Security Management
Resume:
Stuart Makowski
acrz1n@r.postjobfree.com
Page 1 of 7
Executive Summary
Accomplished contract-for-hire global information security professional with over 20 years of progressive experience building teams and managing secure Information Technology / Information Security operations within complex enterprise environments.
Established security policies, procedures, practice, and methodology.
Client include, but not limited to: Defense Industry (government and civilian), Intelligence Agencies, Banking, Finance, Retail, Communication, Mining, Energy (government and civilian), Medical, Hospitality, Entertainment, Insurance, Government ( Federal and State), Airline
Architected and managed enterprise environment that had 2,600,000 global users.
Managed budgets up to $87,000,000.
Designed and wrote the strategic roadmap for clients whose annual sales were over $15,000,000,000.
Extensive experience with ISO9000, ISO9001, ISO17799, ISO27001, ISO27002, ISO27002:2005, HIPAA, HITECH, SOX, PCI-DSS, FISMA, FIPS, NIST,PKI, SSLDC, DIACAP, COSO, COBIT, RA,VA, INFOSEC, OPSEC, C&A, FAM, FAH, DITSCAP, NIACAP, SAS70 ( I & II), SSAE16, DIACAP, POA&M, ERP, DCID 6/3, NISPOM, OMB A-130, SST&E, SSA, SSP, ITIL, and DAA/IATO ATO.
International enterprise expertise in auditing, information security, and business continuity & disaster recovery management and planning.
Technology and business visionary with executive and hands-on experience in automating multi- billion dollar enterprises.
Strong record of success in deploying robust Information Technology
Advised executive management on Information Technology related situations and conditions.
Documented ability to bring the benefits of Information Technology to solve business issues while managing costs and risks.
Provided strategic direction to board of trustees, board of directors and executive management on technological issues and challenges.
Dynamic management career with strong leadership, consistent track record of excellence, problem-solving, planning, team-building, and project management skills.
Architect for SIEM, IAM, IDS/IPS, FireEye, WAF, Firewall, DLP, EPO, ERP Certifications
WEC-SG(PO)
ACSA
AEIA
CISM
CISSP
CISA
CCNA
MCSE 2000 and NT
MCP+I
CCA
CNA
MCP
I-Net+
ITILv3
Project+
Security+
Network+
Server+
HP Technician
Education
Masters of Business Administration in International Business – Ashworth College December 2017 (projected) Bachelor of Science in Computer Information Systems Management – Buxton University May 1994 Security Clearances
Department of Defense -Top Secret Sensitive Compartmented Information Department of Energy - BAO
Federal Public Trust
Stuart Makowski
acrz1n@r.postjobfree.com
Page 2 of 7
Experience
Ten Zero Consulting Aug 95 – Present
Chief Consultant
Full responsibility for return on investment (ROI) and managing multi-million dollar budgets.
Inspiring leader and articulate communicator.
Proven record of department profitability and cost savings realized within various business enterprise settings.
Continuous learner with a passion for innovation in security risk management to drive bottom-line business contributions (optimize security investments, avoid losses from security incidents, improve customer retention, enhance business decision-making, and reduce corporate liability).
Recruited, developed, motivated, and retained diverse staff structuring them into teams that delivered results and savings.
Proven record of department profitability and cost savings realized within various business enterprise settings.
Performed economic analysis, planned, programmed, and budgeted for information systems resource requirements (equipment, people, and facilities).
Developed strategic plans, policies and operating procedures.
Assured that operations were maintained at targeted service levels
Defined and implemented standard recruiting strategies and a career management program
Streamlined departmental operations on a continual basis to improve business processes and reduce redundant personnel
Supervised up to 174 personnel worldwide
Subject matter expert cyber warfare
Master at identifying and clarifying information security and technology risks and coordinating remediation efforts
Architected and implemented full Identity and Access Management products
Architected and implemented Log Management, Event Management/Correlation and Security monitoring.
Performed for database tuning, configuration changes, sizing, and troubleshooting.
Developed integration capabilities with 3rd party systems including network management and trouble ticketing applications (Remedy).
Configure solutions to match up with PCI, DIACAP,SOX, STIG, and IAVA compliance.
Ability to translate business requirements into solutions delivered by development teams.
Worked closely with Certification & Accreditation, Counter Intelligence, and Information Assurance Team to maintain Security requirements.
Architected the establishment, enhancement, and continual improvement of an integrated set of correlation rules, alerts, searches, reports, and responses.
