Joel D. Kinard CISSP, CIAM, EIT

*** ******* ****

Monroe, NC 28110

ac38zm@r.postjobfree.com

GENERAL PROFILE:

Extensive knowledge of IT security, business continuity, routing, switching, networks, computers, multiple operating systems and applications, built during nineteen years of Information Technology experience. Successful record of utilizing human and technical resources to achieve corporate objectives. Highly developed written and verbal communication skills, which have proven effective in problem resolution and identifying and documenting client/project requirements.

KEY CAPABILITIES OVERVIEW:

CISSP = Certified Information Systems Security Professional #108647 (DoD 8570.1-Compliant)

CIAM = Certified Identity and Access Manager #3530

EIT = Engineer-in-Training

DDoS Mitigation: Strategies and Techniques

PKI = Public Key Infrastructure and Digital Certificates

Scripting: Developed Windows command-line scripting using VBScript modules; wrote shell scripts on Linux + UNIX servers.

Former CCNA = Cisco-Certified Network Associate

Former CWLSS = Cisco Wireless LAN Support Specialist

Secret Security Clearance from the United States Department of Defense (DoD)

Wireless: Designed and implemented 802.1x wireless LANs including design, configuration, administration and support.

Inventory: Deployed numerous wireless handheld devices and WinTerms

LAN/WAN: Deployed and configured Cisco routers & switches

Compliance: Exposure to NERC-CIP (v3 and v5) standards and related Cyber Security requirements for power industries

Firewalls: Check Point and Nokia firewall appliances, command-line and gui firewall OS installations, log analysis, forensics, troubleshooting, rule bases, configuration & administration (On Check Point: NGX R60 to R75.30, SmartConsole and Software Blade Architecture; On Nokia: IPSO v4.2 and earlier versions, +Network Voyager)

VPN’s: Site-to-Site IPSec VPN creation and administration

Two-factor Authentication: RSA SecurID System Design, Deployment & Management

Vulnerability Management - Scanning: Holistic monthly and quarterly scanning, remediation and reporting with eEye Retina

Vulnerability Management - HP-UX: Server security vulnerability administration using HP SWA; hardening with Bastille, Trusted System and Sudo

Vulnerability Management - Windows: Security vulnerability administration via Altiris, WSUS, HFNetCheck

Vulnerability Management - Linux: Redhat Linux server management via RHN portal; errata and rpm packages

Antivirus: Implementation & administration of Symantec Endpoint Protection System Design, Deployment & Management, Trend Micro, IBM/Tivoli Endpoint Manager TEM) & McAfee for Windows, Linux & MAC products

Malware and Compromise Detection: Identification/eradication of root kits, trojan horses, back doors and other types of malicious malware using various channels

Data Loss Prevention (DLP): Engineered DLP system - monitoring data in transit and at rest, preventing loss through Network, Endpoint & Cloud vectors

Perimeter Monitoring: Dell-Secureworks MSSP Portal administration, licensing, reporting

Leadership 1: Team lead for LAN site survey and staging of Hewlett-Packard core switch upgrade project (40 IDF data closets, 2 MDF rooms), at James H. Quillen VA Medical Center in Mountain Home, Tennessee

Leadership 2: Recruited/managed/mentored one direct report for technical support services

Teaching: Part-time college-level Information Security instructor: Cyber-Security awareness, phishing scam identification, malicious compromise and exploit prevention

Change Management processes, policies and procedures

Communication: Twenty-four years in Toastmasters; founded two new Charlotte NC clubs; fostered improvements in communication skills for myself and others

Security Controls: Physical, environmental, technical and access security controls

VMWare: vSphere Host and Guest Management

UNIX server builds using OpenBSD

Data backups with Veritas, IBM’s Tivoli Storage Manager & StorServer appliances

Desktop & laptop hardware, software and printers

Performance metrics, event log anomalies and trends

Website Design: https://jdkinard.com/jdkinard

EXPERIENCE:

Jun 2017 to Aug 2017 – Business Systems Consultant - Vulnerability Management SME (Contract through Apex Systems), Client = Wells Fargo – Charlotte, NC

Involved with vulnerability processes and timelines, application patching tasks, scheduling, planning and coordination for Wells Fargo’s Technology Health Refresh (THR) initiative. Collected Qualys scan data for application vulnerabilities and populated Excel workbooks with this information. The workbooks were then formatted for clarity before meeting with application owners to discuss scan findings, remediation strategies and schedules.

