Ahmad Austin

Principal Consultant

Email: aramanagement1@gmail.com

Cell Phone: 770-296-8275

Technical Certifications:

Certified Information Systems Security Professional (CISSP); Certified Cisco Network Associate (CCNA); Certified Cisco Network Associate: Security (CCNA Security); EXIN ITIL v3; Microsoft Certified Systems Administrator (MCSA): Messaging; Microsoft Certified Technology Specialist (MCTS): Microsoft Exchange Server 2007 Configuration; Palo Alto Accredited Configuration Engineer (ACE) – In progress; CompTIA Security+

Operating Systems:  Windows Server 2003, Windows Server 2008, Linux, CISCO IOS 14.x, Windows XP Professional, Windows Vista, Windows 7, Windows 8

Software:Sidewinder Firewall, Palo Alto Firewall, Panorama, Cisco Firewall Service Module (FWSM), Cisco Security Manager (CSM), Sourcefire IDS, NETQos, SolarWinds, Splunk, Wireshark, Microsoft System Center Configuration Manager (SCCM), Microsoft Exchange, Symantec Mail Security for SMTP, Microsoft Office Communicator, Remedy Tracking System, Active Directory, Windows Gold Disk, eEye Retina, Nessus, Nexpose Rapid 7, Nmap, Vulnerability Management System (VMS), VMware, Microsoft Office

it governance:  DIACAP, FERC, FIAR, FISCAM, FISMA, HIPAA Security, ISO 27002, NERC-CIP, NIST, PCI-DSS, SARBANES-OXLEY (SOX)

Education:

15 Credit Hours towards Doctor of Information Technology Degree, Walden University, Baltimore, MD, 2017

Master’s Degree, Information Technology Management – Information Assurance Concentration, Trident University, Cypress CA, 2011

B.S., Computer Science, Trident University, Cypress CA, 2010

Associates Degree, Aircrew Safety Systems Technology, Community College of the Air Force, Montgomery, AL, 2007

Associates Degree, Information Systems, Community College of the Air Force, Montgomery, AL, 2006

Instructor Related Experience:

Alabama State University

·                                  Designed and instructed a 20 day Comptia Security + Prep Course

·                                  Created and conducted a Security Awareness Workshop

Georgia State University

·                                  Tutored student for 8 weeks in preparation for Comptia Security plus exam; student passed with a 920 score.

Kennesaw State University

·                                  Developed and conducted a Security Awareness Workshop

Tuskegee University

·                                  Planned and conducted a Small Business Security Awareness Workshop

 

Security Clearance:

Top Secret- SCI (DCID)

Professional Experience:

ICF International – AtlantaNovember 2015 – Present

DLP SME; Contractor DCMA

·                    Subject matter expert (SME) for the customer’s Sourcefire, and Symantec Data Loss Prevention (DLP) solution.

·                    Audited all DLP appliances and created SOPs in support of the DoD 2016 CNDSP inspection.

·                    Maintain IDS/IPS operations, project plans and standard operational procedures (SOP) documentation for the Navy Security Operations Center environment.

·                    Work with external teams to ensure custom signatures are added to increase detection rates.

·                    Creation of technically detailed reports on the status of Sourcefire and DLP to include metrics on the number of alerts by category, number of alerts by sensor, and storage usage.

ReliaQuest (Kobie Marketing) – TampaMarch 2015 – September 2015

Security Engineer; Consultant

·                    Reviewing existing system infrastructure and business processes to determine minimal disruption to business based on acceptable risk and downtime requirements

·                    Updating the customer’s information security policies in accordance with ISO 27001, NIST and PCI-DSS 3.0 standards

·                    Creating a detailed roadmap for how the client should continue to mature it’s information security posture in accordance with PCI-DSS standards

ReliaQuest (CNL Bank) – OrlandoJanuary 2015 – March 2015

Security Engineer; Consultant

·                    Audit departmental security practices against industry best practices and relevant compliance standards

·                    Compiled a full list of all critical IT services and assets to determine which essential assets need protection

·                    Prioritize known threats and map to the assets outlined above based on potential impact

Computex (InComm) – Atlanta, GAJune 2014 – December 2014

Sr. Security Solutions Architect; Consultant

·                    Served as the onsite lead supporting the remote testing team and onsite customer in order to facilitate operational fielding/integration, penetration testing, vulnerability assessments, remediation, upgrade and support schedules and activities

·                    Documented and tracked the known risks and plans for implementing the determined mitigation and/or contingency strategies

·                    Ensured a quality assurance review of documentation-based deliverables is performed to ensure documentation is aligned with customer expectations

·                    Coordinated and conducted recurring security project status meetings with project stakeholders to communicate the overall progress

Belk HQ – Charlotte, NCApril 2014 – June 2014

PCI-DSS Assessor; Consultant

·                    Performed a gap analysis on Belk’s new Digital Store architecture, to include all ASA firewalls, perimeter routers, wireless routers, switches, and servers

·                    Worked with HP Security Architect to obtain a snapshot of the Palo Alto firewall deployment plan in relation to the new Digital Stores

