Information Security
Resume:
Joel D. Kinard CISSP, CIAM, EIT
Monroe, NC 28110
********@*****.***
GENERAL PROFILE:
Extensive knowledge of IT security, business continuity, routing, switching, networks, computers, multiple operating systems and applications, built during nineteen years of Information Technology experience. Successful record of utilizing human and technical resources to achieve corporate objectives. Highly developed written and verbal communication skills, which have proven effective in problem resolution and identifying and documenting client/project requirements.
KEY CAPABILITIES OVERVIEW:
CISSP = Certified Information Systems Security Professional #108647 (DoD 8570.1-Compliant)
CIAM = Certified Identity and Access Manager #3530
EIT = Engineer-in-Training
DDoS Mitigation: Strategies and Techniques
PKI = Public Key Infrastructure and Digital Certificates
Scripting: Developed Windows command-line scripting using VBScript modules; wrote shell scripts on Linux + UNIX servers.
Former CCNA = Cisco-Certified Network Associate
Former CWLSS = Cisco Wireless LAN Support Specialist
Secret Security Clearance from the United States Department of Defense (DoD)
Wireless: Designed and implemented 802.1x wireless LANs including design, configuration, administration and support.
Inventory: Deployed numerous wireless handheld devices and WinTerms
LAN/WAN: Deployed and configured Cisco routers & switches
Compliance: Exposure to NERC-CIP (v3 and v5) standards and related Cyber Security requirements for power industries
Firewalls: Check Point and Nokia firewall appliances, command-line and gui firewall OS installations, log analysis, forensics, troubleshooting, rule bases, configuration & administration (On Check Point: NGX R60 to R75.30, SmartConsole and Software Blade Architecture; On Nokia: IPSO v4.2 and earlier versions, +Network Voyager)
VPN’s: Site-to-Site IPSec VPN creation and administration
Two-factor Authentication: RSA SecurID System Design, Deployment & Management
Vulnerability Management - Scanning: Holistic monthly and quarterly scanning, remediation and reporting with eEye Retina
Vulnerability Management - HP-UX: Server security vulnerability administration using HP SWA; hardening with Bastille, Trusted System and Sudo
Vulnerability Management - Windows: Security vulnerability administration via Altiris, WSUS, HFNetCheck
Vulnerability Management - Linux: Redhat Linux server management via RHN portal; errata and rpm packages
Antivirus: Implementation & administration of Symantec Endpoint Protection System Design, Deployment & Management, Trend Micro, IBM/Tivoli Endpoint Manager TEM) & McAfee for Windows, Linux & MAC products
Malware and Compromise Detection: Identification/eradication of root kits, trojan horses, back doors and other types of malicious malware using various channels
Data Loss Prevention (DLP): Engineered DLP system - monitoring data in transit and at rest, preventing loss through Network, Endpoint & Cloud vectors
Perimeter Monitoring: Dell-Secureworks MSSP Portal administration, licensing, reporting
Leadership 1: Team lead for LAN site survey and staging of Hewlett-Packard core switch upgrade project (40 IDF data closets, 2 MDF rooms), at James H. Quillen VA Medical Center in Mountain Home, Tennessee
Leadership 2: Recruited/managed/mentored one direct report for technical support services
Teaching: Part-time college-level Information Security instructor: Cyber-Security awareness, phishing scam identification, malicious compromise and exploit prevention
Change Management processes, policies and procedures
Communication: Twenty-four years in Toastmasters; founded two new Charlotte NC clubs; fostered improvements in communication skills for myself and others
Security Controls: Physical, environmental, technical and access security controls
VMWare: vSphere Host and Guest Management
UNIX server builds using OpenBSD
Data backups with Veritas, IBM’s Tivoli Storage Manager & StorServer appliances
Desktop & laptop hardware, software and printers
Performance metrics, event log anomalies and trends
Website Design: https://jdkinard.com/jdkinard
EXPERIENCE:
Jun 2017 to Aug 2017 – Business Systems Consultant - Vulnerability Management SME (Contract through Apex Systems), Client = Wells Fargo – Charlotte, NC
Involved with vulnerability processes and timelines, application patching tasks, scheduling, planning and coordination for Wells Fargo’s Technology Health Refresh (THR) initiative. Collected Qualys scan data for application vulnerabilities and populated Excel workbooks with this information. The workbooks were then formatted for clarity before meeting with application owners to discuss scan findings, remediation strategies and schedules.