Information Assurance (IA) Engineering and Architecture, Security Testing, and Certification & Accreditation (C&A) for an unaccredited enclave environment to go live with Authority to Operate (ATO) accreditation. Provided architecture and all levels of support during all phases of systems engineering, Stuart Makowski
acrz1n@r.postjobfree.com
Page 3 of 7
software development, testing, deployment, and maintenance. This support included IA requirements definition/analysis, security engineering, security architecture development, security design, integration support, DIACAP documentation development, security testing, data base management systems, security infrastructure applications/tools/services, Multi-Level Security (MLS) systems, Cross Domain Solutions
(CDS), Service Oriented Architecture (SOA) security, Intelligence Community security configuration guides (e.g., DISA STIGs/checklists, CIS benchmarks, etc.), automated security testing utilities/tools (e.g., DISA GoldDisk and SRR scripts, NESSUS, Retina etc.), DoDI 8500.2 IA controls, NIST Special Publications (800- series), and network devices.
Analytical support included research and development of defensive information warfare concepts and strategies, particularly within the national security framework. Coordinate related intelligence community and DOD DISA Federal Department and Agency IA planning activities and identification of policy, technical, and programmatic issues crossing organizational, functional, and program boundaries. Manage and participate in software, systems, and security engineering activities, such as: small and large scale systems and security engineering and development efforts; technology lab development for system and security application prototyping; architecture and infrastructure analysis; INFOSEC requirements definitions; technology evaluation and assessment; e-commerce, public key infrastructure (PKI) design and deployment; multi-level security technologies; intrusion detection and analysis; simulation and modeling; development of IA concepts and strategic implementation planning for Intel community CIO Office and DOD DISA organizations; web site and content design and development and integration of DIAP IA policy and guidance system to serve as centralized and authoritative source of IA policy, legislation, directive; perform and conduct system-level designs, reviews, and risk management assessments; develop certification and test and evaluation, technical reports, and project plans; perform systems integration and monitoring of the implementation of processes, hardware and software solutions, and technical writing.
Ensured credit card systems were built and operated in compliance with Information Security Policies and Payment Card Industry (PCI) regulations.
Outlined the information security controls, testing, and evaluation requirements for the Systems Security Development Life Cycle. (SSLDC)
Provided Information Assurance activities in accordance with current DOD policies, National Institute of Standards and Technology (NIST), industry best practices and Defense Information Systems Agency
(DISA) guidance.
Oversaw incident response planning as well as the investigation of security breaches, and assist with disciplinary and legal matters associated with such breaches as necessary.
Provide technical leadership to the enterprise for the information security program. Mentor and train others in information security in addition to training for other technical groups. Install and maintain security infrastructure, including IPS, IDS, log management, and security assessment systems. Assess threats, risks, and vulnerabilities from emerging security issues. Publish Security Updates newsletter for technical groups. Draft enterprise security standards and guidelines for system configuration. Managed process and acted in the lead role for computer security incident response team. Perform and create procedures for system security audits, penetration-tests, and vulnerability assessments. Develop scripts to maintain and backup key security systems
Recommended preventive, mitigating, and compensating controls to ensure the appropriate level of protection and adherence to the goals of the overall information security strategy. Assisted in the development of access-controls, separation of duties, and roles. Conducted technical risk evaluation of hardware, software, and installed systems and networks. Assisted with testing of installed systems to ensure protection strategies are properly implemented and working as intended. Assisted in incident response and recommend corrective actions. Communicated with personnel about potential threats to the work environment. Participated in forensic recovery and analysis. Participated in development and maintenance of global information security policy.
Stuart Makowski
acrz1n@r.postjobfree.com
Page 4 of 7
Maintained security of voice and data networks and equipment. Monitored and maintained physical and logical security and access to systems. Responsible for support of existing security policies and procedures, as well as creation and implementation of new security procedures. Risk assessment of partners. Presented options to management for the enhancement of DNS, firewall, modernization of firewalls, and inbound e- mail security and robustness. Assisted with the upkeep of network infrastructure including switches and load balancers. Assisted in migration of VPN concentrators to new project. Achievements include completing TruSecure enterprise certification, and development of incident handling procedures.
Global PKI Implementation, rolled out 10,000+ client certificates and 2000+ server certificates. Owned Secure Email project, enhanced PKI vendor responsiveness, brought about radical improvements in Key Management (KMS) reliability, set up operations support group, metrics, and implementation plans. Wrote Infrastructure Control Review, and closed it with General Auditor's Office. Owned SSL Server OnSite certificate strategy and contract renewal. Worked with Office of the General Counsel to develop and publish corporate encryption policies. Integration Test Lab product owner for encrypted/signed email, Adobe digital signatures, etc. PKI product owner through four annual audits with no comments. Led team which delivered technical solution and documentation secure email for a high visibility project with severe time constraints. Managed vendor relationships with VeriSign and RSA.
