Jason Perkins ad4u58@r.postjobfree.com 509-***-**** Cybersecurity Engineer

Education & Certifications

Bachelor of Science in Cyber Security Columbia Basin College 2017

GSEC – GIAC SANS SEC 401

Certified Ethical Hacker CEH v12

Certified in Cybersecurity (ISC2)

VMWare Certified Professional

API Security Fundamentals

Experience

DoD Cybersecurity Engineer

Microsoft – Contract Sep 2023 – Present

Created system engineering documentation resulting in more standardized formats and runbooks.

oExpressly written for employees with regards to required/request ad-hoc scans for quicker delivery time.

Prep and execute SCA for Authority to Operate and continued Authority To Operate to maintain Continuity and No-Loss-of-Operations.

System Hardened using ACAS, DISA STIGs, and SCAP Compliance Checks. Remediations and mitigations performed where possible and permissible. Acceptance requested from the client when not.

Cybersecurity Engineer Team Lead.

Created Automation (PowerShell) for ease of scanning and for time saving methods, while maintaining security configurations. - STIG VS SRGs reduction of scanning time from several weeks to several days.

Assisted DevSecOps with current security posture and the requirements during development process.

Cybersecurity Engineer Team Lead.

IT Security - Journey

Secretary of the State of Washington May 2023 – Aug 2023

Created workflows for various tasks such as how to document intrusions or investigations into the SoS system using mark-up/down.

Used various IDS to investigate possible intrusions and verify authenticity of malicious or benign activity.

Performed examination and/or redaction of public records that were requested.

Used PowerShell to assist IT with creating a “Skeleton User” to ease with onboarding purposes for a faster and more accurate onboarding process.

System Analyst 1

Molina Health Care - Contract Sep 2022 – Feb 2023

Successful in performing 98.6% overall Positive QA’s with over an 87% first call resolve.

Assisted both customers and employees with account management using Azure Active Directory to manage Account Creations, Multi-Factor Authentication, Account Permissions while maintaining client HIPPA Privacy (Personally Identifiable Health Information).

Performed deep dive investigations of both hardware and software issues using Remote Access and Employee Assisted Troubleshooting to determine technical issues.

Recognizing and escalating specialized issues to the proper technical subgroup.

Managed employee assigned Mobile Devices through tools such as Citrix End Point Management, Absolute Manage, InTune, and Deep Freeze MDM.

Data Center Technician

Amazon Web Services (AWS) – Contract Jun 2022 – Sep 2022

Troubleshot Linux Thin Client and Windows Server 20XX in an active Data Center.

AI and System Logs created TTs (Remedy Trouble Tickets) for Proactive Maintenance, as well as Indicators of Hardware Compromise.

Continuous Repair / Maintenance – Isolation and Function Testing of each component was performed to determine module or component that resulted in failure or degraded performance. Compromised hardware was Recorded, Replaced and Tracked.

Firmware Flashing and Port Security Provisioning was often required after component replacement.

Media (SDD, HDD, RAM) replacement was performed under direct supervision, using multi-person verification, was required from Media Check Out to a combination of Magnetic and Physical Destruction.

Performed maintenance in the Government Cloud Environment which required Special Access Permissions (SAP) and authorization to access the Physical Server Area.

Information System Security Engineer (ISSE)

Insitu – Contract May 2020 – Sep 2021

Reviewed and Maintained the Authority To Operate (ATO) in accordance with guidance from the NIST sp 800-53 R4/5 and the Risk management Framework (RMF). Additional guidance was provided using NIST 800-34 and NIST 800-171.

Created the Cyber Training Program, which included training for Unmanned Pilots, Maintainers, Mission Commanders / Coordinators, Program Managers, and the Emergency Operations Service Control.

oTopics include, but were not limited to, Operational Awareness, System Access, Personnel Logs, Contingency Planning, Business Continuity, Table-Top Exercises, and Media Handling.

Creation of a Cyber Security Trusted Product Manual for all Cyber-Related actions: “A Thousand-Foot overview of the company Cyber Practices and requirements.”

System Hardening using ACAS, DISA STIGs, and SCAP Compliance Checks. Vulnerability and Compliance recorded in eMASS. The Plan of Actions and Milestones (POA&M) recorded. Mitigations performed where possible.

Remediations included OS System Updates, Security Patches, Windows Migrations (Windows 7 - Windows 10), Change Management, and alternative mitigations per system capabilities.

Security log reviews using Next Generation SIEM (Logrythm); PowerShell script developed for offline collection.

Cybersecurity Engineer 2 IT/OT

Amentum Dec 2019 – May 2020

Obtained ATO (RMF Steps 1-6) to integrate the Federal Industrial Operational Technology (OT) with a private sector Informational Technology (IT) Industrial Control System (ICS).

Department of Energy (DoE) requirements necessitated the creation of a full Cybersecurity Program using the Controls from NIST sp 800-53 R4 as an initial guide for the creation of the Policies, Procedures, and Processes.

Program requirements included the knowledge and application of MITRE ATT&CK framework and Blue/Red Team mythologies.

Managed and Monitored LAN and device configurations using tools such as Splunk, Solar Winds, Check_MK, Active Directory, and Multi-Factor Authentication (MFA).

Information Systems Technician

Textron Systems Feb 2019- Dec 2019

Managed and patched vulnerabilities released by vendors.

Investigated security breaches caused by unpatched Security Flaws or OS’s.

Performed Continuous Monitoring on all systems through the program lifecycle.

Configuration of all Ground Control Station (GCS) Networks (Palo Alto Network Firewalls, Host Based Firewalls, Cisco Switches, and all IP Based communications with unmanned aircraft).

Investigated Security Breaches and managed Operating Systems (Windows 7/10, Red Hat Linux/ VMWare / vSphere - hypervisors), Applications and all associated Security Patches.

Trained new employees on technical aspects as well as adherence to procedures.

Cybersecurity Analyst (SOC)

Microsoft – Contract Sept 2018-Jan 2019

Worked with Azure AI to investigate cyber security, cyber violations of Digital Markets Act (DMA), and perform Threat Analysis.

Utilized ‘Sandboxing’ and Virtual Machines to deep dive into Web Site Attacks and Malicious Account Azure usage.

Completed cyber security reports for Senior / Middle Level Management.

Worked to ensure no violations of SLA’s.

Contact this candidate