OBJECTIVE

My goal is to use the skills I have attained from my diverse work experiences to provide the best value while increasing an employer’s security posture and continue to strengthen my career in Information Systems Security/Cyber Security. I am a team oriented professional constantly seeking opportunities to expand my training and experience in the field of Information Systems Security and Cloud Systems Administration. This passion extends to my home life, where I am always learning new technologies, improving security posture and scripting tools in my virtualized domain infrastructure and development environment hosted on my hypervisor servers.

PROFESSIONAL EXPERIENCE

Windows System Administrator - Automation Team

Confidential

Tasked as part of an Automation team to perform datacenter migration for confidential Online Backup Services. Created PowerShell Automation scripts to assist with confidential efforts for confidential, VMs. Created PowerShell Automation scripts to perform automated upgrades for Citrix Zen Hypervisors, VMs during the datacenter migration. Created PowerShell Automation scripts to patch a wide variety of systems to mitigate the Meltdown/Spectre and other Critical Vulnerabilities. Tasked as lead for Vulnerability Management for our groups’ assets and tracking patching and remediation efforts for systems in the datacenters. Created PowerShell Automation scripts to update the tracking of asset postures and remediation efforts. Created PowerShell Automation scripts to query server infrastructure for installed applications, server roles, Symantec specific web apps, user logins(if any), patching postures of each asset; for the purposes of identifying systems that will no longer be needed(shutdown), systems that will be migrated to cloud services, and future system or app scalability needs. Created PowerShell Automation scripts to query Symantec’s Azure instances, build a report in Excel, and present to management for the purposes of cost optimization and asset tracking. Created PowerShell Automation scripts to query Symantec’s Datacenter instances, build a report in Excel, and present to management for the purposes of cost optimization and asset tracking.

Windows 10 Security Engineer

Confidential

Created the Windows 10 Minimum Security Baseline policy for confidential and Baseline Management group. This involved defining the Windows Group Policy, configuring the advanced security features in Windows 10 and Windows Server 2016, such as confidential and Virtualization based security, testing configured GPOs in a secure Windows Server 2016 and 2012 Active Directory domain environment hosted on VMWare VCenter, creating and editing the Windows 10 Minimum Security Baseline policy document. Created the Windows Server 2016 Minimum Security Baseline policy for confidential and Baseline Management group. This involved defining the Windows Group Policy, configuring the advanced security features in Windows 10 and Windows Server 2016, such as Device Guard, LAPS, BitLocker and Virtualization based security, testing configured GPOs in a secure Windows Server 2016 and 2012 Active Directory domain environment hosted on VMWare VCenter, creating and editing the Windows Server 2016 Minimum Security Baseline policy document. Updated the Minimum Security Baseline policy for Windows Server 2008 R2, Windows Server 2012 and Windows 7 to radically improve the security posture of systems governed by these policies by incorporating Microsoft advanced security best practices, enhanced protection tools, and secure system architectures. Developed a system to convert the custom S.W.I.F.T. GPOs, created from the MSB process, into SCAP benchmarks (XML OVAL) for use with compliance verification scanners such as, McAfee Policy Auditor and CIS CAT tool, and ACAS (Tenable Nessus). Deployed McAfee ePolicy Orchestrator (Host Based Security System) V5.3 in a test environment to build a Proof of Concept system for S.W.I.F.T. to deliver new capabilities via Policy Auditor 6.2.2 with CIS benchmarks (XML OVAL) for OS security policy compliance. Assisted in solving challenges with compliance verification of HP UX Linux/Unix, Oracle Sun Solaris Linux/Unix, and RHEL (Red Hat Enterprise Linux) security policies. Created the S.W.I.F.T. Wiki MSB section of pages detailing the Minimum Security Baseline processes, policies, compliance verification, security exceptions, and FAQs for the customer and user base of S.W.I.F.T. Created many tools and scripts with PowerShell to improve security, increase automation, and monitor Windows environments. Examples include: Windows Hardening Deployment Prep tool for setting Local Group Policy on non-domain systems, account hardening, secure firewall rule configurations, VM prep tool for automating VM deployments in Hyper-V, tracking current logins on remote systems, DNS Sinkhole for Malware and Adware Domains, network status tracking tool.

Systems Administrator

Confidential

Lead SA for the PMRF Migration to Secure Host Baseline Windows 10, developed and designed a custom configuration and options for the PRMF organization. Assisted senior leaders and customer with recommendations for hardware refresh options in support of migration to Secure Host Baseline Windows 10. Conducted Systems Compliance Scans with ACAS (Tenable Nessus) to discover and validate PMRF systems vulnerabilities as well as scans for rogue USB Devices. Created McAfee HBSS (Host Based Security System) HIPS USB Device Whitelist in IAW DISA and USCYBERCOM requirements for RDN, iNet and SIPR PMRF networks. Monitored and maintained file integrity of PMRF network systems with Tripwire. Performed backups of mission critical PMRF systems with Acronis Backup Advanced. Ensured completion of manual Security Technical Implementation Guide (STIG) (XML OVAL) checklists, providing documentation on the status of the system along with technical risk mitigation strategies, patching, remediation and validation of open findings to support DISA CCRI. Generated and provided DIACAP/RMF technical documentation as required to support DISA CCRI efforts involving multiple PMRF mission critical networks, to include RDN, iNet, and SIPR. Collaborated with PMRF/IT Department personnel to include but not limited to: Range Networks, Cybersecurity and MIS as related to individual tasks or general project support.

