Critical Infrastructure Cyber Security
Resume:
Steven Handy
Glen Burnie, MD ***** 240-***-**** ********.*******@*****.***
https://www.linkedin.com/in/steven-handy-62b67a83/ Summary
Linux/Oracle Security Database Specialist with seven years of experience. Skilled in the implementation of Cybersecurity standards in accordance with best practices and the development of AWS Cloud Computing services. Strong mastery of AWS Console and facilitation of virtual services. Knowledgeable of Blockchain security risk management systems for blockchain networks, the incorporation of assurance services, cybersecurity frameworks, and mitigation risks involving fraud and cyber-attacks. Certifications
• Oracle OCA Certification
• Oracle SQL Certification
• Network+
• Security+
Department of Defense (DOD)
DISA Internship
Secret Clearance
April 24, 2023 – August 23, 2023
Trained in Critical infrastructure to engage essential systems, assets, and facilities that are vital to the functioning of a society, economy, and national security. Monitored essential services and their interconnectedness with various sector infrastructures. The responsibilities surrounded the assurance of the reliability, security, and resilience of essential systems. Focused on collaboration between public and private sectors ensuring the overall security and resilience of critical infrastructure. Responsibilities varied based on the specific type of critical infrastructure, but some common responsibilities include:
• Fluent in ICS security risks and mitigations across multiple aspects of critical infrastructure.
• Capable of performing vulnerability assessments, penetration testing, and security audits to expose weaknesses and recommend remediation.
• Extensive experience securing key ICS components, such as sensors, actuators, control systems and networks, through multiple security controls and best practices.
• Fluent with capabilities and metrics such as NIST SP 800-82, ISA/IEC 62443, and NERC CIP, and skilled at matching security efforts to regulations.
• Adept at handling tasks and responsibilities related to Cyber Security compliance by using eMass (Enterprise Mission Assurance Support Service) as a single gateway.
• Proficient making use of eMass (Enterprise Mission Assurance Support Service ) as a single portal for managing Cyber Security compliance duties and tasks.
• Develop security policies, track compliance across IT systems and environments, and develop risk assessments by learning how to use eMass.
• Extensive experience using eMass controls to evaluate and track implementation of security controls using frameworks such as NIST SP 800-53, FISMA (Federal Information Security Management Act) policy, Department of Defense (DoD) policy and many others.
Npower.org Cloud Practitioner Program
• Architected, epilogue and mitigated scalable secure and economical cloud solutions on AWS that are in line with organizational needs and business objectives.
• Capable of integrating several common AWS services (EC2, S3, RDS, Lambda, VPC, IAM) into an intuitive, robust, cost-optimized cloud infrastructure.
• Working with AWS to put best practices in place for cloud security policies, including IAM policies, MFA, encryption, and industry-compliance.
• Using services such as Elastic Load Balancing (ELB), Auto Scaling and Route 53 in AWS to design and deploy HA and Fault-Tolerant systems.
• Used AWS CloudFormation and Terraform to abstract infrastructure provisioning and configuration, enabling predictable and reproducible deployments.
• Performed Cost Optimization Analysis to identify opportunities to reduce spend on cloud, including right-size instances, Reserved Instances and spot instances.
• Architected and executed AWS disaster recovery and business continuity plans (S3, Glacier, cross-region replication and more).
• Orchestrated microservices, services, and their resources using AWS's Elastic Kubernetes Services, Elastic Container Service, and Faregate. As well as securing and managing the containerized applications that run on these infrastructures to ensure efficient utilization of cloud resources and scaling.
• Set up and administered AWS CloudWatch to perform comprehensive logging, monitoring and alerting on the availability and performance of the AWS cloud resources.
Systems Configuration Analyst Customer Value Partners August 2018 – December 2018
• Re-engineered legacy healthcare systems for the Defense Health Agency (DHA), migrating them from the older system to the new, modernised system without disruption of vital healthcare operations.
• Performed end-to-end DHA system configuration, including firmware upgrade, software migration and initialisation, and integration with cyber assets.
• Prepared migration plans, timelines and risk assessments for legacy systems.
• Performed pre-migration testing and validation to catch malignant problems before they could cause issues – such that the system itself would continue to operate with integrity.
• Worked with cross-functional teams including IT staff, clinical staff and external vendors to ensure all aspects needed for the migration were coordinated and aligned to DHA requirements.
• Migrated patient records, medical data and other important information using state- of-the-art data migration tools and methods to maintain data integrity and confidentiality.
• Architect and tune new systems environments to DHA performance, security and compliance standards, applying best practices in system architecture and cybersecurity
• Provided training and support to DHA staff, which assisted with their transition and promoted the use of changes in systems, as well as features and capabilities incorporated in the newer systems.
• Installed strong post-migration monitors and maintenance processes to keep the system stable, performing well and improve.
• Documenting all configuration changes and migrations, and lessons learnt to support future upgrade and migrations of systems at DHA.
• Evidenced project- and change-management skills, including the ability to execute the work on time, on budget, with consistent quality and user satisfaction. Education and Training
Masters of Science in Cyber Operations March 2024 University of Maryland Global Campus
Bachelor of Science in computer networks and cybersecurity December 2022 University of Maryland Global Campus, Maryland
• Experienced in using the Kali Linux and Black Arch Linux distributions as a penetration testing, vulnerability assessment and ethical hacking suites containing a vast array of security tools.
• An expert in conducting full network scans and vulnerability checks using Nmap software that can detect open client and server ports, services, and security holes.
