Rick J Kozak

 

34875 Kooden Road

Winchester, CA 92596

(760) 450-3456

Overview:Seasoned Information Security Professional with over 13 years’ experience seeking a position that showcases my current skills and allows me to improve my abilities through training and experience. I have 13+ years’ experience in the IT field, 8 years management experience, 8 years DoD, CISSP certified. Lead Architect/ Engineer- 3 years, 3 years Data network specialist, 13 years security systems analyst. TS security clearance and 2 years security systems administrator. I am very passionate about security and have a strong work ethic that would benefit any company I work for.

Experience:Cubic Transportation Systems, Inc.May 2013 – Present

Lead Security Engineer/Architect, Level II Security Analyst

·               Designed system security architecture and developed detailed security designs for the implementation of security tools such as Tripwire, McAfee ePO, Carbon Black, Shavlik Protect, Q1 Radar and Nessus across North America and Australia.

·               Utilized Tripwire Enterprise for file integrity monitoring by creating custom rules, alerts and reports that could be reviewed daily and in real-time to identify any changes authorized or unauthorized.

·               Monitored audit logs for anomalies, inconsistent patterns, and abnormal activity by creating custom rules, alerts and reports within Q1 Radar

·               Maintained and monitored McAfee ePO to ensure policies were set properly and being applied throughout the environments.

·               Created multiple policies across multiple sites in Carbon Black to help maintain a secure posture to out-of-date systems no longer supported.

·               Utilize Service-Now to create and track authorized changes to files, databases, systems and network devices.

·               Created Service-Now tickets to track and record incidents from malware, unauthorized changes, viruses, network intrusions and data exfiltration.

·               Trained System Administrators on how to use Tripwire, Carbon Black, McAfee ePO, Shavlik Protect, Q1 Radar, and Nessus by developing training documentation and providing class instruction on how to properly and effectively use the those tools.

·               Implemented PCI (Payment Card Industry) compliancy standards to meet or exceed the requirements for PCI Certification

·               Participated in SSAE16, PCI/DSS and ISO 27000 audits.

·               Reviewed and helped write the Incident Response Plan.

·               Participated in weekly change control meetings.

·               Provided input and ideas to co-works regarding security related matters.

·               Took on the extra responsibilities of System Administrator to provide support to an over extended workload on top of my normal duties.

·               Worked in a 24x7 Security Operations Center environment

 

United States Marine Corps    May 2005 – May 2013

Cyber Security Professional

·               Setup and maintained boundary security devices in the form of network intrusion/detection prevention systems, firewalls, access control lists and vulnerability assessment tools.

·               Created and implemented white lists and black lists for applications, IPs and ports and protocols on network firewalls to limit the security risk to a network.

·               Monitored network firewall logs to identify suspicious activity and reported or mitigated any findings in accordance to local security policy.

·               Installed and managed McAfee Host Based Security System (HBSS) for small and large scale tactical and garrison networks.

·               Configured and modified host-based firewalls by creating new policies and updating existing policies to identify suspicious activity created by viruses, malware and host-based intrusions.

·               Audited large scale networks and advised management on corrective measures.

·               Assessed network and client assets for vulnerabilities utilizing Retina Vulnerability Scanner, GFI Languard and Security Content Automation Protocol (SCAP) Compliance Checker.

·               Performed system audits and created System Readiness Reports showing asset compliance and deficiencies with current security policies.

·               Proficient in policy management and application of security policies on local and remote systems.

·               Created and taught multiple cyber security classes in regards to security policies and cyber security initiatives.

·               Investigated security violations in accordance with Marine Corps and DoD policy. Violations investigated dealt with unauthorized software, personally identifiable information, classification spillages, spam and inappropriate use by end-users.

·               Experienced as a Cyber Security Technician in troubleshooting, assessment, auditing and implementing information systems.  Emphasis on Security Technical Implementation Guide (STIG) application, FortiGate Firewall administration, Host Based Security System and group policy management.

·               Assigned as the Cyber Security subject matter expert for tactical deployments with 1^st Marine Logistics Group.

·               Implemented security policies for 1^st Marine Logistics Group and Headquarters and Support Battalion Marine Corps Base Camp Pendleton in accordance with DoD, NSA, FIPS and NIST guidelines.

