DEMETRIUS ODOM

Atlanta, GA ***** 334-***-**** ad38pi@r.postjobfree.com

SUMMARY

Efficient Cloud Security Consultant with 12 years of experience assembling cloud infrastructure. Utilizes strong managerial skills by negotiating with vendors and coordinating tasks with other IT team members. Implements best practices to create cloud functions, applications and databases. Actively Pursuing CCSP and PMP certification. Operation Inherent Resolve Campaign Medal recipient

SKILLS

System Administration

PCI DSS

Sarbanes-Oaxley

Wireshark

Assessment and Authorization

(A&A)

Security Control Traceability

Matrices (SCTM)

Information Assurance

SQL Servers

Risk Management Framework

DOD Policies

Splunk

HIPPA Compliance

Windows/Unix Forensics

Data Lakes

Agile Work Environment

DevOps

IaaS

Azure Security Center

Endpoint Protection

Azure Container Registry

Plans of Action and Milestones

(POAM)

Azure Active Directory

System Security Plans (SSP)

Information Security

NIST SP 800-53

Pentesting

Kubernetes

Jira

Azure Service Bus

Docker

Azure Sentinel

Tanium

Azure Kubernetes Service

Windows PowerShell

Cyber Defense

IAVA Compliance

Palo Alto Firewalls

Continuous Monitoring

Machine Learning

Confluence

Synapse

WebJobs

Azure Monitor

Azure Blueprint

Azure Data encryption

Azure Defender

EXPERIENCE

06/2020 to Current Senior Cloud Security Engineer

SAIC

Administrative duties such as system reports, communications with associated departments, and team support as needed Implement server hardening techniques to ensure compliance Design technical control standards for a variety of information systems based on industry best practices and guidelines (e.g., NIST CSF, CSA, CIS, OWASP)

Define and document requirements for secure operations across the entire delivery ecosystem: internal datacenter, secure perimeter, public cloud, software-as-a-service, vendor hosted, public and private endpoints, etc

Developed Incident Response Plan for implementation as a guideline in preparation for RMF audit in accordance with NIST SP 800-53 Ensure IaaS and PaaS backup, recovery, high availability is fully implemented

Oversee the enhancement and maintenance of Clearent's secure software delivery lifecycle, including all aspects of secure coding practices, integration of security principles and practices into DevOps/DevSecOps, etc

Coordinate with all departments to ensure cyber security control design is richly informed by current threat intelligence and incident response Prepare and present accurate and timely information in response to audits and regulatory exams; institute a proactive culture to align activities and measurement with internal policy and regulatory requirements

Building security strategies, firewalls and systems unique to the company, encompassing our data, systems, hardware, components and networks

Troubleshooting problems associated to our security and network, including handling any system breaches

Testing for vulnerabilities in our system and network and addressing any issues accordingly

Implement security measures across the company's IT infrastructure, and ensuring our data and network is effectively protected Identify and report any cyber-attacks and participate in any resulting investigation as needed

Work closely with the legal and security compliance team Use ELK/Splunk Analytics platform and other proprietary tools to identify threats, determine root cause, scope, and severity of each critical anomaly

Proactively drive threat hunting and analysis

Leverage internal and external resources to research threats, vulnerabilities, and intelligence on various attackers and attack infrastructure

Report on findings and recommend system tuning/customization and data collection improvements

Recommend specific control sets to mitigate inherent risk identified through cybersecurity risk assessments

Provide technical expertise to guide security risk assessments, Pentest as needed

Work with Threat Intelligence feeds and solutions to identify threats, develop or recommend countermeasures, and perform advanced network and host analysis in the event of a compromise Work with our team to improve and expand the value that we are delivering to all Clearent companies

Interface with customers on a daily basis to consult with them on best security practices and help them mature their security posture Knowledge of VPNs, Data Loss Prevention, IDS/IPS, Web-Proxy, Security Audits

