| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidate1Candidate's Name
Fayetteville, North Carolina Street Address
Work: PHONE NUMBER AVAILABLE Cell: PHONE NUMBER AVAILABLEEmail: EMAIL AVAILABLESUMMARYOver 23 years of experience mastering all aspects of the Cybersecurity (formerly) Information Assurance) profession. Served in multiple Cybersecurity positions and supervised over 40 Cybersecurity specialist as a member of the U.S. Air Force and as a Department of Defense(DoD) civilian employee for the U.S. Army. Currently employed as an Organization Information System Security Manager (O-ISSM) in support of Force Command (FORSCOM) G-2, Major Subordinate Commands (MSC), and Corps and Divisions Joint Worldwide Information Communication System (JWICS), information systems. Enterprise Mission Assurance Support Service (eMASS) administrator for 504 security controls in support of 14 SCIFS in the West Region of the Unites States. Register and track Military Intelligence (MI) systems to obtain an authority to connect (ATC). Provides support for FORSCOM to include JWICS user accounts, Public Key Infrastructure (PKI) credentials, and various military intelligence news portals and identity management services. Prepare audit reports that identify technical and procedural findings and provide recommended remediation. Former positions included: Management of the Incident Response team for the Standalone Network Enterprise Center (SANEC) Cybersecurity Compliance Branch (CCB) at Fort Liberty Network Enterprise Center. Governed, implemented, and managed each facet of Cybersecurity in various roles such as Division Chief, Branch Chief, and Team Lead. Developed training materials and conducted over 50 session training soldiers for the installation Command Integrated Program (SCIP) at Fort Liberty and Cybersecurity personnel. Mentored and trained coworkers in Cybersecurity fundamentals, Risk Management Framework (RMF) processes, developing governance, and incident response and defense management. Master level proficiency with countless Cybersecurity and forensic tools. Professional knowledge and implementation of Army Policies, DA- Pamphlets and NIST Standards, which include but not limited to: AR-25-2 (Army Cybersecurity), NIST SP 800-53 Rev 5 (Security and Privacy Controls and Federal Information Systems and Organizations), DA Pam 25-2-14, AR 25-22, AR 25-1, and AR 380-53. Developed and implemented various Cybersecurity policies and procedures. Provided Forensic support, Log management, Intrusion Detection System (IDS), Unauthorized Disclosure of Classified Information (UDCI)/ Negligent Discharge of Classified Information (NDCI) spillage and investigation, Incident Response, Firewall, Web filter proxy, Wireless Intrusion Detection System (WIDS), Public Key Infrastructure-Equipment (PKI-E), Whitelist, Host Base Security System (HBSS), ForeScout Network Access Control (NAC), Elastic Log Management Solution, and primary liaison providing support to Staff Judge Advocate, Counterintelligence and Law Enforcements on Cybersecurity investigations. Correspond daily with Regional Cyber Center (RCC) and Defensive Cyberspace Operations Division (DCOD) on Cyber incidents. Expert level communication and written correspondence. Expert proficiency in the use of network scanning tools such as NESSUS ACAS, HBSS and Microsoft Endpoint Configuration Manager. Continuously develops, updates, and reviews local and Higher HQ Cybersecurity policies, processes, SOPs and Tactics Techniques and Procedures (TTPs). Attained the highest level of education by holding a Doctorate in Cybersecurity with emphasis on Federal Standards NIST 800-171, NIST 800-53 and the Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7012. 2HIGHLIGHTS Cyber Incident, O-ISSM and RMF lead Principal lead Incident Responder for RMF, Command Cyber Readiness Inspection (CCRI) and Staff Assistance Visits (SAV). Excellent leadership skills. Proficient with Gabriel Nimbus. Manage Linux based appliances and tools (Elastic Stack, NetForensic Cinxi/Blackstratus Log Management) Bluecoat & Bluecoat Reporter, NESSUS ACAS Scanning tool, Intrusion Prevention and Detection (IDS/IPS), Counteract Network Access Control (NAC) and CISCO Firewall Created and implemented the Fort Liberty Incident Response Plan, currently serving as the benchmark/standard. Created disaster recovery and business continuity plan for Cybersecurity. Manage 802.1X Network Access Policy server. Executed the investigation of security incidents and Unauthorized Disclosure of