Samuel Fynn Ocran Phone: 323-309-5748

3932 Buckingham Road Cell: 310-359-2983

Los Angeles, CA 90008 Email: sammyocran@gmail.com
________________________________________________________________________
SUMMARY
 Highly experienced, self-motivated, dedicated hands-on Information Technology
professional experienced in Network Security, Production Support, Project Management,
Storage, Networking, Server & Desktop Support, Virtualization and Wireless Support.
Patch Management, Active Directory and Group Policy Support. SIEM Mcafee NITRO and
Arcsight with Symantec DLP Support and maintenance. Anti virus, Maleware and
Spyware removal & fixing.
 Strong analytical and Problem solver with 20 years of experience in a multi system environment.
SKILLS
 Security: Support all technical aspects of the SIEM & Spelunk 5 design, implementation
with security infrastructure. Knowledge and experience with intrusion detection systems
IDS/IPS, firewalls, DLP, and other network-based security solutions. Assist in the design
of log collection and data flow between solution and target systems. Help troubleshoot
log collection from network devices, operating systems, databases, security applications.
Configure queries, IIS & Apache servers. Application Coding. Identity monitoring
activities, web server, and database hardening techniques. Monitor of threats and
vulnerabilities, reporting for compliance and risks, and mitigation of threats. Patch
Management, Active Directory and Group Policy Support.
 Networking: Installation configuration, administration, maintenance, troubleshooting,
Cisco Routers and Switches. Cable Installation and special network tools like HP Open
View, Solar Winds, Network Analyzer. Nessus, Sniffer. LC4, John the Ripper, Pwdump2,
Crack, 4 Brutus, Pandora, Cain & Abel & Event Viewer & Tone Loc. TCP/IP, ARP, EIGRP,
IGRP, SNMP, HDLC, PPP, OSPF. Enterprise Servers: Install test and repair all server
manufactured by various vendors such as HP/Compaq, Dell, IBM, Fujitsu, Apple & Sun.
HP Pro-Liant, Dell PowerEdge & Clarion. Fujitsu Prime power, Sparc, Prime Quest &
Primergy. Rack and Stack, hardware firmware upgrades, Patch management and 24/7
On-call Support. Hardware installation and maintenance on IBM RS/6000, AS/400,
xSeries. Test mid-range servers after installation to make sure everything is working.

 Storage: Hands-on experience with Installation, configuration and troubleshooting STK

and EMC SAN technology. EMC Storage Area Network and IBM 3494 ATL experience.EMC
disk storage and IBM Tivoli Storage Manager Knowledge and experience. Strong
Knowledge of CISCO storage directors, Fiber channel, and Storage Area Networks
functionality and management. Enterprise Storage maintenance EMC, IBM and Fujitsu
Eternus installation, support and maintenance. Desktop Support: Hardware and Software
repair and install. Repair all IBM, Dell, HP and Fujitsu Servers and Storage equipment.
Drive to various sites to fix all network issues and fix all laptops and desktops problems.
Diagnose desktop problems for users and provide accurate response and resolution to all
issues. Identify, research, and resolve complex technical problems. Respond to telephone
calls, email, and personnel requests for support as well as document, track, and monitor
the problem to ensure a timely resolution. Provide second-tier support to end users at
local and branch offices for PC, server or mainframe applications, and hardware.
  Wireless Support: Responsible for administration, design as well as managing the
installation and implementation of Wireless Cisco router network in both small and large
campus environment for LAUSD. LAN & WAN network switches, routers, wireless access
points and firewalls ensuring maximum security. Strong imaging software e.g. Symantec
Ghost 10.0 support, wireless experience with the Cisco Aironet products, 3COM Access
Point, Cisco Access Point, Air Magnet 6.1, Motorola Infielder and Air Magnet Survey.