The ability to work autonomously, or within the larger cyber security engineer team depending on assignment/requirements Configure Cloud systems environment by collaborating with business partners and stakeholders

Provide foundational support and oversight of daily analysis and monitoring of client/server applications in the Retail Systems environment for any performance, availability and/or security issues Regular review of Cloud Systems performance and stability Determine corrective actions via tuning existing systems or R&D a sustainable solution

Provide guidance to the Cloud Systems team regarding adherence to policies and procedures

Provide Tier 3 support for all Cloud Systems ie AWS and windows Azure Maintain detailed documentation of all job functions for use as reference material

Provide documentation and input into knowledge base articles for helpdesk and team associates

Maintain the company-wide help desk database for all reported and assigned incidents with stated problems, status and resolutions Informs management about system problems that are considered out of the ordinary

Check SQL databases and write queries because you will work with databases intensively

Add and delete accounts, edit groups and create listings to view specific types of users or groups in PowerShell.

06/2017 to 10/2021 Information System Security Manager Army National Guard

Provide crucial intelligence and network support that safeguards the cyber domain and collect, analyze and report digital data Collect, analyze and report digital data while maintaining network defense tools such as routers and firewalls

Evaluate network defense operations and respond to incidents in cyberspace

Surveillance and reconnaissance actions on specified systems and networks

Conduct network terrain audits, penetration testing, basic digital forensics and software threat analysis

CI/CD Pipelines: Octopus Deploy/uDeploy

Automation of QA/QE: Selenium/TestComplete

Configuration Management: Ansible Tower

Scripting: PowerShell and Python

Building containerized applications: OpenShift/Kubernetes

/Docker/Helm

On-Prem Server: Windows Server OS

Cloud Computing: Azure/AWS

Build automation: Jenkins/TFS

Automation of data components: MS SQL DB/Teradata/Postgres Automation of integration and reporting services: SSIS/SSRS/Tableau Develop automation tooling for Windows Server 2019 and Microsoft Hyper-V technologies

Develop RESTful APIs

Develop a ReactJS-based web control panel; experience with React is not necessary but is a plus

Write technical documentation for the systems you develop Perform Windows Server administration tasks.

01/2019 to 06/2020 Information System Security Officer DCMA Atlanta, GA

Maintain 24/7 constant monitoring of intrusion detection systems Ensure proper methods of security are implemented ie golden images and server hardening

Recommend modifications to security tools to detect, prevent, and mitigate intrusions

Perform system administration on specialized DCO applications and systems (e.g., anti-virus, or Audit / Remediation) to include installation, configuration, maintenance, and backup/ restore

Create, edit, and manage changes to network access control lists on specialized DCO systems (e.g., firewalls and intrusion prevention systems)

Implement Certification and Accreditation (C&A) requirements for specialized DCO systems within the Network Environment (NE) or enclave, and document and maintain records of them Coordinate with the DCO-E Auditor (DCO-A) to manage and administer the updating of rules and signatures (e.g., Intrusion Detection Systems

(IDS) / Intrusion Prevention Systems (IPS), anti-virus, and content blacklists) for specialized DCO applications

Identify potential conflicts with the implementation of any DCO tools within the Computer Network Defense Service Provider (CND-SP) area of responsibility (e.g., tool I signature testing and optimization) Administer DCO test bed and test and evaluate new DCO applications rules / signatures, access controls, and configurations of CND-SP managed platforms

Perform risk assessments in accordance with NIST SP 800-30 and apply them in accordance with NIST SP 800-37

Apply complex problem solving to 'reverse engineer' applications, designs and manual build instructions to create zero touch automation packages

Often these applications are legacy, were created without automation in mind or are otherwise resistive to full, zero touch automation Create production quality code, following industry standard best practices as well as internal policies and procedures Collaborate effectively with other members of the agile automation team; sharing knowledge and peer reviewing others work prior to formal review by the Automation Team Lead

Create clear and concise technical documentation of their work Use the Atlassian toolset (JIRA, Confluence and Bamboo) to record, document and test their work.

