LOUIS SEEFRIED

*** ***** ***

LOCUST GROVE, GEORGIA 30248

CELL PHONE 770-***-**** E-MAIL acfsvl@r.postjobfree.com

M.S. in Information Technology with specialty in Information Security

Department of Defense Security Clearance (Top Secret)

Industry certifications including PMP, CISM, CISSP, and ITIL

Employee of the Year (2012) and Quarter (Q4 2011) at DCMA NOSC

Subject Matter Expert In Information Security Governance, Incident Response,

Vulnerability Management and Risk Management

Member of InfraGard - FBI/Private Sector Organization

Ability to take charge and make important decisions with limited information

within stressful situations

SunTrust Banks, Inc July, 2013 - Present

Technology Risk and Compliance Information Security Governance -

Information Security Solutions Officer

Responsible for managing relationship between Technology Risk and Compliance and assigned

business units to ensure compliance with Information Security Risk Assessment process

throughout the System Development Lifecycle (SDLC); provide information security awareness

training on current topics or existing processes; and perform risk analysis related to the sharing of

SunTrust data with third-party suppliers to ensure appropriate level of data protection.

Relationship Management

o Serve as primary information security point of contact for assigned business units to

address routine questions, investigate security events and assist with timely execution

of security related requests to avoid Information Security related delays

o Responsible for handling business unit escalation of security process concerns with

solution implementation that require coordination with additional information

security support teams to resolve non-standard Information Security issues

o Participate in business unit meetings to build a relationship with the business unit

leadership to ensure that information security related issues are addressed in a prompt

manner

Information Security Governance

o Participate in Information Security Policy and Standards review process to ensure

currency with deployed technologies, industry best practices and ease of

understanding by user community

o Complete Information Security Risk Assessment process for applications and third-

party service providers to ensure proper protection of SunTrust information/data

o Document non-compliance with Information Security Policy and technical standards

to ensure that risk is properly mitigated and/or remediated

o Perform Business Risk Impact Analysis (BRIA) for new and existing technologies in

accordance with SunTrust Information Security Risk Assessment process

o Determine potential regulatory impact of data confidentiality or integrity issues

related to federal, state, local agency regulations or industry standards such as

1

LOUIS SEEFRIED

PHONE 770-***-**** E-MAIL acfsvl@r.postjobfree.com

Sarbanes-Oxley Act (SOX); Gramm-Leach-Bliley Act (GLBA); Health Insurance

Portability and Accountability Act (HIPAA); and Payment Card Industry (PCI)

standards as part of Information Security Risk Assessment process

System Development Lifecycle Support

o Engaged in project kick off meetings to understand project scope, impact to existing

environment and compliance with third-party service provider engagement processes

o Review technical design documentation to determine applicable information security

standards for inclusion within project requirements to ensure compliance with

information security policy and standards

o Address information security related questions from project teams to ensure project

compliance with information security policy and standards

o As needed, engage and coordinate project related information security activities

associated with Technology Risk and Compliance business unit

Information Security Awareness Training

o Create presentations targeted for a variety of audiences from senior leadership (VP)

to end users that enhance understanding of Information Security Policy

o Perform “Introduction to Technology Risk and Compliance at SunTrust” for senior

leaders throughout SunTrust that are new to their role or to SunTrust to improve

understanding of Information Security Policies

o Perform targeted presentations at business unit staff meetings to increase information

security awareness

Information Security Compliance Support

o Develop customized reports within various toolsets to enhance organization

situational awareness or address specific requirement

o Partner with Engineering and Operations Teams to develop solutions to remediate

non-compliance to corporate, legal, regulatory or industry standards

o Evaluate implementation of new solutions to ensure compliance with Information

Security Policy

Information Security and Technology Subject Matter Expert

o Provide assistance to Information Security Incident Management Team during

investigations of complex situations to ensure proper actions are taken

o Partner with Threat and Vulnerability Management Team throughout the

vulnerability management lifecycle to improve SunTrust vulnerability management

o Responsible for review of Information Security Vulnerability Assessments as part of

the Information Security Risk Assessment process to ensure compliance with

Information Security Policy

o Perform ad-hoc Information Security assessment of various high-risk technologies to

ensure that risks are properly documented for inclusion within the Information

Security Risk Management application

September, 2011 – July, 2013

Information Innovators, Inc

Defense Contract Management Agency Network Operations

& Security Center – Information Assurance Engineer

Support Defense Contract Agency (DCMA) Network Operations and Security Center (NOSC)

Department of Defense (DoD) Information Assurance/Computer Network Defense (IA/CND)

programs including management of staff coverage; manage organization Information Assurance

Vulnerability Management (IAVM) program; Computer Network Defense monitoring of host and

network based sensors placed throughout the internal and at the perimeter of classified and

unclassified networks.

