Information Systems Security Officer
Resume:
BRENDA Y. HANDY
Frederick, MD *****
Phone: 202-***-**** e-mail: ad0th9@r.postjobfree.com
Clearance Level: Secret
Objective: Obtain a position as a Information Security Officer, Project Manager, Program Manager, or Chief Information Security Officer Qualification Summary: Technical leader in Strategic Planning, Policy Development, Risk Management Framework (RMF), Incident Handling, Incidence Response (IR), Contingency Planning & Testing (CP/CPT), System Engineering Life cycle (SELC) in Enterprise Security and Healthcare EDUCATION
BSEE, Howard University Master Certificate in Quality Assurance, Villanova University CMSC, UMUC MS in Cloud Computing Architecture, UMGC Sec +, GSEC
OS: RedHat Linux/CentOS, SuSe, Ubuntu, Windows Servers/Workstations, JunOS, Cisco IOS Databases: MySql/SQL, PostgreSQL
Programming: Bash Shell Scripting, Java, HTML, CSS, Perl Ticketing Sys: Footprints, Salesforce, Remedy, HPSD, SDE Monitoring: NetCool, Healthcheck, Zenos, Solarwinds, Log Storm, Splunk, Traverse, ArcSight IA: FISMA, OMB, FIPS199, SP800-18, NIST800-53, 800-64, 800-64, 800-37 Tools: VmWare, Nessus, NMAP, HelixPro, EnCase, Autopsy, Access Data, RSA, Metasploit, Wireshark, Kali Coalfire Federal
(Contractor with USAID)
(2022)
(Cybersecurity)
Senior Information Security Officer
● Responsible for implementing,managing, and aligning the security posture of FedRamp major systems and applications based on the mission and business functions
● Familiar with cloud solutions such as AWS, Azure, Google, CRM, Zoho, and Valimail DMARC solutions
● Principal advisor for information security matters such as NIST 800-53 rev 5, Risk Management Framework (RMF), ADS, and SOC2 policies, procedures, standards, and guidelines
● Understanding of Governance Risk and Compliance (GRC)
● Attend Change Control Board (CCB) meetings and participate in an internal Change Management Review before acceptance
● Ensure system changes are tested, documented, and implemented in accordance with System Development Life Cycle (SDLC) procedures
● Conduct impact analysis according to Confidentiality, Integrity, and Availability (CIA)
● Draft, develop, update the System Security Plans (SSP), Security Policies, and Risk Assessments Reports
● Provides guidance on system security, certification and accreditation (C&A) activities
● Interact and build relationships with key stakeholders such as Chief Information Officers (CIO), System Owners (SO), CISM, Technical Staff, Change Control Board (CCB), Security Operations Center (SOC), Compliance Team, and Document Review Team
● Review Continuous Monitoring Scorecard detail reports, audit logs, and weakness search report
● Conduct vulnerability scans
● Categorize, prioritize, and remediate findings from vulnerability scans and submit as Plan of Actions & Milestones (POA&M)s
● Ensure all system users and people with security responsibilities receive their annual Security Awareness (SA) training
● Review and validate user access rights and ensure users sign the Rules of Behavior (ROB) before being granted access
● Manages the day-to-day system security aspects including physical and environmental protection Contingency Plan Coordinator
● Provide Contingency Plan (CP) technical expertise and working knowledge of CP activities
● Conduct Business Impact Analysis (BIA)
● Perform testing, training, performing walk-through or other simulated exercises that aligns with the Continuity of Operations (COOP)
● Document all results from the Contingency Plan Test (CPT)
● Responsible for approving/rejecting the CP/CPT
● Make the necessary changes to enhance the security posture of the component
● Ensure Incident Response Plan (IRP) and Incident Handling Procedures are accurate and up to date
● Regularly test the Contingency Plan to ensure compliance accordance to the FISMA Perspecta/SiloSmashers/ManTech
(Contractor with Department of Homeland Security)
(2016-2021)
(Cybersecurity)
Senior Information Security Officer
● Responsible for implementing and managing the security posture of HQ and TSA’s major systems and applications based on the mission and business functions
● Ensures compliance with applicable Federal laws, Executive Orders, Directives, Policies, and Regulations
● Principal advisor for information security matters such policies, procedures, standards, and guidelines
● Interact and build relationships with key stakeholders such as Chief Information Officers, System Owners, Technical Staff, Change Control Board, Security Operations Center, Compliance Team, and Document Review Team
● Draft, develop, update the System Security Plans, Security Policies, and Risk Assessments
● Review scorecard detail reports, audit logs, and weakness search report
● Conduct vulnerability scans