• Familiar with using Nessus for comprehensive vulnerability scanning, compliance checks and reports on network security posture.
• Profecient in hunting down weaknesses; testing the putative defences against realistic attacks using Metasploit Framework tools and then improving them.
• Performed security assessments (penetration testing and network security audits) on various network architectures to identify vulnerabilities and threats, and provide countermeasures to mitigate them.
• Wrote and ran tailored scripts and automated tasks inside the Kali Linux and Black Arch Linux distributions to enhance penetration-testing workflows and productivity
• Experienced in z and interpreting scan results of Nmap and Nessus to provide actionable insights and recommendations on strengthening network security.
• Practical hands-on experience in the command line, including working with Kali Linux tools such as Wireshark for network traffic monitoring, Hydra for brute-force password guessing, and Burp Suite for web application testing.
• Co-developed a cybersecurity project or a lab environment where theoretical knowledge and practical skills were applied to case studies, and participated in team security assessments.
• A good communicator, capable of reporting results, writing technical reports and presenting findings to both technical and lay audiences in a way that explains cybersecurity risks and mitigation solutions.
Associate of Science in Network Security Management January 2006 - March 2009 Devry University, VA
• Skilled in devising and implementing network security protocols and procedures to secure network protocols against unauthorised access and cyber attacks.
• Configured support for network protocols such as TCP/IP, DNS, HTTP/HTTPS and FTP; configure an effective and secure method using firewalls, intrusion detection/prevention systems (IDS/IPS), and other security appliances.
• Experience in conducting protocol analysis and network traffic auditing in network monitoring tools such as Wireshark on respective test networks to uncover malicious activities and vulnerabilities.
• Encrypted data at rest (in files) by using strong encryption profiles such as Advanced Encryption Standard (AES); Implemented strong encryption protocols, such as SSL/TLS, to protect data integrity and confidentiality while in transit over networks.
• Conducted formal network security testing involving vulnerability assessments, penetration tests and code scans to identify and correct security weaknesses and potential attack vectors.
• Experienced in configuring and maintaining Virtual Private Networks (VPNs) and IPsec tunnels to enable secure remote access and encrypted communications.
• Experienced in mitigating signature-based attacks on the protocol stack such as DDoS and Man-in-the-Middle (MitM) attacks; and DNS or IP protocol stack spoofing, using signature-based attacks (and appropriate mitigation)
• Established and enforced network segmentation and access control policies to reduce the attack surface and limit the lateral progression of threats through the system.
• Implemented and operated Network Access Control (NAC) solutions to determine the state of a device or user and enforce access policies accordingly
• Configure and manage secure routing routines such as OSPF, BGP MD5 authentication and RIPv2 with authentication to maintain protection of routing infrastructure against malicious activities.
Cybersecurity Infrastructure Competencies
• Able to design, implement, and administer solid cybersecurity systems to ward off hacking and other cyber aggression against organisational information assets.
• Proven in deploying and administering advanced security technologies, including next-generation firewalls (NGFW), intrusion detection/prevention systems
(IDS/IPS) and endpoint protection platforms.
• Comfortable with configuring and tuning Security Information and Event Management (SIEM) systems for collecting, correlating and analysing security events for detecting intrusions in real time.
• Experienced with network security practices (ie, segmentation, VPNs, secure access controls, etc) to prevent unauthorised users from accessing or tampering with the data during transit or at rest.
• Experienced in conducting penetration testing to expose weaknesses, and in vulnerability assessments to find and remediate IT infrastructure security flaws.
• Skilled in designing, implementing and maintaining critical identity and access management (IAM) solutions – such as multi-factor authentication (MFA) and role-based access control (RBAC) – that reinforce robust authentication and role- based access controls.
• Fluent in creating and deploying disaster recovery and business continuity plans that keep the business running in the event of cyber breaches and natural disasters.
• Experienced with cybersecurity frameworks and regulations that best fit the industry, including NIST, ISO 27001 and CIS Controls.
• Expertise in cloud security, with hands-on experience in configuring and operating cloud-based security controls inside leading cloud platforms (AWS, Azure, GCP) to keep both the resources and data in the cloud safe. University of Maryland Baltimore Washington Medical Center Security Officer September 2023 to present
• Surveillance: of a premises [of staff or visitors] [of movement] Monitoring to check activities and keep the premises, property and personnel safe and secure. To operate and monitor closed-circuit TVs;to walk beats and patrol designated areas; to look for and report suspicious persons.
• Access control: Keep unwanted people out of buildings, facilities or restricted areas by identifying visitors, checking credentials, and allowing entry to only authorized personnel.
• Patrolling: patrolling the assigned areas by conducting frequent patrols to deter crime and security threats, to ensure a quick response to incidents and emergencies, and to assure an effective security force presence by keeping visible so residents’ eyes – and minds – see it working and continue to remain vigilant.
• Emergency Response: Security officers need to be able to react to a multitude of emergencies such as fires, medical emergencies, earthquakes, floods, etc. and to manage and alleviate the situation at hand (for example, mitigate risks, evacuate premises, call emergency services).
• Conflict Resolution: As security officers often have to deal with disputes or conflicts between the two persons (putting themselves in a dangerous and unenviable position), they need to have the superior communication and de-escalation skills to end disputes without further conflicts. This is one of the most important tools for preventing any violent or aggressive situations.
• Identify risks, vulnerabilities or threats, and prevent them through the implementation of preventive measures. Perform risk assessments or surveys; recommend physical security improvements; participate in security planning and strategy development.
Contact this candidate