, Wireless .
Public and private cloud architecture from Network & security perspective
Understanding Splunk language (SPL)
Experience with Amazon Web Services (AWS) , ArcSight security analytics and log management
QRADAR SIEM Rule Tuning, Custom Security Alert Creation, Custom Security Reports, Audit Support
Log Parsing, Log Collection and Tuning.
Dashboard Creation, Updates, Fixes Remote Hands-On Support, Daily Reviews

Intrusion Detection Threat Intelligence

Digital Forensics Malware Analysis

Application Security Security Engineering

Vendor Implementations Identity & Access Management

 Incident Response Reverse Engineering

Security Assessments Penetration Testing

Mobile Security Vulnerability Management

DDoS Mitigation Data Visualization

Technical writing/creation of formal documentation such as reports, training material, slide decks, and
architecture diagrams

ArcSight ESM: Real-time Event Correlation and Reporting, ArcSight Logger: Long-term Event Logging
and Reporting, ArcSight Express: Event Correlation and Logging for SMB
WORK EXPERIENCE

FREDDIE MAC RESTON, VIRGINIA

Cyber Security Engineer II (DLP & PKI)
04/2017 - Present

Providing security engineering support for the infrastructure and applications across multi-site enterprise and
data center environments; including engineering on data encryption, data masking and database monitoring

Work closely with technology and business stakeholders to understand goals, determine security requirements,
design and implement solutions to meet business objectives, IT strategic initiatives, corporate and regulatory
requirements.

Perform the technology planning, design, implementation and L3 support of IT Security solutions including PKI,
Checkpoint Endpoint Security, Splunk, Bromium, and other security tools. Protect and secure company resources
in the cloud, virtual and physical infrastructures.
Manage PKI Project, Splunk integrated system logs, Bios.
Performing PKI Third Party Key Recovery daily
Managing Symantec DLP DAR, End Point, AWS implementation and configuration
Support the security risk assessment of applications and infrastructure; including remediation of incident response,
vulnerability analysis and threat intelligence.
Cyber Ark Risk management
PKI system to support smartcard implementation in accordance with the DoS PKI X.509 Certificate Policy (CP) and
Certification Practice Statement (CPS). Analyze and develop certificate credentials and middleware interoperability with
multiple platforms and third-party security applications.

Certifications of new versions in Vormetric and Informatica DDM

Conducting face-to-face user validation for the issuance of PKI certificates
Coordination with Information Security team to ensure solution assurance and compliance to security policy,
procedures, standards and baseline security configuration
Planning, designing and implementing of PKI, PKI, multi-factor authentication, X.509 token, single sign-on, federated
identity, and certificate management solutions.

Scripting tools to automate routine tasks in Remedy and Blade Logic, scripting languages JavaScript, Perl,
python, shell scripting
Manage IAM tools such as TAM, OIM, and Sailpoint, Cyber Ark.

Manage of information security standards (ISO, NIST) with an emphasis on NIST 800-53.
Varied operating systems UNIX, Linux, Windows
LDAP, Networking, firewall, load balancing, Federated Identity. ArcSight ESM: Real-time Event Correlation and Reporting,
ArcSight Logger: Long-term Event Logging and Reporting, ArcSight Express: Event Correlation and Logging for SMB
FIRST DATA ATLANTA, GEORGIA
Symantec Data Loss Prevention Security Engineer
10/2015 - 4/2017
Symantec Data Loss Prevention, DIM, DAR, End Point, Q.A:
Deliver DLP implementation project including full PLM deliverables: requirements, design, testing, pilot and
global implementation., Develop incident response workflow for DLP incidents as raised through DLP tool. Define
policy/rules for the DLP solution and refine them as DLP strategy matures., Analyze reports from DLP tool and
provide metrics to management.
Document solutions and help documents as needed for future DLP Analysis team.
WinMagic SecureDoc for seamless integration with existing PKI systems
Creation of PKI Soft Certificates.
PKI Experience supporting PIV (Personal Identity Verification) smart card or DoD CAC (Common Access Card)
deployments
PKI experience with software development projects
Developing and improving the process for the installing appropriate PK/IBLADE hardware, software, and other
required, but non-PKI software packages
Fannie Mae, Reston, Virginia
8/2012 10/2015
Network & Cyber Security Engineer
Working with F5 BIG-IP LTM, GTM,ASM and Viprions, GLB Global Load balancer DNS Resonate Unix, Linux
Environment, Implementing QIP local DNS , configuration and Monitoring, Implementing, monitor net cools, Net
tools and Remedy ticketing tracking system.
Monitor and manage checkpoint, Juniper and Cisco ASA firewalls, Implementing routing protocols: BGP, EIGRP,
OSPF, IP Multicast, MPLS, Create and Coordinate CRM Change request management through Remedy new
projects , Supports HIPAA and PCI/PII and other regulatory related activities and remediation, Manage and
monitor ArcSight SIEM, technology (Symantec, Splunk, Arcsight, QRadar), ArcSight Logger - ArcSight Logger.
Administration and Operation, ArcSight Connector - ArcSight (Symantec, Splunk, Arcsight, QRadar), Implement,
Configure, Maintain, Fine Tune & Troubleshoot Data Leak Prevention (DLP) Solution., SYMANTEC: Discovering,
Protecting and Protecting, Managed Services integration Engineering.
Data Centers and End user system analysis planning and deployment management, Developing effective
recovery infrastructure solutions. resolve issues and develop knowledge resources to increase uptime and
restoration of services.
setting permissions for network resources, DLP and NAC implementation and configuration, Data Leak Prevention
(DLP) Solution. SourceFire / McAfee IPS/DLP security management, SNORT: intrusion detection system
/SourceFire Monitoring and reporting , Implement, Configure, Maintain, Network Access Control (NAC) Solution,
FireEye: Cyber Security & Malware Protection implantation