Expert in the system and application Certification & Accreditation (C&A) process including development of the System Testing and Evaluation (ST&E) plan, System Security Plan (SSP), Configuration management
(CM), System Security Authorization Agreement (SSAA), Disaster Recovery Plan (DRP), Business Continuity Plan (BCP). This includes all aspects of the Risk Assessment (RA), from identification of the Major Application Metric under the General support systems, and the mitigation procedures using the Plans of Action and Milestones (POA&M
Hands-on technical understanding of incident response, computer forensics, network and application security
Hands-on experience with Intrusion Detection Systems, Security Information Event Management solutions, packet analysis tools and operating system analysis
Malware analysis experience (Fireeye,etc)
Identification of cyber threats associated with systems and technology vulnerabilities and risks via analysis of the information and data.
Extensive experience in:
Responding to targeted threat events
Writing custom parsers for NetWitness or other network forensic tools
Information security, incident response, investigation, and penetration testing
Computer forensics (host and network-based)
Performing open source research to identify emerging threats
Ensure all pertinent information is obtained to allow the identification, categorization, incident handling and triage actions to occur in a time sensitive environment
Analyze network traffic and various log data and open source information to determine the threat against the network, recommend appropriate countermeasures, and assess damage
Act as the point of contact for accepting, collecting, sorting, ordering, and passing on incoming information for the reported cyber events
Facilitate and expedite the tracking, handling, and reporting of all security events and computer incidents in accordance with organizational procedures
Evaluate threats, vulnerabilities and risk while supporting real-time security monitoring operations
Build, implement and deploy data security solutions including IDS/IPS sensors and management consoles
Stuart Makowski
acrz1n@r.postjobfree.com
Page 5 of 7
Experience configuring and deploying Web application Firewalls (Imperva)
Prepare DR mechanisms and conduct failover testing
Install, configure, maintain, audit, upgrade, update security products (non inclusive): proxy servers
(BluecoatSG 300-9000), Infoblox, Vulnerability scanners, Application Scanners
Architecture, Design and Deployment of Symantec DLP infrastructure including building and configuring servers as needed and supporting local administrator resources.
Operational support and maintenance of Symantec DLP infrastructure, including deployment, analysis, tuning, configuration, security administration and upgrading.
DLP policy development, authoring, maintenance, and refinement.
Creation and modification of DLP detection policies and policy elements (response rules, directory groups, etc.)
Rollout and Deployment
DLP Access control administration.
Monitor DLP infrastructure for health checks, connectivity and availability.
System administration of multiple DLP environments as assigned (test, pilot, production)
Auditing/assurance, including development, implementation, and maintenance of plan to regularly review policies and verify on-going DLP coverage at all monitoring points; preparing relevant coverage info for internal customers and external clients
Architected, installed, configured, and maintained, the following McAfee products: Enterprise Policy Orchestrator (EPO), Virus Scan Enterprise, Data Loss Prevention (DLP), McAfee Agent, and Host Intrusion Protection (HIPS).
Administer system policies, repairs, and deployments and maintain agents on EPO to support applications/tools not limited :
o EPO 4.6, 5.X
o Host Data Loss Prevention (HDLP 9.1, 9.3)
o Virus Scan Enterprise (8.8)
o McAfee Agent (4.8)
o Host Intrusion Protection (HIPS)
o Product(s) updates and upgrades
o Daily Ticket Queue Monitoring and Incident Resolution o Work with customers and vendor McAfee on the key initiatives o Change Management
o Problem Management
Developed solutions for desktop support, server support teams, and supported business groups in the installation and maintenance of applications and servers with regards to ePO
Use troubleshooting skills to resolve installation and maintenance issues on operating systems and other related areas.
Architected, installed, engineered, tuned, maintained Identity and Access Management products: o Directory and Data
o Provisioning/De-provisioning
o Self Service Access Request
o Password Management
o Privileged Access Management,
o Elevated Permission Account Access Management
Stuart Makowski
acrz1n@r.postjobfree.com
Page 6 of 7
o RBAC, ABAC and PBAC,
o Expansion of user administration, and access management (Cloud and/or Single Sign- On),
o Automated workflow, and automated provisioning tied with comprehensive User Self Service capabilities.
Provided optimization of data flow using aggregation, filters, etc.
Developed custom Flex Connector as required to meet use case objectives.
