| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCesar M., GiorffinoPHONE NUMBER AVAILABLEEMAIL AVAILABLESummary of Skills:Over 22 years of experience within the information technology field & cyber security field. Reviews, evaluates and derives requirements for testability, develops and directs preparation and execution of comprehensive test plans, procedures and schedules for complete systems and/or subsystems. Produce network and firewall architecture diagrams and reports. Assist in the evaluation of firewall policy, standards, and procedural guidance and support for the protection of information technology systems Coordinates subsystem and/or system testing activities with programs and other organizations. Performs analysis of test results and prepares comprehensive subsystem and/or system level evaluation reports which verify and validate system performance at the CI level. Writes discrepancy reports and performs integration regression testing to verify/validate incorporated fixes to software, components, subsystems and systems. Support all aspects of operations, to include technical planning, design, development, integration, assessment, and requirements analysis, as well as future capability needs (near and long-term) to drive the design and maintain the systems.Member:High Technology Crime Investigation AssociationDigital Forensics Certified Practitioner -Founder (DFCP) 2007 https://dfcb.org/certified-membersNominations:Nominated at the 46th Annual Federal Employee of the year by South Florida Federal Executive Board. Nominated Senior Joint Service Member for the 2nd Quarter at the Naval Air Station, JIATF- SouthArmy Experience:US Army RetiredUS Army Active Duty 1991 1994 (Fort Carson, Co B 3/29 Field Artillery/Signal Corps) US Army Reserve 2007-2010 DISA, at the Pentagon, provided technical support to the Joint Web Risk Assessment Cell (JWRAC),US Army Reserve VANG Signal Battalion Det 1 2010- Cyber Command US Army Reserve 2010-11 Key West FL, Joint Task Force (JTFS), and Service Computer Emergency Response Teams.Education:x Masters of Cybersecurity Risk Management - Georgetown University - *UDGXDWHG x Masters of Science Computer Information Systems - Strayer University - Graduated x Bachelor of Science in Computers Information Systems - Strayer University - Graduatedx Associates Degree in Computer Electronics Engineering, - CLC -Graduated Work Experience:July 2020 to Present; Senior IT Security Engineer SME with AXIS, LLC /Department of TreasuryServes as Cybersecurity Contractor support in the areas of security program management, as well as analytical and technical support to protect BEP assets and ensure compliance with Federal Information Security Management Act (FISMA), Office of Management and Budget(OMB) Circular A-130, Department of the treasury, BEP IT Security policy and procedures, and other relevant laws or regulations. Assists in analyzing, planning, implementing, maintaining, troubleshooting and enhancing large complex systems or networks consisting of a combination that may include mainframes, mini-computers, personal computers, mobile devices, LANS, WANs, servers, data storage and the physical and logical components that integrate these systems together as an enterprise networking backbone within BEP. Architects, designs, implements, maintains and operates information system security controls and countermeasures. Analyzes and recommends security controls and procedures in acquisition, development, and change management lifecycle of information systems, and monitors for compliance.March 2020 to August 2022; Senior Lead Cyber Security with JR Computer Experts Troubleshoot, identify any unauthorized access, and provide solutions in an organizations system in relation to Cyber security. Update, sustain, and administer a high level of security for in-house security infrastructures. Run vulnerability valuation and fizzing of protocols, hardware, and software. Apply system security engineering principles to deliver real solutions premeditated to enhance the security position. Identify threats and develop suitable defense measures, evaluate system changes for security implications, and recommend enhancements, research, and draft cyber security white papers, and provide first-class support to the cyber security operations staff for resolving difficult cyber security issues. Penetration testing using the following tools: NMAP, DIRBUSTER, BURP Suite, OWASP and SQLMAP. January 2013 to March 2019; IT INFOSEC Supervisor with US Army Intelligence & Security Command (INSCOM)Forensic case work, reporting and digital analysis; as well as the subject matter expert for all digital forensic matters. Served in the Technical Operations section in the multidiscipline Counterintelligence (CI) and Counterespionage, employing unique skills and using equipment for testing; assisted in the configuration of forensic workstation computers and updating computer forensic tools; established standard operating procedures (SOP), POA&M Plan of Action and Milestone for the best practices to support Cyber CI Investigations, Operations and Forensic Media Analysis. Technical attack modus operandi, such as computer network attack and computer network exploitation to be able to exploit information. Manage information system assets associated with Automated Information Systems (AIS) and Internet Protocol (IP) Local Area Networks (LAN). Ensuring the confidentiality, integrity, and availability of information and information systems to best support the mission. Advanced forensic tools and techniques for network attack reconstruction. Perform network traffic analysis utilizing raw packet data, net flow, IDS, IPS and custom sensor output, as it pertains to the cyber security of communications networks. Develop policy recommendations, and create and implement Information Assurance/Computer Network Defense programs to protect and defend information, computers, and networks from disruption, denial of service, degradation, or destruction. Build and maintain security dashboards, metrics and KPIs based on business needs and requirements research threats and vulnerabilities and, where appropriate, take action to mitigate threats and remediate vulnerabilities. Review, assess, and mitigate penetration tests and vulnerability assessments on information systems and infrastructure Monitor security vulnerability information from vendors and third parties. Schedule and/or apply patches where appropriate and, at the direction of Management remove or otherwise mitigate known control weaknesses, such as unnecessary services or applications or redundant user accounts. Perform threat and vulnerability assessments. July 2011 to December 2012, Senior IT Forensic Investigator with SAIC NGA Investigate suspected instances of waste, fraud and abuse involving customers information systems. Investigate and eradicate computer