SunGard Availability Services Herndon, Virginia 7/2009- 8/2012

Network Services Engineer
Determining technical solutions and developing DR Architectures across , a wide array of technologies including
Virtual Machines, Windows, Linux, Unix and legacy systems.
Recommend, Design and Document project-specific deliverables, Utilize critical thinking in response to client
requests related to a project, Deliver current knowledge to clients on DR trends and, events to assist them with
decision making, Build relationships with clients for the projects you are working.
Help coach clients on ITSC disciplines and offer insight on key standards, such as ISO 27031 and ISO 22301,
Provide peer advisor guidance to junior consultant Contribute to the enhancements of the practice , Manage
individual work load to deliver quality deliverables on time and ensure successful.
Backup and Storage solutions to include physical and virtual environments, Infrastructure services, run Image
Server and secure High Availability Systems to the clients to cover hot site goal, Performing Data replication.
Data Backup and Recovery to clients, Manage the Networking Data Center Operations in the back of the house,
Performing Disaster Recovery Testing guided by: The Open Web Application Security Project (OWASP) Policy to
identify the vulnerabilities , Create a IT Risk assessment and contingency plan for business continuity
Us Army, Fort Belvoir, Alexandria, Virginia 6/2007 7/2009
SOC Engineer

Configure Endpoint SEP12 (Symantec endpoint protection 12) Cisco Security Agent (CSA) Mitigating any
vulnerabilities in the Web application firewall and set rules for each of the applications.
Administering users digital rights management of identified documents Experience with the security issues
surrounding SOA and web services, and the ability to architect solutions.
Provide Cyber security and Information Assurance program support Safeguard networks against unauthorized
infiltration, modification, destruction or disclosure Manage, Implement and Monitor NETWORK OPERATION
CENTER (NOC) Teamed up to Accomplished building a Security Operation Center ( SOC) Collaborate with
colleagues to ensure that security tools support the overall security strategy.
Identify and lead functionality improvements in security tools and their supporting processes. Assist in creating
Information Security requirements for new products and services.
Review changes in production systems. Monitor, gather and report on IT Security and BCP related incidents and
provide regular activity reports.
Report on the status of remediation, related to the implementation, change, retirement or upgrade of IT Security
and BCP controls and processes.Implement information security best practices, Internet standards and protocols,
host/network common vulnerabilities and exploits (CVEs), hacker methodologies and tactics, and the tools used
Washington Metro Area Transit Authority Washington, Dc 5/2004 4/2007
Sr. Network Security Engineer
Identifying the threat detection & malicious activity monitoring using a variety of tools including network
intrusion detection sensors, intrusion protection sensors, and anomaly detection systems on WMATAs network.
Performs analysis of security system log files, reviews and tracks triggered events, researches current and future
cyber threats, reconciles correlated cyber security events.
Develops and modifies new and current cyber security correlation rule sets, and operates security equipment and
technology.
Periodically conducts white hat penetration testing on WMATAs infrastructure to lower the risk exposure of
WMATAs network.
Experience with Anti-Virus, Host Based Security Services, Intrusion Detection Systems, Firewalls and Security
Information and Event Management (SEIM) solutions Ensures security-related documentation is created and
updated in a timely manner and recommends installation, modification or replacement of any system
component, hardware or software, and any configuration change that affects the confidentiality, integrity, and
availability of The Authoritys systems.
Use extensive knowledge of the Metro's business/industry to identify technological developments and evaluate
impacts on the client's business. Manage technical security which includes F5 ASM, IPS/IDS Symantec, MacAfee ,
mutli-factor authentication, disk encryption, load balancers, intrusion detection prevention systems, anti-virus,
certificate servers, desktop firewalls and vulnerability scanners.

Dell Appassure, Reston, Virginia 5/2003 5/2004

SOC Analyst
Providing technical support across Dell Data Protection suite of products via phone, chat, web & emails in
24x7x365 days environment.
Assist customers with deployment of Data Protection solutions like AppAssure, NetVault and vRanger doing
troubleshooting of backup, restore, replication, virtualization, performance and storage configuration, Maintain a
personal queue of ongoing customer issues until resolution and interface with R&D and other Dell resources to
bring escalated issues to resolution.
Create a Documentation for all customer case details in our CRM call tracking application Creating & publishing
kb articles as part of solving issues in a customer focused Knowledge Centered Support (KCS) environment.
Contribute new ideas and theories to assist colleagues in brainstorming sessions for support issues, even
developing and attending training for self-improvement to assist and share knowledge with team.
Troubleshoot customers issues by being able to recreate in support lab environments and by diagnosing
potentially complex issues, effectively communicate solutions to customers, Supporting of LINUX and Windows,
including operating systems and networking (TCP/IP, DNS, LDAP, WMI, HA Clusters) Support of Enterprise
Backup and Recovery software and Disaster Recovery theories. Support to ESXi, vSphere, HyperV (CSV),
XenServer, Citrix, Terminal Services.
Other Professional Experience

Pomeroy It Solutions, Richmond, Virginia 4/2000 1/2003

Service Desk Manager

Lockheed Martin Corp. Crystal City, Virginia 4/1996 4/2000

Help Desk Lead

Express Computech, Glenside, Pennsylvania 3/1993 2/1996