| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateNONCONFIDENTIAL // EXTERNALPHONE NUMBER AVAILABLEPHONE NUMBER AVAILABLEEMAIL AVAILABLEMoses Reynolds, CISSPClearance: Active TS/SCI/CI PolySummary:43 years Information Systems, Networking, and Intelligence Community (IC) experience; 49 years overall military experience. Operations Intelligence experience as All-Source, HUMINT, SIGINT, OSINT, and IPWProduced all-source target development in support of global combatant US Commands. Experienced producing all-source intelligence on Low Intensity Conflicts, Iraq, Afghanistan, and Pakistan based terrorist organizations. Extensive knowledge in providing support to Special Operations Forces (SOF) Experience using analytic tools, including Analyst Notebook, Palantir, TAC, FIRETRUCK, ICReach, TIDE, Tripwire, WISE. Evangelist of AI, ML, LLM, advanced cyber threat intelligence Training, Tactics and Procedures (TTPs), Certified in Block Chain Technology, Sr. Director Level Cyber Security OPS Center Technical Lead. Advanced familiarization of ELK, Kafka and Big Data open- source intelligence for continuous diagnostic mitigation. Applied SME on Cybersecurity Maturity Model Certification (CMMC) Framework Currently leading cyber security industry engagement at the Office of DoD CIO under the DCIO-CS Chief of Staff, PentagonCertified DoD 8570 IAM Level III Certified (CISSP) ISC2 #50790 FEB 2023-Present: Office of the Secretary of Defense, DoD CIO Responsibilities & Duties:Serves as a POC for planning, coordination, implementation, validation, mitigation, and compliance of cyber security tasks.Produce information security risk assessment reports that identify gaps with DoD Security Policies & Standards and propose remediation plans.Maintain situational awareness of cyber activities by reviewing DoD, Intelligence Community and open- source reporting for new vulnerabilities, malware or other threats that have the potential to impact the DoD.Prepare, edit, and present senior level briefings to share information and status. Prepare, edit, and coordinate communication of information between departments and for senior leader communications.Preparing executive level notes for meetings and liaising with other senior executives staff officers Represent the division, directorate, and Command in appropriate activities, including working group meetings addressing cyber programs, policy, and other activities. Contribute to and support a series of joint planning efforts to identify operational requirements, capabilities, characteristics, and organizational structure required to accomplish command objectives and missions.Works closely with operational elements executing specific missions, with a particular reference to building partnerships with operational organizations and teams. NONCONFIDENTIAL // EXTERNALJAN2019-JAN 2023-Cybersecurity Threat Intelligence SME reporting directly to the CIO of The Board of Governors, US Federal ReservesPlanned, coordinated, and executed Rules of Engagement prior to authorized domain penetration tests.Successfully planned, coordinated, and executed efforts for authorized domain pen testing of undisclosed domains.Provided executive summaries of pen test results to senior management in efforts to improve and enhance organizational security posture. Provided executive level reports on asymmetric cyber threat intelligence in the global financial sector.Aug 2010-May2019- Consultant Global Multi-Disciplined Intelligence /All Source Cyber Intelligence-Operations Integrator Senior Cyber Analyst: Planned, coordinated, and executed cyberwarfare intelligence products including indications and warnings (IOCs), collection management, targeting, imagery, network analysis, counterintelligence, counterterrorism, information operations, foreign disclosure, international engagements and threat analysis. Initiated and conducted deep dive research efforts; planned, coordinated, and synthesized research to produce all source intelligence products/responses.Planned, coordinated, and executed rules of engagement and pen testing against targeted authorized Internet Protocol Addresses to enhance security posture for the organization.Served in additional collateral duties to include Operations Subject Matter Expert as Primary advisor to the deployed Brigade Commander and staff on all activities with regards to intelligence planning, and synchronization of effort of JIEDDO and JIEDDO COIC support to deployed combat elements. Direct link between JIEDDO COIC and deployed combat units on all current and future initiatives. Ensured all requests for support for JIEDDO COIC products are fully coordinated with other JIEDDO COIC deployed assets and the JIEDDO COIC. Ensured combat assets are kept abreast of all current and emerging JIEDDO COIC processes, methodologies, and Tactics, Techniques & Procedures (TTP) for attacking threat networks that utilize IEDs/IRAMS. Provided advice to Combatant Commanders and their staff on how to best integrate JIEDDO COIC capabilities into their ongoing operations and analytical efforts in support of actionable intelligence against hostile forces. Most recently provided Big Data open-source threat intelligence for the purpose of continuous diagnostics