SUMMARY:

• 16+ years of IT professional seeking to obtain a position as a Cyber Security vulnerability analyst position preforming the following: Penetration testing, security assessment and threat analysis.

PROFESSIONAL EXPERIENCE:

Confidential, Alexandria VA

Information Assurance Blue Team II

• Developed and implements information assurance/security standards and procedures.
• Coordinates, develops, and evaluates security programs for different organizations within Headquarters Dept of the Army ITA.
• Recommends information assurance security solutions to support customers’ requirements.
• Identifies, reports, and resolves security violations.
• Establishes and satisfies information assurance and security requirements based upon the analysis of user, policy, regulatory and resource demands.
• Performed analysis, design, and development of security features for system architectures.
• Analyzes and defines security requirements for computer systems which may include mainframes, workstations and personal computers.
• Performed vulnerability/risk analyses of computer systems and applications during all phases of the system
• Tracks events and incidents for follow - on analysis to build historical and predictive capabilities for IA incidents.
• Researched and recommended effective vulnerability countermeasures to upper management to protect vital networks.
• Provided upper management with clear and understandable picture of real time and future threats to network information systems.
• Used VMware to conduct network scan and used security tools such as ACAS, Nessus, SCAP, NMAP, AppDectective, Netspose and Kali Linux.

Confidential, Springfield VA,

Blue Team Vulnerability Assessment II

• Conducted vulnerability assessment, Blue team vulnerability employing and intrusion assessments, cyber security inspections and Red Team operations employing internal and external capabilities to provide a systemic view of enclave and IS technical and traditional security posture.
• Assessed security posture of the operational environment to identify enterprise and system. Recommended measures to help eliminate or reduce vulnerabilities.
• Conducted social engineering exercises to identify weakness in the information assurance posture and recommend measures to help eliminate or reduce these types of vulnerabilities.
• Information Assurance penetration testing, mapping and scanning networks to provide an assessment of vulnerabilities via visualization tools such as NMAP and powershell to identify solutions to mitigate risk and vulnerabilities.
• Prepared assessment test reports and assess test plans that provide formal recommendations in support of authorization.
• Ensured the rigorous application of IA policies, principles, and practices are integrated into the delivery of all information technology (IT) and IA services.
• Assisted with providing detailed test plans and conducting security testing of security controls specific to security boundaries.
• Conducted Blue Team assessments to identify vulnerabilities in client networks.

Confidential, Springfield VA,

Cyber Security Analyst/Linux System Administrator III

• Established new user accounts, assigned privileges, and maintains system security.
• Troubleshoot system and software problems.
• Established and updated procedures and documentation and performed daily system monitoring, maintenance of security audit logs.
• Investigated vendor vulnerability updates and patches to assure system configuration compatibilities.
• Understand and implement technical vulnerability corrections.
• Recommend and scheduled IA related repairs in the NE.
• Managed accounts, network rights, and access to NE systems and equipment.
• Scanned systems weekly for potential security risks and take appropriate corrective and recovery action.
• Research, evaluate, and provide feedback on problematic IA trends and patterns in customer support requirements.

Confidential, Washington D.C.

Information Systems Specialist III

• SME for the messaging office providing operation support for the SMART interface.
• Managed message queues to ensure that all unit operations are observed and proper handoffs are completed.
• Assisted users on how to create SMART messages and provide policy interpretation on telegraphic FAM and FAH.
• Conduct checks on foreign and domestic intelligence messages for security violations.
• Ensured full compliance of high level policy changes relating to State Department's Security and Privacy programs
• Configured dissemination rules and roles for domestic users to ensure that domestic and foreign messages are disseminated to the right bureaus.
• Created SMART accounts for users and instructed customers on use. Designed and implemented solutions for protecting the confidentiality, integrity and availability of sensitive information.
• Designed information system contingency plans that maintain appropriate levels of protection.
• Developed and implement programs to ensure that systems, network, and data users are aware of, understand, and follow IA policies and procedures.

Confidential, Pentagon, Arlington VA,

Global Command Control System Administrator III

• GCCS administrator that provided military combat support to the Joint Chiefs of Staff and net-centric solutions in direct support of the President, the Secretary of Defense
• Supported large amount of DoD customers and military commands.
• Managed Solaris 10 servers and monitored multiple raid arrays.
• COP (Common Operating Picture) administered servers locally and remotely.
• Optimized system operations to maintain 98% operating efficiency.
• Performed backup and restoration of magnetic media and raid arrays
• Analyze system performance for potential security problems.
• Develop detailed remediation reports and recommendations for compliance and security improvements across industries based on changing threats.

Confidential, Washington D.C.

DIAC Defense Messaging System IV

• Major Contributor to daily administration of 30+ secured servers that provided authentication for classified messages for over 5000 users.
• Built X.400 DMS email address protocol for unclassified and secret mailboxes.
• Implemented the installation and testing of 6 Dell Power Edge 2500, 2300, and 6400 servers for Lockheed Martin’s Defense Message System (DMS) software.
• Installed Windows 2000 Groupware Server, Advanced Server 2000, Windows NT and Microsoft exchange on 12 DMS Servers.
• Revised the technical online documentation to a user-friendlier version, which resulted in a 50% reduction in customer support calls over a 3-month period.

Confidential

Pentagon Joint Communication Center Operator IV

• Major Contributor to the daily operation of the $2M Solaris based Communications Support Processor -High Order Language messaging system and 2 multi-functional Secure Gateways.
• Ensured timely and accurate processing of over 5 million messages per month via JWICS network and the Defense Autodin Bypass System for deployed customers.
• Operated and administered Sun Fire 280R, V440, V240 servers, Store Edge 3500.
• Tasked as the Lead Trainer to train new administrators on proper procedures and protocols.
• Developed new procedures to manage classified spills between SPINTCOMM and Pentagon Information Assurance office and streamlined reporting procedures to NSA. analysis Risk management Enterprise security Technical integration of communication