From: route@monster.com
Sent: Friday,
November 4, 2016 8:52 AM
To: hg@apeironinc.com
Subject: Please
review this candidate for: PaloAlto
This resume has been forwarded to
you at the request of Monster User xapeix03
|
|||||||
|
|||||||
|
|
|
||||||
|
||||||
|
Marcus E. Benson (Active Top Secret/SCI with NSA Full-Scope Poly) marcus_e_benson@yahoo.com (210)
833-9836 PROFESSIONAL
SUMMARY: Specialize
in Cyber Vulnerability, Application Security, IT Risk Governance, ITIL, ITAR,
SDLC, COBIT, COSO, OCTAVE, CRAMM, DIACAP, NIACAP, FISMA Compliance, FedRAMP,
SSAE-16, EU Safe Harbor Framework, DISA, HIPAA, HITECH, GLBA, FFIEC,FSA,
BASEL II/III, SOX SAS-70, PCI-DSS, NERC, TOGAF, BCP\DR, DLP, SOC 1/2/3,
ISO27001 NIST Special Publications 800-30,37,39,53, researching, designing,
development, implementation of IT systems control policies for good business
acumen, and Information Security best practices. Skill
Summary: Software/Virtualization
Software: Software:
Citrix Presentation Server (3.0 4.0), XenApp 4.5. VMware ESX 2.5,3.5,
Microsoft Virtual Server 2005, SolarWinds, Orion, HP Service Manager,
HP Open View, Tivoli Netcool, Cisco Works, Avaya CMS, Call Manger 4.2,
Retina, ArcSight Enterprise Security Manager (ESM), VMS ver6.9, Nessus,
eGuard Post, Cisco Security Manager 3.1, HBSS 4.5, Data Loss
Prevention, Q1 Radar ESM, Fortify 360,EMASS,
EITDR, STIG Viewer, Golddisk, RSA Archer, Wireshark, Splunk Enterprise 6.2,
Cloud Security. Hardware:
Cisco
IOS Switches, 2600,2950,3550,4006, and CatOs 6500, 7200, Cisco VoIP 7965,
Avaya G8700 Switch VoIP 4610, 4612, Blue Coat Proxy SG810, Packet shaper,
Brocade and Bridgehead SANs, MDS 9000 FCS
EDUCATION: Masters of Science
in Cyber Security Policy University of
Maryland University College (Tentative fall graduate of 2016 with 3.0 GPA) Bachelors
of Technical Education Eastern
New Mexico University - 2006 CERTIFICATIONS: ·
(EC-Council) Certified Chief
Information Security Officer (C|CISO) ·
(NSTISSC)
Certified National Standards for System Certifiers and Managers (CNSS-4012
& CNSS-4015) ·
(ISACA)
Certified in Risk and Information System Controls (CRISC) ·
(EXIN)
Information Technology Information Library (ITIL 2011) ·
(Microsoft)
Microsoft Certified Systems Engineer (MCSE 2003) ·
(CompTIA)
CompTIA Advanced Security Practitioner (CASP) ·
(EXIN)
Cloud Foundation Certification (CLOUDF) ·
(EC-Council) Certified
Ethical Hacker (C|EH v8) ·
(CompTIA)
Security+, Network+, A+ Department
of Defense Certificate of Completion ·
Peer to
Peer
01/23/2012 ·
PKI
Overview
01/23/2012 ·
PKI Certificates
01/23/2012 ·
DIACAP
Overview
02/01/2012 ·
Auditing Logs for IA
Managers
01/30/2012 ·
Windows 2003 Server (DISA
Certified) 01/20/2012 ·
Information Assurance Awareness
Ver. 10.0 01/20/2012 ·
Information Assurance Policy and
Technology 02/01/2012 PROFESSIONAL
EXPERIENCE: 22nd Century
Technologies,
Lackland Air Force Base 08/2016- Present
Senior Network Security Architect · Conduct network security monitoring and
intrusion detection analysis for the NIPRNet using the AF's selected IDS/IPS
toolsets ArcSight, Wireshark,Solera, Fidelis and Splunk. ·
Research NIPR and
SIPR defensive cyber operations events to determine the necessity for deeper
analysis and conduct an initial assessment of type and extent of intruder
activities. ·
Enter event data
into mission support systems according to operational procedures and reports
through the 33rd operational chain. ·
Record suspicious
events, meeting established thresholds, into the operational database for
suspicious traffic. Records shall contain sufficient information to stimulate
future research of suspicious traffic. The record shall answer the: who,
what, where, why and when for this suspicious activity. ·
Compile suspicious
events records and other artifacts as part of its Monthly Operational Report. ·
