CAREER SUMMARY:

Cyber security subject matter expert with over 13 years of experience in the fields of security engineering, risk and compliance analysis, system and network security auditing, C&A / SA&A, system administration as well as intelligence gathering and analysis. Skilled technical team leader, supervisor and project manager with experience working in unique processing environments such as space - based, terrestrial, seaborne, and extreme/remote systems.

TECHNICAL SKILLS SUMMARY:

Security-Specific: Network security design, system hardening (applying STIGs, CIS, USGCB baselines, DISA Gold Disk, WASSP), Tenable Security Center & Nessus, eEyeRetina, computer, memory and network forensics (FTK, Wireshark, Network Miner, Redline), Firewall rule review & management (Nipper), Incident Response, SIEM (GFI LAN Guard, LogRhythm), system security audit reviews, GRC tool (eMass), McAfee EPO, Malware analysis (basic static and basic dynamic analysis, IDA Pro)

Compliance: NIST (RMF), DIACAP (DoD 8500 series), JAFAN 6/3, DCID 6/3, PCI-DSSv3, HIPAA, CSC Top 20

Platforms: Windows (XP, 2003, embedded, mobile, AD, Vista, 7, 10, 2008, 2012, 2016), UNIX (Solaris 8, 10), Linux (Red Hat, Mint, Ubuntu, Kali, Raspbian), ICS systems (Alerton, Envision, PowerLogic, CAT ISO)

Networking: 802.1x, Network Access Control (Bradford Network Sentry), Next Generation Firewalls (Palo Alto), Cisco ASA & Firepower, Checkpoint, router ACL development, network device hardening, NMAP, DNS, DHCP

EXPERIENCE:

Confidential, Colorado Springs, CO

Senior Cyber Security Analyst

Responsibilities:

• Asset discovery and categorization (network and endpoint mapping, host fingerprinting)
• Security architecture development and deployment activities:
• Stand-up vulnerability management program: design and implement vulnerability scanning infrastructure (Tenable Nessus, Security Center)
• Stand-up baseline configuration / security hardening program (e.g., CIS, DISA STIGs)
• Design and develop event logging and SIEM infrastructure (Splunk, LogRhythm)
• Network Perimeter Defense Redesign Enhancement Project (Palo Alto FWs + Traps)
• Vulnerability Manager
• Incident Responder
• McAfee EPO administration
• SDLC / project support: ensure security is integrated into all system and application acquisitions (e.g., SOW/RFP development, requirements development, perform system security test and evaluation)
• Web and Cloud Security: ensuring security is incorporated into new El Paso County public website as well as an Enterprise migration to cloud services (i.e., Azure / Office 365 / AWS)

Confidential, Centennial, CO

Technical Lead

Responsibilities:

• Provide daily tactical-level leadership and tasking oversight for a team of 8 cyber security analysts and engineers
• Network Defense Operations: daily log review, alerting, investigation and response to adverse security events, CIRT leader
• Develop strategic vision, strategy, and implementation for InfoSec team
• Firewall review and management
• Vulnerability Management & baseline configuration management / compliance (performing and analyzing scans, developing and implementing hardening baselines, coordinating fix actions, briefing results)
• Serve as security SME for network configuration control board
• Ensure security is integrated into sustaining & modernization projects and that all new solutions were FISMA/NIST-compliant (project planning, requirements development, security design, security test and evaluation planning & execution)
• Perform qualitative & quantitative security risk assessments
• Developing and implementing information protection strategies for cyber-physical systems, PII data, PHI data, and Point-of-Sale systems
• Spearheaded network security redesign project; served as security SME on project to design, deploy, and test new Palo Alto Next Generation firewalls, Bradford Network Sentry NAC appliances
• Lead first-ever effort to customize/tailor security control selection and implementation for the entire USAP enterprise resulting in significant improvements in overall risk management strategy as well as significant cost savings to the customer

Confidential, Colorado Springs, CO

Senior IA Technical Lead, Confidential Team Lead

Responsibilities:

• Leading the Space Situational Awareness ( Confidential ) IA Compliance team; serving as direct supervisor for five subordinates
• Designing, implementing and evaluating security for multi-million-dollar sustainment and modernization IT projects for highly sensitive, unique weapon systems and other IT platforms
• Planning, executing, and evaluating system vulnerability assessments using approved manual methods and automated tools (e.g., Gold Disk, eEyeRetna, DISA System Readiness Review (SRR) scripts, SCAP Compliance Checker (SCC))
• Conducting Vulnerability Management activities including manipulation of the Vulnerability Management System (VMS), and manually tracking and resolving IAVAs / patching-related issues
• Project Management & Business Development: developing and updating project schedules, resource de-confliction and load balancing, provide inputs for project proposals, develop both high-level and detailed technical project requirements, project risk analysis, conduct customer briefings
• Rapid promotion (3 times within two years) from compliance analyst, to technical lead, to senior technical lead and team supervisor
• Developed first-ever security-specific detailed project schedule for weapon system sustainment and modernization activities
• Rescued failing major C&A package development effort for Eglin Radar in 2012 - started effort weeks behind schedule with little information, ended with an on-time delivery of a complete package which received commendations from AFSPC/A6S on quality of artifacts

Confidential, Colorado Springs, CO

MAJCOM Information Assurance Manager

Responsibilities:

• Cyber security policy development, dissemination, and for the Special Access Program (SAP) community throughout the entire Major Air Command
• Conducting routine and surprise/on-the-spot security compliance inspections in direct support of the Command and AFOSI/PJ
• Developing, reviewing, and recommending approval/denial of dozens of C&A packages IAW DCID 6/3, JAFAN 6/3
• Introducing and reviewing new policies, procedures and frameworks such as ICD 503 (NIST )
• Serving as operational lead for A8ZS AIS Section; provided daily tasking direction to two subordinate IA Officers
• Conducting Windows desktop and server hardening,
• Developing, overseeing and participating in the organizational Identity Access Management process
• Conducting weekly system security audit log reviews using both manual and automated methods (i.e., GFI LAN Guard)
• Providing end-user security and as well as support to users and system administrators regarding security-related issues
• Designing and implementing robust Discretionary Access Control (DAC) and Role-Based Access Control (RBAC) strategy through the development, implementation, and review of security groups within Active Directory as well as creating and maintaining Access Control Lists (ACLs) on security-relevant objects within the OS
• Performing Top Secret Document Control IAW JAFAN 6/0
• Conducting Configuration Management and Change Control activities, review proposed changes for security impacts, recommend security hardening measures
• Conducting Incident Response activities including identification, containment, investigation, and recommending / implementing corrective actions
• Performing Confidential Custodian and responsibilities

Confidential, Colorado Springs, CO

System Administrator

Responsibilities:

• Performing administration and maintenance of systems in a mixed platform environment (UNIX and Windows)
• Serving as a member of highly skilled team of system administrators in order to maintain maximum levels of integrity and availability of mission-critical servers, networks, workstations, and associated mission data
• Setting up and servicing administrator and user accounts on classified systems
• Maintaining system documentation
• Tuning system performance, installing system-wide software, server maintenance and installation
• Coordinating system issues with users, administrators, and organizations located all throughout North America
• Providing direct support in the areas of system administration, software applications, configuration management (CM) to NORAD/NORTHCOM customer

Confidential, Colorado Springs, CO

Administrative Assistant

Responsibilities:

• I was responsible for performing administrative tasks for the Confidential Records Dept. while attending full-time college courses associated with Computer Networking.
• My primary tasks include daily manipulation of Confidential Administration Oracle database, data entry, and mass mailing, faxing, and imaging of various records