·               Enforced security compliance for 65 servers, 6,000 workstations and over 10,000 users within 3 domains.

·               Familiarity with penetration testing tools: Nessus, NMAP, John the Ripper and Wireshark.

Helpdesk Supervisor

·               Managed a team of eight individuals for troubleshooting and technical support for over 300 users for twenty-four hours a day for thirty consecutive days.

·               Maintained a Service Desk Trouble Ticket System for tactical and garrison networks.

·               Ensured quality of service and professionalism was provided to all customers.

 

Network Administrator

·               Designed and implemented a network infrastructure to support over 1000 network devices and over 2000 users.

·               Installed and managed multiple instances of domain infrastructure utilizing Microsoft Windows server.

·               Trained employees on how to properly configure and implement Cisco switches and routers, Windows Active Directory and Exchange

·               Ensured confidentiality, integrity and availability were maintained for multiple security classification networks.

·               Trained numerous support personnel in proper network implementation for deployed tactical networks.

·               Proficiency built in Active Directory Architecture, server and client administration, and asset management.

Education:

SANS 511: Continuous Monitoring and Security Operations          Sept 2015

Course provides students with the skills to analyze security architecture for deficiencies apply the principals to design defensible security architecture, understand the importance of a detection-dominant security architecture and Security Operations Center (SOC) and identify the key components of Network Security Monitoring (NSM)/Continuous Diagnostics and Mitigation (CDM)/Continuous Monitoring (CM).

 

SANS 440: Critical Security Controls: Planning, Implementing and Auditing          Sept 2015

This course enables students to see how to implement and audit the Critical Security Controls and how to put the controls in place in an existing network through effective and widespread use of cost-effective automation.

 

SANS 408: Windows Forensic Analysis          July 2014

This course enables students to conduct-in-depth forensic analysis of Windows operating systems and media exploitation, identify artifact and evidence locations to answer critical questions, including application execution, file access, data theft, external device usage, cloud services, geo-location, file download, anti-forensics and detailed system usage.

 

Tripwire Operator/Professional Course         June 2013

This course provides students with the understanding and practice of threat intelligence and how Tripwire Enterprise helps, creating security workflows, examining and evaluating security-focused changes and creating security-focused reports and alerts.

 

Web Application Penetration Testing Course          Sept 2012

Course provided students with the skill sets in Cross Site Scripting, SQL injection, and Java Script injection. The focus was on both military and civilian application vulnerabilities and how to mitigate those vulnerabilities.

 

Marine Corps IA Blue Team Methodology         May 2012

This course provided students with the knowledge and skills to properly use and configure vulnerability tools used on the Marine Corps network.  This course covers server, workstations, routers, switches and wireless vulnerability assessment.  The students are required to provide analysis of their findings and provide a detailed report on how to mitigate vulnerabilities found during their assessment.

 

Information Assurance Technicians Course          Dec 2008

Marine Corps school for the 0689 Military Occupational Specialty. Marines within this field are charged with performing computer network defense of the Marine Corps Enterprise Network to ensure information availability, integrity, authentication, confidentiality, and non-repudiation. Duties include assisting in the development and execution of security policies, plans and procedures; design and implement data security measures, network intrusion detection/prevention and forensics; incident handling and response; vulnerability assessments and management; firewall management and certification and accreditation of Marine Corps systems and networks.

 

Data Supervisor Course           Jun 2007

An advanced level school for network administrators to enhance their skills on Cisco routing, switching, Active Directory, Microsoft Exchange, server administration and LAN/WAN concepts and implementation. This course focused on the installation and maintenance of small and large scale networks with emphasis scalability.

 

Data Network Specialist          Nov 2005

Entry level network administrator course specializing in basic network fundamentals, Operating Systems concepts, hardware familiarization, security fundamentals, Active Directory, server administration, Microsoft Exchange administration, Cisco routing and switching, and basic troubleshooting.

 

Continuing Education:

University of Phoenix           Jun 2015-Present

Currently working towards my Bachelor of Science degree in Information Technology, Advanced Information Systems Security Certificate 

 

 Certifications:

Tripwire Operator CertificateMay 2014

Certified Information Systems Security ProfessionalJan 2014

Marine Corps IA Blue Team MethodologyMay 2012

Top Secret Security ClearanceMar 2012

CompTIA Security + (Sec +)May 2009