SUMMARY

• My goal is to use teh skills me have attained from my diverse work experiences to provide teh best value while increasing an employer’s security posture and continue to strengthen my career
• Information Systems Security/Cyber Security. me is a team oriented professional constantly seeking opportunities to expand my training and experience in teh field of Information Systems Security and Cloud Systems Administration.
• This passion extends to my home life, where me is always learning new technologies, improving security posture and scripting tools in my virtualized domain infrastructure and development environment hosted on my hypervisor servers.
• PowerShell Automation scripting projects - Windows Hardening Deployment Prep tool for setting Local Group Policy on non-domain systems, account hardening, secure firewall rule configurations
• VM prep tool for automating VM deployments in Hyper-V, tracking current logins on remote systems, DNS Sinkhole for Malware and Adware Domains, auto ban malicious IP tool.
• Raspberry Pi3 Docker Container hosts dat will perform monitoring and automated environment management.
• Raspberry Pi3 building Ansible playbooks for managing Raspberry Pi3 systems via Infrastructure as Code.
• Raspberry Pi3 app development wif Visual Studio Code on Raspberry Pi3.
• OpenVPN Client and Server security

PROFESSIONAL EXPERIENCE

Windows System Administrator-Automation Team

Confidential

Responsibilities:

• Tasked as part of an Automation team to perform datacenter migration for Symatec/Norton Online Backup Services. Created PowerShell Automation scripts to assist wif Datacenter Migration efforts for Citrix Zen Hypervisors, VMs.
• Created PowerShell Automation scripts to perform automated upgrades for Citrix Zen Hypervisors, VMs during teh datacenter migration. Created PowerShell Automation scripts to patch a wide variety of systems to mitigate teh Meltdown/Spectre and other Critical Vulnerabilities.
• Tasked as lead for Vulnerability Management for our groups’ assets and tracking patching and remediation efforts for systems in teh datacenters. Created PowerShell Automation scripts to update teh tracking of asset postures and remediation efforts.
• Created PowerShell Automation scripts to query server infrastructure for installed applications, server roles, Symantec specific web apps, user logins(if any), patching postures of each asset; for teh purposes of identifying systems dat will no longer be needed(shutdown
• Systems dat will be migrated to cloud services, and future system or app scalability needs. Created PowerShell Automation scripts to query Symantec’s Azure instances, build a report in Excel, and present to management for teh purposes of cost optimization and asset tracking.
• Created PowerShell Automation scripts to query Symantec’s Datacenter instances, build a report in Excel, and present to management for teh purposes of cost optimization and asset tracking.

Windows 10 Security Engineer

Confidential

Responsibilities:

• Created teh Windows 10 Minimum Security Baseline policy for S.W.me.F.T. COTS and Baseline Management group. This involved defining teh Windows Group Policy, configuring teh advanced security features in Windows 10 and Windows Server 2016, such as Device Guard
• LAPS, BitLocker and Virtualization based security, testing configured GPOs in a secure Windows Server 2016 and 2012 Active Directory domain environment hosted on VMWare VCenter, creating and editing teh Windows 10 Minimum Security Baseline policy document.
• Created teh Windows Server 2016 Minimum Security Baseline policy for S.W.me.F.T. COTS and Baseline Management group. This involved defining teh Windows Group Policy, configuring teh advanced security features in Windows 10 and Windows Server 2016, such
• Device Guard, LAPS, BitLocker and Virtualization based security, testing configured GPOs in a secure Windows Server 2016 and 2012 Active Directory domain environment hosted on VMWare VCenter, creating and editing teh Windows Server 2016 Minimum Security Baseline policy document.
• Updated teh Minimum Security Baseline policy for Windows Server 2008 R2, Windows Server 2012 and Windows 7 to radically improve teh security posture of systems governed by these policies by incorporating Microsoft advanced security best practices, enhanced protection tools, and secure system architectures. Developed a system to convert teh custom S.W.me.F.T. GPOs, created from teh MSB process, into SCAP benchmarks (XML OVAL) for use wif compliance verification scanners such as, McAfee Policy Auditor and CIS CAT tool, and ACAS (Tenable Nessus).
• Deployed McAfee ePolicy Orchestrator (Host Based Security System) V5.3 in a test environment to build a Proof of Concept system for S.W.me.F.T. to deliver new capabilities via Policy Auditor 6.2.2 wif CIS benchmarks (XML OVAL) for OS security policy compliance.
• Assisted in solving challenges wif compliance verification of HP UX Linux/Unix, Oracle Sun Solaris Linux/Unix, and RHEL (Red Hat Enterprise Linux) security policies. Created teh S.W.me.F.T. Wiki MSB section of pages detailing teh Minimum Security Baseline processes, policies, compliance verification, security exceptions, and FAQs for teh customer and user base of S.W.me.F.T. Created many tools and scripts wif PowerShell to improve security, increase automation, and monitor Windows environments. Examples include: Windows Hardening
• Deployment Prep tool for setting Local Group Policy on non-domain systems, account hardening, secure firewall rule configurations, VM prep tool for automating VM deployments in Hyper-V, tracking current logins on remote systems, DNS Sinkhole for Malware and Adware Domains, network status tracking tool.

