BACKGROUND SUMMARY

Information Technology professional with hands - on experience in all aspects of IT Security in a diverse and complex multi-campus Higher Education environment, while maintaining exceptional working relationships throughout the system. Demonstrated record of success in project leadership/management, team leadership, mentoring, creative problem solving, and planning. Proven ability to create strategies for large-scale projects, build a team to carry out the tasks created from the strategies, and provide the appropriate technical documentation. Demonstrated skill to manage personnel through project teams, as well as stepping in as acting manager for a group of twelve support technicians.

WORK EXPERIENCE

Confidential

Senior Security Analyst

• Subject matter expert: IT Security, PCI and HIPAA Compliance, Digital Forensic Imaging and Analysis
• IT Service Owner: Compliance, Digital Forensics, Incident Response, Security Training
• Provide IT security compliance oversight throughout the UT System, which includes seven campuses and institutes, as well as system administration.
• Work with campus and institute Chief Information Officers, campus and institute Information Security Officers, Network Services, General Counsel, Media Relations, and Human Resources, as well as appropriate law enforcement, in investigating security incidents, while maintaining high level of professionalism, integrity, sound judgment, and confidentiality.
• Wrote the University of Tennessee System Administration Forensics Internal Operating Procedures for outlining the guidelines key roles and responsibilities and processes for forensic imaging and analysis.
• Provide forensic data collection/imaging and analysis in investigations using Tableau, Logicube Talon-E, or Logicube Falcon to acquire the image and AccessData's FTK for analysis.
• Oversee compliance activity with IT security portions of legal and industry regulations for area such HIPAA, PCI DSS, FERPA, and TN State Security Breach Law TCA .
• Create and present PCI training to UT merchants at each campus, as well as UT Foundation merchants, as required by PCI DSS.
• Coordinate response to compliance-related IT security incidents.
• Utilize forensic tools to determine if confidential data was accessed on a compromised computer. This is particularly critical for computers storing HIPAA and PCI data, Social Security Numbers, student records, and human resources information.
• Create and edit IT security policies and best practices.
• Research technologies, standards, and best practices that best meet customer needs, as well as security requirements, and make recommendations based on evaluations.
• Supervise and mentor student employees.
• Member of UTSA ITS' IT Career Path committee.
• Attended AccessData Users' Conference in May 2012 and May 2014.
• Attended HIPAA Academy's Certified HIPAA Professional Course in February 2013.
• Attended ecfirst's Certified Security Compliance Specialist training in February 2013.

Confidential IT Specialist II

• Subject matter expert: Forensic Imaging and Analysis, SharePoint, Active Directory, Incident Response, Operational Security
• Worked with UT's Information Security Office, Network Services, General Counsel, and Human Resources, as well as appropriate law enforcement, in investigating computer security incidents by providing forensic data collection/imaging and analysis.
• Administrator of Windows 2003 server for storing forensic images.
• Responsible for faculty staff incident response on the Knoxville and Agricultural campuses, performing on-site discovery and remediation of viruses and other malware, both new and old, as well as other security-related issues.
• Wrote guides for hardening Windows and Mac operating systems based on NIST and CIS recommendations.
• Worked with ISO to help departments meet regulatory compliance.
• Worked with the Office of Research's Export Control Officer to set group policy and harden computer systems for certifying compliance of federal export control laws and regulations. The systems were hardened based on NIST recommendations, and must be compliant with regulations based on the Department of Commerce's Export Administration Regulations, the Department of State's International Traffic in Arms Regulations, and the Treasury Department's Office of Foreign Assets Controls.
• Assisted in writing OIT's current security best practices and policies, all of which are based on NIST publications, particularly NIST SP . Consulted with departments on ways they could become more proactive using these documents.
• Assisted faculty and staff with categorizing the information on their computer according to the Information Classification Policy Number IT0115, as well as system classification based on Computer System Classification Policy Number IT0116, benefiting users as they completed the ISO's self-certification process.
• Ran vulnerability scans and worked with users toward remediation.
• Used tools to determine if confidential data was accessed on a compromised computer.
• Accessed IPAudit for comparing IP address information, timestamps, ports, etc., to verify that a specific machine was using a specific port to communicate.
• Worked with law enforcement to track stolen computers and devices.
• Researched ways to detect, prevent, and remediate both new and old threats to the confidentiality, integrity, and availability of data.
• Administrator of a Linux server used to run nmap scans in order to help detect compromised systems on the university network, as well as required security scans prior to migrating systems to the UTK domain.
• Worked with departments as an OU Administrator to help them with their Active Directory needs.
• Project lead for the UTK Active Directory migration project. This purpose of this project was to move all users from older domains into the UTK domain. Migrated approximately 8000 computers as a part of this project. Also migrated any remaining Lotus Notes users to Exchange.
• Member of the Exchange 2010 Migration project team, managing the faculty/staff portion of the migrations. Coordinated and moved over 5,000 faculty and staff accounts in 2011.
• Member of the Blacklist Tiger Team and lead for the Blacklist Incident Response Team in 2010, defining the processes for determining if UTK was on any blacklists and the processes for removing us from those blacklists.
• Member of SharePoint project team and co-authored the SharePoint Governance Plan for the University of Tennessee in 2009.

Confidential

• Computer Programmer and Specialist/Senior IT Technologist I
• Administrator of Novell server using NetWare 5.0.
• Installed, maintained, and supported all computer hardware, software, and peripherals.
• Provided technical training to staff and administrators.
• Researched and tested new ideas and products regarding latest technological advances.
• Conducted training for individual departments on finding grants and contacting funders.
• Served as Webmaster for the OR web site.

Confidential Senior Information Systems Operator

• Installed and maintained all Apple hardware, software, and peripherals.
• Provided technical training to staff, directors, and SCEA constituents.
• Researched and tested new ideas and products regarding technological advances.
• Wrote A Guide for Arts and Technology: Using the Internet in Conjunction with Arts Education.
• Gave presentations to large audiences 400 at the SCEA institutes.
• Conducted technology workshops for K-12 educators.
• Served as Webmaster for SCEA's web site.
• Gave presentations at University's annual NetFest.
• Confidential Provided technical support for hardware, software, and peripherals.
• Kept departments informed of federal hiring rules and regulations for non-citizens.
• Organized and distributed all payrolls, and produced summary reports for administration.