Cloud Security Information
Resume:
DEMETRIUS ODOM
Atlanta, GA ***** 334-***-**** **********@*****.***
SUMMARY
Efficient Cloud Security Consultant with 12 years of experience assembling cloud infrastructure. Utilizes strong managerial skills by negotiating with vendors and coordinating tasks with other IT team members. Implements best practices to create cloud functions, applications and databases. Actively Pursuing CCSP and PMP certification. Operation Inherent Resolve Campaign Medal recipient
SKILLS
System Administration
PCI DSS
Sarbanes-Oaxley
Wireshark
Assessment and Authorization
(A&A)
Security Control Traceability
Matrices (SCTM)
Information Assurance
SQL Servers
Risk Management Framework
DOD Policies
Splunk
HIPPA Compliance
Windows/Unix Forensics
Data Lakes
Agile Work Environment
DevOps
IaaS
Azure Security Center
Endpoint Protection
Azure Container Registry
Plans of Action and Milestones
(POAM)
Azure Active Directory
System Security Plans (SSP)
Information Security
NIST SP 800-53
Pentesting
Kubernetes
Jira
Azure Service Bus
Docker
Azure Sentinel
Tanium
Azure Kubernetes Service
Windows PowerShell
Cyber Defense
IAVA Compliance
Palo Alto Firewalls
Continuous Monitoring
Machine Learning
Confluence
Synapse
WebJobs
Azure Monitor
Azure Blueprint
Azure Data encryption
Azure Defender
EXPERIENCE
06/2020 to Current Senior Cloud Security Engineer
SAIC
Administrative duties such as system reports, communications with associated departments, and team support as needed Implement server hardening techniques to ensure compliance Design technical control standards for a variety of information systems based on industry best practices and guidelines (e.g., NIST CSF, CSA, CIS, OWASP)
Define and document requirements for secure operations across the entire delivery ecosystem: internal datacenter, secure perimeter, public cloud, software-as-a-service, vendor hosted, public and private endpoints, etc
Developed Incident Response Plan for implementation as a guideline in preparation for RMF audit in accordance with NIST SP 800-53 Ensure IaaS and PaaS backup, recovery, high availability is fully implemented
Oversee the enhancement and maintenance of Clearent's secure software delivery lifecycle, including all aspects of secure coding practices, integration of security principles and practices into DevOps/DevSecOps, etc
Coordinate with all departments to ensure cyber security control design is richly informed by current threat intelligence and incident response Prepare and present accurate and timely information in response to audits and regulatory exams; institute a proactive culture to align activities and measurement with internal policy and regulatory requirements
Building security strategies, firewalls and systems unique to the company, encompassing our data, systems, hardware, components and networks
Troubleshooting problems associated to our security and network, including handling any system breaches
Testing for vulnerabilities in our system and network and addressing any issues accordingly
Implement security measures across the company's IT infrastructure, and ensuring our data and network is effectively protected Identify and report any cyber-attacks and participate in any resulting investigation as needed
Work closely with the legal and security compliance team Use ELK/Splunk Analytics platform and other proprietary tools to identify threats, determine root cause, scope, and severity of each critical anomaly
Proactively drive threat hunting and analysis
Leverage internal and external resources to research threats, vulnerabilities, and intelligence on various attackers and attack infrastructure
Report on findings and recommend system tuning/customization and data collection improvements
Recommend specific control sets to mitigate inherent risk identified through cybersecurity risk assessments
Provide technical expertise to guide security risk assessments, Pentest as needed
Work with Threat Intelligence feeds and solutions to identify threats, develop or recommend countermeasures, and perform advanced network and host analysis in the event of a compromise Work with our team to improve and expand the value that we are delivering to all Clearent companies
Interface with customers on a daily basis to consult with them on best security practices and help them mature their security posture Knowledge of VPNs, Data Loss Prevention, IDS/IPS, Web-Proxy, Security Audits
The ability to work autonomously, or within the larger cyber security engineer team depending on assignment/requirements Configure Cloud systems environment by collaborating with business partners and stakeholders
Provide foundational support and oversight of daily analysis and monitoring of client/server applications in the Retail Systems environment for any performance, availability and/or security issues Regular review of Cloud Systems performance and stability Determine corrective actions via tuning existing systems or R&D a sustainable solution
Provide guidance to the Cloud Systems team regarding adherence to policies and procedures
Provide Tier 3 support for all Cloud Systems ie AWS and windows Azure Maintain detailed documentation of all job functions for use as reference material
Provide documentation and input into knowledge base articles for helpdesk and team associates
Maintain the company-wide help desk database for all reported and assigned incidents with stated problems, status and resolutions Informs management about system problems that are considered out of the ordinary
Check SQL databases and write queries because you will work with databases intensively
Add and delete accounts, edit groups and create listings to view specific types of users or groups in PowerShell.