Managed and lead in the operation of ArcSight Security Information and Event Management systems to include ArcSight ESM, Oracle, Connector Appliances, SmartConnectors, Logger appliances, Windows and Linux servers, network devices and backups.
Life-cycle management of the ArcSight platforms to including coordination and planning of upgrades, new deployments, and maintaining current operational data flows
Applied Configuration Management disciplines to maintain hardware/software revisions, ArcSight content, security patches, hardening, and documentation.
Engineered the establishment, enhancement, and continual improvement of an integrated set of correlation rules, alerts, searches, reports, and responses.
Architecture, design, install, configure VMware ESX, ESXi, within VI3, vSphere 4 and vSphere 5 environments with VirtualCenter management, LabManager, vCloud Director, Consolidated Backup, DRS, HA, DPM, vMotion, VMware Data Recovery, VMware Site Recovery Manager
(SRM), vCenter Operations Manager, Horizon Workspace, Horizon Mirage, ThinApp and VMware View desktop virtualization infrastructure (VDI).
Build, configure and deploy VMs and templates. Completed Physical-to-Virtual (P2V), Virtual-to- Virtual (V2V) and Virtual-to-Physical (V2P) migration of Windows NT, 2000, 2003, 2008, and 2012 as well as Linux servers from VMware, Hyper-V, Xen and legacy hardware
Designed, Implemented, and maintained SOURCEfire 3d system and provided visibility/security to network using tools such as 3D sensors, RNA,RUA, Defense Center with SNORT engine based Intrusion Prevents Systems (IPS)
Delivered and cultivated rapid detection threat detection using Cisco SOURCEFire IPS with AMP
Architected, engineered, and managed HP Tipping Point IPS system with SMS on NX devices ranging from the S2600 to the S7500
Created reports in TippingPoint SMS for various groups ranging from C-level to Information Technology administrator
Generate multiple profiles for Tipping Point
Archer GRC solutions – Very well conversant with the life cycle of all Archer solutions – Enterprise, Policy, Compliance, Risk, Vendor, Threat, BCP, Incident and Audit Management
On-Demand Applications – Understand business requirements and build applications that could fulfill business needs
Archer Applications – Very well Conversant with all the core out of the box applications in each of the solutions, and related data dictionaries
eGRC Platform - Implement, Configure, Administer and Maintain Smart-Suite GRC Framework in Single and Multi-host environment
Core Business Solutions - Implement out-of-the-box Archer solutions
eGRC Applications – Implement and customize out-of-the-box applications, create on-demand applications
Stuart Makowski
acrz1n@r.postjobfree.com
Page 7 of 7
Trouble-shooting – Strong grip on understanding the application functional issues and their resolution in terms of access control, DDEs, Notifications, Calculations, Workflows, Reports, Dashboards, iViews, Integration (Packaging, Data Imports, Data-Feeds) etc.
Hands–on Archer Training - Impart various level Archer training to Business Users and Archer Administrators
IT GRC - (IT GCC and ISMS Audit assignments) – Information Security Gap Assessment based on ISO 27001 and CoBIT, control testing, documenting findings, control designing for closing deficiencies and risk mitigation.
Archer eGRC Support: Archer Administration - Archer solutions, applications, Questionnaire, Sub- forms etc.
RSA Archer administration function included but not limited to – User Access Control, Data Driven Events, Calculated fields, Notifications, Workflow, Reports, iViews, Dashboards, Workspaces, integration (Data import, Data feed and Application packaging) etc.
RSA Archer existing Application customization - Collaborate with Application owners, understand the business requirement, modify data dictionary, build applications, create application test plans and checklists
RSA Archer On-demand Application Development - Proficiency in gathering business requirements from various business stake-holders, understanding business process, create data dictionary and design applications.
RSA Archer Follow Change Management process and procedure before going live or introducing new entity (may be application, enhancement, bulk imports in production)
Designed, developed, and architected Hadoop and HBase systems.
Coordinated with technical teams for installation of Hadoop and third related applications on systems.
Formulated procedures for planning and execution of system upgrades for all existing Hadoop clusters.
Supported Hadoop technical team members for automation, installation and configuration tasks.
Suggested Hadoop improvement processes for all process automation scripts and tasks.
Provided technical assistance for configuration, administration and monitoring of Hadoop clusters.
Conducted detailed analysis of Hadoop system and application architecture components as per functional requirements.
Hartsville Police Department Jul 94 – Jan 00
Sergeant
United States Navy Feb 88 – Aug 91
Master at Arms - Petty Officer 3rd class
Contact this candidate