Apr 2017 to July 2017 – Customer Service Associate: Lowes Home Improvement (Part-time)
In addition to my full-time roles I occasionally work on the sales floors of Lowe’s Home Improvement.
Oct 2016 to Mar 2017 - Customer Service Associate: Harris Teeter (Part-time)
Performed a variety of responsibilities and assignments for the Fresh Foods department. These included preparation of deli meats, fresh-baked breads, rotisserie, baked and fried chicken, pork, salads, etc. Performed stocking and closing duties.
Feb 2016 - Private Farm Restoration
Began a sabbatical to manage some large projects around our new farm.
Sep 2015 to Jan 2016 - NERC-CIP Compliance Analyst (Contract through Computer Resource Group (CRG)), Client = Duke Energy Corporation - Charlotte, NC
Provided Compliance reviews for Daphne Pinchback from Fossil Hydro Generation.
Performed NERC-CIP Quality Assurance measures to assure Duke Energy generating stations provide reliable delivery of electricity to consumers and businesses.
Assisted in delivering NERC-CIP Compliance training to generating stations.
May 2015 to Jul 2015 – Cyber Security Engineer (Contract through Matlen Silver), Client = Babcock & Wilcox – Charlotte, NC
Managed a Data Loss Prevention (DLP) system, protecting data from escaping over various protocols such as SMTP & FTP, on removable USB storage and printed copy. Began architecting an enterprise DLP upgrade to v14.
Used IBM Unified Endpoint Management systems
Leveraged Splunk to aggregate and correlate a variety of system events for analysis
Examined Cloud-based CASB solutions such as Bitglass to check for compromise detection and prevention mechanisms.
June 2014 to Feb 2015 - Senior Network Security Engineer (Contract through TEKsystems), Client = Bank of America – Charlotte, NC
Managed an enterprise firewall consulting queue
Perimeter security engineering solutions and cyber security services
Articulated differences between Maximo software and new Remedy ITSM package
Shepherded project requests through correct channels insuring on time delivery of services
Dec 2013 to May 2014 - Senior Network Security Engineer (Contract through Levi, Ray & Shoup), Client = Dell Secureworks – Charlotte, NC
Managed an enterprise firewall consulting queue
Perimeter security engineering solutions and cyber security services
Articulated differences between Maximo software and new Remedy ITSM package
Shepherded project requests through correct channels insuring on time delivery of services
Jul 2012 to Sep 2013 – Systems Security Engineer III: Honeywell Technology Solutions Inc. – North Charleston, SC
Obtained a Secret Security Clearance from the United States Department of Defense (DoD)
Provided Cyber-Security and Information Assurance expertise for the Department of Defense, protecting critical systems and other assets utilized by the warfighter in combat missions.
Protected the Confidentiality, Integrity and Availability of information systems for federal government agencies, public and private sector clients.
Specific IA experience:
Served as IAO for SPAWAR supporting the ISSM in two Marine Corps taskings (AFATDS and TLDHS).
Engaged in Risk Management Framework (RMF) architecture/planning
Participated in Baseline and IV&V activities for JTF Capital Medical systems
May 2007 to Jul 2012 – Information Security Analyst II: Santee Cooper – Moncks Corner, SC
Attained the CISSP (Certified Information Systems Security Professional) credential by examination September 29, 2007
Exposure to the NERC-CIP v3 standards
Encryption: Project manager for the assessment phase of a laptop encryption project
Antivirus: Designed, launched, upgraded and solely managed a redundant enterprise antivirus protection schema for all corporate Windows, Citrix and Linux servers, desktops and laptops, using Symantec Endpoint Protection. Implemented & administered other antivirus products such as Trend Micro and IBM/Tivoli Endpoint Manager (TEM).
