Thomas Michael Mitchell
Prattville, Alabama 36066
acavce@r.postjobfree.com
Experience Summary
> Highly competent Security Strategist with over 20+ years' experience
in information technology and security enterprise environments,
driving sales and solutions that map to critical business goals.
> Multi-tasking team player is seeking a position to utilize security
subject matter expertise.
> I have an entrepreneurial spirit from having owned and operated three
companies, a software company and two professional services companies.
Recent Experience
> I have installed McAfee ePO products from 2008 to present day. This
experience has ranged from small 1000 node installations to 100,0000+
nodes.
These installations range from unsecured network to DOD
Classified/Secret networks. I have worked with the DOD's version of
McAfee ePO called Host Based Security System(HBSS) that software
offering features the following McAfee product set of: McAfee ePO,
McAfee Agent (MA), McAfee Asset Baseline Monitor (ABM), McAfee Policy
Auditor (PA), McAfee Host Intrusion Prevention System (HIPS), McAfee
Virus Scan Enterprise (VSE), McAfee Data Leak Protection (DLP), McAfee
Device Control Module (DCM), and McAfee Rogue System Detection (RSD).
The present day and current implementation consists of using the above
products along with McAfee Endpoint Encryption and McAfee Endpoint
Encryption for files and folders. This implementation will also
include the newly integrated Move product for virtualization platforms
and McAfee Endpoint Mobility Management (EMM) this EMM rollout is for
the Apple IOS and the Android only at this time.
Customers Supported
I have supported more than 60 of the fortune 100 during my professional
career
Clearance
SECRET ACTIVE
TS Eligible
Education
Capella University MS - Information Assurance & Security -2011
National University BS - Information Technology - 1997
Certifications, Licenses
Python
Splunk
Palo Alto
ITIL V3 Foundation
EC Council Certified Ethical Hacker CEH
EC Council Certified Network Systems Analyst CNSA
EC Council Certified Network Defense Architect CNDA
EC Council Certified Licensed Penetration Tester LPT
Certified Computer Security Incident Handler (CSIH)
Certified Information Systems Security Professional (CISSP), 63456
MCDBA: Microsoft Certified Database Administrator
MCSE: Microsoft Certified Systems Engineer
McAfee Certified EPO 4.6
Symantec Certified Professional
Symantec Endpoint Protection
Publications:
Authored "A Practical Guide to Securing and Managing the Wireless Network"
(2003).
SECURING THE SMART GRID (Situational Awareness Project Series) [Kindle
Edition] (2011)
Managed Security as a Service MSAAS- The McAfee ePO Project (Situational
Awareness Project Series) [Kindle Edition] (2013)
Authored the following white papers:
Benefits of a Wireless Policy, How to choose an Event Log Tool, Cloud
Computing Secured
Other Training
Splunk
PaloAlto
ArcSight 4.5
McAfee ePO 4.5
McAfee Agent (MA),
McAfee Asset Baseline Monitor (ABM),
McAfee Policy Auditor (PA),
McAfee Host Intrusion Prevention System (HIPS),
McAfee Virus Scan Enterprise (VSE),
McAfee Data Leak Protection (DLP),
McAfee Device Control Module (DCM),
McAfee Rogue System Detection (RSD),
McAfee Firewall Enterprise (Sidewinder),
EnCase 6.15,
Security Architect
Cisco Security
HBSS versions 3.0 - 5.0
Information Systems Security Officer (ISSO)
State of Alabama Medicaid Present
The ISSO coordinates IA program activities within State of Alabama
Medicaid, and other State components.
Recommends strategies; assists in the development of information assurance
policies and guidelines. Provides consultation related to developing
processes to solve information assurance issues.
Provides consultation related to developing processes to solve information
assurance issues.
1. The ISSO executes day-to-day security operations and ensures that the
authorized policies, procedures, and configurations approved by the
Authorizing Official are implemented.
2. The ISSO is responsible for execution and testing of plans to ensure
system integrity and availability and for overseeing staff of system
administrators and engineers that maintain Infrastructure hardware and
system software, install application software, and monitor system
performance and security events.
3. The ISSO must elevate performance anomalies to the System Owner and
security anomalies to the bureau or office Chief Information Security
Officer (BCISO) and the responsible incident response capability for
assistance in resolution.
4. The ISSO implements a regular schedule for vulnerability testing of
system components, to ensure security patches are current on all
devices, and that intrusion detection sensors (IDS) or system audit
logs are properly configured and events are monitored.
5. The ISSO is responsible for assessing the security impact of
configuration changes to the system, evaluating cost-effective
security alternatives, and approving security-related solutions
Key Achievement:
Design and develop Critical Incident Response Team (CIRT) and methodology.