2

LOUIS SEEFRIED

PHONE 770-***-**** E-MAIL acfsvl@r.postjobfree.com

Information Assurance and Computer Network Defense Team Lead

o Responsible for supervision of nine team members within a 24/7 environment

o Ensure proper scheduling of operational activities to meet service level agreements as

outlined within statement of work

o Ensure proper scheduling of team members to monitor classified and unclassified

networks as defined within the statement of work

o Mentor team members in Information Security technology, processes and procedures

to improve team sustainability across all shifts

o Provide on-call support for team members to ensure continuity of work activities

Security Intelligence Review, Reporting and Operational Implementation

o Monitor commercial and government cyber security intelligence sources (classified

and unclassified) to generate daily Situational Awareness Reports

o Review cyber intelligence sources for actionable intelligence information that can be

used to implement preventative measures

o Engage other agency personnel in the implementation of preventative measures using

firewall, IPS and HBSS solutions

Computer Security Incident Response

o Responsible for assessment of potential computer security incidents that are reported

via outside agencies and through internal monitoring

o Implementation, coordination and verification of remediation activities related to

identified computer security incidents throughout the agency

o Responsible for coordination of agency response when classified material has been

processed by or through an unclassified system that includes the containment of the

spillage, coordination of remediation of the impacted systems, verification of

remediation activities by other support teams and creation of remediation

documentation

o Responsible for creation of new McAfee ePO dashboard that consolidated

information from multiple queries into a single view to enhance visibility

o Monitor, Research, Remediate and Resolve McAfee Network Security Manager

(NSM) console alerts

o Monitor, Research and Respond to DLP alerts related to leakage of potentially

sensitive (PII, Operation Intelligence and Classified) information

Enclave Security Assessment

o Perform quarterly enclave security assessment using standard penetration testing

methodology

o Use vulnerability assessment tools to gather vulnerability related information that

included open ports/protocols, misconfigured security settings or unpatched systems

o Use CORE Impact to perform automated penetration testing activities with manual

validation of results

o Use Accunetix Web Vulnerability Scanner to perform website and web application

vulnerability assessment activities across DCMA enterprise

Information Assurance Vulnerability Management (IAVM) Program Support

o Implemented eEye REM Console to manage 40+ distributed Retina Network Security

Scanners located throughout the world to lower monthly enterprise scanning from 4

weeks to 2 weeks while improving network discovery coverage and usability of

vulnerability results.

o Lead agency design and implementation of DoD Assured Compliance Assessment

Solution (ACAS) to replace existing eEye Digital Security REM/Retina with Tenable

Network Security SecurityCenter/Nessus vulnerability assessment toolset

o Oversee monthly enterprise vulnerability scanning related activities from network

discovery to placement of results in central vulnerability management repository

3

LOUIS SEEFRIED

PHONE 770-***-**** E-MAIL acfsvl@r.postjobfree.com

o Monitor for and disseminate vulnerability related information to Operational Support

Teams for remediation

o Monitor, report and provide third tier support for remediation activities including

POA&M and DRA documentation

o Perform validation scans to ensure that appropriate remediation activities have been

performed to support “Trust but Verify” activities

Command Cyber Readiness Inspection (CCRI) Support

o Instrumental in providing onsite coordination support during the CCRI activities that

resulted in the command achieving a ranking of Outstanding for both NIPR and SIPR

environments

o Develop Security Technical Implementation Guide (STIG) compliance measurement

documentation and process to assist organization in completing supporting

documentation

o Perform STIG process training for various teams within DCMA to ensure repeatable

and consistent results across the enterprise

January, 2011 – August, 2011

Chickasaw Nation Industries

HHS Computer Security Incident Response Center Data Analyst

Support Department of Health & Human Services (HHS) Computer Security Incident Response

Center (CSIRC) Security Operations Center (SOC) as Information Security Data Analyst to

provide monitoring of internet perimeter traffic for 12 Operating Divisions (OPDIVs) and 17

Staff Divisions (STAFFDIVs) through a standard toolset deployed at the network perimeter that

included the performance of detailed analysis of network captures to isolate malicious activity,

tuning of intrusion prevention systems to reduce false alarms, and perform detailed reporting for

agency related Information Security related activities.

