Security Officer
Resume:
PROFESSIONAL SUMMARY/QUALIFICATIONS:
As a Systems Engineer, Systems Administrator, Information Security professional, and Data Analyst, I have developed expertise in configuration and management of many tools in the industry. Specifically, I have experience in tool such as eEye Retina, McAfee Host Based Security System (HBSS), Shavlik NetChk, GFI LANGuard, NitroView/ARCSIGHT, Symantec System Center, CISCO IronPort, BlueCoat (Web proxy), Assured Compliance Assessment Solution (ACAS) and Wireshark. In addition to other security tools, I have also been exposed to enterprise technologies such as Windows 7/2003/2008, MSExchange, the rollout of VMware ESX/vSphere, and Symantec BackupExec. Metasploit, Armitage, Kibana, Bro-Cut, Jumpstart and fconsole, I possess an excellent grasp of most networking concepts and keep a close eye on technology trends.
WORK EXPERIENCE:
ManTech – Hickam AF Base
2/24/20 – Present Information Systems Security Officer (ISSO) working within Special Access Programs (SAPs) supporting Department of Defense (DoD) agencies, such as HQ Air Force, Office of the Secretary of Defense (OSD) and Military Compartments efforts. The position will provide “day-to-day” support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities.
Vectrus – Fort Shafter - Regional Cyber Center Pacific (RCCP)
9/23/19 – 2/21/20 Change Management, Made changes to the environment, Changes were evaluated to minimize impact. Provided the authorization for the work that is carried out by Release and Deployment, and had oversight role to ensure that all changes that can be, are thoroughly tested. Had the responsibility to ensure that changes are deployed as scheduled and changes with multiple deployment stages are authorized by the appropriate Change Authority. Compiled request for change (RFC) components and prepared packages for technical review board (TRB) and Change Advisory Board (CAB) vote. Communicated requests for information (RFI) to RFC submitter. Notified release management of approved RFC. Prepared RFC package(s) for post implementation review. Audit process to ensure changes are only made after they are documented and approved.
Vykin Corp – Hickam AF Base
5/14/18 – 9/20/19 Information Systems Security Manager (ISSM) Supervise an enterprise-wide set of disciplines for the planning, analysis, design, and construction of information systems on an enterprise-wide basis or across a major sector of the enterprise. Oversee development of analytical and computational techniques and methodology for problem solutions. Responsible for enterprise-wide strategic systems planning and environmental information planning, business, and analysis. Verify process and data modeling in support of planning and analysis efforts, using both manual and automated tools. Provide technical guidance in software engineering techniques and automated support tools. Manage security of information systems assets and protection of systems from intentional or inadvertent access or destruction. Supervise assigned staff, Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information. Perform preliminary forensic evaluations of internal systems. Ensure the user community understands and adheres to necessary procedures to maintain security. Maintain current knowledge of relevant technology as assigned. Provide guidance creating and maintaining Standard Operating Procedures and other similar documentation. Maintain current knowledge of relevant technology as assigned. Participate in special projects as required. Generate and maintain military certification and accreditation documentation Operate and monitor security infrastructure, to include firewalls, intrusion detection devices, and intrusion prevention devices. Manage and maintain Enterprise Mission Assurance Support Service (eMASS) a fully-integrated cybersecurity management realm, using IA controls, dashboard reporting, and taking ISSDD transferring them into Risk Management Framework (RMF) then injecting that RMF into eMASS for Department of Defense (DOD), allowing for an Enterprise level visibility of all authorization packages and security posture, primarily responsible for receiving FULL 3 year RMF accreditation package for RED networks.
McAfee\Meridian Technologies – Fort Huachuca\Fort Shafter\Schofield
2/27/2017 – 5/11/18 HBSS SME, working directly for/with McAfee/Intel had a direct hand in developing CONOPS, business plans and continuity, (VMOSA) created Vision and Mission statements, direct hand in auditing and Trends analysis also Defining & Mapping Trends, gathered supporting documentation for the DoD requirements and correlated and referenced Army/DoD with that created Access Management Process for local project, created and edited the requirements mapping workflow (Flowcharts) for inclusion in analyst workflow library (2/27/2017 – 5/11/17,) PAC AESS SME/LNO (Pacific Army Endpoint Security System Subject Matter Expert\Liaison Officer) Project Manager overseeing Pacific region build up, participate in the development of technical project plans, proposals, reports, task order and administrative reporting includes the Hawaii Islands, Korea, Kwajalein Islands, and Japan. Overseen PAC Army End-Point Security System (AESS) buildup and NOC development from ground up (Layers 1 - 7) Prioritize project tasks and track the status of internal and external resources applied against each task, worked directly with Army Networking Engineers to successfully establish connectivity via the Army TLA stack, Created and configured VMWare 2012 servers, configured and created McAfee Network Security Platform (NSP) – Participate in special projects as required I.E. I was sent over to Kuwait (SWA) successfully self-align and standardized site as well as manage the local leadership expectations and provide guidance and work leadership to less-experienced staff members, for example prepping new LNO that was coming on to site. Generate briefing material for senior leadership regarding project and any procurement timelines and status. Conduct planning and provide recommendations to client on task workload and attend customer meetings and serve as primary client.
