Pursuant of a position as an IT Security Analyst that will allow the opportunity for professional growth while utilizing my solid knowledge and skills of DoD Cybersecurity Policies and obtaining my CISSP certification.

·        Seventeen years of experience supporting the Federal Government in the IT industry with demonstrated expertise in IT Security, Systems Administration, technical writing, and hardware/software integration.

·        Performs internal security assessments using manual and automated tools Nessus, SCAP Compliance Checker and STIGViewer; experienced with documenting remediation recommendations from internal audits ensuring Information Systems meet the requirements of Federal Government policies, standards and guidelines from FISMA, RMF, CNSSI, NIST, and FedRAMP; create and update POA&Ms from Vulnerability scans, NIST SP800-53 rev4 and CNSSI No. 1253 security controls

·        Experience in leading focus groups, projects, and tasks to meet milestones, deadlines, and customer expectations

·        Demonstrates the ability to effectively communicate orally and in writing with all organizational levels, including internal and external customers and management.

Certified Ethical Hacker, C|EH

CompTIA Security+ CE

ITIL v3 Foundation Certification

Microsoft Certified Systems Administrator (MCSA 2003)

Microsoft Certified Technology Specialist (MCTS: Windows Vista)

Microsoft Certified Professional (MCP 2003)

 

 

TS/SCI Clearance

 

Cybersecurity Analyst (Security Assessment Team\Blue Team), SMS, 5/15 – Present

 

·        Travel to U.S. Coast Guard facilities worldwide to conduct Pre-Command Cyber Readiness Inspection (CCRI) on Classified and Unclassified Networks ensuring Information Assurance and CND Directives compliance by utilizing DISA’s STIGs: Multifunction Device, Windows Operating Systems, Network Infrastructure L2 Cisco Switch, and L3 Router, review documentation (POA&Ms and System Security Plan (SSP)), interview USCG personal on-site and conduct physical security observations in accordance with NIST 800-53rev4 controls.

·        Input Pre-CCRI vulnerability data results into CCRI Scoring Worksheet for the final Security Risk Assessment (SAR) Report presented to upper management and USCG facilities.

·        Run queries and reports within ePolicy Orchestrator 5.1 to ensure HBSS compliance for Operation Order (OPORD) 12-1016 for the entire U.S. Coast Guard

·        Utilize ACAS Nessus Security Center 4.8.1 to perform SCAP compliance scans to import into STIG Viewer for manual security audits, run Network discovery scans and export vulnerability reports.

·        Perform website verification request utilizing open source websites (i.e. VirusTotal, TrustedSource, and Urlquery) and USCG Blacklists.

·        Perform Firewall and DNS request for entire USCG referencing USCG DMZ Security Zone Policy Overview and DISA’s Ports and Services Category Assurance List (CAL)

 

IT Security Analyst, n-Link, 5/13 – 5/15

 

·        Managed and configured Retina Network Vulnerability Scanner, performing weekly Discovery and Vulnerability scans while making recommended mitigation measures to other staff members. Refer to US.CyberCom for all IAVMs notices and tech advisories

·        Provided upper management with high-level audit reports using PivotTables for summarizing Category I, II, and III vulnerability findings.

·        Performed Security Content Automation Protocol (SCAP) scans with latest Open Vulnerability and Assessment Language (OVAL) files; comparing results to United States Government Configuration Baseline (USGCB) and DISA Security Technical Information Guides (STIGs).  Uses scan results to ensure compliance with Committee on National Security Systems Instruction No. 1253 (CNSSI No.1253) and National Institution of Standard Technology Special Publication (NIST SP800-53 rev4) guidelines. 

·        Prepared Assessment & Authorization (A&A) package to include Security Assessment Plan (SAP) and Security Assessment Report (SAR); perform and document remediation recommendations from internal audit ensuring Cloud Service Provider’s (CSP) Information Systems meet the requirements for the Federal Risk and Authorization Management Program (FedRAMP), create and update POA&Ms from Vulnerability scans and NIST SP800-53 rev4 security controls for classified devices

·        Member of the Common Service Provider (CSP) Configuration Control Board (CCB) and Governance Board (GB).  Attended weekly CPS CCB/GB meetings to discuss on-going topics and future implementation plans within the organization.

