Risk Management Cybersecurity Analyst
Resume:
Tavis O Goins
**** ********** *****, **** *****, MS 39563 228-***-**** *****.*****@*****.***
(Willing to Relocate)
Career Focus
As an experienced cybersecurity professional holding an active Top-Secret Clearance, I am keen to contribute my expertise in a dynamic Cybersecurity Analyst position. My goal is to utilize my expertise in cybersecurity principles, network monitoring tools, and Department of Defense (DoD) Risk Management Framework (RMF) in protecting and fortifying the security infrastructure of organizations. Motivated by a strong desire to enhance digital defenses against `new and emerging threats, my robust background in cybersecurity equips me to proactively safeguard and maintain organizational assets. I am passionate about continuous learning, seeking opportunities to grow under the mentorship of industry veterans and mature into a well-rounded cybersecurity specialist. I aspire to navigate organizations through the complex terrain of cyber threats, identify trends and concepts, and develop and implement sophisticated security protocols to shield enterprise systems and assets from both external and internal threats. Committed to minimizing operational disruptions, I aim to ensure the confidentiality, integrity, and availability of data and systems, while maintaining the highest standards of professionalism and technical excellence in cybersecurity and its associated domains. Education
Master of Business Administration in Information Systems Management
• Institution: Strayer University
• Completion Date: September 2015
Bachelor of Science in Information Technology, Specialization in Networking
• Institution: The University of Southern Mississippi
• Completion Date: May 2009
Professional Experience
Keesler AFB / Sumaria Systems, Biloxi MS
Lead Information Assurance Engineer II (Lead ISSO) December 2022 - Present
• Conducted comprehensive training on monitoring tools like Splunk and SolarWinds, enhancing the team’s cybersecurity capabilities.
• Serve as the subject matter expert (SME) for the cybersecurity department, providing guidance and expertise on cybersecurity issues.
• Designed and executed training modules, focusing on effective knowledge transfer and skills development among team members.
• Maintained a high level of professional and technical proficiency in the rapidly evolving field of cybersecurity, staying updated on the latest trends and threats.
• Led several key projects focused on specific areas within cybersecurity, contributing to innovative practices and improvements in the field.
• Oversaw and managed a broad range of cybersecurity activities, ensuring the implementation of robust security measures throughout the organization.
• Developed comprehensive onboarding, orientation, and training programs for new hires, facilitating their smooth integration into the team.
• Ensured all systems, documentations, and software adhered to the proper security accreditation standards required by the Department of Defense (DoD) Risk Information Management Framework (RMF) standards.
• Managed, updated, and closed Plans of Action and Milestones (POA&Ms) to record mitigation activities for security findings from periodic security assessments.
• Utilized the Assured Compliance Assessment Solution (ACAS) system for vulnerability management, ensuring timely identification and mitigation of vulnerabilities.
• Prepare and review documentation (e.g., System Security Plan, Privacy Impact Assessment), and continuous monitoring of activities and artifacts within eMASS to comply with FISMA 2002 and 2014 (Federal Information Security Management Act).
• Developed, maintained, and reported the effectiveness of the Information System Contingency Plan (ISCP) for system recovery and restoration in accordance with NIST standards.
• Conducted thorough monthly report on network configurations and system implementations, providing vital insight into the network’s state.
• Analyzed and reported on the impacts of theft, destruction, alteration, and/or denial of access to information, providing valuable insights into potential security risks.
• Conducted detailed technical reviews and ensured the applicability of Department of Defense Security Technical Implementation Guides (DoD STIGs), aligning operational practices with established DoD security guidelines.
• Implemented and monitored compliance measures, adapting to evolving security standards to maintain organizational integrity within the DoD framework.
• Oversaw the monitoring and control of network resources, ensuring optimized network performance and robust security.
• Managed and tracked compliance with the DoD Cyber Awareness Training Program for the Medical Treatment Facility (MTF), ensuring all personnel adhered to the Air Force (AF) rules and regulations.
• Conducted comprehensive assessments of system safeguards and controls, identifying areas for improvements and potential vulnerabilities.
• Recommended and facilitated the implementation of upgrades and changes to enhance system security and resilience, thus ensuring the robustness of organizational IT infrastructure.
• Organized and led weekly and monthly cybersecurity meetings, fostering effective communication and collaboration among management and squadron leaders.
• Addressed present, future, or resolved cybersecurity events, ensuring a cohesive approach to cybersecurity challenges, and promoting a culture of proactive security awareness.
• Actively participated in the 81st Communications Squadron annual security review and controls testing activities.
• Ensured compliance with the Federal Information Security Management Act
(FISMA), demonstrating a thorough understanding of federal security regulations and standards, and contributing to the overall security posture of the organization. Stennis Space Center (NASA) / Leidos, Stennis, MS
Junior Cyber Defense Analyst
December 2021 to Present
• Utilize advanced SIEM tools such as SolarWinds, Swimlane, and Splunk for enterprise monitoring and detection, playing a pivotal role in strengthening the organization’s cybersecurity posture.
