Information Security Cyber
Resume:
Berlyn “Mack” McHenry
404-***-**** • ad5p9c@r.postjobfree.com
Professional Profile
Dynamic and results-oriented professional with significant years of experience, related proficiency and a background in Information Security. Proven ability to provide technical security support regarding system architectures. Detailed knowledge of security tools, technologies and best practices. Skilled in creating and deploying solutions protecting networks, systems and information assets. Capable of defining, deploying and monitoring risk, compliance and information security programs. Highly dependable in delivering effective issue resolution and user technical support utilizing various system software and tools. Enthusiastic individual and an excellent communicator, recognized ability to establish and maintain effective working relationships across cross-functional teams and diverse individuals at any levels.
Core Competencies
Organizational leadership • Information Security • Computer Network Defense & Program Management • Information Assurance Security Management • Advance Security Analysis • Staff Training & Supervision • Systems Administration • Helpdesk Management • Network Security Analysis • System Security Planning • Problem Resolution • Computer Hacking Forensic Investigation • Relationship Building
Professional Experience
Network Security Systems Plus, Inc., Smyrna, GA 8/2014 - Present
Vice President of Cyber Protection Services - Georgia
Manages a diverse Cyber Security program consisting of 16 task areas across the DCMA Network Operations Security Center in Atlanta and DCMA Headquarters at Ft. Lee, VA. Maintains strategic oversight for multiple 24x7x365 cyber security operational areas on an on-going and continuous basis. Directly responsible for overall contract execution, talent placement and evaluation, program management, contract budgeting and financial execution for the multi-million dollar contract vehicle. Provides guidance and direction for overall contract team consisting of just over 100 staff members including subcontractor personnel with daily oversight of Cyber Security Service Provider (CSSP) operations. Oversees major program initiatives such as CSSP re-accreditation, Command Cyber Readiness Inspection (CCRI), and other cyber related audit/inspection requirements for DCMA.
Identifies and pursues contract expansion opportunities and supports new business development initiatives for Network Security Systems Plus, Inc. leveraging DCMA past performance.
Successfully guided DCMA through a DOD Cyber Security Service Provider (CSSP) accreditation audit resulting in a security rating of excellent.
Successfully guided DCMA through a second DOD Command Cyber Readiness Inspection (CCRI) audit resulting in a security rating of outstanding.
Information Innovators Incorporated (DCMA NOSC), Smyrna, GA 5/2013 – 8/2014
Computer Network Defense & Program Manager
Oversaw Network Operations and Security Center that serves as the Cyber Security Service Provider supporting global network and security operations for the Defense Contract Management Agency. Directed incident response to network/system availability and cyber-attack related events, system administration duties related to the tools managed by the NOSC, management of the Department of Defense mandated vulnerability management program and additional miscellaneous administrative or project activities as required. Oversaw monthly vulnerability assessments, quarterly penetration tests, reviewed shift and daily situation awareness reports, directed forensic acquisitions using Encase and managed response to Classified Material Incidents. Monitored, evaluated and responded to real-time alerts from the McAfee Host-Based Security System, Sourcefire Intrusion Prevention System and Fidelis and Symantec Data Loss Prevention systems. Coordinated reporting of Information Assurance Vulnerability Management and security compliance to multiple outside organizations.
Guided DCMA through an outside Command Cyber Readiness Inspection audit resulting in a security rating of outstanding.
Provided technical expertise and guidance on security tools and oversaw integration into the existing network architecture.
Security Management & Integration (RCERT-South), Fort Gordon, GA 4/2011 - 5/2013
Senior Network Security Analyst – Team Lead
Evaluated system reported threat events and performed incident investigation as appropriate. Performed troubleshooting on network failures between ePO server, Super Agent Data Repositories and client systems. Controlled security on ePO and SADR including software security and McAfee Maintenance Release updates. Reviewed US Army South intrusion detection system logs during triage process and investigated anomalies in network traffic to determine if events are malicious. Utilized ArcSight, Snort, Ethereal, Netdetectors, RealSecure, TCPDump, and other IDS IAW developed operational processes to evaluate network traffic for malicious or abnormal occurrences. Maintained and upgraded SNORT sensors operating on LINUX and FEDORA platforms. Researched and evaluated network traffic to developed effective means of detecting network intrusions and improve Area of Responsibility security posture. Informed System Administrators on various intrusion attempts and security threats in the networks. Guided and supported Regional Computer Emergency Response Team customers to ensure systems are secured. Collaborated with other agency analysts to disseminate and enforce policies for unauthorized software and poor security practices. Educated RCERT customers on current US Army Policies and Procedures and produces written products regarding suspicious network traffic for the RCERT South and its customer base. Assisted in coordinating Information Assurance and Vulnerability Assessment compliancy in South AOR.
