SUMMARY:

System Administration Tiers II - III / Digital Forensics / Information Security Risk Analyst / SOC Analyst / Cloud Security

COMPUTER TECHNICAL SKILLS:

Hardware: Dell, Hewlett-Packard, Sony, Acer, Toshiba, Compaq, Asus, Lenovo, Gateway and Apple Macintosh

Software: Microsoft Office (2000/2003/2007/2010 ), Microsoft Windows Operating Systems (98/NT/2000/XP/Vista,7,10), SharePoint 2013 & 365, Lync 2010, Windows Servers 2003, 2008 & 2012 (Active Directory, Group Policy, Exchange E-mail, McAfee ePO Orchestrator 4.0 Host-Based Security System), Symantec Ghost Imaging, Gold Disk, NetIQ Directory and Resource Administration and Security Management Consoles, Veritas Back-up servers, Cisco IronPort, Cisco VPN Client, MARS, WebSense, WebInspect, Nessus Network Scanning Tool and eEye Retina Enterprise Network Scanning Tool, Splunk, NIPERNET, SIPERNET, ServiceNow Ticketing Management Tool, Remedy and Track-IT Enterprise Databases, CA Technologies Top Secret Mainframe, Focus and Interactive Query Utility “IQU”, and IP Address Management System (IPAMS), WireShark, StealthWatch, MS-DOS Command Interpreters, WebEx Online Communication Tool, ZScaler, BlueCoat, CheckPoint, Cylance Protect, EnCase v8.0, FireEye, Imperva, McAfee Enterprise Security Manager (SIEM), ForeScout Counter Act Console, Emisoft, Tanium, Leidos Portal and Virtual Desktop Infrastructure (VDI) for Windows 10.

Government Documents: NIST SP 800-53 rev.4, NIST SP 800-37, NIST SP 800-137, FIPS 199, FIPS 200, FISMA and US-CERT.

Cryptographic Software: RSA PKI Asymmetric Digital Signature Key Exchange Tokens, Entrust PKI, Pretty Good Privacy (PGP), OTAR Keys for the AN/CYZ-10 communications security ( Confidential ) data transfer devices and Virtru email encryption.

Medical: Medisoft version 7 SP2, Practice Fusion

PROFESSIONAL EXPERIENCE:

Confidential, Washington, DC

Cyber Security Operations Center Analyst

Responsibilities:

• The foot soldier of the Federal Communications Commission organization.
• Responsible for protecting networks, web sites, applications, databases, servers, data centers, and other technologies.
• Creates trouble tickets for alerts that signal an incident and require Tier 2-3 Incident Response review.
• Perform triage on alerts by determining their criticality and scope of impact.
• Runs vulnerability scans and review vulnerability assessment reports.
• Manages security monitoring tools. Monitor log analytics or SIEM tools.
• Identify affected systems and their scope of attack.
• Evaluate adversary details.
• Reviews and collects asset data (indicators of compromise, logs, configurations and running processes) on these systems for further investigation.
• Detect, investigate, and respond to incidents.
• Involved in planning and implementing preventative security measures and in building incident response and disaster recovery plans.
• Find suspicious or malicious activity by analyzing alerts.
• Investigate indicators of compromise (file hashes, domains, IP addresses).
• Perform proactive hunting for threats that may have escaped the alerting system.
• Review and edit correlation rules.
• Share findings with US-CERT and AT&T Business Direct Security Operations Center - a threat intelligence community.
• Responsible for recommending new technologies and installing them, as well as training other team members to use them.
• Support the project manager by communicating the progress and any issues of all assignments in the shift report.
• Conduct computer forensic investigations and electronic discovery requests for legal and FCC clients, using proprietary methodologies and cutting edge forensic tools such as FTK and EnCase v8.0.
• Recover information from computers and storage devices. Recover data like documents, photos, and emails from computer hard drives and other data storage devices.
• Often work on cases involving offenses committed on the internet and examine computers that may have been involved in other types of cyber-crime in order to find evidence of illegal activity.
• Other duties as assigned.

Confidential, Arlington, Virginia

Cyber Security Analyst

Responsibilities:

• Guardian of government data contained in both IT LAN/WAN inftrastructures and the cloud.
• Developed and assessed cyber security documentation for client information systems in accordance with FISMA, NIST Risk Management Framework, and departmental requirements.
• Participated in continuous monitoring activities and incident response.
• Supported two (2) organizations: FTA and OST and assessed seven (7) information systems within those organizations.
• Addressed security concerns of those organizations related to the design, development, implementation, operation, and disposal of information systems and the environments in which those systems operate.
• Used the security control selection and specification process that are organized into eighteen (18) security control families.
• Assisted or lead technical assessments using standard industry tools such as Nessus, AppDetective, WebInspect, and others.
• Identified and mitigate risks throughout assessment.
• Identified specific assurance-related controls that are included in the low-, moderate-, and high-impact baselines.
• Produced security evidence (artifacts) from developmental or operational activities.
• Participated in compliance related discussions (this includes a growing understanding of security control requirements).
• Worked with customers to resolve concerns and explain how compliance is achieved.
• Coordinated the day-to-day activities required to deliver a project on time and within budget.
• Attended and participated in regular project meetings; delivered succinct and accurate status updates.