Provide pass-on
information to bring incoming crews up to speed on latest suspicious traffic
seen from a given port, IP, etc. ·
Coordinate with the
Crew Commander for authorization before departing after pass-on to incoming
shift. ·
Provide computer
security-related assistance to Air Force field units (example: the Integrated
Network Operations and Security Center (INOSC), Base Information Assurance
shop) in countering vulnerabilities, minimizing risk, and improving the
security posture of AF computer networks and systems within the scope of
operational requirements and mission execution. ·
Provide focused DCO,
tailored analysis and monitoring operations of specified sensor locations
during contingency operations and in support of named DCO operations and
exercises. Soft Tech
Consulting, Randolph
Air Force Base 02/2016- 8/2016
Cyber Risk Capacity Management Manager ·
Demonstrating proficiency
in applying industry best practices to solve immediate operational issues,
cyber risk and creating a base for an improving and maturing scalable
organization. ·
Assist in crafting
the Service Management System CapM process based on ITIL and the Defense
Enterprise Service Management Framework to mesh with the Program Management
Function, Risk Management Framework, other processes in the ITIL Design
Domain, and in accordance with the requirements of Lifecycle Management. ·
Carry out the
Capacity Management design to meet IT Service Provider (ITSP) requirements ·
Provides technical
knowledge and analysis of highly specialized mission requirements and
high-level functional systems analysis, design, integration, documentation,
and identifying any potential cyber risk that may impact mission essential
applications. ·
Participates as
needed in all phases of service design and the Engineering Management
Function. ·
Applying, explaining,
and informally teach Foundation Level Information Technology Infrastructure
Library (ITIL) knowledge. TMF Quality Health
Institute, Austin
Texas 09/2015- 10/2015
Senior Information Security Engineer · Designing, implement and manage the technical security
standards of the corporate Information Security infrastructure, network,
systems and applications. · Participating in the corporate change management review
board to ensure adherence to Information Security requirements. · Developing detailed technical documentation, including
diagrams, for Information Security controls. · Perform hands on technical vulnerability testing (using
NESSUS) of the company’s technology infrastructure, network, systems and
applications. · Producing reports and recommendations for detailed
vulnerability findings. · Researching and conducting projects as assigned for
Information Security purposes. · Analyze network traffic for anomalous activity and
investigate as appropriate. · Identifying and understand potential threats and vulnerabilities
and recommend solutions, mitigations and remediation. · Conducting regular reviews of IT Security controls in
accordance with the company’s FISMA/NIST SP 800-53r4 based methodology. · Documenting and managing procedures for the activities
performed in accordance to TMF’s Information Security Program. · Using RSA Archer to monitor, track and Security Events and
Incident Response. · Participating as a part of the Information Security
Incident Response Team. · Participating in Information Security discussion and
meetings as required. · Performing and supporting all other assigned information
Security programs, tasks, functions and assignments as needed. · Collaboration with infrastructure and application teams in
order to implement and monitor Information Security policies and procedures. · Providing Information Security SME level services for
internal resources. · Responsible for ensuring that data is properly logged and