Cyber Security Intelligence Activities

o Receive cyber security intelligence from various government and third party sources

while reviewing submitted cyber security incidents for department wide applicability

o Evaluate received intelligence for applicability to the Department of Health &

Human Services.

o Upon evaluation of intelligence, create department wide communication notifications

to raise awareness and disseminate actionable intelligence resulting in enhanced

cyber security posture across the department

o Evaluate standard toolsets for related detection capabilities, monitor toolsets for

potentially malicious activity and create targeted notifications for individual agencies

regarding potentially malicious activity so that additional investigation can be

completed.

o Review security enclave capabilities to ensure that proper monitoring is in place and

make recommendations on gaps that are uncovered to enhance the overall department

security posture

Incident Research

o Review cyber security incident reports for applicability across OPDIV's

o Use Tipping Point and ArcSight to perform high level research to determine if

OPDIV security incidents apply across environment

o Use Netwitness Informer and Investigator to perform more detailed analysis of

information uncovered in preliminary investigation

o Document results of research performed and provide to government for potential

dissemination to the enterprise or individual agencies

HHS Federal Information Security Management Act (FISMA) Reporting Activities

4

LOUIS SEEFRIED

PHONE 770-***-**** E-MAIL acfsvl@r.postjobfree.com

o Document FISMA incident management reporting requirements to ensure

standardized reporting results

o Create FISMA incident management reporting procedure to support consist and

repeatable reporting

o Support FISMA incident management metric accuracy and reporting at the

Department and OPDIV level for validation and verification prior to reporting to

Office of Management and Budget (OMB)

Security Enclave Toolset Support

o Create NetWitness Informer rules and reports to monitor for suspicious activity

reported through external and internal sources while automating reoccurring reports

to provide continuous visibility of department internet connections

o Perform detailed investigation of suspicious traffic using NetWitness Investigator to

perform packet level analysis

o Review TippingPoint IDS capabilities, identify gaps in filter coverage based upon

current configuration, develop, recommend and implement consistent monitoring

strategy to maximize perimeter security reporting and suspicious event monitoring,

Documentation Support

o Interact with CSIRC staff, government and contractor, to create diagrams of the

existing security enclave environment to outline where tools reside in relation to

agency production network environment

o Develop and document ad-hoc procedures to address critical activities related to

incident management such as closed incident review to improve data contained

within the incident management reporting system

o Create standardized procedure for the handling of weekly malware output reports

Additional Activities

o Provide mentoring to Security Monitoring & Reporting Team (SM&RT) in support

of security enclave toolsets including NetWitness Informer & Investigator,

TippingPoint SMS and ArcSight ESM, Logger and Web

o Enhance existing automated scripts to minimize manual activities such the addition

of manual search criteria, domain ownership information as they are uncovered in

raw reports and reordering the output to more closely follow report template to

minimize copy/paste errors

April, 2002 – January, 2011

Hewlett Packard

US Government Healthcare Security Program Office

July, 2010 – January, 2011

CMS ESD Program System Security Officer

System Security Officer responsible for compliance oversight of HP Enterprise Services CMS

ESD IDIQ with Federal Information Security Management Act (FISMA), Business Partner

System Security Manual (BPSSM), corporate policies and applicable federal legislation through

the ongoing monitoring of operational and administrative activities

Security Program

o Responsible for completion of System Security Plan (SSP), Risk Assessment (RA)

and Business Continuity Plan (BCP) to support Certification & Accreditation (C&A)

and Authority To Operate (ATO)

o Develop, document and implement corrective actions related to issues identified via

self assessments, audit results or vulnerability assessments that can include changes

to existing processes, user education and software/hardware solutions

5

LOUIS SEEFRIED

PHONE 770-***-**** E-MAIL acfsvl@r.postjobfree.com

o Create and update policies based upon changes to the technical environment,

government regulations and evolving threat landscape in accordance with established

security directives

Audits

o Office Of Inspector General (OIG) Chief Financial Officer (CFO) audit in

accordance with Federal Information System Controls Audit Manual (FISCAM) that

resulted in zero audit findings

o Coordinate System Test & Evaluations to address auditor questions, provide

technical guidance and to ensure a seamless event

o Coordinate FISMA Assessment testing of NIST control families

Support Activities

o Participate in business proposals for multi-million dollar, multi-supplier contracts

including validation of ability to meet security requirements, staffing and supporting

documentation

o Perform as subject matter expert related to midrange and network technologies

o Oversee implementation of Microsoft Active Directory resource domain to comply

with Federal Desktop Core Configuration (FDCC)

Information Security Analyst, Senior February, 2008 - June, 2010

System Architecture

o Develop department Federal Desktop Core Configuration (FDCC) solution

o Design/implement centralized monitoring Symantec Critical System Protection for