• Conducted detailed Investigations of Security Event Notifications using Splunk, effectively documenting findings to support ongoing security measures.
• Applied critical thinking and analysis skills to investigate cybersecurity alerts, identifying potential threats and implementing appropriate response strategies.
• Analyzed network traffic using enterprise tools (Splunk, Firewall, Proxy logs, IDS logs), providing valuable insights into network performance and security vulnerabilities.
• Collaborated closely with project and team leads, influencing the design of solutions, process improvements, and strategic approaches, thus enhancing the overall effectiveness of cybersecurity strategies within the organization.
• Stay up to date with latest cyber-attacks and threats, ensuring the organizations security measures are current and robust.
• Monitored and managed shared email boxes (NOSC Cyber, DHS Spam) for security-related notifications and requests, guaranteeing timely and appropriate responses.
• Proficiently monitored various security tools and applications, detecting potential malicious activities, and conducting thorough investigations to mitigate risks.
• Perform computer network incident detection and response activities, detecting, correlating, identifying, and characterizing anomalous activity indicating potential threats to the enterprise.
• Adhered to Standard Operating Procedures, ensuring timely completion of system checks and accurate documentation, thus contributing to the organization’s compliance with security standards.
• Reviewed and ensured the accuracy and clarity of investigations, reports, and communications conducted by juniors and peers, maintaining high standards of communication within the team.
• Developed and delivered comprehensive briefings to senior management, providing updates and insights into the organization’s cybersecurity status.
• Utilize strong technical writing skills to document events and associated analyses in a ticketing system for review and action, ensuring clear and assessable records.
• Maintained excellent communication skills, fostering regular face-to-face interaction with customers, and facilitating coordination and communication within the team.
Stennis Space Center (NASA) / ValidaTek, Stennis, MS Shift Lead Supervisor / Network Engineer II
October 2018 to December 2021
• Expertly utilize SolarWinds software for rapid detection, diagnosis, and resolution of network issues and outages.
• Continuously monitor over 250 worldwide USCIS networks for stability and outages using tools like SolarWinds, Cisco Prime, Splunk, CSM and Console Operations Manager.
• Supervise daily activities of 10-15 employees during 1 st
shift (7 AM – 3:30 PM) and
5-8 employees during 3
rd
shift (11PM-11AM on weekends), ensuring seamless
operations.
• Conduct monthly team meetings and one-on-one coaching sessions, fostering professional development and team cohesion.
• Provide expert troubleshooting guidance for LAN, WAN, Steelheads, and AP issues.
• Oversee and directly assist in configuring Cisco switches and routers, troubleshooting steelheads, and resolving various network device issues.
• Create and maintain comprehensive documentation for all ticket incidents, enhancing future troubleshooting efficiency.
• Proactively notify management, government officials, DHS, and USCIS personnel of site outages and hardware replacements via detailed email notifications.
• Deliver turnover reports to incoming shifts supervisors, highlighting unresolved issues and ongoing concerns.
• Report network outages to relevant agencies, including DHS NOSC and CIRT, via phone and email.
• Delegate and manage Tier 1,2, and 3 tasks, including CIRT notifications, Cisco IOS Software Upgrades, and troubleshooting VPN issues.
• Utilize ServiceNow (SNOW) for efficient ticket assignment and management, encompassing tasks like VLAN modifications, firewall rule creation, and port security configuration.
• Lead in creating root cause analysis reports and Emergency Break Fix (EBF) presentations for upper management and government officials.
• Coordinate effectively with diverse teams, including DHS NOSC, Verizon, AT&T, and regional managers, for technician dispatch and troubleshooting at various sites.
• Act as a key liaison for USCIS, ensuring effective communication and escalation of network issues to service providers and government agencies.
• Monitor and control the performance, security, and status of network resources, ensuring the effective management and accreditation of information systems.
• Oversee the addition or removal of new or EOL devices from SolarWinds monitoring.
• Manage administrative aspects, including overtime approvals, timesheet validation, and leave requests.
• Lead annual processes for employee raises, cost of living adjustments, and performance evaluations, including recruitment and termination responsibilities.
• Proactively monitor Microsoft Teams for user-reported issues, responding promptly to queries and concerns.
• Participate in daily conference calls to discuss and develop solutions for new or recurring site issues.
• Initiate and host troubleshooting bridge calls for critical USCIS site outages, coordinating with relevant teams for issue resolution. Mississippi Division of Medicaid, Jackson, MS
Network Specialist II
June 2014 to October 2018
• Actively monitored and significantly enhanced the network performance across Medicaid’s Regional Offices, achieving high levels of operating efficiency.
• Implemented strategies and technologies to ensure smooth and uninterrupted network functionality.