Successfully provided consulting services on the proper implementation and management of McAfee's line of security products specializing in the HBSS suite including Host Intrusion Prevention System, Virus Scan Enterprise, Asset Baseline Manager, Policy Auditor and Rogue Sensor Detection to Government (DOD) customers.
Centers for Disease Control (CDC), Atlanta, GA 9/2010 - 4/2011
IT Specialist (INFOSEC) / Security Manager
Served as manager for the organization’s Continuous Monitoring Program. Team responsible for reviewing processes and technology used to detect compliance and risk issues associated with the organization’s operational environment. Handled all security related issues globally as a direct contributor and team member of the organization’s Security Operations Center. Coordinated responses to cyber incidents of national significance and correlated cyber security incidents while providing on-site response and support. Advised customers on various strategies to protect and secure sensitive information systems. Responded to previously undisclosed software and hardware vulnerabilities. Interfaced with the Department of Homeland Security National Operations Center during cyber incidents of national significance.
Implemented IT security projects and initiatives in support of the US-CERT and the Department of Homeland Security.
Maintained high-level familiarity with IT security policy development and implementations.
TekSystems (FORSCOM), Fort McPherson, GA 4/2010 - 9/2010
Senior Network Security Analyst
Scanned and tested network workstations, servers, routers and switches to ensure compliance. Analyzed network traffic for malicious or abnormal occurrences using HBSS, ArcSight, Snort, WireShark, Netdetectors, RealSecure, TCPDump, IntruShield, Tipping Point and other intrusion detection systems utilizing developed operational processes. Evaluated performance of Information Assurance controls and maintained knowledge on DISA Gold Disk, Army Gold Master and DISA Security Technical Implementation Guides. Provided Technical support to the Department of Defense Information Assurance and Computer Network Defense implementation for Host Based Security System deployment, maintenance and monitoring of all systems on the FORSCOM network. Supported operation and maintenance of ePO 4.0 and served as HBSS Subject Matter Expert for entire FORSCOM network. Evaluated potential Information Assurance security risks and recommended corrective action. Reviewed selected security safeguards to identify security concerns within approved plans.
Contributed in the development of DIACAP documentation and programs to ensure all system, network and data users follow the approved networking environment and Information Assurance policies.
Implemented policies and procedures reflecting applicable laws and regulations.
Trace Systems, Inc. (JNCC-A), Bagram AB, Afghanistan 9/2009 - 3/2010
Senior Security Engineer
Provided security engineering designs and oversaw implementation of Information Assurance and Information Security Engineering. Mitigated system security threats/risks throughout the program life cycle, validated system security requirements definition and analysis, developed and system security designs in hardware, software, data and procedures, planned and tested system certification and accreditation and supported secure systems operations and maintenance. Evaluated network traffic using HBSS, ArcSight, Snort, WireShark, Netdetectors, RealSecure, TCPDump, and other intrusion detection systems utilizing developed operational processes to determine malicious or abnormal occurrences. Provided Programmatic and Hands-On Technical support for DOD IA and CND implementation for Host Based Security System rapid deployment. Supported DISA FSO DoD activities with migration to ePO 4.0 and deployment of Host Intrusion Prevention System (HIPS) 7.0, Policy Auditor 5.0, VirusScan Enterprise 8.7, Rogue Sensor Detection, AntiSpyware and Asset Baseline Monitor 3.0. Assessed overall health of ePO implementation and served as Watch Officer on a 24 x 7 Technical Support and Reach back for the Rapid Deployment Command Center. Utilized DIACAP, System Security Plan, Certification Test and Evaluation, Security Test and Evaluation Plan and Procedures, a S to develop a Certification and Accreditation package. Coordinated and oversaw the development of a Privacy Impact Assessment and IT Contingency Plan for multiple systems, applications and networks. Utilized encryption technology, penetration and vulnerability analysis of various security technologies and information technology security research.
Successfully designed, tested and implemented state-of-the-art secure operating systems, networks and database products, conducted risk assessment and provided recommendations for application design.
Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access.