Adams Communication & Engineering Technology (ACET) – NCTAMSPAC
8/1/2016 – 2/10/17 – NCTAMS Computer Network Defense (CND) Security Analysts – responsible for building new internal security team that defends against both real attackers and Red Teams from ground up, and work to constantly improve the organization’s security posture, daily data analysis view of log’s through Bro and other tools. Wrote up company deliverables, direct hand in streamlining and documenting new DOD 8140 requirements (8570 replacement) for ACET associates and subcontractor employees, reviewed resume Interviewed and hired my replacement
WAKELIGHT Inc. - Camp Smith
12/1/2014 – 7/25/2016 – USPACOM Computer Network Defense (CND) Host Based Security Systems (HBSS) INTEL Security Analyst\Global Administrator. Monitor and protect and identify network security vulnerabilities for intrusion attempts and virus activity. Active role in fine-tuning and configuring enclaves, using ARCSIGHT and or generating dashboards for specific views, extensive knowledge in creating exceptions and using SOLIDCORE to help consolidate and identify known good hashes for trusted software implementation, as well as implement DISA upstream rule sets to meet TASKORDS. Resolve Host Based Security System Solutions (HBSS) component and agent application software problems, Plan and coordinate the installation, testing and operation of Host Based Security System Solutions (HBSS) system components and supported deployed system modules, recently upgraded ePO server from ePO 5.1.1. to ePO 5.3.1
DRS-Camp Smith
5/19/2014 – 11/28/2014 – Special Operations Command, Pacific (SOCPAC) IA Systems Security Administrator, first in defense for Computer Network Defense (CND) protection for SOCPAC, identifying network security vulnerabilities, monitoring the network for Intrusion attempts and virus activity using tools such as Host Based Security Systems\Intrusion Detection Systems (HBSS), Resolve Host Based Security System Solutions (HBSS) component and agent application software problems, Plan and coordinate the installati on, testing and operation of Host Based Security System Solutions (HBSS) system components and supported deployed system modules, CISCO IronPort E-Mail Proxy to follow email flow as well as to provide better safeguard to e-mail security, BlueCoat (Web proxy) to block or allow sites as dictated, Assured Compliance Assessment Solution (ACAS), Wireshark, Websense, Virus Total, URLQuery and other tools used to monitor, analyze, detect user data strings and respond to unauthorized activity within SOCPAC information systems and computer networks, Incident responses are handle with the SOCPAC IA Lead where we view and defend against vulnerable protocols\browser-based attacks and determine if Server\clients are in anyway infected or compromised.
CUBIC – NCTAMS PAC\Camp Smith
12/29/11 – 5/16/2014 - MARFORPAC - GCCS Systems Engineer, Site Lead and part of a team that provides C4I services to 500 personnel at 4 different locations. Expanded the contract for CUBIC by eliminating the competing companies and assimilating the local staff, managed a mixed system infrastructure that contains 10 Oracle servers hosting 40 Solaris zones and Windows Domain. Created a working WSUS Server, Streamlined the existing virtualization project that transitioned all Windows services to reside on VMware ESX hosts, fixed multiple errors that weren’t allowing the domain controllers to communicate, added a much needed redundant DNS servers and Integrated an Oracle Secure Global Desktop (SGD) server to provide web applications enabling remote access to virtualized GCCS client systems via web browsers allowing LDAP to authenticate with AD, reconfigured the virtual VM Domain controller to increase its C Drive on VMC0 from its existing 8GB to an increased 28GB allowing for better performance installing of patches and room to breathe.