Systems Administrator

Confidential

Responsibilities:

• Lead SA for teh PMRF Migration to Secure Host Baseline Windows 10, developed and designed a custom configuration and options for teh PRMF organization. Assisted senior leaders and customer wif recommendations for hardware refresh options in support of migration
• Secure Host Baseline Windows 10. Conducted Systems Compliance Scans wif ACAS (Tenable Nessus) to discover and validate PMRF systems vulnerabilities as well as scans for rogue USB Devices.
• Created McAfee HBSS (Host Based Security System) HIPS USB Device Whitelist in IAW DISA and USCYBERCOM requirements for RDN, iNet and SIPR PMRF networks.
• Monitored and maintained file integrity of PMRF network systems wif Tripwire. Performed backups of mission critical PMRF systems wif Acronis Backup Advanced.
• Ensured completion of manual Security Technical Implementation Guide (STIG) (XML OVAL) checklists, providing documentation on teh status of teh system along wif technical risk mitigation strategies, patching, remediation and validation of open findings to support DISA CCRI
• Generated and provided DIACAP/RMF technical documentation as required to support DISA CCRI efforts involving multiple PMRF mission critical networks, to include RDN, iNet, and SIPR.
• Collaborated wif PMRF/IT Department personnel to include but not limited to: Range Networks, Cybersecurity and MIS as related to individual tasks or general project support.

Systems Administrator

Confidential

Responsibilities:

• Tasked as part of a surge team to aid in DISA CCRI preparation efforts for PMRF network systems to assist and perform teh following:
• Ensured completion of manual Security Technical Implementation Guide (STIG) (XML OVAL) checklists, providing documentation on teh status of teh system along wif technical risk mitigation strategies
• Patching, remediation and validation of open findings to support DISA CCRI. Generated and provided DIACAP/RMF technical documentation as required to support DISA CCRI efforts involving multiple
• PMRF mission critical networks, to include RDN, iNet, and SIPR. Collaborated wif PMRF/IT Department personnel to include but not limited to: Range Networks, Cybersecurity and MIS as related to individual tasks or general project support.

Systems Administrator/ISSO

Confidential

Responsibilities:

• Rebuilt server systems for DSS SIPR accreditation IAW DISA STIGs (XML OVAL) and IA compliance. Conducted McAfee HBSS (Host Based Security System) configuration to all systems and created HBSS ePO (Host Based Security System) policies for all managed systems
• IAW DISA IA Compliance to ensure proper PA scan rollup to CMRS. Configured and Conducted IA Vulnerability scanning of all systems wif Retina and ensured Rollup to DISA VMS.
• Built server systems for a virtual development environment including 2 DCs, 1 SQL, 1IIS, 1 WSUS wif MS Windows Server 2008 R2 Hyper-V. Built custom PowerShell reporting tools for managed McAfee HBSS (Host Based Security System) clients in teh development environment. Conducted custom patching to systems in locked down Zone D enclaves. Conducted imaging of new workstation systems ensuring configuration IAW DISA STIGs (XML OVAL) and IA Compliance.
• Conducted OS Patching and COTS install in RHEL (Red Hat Enterprise Linux) 6 systems. Lead on migration of systems hosted on Windows Server 2003 to Windows Server 2008 R2, IAW DISA STIGs (XML OVAL) and IA Compliance.
• Configured, secured, managed and maintained Cisco Catalyst switches in all enclaves, IAW DISA STIGs (XML OVAL) and IA Compliance. Managed and maintained Juniper SSG firewalls in all enclaves, IAW DISA STIGs (XML OVAL) and IA Compliance.
• DISA Compliance Includes:
• Implement DoD IA Certification and Accreditation Process (DIACAP) IA controls and maintain associated certification and accreditation documentation. Manages security features and/or vulnerability of various operating systems as defined by NSA, NIST, DISA (STIGs) (XML OVAL) and USCYBERCOM. Conduct IA vulnerability testing and related network and system tests wif Vulnerability scan tools; Retina, ACAS (Tenable Nessus), VMS (Vulnerability Management System)
• Security Content Automation Protocol (SCAP) (XML OVAL).
• Conduct system rebuilds from bare metal installs of Windows Server 2003 and Windows Server 2008 R2. Configure Domain IP addressing structure for teh network. Conduct Updates and
• Patches to server systems in teh domain to ensure security hardening of teh OS. Configure an Enterprise Level Antivirus Solution for server systems to mitigate security threats. Configure Group Policy Objects to manage Software Deployment and Software Settings for systems in teh Domain.

Computer Specialist

Confidential

Responsibilities:

• Provided Tier 2 Local IT support for FEMA HQ rapidly learning all aspects of FEMA’s enterprise infrastructure. Became a subject matter expert in diagnosing and troubleshooting complex problems involving teh wide variety of desktop operating systems and configurations currently in use by FEMA, which lead to my placement as a Team Lead for other contractor technicians
• FEMA HQ Building in October 2012. Worked wif many other FEMA IT employees to assist in creating customer solutions and configuration adjustments to optimize efficiency for teh FEMA HQ customer base.
• Utilized Remedy ticketing software to prioritize work, track progress of existing customer technical support requests, and document resolutions for future use to educate technicians and provide an SOP for specific reoccurring problems.
• Received a Star Performer Award 2012 for Superior Customer Service in January 2013 by innovating customer solutions for many high level FEMA VIPs. Tasked wif contacting customers, tracking upgrade status, performing data backups, and imaging systems in support of Windows XP to Windows 7
• Migration Project for FEMA National Capitol Region by ensuring customers were in compliance wif DHS Mandated Upgrade to Windows 7. Daily activities include: Notifying team members of current SOPs and upcoming changes; offering certification training and study materials to team members and FEMA technicians to strengthen FEMA IT’s capabilities; adding or removing computer names to Active Directory infrastructure; performing user account unlocks and password resets; managing and maintaining teh imaging server; conducting software and hardware installations and upgrades to meet compliance and security standards; Ensured all work was conducted in accordance wif existing SOPs, IT Security polices and wifin teh scope of teh ACT contract.