Apr 2017 to July 2017 – Customer Service Associate: Lowes Home Improvement (Part-time)

In addition to my full-time roles I occasionally work on the sales floors of Lowe’s Home Improvement.

Oct 2016 to Mar 2017 - Customer Service Associate: Harris Teeter (Part-time)

Performed a variety of responsibilities and assignments for the Fresh Foods department. These included preparation of deli meats, fresh-baked breads, rotisserie, baked and fried chicken, pork, salads, etc. Performed stocking and closing duties.

Feb 2016 - Private Farm Restoration

Began a sabbatical to manage some large projects around our new farm.

Sep 2015 to Jan 2016 - NERC-CIP Compliance Analyst (Contract through Computer Resource Group (CRG)), Client = Duke Energy Corporation - Charlotte, NC

Provided Compliance reviews for Daphne Pinchback from Fossil Hydro Generation.

Performed NERC-CIP Quality Assurance measures to assure Duke Energy generating stations provide reliable delivery of electricity to consumers and businesses.

Assisted in delivering NERC-CIP Compliance training to generating stations.

May 2015 to Jul 2015 – Cyber Security Engineer (Contract through Matlen Silver), Client = Babcock & Wilcox – Charlotte, NC

Managed a Data Loss Prevention (DLP) system, protecting data from escaping over various protocols such as SMTP & FTP, on removable USB storage and printed copy. Began architecting an enterprise DLP upgrade to v14.

Used IBM Unified Endpoint Management systems

Leveraged Splunk to aggregate and correlate a variety of system events for analysis

Examined Cloud-based CASB solutions such as Bitglass to check for compromise detection and prevention mechanisms.

June 2014 to Feb 2015 - Senior Network Security Engineer (Contract through TEKsystems), Client = Bank of America – Charlotte, NC

Managed an enterprise firewall consulting queue

Perimeter security engineering solutions and cyber security services

Articulated differences between Maximo software and new Remedy ITSM package

Shepherded project requests through correct channels insuring on time delivery of services

Dec 2013 to May 2014 - Senior Network Security Engineer (Contract through Levi, Ray & Shoup), Client = Dell Secureworks – Charlotte, NC

Managed an enterprise firewall consulting queue

Perimeter security engineering solutions and cyber security services

Articulated differences between Maximo software and new Remedy ITSM package

Shepherded project requests through correct channels insuring on time delivery of services

Jul 2012 to Sep 2013 – Systems Security Engineer III: Honeywell Technology Solutions Inc. – North Charleston, SC

Obtained a Secret Security Clearance from the United States Department of Defense (DoD)

Provided Cyber-Security and Information Assurance expertise for the Department of Defense, protecting critical systems and other assets utilized by the warfighter in combat missions.

Protected the Confidentiality, Integrity and Availability of information systems for federal government agencies, public and private sector clients.

Specific IA experience:

Served as IAO for SPAWAR supporting the ISSM in two Marine Corps taskings (AFATDS and TLDHS).

Engaged in Risk Management Framework (RMF) architecture/planning

Participated in Baseline and IV&V activities for JTF Capital Medical systems

May 2007 to Jul 2012 – Information Security Analyst II: Santee Cooper – Moncks Corner, SC

Attained the CISSP (Certified Information Systems Security Professional) credential by examination September 29, 2007

Exposure to the NERC-CIP v3 standards

Encryption: Project manager for the assessment phase of a laptop encryption project

Antivirus: Designed, launched, upgraded and solely managed a redundant enterprise antivirus protection schema for all corporate Windows, Citrix and Linux servers, desktops and laptops, using Symantec Endpoint Protection. Implemented & administered other antivirus products such as Trend Micro and IBM/Tivoli Endpoint Manager (TEM).

