Security Active Directory
Resume:
BENJAMIN R.K. STIRLING
Information and Operational Technology Security Specialist
Areas of Expertise:
Network and Systems Security and Administration
Control System Security and Administration
Regulatory Compliance: NERC – CIP
Security and Operation Frameworks and Policies – NIST, ITIL, ISA 99
SIEM Implementation
Policy Planning / Implementation
Disaster Recovery / Contingency Planning
Team and project leadership
TECHNICAL PROFICIENCIES
Operating Systems: Windows Server 2016/ 2012 (R1/R2)/ 2008 (R1/R2)/ 2003/ SBS/ 2000/NT; Windows 10/8/7/Vista/Xp/2000/NT/9X; UNIX (Solaris and Free/OpenBSD); Linux (Debian and Red Hat Distributions)
Line of Business and Office Software (On Premise and Cloud): Microsoft SharePoint, Microsoft CRM Dynamics, Square 9 Smart Search, Connect Wise, IBM Maximo
Server Software: Microsoft Exchange, Microsoft Hyper-V, Microsoft SQL, MySQL IIS, Microsoft DNS, Microsoft DHCP, Microsoft Active Directory, Microsoft RDS, Windows Server Update Services, VMWare vSphere, Certificate Authorities
Monitoring, Management, and Security: Kaseya, Lab Tech, Meraki Systems Manager, Dell Remote Infrastructure Monitoring (Silver Streak), GFI LAN Guard, McAfee EPO, Symantec EP, Syslog, SNMP, Open VAS, Nexpose, Metasploit, Nessus, PF, Snort, Splunk, ForeScout, Whats Up Gold, Gigamon, Console works
Backup and Disaster Recovery Software: Acronis, Shadow Protect, Symantec Backup Exec,
Networking Equipment: Cisco (Pix, ASA, Routers, Managed Switches, Aironet Access Points, CLI and ASDM), Fortigate, Sonicwall, Sophos UTM (Astaro), PFsense, Untangle, HP Managed Switches, Dell Managed Switches, EnGenius Access Points, Meraki Access Points, Hirschmann, Enterasys, Cambium (Motorola) Outdoor Wireless, Palo alto Next generation firewalls
VPN Solutions: PPTP, L2TP, IPSec, VPN over SSL, Astaro RED, SSH Tunnels, Open VPN, Cisco AnyConnect
SCADA, Control Systems, Software, and Protocols: Schneider Electric/Invensys – I/A, EVO, Wonderware, ArchestrA; GE Mark VI & VIe Turbine Control, Allan Bradley PLCs, Foxray, OSI Soft PI, Profibus, GSM, Modbus, foundation fieldbus, HART, ABB, Emerson Delta V & Ovation
Regulatory and Standards Compliance: NERC – CIP, HIPPA, NIST SP 800-82, ISA 99/ IEC 62443
PROFESSIONAL EXPERIENCE
Independent Consultant (2003 - Present)
I provide IT and Cyber Security consulting services for the publishing, energy, and healthcare industries as well as a variety of small to mid-market businesses. Services and projects have covered a wide range of applications and requirements.
Core Services:
Security Awareness and Education
Security Governance and Architecture
Threat and Vulnerability Management
Role Based Access Control Policy and Implementation
Regulatory Compliance
Document and Workflow Management
CRM and ERP Planning and Implementation
Managed IT Services
Project Management
Solution Design and Implementation
Windows and Linux System Administration
Lead Generation Cybersecurity (November 2018 – Present)
Vistra Energy, Dallas, Texas
SR. Analyst Cyber Compliance Corp/ Fossil (April 2018 – January 2019)
Vistra Energy, Dallas, Texas
I am the technical resource for Cyber Compliance. I am focused on CIP compliance for Generation (including 6 medium impact programs) and a high impact Control Center.
Lead on Generation Cyber Security incidence response
Led Vistra Entergy’s collaboration with Texas A&M University on Department of Energy CEDS grant, and research. Leadership was in both managing relationships and as the technical lead for research.
Delegated CIP-007-6 R2.4 Authority
Helped to implement CIP medium impact program at 4 sites in 3 months due to merger with Dynegy
Implemented CIP medium impact program at 2 legacy lignite sites with in Luminant
Conducted internal audits
CIP-005,7, & 10 subject matter expert
Operational Technology Analyst (December 2013 – April 2018)
Luminant (Vistra Energy), Dallas, Texas
I am focused on the security and compliance of the fossil fleet control systems, networks, and equipment. I am responsible for maintaining and supporting OT networks and systems. I am a member of the ERCOT CIP Working Group. I also work fleet wide with the cyber security and risk and compliance groups to develop and implement solutions to meet compliance requirements. Working to construct NIST based security and operational frameworks; SIEM deployment; and implementation of systems and standards to increase the security and reliability of the fleet.
Key Achievements:
Conducted control system CIP compliance audits.
Used Jira and Asana for project and work management and tracking
Helped address CIP v3-6 compliance requirements of generation fleer
Helped to create role-based security controls
Found network segregation implementation issues, and lead projects to resolve.
Implemented redundant Cambium canopy system for non-critical auxiliary systems
Technical lead on project to replicate Mark VI controls to I/A over GSM protocol while maintaining network segregation.