Defense Security Service, Atlanta, GA 10/2008 - 9/2009
Information Systems Security Professional
Reviewed System Security Plans and supporting documentation to ensure accuracy and correctness based in the National Industrial Security Program Operating Manual. Performed onsite validations and inspections to verify system controls are in place and operating as intended. Provided Certification and Accreditation support for the accreditation of Local Area Network and Telephony Networks of cleared defense contractors. Advised and assisted the Defense Security Service and cleared contractors, interpreted guidance and policy to ensure contractors' classified systems are consistent with national computer security information assurance policy.
Successfully carried out the Defense Security Service Certification and Accreditation mission for cleared contractor Information Systems.
Quantum Research Intl, Inc. (RCERT-Southwest Asia), Camp Arifjan, Kuwait 7/2007 - 10/2008
Senior Network Security Analyst
Served as lead action/response element for time sensitive events and maintained overall situational awareness of the network’s security posture. Monitored client’s prototype network-based IDS/IPS devices and correlated global actions and associated events into actionable/reportable analysis that could cause intrusion on the network. Utilized ArcSight, Snort, WireShark, Netdetectors, RealSecure, TCPDump, and other IDS IAW developed operational processes to analyze network traffic for malicious or abnormal occurrences. Maintained and upgraded SNORT sensors operating on LINUX and FEDORA platforms. Evaluated malicious data-sets, zero-day exploits and publicly known vulnerabilities in static and dynamic situations. Assisted in resolving various network attacks and anomalies and facilitated investigative efforts in forensic analysis of various network intrusions, utilizing both Open Source and Best of Breed technologies. Assisted team in deploying HBSS components for the client and supported HBSS Team by providing expert technical support across a variety of HBSS-related activities. Conducted vulnerability assessments, around-the-clock security monitoring and analysis and reporting operations for the Southwest Asia region. Responded to network security events and suspicious activity involving Army and US military monitored networks. Notified and coordinated security operations with base, major commands and other computer emergency response teams.
Ensured Information Assurance policy and procedures were executed as directed by participating in the Certification and Accreditation planning process.
Provided network security detection, analysis and reporting functions for the Army Computer Emergency Response Team in Kuwait.
Quantum Research Intl, Inc. (RCERT-South), Fort Gordon, GA 7/2006 - 6/2007
Senior Information Assurance Analyst
Reviewed US Army South intrusion detection system logs during triage process. Investigated anomalies in network traffic to determine if events are malicious and analyzed network traffic for malicious or abnormal occurrences using ArcSight, Snort, Ethereal, Netdetectors, RealSecure, TCPDump, and/or other IDS IAW developed operational processes. Maintained and upgraded SNORT sensors operating on LINUX and FEDORA platforms. Analyzed and researched network traffic to develop effective means of detecting network intrusions and improving Area of Responsibility security posture. Informed System Administrators on various intrusion attempts and security threats in the networks. Collaborated with other agency analysts to implement policies for unauthorized software and poor security practices. Coordinated Information Assurance and Vulnerability Assessment compliancy in South AOR. Utilized scanning software such as Internet Security Systems Internet Scanner, e-Eye Retina, Harris Stat Scanner, and other approved scanning tools to monitor network traffic.
Educated RCERT customers of current US Army Policies and Procedures and produces written products regarding suspicious network traffic for the RCERT South and its customer base.
Supported and guided Regional Computer Emergency Response Team customers to ensure systems are secured.
Other Relevant Experiences
335th Theater Support Command Network Operations Security Center/IA Section Chief 7/2005 - 7/2006
TRADOC Analysis Center, Fort Lee, VA Network Administrator/IASO/Helpdesk Manager 10/2003 - 6/2005
Northern Virginia Community College Instructor / Curriculum Developer 1/2001 - 8/2003
Education
BS in Management Computer Information Systems, 2004: Park University
Certifications
Project Management Professional (PMP)
Certified Information Security Manager (CISM)
Certified Information Systems Security Professional (CISSP)
Certified Information Systems Auditor (CISA)
Certified Ethical Hacker (CEH)
Computer Hacking Forensic Investigator (CHFI)
Certified Authorization Professional (CAP)
ArcSight Certified Advanced Security Analyst (ACASA)
Phase 2 Certified System Administrator Security
Phase 2 Certified Network Manager Security
DISA Certified Information Assurance Security Manager
DISA Certified HBSS Administrator
DISA Certified HBSS Analyst
DISA’s Assured Compliance Assessment Solution (ACAS) Certified
COMPTIA A+ Certified PC Technician
COMPTIA Network+ Certified Professional
COMPTIA Security+ Certified Professional
Contact this candidate