Post Job Free
Sign in

Senior IT Security Analyst

Location:
Santa Fe, NM
Posted:
August 02, 2016

Contact this candidate

Resume:

Larry D. Coleman, II CISSP

Profile

I have over 20 years in the Information Technology industry as a team member or manager of security or support teams. My goals are to improve the quality of network service, security, desktop support, and systems integration. My experience includes broad areas in information technology, network and server administration, incident handling management, forensic analysis (SME), help desk support, BCP, DRP, and service and security management. I have focused my education and personal growth over the past ten years on security related fundamentals and concepts that enhance the integrity of computing environments. My hands on technical skills, advanced training, and field experience allow me to provide comprehensive solutions for security issues. I am comfortable working hands on with any hardware and software products when performing audits, threat analysis, or other security tasking. I have high-level technical skills that allow me to review and validate security standards. I adapt to job content and tasking to provide the greatest scope of services possible.

Management Suites/Servers/Environments – Microsoft Exchange, Active Directory, MS Server 2000, 2003, 2008, Macintosh Servers, VMWare servers and workstations, Citrix, Microsoft Exchange, VAMT, Juniper, VERITAS, Tivoli, managed hundreds of subnets and all peripherals for 100,000 users

Customer Service/Training – IT Technology consulting, hardware and software analysis, project management and budgeting, management, one on one training, student mentoring, group presentations, public speaking, security publications, IT related training up to 600 clients a day in lecture format. Managed corporate training and compliance processes.

DB, Desktop, Server Operating Systems, and Scripting Languages – Windows (7, Vista, XP, 98, 95, 3.1), Macintosh (7, 8, 9, 10.X), Citrix Thin Client, Linux desktop, Ubuntu, Redhat, various thin clients, Python, Ruby, Java, PHP, VB, UNIX, and as needed other products. SQL 2000 and 2005 Management, Access, Oracle, Fox Pro, Borland Data Base Engine, Sybase, Dbase 2 & 3

Security Suite Administration – Snort, Checkpoint, Symantec Endpoint Protection, Solar Winds, NMAP, Wireshark, MS WSUS and SMS Servers, Cain and Able, John the Ripper, Kismet, Netstumbler, Cheops, S-Tools, PGP, McAfee Enterprise products, SIFT, TCTK, Autopsy, dSniff, Encase, Knoppix, Helix, Hping2, Maltego, Metasploit, Tripwire, BASE, Netcat, Log Logic, Arc Site, Iron Port, Solar Winds Engineering Edition, Qualys Compliance and Network Scanning Tools, WhiteHat Application Scanning Tools, Nessus Vulnerability Scanner, RSA enVision, Palo Alto Networks, Wildfire, SourceFire VDC, FireEye, Trend Micro, Kali Linux, and other products as required.

Key Applications – Microsoft Office Suite, MS Project, Remedy, Symantec Ghost, UIU, Meeting Maker, Entrust, VMWare Fusion and Parallels, CAD/CAM, Autodesk Suite, Solid Works, Mathcad, Browsers (Safari, IE, Opera, Fire fox), Pro-E Application & PDM Link

Infrastructure/Networking/Hardware configuration – TCP/IP, VPN, routers, switches, hubs, firewalls, network topology, RAID design and implementation, wireless networking, PC desktop hardware, Fiber Channel, VOIP, printers, scanners, PDA, telephony, Blu Tooth, Disaster Recovery Procedures and Hardware, Business Continuity Plans, and Offsite Backup Storage Mirror, Nortel and Cisco Switches and routers, support and manage SCADA devices (electrical, nuclear, waste plants, water processing), full disk encryption, real time IDS, remote services for device management. I have experience and knowledge with Security Event Monitoring /Analysis, NIDS, HIDS, SIEM, File Integrity Monitoring, Log analysis. Peripheral and forensic audit level knowledge skills that for Arc Sight, Tripwire, Source Fire, Deep Security, Checkpoint and other products as deployed to assist in securing and auditing all IT components and software.

Employment History:

03/15 – Present, Caterpillar Inc., Threat & Vulnerability Management Technology Engineer/Analyst, Corporate liaison for global review and mitigation of security threats and resolution management of processes.

