Security Information
Resume:
Daniel Breslin
SOMA San Francisco, CA *****
703-***-**** ******.*******.*@*****.***
NETWORK SECURITY ENGINEER – CYBER SECURITY ANALYST
Detail-oriented and highly motivated Information Security Analyst with approximately two years of experience in information systems security, using RMF, C&A’s, Vulnerability Scanning, NIST Special Publications, HIPAA, ISO 27000 Series, FIPS, POA&M management, and FISMA to ensure Information Systems are secure, with appropriate controls.
Strong understanding of network topics including: connecting to a WAN; implementing network security; network types; routing and switching fundamentals; the TCP/IP and OSI models; IP addressing; WAN technologies; operating and configuring IOS devices; extending switched networks with VLANs; determining IP routes; managing IP traffic with access lists; establishing point-to-point connections; and establishing Frame Relay connections.
PROFESSIONAL PROFILE
Strong analytical and problem-solving skills; fast and continuous learner.
Technical Documentation: System Security Plan, Security and Vulnerability Assessments, Risk Assessment, Security Testing and Evaluation, Continuous Monitoring, FISMA Audits, POAM’s
Certifications include: Cisco CCNA and CCENT; CompTIA Cloud+, Security+, Network+ and A+; Training on AWS - Certified Solutions Architect.
Top Secret Security Clearance (Granted March 2, 2017).
Resourceful team member, skilled in identifying project needs and creatively solving problems.
Adapt to any working environment while maintaining professionalism and high quality performance.
Outstanding drive and focus on organizational objectives and customer need.
Adept and experienced in problem solving and providing solutions. Excellent qualifications in leadership and interpersonal communications.
Manage personnel effectively concentrating on high quality standards, timeliness and safety.
Demonstrated management abilities in multiple operations segments.
Provide inspirational team leadership and counseling to subordinates that increases morale and raises performance and productivity levels.
PROFESSIONAL EXPERIENCE
Mechanics Bank Hercules, California 10/2016 to Present
Governance, Risk and Compliance Analyst
Provide leadership, guidance, and oversight to ensure the implementation and consistent operation of information security governance, security risk management and compliance program.
Perform compliance assessments to determine if business systems are aligned with regulatory requirements, industry standards, and best practices and to information security policy, procedures, and standards.
Oversee Information Technology Policies and Procedures compliance with the regulations.
Support, exhibit and grow corporate culture that is committed to Governance, Risk, and Compliance and information security best practices.
Collaborate with key stakeholders to validate, verify and address audit findings, control deficiencies and remediation plans.
Monitor for new compliance regulations, assess the impact to the organization, and work with the impacted business units to ensure compliance.
Assist with the management of internal and external audits.
Identify improvements that strengthen the efficiency and effectiveness of the compliance initiatives.
Report on the status of compliance activities and remediation efforts.
Conduct risk assessments to evaluate the effectiveness of existing controls and determine the impact of proposed changes to business processes, applications and systems.
Communicate identified security risks to business leaders to ensure a clear understanding of these risks as well as potential mitigations.
Implement risk register for prioritizing, managing, and mitigating identified information risks, utilizing the information to provide leadership insight into the critical risks potentially impacting company.
Develop metrics and reporting around the risk remediation program, feeding gathered information into various reporting chains.
Support vendor management team as it relates to vendor management system and other related tasks.
Support Business Continuity management team as it relates to Business Continuity and Disaster Recovery tasks.
Create documentation to ensure consistent, reliable, and repeatable activities.
Networking Institute of Technology Upper Marlboro, Maryland 11/2014 to 10/2016
IT Security Analyst
Perform independent compliance reviews, tracking, and continuous monitoring of newly submitted C&A packages.
Advise and assist with the Lifecycle Certification and Accreditation process and developed a Systems Security Plan. Monitor and track projects in the C&A test queue.
Read and analyze SSPs and develop understanding of systems and applications into security test plans.