mitigation on monitoring/alerting and controls for RHEL 6&7, ELK, Apache, and beyond. Mar 2010-Aug2010 Cyber Security Intelligence SME - Major Nuclear Power Plant HQ(Westinghouse) - Provided overall direction, design, implementation, and management of the global information technology cyber security implementation relevant to nuclear power plant CDA requirements, DOE, NRC, FERC, NERC critical information protection regulations, internal and external cyber security threat mitigation. Planned, coordinated, and executed rules of engagement and pen testing against targeted authorized Internet Protocol Addresses to enhance security posture for the organization.Dec 2009-Mar 2010 All Source Intel Analyst - Prepped for Afghan deployment under Trace Systems Inc. Contract suspended. Worked on DOD NIPRNet, SIPRNet, and JWICS networks. Honed skills utilizing Information Assurance (IA) monitoring tools (e.g., NONCONFIDENTIAL // EXTERNALWhatsUp Gold, Sniffer, Ethereal, Dameware, SolarWinds, Protector Series, ObjectFinder, etc.) Uncanny ability to establish rapport and interact effectively with customers, supervisors, and/or functional peer groups to meet objectives productively in a team environment. Mentored colleagues on FISMA/Clinger Cohen Act compliance requirements (e.g., developing IA Strategies)August 2009 Dec 2009: Information Systems Security Officer/Task Order Leader, Integrated Automated Fingerprint Identification System, FBI, DoJ, Clarksburg, WV - Subject matter expert in the secure design of enterprise network solutions and services Project Management lead for the FBI ITSP task order; gained FBI CJIS CAPP Cyber- Security SME experience.Dec 2008 Aug 2009: Intelligence SME/Information Systems Security Officer, DoD Developed, authored, and maintained formal Information Systems Security Program. Assigned to Joint Task Force ODIN/Constant Hawk/C-IED Deployed to FOB Marez, Mosul, Iraq as Team Lead for Pre-deployment Site Survey in support of Constant Hawk Program under Task Force ODIN (Persistent Surveillance) Tested and deployed SAR/EO surveillance equipment developed by MITs Lincoln Labs. Mar 2008 Dec 2008: All Source Intelligence Analyst, Active-Duty Military Service Performed intelligence operations and technical information assurance functions for 106th Rescue Wing, Air National Guard Unit daily operations, training, and readiness missions. Provided knowledge transfer of the operational procedures of the USAF Air and Space Operations Center (AOC) Intelligence, Surveillance, and Reconnaissance (ISR) Division. Prepared detailed training requirements of the ISR duty positions in Analysis- Correlation-and-Fusion, ISR-Operations-Processing-Exploitation-Dissemination; and Targeting functions at the operational level of war within an AOC. Analyzed and researched industry, infrastructure, technology, country, geographic area, biographic and target vulnerabilities. Prepared assessments of current events based on the sophisticated collection, research, and analysis of classified and open-source information. Daily collection of data using a combination of standard intelligence methods and processes.2003 2008: Senior Cyber-Security Compliance Architect, Altria/Electronic Data ServicesProvided Information Cyber-Security subject matter expertise, Cyber defense, and Global Enterprise Risk Reduction Programs. Managed Information Security Risks through internal Security Risk Assessments. Ensured Information Assurance Compliance requirements for development initiatives.2001 2003: Cyber-Security Architect: Semper Fi Global Comm., Inc., CA & NYC Conducted confidential forensic analysis of more than 300 seized computer systems for organizations in military, law enforcement, Fortune 100 Financial Firms. Implemented disaster recovery planning, pen-testing, auditing, risk analysis, business resumption planning, contingency planning, as well as contract and vendor negotiations of third- party security firms.1999 2001: Senior Enterprise Network Security Project Manager, Information Security & Privacy Group, Merrill Lynch & Co., New York, NY NONCONFIDENTIAL // EXTERNALProject lead for Corporate and Institutional Client Group enterprise network security team. Investigated and identified security issues, mitigate potential risks, and implement controls prepared detailed specifications for encryption technology, digital signing, PKI, VPN, IPSec, SSL, and Kerberos technology and Limited Sign-On approaches. 1997 1999: Chief Technology Officer, Consultant, Semper Fi Global Comm. Inc., Security Intelligence services consulting for Fortune 100 including DOD; Department of Justice, Morgan Stanley, Dean Witter & Co., Merrill Lynch & Co, Johnson & Johnson, SOCGEN (French Bank), Columbia Artists Management, CompUSA, AT&T Solutions. Advised more than 650 LAN/WAN engineers, vendors, programmers, and IT trainers Oversight of daily operations of multiple clients global networking environment, WAN infrastructure (servers, hubs, switches, cabling, connectivity hardware), PCs/peripherals. 