Provide stakeholder guidance on security related issues and processes for mitigation or acceptance of risk

Meet with global teams and review documentation and reports to determine optimal practices for risk reduction

Review reports and documentation from security teams defining new risk associated with global infrastructure

Communicate with all international teams and provide guidance to manage risks and improve internal processes

Balance risk analysis review process and liaison with engineering teams and CISO level management for compliance

Validate optimal configurations and procedures are chosen enhancing security within corporate resources

Conduct meetings and provide documentation for oversight and reporting on steps taken to mitigate threats

03/14 - 03/15, United Guaranty-AIG, Senior Security Analyst, Tasking includes risk management, security systems and appliance optimization, and to improve alerting and response processes.

Research and provide guidance for current and future threats using all available sources to review and evaluate

Test and validate critical business infrastructure compliance to security policies to provide effective risk analysis

Perform cyber security threat analysis, preventative, and optimize monitoring control effectiveness

Investigate and assess security solutions for protecting critical business assets on premise and in 3rd party environments

Investigation of cyber security incidents including root cause analysis, gaps and remediation activities required

Attend IT and business meetings to provide guidance to meet organizational goals and improve processes

Review current security environment and improve response and alerting to mitigate potential threats at all levels

Perform forensic reviews at root level threat vectors to validate severity of issues alerted to and respond appropriately

Mentored interns and students to provide security oversight and guidance related to industry standard practices

09/12 - 12/13, MicroBilt Inc., Senior IT Security Analyst, Tasking includes management of all aspects of corporate security policies and procedures including:

Design and development of policies and security architecture for cyber security processes and procedures

Perform cyber security threat analysis, preventative, penetration testing, and monitoring control effectiveness

Attend business meetings to educate IT, business users, and stakeholders on security policies and directives

Vulnerability Management and Incident Response (Management of Incident Response and Forensics Teams)

Establish configuration and support for Anti-virus, Web Access, Vulnerability Scanning and Remote Access solutions

Audit and enforce security policies both internally and with vendors, clients, and customers.

Proactive determination of trends related to predictive pathways, threat agents, and attack vectors

Coordination of Patch Management, Penetration Testing, and Network Management Strategies

Evaluate technology solutions and provide recommendations for the most secure way to implement these solutions

Provide Information Security training to new employees and administer semi-annual Security Policy awareness

Create, manage, and prepare all documents, policies, and procedures to pass all external audits for 2013-2014 FY

08/11-10/11, Security Audit Consultant, Supervisor and Project Lead, State of New Mexico, Department of Health, IT Security Division, Santa Fe, NM (TekSystems, Albuquerque, NM)

Managed project to validate the IT systems and structure of the NM Department of Health WIC Division

Audit to verify compliance with the HIPAA and USDA requirements IT security requirements and standards

The audit was completed and delivered on time as specified by the contract in the format required

Wrote all of the testing, inspection standards, and procedures for statistical validation of review data

Established the guidelines for verification of all IT related processes with CSO and security teams

Conducted network and web penetration testing as specified by contract standards and limitations

Interfaced with the CSO to insure that all terms of the contract were met as scheduled and completed on time

08/10-06/11, IT Support and Security Consultant/Manager, US Army, NMARNG, State of New Mexico, Department of Military Affairs, Santa Fe, NM (Sabio Systems, Albuquerque, NM) DOD Public Trust Clearance Granted

365/24/7 support for the military facilities located in New Mexico (covering all physical geographic areas of NM)

Created documentation concerning operations of Distance Learning facilities and supporting infrastructure

Monitored and communicated with DOD and Army HQ to report usage and functionality of deployed systems

Interfaced with contracting companies to validate communication and hardware security requirements

Managed and completed classroom and communications upgrade for NM ARNG training facilities deployed in NM

Provided documentation on path forward for upgrade of hardware and software refresh process

03/09-06/10, IT Consultant (Security, Network, Hardware, & Software), (Tygrys Inc., Albuquerque, NM)

On call 365/24/7 to support the Tygrys-Techs Company and its contracted organizations.

Validated that organizations complied with current government regulations for networks and security

Verified network and system performance are within contracted performance specifications

Resolved issues regarding software, network, and security issues and potential intrusions

Established policies for Disaster Recovery, Business Continuity, and Data Backup systems.