EXPERIENCE
LAUSD
01/2009 - Present
Cyber Security Engineer
 Primarily responsible for monitoring levels of security services and responding to security
incidents and establishing, implementing, monitoring and enforcing information security
standards and policies. Ensure compliance with government and corporate security
policies and procedures. Provide application support and Cybersecurity that includes
security information and event management (SIEM), McAfee Nitro, ArcSight, Endpoint
forensics, packet capture and analysis and vulnerability management. Responsible for
Identity Management, User Provisioning, managed Access and issues surrounding
authentication and authorization (Active Directory and LDAP). assessments and
performing system audits. Responsible for Network security control systems such as
firewalls, IDS/IPS, VPNs, network account access, and network monitoring systems in
operational environments.
 Symantec Data Loss Prevention technology (DLP) oversight, product management,
upgrades, reporting. Monitor confidential data that is being downloaded, copied or
transmitted to or from laptops and desktops, including through email or cloud storage.
Extend data loss prevention monitoring and protection to iOS and Android devices,
whether corporate-owned or user-owned. Find and protect confidential unstructured data
by scanning network file shares, databases, and other enterprise data repositories.
Monitor and protect data in motion, including sensitive data sent via email, web and a
wide range of network protocol. Support investigations with respect to forensics
(including disk, email and web history). Keep data safe on Windows and Mac endpoints
by performing local scanning and real-time monitoring.
 Responsible for McAfee Endpoint Threat Management (EPTM) solutions, ePolicy
Orchestrator (ePO), Virus Scan Enterprise (VSE) and Virus Scan Enterprise for Linux
(VSEL). Vulnerability Assessment tools: Tenable Security Center, Nessus, and McAfee
Vulnerability Manager/Foundstone. Conduct internal and external risk assessments.
Implement, manage, and enforce technology security policy and procedures. Regulatory
Compliance experience with PCI/DSS, Sarbanes-Oxley, HIPPA, FISA & NERC CIP.
Monitoring and maintaining enterprise security controls. Manage and maintain Firewalls
and IPS along with VPN access controls. Support in detecting, resolving information
security incidents and remediation. Manage vulnerability assessment and develop
mitigation strategies. Perform change control and device configuration management
activities on all security hardware. Analyze and respond to security events from Managed
Security Service Providers, firewalls, IDS, IPS, SIEM, Baseline and tune Security devices.
 Configure, manage, and upgrade: Firewalls, VPN, Intrusion Detection Systems (IDS),
Intrusion Protection Systems (IPS), and Security Information, Event Monitoring (SIEM)
platforms. Provide management with audit reporting of firewall and Intrusion Protection
System (IPS) activity on a periodic basis. Scan application and network infrastructure for
vulnerabilities and threats. Provide vulnerability and threat management monitoring and
mitigation response. Maintain and Audit Privileged/Identity Access Management systems.
Respond to the needs and questions of customers concerning their managed services,
 managed devices and detected threats. Assist Engineering team in the review,
development, testing, and implementation of security plans, products and control
techniques. Plan for penetration testing and analyze detecting breaches. Rapid 7 toolset;
Nexpose, AppSpider and Metasploit. Research data and voice security best practices and
regulatory requirements; establish policies, standards and procedures.
 Maintain regulatory standards and compliance for PCI, SOX, and NIST Cybersecurity.
Responsible for the Framework Assessment, Risk Reduction initiatives, and corporate
information security policies. Review and manage local security policy which includes,
but not limited to, Master Data Management (MDM), Endpoint, Network Access Control
(NAC) and Access Control List (ACL). Periodically review to establish best practices
enhancement for system protocols and principles. Perform log management and conduct
incident response review and reporting.
 Respond requests to protect application data to include risk management, access control
and audit. Prepare audit logs, and incident reports as assigned.
 Review and amend client security policies, procedures, and plans and identify alternative
functional security strategies to address organizational security concerns. Develop,
implement and document programs and processes to ensure that systems, network, and
data users are aware of, understand, and follow the client's data security policies and
procedures. Ensure compliance by performing and documenting IS audits, risk
assessment and risk analysis. Develop the deployment of SIEM, Data Loss Prevention,
Network Protection and other capabilities. Create, test and implement IT security for
business continuity and disaster recovery plan. Report to management concerning
residual risk, vulnerabilities and other security exposures, including misuse of assets and
noncompliance. Plays an advisory role in application development or acquisition projects
to assess security requirements and controls and to ensure that security controls are
implemented as planned.
 Work with IT department and members of the information security team to identify,
select and implement technical controls. Develop security processes and procedures, and
supports service-level agreements (SLA) to ensure that security controls are managed
and maintained. Address security administration on a normal and exception-based
processing of security authorization requests. Researches new compliance requirements,
works with other team members to incorporate existing process to reduce risk exposure.
 Identity Access Management Provisioning, Deprovisioning and Recertification controls.
Create update and improve upon ISS IT Security risk assessment processes. Inform and
educate the organization on the process of implementations and changes as related to IT
security risk. Responsible for desktop, server, application, database, network security
principles for risk identification and analysis. Experience in security policy development,
security education, network penetration testing, application vulnerability assessments,
risk analysis and compliance testing. Implement and assess NISPOM, XACTA, and
maintaining security architectures, firewalls and network security controls. Strong
organizational skills and ability to stay focused while managing multiple tasks
concurrently. Responsible for incident response, virus scanning, privileged user access,
and hardware/software configuration management.
 Strong Windows Unix/Linux background. Strong knowledge of variety of computer
software applications and hardware platforms, networking components and LAN/WAN
architecture and protection. Knowledge of COMSEC, Security requirements, Risk
Management Framework and Cybersecurity. Responsible for SIEM and Splunk 5
installation and maintenance. Responsible for server virtualization and ISO27001
compliance. Responsible for MacAfee Nitro, Archer monitoring and management.
 Knowledge of encryption, access for different system layers, transmission, firewall,
wireless, mobile security. Strong understanding of systems security fundamentals and
information security best practices. Address compliance and monitoring of HIPAA
Security Safeguards, Security controls, maintain an awareness of current internal policies
 as well as business and departmental objectives. Primarily responsible for monitoring
levels of security services and responding to security incidents. Manage and maintain
Firewall systems and IPS along with VPN access controls. Provide support in detecting,
understanding and resolving information security incidents and remediation. Manage
vulnerability assessment and develop mitigation strategies.

