EXPERIENCED MICROSOFT SERVER & Cyber Security Analyst

 

Senior Cyber Security Professional with over 12 years of experience. I possess a strong background in Microsoft Server installation/configuration, information assurance certification and accreditation, network troubleshooting, and I am an expert in resolving connectivity, hardware, and software issues.  I am an experienced operational and technical leader with experience in managing help desk, and cyber security programs in support of demanding government and military environments.  For the past 9 Years I have primarily served as a senior Cyber Security engineer analyzing and evaluating a wide range of systems to comply with DoDI 8510.01 directive.  I am experienced in configuring, installing and securing of Windows and Linux operating systems through the analysis, mitigation and remediation of vulnerabilities identified while auditing Government systems utilizing Security Technical Implementation Guides (STIG), Assured Compliance Assessment Solution, and Beyond Trust Retina network scanner. I also have extensive experience preparing Certification and Accreditation (C&A) documentation such as C&A plans, Contingency Plans, Plan of Actions and Milestones (POA&M), DoD 8500 and NIST 800-53 rev. 4 control reviews, and other various artifacts needed to support obtaining and maintaining an Authority to Operate for Government systems.

 

 

                            System Architecture Design Configuration Management

                            IT Project Planning                    Information Assurance

                            Hardware Installation             Project Management

Vulnerability Evaluation        System Troubleshooting

                            Technical Writing             Risk Management Framework

 

 

EDUCATION/ CERTIFICATIONS

 

·               Microsoft Certified Technology Specialist (MCTS)

·               Windows Server 2008 Network Infrastructure, Configuring

·               Windows Server 2008 Active Directory, Configuring

·               Microsoft MCITP (currently pursuing)

·               Security +

·               ITIL v3 Certified

·               L3 Red Eagle Encryption device certification

·               DISA Virtual Teleconferencing / DISA VTC Level 1 & 2 Certified

·               CISSP expected December 2015

·               Assured Compliance Assessment Solution

 

 

 

 

SECURITY CLEARANCE

 

·               Top Secret Clearance – Expiration: 7/15/2018

·               Have held SCI in the past with both DOD and DOJ when required.

 

 

 

PROFESSIONAL EXPERIENCES

 

Engility – L-3

Contractor serving Navy for Unclassified and Classified IT Projects

Naval Surface Warfare Center Indian Head Explosive Ordnance Disposal Technology Division

 

Cyber Security Analyst             2010-Present

 

·               Experienced in developing Certification and Accreditation (C&A) documentation to ensure Information assurance compliance in accordance with Department of Defense Instruction (DoDI) 8510.01.

·               Experienced in evaluating and implementing Cyber security controls using the DoD 8500 and NIST 800-53 rev 4 control sets.

·               Experienced Security, Test, and Evaluation (ST&E) analyst.  Have performed Security Technical implementation Guide (STIG) and SCAP benchmark evaluations for multiple system types to include standalone RDT&E, network, Platform IT (PIT) and type accredited systems.

·               Experienced in evaluating vulnerabilities utilizing network scanning tools such as Beyond Trust Retina, Nessus, and Security Center to notify system administrators of applicable Information Assurance Vulnerability Alerts, Bulletins and Technical Advisories. (IAVA, IAVB, IAVT). 

·               Experienced ACAS administrator and Analyst.  Have built several ACAS servers in virtual and physical environments.  Performed system compliance analysis on multiple system types to include standalone, network, PIT and type accredited systems.

·               Experienced in managing system vulnerabilities through the vulnerability management system (VMS), Vulnerability Remediation Asset Manager (VRAM) and the Continuous Monitoring and Risk Scoring system (CMRS) for all system types. 

·               Experienced in managing C&A packages using the Enterprise Mission Assurance Support Service (eMASS).  Managing system Artifacts, Plan of Action and Milestones (POA&M), and IA control reviews.