HBSS (McAfee ePO) Cyber Security Subject Matter Expert /Threat Analyst
NSOC SPAWAR Atlantic Medical Systems Charleston SC Jan 2013 - March
2013
The position was within the SPAWAR Atlantic Medical Systems. The position
was to ensure HIPAA and PHI compliance for all subscribers utilizing NIST
HIPAA Security toolkit.
This subscription based Secured Cloud offering will also include perimeter
security data along with host based security data. This unique correlation
and presentation is a game changer in the Medical security field.
Threat Analyst utilizing data feeds and logs from host based and network
based applications and devices to ensure HIPAA compliance with using NIST
HIPAA security toolkit. This is to detect and stop threat actors. The
utilization of Wireshark, Splunk, and PaloAlto along with open source tools
is some of the tools that are used to help defend the DOD GIG.
Key Achievement:
Designed and developed a Managed Services offering featuring:
Forensics featuring Encase, Database Security Analysis for Regulatory
Compliance.
This Secured Managed Cloud features: McAfee ePO, McAfee Agent (MA), McAfee
Asset Baseline Monitor (ABM), McAfee Policy Auditor (PA), McAfee Host
Intrusion Prevention System (HIPS), McAfee Virus Scan Enterprise (VSE),
McAfee Data Leak Protection (DLP), McAfee Device Control Module (DCM), and
McAfee Rogue System Detection (RSD).
Published Whitepaper "Wireless Networks and HIPAA compliance,"
McAfee Subject Matter Expert (SME) for Host Based Security System (HBSS)
Northrop Grumman Information Systems
Public Company; 10,001+ employees; NOC; Defense & Space industry
2012 - 2013 Montgomery Al Maxwell-Gunter
Responsible for designing, installing, managing, maintaining and
configuring the McAfee ePO, McAfee Agent (MA), McAfee Asset Baseline
Monitor(ABM), McAfee Policy Auditor(PA), McAfee Host Intrusion Prevention
System(HIPS), McAfee Virus Scan Enterprise(VSE), McAfee Data Leak
Protection(DLP), McAfee Device Control Module(DCM), McAfee Rogue System
Detection(RSD), McAfee Firewall Enterprise (Sidewinder).
Conduct analysis of malicious events and known exploits/vulnerabilities for
the creation of custom signature rule sets for the accompanying modules, as
necessary
Provide detailed reports on system status, module deployments, and event
trends. Create custom reports as necessary to meet mission requirements.
Perform troubleshooting of local and remote installation of McAfee ePO,
McAfee Agent (MA), McAfee Asset Baseline Monitor(ABM), McAfee Policy
Auditor(PA), McAfee Host Intrusion Prevention System(HIPS), McAfee Virus
Scan Enterprise(VSE), McAfee Data Leak Protection(DLP), McAfee Device
Control Module(DCM), McAfee Rogue System Detection(RSD), McAfee Firewall
Enterprise (Sidewinder) these components and deployment of modules and
policies.
Track and report on enterprise deployment of McAfee ePO, McAfee Agent (MA),
McAfee Asset Baseline Monitor(ABM), McAfee Policy Auditor(PA), McAfee Host
Intrusion Prevention System(HIPS), McAfee Virus Scan Enterprise(VSE),
McAfee Data Leak Protection(DLP), McAfee Device Control Module(DCM), McAfee
Rogue System Detection(RSD), McAfee Firewall Enterprise (Sidewinder).
Key Achievements:
Provide guidance on current network threats and trends not only occurring
within the DOD.
Developed curriculum for the McAfee 501 Analyst course for DISA
Professional Experience
Information Assurance Manager (IAM) Global Force Modernization
Program
The Centech Group Inc. Gunter Annex,
Montgomery, Alabama 8/11- 12/12
. Information Assurance Manager (IAM) has primary responsibility for
maintaining situational awareness and initiating actions to improve or
restore IA posture as well as conducting annual security reviews of
all IA controls and a test of selected IA controls of project under
purview.
. Coordinate and help write computer security plans that meet Air Force
and DOD requirements.
. Maintain and implement Information Assurance policies, procedures,
Certifications and Accreditations (C&A) in accordance with applicable
DOD regulations and best business practices.
. C&A Processes to include: DIACAP, DoDI8500.2, eMASS.
