SUMMARY:

System Administration Tiers II - III / Digital Forensics / Security Risk Analyst / SOC Analyst / Security Engineer / Cloud Security

COMPUTER TECHNICAL SKILLS:

Hardware: Dell, Hewlett-Packard, Sony, Acer, Toshiba, Compaq, Asus, Lenovo, Gateway and Apple Macintosh

Software: Microsoft Office (2000/2003/2007/2010 ), Microsoft Windows Operating Systems (98/NT/2000/XP/Vista,7,10), SharePoint 2013 & 365, Lync 2010, Windows Servers 2003, 2008 & 2012 (Active Directory, Group Policy, Exchange E-mail, McAfee ePO Orchestrator 4.0 Host-Based Security System), Symantec Ghost Imaging, Gold Disk, NetIQ Directory and Resource Administration and Security Management Consoles, Veritas Back-up servers, Cisco IronPort, Cisco VPN Client, MARS, WebSense, WebInspect, Nessus Network Scanning Tool and eEye Retina Enterprise Network Scanning Tool, Splunk, NIPERNET, SIPERNET, SOC,ServiceNow Ticketing Management Tool, Remedy and Track-IT Enterprise Databases, CA Technologies Top Secret Mainframe, Focus and Interactive Query Utility “IQU”, and IP Address Management System (IPAMS), WireShark, StealthWatch, MS-DOS Command Interpreters, WebEx Online Communication Tool, ZScaler, BlueCoat, CheckPoint, Cylance Protect, EnCase v8.0, FireEye, Imperva, McAfee Enterprise Security Manager (SIEM), ForeScout Counter Act Console, Emisoft, Tanium, Leidos Portal and Virtual Desktop Infrastructure (VDI) for Windows 10.

Government Documents: Confidential SP 800-53 rev.4, Confidential SP 800-37, Confidential SP 800-137, FIPS 199, FIPS 200, Confidential and US-CERT.

Cryptographic Software: RSA PKI Asymmetric Digital Signature Key Exchange Tokens, Entrust PKI, Pretty Good Privacy (PGP), OTAR Keys for the AN/CYZ-10 communications security ( Confidential ) data transfer devices and Virtru email encryption.

Medical: Medisoft version 7 SP2, Practice Fusion

PROFESSIONAL EXPERIENCE:

Confidential, Washington, DC

Mid-Level Cyber Security Operations Center Analyst

Responsibilities:

• The foot soldier of the Confidential organization.
• Responsible for protecting networks, web sites, applications, databases, servers, data centers, and other technologies.
• Creates trouble tickets for alerts that signal an incident and require Tier 2-3 Incident Response review.
• Perform triage on alerts by determining their criticality and scope of impact.
• Runs vulnerability scans, deliver metrics on scans, and review vulnerability assessment reports.
• Manages security monitoring tools. Monitor log analytics or SIEM tools.
• Identify affected systems and their scope of attack.
• Evaluate adversary details.
• Reviews and collects asset data (indicators of compromise, logs, configurations and running processes) on these systems for further investigation.
• Detect, investigate, and respond to incidents.
• Involved in planning and implementing preventative security measures and in building incident response and disaster recovery plans.
• Find suspicious or malicious activity by analyzing alerts.
• Investigate indicators of compromise (file hashes, domains, IP addresses).
• Perform proactive hunting for threats that may have escaped the alerting system.
• Review and edit correlation rules.
• Share findings with US-CERT and AT&T Business Direct Security Operations Center - a threat intelligence community.
• Responsible for recommending new technologies and installing them, as well as training other team members to use them.
• Support the project manager by communicating the progress and any issues of all assignments in the shift report.
• Conduct computer forensic investigations and electronic discovery requests for legal and FCC clients, using proprietary methodologies and cutting edge forensic tools such as FTK and EnCase v8.0.
• Recover information from computers and storage devices. Recover data like documents, photos, and emails from computer hard drives and other data storage devices.
• Often work on cases involving offenses committed on the internet and examine computers that may have been involved in other types of cyber-crime in order to find evidence of illegal activity.
• Other duties as assigned and works remotely.

