Security Management
Resume:
LOUIS SEEFRIED
LOCUST GROVE, GEORGIA 30248
CELL PHONE 770-***-**** E-MAIL *********@***.***
M.S. in Information Technology with specialty in Information Security
Department of Defense Security Clearance (Top Secret)
Industry certifications including PMP, CISM, CISSP, and ITIL
Employee of the Year (2012) and Quarter (Q4 2011) at DCMA NOSC
Subject Matter Expert In Information Security Governance, Incident Response,
Vulnerability Management and Risk Management
Member of InfraGard - FBI/Private Sector Organization
Ability to take charge and make important decisions with limited information
within stressful situations
SunTrust Banks, Inc July, 2013 - Present
Technology Risk and Compliance Information Security Governance -
Information Security Solutions Officer
Responsible for managing relationship between Technology Risk and Compliance and assigned
business units to ensure compliance with Information Security Risk Assessment process
throughout the System Development Lifecycle (SDLC); provide information security awareness
training on current topics or existing processes; and perform risk analysis related to the sharing of
SunTrust data with third-party suppliers to ensure appropriate level of data protection.
Relationship Management
o Serve as primary information security point of contact for assigned business units to
address routine questions, investigate security events and assist with timely execution
of security related requests to avoid Information Security related delays
o Responsible for handling business unit escalation of security process concerns with
solution implementation that require coordination with additional information
security support teams to resolve non-standard Information Security issues
o Participate in business unit meetings to build a relationship with the business unit
leadership to ensure that information security related issues are addressed in a prompt
manner
Information Security Governance
o Participate in Information Security Policy and Standards review process to ensure
currency with deployed technologies, industry best practices and ease of
understanding by user community
o Complete Information Security Risk Assessment process for applications and third-
party service providers to ensure proper protection of SunTrust information/data
o Document non-compliance with Information Security Policy and technical standards
to ensure that risk is properly mitigated and/or remediated
o Perform Business Risk Impact Analysis (BRIA) for new and existing technologies in
accordance with SunTrust Information Security Risk Assessment process
o Determine potential regulatory impact of data confidentiality or integrity issues
related to federal, state, local agency regulations or industry standards such as
1
LOUIS SEEFRIED
PHONE 770-***-**** E-MAIL *********@***.***
Sarbanes-Oxley Act (SOX); Gramm-Leach-Bliley Act (GLBA); Health Insurance
Portability and Accountability Act (HIPAA); and Payment Card Industry (PCI)
standards as part of Information Security Risk Assessment process
System Development Lifecycle Support
o Engaged in project kick off meetings to understand project scope, impact to existing
environment and compliance with third-party service provider engagement processes
o Review technical design documentation to determine applicable information security
standards for inclusion within project requirements to ensure compliance with
information security policy and standards
o Address information security related questions from project teams to ensure project
compliance with information security policy and standards
o As needed, engage and coordinate project related information security activities
associated with Technology Risk and Compliance business unit
Information Security Awareness Training
o Create presentations targeted for a variety of audiences from senior leadership (VP)
to end users that enhance understanding of Information Security Policy
o Perform “Introduction to Technology Risk and Compliance at SunTrust” for senior
leaders throughout SunTrust that are new to their role or to SunTrust to improve
understanding of Information Security Policies
o Perform targeted presentations at business unit staff meetings to increase information
security awareness
Information Security Compliance Support
o Develop customized reports within various toolsets to enhance organization
situational awareness or address specific requirement
o Partner with Engineering and Operations Teams to develop solutions to remediate
non-compliance to corporate, legal, regulatory or industry standards
o Evaluate implementation of new solutions to ensure compliance with Information
Security Policy
Information Security and Technology Subject Matter Expert
o Provide assistance to Information Security Incident Management Team during
investigations of complex situations to ensure proper actions are taken
o Partner with Threat and Vulnerability Management Team throughout the
vulnerability management lifecycle to improve SunTrust vulnerability management
o Responsible for review of Information Security Vulnerability Assessments as part of
the Information Security Risk Assessment process to ensure compliance with
Information Security Policy
o Perform ad-hoc Information Security assessment of various high-risk technologies to
ensure that risks are properly documented for inclusion within the Information
Security Risk Management application
September, 2011 – July, 2013
Information Innovators, Inc
Defense Contract Management Agency Network Operations
& Security Center – Information Assurance Engineer
Support Defense Contract Agency (DCMA) Network Operations and Security Center (NOSC)
Department of Defense (DoD) Information Assurance/Computer Network Defense (IA/CND)
programs including management of staff coverage; manage organization Information Assurance
Vulnerability Management (IAVM) program; Computer Network Defense monitoring of host and
network based sensors placed throughout the internal and at the perimeter of classified and
unclassified networks.
