SUMMARY OF QUALIFICATIONS

• Senior Task Lead with 10 years of Cybersecurity Information Technology experience U.S. Citizen Top Secret Cleared
• Detail-oriented and dynamic self-starter, effective leader, and team player with a strong interest in learning and innovation
• Strong written and verbal communication skills, project and risk managment skills, as well as spanish speaking ability
• Maintain superior customer relations through a service-oriented approach to all tasks and exceed customer expectations
• In-depth knowledge of: FedRamp, FISMA, A A, TIC, F-CND, NIST SPs, OWASP, SANS CSC, CIS benchmarks
• Extensive experience conducting security assessments on Federal systems to improve security posture by mitigating threats and vulnerabilities and ensuring compliance with applicable security directives, regulations, and best practices
• Succesfully matured numerous audit/assessment programs highly experienced in all phases of an assessment
• Extensive hands-on experience with: computer hardware/software, network equipment and numerous security scanning
• PROFESSIONAL EXPERIENCE

Systems Administrator

Confidential

• Supported the Enterprise Network Service Support ENSS program for DHS' Federal Network Resilience FNR branch
• Manage a group of 8 and served as a task lead for simultaneous efforts
• Created project plans, transition plans, test plans, and CONOPS for multiple tasks
• Helped create and define project management plans, project charters, WBS, work packages, activities, and baselines
• Met with clients, responded to RFCs and developed work packages to define tasks, resources, costs, and schedules
• Created job requisitions, interviewed qualified candidates made hiring decisions
• Updated DHS Cybersecurity Reference Architecture documents for: WLAN, DNS, E-mail Gateway, Telework, Mobile
• Lead assessment, automation, and improvement/maturity efforts of the overall TIC CCV F-CND processes
• Conducted TIC CCVs in accordance with DHS standards, TIC CCV workbook controls the TIC Reference Architecture
• Reviewed SIEM, server, application, router/switch configurations/logs to validate security posture and control compliance
• Conducted F-CND Capability Validations for multiple Departments/Agencies to assess Incident Response/SOC function in accordance with the DHS F-CND workbook, including assessing Prepare, Protect, Detect, Respond, and Sustain functions
• Developed TIC/F-CND analysis reports, CIO metrics, executive reports, and best practice information reports
• Created checklists, SOPs, templates, process documents to enhance consistency/ quality of TIC CCV F-CND process
• Trained team members on TIC architecture, security capabilities and assessment procedures
• Updated the DHS TIC CCV and F-CND assessment workbooks to align with current policies streamlined scoring criteria information
• Created C A packages and required accompanying artifacts, including: SSPs, Contingency Plans, FIPS 199, PTAs/PIAs
• Created capability data sheets and capability requirements descriptions for multiple CDM capabilities

Senior Cybersecurity Engineer

Confidential

• Provided a wide range of Cybersecurity consulting services for numerous Federal and commercial clients, including: NIH, HHS, CPSC, EDC, Monster.com
• Recommended and implemented various security solutions based on customers' budgets, business and security needs
• Performed ST Es for clients in accordance with NIST 800-53 Rev. 3 and 4, and organizational standards/requirements
• Leveraged OWASP, CIS benchmarks, and SANS CSC controls in conjunction with NIST 800-53 to conduct blue team and red team assessments and assess security posture
• Created ST E plans outlining the scope, methodology, and testing procedures to be used during assessments
• Interviewed system personnel, examined documentation, tested mechanisms/controls and documented findings
• Reviewed SIEM, server, router and switch configurations and logs to validate security and control compliance
• Lead the development of Security Assessment Reports SARs detailing findings and recommendations for remediation
• Lead the development of Risks Assessment Reports RARs detailing risks, threat sources, threat likelihood and impact
• Created POA Ms and recommended necessary resource allocation time table to address them in-line with level of risk
• Utilized Nmap, Retina and Nessus for network discovery, port scanning, and vulnerability identification
• Utilized the Burp Suite to conduct: site mapping, web application vulnerability scanning, and penetration testing
• Configured the Qualys Express Suite to provide an all-in-one vulnerability management solution for various clients, including features supporting: vulnerability asset management, policy compliance and web application scanning
• Created incident responses plans in line with NIST 800-53 Rev. 3 and NIST 800-61 Rev. 2 requirements
• Create System Security Plans SSPs for client systems in-line with NIST 800-18 Rev. 1 and NIST 800-53 Rev. 3