HIDS, event log monitoring and centralized event log consolidation

o Design/implement SharePoint infrastructure within isolated enclave including system

hardening

o Review Defense Information Systems Agency (DISA), National Security Agency

(NSA), National Institute of Standards & Technology (NIST) and Center for

Medicare & Medicaid Services (CMS) standards for applicability

Security Metrics

o Research best practices related to implementation of security metrics program and

presented findings to leadership for approval and implementation

o Reviewed security requirements and previous reoccurring non-compliant areas to

develop applicable measurements to support ongoing improvement

Penetration & Vulnerability Testing

o Coordinate with various support groups to ensure compliance with corporate and

government testing requirements

o Review testing results to document corrective action plans or non-compliance

business justifications for all findings

o Create leadership reports for proper acceptance of outstanding risks or

implementation of remediation action plans

o Develop customer presentations to comply with Office of Management & Budget

oversight requirements

o Compare unfiltered data to reports provided from vulnerability scanning group and

document discrepancies to determine root cause

Technical Standards

o Partner with operation teams in the implementation of McAfee Policy Auditor

including the creation of customized reports to outline patch compliance and validate

configuration management settings

BellSouth Distributed Systems Management Center

RSM Team Lead/Business Analyst November, 2007 - February, 2008

6

LOUIS SEEFRIED

PHONE 770-***-**** E-MAIL acfsvl@r.postjobfree.com

Responsible for reviewing current procedures within support group and determining possible

improvements that would streamline process flow without impacting SLA’s through

implementation of automation, centralization of functions, improved documentation and

interactions with customers, application support organizations and other technical support

groups.

Constant review of group interactions to determine areas of improvement that streamline

operations including design, develop, document and deploy automated procedures for the

installation of operating system patches

Use Crystal Reports/Business Objects to compile information from various stand alone

data sources (Sybase/MS SQL/Oracle/WSUS) into a single comprehensive report that

shows compliance with various Service Level Agreements

Develop and implement contingency plans to enable EDS to meet contractual agreements

with customers

RSM Team Lead June, 2005 - October, 2007

Provide supervision for up to 20 systems administrators in the performance of day to day

operations in support of corporate SLA’s; compliance with Incident, Problem and Change

managements procedures; technical/procedural escalation for customer, application support and

technical support staff issues

Assist with developing group objectives to provide team direction for upcoming year

Responsible for supervision of technicians in the performance of day to day operations

for enterprise servers

Ensure appropriate security patches and policies are applied within SLA

Design, develop and deliver server audit procedures to ensure accuracy and proper SOX

compliance checkpoints are covered

Ensure change management procedure are followed in accordance with business process

rules to ensure proper review of changes before implementation

Spearhead resolution of high visibility problems involving complex solutions in times of

crisis that require prompt decisions to provide critical results

Escalate chronic problems quickly to engage coordination across support groups quickly

to produce effective resolution as quickly as possible

RSM Infrastructure Analyst January, 2003 - June, 2005

Provide Primary Systems Administrator (PSA) services to customer that included responsibility

for hardware, operating system, backup/restore functions on all servers assigned.

Ensure change management procedures are followed in accordance with business process

rules

Implement approved changes such as operating system patches, hardware updates and

application installations

Responsible for implementing logical access control mechanisms to isolate application

access to authorized individuals

Assist with Business Continuity and Disaster Recovery Planning for all supported

equipment

Responsible for ensuring operational security procedures are followed to restrict

unauthorized disclosure of information

DSI Infrastructure Analyst April, 2002 - January, 2003

Provide third tier support for all desktop and server administrators supporting the customer

operations. Perform deployment of Unicenter TND 3.0 for monitoring windows-based servers

achieving a 90% penetration rate within six months.

7

LOUIS SEEFRIED

PHONE 770-***-**** E-MAIL acfsvl@r.postjobfree.com

Deploy centralized, web-based hardware monitoring solution that resulted in migration

from individual desktop-based installation to a single, standard console available for over

30 technicians simultaneously

Migration of 15 servers, 350 workstations, 350 users, and network equipment from

distributed, business unit support, to centralized, corporate/outsourced support

Develop automated server configuration methodology that reduced server build time

from 35 to five business hours while improving consistency by 75%

Education

M.S., Information Technology - CAPELLA UNIVERSITY, 3/06

B.S., Aviation Management - SOUTHERN ILLINOIS UNIVERSITY, 5/96

A.S., Vocational Education - RIVERSIDE COMMUNITY COLLEGE, 6/88

Technical Certifications

PMI Project Management Professional (PMP)

CORE Impact Certified Professional (CICP)

ISACA Certified Information Security Manager (CISM)

ISC2 Certified Information Systems Security Professional (CISSP)

EC Council Certified Ethical Hacker (CEH)

ITIL Foundation version 3

CompTIA

o A+ o Security+

o Network+ o Server+

Microsoft

o MCTS Windows Server o MCSE Windows Server

2008 2003

GIAC Penetration Tester (GPEN) - Expired

DoD Technical Certifications

Tenable SecurityCenter/Nessus (ACAS) Administrator

eEye REM/Retina (SCCVI) Administrator

McAfee HBSS Administrator

8

LOUIS SEEFRIED

PHONE 770-***-**** E-MAIL acfsvl@r.postjobfree.com

Contact this candidate