Confidential, Arlington, Virginia

Mid-Level Cyber Security Analyst

Responsibilities:

• Guardian of government data contained in both IT LAN/WAN inftrastructures and the cloud.
• Developed and assessed cyber security documentation for client information systems in accordance with Confidential, Confidential Risk Management Framework, and departmental requirements.
• Participated in continuous monitoring activities and incident response.
• Supported two (2) organizations: FTA and OST and assessed seven (7) information systems within those organizations.
• Addressed security concerns of those organizations related to the design, development, implementation, operation, and disposal of information systems and the environments in which those systems operate.
• Used the security control selection and specification process that are organized into eighteen (18) security control families.
• Assisted or lead technical assessments using standard industry tools such as Nessus, AppDetective, WebInspect, and others.
• Identified and mitigate risks throughout assessment.
• Identified specific assurance-related controls that are included in the low-, moderate-, and high-impact baselines.
• Produced security evidence (artifacts) from developmental or operational activities.
• Participated in compliance related discussions (this includes a growing understanding of security control requirements).
• Worked with customers to resolve concerns and explain how compliance is achieved.
• Coordinated the day-to-day activities required to deliver a project on time and within budget.
• Attended and participated in regular project meetings; delivered succinct and accurate status updates.

Confidential, New York, New York

Network Operations Security Administrator

Responsibilities:

• Performed as a Junior Project Manager.
• Responsible for the development and IT security area across the enterprise.
• Assisted in the development and implementation of security procedures.
• Responsible for the monitoring and tracking of security events.
• Enforced security policies and procedures by administering and monitoring security profiles, reviewed security violation reports, and investigated possible security exceptions.
• Reviewed and updated Security Impact Analysis (SIAs) reports and Privacy Impact Assessment (PIAs) reports.
• Updated and maintained documented security controls.
• Attended weekly Change Configuration Board (CCB) meetings.
• Drafted SWOT (Strengths, Weaknesses, Opportunities and Threats) Analysis Reports for new software and technology integration.
• Oversaw vulnerability tests with vendors to evaluate the adequacy of network and system controls and identify vulnerabilities at both the infrastructure and application levels.
• Responsible for vulnerability management: Prioritized and identified application and infrastructure vulnerabilities and oversaw timely remediation and threat monitoring.
• Reviewed and analyzed intrusion attempts and coordinated with the corporate enterprise program.
• Received, reviewed, and responded to events and alerts as appropriate.
• Retained logs and monitoring artifacts for the appropriate duration as described in the record-retention schedule and bank policy.
• Assessed the security controls using appropriate assessment procedures to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system.
• Monitored the security controls in the information system on an ongoing basis including assessing control effectiveness, documenting changes to the system or its environment of operation, conducting security impact analysis of the associated changes.

Confidential, New Castle, Delaware

Information Technology Specialist

Responsibilities:

• Junior - to - Mid-Level Security Analyst for the Confidential as a Reservist in Information Security ( Confidential ).
• Independently conducted role-based security training engagements in a Security Operations Center (SOC) environment.
• Managed/supported communications computer systems security programs and activities including information protection and Emissions Security ( Confidential ). Maintained the security of computers, networks and their data.
• Administered and managed the overall Information Assurance program to include Communications Security ( Confidential ) and Computer Security ( Confidential ).
• Communicated and executed directives distributed by Defense Information Infrastructure Network and Security Control Centers in global, regional and local locations.
• Enforced national, Department of Defense and Air Force security policies and directives; employ hardware and software tools to enhance the security by installing, monitoring and directing proactive and reactive information protection and defensive measures to ensure Confidentiality, Integrity and Availability ( Confidential ) and Non-Repudiation of information technology resources.
• Microsoft Windows System Administration: Performed Microsoft Windows Server operating system support for servers 2003, 2008 R 2 and 2012 R 2.
• Monitored server performance and availability.
• Ensured Windows server availability compliance to Service Level Agreements.
• Addressed operational systems issues including file and share permissions, user accounts and installing applications. Performed User/Group Account Administration and File Management.
• Promoted and maintained server patch management practices.
• Liaised with vendors, suppliers, and professional services.
• Provided metrics for capacity management purposes.
• Troubleshot and diagnosed hardware and software issues.
• Applied operating system updates, patches and configuration changes.
• Supported and maintained Active Directory.
• Supported and configured Group Policy.
• Email Administration: Managed clientele email accounts via Microsoft Exchange Server. Provided Windows Exchange Email server support.
• Knowledge of Public Key Infrastructure (PKI) as a set of roles, policies, and procedures needed to create, manage, distribute, use, store and revoke digital certificates and managed public key encryption for Common Access Card ( Confidential ) infrastructures.
• Performed software and hardware firmware upgrades.
• Maintained and exchanged back-up tapes on Veritas backup servers, and their central storage systems and sites.
• Integrate server and storage platforms into the existing architecture and infrastructure.
• Performed microcomputer fault isolation and restoration functions on desktops and laptops. Supervised and operated home-stationed and deployed communications-computer systems. Remained current on knowledge of all network technology.
• Continuously monitored and assessed security controls and the security state of information systems.
• Attended monthly change control meetings.
• Participated in disaster recovery testing.
• Created, documented and presented oral and written briefings.
• Information Assurance: Managed information-related risks. Ensured that authorized users have access to authorized information at the authorized time. Focused more on the business level and strategic risk management of information and related systems, as well as on the creation and application of security controls.
• Demonstrated experience using Confidential SP 800-53 rev.4, Confidential SP 800-37, Confidential SP 800-137, Confidential SP 800-61, FIPS 199, FIPS 200 and Confidential documentation.
• Reported security breaches, incidents and computer/enterprise network system deficiencies to senior level assessment teams.
• Specialized in specific fields such as access control, access enforcement, security awareness training, media protection and destruction, and physical security using a layered defense model to protect people, government assets, and reduce threats.

Confidential, Brooklyn, New York

Certified LAN Administrator: IT Security Analyst

Responsibilities:

• Managed user identities and governed access control to Confidential “ Confidential ” mainframe.
• Provided Email and email security using Cisco Ironport, VPN, Firewall, and Internet /Web security.
• Prepared policies and procedures using the ISO 9001 and 27001 information technology security standards.
• Performed on-demand vulnerability scanning, network monitoring and incident handling.
• Responsible for other special security related projects.

Confidential, Manhattan, New York

IT Security Analyst

Responsibilities:

• Managed user identities and governed access control to Confidential “ Confidential ” mainframe.
• Provided Email, VPN, Firewall, Internet /Web security and Information Security ( Confidential ).
• Prepared policies and procedures using the ISO 9000 and 27001 information technology security standards.
• Performed on-demand vulnerability scanning, network monitoring and incident handling.
• Responsible for other special security related projects. Contracted to Confidential ’s Retirement System ( Confidential ) and became a direct hire to Confidential after two months of diligent service and work ethics.

Confidential, Reston, Virginia

Cyber Security Analyst

Responsibilities:

• Reviewed and updated Certification & Accreditation documentation for the Confidential ’s Health, Safety & Security Organization for classified/unclassified information systems according to FIPS PUB 199, Confidential and Confidential 800 series guidance.
• Interfaced directly with all levels of Federal Management to monitor and assess all phases of certification & accreditation and audits.
• Prepared written technical documentation and status reports modeling the System Development Life Cycle processes (SDLC), Capability Maturity Model Integration (CMMI) methodologies and interpreted vulnerability scans.

Confidential, Rockville, Maryland

Information Assurance Officer

Responsibilities:

• Performed a vinculum of system security assessments using automated tools in accordance with guidelines
• Provided maintenance and security support to IT networks in the JSC facility under the Confidential contract vehicle. Installed patches, virus updates and maintained access control lists.
• Ensured networks and infrastructure communication networks maintain confidentiality, integrity and security protection for data transmitted over both Confidential and Confidential networks.
• Scanned all connected information systems using eEye Retina Scan Engine Management console in accordance with JSC policies and responded to Information Assurance Virus Alerts (IAVAs) and Plan of Action & Milestones.
• Performed Information Assurance Levels I & II Certification and Accreditation: Preserved a healthy, secure, certified and accredited IT infrastructure in accordance with the DoD Information Technology System Certification and Accreditation Program ( Confidential ), remained positioned to conform to the mandates specified in the new DoD Information Assurance Certification and Accreditation