Classified Information (UDCI)/Negligent Discharge of Classified Information (NDCI) spillage. Designated as the RMF SME for all Audit and Accountability (AU) and Incident Response (IR) security controls. Tasks include but are not limited to: POA&M management, DISA STIG checklists completion, logging, updating Test Results and Artifact information within eMASS Procured, maintained, troubleshoot and purchased Cybersecurity tools. Compose and submitted the Fort Liberty Cybersecurity Annual Installation Threat Assessment of the U.S. Intelligence Community. Executed information system and forensic analysis in support of law enforcement investigations. Composed and submitted numerous awards for Cybersecurity personnel. Develop and write Cybersecurity policies and procedures. Train team members and serves as facilitator of team initiatives and projects completion. Work daily with Risk Management Framework security controls. COMSEC Key Management Infrastructure Client Platform Security Officer (CPSO). Archived, and deleted audit security logs from the KMI COMSEC client nodes monthly. Supervised and conducted the annual Cybersecurity Tabletop Exercises. Managed the installation, upgrade, patching, STIGing and auditing of Linux operating systems. Primary Liaison between vendors and Cybersecurity acquisitions. SECURITY CLEARANCE Department of Defense Top Secret Security Clearance SCI, Background investigation (SSBI), Aug 2012 Enrolled in continuous evaluation for deferred investigation, September 2020. EDUCATION Doctor of Science in Cybersecurity, Capitol College, Laurel Maryland, GPA 4.0, April 2020. Master of Science in Information Assurance Engineer, Capitol College, Laurel Maryland, 2010 Bachelor of Computer Science with minor in Mathematics, Campbell University, Buies Creek North Carolina, 20053PUBLICATIONLynch, I. M. (2020). Department of defense controlled unclassified information compliance: The impact on small business contractors (Order No. 28000085). Available from ProQuest Dissertations & Theses Global. PHONE NUMBER AVAILABLE.PROFESSIONAL CERTIFICATIONS Digital Media Collector, Defense Cyber Crime Center Digital Forensic Examiner, Defense Cyber Crime Center Certified Network Defense Architect (CNDA) Certified Ethical Hacker (CEH) Certified Linux+ Microsoft certified Technology Specialist (MCTS) Microsoft Certified IT Professional (MCITP) Microsoft Certified Technology Specialist: Windows7, Configuration Microsoft Certified IT Professional: Enterprise Desktop Support Technician NSTISSI 4011 National Training Standard for Information Systems Security Professionals CNSSI 4012 National Information Assurance Training for Senior Systems Managers CNSSI 4013 (A) National Information Assurance Training Standard for System Administrators(Advanced CNSSI 4014 (A) Information Assurance Training Standard for Information Systems Security Officers (Advanced) NSTISSI 4015 National Training Standard for Systems Certifiers CNSSI 4016 (A) National Information Assurance Training Standard for Risk Analysts (Advanced) ITIL V3 Intermediate Release Control & Validation ITIL V3 Foundation Security+TRAINING Risk Management Framework Gabriel Nimbus 200 Linux Essential Refresher & Python Computer Hacking Forensic Investigator Public Key Infrastructure Technical Monitor Training Key Management Infrastructure CPSO training for COMSEC Computer Incident Responder Course Windows forensics Encase Counterintelligence Incident Handling Certified Ethical Hacker [Penetration Testing, Introduction to Ethical Hacking, Foot printing, Google Hacking, Scanning, Enumeration, System Hacking, Trojans and Backdoors, Viruses and Worms, Sniffers, Social Engineering, Phishing, Hacking Email Accounts, Denial of Service, Session Hijacking, Hacking Web Servers, Web Application Vulnerabilities, Web-Based Password Cracking Techniques, SQL Injection, Hacking Wireless Networks, Physical Security, Linux Hacking, Evading IDS, Firewall and Honey pots, Buffer Overflows] Firewall (JCNIA), Linux +, Enterprise Desktop Support Technician, Windows7 Configuration - Computer Forensic Investigation and Incident Response, Security Risk management, Netforensics Cinxi-One, Perimeter Protection Host Base Security System (HBSS), Complementary Security, Malicious software, Managing Information Systems, Wireless Security4 Computer Forensic & Incident Handling, Vulnerability Mitigation, Asset & Vulnerability Tracking Resource, Automated Message Handling System, Internal Protection Incidents, Managing & Troubleshooting Devices, Drivers, Local