maintained. · Represent the information security team by participating
directly with internal teams and external customers to provide guidance,
requirements and documentation for security related purposes. · Identify and resolve problems or refer issues
appropriately. · Communicate effectively with internal and external
customers. · Adapting to the needs of internal and external customers. · Assuring compliance with regulatory, contractual and
accreditation entities. · Maintaining strict adherence to confidentiality and
security policies and procedures. ·
Participating
in special projects and perform other duties as assigned. SOAL Technologies for (Texas
Department of Public Safety) Austin, Texas 01/2015-6/2015 Senior
Cyber Security Engineer/ IT Risk Advisor (Contractor) · Performed third party
vendor risk, project risk, and technology risk assessments. · Deployed, managed and enforced Windows 8 security settings
while also developing/creating a NeXpose SCAP tool within Configuration
Compliance Manager and RSA Archer for Security scanning template to ensure
configuration compliance and continuous monitoring. ·
Monitored and
analyze security logs for threats and exceptions, analyze trends and address
risks. ·
Provided Information
Security consulting and subject matter expertise on third party service
contracts and/or outsourcing arrangements. · Abided by NIST standards Risk Management Framework for
performing vulnerability scanning, data analysis, using Archer Tool, NeXpose
Vulnerability Scanner for the mitigation of vulnerabilities of Application
Servers, SAP databases, Cisco routers, WLAN’s switches, IDS/IPS, SAN’s
Storage, Linux servers, UNIX and ISS Web Servers. CACI
INTERNATIONAL for (National Security Agency) San Antonio, Texas 6/2013-
5/2015 Principal Proprietary Security Systems Specialist III (Global
Security Operations Center) (Contractor) · Strategized and advised with C-level executives with
innovation in mitigating new threats while performing research in focused
areas of network security and computer network defense. ·
Maintained and
monitored NIDS, HIDS, SIEMs, web proxies, antivirus proprietary file servers,
network access; and analyzes intrusions for system anomalies to ensure
optimum equipment performance for Global Enterprise Command Center which
covers Texas, Georgia, Washington D.C., Maryland, Hawaii, Asia, Africa and
Europe. ·
Supported the Cyber Incident
Response Team (CIRT) in the effective detection, analysis, and containment of
cyber attacks. · Assisted in the development of network analysts tasked
with monitoring the network security of public, private, government, and
defense sector computer networks supporting the National Security Agency. · Collect and analyze threat intelligence using RSA Archer. ·
Trouble-shooted
determined problems for customer specific operating systems and applications.
Defined and classified level, priority and nature of problem, request and/or
issue. If unable to diagnose problem and/or problem requires physical
interaction with end user the technician escalates problem to the appropriate
team. · Trained new analysts and assist existing analysts in
refining their abilities. IBM Herndon, Virginia 11/2012-6/2013 Management
Consultant of Governance Risk Controls & Data Security & Privacy
(SME) ·
Reviewed SOW's, PWS's, MSA's for
large clients implementing and reassessing control gaps using gap analysis
for changes to architecture for quarterly audits on federal and private
sector projects to ensure security and privacy is built robustly throughout
the projects entire life- cycle. ·
Worked on multiple projects
implementing CoBIT security controls supporting mainframes, ERP systems,
server's databases, networks, desktops and SCADA systems. ·