06/2017 to 10/2021 Information System Security Manager Army National Guard
Provide crucial intelligence and network support that safeguards the cyber domain and collect, analyze and report digital data Collect, analyze and report digital data while maintaining network defense tools such as routers and firewalls
Evaluate network defense operations and respond to incidents in cyberspace
Surveillance and reconnaissance actions on specified systems and networks
Conduct network terrain audits, penetration testing, basic digital forensics and software threat analysis
CI/CD Pipelines: Octopus Deploy/uDeploy
Automation of QA/QE: Selenium/TestComplete
Configuration Management: Ansible Tower
Scripting: PowerShell and Python
Building containerized applications: OpenShift/Kubernetes
/Docker/Helm
On-Prem Server: Windows Server OS
Cloud Computing: Azure/AWS
Build automation: Jenkins/TFS
Automation of data components: MS SQL DB/Teradata/Postgres Automation of integration and reporting services: SSIS/SSRS/Tableau Develop automation tooling for Windows Server 2019 and Microsoft Hyper-V technologies
Develop RESTful APIs
Develop a ReactJS-based web control panel; experience with React is not necessary but is a plus
Write technical documentation for the systems you develop Perform Windows Server administration tasks.
01/2019 to 06/2020 Information System Security Officer DCMA Atlanta, GA
Maintain 24/7 constant monitoring of intrusion detection systems Ensure proper methods of security are implemented ie golden images and server hardening
Recommend modifications to security tools to detect, prevent, and mitigate intrusions
Perform system administration on specialized DCO applications and systems (e.g., anti-virus, or Audit / Remediation) to include installation, configuration, maintenance, and backup/ restore
Create, edit, and manage changes to network access control lists on specialized DCO systems (e.g., firewalls and intrusion prevention systems)
Implement Certification and Accreditation (C&A) requirements for specialized DCO systems within the Network Environment (NE) or enclave, and document and maintain records of them Coordinate with the DCO-E Auditor (DCO-A) to manage and administer the updating of rules and signatures (e.g., Intrusion Detection Systems
(IDS) / Intrusion Prevention Systems (IPS), anti-virus, and content blacklists) for specialized DCO applications
Identify potential conflicts with the implementation of any DCO tools within the Computer Network Defense Service Provider (CND-SP) area of responsibility (e.g., tool I signature testing and optimization) Administer DCO test bed and test and evaluate new DCO applications rules / signatures, access controls, and configurations of CND-SP managed platforms
Perform risk assessments in accordance with NIST SP 800-30 and apply them in accordance with NIST SP 800-37
Apply complex problem solving to 'reverse engineer' applications, designs and manual build instructions to create zero touch automation packages
Often these applications are legacy, were created without automation in mind or are otherwise resistive to full, zero touch automation Create production quality code, following industry standard best practices as well as internal policies and procedures Collaborate effectively with other members of the agile automation team; sharing knowledge and peer reviewing others work prior to formal review by the Automation Team Lead
Create clear and concise technical documentation of their work Use the Atlassian toolset (JIRA, Confluence and Bamboo) to record, document and test their work.