SME specializing in management of IT security, compliance, reporting, and support

04/99-01/09, Systems/Network Security Administrator, Los Alamos National Laboratories, Los Alamos, NM (DOE)

“Q” clearance with HRP endorsement for work in SNM-TS/SCI environment as required (Inactive)

Installed, loaded, upgraded, and configured software packages according to established standards

Organized and wrote training and technical support manuals for hardware and software

Engaged with law enforcement agencies investigating network and hardware security events

Supported Microsoft Windows 2000, 2003, and 2008 Server, SMS, and Active Directory as an Administrator

Monitored SIPRNET Standards and reported deficiencies discovered. Desktop on Demand Classified Amin account.

Assisted security departments with investigations and locating intrusions on systems and networks

Supported a heterogeneous environment including hardware, software, and supporting systems

Supported several different SCADA systems including electric power and waste handling for nuclear materials

Evaluated and reported on network and desktop activities from deployed security sensors

Secure/Classified (Red Network) Administrator (Win 2000 Server and Advanced Server)

Training Consultant and Director of Staff Education and Training (CFO SYSTEMS)

Consulted with vendors to select, install, and configure hardware for maximum productivity

Certifications

2015 CISSP (ISC) 2 CISSP Certification Program for IT Security Professionals

2009 Security+ CompTIA Certification for General Computer and Network Security (Security+)

2008 GCFA SANS Global Information Assurance Certification (Forensic Analyst)

2007 GCIH SANS Global Information Assurance Certification (Incident Handling)

2007 DCSE Dell Certified System Expert (All Hardware and Support Software Products)

2006 GSEC SANS Global Information Assurance Certification (Security Essentials)

2000 Network+ CompTIA Certification for Networking Environments (Network+)

1999 MCP Microsoft Certification for supporting NT 4.0 Workstation and Server Management

1999 A+ CompTIA certification for computer hardware and DOS/WIN OS (A+)

1998 MCP Microsoft Certification for Windows Desktop Support and Configuration

Advanced Training

SANS: MGT #414, Preparation for CISSP and GISP Certification Examinations (facilitator) March 2013, GIAC # 503 GCIA Security training/intrusion detection in depth, Security and Application planning for SCADA infrastructure and applications, Specialized Application Knowledge and Security, Web App Penetration Testing, Ethical Hacking, and Tactical Application Exploitation, Next Evolution in Digital Forensics and Windows Command-Line Kung Fu for Info Security Professionals, and LINUX/UNIX fundamentals and security management

Microsoft: Windows 95, 98, 2000, XP, Vista, 7, 8, and Server products (AD, SMS, Advanced Server 2000 and 2003)

Interface Training: CEH-500 Ethical Hacking Essentials in Lab environment

SANS Technology Institute, Bethesda, Maryland, Masters level coursework for IT Security Science Program

Project Management and Tasking

Apr 1999-Dec 1999: Project manager for IT OS migration for BUS Division, Win 95 to Win NT 4.0, 900 systems

Mar 2002-June 2002: Project manager for testing of new DOE required Travel Expense Tracking System (Enterprise)

Oct 2004-Feb 2005: Project manager for conversion of Nuclear Weapons server environment to a fiber workstation

Oct 2005-February 2006: Project manager for building a DB application to validate client licensing issue for LANL

Aug 2006-Feb 2007: Project manager for improving service in the “open” areas of LANL Nuclear Production Teams

May 2007-Aug 2007: Project manage to reduce solid waste from nuclear production facility and save funds in disposal

Feb 2008-Aug 2008: Project manager to reduce network traffic issues between production facility and staffing teams

Dec 2010-Mar 2011: Project manager for updating Distance Learning centers for NMARNG and State of NM

Apr 2011-Jun 2011: Project manager to establish metrics that validated value of DL Program of NMARNG to DOD

Aug 2011-Oct 2011: Project manager to evaluate compliance of software and infrastructure for NM DOH

Sep 2012-Dec 2013: Project Manager to bring corporation into compliance for PCI DSS, SSAE16, and EI3PA standards



Contact this candidate