2
LOUIS SEEFRIED
PHONE 770-***-**** E-MAIL *********@***.***
Information Assurance and Computer Network Defense Team Lead
o Responsible for supervision of nine team members within a 24/7 environment
o Ensure proper scheduling of operational activities to meet service level agreements as
outlined within statement of work
o Ensure proper scheduling of team members to monitor classified and unclassified
networks as defined within the statement of work
o Mentor team members in Information Security technology, processes and procedures
to improve team sustainability across all shifts
o Provide on-call support for team members to ensure continuity of work activities
Security Intelligence Review, Reporting and Operational Implementation
o Monitor commercial and government cyber security intelligence sources (classified
and unclassified) to generate daily Situational Awareness Reports
o Review cyber intelligence sources for actionable intelligence information that can be
used to implement preventative measures
o Engage other agency personnel in the implementation of preventative measures using
firewall, IPS and HBSS solutions
Computer Security Incident Response
o Responsible for assessment of potential computer security incidents that are reported
via outside agencies and through internal monitoring
o Implementation, coordination and verification of remediation activities related to
identified computer security incidents throughout the agency
o Responsible for coordination of agency response when classified material has been
processed by or through an unclassified system that includes the containment of the
spillage, coordination of remediation of the impacted systems, verification of
remediation activities by other support teams and creation of remediation
documentation
o Responsible for creation of new McAfee ePO dashboard that consolidated
information from multiple queries into a single view to enhance visibility
o Monitor, Research, Remediate and Resolve McAfee Network Security Manager
(NSM) console alerts
o Monitor, Research and Respond to DLP alerts related to leakage of potentially
sensitive (PII, Operation Intelligence and Classified) information
Enclave Security Assessment
o Perform quarterly enclave security assessment using standard penetration testing
methodology
o Use vulnerability assessment tools to gather vulnerability related information that
included open ports/protocols, misconfigured security settings or unpatched systems
o Use CORE Impact to perform automated penetration testing activities with manual
validation of results
o Use Accunetix Web Vulnerability Scanner to perform website and web application
vulnerability assessment activities across DCMA enterprise
Information Assurance Vulnerability Management (IAVM) Program Support
o Implemented eEye REM Console to manage 40+ distributed Retina Network Security
Scanners located throughout the world to lower monthly enterprise scanning from 4
weeks to 2 weeks while improving network discovery coverage and usability of
vulnerability results.
o Lead agency design and implementation of DoD Assured Compliance Assessment
Solution (ACAS) to replace existing eEye Digital Security REM/Retina with Tenable
Network Security SecurityCenter/Nessus vulnerability assessment toolset
o Oversee monthly enterprise vulnerability scanning related activities from network
discovery to placement of results in central vulnerability management repository
3
LOUIS SEEFRIED
PHONE 770-***-**** E-MAIL *********@***.***
o Monitor for and disseminate vulnerability related information to Operational Support
Teams for remediation
o Monitor, report and provide third tier support for remediation activities including
POA&M and DRA documentation
o Perform validation scans to ensure that appropriate remediation activities have been
performed to support “Trust but Verify” activities
Command Cyber Readiness Inspection (CCRI) Support
o Instrumental in providing onsite coordination support during the CCRI activities that
resulted in the command achieving a ranking of Outstanding for both NIPR and SIPR
environments
o Develop Security Technical Implementation Guide (STIG) compliance measurement
documentation and process to assist organization in completing supporting
documentation
o Perform STIG process training for various teams within DCMA to ensure repeatable
and consistent results across the enterprise
January, 2011 – August, 2011
Chickasaw Nation Industries
HHS Computer Security Incident Response Center Data Analyst
Support Department of Health & Human Services (HHS) Computer Security Incident Response
Center (CSIRC) Security Operations Center (SOC) as Information Security Data Analyst to
provide monitoring of internet perimeter traffic for 12 Operating Divisions (OPDIVs) and 17
Staff Divisions (STAFFDIVs) through a standard toolset deployed at the network perimeter that
included the performance of detailed analysis of network captures to isolate malicious activity,
tuning of intrusion prevention systems to reduce false alarms, and perform detailed reporting for
agency related Information Security related activities.
