I am a highly skilled and advanced IT Specialist with more than 15 years' experience as an IT Specialist, I've expertise in both the Cyber Security and Informational Awareness (IA) fields, having served as an Information Systems Security Officer (ISSO), Host Based Security Administrator (SME-Subject Matter Expert), and an engineer in Systems and Networking Administration with the Department of Defense, with a track record of conceptualizing and implementing strategic initiatives to align security architecture, plans, controls, processes, policies and procedures with pre-established security standards and operational objectives. Proficient in deploying multiple-tier security programs to enhance protection of networks and systems by utilizing advanced software and methodologies. Adept at managing and mentoring teams and effectively resolving critical issues concerning end-users and back-end teams. Highly skilled in championing cross-functional responsibilities and executing complex IT projects to enhance user experience and deliver compelling business values to clients.
KEY SKILLS: -HBSS & McAfee ePolicy Orchestrator (ePO) TECHNICAL SKILLS:
| -McAfee ePolicy Orchestrator Server
-TCP/IP, AAA, TACACS+, HTTP/S, DNS, DHCP, sFTP, NTP. |
Served as an IT Specialist/Information Systems Security Officer (ISSO) for the AFN-BC. Ensured the confidentiality, integrity, system security and availability of the network and provided network administration support to the Non-secure Internet Protocol Router Network (NIPRNET).
• Tracked, monitored and controlled the network to ensure AFN-BC's information systems' reliability and accessibility. Ensured interfaces were constantly patched and in compliance to defend against unauthorized access to system devices. Developed policies, procedures and standard operating procedures to ensure 100% uptime for all system devices. Ensured vulnerability risk assessments, systems security evaluations, audits and reviews were constantly monitored.
• Accessed the Enterprise Mission Assurance Support Service (eMASS) system to ensure AFN-BC's infrastructure was in compliance in order to obtain certification and accreditation for authority to operate (ATO). Maintained currency of applicable Information Assurance (IA) policies and regulations as relates to ATO accreditation. Prepared for and passed a successful Cyber Command Readiness Inspection (CCRI) in 2016.
• Experience in CCRI Penetration Testing (Pen-Test/Pen-Tester) using DoD Cyber Command SCAP vulnerability scanner, and Tenable Nessus scanner. Pen-test experience includes a Cybersecurity Assessment (CSA) application.
• SIEM Management: Past experience includes administering a McAfee SIEM, Splunk, and Symantec LEM (Log Event Manager/SYSLOG). Daily duties included being responsible for engineering support, maintenance, and sustainment of log collection and analytic applications in ensuring log collection was performed on all data center systems. Served as the application SME; lead, investigated and diagnosed, workaround enactment, root cause analysis and resolution for all incidents and problems. Was responsible for delivering the capabilities needed through these tools to meet DoD Cyber Command Security and operational requirements, creating alerts, dashboards, and reports based on the analysis of log data. Was responsible for recommending and executing architectural changes to the application deployment, applying vendor recommended security patches and updates, remediating security vulnerabilities, and hardening of the application to meet DoD security baseline security and compliance standards. Was responsible for maintaining the InfoSec documentation for the product suite and any and all Standard Operating Procedures (SOPs) and PPG (Policies, Procedures, Guidelines) documentation developed for the application.
• PPG (Policies, Procedures, Guidelines) / Standard Operating Procedures (SOP) Management: Responsible for creating and implementing the DoD's policies, procedures, and guidelines for implementing logical access controls, conducting software inventories, implementing information security management, and monitoring and detecting data ex-filtration and other Cyber threats. Assessed whether DoD Components followed the logical access control policies, procedures, and practices. PPGs and SOPs drafted by me covered the entire network spectrum from network firewall down to workstation.
• Security Frameworks: Experience with NIST 800-53 Rev. 4 and DoD Risk Management Framework (RMF). Experience with these frameworks defined a standard set of activities and a management process to certify and accredit DOD information systems before implementation and every three years thereafter. Experience included standards for assessment and authorization, risk assessment, risk management, and dynamic continuous monitoring practices.
