| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
3 Maple Grove Blvd SW, Huntsville AL Street Address Cell: PHONE NUMBER AVAILABLE EMAIL AVAILABLECybersecurity Engineer/AnalystCAREER OBJECTIVESeeking a Cybersecurity Engineering role focused on performing certification and accreditation (C&A) activities for DoD programs, conducting RMF functions, identifying solutions for vulnerabilities, HBSS monitoring duties, and contributing to ongoing auditing and IT support functions. With over 20 years of comprehensive IT experience encompassing IT Support, System Administration, Cybersecurity, and DevSecOps, I bring a strong blend of technical expertise and dedication.EDUCATIONBSBA - Computer Information System, Thomas Edison State University Trenton, NJ. Ongoing,2024.AS - Computer Information System Specialist, Bunker Hill Community College, Boston, MA 2006.CLEARENCE AND CERTIFICATIONSCURRENT Top Secret /(SCI) Eligibility.CompTIA, SECURITY + CE, COMPPHONE NUMBER AVAILABLE, April 01, 2015 EC-Council, CEH, ECCPHONE NUMBER AVAILABLE, July 30, 2013EXIN, ITIL Foundations, June 21, 2008SKILL SETSOperating Systems and Software Applications: Windows, Linux. DFS), Active Directory Service.Agile/JIRAGitlabWMWAREAzureACASTrelix ePOeMASS, Fortify Scan VSM, PO&AM, STIGs, IAVM,ScorecardIDS: Bluecoat, Network Security Manager, IP Audit, ArchSightPROFESSIONAL TRAININGGMD Basic Course 2/5/18-2/9/18Certified Authorization Professional (CAP) 4/25/16 -4/29/16 Risk Management Framework (RMF) 7/20/15 7/24/159/16 Certified Information System Auditor (CISA) 11/15 Assured Compliance Assessment Solution (ACAS) 4/14CX-I AMN STIGs 3/14Vulnerability Management System (VMS), 1/14 Host-Base Security System (HBSS 201) 9/12Lean Six Sigma White Belt 9/2009PROFESSIONAL EXPERIENCE ARCHARITHMSMarch 2023 - Sep 2023 Cybersecurity EngineerPrimary POC for HBSS Trelix ePO/ ESS Monitoring and troubleshooting.Performed Risk Assessment for Program products by reviewing Fortify scans, Developer Workbooks, and POAM.Reviewed and processed software assurance requests for COST, GOST, and FOSS.Reviewed and collected projects from Gitlab.Participated in daily morning Scrum meetings.*Updated MacAfee/Trellix agents on Windows servers 2012, 2016, 2019, and 2022.*Researched information about Splunk functions and security management.*Researched documented benefits of OpenNMS vs Nessus.Performed Monthly Scorecards.Reviewed/Monitored Tenable Nessus/ACAS vulnerabilities.Davidson Technologies INCSeptember 2017 March 2023 Cybersecurity EngineerPerformed Risk management-related tasks.Responsible for Hannibal Node ATO Package through DCSA.* Used NISPOM as a guide in support of Classified systems.Managed HBSS/Trellix ePO Console.*Used VMware ESXi environment to perform daily duties.* Researched SolarWinds Monitoring and Network Analyzer. Short-time monitoring.Participated in morning scrum stand-up.Researched and reviewed vulnerability scans in Gitlab.Patched Windows VMS on a bi-weekly basis via Manage Engine.Assured Security Technical Implementation Guide (STIG) compliance.Cybersecurity EngineerServed as primary POC for IAVM distribution and compliance reporting to GML.Served as GMTE System package owner.* Maintained ATO packages by using NIST SP documents 800-37, 800-171, and 800-35.Served as POC for IRIS incident reporting for PP&S.Served as Primary POC for Cyber Tasks Order (CTO) weekly and report applicability status to GMLResponsible for transferring Classified data to unclassified format by performing Trusted Download (TD)Performed alternate safe custodian tasks.Serve as Master technical document owner, I review and update the document with recent information such as Diagrams, hardware/software, policy/procedures, and Control Correlation Identifier (CCI)Initiate collaboration with multiple Integrated Product Team IPT within Boeing, Northrop, Orbital and ARIS to complete a task/project.*Researched and documented SIEM product vs CIMS tool.Attended Weekly ISSM/ISSO meetings and brief Cybersecurity lead.Attended 90 day quarterly meeting with the Integrated Product Team to discuss patch development, planning, testing and implementation.Initiated meetings with government customers to transform suggestions/information gained into valuable product conveyance.February 2016 Sept 2017US ARMY, NETCOMIT Specialist - ISSOServed as Local NEC-R Liaison to Detroit, Ft Rucker, and Pine Bluff.Performed Administrative functions in Active Directory (AD).Assessed and monitored security controls in eMASS.