● Categorize, prioritize, and remediate findings from vulnerability scans
● Ensure all system users and people with security responsibilities receive their annual security awareness training
● Review and validate user access rights and ensure users sign the Rules of Behavior before being granted access
● Participate in the development phases and ensure security requirements in all phones of the system life cycle
● Manages the day-to-day system security aspects including physical and environmental protection
● Plays an active role in continuous monitoring to include assessing the security impact of system changes, updating the SSP, managing and monitoring changes to the system, and disposal of the system in accordance with TSA and DHS security policies and practices
● Provides guidance on system security, certification and accreditation (C&A) issues, and INFOSEC policy and security vulnerabilities
● Attends program technical exchange meetings, staff meetings, and program review milestone meetings, as directed
● Monitors and track status of applicable patches including IA vulnerability alerts (IAVA), IA vulnerability bulletins (IAVB), and technical advisories (TA) for the networks, operating system(s), and applications if applicable
● Reviews applicable audit logs for actions to include but not limited to security relevant events/activities, suspicious activity, baseline changes and notify the ISSM of any discrepancies
● Understand the component’s policies and procedures regarding incident reporting and handling Contingency Plan Coordinator
● Provide Contingency Plan (CP) technical expertise and working knowledge of CP activities
● Conduct testing, training, performing walk-through or other simulated exercises that aligns with the Continuity of Operations (COOP)
● Document all results from the Contingency Plan Test (CPT)
● Responsible for approving/rejecting the CP/CPT
● Make the necessary changes to enhance the security posture of the component
● Ensure Incident Response Plan (IRP) and Incident Handling Procedures are accurate and up to date
● Regularly test the Contingency Plan to ensure compliance accordance to the FISMA
● Ensure system changes are tested, documented, and implemented in accordance with SDLC procedure
● Assist with the compilation and organization of Information System reporting Configuration Manager
● Active member of the Configuration Management Board
● Ensures configuration management for software, hardware, and firmware is maintained and documented
● Conduct impact analysis according to Confidentiality, Integrity, and Availability (CIA)
● Properly update necessary system security changes in Security Plan and Interconnection Security Agreements
● Attend Change Control Board (CCB) meetings and participate in an internal Change Management Review before acceptance Center for Medicare/Medicaid Services
(2014-2015)
(Healthcare Security)
Senior Security Consultant
● Senior certifying and management official that verified the results of the security assessments
● Made authorization recommendation to Senior Management and key stakeholders
● Provided data and coordinated activities throughout the entire lifecycle
● Analyzed results from vulnerability scanning tools such as Nessus, McAfee Vulnerability Manager (MVM), HP WebInspect, QualysGuard, Redseal, AppDetective, BurpSuite, and Wireshark
● Participated in security control assessments based on a Risk Management Framework approach
● Conducted Security Testing of security related documents based on NIST 800-53A, NIST 800-30, and FedRamp
● Generated Risk Scores on all Assessment Findings based upon NIST 800-30
● Proficiency understanding the technical architecture of IT systems built using Windows, UNIX, Linux, IBM AIX, VMware, Citrix, Oracle and MySQL platforms
UltiSat
(2013-2014)
(Enterprise Managed and Monitored Security Solutions) Senior Network Security Analyst
Network Security Consultation
● Strong working knowledge of Security Services, Networking, Security Policies, and Consulting
● Architect and Designed Computer Security Incident Response Program for corporate and all managed customers to record and report incidents
● Developed security procedures for design reviews, operational monitoring, recording, and responding to security events
● Managed Security, Test, and Evaluation (ST&E) on production and integration systems by performing remediation efforts
● Track Plan of Action and Milestones (POA&M)
● Used Security Technical Implementation Guide (STIG’s) enhance security posture, mitigate network attacks, prevent system access and lock down information systems that might be vulnerable to a malicious attack
● Prepared incident reports of analysis methodology and results
● Reported alerts to FBI agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems.