• Evaluated abilities of units equipped with a system to support assigned missions in the operational environment, which included threats to defend against cyber-attacks, detection of possible network intrusions, and reaction to those threats.
• Successful penetration tests completed. Responsible pen-test assessment for multiple systems; infrastructure hardware/software; users; operators; maintainers; defenders; training; and Tactics, Techniques, and Procedures (TTPs).
• Responsible for the capabilities to Protect, Detect, React, and Restore.
• Pen-tests consisted of a Cooperative Vulnerability and Penetration Assessment and an Adversarial Assessment, both which were performed in the operational environment.
• Implement DISA-mandated TASKORDS and FRAGORDS to ensure systemsecurity policies are in compliance. Ensured network and systems designs stayed current with rigorous compliance with IT security policies to ensure facilitating system accreditation packages are current. Gathered, analyzed and preserved evidence used in prosecuting computer crimes during breach of network information, integrity and availability. Applied security principles, concepts and methods. Provided written and oral communications and recommendations for best course of action to senior management when determining impact on assessment of security events. Implemented corrective actions when necessary.
• DoD Assured Compliance Assessment Solution (ACAS) Administrator. Installed and managed security reporting tools to monitor network resource changes. Led the installation of the AFN-BC's new ACAS system. Provided, updated, and secured network diagrams and documentation. Input and managed the ACAS network vulnerability scanner to ensure 100% compliance with Joint Task Force-Global Network Operations (JTF-GNO) standards and policies. Worked closely in keeping senior management informed of all Category findings and vulnerabilities via the status of ACAS.
• Familiar with deploying, configuring, maintaining and troubleshooting Splunk 6.x in a Windows/Linux environment
• Operation and performance monitoring of collected McAfee SIEM and Symantec LEM information.
• Analysis, design, configuration, implementation, documentation and operation of McAfee SIEM and associated appliances (to include Enterprise Security Manager (ESM), Enterprise Log Manager (ELM), Advanced Correlation Engine (ACE)).
• Identified and integrated internal and external data sources, performed analysis of data trends, created queries and maintained SIEM dashboards.
• Responsible for SIEM security design review and recommendations, technical data gathering, security and policy review and configuration, security device implementation planning, configuration and implementation of security products and technical quality assurance.
• Engineered and administered support to SIEM/Splunk environment to include indexes, indexers, deployment servers, and forwarders.
• Lead technical troubleshooting efforts for DoD environments to identify and eliminate network or security configuration issues for SIEM data collection.
• Host Based Security System (HBSS) Administrator. Solely responsible for deploying the HBSS and its connection to the DISA NIPR SQL Staging Server for content upload. Managed the Vulnerability Management System (VMS) for security issues and report their status. Ensured HBSS security settings on both the server and client workstations using McAfee Data Loss Prevention (DLP) and McAfee Host Intrusion Prevention Service (IPS/IDS) secure and in compliance with DoD Security Technical Implementation Guides (STIG). Identified vulnerabilities on network servers and client workstations and provided solutions to fix vulnerabilities. Worked closely with Help Desk personnel to ensure security on all client workstations. Uses current backup software and technology for systems operation, including scheduling, backup, disaster recovery and system resource management.
• Palo Alto Firewall system administrator. Configured and installed AFN-BC's new Palo Alto Firewall. Monitored and administered in ensuring network performance was at peak performance. Upgraded and updated network products based on vendor specifications using guidance from DoD secure industry associations. Implemented security packages and application updates across multiple operating system platforms using tools like McAfee's Host Based Security System (HBSS). Developed standards and criteria for assessing server performance in ensuring confidentiality, integrity and availability using HBSS. Worked with the Security Content Automation Protocol (SCAP) tool using specific standards to enable automated vulnerability management, measurement, and policy compliance evaluation (e.g., FISMA compliance) in conjunction with the National Vulnerability Database (NVD) government content repository. Investigated, responded to, collected evidence and reported security incidents to Senior Network Manager and senior management. Ensured network servers were compliant with current IA policies.