Confidential, New York, New York

Network Operations Security Administrator

Responsibilities:

• Performed as a Junior Project Manager.
• Responsible for the development and IT security area across the enterprise.
• Assisted in the development and implementation of security procedures.
• Responsible for the monitoring and tracking of security events.
• Enforced security policies and procedures by administering and monitoring security profiles, reviewed security violation reports, and investigated possible security exceptions.
• Reviewed and updated Security Impact Analysis (SIAs) reports and Privacy Impact Assessment (PIAs) reports.
• Updated and maintained documented security controls.
• Attended weekly Change Configuration Board (CCB) meetings.
• Drafted SWOT (Strengths, Weaknesses, Opportunities and Threats) Analysis Reports for new software and technology integration.
• Oversaw vulnerability tests with vendors to evaluate the adequacy of network and system controls and identify vulnerabilities at both the infrastructure and application levels.
• Responsible for vulnerability management: Prioritized and identified application and infrastructure vulnerabilities and oversaw timely remediation and threat monitoring.
• Reviewed and analyzed intrusion attempts and coordinated with the corporate enterprise program.
• Received, reviewed, and responded to events and alerts as appropriate.
• Retained logs and monitoring artifacts for the appropriate duration as described in the record-retention schedule and bank policy.
• Assessed the security controls using appropriate assessment procedures to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system.
• Monitored the security controls in the information system on an ongoing basis including assessing control effectiveness, documenting changes to the system or its environment of operation, conducting security impact analysis of the associated changes.

Confidential, New Castle, Delaware

Information Technology Specialist

Responsibilities:

• Independently conducted role-based security training engagements in a Security Operations Center (SOC) environment.
• Managed/supported communications computer systems security programs and activities including information protection and Emissions Security ( Confidential ). Maintained the security of computers, networks and their data.
• Administered and managed the overall Information Assurance program to include Communications Security ( Confidential ) and Computer Security ( Confidential ).
• Network Administration and Engineering: Protected critical resources such as servers and systems from threat of information warfare through network boundary protection applications designed for Secure/Non-secure Internet Protocol Router Networks (SIPERNet/NIPERNet) and the Demilitarized Zone (DMZ).
• Communicated and executed directives distributed by Defense Information Infrastructure Network and Security Control Centers in global, regional and local locations.
• Enforced national, Department of Defense and Air Force security policies and directives; employ hardware and software tools to enhance the security by installing, monitoring and directing proactive and reactive information protection and defensive measures to ensure Confidentiality, Integrity and Availability (CIA) and Non-Repudiation of information technology resources.
• Microsoft Windows System Administration: Performed Microsoft Windows Server operating system support for servers 2003, 2008 R 2 and 2012 R 2.
• Monitored server performance and availability.
• Ensured Windows server availability compliance to Service Level Agreements.
• Addressed operational systems issues including file and share permissions, user accounts and installing applications. Performed User/Group Account Administration and File Management.
• Promoted and maintained server patch management practices.
• Liaised with vendors, suppliers, and professional services.
• Provided metrics for capacity management purposes.
• Troubleshot and diagnosed hardware and software issues.
• Applied operating system updates, patches and configuration changes.
• Supported and maintained Active Directory.
• Supported and configured Group Policy.
• Email Administration: Managed clientele email accounts via Microsoft Exchange Server. Provided Windows Exchange Email server support.
• Knowledge of Public Key Infrastructure (PKI) as a set of roles, policies, and procedures needed to create, manage, distribute, use, store and revoke digital certificates and managed public key encryption for Common Access Card (CAC) infrastructures.
• Performed software and hardware firmware upgrades.
• Maintained and exchanged back-up tapes on Veritas backup servers, and their central storage systems and sites.
• Integrate server and storage platforms into the existing architecture and infrastructure.
• Performed microcomputer fault isolation and restoration functions on desktops and laptops. Supervised and operated home-stationed and deployed communications-computer systems. Remained current on knowledge of all network technology.
• Continuously monitored and assessed security controls and the security state of information systems.
• Attended monthly change control meetings.
• Participated in disaster recovery testing.
• Created, documented and presented oral and written briefings.
• Information Assurance: Managed information-related risks. Ensured that authorized users have access to authorized information at the authorized time. Focused more on the business level and strategic risk management of information and related systems, as well as on the creation and application of security controls.
• Demonstrated experience using NIST SP 800-53 rev.4, NIST SP 800-37, NIST SP 800-137, NIST SP 800-61, FIPS 199, FIPS 200 and FISMA documentation.
• Reported security breaches, incidents and computer/enterprise network system deficiencies to senior level assessment teams.
• Specialized in specific fields such as access control, access enforcement, security awareness training, media protection and destruction, and physical security using a layered defense model to protect people, government assets, and reduce threats.