·               Experienced in collecting enterprise and system information, tracking POA&M, building residual risk reports, and Risk assessment reports (RAR).

·               Excel in conducting IA technical research and analysis in the areas of Computer Network Defense (CND) and Computer Incident Response. 

·               Provide system test support (e.g., stress, C&A, penetration, etc.) as described by Department of Defense Instruction (DoDI) 8510.01

·               Experienced with both DIACAP and NIST Risk Management Framework (RMF) C&A package guidance.

·               Appointed IAO for RDT&E, PIT, Type Accredited and Enclave systems.

·               Assisted in creating disaster recovery continuity plan and oversee annual security contingency exercises for RDT&E, PIT, Type accredited and Enclave systems.

·               Experienced in drafting technical manuals, installation manuals to be used as artifacts in support of C&A packages. 

·               Responsible for managing projects, creating project plans, and managing personnel on appointed projects.

·               Showed strong organizational and time management skills, while meeting deadlines in a timely manner.

·               Strong ability to multi-task to perform other duties as assigned for multiple projects.

·               Responsible for installation, configuration, and maintenance for all RDT&E assets in the classified and unclassified environments.

·               Responsible for building and maintaining WSUS server for all RDT&E assets.

 

 

ASTRIX TECHNOLOGY

Contractor serving Navy for Unclassified IT Projects.

Naval Surface Warfare Center Indian Head Explosive Ordnance Disposal Technology Division

 

Systems Engineer            2010

 

·               Responsible for installation, configuration and securing systems for all standalone and networked assets for the research division on the Defense Research Engineering Network (DREN).

·               Responsible for reviewing and submitting software request in the DON Application and Database Management System (DADMS) to ensure the association of all software for the organization.

·               Responsible for providing DREN users with quotes for updating/upgrading of new IT equipment and standardizing the IT assets for the research division.

·               Resolved all IT software and hardware related issues (break/fix) for the research division.

·               Created a software tracking system to ensure licensing compliance across all DREN devices for the research department.

·               Created asset inventory list to track all assets, along with providing AIDA scans to track hardware and software installed on each system to ensure Navy INFOCON compliance.

·               Responsible creating individual upgrade plans to ensure compliance for all IT assets not in compliance due to outdated operating systems.

·               Analyzed vulnerabilities using Beyond Trust Retina scans for all research division assets on the DREN.  Analysis performed on networked and standalone assets.  Resolved all category I, II, and III vulnerabilities to the extent possible on each system to ensure compliance.

·               Worked closely with the System Administration team to ensure implementation of the Host Based Security System (HBSS) to all assets.

·               Created image baselines for multiple Windows operating systems to standardize system installs for security guidelines on newly acquired assets.

·               Responsible for backing up data and data recovery for all assets.

·               Responsible for applying DISA Gold Disk, and STIG’s for all research department systems.

 

GENERAL DYNAMICS             2008-2010

Contractor serving FBI for Classified and Unclassified IT Projects.

 

Systems Engineer

 

·               Traveled to various FBI Field Offices throughout the country to analyze and provide support for desktops, laptops, servers, and network components.

·               Documented and interpreted site audit results and provided recommendations for improvement and compliance based FBI policies and industry best practices.

·               Conducted interviews and briefings with the IT support staff, Administrative Officers, Electronics Technicians, and Law Enforcement Agents to define system capabilities, interfaces, and information exchange and data requirements.

·               Generated pre-audit documentation for site visits which included a step-by-step process, using a predefined audit activity checklist.

·               Reviewed Property Management Application (PMA) reports to identify desktops, printers, laptops, servers, and network equipment located at the facility.

·               Reviewed equipment distribution reports associated with the Top Secret, Secret, and Unclassified enclaves.

·               Reviewed Service Center incident records to identify the off-site location’s top five significant problems.

·               Validated compliance of hardware and software configurations with FBI standards.

·               Reviewed server and network performance data and compared it with FBI standard performance measurements.