Found and documented critical bug affecting control system software with the vendor.
Corrected network documentation, documented network baseline, created detailed asset lists for units and BES assets
Created custom Test Bed for system and logic updates to OT networks.
Created and Implemented Backup and Disaster recovery plan for OT networks
Resolved issues related to OT network and server provisioning.
Instituted detailed network technology and security training program for Instrumentation and Control personnel
Provided additional cyber security awareness training for general plant personnel.
Deployed next generation firewalls with application and user rules to key network segments
Implemented NTP and IRIG-B time synchronization for control systems, DFR’s, and key switch gear.
Corporate IT Manager (Client since 2007, June 2012 - December 2013)
Midway Energy Services, Midway, Texas
I managed the IT department for a midmarket enterprise spread over 8 states. Responsibilities included managing national and local accounts for all offices (Telecom, cellphones, and ISP’s). Responsible for analyzing operations and implementing policy and equipment changes for improved efficiency. I created cyber security and incidence response programs and policies.
Key Achievements:
Provided server and network uptime of 99.9%
Implemented VM to reduce datacenter costs
Implemented RAS and VPN solutions for remote workers
Developed security architecture focused on protecting HR information, ERP / Financial data systems, and the companies intellectual properties
Developed physical security guidelines for all offices and yards.
Instituted incidence response plan.
Created IT Acceptable Use Policy.
Created role based access controls
Deployed Nexpose for vulnerability management
Created and implemented Backup and Disaster recovery plan.
Reduced per capita IT / telecom expense by 15%.
Reduced printing and copying cost by 60% companywide.
Established IT Assets and Inventory tracking as part of an asset lifecycle program.
Used Document Management software to simplify paperwork and workflow in multiple departments.
Instituted RMM and MDM software to reduce IT staffing requirements.
Implemented Fuel Management System (OPW Phoenix) to monitor and reduce fuel use and theft.
Implemented Inventory Control System for parts warehousing
Level III Network Administrator/ Managed services department head (2009 - June 2012)
Brandkast Solutions (BVOS), College Station, Texas
Recruited to establish new Managed Services Company. Responsible for sourcing vendors and establishing accounts; developing product lines and offerings; as well as running day to day operations of the business.
Key Achievements:
Responsible for managing customer projects from presales to support.
Established relationships with partner programs.
Designed and implemented remote management, and backup and disaster recovery procedures.
Implemented and customized document management and workflow automation.
Implemented and managed helpdesk support.
Implemented SSL VPN solution for secure remote access to financial data.
Implemented changes in customer data security by encrypting all customer backups and information; and securing network.
Installed, customized, and configured Microsoft Dynamics CRM; to assist in customer relations and tracking of service requests.
Managed large implementations of Active Directory for customers
Windows Administration
Level III Network Administrator (2007 - 2009)
Agnitek, College Station, Texas
Provided onsite and remote support for clients. Provided support for Cisco products including tier-III LAN/WAN support to all of the company’s clients. Implemented new server and domain deployments for new and existing customers. Responsible for BUDR (Backup and Disaster Recovery) SAN maintenance and expansion for company and clients.
Key Achievements:
Sourced and installed new servers and SAN equipment for BUDR backups. Used ZFS volumes as ISSCI targets.
Installed and maintained SharePoint server for client and internal documentation.
Reviewed and tested potential networking equipment offerings.
Managed implementations of Active Directory for customers
Windows Administration
Level II Network Administrator (2005 - 2007)
Systek, College Station, Texas
Provided onsite and in store support for residential and business clients.
Key Achievements:
Implemented CRM program to replace paper documentation and ticketing system
Implemented customer and company data security standards: physical and network level access restrictions.
Managed implementations of Active Directory for customers
Windows Administration
RESEARCH INTERESTS
Control System Security
oDCS Processors / IO – Network Stacks / Fuzzing
oPLC Processor Network Stack
oHMI Software Security
oControl Protocols: Commex, Profibus, GSM, Modbus, foundation fieldbus, HART, OPC, DNP3
Network Protocols
INVITED PRESENTATIONS
Consequences of Failure: Adventures in the World of Industrial Control Systems Presented at Security Week: ICS Cyber Security Conference, Atlanta, Georgia. October 2017
Building the Knowledge and Team to Secure the ICS Environment: ECEN 681 – Power Graduate Seminar Texas A&M, College Station, Texas. November 2017
Network Resilience: In Industrial Control Systems Presented at Security Week: ICS Cyber Security Conference, Atlanta, Georgia. October 2018
COMMITTEE MEMBERSHIPS
ERCOT – CIPWG
ISA-99 Drafting Committee
EDUCATION
Texas A&M University (2004 – 2008)
Physics
Lewis-Clark State College (2002 – 2004)
Network Administration
Liberty University (2017- Present)
IT: Data Network & Security
Other Training: OSHA, Digital Forensics First Responder, Anhydrous Ammonia Safety, LOTO, DHS ICS Cybersecurity, I/A Advanced System Administration, I/A System Security Administration, I/A System virtualization
PROFESSIONAL MEMBERSHIPS
EPRI, IEEE, E-ISAC, US-CERT, ICS-CERT, ISSA, ERCOT CIPWG, ISA
579 Oak Tree Lane, Franklin, Texas 77856
*************@*****.***
Contact this candidate