Security and User Logon, FrontPage, Retina Scanning Tool Security Plus COMSEC Account manager, Combat Information Transport/Base Information Course, Internet Security ScannerLEADERSHIP TRAINING Focus Achieving Your Highest Priorities 4 Roles of Leadership 7 Habits of Highly Effective People Senior NCO Academy and NCO Academy Leadership, Problem Solving, Management, Counseling, Communications, Personnel Motivation, Supervisor Training Course and Customer Focus Course EMPLOYMENT HISTORYFORSCOM G2/SYSTEM West Team Lead, GS-13 FORSCOM, Fort Liberty NC, Supervisor: Dr. Janet Johnson (910) 570-5240, October 2023 Present Serves as an O-ISSM in support of Force Command G-2, MSCs, Corps and Divisions. Conducts on site SAV, brief and prepare after action report for management and supporting personnel. Perform monthly audits of FORSCOM, JWICS information Systems. Utilizes eMASS to manage the accreditation of 14 SCIFS for the West region of the U.S. Upload artifacts and compelling evidence, develops and maintain assessment and authorization packages, Security Plan and Plans of Action and Milestone (POA&M) approvals, extensions, and assess only request in eMASS. Manage and track RMF security controls compliance. Generates security risk reports and workflow approvals from eMASS dashboards. Monitor ATCs and request updates within 120 days of expiration. Conduct required reviews as appropriate within environment (e.g., Technical Surveillance, Countermeasure Reviews [TSCM], TEMPEST countermeasure reviews). Analyze organization's cyber defense policies and configurations and ensure compliance with regulations and organizational directives. Provide Identity Management support for FORSCOM to include JWICS user accounts, Public Key Infrastructure (PKI) credentials, and grant access to various military intelligence news portals and services. Prepare audit reports that identify technical and procedural findings and provide recommended remediation.Cyber Compliance Branch Defense Team Lead, GS-12 Network Enterprise Center, Fort Liberty NC, Supervisor: Tracie Lashley (910) 432-4165, June 2011 September 2023 Cybersecurity Specialist (Incident Response Manager) for the Network Enterprise Center (NEC), Cybersecurity Division. Monitor Network Security, Communication Security, and Information Systems Security for the Fort Liberty installation level Computer Network Defense (CND) infrastructure. Team leads and security advisor for Defense element in Cybersecurity, Cyber Compliance Branch, Network Enterprise Center-Ft Liberty with over 22 years of experience in Cybersecurity/Information Assurance. Responsible for Forensic support, Log management, 5Intrusion Detection System (IDS), Collaboration with the Defense Information System Agency(DISA), Army Cyber Command, Defensive Cyberspace Operations Division (DCOD), and the Regional Cyber Center (RCC), UDCI/NDCI and investigation, Firewall, web filter proxy, Wireless Intrusion Detection System (WIDS), PKI-E, Whitelist and supporting Staff Judge Advocate, Counterintelligence and Law Enforcements on Cybersecurity investigations. Provide technical leadership on Cyber incident response matters concerning the confidentially, integrity, availability, and security of network assets on Fort Libertys network. Oversee team assignments, projects, potential problems, major deadlines, distribute work assignments and provide guidance on defense related issues. Primary point of contact in resolving Cybersecurity and cyber defense issues and complaints and serve as the proxy for escalating issues. Train team members and mentor team initiatives and projects completion. Develop and write security policies, procedures, and cyber defense governance for the security of information process stored and transmitted on Fort Liberty. Conducts monthly Supported Command Integration Program (SCIP) training to installation system, network, and workstation administrators. Ensure they are prepared for their duties and expectations. Collect and analyze evidence recovered from systems using critical forensic analysis techniques and tools in support of Staff Judge Advocate, Counterintelligence and Law Enforcement investigations. Conduct the successful testing, implementation and demonstration of the pilot and fielding of Elkstack SIEM for 7th Signal Command. Manage the Elkstack and netForensics appliance logs: Review firewall logs and verify incidents monthly, updated appliances, configure and create rules to prevent malicious intruder from exploiting the network. Conducted numerous trainings