Booz Allen Hamilton – Camp Smith\Ford Island\NCTAMS PAC
6/6/09 - 5/25/2012 Information Assurance Security Administrator for the Pacific Warfighting Center (PWC) – Responsible for maintaining Information Assurance (IA) security compliance on 3 networks, spanning over 60 servers and 50 workstations. Responsible for producing daily compliance reports, performing network security scans, analyzing system vulnerabilities for impact to the enterprise, recommending courses of action (CoA), and mitigating/remediating critical vulnerabilities. Had the lead for preparing for annual audits by DISA DoD (which encompasses Field Security Officer inspection (FSO), Enhanced Compliance Validation (ECV), Command Cyber Readiness Inspection (CCRI)) by significantly reducing all network/system vulnerabilities - leading to the best audit yet for the PWC. Ensured network patch compliancy and new DoD security baselines were met by STIG’s and performing Gold Disk and Retina scans and cross referencing with the Vulnerability Management Solutions (VMS) database, patched enclaves with Windows Server Update Services (WSUS), Shavlik NetChk, and GFI LANGuard. Stood up and configured HBSS Server for Host Based Security System (HBSS) management in the PWC -- which entailed using HBSS to monitor all enclaves for known cyberthreats, detect exploit traffic using the HBSS Intrusion Prevention System (IPS), Resolve Host Based Security System Solutions (HBSS) component and agent application software problems, Plan and coordinate the installation, testing and operation of Host Based Security System Solutions (HBSS) system components and supported deployed system modules, edited rules to allow/prohibit systems to run software, managed organization of HBSS assets, and ensured connectivity with HBSS agents. Installed and configured NitroSecurity NitroView Enterprise Security Manager, An analyst’s power tool that also provides strong day-to-day high speed data collection and analysis capabilities allowing to see multiple interrelationships between assets, threats and vulnerabilities 12/29/11 – 5/25/2012 – Information Assurance Compliance for the Naval Computer and Telecommunications Area Master Station, Pacific- Responsible for maintaining Information Assurance (IA) security compliance. Had a direct hand in accrediting several Systems needed by the DoN on a local and global application level, this was done by creating Security baselines using STIG’s and performing Gold Disk and Retina scans and remediating the vulnerabilities found by the scans. (Retina and Gold Disk scans were generated along with Remediation reports); Reset Bios passwords on 46 laptops – crucial as client didn’t have the bios password and needed it for functions that were detrimental to their function. Mitigate findings and generate reports on Gold Disk vulnerabilities.
Technology Resource Support – Pearl Harbor
3/17/08 – 6/3/09 – Enterprise Level System Administrator – Overseen all Network management for both classified and unclassified enclaves, Administrated Sidewinder v6 and Gauntlet v6, Cisco ASA, Working knowledge of Active Directory (AD) created and maintained Group Policy Objects (GPOs) Created and administrated Backup Administrator Veritas Net Backup 6.5 server, rebuilt Windows Server Update Services (WSUS) Administrator, IAVAs were resolved and logged into Vulnerability Management System (VMS), successfully passed Field Security Officer Inspections (FSO), was responsible for Firewalls & Switches, diagnosing and resolving computer and network related problems, created system backups, applied updates and security patches as needed, installed and configured hardware.
WAKELIGHT Inc. – Pearl Harbor
10/11/07 – 3/14/08 - Senior Server farm Technician UNIX, DNS, VSCAN and Sidewinder, Systems Administrator. DNS servers operated on Red Hat Enterprise, while the Virus scanners operate on Win 2003 platform. Sole provider of customer service to all network managers behind a firewall suite which is managed by a small team and host different services, Weekly and monthly backups performed on the external and internal Firewalls Routers and Foundries. Check for DNS BLACKHOLE updates daily and applied as needed, On all VSCANS Mail SMTP reports are generated daily as well as upkeep of Anti-spam policy, Sidewinder Firewall IP Filter, and Proxy rules updated and changed as needed, Configuration backups done weekly. Microsoft Office Communicator used to quickly interact with other personnel on the WAN.
PESYSTEMS - Wheeler
01/02/07 – 10/10/07 – Senior Systems Administrator\ Information Assurance Technician Was responsible for setup and establishment of Multipoint VTC, Administer local NAS and other 2003 Servers, Active Directory, Exchange Administrator and SIPR Administrator, Administrated NIPR Network via remote desktop, assist in all IA operations with local IAM, network security scans, and push patches w/Update Expert v6.3, created WSUS Server, Reconfigured Update Expert as it was not working for 1 year prior to my arrival, Upgraded Harris Stat database from v5 to v6. Perform backups for WPS FAXX server it tracks Shipping World wide – integrates with other servers around the globe, assisted in creation and completion of time and distance preparation data base, allowing users to cross reference time and distance with travel to or from any port in the world.
WAKELIGHT Inc.- MCBH
4/27/04 - 12/27/06 Senior Help Desk – CSR\Contact Team Provided senior level Enterprise support for entire Marine Corps base operations and responded to trouble calls that helpdesk could not resolve. Remedy tracking software was used to track and or complete all ticket requests, trouble calls were responded to via over the phone troubleshooting and or remote access through SMS, SIPR Administrator and courier. 9/19/05 – 12/27/06 – Senior Server farm Technician Administrated Enterprise level Network via remote control tools such as SMS, Dameware, Hyena, and GFI LANguard, Exchange Administrator, Manage Exchange 5.5 servers and bridgehead, SIPR Administrator and Authorized Secret courier, used Veritas V9.1 to backup all Servers, Knowledgeable in Active Directory, Knowledgeable with TACLANES, and Responsible for all aspects of SIRP Network from physical layer to Application layer.