McAfee USAF Subject Matter Expert for General Dynamics Information
Technology
GDIT Montgomery, Alabama 8/10-8/11
Sr. Systems ENGINEER MCAFEE Subject Matter Expert
. Process the handling of support issues for the USAF deployment,
operation, and maintenance of McAfee ePO, McAfee Agent (MA), McAfee
Asset Baseline Monitor(ABM), McAfee Policy Auditor(PA), McAfee Host
Intrusion Prevention System(HIPS), McAfee Virus Scan Enterprise(VSE),
McAfee Data Leak Protection(DLP), McAfee Device Control Module(DCM),
McAfee Rogue System Detection(RSD), McAfee Firewall Enterprise
(Sidewinder)..
. Having deployed and assisted in the configuration of the following
McAfee security products e-Policy Orchestrator 4.0, 4.5, Host
Intrusion Prevention System (HIPS), Policy Auditor (PA), Rogue System
Detection (RSD), and Virus Scan Enterprise (VSE). There is also
additional support of VLMS along with Data Leak Protection (DLP),
Device Control Module (DCM).
. Technical and hands on team lead for CCRI assessments, security risk
analysis and risk mitigation reporting, vulnerability analysis,
assessment briefings to senior government personnel.
. Devised and develop a preemptive strike methodology for CCRI
assessments. The lead member of the tiger team that accomplished the
integration of SEIM solutions Arcsight 4.5 along with McAfee EPO 4.0
for reporting for over 32,000 nodes worldwide.
Key Achievements:
. Whitepaper on the deployment of a Government Private Cloud Security
Ciphent Montgomery, Alabama 8/09-8/10
Lead Analyst McAfee Subject Matter Expert
. Lead Analyst McAfee Cyber Command Center McAfee ePO, McAfee Agent
(MA), McAfee Asset Baseline Monitor (ABM), McAfee Policy Auditor (PA),
McAfee Host Intrusion Prevention System (HIPS), McAfee Virus Scan
Enterprise (VSE), McAfee Data Leak Protection (DLP), McAfee Device
Control Module (DCM), McAfee Rogue System Detection (RSD), McAfee
Firewall Enterprise (Sidewinder) support for the USAF deployment,
operation, and maintenance of McAfee's host-based solution. There is
additional support of VLMS along with DLP.
. Mentor and provide ongoing technical & soft skills training for staff.
Key Achievements:
Whitepaper on the deployment of McAfee ePO, McAfee Agent (MA), McAfee Asset
Baseline Monitor(ABM), McAfee Policy Auditor(PA), McAfee Host Intrusion
Prevention System(HIPS), McAfee Virus Scan Enterprise(VSE), McAfee Data
Leak Protection(DLP), McAfee Device Control Module(DCM), McAfee Rogue
System Detection(RSD) Cloud Security.
ManTech Systems Engineering Corp. San Diego, California
1/09-8/09
IA/CND Afloat Trainer
. Develop the curriculum and train personnel in the operation of the
following security Suite of McAfee Products McAfee ePO, McAfee Agent
(MA), McAfee Asset Baseline Monitor (ABM), McAfee Policy Auditor (PA),
McAfee Host Intrusion Prevention System (HIPS), McAfee Virus Scan
Enterprise (VSE), McAfee Data Leak Protection (DLP), McAfee Device
Control Module (DCM), and McAfee Rogue System Detection (RSD).
Entercept Host Intrusion Prevention System 5.x. Secure Configuration
Compliance Validation Initiative (SCCVI) that consists of eEYE Digital
Security Retina Scanner.
. Secure Configuration Remediation Initiative (SCRI), which consists of
McAfee Hercules Vulnerability and Remediation Manager.
Key Achievements:
Design and develop user-friendly tab based curriculum. This is for end user
friendly navigation and use of paper based curriculum for US Naval
personnel.
Mainline Information Systems Dana Point, California
7/08-12/08
Security Services Sales Specialist
Operational Management
. Develop and implement all IT policies and procedures, including those
for Architecture security, disaster recovery, standards, purchasing,
and service provision.
. Oversee negotiation and administration of vendor, outsourcer, and
consultant contracts and service agreements.
. Manage IT staffing, including recruitment, supervision, scheduling,
development, Evaluation, and disciplinary actions.
. Establish and maintain regular written and in-person communications
with the Organization's executives, department heads, and end users
regarding pertinent IT activities.
. Where necessary, re-engineer applications support to ensure it aligns
with business processes, tactical planning, and strategic vision.
. Define and communicate project milestones, service level agreements,
and resource allocation to executive team, department leads, support
staff, and end users.
. Develop and review budgets for and from IT department divisions and
ensure they comply with stated goals, guidelines, and objectives.