to soldiers, management and co-workers (cybersecurity onboarding courses, acquisition training courses, cybersecurity governance training to co-workers and management and the Soldier Command Integrated Program for the installation). Engage and collaborate in the weekly Elkstack pilot briefings to CONUS and OCONUS commands to include Higher Headquarters, the Pentagon and Army Europe and African Command. Respond to all Task Order and FRAGOs concerning Cybersecurity. Conduct the annual Cybersecurity Tabletop Exercises to achieve cross organizational awareness. Liaison with customer organization on various IT related matters, coordinate upgrade, configuration and procurement of hardware and software with installation and external agencies. Direct investigations of Cybersecurity incidents and UDCI/NDCI spillage and ensure threats are mitigated expeditiously. Utilize Army approved IA products such as, HBSS and NESSUS, ACAS scanner Retina, QTip, Hercules, NAC, to monitor, remediate and update network devices. Investigated security violations, recommended corrective actions, and submitted reports to RCC. Performed forensic computer analysis related issues. Developed, maintained, and submitted reports to RCC and higher-level management. Manage, configure policies/rules and review logs in the firewall, netForensic Cinxi, IDS/IPS, NAC and Bluecoat proxy web filter. Monitor for access denials, patch appliances, add access rule enforce and update security policies, to prevent malicious intruder from exploiting the network. netForensics tool expert, often contacted by other installation for help/support in solving issues. Perform forensics analysis resulting from UDCI/NDCI spillage, assist with cleanup, provide procedures for clearing, purging, destroying, and releasing system memory, and utilize Retina and Quip to scan media and devices for compliance. Alternate COMSEC custodian: Assisted in destructions and witness on documents. Identify new hardware and software requirements, submit RMF Assess/Certificate of Noteworthiness (CON) requests, develop acquisition packages and request funding for new purchase, maintenance warranty and service contract for network defense tools. Review test proposals/evaluation plan to determine impact and compatibility with Army systems architecture. Employ risk management principals to analyze threats and vulnerabilities of information, communication and telecommunication systems and recommend appropriate countermeasures to 6mitigate the risks. Perform forensic computer analysis related to Cybersecurity, incidents, or vulnerabilities. Firsthand experience in gathering, analyzing and preservation of forensic evidence recovered from systems using critical forensic analysis techniques and defense tools in support of Counterintelligence and Law Enforcement investigations. Manage and approve DNS and Web servers in the whitelist and aid customers with requests and issues pertaining to their public or private web sites as a part of the registrar duties. Monitor network resources IAW Army regulations and work with DISA and 2RCC to support computer network attacks and CND efforts. Aid in investigation of security violations, recommend corrective actions and submit reports based on findings. Principal IA member for the implementation of 802.1X: Configured network policy server and applied policy for system compliance. Provide services in support of Risk Management Framework (RMF) Assess and Authorization, POA&M Management, Annual Security Review, and Secure Control Assessment and Validations. Classify control risk levels for the National Institute of Standards and Technology Special Publication 800-53 security controls and update Cybersecurity policies and procedures to comply with new requirements. Responsible for the Audit and Accountability (AU), Incident Response (IR) and System and the System and Information Integrity (SI) controls. Worked over 100 controls, allowed the submission for Fort Liberty SIPR and NIPR Authority to Operate (ATO). Change Analyst and Certified Information Technology Infrastructure Library (ITIL) Release Manager and Security Manager. Maintain status on change records, accept and revise request for change (RFC), address requesters concern and create management reports. Fort Liberty PKI ISSO. Performs monthly audits, backup and analyze logs generated by the Local Registration Authority (LRA) workstations, ensure no anomalous events recorded or gaps in the logs that cannot be explained, and maintain logs per PKI requirement. COMSEC