EMMIS COMMUNICATIONS\KHONTV2 & KGMBTV9
12/19/02 - 10/28/03 Master Control Responsible for entire TV station On Air Time, Responsibilities include redirection and reconnection, tuning and retuning of 9 Satellites and satellite receivers, the ability to multitask with excellent time management and organization skills, Prepping movies for both Tape and Servers for on air use, ensuring ALL incoming satellite and Network feeds are smooth and w/out Data or packet loss, Was responsible for all local IT issues 3/24/03 – 10/28/03 – IT Manager Implemented Pathfire Pinnacle eServers for Digital Satellite receiving of CNN & Warner Brothers syndications, responsible for establishing a VPN link between KGMBTV9 and Indianapolis, Restructured entire infrastructure for KGMBTV9 from network backbone down to client workstation, supported over 200 nodes.
Independent Consultant\Contractor (1/1/02 - 10/31/02)
KAISER PERMANENTE 10/04/02 – 10/31/02 Provided 3 rd and 4th level User Helpdesk support as a Field Service Technician for a multi-user/multi-system environment (Novell 4.1, Windows 2000 and NT 4.0 based platforms), primarily hired to help bring Service requests down. Vantive tracking software was used to track and or complete user service requests, trouble calls were responded to via over the phone troubleshooting and or remote access through Tivoli remote access software, Activation of drops and tie pairs were done per request.
KHON TV - 9/16/02 Resolved an ongoing 3-month old issue, Ensured proper Installation, reconfiguration, and restoration of smooth steady data and packet Flow for IBM 700 eServers, Pinnacle 320 Server Workstation, 2 Viacast Receiver(s) Satellite Receivers & Net gear 5-port switch
NMCI – 1/1/02 –2/13/02 Validation Desktop support- helped prepare for major hardware of Military computer Hardware upgrade by taking inventory of all computer peripherals, preparing for next phase of the upgrade.
AMERICAN HAWAII CRUISES
June 1997 – Nov. 02, 2001 – LAN Administrator Created mapped and planned the entire network from the ground up and responsible for all aspects of corporate LAN: from layer one to layer 7 Including Helpdesk troubleshooting and resolving user application issues\problems for more than 100+ users.
KAPIOLANI COMMUNITY COLLEGE
1994 – 1996 - Lab Monitor Learned to monitor network, Created added & deleted AS/400 user accounts, Created\deleted Pegasus email accounts on a UNIX based email system. Troubleshot in person and via phone Word Perfect, Lotus notes, & printing issues for other students on MAC, & Win 95 platforms
CERTIFICATIONS
Level 4 IMO (Information Management Officer)
Networking Concepts
HBSS (Host Based Security System) 201, 301, 501
CompTIA Security Plus
C EH (Certified Ethical Hacker)
C NDA (Certified Network Defense Architect)
MCP Cert #E922-5598
MCSA Windows Server 2008, Server Administrator
CASP CompTIA Advanced Security Practitioner
OSCP Offensive Security Certified Professional – in progress
ACTIVE CLEARANCE
Active TS SCI/Poly
EDUCATION
Formal training by Microsoft in Networking Essentials
Formal training by Microsoft in 803-Administering Windows NT 4.0
Formal training by Microsoft in1026-Microsoft Exchange Server 5.5 Series – Concepts and Administration
Formal training by Microsoft in 973 -Microsoft Exchange Server 5.5 Series – Design and Implementation
Formal training by Microsoft in 688 – Internetworking TCP/IP
Formal training by Microsoft in 922 – Supporting Windows NT4.0 Core Technologies
Formal training by Novell in 4.11 Administration
Formal training by Cisco in Interconnecting Cisco Network Devices
Formal training by (ISC) Certified Information Systems Security Professional (CISSP)
Formal training by IBM - VMware vSphere
Microsoft 70-646 Pro: Windows Server 2008, Server Administrator
C EH (Certified Ethical Hacker)
RaD-X Custom Network Intrusion Detection (NIDS) Rules
RaD-X 101 Basic Network Intrusion
RaD-X 301 Client Side Attacks and Detection
Pacific LandWarNet SSAC Levels I, II, & III
Information Management Officer (IMO) Certification Course
STAT Scanner 6.0
Thumb Drive Awareness
Information Systems Security Monitoring
(AMHS) Automated Message Handling System CBT v4c
OSCP Offensive Security Certified Professional
CASP CompTIA Advanced Security Practitioner
USMC Veteran
Contact this candidate