Confidential, Brooklyn, New York

IT Security Analyst

Responsibilities:

• Managed user identities and governed access control to Confidential “CA Top Secret” mainframe.
• Provided Email and email security using Cisco Ironport, VPN, Firewall, and Internet /Web security.
• Prepared policies and procedures using the ISO 9001 and 27001 information technology security standards.
• Performed on-demand vulnerability scanning, network monitoring and incident handling.
• Responsible for other special security related projects.

Confidential, Manhattan, New York

IT Security Analyst

Responsibilities:

• Managed user identities and governed access control to Confidential “CA Top Secret” mainframe.
• Provided Email, VPN, Firewall, Internet /Web security and Information Security ( Confidential ).
• Prepared policies and procedures using the ISO 9000 and 27001 information technology security standards.
• Performed on-demand vulnerability scanning, network monitoring and incident handling.
• Responsible for other special security related projects. Contracted to Confidential ’s Retirement System ( Confidential ) and became a direct hire to Confidential after two months of diligent service and work ethics.

Confidential, Reston, Virginia

Cyber Security Analyst

Responsibilities:

• Reviewed and updated Certification & Accreditation documentation for the Department of Energy’s Health, Safety & Security Organization for classified/unclassified information systems according to FIPS PUB 199, FISMA and NIST 800 series guidance.
• Interfaced directly with all levels of Federal Management to monitor and assess all phases of certification & accreditation and audits.
• Prepared written technical documentation and status reports modeling the System Development Life Cycle processes (SDLC), Capability Maturity Model Integration (CMMI) methodologies and interpreted vulnerability scans.

Confidential, Rockville, Maryland

Information Assurance Officer

Responsibilities:

• Performed a vinculum of system security assessments using automated tools in accordance with guidelines defined by the Department of Defense, National Security Agency and DISA (e.g. Security Technical Implementation Guides, DISA Field Security Office Gold Disk, Vulnerability Management System (VMS), eEye Retina Scanner Security Management Console appliance, etc.).
• Provided maintenance and security support to IT networks in the JSC facility under the Confidential contract vehicle. Installed patches, virus updates and maintained access control lists.
• Ensured networks and infrastructure communication networks maintain confidentiality, integrity and security protection for data transmitted over both CONUS and OCONUS networks.
• Scanned all connected information systems using eEye Retina Scan Engine Management console in accordance with JSC policies and responded to Information Assurance Virus Alerts (IAVAs) and Plan of Action & Milestones (POA&Ms).
• Performed Information Assurance Levels I & II Certification and Accreditation: Preserved a healthy, secure, certified and accredited IT infrastructure in accordance with the DoD Information Technology System Certification and Accreditation Program ( Confidential ), remained positioned to conform to the mandates specified in the new DoD Information Assurance Certification and Accreditation
• Assisted with the development and enforcement of JSC security policies.
• Informed IT Team including Network Engineers, System Administrators and Help Desk Staff of new JSC security policy updates.
• Certified/tracked changes to the IT asset baselines.

Confidential, Fairfax, Virginia

Information Assurance Analyst

Responsibilities:

• Monitored classified/unclassified Department of State network infrastructures, as primary inception point for reporting security incidents.
• Conducted full range of security-related research/analysis on cyber threats against critical government infrastructures and systems.
• Retrieved and submitted statistical data for trend analysis and actively participated in team projects.
• Performed fundamental defensive intrusion detection event handling services including investigation, reporting and responding.
• Supervised staff of six Information Assurance Analysts, delegated daily console monitoring assignments and scheduled attendance.
• Reviewed daily IT security, cyber threat and cyber crime reports and documentation on new methods and patterns of vector attacks. Imparted knowledge with fellow teammates.
• Furnished and relayed pertinent network information during shift changes.
• Collaborated with peers, Operational Managers, CIRT II and III Analysts, CIR and Information System Security Officers within the Department of State and outside agencies concerning cyber threats and obfuscations occurring in near real-time.
• Escalated cyber threat incidents using proper chain of command.
• Deployment and Stewardship: Served as a Terminal Area Security Officer ( Confidential ) under J6’s Tactical Communications Directorate in support of Operation Enduring Freedom in the United States Central Command theatre.
• Primary responsibility was to serve as a liaison between the Navy’s Confidential Information Assurance Officers and Managers, ADPE, TACNET and the Joint Forces end users of the J6 Directorate.
• Ensured that information systems used within the directorate operated within the scope outlined in the Network Security Officer Guidebook, Information Assurance, and Personnel & Physical Security Programs.
• Expedited any security procedures and tasks assigned by Information Assurance Managers and Officers. Ensured all users of any information system within J6 were properly cleared, and had successfully completed Information Assurance training for the current fiscal year. Conducted periodic security awareness training classes. Enforced the importance of complying with current and new security procedures.
• Performed remote communication support functions and ground-to-air communication support with Air Force pilots.
• Under vicarious authority, forward deployed to various remote and isolated locations, worked with small teams in tactical environments.
• Installed, operated and maintained secure/non-secure HF, VHF & UHF Tactical Satellite ( Confidential ) voice/data equipment.