Hewlett-PackardInfrastructure Security Engineer - Application Security Tooling Team
Aug. 2013 - Aug. 2017Houston, Texas Area• Implemented and maintained Vulnerability Scan infrastructure.
• Configure and troubleshoot Black Duck, Fortify Software Security Center Suite, including Web Inspect Enterprise, SCA, Palamida and McAfee Web Gateway.
• Configured IIS for internal applications to be used in conjunction with Fortify application on a grand scale to allow automation tools to be used by HP.
• Installed and configured SQL clusters to be used for storing the vulnerability data.
• Created role based access for accessing the SQL data for service accounts.
• Deployed Tableau Server to be used by analysts to create reports on data.
• Installed SSC and Web Inspect Server to run scan tools.
• Implemented DevOps culture to have a more flexible environment and smaller more reliable deployments.
• Built TFS server and implemented a Release Manager infrastructure for deployments to our applications.
• Worked with HP’s AD and ED infrastructure to get applications configured to use Windows Authentication for access control.
• Coordinated a Re-IP process for 70 plus servers during HP company split.
• Maintained SSL certs for both IIS and Apache Tomcat web solutions.
• Worked with Ping Identity, we used as a SSO solution for accessing our internal scan request page.
• Helped lead project to build infrastructure from the ground up, which included configuring 3 different environments (DEV, TEST, PROD)