Responsible for execution of the
IT Risk strategy in symphony with client's security objectives. ·
Abided by regulatory requirements
of NIST, FISMA, Privacy Act, HIPAA/HITECH, GLBA, SOX, ITAR, PCI-DSS, SCADA
and NERC. ·
Improved employee awareness of
security IT policies, improving data security plans and standards using RSA
Archer. ·
Point of contact for all IT audit,
IT SOX and compliance related issues. ·
Worked with clients for applying
risk frameworks for Cloud Computing Security, SCADA systems, and ERP (Oracle,
SAP) implementations. ·
Minimized risk exposure for
multiple clients with IT integration projects of more than $20m dollars. Booz Allen Hamilton, Norfolk, Virgina 1/2012-11/2012 Senior
Consultant for Cyber Risk Vulnerability Assessor and Information Assurance ·
Ran vulnerability scans using
Retina, VMS and Goldisk for testing for mitigation of patches and updates for
application layer malware, viruses and network vulnerability against DISA
STIGs baselines for Windows Server 2K3, 2K8, Cisco L2, L3 switches, Cisco
infrastructure, perimeter routers, Data Loss Prevention, HBSS, and RSA Archer
for all U.S. Naval Cyber Fleets architecture for all U.S. Naval Bases in the
United States, Italy, Bahrain, Singapore, Saudi Arabia, Abu Dubai and Japan. · Translated business requirements into technology
requirements for inclusion in contracts, responding to request for proposals
and/or statements of work (SOW). ·
Performed C&A and
implementation of NIST IA controls using eMASS for uploading artifacts,
documentation of COOPs, ISP, PPS, POA&Ms and provided for in-depth review
of policies and controls. Kforce Government
Solutions,
San Antonio, Texas 11/2010- 11/2011 Information
Assurance Engineer (INFOSEC) (Contractor) Prepared and
implementation of IA controls using eMASS for Certification and Accreditation
(C&A) for, DIACAP in accordance to Air Force Contract Augmentation
Program (AFCAP) for DoD and NIST policies. Ran DISA STIGs and
mitigation for application and network layer vulnerabilities and the
implementation of SaaS Business Intelligence software using running Windows
2008, and Apache Servers, SaaS Metaframe and other COTS, GOTS and in
compliance controls with NIST Special Publications 30,37,39,53. Completed
documentation for SIP, DIP,COOP's ISP, PPS, POA&M's and uploaded into
eMASS Ran Retina scans and
also used RSA Archer to detect changes to architecture and detecting new
virus and malware vulnerabilities for mitigations against
cyber-attacks.
Christus Health
Technology Center,
San Antonio, Texas 6/2010- 11/2010 Network
Systems Operator II (NOC)
Developed
implemented advanced incident management, security policies for risk
management to network architecture. ·
Monitored , configured ,
enterprise wide LAN/WAN issues for 350 medical facilities for Cisco, 3550,
4006,6500, VMware ESX 3.5 Servers, VMware, Citrix virtual machines, and
Meditech Medical Information Systems. ·
Provided problem management,
security management, and proactive analysis using HP Service Manager, HP
OpenView Network Node monitor to identify system deficiencies and problems
including, operational, capacity and performance aspects. Computer Science
Corporation,
Ft. Sam Houston Texas 1/2010-3/2010 Lead
Network Security Consultant (Warfare Focus INFOSEC) (Contractor) ·
Designed and implemented secure
LAN/WAN architecture and IT systems solutions; defining and refining security
requirements; formulating sound security architectures. ·
Conducted technical security tests
and evaluations; conducting risk vulnerability assessments of IT systems;
provided detailed risk mitigation for NIST guidelines. Evaluated, tested, and
documented current network technology baseline to DIACAP Cisco router and
switch and server technologies for Windows 2008, at Computer Science for Ft.