·                    Interviewed security engineers and reviewed firewall configurations to determine if the Belk Information System was compliant with PCI-DSS requirements

·                    Observed Belk Digital store wireless AP configurations to detect if insecure encryption protocols were being used on the network

ReliaQuest (Florida Orthopedic Institute) – Tampa, FLFebruary 2014 – April 2014

HIPAA Security Auditor; Consultant

·                    Performing risk assessments at twelve medical facilities per HIPAA Security Rule guidelines and NIST 800-66

·                    Advised the Chief Information Security Officer (CISO) of the recommended encryption, authentication and logging solution

·                    Conducted a business impact analysis (BIA) in preparation for developing the disaster recovery plan

·                    Composed all policies, plans, and procedures required by HIPAA Security Rule and HITECH

ReliaQuest (Department of Education) – Washington DCJanuary 2014 – February 2014

Sourcefire Security Engineer; Consultant

·                    Trained Analysts on how to perform various Sourcefire configuration and security related tasks

·                    Conducted a site survey to capture the required IP ranges, network maps and sensor to switch setup

·                    Advised Program Manager of the best course of action to optimize the Sourcefire sensors and Defense Center

·                    Modified Sourcefire RNA and IPS policies for each sensor administered in Defense Center

BTL Technologies – Gunter Air Force Base, ALSeptember 2012 – October 2013

Sr. Systems Analyst; Consultant

·                    Serve as security consultant for all technical issues, including architecture, infrastructure, program initiatives, and best practices

·                    Perform FISCAM audits on seven United States Air Force Financial systems

·                    Developed and implemented test procedures to determine if the networks are configured in accordance with FISMA and NIST 800-53

·                    Analyzed DISA’s SAS 70 against the customer’s SLA to determine if the applicable controls were addressed 

·                    Create detailed reports identifying where network design is not meeting Generally Accepted Government Auditing Standards (GAGAS)

NCI Information Systems – Gunter Air Force Base, ALSeptember 2011 – August 2013

ARES (CITS) Site Lead; Consultant

·                    Regional CITS site lead, responsible for securing AF Gateways at the highest level of the United States Air Force Enterprise Network

·                    Provide technical support to 2Gen Wireless project; identify and report discrepancies in engineering design to the CITS Program Management Office (PMO)

·                    Evaluated CITS PMO engineering Business Requirement Documents (BDR), Source Requirement Specifications (SRS), and Use Cases to determine if they aligned with mission needs

·                    Assisted in designing and building the WAN backbone of the Air Force SIPR network to include analyzing fiber optic connectivity

·                    Supervises Field Service Engineers (FSE)s at AF bases in Louisiana, Alabama, Georgia and Florida on identifying software and hardware deficiencies, addressing vulnerabilities, and detecting cyber attacks

·                    Managed Palo Alto auditing project; team tested and deployed templates designed to check Palo Alto Firewalls/IDS for DISA STIG compliance

·                    Managed Palo Alto deployment to 125 Air Force bases and 16 Gateway locations across the world

·                    Prepare required Certification and Accreditation (C&A) documentation and artifacts in accordance with Department of Defense (DoD) Information Assurance C&A Regulations (DIACAP)

·                    Provides guidance to CITS PMO in implementation of the Defense Information Systems Agency (DISA) Information Assurance and Vulnerability Management (IAVM) program

Advanced Physician Weight Management – Montgomery, ALSeptember 2011 – February 2012

HIPAA Information Security Officer; Consultant

·                    Performed risk analysis per HIPAA Security Rule guidelines and NIST 800-66; delivered security solution to address all technical, physical, and administrative vulnerabilities detected; protected organization from being compromised by cyber criminals

·                    Developed security plan, change management and configuration management plan, business continuity plan, password management plan, asset management plan, and ePHI incident response procedures in accordance with NIST 800 series

·                    Created an asset management database and allocated baseline; captured all configuration changes made on medical information system

Cy3 Computing – Montgomery, ALJune 2011 – September 2011

Chief Information Security Officer (CISO); Consultant

·                    Developed and implemented strategy to modify local network infrastructure in accordance with NIST 800-30; enhanced the security posture of the network by minimizing exposure to threats

·                    Well rounded automation and/or process knowledge including but not limited to: DCS/Distributed SCADA network architecture for control systems

·                    Conducted site survey for customer to assess the effectiveness of existing physical security layers

·                    Created backup plan that was integrated into daily LAN operational procedures

·                    Analyzed threats and provided impact assessment for exposure to malware

·                    Knowledgeable of FERC and NERC CIP standards; performed research on solutions to protect US power grids from cyber attacks

·                    Working knowledge and understanding of regulations/standards for critical infrastructure (NERC CIP, NIST 1108R2, ISA-99, IEC 92443, WIB, etc.) and processes

CACI – Gunter Air Force Base, ALJune 2010 – June 2011

Information Security Engineer; Contractor, AFNET Increment 1 System

·                    Experienced in implementing security compliance in accordance with NIST 800 series, DoD Instruction 8500.2, DoD Instruction 8510, and FISMA standards

·                    Developed step by step risk assessment procedures that were implemented across 16 organizations world-wide