Malware: Procured supported version of Malwarebytes version with full documentation, then set up full scans at various intervals; Utilized TDSS Killer by Kaspersky to eliminate boot sector infections common on internet-facing endpoints; Fine-tuned detection and sensitivity thresholds of Symantec Endpoint Protection and Trend Micro to the highest levels, minimizing effects of malicious malware and other devious applications on production endpoints and servers

Firewalls: Upgraded numerous end-of-life Nokia appliances on IPSO 3.x in our inventory to their latest Nokia IP-series hardware, eventually running IPSO v4.2. After Check Point purchased Nokia’s entire line of IP-series firewall appliances we began to roll out some Check Point-branded hardware running SPLAT, as its versioning steadily progressed from NGX R60 up to NGX R75.30. I specified, ordered, received, built, implemented, installed and managed Check Point and Nokia firewalls and systems for use at Generating Stations in Power Generation Process Control networks, and CEMS (Continuous Emissions Monitoring Systems). I also utilized these Check Point and Nokia devices for use with IP Metering firewall systems at electric cooperatives, each transmitting monthly/hourly power billing data securely over dedicated Tunnel-mode IPSec VPN’s. I created, modified & administered fw policies, NAT configurations, etc. Occasionally during troubleshooting and configuration I utilized “expert-mode” CLI on Check Point w/SPLAT and CLISH on Nokia w/IPSO.

VPN’s: Created, implemented and administered Tunnel-mode IPSec VPN’s for electric cooperatives using IP Metering firewalls

Authentication: Managed RSA SecurID two-factor authentication system upgrade from old virtual server-based systems to new Appliances; integrating disaster recovery/redundancy/failover capabilities; management; upgrades, service packs & patches; agent configuration/distribution, etc.

Vulnerability Management: Scanning, remediation and reporting with eEye Retina

Patching: Managed security updates/patching for all HP-UX, Linux and Windows development and production servers

Monitoring: Managed perimeter network monitoring services provided by Dell-Secureworks

Metrics Reporting: Monthly/quarterly reporting on Internet and Firewall Availability, Kiwi, FTP, antivirus coverage

Hardening: Secured new HP-UX servers using Bastille, SUDO and Trusted System

Security representative on various project teams

Coordinated security vendor relationships

Jul 2005 to Apr 2007 – Network Engineer: Decore-ative Specialties – Monroe, NC

Network engineering and administration for national wood products manufacturing company

Executed Business Continuity/Disaster Recovery plan for production manufacturing computers

Wireless: Designed and implemented improvements to 802.1x wireless LANs and numerous handheld devices

Site Maps: Created master LAN map w/ device documentation using Visio and Autocad

Process Improvements: Conceived and executed strategy to mediate detrimental effects that extreme temperatures and wood dust have on Technology equipment in harsh manufacturing environments

Patching: Applied security vulnerability updates using HFNetChk Professional

Data Protection: Scripted daily archival of data from manufacturing computers on XP/Windows2000

Served as East Coast technical liaison for peers in California

Backup Systems: Managed Tivoli Storage Manager (TSM) data backup system

Scripting: Developed shell and command-line scripting with VBScript modules

Service: Diagnosed issues and coordinated factory service of servers, workstations, laptops, switches, wireless access points and StorServer tape drive

Feb 2004 to Jul 2005 – Security and Systems Administrator: Global Compliance Services – Charlotte, NC

Responsible for all Information Security, System Administration and User Support

Policies 1: Discussed with the CEO the importance of having solid policies to guide Technology management, practices and decisions, which shall be implemented after obtaining Senior-level review and approval

Policies 2: Conceived and authored Information Security, Internet Usage, Business Continuity and Microcomputer policies

Policies 3: Created new password expiration policies and logon banners and implemented them into production use

Policies 4: Created new password complexity requirements and implemented them into production use by installing passflt.dll on the Primary and Backup NT4 domain controllers

Patching: Created and managed a Microsoft Software Update Services (SUS) server, and used it to distribute security patches to Windows servers and end-user computers/laptops

Active Directory: Coordinated conversion of old Windows NT 4.0 domain to hybrid Active Directory. Created default Group Policy, GPO’s and OU’s

Standardized Windows 2000/XP workstation builds/images using local Group Policy

Antivirus: Introduced and managed McAfee Active Virus Defense systems, including ePolicy Orchestrator consoles

Email: Used ExMerge to migrate Outlook clients from Exchange 5.5 email server (used with NT4) to Exchange 2000 email server (used with hybrid Active Directory)

Personnel Management: Recruited/managed/mentored one direct report for technical support services

Scripting: Developed shell and command-line scripting using VBScript modules

Coordinated vendor relationships

Built these twelve (12) servers:

Windows 2000:

>> One Exchange 2000

>> Three Nortel Symposium (1-web & 2-DB)