·               Reviewed tape backup operation to ensure conformance with FBI standards Reviewed server logs to identify, document, and resolve any anomalies.

·               Reviewed the physical environment such as server racks, server room temperature, floor space, rack capacity, and electrical capacity.

·               Reviewed the off-site locations audit findings and identify areas for performance improvements, based on the FBI’s technical infrastructure, and provide a cost-benefit analysis

 

JBI TECHNOLOGIES, INC.                                      

2005-2008

Contractor serving Naval EOD Technical Division for Classified and Unclassified IT Projects.

Naval Surface Warfare Center Indian Head Explosive Ordnance Disposal Technology Division

 

Network Administrator/Helpdesk Lead

·               Served as project-wide Helpdesk Lead serving the Navy’s EOD Technical Division.

·               Provided technical direction and guidance for a team of 3 helpdesk specialists.

·               Identified and resolved issues for both Classified and Unclassified servers and desktops.

·               Responsible for deploying all Microsoft updates and software application updates.

·               Responsible for ensuring all servers and desktop machines are in STIG compliance.

·               Responsible for Fiber Optic cabling infrastructure for both classified and Unclass networks.

·               Administer Active Directory, Ghost Imaging Servers, File Servers, and Domain Controllers, Print Servers. 

·               Configure and apply DISA Gold disks STIG to all types of classified servers.

·               Conducting Retina scans and generating network vulnerability reports.

·               Responsible for procurement and testing of new equipment including desktops, laptops, printers, encryptors, routers, and switches to ensure compatibility with other devices on the network.

·               Troubleshoot and facilitate Virtual Teleconference equipment (VTC) and Video-Visual Display equipment.

·               Manage and maintain inventory tracking for desktop and Laptop machines.

·               Maintain and manage Track-IT/Altiris ticketing software.

·               Other duties include:

o       Troubleshooting network problems.

o       Converting and constructing CAT5 and fiber optic cabling.

o       Configuring machines using Windows XP and Windows 2000/2003 operating systems.

o       Testing of continuity and characteristics of Cat-5 and fiber optic cable. 

·               Responsible for managing and planning projects while providing technical guidance for all Helpdesk technicians and Network Technicians.

 

 

College of Southern Maryland

2003 – 2005

Regional community college serving nearly 700 staff and over 21,000 students.

 

Technology Support Specialist

·               Troubleshot network connectivity, hardware, software, and printer issues on a Novell Netware network serving 21,000+ users.

·               Established myself as a technology leader amongst fellow help desk team members.

·               Utilized Track-IT software to track help desk and other work orders.

·               Utilized Crystal Reports to track updates for machines on the network

·               Established VPN connections and configured PCAnywhere to enable remote productivity.

·               Provided telephone support to prevent further work orders from escalating to desk support.

 

 

 

HARDWARE, SOFTWARE, & SPECIALIZED SKILLS SUMMARY

 

Hardware

Desktop computers, Laptops, Servers, Routers Audio, Video, Nortel/ Cisco, All types of PCI cards, SCSI adapters, Printers, Fax machines, Copiers, Hubs, Motherboards, Power supply, RAM, Switch boxes, Printers, Red Eagle encryption devices, fluke fiber testing equipment.

 

Software

Windows 7/8/10, Windows Server 2008/2012, Linux (RHEL 5, RHEL 6) Track-IT, Remedy, Symantec Norton, Symantec Ghost, Mcafee, HBSS, MS Office Suite 2007/2010/2013, Adobe, Altiris, Citrix, Retina, ACAS (Security Center, Nessus), Comm Vault, Veritas, WSUS, NetQos, SCCM, Wireshark, VMware.

 

Specialized Skills

·               Highly skilled with configuration and trouble shooting of Navy Digital Messaging Systems using digital messaging software version 3.1.

·               Skilled in configuring DMDS profiler services.

·               Video Teleconferencing (VTC)