Fujitsu America
01/2003 - 12/2008
Field Engineer
 Provided administration and support of CheckPoint firewalls 5.0.
 Provided support for Internet services and related systems support for all security
components. Deployed, managed and maintained all security systems and their
corresponding or associated software, including firewalls, intrusion detection systems,
cryptography systems, and anti-virus software.
 Maintained, and oversaw enforcement of policies, procedures and associated plans for
system security administration and user system access based on industry-standard best
practices. Assisted the implementation of disaster recovery plan for operating systems,
databases, networks, servers, and software applications. Administered and maintained
end user accounts, permissions, and access rights.
 Managed connection security for local area networks, the company Web site, intranet,
and e-mail communications and ensured the security of databases and data transferred
both internally and externally. Designed and performed penetration testing of all systems
in order to identify system vulnerabilities, implementation, and reports on security system
and end user activity audits. Monitored servers, firewalls, intrusion detection logs, and
network traffic for unusual or suspicious activity. Interpreted activity and make
recommendations for resolution. Scheduled security patches, disaster recovery
procedures, and any other measures required in the event of a security breach. Provided
on-call security support to end-users. Hands-on technical expertise with security
operations. Conducted security assessments including active and penetration testing.
 Responsible for hardening techniques and best practices to identify and mitigate security
issues. Responsible for the compliance automation, monitoring of threats, vulnerabilities
and risks. Strong knowledge of application code in Python, PHP, C++, Perl and .Net, web
servers and database hardening techniques. Experienced in operating and interpreting
scan results from Nessus, Rapid7, and AppScan in a business environment.
 Analyzed, acquired, installed, modified and supported hardware and software
components of identity management infrastructure. Responsible for SIEM and Splunk 5
installation and maintenance. Responsible for server virtualization and ISO27001
compliance. Responsible for MacAfee Nitro and Archer monitoring and management. Set
up server hardware and operating systems, including enterprise application software.
 Responsible for the architecture, design, implementation, and configuration of an FDA
and HIPAA compliant enterprise-wide data systems. Managed VMWare ESX/Hyper-V
based cloud Infrastructure. Managed NetApp Storage systems. Set up and administration
of LAN/WAN infrastructure. Designed and implemented Virtual Networks with VLANs,
.Net coding JavaScript, DHTML and SQL. Internet and web hashing and encryption.
DirecTV
01/1998 - 01/ 2003
Desktop/Server Engineer
 Provided user and technical support for Corporate LAN and WAN. Monitored all Systems
and Network performance. Installed, configured and troubleshot systems. Responsible
for hardware/software and preventive maintenance.
 Responsible for Exchange Server 2000 and 2003 support including Clustering, Mailbox
Recovery, wireless and Mobile user support. Responsible for site replication, message
 tracking monitors, system policies, mailbox and Public folder stores. Participated in
review and purchase of new products. Provided second level security support to end-
users, help desk and technical staff. Reviewed software access requests to ensure proper
authorization.

Long Beach Hospital

05/1987 - 01/1998
Network Support Analyst
 Responsible for IBM Mainframe OS390/AS400 production using CA7/11 and billing.
Responsible for NOC support, system backups, cabling and peripheral maintenance.
Activated network ports for desktop connections.
 Supported NT, Novell system upgrades. Responsible for desktop and user support
helpline. Responsible for systems design, flow charting, testing and implementation of
new products and software. Provided VMS support for hospital lab. Responsible for
Unix/NT Administration, Scheduling, system automation, Disaster Recovery and
documentation. Responsible for File Restores on Arc Serve. Responsible for security and
maintenance on Wan and LAN to protect hospital data. Responsible for the migration
from Novell to NT support. Installed and configured user printers across the network.

Education & Certifications:

 2003 Cal State Dominquez Hills: BS Computer Information Systems (CIS)
 1993 LA Trade Tech College: A.S Degree Computer Science
 1996 Computer L earningCenter:DiplomainLANAdministration
Security +, MCSE 2003, MCP + I, Cisco CCNA & CCNP

Reference: Available Upon Request