07/2018 to 01/2019 Medical System Administrator (Instructor) Theater Medical Information Program (Air Force) Gunter AFB Provide technical support for both hardware and software issues our users encounter

Manage, image and install the configuration and operation of client-based computer operating systems

Respond to Tier 3 issues and resolve help desk requests Upgrade systems and processes as required for enhanced functionality and security issue resolution

Administrate infrastructure, including firewalls, databases, malware protection software and other processes

Install and test computer-related equipment and review application logs

Instruct incoming airmen on how to manage medical suite for usage in theater missions.

07/2016 to 05/2018 IT Technician

Inserso (Medical Electronic Service Desk) Gunter AFB Troubleshoot any technical issues that can be handled remotely Multitask and resolve technical issues from clients around the globe for air force medical elements

Use administrative privileges to unlock/deactivate/create accounts on different medical software

Manage tickets using BMC Remedy software, so other clients or customers can have a track record of the steps that took place during troubleshooting

Assist civilian/contractor/military employees by reestablishing networks to prevent or stop work stoppage

Troubleshoot medical software inside the medical theater suite (AHLTA, DMLSS, CHCS etc.)

09/2015 to 06/2017 Network Admin (25B)

Army National Guard

Manage the deployment and maintenance of server stacks Implement network security using SSL Certificate configuration and management, Mail Server

Troubleshoot network security hardware issues in a timely manner Investigate arising incidents caused by malicious activities and identified false positives.

09/2012 to 09/2015 System Admin (25B)

Army National Guard

Manage/troubleshoot Windows 7, XP, Vista, 10, Windows Server 2003, 2008, 2012, Linux

Run/Create Cat 5/5e/6 cable to setup client connects to LAN/WAN resources

Monitor and manage email spam filters, firewalls, anti-virus systems and vulnerability scanners

Investigate alerts created by intrusion detection systems for malicious file uploads, compromised servers, SQL injections and port scanning Take responsibility for the high-level monitoring and analysis of all enterprise services and servers in a Windows environment Employ your knowledge of group policies in Active Directory to facilitate a wide variety of advanced network settings

Utilize your skills to successfully deploy SQL integration services packages Analyze the performance of the system and recommend ways to improve it, including configuration updates and system tuning Deliver high-level (Tier 4) technical support as needed. EDUCATION AND TRAINING

Expected in 05/2024 CISSP

Kennesaw State University Kennesaw, GA

01/2019 Cyber Common Core

Department of Defense Cyber Crime Center (DC3) Washington, DC 01/2018 CEH

ARCENT University

01/2018 Windows Server 2012, Snort, Retina, CCNA ICND2 and SharePoint 2012 Information Technology Advanced Leadership Course

01/2017 B.A. Management Information Systems

Troy University

10/2016 Tactical Management Networking System Course 07/2013 Information Technology Specialists

Dixon Hall

Army Security+

ICND1

Net+

CCNA Voice

Win XP

A+ 2012

REFERENCES

CW2 Jermaine Goodloe, Senior Information Systems Manager, (258)- 810-3922

COL Arnold J. Griffin, Senior Manager, (256)-808-927 Erik Eddings, Supervisor, 404-***-****

Dexter J. White, Supervisor, 254-***-****

Joe Harris, Intrusion Response Lead, 334-***-**** CERTIFICATIONS

HBSS Administrator 501

AZ-500 (Microsoft Azure Security Technologies)

EMASS

ISACA Certified Information Security Manager (CISM) Comptia Security+ CE

Comptia CASP+ CE

Comptia Linux+

Comptia Server+

Comptia Technical Trainer (CTT+)

Linux Professional Institute LPIC-1

AWS Solution Architect Associate

EC-Council Certified Ethical Hacker (CEH)

CLEARANCE

Top Secret SCI

Contact this candidate