. Review performance of IT systems to determine operating costs,
productivity levels, and upgrade requirements. Benchmark, analyze
report on, and make recommendations for the improvement of the IT
infrastructure and IT systems.
Key Achievements
Formulate and deploy long-term strategic plans for acquiring and enabling
efficient and cost-effective information processing and communication
technologies. Manage IT department operational and strategic planning,
including business requirements, project planning, and organizing and
negotiating the allocation of resources.
MitchConsulting Services Fallbrook, California
1/08-7/08
Principal
. Post sales delivery for CA's eTrust and Unicenter product lines.
Integration of network devices Log output into CA SIEM Security
Command Center system.
. Perform customization as needed by customer requirements.
. Perform Security Architecture design and development
. Perform and deliver security assessments and roadmaps in accordance
with ISO 17799 standards, utilizing appropriate security framework as
needed by matching security requirements with the latest governmental
regulations and compliance issues such as Sarbanes-Oxley, HIPAA,
FISMA, FDA 21 CFR Parts 11, and GLBA. Having performed integration of
network appliances in order to take the event log output and aggregate
it to a collector. Then we would have to use a third party log
aggregator to pass it to the device that I would install to be able to
apply correlation with the SIM product. During the integration the
Cisco, Checkpoint, 3-Com, Bluesocket, Highwall, Tipping point etc
devices would be configured as an event source. These appliances would
work with the many SIEM appliances that I installed at customer sites
including the SEIM tool ArcSight, Q1 Labs. The vast majority of the
SIEM systems being Linux based system.
Key Achievements:
Designed and deployed a secured endpoint network of 2228 nodes.
Installed Net Backup to a 200 node backup system.
Symantec San Diego, California 8/06-
1/08
Sr. Security Architect
. Record of progressive and sustainable results, ensuring all customer
needs are identified and met to increase business growth and
profitability. The Security area of threat being the specialist
includes software and hardware appliance solutions.
. Created area-marketing campaigns revolving around access to
availability solution. With this also doing POC and on occasion
implementations of purchased software solutions'.
. Gain the competitive advantage, delivering effective presentations and
demonstrations to potential customers.
. Render a full range of post-sales support services; properly designing
and implementing selected software packages.
Key Achievements:
Serve as a liaison between technical and sales professionals, devising
customized solutions-driven strategies. Author architecture documentation
on customer infrastructure for future reference. Maximize solutions'
effectiveness and impact to customer operations, providing formal and
informal training.
MitchConsulting Services Winchester, California
2/06-8/06
Principal
. Post sales delivery for CA's eTrust and Unicenter product lines.
. Integration of network devices Log output into CA SIM system.
. Perform customization as needed by customer requirements.
. Perform Security Architecture design and development Perform and
deliver security assessments and roadmaps in accordance with ISO 17799
standards, utilizing appropriate security framework as needed by
matching security requirements with the latest governmental
regulations and compliance issues such as Sarbanes-Oxley, HIPAA,
FISMA, FDA 21 CFR Parts 11, and GLBA. Having performed integration of
network appliances in order to take the event log output and aggregate
it to a collector. Then we would have to use a third party log
aggregator to pass it to the device that I would install to be able to
apply correlation with the SIM product. During the integration the
Cisco, Checkpoint, 3-Com, Bluesocket, Highwall, Tipping point etc.
devices would be configured as an event source. These appliances would
work with the many SIM appliances that were installed at customer
sites. The vast majority of the SIM systems being Linux based system.
Key Achievements:
Designed and deployed a secured wireless distance education network.
Designed and developed new reports in Crystal reports 10. Previous reports
were from legacy mainframe infoman reports. This improved reporting ability
helped this global financial institution in meeting GLBA, and SOX
compliance regulations.
Computer Associates International, Inc. San Diego, California
12/00-2/06
Security Architect
. A record of progressive and sustainable results. While ensuring
customer needs are identified and met to increase business growth and
profitability.
. Gain the competitive advantage, delivering effective presentations and
demonstrations to potential customers. Render a full range of post-
sales support services; properly designing and implementing selected
software packages.
. Serve as a liaison between technical and sales professionals, devising
customized solutions-driven strategies.
. Author architecture documentation on customer infrastructure for
future reference.
. Maximize solutions' effectiveness and impact to customer operations,
providing formal and informal training.
Key Achievements:
Key player in development and design of CA's and Identity
Access Management Suite, and wireless offering with
forensics.
Certified with eTrust IAM suite of Identity and Site
Minder, AC, SCC, Silent Runner.
Achieved the highest customer satisfaction levels in the
region. Successfully converted security line of software
into wireless security software package. Authored and co-
authored numerous white papers on future trends of Mobile.