Cyber Security Intelligence Activities
o Receive cyber security intelligence from various government and third party sources
while reviewing submitted cyber security incidents for department wide applicability
o Evaluate received intelligence for applicability to the Department of Health &
Human Services.
o Upon evaluation of intelligence, create department wide communication notifications
to raise awareness and disseminate actionable intelligence resulting in enhanced
cyber security posture across the department
o Evaluate standard toolsets for related detection capabilities, monitor toolsets for
potentially malicious activity and create targeted notifications for individual agencies
regarding potentially malicious activity so that additional investigation can be
completed.
o Review security enclave capabilities to ensure that proper monitoring is in place and
make recommendations on gaps that are uncovered to enhance the overall department
security posture
Incident Research
o Review cyber security incident reports for applicability across OPDIV's
o Use Tipping Point and ArcSight to perform high level research to determine if
OPDIV security incidents apply across environment
o Use Netwitness Informer and Investigator to perform more detailed analysis of
information uncovered in preliminary investigation
o Document results of research performed and provide to government for potential
dissemination to the enterprise or individual agencies
HHS Federal Information Security Management Act (FISMA) Reporting Activities
4
LOUIS SEEFRIED
PHONE 770-***-**** E-MAIL *********@***.***
o Document FISMA incident management reporting requirements to ensure
standardized reporting results
o Create FISMA incident management reporting procedure to support consist and
repeatable reporting
o Support FISMA incident management metric accuracy and reporting at the
Department and OPDIV level for validation and verification prior to reporting to
Office of Management and Budget (OMB)
Security Enclave Toolset Support
o Create NetWitness Informer rules and reports to monitor for suspicious activity
reported through external and internal sources while automating reoccurring reports
to provide continuous visibility of department internet connections
o Perform detailed investigation of suspicious traffic using NetWitness Investigator to
perform packet level analysis
o Review TippingPoint IDS capabilities, identify gaps in filter coverage based upon
current configuration, develop, recommend and implement consistent monitoring
strategy to maximize perimeter security reporting and suspicious event monitoring,
Documentation Support
o Interact with CSIRC staff, government and contractor, to create diagrams of the
existing security enclave environment to outline where tools reside in relation to
agency production network environment
o Develop and document ad-hoc procedures to address critical activities related to
incident management such as closed incident review to improve data contained
within the incident management reporting system
o Create standardized procedure for the handling of weekly malware output reports
Additional Activities
o Provide mentoring to Security Monitoring & Reporting Team (SM&RT) in support
of security enclave toolsets including NetWitness Informer & Investigator,
TippingPoint SMS and ArcSight ESM, Logger and Web
o Enhance existing automated scripts to minimize manual activities such the addition
of manual search criteria, domain ownership information as they are uncovered in
raw reports and reordering the output to more closely follow report template to
minimize copy/paste errors
April, 2002 – January, 2011
Hewlett Packard
US Government Healthcare Security Program Office
July, 2010 – January, 2011
CMS ESD Program System Security Officer
System Security Officer responsible for compliance oversight of HP Enterprise Services CMS
ESD IDIQ with Federal Information Security Management Act (FISMA), Business Partner
System Security Manual (BPSSM), corporate policies and applicable federal legislation through
the ongoing monitoring of operational and administrative activities
Security Program
o Responsible for completion of System Security Plan (SSP), Risk Assessment (RA)
and Business Continuity Plan (BCP) to support Certification & Accreditation (C&A)
and Authority To Operate (ATO)
o Develop, document and implement corrective actions related to issues identified via
self assessments, audit results or vulnerability assessments that can include changes
to existing processes, user education and software/hardware solutions
5
LOUIS SEEFRIED
PHONE 770-***-**** E-MAIL *********@***.***
o Create and update policies based upon changes to the technical environment,
government regulations and evolving threat landscape in accordance with established
security directives
Audits
o Office Of Inspector General (OIG) Chief Financial Officer (CFO) audit in
accordance with Federal Information System Controls Audit Manual (FISCAM) that
resulted in zero audit findings
o Coordinate System Test & Evaluations to address auditor questions, provide
technical guidance and to ensure a seamless event
o Coordinate FISMA Assessment testing of NIST control families
Support Activities
o Participate in business proposals for multi-million dollar, multi-supplier contracts
including validation of ability to meet security requirements, staffing and supporting
documentation
o Perform as subject matter expert related to midrange and network technologies
o Oversee implementation of Microsoft Active Directory resource domain to comply
with Federal Desktop Core Configuration (FDCC)
Information Security Analyst, Senior February, 2008 - June, 2010
System Architecture
o Develop department Federal Desktop Core Configuration (FDCC) solution
o Design/implement centralized monitoring Symantec Critical System Protection for
HIDS, event log monitoring and centralized event log consolidation
o Design/implement SharePoint infrastructure within isolated enclave including system
hardening
o Review Defense Information Systems Agency (DISA), National Security Agency
(NSA), National Institute of Standards & Technology (NIST) and Center for
Medicare & Medicaid Services (CMS) standards for applicability
Security Metrics
o Research best practices related to implementation of security metrics program and
presented findings to leadership for approval and implementation
o Reviewed security requirements and previous reoccurring non-compliant areas to
develop applicable measurements to support ongoing improvement
Penetration & Vulnerability Testing
o Coordinate with various support groups to ensure compliance with corporate and
government testing requirements
o Review testing results to document corrective action plans or non-compliance
business justifications for all findings
o Create leadership reports for proper acceptance of outstanding risks or
implementation of remediation action plans
o Develop customer presentations to comply with Office of Management & Budget
oversight requirements
o Compare unfiltered data to reports provided from vulnerability scanning group and
document discrepancies to determine root cause
Technical Standards
o Partner with operation teams in the implementation of McAfee Policy Auditor
including the creation of customized reports to outline patch compliance and validate
configuration management settings
BellSouth Distributed Systems Management Center
RSM Team Lead/Business Analyst November, 2007 - February, 2008
6
LOUIS SEEFRIED
PHONE 770-***-**** E-MAIL *********@***.***
Responsible for reviewing current procedures within support group and determining possible
improvements that would streamline process flow without impacting SLA’s through
implementation of automation, centralization of functions, improved documentation and
interactions with customers, application support organizations and other technical support
groups.