07/2018 to 01/2019 Medical System Administrator (Instructor) Theater Medical Information Program (Air Force) Gunter AFB Provide technical support for both hardware and software issues our users encounter
Manage, image and install the configuration and operation of client-based computer operating systems
Respond to Tier 3 issues and resolve help desk requests Upgrade systems and processes as required for enhanced functionality and security issue resolution
Administrate infrastructure, including firewalls, databases, malware protection software and other processes
Install and test computer-related equipment and review application logs
Instruct incoming airmen on how to manage medical suite for usage in theater missions.
07/2016 to 05/2018 IT Technician
Inserso (Medical Electronic Service Desk) Gunter AFB Troubleshoot any technical issues that can be handled remotely Multitask and resolve technical issues from clients around the globe for air force medical elements
Use administrative privileges to unlock/deactivate/create accounts on different medical software
Manage tickets using BMC Remedy software, so other clients or customers can have a track record of the steps that took place during troubleshooting
Assist civilian/contractor/military employees by reestablishing networks to prevent or stop work stoppage
Troubleshoot medical software inside the medical theater suite (AHLTA, DMLSS, CHCS etc.)
09/2015 to 06/2017 Network Admin (25B)
Army National Guard
Manage the deployment and maintenance of server stacks Implement network security using SSL Certificate configuration and management, Mail Server
Troubleshoot network security hardware issues in a timely manner Investigate arising incidents caused by malicious activities and identified false positives.
09/2012 to 09/2015 System Admin (25B)
Army National Guard
Manage/troubleshoot Windows 7, XP, Vista, 10, Windows Server 2003, 2008, 2012, Linux
Run/Create Cat 5/5e/6 cable to setup client connects to LAN/WAN resources
Monitor and manage email spam filters, firewalls, anti-virus systems and vulnerability scanners
Investigate alerts created by intrusion detection systems for malicious file uploads, compromised servers, SQL injections and port scanning Take responsibility for the high-level monitoring and analysis of all enterprise services and servers in a Windows environment Employ your knowledge of group policies in Active Directory to facilitate a wide variety of advanced network settings
Utilize your skills to successfully deploy SQL integration services packages Analyze the performance of the system and recommend ways to improve it, including configuration updates and system tuning Deliver high-level (Tier 4) technical support as needed. EDUCATION AND TRAINING
Expected in 05/2024 CISSP
Kennesaw State University Kennesaw, GA
01/2019 Cyber Common Core
Department of Defense Cyber Crime Center (DC3) Washington, DC 01/2018 CEH
ARCENT University
01/2018 Windows Server 2012, Snort, Retina, CCNA ICND2 and SharePoint 2012 Information Technology Advanced Leadership Course
01/2017 B.A. Management Information Systems
Troy University
10/2016 Tactical Management Networking System Course 07/2013 Information Technology Specialists
Dixon Hall
Army Security+
ICND1
Net+
CCNA Voice
Win XP
A+ 2012
REFERENCES
CW2 Jermaine Goodloe, Senior Information Systems Manager, (258)- 810-3922
COL Arnold J. Griffin, Senior Manager, (256)-808-927 Erik Eddings, Supervisor, 404-***-****
Dexter J. White, Supervisor, 254-***-****
Joe Harris, Intrusion Response Lead, 334-***-**** CERTIFICATIONS
HBSS Administrator 501
AZ-500 (Microsoft Azure Security Technologies)
EMASS
ISACA Certified Information Security Manager (CISM) Comptia Security+ CE
Comptia CASP+ CE
Comptia Linux+
Comptia Server+
Comptia Technical Trainer (CTT+)
Linux Professional Institute LPIC-1
AWS Solution Architect Associate
EC-Council Certified Ethical Hacker (CEH)
CLEARANCE
Top Secret SCI
Contact this candidate