ad11n7@r.postjobfree.com

571-***-****

Stafford,Virginia

https://www.linkedin.com/in/fonzow

Alfonso Wells Jr.

INFORMATION SECURITY TECHNICIAN

Diligent Professional with more than 8 years of experience in the Information Technology Field. Adept at training and educating internal users on best practices as they pertain to Information Technology & CyberSecurity Frameworks. Specializes in securing servers, operating systems and networks. Possesses strong verbal and written communication skills with the ability to communicate to all levels of the organization and work effectively with clients. Seeking an Information Security position within a great, family-oriented organization. Specializes in securing ervers, operating systems and networks with a focus on a Zero Trust approach. Proficient in Windows and Linux system configurations, with experience using PowerShell and Red Hat Linux to run commands and automate system tasks.

Use of Windows 10, Linux (Ubuntu, Kali, Red Hat), Powershell

Tools: JIRA, Tenable Nessus SCAP, STIGVIEWER, Wireshark, Network Security, Access Control, Qualys, Penetration Testing, Patch Management, Automox,, Web Scanning, Firewall setup, SolarWinds Security Event Manager

Policy and Framework Knowledge: Risk Management Framework, NIST 800-53A

SSP Plan Review: Proficient in reviewing and analyzing System Security Plans (SSP), ensuring compliance with established security protocols and identifying potential vulnerabilities

ACCOMPLISHMENTS

AWS - Developed an in-depth training regime that streamlined technical processes, leading to a higher ticket closure rate globally. As a result, this improved security hygiene and posture by 45%, incorporating zero trust principles.

LinkedIn - Consistently praised for communicating effectively with a variety of parties within the department. Known for excellent problem-solving skills and patience in dealing with frustrated users, aligning with a zero trust mindset to address security challenges proactively.

CLEARANCE

DOD Secret Clearance (In-process)

CERTIFICATIONS

CompTIA Security +

AWS Cloud Practitioner

CISSP (Spring 2024)

EDUCATION

Masters of Science in Information Systems Security (2024)

University of the Cumberlands, Williamsburg, Kentucky

Bachelors of Science in Kinesiology Business (2011)

Liberty University, Lynchburg, VA

Minor in Business Administration. Included: Business Systems Management and Development.

Academic Project Experience

Engaged in a collaborative effort within a master's class at the University of the Cumberlands to craft a comprehensive Risk Management Plan and Business Impact Analysis (BIA) tailored for healthcare cybersecurity. Utilized Splunk technology to conduct data analysis, identify vulnerabilities, and devise robust risk mitigation strategies specific to healthcare cybersecurity challenges.

Aligned the plan with stringent regulatory frameworks such as HIPAA, HITECH, and PCI DSS, ensuring compliance and enhancing security measures for safeguarding sensitive healthcare information.

This academic endeavor, supported by hands-on experience with Splunk, underscores expertise in designing strategic cybersecurity initiatives and highlights practical insights gained in risk assessment methodologies within the healthcare sector.

WORK EXPERIENCE

Information Security/ Security Engineer

HCL-Meta, Ashburn, Va August -present

Lead Engineer/ information assurance

Provided comprehensive vulnerability management support using the Risk Management Framework (RMF) program, resulting in the identification and mitigation of critical vulnerabilities.

Led and executed automated system patching efforts using Automox, resulting in timely updates and enhanced security measures.

Detected and mitigated a security threat using Wireshark PCAPS resulting in saving the company an estimated $25,000 by addressing these vulnerabilities before they could be leveraged for malicious purposes.

Diagnosed and resolved hardware failures and error conditions in pre-production hardware environments, minimizing downtime and preventing potential financial losses associated with production delays.

Managed complex hardware system projects, including experiments, NPI, and product testbeds, involving customization and integration of engineering sample hardware within Meta's production environment. Led program design, testing, phase exit, and retrospective efforts, resulting in streamlined processes, reduced project timelines, and improved efficiency.

Collaborated with hardware design and validation teams, vendors, and others to test and deploy new server and storage products across our data center infrastructure, ensuring seamless integration and optimal performance.

Communicated and coordinated with other data center technical operations teams, fostering effective cross-functional collaboration and knowledge sharing to achieve common goals and objectives.

Conducted regular scans of network assets and systems using Tenable Nessus, identifying vulnerabilities and potential security risks, and proactively implementing appropriate remediation measures.

Developed and maintained vulnerability management documentation, policies, and procedures, ensuring adherence to best practices and regulatory requirements, and facilitating efficient vulnerability management processes.

Stayed up-to-date with emerging security threats, vulnerabilities, and attack techniques, proactively enhancing knowledge and skills to effectively mitigate potential risks and safeguard company assets.

Hardened and patched window systems via Disa Stigviewer

Information Technology Analyst Vulnerability analyst

LinkedIn – Ashburn, Va. September 2019 to August 2022

Consistently achieved "outstanding" ratings on performance reviews each year, earning top marks in teamwork (95%), customer service (98%), communication skills (92%), and technical problem-solving (90%).