Malware: Procured supported version of Malwarebytes version with full documentation, then set up full scans at various intervals; Utilized TDSS Killer by Kaspersky to eliminate boot sector infections common on internet-facing endpoints; Fine-tuned detection and sensitivity thresholds of Symantec Endpoint Protection and Trend Micro to the highest levels, minimizing effects of malicious malware and other devious applications on production endpoints and servers
Firewalls: Upgraded numerous end-of-life Nokia appliances on IPSO 3.x in our inventory to their latest Nokia IP-series hardware, eventually running IPSO v4.2. After Check Point purchased Nokia’s entire line of IP-series firewall appliances we began to roll out some Check Point-branded hardware running SPLAT, as its versioning steadily progressed from NGX R60 up to NGX R75.30. I specified, ordered, received, built, implemented, installed and managed Check Point and Nokia firewalls and systems for use at Generating Stations in Power Generation Process Control networks, and CEMS (Continuous Emissions Monitoring Systems). I also utilized these Check Point and Nokia devices for use with IP Metering firewall systems at electric cooperatives, each transmitting monthly/hourly power billing data securely over dedicated Tunnel-mode IPSec VPN’s. I created, modified & administered fw policies, NAT configurations, etc. Occasionally during troubleshooting and configuration I utilized “expert-mode” CLI on Check Point w/SPLAT and CLISH on Nokia w/IPSO.
VPN’s: Created, implemented and administered Tunnel-mode IPSec VPN’s for electric cooperatives using IP Metering firewalls
Authentication: Managed RSA SecurID two-factor authentication system upgrade from old virtual server-based systems to new Appliances; integrating disaster recovery/redundancy/failover capabilities; management; upgrades, service packs & patches; agent configuration/distribution, etc.
Vulnerability Management: Scanning, remediation and reporting with eEye Retina
Patching: Managed security updates/patching for all HP-UX, Linux and Windows development and production servers
Monitoring: Managed perimeter network monitoring services provided by Dell-Secureworks
Metrics Reporting: Monthly/quarterly reporting on Internet and Firewall Availability, Kiwi, FTP, antivirus coverage
Hardening: Secured new HP-UX servers using Bastille, SUDO and Trusted System
Security representative on various project teams
Coordinated security vendor relationships
Jul 2005 to Apr 2007 – Network Engineer: Decore-ative Specialties – Monroe, NC
Network engineering and administration for national wood products manufacturing company
Executed Business Continuity/Disaster Recovery plan for production manufacturing computers
Wireless: Designed and implemented improvements to 802.1x wireless LANs and numerous handheld devices
Site Maps: Created master LAN map w/ device documentation using Visio and Autocad
Process Improvements: Conceived and executed strategy to mediate detrimental effects that extreme temperatures and wood dust have on Technology equipment in harsh manufacturing environments
Patching: Applied security vulnerability updates using HFNetChk Professional
Data Protection: Scripted daily archival of data from manufacturing computers on XP/Windows2000
Served as East Coast technical liaison for peers in California
Backup Systems: Managed Tivoli Storage Manager (TSM) data backup system
Scripting: Developed shell and command-line scripting with VBScript modules
Service: Diagnosed issues and coordinated factory service of servers, workstations, laptops, switches, wireless access points and StorServer tape drive
Feb 2004 to Jul 2005 – Security and Systems Administrator: Global Compliance Services – Charlotte, NC
Responsible for all Information Security, System Administration and User Support
Policies 1: Discussed with the CEO the importance of having solid policies to guide Technology management, practices and decisions, which shall be implemented after obtaining Senior-level review and approval
Policies 2: Conceived and authored Information Security, Internet Usage, Business Continuity and Microcomputer policies
Policies 3: Created new password expiration policies and logon banners and implemented them into production use
Policies 4: Created new password complexity requirements and implemented them into production use by installing passflt.dll on the Primary and Backup NT4 domain controllers
Patching: Created and managed a Microsoft Software Update Services (SUS) server, and used it to distribute security patches to Windows servers and end-user computers/laptops
Active Directory: Coordinated conversion of old Windows NT 4.0 domain to hybrid Active Directory. Created default Group Policy, GPO’s and OU’s
Standardized Windows 2000/XP workstation builds/images using local Group Policy
Antivirus: Introduced and managed McAfee Active Virus Defense systems, including ePolicy Orchestrator consoles