viruses and malicious code. Prepare, write and present reports and briefing as required. Used forensics and detection tools to conduct forensic examination activities including assisting in the analysis of various types of network, computer and technology devices which could contain digital evidence. Investigate alerts identified by various security appliances and review audit logs to determine if an incident has occurred. Interact daily with customers and functional peer groups in order to schedule as well as perform investigations. Develop and maintain documentation for security systems and procedures. Information security working groups Leverage industry best practices to create, maintain, and document security baselines and standard September 2010 to July 2011; Section Chief, Computer Network Defense Analyst with the US Army Naval Air Station at Joint Interagency Task Force-South Supervised & managed information system assets associated with Automated Information Systems (AIS) and Internet Protocol (IP) Local Area Networks (LAN). Responsible for maintaining the integrity and security of enterprise-wide systems and networks. Input/ output data control and bulk data storage operations. Transfers data between information processing equipment and systems, support the transition of network defense configurations as informed by resolved incidents in order to prevent future occurrences. Used advanced forensic tools and techniques for network attack reconstruction. Performed network traffic analysis utilizing raw packet data, net flow, IDS, IPS and custom sensor output, as it pertains to the cyber security of communications networks. Correlate actionable security events from various sources, including Security Information Management System (SIMS) data and develop unique correlation techniques. Utilize knowledge of attack signatures, tactics, techniques and procedures to aid in the detection of Zero-Day attacks, utilized threat Detection tools, information management plan (IMP), and information management master plan (IMMP). Conducts quality assurance of ADPE operations. Controls production operations in support of command or agency priorities. April 2010 to September 2010; Senior Document Exploitation Analyst with Department of Defense/DIA Operation Iraqi Freedom assigned with the USAF 732 Expeditionary Intelligence Squadron at Camp Liberty and Camp Falcon, Iraq.Exploitation of analog and digital data storage mediums in order to recover information meeting Priority Intelligence Requirements (PIR) and/or evidence of crimes against US and Coalitions Forces. Provides technical oversight and assistance to MEDEX personnel, collect media, documenting, analyzing data, report writing, and the archiving of data associated with various cases. Participated in the coordination of resources during enterprise incident response efforts. Conducted computer searches and seizures, imaging, forensic analysis/data acquisition (FRED, Q-Tip and Log Collector) Interfaced with external entities including law enforcement organizations, intelligence community organizations and other government agencies, the Department of Defense. Investigated the wired and wireless network intrusions that took place. Produces information that can be used as actionable intelligence, and admissible, extracting evidence of illegal activities to assist in obtaining a warrant for the arrest of the detainee and be used in Iraqi Courts, created a report summarizing any relevant intelligence information. April 2007 to April 2010; Senior Computer Forensic Investigator, with CSC/ DEA Protected data from unauthorized access, use, disclosure, destruction, modification, or disruption, and protect the confidentiality, integrity, and availability of data and their delivery systems. Ensured, enforced the use of Army approved procedures for clearing, purging, reusing, and releasing system memory, media, output, and devices, to ensure the users and system support personnel have required security clearances. Authorized and need-to-know, are indoctrinated, and are familiar with internal security practices before access to the IS is granted, ensuring that information is accessible only to those authorized to have access to protect the information. Examined and performed a comprehensive and technical analysis of digital evidence, such as e- mail, user created data files, and other information stored on computer device(s) during an investigation or legal proceeding. Provided operational and administrative support to the EDP group in configuring hardware, software and managing inventories aside from digital forensic analysis. Tested and verified hardware and software used during examinations. Applying filters, performing keywords Search, creating files signatures, hash sets, create a unique digital signature that the original file has not changed. Created Message Digest 5(MD5) to verify that the evidence, is the same as the original media, book marking folders (Files of Interest), password recovery and forensic file decryption tools, update database, identified the "leakage" of classified Information, find, and add cases, admin review cases, using law enforcement tools and techniques to determine any intelligence value.Courses & Certifications:x Information Technology Technician (25B30) U.S ARMY x Counter Intelligence Agent Course (MOS 97B) U.S ARMY x Communications Interceptor/Locator Course (MOS 98H) U.S ARMY x Manager Development Course Certificate U.S ARMYx Completed Advanced Computer Forensic Professional Development & Training Course by Guidance Softwarex Completed OPSEC Trainingx Completed Operations Security Fundamentalsx Certified Computer Examiner Training Program by Department of Justice - Drug Enforcement Administration (DEA) Digital Evidence Laboratory x Certified Live Investigator WetStonex Completed National Security & Defense Strategy Course Joint Certified x Red Hat Server Enterprise Linux Essential Course Certificate x CompTIA Security + Certifiedx Defense Cyber Investigation Training Academy Digital Media Collector, x Information Assurance Security Officer Certification Course, x Certified Network Defense Architect (CNDA), EC-Council x Certified Ethical Hacker (CEH), EC-Councilx CCNA Course Certificate/CCNA Security - Passed Exam x Microsoft MCSA+MCSE: Server Infrastructure Course Certificate x Internet Forensics Course Certificate Access Data x Certified Computer Examiner by Department of Defense Department of Army (DCITA- Defense Cyber Investigation Training Academy Digital Forensic Examiner, x Digital Forensics Certified Practitioner -Founder (DFCP) x Intelligence Support to Operations Coursex Headquarters (HQ), International Security Assistance Force (ISAF) Course x Vulnerability Management System Functionality Course (VMS) Advanced Host Based Security System (HBSS) Course Languard Network Security Scanner Course. x Nessus Course |