* Managed users and computers via Win Admin tools group policies (GPOs).Administered and maintained NETCOM Certification and Accreditation (C&A) for audit log files and IA controls.Supported NEC-R and LNECs in the transition of DIACAP to RMF in eMASS.Utilized Risk Management Framework (RMF) to create Cybersecurity SOPs and assessments for multiple controls.Developed Tactics, Techniques, and Procedures (TTPs) guidance as requested for many IA processes and functions.Reviewed TSP packages to verify Tenant Security Plans (TSPs).Conducted periodic audits: 10%, ATCTS, and AD and submitted to management monthly.Local site visit to Pine Bluff during their SAV to provide hands-on guidance as needed with their RMF documents: Contingency Plan, COOP, Hardware/Software, and QA/QC list.Reviewed the Security Plan in eMASS for Detroit and Pine Bluff during their SAV and noted the findings in the QA-QC documents.Performed Primary Safe Custodian duties.Performed project management tasks.Provided ATO, ATD and OIS status from assigned LNECs to NEC-R management.Processed/Report OPORD-PHONE NUMBER AVAILABLE% Monthly Audit. TASKORD-160728-362 - General and Privileged User Access to Army Information Systems (AIS), Networks and Data (U). OPORD 201608-101- Trip Report- Reporting daily to NEC-R management on the Pine Bluff Site visit for SAV-A.Provided consistent quality support and services to local NEC and LNEC customers within the same day.Processed and resolved the emergency token issue for Redstone customers.February 2015 February 2016Vista Technical Services, LLC/ Alutiiq LLC Redstone ArsenalInformation Assurance Specialist IIIProcessed CTO 10-133 Waiver requests and administration.Provided technical support by removing or adding SIPRNet (SIPR) user accounts to Active Directory (AD).Utilized and administered ATCTS to perform various tasks.Provided weekly OPORD updates.Implemented and maintained system security both technically and administratively.Processed numerous service requests via ITSM.Authorized partial or completed suspension of user accounts and operations upon detection of non-compliance with their Security training and Cyber Awareness.Supported NETCOM Redstone in the current transition of DIACAP to RMF in eMASS.Utilized Risk Management Framework (RMF) to create Cybersecurity SOPs and assessments for multiple controls.Developed Tactics, Techniques and Procedures (TTPs) guidance as requested for many IA processes and functions.Provided monthly auditing reports such as: Baseline Certification, CE, and Cyber Awareness.Performed quarterly user privilege auditing for all users on the Redstone domain.December 2012 February 2015LLC/ Alutiiq LLCInformation Assurance SpecialistReviewed event notifications and utilized various automation tools.Provided technical expertise in the area of information and system security.Performed Retina Scans weekly/monthly for workstations, printers, servers and other devices per customers request.Performed all necessary duties to protect the infrastructure from abuse and harmful intrusion.Actively monitored network activity and performed extensive reviews of activity logs.Monitored the output of various Intrusion Detection Systems (IDS), security applications, and output from various network devices (e.g. CISCO Pix Logs, SYSLOG Servers, and Web Servers) to identify: Security violations taking place, Compromised network devices, Hostile scans for network vulnerability, and Malicious attempts to compromise systems.Analyzed parts of the system and provided recommendations to the Information System Security Officer (ISSO) on areas of improvement regarding future expansions of systems, networks and data.Produced incident reports that included specific details, backup, and research regarding all network threats encountered.Monitored output from multiple IDS and various network devices and applications to ensure that customer internet use adhered to all security and privacy policies.Worked in a team environment with clients, customers and other IT personnel to provide help and support as needed.Information Assurance SpecialistServed as Information Assurance Specialist responsible for multiple security programs on base.Prepared DIACAP Package, consisting of validating SIP, DIP, Scorecard, POA&M and supporting Certification & Accreditation (C&A) documentation for annual FISMA.Tracked and reported network vulnerabilities.Enforce IAVM compliance utilizing FISMA for the Department of Defense (DoD), and Department of the NavyEnsured security posture was accurately communicated to IAM, Network Engineers, and Site Lead Branch.Provided continuous VMS monitoring to ensure SWFLANT continued to achieve 100% IAVM complianceReported, analyzed, validated, and adjudicated Plans of Actions and Milestones (POA&Ms)Disseminated IAVM/STIG guidance and direction to the Information Assurance Managers (IAMs).May 2009 - November 2012Kingfisher Systems Inc/Hewlett Packard/ Marine Corps Logistics Base (MCLB), Communications and Information Systems Division (CISD) Albany, GAInformation Security OfficerServed as MCLB's IAO developing policies for SIPRNet Token, Check In/Out, C&A, and CLO.Researched and interpreted trends and developments to improve approaches to the information system.Managed MCLB Access Control Database.Conducted risk and vulnerability assessments of information.Promoted IA and SIPR token awareness of security issues among management.Performed mitigations actions for HRO workstations, (TMS) server, NIAGARA SERVER.Created and modified: SAAR Renewal, CPR, C&A, and SIPRNet Token to enforce command IA policies and procedures.Performed MCA, LOGCOM, BASE, HRO and DMC technical security reviews and network analysis.Assisted MCLBA Government in the development of IA SIPR Token