>> One McAfee ePolicy Orchestrator

>> One WSUS

>> One Client Reports

Windows 2003:

>> Two domain controllers

OpenBSD:

>> One FTP (v. 3.5)

>> One MTA (v. 3.5)

>> One SysLog (v. 3.6)

Nov 2003 to May 2004 – Computer and Technical Sales: Best Buy – Charlotte, NC

Computer and Technical Sales

Apr 2001 to Nov 2003 – Network Administrator and End-user Support: Sharonview Federal Credit Union – Charlotte, NC

Network and user administration

Increased awareness of Information Security; attended two security conferences

Check printing: Configured method for credit union tellers to view and print copies of processed/cleared checks for members upon request

Web filtering: Implemented SuperScout Internet usage monitoring system to enforce corporate browsing policy

Monitoring: Established and managed network monitoring system using IP Monitor, to ensure availability of network devices and promote uptime awareness

Antivirus: Introduced and managed McAfee Active Virus Defense systems, including ePolicy Orchestrator consoles

Standardized Windows NT4.0, 2000 and XP workstation builds using imaging

Installed and administered Windows 2000 Terminal Services

Scripting: Developed shell and command-line scripting using VBScript modules

Email: Managed network and Exchange user accounts

LAN/WAN: Performed router and switch configuration and deployment at credit union branches

Site work: Coordinated installation of data and voice wiring at credit union branches

Built branch and corporate servers

Evaluated/rebuilt crashed workstations and deployed new units

Installed/updated end-user software

Fixed network connectivity problems

Interfaced with vendors/suppliers

Documentation: Created/updated network documentation/diagrams

Sep 1998 to Apr 2001 – Assistant Vice President, Network Security Administration and Operations: Bank of America – Charlotte, NC

Accounts: Administered user accounts, data access management, NTFS/Share security & DFS for client base of 15,000 users on a hybrid Windows 2000/NT4 domain

Policies: Implemented domain security policy best practices, including hardened domain passwords and procedures for terminating access of former employees

Web server: Set up Global Corporate Investment Bank (GCIB) Client Administration Intranet web server and site for Accounts Administration use

Two-factor authentication: Set up and administered an enterprise RAS solution using RSA’s SecurID security tokens

Rights management: Cooperated in a project to lock down domain rights

Set up and managed DFS shares for centralized control of data

Troubleshooting: Worked with the Network Operations team to diagnose and troubleshoot critical issues with data processes and hardware resources

Backups: Facilitated a secure backup tape rotation and ensured proper off-site storage/retrieval standards

Scripting: Developed shell and command-line scripting

EDUCATION:

UNIVERSITY OF SOUTH CAROLINA

Bachelor of Science, Civil/Structural Engineering

May, 1992

CERTIFICATIONS:

CISSP

(ISC^2 number = 108647)

CIAM

(Identity Management Institute {IMI} number = 3530)

CISCO

(Cisco number = CSCO10610786)

CCNA - Cisco-Certified Network Associate (Allowed to expire March 2009)

CWLSS - Cisco Wireless LAN Support Specialist (Allowed to expire March 2008)

EIT

Engineer in Training (May 1992)

Network Security Seminars:

SANS – Firewalls, Perimeter Protection & VPN’s

<Washington, DC>

July/August 2001

SANS – Securing IIS5

<Atlanta, GA>

January 2002

MISTI Conference

<Orlando FL>

April 2008

Symantec Endpoint Protection v11

<Internet Delivery>

February 2011

End of Information Technology Section

Beginning of Civil/Structural Engineering Design Section

1992 to 1998 -- Highlights of my Engineering Work

I participated in the structural design and construction of single and multistory commercial and institutional buildings, vehicular and railway bridges, retaining walls, municipal power plants, utilities and mainline interstate highway projects. As a civil/structural design engineer I analyzed, designed and constructed reinforced concrete footings, slabs, beams and retaining walls, as well as structural steel columns, beams, bolted and welded connections, wind and seismic bracing, trusses, frames and plate girders for single and multistory buildings.

**IT-related items in Engineering included the following:

Created two- and three-dimensional computer models with structural engineering software to simulate design loads on buildings, bridges and other structures

Supervised/participated in creation & review of construction drawings for buildings using AutoCAD and MicroStation

Contact this candidate