Security Information
Resume:
Denise K. Middendorf
Raytown, MO 64133 Cell 816-***-****
(Metro Kansas City area) E-mail: ac6mlu@r.postjobfree.com
Professional summary: Over 17 years experience in general Information Security and well versed in typical data center operations with specialized experience in contingency planning, security administration and certification/accreditation processes. Over 7 years experience with establishing and documenting procedures, training, and developing stringent continuity plans, policy and procedure documents and execution plans, all of which adhere to audit standards and provide assistance for training and communication. Very familiar with government/civil service security requirements and strategies as well as governmental regulations and requirements
Specialties: I specialize in user Access Control, internal Network Security and Risk Assessment and Vulnerability Management.
Expertise: NIST Standards Compliance, Government Certification and Accreditation, Government security policies and guidelines, disaster recovery/contingency planning and testing, User ID establishment, user access troubleshooting, granting access, certification and accreditation preparation, and administration. Qualys vulnerability Management, PCI and HIPAA.
Work History:
H&R Block
October 2016 – Present
SR Security Analyst 40 hours per week
I was a Sr. Security Analyst in the GRC team within the Information Security department. I was the support for systems developed for the Corporate systems, Finance, Treasury tax business line and online software; marketing systems; and the country of Canada as part of our global security initiative. Current initiatives include: gathering of in-place security elements from our business unit in Canada to develop a security reference architecture for that market; working with the Corporate Services and Finance/Treasury development units to develop a plan for future state security needs that includes a secure software development environment; ensuring that our security engineering and incident response teams have all information needed from these units in order to provide appropriate security support and response. I provide backup assistance with Vendor Assessments when needed. I was also involved in running adhoc vulnerability scans and reporting as well as metrics reporting through Qualys for Corporate assets as well as Australia. I also reported to VP’s on vulnerability metrics.
EPIQ Systems, Inc
May 2013-October 2016
Sr. Security Engineer 40+ hours a week
I scheduled and ran all of EPIQ Systems vulnerability scans using McAfee Vulnerability Manager. I was responsible for coordinating scans and implementing policy change exceptions (also for HIPAA assets). I used GRC Archer, SEIM and ePO as well in order to access reports that pertain to scanning. I also used Prime 2.0 to consolidate and verify appropriate IPs and subnets are being scanned as EPIQ Systems continuously acquires new companies/networks. I planned and organized vendor purchase from McAfee to Qualys and planned the implementation of the scanner appliances in each Date Center (including shipping physical machines to correct location and the set up of each appliance) as well as ensuring the Asset Agent was included as part of the new core load. I also served as Incident Response Commander on a rotating basis. This entailed being on call and handling all internal/external requests for Security Operation group to perform unblock requests as well as daily ticket response for handling emergency issues such as computer virus remediation and occasionally performing forensics. I was required to attend SANS GCIH training as part of the Incident Response team and continue training through Cybrary .and OpenLearn sites.
ECOM
H&R Block
Sept 2011 – May-2013
Security Analyst 40 hours per week
As a Security Analyst, I serve as the liaison between H&R Block and the Managed Security Service Provider (MSSP). My focus in this position is to address all security incidents reported by the MSSP and coordinate all remediation efforts within other internal support teams. This is accomplished using Symantec operational support of all security incidents, service requests and server logging per device. All efforts are tracked and documented in the Service-Now ticketing system. I provide enterprise support to all assets within the World Headquarters and Field/Remote offices. I am also involved with supporting and developing operational processes in regards to our anti-virus, data loss prevention, and Qualys vulnerability scanning and reporting processes and assist in the establishment of specific security testing criteria and procedures. I lead project development team in Vulnerability Management, to include PCI, and Risk Assessment. Provide Qualys vulnerability scanning for enterprise and analyzing, managing and reporting all assets. I coordinate and assist in fulfilling request for ad hoc security metrics reporting. I also participate in daily/weekly security status calls and assist with special projects.
Chameleon
USDA/OCIO/NITC
July 2011 – Sept 2011
Service Desk Specialist 40 hours per week
As an employee in a service desk operation functioning under ITILv2 (currently progressing to ITILv3), I proficiently performed the following tasks:
Coordinate and lead technical calls including ensuring the appropriate technical staff are on call to facilitate the implementation of fix or work around. This includes ensuring the appropriate USDA CIO’s, internal and external Agency CIO’s, business owners and application owners as well as the application administrators are on the call. I am responsible for monitoring the servers and databases which reside on the servers to ensure there are no outages with special attention to high level (presidentially mandated) web applications/pages.
I was also responsible for determining and communicating the business impact of critical and high priority incidents as well as documenting all communication as well as action items and ensuring each technical support staff complete assigned action items on time in order to communicate accuracy of information to the customer. I also tracked root causes of incidents and document issues to use as learning tool to help prevent another occurrence. I used appropriate tools to document processes and recommend appropriate changes if necessary.
I used BMC Remedy to create, assign and track all incidents and ensure they are being handled according to current documented ITIL processes and completed in timely manner and research all incidents as they occur and ensure the proper technical staff is assigned to complete each piece. I coordinate and complete projects as assigned by government staff. This includes reviewing, documented, tested and recommended procedures, products, and or services to better meet the customers’ needs.