● Designed and implemented a Vulnerability Management Program that includes License Management and Patch Management Firewall Implementations
● Proven experience in installing, configuring, monitoring, and troubleshooting network security solutions and related monitoring tools including L2/L3 network devices, Firewalls, IDS/IPS, VPN Solutions
● Implemented ACS device administration including including configuring AAA/TACACS+ on routers, switches, and firewall devices
● Configured 2 factor authentication that includes AD or RSA administration
● Deployed IPS network modes
● Implemented signature engines, event actions, anomaly detections, and risk ratings Vulnerability Assessments
● Ensured the integrity and protection of networks, systems, and applications of organizational security policies
● Performed periodic audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance using tools such as Nessus, Retina
● Monitored alerts and review rsyslog from all managed devices using SIEM tools
● Recognized potential, successful, and unsuccessful intrusion attempts and compromises through reviews and analyses of relevant event detail and summary information
● Performed analysis of network and system issues on production servers, virtualized and testing environments
● Assisted with implementation of counter-measures or mitigating controls including forensic investigations Symantec
(2012-2013)
(Enterprise Managed and Monitored Security Solutions) Linux Security Network Engineer/Qualifications Engineer Firewall Implementations
● Successfully managed complex Information Security solutions for numerous Fortune 100 companies worldwide
● Troubleshot and remotely managed client Enterprise Firewalls/Intrusion Detection Systems including McAfee Network Security Manager
● Responsible for the installation, configuration, health, and management of SOC managed security devices Checkpoint
● Monitored Checkpoint Dashboard for traffic translation through a firewall
● Configured OPSEC and Lea Agents for Checkpoint Firewalls
● Verified correct objects via SmartDashboard
● Monitored network activities and performance of all Checkpoint applications via SmartView Cisco
● Troubleshoot Cisco devices via sh ver which shows the devices total Up time
● On Cisco devices, packet captures of all traffic that passed through the firewall was used to troubleshoot
● Ran sh int to verify if pertinent interfaces were up and running and traffic sending/receiving
● Checked to confirm if redundancy was working correctly via sh fail
● Verified VPN status using sh crypto ipsec
Juniper
● Processed for capturing using snoop
● Viewed logs via the web interface and cmd line via get log traffic
● Debugged using various utilities such as debug flow basic used for monitoring packet processing, debug nsmgmt all used for monitoring
● NSM management, debug ssh used for monitoring device SSH management
● Checked buffer status via get dbuf info
● Verified VPN status using get ike cookies and get sa active Secure Managed RedHat Enterprise/Centos Servers
● Installed RedHat software packages via yum repositories
● Ensured that rsyslog was installed and running in order to send/receive/monitor logs from configured firewall devices
● Ran tcpdump to sniff for wanted/unwanted traffic on client’s network
● Checked resource utilizations using TOP to improve performance on systems
● Configured NTP to ensure that log stamps and systems had the correct time and time zone
● Set iptables to allow/disallow pertinent traffic
● Hands on experience with configuring and troubleshooting tripwire
● Worked with customers to resolve all OS related issues RTGX
(2009-2011)
(Government Defense Contractor)
Senior Systems Security Analyst
Network Security Consultation
● Constructed Patch Management, License Management, and Asset Management Policies
● Architected Computer Incident Response Plan
● Created and evaluated STIG's
● Developed hardening policies for Windows Servers/Desktops, Linux Servers, Web services, and all networking devices
● Created SOP's
Secure Windows Server Administration
● Administered Microsoft Active Directory, DNS in an enterprise environment
● Performed WSUS and applied appropriate patches and hotfixes on Windows 2003 servers
● Configured shared folder and file system permissions, and verified effective permissions when granting permissions
● Audited systems to be upgraded and ensure software and licenses are available to complete the upgrade Secure RedHat Linux Server Administration
● Maintained company Apache Web server
● Verified apache subdirectories are all owned by root and have correct permissions
● Applied apache mod_security module to enhance the overall security
● Setup different security utilities such as ssh, tripwire, tcp wrappers, etc.