IT Security Specialist III

• accordance with NIST 800-53 Revision 3 and DHS 4300 Revision 7 8 controls
• Performed Security Tests and Evaluations ST Es , Technical Security Reviews TSRs and Annual Financial Assessments AFAs on CBP General Support Systems GSS Major Applications MA
• Vigorously researched security forums, developed innovative approaches for testing security, and actively participated in security-related web seminars, conferences and panels in an effort to identify and categorize new actual and potential cyber security threats, trends, and weaknesses and suggest options for new security technology implementations to protect CBP
• Participated in security architecture working groups that helped securely integrate new standards and technologies into CBP
• Implemented security requirements, mandates, and best practices as required by FISMA, NIST, DHS, CIS, FIPS
• Led security assessment activities for new and existing systems: reviewed security plans and other pertinent system documentation, interviewed system personnel, conducted vulnerability scanning to uncover security flaws in new and existing system architecture, supported POA M development to help mitigate risk and ensured overall security posture
• Created Rules of Engagement ROE and ST E Plans for tested systems and led kick-off meetings to define accreditation boundaries and determine testing strategies
• Conducted manual configuration checks on: servers, appliances, switches, routers, databases, applications, and firewalls
• Created manual review checklists templates for: document review, network devices, applications, appliances, databases, operating systems, physical infrastructure security, and technical ISSO interviews
• Created multiple Statements of Procedure SOP to help define and ensure consistency in regards to various ST E tasks
• Conducted physical security evaluations of CBP systems in-line with NIST and DHS requirements
• Utilized vulnerability scanning tools, including: Nessus, WebInspect, Core Impact, Nmap, and AppDetective
• Utilized Wireshark, Airpcap Airmagnet to conduct packet capture and network traffic analysis
• Analyzed scanning results to determine both valid findings and false positives and utilized information gathered from scanning tools, interviews, TAF, RMS, Xacta, SSPs, SRTMs, and pertinent system documentation to create ST E reports
• Participated in exit conferences to summarize and address any questions regarding ST E report findings
• Provided executive summaries to the CBP CISO regarding key deficiencies and security concerns of critical systems
• Evaluated vendor enterprise security solutions to determine overall security and fit for the organization
• Assisted in developing contract language and negotiating contract terms for vendor solutions
• Helped develop, implement and test an overarching application that simplified and automated the entire C A process
• Managed and mentored team members helped interview, assess, and select candidates for vacant team member positions

IT Security Analyst

Supported FISMA/FISCAM compliance efforts for the National Transportation Safety Board NTSB for the duration of the termed 4 month contract in order to ensure the confidentiality, integrity, and availability of systems

• Developed a long-term IT security plan for the NTSB network to help expedite the identification and mitigation of future system vulnerabilities and ensured awareness and compliance with NIST security controls
• Utilized Nessus and Next Generation Squirrel to identify vulnerabilities on the GSS MAs within the NTSB network
• Lead the development of Security Assessment Reports SARs detailing findings and recommendations for remediation
• Participated in Exit Conference Tasks to summarize key findings and recommendations and address all client questions

Technical Account Manager

• Installed configured business client computers and implemented security settings to align with performance requirements
• Provided expert knowledge, troubleshooting, and maintenance services related to HP computer hardware/software and their associated security and performance settings
• Trained employees on HP hardware, performance settings, security configurations, machine maintenance/repair
• Established and maintained excellent customer relationships by constantly exceeding client expectations

Systems Administrator

• Managed company network infrastructure, including: servers, firewalls, workstations, switches, routers web applications
• Conducted data backups, managed user accounts, set firewall rules and switch/router configurations, performed maintenance and patching, and reviewed system/security/application logs
• Used Nessus and Nmap to help enumerate network devices and to identify pertinent network vulnerabilities during periodic internal assessments, and ensured system compliance with company security standards
• Generated assessment reports for management based on scan results as well as other non-technical threat/vulnerability findings and provided recommendations to mitigate and fix system vulnerabilities

Jr. Systems Analyst

Provided a wide range of security and general computing services, including: IDS and IPS configurations, disk encryption, network enumeration, network vulnerability identification, hardware/software installations, imaging and configuration

• Used Nessus, Nmap MBSA to enumerate hosts, vulnerabilities and ports on client networks and documented weaknesses
• Configured IDS/IPS and firewalls on client systems and ensured that they were properly protected from potential attacks
• Installed motherboards, video cards, RAM sticks, peripheral devices and other hardware, as well as set-up and configured home and small business networks, servers, workstations/laptops, network equipment and backup processes