Email: Used ExMerge to migrate Outlook clients from Exchange 5.5 email server (used with NT4) to Exchange 2000 email server (used with hybrid Active Directory)
Personnel Management: Recruited/managed/mentored one direct report for technical support services
Scripting: Developed shell and command-line scripting using VBScript modules
Coordinated vendor relationships
Built these twelve (12) servers:
Windows 2000:
>> One Exchange 2000
>> Three Nortel Symposium (1-web & 2-DB)
>> One McAfee ePolicy Orchestrator
>> One WSUS
>> One Client Reports
Windows 2003:
>> Two domain controllers
OpenBSD:
>> One FTP (v. 3.5)
>> One MTA (v. 3.5)
>> One SysLog (v. 3.6)
Nov 2003 to May 2004 – Computer and Technical Sales: Best Buy – Charlotte, NC
Computer and Technical Sales
Apr 2001 to Nov 2003 – Network Administrator and End-user Support: Sharonview Federal Credit Union – Charlotte, NC
Network and user administration
Increased awareness of Information Security; attended two security conferences
Check printing: Configured method for credit union tellers to view and print copies of processed/cleared checks for members upon request
Web filtering: Implemented SuperScout Internet usage monitoring system to enforce corporate browsing policy
Monitoring: Established and managed network monitoring system using IP Monitor, to ensure availability of network devices and promote uptime awareness
Antivirus: Introduced and managed McAfee Active Virus Defense systems, including ePolicy Orchestrator consoles
Standardized Windows NT4.0, 2000 and XP workstation builds using imaging
Installed and administered Windows 2000 Terminal Services
Scripting: Developed shell and command-line scripting using VBScript modules
Email: Managed network and Exchange user accounts
LAN/WAN: Performed router and switch configuration and deployment at credit union branches
Site work: Coordinated installation of data and voice wiring at credit union branches
Built branch and corporate servers
Evaluated/rebuilt crashed workstations and deployed new units
Installed/updated end-user software
Fixed network connectivity problems
Interfaced with vendors/suppliers
Documentation: Created/updated network documentation/diagrams
Sep 1998 to Apr 2001 – Assistant Vice President, Network Security Administration and Operations: Bank of America – Charlotte, NC
Accounts: Administered user accounts, data access management, NTFS/Share security & DFS for client base of 15,000 users on a hybrid Windows 2000/NT4 domain
Policies: Implemented domain security policy best practices, including hardened domain passwords and procedures for terminating access of former employees
Web server: Set up Global Corporate Investment Bank (GCIB) Client Administration Intranet web server and site for Accounts Administration use
Two-factor authentication: Set up and administered an enterprise RAS solution using RSA’s SecurID security tokens
Rights management: Cooperated in a project to lock down domain rights
Set up and managed DFS shares for centralized control of data
Troubleshooting: Worked with the Network Operations team to diagnose and troubleshoot critical issues with data processes and hardware resources
Backups: Facilitated a secure backup tape rotation and ensured proper off-site storage/retrieval standards
Scripting: Developed shell and command-line scripting
EDUCATION:
UNIVERSITY OF SOUTH CAROLINA
Bachelor of Science, Civil/Structural Engineering
May, 1992
CERTIFICATIONS:
CISSP
(ISC^2 number = 108647)
CIAM
(Identity Management Institute {IMI} number = 3530)
CISCO
(Cisco number = CSCO10610786)
CCNA - Cisco-Certified Network Associate (Allowed to expire March 2009)
CWLSS - Cisco Wireless LAN Support Specialist (Allowed to expire March 2008)
EIT
Engineer in Training (May 1992)
Network Security Seminars:
SANS – Firewalls, Perimeter Protection & VPN’s
<Washington, DC>
July/August 2001
SANS – Securing IIS5
<Atlanta, GA>
January 2002
MISTI Conference
<Orlando FL>
April 2008
Symantec Endpoint Protection v11
<Internet Delivery>
February 2011
End of Information Technology Section
Beginning of Civil/Structural Engineering Design Section
1992 to 1998 -- Highlights of my Engineering Work
I participated in the structural design and construction of single and multistory commercial and institutional buildings, vehicular and railway bridges, retaining walls, municipal power plants, utilities and mainline interstate highway projects. As a civil/structural design engineer I analyzed, designed and constructed reinforced concrete footings, slabs, beams and retaining walls, as well as structural steel columns, beams, bolted and welded connections, wind and seismic bracing, trusses, frames and plate girders for single and multistory buildings.
**IT-related items in Engineering included the following:
Created two- and three-dimensional computer models with structural engineering software to simulate design loads on buildings, bridges and other structures
Supervised/participated in creation & review of construction drawings for buildings using AutoCAD and MicroStation
Contact this candidate