·        Assisted Government Staff with the development of the Department of Commerce’s requirements and policies for issuing and managing PKI certificates; PKI portal template requirements, document and submit Addendum to NSS PKI CSP Registration Practice Statement v.1.1 for any modifications to CNSSI 1300

·        Authorized Web Registration Authority Officer (WebRAO) for generating ICPKI certificates for Department of Commerce users. Help users import ICPKI Certificates after registration within Scattered Castles and Intelink websites.

·        Responsible for managing and implementing McAfee Email Gateway for classified networks.

·        Responsible for managing and implementing classified WSUS Server.  Provide management with weekly status reports for missing patches that are required on all client workstation, Thin Clients, and servers.   Configure local and domain policies ensuring workstations and ThinClients are rebooted in a timely manner to avoid the risk of any open threats or vulnerabilities on the network.

·        Utilized Tivoli Endpoint Manager (BigFix) for deploying third party software applications and updates.  Create and use built-in Fixlets to configure registry settings and other manual settings that are required by DISA STIG on multiple workstations and servers. Use airgap tool to update classified servers.

 

 

 

 

 

 

 

Senior IT Security Administrator, Sotera, 4/08 – 5/13

 

·        Managed and updated Retina Network Scanner with latest Engine and SCCVI Audit files weekly. Utilize DISA Gold Disk to achieve certification and accreditation for all systems to connect to DoD Networks 

·        Worked closely with IA to conduct routine hardware and software audits for over 100 workstations and 200 + servers to ensure compliance with Army Regulation 25-2 and DISA Security Technical Implementation Guides (STIGs), Submit POA&M and ETP/AORL for all known vulnerabilities from ACA and IG Audits

·        Assisted Information Assurance team with Hercules Remediation Manager 4.5 in mitigating findings for DOD systems on classified and non-classified networks.  Ran baseline scripts to meet INFOCON threat levels.

·        Viewed real time event logs via ArcSight console for troubleshooting network, hardware and software issues

·        Managed WSUS and Symantec servers to ensure the integrality and security on server technologies across all four classifications. Refer to Cyber Command website to view all IAVM notices

·        Conducted research and testing for Information Assurance Vulnerability Management mandates on classified and non-classified systems.

·        Responsible for the installation, maintenance, configuration, and integrity of computer hardware and software.  Support application Administrators and Developers in performance tuning, testing and upgrades 

·        Implemented and configured Distributed File System (DFS) and File Replication Service (FRS) to simplify access to files and folders across the network.

·        Troubleshoot Group Policy settings with the use of importing .inf files within the Security Configuration and Analysis snap-in tool

·        Provided management with weekly reports, status updates on all projects in a timely manner

 

PKI Registration Authority Operator (RAO) Training, Herndon, VA

PKI RAO Completion Certificate – March 2014

 

 

SecureNinja, Alexandria, VA

CISSP Boot Camp – March 2012

 

Global Knowledge Training Center, Arlington, VA

MS Exchange 2010 – January 2010

 

MITRE-2, McLean, VA

VMware Virtual Infrastructure 3.5 Install and Configure – January 2008

 

Global Knowledge Training Center, Arlington, VA

2003 MCSA Boot Camp – December 2007

 

Capitol College, Laurel, MD

B.S. Computer Engineering Technology – May 2002

 

 

Hardware:McAfee Email Gateway Appliance, HP, Compaq and Dell Servers, Dell, IBM and HP Laptops, Compaq and Dell notebooks, Konica Minolta, HP LaserJet and Xerox  printers, scanners and NIC cards

Software:Nessus Security Center 4.8.1, Microsoft Windows Vista/7, Microsoft Office 2000/2003/2007/2010, Microsoft Exchange 2003/2010, Content Manager, Microsoft Windows 2003/2008 Server, Active Directory, Secure Copy 2.0, RSA Secure ID, Microsoft Project, Microsoft Visio, Symantec Antivirus Corporate Edition, Symantec Backup Exec 10, McAfee ePolicy Orchestrator, McAfee Email Gateway, McAfee Network Security Manager, SpiceWorks, SoalrWinds KiWi Syslog, Hercules Remediation Manager 4.5, Surf Control, Heat and Remedy Tracking Software, DISA Gold Disk, WASSP Scan, Beyond Trust Retina Network Scanner, SCAP Compliance Checker (SCC) tool, STIG Viewer, ArcSight, WSUS, System Center Operations Manager (SCOM2007), Systems Management Server 2.0, Symantec GHOST 7.5, VMware, Citrix Client, Vulnerability Management System (VMS), Endpoint Manager (BigFix), PKI/PKE

 

REFERENCES AVAILABLE UPON REQUEST

1