1996 1997: Sr. Intelligence Analyst, U.S. Justice Department, El Centro, CA & Puerto Rico - Project Lead for upgrade of systems hardware and intelligence software; integrated and implemented various dissimilar US Govt networks, proprietary applications/hardware Provided timely automated intelligence reports using multi- platform Internet open sources Utilized DITSCAP Standards for Systems Integration. Active Military Experience:1998 2017: Master Sergeant, Air National Guard Rescue Squadron 1986 1998: Gunnery Sergeant, US Marine Corps 1975 1986: Progressively rose through ranks - Private to Gunnery Sergeant,(Active Duty) US Marine CorpsCounterintelligence and intelligence specialist/analyst during global peace-keeping assignments in Asia-Pacific, Middle East, Europe, South and Central Americas USMC Combat Photojournalist for Fleet Marine Force, Pacific Commands Trained in counterterrorism and advanced counterintelligence/counter-insurgency operations.Advanced special operations, low intensity conflict, asymmetric warfare, nuclear, biological, and chemical warfare.Assigned as project lead on a myriad of international joint task forces including counter- drug missions with the US Justice Dept. under the auspices of DoD and the White House Drug Control initiatives.Additional advanced technical qualifications and Hands-On skills include: Expertise in a wide variety of cyber security frameworks, including: NRC 10 CFR 73.54 including Regulatory Guide 5.71 Department of Defense Risk Management Framework DITSCAP, DIACAP, NIACAP, RMF, NIST 800-53, ISO 17799 DOD 8570 IAT/IAM Level III Certified (CISSP) SME on governmental security requirements, including:-FISMA, DCID 6/3, DCID 6/9 and FBI CJIS CAPP Experience developing and supporting IA artifacts, including:-SSAAs, SSPs, STIGs, RTMs, CTPROCs and other IA/POA&M Extensive knowledge of a myriad of cyber security managements tools and equipment such as:-LogRhythm SIEM, Splunk, ArcSight, Altiris TMS, Host Base Security Systems (HBSS- NONCONFIDENTIAL // EXTERNALnow ESS), ePolicy Orchestrator, VMware VSphere, eMASS, ESX, ESXi Developed and maintained test plans for Secured Compartmented Information Facility test environments in standalone, enterprise, and joint architectures. Designed, architected, and developed Firewall rules and performed inspection of data packets for security risks mitigation. Provided test setup, monitoring, data analysis, troubleshooting, and equipment tear down and after-action reports. Coordinate with interfacing organizations. Worked within existing processes to bring events to successful completion or propose new processes. Responsible for test platform equipment configuration within an integrated joint environment. Support writing Software Test Plans, Test Plan implementations. Investigate deep dive analysis and provide resolutions for software integration issues. Performed integration of existing and new software in the Joint Distributed Common Ground Systems (JDCGS) baselines. Performed design and/or unit test as needed. Provided integration build procedure documentation. Successfully performed authorized penetration test of internal infrastructure to enhance security posture of the organization. Lead the SOC Team to perform continual monitoring of Security Information and Event Management (SIEM) utilizing LogRhythms Advanced Intelligence Engine. Lead the SOC Team to investigate malicious URLs and optimized use of Web content filtration against Advanced Persistent Threats (APTs). Strong background in Security Operations, including IDS/IPS, DNS, VPN, network security, firewalls, and malware. Strong operational understanding of NSM, SIEM(LogRhythm/Splunk), UEBA(Varonis) and ETDR technologies Strong networking protocol knowledge. Strong experience with incident response Experience with Linux and scripting, i.e., Python, Kali pen testing suite of tools Experience with creation, documentation, implementation of security operation policies, procedures, and best practices Strong focus on automation for application deployment, patch management and security monitoring Extensive recent experience with security tools such as Host Based Security Systems and E-Policy Orchestrator by McAfee, Nessus Scanner from Tenable.sc Core version (including SCCV&NNM), IBM BigFix Daily input with ticketing and bug tracking applications such as JIRA, ServiceNow, Remedy, and BMCs Footprint Adequate proficiency with PowerShell, Python and VBS scripting Rebuilt and upgraded relational databases such as Microsoft SQL, Oracle v9-11. Immersed leading Security Intelligence Centers within a bleeding edge virtualized servers and application environment, such as VMware, Hyper-V, Citrix, AWS and Azure900 More than 120 cumulative hours of SCRUM and PMP training over the past 12 yrs. NONCONFIDENTIAL // EXTERNAL Expert familiarity and exposure on the deployment, configuration/maintenance/update of the following Cyber Network Defense (CND) tools:DarkTraceRunSafe SecurityTychonMitre@ttack FrameworkFidelis DLP and MDETipping PointSourceFireArcSightGigamonOpswatInquestBivio/Argus/Bro/ELK Other Security Onion Forensic Analysis Software Development tools including: Elasticsearch, Logstash, Kibana, Snort, Suricata, Bro, Wazuh, Sguil, Squert, CyberChef, NetworkMiner, MolochEducation: Graduate, Bachelor of Science, Interdisciplinary Studies & Communications S.U.N.Y, Empire State CollegeAdvanced Combat Photo-Journalism ProgramSyracuse University, Syracuse, NY |