Systems Administrator

Confidential

Tasked as part of a surge team to aid in DISA CCRI preparation efforts for PMRF network systems to assist and perform the following:

Ensured completion of manual Security Technical Implementation Guide (STIG) (XML OVAL) checklists, providing documentation on the status of the system along with technical risk mitigation strategies, patching, remediation and validation of open findings to support DISA CCRI. Generated and provided DIACAP/RMF technical documentation as required to support DISA CCRI efforts involving multiple PMRF mission critical networks, to include RDN, iNet, and SIPR. Collaborated with PMRF/IT Department personnel to include but not limited to: Range Networks, Cybersecurity and MIS as related to individual tasks or general project support.

Systems Administrator/ISSO

Confidential

Rebuilt server systems for DSS SIPR accreditation IAW DISA STIGs (XML OVAL) and IA compliance. Conducted McAfee HBSS (Host Based Security System) configuration to all systems and created HBSS ePO (Host Based Security System) policies for all managed systems IAW DISA IA Compliance to ensure proper PA scan rollup to CMRS. Configured and Conducted IA Vulnerability scanning of all systems with Retina and ensured Rollup to DISA VMS. Built server systems for a virtual development environment including 2 DCs, 1 SQL, 1IIS, 1 WSUS with MS Windows Server 2008 R2 Hyper-V. Built custom PowerShell reporting tools for managed McAfee HBSS (Host Based Security System) clients in the development environment. Conducted custom patching to systems in locked down Zone D enclaves. Conducted imaging of new workstation systems ensuring configuration IAW DISA STIGs (XML OVAL) and IA Compliance. Conducted OS Patching and COTS install in RHEL (Red Hat Enterprise Linux) 6 systems. Lead on migration of systems hosted on Windows Server 2003 to Windows Server 2008 R2, IAW DISA STIGs (XML OVAL) and IA Compliance. Configured, secured, managed and maintained Cisco Catalyst switches in all enclaves, IAW DISA STIGs (XML OVAL) and IA Compliance. Managed and maintained Juniper SSG firewalls in all enclaves, IAW DISA STIGs (XML OVAL) and IA Compliance.

• DISA Compliance Includes:

Implement DoD IA Certification and Accreditation Process (DIACAP) IA controls and maintain associated certification and accreditation documentation. Manages security features and/or vulnerability of various operating systems as defined by NSA, NIST, DISA (STIGs) (XML OVAL) and USCYBERCOM. Conduct IA vulnerability testing and related network and system tests with Vulnerability scan tools; Retina, ACAS (Tenable Nessus), VMS (Vulnerability Management System), Security Content Automation Protocol (SCAP) (XML OVAL).

• System Admin Duties:

Conduct system rebuilds from bare metal installs of Windows Server 2003 and Windows Server 2008 R2. Configure Domain IP addressing structure for the network. Conduct Updates and Patches to server systems in the domain to ensure security hardening of the OS. Configure an Enterprise Level Antivirus Solution for server systems to mitigate security threats. Configure Group Policy Objects to manage Software Deployment and Software Settings for systems in the Domain.

• ISSO Duties:

Provide support to classified computing environments supporting multiple programs. Coordinate with the ISSM and perform duties with Systems Administrator to ensure compliance with all NISPOM policies. Submit updates in a timely manner and implement any changes required by the customer rapidly and correctly. Ensure all systems are configured and maintained to retain DSS accreditation during classified operations. Verify automated audit functions are performing properly; optimize system operation and resource utilization while maintaining the security posture. Performs system security analyses on client networks and systems; performs security audits, and remediates detected vulnerabilities. Conduct security assessments and evaluations of applications and systems processing sensitive or classified information to ensure that security vulnerabilities are identified and remediated.

Computer Specialist

Confidential

Provided Tier 2 Local IT support for confidential HQ rapidly learning all aspects of confidential’s enterprise infrastructure. Became a subject matter expert in diagnosing and troubleshooting complex problems involving the wide variety of desktop operating systems and configurations currently in use by confidential, which lead to my placement as a Team Lead for other contractor technicians at confidential HQ Building in October 2012. Worked with many other confidential IT employees to assist in creating customer solutions and configuration adjustments to optimize efficiency for the confidential HQ customer base. Utilized Remedy ticketing software to prioritize work, track progress of existing customer technical support requests, and document resolutions for future use to educate technicians and provide an SOP for specific reoccurring problems. Received a Star Performer Award 2012 for Superior Customer Service in January 2013 by innovating customer solutions for many high level confidential VIPs. Tasked with contacting customers, tracking upgrade status, performing data backups, and imaging systems in support of Windows XP to Windows 7 Migration Project for confidential National Capitol Region by ensuring customers were in compliance with DHS Mandated Upgrade to Windows 7. Daily activities include: Notifying team members of current SOPs and upcoming changes; offering certification training and study materials to team members and confidential technicians to strengthen confidential IT’s capabilities; adding or removing computer names to Active Directory infrastructure; performing user account unlocks and password resets; managing and maintaining the imaging server; conducting software and hardware installations and upgrades to meet compliance and security standards; Ensured all work was conducted in accordance with existing SOPs, IT Security polices and within the scope of the ACT contract.

Cabling Technician

Confidential

Gained hands on experience utilizing CompTIA Security+ concepts installing Motion Sensors, Keypads, RFID Access Control Systems, Electromagnetic Door Locks, networked POE security cameras, and fire alarm systems in several medium scale commercial installation sites as a contract employee with Simplex Grinnell.

Infantry Specialist/Computer Service Technician

Confidential

Appointed my Unit's Computer Service Technician, tasked to manage, maintain, troubleshoot, install and upgrade software, remove viruses, and mitigate security threats. Managed and supervised a guard force of 65 Iraqi Soldiers, conducted vehicle and personnel security searches, security badging, and optimized the video surveillance system for base defense operations. Tasked with installing and testing $15 million Audio/Video Auditorium for my Unit.