● Created ssh tunnel to enhance security on X window sessions
● Established SeLinux to provide minimun amount of security for users Firewall Configuration
● Applied patch management on firewalls
● Upgraded networking devices
Vulnerability Assessments
● Web Host Testing on Linux Server
● Observed network traffic using Wireshark, tcpdump, tetheral, etc for intrusion attempts
● Configured SSL to improve security
● Monitored server applications, system and security logs
● Performed auditing techniques using tools such as Nessus, NMAP, etc. for finding vulnerabilities in networks and applications
● Investigated computers and performed forensic techniques for malware and intrusion detection Nextpoint Networks
(2006-2008)
(Leading provider of secure and intelligent IP-based solutions that enable connectivity of high-quality voice, data, and video sessions) Lead Information Security Assurance Engineer – VOIP SBC Network Security Consultation
● Defined, planned, tracked, and managed assigned projects throughout the Software Development Life Cycle
● Conducted capacity planning reviews
● Provided expertise for customer related issues to internal support teams and offshore teams
● Designed various test plans, test cases, and test reports for customer case scenerios Firewall Implementations
● Configured, verified, troubleshoot VLANs and trunking for Cisco and Netgear routers and switches
● Enabled/created blacklisting/whitelisting of endpoints in order to prevent/allow recurring of pertinent attacks
● Performed private to public IP to network address and port address translation in real time
● Setup realms in order to hide topology and setup user controls and password policies
● Created Call Admission Controls for specific partitions
● Performed advanced Session Border Controller functions such as Outbound Proxy, Mirror Proxy, SIP Proxy modes
● Managed bandwidth settings which prevented DoS and flooding attacks Secure RedHat Linux Server
● Setup and configured tftp, dhcp, ntp, dns, and nat servers on RedHat Enterprise
● Verified network status and switch operation using utilities such as ping, traceroute, telnet, ssh, arp, ipconfig, etc.
● Database performance tuning
Vulnerability Assessments
● Tested Availability of product features via stress testing including simulating multiple phone calls concurrently
● Performed detailed analysis of available system data to determine system performance, utilization, and capacity
● Measured Integrity of data by populating multiple reports while database contains over 2 million records for routing information
● Wrote several scripts and ran them as cron job in order to check system settings at specific time intervals
● Verified user authentication using PAM by using various password tampering and vulnerabilities techniques NFR Security
(2004-2006)
(Leader in real-time threat prevention and creator of award-winning intrusion prevention (IPS) technologies) Senior Information Security Assurance Engineer – IDS/IPS Network Security Consultations
● Resolved customer reported issues while working closely with internal teams and provided feedback for improving the product quality
● Contributed to process improvements within the organization Firewall & IDS Implementations
● Configured Snort IDS to run on sniffer mode and packet mode
● Attached IDS to spanning port on switch for monitoring
● Configured IDS to be configured inline in order to alert on events of interest Secure RedHat Linux Servers
● Installed/Upgraded/Patched different versions of software on SuSe10, RH8/9, Solaris 8/9, and Enterprise Server
● Monitored RedHat CPU, memory utilization via top, iostat, vmstat for availability
● Performed back ups on systems
Vulnerabilty Assessments
● Configured, consolidated, and viewed pop up alerts panel to monitor alert activity such as network/audit/system list
● Captured and viewed raw packets using ethereal
● Created alert rules in addition to configuring them to send emails
● Reviewed IDS signatures
Contact this candidate