Client Platform Security Officer. Archive and delete audit security logs from the KMI client node on a monthly and semiannual basis.Information Assurance Engineer, GS-11 Network Enterprise Center, Fort Bragg NC, Supervisor: Tracie Lashley (910) 432-4165, February 2005 June 2011 Information Assurance Defense team lead and the security advisor for the Defense and Protection section in Information Assurance Division and acting branch and division chief in the absence of responsible personnel. Information Assurance Vulnerability Management compliance for over 24,000 classified and unclassified systems: Provides guidance for the security of information processed stored and transmitted on the installation, tenant organizations and serves as liaison with customer organization on various IT related matters. Provide monitoring of network resources IAW AR 252, AR 25-1 and AR 380-53. Trained IMOs and IASOs on identifying, managing, and remediating IAVA vulnerabilities. Employs risk management principals to analyze threats and vulnerabilities of information, communication and telecommunication systems and recommends appropriate countermeasures to mitigate the risks. Maintained, installed, and implemented computer network planning within the Defense Network. Diagnosed equipment failures in a technical environment. Developed, maintained, and submitted reports to higher level management and the Regional Cyber Center (RCC). Investigated security violations, recommended corrective actions, and submitted reports to RCC. Performed forensic computer analysis related issues. Collected and analyzed evidence recovered from systems using critical forensic analysis techniques and tools in support of Staff Judge Advocate, Counterintelligence and Law Enforcement investigations. Managed the netForensics appliance logs: Reviewed firewall logs and verified incident entries 7monthly. Updated appliances, configured, and created rules to prevent malicious intruders from exploiting the network. Trained new employees proficient in duties assigned, detecting, and responding to Cybersecurity threats, SCIP, writing cybersecurity governance and acquisitions of software and hardware, and the lead trainer for onboarding cybersecurity personnel. Performed forensic analysis resulting from spillage, assisted with cleanup, and provided procedures for clearing, purging, destroying, and releasing system memory, media, and devices. Fort Bragg cyber emergency POC for IAD during the annual review of the Fort Bragg Emergency Execution checklist. Upgraded memory and apply security patches to the firewall, controlled user access and configured the firewall for failover. Monitored the intrusion prevention and detection sensors and the NAC devices; configured rules to enforce policy compliance, track and control network guests and run schedule vulnerabilities checks. Updated users CAC in AD and Remedy and forward monthly public key infrastructure result to NETCOMS. Received, reviewed, and disseminated IAVM messages. Utilized Army approve IA product such as McAfee HBSS and antivirus program, Retina, REM, Haris Stat, Hercules, Internet Security Scanner(ISS) and NESSUS to scan. Monitored, remediated, and updated network devices. Interpreted scan results, implemented corrective actions, and prepared reports of findings in support of network infrastructure defense in depth. Installed, managed, and provided system administration support for the REM and Hercules servers. Conducted inspector general visits, identifying systems deficiencies, recommending corrective solutions, and briefing commander on findings. Trained co-workers on DIACAP controls. Reviewed, worked, and validated DoD 8500 DIACAP controls for readiness inspection and Authority to operate. Authenticated computer systems accreditation and certification using Department of Defense Information Technology Security Certification and Accreditation Process. Managed and approved DNS and Web servers in the whitelist and aided customers with requests and issues pertaining to their public or private web sites as a part of the registrar duties. Conducted compliance reviews of Protective Distribution Systems (PDSs); surveyed facilities to ensure PDS installations complied to prevent attempted penetration of classified information systems. Alternate COMSEC custodian: Assisted in destructions and acted as witness on documents in absence of managers.United States Air Force (various information technology assignments) July 1984 - April 2005REFERENCES Available upon request |