• Managed an array of daily server administration tasks, utilizing the Track-IT ticketing system for efficient issue tracking and resolution.
• Demonstrated expertise in troubleshooting and resolving complex server-related issues, thereby maintaining consistent server uptime and reliability.
• Administered Windows Server Update Services (WSUS), in collaborating with Microsoft, for efficient management of a 2012R2 virtual machine.
• Ensured timely deployment and management of critical security updates across Windows workstations and servers.
• Conducted regular monthly IT management meetings, presenting detailed network device updates and patch compliance reports.
• Maintained rigorous compliance with IT management protocols and cybersecurity standards.
• Implemented and managed Symantec Endpoint Protection across network devices, performing weekly scans to ensure system security.
• Administered encrypted Medicaid USB drives distribution, enforcing approved device usage policies for data security.
• Coordinated with the procurement for the acquisition and installation of approved USB drives and Smart-UPS 3000 units across all Regional Offices, ensuring proper functionality through remote monitoring.
• Created and managed virtual servers within VMware ESXi 5.5 and 6.5 environments, ensuring efficient virtualization solutions.
• Handled door badge access for employees using Genetec software, adapting access privileges for secure and controlled entry.
• Performed basic troubleshooting on Cisco switches, ensuring proper VLAN configuration and network connectivity.
• Administered user accounts in Active Directory, including creating email addresses and managing group policies.
• Managed Exchange 2010 server for creating shared mailboxes, calendar invites, and distribution lists.
• Led the replacement of malfunctioning server hardware and upgraded network infrastructure with Meraki switches and routers throughout all offices.
• Conducted comprehensive evaluations of system safeguards and controls, recommending necessary upgrades for enhanced security.
• Analyzed and reported network vulnerabilities, contributing to proactive security risk management.
• Developed and maintained the Information System Contingency Plan (ISCP) in accordance with NIST standards, ensuring preparedness for potential system recovery scenarios.
Hinds Community College, Raymond, MS
Helpdesk Supervisor
February 2012 to June 2014
• Orchestrated comprehensive orientation training for new faculty members (15 to 20), covering essential educational technologies like Blackboard, resulting in streamlined academic processes.
• Led and mentored a dedicated team of 12 employees, promoting a culture of high- quality customer service and swift issue resolution for the college community.
• Developed and executed helpdesk policies and procedures, optimizing support efficiency and effectiveness.
• Employed Key Performance Indicators (KPIs) to monitor and improve team performance, providing regular feedback and coaching to elevate service levels and customer satisfaction.
• Partnered with the IT department to address complex technical challenges, ensuring seamless and uninterrupted technology experiences for users.
• Coordinated and facilitated training sessions for helpdesk staff to enhance technical skills, customer service, and awareness of education software and systems.
• Managed support resource scheduling, achieving optimal coverage and reduced response times during high-demand periods.
• Implemented and maintained a comprehensive knowledge base system, contributing to a 10% increase in first-call resolution rates.
• Partnered with cross-functional teams for the successful implementation of IT projects, including system upgrades and educational software deployment.
• Demonstrated a strong ability to identify, research, and resolve complex technical problems when escalated, effectively reducing downtime, and maintaining a conducive learning environment.
• Created, documented, tracked, and monitored support tickets to ensure that issues were promptly assigned and resolved.
• Coordinated technology refreshes across six campuses, negotiating terms with vendors like HP and Dell while adhering to budget constraints.
• Served as the primary contact for vendors, overseeing system acquisitions, network installations, and swiftly addressing implementation challenges to ensure operational efficiency.
Security Clearance
• Top Secret / SCI Clearance (2022)
• DoD Secret Clearance (2020)
• Public Trust Security Clearance T1 (2019)
Professional Certificates
• CompTIA Advanced Security Practitioner (CAS-004) (In-Progress)
• Security + Certification (SY0-501) (Valid until December 8th, 2026)
• Cisco Certified Network Professional (CCNP) (Valid until January 2027)
• CCNA (Cisco Certified Network Associate) (Valid until January 2027)
• Cisco Certified Specialist – Enterprise Advance Infrastructure (Valid until January 19, 2027)
• Cisco Certified Specialist – Enterprise Core (Valid until January 19, 2027) Technical Skills
• Network Security Monitoring Tools (SolarWinds, Splunk)
• Team Leadership and Development
• Procurement and Vendor Management
• Budget and IT Project Management
• Intrusion Detection / Prevention Systems (IDS / IPS)
• Security Information and Event Management (SIEM) Tools
• Vulnerability Assessment Tools
• Incident Response and Forensics Tools
• Ticketing Systems (ServiceNow, JIRA)
• Active Directory and VPN Management
• Risk Management Framework (RMF)
• Compliance with NIST / DoD Information Standards
• ACAS / EMASS Tools Management
Contact this candidate