Newberry Group
USDA/OCIO/ASOC
July 2008-April 2011
Incident Report Handler 40+ hours per week
I ensured continuing accessibility and availability of a variety of USDA mission-critical applications and to perform highly specialized computer forensic investigations for the agencies in my charge. I performed SOC (Strategic Operations Center) operations including IDS (Intrusion Detection System) event monitoring and analysis, security incident handling, incident reporting, and threat analysis, demonstrating my ability to perform operational activities needed to support the ASOC's enterprise-wide incident handling process.
I worked with numerous IDS and on virus and malware behavior and intrusion methodologies, which illustrates my capability to provide adequate security engineering reviews of requirements, designs, operational systems, tools, services, and other technology to ensure compliance with departmental guidance and other best practices for operational security. I monitor and analyze network traffic, IDS alerts, network and system logs, and available open source information to detect and report threats to customer networks. I am well versed at conducting special cyber-security studies, surveys, and reviews of IT systems to ensure that appropriate safeguards exist to protect against perceived threats. I have a working knowledge of enterprise level operational security, telecommunications, networking and security technology, policy and programs, and cyber security test programs and methodologies.
I responded to management relating to status of incidents for agencies. I relayed the status of Incidents for each agency. I determined appropriate response action(s) required to mitigate risk and provide threat and damage assessment for security threats. I attend weekly conference calls with WDC staff to provide status of open incidents and other projects. I also provide technical guidance on training documents as well as creating and maintaining current procedure documentation. I was responsible for processing incident tickets within REMEDY in accordance with the Continuity Plan, monitor all open incidents and track progress from inception through resolution and closing incident tickets that have been researched by the agencies and closing documentation has been received expressing their findings and how the incident has been corrected. I sent notification documents as needed per requests as well as send correspondence to ISSPMs. I prepare the CIRG (Critical Incident Response Group) packet following the Continuity Plan Guidelines and the CIRG Meeting Preparation Checklist. I generate multiple reports based on the age of open incidents and follow established policy regarding the aging incidents and notify appropriate management. I notify proper agency of aging incidents and advise on policy regarding steps the agency needs to take to close the incidents.
EDS
USDA/FSA
Oct 2001 – July 2008
IT Admin Specialist 40+ hours per week
As a contractor and team lead for FSA (Farm Services Agency), I developed and maintained security plans and contingency planning processes for the FSA IT security department as required in NIST Special Publication 800-34 and NIST SP 800-53. I also spent approximately 2 years with the Certification and Accreditation group within FSA. During that time I helped create Security Plans for over 26 FSA proprietary applications based on NIST SP 800-53 as well as NIST SP 800-53A which is used to tailor specific assessment procedures. Attention to detail is especially important during the C&A phase to ensure the systems are properly maintained and secure as well as enabling the agency to pass an audit. I interacted, via email and by phone with each application owner(s) and application programmer(s) in order to gather the original requirements preceding the development of the application and gain knowledge of the application which was required to determine how the application is programmed and how the Security/Contingency plan needed to be written for proper implementation. I am familiar with FISMA, A123 as deadlines had to be met each year.
I and my team handled creating, assigning and resetting logon IDs, identifying and resolving logon issues, entered data records of help calls in an automated Access database, logged requests and updated the request and ID databases. I created access for users by following the RBAC approach and the LDAP protocol. The user IDs/passwords I created and maintained were for Mainframe, Sybase, NFC, ADPS, GLS, AS400 and UNIX systems and subsystems. I ensured the users were set up properly with PKI. I reset passwords for users that have been suspended or disabled. Additionally I established procedures based on Federal Policy and communicated those procedures to other State Coordinators/SEDs and Branch Chiefs, in written correspondence or by phone. I tracked and researched trouble tickets in Magic system. I coordinated User IDs with other Security offices through oral and written correspondence. I helped organize training for new systems for Timekeeper and Attendance systems. I have also participated as an instructor, giving the Security portion of the training. I trained new Security Officers on all systems. My team compiled reports based upon information gathered from security databases and policy and procedure manuals. Throughout my 7-year career with Farm Service Agency, Information Security Operations Support I regularly attended training sessions for newly established policy and procedures being introduced nationally. I also spent time informing each state IT Specialist and management our policy, procedures, risks associated with new applications.
As a Team Lead of 10 employees I maintained responsibility for communicating new policies, programs, initiatives and any management disseminations to the staff. Through meetings with the Project Manager, I interpreted personnel and operational policies and relate their significance to daily work practices. I worked with the team to pinpoint potential obstacles and develop implementation plans. I provided briefing points and attended staff briefings to assist in rolling out policy and ensuring procedures are being followed. My team compiled reports based upon information gathered from security databases and policy and procedure manuals. I provided expertise on FSA Application Security regulations. Meeting one-on-one with programmers and users, I advised on managing security issues to ensure compliance and procedural solutions to complex issues that arose during application conversions.
Education:
2018
Computer and Hacking Forensics
Incident Response and Advanced Forensics
2013-2017
SANS GCIH and CISSP
2016 + 2017
Qualys Vulnerability Management and Policy Compliance
2009-2010
Basic courses at Longview Community College
May 2011
CompTIA Sec+ at New Horizons
Contact this candidate