Conducted exercises to test the effectiveness of the incident response plan, identified gaps in the plan, and made recommendations for improvement, resulting in a 30% reduction in incident response time

Oversaw all aspects of the data center's critical physical infrastructure, ensuring high-quality work without any impact to internal/external customers.

Developed and implemented effective cyber security plans, maintaining the security of computer files against unauthorized modification, destruction, and disclosure.

Hardened and assessed operating systems and other IT technologies using Confidential IASE STIGs and SCAP STIG Viewer, aligning with NIST 800 53A Security Controls to ensure compliance.

Routinely troubleshooted vulnerable servers and replaced new hardware as needed, providing in-depth analysis and categorizing servers by utilization, hardware, and software status.

Tracked all risks within the customer's networks, including POA&M’s & exceptions, ensuring comprehensive risk management.

Performed vulnerability solution testing, including hardware/software upgrades, software maintenance, and firmware updates.

Organized and supervised the execution of web scanning and testing activities, ensuring thorough coverage and accurate identification of potential security risks.

Information Security Analyst CyberSecurity Support Representative (Internal Technical Support Rep.)

Sploit iO LLC – Burke, VA – January 2018 to June 2020-internship

Primarily acted as the Information Technology Support representative regarding any immediate internal concerns as it pertained to CyberSecurity.

Assisted in the implementation of Security Technical Implementation Guides (STIG) to harden host based operating systems such as Windows 10 and Windows Server Operating systems within the customers infrastructure.

Monitored and evaluated the execution of penetration testing, vulnerability scanning performed on the respective customer.

Identified gaps or vulnerabilities in computer applications or networks across the company, which includes managing and modifying applications or network security scan profile and scan policies as per the baseline standards from NIST-800 53A.

Performed security analysis of the different layers of the systems (application database layers) by performing manual testing and automated system vulnerability assessment scans using various web, application, operating systems, and database vulnerability scanners.

Identify gaps or vulnerabilities in computer applications or Leidos networks across the company, which includes managing and modifying applications or network security scan profile and scan policies as per the baseline standards.

Provided Cyber Security technical support services to Acquisition Procurement Management Assessed and reviewed policy documents that was relevant to government that adhered to AWS Cloud.

Documented and organized vulnerabilities that were detected from compliance scans within the infrastructure.

Assist with the system owners and system administrators to audit standard operating procedures, checklists, and policies.

Server Assessment Specialist Technical Support Analyst

Amazon Web Services –Manassas VA – April 2016 to July 2019

Routinely exceed ticket closing goals, closing an average of 60 tickets daily (25% above quota) with a 75% first-ticket resolution ratio and an average assessment time of 5.5 minutes -- well below 7-minute goal.

Maintained inventory control and documentation on systems and components to ensure updates occur according to schedule and procedure

Responsible for processing and facilitating large scale legacy DATA center equipment through a liquidation process to ensure that targeted equipment is ready to be removed off premises.

Interchangeably acted as the Server Assessment Specialist and(or) Technical Support Analyst, depending on the specific business and organizational needs for the week,

Escalated high severity findings to senior technicians and management as needed/required.

Maintained network by troubleshooting and repairing outages; testing network back-up procedures; updating documentation

Diagnosed, troubleshooted and resolved a range of software, hardware and connectivity issues.

Effectively communicated with different departments to ensure servers were fully secure and hardened prior to deployment.

Troubleshooted servers and isolated tested hardware for testing and performance.

Consistently corresponded through Remedy ticket service for any form of technical communication.

Securely relocated and moved large enterprise equipment to secured on-site location, as part of our strict asset management process.

Worked with configuration solutions on auditing products, security configuration solutions, while monitoring system scans via Tenable Nessus software.

Performed limited maintenance tasks to include filter changes, battery system PMs, and Rack PDU & Rack ATS replacements.

Diagnosed and trouble shoot server errors, while creating best practices to mitigate them in the future.

Supported large enterprise network with 1000+ nodes, while actively decommissioning, removed, and destroyed Cisco and Quantum Switches.

Configured and wiped Cisco and Quantum Switches: HDD/SSD/Flash/Removable storage media.

.

Information Technology Technician

VA Data Center/ Metro systems – May 2015 to April 2016

Prepared correspondence, maintained client appointment logs and records, and provided ongoing support to build rapports and disseminate information.

Analyzed incidents or problems, identify root causes, diagnose, troubleshoot, and resolve a range of medium to complex software, hardware, and connectivity issues.

Engaged in improvement projects, often requiring reaching out to a variety of support teams and drive them from conception to completion.

Coordinated daily with a multitude of third-party vendors ensuring adherence to contracted SLAs.

Routinely operated as the afterhours on-call Data Center Facility Manager for the data centers in the region.

Routinely, monitored and maintain the network, ensure network availability so that the remote users can have stable access to the servers.

Documented the phone calls via the ticketing system, and supply work notes so that other technicians will understand the customer’s needs.

Contact this candidate