Issuance policy and procedure documents pertaining to information assurance technical tasks.Assisted Green Team members with monthly OPDIR and Audit scans for MCLBA.Monitored and evaluated HRO, BASE systems compliance with IT security requirements.Developed/Updated SOPs for security Contingency of Operations Plans (COOP) and disaster recovery for SIPR Token, C&A, and CLO SOPs for MCLB IA.Created network and systems design for SIPRNet including diagrams to ensure implementation of appropriate systems security policies.Managed IA Remedy Queue by: Coordinating with customers and scheduling out requests, following up with tickets.Worked collaboratively with Base IAM to validate requirements for and define IA strategies, programs, and plans.May 2008 - March 2009Hewlett Packard/ Marine Corps Logistics Base, Communications and Information Systems Division (CISD) Albany, GAIT System Technician/AdminServed as MCLB SIPRNet system administrator and primary point of contact for servers that serves as the primary means of receiving, processing, and transmitting secure message traffic.* Managed AD group policies (GPOs) via Win Admin tools.Developed plans, policies, and procedures for implementation, utilization, and upgrade of DMS at MCLB, Albany GA and supported tenant organizations over both the short and long term.Ensured secure operations by compiling software and hardware accountability inventories and evaluating and loading security patches.Loaded anti-virus software updates. Ensured that all network operations equipment were in compliance with all MCNOSC Operational Directives (OPDIR's) as directed.Created network and systems design for SIPRNet including diagrams to ensure implementation of appropriate systems security policies.Maintain security updates for MS Office, Adobe, JAVA, Flash Player and Microsoft Operating System.Managed SIPERNET users accounts, ensuring compliance with applicable information assurance policies and procedures.Served as primary action officer for implementation of Public Key Infrastructure (PKI) based secure messaging and data transfer within the directorate.Provided input into the development of accreditation documentation and the automated information systems (AIS) Risk Management Program for unclassified information and classified information up to and including TOP SECRET.Assisted the SIPRNET Information Assurance Officer (IAO) with threat and vulnerability assessments to assess risks and determine effective corrective measures.Assisted with the review and evaluation of security impacts on system changes. Duties were accomplished through a comprehensive approach involving close coordination with the SIPRNET IAO.Identified, measured, and controlled threats to minimize the unauthorized disclosure of information via the application of cost-effective countermeasures while ensuring data confidentiality, integrity, and availability.September 2007 April 2008Apollo Health Street, Americus, GA. Certified Help Desk AnalystMonitored and recorded incoming problems and requested and updated customer cases following help desk management applications.Recorded, resolved, or escalated customer requests or problems in accordance with standard operating procedures (SOPs) and pre-defined case recording or escalation guidelines.Reviewed and actively pursued a resolution to all cases under my assignment.Notified customers of scheduled outages, known problems, and other updates.Researched, resolved, and responded in accordance with SOPs to all requests and contacts received via telephone, mail, chat, and e-mail.Provided functional and technical support in troubleshooting and diagnosing windows applications.Installed and troubleshot VPN software and connectivity and remotely assisted users in the installation and updating of software.Installed, troubleshot, and mapped printers on different sites.Resolved Windows and Internet Explorer issues on desktops and laptops.Collaborated with the telecommunication team to troubleshoot T1 linesSeptember 2002 January 2007 Atlantic Associates/TEK systems IT TechnicianPerformed multiple short-term contracting jobs, which included:oMigrated users from old server to new server: Windows 2000 and NT.oChanged and renamed domain.oProvided local administrator access.oTransferred users profiles, cleaned up disk space and configured Microsoft Outlook.oParticipated in the redesign of the City of Boston Web Site.Coordinated a variety of complex and challenging software security issues with the Server Manager.Set up shared and server printers.Hooked up PCs in different classes.Drove ghosting utilizing Symantec software.Performed software installation of Linux, NT, Windows 98, 2000, XP Professional, and 2003 server.Added users in the Windows 2000 domain, created profiles and granted permissions.Troubleshoot hardware problem.AFFILIATIONS & AWARDSDiversity Leadership Colloquium (DLC)Activity: Member of Albany State University AMC Student Chapter. Award: Customer Awareness Certification 2007, Apollo Health Street. Volunteer: Mission Change, Habitat for humanity and Food Bank Mentoring: Big Brother Big Sister of Alabama |