• Configured the AFN-BC's first disk-to-cloud based backup system ensuring important data was always protected. Recommended equipment upgrades and replacements for obsolete equipment. Ensured information availability to clients and customers by managing and administering off-site tape storage program using Unitrends Backup software. Tested and applied vendor patches and updates over the network to client workstations and network servers using manual techniques and BMC FootPrints Patch software.
• Understanding of network and McAfee Data Loss Prevention (DLP) endpoint security tools and integrated it into the SIEM to provide a cohesive view of network incidents and security.
• Implemented Symantec Data Loss Prevention Three Tier Installation for DoD enterprise, and integration of DLP with Exchange 2003 Server, Microsoft TMG, McAfee SIEM.
• Performed first-level triage, analysis, mitigation, response of routine security incidents, threats, and vulnerabilities., postmortem analysis with lessons learned.
• Provided assistance to the Help Desk, Program Development and DIMOC-Records Center teams providing technical assistance, systems security guidance, training, and problem determination. Assessed customer needs and provided quality customer service to clients and customers. Resolved client and customer needs for fast and quick efficiency to meet client/customer expectations.
• Troubleshot and determined hardware and software failures. Provided recommendations for replacing defective devices attached to the network and make configuration changes to the network when hardware and software failures occur. Recommended solutions to network failures which decrease system performance. Captured data loss on the network for forensic analysis during periods of decreased performance. Evaluated and recommended selection of new systems.
• Comprehensive knowledge of TCP/IP network protocol, Dynamic Host Control Protocol (DHCP), Windows Internet Name Server (WINS), Domain Name Service (DNS), Simple Mail Transfer Protocol (SMTP), Blackberry Exchange Server (BES) and Windows Server Administration. Performed system administration duties and responsible for installation, administration and maintenance in support of the Active Directory architecture and its support functions. System Administrator for Windows and UNIX servers, worked closely with the Senior Network Manager.
Served as a contract IT Specialist (Security/Network Services) for the Defense Media Center (DMC) and the Defense Imagery Management Operations Center (DIMOC)-Riverside, field activities of the Defense Media Activity (DMA). Ensured the confidentiality, integrity and availability of the network and provided network administration support to the Defense Media Center's Non-secure Internet Protocol Router Network (NIPRNET).
• Ensured information systems reliability and accessibility to track, monitor and control the network. Knowledge of network interfaces in ensuring defense against unauthorized access to system devices was prohibited. Developed policies, procedures and standard operating procedures in ensuring 100% up-time for all system devices. Focus on attention to details in ensuring that vulnerability risk assessments, systems security evaluations, audits and reviews were adhered to by company policy.
• Ensured implementation of appropriate system security policies as outlined by company policy. Ensured that network and systems design stayed current. Gathered, analyzed and preserved evidence used in prosecuting computer crimes during breach of network information, integrity and availability. Ability to apply security principles, concepts and methods. Provided written and oral communications and recommendations for the best course of action to senior management when determining impact on assessment of security events. Implemented corrective actions when necessary.
• Provided, updated, and secured network diagrams and documentation. Performed system administration duties for Windows and UNIX servers working closely with the Senior Network Administrator. Input and managed the DoD Vulnerability Management System (VMS) in ensuring 100% compliance with Joint Task Force-Global Network Operations (JTF-GNO) standards and policies. Worked closely in keeping senior management informed of all Category findings and vulnerabilities via the status of VMS.
• Problem solving skills were applied by identifying vulnerabilities on network servers and client workstations. Used sound judgment to address and provide solutions to fix vulnerabilities. Attention to detail when performing administration duties for the Blackberry Enterprise Server (BES) and its connection with the Exchange server. Ensured Blackberry security settings on both the server and the Blackberry units were secure and in compliance with DoD Security Technical Implementation Guides (STIG). Worked closely with Help Desk personnel in ensuring security on both the server and Blackberry devices. Knowledge of systems operation, including scheduling, backup, disaster recovery and system resource management using current backup software and technology.
• Provided assistance to the Help Desk, Program Development and DIMOC-R teams providing technical assistance, systems security guidance, training, and problem determination. Provided quality customer service to clients and customers to assess their needs. Provide resolution to client and customer needs for fast and quick efficiency to meet client/customer expectations.
