Accomplished, professional, and detail oriented Navy veteran. Passionate about new technology and learning new concepts.
Education
Expected in
Bachelor of Science: Cyber Security University of Maryland University College - College Park, Maryland GPA:
Certifications
CompTIA Advanced Security Practioner (CASP)
Amazon Web Services Certified Solutions Architect: Associate
CompTIA Security+ Certified
Microsoft Certified Systems Administrator(MCSA) in Windows Server 2003 and XP
CompTIA A+ Certified
Skills
7+ years experience in Cybersecurity, Information Technology, and Risk Management
Leadership and management of an ever-changing workforce
Ability to adapt in a fast paced and time sensitive environment
Ability to communicate well, both orally and through writing
Expert knowledge of NIST/FISMA requirements and policy
Experienced in vulnerability management and compliance regulation
Highly technical network background with extensive knowledge of security tools and remediation methods
Work History
11/2016 to Current
Security Control Assessor (SCA)Bae Systems – Fairview Heights, IL,
Reviewed technical and administrative controls and conducted RMF per the NIST 800-53, NIST 800-37 and CNSS 1253 requirements.
Drafted and reviewed security artifacts including, but not limited to, System Security Plans, inventories, contingency plans, security control traceability matrices, and security assessment reports.
Conducted Annual assessments of sites on compliance with organizational policy.
Drafted and managed POA&M for authorized systems with appropriate remediation suspense dates and tracked findings until closure. If the POA&M would never be met, familiar with exceptions and waiver process as well as residual risk acceptance.
As an assessor for cloud systems, designed the A&A process used for the AWS environment and drafted templates to be used in an agile SDLC.
Experience with Nexpose Rapid 7 scanning tool, SPLUNK audit log aggregation tool, HP Fortify, Webinspect, as well as McAfee EPO.
Reviewed and assessed seven different systems of different classification, scope, and mission and determined residual risk and mitigation methods to ensure the system was operating in it\'s most secure state.
2015 to 11/2016
Information Systems Security ManagerRtx – Solvang, CA,
Led a division of 12 personnel in normal operational conditions managing and maintaining three network enclaves for 290 users and multiple voice and data circuits to include all outbound communications.
Served as subject matter expert for site accreditation and Authorization to Operate (ATO) for command, ensuring all proper Information assurance paperwork was provided and that a proper vulnerability management program was in place and ran property in compliance with Department of the Navy standards.
Oversaw and directly managed command Cryptography program, including 1,415 keys and associated cryptographic equipment. Familiarity with all Inline Network Encryption (INE) methods including symmetric, asymmetric, and hashing methods.
Primary HBSS Administrator, managed two enclaves and 12 programs of record (POR) for regular vulnerability scanning and patch application. Managed Host Intrusion Prevention, Intrusion Detection, and Data Loss Prevention Agents through the use of EPolicy Orchestrator.
Worked with both eEye Retina and ACAS as the primary means of vulnerability assessment and applied necessary patches and hot-fixes to ensure maximum availability and development of a stringent security posture.
Ran the organization webpage using HTML and MSSQL management. Created webpages, updated current webpages and developed associated web platforms to assist in the everyday production and efficiency at the command.
Familiar with CISCO and Alcatel network device management and configuration including port management, access list creation and editing, and general network troubleshooting.
11/2011 to 11/2014
Information Systems Security OfficerBooz Allen Hamilton Inc. – Rockville, MD,
Lead six personnel in the
Information Systems Security division during all activities and information
systems security processes as directed by the DCID 6/3, ICD 503, Risk Management Framework (RMF) and DoD
Information Assurance Certification and Accreditation Process (DIACAP) control
frameworks.
Designed, developed, engineered, and implemented all security related solutions that meet security requirements with Department of Defense (DoD) standards.
As Security Team Lead during
three command security inspections, gained Authorization to Operate (ATO) for seven classified systems operating at three different Protection Levels.
Constructed reports and Plan of
Action and Milestones (POAMs) based on the results of vulnerability assessment
tools, including Gold Disk, eEye Retina, STIGViewer, Assured Compliance Assessment Solution (ACAS), and SCAP automation protocol scanner to ensure DoD and government compliance within the command.
Provided guidance and assistance to other units and agencies responding to security events, maintaining status of Information Assurance Vulnerability Alerts (IAVA), DISA assist bulletins, and compliance with other related Certifications.
Established and managed the system Public Key Infrastructure for over 250 users. This included installing software, ordering tokens, and making regular reports on completion status.
Assisted in the management of Group Policy Objects (GPOs) and regular event monitoring
used in support of the Information Assurance Vulnerability Management
(IAVM) program and general Computer Network Defense (CND) Program.
Resumes, and other information uploaded or provided by the user, are considered User Content governed by our Terms & Conditions. As such, it is not owned by us, and it is the user who retains ownership over such content.
How this resume score could be improved?
Many factors go into creating a strong resume. Here are a few tweaks that could improve the score of this resume:
