Post Job Free
Sign in

Security Manager

Location:
United States
Posted:
August 13, 2015

Contact this candidate

Resume:

Jason Holloway

**** ********* **

Plano, TX *****

928-***-****

Professional Summary

CISSP Certified with over fourteen years of experience in the IT field specializing in cyber security/information assurance, wired and wireless security, data communication, network management, vulnerability management, and program management. Able to identify, interpret, and resolve complex information technology and cyber security issues. Strong analytical, communication, and management skills.

Professional Qualifications

Developed and managed the confidentiality, integrity, and availability of network systems by reviewing audit logs, testing new configurations and software in lab environments, and monitoring network traffic.

Maintained security configurations for a variety of server systems in including Exchange, Remedy, SQL, SMS, and Windows domain controllers to provide reliable network connectivity to users.

Utilized a wide variety of network management tools to include but not limited to Archer and Splunk

Developed standard operating procedures for monitoring the security level of the server and network systems and set guidelines on how audit logs will be collected, stored, maintained, and reviewed for future review and anomaly investigation.

Retrieved data from compromised computer systems for further forensic analysis in accordance with network security policy and recovery methods.

Performed network support, project management, and IT service functionality for MCAS Yuma in the areas of personnel computer systems, local area network (LAN), base area network (BAN), and all automated data processing software and security.

Required to install, arrange, and interconnect equipment by running cable, testing equipment to verify compliance with specified parameters, and establishing proper operating connections for equipment.

Serviced all areas of the network to include network backbone configurations to reduce technical problems and to comply with detailed instructions, fielding plans, manufacturer's specifications and security guidelines.

Worked directly with acquisition oversight managers on the procurement of IT products, services and contracts, and coordinated with vendors and preformed technical assessments of proposed purchases to include implementing, training, and expanding automated data processing projects.

Professional Certifications

CISSP

CNSS-4012

CNSS-4015

USMC EKMS Manager

Security+

Network+

Education

Colorado Technical University, Information Technology, February 2009 – Present, Estimated Graduation 2015

Professional Experience

American Airlines, Fort Worth, TX February 2015– Current

Senior Information Security Engineer

Perform detailed risk evaluation and develop mitigation plan for various IT projects, including but not limited to reviewing architecture designs and providing detailed guidance on risk mitigation.

Provide consulting services to IT organization and confirm adherence to Company's security policy and regulatory requirements such as PCI, PII, HIPAA, and SOX.

Act as a security liaison with AA.com team, and play a lead role in developing and maintaining DevOps security strategy for the organization

Serve as the subject matter expert on all matters of Enterprise Information Security.

Research and recommend enhancements to the enterprise information security services.

Review firewall change escalations and provide technical guidance to security engineering team

Understand security policies and procedures and assist in enforcing them

Research and analyze attempted breaches of data security and rectifying security weaknesses

Assist in creating a catalog of Security standards and commonly used patterns in the organization

AllianceBernstein, San Antonio, TX April 2014 – January 2015

Information Security Analyst

Security Assessments– review applications, business processes and suppliers for adequacy of security controls.

Disposition daily requests from the business that require security review such as firewall access, remote access, external file transfer, local administrative access to workstations, etc.

Vulnerability Management – review current environment for vulnerability exposure and emerging threats. Participation in the Patch Management Program to identify new patches, rate patch severity, manage monthly meetings, produce metrics, and follow up with responsible parties.

Incident Management – Manage the investigation, containment, and response to information security incidents (e.g. Intrusion Detection System, etc.)

Suspicious Activity Monitoring – Monitor and investigate potential Information Security breaches from various security systems (e.g. IDS, anti-virus, DLP, logs, etc.). Investigation of repeat logon failures to UNIX/Linux systems.

Provide guidance as needed to IT and Business partners to ensure secure implementation of processes, systems and services.

Produce metrics of the firm’s security systems and departmental processes

Project based work as necessary. Introduction or enhancement of security controls.

Fort Sam Houston, San Antonio, TX November 2013 – January 2014

Information Assurance (IA) Engineer

Provided detailed risk mitigation recommendations

Conducted risk and vulnerability assessments of IT systems

Prepared detailed security certification and accreditation documentation

Made recommendations regarding approval, continuance of approval, or disapproval for continued operation of those networks and/or systems

Interpreted and applied security requirements

Advised supported agencies on IA requirements and processes

Understood, used and applied a variety of security regulations and methodologies

Dept. of Navy, Marine Corps Air Station Yuma, AZ October 2009 – October 2013

Senior Cyber Security/Information Assurance Manager

Supervised a team of 10 Marines and civilians in both the information technology (IT) and cyber security (CS) offices.

Performed certification and accreditation duties in support of new and existing applications in accordance with directives.

Reviewed vulnerability scans on production and DMZ networks to ensure compliancy. Directed remediation and reports to senior leadership and establishments as such.

Developed and interpreted policy in support of the ever changing cyber security requirements of the establishment.

Developed risk management analysis on new, current, and legacy systems and equipment.

Oversaw the information privacy program.

Alternated electronic key management system (EKMS) manager.

Joint Strike Fighter IT/CS planner for MCAS Yuma (JAFAN & DCID)

Assisted in designing and securing the DWDM/GPON requirements for MCAS Yuma

Reference: Mr. Jack Neely 928-***-****

Cubic, Inc., Marine Corps Air Station Yuma, AZ September 2007 – September 2009

Senior Information Technology Engineer

Researched and/or analyzed program related IT issues or problems, such as needed for regularly changing organizational requirements.

Researched and developed the infrastructure for vulnerability management and remediation using eEye Retina, Retina Enterprise Manager, GFI LanGuard, and Citadel Hercules automated remediation suite.

Performed daily vulnerability scans on multiple production networks.

Performed work involving planning and coordinating the maintenance, upgraded, and support of servers and network equipment to include routers, switches, and network cabling.

Identified and recommended potential areas for enhancing network systems for better performance and enhanced reliability. Researched, interpreted, modified and developed requirements and specifications for new or upgraded computer hardware or peripheral equipment.

Provided senior management with accurate reports and communications concerning network development, outages, and technical recommendations.

Reference: Mr. Brian Ross or Mr. Gary Peters 928-***-****

Crockett Garden Center, Crockett TX October 2005 – September 2007

Self Employed

Acted as an IT/CS consultant for numerous medium to small sized businesses in the local area.

Responsible for managing the revenue, inventory, and cost elements of the company's income and spending.

Coordinated the strategic planning functions of the business.

Maintained detailed customer files including all credit agreements, invoices, communications, payments, and collection letters.

Ensured company compliance with the Department of Agriculture. Achieved and maintained a high level of customer service.

Ensured all rules and regulations of the business were followed and enforced.

Reference: Mr. Larry Baker 903-***-****

EDS, Marine Corps Air Station Yuma, AZ October 2003 – October 2005

Enterprise Server System Administrator

Senior server technician managing a Microsoft Windows NT/2000/2003/UNIX domain/multi-server network that was in charge of all server functions in a 60 plus server, 3,100 plus user, and a 2,500 plus workstation environment.

Coordinated with Naval Criminal Investigative Service and proper authorities in the chain of command to ensure data involved in investigations in accordance with policy.

Maintained all disaster recovery data and materials in accordance with establishment’s policy.

Ensured proper communication and configuration of servers within a LAN/WAN/GAN network.

Used problem solving skills to make recommendations and provide technical advice concerning computer system administration, network (LAN/BAN/WAN/GAN) support, server services and security methods to management and subordinates.

Facilitated technical support studies, developed plans for action, and analyzed results to provide better support for users and to better support the decision making process of superiors.

USMC, Marine Corps Air Station Yuma, AZ February 2000 - October 2003

Enterprise Network Specialist and Senior Server Technician

Helped ensure the confidentiality, integrity, and availability of network server systems by reviewing audit logs, testing new configurations and software in lab environments, and monitoring network traffic.

Maintained security configurations for a variety of server systems in including Exchange, Remedy, SQL, SMS, and Windows domain controllers to provide reliable network connectivity to users.

Developed standard operating procedures for monitoring the security level of the server and network systems and set guidelines on how audit logs will be collected, stored, maintained, and reviewed for future review and anomaly investigation.

Retrieved data from compromised computer systems for further forensic analysis in accordance with network security policy and recovery methods.

Performed network support and IT service functionality for MCAS Yuma in the areas of personnel computer systems, local area network (LAN), base area network (BAN), and all automated data processing software and security.

Required to install, arrange, and interconnect equipment by running cable, testing equipment to verify compliance with specified parameters, and establishing proper operating connections for equipment.

Serviced all areas of the network including ATM and gigabit network backbone configurations to reduce technical problems and to comply with detailed instructions, fielding plans, manufacturer's specifications and security guidelines.

Worked directly with acquisition oversight managers on the procurement of IT products, services and contracts, and coordinated with vendors and preformed technical assessments of proposed purchases to include implementing, training, and expanding automated data processing projects.



Contact this candidate