Constant review of group interactions to determine areas of improvement that streamline
operations including design, develop, document and deploy automated procedures for the
installation of operating system patches
Use Crystal Reports/Business Objects to compile information from various stand alone
data sources (Sybase/MS SQL/Oracle/WSUS) into a single comprehensive report that
shows compliance with various Service Level Agreements
Develop and implement contingency plans to enable EDS to meet contractual agreements
with customers
RSM Team Lead June, 2005 - October, 2007
Provide supervision for up to 20 systems administrators in the performance of day to day
operations in support of corporate SLA’s; compliance with Incident, Problem and Change
managements procedures; technical/procedural escalation for customer, application support and
technical support staff issues
Assist with developing group objectives to provide team direction for upcoming year
Responsible for supervision of technicians in the performance of day to day operations
for enterprise servers
Ensure appropriate security patches and policies are applied within SLA
Design, develop and deliver server audit procedures to ensure accuracy and proper SOX
compliance checkpoints are covered
Ensure change management procedure are followed in accordance with business process
rules to ensure proper review of changes before implementation
Spearhead resolution of high visibility problems involving complex solutions in times of
crisis that require prompt decisions to provide critical results
Escalate chronic problems quickly to engage coordination across support groups quickly
to produce effective resolution as quickly as possible
RSM Infrastructure Analyst January, 2003 - June, 2005
Provide Primary Systems Administrator (PSA) services to customer that included responsibility
for hardware, operating system, backup/restore functions on all servers assigned.
Ensure change management procedures are followed in accordance with business process
rules
Implement approved changes such as operating system patches, hardware updates and
application installations
Responsible for implementing logical access control mechanisms to isolate application
access to authorized individuals
Assist with Business Continuity and Disaster Recovery Planning for all supported
equipment
Responsible for ensuring operational security procedures are followed to restrict
unauthorized disclosure of information
DSI Infrastructure Analyst April, 2002 - January, 2003
Provide third tier support for all desktop and server administrators supporting the customer
operations. Perform deployment of Unicenter TND 3.0 for monitoring windows-based servers
achieving a 90% penetration rate within six months.
7
LOUIS SEEFRIED
PHONE 770-***-**** E-MAIL *********@***.***
Deploy centralized, web-based hardware monitoring solution that resulted in migration
from individual desktop-based installation to a single, standard console available for over
30 technicians simultaneously
Migration of 15 servers, 350 workstations, 350 users, and network equipment from
distributed, business unit support, to centralized, corporate/outsourced support
Develop automated server configuration methodology that reduced server build time
from 35 to five business hours while improving consistency by 75%
Education
M.S., Information Technology - CAPELLA UNIVERSITY, 3/06
B.S., Aviation Management - SOUTHERN ILLINOIS UNIVERSITY, 5/96
A.S., Vocational Education - RIVERSIDE COMMUNITY COLLEGE, 6/88
Technical Certifications
PMI Project Management Professional (PMP)
CORE Impact Certified Professional (CICP)
ISACA Certified Information Security Manager (CISM)
ISC2 Certified Information Systems Security Professional (CISSP)
EC Council Certified Ethical Hacker (CEH)
ITIL Foundation version 3
CompTIA
o A+ o Security+
o Network+ o Server+
Microsoft
o MCTS Windows Server o MCSE Windows Server
2008 2003
GIAC Penetration Tester (GPEN) - Expired
DoD Technical Certifications
Tenable SecurityCenter/Nessus (ACAS) Administrator
eEye REM/Retina (SCCVI) Administrator
McAfee HBSS Administrator
8
LOUIS SEEFRIED
PHONE 770-***-**** E-MAIL *********@***.***
Contact this candidate