Coordinate C&A actions and system testing with security personnel.
Develop risk assessment reports. Assemble and submit C&A packages to Principal Accreditation Authority/Designated Accreditation Authority.
Conduct interviews with key client stakeholders to evaluate current information security practices.
Review security policy and procedural documentation
Supported information security governance, risk and compliance activities aligned with the NIST Risk Management Framework (RMF). Designate systems and categorize its C.I.A using FIPS 199 and NIST SP 800-60.
Developed test plans, testing procedures and evidence needed to validate the controls using SP 800-53a. Performed IT risk assessment and documented the system security keys controls. SP 800-53a.
Reviewed existing documents, policies and procedures, and previous assessments reports.
Conducted walkthroughs to identify vulnerabilities.
Monitored controls post-authorization to ensure continuous compliance with security requirement.
Analyze and update System Security Plan, Risk Assessment, Privacy Impact Assessment, System Security test and Evaluation and the Plan of Actions and Milestones.
Assist System Owners and ISSO in preparing certification and Accreditation package for companies’ IT systems, making sure that management, operational and technical security controls adhere to a formal and established security requirement authorized by NIST SP 800-53 R4.
Perform risk assessments. Conduct self-annual assessment.
US Patent and Trademark Office Alexandria, Virginia 8/2010 to 11/2014
Patent Examiner
Served as Patent Examiner in Mechanical Engineering related arts.
Applied problem solving skills and analytical thinking to determine the best course of action for inventors.
Reviewed and searched patent applications to determine whether patents could be granted for inventions.
Received perfect professional evaluations four of five years.
EDUCATION
Bachelor of Science in Mechanical Engineering
Old Dominion University, Norfolk, Virginia
Associate of Science in Engineering
Northern Virginia Community College, Annandale, Virginia
CERTIFICATIONS
Cisco – CCNA
TCP/IP and OSI model layers
DHCP sever; ARP; ICMP; Transport and Application Layers; Transport layer protocols (TCP and UDP)
Cisco IOS, The Router Device: LAN and WAN interfaces;
CLI (Command Line Interface) modes
CDP (Cisco Discovery Protocol); RIP; IPv2; IGRP; OSPF
Port security
Virtual LAN (VLAN); VLAN Trunking Protocol (VTP); Spanning Tree Protocol (STP)
Security: Access Control List (ACL); Static NAT, dynamic NAT and PAT
Wide Area Networks (WAN): HDLC and PPP protocols; PPP configuration; Frame Relay (FR)
Wireless LAN
IPv6
AWS - Certified Solutions Architect (Training)
AWS Instance Types and Utilization
Amazon S3 (Simple Storage Service)
Amazon CloudFront
Amazon Route53
Amazon Elastic Compute Cloud (EC2)
Relational Database Service (RDS)
IAM (Identity Access Management)
Amazon Virtual Private Cloud (VPC)
Highly Available Fault Tolerant Application Environment
Amazon CloudFormation
DynamoDB (NoSQL Service)
Amazon Elastic Beanstalk
CompTIA Network+
Networking Basics: OSI, TCP/IP Models;
Common Protocols for Networking: DNS; DHCP; TCP and UDP
Standards for Wireless: Wireless Network Installation and Configuration Process; Wireless Security Implementation; Optimizing and Monitoring
Network Hardware and Software Tools: Traffic Monitoring and Analysis; Optimizing Performance; Network Appliances; Accessing the Network
Security Methods: Authenticating Users; Network Security
Securing the Network: Threat Mitigation; Appliances and Methods for Network Security; Firewall Installation and Configuration; Network Troubleshooting
CompTIA – Security+
Cryptography and Applications: Cryptography; Public Key Infrastructure
Security in the Infrastructure: Authentication and Remote Access; Wireless Security
Security in Transmissions; Intrusion Detection Systems; Security Baselines
Operational Security: Disaster Recovery and Business Continuity; Risk Management; Change Management; Computer Forensics
Contact this candidate