• Troubleshot, and determined hardware and software failures. Provided recommendations for replacing defective devices attached to the network and made configuration changes to the network when hardware and software failures occurred. Provided recommendation and solution to network failures which decreased system performance. Captured data loss on the network for forensic analysis during periods of decreased performance. Evaluated and recommended selection of new systems.
• Working comprehensive knowledge of TCP/IP network protocol, Dynamic Host Control Protocol (DHCP), Windows Internet Name Server (WINS), Domain Name Service (DNS), Simple Mail Transfer Protocol (SMTP), Blackberry Exchange Server (BES) and Windows Server Administration. Ability to perform system administration duties in support of the Exchange/Active Directory architecture.
• Monitored and administered Checkpoint Firewall in ensuring network performance was at peak performance. Upgraded and updated network products based on vendor specifications using guidance from DoD secure industry associations. Implemented security packages and application updates across multiple operating system platforms using tools like Systems Management Server (SMS). Conducted risk and vulnerability assessments, audits and reviews using Retina security software. Reported compliance within Vulnerability Management System (VMS). Investigated, responded to, collected evidence and reported security incidents to Senior Network Manager and senior management. Ensured network servers were compliant with Information Assurance policies.
• Recommended equipment upgrades and replacements for obsolete equipment. Developed standards and criteria for assessing server performance in ensuring confidentiality, integrity and availability using Host Based Security System (HBSS). Ensured information availability to clients and customers by managing and administering off-site tape storage program using Veritas Net Backup software. Tested and applied vendor patches and updates over the network to client workstations and network servers using Shavlik Patch software.
Responsible for designing and implementing an Active Directory infrastructure for the enterprise-level network.
• Managed and maintained 30+ Windows 2000/2003 servers with services such as DNS and WINS and managed internal and external DNS servers for domain name resolution services.
• Maintained and managed Symantec Endpoint AntiVirus server in ensuring proper execution of current virus definition updates for networking servers and client workstations.
• Managed the Shavlik SUS server in ensuring proper and timely execution of critical patching processes to networking servers and client workstations.
• Maintained and administered Checkpoint Firewall rules and firewall management database.
• Migrated Windows Exchange 5.5 server to Exchange 2003 mail server.
• Upgraded the network from a 3Com-Switch environment to a Cisco Backbone with 6500's and 4500 switch platforms. Migrated the network from a flat network scheme to a hierarchical network scheme using VLANS.
• Provided 24 x 7 advanced network troubleshooting for both user accounts and network issues.
• Configured, installed, and maintained the Juniper Secure SSL VPN server for remote users.
• Configured, installed, and maintained the Juniper Intrusion Detection and Prevention/Intrusion Detection System (IDP/IDS) server.
• Maintained the Active Directory Domain Controllers for the network. Performed network administration to include creation and maintenance of user accounts, and permission configurations using Active Directory Users and Computers (ADUC).
• Performed Procurement Defense Desktop (PD2) and Genero application administration to include creation and maintenance of user accounts, and permission configurations.
• Ensured the Public Key Infrastructure (PKI) solution utilizing Smart Card Authentication with Common Access Card validation for user-based login to network for compliance within Defense Information Security Agency (DISA) & Joint Task Force-Global Network Operations (JTF-GNO) Common Tasking Orders (CTO) and standards remained functional.
• Researched DoD/DISA/DITSCAP/NIPRNET STIG's and guidelines.
• Implemented security measures as dictated by Government policy as it applied to networked servers, firewalls, and intrusion detection systems in order to maintain compliance with security standards.
• Assessed and evaluated Information Assurance Vulnerability Advisories (IAVA) as they were received from the JTF-GNO and determined what security measures were required for network compliance.
• Maintained network security posture compliance via the JTF-GNO Vulnerability Management System (VMS). Reported compliance for newly released system vulnerabilities against DMC-DIMOC network.
• Configured and installed Dell Power Edge 2850 and 2950 server systems for network programmers and DBA's for usage. This included complete TCP/IP stack configuration, network connectivity, securing vulnerabilities, and ensuring ease of use.