Sam Houston's network architecture. ·
Incorporating risk management in
the IT strategy development and application selection process focus on NIST
Special Publications 800-30, 37, 39, 53. Harland Clarke, San Antonio
Texas
12/2007-6/2009 Senior
Netcom Security Engineer (SOX and PCI Compliance)
Conducted
risk assessment audits, network traffic analysis of Data Center's of 15
Plants for all of Harland Clarke's base plants and checking printing
facilities across the U.S. and Puerto Rico. Performed hardware
upgrades for SAS-70 SOX, PCI compliance audits for all the Cisco hardware,
created and updated security scripts for all Nortel and Cisco routers,
switches, MDS 9000 Blade Center devices, access-list, IPSec VPN's, PKI, ASA
PIX firewalls, remote boot devices. Performed
vulnerability security scans using ArcSight (ESM) both internal and external
locating threats and potential points of intrusion for web applications,
LAN/WAN architecture and implemented security hardening for those devices
using eEye Retina, and eguardpost. Verified user accounts, passwords,
community strings, and eliminated unused services in a significant cost
savings and lowering risk profile. Accenture, San Antonio, Texas 8/2006-12/2007 Senior
Consultant for Network Security Engineer (SOX and PCI Compliance)
·
Designed, and managed risk
assessment of network security policies for SOX, SAS-70, PCI-DSS, NERC, SCADA
Systems, compliance audits of LAN/WAN/MAN & re-engineered new processes
that incorporate strong risk management for J2EE applications, virtual
servers, SAP, and Oracle databases. ·
Performed risk management
vulnerability scan assessments for clients, locating threats and potential
points of intrusion for LAN/WAN/MAN architecture and implemented security
hardening black box testing for those devices using Arc Sight, Cisco Security
Manager and eGuard Post. ·
Reporting key risk against
business objectives and facilitating decisions on acceptable risk levels by
embedding risk management principles for Internal and External audit, plus
Control Self-Assessment. Led technology
configurations to support business expansion projects for upgrades and
scaling to meet new architecture demands for new clients and maintaining and
exceeding SLA's for current clients. Home Depot
Technology Center,
Austin, Texas 2/2005-9/2006 Network
Systems Analyst, Network Operations (NOC) ·
Maintained, upgraded and supported
LAN/WAN architecture for existing systems of approximately 12 Cisco 3550
routers, and Cisco switches, Nortel, Lucent, 20 Cisco Aironet WLAN Access
points, Cisco VoIP, Call Manager 4.2 for all of the Home Depot stores in U.S.
China and Mexico. ·
Familiar with TCP/IP, IPX/SPX,
SNA, DLSW, HSRP, HTTP, SMTP, SNMP, DNS, DHCP, VoIP, EIGRP, BGP, OSPF, and
Network monitoring tools such as Cisco Works and NetCool. Rise Computer
Systems,
San Antonio, Texas 09/2000-2/2005
Principal Information Assurance Architect ·
Created security policies and
procedures for federal information systems, applications and networks to meet
federal security guidelines and requirements. Guidance to harden servers,
operating systems and appropriate application and network layer
vulnerabilities. ·
Managed 4 IT Managers 12
architects to isolate network segments for particular systems, internal
resources and DMZ; work with architects to create firewall and router
rules/configurations sets; create user groups and access controls to enforce
least privileged rules; and worked with administrators to secure wireless
routers. Responsible for a variety of systems running Windows 2003, IIS,
Oracle, SQL. ·
Translated business requirements
into technology requirements for inclusion in contracts and/or statements of
work (SOW) and Master Services Agreements (MSA's). ·
Closed deals across seven lines of
business within a single year winning the highest number of value and new
business for the business. ·
Assumed control of customers
dissatisfied with level of service to gain confidence back by exceeding
service level agreements and providing proactive and superior quality
services. ·
Performed risk management
assessments; developed and reviewed system security plans, plan of actions
and milestones, security control implementation, configuration management
plans, contingency planning, incident response plans, information security
policy, Rules of Behavior, vulnerability scans and other task specific
security documentation ·
Results of these efforts were that
all documentation was delivered on schedule, security controls were properly
implemented, documented and customers were able to pass auditing without
additional costs. MCIWorldCom, San Antonio, Texas 10/1997-7/2000 Lead
Help Desk Analyst · In charge of analyzing quality of tickets opened, coaching
and making sure trouble ticket data was accurate over a group of 20 local
representatives. · Isolated and resolved most LAN/WAN connectivity issues and
worked as a liaison to make sure ticket data was accurate for DSL, DID, T-1,
T-2, PBX phone lines before submitting to local switch technicians to repair.
|
|
|
||||||||
|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Languages: |
Languages |
Proficiency Level |
|
English |
Beginner |
|
|
|