·                    Performed risk and impact assessments for all change requests presented to the Change Management Engineering Review Board (ERB)

·                    Audited 180 Windows and UNIX servers, 160 Cisco routers and switches, and 60 appliances; enhanced the overall security posture of the system within the guidelines of DoD Information Assurance Certification and Accreditation Process (DIACAP)

·                    Provided risk management consulting services in support of AFNET Increment 1 project; review network design, artifacts, and perform in-house audits

·                    Performed system test and evaluation (ST&E) activities on a variety of hardware and software systems

·                    Coordinated Certification and Accreditation Plan of Action and Milestones (POA&M) implementation with Operations department

·                    Conducted vulnerability assessments of network systems using Retina network vulnerability scanner and Windows DISA Gold Disk software at 16 Air Force sites

SoftWorld – Gunter Air Force Base, ALMarch 2010 – June 2010

Information Security Analyst; Contractor, GCSS

·                    Applied knowledge of current IA policy, tactics, and techniques by performing risk assessments on over 600 Windows and UNIX servers

·                    Thorough knowledge of the Department of Defense Information Assurance Certification and Accreditation Process (DIACAP), roles, responsibilities, and methodologies

·                    Analyzed vulnerabilities on Windows and UNIX servers to ensure the integrity of the GCSS infrastructure remains uncompromised

·                    Organized with appropriate parties to ensure the timely deployment of operating system and application security patches

·                    Provided oversight in the management and mitigation of Retina and DISA STIG findings

General Dynamics – Gunter Air Force Base, AL                                                      June 2007 – March 2010

Network Security Engineer, Contractor, 26 Network Operations Squadron (NOS)

·                     Exchange Lead, responsible for configuring and performance monitoring of 3 Exchange 2003 clusters

·                                         Maintained the Air Force's Intranet which includes over 1300 Cisco Service Delivery Point
routers and multiple LAN servers, switches and routers

·                                         Utilized Wireshark to perform independent assessments of the nodes in the DMZ and internal burb

·                                         Built, configured, and administered a Symantec Mail Security for SMTP server, which filtered, blocked, and deleted over 250 viruses a month that were transferred by electronic mail

·                    Built Exchange 2003 server and migrated 120 user accounts to a new 1950 server that had RAID 1 capability; efforts reduced the chance of losing vital information during system malfunctions

·                     Administered information protection for the LAN and Sidewinder/PIX firewall's and
SNORT/Sourcefire IDSs

·                     Extensive experience in installation & administration of Windows 2003 servers, Active Directory Design & Architecture, File Servers, XP Pro, Vista, and Windows 7

·                                         Installed and configured Sourcefire IDSs on LAN and conducted daily analysis of alerts

·                                         Supported DIACAP team with Certification and Accreditation package by completing Ports and Protocols analysis

·                     Secured Windows 2003 network infrastructures by performing OS hardening, implementing Microsoft Active Directory, and securing online communication using SSL digital certificates

·                                         Resolved Retina Scan vulnerabilities that could potentially bring down the network and cause damage to over $5 million worth of equipment

·                                         Obtained and installed over 150 PKI certificates on servers and workstations and conducted training for customers on the use of the certificates

·                                         Composed and maintained security procedures on both classified and non-classified networks; the procedures provide detailed steps that are critical in preventing the loss, alteration, or leak of critical information

United States Air Force – Gunter Air Force Base, AL                                            September 2006 – June 2007

Exchange Administrator, SSgt, Network Control Center

·      Supervised 4 messaging technicians, which included overseeing training to ensure that they were qualified on core tasks and that they understood their responsibilities which was performing complex systems analysis through the design, development, and  configuration of exchange servers

·      Served as the administrator for Exchange 2003, Symantec mail Gateway servers, Blackberry devices and server, and Microsoft Outlook; efforts ensured the successful delivery of over 22 million messages

·      Prepared recommendations for the acquisition and replacement of equipment valued at over $35,000

·      Migrated 2,500 mailboxes from Exchange 2003 to Exchange 2007 servers

United States Air Force – Osan Air Base, Republic of Korea        September 2005 – September 2006

Exchange Administrator, SSgt, Messaging Section

·   Administered 6 Exchange 2003 and 2 DMS servers; hard work ensured that electronic mail successfully flowed to more than 8,000 users

·   Developed the Preventive Maintenance Inspection program for all exchange servers; the program contributed to a near 100% up time

·   Resolved over 450 computer trouble tickets over a two month period; efforts prevented the loss of valuable man hours due to work stoppage and saved the unit over 100 hours in down time

·   Supervised 13 Exchange administrators whose responsibility was to provide vital support to 5 geographically separated units serviced by Osan Air Base

United States Air Force – Shaw Air Force Base, Sumter, SCSeptember 2003 – September 2005

Enterprise Controller, SSgt, NOSC

·   Created and modified access control lists on Sidewinder 5.2 and 6.0 firewalls; efforts protected 15 sites from malicious attacks

·   Resolved communication outages and provided a single point of contact for all deployed communication issues

·   Provided the daily situation and health reports for all network control centers in Southwest Asia; efforts ensured that operations were up and running around the clock