• Administration of Veritas Net Backup v6.5.3 for domain-wide network backup using LTO4 tapes.
Planned, designed and implemented/installed wide-scale data communications network (LAN/WAN) consistent with company requirements.
• Provided advanced network monitoring troubleshooting network, routing, LAN, WAN, and network security vulnerabilities; applied network security patches to all networked servers and client workstations; provided support of networks (i.e. installed, troubleshot, upgraded, developed and documented solutions to technical problems) to assure proper execution.
• Adhered to DISA Field Security Operations (FSO) & JTF-GNO security regulations for securing networked servers and client workstations.
• Applied network security patches/hotfixes to all networked servers and client workstations.
• Researched DoD/DISA/DITSCAP/NIPRNET STIG's and guidelines.
• Implemented security measures as dictated by Government policy as it applied to networked servers, firewalls, and intrusion detection systems in order to maintain compliance with security standards.
• Assessed and evaluation Information Assurance Vulnerability Advisories (IAVA) as they were received from the JTF-GNO and determined what security measures were required.
• Developed test plans and experimented and conducted testing of various LAN management software and communications products.
• Working knowledge of Windows OS (NT, 2000, XP, 2003) administration users, user accounts, user permissions, installations, security and general troubleshooting.
• Working knowledge includes common network and TCP/IP protocols (i.e. Telnet, FTP, SMTP, HTTP, HTTPS, DHCP, DNS); responsible for administration of both Windows based and UNIX/Solaris/Linux-based servers.
• VERITAS NetBackup v5.0 Volume Manager and file system administration.
• Experience with high availability of clustering software, RAID disk arrays, shared storage, NAS and SAN.
• Supported Defense Visual Information Center (DVIC) Media Inventory Management System (MIMS) and SEER systems to include troubleshooting and correcting Automated Storage and Retrieval System (AS/RS) aisle problems, administration of SEER user accounts, and general workflow issues as backup support to the DVI team.
• Provided assistance to the IT Help Desk/Program Development and DVI teams providing technical assistance, systems security guidance, training, and problem determination.
Member of:
-Information Systems Security Agency (ISSA) of Orange County, CA.
-Society of Broadcast Engineers (SBE), Riverside, CA, Chapter 131.
Certified in:
-CompTIA Security+
-CompTIA Network+
-CompTIA Linux+
-Microsoft Certified Professional (MCP): Planning & Maintaining a Microsoft Windows Server 2003 Network Infrastructure.
-Microsoft Certified Technology Specialist (MCTS): Windows Server 2008 Network Infrastructure: Configuration.
-Society of Broadcast Engineers (SBE) Certified Broadcast Network Technologist (CBNT).
--Society of Broadcast Engineers (SBE) Certified Broadcast Technologist (CBT).
Job Related Training:
-Held Security Clearance with SSBI.
-CompTIA Advanced Security Practitioner (CASP) – June 2016
-Host Based Security System Administrative 201 – May 2016
-eMASS 5.1 Deltas DCO – Sep 2015
-Enterprise Mission Assurance Support Service (eMASS) CBT in Support of the DoD RMF
Authorization Process – Sep 2015
-Risk Management Framework (RMF) for DoD IT Fundamentals – Jun 2015
-Risk Management Framework (RMF) for DoD IT In Depth – Jun 2015
-SANS® Advanced Security Essentials Global Certified Enterprise Defender (GCED) – May
2015
-SANS® +S(TM) Training Program for the Certified Information Systems Security Professional
(CISSP) – May 2015
-DISA HBSS 4.5 Advanced Administration (2011 & 2012 Versions) Jul 2011/Mar 2013
-DISA HBSS 4.5 Administration (2011 & 2012 Versions) – Jun 2011/Dec 2012
-Veritas NetBackup 6.5 for Windows Administration – Aug 2009
-Certified Information System Security Professional – Jul 2006
-CCNA Bootcamp (ICND + INTRO) – Jun 2005
Resumes, and other information uploaded or provided by the user, are considered User Content governed by our Terms & Conditions. As such, it is not owned by us, and it is the user who retains ownership over such content.
School Attended
Job Titles Held:
Degrees
